ECJPAKE: always use MD light

This enables access to all available hashes, instead of the previous situation where you had to choose by including MD_C or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2025-07-29 11:41:15 +03:00 · 2023-03-14 23:59:24 +01:00
parent ffcda5679a
commit 41bc8b6b1e
5 changed files with 32 additions and 44 deletions
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@ -30,18 +30,6 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"

-/* We use MD first if it's available (for compatibility reasons)
- * and "fall back" to PSA otherwise (which needs psa_crypto_init()). */
-#if !defined(MBEDTLS_MD_C)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#if !defined(MBEDTLS_ECJPAKE_ALT)
-#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status,   \
-                                                           psa_to_md_errors,              \
-                                                           psa_generic_status_to_mbedtls)
-#endif /* !MBEDTLS_ECJPAKE_ALT */
-#endif /* !MBEDTLS_MD_C */
-
 #include "hash_info.h"

 #include <string.h>
@ -66,19 +54,8 @@ static int mbedtls_ecjpake_compute_hash(mbedtls_md_type_t md_type,
                                        const unsigned char *input, size_t ilen,
                                        unsigned char *output)
 {
-#if defined(MBEDTLS_MD_C)
    return mbedtls_md(mbedtls_md_info_from_type(md_type),
                      input, ilen, output);
-#else
-    psa_algorithm_t alg = mbedtls_psa_translate_md(md_type);
-    psa_status_t status;
-    size_t out_size = PSA_HASH_LENGTH(alg);
-    size_t out_len;
-
-    status = psa_hash_compute(alg, input, ilen, output, out_size, &out_len);
-
-    return PSA_TO_MBEDTLS_ERR(status);
-#endif /* !MBEDTLS_MD_C */
 }

 /*
@ -142,15 +119,9 @@ int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx,

    ctx->role = role;

-#if defined(MBEDTLS_MD_C)
    if ((mbedtls_md_info_from_type(hash)) == NULL) {
        return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
    }
-#else
-    if (mbedtls_psa_translate_md(hash) == MBEDTLS_MD_NONE) {
-        return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
-    }
-#endif

    ctx->md_type = hash;