Crypto header clash with mbed-crypto
Open, HighPublic


It seems that TF-M copies the crypto headers from mbed-crypto folder ./include/psa into folder ./mbedcrypto/psa. However TF-M also provides different crypto headers in folder ./interface/include/psa.

TF-M modules typically include "psa/crypto.h" except crypto service modules which include "mbedcrypto/psa/crypto.h" through “tfm_mbedcrypto_include.h”.

The problem is that in our tools both include folders (./include from mbed-crypto installation and ./interface/include from TF-M) are in the global search path causing wrong headers being used.

Another issues is the use of “mbedcrypto” prefix in include "mbedcrypto/psa/crypto.h". We have mbed-crypto already installed and copying crypto headers would not be needed when using include “psa/crypto.h”.

RobertRostohar triaged this task as High priority.

Shall we involve mbed-crypto people for this topic?

adeaarm reassigned this task from adeaarm to davidwang.Oct 23 2019, 10:58 AM
adeaarm added a subscriber: adeaarm.

Assigned to @davidwang for futher tracking and follow up.

Working on the proposal.