Merge pull request #4290 from ronald-cron-arm/hash-dispatch-follow-up

Hash dispatch follow up

include/psa/crypto_builtin.h

@@ -1,6 +1,15 @@
 /*
- *  Context structure declaration of the software-based driver which performs
+ *  Context structure declaration of the Mbed TLS software-based PSA drivers
- *  hashing through the PSA Crypto driver dispatch layer.
+ *  called through the PSA Crypto driver dispatch layer.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the Mbed TLS software-based PSA drivers. The
+ * definition of these objects are then used by crypto_struct.h to define the
+ * implementation-defined types of PSA multi-part state objects.
  */
 /*
  *  Copyright The Mbed TLS Contributors
@@ -19,10 +28,15 @@
  *  limitations under the License.
  */
 
-#ifndef PSA_CRYPTO_BUILTIN_HASH_H
+#ifndef PSA_CRYPTO_BUILTIN_H
-#define PSA_CRYPTO_BUILTIN_HASH_H
+#define PSA_CRYPTO_BUILTIN_H
 
 #include <psa/crypto_driver_common.h>
+
+/*
+ * Hash multi-part operation definitions.
+ */
+
 #include "mbedtls/md2.h"
 #include "mbedtls/md4.h"
 #include "mbedtls/md5.h"
@@ -75,6 +89,33 @@ typedef struct
 
 #define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}}
 
+/*
+ * Cipher multi-part operation definitions.
+ */
+
+#include "mbedtls/cipher.h"
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_XTS) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
+#define MBEDTLS_PSA_BUILTIN_CIPHER  1
+#endif
+
+typedef struct {
+    /* Context structure for the Mbed TLS cipher implementation. */
+    psa_algorithm_t alg;
+    uint8_t iv_length;
+    uint8_t block_length;
+    mbedtls_cipher_context_t cipher;
+} mbedtls_psa_cipher_operation_t;
+
+#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
+
 /*
  * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
  */
@@ -84,6 +125,20 @@ typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operat
 
 #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT
 
+typedef mbedtls_psa_cipher_operation_t
+        mbedtls_transparent_test_driver_cipher_operation_t;
+
+typedef struct {
+    unsigned int initialised : 1;
+    mbedtls_transparent_test_driver_cipher_operation_t ctx;
+} mbedtls_opaque_test_driver_cipher_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
+     MBEDTLS_PSA_CIPHER_OPERATION_INIT
+
+#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
+     { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
+
 #endif /* PSA_CRYPTO_DRIVER_TEST */
 
-#endif /* PSA_CRYPTO_BUILTIN_HASH_H */
+#endif /* PSA_CRYPTO_BUILTIN_H */

include/psa/crypto_builtin_cipher.h

@@ -1,70 +0,0 @@
-/*
- *  Context structure declaration of the software-based driver which performs
- *  cipher operations through the PSA Crypto driver dispatch layer.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_BUILTIN_CIPHER_H
-#define PSA_CRYPTO_BUILTIN_CIPHER_H
-
-#include <psa/crypto_driver_common.h>
-#include "mbedtls/cipher.h"
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_XTS) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
-#define MBEDTLS_PSA_BUILTIN_CIPHER  1
-#endif
-
-typedef struct {
-    /* Context structure for the Mbed TLS cipher implementation. */
-    psa_algorithm_t alg;
-    uint8_t iv_length;
-    uint8_t block_length;
-    mbedtls_cipher_context_t cipher;
-} mbedtls_psa_cipher_operation_t;
-
-#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
-
-/*
- * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
- */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-typedef mbedtls_psa_cipher_operation_t
-        mbedtls_transparent_test_driver_cipher_operation_t;
-
-typedef struct {
-    unsigned int initialised : 1;
-    mbedtls_transparent_test_driver_cipher_operation_t ctx;
-} mbedtls_opaque_test_driver_cipher_operation_t;
-
-#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
-     MBEDTLS_PSA_CIPHER_OPERATION_INIT
-
-#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
-     { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
-#endif /* PSA_CRYPTO_BUILTIN_CIPHER_H */

include/psa/crypto_driver_contexts.h

@@ -3,6 +3,15 @@
  *  interface.
  *
  *  Warning: This file will be auto-generated in the future.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the PSA drivers included in the cryptographic
+ * library. The definition of these objects are then used by crypto_struct.h
+ * to define the implementation-defined types of PSA multi-part state objects.
  */
 /*  Copyright The Mbed TLS Contributors
  *  SPDX-License-Identifier: Apache-2.0
@@ -30,8 +39,7 @@
  * declared during the autogeneration process. */
 
 /* Include the context structure definitions for the Mbed TLS software drivers */
-#include "psa/crypto_builtin_cipher.h"
+#include "psa/crypto_builtin.h"
-#include "psa/crypto_builtin_hash.h"
 
 /* Define the context to be used for an operation that is executed through the
  * PSA Driver wrapper layer as the union of all possible driver's contexts.
@@ -41,7 +49,7 @@
  * of both this file and the content of psa_crypto_driver_wrappers.c */
 
 typedef union {
-    unsigned dummy; /* Make sure this structure is always non-empty */
+    unsigned dummy; /* Make sure this union is always non-empty */
     mbedtls_psa_hash_operation_t mbedtls_ctx;
 #if defined(PSA_CRYPTO_DRIVER_TEST)
     mbedtls_transparent_test_driver_hash_operation_t test_driver_ctx;
@@ -49,7 +57,7 @@ typedef union {
 } psa_driver_hash_context_t;
 
 typedef union {
-    unsigned dummy; /* Make sure this structure is always non-empty */
+    unsigned dummy; /* Make sure this union is always non-empty */
     mbedtls_psa_cipher_operation_t mbedtls_ctx;
 #if defined(PSA_CRYPTO_DRIVER_TEST)
     mbedtls_transparent_test_driver_cipher_operation_t transparent_test_driver_ctx;

include/psa/crypto_struct.h

@@ -15,12 +15,20 @@
  *
  * <h3>Design notes about multipart operation structures</h3>
  *
- * Each multipart operation structure contains a `psa_algorithm_t alg`
+ * For multipart operations without driver delegation support, each multipart
- * field which indicates which specific algorithm the structure is for.
+ * operation structure contains a `psa_algorithm_t alg` field which indicates
- * When the structure is not in use, `alg` is 0. Most of the structure
+ * which specific algorithm the structure is for. When the structure is not in
- * consists of a union which is discriminated by `alg`.
+ * use, `alg` is 0. Most of the structure consists of a union which is
+ * discriminated by `alg`.
  *
- * Note that when `alg` is 0, the content of other fields is undefined.
+ * For multipart operations with driver delegation support, each multipart
+ * operation structure contains an `unsigned int id` field indicating which
+ * driver got assigned to do the operation. When the structure is not in use,
+ * 'id' is 0. The structure contains also a driver context which is the union
+ * of the contexts of all drivers able to handle the type of multipart
+ * operation.
+ *
+ * Note that when `alg` or `id` is 0, the content of other fields is undefined.
  * In particular, it is not guaranteed that a freshly-initialized structure
  * is all-zero: we initialize structures to something like `{0, 0}`, which
  * is only guaranteed to initializes the first member of the union;
@@ -76,9 +84,9 @@ struct psa_hash_operation_s
     /** Unique ID indicating which driver got assigned to do the
      * operation. Since driver contexts are driver-specific, swapping
      * drivers halfway through the operation is not supported.
-     * ID values are auto-generated in psa_driver_wrappers.h
+     * ID values are auto-generated in psa_driver_wrappers.h.
      * ID value zero means the context is not valid or not assigned to
-     * any driver (i.e. none of the driver contexts are active). */
+     * any driver (i.e. the driver context is not active, in use). */
     unsigned int id;
     psa_driver_hash_context_t ctx;
 };

library/psa_crypto_hash.c

@@ -583,48 +583,48 @@ psa_status_t mbedtls_psa_hash_abort(
   */
 #if defined(PSA_CRYPTO_DRIVER_TEST)
 
-psa_status_t is_hash_accelerated( psa_algorithm_t alg )
+static int is_hash_accelerated( psa_algorithm_t alg )
 {
     switch( alg )
     {
 #if defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
         case PSA_ALG_MD2:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
         case PSA_ALG_MD4:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
         case PSA_ALG_MD5:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
         case PSA_ALG_RIPEMD160:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
         case PSA_ALG_SHA_1:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
         case PSA_ALG_SHA_224:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
         case PSA_ALG_SHA_256:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
         case PSA_ALG_SHA_384:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
 #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
         case PSA_ALG_SHA_512:
-            return( PSA_SUCCESS );
+            return( 1 );
 #endif
         default:
-            return( PSA_ERROR_NOT_SUPPORTED );
+            return( 0 );
     }
 }
 
@@ -636,7 +636,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute(
     size_t hash_size,
     size_t *hash_length)
 {
-    if( is_hash_accelerated( alg ) == PSA_SUCCESS )
+    if( is_hash_accelerated( alg ) )
         return( hash_compute( alg, input, input_length,
                               hash, hash_size, hash_length ) );
     else
@@ -647,7 +647,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup(
     mbedtls_transparent_test_driver_hash_operation_t *operation,
     psa_algorithm_t alg )
 {
-    if( is_hash_accelerated( alg ) == PSA_SUCCESS )
+    if( is_hash_accelerated( alg ) )
         return( hash_setup( operation, alg ) );
     else
         return( PSA_ERROR_NOT_SUPPORTED );
@@ -657,7 +657,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone(
     const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
     mbedtls_transparent_test_driver_hash_operation_t *target_operation )
 {
-    if( is_hash_accelerated( source_operation->alg ) == PSA_SUCCESS )
+    if( is_hash_accelerated( source_operation->alg ) )
         return( hash_clone( source_operation, target_operation ) );
     else
         return( PSA_ERROR_BAD_STATE );
@@ -668,7 +668,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_update(
     const uint8_t *input,
     size_t input_length )
 {
-    if( is_hash_accelerated( operation->alg ) == PSA_SUCCESS )
+    if( is_hash_accelerated( operation->alg ) )
         return( hash_update( operation, input, input_length ) );
     else
         return( PSA_ERROR_BAD_STATE );
@@ -680,7 +680,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish(
     size_t hash_size,
     size_t *hash_length )
 {
-    if( is_hash_accelerated( operation->alg ) == PSA_SUCCESS )
+    if( is_hash_accelerated( operation->alg ) )
         return( hash_finish( operation, hash, hash_size, hash_length ) );
     else
         return( PSA_ERROR_BAD_STATE );

library/psa_crypto_hash.h

@@ -22,7 +22,6 @@
 #define PSA_CRYPTO_HASH_H
 
 #include <psa/crypto.h>
-#include <psa/crypto_builtin_hash.h>
 
 #include <mbedtls/md_internal.h>
 

visualc/VS2010/mbedTLS.vcxproj

@@ -222,8 +222,7 @@
     <ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
     <ClInclude Include="..\..\include\mbedtls\xtea.h" />
     <ClInclude Include="..\..\include\psa\crypto.h" />
-    <ClInclude Include="..\..\include\psa\crypto_builtin_cipher.h" />
+    <ClInclude Include="..\..\include\psa\crypto_builtin.h" />
-    <ClInclude Include="..\..\include\psa\crypto_builtin_hash.h" />
     <ClInclude Include="..\..\include\psa\crypto_compat.h" />
     <ClInclude Include="..\..\include\psa\crypto_config.h" />
     <ClInclude Include="..\..\include\psa\crypto_driver_common.h" />