Merge pull request #5783 from mprse/md_dep_v3
Fix undeclared dependencies: MD
This commit is contained in:
commit
42650260a9
8 changed files with 72 additions and 12 deletions
|
@ -153,6 +153,18 @@
|
|||
#error "MBEDTLS_PKCS5_C defined, but not all prerequesites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS12_C) && !defined(MBEDTLS_MD_C)
|
||||
#error "MBEDTLS_PKCS12_C defined, but not all prerequesites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V15) && !defined(MBEDTLS_MD_C)
|
||||
#error "MBEDTLS_PKCS1_V15 defined, but not all prerequesites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V21) && !defined(MBEDTLS_MD_C)
|
||||
#error "MBEDTLS_PKCS1_V21 defined, but not all prerequesites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \
|
||||
!defined(MBEDTLS_SHA256_C))
|
||||
#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
|
||||
|
@ -342,7 +354,7 @@
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PK_C) && \
|
||||
( !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) )
|
||||
( !defined(MBEDTLS_MD_C) || ( !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) ) )
|
||||
#error "MBEDTLS_PK_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
|
|
|
@ -1129,7 +1129,7 @@
|
|||
*
|
||||
* Enable support for PKCS#1 v1.5 encoding.
|
||||
*
|
||||
* Requires: MBEDTLS_RSA_C
|
||||
* Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
|
||||
*
|
||||
* This enables support for PKCS#1 v1.5 operations.
|
||||
*/
|
||||
|
@ -2401,7 +2401,24 @@
|
|||
* Enable the generic message digest layer.
|
||||
*
|
||||
* Module: library/md.c
|
||||
* Caller:
|
||||
* Caller: library/constant_time.c
|
||||
* library/ecdsa.c
|
||||
* library/ecjpake.c
|
||||
* library/hkdf.c
|
||||
* library/hmac_drbg.c
|
||||
* library/pk.c
|
||||
* library/pkcs5.c
|
||||
* library/pkcs12.c
|
||||
* library/psa_crypto_ecp.c
|
||||
* library/psa_crypto_rsa.c
|
||||
* library/rsa.c
|
||||
* library/ssl_cookie.c
|
||||
* library/ssl_msg.c
|
||||
* library/ssl_tls.c
|
||||
* library/x509.c
|
||||
* library/x509_crt.c
|
||||
* library/x509write_crt.c
|
||||
* library/x509write_csr.c
|
||||
*
|
||||
* Uncomment to enable generic message digest wrappers.
|
||||
*/
|
||||
|
@ -2546,7 +2563,7 @@
|
|||
* library/ssl*_server.c
|
||||
* library/x509.c
|
||||
*
|
||||
* Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
|
||||
* Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C
|
||||
*
|
||||
* Uncomment to enable generic public key wrappers.
|
||||
*/
|
||||
|
|
|
@ -49,10 +49,6 @@
|
|||
|
||||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V21)
|
||||
#include "mbedtls/md.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__) && !defined(__NetBSD__)
|
||||
#include <stdlib.h>
|
||||
#endif
|
||||
|
|
|
@ -1203,6 +1203,30 @@ component_test_psa_external_rng_no_drbg_use_psa () {
|
|||
tests/ssl-opt.sh -f 'Default\|opaque'
|
||||
}
|
||||
|
||||
component_test_crypto_full_no_md () {
|
||||
msg "build: crypto_full minus MD"
|
||||
scripts/config.py crypto_full
|
||||
scripts/config.py unset MBEDTLS_MD_C
|
||||
# Direct dependencies
|
||||
scripts/config.py unset MBEDTLS_ECJPAKE_C
|
||||
scripts/config.py unset MBEDTLS_HKDF_C
|
||||
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
|
||||
scripts/config.py unset MBEDTLS_PK_C
|
||||
scripts/config.py unset MBEDTLS_PKCS1_V15
|
||||
scripts/config.py unset MBEDTLS_PKCS1_V21
|
||||
scripts/config.py unset MBEDTLS_PKCS5_C
|
||||
scripts/config.py unset MBEDTLS_PKCS12_C
|
||||
# Indirect dependencies
|
||||
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
|
||||
scripts/config.py unset MBEDTLS_PK_PARSE_C
|
||||
scripts/config.py unset MBEDTLS_PK_WRITE_C
|
||||
scripts/config.py unset MBEDTLS_RSA_C
|
||||
make
|
||||
|
||||
msg "test: crypto_full minus MD"
|
||||
make test
|
||||
}
|
||||
|
||||
component_test_psa_external_rng_use_psa_crypto () {
|
||||
msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
|
||||
scripts/config.py full
|
||||
|
|
|
@ -165,6 +165,7 @@ class NotSupported:
|
|||
ALWAYS_SUPPORTED = frozenset([
|
||||
'PSA_KEY_TYPE_DERIVE',
|
||||
'PSA_KEY_TYPE_RAW_DATA',
|
||||
'PSA_KEY_TYPE_HMAC'
|
||||
])
|
||||
def test_cases_for_key_type_not_supported(
|
||||
self,
|
||||
|
|
|
@ -82,7 +82,7 @@ void oid_get_x509_extension( data_t *oid, int exp_type )
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
|
||||
void oid_get_md_alg_id( data_t *oid, int exp_md_id )
|
||||
{
|
||||
mbedtls_asn1_buf md_oid = { 0, 0, NULL };
|
||||
|
|
|
@ -170,6 +170,7 @@ static psa_status_t counter_allocate( psa_drv_se_context_t *context,
|
|||
}
|
||||
|
||||
/* Null import: do nothing, but pretend it worked. */
|
||||
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
|
||||
static psa_status_t null_import( psa_drv_se_context_t *context,
|
||||
psa_key_slot_number_t slot_number,
|
||||
const psa_key_attributes_t *attributes,
|
||||
|
@ -186,8 +187,10 @@ static psa_status_t null_import( psa_drv_se_context_t *context,
|
|||
*bits = PSA_BYTES_TO_BITS( data_length );
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
|
||||
|
||||
/* Null generate: do nothing, but pretend it worked. */
|
||||
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
|
||||
static psa_status_t null_generate( psa_drv_se_context_t *context,
|
||||
psa_key_slot_number_t slot_number,
|
||||
const psa_key_attributes_t *attributes,
|
||||
|
@ -208,6 +211,7 @@ static psa_status_t null_generate( psa_drv_se_context_t *context,
|
|||
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
|
||||
|
||||
/* Null destroy: do nothing, but pretend it worked. */
|
||||
static psa_status_t null_destroy( psa_drv_se_context_t *context,
|
||||
|
@ -635,6 +639,7 @@ exit:
|
|||
/* Check that a function's return status is "smoke-free", i.e. that
|
||||
* it's an acceptable error code when calling an API function that operates
|
||||
* on a key with potentially bogus parameters. */
|
||||
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
|
||||
static int is_status_smoke_free( psa_status_t status )
|
||||
{
|
||||
switch( status )
|
||||
|
@ -651,6 +656,8 @@ static int is_status_smoke_free( psa_status_t status )
|
|||
return( 0 );
|
||||
}
|
||||
}
|
||||
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
|
||||
|
||||
#define SMOKE_ASSERT( expr ) \
|
||||
TEST_ASSERT( is_status_smoke_free( expr ) )
|
||||
|
||||
|
@ -658,6 +665,7 @@ static int is_status_smoke_free( psa_status_t status )
|
|||
* mostly bogus parameters: the goal is to ensure that there is no memory
|
||||
* corruption or crash. This test function is most useful when run under
|
||||
* an environment with sanity checks such as ASan or MSan. */
|
||||
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
|
||||
static int smoke_test_key( mbedtls_svc_key_id_t key )
|
||||
{
|
||||
int ok = 0;
|
||||
|
@ -766,6 +774,7 @@ exit:
|
|||
|
||||
return( ok );
|
||||
}
|
||||
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
|
||||
|
||||
static void psa_purge_storage( void )
|
||||
{
|
||||
|
@ -1073,7 +1082,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:AT_LEAST_ONE_BUILTIN_KDF */
|
||||
void import_key_smoke( int type_arg, int alg_arg,
|
||||
data_t *key_material )
|
||||
{
|
||||
|
@ -1186,7 +1195,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:AT_LEAST_ONE_BUILTIN_KDF */
|
||||
void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
|
||||
{
|
||||
psa_key_type_t type = type_arg;
|
||||
|
|
|
@ -87,7 +87,7 @@ int ca_callback_fail( void *data, mbedtls_x509_crt const *child, mbedtls_x509_cr
|
|||
|
||||
return -1;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
int ca_callback( void *data, mbedtls_x509_crt const *child,
|
||||
mbedtls_x509_crt **candidates )
|
||||
{
|
||||
|
@ -141,6 +141,7 @@ exit:
|
|||
*candidates = first;
|
||||
return( ret );
|
||||
}
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
|
||||
|
||||
int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags )
|
||||
|
|
Loading…
Reference in a new issue