diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 079fd83d93..deff9cf621 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -143,7 +143,9 @@ extern "C" { * stronger message digests instead. * */ -/* XXX: comment + test */ +/* Note: these are aligned with the definitions of PSA_ALG_ macros for hashes, + * in order to enable an efficient implementation of conversion functions. + * This is tested by md_to_from_psa() in test_suite_md. */ typedef enum { MBEDTLS_MD_NONE=0, /**< None. */ MBEDTLS_MD_MD5=0x03, /**< The MD5 message digest. */ diff --git a/library/md.c b/library/md.c index 932c6d0271..d0ea66b9c7 100644 --- a/library/md.c +++ b/library/md.c @@ -773,46 +773,15 @@ mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info) #if defined(MBEDTLS_PSA_CRYPTO_C) psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) { - switch (md_type) { - case MBEDTLS_MD_MD5: - return PSA_ALG_MD5; - case MBEDTLS_MD_RIPEMD160: - return PSA_ALG_RIPEMD160; - case MBEDTLS_MD_SHA1: - return PSA_ALG_SHA_1; - case MBEDTLS_MD_SHA224: - return PSA_ALG_SHA_224; - case MBEDTLS_MD_SHA256: - return PSA_ALG_SHA_256; - case MBEDTLS_MD_SHA384: - return PSA_ALG_SHA_384; - case MBEDTLS_MD_SHA512: - return PSA_ALG_SHA_512; - default: - return PSA_ALG_NONE; + if (md_type == MBEDTLS_MD_NONE) { + return PSA_ALG_NONE; } + return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type; } mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) { - switch (psa_alg) { - case PSA_ALG_MD5: - return MBEDTLS_MD_MD5; - case PSA_ALG_RIPEMD160: - return MBEDTLS_MD_RIPEMD160; - case PSA_ALG_SHA_1: - return MBEDTLS_MD_SHA1; - case PSA_ALG_SHA_224: - return MBEDTLS_MD_SHA224; - case PSA_ALG_SHA_256: - return MBEDTLS_MD_SHA256; - case PSA_ALG_SHA_384: - return MBEDTLS_MD_SHA384; - case PSA_ALG_SHA_512: - return MBEDTLS_MD_SHA512; - default: - return MBEDTLS_MD_NONE; - } + return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); } int mbedtls_md_error_from_psa(psa_status_t status) diff --git a/library/md_psa.h b/library/md_psa.h index 3231a6023c..2f6c7017dc 100644 --- a/library/md_psa.h +++ b/library/md_psa.h @@ -33,6 +33,9 @@ * * \param md_type The type of digest to search for. * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * * \return The PSA algorithm identifier associated with \p md_type, * regardless of whether it is supported or not. */ @@ -44,6 +47,9 @@ psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type); * * \param psa_alg The PSA algorithm identifier to search for. * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * * \return The MD type associated with \p psa_alg, * regardless of whether it is supported or not. */ diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index ac9516ab8d..687b1029e8 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,5 +1,10 @@ /* BEGIN_HEADER */ #include "mbedtls/md.h" +#include "md_psa.h" + +#define MD_PSA(md, psa) \ + TEST_EQUAL(mbedtls_md_psa_alg_from_type(md), psa); \ + TEST_EQUAL(mbedtls_md_type_from_psa_alg(psa), md); /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -36,6 +41,27 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ +void md_to_from_psa() +{ + /* We use a simplified implementation that relies on numerical values + * being aligned, so make sure they remain so. */ + MD_PSA(MBEDTLS_MD_MD5, PSA_ALG_MD5); + MD_PSA(MBEDTLS_MD_RIPEMD160, PSA_ALG_RIPEMD160); + MD_PSA(MBEDTLS_MD_SHA1, PSA_ALG_SHA_1); + MD_PSA(MBEDTLS_MD_SHA224, PSA_ALG_SHA_224); + MD_PSA(MBEDTLS_MD_SHA256, PSA_ALG_SHA_256); + MD_PSA(MBEDTLS_MD_SHA384, PSA_ALG_SHA_384); + MD_PSA(MBEDTLS_MD_SHA512, PSA_ALG_SHA_512); + MD_PSA(MBEDTLS_MD_SHA3_224, PSA_ALG_SHA3_224); + MD_PSA(MBEDTLS_MD_SHA3_256, PSA_ALG_SHA3_256); + MD_PSA(MBEDTLS_MD_SHA3_384, PSA_ALG_SHA3_384); + MD_PSA(MBEDTLS_MD_SHA3_512, PSA_ALG_SHA3_512); + + MD_PSA(MBEDTLS_MD_NONE, PSA_ALG_NONE); +} +/* END_CASE */ + /* BEGIN_CASE */ void md_null_args() {