[mbed-tls] Re: PSA key slot management functions access private structure members

-- Gilles Peskine On 05/05/2023 17:47, Gilles Peskine via mbed-tls wrote: > With Archanaa's help I've analyzed the problem and filed an issue at > https://github.com/Mbed-TLS/mbedtls/issues/7559 . > > This problem is most likely to arise if you build with > MBEDTLS_PSA_CRYPTO_STORAGE_C enabled but MBEDTLS_PSA_ITS_FILE_C > disabled, relying on a native implementation of PSA ITS. As a quick > fix, you can add the line > #include "common.h" > at the top of library/psa_crypto_core.h. > > Best regards, > > -- > Gilles Peskine > Mbed TLS developer > > On 05/05/2023 12:19, Gilles Peskine via mbed-tls wrote: >> Hi, >> >> Can you share your configuration and compiler (including flags and >> target)? This isn't happening in any of the configurations we test on >> our CI, but psa_crypto_core.h doesn't include the correct header >> directly, and maybe the indirect include that makes it work for us is >> omitted in some configurations. >> >> Library and test code should define MBEDTLS_ALLOW_PRIVATE_ACCESS, but >> it's missing in some places. We'll fix that, but it would be good to >> know what configurations make it actually break. >> >> Best regards, >> >> -- >> Gilles Peskine >> Mbed TLS developer >> >> On 04/05/2023 21:56, S Krishnan, Archanaa via mbed-tls wrote: >>> >>> Hello, >>> >>> In mbedLS v3.4.0, I came across a build error that there are no >>> members for type and flag in psa_core_keyattributes_t  structure. >>> >>> The following functions in psa_crypto_core.h  access private members >>> type and flag of psa_core_keyattributes_t structure without the >>> MBEDTLS_PRIBATE() private access. >>> >>> * psa_is_key_slot_occupied() >>> * psa_key_slot_get_flags() >>> * psa_key_slot_set_flags() >>> * psa_key_slot_set_bits_in_flags() >>> * psa_key_slot_clear_bits() >>> >>> Updating to private access for attribute struct members in >>> psa_crypto_core.h fixed the build errors. >>> >>> Regards, >>> Archanaa >>> >>> >> >> > >