[PATCH] crypto: Only include mbedtls/pkcs7.h for affected configs

[Bastian Germann]

PKCS#7 support was introduced with mbedTLS 3.4.0. In order to keep
supporting older mbedTLS make only use of the mbedtls/pkcs7.h header and
its generally included symbols for affected configurations.

Signed-off-by: Bastian Germann <ba...@debian.org>
---
crypto/swupdate_mbedtls.h | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/crypto/swupdate_mbedtls.h b/crypto/swupdate_mbedtls.h
index 83e4f435..5f6ba5b2 100644
--- a/crypto/swupdate_mbedtls.h
+++ b/crypto/swupdate_mbedtls.h
@@ -16,7 +16,9 @@
#include <mbedtls/cipher.h>
#include <mbedtls/version.h>
#include <mbedtls/oid.h>
+#if defined(CONFIG_SIGALG_CMS)
#include <mbedtls/pkcs7.h>
+#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include <psa/crypto.h>
#endif
@@ -24,7 +26,9 @@
struct mbedtls_digest {
mbedtls_md_context_t mbedtls_md_context;
mbedtls_pk_context mbedtls_pk_context;
+#if defined(CONFIG_SIGALG_CMS)
mbedtls_x509_crt trusted_certs;
+#endif
mbedtls_cipher_context_t mbedtls_cipher_context;
int cert_purpose;
};