From ee4e6602bd86d9509fec936a8cef0aa1524f09d6 Mon Sep 17 00:00:00 2001 From: John Durkop Date: Fri, 27 Nov 2020 08:48:46 -0800 Subject: [PATCH] Use new MBEDTLS_PSA_BUILTIN_ macros for hashes in crypto library This set of changes converts all the previous MBEDTLS_*_C guards in the crypto library to use the new MBEDTLS_PSA_BUILTIN_ guards for hash algorithms. Signed-off-by: John Durkop --- library/psa_crypto.c | 109 ++++++++++++++++++++++++------------------- 1 file changed, 61 insertions(+), 48 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 66c8f65bc..2a4b968af 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2467,37 +2467,39 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) { switch( alg ) { -#if defined(MBEDTLS_MD2_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: return( &mbedtls_md2_info ); #endif -#if defined(MBEDTLS_MD4_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: return( &mbedtls_md4_info ); #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: return( &mbedtls_md5_info ); #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: return( &mbedtls_ripemd160_info ); #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: return( &mbedtls_sha1_info ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: return( &mbedtls_sha224_info ); +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: return( &mbedtls_sha256_info ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: return( &mbedtls_sha384_info ); #endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: return( &mbedtls_sha512_info ); #endif @@ -2519,39 +2521,41 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) * in use. It's ok to call abort on such an object, and there's * nothing to do. */ break; -#if defined(MBEDTLS_MD2_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_free( &operation->ctx.md2 ); break; #endif -#if defined(MBEDTLS_MD4_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_free( &operation->ctx.md4 ); break; #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_free( &operation->ctx.md5 ); break; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); break; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_free( &operation->ctx.sha1 ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: +#endif case PSA_ALG_SHA_256: mbedtls_sha256_free( &operation->ctx.sha256 ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: #endif case PSA_ALG_SHA_512: @@ -2578,53 +2582,55 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, switch( alg ) { -#if defined(MBEDTLS_MD2_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_init( &operation->ctx.md2 ); ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); break; #endif -#if defined(MBEDTLS_MD4_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_init( &operation->ctx.md4 ); ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); break; #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_init( &operation->ctx.md5 ); ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); break; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); break; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_init( &operation->ctx.sha1 ); ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); break; #endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); @@ -2655,45 +2661,47 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, switch( operation->alg ) { -#if defined(MBEDTLS_MD2_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: ret = mbedtls_md2_update_ret( &operation->ctx.md2, input, input_length ); break; #endif -#if defined(MBEDTLS_MD4_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: ret = mbedtls_md4_update_ret( &operation->ctx.md4, input, input_length ); break; #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_update_ret( &operation->ctx.md5, input, input_length ); break; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, input, input_length ); break; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, input, input_length ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: +#endif case PSA_ALG_SHA_256: ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, input, input_length ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: #endif case PSA_ALG_SHA_512: @@ -2702,6 +2710,7 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, break; #endif default: + (void)input; return( PSA_ERROR_BAD_STATE ); } @@ -2736,39 +2745,41 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, switch( operation->alg ) { -#if defined(MBEDTLS_MD2_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); break; #endif -#if defined(MBEDTLS_MD4_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); break; #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); break; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); break; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: +#endif case PSA_ALG_SHA_256: ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: #endif case PSA_ALG_SHA_512: @@ -2873,45 +2884,47 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, { case 0: return( PSA_ERROR_BAD_STATE ); -#if defined(MBEDTLS_MD2_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_clone( &target_operation->ctx.md2, &source_operation->ctx.md2 ); break; #endif -#if defined(MBEDTLS_MD4_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_clone( &target_operation->ctx.md4, &source_operation->ctx.md4 ); break; #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_clone( &target_operation->ctx.md5, &source_operation->ctx.md5 ); break; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, &source_operation->ctx.ripemd160 ); break; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_clone( &target_operation->ctx.sha1, &source_operation->ctx.sha1 ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: +#endif case PSA_ALG_SHA_256: mbedtls_sha256_clone( &target_operation->ctx.sha256, &source_operation->ctx.sha256 ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: #endif case PSA_ALG_SHA_512: