mbedtls icon indicating copy to clipboard operation
mbedtls copied to clipboard
verified publisher icon Mbed-TLS

Remove hkdf

Open bjwtaylor opened this issue 6 months ago • 1 comments

Description

Remove hkdf.c resolves https://github.com/Mbed-TLS/mbedtls/issues/9150 depends https://github.com/Mbed-TLS/TF-PSA-Crypto/pull/310

PR checklist

  • [ ] changelog provided | not required because: TBC
  • [ ] development PR provided #HERE
  • [ ] TF-PSA-Crypto PR provided https://github.com/Mbed-TLS/TF-PSA-Crypto/pull/310
  • [ ] framework PR not required
  • [ ] 3.6 PR not required because: No backports
  • tests not required because: No Changes

bjwtaylor avatar Jun 10 '25 10:06 bjwtaylor

Not really a review, but a quick suggested way to make this merge non-dependent:

  1. In a TF-PSA-Crypto PR, remove the test files tests/suites/test_suite_hkdf.data & tests/suites/test_suite_hkdf.function

  2. In the same crypto PR, make hkdf.h and hkdf.c dummy files, i.e. remove all their functions and macros.

  3. Merge that crypto PR

  4. Do the changes in this PR (also should be able to remove HDKF from generate_errors.pl)

  5. Merge this PR

  6. Remove the (now dummy) files hkdf.h and hkdf.c from TF-PSA-Crypto and merge.

Should work, did a quick test run locally, and not too complicated I think :crossed_fingers:

felixc-arm avatar Jun 13 '25 14:06 felixc-arm

@bjwtaylor I've GitHub-approved, but I think you should get a second review from someone on the team :) so I haven't set labels. Also: is the CI failure expected? (I'm not following things closely enough to know if that's still "normal for round here")

tom-cosgrove-arm avatar Jul 17 '25 07:07 tom-cosgrove-arm

@tom-cosgrove-arm, many thanks for your help. Yes, the New CI is currently a work in progress and the OpenCI is broken so we are just using internal ci for now

bjwtaylor avatar Jul 17 '25 09:07 bjwtaylor