mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-30 22:43:08 +03:00
Merge pull request #7242 from mpg/md-dispatch-psa
Implement MD dispatch to PSA
This commit is contained in:
Manuel Pégourié-Gonnard
GitHub
198
library/md.c
198
library/md.c
@ -52,6 +52,11 @@
|
||||
#include "mbedtls/sha256.h"
|
||||
#include "mbedtls/sha512.h"
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
#include <psa/crypto.h>
|
||||
#include "psa_crypto_core.h"
|
||||
#endif
|
||||
|
||||
#include "mbedtls/platform.h"
|
||||
|
||||
#include <string.h>
|
||||
@ -60,7 +65,7 @@
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
const mbedtls_md_info_t mbedtls_md5_info = {
|
||||
"MD5",
|
||||
MBEDTLS_MD_MD5,
|
||||
@ -69,7 +74,7 @@ const mbedtls_md_info_t mbedtls_md5_info = {
|
||||
};
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#if defined(MBEDTLS_MD_CAN_RIPEMD160)
|
||||
const mbedtls_md_info_t mbedtls_ripemd160_info = {
|
||||
"RIPEMD160",
|
||||
MBEDTLS_MD_RIPEMD160,
|
||||
@ -78,7 +83,7 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = {
|
||||
};
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
const mbedtls_md_info_t mbedtls_sha1_info = {
|
||||
"SHA1",
|
||||
MBEDTLS_MD_SHA1,
|
||||
@ -87,7 +92,7 @@ const mbedtls_md_info_t mbedtls_sha1_info = {
|
||||
};
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
const mbedtls_md_info_t mbedtls_sha224_info = {
|
||||
"SHA224",
|
||||
MBEDTLS_MD_SHA224,
|
||||
@ -96,7 +101,7 @@ const mbedtls_md_info_t mbedtls_sha224_info = {
|
||||
};
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
const mbedtls_md_info_t mbedtls_sha256_info = {
|
||||
"SHA256",
|
||||
MBEDTLS_MD_SHA256,
|
||||
@ -105,7 +110,7 @@ const mbedtls_md_info_t mbedtls_sha256_info = {
|
||||
};
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
const mbedtls_md_info_t mbedtls_sha384_info = {
|
||||
"SHA384",
|
||||
MBEDTLS_MD_SHA384,
|
||||
@ -114,7 +119,7 @@ const mbedtls_md_info_t mbedtls_sha384_info = {
|
||||
};
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
const mbedtls_md_info_t mbedtls_sha512_info = {
|
||||
"SHA512",
|
||||
MBEDTLS_MD_SHA512,
|
||||
@ -126,31 +131,31 @@ const mbedtls_md_info_t mbedtls_sha512_info = {
|
||||
const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type)
|
||||
{
|
||||
switch (md_type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
case MBEDTLS_MD_MD5:
|
||||
return &mbedtls_md5_info;
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#if defined(MBEDTLS_MD_CAN_RIPEMD160)
|
||||
case MBEDTLS_MD_RIPEMD160:
|
||||
return &mbedtls_ripemd160_info;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
case MBEDTLS_MD_SHA1:
|
||||
return &mbedtls_sha1_info;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
case MBEDTLS_MD_SHA224:
|
||||
return &mbedtls_sha224_info;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
return &mbedtls_sha256_info;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return &mbedtls_sha384_info;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return &mbedtls_sha512_info;
|
||||
#endif
|
||||
@ -159,8 +164,71 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type)
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info)
|
||||
{
|
||||
switch (info->type) {
|
||||
#if defined(MBEDTLS_MD_MD5_VIA_PSA)
|
||||
case MBEDTLS_MD_MD5:
|
||||
return PSA_ALG_MD5;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_RIPEMD160_VIA_PSA)
|
||||
case MBEDTLS_MD_RIPEMD160:
|
||||
return PSA_ALG_RIPEMD160;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA1_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA1:
|
||||
return PSA_ALG_SHA_1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA224_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA224:
|
||||
return PSA_ALG_SHA_224;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA256_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
return PSA_ALG_SHA_256;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA384_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return PSA_ALG_SHA_384;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA512_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return PSA_ALG_SHA_512;
|
||||
#endif
|
||||
default:
|
||||
return PSA_ALG_NONE;
|
||||
}
|
||||
}
|
||||
|
||||
static int md_can_use_psa(const mbedtls_md_info_t *info)
|
||||
{
|
||||
psa_algorithm_t alg = psa_alg_of_md(info);
|
||||
if (alg == PSA_ALG_NONE) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
return psa_can_do_hash(alg);
|
||||
}
|
||||
|
||||
static int mbedtls_md_error_from_psa(psa_status_t status)
|
||||
{
|
||||
switch (status) {
|
||||
case PSA_SUCCESS:
|
||||
return 0;
|
||||
case PSA_ERROR_NOT_SUPPORTED:
|
||||
return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
case PSA_ERROR_INSUFFICIENT_MEMORY:
|
||||
return MBEDTLS_ERR_MD_ALLOC_FAILED;
|
||||
default:
|
||||
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_MD_SOME_PSA */
|
||||
|
||||
void mbedtls_md_init(mbedtls_md_context_t *ctx)
|
||||
{
|
||||
/* Note: this sets engine (if present) to MBEDTLS_MD_ENGINE_LEGACY */
|
||||
memset(ctx, 0, sizeof(mbedtls_md_context_t));
|
||||
}
|
||||
|
||||
@ -171,6 +239,11 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx)
|
||||
}
|
||||
|
||||
if (ctx->md_ctx != NULL) {
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) {
|
||||
psa_hash_abort(ctx->md_ctx);
|
||||
} else
|
||||
#endif
|
||||
switch (ctx->md_info->type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_MD_MD5:
|
||||
@ -214,11 +287,13 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx)
|
||||
mbedtls_free(ctx->md_ctx);
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
if (ctx->hmac_ctx != NULL) {
|
||||
mbedtls_platform_zeroize(ctx->hmac_ctx,
|
||||
2 * ctx->md_info->block_size);
|
||||
mbedtls_free(ctx->hmac_ctx);
|
||||
}
|
||||
#endif
|
||||
|
||||
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md_context_t));
|
||||
}
|
||||
@ -232,6 +307,21 @@ int mbedtls_md_clone(mbedtls_md_context_t *dst,
|
||||
return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
if (src->engine != dst->engine) {
|
||||
/* This can happen with src set to legacy because PSA wasn't ready
|
||||
* yet, and dst to PSA because it became ready in the meantime.
|
||||
* We currently don't support that case (we'd need to re-allocate
|
||||
* md_ctx to the size of the appropriate MD context). */
|
||||
return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
}
|
||||
|
||||
if (src->engine == MBEDTLS_MD_ENGINE_PSA) {
|
||||
psa_status_t status = psa_hash_clone(src->md_ctx, dst->md_ctx);
|
||||
return mbedtls_md_error_from_psa(status);
|
||||
}
|
||||
#endif
|
||||
|
||||
switch (src->md_info->type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_MD_MD5:
|
||||
@ -292,8 +382,23 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info
|
||||
|
||||
ctx->md_info = md_info;
|
||||
ctx->md_ctx = NULL;
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
ctx->hmac_ctx = NULL;
|
||||
#else
|
||||
if (hmac != 0) {
|
||||
return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
if (md_can_use_psa(ctx->md_info)) {
|
||||
ctx->md_ctx = mbedtls_calloc(1, sizeof(psa_hash_operation_t));
|
||||
if (ctx->md_ctx == NULL) {
|
||||
return MBEDTLS_ERR_MD_ALLOC_FAILED;
|
||||
}
|
||||
ctx->engine = MBEDTLS_MD_ENGINE_PSA;
|
||||
} else
|
||||
#endif
|
||||
switch (md_info->type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_MD_MD5:
|
||||
@ -334,6 +439,7 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info
|
||||
return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
if (hmac != 0) {
|
||||
ctx->hmac_ctx = mbedtls_calloc(2, md_info->block_size);
|
||||
if (ctx->hmac_ctx == NULL) {
|
||||
@ -341,6 +447,7 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info
|
||||
return MBEDTLS_ERR_MD_ALLOC_FAILED;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -352,6 +459,15 @@ int mbedtls_md_starts(mbedtls_md_context_t *ctx)
|
||||
return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) {
|
||||
psa_algorithm_t alg = psa_alg_of_md(ctx->md_info);
|
||||
psa_hash_abort(ctx->md_ctx);
|
||||
psa_status_t status = psa_hash_setup(ctx->md_ctx, alg);
|
||||
return mbedtls_md_error_from_psa(status);
|
||||
}
|
||||
#endif
|
||||
|
||||
switch (ctx->md_info->type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_MD_MD5:
|
||||
@ -392,6 +508,13 @@ int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, siz
|
||||
return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) {
|
||||
psa_status_t status = psa_hash_update(ctx->md_ctx, input, ilen);
|
||||
return mbedtls_md_error_from_psa(status);
|
||||
}
|
||||
#endif
|
||||
|
||||
switch (ctx->md_info->type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_MD_MD5:
|
||||
@ -432,6 +555,15 @@ int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output)
|
||||
return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) {
|
||||
size_t size = ctx->md_info->size;
|
||||
psa_status_t status = psa_hash_finish(ctx->md_ctx,
|
||||
output, size, &size);
|
||||
return mbedtls_md_error_from_psa(status);
|
||||
}
|
||||
#endif
|
||||
|
||||
switch (ctx->md_info->type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_MD_MD5:
|
||||
@ -473,6 +605,16 @@ int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, siz
|
||||
return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_SOME_PSA)
|
||||
if (md_can_use_psa(md_info)) {
|
||||
size_t size = md_info->size;
|
||||
psa_status_t status = psa_hash_compute(psa_alg_of_md(md_info),
|
||||
input, ilen,
|
||||
output, size, &size);
|
||||
return mbedtls_md_error_from_psa(status);
|
||||
}
|
||||
#endif
|
||||
|
||||
switch (md_info->type) {
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_MD_MD5:
|
||||
@ -536,30 +678,30 @@ mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info)
|
||||
*/
|
||||
static const int supported_digests[] = {
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
MBEDTLS_MD_SHA512,
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
MBEDTLS_MD_SHA384,
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_MD_SHA256,
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
MBEDTLS_MD_SHA224,
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
MBEDTLS_MD_SHA1,
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#if defined(MBEDTLS_MD_CAN_RIPEMD160)
|
||||
MBEDTLS_MD_RIPEMD160,
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
MBEDTLS_MD_MD5,
|
||||
#endif
|
||||
|
||||
@ -578,37 +720,37 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name)
|
||||
}
|
||||
|
||||
/* Get the appropriate digest information */
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
if (!strcmp("MD5", md_name)) {
|
||||
return mbedtls_md_info_from_type(MBEDTLS_MD_MD5);
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#if defined(MBEDTLS_MD_CAN_RIPEMD160)
|
||||
if (!strcmp("RIPEMD160", md_name)) {
|
||||
return mbedtls_md_info_from_type(MBEDTLS_MD_RIPEMD160);
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
if (!strcmp("SHA1", md_name) || !strcmp("SHA", md_name)) {
|
||||
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
if (!strcmp("SHA224", md_name)) {
|
||||
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA224);
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
if (!strcmp("SHA256", md_name)) {
|
||||
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
if (!strcmp("SHA384", md_name)) {
|
||||
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
if (!strcmp("SHA512", md_name)) {
|
||||
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
|
||||
}
|
||||
|
||||
@ -111,6 +111,7 @@ static int key_type_is_raw_bytes(psa_key_type_t type)
|
||||
typedef struct {
|
||||
unsigned initialized : 1;
|
||||
unsigned rng_state : 2;
|
||||
unsigned drivers_initialized : 1;
|
||||
mbedtls_psa_random_context_t rng;
|
||||
} psa_global_data_t;
|
||||
|
||||
@ -125,6 +126,12 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state =
|
||||
if (global_data.initialized == 0) \
|
||||
return PSA_ERROR_BAD_STATE;
|
||||
|
||||
int psa_can_do_hash(psa_algorithm_t hash_alg)
|
||||
{
|
||||
(void) hash_alg;
|
||||
return global_data.drivers_initialized;
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_to_psa_error(int ret)
|
||||
{
|
||||
/* Mbed TLS error codes can combine a high-level error code and a
|
||||
@ -7124,6 +7131,13 @@ psa_status_t psa_crypto_init(void)
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
/* Init drivers */
|
||||
status = psa_driver_wrapper_init();
|
||||
if (status != PSA_SUCCESS) {
|
||||
goto exit;
|
||||
}
|
||||
global_data.drivers_initialized = 1;
|
||||
|
||||
/* Initialize and seed the random generator. */
|
||||
mbedtls_psa_random_init(&global_data.rng);
|
||||
global_data.rng_state = RNG_INITIALIZED;
|
||||
@ -7138,12 +7152,6 @@ psa_status_t psa_crypto_init(void)
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Init drivers */
|
||||
status = psa_driver_wrapper_init();
|
||||
if (status != PSA_SUCCESS) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
|
||||
status = psa_crypto_load_transaction();
|
||||
if (status == PSA_SUCCESS) {
|
||||
|
||||
@ -26,6 +26,18 @@
|
||||
#include "psa/crypto.h"
|
||||
#include "psa/crypto_se_driver.h"
|
||||
|
||||
/**
|
||||
* Tell if PSA is ready for this hash.
|
||||
*
|
||||
* \note For now, only checks the state of the driver subsystem,
|
||||
* not the algorithm. Might do more in the future.
|
||||
*
|
||||
* \param hash_alg The hash algorithm (ignored for now).
|
||||
*
|
||||
* \return 1 if the driver subsytem is ready, 0 otherwise.
|
||||
*/
|
||||
int psa_can_do_hash(psa_algorithm_t hash_alg);
|
||||
|
||||
/** Constant-time buffer comparison
|
||||
*
|
||||
* \param[in] a Left-hand buffer for comparison.
|
||||
|
||||
Reference in New Issue
Block a user