Take advantage of legacy_or_psa.h being public
Opportunities for using the macros were spotted using:
git grep -E -n -A2 'MBEDTLS_(MD|SHA)[0-9]+_C' | egrep 'PSA_WANT_ALG_(MD|SHA)'
then manually filtering the results.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
parent
07018f97d2
commit
e896705c1a
4 changed files with 13 additions and 38 deletions
|
|
@ -24,6 +24,7 @@
|
||||||
#include "mbedtls/private_access.h"
|
#include "mbedtls/private_access.h"
|
||||||
|
|
||||||
#include "mbedtls/build_info.h"
|
#include "mbedtls/build_info.h"
|
||||||
|
#include "mbedtls/legacy_or_psa.h"
|
||||||
|
|
||||||
#include "mbedtls/x509.h"
|
#include "mbedtls/x509.h"
|
||||||
#include "mbedtls/x509_crl.h"
|
#include "mbedtls/x509_crl.h"
|
||||||
|
|
@ -1108,7 +1109,7 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
|
||||||
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
|
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
|
||||||
int is_ca, int max_pathlen );
|
int is_ca, int max_pathlen );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SHA1_C) || ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
|
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||||
/**
|
/**
|
||||||
* \brief Set the subjectKeyIdentifier extension for a CRT
|
* \brief Set the subjectKeyIdentifier extension for a CRT
|
||||||
* Requires that mbedtls_x509write_crt_set_subject_key() has been
|
* Requires that mbedtls_x509write_crt_set_subject_key() has been
|
||||||
|
|
@ -1130,7 +1131,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
|
||||||
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
|
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
|
||||||
*/
|
*/
|
||||||
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
|
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
|
||||||
#endif /* MBEDTLS_SHA1_C || (MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_1)*/
|
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Set the Key Usage Extension flags
|
* \brief Set the Key Usage Extension flags
|
||||||
|
|
|
||||||
|
|
@ -1426,11 +1426,11 @@ int main( int argc, char *argv[] )
|
||||||
if( opt.psk_opaque != 0 )
|
if( opt.psk_opaque != 0 )
|
||||||
{
|
{
|
||||||
/* Determine KDF algorithm the opaque PSK will be used in. */
|
/* Determine KDF algorithm the opaque PSK will be used in. */
|
||||||
#if defined(HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
|
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
|
||||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
|
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
|
||||||
else
|
else
|
||||||
#endif /* HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
|
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||||
|
|
|
||||||
|
|
@ -2261,11 +2261,11 @@ int main( int argc, char *argv[] )
|
||||||
if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 )
|
if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 )
|
||||||
{
|
{
|
||||||
/* Determine KDF algorithm the opaque PSK will be used in. */
|
/* Determine KDF algorithm the opaque PSK will be used in. */
|
||||||
#if defined(HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
|
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
|
||||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
|
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
|
||||||
else
|
else
|
||||||
#endif /* HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
|
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||||
|
|
|
||||||
|
|
@ -297,49 +297,23 @@ int send_cb( void *ctx, unsigned char const *buf, size_t len )
|
||||||
#define MBEDTLS_SSL_SIG_ALG( hash )
|
#define MBEDTLS_SSL_SIG_ALG( hash )
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
|
||||||
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
|
|
||||||
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) )
|
|
||||||
#define HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
|
||||||
#endif
|
|
||||||
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
|
||||||
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
|
|
||||||
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) )
|
|
||||||
#define HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
|
||||||
#endif
|
|
||||||
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
|
||||||
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
|
|
||||||
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) )
|
|
||||||
#define HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
|
||||||
#endif
|
|
||||||
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
|
||||||
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
|
|
||||||
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) )
|
|
||||||
#define HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
|
||||||
#endif
|
|
||||||
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
|
||||||
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
|
|
||||||
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) )
|
|
||||||
#define HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
|
||||||
#endif
|
|
||||||
|
|
||||||
uint16_t ssl_sig_algs_for_test[] = {
|
uint16_t ssl_sig_algs_for_test[] = {
|
||||||
#if defined(HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA512 )
|
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA512 )
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA384 )
|
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA384 )
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA256 )
|
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA256 )
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA224 )
|
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA224 )
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_RSA_C) && defined(HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
|
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
|
||||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */
|
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */
|
||||||
#if defined(HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||||
/* Allow SHA-1 as we use it extensively in tests. */
|
/* Allow SHA-1 as we use it extensively in tests. */
|
||||||
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA1 )
|
MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA1 )
|
||||||
#endif
|
#endif
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue