TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 439dbc5c607387461df3faefc408bfa0bf3b0472^! / . / include / mbedtls
commit439dbc5c607387461df3faefc408bfa0bf3b0472[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Fri Mar 10 12:33:15 2023 +0100
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Fri Mar 10 12:37:15 2023 +0100
treef35d339b6d5bc38b86698895c0b058c3b1d9a14e
parent45bcb6aac847645439f35416bf229e709a963a5c [diff]
Fix dependency for TLS 1.3 as well

Turns out TLS 1.3 is using the PK layer for signature generation &
verification, and the PK layer is influenced by USE_PSA_CRYPTO.

Also update docs/use-psa-crypto.md accordingly.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7b1c70c..ca60a9d 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -783,7 +783,7 @@
 
 #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
 #if !( defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
-       ( defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_PKCS1_V21) ) )
+       ( defined(MBEDTLS_PK_HAVE_ECDSA) || defined(MBEDTLS_PKCS1_V21) ) )
 #error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED defined, but not all prerequisites"
 #endif
 #endif