diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index e66032d68..0048cee16 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -99,6 +99,7 @@ */ #if defined(MBEDTLS_ECJPAKE_C) || \ defined(MBEDTLS_PEM_PARSE_C) || \ + defined(MBEDTLS_ENTROPY_C) || \ defined(MBEDTLS_PKCS12_C) || \ defined(MBEDTLS_RSA_C) #define MBEDTLS_MD_LIGHT @@ -120,7 +121,31 @@ #define MBEDTLS_PK_PARSE_C #endif +/* The following blocks make it easier to disable all of TLS, + * or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all + * key exchanges, options and extensions related to them. */ + +#if !defined(MBEDTLS_SSL_TLS_C) +#undef MBEDTLS_SSL_CLI_C +#undef MBEDTLS_SSL_SRV_C +#undef MBEDTLS_SSL_PROTO_TLS1_3 +#undef MBEDTLS_SSL_PROTO_TLS1_2 +#undef MBEDTLS_SSL_PROTO_DTLS +#endif + +#if !defined(MBEDTLS_SSL_PROTO_DTLS) +#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY +#undef MBEDTLS_SSL_DTLS_CONNECTION_ID +#undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT +#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY +#undef MBEDTLS_SSL_DTLS_SRTP +#undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE +#endif + #if !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#undef MBEDTLS_SSL_ENCRYPT_THEN_MAC +#undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET +#undef MBEDTLS_SSL_RENEGOTIATION #undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED #undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED #undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index ff4eef75b..8ed51c21d 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -173,21 +173,36 @@ #error "MBEDTLS_PKCS5_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \ - !defined(MBEDTLS_SHA256_C)) +/* Helpers for hash dependencies, will be undefined at the end of the file */ +/* Do SHA-256, 384, 512 to cover Entropy and TLS. */ +#if defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256)) +#define MBEDTLS_MD_HAVE_SHA256 +#endif +#if defined(MBEDTLS_SHA384_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384)) +#define MBEDTLS_MD_HAVE_SHA384 +#endif +#if defined(MBEDTLS_SHA512_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512)) +#define MBEDTLS_MD_HAVE_SHA512 +#endif + +#if defined(MBEDTLS_ENTROPY_C) && \ + !(defined(MBEDTLS_MD_HAVE_SHA512) || defined(MBEDTLS_MD_HAVE_SHA256)) #error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_SHA512_C) && \ +#if defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64) #error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" #endif #if defined(MBEDTLS_ENTROPY_C) && \ - ( !defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_ENTROPY_FORCE_SHA256) ) \ + (defined(MBEDTLS_ENTROPY_FORCE_SHA256) || !defined(MBEDTLS_MD_HAVE_SHA512)) \ && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32) #error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" #endif #if defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_SHA256_C) + defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_MD_HAVE_SHA256) #error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites" #endif @@ -365,8 +380,7 @@ /* Use of EC J-PAKE in TLS requires SHA-256. */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ - !(defined(MBEDTLS_SHA256_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))) + !defined(MBEDTLS_MD_HAVE_SHA256) #error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" #endif @@ -773,34 +787,20 @@ #error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_USE_PSA_CRYPTO) && \ - !( defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" -#endif - -/* TLS 1.3 requires separate HKDF parts from PSA */ +/* TLS 1.3 requires separate HKDF parts from PSA, + * and at least one ciphersuite, so at least SHA-256 or SHA-384 + * from PSA to use with HKDF. + * + * Note: for dependencies common with TLS 1.2 (running handshake hash), + * see MBEDTLS_SSL_TLS_C. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ - !( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_HKDF_EXTRACT) && defined(PSA_WANT_ALG_HKDF_EXPAND) ) + !(defined(MBEDTLS_PSA_CRYPTO_C) && \ + defined(PSA_WANT_ALG_HKDF_EXTRACT) && \ + defined(PSA_WANT_ALG_HKDF_EXPAND) && \ + (defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384))) #error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites" #endif -/* TLS 1.3 requires at least one ciphersuite, so at least SHA-256 or SHA-384 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) -/* We always need at least one of the hashes via PSA (for use with HKDF) */ -#if !( defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384) ) -#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites" -#endif /* !(PSA_WANT_ALG_SHA_256 || PSA_WANT_ALG_SHA_384) */ -#if !defined(MBEDTLS_USE_PSA_CRYPTO) -/* When USE_PSA_CRYPTO is not defined, we also need SHA-256 or SHA-384 via the - * legacy interface, including via the MD layer, for the parts of the code - * that are shared with TLS 1.2 (running handshake hash). */ -#if !defined(MBEDTLS_MD_C) || \ - !( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA384_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites" -#endif /* !MBEDTLS_MD_C || !(MBEDTLS_SHA256_C || MBEDTLS_SHA384_C) */ -#endif /* !MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) #if !( defined(MBEDTLS_PK_HAVE_ECDH) && defined(MBEDTLS_X509_CRT_PARSE_C) && \ ( defined(MBEDTLS_PK_HAVE_ECDSA) || defined(MBEDTLS_PKCS1_V21) ) ) @@ -864,11 +864,24 @@ #error "MBEDTLS_SSL_ASYNC_PRIVATE defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \ - ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) ) +#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_CIPHER_C) #error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" #endif +/* TLS 1.2 and 1.3 require SHA-256 or SHA-384 (running handshake hash) */ +#if defined(MBEDTLS_SSL_TLS_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if !(defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384)) +#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" +#endif +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#if !defined(MBEDTLS_MD_C) || \ + !(defined(MBEDTLS_MD_HAVE_SHA256) || defined(MBEDTLS_MD_HAVE_SHA384)) +#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" +#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_SSL_TLS_C */ + #if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C) #error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites" #endif @@ -1107,6 +1120,9 @@ #undef MBEDTLS_PK_HAVE_ECDSA #undef MBEDTLS_PK_HAVE_JPAKE #undef MBEDTLS_PK_HAVE_ECDH +#undef MBEDTLS_MD_HAVE_SHA256 +#undef MBEDTLS_MD_HAVE_SHA384 +#undef MBEDTLS_MD_HAVE_SHA512 /* * Avoid warning from -pedantic. This is a convenient place for this diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 8d28150d7..0348281e4 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -45,6 +45,7 @@ #include "mbedtls/build_info.h" #include "mbedtls/aes.h" +#include "entropy.h" #if defined(MBEDTLS_THREADING_C) #include "mbedtls/threading.h" @@ -94,17 +95,14 @@ * \brief The amount of entropy used per seed by default, in bytes. */ #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) -#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) -/** This is 48 bytes because the entropy module uses SHA-512 - * (\c MBEDTLS_ENTROPY_FORCE_SHA256 is disabled). +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) +/** This is 48 bytes because the entropy module uses SHA-512. */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 -#else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */ +#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ -/** This is 32 bytes because the entropy module uses SHA-256 - * (the SHA512 module is disabled or - * \c MBEDTLS_ENTROPY_FORCE_SHA256 is enabled). +/** This is 32 bytes because the entropy module uses SHA-256. */ #if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) /** \warning To achieve a 256-bit security strength, you must pass a nonce @@ -112,7 +110,7 @@ */ #endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 -#endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */ +#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ #endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */ #if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index 2c8b75031..e17245efd 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -27,13 +27,17 @@ #include -#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) -#include "mbedtls/sha512.h" +#include "md.h" + +#if defined(MBEDTLS_MD_CAN_SHA512) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) #define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR +#define MBEDTLS_ENTROPY_MD MBEDTLS_MD_SHA512 +#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ #else -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR -#include "mbedtls/sha256.h" +#define MBEDTLS_ENTROPY_MD MBEDTLS_MD_SHA256 +#define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */ #endif #endif @@ -71,12 +75,6 @@ /** \} name SECTION: Module settings */ -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) -#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ -#else -#define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */ -#endif - #define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */ #define MBEDTLS_ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_MAX_SOURCES @@ -120,11 +118,7 @@ typedef struct mbedtls_entropy_context { int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init. * 1 after the first update. * -1 after free. */ -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator); -#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR) - mbedtls_sha256_context MBEDTLS_PRIVATE(accumulator); -#endif + mbedtls_md_context_t MBEDTLS_PRIVATE(accumulator); int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */ mbedtls_entropy_source_state MBEDTLS_PRIVATE(source)[MBEDTLS_ENTROPY_MAX_SOURCES]; #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index efe08305f..e54134076 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1091,13 +1091,13 @@ typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) #define MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN 48 -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA256 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 32 -#elif defined(MBEDTLS_SHA384_C) +#elif defined(MBEDTLS_MD_CAN_SHA384) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA384 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 48 -#elif defined(MBEDTLS_SHA1_C) +#elif defined(MBEDTLS_MD_CAN_SHA1) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA1 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 20 #else diff --git a/library/entropy.c b/library/entropy.c index e55410c76..00079176a 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -34,9 +34,6 @@ #include "mbedtls/platform.h" -#include "mbedtls/platform.h" - - #define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ void mbedtls_entropy_init(mbedtls_entropy_context *ctx) @@ -49,11 +46,7 @@ void mbedtls_entropy_init(mbedtls_entropy_context *ctx) #endif ctx->accumulator_started = 0; -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init(&ctx->accumulator); -#else - mbedtls_sha256_init(&ctx->accumulator); -#endif + mbedtls_md_init(&ctx->accumulator); /* Reminder: Update ENTROPY_HAVE_STRONG in the test files * when adding more strong entropy sources here. */ @@ -89,11 +82,7 @@ void mbedtls_entropy_free(mbedtls_entropy_context *ctx) #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_free(&ctx->mutex); #endif -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_free(&ctx->accumulator); -#else - mbedtls_sha256_free(&ctx->accumulator); -#endif + mbedtls_md_free(&ctx->accumulator); #if defined(MBEDTLS_ENTROPY_NV_SEED) ctx->initial_entropy_run = 0; #endif @@ -150,15 +139,10 @@ static int entropy_update(mbedtls_entropy_context *ctx, unsigned char source_id, int ret = 0; if (use_len > MBEDTLS_ENTROPY_BLOCK_SIZE) { -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if ((ret = mbedtls_sha512(data, len, tmp, 0)) != 0) { + if ((ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), + data, len, tmp)) != 0) { goto cleanup; } -#else - if ((ret = mbedtls_sha256(data, len, tmp, 0)) != 0) { - goto cleanup; - } -#endif p = tmp; use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; } @@ -171,29 +155,22 @@ static int entropy_update(mbedtls_entropy_context *ctx, unsigned char source_id, * it is sufficient to start the accumulator here only because all calls to * gather entropy eventually execute this code. */ -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if (ctx->accumulator_started == 0 && - (ret = mbedtls_sha512_starts(&ctx->accumulator, 0)) != 0) { - goto cleanup; - } else { + if (ctx->accumulator_started == 0) { + ret = mbedtls_md_setup(&ctx->accumulator, + mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), 0); + if (ret != 0) { + goto cleanup; + } + ret = mbedtls_md_starts(&ctx->accumulator); + if (ret != 0) { + goto cleanup; + } ctx->accumulator_started = 1; } - if ((ret = mbedtls_sha512_update(&ctx->accumulator, header, 2)) != 0) { + if ((ret = mbedtls_md_update(&ctx->accumulator, header, 2)) != 0) { goto cleanup; } - ret = mbedtls_sha512_update(&ctx->accumulator, p, use_len); -#else - if (ctx->accumulator_started == 0 && - (ret = mbedtls_sha256_starts(&ctx->accumulator, 0)) != 0) { - goto cleanup; - } else { - ctx->accumulator_started = 1; - } - if ((ret = mbedtls_sha256_update(&ctx->accumulator, header, 2)) != 0) { - goto cleanup; - } - ret = mbedtls_sha256_update(&ctx->accumulator, p, use_len); -#endif + ret = mbedtls_md_update(&ctx->accumulator, p, use_len); cleanup: mbedtls_platform_zeroize(tmp, sizeof(tmp)); @@ -354,62 +331,41 @@ int mbedtls_entropy_func(void *data, unsigned char *output, size_t len) memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) /* * Note that at this stage it is assumed that the accumulator was started * in a previous call to entropy_update(). If this is not guaranteed, the * code below will fail. */ - if ((ret = mbedtls_sha512_finish(&ctx->accumulator, buf)) != 0) { + if ((ret = mbedtls_md_finish(&ctx->accumulator, buf)) != 0) { goto exit; } /* * Reset accumulator and counters and recycle existing entropy */ - mbedtls_sha512_free(&ctx->accumulator); - mbedtls_sha512_init(&ctx->accumulator); - if ((ret = mbedtls_sha512_starts(&ctx->accumulator, 0)) != 0) { + mbedtls_md_free(&ctx->accumulator); + mbedtls_md_init(&ctx->accumulator); + ret = mbedtls_md_setup(&ctx->accumulator, + mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), 0); + if (ret != 0) { goto exit; } - if ((ret = mbedtls_sha512_update(&ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { + ret = mbedtls_md_starts(&ctx->accumulator); + if (ret != 0) { + goto exit; + } + if ((ret = mbedtls_md_update(&ctx->accumulator, buf, + MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { goto exit; } /* - * Perform second SHA-512 on entropy + * Perform second hashing on entropy */ - if ((ret = mbedtls_sha512(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0)) != 0) { + if ((ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), + buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf)) != 0) { goto exit; } -#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - if ((ret = mbedtls_sha256_finish(&ctx->accumulator, buf)) != 0) { - goto exit; - } - - /* - * Reset accumulator and counters and recycle existing entropy - */ - mbedtls_sha256_free(&ctx->accumulator); - mbedtls_sha256_init(&ctx->accumulator); - if ((ret = mbedtls_sha256_starts(&ctx->accumulator, 0)) != 0) { - goto exit; - } - if ((ret = mbedtls_sha256_update(&ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { - goto exit; - } - - /* - * Perform second SHA-256 on entropy - */ - if ((ret = mbedtls_sha256(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0)) != 0) { - goto exit; - } -#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ for (i = 0; i < ctx->source_count; i++) { ctx->source[i].size = 0; diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index b15730235..af205aacb 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -510,7 +510,7 @@ exit: #if defined(MBEDTLS_SELF_TEST) -#if !defined(MBEDTLS_SHA1_C) +#if !defined(MBEDTLS_MD_CAN_SHA1) /* Dummy checkup routine */ int mbedtls_hmac_drbg_self_test(int verbose) { @@ -639,7 +639,7 @@ int mbedtls_hmac_drbg_self_test(int verbose) return 0; } -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_HMAC_DRBG_C */ diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h index f1a2af11d..4197b4be4 100644 --- a/library/psa_crypto_random_impl.h +++ b/library/psa_crypto_random_impl.h @@ -62,7 +62,7 @@ int mbedtls_psa_get_random(void *p_rng, #elif defined(MBEDTLS_HMAC_DRBG_C) #include "mbedtls/hmac_drbg.h" -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA512) && defined(MBEDTLS_MD_CAN_SHA256) #include #if SIZE_MAX > 0xffffffff /* Looks like a 64-bit system, so prefer SHA-512. */ @@ -71,9 +71,9 @@ int mbedtls_psa_get_random(void *p_rng, /* Looks like a 32-bit system, so prefer SHA-256. */ #define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 #endif -#elif defined(MBEDTLS_SHA512_C) +#elif defined(MBEDTLS_MD_CAN_SHA512) #define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA512 -#elif defined(MBEDTLS_SHA256_C) +#elif defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 #else #error "No hash algorithm available for HMAC_DBRG." diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index bc58a153c..1fbf04546 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -23,9 +23,9 @@ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) + defined(MBEDTLS_MD_CAN_SHA1) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" @@ -43,14 +43,14 @@ #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) + !defined(MBEDTLS_MD_CAN_SHA1) int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); } @@ -280,5 +280,5 @@ exit: mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && + MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 2514fc05c..66f7d6f35 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -23,9 +23,9 @@ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) + defined(MBEDTLS_MD_CAN_SHA1) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" @@ -43,14 +43,14 @@ #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) + !defined(MBEDTLS_MD_CAN_SHA1) int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); } @@ -302,5 +302,5 @@ exit: mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && + MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 21a75e927..f3bcdb24a 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -22,13 +22,13 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_MD_C and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); @@ -150,5 +150,5 @@ exit: mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && + MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index b1fd1b646..e24f27f0c 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -22,12 +22,12 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_FS_IO) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or " + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_PK_PARSE_C and/or " "MBEDTLS_FS_IO not defined.\n"); mbedtls_exit(0); } @@ -123,5 +123,5 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index a8418d145..051db07c0 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -22,13 +22,13 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO not defined.\n"); mbedtls_exit(0); } #else @@ -162,5 +162,5 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 19ab962e4..4fa3582a7 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -22,13 +22,13 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_RSA_C and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); @@ -156,5 +156,5 @@ exit: mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && - MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && + MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 9c08435cd..e17d776f8 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -22,13 +22,13 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO not defined.\n"); mbedtls_exit(0); } #else @@ -138,5 +138,5 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index df61e4712..bbd8c17b2 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -22,13 +22,13 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_RSA_C and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); @@ -131,5 +131,5 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index f5c31de5d..a79fac640 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -62,13 +62,13 @@ #include /* If the build options we need are not enabled, compile a placeholder. */ -#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ +#if !defined(PSA_WANT_ALG_SHA_256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) int main(void) { - printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + printf("PSA_WANT_ALG_SHA_256 and/or MBEDTLS_MD_C and/or " "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " @@ -698,6 +698,6 @@ usage_failure: usage(); return EXIT_FAILURE; } -#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && +#endif /* PSA_WANT_ALG_SHA_256 && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */ diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 524143844..01d09bc01 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -22,13 +22,13 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_PEM_WRITE_C) int main(void) { mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " "not defined.\n"); mbedtls_exit(0); diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 0daee5627..99ede78fa 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -24,12 +24,12 @@ #if !defined(MBEDTLS_X509_CRT_WRITE_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_PEM_WRITE_C) int main(void) { mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_ERROR_C not defined.\n"); mbedtls_exit(0); @@ -771,7 +771,7 @@ usage: mbedtls_printf(" ok\n"); } -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && opt.subject_identifier != 0) { mbedtls_printf(" . Adding the Subject Key Identifier ..."); @@ -805,7 +805,7 @@ usage: mbedtls_printf(" ok\n"); } -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && opt.key_usage != 0) { diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 22518bfc4..2585fd9f0 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -39,6 +39,7 @@ #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 #define MBEDTLS_CTR_DRBG_C #define MBEDTLS_ENTROPY_C +#define MBEDTLS_ENTROPY_FORCE_SHA256 /* * Configuration options that may need to be additionally enabled for the diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index eb69fc661..b5e3d3542 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -34,7 +34,7 @@ */ #if defined(PSA_WANT_ALG_MD5) #define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5 -/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of +/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be * implausible anyway. */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c97f6663d..bafca0a83 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2563,14 +2563,20 @@ component_test_psa_crypto_config_accel_hash () { scripts/config.py unset MBEDTLS_MD5_C scripts/config.py unset MBEDTLS_RIPEMD160_C scripts/config.py unset MBEDTLS_SHA1_C - # Don't unset MBEDTLS_SHA256_C as it is needed by PSA crypto core. + scripts/config.py unset MBEDTLS_SHA224_C + scripts/config.py unset MBEDTLS_SHA256_C scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - not grep mbedtls_sha512_init library/sha512.o - not grep mbedtls_sha1_init library/sha1.o + # There's a risk of something getting re-enabled via config_psa.h; + # make sure it did not happen. Note: it's OK for MD_C to be enabled. + not grep mbedtls_md5 library/md5.o + not grep mbedtls_sha1 library/sha1.o + not grep mbedtls_sha256 library/sha256.o + not grep mbedtls_sha512 library/sha512.o + not grep mbedtls_ripemd160 library/ripemd160.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" make test @@ -2619,13 +2625,6 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA512_C scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT fi - # Use an external RNG as currently internal RNGs depend on entropy.c - # which in turn hard-depends on SHA256_C (or SHA512_C). - # See component_test_psa_external_rng_no_drbg_use_psa. - scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - scripts/config.py unset MBEDTLS_ENTROPY_C - scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED # depends on ENTROPY_C - scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT # depends on former # Dynamic secure element support is a deprecated feature and needs to be disabled here. # This is done to have the same form of psa_key_attributes_s for libdriver and library. diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 581baad9a..b29ea0aa6 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -277,7 +277,7 @@ REVERSE_DEPENDENCIES = { # if a given define is the only one enabled from an exclusive group. EXCLUSIVE_GROUPS = { 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C', - '-MBEDTLS_SSL_PROTO_TLS1_3'], + '-MBEDTLS_SSL_TLS_C'], 'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C', '-MBEDTLS_ECDSA_DETERMINISTIC', '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED', diff --git a/tests/scripts/generate_pkcs7_tests.py b/tests/scripts/generate_pkcs7_tests.py index 187debc92..0e7385043 100755 --- a/tests/scripts/generate_pkcs7_tests.py +++ b/tests/scripts/generate_pkcs7_tests.py @@ -49,7 +49,7 @@ class TestData: Take in test_suite_pkcs7.data file. Allow for new tests to be added. """ - mandatory_dep = "MBEDTLS_SHA256_C" + mandatory_dep = "MBEDTLS_MD_CAN_SHA256" test_name = "PKCS7 Parse Failure Invalid ASN1" test_function = "pkcs7_asn1_fail:" def __init__(self, file_name): diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index c36d2c83e..724542c82 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -167,6 +167,8 @@ void entropy_seed_file(char *path, int ret) { mbedtls_entropy_context ctx; + MD_PSA_INIT(); + mbedtls_entropy_init(&ctx); TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) == ret); @@ -174,6 +176,7 @@ void entropy_seed_file(char *path, int ret) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -182,6 +185,8 @@ void entropy_write_base_seed_file(int ret) { mbedtls_entropy_context ctx; + MD_PSA_INIT(); + mbedtls_entropy_init(&ctx); TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret); @@ -189,6 +194,7 @@ void entropy_write_base_seed_file(int ret) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -243,6 +249,8 @@ void entropy_func_len(int len, int ret) unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 }; size_t i, j; + MD_PSA_INIT(); + mbedtls_entropy_init(&ctx); /* @@ -267,6 +275,7 @@ void entropy_func_len(int len, int ret) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -277,6 +286,8 @@ void entropy_source_fail(char *path) unsigned char buf[16]; entropy_dummy_context dummy = { DUMMY_FAIL, 0, 0 }; + MD_PSA_INIT(); + mbedtls_entropy_init(&ctx); TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, @@ -299,6 +310,7 @@ void entropy_source_fail(char *path) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -312,6 +324,8 @@ void entropy_threshold(int threshold, int chunk_size, int result) unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; + MD_PSA_INIT(); + mbedtls_entropy_init(&ctx); entropy_clear_sources(&ctx); @@ -340,6 +354,7 @@ void entropy_threshold(int threshold, int chunk_size, int result) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -359,6 +374,8 @@ void entropy_calls(int strength1, int strength2, unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; + MD_PSA_INIT(); + mbedtls_entropy_init(&ctx); entropy_clear_sources(&ctx); @@ -385,6 +402,7 @@ void entropy_calls(int strength1, int strength2, exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -455,6 +473,8 @@ void entropy_nv_seed(data_t *read_seed) unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE]; + MD_PSA_INIT(); + memset(entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); memset(empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); @@ -523,12 +543,18 @@ exit: mbedtls_entropy_free(&ctx); mbedtls_nv_seed_read = original_mbedtls_nv_seed_read; mbedtls_nv_seed_write = original_mbedtls_nv_seed_write; + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */ void entropy_selftest(int result) { + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_entropy_self_test(1) == result); + +exit: + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 2caa65f6e..20f61fc3b 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -760,7 +760,7 @@ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) #endif mbedtls_pk_init(&pk); - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); memset(hash, 0x2a, sizeof(hash)); memset(sig, 0, sizeof(sig)); @@ -824,7 +824,7 @@ exit: mbedtls_pk_restart_free(rs_ctx); #endif mbedtls_pk_free(&pk); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 56f4d1d5b..5105ef567 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -2241,12 +2241,14 @@ void hash_compute(int alg_arg, unsigned char *output = NULL; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - mbedtls_test_driver_hash_hooks.forced_status = forced_status; PSA_ASSERT(psa_crypto_init()); ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL(psa_hash_compute(alg, input->x, input->len, output, PSA_HASH_LENGTH(alg), &output_length), expected_status); @@ -2277,12 +2279,14 @@ void hash_multipart_setup(int alg_arg, psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); PSA_ASSERT(psa_crypto_init()); + ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL(psa_hash_setup(&operation, alg), expected_status); TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); @@ -2322,10 +2326,12 @@ void hash_multipart_update(int alg_arg, psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); PSA_ASSERT(psa_crypto_init()); + ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); + + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); /* * Update inactive operation, the driver shouldn't be called. @@ -2377,10 +2383,11 @@ void hash_multipart_finish(int alg_arg, psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + PSA_ASSERT(psa_crypto_init()); ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT(psa_crypto_init()); + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); /* * Finish inactive operation, the driver shouldn't be called. @@ -2431,10 +2438,11 @@ void hash_clone(int alg_arg, psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + PSA_ASSERT(psa_crypto_init()); ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT(psa_crypto_init()); + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); /* * Clone inactive operation, the driver shouldn't be called. diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index f0b98e7fd..6e1305e60 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -74,11 +74,7 @@ static void custom_entropy_init(mbedtls_entropy_context *ctx) #endif ctx->accumulator_started = 0; -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init(&ctx->accumulator); -#else - mbedtls_sha256_init(&ctx->accumulator); -#endif + mbedtls_md_init(&ctx->accumulator); #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) if (custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM) { diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 5c9437159..bb6b0e417 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -720,7 +720,7 @@ static int smoke_test_key(mbedtls_svc_key_id_t key) buffer, sizeof(buffer), NULL, 0, buffer, sizeof(buffer), &length)); -#if defined(MBEDTLS_SHA256_C) +#if defined(PSA_WANT_ALG_SHA_256) /* Try the key in a plain key derivation. */ PSA_ASSERT(psa_key_derivation_setup(&derivation_operation, PSA_ALG_HKDF(PSA_ALG_SHA_256))); @@ -753,7 +753,7 @@ static int smoke_test_key(mbedtls_svc_key_id_t key) alg, key, buffer, length, buffer, sizeof(buffer), &length)); } -#endif /* MBEDTLS_SHA256_C */ +#endif /* PSA_WANT_ALG_SHA_256 */ ok = 1; diff --git a/tests/suites/test_suite_random.data b/tests/suites/test_suite_random.data index c23d9223f..9211591a5 100644 --- a/tests/suites/test_suite_random.data +++ b/tests/suites/test_suite_random.data @@ -2,15 +2,15 @@ Generate random twice with CTR_DRBG random_twice_with_ctr_drbg: Generate random twice with HMAC_DRBG(SHA-1) -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 random_twice_with_hmac_drbg:MBEDTLS_MD_SHA1 Generate random twice with HMAC_DRBG(SHA-256) -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 random_twice_with_hmac_drbg:MBEDTLS_MD_SHA256 Generate random twice with HMAC_DRBG(SHA-512) -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 random_twice_with_hmac_drbg:MBEDTLS_MD_SHA512 Generate random twice with PSA classic wrapper diff --git a/tests/suites/test_suite_random.function b/tests/suites/test_suite_random.function index 3026bae0e..0df92b044 100644 --- a/tests/suites/test_suite_random.function +++ b/tests/suites/test_suite_random.function @@ -26,6 +26,8 @@ void random_twice_with_ctr_drbg() unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; + MD_PSA_INIT(); + /* First round */ mbedtls_entropy_init(&entropy); mbedtls_ctr_drbg_init(&drbg); @@ -54,6 +56,7 @@ void random_twice_with_ctr_drbg() exit: mbedtls_ctr_drbg_free(&drbg); mbedtls_entropy_free(&entropy); + MD_PSA_DONE(); } /* END_CASE */ @@ -66,6 +69,8 @@ void random_twice_with_hmac_drbg(int md_type) unsigned char output2[OUTPUT_SIZE]; const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); + MD_PSA_INIT(); + /* First round */ mbedtls_entropy_init(&entropy); mbedtls_hmac_drbg_init(&drbg); @@ -94,6 +99,7 @@ void random_twice_with_hmac_drbg(int md_type) exit: mbedtls_hmac_drbg_free(&drbg); mbedtls_entropy_free(&entropy); + MD_PSA_DONE(); } /* END_CASE */