Prioritize SHA2 over MD5 for KNOWN_SUPPORTED_HASH_ALG
This fixes the ability to exercise keys in configurations where MD5 is supported for direct use, but not inside some accelerated algorithms. This is the case in `all.sh test_psa_crypto_config_accel_ecc_ecp_light_only` and some other accelerated-ECC components of `all.sh`, where the driver is built without MD5 support but built-in MD5 remains enabled. This is only a hack, not a theoretically correct fix, but a correct fix is out of scope of my current work. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
34955677e5
commit
465e4ed56b
1 changed files with 9 additions and 9 deletions
|
@ -20,15 +20,7 @@
|
|||
*
|
||||
* This is used in some smoke tests.
|
||||
*/
|
||||
#if defined(PSA_WANT_ALG_MD5)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
|
||||
/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of
|
||||
* exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
|
||||
* in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
|
||||
* implausible anyway. */
|
||||
#elif defined(PSA_WANT_ALG_SHA_1)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
|
||||
#elif defined(PSA_WANT_ALG_SHA_256)
|
||||
#if defined(PSA_WANT_ALG_SHA_256)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
|
||||
#elif defined(PSA_WANT_ALG_SHA_384)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384
|
||||
|
@ -36,6 +28,14 @@
|
|||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_512
|
||||
#elif defined(PSA_WANT_ALG_SHA3_256)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256
|
||||
#elif defined(PSA_WANT_ALG_SHA_1)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
|
||||
#elif defined(PSA_WANT_ALG_MD5)
|
||||
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
|
||||
/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of
|
||||
* exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
|
||||
* in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
|
||||
* implausible anyway. */
|
||||
#else
|
||||
#undef KNOWN_SUPPORTED_HASH_ALG
|
||||
#endif
|
||||
|
|
Loading…
Reference in a new issue