From c71ed2fd541c927c29cbcef6f13b0a08fbdc43f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= <frank.kvamtro@nordicsemi.no>
Date: Wed, 18 Sep 2024 23:50:44 +0200
Subject: [PATCH] [nrf noup] mcuboot: Prevent PSA crypto driver requirements
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

-This commit adds MBEDTLS_PSA_CRYPTO_CLIENT to the config-file
 that MCUboot uses, to ensure that we are not requesting details
 about PSA crypto drivers. When MBEDTLS_PSA_CRYPTO_CLIENT is set
 and not MBEDTLS_PSA_CRYPTO_C, then we are preventing from figuring
 out what the PSA crypto driver contexts structures look like...
 please see a comment in psa/crypto_structs.h for details

Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
---
 boot/zephyr/include/mcuboot-mbedtls-cfg.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/boot/zephyr/include/mcuboot-mbedtls-cfg.h b/boot/zephyr/include/mcuboot-mbedtls-cfg.h
index 2bab537d7..9107d85fe 100644
--- a/boot/zephyr/include/mcuboot-mbedtls-cfg.h
+++ b/boot/zephyr/include/mcuboot-mbedtls-cfg.h
@@ -32,5 +32,8 @@
 #else
 #error "Cannot configure mbedTLS; signature type is unknown."
 #endif
-
+/* This define prevents include of psa/crypto from requing knowledge of the 
+ * PSA crypto drivers. see psa/crypto_structs.h for details
+ */
+#define MBEDTLS_PSA_CRYPTO_CLIENT
 #endif