TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / c7c03b7d173b416e1d20157776e65b935eaa52a2^! / . / include
commitc7c03b7d173b416e1d20157776e65b935eaa52a2[log] [tgz]
authorJohn Durkop <john.durkop@fermatsoftware.com>Mon Oct 12 21:42:03 2020 -0700
committerJohn Durkop <john.durkop@fermatsoftware.com>Mon Oct 12 21:42:03 2020 -0700
treea4d113ab59eb04a0ef9feb653271ca71634ecdfb
parent348188229acdbb7297e021d8f6371200b77ed0df [diff]
Enhanced documentation for crypto_config.h

Provided more detailed documentation for crypto_config.h file so it
is clear to users can enable cryptographic mechanisms using
PSA_WANT_XXX. If MBEDTLS_PSA_CRYPTO_CONFIG is not set the settings in
this file are not used.

Ensure that defines used in this file are set to 1 and not simply defined
per the specification. Also removed the __cplusplus guards since they are
not needed for this file.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>

diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index 8e2f40e..808c68a 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h

@@ -2,10 +2,34 @@
  * \file psa/crypto_config.h
  * \brief PSA crypto configuration options (set of defines)
  *
- *  This set of compile-time options may be used to enable
- *  or disable PSA crypto features selectively. This will aid
- *  in reducing the size of the library by removing unused code.
+*/
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+/**
+ * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in config.h,
+ * this file determines which cryptographic mechanisms are enabled
+ * through the PSA Cryptography API (\c psa_xxx() functions).
+ *
+ * To enable a cryptographic mechanism, uncomment the definition of
+ * the corresponding \c PSA_WANT_xxx preprocessor symbol.
+ * To disable a cryptographic mechanism, comment out the definition of
+ * the corresponding \c PSA_WANT_xxx preprocessor symbol.
+ * The names of cryptographic mechanisms correspond to values
+ * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead
+ * of \c PSA_.
+ *
+ * Note that many cryptographic mechanisms involve two symbols: one for
+ * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm
+ * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve
+ * additional symbols.
  */
+#else
+/**
+ * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in config.h,
+ * this file is not used, and cryptographic mechanisms are supported
+ * through the PSA API if and only if they are supported through the
+ * mbedtls_xxx API.
+ */
+#endif
 /*
  *  Copyright The Mbed TLS Contributors
  *  SPDX-License-Identifier: Apache-2.0
@@ -26,19 +50,7 @@
 #ifndef PSA_CRYPTO_CONFIG_H
 #define PSA_CRYPTO_CONFIG_H
 
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define PSA_WANT_ALG_ECDSA
-
-#define PSA_WANT_ALG_ECDSA_DETERMINISTIC
-
-//#define MBEDTLS_PSA_ACCEL_ALG_ECDSA
-//#define MBEDTLS_PSA_ACCEL_ALG_ECDSA_DETERMINISTIC
-
-#ifdef __cplusplus
-}
-#endif
+#define PSA_WANT_ALG_ECDSA                  1
+#define PSA_WANT_ALG_ECDSA_DETERMINISTIC    1
 
 #endif /* PSA_CRYPTO_CONFIG_H */