mbedtls: access mbedtls private members in mscode and pkcs7 parser
U-Boot requires to access x509_internal.h, mbedtls_sha256_context and
mbedtls_sha1_context in the porting layer, and this requires to
enable MBEDTLS_ALLOW_PRIVATE_ACCESS.
Enable it to mscode and pkcs7_parser to fix a mbedtls internal building
error when X509 is selected.
Moreover, Move it to a separate file to avoid enabling it in multiple
places.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h
index dd66258..c2d62e9 100644
--- a/include/u-boot/sha1.h
+++ b/include/u-boot/sha1.h
@@ -18,17 +18,7 @@
#include <linux/types.h>
#if CONFIG_IS_ENABLED(MBEDTLS_LIB_CRYPTO)
-/*
- * FIXME:
- * MbedTLS define the members of "mbedtls_sha256_context" as private,
- * but "state" needs to be access by arch/arm/cpu/armv8/sha1_ce_glue.
- * MBEDTLS_ALLOW_PRIVATE_ACCESS needs to be enabled to allow the external
- * access.
- * Directly including <external/mbedtls/library/common.h> is not allowed,
- * since this will include <malloc.h> and break the sandbox test.
- */
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
+#include "mbedtls_options.h"
#include <mbedtls/sha1.h>
#endif
diff --git a/include/u-boot/sha256.h b/include/u-boot/sha256.h
index d7a3403..2d86508 100644
--- a/include/u-boot/sha256.h
+++ b/include/u-boot/sha256.h
@@ -7,17 +7,7 @@
#include <linux/types.h>
#if CONFIG_IS_ENABLED(MBEDTLS_LIB_CRYPTO)
-/*
- * FIXME:
- * MbedTLS define the members of "mbedtls_sha256_context" as private,
- * but "state" needs to be access by arch/arm/cpu/armv8/sha256_ce_glue.
- * MBEDTLS_ALLOW_PRIVATE_ACCESS needs to be enabled to allow the external
- * access.
- * Directly including <external/mbedtls/library/common.h> is not allowed,
- * since this will include <malloc.h> and break the sandbox test.
- */
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
+#include "mbedtls_options.h"
#include <mbedtls/sha256.h>
#endif