Crypto: Reduce diverging PSA Crypto headers between TF-M and Mbed TLS
Reduce divergence between PSA Crypto headers available in TF-M and
Mbed TLS.
* Consistently use mbedtls_svc_key_id_t for psa_key_id_t in the headers
* Concentrate IMPDEF behaviour in crypto_struct and crypto_platform
* Make sure the same config file is used for client and server views,
i.e. make sure that ENCODES_OWNER config define is passed in a
dedicated compile switch privately to the crypto service
* Add \emptydescription for Doxygen when required
* clean up the psa_crypto_config cmake target
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: Ia65c9d267ac9dc0441ea484408c5501c1558e580
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h
index 5e3b3e5..5d9eac5 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h
@@ -216,21 +216,6 @@
*/
#define MBEDTLS_ENTROPY_NV_SEED
-/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- *
- * Enable key identifiers that encode a key owner identifier.
- *
- * This is only meaningful when building the library as part of a
- * multi-client service. When you activate this option, you must provide an
- * implementation of the type mbedtls_key_owner_id_t and a translation from
- * mbedtls_svc_key_id_t to file name in all the storage backends that you
- * you wish to support.
- *
- * Note that this option is meant for internal use only and may be removed
- * without notice.
- */
-#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-
/**
* \def MBEDTLS_PK_RSA_ALT_SUPPORT
*
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h
index 20219c2..d9f1610 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h
@@ -217,21 +217,6 @@
*/
#define MBEDTLS_ENTROPY_NV_SEED
-/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- *
- * Enable key identifiers that encode a key owner identifier.
- *
- * This is only meaningful when building the library as part of a
- * multi-client service. When you activate this option, you must provide an
- * implementation of the type mbedtls_key_owner_id_t and a translation from
- * mbedtls_svc_key_id_t to file name in all the storage backends that you
- * you wish to support.
- *
- * Note that this option is meant for internal use only and may be removed
- * without notice.
- */
-#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-
/**
* \def MBEDTLS_PK_RSA_ALT_SUPPORT
*
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h
index 5ecfeaa..7c7127c 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h
@@ -241,21 +241,6 @@
*/
#define MBEDTLS_ENTROPY_NV_SEED
-/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- *
- * Enable key identifiers that encode a key owner identifier.
- *
- * This is only meaningful when building the library as part of a
- * multi-client service. When you activate this option, you must provide an
- * implementation of the type mbedtls_key_owner_id_t and a translation from
- * mbedtls_svc_key_id_t to file name in all the storage backends that you
- * you wish to support.
- *
- * Note that this option is meant for internal use only and may be removed
- * without notice.
- */
-#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-
/**
* \def MBEDTLS_PSA_CRYPTO_SPM
*
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h
index 7f9b575..8bdc70e 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h
@@ -230,21 +230,6 @@
*/
#define MBEDTLS_ENTROPY_NV_SEED
-/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- *
- * Enable key identifiers that encode a key owner identifier.
- *
- * This is only meaningful when building the library as part of a
- * multi-client service. When you activate this option, you must provide an
- * implementation of the type mbedtls_key_owner_id_t and a translation from
- * mbedtls_svc_key_id_t to file name in all the storage backends that you
- * you wish to support.
- *
- * Note that this option is meant for internal use only and may be removed
- * without notice.
- */
-#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-
/**
* \def MBEDTLS_PSA_CRYPTO_SPM
*
diff --git a/lib/ext/t_cose/CMakeLists.txt b/lib/ext/t_cose/CMakeLists.txt
index 3e2420a..068537f 100644
--- a/lib/ext/t_cose/CMakeLists.txt
+++ b/lib/ext/t_cose/CMakeLists.txt
@@ -46,6 +46,11 @@
${CMAKE_CURRENT_SOURCE_DIR}/crypto_adapters/t_cose_psa_crypto.c
)
+target_link_libraries(tfm_t_cose_common
+ INTERFACE
+ psa_crypto_config
+)
+
############################ t_cose secure #####################################
add_library(tfm_t_cose_s STATIC EXCLUDE_FROM_ALL)