From 99974e344a5f830a569e9ca69741350378e51a2b Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Mon, 14 Jan 2019 18:10:49 +0200 Subject: [PATCH 1/2] SPM integration update due to crypto API changes When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM (Secure Partition Manager) integration which separates the code into two parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing Environment). When building for the SPE, an additional header file should be included. --- library/psa_crypto_slot_management.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0b4399f5e1..8b739aa019 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -26,6 +26,21 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. + */ +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif #include "psa/crypto.h" From 14e76787906d7cb7d191ed87a2bdc2103d19e176 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 16 Jan 2019 11:16:39 +0200 Subject: [PATCH 2/2] Documentation update regarding SPM integration --- library/psa_crypto.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b48..82cb158026 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -27,15 +27,16 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) /* - * In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure - * Partition Manager) integration which separate the code into two parts - * NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment). - * In this mode an additional header file should be included. + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. */ #if defined(MBEDTLS_PSA_CRYPTO_SPM) /* - * PSA_CRYPTO_SECURE means that this file is compiled to the SPE side. - * some headers will be affected by this flag. + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. */ #define PSA_CRYPTO_SECURE 1 #include "crypto_spe.h"