Introduce MBEDTLS_OR_PSA_WANT_xxx helper macros
Currently just replacing existing uses, but the real point of having these conditions as a single macro is that we'll be able to use them in tests case dependencies, see next commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
3637c516a4
commit
f88b1b5375
@ -311,7 +311,7 @@ readability or testability.
|
||||
|
||||
**Strategy for step 3:**
|
||||
|
||||
There are currently two (competing) ways for crypto-using code to check if a
|
||||
There are currently two (complementary) ways for crypto-using code to check if a
|
||||
particular algorithm is supported: using `MBEDTLS_xxx` macros, and using
|
||||
`PSA_WANT_xxx` macros. For example, PSA-based code that want to use SHA-256
|
||||
will check for `PSA_WANT_ALG_SHA_256`, while legacy-based code that wants to
|
||||
@ -331,7 +331,7 @@ information tables that are not tied to a particular crypto API, and may be
|
||||
used by functions that are either purely PSA-based, purely legacy-based, or
|
||||
hybrid governed by `MBEDTL_USE_PSA_CRYPTO` should use `MBEDTLS_xxx ||
|
||||
PSA_WANT_xxx` - for example, `oid_md_alg` from `oid.c`, used by both X.509 and
|
||||
RSA.
|
||||
RSA. A new family of macros `MBEDTLS_OR_PSA_WANT_xxx` is defined for this.
|
||||
|
||||
To sum up, there are 4 categories:
|
||||
|
||||
@ -340,7 +340,7 @@ To sum up, there are 4 categories:
|
||||
- hybrid code governed by `MBEDTLS_USE_PSA_CRYPTO` can use
|
||||
`MBEDTLS_USE_PSA_WANT_xxx` to express dependencies in common parts;
|
||||
- data and crypto-agnostic helpers that can be used by code from at least two
|
||||
of the above categories should depend on `MBEDTLS_xxx || PSA_WANT_xxx`.
|
||||
of the above categories should depend on `MBEDTLS_OR_PSA_WANT_xxx`.
|
||||
|
||||
|
||||
Migrating away from the legacy API
|
||||
|
@ -24,6 +24,7 @@
|
||||
#include "common.h"
|
||||
|
||||
#include "mbedtls/md.h"
|
||||
#include "or_psa_helpers.h"
|
||||
|
||||
/** Get the output length of the given hash type
|
||||
*
|
||||
@ -35,29 +36,29 @@ static inline unsigned char mbedtls_md_internal_get_size( mbedtls_md_type_t md_t
|
||||
{
|
||||
switch( md_type )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_MD5)
|
||||
case MBEDTLS_MD_MD5:
|
||||
return( 16 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160) || \
|
||||
defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_RIPEMD160) || \
|
||||
defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_1)
|
||||
case MBEDTLS_MD_RIPEMD160:
|
||||
case MBEDTLS_MD_SHA1:
|
||||
return( 20 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_224)
|
||||
case MBEDTLS_MD_SHA224:
|
||||
return( 28 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_256)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
return( 32 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_384)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return( 48 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_512)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return( 64 );
|
||||
#endif
|
||||
|
@ -27,6 +27,8 @@
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#include "or_psa_helpers.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
@ -596,43 +598,43 @@ typedef struct {
|
||||
|
||||
static const oid_md_alg_t oid_md_alg[] =
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_MD5)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5" ),
|
||||
MBEDTLS_MD_MD5,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_1)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA1, "id-sha1", "SHA-1" ),
|
||||
MBEDTLS_MD_SHA1,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_224)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA224, "id-sha224", "SHA-224" ),
|
||||
MBEDTLS_MD_SHA224,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_256)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA256, "id-sha256", "SHA-256" ),
|
||||
MBEDTLS_MD_SHA256,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_384)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384" ),
|
||||
MBEDTLS_MD_SHA384,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_SHA_512)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512" ),
|
||||
MBEDTLS_MD_SHA512,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160)
|
||||
#if defined(MBEDTLS_OR_PSA_WANT_ALG_RIPEMD160)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160" ),
|
||||
MBEDTLS_MD_RIPEMD160,
|
||||
|
56
library/or_psa_helpers.h
Normal file
56
library/or_psa_helpers.h
Normal file
@ -0,0 +1,56 @@
|
||||
/**
|
||||
* Internal macros for parts of the code that depend on an algorithm being
|
||||
* available either via the legacy API or the PSA Crypto API.
|
||||
*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_OR_PSA_HELPERS_H
|
||||
#define MBEDTLS_OR_PSA_HELPERS_H
|
||||
|
||||
#include "common.h"
|
||||
|
||||
/* Hash algorithms */
|
||||
#if defined(MBEDTLS_MD5_C) || \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
|
||||
#define MBEDTLS_OR_PSA_WANT_ALG_MD5
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C) || \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
|
||||
#define MBEDTLS_OR_PSA_WANT_ALG_RIPEMD160
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C) || \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
|
||||
#define MBEDTLS_OR_PSA_WANT_ALG_SHA_1
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C) || \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
|
||||
#define MBEDTLS_OR_PSA_WANT_ALG_SHA_224
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C) || \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
|
||||
#define MBEDTLS_OR_PSA_WANT_ALG_SHA_256
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C) || \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
|
||||
#define MBEDTLS_OR_PSA_WANT_ALG_SHA_384
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C) || \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
|
||||
#define MBEDTLS_OR_PSA_WANT_ALG_SHA_512
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_OR_PSA_HELPERS_H */
|
Loading…
Reference in New Issue
Block a user