diff --git a/include/psa/crypto_builtin_hash.h b/include/psa/crypto_builtin.h similarity index 54% rename from include/psa/crypto_builtin_hash.h rename to include/psa/crypto_builtin.h index 64323bf0e..b3bc1408c 100644 --- a/include/psa/crypto_builtin_hash.h +++ b/include/psa/crypto_builtin.h @@ -1,6 +1,15 @@ /* - * Context structure declaration of the software-based driver which performs - * hashing through the PSA Crypto driver dispatch layer. + * Context structure declaration of the Mbed TLS software-based PSA drivers + * called through the PSA Crypto driver dispatch layer. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * \note This header and its content is not part of the Mbed TLS API and + * applications must not depend on it. Its main purpose is to define the + * multi-part state objects of the Mbed TLS software-based PSA drivers. The + * definition of these objects are then used by crypto_struct.h to define the + * implementation-defined types of PSA multi-part state objects. */ /* * Copyright The Mbed TLS Contributors @@ -19,10 +28,15 @@ * limitations under the License. */ -#ifndef PSA_CRYPTO_BUILTIN_HASH_H -#define PSA_CRYPTO_BUILTIN_HASH_H +#ifndef PSA_CRYPTO_BUILTIN_H +#define PSA_CRYPTO_BUILTIN_H #include + +/* + * Hash multi-part operation definitions. + */ + #include "mbedtls/md2.h" #include "mbedtls/md4.h" #include "mbedtls/md5.h" @@ -75,6 +89,33 @@ typedef struct #define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} +/* + * Cipher multi-part operation definitions. + */ + +#include "mbedtls/cipher.h" + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_XTS) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) +#define MBEDTLS_PSA_BUILTIN_CIPHER 1 +#endif + +typedef struct { + /* Context structure for the Mbed TLS cipher implementation. */ + psa_algorithm_t alg; + uint8_t iv_length; + uint8_t block_length; + mbedtls_cipher_context_t cipher; +} mbedtls_psa_cipher_operation_t; + +#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} + /* * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. */ @@ -84,6 +125,20 @@ typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operat #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT +typedef mbedtls_psa_cipher_operation_t + mbedtls_transparent_test_driver_cipher_operation_t; + +typedef struct { + unsigned int initialised : 1; + mbedtls_transparent_test_driver_cipher_operation_t ctx; +} mbedtls_opaque_test_driver_cipher_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ + MBEDTLS_PSA_CIPHER_OPERATION_INIT + +#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ + { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } + #endif /* PSA_CRYPTO_DRIVER_TEST */ -#endif /* PSA_CRYPTO_BUILTIN_HASH_H */ +#endif /* PSA_CRYPTO_BUILTIN_H */ diff --git a/include/psa/crypto_builtin_cipher.h b/include/psa/crypto_builtin_cipher.h deleted file mode 100644 index df26c91d6..000000000 --- a/include/psa/crypto_builtin_cipher.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Context structure declaration of the software-based driver which performs - * cipher operations through the PSA Crypto driver dispatch layer. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PSA_CRYPTO_BUILTIN_CIPHER_H -#define PSA_CRYPTO_BUILTIN_CIPHER_H - -#include -#include "mbedtls/cipher.h" - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_XTS) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) -#define MBEDTLS_PSA_BUILTIN_CIPHER 1 -#endif - -typedef struct { - /* Context structure for the Mbed TLS cipher implementation. */ - psa_algorithm_t alg; - uint8_t iv_length; - uint8_t block_length; - mbedtls_cipher_context_t cipher; -} mbedtls_psa_cipher_operation_t; - -#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} - -/* - * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) - -typedef mbedtls_psa_cipher_operation_t - mbedtls_transparent_test_driver_cipher_operation_t; - -typedef struct { - unsigned int initialised : 1; - mbedtls_transparent_test_driver_cipher_operation_t ctx; -} mbedtls_opaque_test_driver_cipher_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ - MBEDTLS_PSA_CIPHER_OPERATION_INIT - -#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ - { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } - -#endif /* PSA_CRYPTO_DRIVER_TEST */ - -#endif /* PSA_CRYPTO_BUILTIN_CIPHER_H */ diff --git a/include/psa/crypto_driver_contexts.h b/include/psa/crypto_driver_contexts.h index bee6895e8..d725e8440 100644 --- a/include/psa/crypto_driver_contexts.h +++ b/include/psa/crypto_driver_contexts.h @@ -3,6 +3,15 @@ * interface. * * Warning: This file will be auto-generated in the future. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * \note This header and its content is not part of the Mbed TLS API and + * applications must not depend on it. Its main purpose is to define the + * multi-part state objects of the PSA drivers included in the cryptographic + * library. The definition of these objects are then used by crypto_struct.h + * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 @@ -30,8 +39,7 @@ * declared during the autogeneration process. */ /* Include the context structure definitions for the Mbed TLS software drivers */ -#include "psa/crypto_builtin_cipher.h" -#include "psa/crypto_builtin_hash.h" +#include "psa/crypto_builtin.h" /* Define the context to be used for an operation that is executed through the * PSA Driver wrapper layer as the union of all possible driver's contexts. @@ -41,7 +49,7 @@ * of both this file and the content of psa_crypto_driver_wrappers.c */ typedef union { - unsigned dummy; /* Make sure this structure is always non-empty */ + unsigned dummy; /* Make sure this union is always non-empty */ mbedtls_psa_hash_operation_t mbedtls_ctx; #if defined(PSA_CRYPTO_DRIVER_TEST) mbedtls_transparent_test_driver_hash_operation_t test_driver_ctx; @@ -49,7 +57,7 @@ typedef union { } psa_driver_hash_context_t; typedef union { - unsigned dummy; /* Make sure this structure is always non-empty */ + unsigned dummy; /* Make sure this union is always non-empty */ mbedtls_psa_cipher_operation_t mbedtls_ctx; #if defined(PSA_CRYPTO_DRIVER_TEST) mbedtls_transparent_test_driver_cipher_operation_t transparent_test_driver_ctx; diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b2da6a2c5..8ac7ce1ef 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -15,12 +15,20 @@ * *

Design notes about multipart operation structures

* - * Each multipart operation structure contains a `psa_algorithm_t alg` - * field which indicates which specific algorithm the structure is for. - * When the structure is not in use, `alg` is 0. Most of the structure - * consists of a union which is discriminated by `alg`. + * For multipart operations without driver delegation support, each multipart + * operation structure contains a `psa_algorithm_t alg` field which indicates + * which specific algorithm the structure is for. When the structure is not in + * use, `alg` is 0. Most of the structure consists of a union which is + * discriminated by `alg`. * - * Note that when `alg` is 0, the content of other fields is undefined. + * For multipart operations with driver delegation support, each multipart + * operation structure contains an `unsigned int id` field indicating which + * driver got assigned to do the operation. When the structure is not in use, + * 'id' is 0. The structure contains also a driver context which is the union + * of the contexts of all drivers able to handle the type of multipart + * operation. + * + * Note that when `alg` or `id` is 0, the content of other fields is undefined. * In particular, it is not guaranteed that a freshly-initialized structure * is all-zero: we initialize structures to something like `{0, 0}`, which * is only guaranteed to initializes the first member of the union; @@ -76,9 +84,9 @@ struct psa_hash_operation_s /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. - * ID values are auto-generated in psa_driver_wrappers.h + * ID values are auto-generated in psa_driver_wrappers.h. * ID value zero means the context is not valid or not assigned to - * any driver (i.e. none of the driver contexts are active). */ + * any driver (i.e. the driver context is not active, in use). */ unsigned int id; psa_driver_hash_context_t ctx; }; diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 75521007f..a49edd89e 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -583,48 +583,48 @@ psa_status_t mbedtls_psa_hash_abort( */ #if defined(PSA_CRYPTO_DRIVER_TEST) -psa_status_t is_hash_accelerated( psa_algorithm_t alg ) +static int is_hash_accelerated( psa_algorithm_t alg ) { switch( alg ) { #if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) case PSA_ALG_MD2: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_MD4) case PSA_ALG_MD4: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) case PSA_ALG_MD5: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) case PSA_ALG_SHA_1: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) case PSA_ALG_SHA_224: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) case PSA_ALG_SHA_256: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) case PSA_ALG_SHA_384: - return( PSA_SUCCESS ); + return( 1 ); #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) case PSA_ALG_SHA_512: - return( PSA_SUCCESS ); + return( 1 ); #endif default: - return( PSA_ERROR_NOT_SUPPORTED ); + return( 0 ); } } @@ -636,7 +636,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( size_t hash_size, size_t *hash_length) { - if( is_hash_accelerated( alg ) == PSA_SUCCESS ) + if( is_hash_accelerated( alg ) ) return( hash_compute( alg, input, input_length, hash, hash_size, hash_length ) ); else @@ -647,7 +647,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, psa_algorithm_t alg ) { - if( is_hash_accelerated( alg ) == PSA_SUCCESS ) + if( is_hash_accelerated( alg ) ) return( hash_setup( operation, alg ) ); else return( PSA_ERROR_NOT_SUPPORTED ); @@ -657,7 +657,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, mbedtls_transparent_test_driver_hash_operation_t *target_operation ) { - if( is_hash_accelerated( source_operation->alg ) == PSA_SUCCESS ) + if( is_hash_accelerated( source_operation->alg ) ) return( hash_clone( source_operation, target_operation ) ); else return( PSA_ERROR_BAD_STATE ); @@ -668,7 +668,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( const uint8_t *input, size_t input_length ) { - if( is_hash_accelerated( operation->alg ) == PSA_SUCCESS ) + if( is_hash_accelerated( operation->alg ) ) return( hash_update( operation, input, input_length ) ); else return( PSA_ERROR_BAD_STATE ); @@ -680,7 +680,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( size_t hash_size, size_t *hash_length ) { - if( is_hash_accelerated( operation->alg ) == PSA_SUCCESS ) + if( is_hash_accelerated( operation->alg ) ) return( hash_finish( operation, hash, hash_size, hash_length ) ); else return( PSA_ERROR_BAD_STATE ); diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index af47c8b57..eb7051295 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -22,7 +22,6 @@ #define PSA_CRYPTO_HASH_H #include -#include #include diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 09c5341fb..506ac1aeb 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -222,8 +222,7 @@ - - +