Minor updates to address review comments

Removed unecessary checks on the ALG_SHA_224 and ALG_SHA_384 since
those are handled in config_psa.h by ensuring the correct _C is
included. Reformatted config_psa.h to be alphabetical and made the
assignments line up correctly for consistency. Fixed the guards
for ALG_SHA_224 and ALG_SHA_384 to be correct in the crypto library
source.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
This commit is contained in:
John Durkop 2020-11-30 21:06:05 -08:00
parent 1b7ee05461
commit d62b678473
3 changed files with 163 additions and 181 deletions

View file

@ -40,51 +40,6 @@ extern "C" {
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
#if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
#define MBEDTLS_MD2_C
#endif
#if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
#define MBEDTLS_MD4_C
#endif
#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define MBEDTLS_MD5_C
#endif
#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
#define MBEDTLS_RIPEMD160_C
#endif
#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
#define MBEDTLS_SHA1_C
#endif
#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
#define MBEDTLS_SHA256_C
#endif
#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define MBEDTLS_SHA256_C
#endif
#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
#define MBEDTLS_SHA512_C
#endif
#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
#define MBEDTLS_SHA512_C
#endif
#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
@ -124,6 +79,26 @@ extern "C" {
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
#endif /* PSA_WANT_ALG_HMAC */ #endif /* PSA_WANT_ALG_HMAC */
#if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
#define MBEDTLS_MD2_C
#endif
#if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
#define MBEDTLS_MD4_C
#endif
#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define MBEDTLS_MD5_C
#endif
#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
#define MBEDTLS_RIPEMD160_C
#endif
#if defined(PSA_WANT_ALG_RSA_OAEP) #if defined(PSA_WANT_ALG_RSA_OAEP)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
@ -167,6 +142,31 @@ extern "C" {
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
#endif /* PSA_WANT_ALG_RSA_PSS */ #endif /* PSA_WANT_ALG_RSA_PSS */
#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
#define MBEDTLS_SHA1_C
#endif
#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
#define MBEDTLS_SHA256_C
#endif
#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define MBEDTLS_SHA256_C
#endif
#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
#define MBEDTLS_SHA512_C
#endif
#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
#define MBEDTLS_SHA512_C
#endif
#if defined(PSA_WANT_ALG_TLS12_PRF) #if defined(PSA_WANT_ALG_TLS12_PRF)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
@ -227,46 +227,6 @@ extern "C" {
* is not defined * is not defined
*/ */
#if defined(MBEDTLS_MD2_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
#define PSA_WANT_ALG_MD2 1
#endif
#if defined(MBEDTLS_MD4_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
#define PSA_WANT_ALG_MD4 1
#endif
#if defined(MBEDTLS_MD5_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define PSA_WANT_ALG_MD5 1
#endif
#if defined(MBEDTLS_RIPEMD160_C)
#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
#define PSA_WANT_ALG_RIPEMD160 1
#endif
#if defined(MBEDTLS_SHA1_C)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
#define PSA_WANT_ALG_SHA_1 1
#endif
#if defined(MBEDTLS_SHA256_C)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define PSA_WANT_ALG_SHA_256 1
#endif
#if defined(MBEDTLS_SHA512_C)
#if !defined(MBEDTLS_SHA512_NO_SHA384)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
#define PSA_WANT_ALG_SHA_384 1
#endif
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
#define PSA_WANT_ALG_SHA_512 1
#endif
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
#define PSA_WANT_ALG_ECDH 1 #define PSA_WANT_ALG_ECDH 1
@ -307,6 +267,26 @@ extern "C" {
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
#endif /* MBEDTLS_MD_C */ #endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_MD2_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
#define PSA_WANT_ALG_MD2 1
#endif
#if defined(MBEDTLS_MD4_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
#define PSA_WANT_ALG_MD4 1
#endif
#if defined(MBEDTLS_MD5_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define PSA_WANT_ALG_MD5 1
#endif
#if defined(MBEDTLS_RIPEMD160_C)
#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
#define PSA_WANT_ALG_RIPEMD160 1
#endif
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
#if defined(MBEDTLS_PKCS1_V15) #if defined(MBEDTLS_PKCS1_V15)
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
@ -326,6 +306,26 @@ extern "C" {
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_SHA1_C)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
#define PSA_WANT_ALG_SHA_1 1
#endif
#if defined(MBEDTLS_SHA256_C)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define PSA_WANT_ALG_SHA_256 1
#endif
#if defined(MBEDTLS_SHA512_C)
#if !defined(MBEDTLS_SHA512_NO_SHA384)
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
#define PSA_WANT_ALG_SHA_384 1
#endif
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
#define PSA_WANT_ALG_SHA_512 1
#endif
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
#ifdef __cplusplus #ifdef __cplusplus

View file

@ -64,16 +64,6 @@
#error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites" #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_SHA_224) && \
!( defined(PSA_WANT_ALG_SHA_256) )
#error "PSA_WANT_ALG_SHA224 defined, but not all prerequisites"
#endif
#if defined(PSA_WANT_ALG_SHA_384) && \
!( defined(PSA_WANT_ALG_SHA_512) )
#error "PSA_WANT_ALG_SHA384 defined, but not all prerequisites"
#endif
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \ #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
!defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
#error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR defined, but not all prerequisites" #error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR defined, but not all prerequisites"

View file

@ -2546,18 +2546,16 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
mbedtls_sha1_free( &operation->ctx.sha1 ); mbedtls_sha1_free( &operation->ctx.sha1 );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
#endif
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
mbedtls_sha256_free( &operation->ctx.sha256 ); mbedtls_sha256_free( &operation->ctx.sha256 );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
#endif
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
mbedtls_sha512_free( &operation->ctx.sha512 ); mbedtls_sha512_free( &operation->ctx.sha512 );
break; break;
@ -2691,19 +2689,17 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
#endif
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
#endif
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
input, input_length ); input, input_length );
@ -2770,18 +2766,16 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
#endif
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
#endif
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
break; break;
@ -2914,19 +2908,17 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation,
&source_operation->ctx.sha1 ); &source_operation->ctx.sha1 );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
#endif
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
mbedtls_sha256_clone( &target_operation->ctx.sha256, mbedtls_sha256_clone( &target_operation->ctx.sha256,
&source_operation->ctx.sha256 ); &source_operation->ctx.sha256 );
break; break;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
#endif
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
mbedtls_sha512_clone( &target_operation->ctx.sha512, mbedtls_sha512_clone( &target_operation->ctx.sha512,
&source_operation->ctx.sha512 ); &source_operation->ctx.sha512 );