lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Merge pull request #6065 from mpg/explore2

Browse Source 
Driver-only hashes: RSA 1.5 and PK + strategy doc
This commit is contained in:
Manuel Pégourié-Gonnard
2022-07-28 10:43:38 +02:00
committed by GitHub
parent 9115e1bc4d 68429fc44d
commit f6b8c3297a
39 changed files with 1125 additions and 541 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
library/CMakeLists.txt
View File

@ -38,6 +38,7 @@ set(src_crypto
entropy_poll.c
error.c
gcm.c
hash_info.c
hkdf.c
hmac_drbg.c
md.c

1
library/Makefile
View File

@ -103,6 +103,7 @@ OBJS_CRYPTO= \
entropy_poll.o \
error.o \
gcm.o \
hash_info.o \
hkdf.o \
hmac_drbg.o \
md.o \

109
library/hash_info.c Normal file
View File

@ -0,0 +1,109 @@
/*
* Hash information that's independent from the crypto implementation.
*
* (See the corresponding header file for usage notes.)
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "hash_info.h"
#include "legacy_or_psa.h"
typedef struct
{
psa_algorithm_t psa_alg;
mbedtls_md_type_t md_type;
unsigned char size;
unsigned char block_size;
} hash_entry;
static const hash_entry hash_table[] = {
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA)
{ PSA_ALG_MD5, MBEDTLS_MD_MD5, 16, 64 },
#endif
#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA)
{ PSA_ALG_RIPEMD160, MBEDTLS_MD_RIPEMD160, 20, 64 },
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
{ PSA_ALG_SHA_1, MBEDTLS_MD_SHA1, 20, 64 },
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
{ PSA_ALG_SHA_224, MBEDTLS_MD_SHA224, 28, 64 },
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
{ PSA_ALG_SHA_256, MBEDTLS_MD_SHA256, 32, 64 },
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
{ PSA_ALG_SHA_384, MBEDTLS_MD_SHA384, 48, 128 },
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
{ PSA_ALG_SHA_512, MBEDTLS_MD_SHA512, 64, 128 },
#endif
{ PSA_ALG_NONE, MBEDTLS_MD_NONE, 0, 0 },
};
/* Get size from MD type */
unsigned char mbedtls_hash_info_get_size( mbedtls_md_type_t md_type )
{
const hash_entry *entry = hash_table;
while( entry->md_type != MBEDTLS_MD_NONE &&
entry->md_type != md_type )
{
entry++;
}
return entry->size;
}
/* Get block size from MD type */
unsigned char mbedtls_hash_info_get_block_size( mbedtls_md_type_t md_type )
{
const hash_entry *entry = hash_table;
while( entry->md_type != MBEDTLS_MD_NONE &&
entry->md_type != md_type )
{
entry++;
}
return entry->block_size;
}
/* Get PSA from MD */
psa_algorithm_t mbedtls_hash_info_psa_from_md( mbedtls_md_type_t md_type )
{
const hash_entry *entry = hash_table;
while( entry->md_type != MBEDTLS_MD_NONE &&
entry->md_type != md_type )
{
entry++;
}
return entry->psa_alg;
}
/* Get MD from PSA */
mbedtls_md_type_t mbedtls_hash_info_md_from_psa( psa_algorithm_t psa_alg )
{
const hash_entry *entry = hash_table;
while( entry->md_type != MBEDTLS_MD_NONE &&
entry->psa_alg != psa_alg )
{
entry++;
}
return entry->md_type;
}

77
library/hash_info.h Normal file
View File

@ -0,0 +1,77 @@
/**
* Hash information that's independent from the crypto implementation.
*
* This can be used by:
* - code based on PSA
* - code based on the legacy API
* - code based on either of them depending on MBEDTLS_USE_PSA_CRYPTO
* - code based on either of them depending on what's available
*
* Note: this internal module will go away when everything becomes based on
* PSA Crypto; it is a helper for the transition while hash algorithms are
* still represented using mbedtls_md_type_t in most places even when PSA is
* used for the actual crypto computations.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef MBEDTLS_HASH_INFO_H
#define MBEDTLS_HASH_INFO_H
#include "common.h"
#include "mbedtls/md.h"
#include "psa/crypto.h"
/** Get the output length of the given hash type from its MD type.
*
* \note To get the output length from the PSA alg, use \c PSA_HASH_LENGTH().
*
* \param md_type The hash MD type.
*
* \return The output length in bytes, or 0 if not known.
*/
unsigned char mbedtls_hash_info_get_size( mbedtls_md_type_t md_type );
/** Get the block size of the given hash type from its MD type.
*
* \note To get the output length from the PSA alg, use
* \c PSA_HASH_BLOCK_LENGTH().
*
* \param md_type The hash MD type.
*
* \return The block size in bytes, or 0 if not known.
*/
unsigned char mbedtls_hash_info_get_block_size( mbedtls_md_type_t md_type );
/** Get the PSA alg from the MD type.
*
* \param md_type The hash MD type.
*
* \return The corresponding PSA algorithm identifier,
* or PSA_ALG_NONE if not known.
*/
psa_algorithm_t mbedtls_hash_info_psa_from_md( mbedtls_md_type_t md_type );
/** Get the MD type alg from the PSA algorithm identifier.
*
* \param psa_alg The PSA hash algorithm.
*
* \return The corresponding MD type,
* or MBEDTLS_MD_NONE if not known.
*/
mbedtls_md_type_t mbedtls_hash_info_md_from_psa( psa_algorithm_t psa_alg );
#endif /* MBEDTLS_HASH_INFO_H */

193
library/legacy_or_psa.h Normal file
View File

@ -0,0 +1,193 @@
/**
* Internal macros to express dependencies for code and tests
* that may use either the legacy API or PSA in various builds.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* These macros are for code that wants to use <crypto feature> and will do so
* using <legacy API> or PSA depending on <condition>, where:
* - <crypto feature> will generally be an algorithm (SHA-256, ECDH) but may
* also be a key type (AES, RSA, EC) or domain parameters (elliptic curve);
* - <legacy API> will be either:
* - low-level module API (aes.h, sha256.h), or
* - an abstraction layer (md.h, cipher.h);
* - <condition> will be either:
* - depending on what's available in the build, or
* - depending on whether MBEDTLS_USE_PSA_CRYPTO is defined.
*
* Examples:
* - TLS 1.2 will compute hashes using either mbedtls_md_xxx() (and
* mbedtls_sha256_xxx()) or psa_aead_xxx() depending on whether
* MBEDTLS_USE_PSA_CRYPTO is defined;
* - RSA PKCS#1 v2.1 will, in the near future*, compute hashes (for padding)
* using either `mbedtls_md()` if it's available, or `psa_hash_compute()`
* otherwise;
* - PEM decoding of PEM-encrypted keys will, in the near future*, compute MD5
* hashes using either `mbedtls_md5_xxx()` if it's available, or
* `psa_hash_xxx()` otherwise.
* *See docs/architecture/psa-migration/strategy.md, section "Supporting
* builds with drivers without the software implementation", strategy for step
* 1 (libmbedcrypto except the RNG subsystem).
*
* Note: the macros are essential to express test dependencies. Inside code,
* we could instead just use the equivalent pre-processor condition, but
* that's not possible in test dependencies where we need a single macro.
* Hopefully, using these macros in code will also help with consistency.
*
* The naming scheme for these macros is:
* MBEDTLS_HAS_feature_VIA_legacy_OR_PSA(_condition)
* where:
* - feature is expressed the same way as in PSA_WANT macros, for example:
* KEY_TYPE_AES, ALG_SHA_256, ECC_SECP_R1_256;
* - legacy is either LOWLEVEL or the name of the layer: MD, CIPHER;
* - condition is omitted if it's based on availability, else it's
* BASED_ON_USE_PSA.
*
* Coming back to the examples above:
* - TLS 1.2 will determine if it can use SHA-256 using
* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
* for the purposes of negotiation, and in test dependencies;
* - RSA PKCS#1 v2.1 tests that used SHA-256 will depend on
* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
* - PEM decoding code and its associated tests will depend on
* MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
*
* Note: every time it's possible to use, say SHA-256, via the MD API, then
* it's also possible to used it via the low-level API. So, code that wants to
* use SHA-256 via both APIs only needs to depend on the MD macro. Also, it
* just so happens that all the choosing which API to use based on
* MBEDTLS_USE_PSA_CRYPTO (X.509, TLS 1.2/shared), always uses the abstraction
* layer (sometimes in addition to the low-level API), so we don't need the
* MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA_BASED_ON_USE_PSA macros.
* (PK, while obeying MBEDTLS_USE_PSA_CRYPTO, doesn't compute hashes itself,
* even less makes use of ciphers.)
*
* Note: the macros MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA are the minimal
* condition for being able to use <feature> at all. As such, they should be
* used for guarding data about <feature>, such as OIDs or size. For example,
* OID values related to SHA-256 are only useful when SHA-256 can be used at
* least in some way.
*/
#ifndef MBEDTLS_OR_PSA_HELPERS_H
#define MBEDTLS_OR_PSA_HELPERS_H
#include "common.h"
/*
* Hashes
*/
/* Hashes using low-level or PSA based on availability */
#if defined(MBEDTLS_MD5_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_RIPEMD160_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA1_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA224_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA256_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA384_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA512_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
#endif
/* Hashes using MD or PSA based on availability */
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
#endif
/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5) )
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160) )
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) )
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) )
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) )
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) )
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) )
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#endif /* MBEDTLS_OR_PSA_HELPERS_H */

30
library/oid.c
View File

@ -27,6 +27,8 @@
#include "mbedtls/rsa.h"
#include "mbedtls/error.h"
#include "legacy_or_psa.h"
#include <stdio.h>
#include <string.h>
@ -586,7 +588,6 @@ FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg)
FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg)
#endif /* MBEDTLS_CIPHER_C */
#if defined(MBEDTLS_MD_C)
/*
* For digestAlgorithm
*/
@ -597,48 +598,48 @@ typedef struct {
static const oid_md_alg_t oid_md_alg[] =
{
#if defined(MBEDTLS_MD5_C)
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5" ),
MBEDTLS_MD_MD5,
},
#endif /* MBEDTLS_MD5_C */
#if defined(MBEDTLS_SHA1_C)
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA1, "id-sha1", "SHA-1" ),
MBEDTLS_MD_SHA1,
},
#endif /* MBEDTLS_SHA1_C */
#if defined(MBEDTLS_SHA224_C)
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA224, "id-sha224", "SHA-224" ),
MBEDTLS_MD_SHA224,
},
#endif
#if defined(MBEDTLS_SHA256_C)
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA256, "id-sha256", "SHA-256" ),
MBEDTLS_MD_SHA256,
},
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA384_C)
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384" ),
MBEDTLS_MD_SHA384,
},
#endif /* MBEDTLS_SHA384_C */
#if defined(MBEDTLS_SHA512_C)
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512" ),
MBEDTLS_MD_SHA512,
},
#endif /* MBEDTLS_SHA512_C */
#if defined(MBEDTLS_RIPEMD160_C)
#endif
#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160" ),
MBEDTLS_MD_RIPEMD160,
},
#endif /* MBEDTLS_RIPEMD160_C */
#endif
{
NULL_OID_DESCRIPTOR,
MBEDTLS_MD_NONE,
@ -649,6 +650,7 @@ FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
#if defined(MBEDTLS_MD_C)
/*
* For HMAC digestAlgorithm
*/

13
library/pk.c
View File

@ -24,6 +24,8 @@
#include "pk_wrap.h"
#include "pkwrite.h"
#include "hash_info.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
@ -358,15 +360,14 @@ int mbedtls_pk_can_do_ext( const mbedtls_pk_context *ctx, psa_algorithm_t alg,
*/
static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
{
const mbedtls_md_info_t *md_info;
if( *hash_len != 0 )
return( 0 );
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
*hash_len = mbedtls_hash_info_get_size( md_alg );
if( *hash_len == 0 )
return( -1 );
*hash_len = mbedtls_md_get_size( md_info );
return( 0 );
}
@ -508,7 +509,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
psa_status_t status = PSA_ERROR_DATA_CORRUPT;
psa_status_t destruction_status = PSA_ERROR_DATA_CORRUPT;
psa_algorithm_t psa_md_alg = mbedtls_psa_translate_md( md_alg );
psa_algorithm_t psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t psa_sig_alg =
@ -673,7 +674,7 @@ int mbedtls_pk_sign_ext( mbedtls_pk_type_t pk_type,
}
#if defined(MBEDTLS_RSA_C)
psa_md_alg = mbedtls_psa_translate_md( md_alg );
psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
if( psa_md_alg == 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );

11
library/pk_wrap.c
View File

@ -52,6 +52,7 @@
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
#include "mbedtls/asn1.h"
#include "hash_info.h"
#endif
#if defined(MBEDTLS_PLATFORM_C)
@ -179,7 +180,7 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
int key_len;
unsigned char buf[MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES];
psa_algorithm_t psa_alg_md =
PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_psa_translate_md( md_alg ) );
PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_hash_info_psa_from_md( md_alg ) );
size_t rsa_len = mbedtls_rsa_get_len( rsa );
#if SIZE_MAX > UINT_MAX
@ -328,7 +329,7 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
((void) p_rng);
psa_algorithm_t psa_md_alg;
psa_md_alg = mbedtls_psa_translate_md( md_alg );
psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
if( psa_md_alg == 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@ -1168,7 +1169,7 @@ static int ecdsa_sign_wrap( void *ctx_arg, mbedtls_md_type_t md_alg,
unsigned char buf[MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES];
unsigned char *p;
psa_algorithm_t psa_sig_md =
PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( md_alg ) );
size_t curve_bits;
psa_ecc_family_t curve =
mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits );
@ -1542,12 +1543,12 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
alg = PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( md_alg ) );
else
#endif /* MBEDTLS_ECDSA_C */
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( type ) )
alg = PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_psa_translate_md( md_alg ) );
alg = PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_hash_info_psa_from_md( md_alg ) );
else
#endif /* MBEDTLS_RSA_C */
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );

5
library/psa_crypto_ecp.c
View File

@ -26,7 +26,7 @@
#include "psa_crypto_core.h"
#include "psa_crypto_ecp.h"
#include "psa_crypto_random_impl.h"
#include "psa_crypto_hash.h"
#include "hash_info.h"
#include <stdlib.h>
#include <string.h>
@ -367,8 +367,7 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash(
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
mbedtls_md_type_t md_alg = mbedtls_hash_info_md_from_psa( hash_alg );
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext(
&ecp->grp, &r, &s,
&ecp->d, hash,

45
library/psa_crypto_hash.c
View File

@ -29,51 +29,6 @@
#include <mbedtls/error.h>
#include <string.h>
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
{
switch( alg )
{
#if defined(MBEDTLS_MD5_C)
case PSA_ALG_MD5:
return( &mbedtls_md5_info );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
case PSA_ALG_RIPEMD160:
return( &mbedtls_ripemd160_info );
#endif
#if defined(MBEDTLS_SHA1_C)
case PSA_ALG_SHA_1:
return( &mbedtls_sha1_info );
#endif
#if defined(MBEDTLS_SHA224_C)
case PSA_ALG_SHA_224:
return( &mbedtls_sha224_info );
#endif
#if defined(MBEDTLS_SHA256_C)
case PSA_ALG_SHA_256:
return( &mbedtls_sha256_info );
#endif
#if defined(MBEDTLS_SHA384_C)
case PSA_ALG_SHA_384:
return( &mbedtls_sha384_info );
#endif
#if defined(MBEDTLS_SHA512_C)
case PSA_ALG_SHA_512:
return( &mbedtls_sha512_info );
#endif
default:
return( NULL );
}
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
#if defined(MBEDTLS_PSA_BUILTIN_HASH)
psa_status_t mbedtls_psa_hash_abort(
mbedtls_psa_hash_operation_t *operation )

9
library/psa_crypto_hash.h
View File

@ -25,15 +25,6 @@
#include "md_wrap.h"
/** Get Mbed TLS MD information of a hash algorithm given its PSA identifier
*
* \param[in] alg PSA hash algorithm identifier
*
* \return The Mbed TLS MD information of the hash algorithm. \c NULL if the
* PSA hash algorithm is not supported.
*/
const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg );
/** Calculate the hash (digest) of a message using Mbed TLS routines.
*
* \note The signature of this function is that of a PSA driver hash_compute

11
library/psa_crypto_rsa.c
View File

@ -41,6 +41,7 @@
#include <mbedtls/error.h>
#include <mbedtls/pk.h>
#include "pk_wrap.h"
#include "hash_info.h"
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
@ -326,8 +327,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
mbedtls_md_type_t *md_alg )
{
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
*md_alg = mbedtls_md_get_type( md_info );
*md_alg = mbedtls_hash_info_md_from_psa( hash_alg );
/* The Mbed TLS RSA module uses an unsigned int for hash length
* parameters. Validate that it fits so that we don't risk an
@ -340,9 +340,9 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
/* For signatures using a hash, the hash length must be correct. */
if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
{
if( md_info == NULL )
if( *md_alg == MBEDTLS_MD_NONE )
return( PSA_ERROR_NOT_SUPPORTED );
if( mbedtls_md_get_size( md_info ) != hash_length )
if( mbedtls_hash_info_get_size( *md_alg ) != hash_length )
return( PSA_ERROR_INVALID_ARGUMENT );
}
@ -543,8 +543,7 @@ static int psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg,
mbedtls_rsa_context *rsa )
{
psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
mbedtls_md_type_t md_alg = mbedtls_hash_info_md_from_psa( hash_alg );
return( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ) );
}

9
library/rsa.c
View File

@ -46,6 +46,7 @@
#include "mbedtls/error.h"
#include "constant_time_internal.h"
#include "mbedtls/constant_time.h"
#include "hash_info.h"
#include <string.h>
@ -497,6 +498,7 @@ int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
return( MBEDTLS_ERR_RSA_INVALID_PADDING );
}
#if defined(MBEDTLS_PKCS1_V21)
if( ( padding == MBEDTLS_RSA_PKCS_V21 ) &&
( hash_id != MBEDTLS_MD_NONE ) )
{
@ -506,6 +508,7 @@ int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
if( md_info == NULL )
return( MBEDTLS_ERR_RSA_INVALID_PADDING );
}
#endif /* MBEDTLS_PKCS1_V21 */
ctx->padding = padding;
ctx->hash_id = hash_id;
@ -1733,14 +1736,14 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg,
/* Are we signing hashed or raw data? */
if( md_alg != MBEDTLS_MD_NONE )
{
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == NULL )
unsigned char md_size = mbedtls_hash_info_get_size( md_alg );
if( md_size == 0 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( hashlen != mbedtls_md_get_size( md_info ) )
if( hashlen != md_size )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
/* Double-check that 8 + hashlen + oid_size can be used as a

4
library/ssl_ciphersuites.c
View File

@ -1933,10 +1933,10 @@ psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ci
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
return( PSA_ALG_RSA_PKCS1V15_SIGN(
mbedtls_psa_translate_md( info->mac ) ) );
mbedtls_hash_info_psa_from_md( info->mac ) ) );
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return( PSA_ALG_ECDSA( mbedtls_psa_translate_md( info->mac ) ) );
return( PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( info->mac ) ) );
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:

2
library/ssl_cookie.c
View File

@ -117,7 +117,7 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
(void)f_rng;
(void)p_rng;
alg = mbedtls_psa_translate_md( COOKIE_MD );
alg = mbedtls_hash_info_psa_from_md( COOKIE_MD );
if( alg == 0 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );

1
library/ssl_misc.h
View File

@ -30,6 +30,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
#include "hash_info.h"
#endif
#if defined(MBEDTLS_MD5_C)

8
library/ssl_tls.c
View File

@ -7443,10 +7443,10 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mac_alg = mbedtls_psa_translate_md( ciphersuite_info->mac );
mac_alg = mbedtls_hash_info_psa_from_md( ciphersuite_info->mac );
if( mac_alg == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_psa_translate_md for %u not found",
MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_hash_info_psa_from_md for %u not found",
(unsigned) ciphersuite_info->mac ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@ -7826,7 +7826,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
{
psa_status_t status;
psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg );
psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( md_alg );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) );
@ -7967,7 +7967,7 @@ unsigned int mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg(
if( ssl->handshake->key_cert && ssl->handshake->key_cert->key )
{
psa_algorithm_t psa_hash_alg =
mbedtls_psa_translate_md( hash_alg_received );
mbedtls_hash_info_psa_from_md( hash_alg_received );
if( sig_alg_received == MBEDTLS_SSL_SIG_ECDSA &&
! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key,

4
library/ssl_tls13_generic.c
View File

@ -219,7 +219,7 @@ static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
goto error;
}
hash_alg = mbedtls_psa_translate_md( md_alg );
hash_alg = mbedtls_hash_info_psa_from_md( md_alg );
if( hash_alg == 0 )
{
goto error;
@ -1043,7 +1043,7 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl,
p += 2;
/* Hash verify buffer with indicated hash function */
psa_algorithm = mbedtls_psa_translate_md( md_alg );
psa_algorithm = mbedtls_hash_info_psa_from_md( md_alg );
status = psa_hash_compute( psa_algorithm,
verify_buffer,
verify_buffer_len,

12
library/ssl_tls13_keys.c
View File

@ -622,7 +622,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application( mbedtls_ssl_context *ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
psa_algorithm_t const hash_alg = mbedtls_psa_translate_md(
psa_algorithm_t const hash_alg = mbedtls_hash_info_psa_from_md(
handshake->ciphersuite_info->mac );
/*
@ -734,7 +734,7 @@ int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context* ssl,
mbedtls_md_type_t const md_type = ssl->handshake->ciphersuite_info->mac;
psa_algorithm_t hash_alg = mbedtls_psa_translate_md(
psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md(
ssl->handshake->ciphersuite_info->mac );
size_t const hash_len = PSA_HASH_LENGTH( hash_alg );
@ -1059,7 +1059,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
hash_alg = mbedtls_psa_translate_md( handshake->ciphersuite_info->mac );
hash_alg = mbedtls_hash_info_psa_from_md( handshake->ciphersuite_info->mac );
ret = mbedtls_ssl_tls13_evolve_secret( hash_alg, NULL, NULL, 0,
handshake->tls13_master_secrets.early );
@ -1134,7 +1134,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
md_type = ciphersuite_info->mac;
hash_alg = mbedtls_psa_translate_md( ciphersuite_info->mac );
hash_alg = mbedtls_hash_info_psa_from_md( ciphersuite_info->mac );
hash_len = PSA_HASH_LENGTH( hash_alg );
ret = mbedtls_ssl_get_handshake_transcript( ssl, md_type,
@ -1228,7 +1228,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED && MBEDTLS_ECDH_C */
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
psa_algorithm_t const hash_alg = mbedtls_psa_translate_md(
psa_algorithm_t const hash_alg = mbedtls_hash_info_psa_from_md(
handshake->ciphersuite_info->mac );
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
@ -1340,7 +1340,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
md_type = handshake->ciphersuite_info->mac;
hash_alg = mbedtls_psa_translate_md( handshake->ciphersuite_info->mac );
hash_alg = mbedtls_hash_info_psa_from_md( handshake->ciphersuite_info->mac );
hash_len = PSA_HASH_LENGTH( hash_alg );
/* Compute current handshake transcript. It's the caller's responsibility

5
library/x509_crt.c
View File

@ -47,6 +47,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PLATFORM_C)
@ -2379,7 +2380,7 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
flags |= MBEDTLS_X509_BADCRL_BAD_PK;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm = mbedtls_psa_translate_md( crl_list->sig_md );
psa_algorithm = mbedtls_hash_info_psa_from_md( crl_list->sig_md );
if( psa_hash_compute( psa_algorithm,
crl_list->tbs.p,
crl_list->tbs.len,
@ -2460,7 +2461,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
return( -1 );
#else
unsigned char hash[PSA_HASH_MAX_SIZE];
psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md );
psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( child->sig_md );
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
status = psa_hash_compute( hash_alg,

3
library/x509write_crt.c
View File

@ -43,6 +43,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
@ -500,7 +501,7 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx,
/* Compute hash of CRT. */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm = mbedtls_psa_translate_md( ctx->md_alg );
psa_algorithm = mbedtls_hash_info_psa_from_md( ctx->md_alg );
status = psa_hash_compute( psa_algorithm,
c,

3
library/x509write_csr.c
View File

@ -35,6 +35,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#include <string.h>
@ -150,7 +151,7 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
mbedtls_pk_type_t pk_alg;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
size_t hash_len;
psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( ctx->md_alg );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Write the CSR backwards starting from the end of buf */