-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generalize mbedtls_pk_setup_opaque to MBEDTLS_PSA_CRYPTO_CLIENT #8710
Comments
@mpg notes that if we do that, |
I'm also suggesting we grep the generated |
Idea to be explored: we prepare and test two client-only scenarios:
|
Since I need the same test case also for #8709 (PR #8774) I'm planning to add this testing support there since it's already ongoing. This issue will be started on top of that for simplicity. Very late edit: as suggested by @mpg I'll implement test components here instead of #8774 in order to keep that PR simpler (it already includes a good amount of changes...) |
#8797 seems to implement some changes to |
Extend
mbedtls_pk_setup_opaque
to provide support forMBEDTLS_PK_OPAQUE
whenever PSA crypto API functions are available, i.e. wheneverMBEDTLS_PSA_CRYPTO_CLIENT
is enabled, regardless of the status ofMBEDTLS_USE_PSA_CRYPTO
.For testing, we assume
MBEDTLS_PSA_CRYPTO_C
, since the case ofMBEDTLS_PSA_CRYPTO_CLIENT
withoutMBEDTLS_PSA_CRYPTO_C
is currently untested and not officially supported.See
docs/architecture/psa-migration/psa-legacy-bridges.md
(from #7760) for some background.Definition of done:
pk.h
are gated byMBEDTLS_PSA_CRYPTO_CLIENT
instead ofMBEDTLS_USE_PSA_CRYPTO
.MBEDTLS_PSA_CRYPTO_C
is enabled.Related, but should in principle be independent: #8712
The text was updated successfully, but these errors were encountered: