1*91f16700Schasinglulu /* 2*91f16700Schasinglulu * Copyright (c) 2023, Arm Ltd. All rights reserved. 3*91f16700Schasinglulu * 4*91f16700Schasinglulu * SPDX-License-Identifier: BSD-3-Clause 5*91f16700Schasinglulu */ 6*91f16700Schasinglulu 7*91f16700Schasinglulu #ifndef PSA_MBEDTLS_CONFIG_H 8*91f16700Schasinglulu #define PSA_MBEDTLS_CONFIG_H 9*91f16700Schasinglulu 10*91f16700Schasinglulu #include "mbedtls_config-3.h" 11*91f16700Schasinglulu 12*91f16700Schasinglulu #define MBEDTLS_PSA_CRYPTO_C 13*91f16700Schasinglulu 14*91f16700Schasinglulu /* 15*91f16700Schasinglulu * Using PSA crypto API requires an RNG right now. If we don't define the macro 16*91f16700Schasinglulu * below then we get build errors. 17*91f16700Schasinglulu * 18*91f16700Schasinglulu * This is a functionality gap in mbedTLS. The technical limitation is that 19*91f16700Schasinglulu * psa_crypto_init() is all-or-nothing, and fixing that would require separate 20*91f16700Schasinglulu * initialization of the keystore, the RNG, etc. 21*91f16700Schasinglulu * 22*91f16700Schasinglulu * By defining MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG, we pretend using an external 23*91f16700Schasinglulu * RNG. As a result, the PSA crypto init code does nothing when it comes to 24*91f16700Schasinglulu * initializing the RNG, as we are supposed to take care of that ourselves. 25*91f16700Schasinglulu */ 26*91f16700Schasinglulu #define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 27*91f16700Schasinglulu 28*91f16700Schasinglulu #endif /* PSA_MBEDTLS_CONFIG_H */ 29