Fix MSVC build issue from MbedTls issue 7087 #258
Conversation
ccrugoPhilips
force-pushed
the
fix/vs2019_build_issue_7087
branch
from
bb38edb to
de8fa9e
Compare
|
A couple of additional remarks: The build issues reported in Mbed-TLS/mbedtls#7087 are not present anymore with VS2022 (MSVC toolset v143). Added an extra fix for a warning being treated as error when MBEDTLS_PSA_KEY_STORE_DYNAMIC is disabled. |
ccrugoPhilips
force-pushed
the
fix/vs2019_build_issue_7087
branch
from
fb49fd7 to
7a96523
Compare
There was a problem hiding this comment.
Sorry for the delay.
Two nitpicks but otherwise this looks god to me. Unfortunately, this needs to be rebased though (conflicts with crypto_extra.h).
I've removed the commits related to crypto_extra.h in #260 and added there a change log that should cover both PRs.
Thus if possible on your side, please rebase. Otherwise if this is more convenient for you I can cherry-pick your commits in #260 and resolve the conflicts.
Otherwise @irwir proposed here a simpler solution it seems. Would this work for you?
include/psa/crypto_extra.h
Outdated
| struct psa_pake_cipher_suite_s | ||
| { |
There was a problem hiding this comment.
| struct psa_pake_cipher_suite_s | |
| { | |
| struct psa_pake_cipher_suite_s { |
include/psa/crypto_extra.h
Outdated
| /* A primitive of type compatible with algorithm */ | ||
| psa_pake_primitive_t MBEDTLS_PRIVATE(primitive); | ||
| /* Stage of the PAKE operation: waiting for the setup, collecting inputs | ||
| * or computing. */ |
There was a problem hiding this comment.
| * or computing. */ | |
| * or computing. */ |
Hi there, I see that related PRs have already been merged and seems this PR is not necessary anymore; can you please confirm to close without merging. Happy the issue was finally addressed ;) |
Addressed, but not fully resolved. |
Hi, to address #7087, the changes needed in crypto.h are merged both in development(#260) and 3.6(Mbed-TLS/mbedtls#10196). We still have to merge the changes needed in crypto_extra.h. While looking at the backport in 3.6 (Mbed-TLS/mbedtls#10200) I realized that the changes proposed here and previously in #260 could be improved to be more aligned with how things are now organized in crypto.h . That what we have now in Mbed-TLS/mbedtls#10200, that is ready to merged. I plan to align this PR with Mbed-TLS/mbedtls#10200 regarding crypto_extra.h. |
Eventually I do not think we can just remove the declarations: That the way we do it in crypto.h for the other xyz_init(void) functions: psa_key_attributes_init(), psa_hash_operation_init(), psa_mac_operation_init() ... |
What is the reason? |
I gave the reason above: alignment with how things are done for the other xyz_init() functions for the other algorithms in crypto.h. That way when PAKE APIs become official the move of the PAKE header code to crypto_struct.h, crypto.h ... is hopefully going to be easier. |
Alignment could have the opposite direction - in my case commenting out all forward declarations fixed the issue (4 lines in crypto.h, 2 lines in crypto_extra.h). But whatever, the current code is far from final. |
Signed-off-by: Cesar Cruz <[email protected]> Signed-off-by: ccrugoPhilips <[email protected]>
Signed-off-by: Cesar Cruz <[email protected]> Signed-off-by: ccrugoPhilips <[email protected]>
Signed-off-by: ccrugoPhilips <[email protected]>
Signed-off-by: Ronald Cron <[email protected]>
ronald-cron-arm
force-pushed
the
fix/vs2019_build_issue_7087
branch
from
01284e6 to
72b1832
Compare
|
Thus I have aligned the changes done to crypto_extra.h with the ones done in Mbed-TLS/mbedtls#10200. The result was 01284e6. Then I rebased to resolve the conflicts in crypto_extra.h due to the work on PAKE key confirmation that was merged as part of another thread of work. |
In crypto_extra.h, move PAKE size calculation macros, the definition of psa_pake_cipher_suite_s and psa_pake_operation_s just after PAKE type and values definitions. This aligns with the order of crypto header inclusions in crypto.h: crypto_types.h, then crypto_values.h, then crypto_sizes.h, and then crypto_struct.h. Take care of keeping them outside of the pake Doxygen group as they used to be. Signed-off-by: Ronald Cron <[email protected]>
As the definition of psa_pake_operation_s has been moved the "xyt_t" structure types can not be used anymore (defined later). Signed-off-by: Ronald Cron <[email protected]>
ronald-cron-arm
force-pushed
the
fix/vs2019_build_issue_7087
branch
from
72b1832 to
162d773
Compare
Signed-off-by: Ronald Cron <[email protected]>
ronald-cron-arm
added
needs-review
There was a problem hiding this comment.
Looks good overall, in aligment with Mbed-TLS/mbedtls#10200 with only one missing bugfix on the backport.
| @@ -660,7 +660,7 @@ psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id, | |||
| /* Refresh slot_idx, for when the slot is not the original | |||
| * selected_slot but rather unused_persistent_key_slot. */ | |||
| slot_idx = selected_slot - global_data.key_slots; | |||
| *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + slot_idx; | |||
| *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + (psa_key_id_t) slot_idx; | |||
There was a problem hiding this comment.
As discussed on the back-port PR was this fix required ?
| psa_pake_family_t family; | ||
| uint16_t bits; | ||
| psa_algorithm_t hash; | ||
| uint32_t key_confirmation; |
There was a problem hiding this comment.
This is a note for other reviewers: This API incompatibility is expected and introduced in #200
davidhorstmann-arm
added
approved
Description
Refactored code causing build issues with MSVC toolset v142 and prior. This has been tracked under MbedTls issue 7087.
PR checklist