mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-10-17 04:51:22 +03:00
Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
@@ -295,7 +295,7 @@
|
||||
*
|
||||
* Requires: PSA_WANT_ALG_JPAKE
|
||||
* PSA_WANT_ALG_SHA_256
|
||||
* MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
* PSA_WANT_ECC_SECP_R1_256
|
||||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
|
||||
@@ -2346,15 +2346,15 @@ static inline int mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported(
|
||||
#if defined(PSA_WANT_ALG_SHA_256) && defined(PSA_WANT_ECC_SECP_R1_256)
|
||||
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
|
||||
break;
|
||||
#endif /* PSA_WANT_ALG_SHA_256 && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
|
||||
#endif /* PSA_WANT_ALG_SHA_256 && PSA_WANT_ECC_SECP_R1_256 */
|
||||
#if defined(PSA_WANT_ALG_SHA_384) && defined(PSA_WANT_ECC_SECP_R1_384)
|
||||
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384:
|
||||
break;
|
||||
#endif /* PSA_WANT_ALG_SHA_384 && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
|
||||
#endif /* PSA_WANT_ALG_SHA_384 && PSA_WANT_ECC_SECP_R1_384 */
|
||||
#if defined(PSA_WANT_ALG_SHA_512) && defined(PSA_WANT_ECC_SECP_R1_521)
|
||||
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512:
|
||||
break;
|
||||
#endif /* PSA_WANT_ALG_SHA_512 && MBEDTLS_ECP_DP_SECP521R1_ENABLED */
|
||||
#endif /* PSA_WANT_ALG_SHA_512 && PSA_WANT_ECC_SECP_R1_521 */
|
||||
#endif /* PSA_HAVE_ALG_SOME_ECDSA */
|
||||
|
||||
#if defined(PSA_WANT_ALG_RSA_PSS)
|
||||
|
||||
@@ -470,47 +470,47 @@ static const struct {
|
||||
uint8_t is_supported;
|
||||
} tls_id_group_name_table[] =
|
||||
{
|
||||
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521)
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_521)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
|
||||
#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384)
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_384)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
|
||||
#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256)
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_256)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256)
|
||||
#if defined(PSA_WANT_ECC_SECP_K1_256)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
|
||||
#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255)
|
||||
#if defined(PSA_WANT_ECC_MONTGOMERY_255)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 0 },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448)
|
||||
#if defined(PSA_WANT_ECC_MONTGOMERY_448)
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 1 },
|
||||
#else
|
||||
{ MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 0 },
|
||||
|
||||
@@ -433,17 +433,16 @@ component_test_everest () {
|
||||
component_test_everest_curve25519_only () {
|
||||
msg "build: Everest ECDH context, only Curve25519" # ~ 6 min
|
||||
scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
|
||||
scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
|
||||
scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA
|
||||
scripts/config.py -c $CRYPTO_CONFIG_H set PSA_WANT_ALG_ECDH
|
||||
scripts/config.py unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
|
||||
scripts/config.py unset PSA_WANT_ALG_ECDSA
|
||||
scripts/config.py set PSA_WANT_ALG_ECDH
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_JPAKE
|
||||
scripts/config.py unset PSA_WANT_ALG_JPAKE
|
||||
|
||||
# Disable all curves
|
||||
scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED"
|
||||
scripts/config.py -c $CRYPTO_CONFIG_H unset-all "PSA_WANT_ECC_[0-9A-Z_a-z]*$"
|
||||
scripts/config.py -c $CRYPTO_CONFIG_H set PSA_WANT_ECC_MONTGOMERY_255
|
||||
scripts/config.py unset-all "PSA_WANT_ECC_[0-9A-Z_a-z]*$"
|
||||
scripts/config.py set PSA_WANT_ECC_MONTGOMERY_255
|
||||
|
||||
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
|
||||
@@ -257,26 +257,7 @@ REVERSE_DEPENDENCIES = {
|
||||
'PSA_WANT_ALG_CCM': ['PSA_WANT_ALG_CCM_STAR_NO_TAG'],
|
||||
'PSA_WANT_ALG_CMAC': ['PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128'],
|
||||
|
||||
# These reverse dependencies can be removed as part of issue
|
||||
# tf-psa-crypto#364.
|
||||
'PSA_WANT_ECC_BRAINPOOL_P_R1_256': ['MBEDTLS_ECP_DP_BP256R1_ENABLED'],
|
||||
'PSA_WANT_ECC_BRAINPOOL_P_R1_384': ['MBEDTLS_ECP_DP_BP384R1_ENABLED'],
|
||||
'PSA_WANT_ECC_BRAINPOOL_P_R1_512': ['MBEDTLS_ECP_DP_BP512R1_ENABLED'],
|
||||
'PSA_WANT_ECC_MONTGOMERY_255': ['MBEDTLS_ECP_DP_CURVE25519_ENABLED'],
|
||||
'PSA_WANT_ECC_MONTGOMERY_448': ['MBEDTLS_ECP_DP_CURVE448_ENABLED'],
|
||||
'PSA_WANT_ECC_SECP_R1_256': ['PSA_WANT_ALG_JPAKE',
|
||||
'MBEDTLS_ECP_DP_SECP256R1_ENABLED'],
|
||||
'PSA_WANT_ECC_SECP_R1_384': ['MBEDTLS_ECP_DP_SECP384R1_ENABLED'],
|
||||
'PSA_WANT_ECC_SECP_R1_521': ['MBEDTLS_ECP_DP_SECP521R1_ENABLED'],
|
||||
'PSA_WANT_ECC_SECP_K1_256': ['MBEDTLS_ECP_DP_SECP256K1_ENABLED'],
|
||||
|
||||
# Support for secp224[k|r]1 was removed in tfpsacrypto#408 while
|
||||
# secp192[k|r]1 were kept only for internal testing (hidden to the end
|
||||
# user). We need to keep these reverse dependencies here until
|
||||
# symbols are hidden/removed from crypto_config.h.
|
||||
'PSA_WANT_ECC_SECP_R1_192': ['MBEDTLS_ECP_DP_SECP192R1_ENABLED'],
|
||||
'PSA_WANT_ECC_SECP_R1_224': ['MBEDTLS_ECP_DP_SECP224R1_ENABLED'],
|
||||
'PSA_WANT_ECC_SECP_K1_192': ['MBEDTLS_ECP_DP_SECP192K1_ENABLED'],
|
||||
'PSA_WANT_ECC_SECP_R1_256': ['PSA_WANT_ALG_JPAKE'],
|
||||
|
||||
'PSA_WANT_ALG_ECDSA': ['PSA_WANT_ALG_DETERMINISTIC_ECDSA',
|
||||
'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'],
|
||||
|
||||
Reference in New Issue
Block a user