Open gilles-peskine-arm opened 1 month ago
I'm upping the size estimate. This is easy, but tedious: each place where MBEDTLS_USE_PSA_CRYPTO
is used is easy or trivial to update, but there are a lot of them.
After a bit of experimentation, unifdef can help us. It seems to at least handle the simple cases correctly. Use the latest version (unifdef 2.10 errors out in many places in our code; 2.12 only chokes in three places, see https://github.com/gilles-peskine-arm/mbedtls/tree/use_psa_crypto-remove_with_unifdef-1). That still leaves many places with complex expressions like #if defined(FOO) && defined(MBEDTLS_USE_PSA_CRYPTO)
that unifdef doesn't touch.
Remove all the code that is only used when
MBEDTLS_USE_PSA_CRYPTO
is disabled.Remove
#define MBEDTLS_USE_PSA_CRYPTO
.Follow-up to https://github.com/Mbed-TLS/mbedtls/issues/9630. We should also do https://github.com/Mbed-TLS/mbedtls/issues/9676 first (not strictly required, but I think it's easier to do it in this order).
Definition of done:
MBEDTLS_USE_PSA_CRYPTO
no longer appears in any code. It may still appear in documentation (covered by https://github.com/Mbed-TLS/mbedtls/issues/9632).