From 665eda7031747052630e9ae8d54a11e1b93ce5ca Mon Sep 17 00:00:00 2001 From: Elena Uziunaite Date: Wed, 10 Jul 2024 15:32:02 +0300 Subject: [PATCH 1/2] Introduce crypto_adjust_config_derived.h Signed-off-by: Elena Uziunaite --- .../builtin/include/mbedtls/config_psa.h | 4 +-- .../psa/crypto_adjust_config_derived.h | 31 +++++++++++++++++++ 2 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 tf-psa-crypto/include/psa/crypto_adjust_config_derived.h diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h index 5f3d0f3d5d..2520a9a53d 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h @@ -52,9 +52,7 @@ #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ -#if defined(PSA_WANT_ALG_JPAKE) -#define PSA_WANT_ALG_SOME_PAKE 1 -#endif +#include "psa/crypto_adjust_config_derived.h" #include "psa/crypto_adjust_auto_enabled.h" diff --git a/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h b/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h new file mode 100644 index 0000000000..84b420256a --- /dev/null +++ b/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h @@ -0,0 +1,31 @@ +/** + * \file psa/crypto_adjust_config_derived.h + * \brief Adjust PSA configuration by defining internal symbols + * + * This is an internal header. Do not include it directly. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H +#define PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H + +#if !defined(MBEDTLS_CONFIG_FILES_READ) +#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \ + "up to and including runtime errors such as buffer overflows. " \ + "If you're trying to fix a complaint from check_config.h, just remove " \ + "it from your configuration file: since Mbed TLS 3.0, it is included " \ + "automatically at the right point." +#endif /* */ + +#if defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) +#define PSA_HAVE_ALG_SOME_ECDSA +#endif + +#if defined(PSA_WANT_ALG_JPAKE) +#define PSA_WANT_ALG_SOME_PAKE 1 +#endif + +#endif /* PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H */ From 87e0550890cd481297b533bf2e6bbc47a11c7690 Mon Sep 17 00:00:00 2001 From: Elena Uziunaite Date: Wed, 10 Jul 2024 15:45:14 +0300 Subject: [PATCH 2/2] Replace MBEDTLS_PSA_UTIL_HAVE_ECDSA with PSA_HAVE_ALG_SOME_ECDSA Signed-off-by: Elena Uziunaite --- tf-psa-crypto/core/psa_util.c | 4 ++-- tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h | 4 ++-- tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h | 4 ++-- tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h | 4 ++-- tf-psa-crypto/drivers/builtin/src/asn1parse.c | 4 ++-- tf-psa-crypto/drivers/builtin/src/asn1write.c | 4 ++-- .../tests/suites/test_suite_psa_crypto_util.function | 6 +++--- 7 files changed, 15 insertions(+), 15 deletions(-) diff --git a/tf-psa-crypto/core/psa_util.c b/tf-psa-crypto/core/psa_util.c index e89b00f130..3870def4e9 100644 --- a/tf-psa-crypto/core/psa_util.c +++ b/tf-psa-crypto/core/psa_util.c @@ -365,7 +365,7 @@ int mbedtls_psa_get_random(void *p_rng, #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ -#if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) +#if defined(PSA_HAVE_ALG_SOME_ECDSA) /** * \brief Convert a single raw coordinate to DER ASN.1 format. The output der @@ -599,4 +599,4 @@ int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_l return 0; } -#endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +#endif /* PSA_HAVE_ALG_SOME_ECDSA */ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h index ff019f432a..e2d7311a79 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h @@ -198,7 +198,7 @@ typedef struct mbedtls_asn1_named_data { mbedtls_asn1_named_data; #if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) || \ - defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) + defined(PSA_HAVE_ALG_SOME_ECDSA) /** * \brief Get the length of an ASN.1 element. * Updates the pointer to immediately behind the length. @@ -245,7 +245,7 @@ int mbedtls_asn1_get_len(unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag); -#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || PSA_HAVE_ALG_SOME_ECDSA */ #if defined(MBEDTLS_ASN1_PARSE_C) /** diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h index 0c5a85ac27..7081996223 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h @@ -37,7 +37,7 @@ extern "C" { #endif #if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) || \ - defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) + defined(PSA_HAVE_ALG_SOME_ECDSA) /** * \brief Write a length field in ASN.1 format. * @@ -66,7 +66,7 @@ int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start, */ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsigned char tag); -#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA*/ +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || PSA_HAVE_ALG_SOME_ECDSA*/ #if defined(MBEDTLS_ASN1_WRITE_C) /** diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h index c78cc23333..08fa5b374f 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h @@ -141,7 +141,7 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa } #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ -#if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) +#if defined(PSA_HAVE_ALG_SOME_ECDSA) /** Convert an ECDSA signature from raw format to DER ASN.1 format. * @@ -181,7 +181,7 @@ int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_l int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_len, unsigned char *raw, size_t raw_size, size_t *raw_len); -#endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +#endif /* PSA_HAVE_ALG_SOME_ECDSA */ /**@}*/ diff --git a/tf-psa-crypto/drivers/builtin/src/asn1parse.c b/tf-psa-crypto/drivers/builtin/src/asn1parse.c index e33fdf71da..ecea90434b 100644 --- a/tf-psa-crypto/drivers/builtin/src/asn1parse.c +++ b/tf-psa-crypto/drivers/builtin/src/asn1parse.c @@ -8,7 +8,7 @@ #include "common.h" #if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) || \ - defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) + defined(PSA_HAVE_ALG_SOME_ECDSA) #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" @@ -74,7 +74,7 @@ int mbedtls_asn1_get_tag(unsigned char **p, return mbedtls_asn1_get_len(p, end, len); } -#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || PSA_HAVE_ALG_SOME_ECDSA */ #if defined(MBEDTLS_ASN1_PARSE_C) int mbedtls_asn1_get_bool(unsigned char **p, diff --git a/tf-psa-crypto/drivers/builtin/src/asn1write.c b/tf-psa-crypto/drivers/builtin/src/asn1write.c index 775a9ef530..6355fad3b6 100644 --- a/tf-psa-crypto/drivers/builtin/src/asn1write.c +++ b/tf-psa-crypto/drivers/builtin/src/asn1write.c @@ -8,7 +8,7 @@ #include "common.h" #if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) || \ - defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) + defined(PSA_HAVE_ALG_SOME_ECDSA) #include "mbedtls/asn1write.h" #include "mbedtls/error.h" @@ -63,7 +63,7 @@ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsign return 1; } -#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || PSA_HAVE_ALG_SOME_ECDSA */ #if defined(MBEDTLS_ASN1_WRITE_C) static int mbedtls_asn1_write_len_and_tag(unsigned char **p, diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function index 2d8915e549..05b62538a6 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function @@ -3,7 +3,7 @@ #include /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +/* BEGIN_CASE depends_on:PSA_HAVE_ALG_SOME_ECDSA */ void ecdsa_raw_to_der(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *tmp_buf = NULL; @@ -24,7 +24,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +/* BEGIN_CASE depends_on:PSA_HAVE_ALG_SOME_ECDSA */ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_result) { unsigned char *tmp_buf = NULL; @@ -54,7 +54,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +/* BEGIN_CASE depends_on:PSA_HAVE_ALG_SOME_ECDSA */ void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *in_buf = NULL;