mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-26 00:55:28 +00:00
8cb22c8d87
The current definition of PSA_ALG_IS_HASH_AND_SIGN includes PSA_ALG_RSA_PKCS1V15_SIGN_RAW and PSA_ALG_ECDSA_ANY, which don't strictly follow the hash-and-sign paradigm: the algorithm does not encode a hash algorithm that is applied prior to the signature step. The definition in fact encompasses what can be used with psa_sign_hash/psa_verify_hash, so it's the correct definition for PSA_ALG_IS_SIGN_HASH. Therefore this commit moves definition of PSA_ALG_IS_HASH_AND_SIGN to PSA_ALG_IS_SIGN_HASH, and replace the definition of PSA_ALG_IS_HASH_AND_SIGN by a correct one (based on PSA_ALG_IS_SIGN_HASH, excluding the algorithms where the pre-signature step isn't to apply the hash encoded in the algorithm). In the definition of PSA_ALG_SIGN_GET_HASH, keep the condition for a nonzero output to be PSA_ALG_IS_HASH_AND_SIGN. Everywhere else in the code base (definition of PSA_ALG_IS_SIGN_MESSAGE, and every use of PSA_ALG_IS_HASH_AND_SIGN outside of crypto_values.h), we meant PSA_ALG_IS_SIGN_HASH where we wrote PSA_ALG_IS_HASH_AND_SIGN, so do a global replacement. ``` git grep -l IS_HASH_AND_SIGN ':!include/psa/crypto_values.h' | xargs perl -i -pe 's/ALG_IS_HASH_AND_SIGN/ALG_IS_SIGN_HASH/g' ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> |
||
---|---|---|
.. | ||
crypto.h | ||
crypto_builtin_composites.h | ||
crypto_builtin_primitives.h | ||
crypto_compat.h | ||
crypto_config.h | ||
crypto_driver_common.h | ||
crypto_driver_contexts_composites.h | ||
crypto_driver_contexts_primitives.h | ||
crypto_extra.h | ||
crypto_platform.h | ||
crypto_se_driver.h | ||
crypto_sizes.h | ||
crypto_struct.h | ||
crypto_types.h | ||
crypto_values.h |