diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index aa4595706..1ddc997c6 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -1108,7 +1108,7 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, int is_ca, int max_pathlen ); -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_SHA1_C) || ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) ) /** * \brief Set the subjectKeyIdentifier extension for a CRT * Requires that mbedtls_x509write_crt_set_subject_key() has been @@ -1130,7 +1130,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_SHA1_C || (MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_1)*/ /** * \brief Set the Key Usage Extension flags diff --git a/library/x509.c b/library/x509.c index 249034b66..aa3951799 100644 --- a/library/x509.c +++ b/library/x509.c @@ -62,6 +62,8 @@ #include #endif +#include "legacy_or_psa.h" + #define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); } #define CHECK_RANGE(min, max, val) \ do \ @@ -138,31 +140,31 @@ static inline const char* md_type_to_string( mbedtls_md_type_t md_alg ) { switch( md_alg ) { -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA) case MBEDTLS_MD_MD5: return( "MD5" ); #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA) case MBEDTLS_MD_SHA1: return( "SHA1" ); #endif -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA) case MBEDTLS_MD_SHA224: return( "SHA224" ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA) case MBEDTLS_MD_SHA256: return( "SHA256" ); #endif -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA) case MBEDTLS_MD_SHA384: return( "SHA384" ); #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA) case MBEDTLS_MD_SHA512: return( "SHA512" ); #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA) case MBEDTLS_MD_RIPEMD160: return( "RIPEMD160" ); #endif diff --git a/library/x509write_crt.c b/library/x509write_crt.c index c565b60d1..6898bd410 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -46,6 +46,8 @@ #include "hash_info.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#include "legacy_or_psa.h" + void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) { memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); @@ -172,7 +174,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, is_ca, buf + sizeof(buf) - len, len ) ); } -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA) static int mbedtls_x509write_crt_set_key_identifier( mbedtls_x509write_cert *ctx, int is_ca, unsigned char tag ) @@ -254,7 +256,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert * 1, (MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0) ); } -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA */ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, unsigned int key_usage )