X.509: use PSA for hashing under USE_PSA_CRYPTO

When MBEDTLS_USE_PSA_CRYPTO is enabled, use psa_hash_xxx rather than
mbedtls_md_xxx.

Signed-off-by: pespacek <peter.spacek@silabs.com>

ChangeLog.d/MD-X.509-hashing.txt

@@ -0,0 +1,2 @@
+Features
+   * The X.509 module now uses PSA hash acceleration if present.

library/x509_crt.c

@@ -47,7 +47,8 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "psa/crypto.h"
 #include "mbedtls/psa_util.h"
-#endif
+#include "psa/crypto_values.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
@@ -2336,8 +2337,14 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
                                const mbedtls_x509_crt_profile *profile )
 {
     int flags = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    unsigned char hash[PSA_HASH_MAX_SIZE];
+    psa_algorithm_t psa_algorithm;
+#else
     unsigned char hash[MBEDTLS_MD_MAX_SIZE];
     const mbedtls_md_info_t *md_info;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    size_t hash_length;
 
     if( ca == NULL )
         return( flags );
@@ -2370,8 +2377,21 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
         if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 )
             flags |= MBEDTLS_X509_BADCRL_BAD_PK;
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        psa_algorithm = mbedtls_psa_translate_md( crl_list->sig_md );
+        if(psa_hash_compute( psa_algorithm,
+                             crl_list->tbs.p,
+                             crl_list->tbs.len,
+                             hash,PSA_HASH_MAX_SIZE,
+                             &hash_length ) != PSA_SUCCESS )
+#else
         md_info = mbedtls_md_info_from_type( crl_list->sig_md );
-        if( mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ) != 0 )
+        hash_length = mbedtls_md_get_size( md_info );
+        if( mbedtls_md( md_info,
+                        crl_list->tbs.p,
+                        crl_list->tbs.len,
+                        hash ) != 0 )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
         {
             /* Note: this can't happen except after an internal error */
             flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
@@ -2382,7 +2402,7 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
             flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
 
         if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk,
-                           crl_list->sig_md, hash, mbedtls_md_get_size( md_info ),
+                           crl_list->sig_md, hash, hash_length,
                            crl_list->sig.p, crl_list->sig.len ) != 0 )
         {
             flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
@@ -2421,9 +2441,9 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
                                      mbedtls_x509_crt *parent,
                                      mbedtls_x509_crt_restart_ctx *rs_ctx )
 {
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
     size_t hash_len;
 #if !defined(MBEDTLS_USE_PSA_CRYPTO)
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
     const mbedtls_md_info_t *md_info;
     md_info = mbedtls_md_info_from_type( child->sig_md );
     hash_len = mbedtls_md_get_size( md_info );
@@ -2432,23 +2452,21 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
     if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 )
         return( -1 );
 #else
-    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
+    unsigned char hash[PSA_HASH_MAX_SIZE];
     psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md );
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
 
-    if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
+    status = psa_hash_compute( hash_alg,
-        return( -1 );
+                               child->tbs.p,
-
+                               child->tbs.len,
-    if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len )
+                               hash,
-        != PSA_SUCCESS )
+                               PSA_HASH_MAX_SIZE,
+                               &hash_len );
+    if( status != PSA_SUCCESS )
     {
-        return( -1 );
+        return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
     }
 
-    if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
-        != PSA_SUCCESS )
-    {
-        return( -1 );
-    }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     /* Skip expensive computation on obvious mismatch */
     if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) )

library/x509write_crt.c

@@ -40,6 +40,11 @@
 #include "mbedtls/pem.h"
 #endif /* MBEDTLS_PEM_WRITE_C */
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
 {
     memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
@@ -169,6 +174,11 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
 #if defined(MBEDTLS_SHA1_C)
 int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx )
 {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t hash_length;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
     unsigned char *c = buf + sizeof(buf);
@@ -178,10 +188,24 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
     MBEDTLS_ASN1_CHK_ADD( len,
                 mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_hash_compute( PSA_ALG_SHA_1,
+                               buf + sizeof( buf ) - len,
+                               len,
+                               buf + sizeof( buf ) - 20 ,
+                               PSA_HASH_LENGTH(PSA_ALG_SHA_1),
+                               &hash_length );
+    if( status != PSA_SUCCESS )
+    {
+        return( MBEDTLS_ERR_ERROR_GENERIC_ERROR );
+    }
+#else
     ret = mbedtls_sha1( buf + sizeof( buf ) - len, len,
-                            buf + sizeof( buf ) - 20 );
+                        buf + sizeof( buf ) - 20 );
     if( ret != 0 )
         return( ret );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     c = buf + sizeof( buf ) - 20;
     len = 20;
 
@@ -197,6 +221,11 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
 
 int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx )
 {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t hash_length;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
     unsigned char *c = buf + sizeof( buf );
@@ -205,11 +234,24 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
     memset( buf, 0, sizeof(buf) );
     MBEDTLS_ASN1_CHK_ADD( len,
                           mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) );
-
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_hash_compute( PSA_ALG_SHA_1,
+                               buf + sizeof( buf ) - len,
+                               len,
+                               buf + sizeof( buf ) - 20 ,
+                               PSA_HASH_LENGTH(PSA_ALG_SHA_1),
+                               &hash_length );
+    if( status != PSA_SUCCESS )
+    {
+        return( MBEDTLS_ERR_ERROR_GENERIC_ERROR );
+    }
+#else
     ret = mbedtls_sha1( buf + sizeof( buf ) - len, len,
-                            buf + sizeof( buf ) - 20 );
+                        buf + sizeof( buf ) - 20 );
     if( ret != 0 )
         return( ret );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     c = buf + sizeof( buf ) - 20;
     len = 20;
 
@@ -330,8 +372,16 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx,
     const char *sig_oid;
     size_t sig_oid_len = 0;
     unsigned char *c, *c2;
-    unsigned char hash[64];
     unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
+    size_t hash_length = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_algorithm_t psa_algorithm;
+    unsigned char hash[PSA_HASH_MAX_SIZE];
+#else
+    unsigned char hash[64];
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
     size_t len = 0;
     mbedtls_pk_type_t pk_alg;
@@ -466,14 +516,30 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx,
      */
 
     /* Compute hash of CRT. */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_algorithm = mbedtls_psa_translate_md( ctx->md_alg );
+
+    status = psa_hash_compute( psa_algorithm,
+                               c,
+                               len,
+                               hash,
+                               PSA_HASH_MAX_SIZE,
+                               &hash_length );
+    if( status != PSA_SUCCESS )
+    {
+        return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
+    }
+#else
     if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c,
                             len, hash ) ) != 0 )
     {
         return( ret );
     }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 
     if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg,
-                                 hash, 0, sig, sizeof( sig ), &sig_len,
+                                 hash, hash_length, sig, sizeof( sig ), &sig_len,
                                  f_rng, p_rng ) ) != 0 )
     {
         return( ret );

library/x509write_csr.c

@@ -35,7 +35,7 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "psa/crypto.h"
 #include "mbedtls/psa_util.h"
-#endif
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #include <string.h>
 #include <stdlib.h>
@@ -149,7 +149,6 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
     size_t len = 0;
     mbedtls_pk_type_t pk_alg;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
     size_t hash_len;
     psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -219,16 +218,14 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
      * Note: hash errors can happen only after an internal error
      */
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
+    if( psa_hash_compute( hash_alg,
-        return( MBEDTLS_ERR_X509_FATAL_ERROR );
+                          c,
-
+                          len,
-    if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS )
+                          hash,
-        return( MBEDTLS_ERR_X509_FATAL_ERROR );
+                          PSA_HASH_MAX_SIZE,
-
+                          &hash_len ) != PSA_SUCCESS )
-    if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
-        != PSA_SUCCESS )
     {
-        return( MBEDTLS_ERR_X509_FATAL_ERROR );
+        return ( MBEDTLS_ERR_X509_FATAL_ERROR );
     }
 #else /* MBEDTLS_USE_PSA_CRYPTO */
     ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );