Merge pull request #8666 from valeriosetti/issue8340
Export the mbedtls_md_psa_alg_from_type function
This commit is contained in:
commit
4d4891e18a
24 changed files with 65 additions and 56 deletions
4
ChangeLog.d/8340.txt
Normal file
4
ChangeLog.d/8340.txt
Normal file
|
@ -0,0 +1,4 @@
|
|||
Features
|
||||
* Add functions mbedtls_md_psa_alg_from_type() and
|
||||
mbedtls_md_type_from_psa_alg() to convert between mbedtls_md_type_t and
|
||||
psa_algorithm_t.
|
|
@ -443,6 +443,10 @@ The equivalent to `mbedtls_md_type_t` and `MBEDTLS_MD_XXX` constants is the type
|
|||
| `MBEDTLS_MD_SHA3_384` | `PSA_ALG_SHA3_384` |
|
||||
| `MBEDTLS_MD_SHA3_512` | `PSA_ALG_SHA3_512` |
|
||||
|
||||
The following helper functions can be used to convert between the 2 types:
|
||||
- `mbedtls_md_psa_alg_from_type()` converts from legacy `mbedtls_md_type_t` to PSA's `psa_algorithm_t`.
|
||||
- `mbedtls_md_type_from_psa_alg()` converts from PSA's `psa_algorithm_t` to legacy `mbedtls_md_type_t`.
|
||||
|
||||
### MAC mechanism selection
|
||||
|
||||
PSA Crypto has a generic API with the same functions for all MAC mechanisms. The mechanism is determined by a combination of an algorithm value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69) and a key type value of type [`psa_key_type_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga63fce6880ca5933b5d6baa257febf1f6).
|
||||
|
|
|
@ -139,6 +139,43 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family,
|
|||
size_t bits);
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
|
||||
/**
|
||||
* \brief This function returns the PSA algorithm identifier
|
||||
* associated with the given digest type.
|
||||
*
|
||||
* \param md_type The type of digest to search for. Must not be NONE.
|
||||
*
|
||||
* \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will
|
||||
* not return \c PSA_ALG_NONE, but an invalid algorithm.
|
||||
*
|
||||
* \warning This function does not check if the algorithm is
|
||||
* supported, it always returns the corresponding identifier.
|
||||
*
|
||||
* \return The PSA algorithm identifier associated with \p md_type,
|
||||
* regardless of whether it is supported or not.
|
||||
*/
|
||||
static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type)
|
||||
{
|
||||
return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief This function returns the given digest type
|
||||
* associated with the PSA algorithm identifier.
|
||||
*
|
||||
* \param psa_alg The PSA algorithm identifier to search for.
|
||||
*
|
||||
* \warning This function does not check if the algorithm is
|
||||
* supported, it always returns the corresponding identifier.
|
||||
*
|
||||
* \return The MD type associated with \p psa_alg,
|
||||
* regardless of whether it is supported or not.
|
||||
*/
|
||||
static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg)
|
||||
{
|
||||
return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK);
|
||||
}
|
||||
|
||||
/**@}*/
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
|
|
@ -15,43 +15,6 @@
|
|||
#include "mbedtls/md.h"
|
||||
#include "psa/crypto.h"
|
||||
|
||||
/**
|
||||
* \brief This function returns the PSA algorithm identifier
|
||||
* associated with the given digest type.
|
||||
*
|
||||
* \param md_type The type of digest to search for. Must not be NONE.
|
||||
*
|
||||
* \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will
|
||||
* not return \c PSA_ALG_NONE, but an invalid algorithm.
|
||||
*
|
||||
* \warning This function does not check if the algorithm is
|
||||
* supported, it always returns the corresponding identifier.
|
||||
*
|
||||
* \return The PSA algorithm identifier associated with \p md_type,
|
||||
* regardless of whether it is supported or not.
|
||||
*/
|
||||
static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type)
|
||||
{
|
||||
return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief This function returns the given digest type
|
||||
* associated with the PSA algorithm identifier.
|
||||
*
|
||||
* \param psa_alg The PSA algorithm identifier to search for.
|
||||
*
|
||||
* \warning This function does not check if the algorithm is
|
||||
* supported, it always returns the corresponding identifier.
|
||||
*
|
||||
* \return The MD type associated with \p psa_alg,
|
||||
* regardless of whether it is supported or not.
|
||||
*/
|
||||
static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg)
|
||||
{
|
||||
return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK);
|
||||
}
|
||||
|
||||
/** Convert PSA status to MD error code.
|
||||
*
|
||||
* \param status PSA status.
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "psa_util_internal.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#endif
|
||||
|
||||
#include <limits.h>
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
#include "pk_wrap.h"
|
||||
#include "pk_internal.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
/* Even if RSA not activated, for the sake of RSA-alt */
|
||||
#include "mbedtls/rsa.h"
|
||||
|
|
|
@ -70,7 +70,7 @@
|
|||
#include "mbedtls/sha1.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
#include "mbedtls/sha512.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
#include "psa_crypto_core.h"
|
||||
#include "psa_crypto_ecp.h"
|
||||
#include "psa_crypto_random_impl.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
#include "psa_crypto_random_impl.h"
|
||||
#include "psa_crypto_rsa.h"
|
||||
#include "psa_crypto_hash.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
#include "mbedtls/ssl.h"
|
||||
#include "ssl_misc.h"
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
/* Define a local translating function to save code size by not using too many
|
||||
* arguments in each translating place. */
|
||||
static int local_err_translation(psa_status_t status)
|
||||
|
|
|
@ -29,6 +29,7 @@
|
|||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "mbedtls/psa_util.h"
|
||||
#include "md_psa.h"
|
||||
#include "psa_util_internal.h"
|
||||
#include "psa/crypto.h"
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
#include "ssl_client.h"
|
||||
#include "ssl_tls13_keys.h"
|
||||
#include "ssl_debug_helpers.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
|
||||
/* Define a local translating function to save code size by not using too many
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
#include "mbedtls/platform.h"
|
||||
#include "mbedtls/constant_time.h"
|
||||
#include "psa/crypto.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#include "ssl_misc.h"
|
||||
#include "ssl_tls13_invasive.h"
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
#include "ssl_tls13_invasive.h"
|
||||
|
||||
#include "psa/crypto.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
/* Define a local translating function to save code size by not using too many
|
||||
* arguments in each translating place. */
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
#include "mbedtls/platform.h"
|
||||
#include "mbedtls/constant_time.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#include "ssl_misc.h"
|
||||
#include "ssl_tls13_keys.h"
|
||||
|
|
|
@ -35,7 +35,7 @@
|
|||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_util_internal.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
#include "pk_internal.h"
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@
|
|||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_util_internal.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx)
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_util_internal.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#include <string.h>
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
*/
|
||||
|
||||
#include <test/ssl_helpers.h>
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS_C)
|
||||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
#include <mbedtls/constant_time.h>
|
||||
#include <mbedtls/md.h>
|
||||
#include <constant_time_internal.h>
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#include <ssl_misc.h>
|
||||
|
||||
#include <test/constant_flow.h>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/md.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/asn1.h"
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
* but the test code generator requires test case data to be valid C code
|
||||
* unconditionally (https://github.com/Mbed-TLS/mbedtls/issues/2023). */
|
||||
#include "psa/crypto.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
/* Used for properly sizing the key buffer in pk_genkey_ec() */
|
||||
#include "psa_util_internal.h"
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/asn1write.h"
|
||||
#include "mbedtls/pk.h"
|
||||
#include "md_psa.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen,
|
||||
|
|
Loading…
Reference in a new issue