Merge pull request #5783 from mprse/md_dep_v3

Fix undeclared dependencies: MD
This commit is contained in:
Manuel Pégourié-Gonnard 2022-05-10 10:41:32 +02:00 committed by GitHub
commit 42650260a9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 72 additions and 12 deletions

View file

@ -153,6 +153,18 @@
#error "MBEDTLS_PKCS5_C defined, but not all prerequesites"
#endif
#if defined(MBEDTLS_PKCS12_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_PKCS12_C defined, but not all prerequesites"
#endif
#if defined(MBEDTLS_PKCS1_V15) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_PKCS1_V15 defined, but not all prerequesites"
#endif
#if defined(MBEDTLS_PKCS1_V21) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_PKCS1_V21 defined, but not all prerequesites"
#endif
#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \
!defined(MBEDTLS_SHA256_C))
#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
@ -342,7 +354,7 @@
#endif
#if defined(MBEDTLS_PK_C) && \
( !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) )
( !defined(MBEDTLS_MD_C) || ( !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) ) )
#error "MBEDTLS_PK_C defined, but not all prerequisites"
#endif

View file

@ -1129,7 +1129,7 @@
*
* Enable support for PKCS#1 v1.5 encoding.
*
* Requires: MBEDTLS_RSA_C
* Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
*
* This enables support for PKCS#1 v1.5 operations.
*/
@ -2401,7 +2401,24 @@
* Enable the generic message digest layer.
*
* Module: library/md.c
* Caller:
* Caller: library/constant_time.c
* library/ecdsa.c
* library/ecjpake.c
* library/hkdf.c
* library/hmac_drbg.c
* library/pk.c
* library/pkcs5.c
* library/pkcs12.c
* library/psa_crypto_ecp.c
* library/psa_crypto_rsa.c
* library/rsa.c
* library/ssl_cookie.c
* library/ssl_msg.c
* library/ssl_tls.c
* library/x509.c
* library/x509_crt.c
* library/x509write_crt.c
* library/x509write_csr.c
*
* Uncomment to enable generic message digest wrappers.
*/
@ -2546,7 +2563,7 @@
* library/ssl*_server.c
* library/x509.c
*
* Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
* Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C
*
* Uncomment to enable generic public key wrappers.
*/

View file

@ -49,10 +49,6 @@
#include <string.h>
#if defined(MBEDTLS_PKCS1_V21)
#include "mbedtls/md.h"
#endif
#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__) && !defined(__NetBSD__)
#include <stdlib.h>
#endif

View file

@ -1203,6 +1203,30 @@ component_test_psa_external_rng_no_drbg_use_psa () {
tests/ssl-opt.sh -f 'Default\|opaque'
}
component_test_crypto_full_no_md () {
msg "build: crypto_full minus MD"
scripts/config.py crypto_full
scripts/config.py unset MBEDTLS_MD_C
# Direct dependencies
scripts/config.py unset MBEDTLS_ECJPAKE_C
scripts/config.py unset MBEDTLS_HKDF_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_PK_C
scripts/config.py unset MBEDTLS_PKCS1_V15
scripts/config.py unset MBEDTLS_PKCS1_V21
scripts/config.py unset MBEDTLS_PKCS5_C
scripts/config.py unset MBEDTLS_PKCS12_C
# Indirect dependencies
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
scripts/config.py unset MBEDTLS_PK_PARSE_C
scripts/config.py unset MBEDTLS_PK_WRITE_C
scripts/config.py unset MBEDTLS_RSA_C
make
msg "test: crypto_full minus MD"
make test
}
component_test_psa_external_rng_use_psa_crypto () {
msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
scripts/config.py full

View file

@ -165,6 +165,7 @@ class NotSupported:
ALWAYS_SUPPORTED = frozenset([
'PSA_KEY_TYPE_DERIVE',
'PSA_KEY_TYPE_RAW_DATA',
'PSA_KEY_TYPE_HMAC'
])
def test_cases_for_key_type_not_supported(
self,

View file

@ -82,7 +82,7 @@ void oid_get_x509_extension( data_t *oid, int exp_type )
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
void oid_get_md_alg_id( data_t *oid, int exp_md_id )
{
mbedtls_asn1_buf md_oid = { 0, 0, NULL };

View file

@ -170,6 +170,7 @@ static psa_status_t counter_allocate( psa_drv_se_context_t *context,
}
/* Null import: do nothing, but pretend it worked. */
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
static psa_status_t null_import( psa_drv_se_context_t *context,
psa_key_slot_number_t slot_number,
const psa_key_attributes_t *attributes,
@ -186,8 +187,10 @@ static psa_status_t null_import( psa_drv_se_context_t *context,
*bits = PSA_BYTES_TO_BITS( data_length );
return( PSA_SUCCESS );
}
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
/* Null generate: do nothing, but pretend it worked. */
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
static psa_status_t null_generate( psa_drv_se_context_t *context,
psa_key_slot_number_t slot_number,
const psa_key_attributes_t *attributes,
@ -208,6 +211,7 @@ static psa_status_t null_generate( psa_drv_se_context_t *context,
return( PSA_SUCCESS );
}
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
/* Null destroy: do nothing, but pretend it worked. */
static psa_status_t null_destroy( psa_drv_se_context_t *context,
@ -635,6 +639,7 @@ exit:
/* Check that a function's return status is "smoke-free", i.e. that
* it's an acceptable error code when calling an API function that operates
* on a key with potentially bogus parameters. */
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
static int is_status_smoke_free( psa_status_t status )
{
switch( status )
@ -651,6 +656,8 @@ static int is_status_smoke_free( psa_status_t status )
return( 0 );
}
}
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
#define SMOKE_ASSERT( expr ) \
TEST_ASSERT( is_status_smoke_free( expr ) )
@ -658,6 +665,7 @@ static int is_status_smoke_free( psa_status_t status )
* mostly bogus parameters: the goal is to ensure that there is no memory
* corruption or crash. This test function is most useful when run under
* an environment with sanity checks such as ASan or MSan. */
#if defined(AT_LEAST_ONE_BUILTIN_KDF)
static int smoke_test_key( mbedtls_svc_key_id_t key )
{
int ok = 0;
@ -766,6 +774,7 @@ exit:
return( ok );
}
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
static void psa_purge_storage( void )
{
@ -1073,7 +1082,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:AT_LEAST_ONE_BUILTIN_KDF */
void import_key_smoke( int type_arg, int alg_arg,
data_t *key_material )
{
@ -1186,7 +1195,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:AT_LEAST_ONE_BUILTIN_KDF */
void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
{
psa_key_type_t type = type_arg;

View file

@ -87,7 +87,7 @@ int ca_callback_fail( void *data, mbedtls_x509_crt const *child, mbedtls_x509_cr
return -1;
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
int ca_callback( void *data, mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidates )
{
@ -141,6 +141,7 @@ exit:
*candidates = first;
return( ret );
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags )