yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Make MBEDTLS_MD_LIGHT private for now.

Browse source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2023-02-23 13:02:13 +01:00
parent cacc0ea144
commit 0d4152186d
4 changed files with 17 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
include/mbedtls/mbedtls_config.h
View file

@ -2644,7 +2644,6 @@
* \def MBEDTLS_MD_C * \def MBEDTLS_MD_C
* *
* Enable the generic layer for message digest (hashing) and HMAC. * Enable the generic layer for message digest (hashing) and HMAC.
* This will automatically enable #MBEDTLS_MD_LIGHT
* *
* Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C,
* MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C,
@ -2673,25 +2672,6 @@
*/ */
#define MBEDTLS_MD_C #define MBEDTLS_MD_C
/**
* \def MBEDTLS_MD_LIGHT
*
* Enable the "light" subset of #MBEDTLS_MD_C: just hashing and basic
* meta-data (see md.h for details).
*
* This is automatically enabled whenever #MBEDTLS_MD_C is enabled, but it is
* possible to enable this without #MBEDTLS_MD_C if support for HMAC or extra
* metadata functions is not needed.
*
* Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C,
* MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C,
* MBEDTLS_SHA512_C.
* Module: library/md.c
*
* Uncomment to enabled the "light" subsect of MD.
*/
#define MBEDTLS_MD_LIGHT
/** /**
* \def MBEDTLS_MD5_C * \def MBEDTLS_MD5_C
* *

17
include/mbedtls/md.h
View file

@ -4,16 +4,6 @@
* \brief This file contains the generic functions for message-digest * \brief This file contains the generic functions for message-digest
* (hashing) and HMAC. * (hashing) and HMAC.
* *
* Availability of functions in this module is controlled by two
* feature macros:
* - #MBEDTLS_MD_C enables the whole module;
* - #MBEDTLS_MD_LIGHT enables only functions for hashing and accessing
* most hash metadata (everything except string names); is it
* automatically set whenever #MBEDTLS_MD_C is defined.
*
* The functions that are only available when #MBEDTLS_MD_C is defined
* are grouped at the end of the file and guarded by this macro.
*
* \author Adriaan de Jong <dejong@fox-it.com> * \author Adriaan de Jong <dejong@fox-it.com>
*/ */
/* /*
@ -300,12 +290,6 @@ MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output); unsigned char *output);
/************************************************************************
* Functions below this separator are not part of MBEDTLS_MD_LIGHT *
* and require MBEDTLS_MD_C *
************************************************************************/
#if defined(MBEDTLS_MD_C)
/** /**
* \brief This function returns the list of digests supported by the * \brief This function returns the list of digests supported by the
* generic digest module. * generic digest module.
@ -487,7 +471,6 @@ MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output); unsigned char *output);
#endif /* MBEDTLS_MD_C */
#ifdef __cplusplus #ifdef __cplusplus
} }

14
library/md.c
View file

@ -23,6 +23,20 @@
#include "common.h" #include "common.h"
/*
* Availability of functions in this module is controlled by two
* feature macros:
* - MBEDTLS_MD_C enables the whole module;
* - MBEDTLS_MD_LIGHT enables only functions for hashing and accessing
* most hash metadata (everything except string names); is it
* automatically set whenever MBEDTLS_MD_C is defined.
*
* In the future we may want to change the contract of some functions
* (behaviour with NULL arguments) depending on whether MD_C is defined or
* only MD_LIGHT. Also, the exact scope of MD_LIGHT might vary.
*
* For these reasons, we're keeping MD_LIGHT internal for now.
*/
#if defined(MBEDTLS_MD_LIGHT) #if defined(MBEDTLS_MD_LIGHT)
#include "mbedtls/md.h" #include "mbedtls/md.h"

6
tests/scripts/all.sh
View file

@ -1231,11 +1231,11 @@ component_test_crypto_full_md_light_only () {
# Disable indirect dependencies of MD # Disable indirect dependencies of MD
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # needs HMAC_DRBG scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # needs HMAC_DRBG
# Enable "light" subset of MD # Enable "light" subset of MD
scripts/config.py set MBEDTLS_MD_LIGHT make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_MD_LIGHT" LDFLAGS="$ASAN_CFLAGS"
make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
# Make sure we don't have the HMAC functions # Make sure we don't have the HMAC functions, but the hashing functions
not grep mbedtls_md_hmac library/md.o not grep mbedtls_md_hmac library/md.o
grep mbedtls_md library/md.o
msg "test: crypto_full with only the light subset of MD" msg "test: crypto_full with only the light subset of MD"
make test make test