lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-05 19:35:48 +03:00
Code Activity

Replace MBEDTLS_MD_CAN_SHA1 with PSA_WANT_ALG_SHA_1

Browse Source 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
This commit is contained in:
Elena Uziunaite
2024-09-04 18:12:59 +01:00
parent 1d98d9d861
commit 9fc5be09cb
42 changed files with 1064 additions and 1066 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
library/ssl_ciphersuites.c
View File

@@ -384,7 +384,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -395,7 +395,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
@@ -481,18 +481,18 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
@@ -503,7 +503,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
@@ -571,12 +571,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
@@ -612,7 +612,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
0,
@@ -622,7 +622,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(PSA_WANT_ALG_CCM)
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
@@ -658,7 +658,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
0,
@@ -668,7 +668,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(PSA_WANT_ALG_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -720,7 +720,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
@@ -732,7 +732,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_CCM)
{ MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
@@ -767,7 +767,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
0,
@@ -777,7 +777,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(PSA_WANT_ALG_GCM)
@@ -801,7 +801,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
@@ -812,7 +812,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
@@ -880,18 +880,18 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -902,7 +902,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
@@ -970,12 +970,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
@@ -1012,7 +1012,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
0,
@@ -1022,7 +1022,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(PSA_WANT_ALG_CCM)
{ MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
@@ -1113,7 +1113,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
0,
@@ -1123,7 +1123,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(PSA_WANT_ALG_CCM)
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
@@ -1199,7 +1199,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
0,
@@ -1209,7 +1209,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* PSA_WANT_KEY_TYPE_AES */
@@ -1268,7 +1268,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
0,
@@ -1278,7 +1278,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* PSA_WANT_KEY_TYPE_AES */
@@ -1338,7 +1338,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
MBEDTLS_CIPHERSUITE_WEAK,
@@ -1354,12 +1354,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
@@ -1377,12 +1377,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
@@ -1400,12 +1400,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
@@ -1423,12 +1423,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
MBEDTLS_CIPHERSUITE_WEAK,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",

4
library/ssl_misc.h
View File

@@ -26,7 +26,7 @@
#include "mbedtls/md5.h"
#endif
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
#include "mbedtls/sha1.h"
#endif
@@ -2557,7 +2557,7 @@ static inline int mbedtls_ssl_tls12_sig_alg_is_supported(
break;
#endif
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
case MBEDTLS_SSL_HASH_SHA1:
break;
#endif

4
library/ssl_tls.c
View File

@@ -6113,7 +6113,7 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash)
case MBEDTLS_SSL_HASH_MD5:
return MBEDTLS_MD_MD5;
#endif
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
case MBEDTLS_SSL_HASH_SHA1:
return MBEDTLS_MD_SHA1;
#endif
@@ -6148,7 +6148,7 @@ unsigned char mbedtls_ssl_hash_from_md_alg(int md)
case MBEDTLS_MD_MD5:
return MBEDTLS_SSL_HASH_MD5;
#endif
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
case MBEDTLS_MD_SHA1:
return MBEDTLS_SSL_HASH_SHA1;
#endif

2
library/x509.c
View File

@@ -133,7 +133,7 @@ static inline const char *md_type_to_string(mbedtls_md_type_t md_alg)
case MBEDTLS_MD_MD5:
return "MD5";
#endif
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
case MBEDTLS_MD_SHA1:
return "SHA1";
#endif

4
library/x509write_crt.c
View File

@@ -195,7 +195,7 @@ int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx,
is_ca, buf + sizeof(buf) - len, len);
}
#if defined(MBEDTLS_MD_CAN_SHA1)
#if defined(PSA_WANT_ALG_SHA_1)
static int mbedtls_x509write_crt_set_key_identifier(mbedtls_x509write_cert *ctx,
int is_ca,
unsigned char tag)
@@ -280,7 +280,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *c
1,
(MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0));
}
#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* PSA_WANT_ALG_SHA_1 */
int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx,
unsigned int key_usage)