Closed daverodgman closed 1 week ago
See #5156 for earlier discussion on this
I think we also want to identify test code that becomes redundant. For example, a lot of things are tested both with and without USE_PSA_CRYPTO
, quite a few things tested with PSA_CRYPTO_C
disabled, etc.
My gut feeling is that this task is larger than M - it's the kind of thing that looks easy on paper but where you tend to run into surprises. So, I'd be inclined to split it into smaller tasks - I think the first three items could be one task each.
Also, I agree with leaving some parts (remove dead code) to follow-up tasks but I'd strongly advise we address those tasks ASAP. One of the expected benefits of this work is to make maintenance easier, and we don't fully get that while there's still a lot of dead code around.
I think we also want to identify test code that becomes redundant
Test code will be removed when we remove dead code, based on searching for #if defined
and requires_config_enabled
and the like. Test cases will be identified by outcome analysis, thanks to https://github.com/Mbed-TLS/mbedtls/pull/9593.
We have now created issues for each part, so this planning issue is completed.
MBEDTLS_USE_PSA_CRYPTO
must be removed frommbedtls_config.h
. The library must behave as if it was always enabled. → https://github.com/Mbed-TLS/mbedtls/issues/9630MBEDTLS_PSA_CRYPTO_C
/MBEDTLS_PSA_CRYPTO_CLIENT
must be always enabled. Disabling both would be needed for people who want an alternative PSA impl (this would not be a supported/validated case) → https://github.com/Mbed-TLS/mbedtls/issues/9630MBEDTLS_PSA_CRYPTO_CONFIG
must be removed, and treated as always-enabled. → https://github.com/Mbed-TLS/mbedtls/issues/8153#if !defined
that can never be built). Create tasks to remove this code. → https://github.com/Mbed-TLS/mbedtls/issues/9631 + https://github.com/Mbed-TLS/mbedtls/issues/8153