mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-30 15:32:58 +00:00
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
This commit is contained in:
commit
9b811658a8
@ -171,7 +171,7 @@ after_failure:
|
||||
env:
|
||||
global:
|
||||
- SEED=1
|
||||
- secure: "JECCru6HASpKZ0OLfHh8f/KXhKkdrCwjquZghd/qbA4ksxsWImjR7KEPERcaPndXEilzhDbKwuFvJiQX2duVgTGoq745YGhLZIjzo1i8tySkceCVd48P8WceYGz+F/bmY7r+m6fFNuxDSoGGSVeA4Lnjvmm8PFUP45YodDV9no4="
|
||||
- secure: "GF/Fde5fkm15T/RNykrjrPV5Uh1KJ70cP308igL6Xkk3eJmqkkmWCe9JqRH12J3TeWw2fu9PYPHt6iFSg6jasgqysfUyg+W03knRT5QNn3h5eHgt36cQJiJr6t3whPrRaiM6U9omE0evm+c0cAwlkA3GGSMw8Z+na4EnKI6OFCo="
|
||||
|
||||
install:
|
||||
- $PYTHON scripts/min_requirements.py
|
||||
|
4
3rdparty/p256-m/p256-m/p256-m.c
vendored
4
3rdparty/p256-m/p256-m/p256-m.c
vendored
@ -199,10 +199,12 @@ static uint64_t u32_muladd64(uint32_t x, uint32_t y, uint32_t z, uint32_t t);
|
||||
* Currently assembly optimisations are only supported with GCC/Clang for
|
||||
* Arm's Cortex-A and Cortex-M lines of CPUs, which start with the v6-M and
|
||||
* v7-M architectures. __ARM_ARCH_PROFILE is not defined for v6 and earlier.
|
||||
* Thumb and 32-bit assembly is supported; aarch64 is not supported.
|
||||
*/
|
||||
#if defined(__GNUC__) &&\
|
||||
defined(__ARM_ARCH) && __ARM_ARCH >= 6 && defined(__ARM_ARCH_PROFILE) && \
|
||||
( __ARM_ARCH_PROFILE == 77 || __ARM_ARCH_PROFILE == 65 ) /* 'M' or 'A' */
|
||||
( __ARM_ARCH_PROFILE == 77 || __ARM_ARCH_PROFILE == 65 ) /* 'M' or 'A' */ && \
|
||||
!defined(__aarch64__)
|
||||
|
||||
/*
|
||||
* This set of CPUs is conveniently partitioned as follows:
|
||||
|
4
ChangeLog.d/config_psa-include-order.txt
Normal file
4
ChangeLog.d/config_psa-include-order.txt
Normal file
@ -0,0 +1,4 @@
|
||||
Bugfix
|
||||
* Fix a build error in some configurations with MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
enabled, where some low-level modules required by requested PSA crypto
|
||||
features were not getting automatically enabled. Fixes #7420.
|
2
ChangeLog.d/fix-iar-compiler-warnings.txt
Normal file
2
ChangeLog.d/fix-iar-compiler-warnings.txt
Normal file
@ -0,0 +1,2 @@
|
||||
Bugfix
|
||||
* Fix IAR compiler warnings.
|
4
ChangeLog.d/fix-tls-padbuf-zeroization
Normal file
4
ChangeLog.d/fix-tls-padbuf-zeroization
Normal file
@ -0,0 +1,4 @@
|
||||
Security
|
||||
* Fix a case where potentially sensitive information held in memory would not
|
||||
be completely zeroized during TLS 1.2 handshake, in both server and client
|
||||
configurations.
|
8
ChangeLog.d/initialize-struct-get-other-name.txt
Normal file
8
ChangeLog.d/initialize-struct-get-other-name.txt
Normal file
@ -0,0 +1,8 @@
|
||||
Bugfix
|
||||
* Fix an issue when parsing an otherName subject alternative name into a
|
||||
mbedtls_x509_san_other_name struct. The type-id of the otherName was not
|
||||
copied to the struct. This meant that the struct had incomplete
|
||||
information about the otherName SAN and contained uninitialized memory.
|
||||
* Fix the detection of HardwareModuleName otherName SANs. These were being
|
||||
detected by comparing the wrong field and the check was erroneously
|
||||
inverted.
|
@ -186,6 +186,15 @@ typedef uint64_t mbedtls_t_udbl;
|
||||
#endif /* !MBEDTLS_NO_UDBL_DIVISION */
|
||||
#endif /* !MBEDTLS_HAVE_INT64 */
|
||||
|
||||
/*
|
||||
* Sanity check that exactly one of MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64 is defined,
|
||||
* so that code elsewhere doesn't have to check.
|
||||
*/
|
||||
#if (!(defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64))) || \
|
||||
(defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64))
|
||||
#error "Only 32-bit or 64-bit limbs are supported in bignum"
|
||||
#endif
|
||||
|
||||
/** \typedef mbedtls_mpi_uint
|
||||
* \brief The type of machine digits in a bignum, called _limbs_.
|
||||
*
|
||||
|
@ -120,165 +120,11 @@
|
||||
#include "mbedtls/config_psa.h"
|
||||
#endif
|
||||
|
||||
/* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C.
|
||||
* This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C.
|
||||
*/
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
#define MBEDTLS_MD_LIGHT
|
||||
#endif
|
||||
#include "mbedtls/config_adjust_legacy_crypto.h"
|
||||
|
||||
/* Auto-enable MBEDTLS_MD_LIGHT if needed by a module that didn't require it
|
||||
* in a previous release, to ensure backwards compatibility.
|
||||
*/
|
||||
#if defined(MBEDTLS_ECJPAKE_C) || \
|
||||
defined(MBEDTLS_PEM_PARSE_C) || \
|
||||
defined(MBEDTLS_ENTROPY_C) || \
|
||||
defined(MBEDTLS_PK_C) || \
|
||||
defined(MBEDTLS_PKCS12_C) || \
|
||||
defined(MBEDTLS_RSA_C) || \
|
||||
defined(MBEDTLS_SSL_TLS_C) || \
|
||||
defined(MBEDTLS_X509_USE_C) || \
|
||||
defined(MBEDTLS_X509_CREATE_C)
|
||||
#define MBEDTLS_MD_LIGHT
|
||||
#endif
|
||||
#include "mbedtls/config_adjust_x509.h"
|
||||
|
||||
/* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols:
|
||||
* - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions
|
||||
* for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for
|
||||
* some reason, then MBEDTLS_ECP_LIGHT should be enabled as well.
|
||||
* - MBEDTLS_PK_PARSE_EC_EXTENDED and MBEDTLS_PK_PARSE_EC_COMPRESSED because
|
||||
* these features are not supported in PSA so the only way to have them is
|
||||
* to enable the built-in solution.
|
||||
* Both of them are temporary dependencies:
|
||||
* - PK_PARSE_EC_EXTENDED will be removed after #7779 and #7789
|
||||
* - support for compressed points should also be added to PSA, but in this
|
||||
* case there is no associated issue to track it yet.
|
||||
* - PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE because Weierstrass key derivation
|
||||
* still depends on ECP_LIGHT.
|
||||
* - PK_C + USE_PSA + PSA_WANT_ALG_ECDSA is a temporary dependency which will
|
||||
* be fixed by #7453.
|
||||
*/
|
||||
#if defined(MBEDTLS_ECP_C) || \
|
||||
defined(MBEDTLS_PK_PARSE_EC_EXTENDED) || \
|
||||
defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
|
||||
#define MBEDTLS_ECP_LIGHT
|
||||
#endif
|
||||
|
||||
/* MBEDTLS_PK_PARSE_EC_COMPRESSED is introduced in MbedTLS version 3.5, while
|
||||
* in previous version compressed points were automatically supported as long
|
||||
* as PK_PARSE_C and ECP_C were enabled. As a consequence, for backward
|
||||
* compatibility, we auto-enable PK_PARSE_EC_COMPRESSED when these conditions
|
||||
* are met. */
|
||||
#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_ECP_C)
|
||||
#define MBEDTLS_PK_PARSE_EC_COMPRESSED
|
||||
#endif
|
||||
|
||||
/* Helper symbol to state that there is support for ECDH, either through
|
||||
* library implementation (ECDH_C) or through PSA. */
|
||||
#if (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_ECDH)) || \
|
||||
(!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C))
|
||||
#define MBEDTLS_CAN_ECDH
|
||||
#endif
|
||||
|
||||
/* PK module can achieve ECDSA functionalities by means of either software
|
||||
* implementations (ECDSA_C) or through a PSA driver. The following defines
|
||||
* are meant to list these capabilities in a general way which abstracts how
|
||||
* they are implemented under the hood. */
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_SIGN
|
||||
#define MBEDTLS_PK_CAN_ECDSA_VERIFY
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
#if defined(PSA_WANT_ALG_ECDSA)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_SIGN
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_VERIFY
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
#endif /* PSA_WANT_ALG_ECDSA */
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) || defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_SOME
|
||||
#endif
|
||||
|
||||
/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
* is defined as well to include all PSA code.
|
||||
*/
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
#define MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
||||
/* The PK wrappers need pk_write functions to format RSA key objects
|
||||
* when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO,
|
||||
* and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). */
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C)
|
||||
#define MBEDTLS_PK_C
|
||||
#define MBEDTLS_PK_WRITE_C
|
||||
#define MBEDTLS_PK_PARSE_C
|
||||
#endif
|
||||
|
||||
/* Helper symbol to state that the PK module has support for EC keys. This
|
||||
* can either be provided through the legacy ECP solution or through the
|
||||
* PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA (see pk.h for its description). */
|
||||
#if defined(MBEDTLS_ECP_C) || \
|
||||
(defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
|
||||
#define MBEDTLS_PK_HAVE_ECC_KEYS
|
||||
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */
|
||||
|
||||
/* The following blocks make it easier to disable all of TLS,
|
||||
* or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all
|
||||
* key exchanges, options and extensions related to them. */
|
||||
|
||||
#if !defined(MBEDTLS_SSL_TLS_C)
|
||||
#undef MBEDTLS_SSL_CLI_C
|
||||
#undef MBEDTLS_SSL_SRV_C
|
||||
#undef MBEDTLS_SSL_PROTO_TLS1_3
|
||||
#undef MBEDTLS_SSL_PROTO_TLS1_2
|
||||
#undef MBEDTLS_SSL_PROTO_DTLS
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY
|
||||
#undef MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
#undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT
|
||||
#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||
#undef MBEDTLS_SSL_DTLS_SRTP
|
||||
#undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
#undef MBEDTLS_SSL_ENCRYPT_THEN_MAC
|
||||
#undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET
|
||||
#undef MBEDTLS_SSL_RENEGOTIATION
|
||||
#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
#undef MBEDTLS_SSL_EARLY_DATA
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
|
||||
(defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED))
|
||||
#define MBEDTLS_SSL_TLS1_2_SOME_ECC
|
||||
#endif
|
||||
#include "mbedtls/config_adjust_ssl.h"
|
||||
|
||||
/* Make sure all configuration symbols are set before including check_config.h,
|
||||
* even the ones that are calculated programmatically. */
|
||||
|
@ -77,7 +77,8 @@ extern "C" {
|
||||
typedef struct mbedtls_ccm_context {
|
||||
unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */
|
||||
unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */
|
||||
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
|
||||
int MBEDTLS_PRIVATE(state); /*!< Working value holding context's
|
||||
state. Used for chunked data input */
|
||||
size_t MBEDTLS_PRIVATE(plaintext_len); /*!< Total plaintext length */
|
||||
size_t MBEDTLS_PRIVATE(add_len); /*!< Total authentication data length */
|
||||
size_t MBEDTLS_PRIVATE(tag_len); /*!< Total tag length */
|
||||
@ -87,15 +88,13 @@ typedef struct mbedtls_ccm_context {
|
||||
and plaintext/ciphertext.
|
||||
This variable is set to zero after
|
||||
auth data input is finished. */
|
||||
unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */
|
||||
unsigned char MBEDTLS_PRIVATE(mode); /*!< The operation to perform:
|
||||
unsigned int MBEDTLS_PRIVATE(q); /*!< The Q working value */
|
||||
unsigned int MBEDTLS_PRIVATE(mode); /*!< The operation to perform:
|
||||
#MBEDTLS_CCM_ENCRYPT or
|
||||
#MBEDTLS_CCM_DECRYPT or
|
||||
#MBEDTLS_CCM_STAR_ENCRYPT or
|
||||
#MBEDTLS_CCM_STAR_DECRYPT. */
|
||||
int MBEDTLS_PRIVATE(state); /*!< Working value holding context's
|
||||
state. Used for chunked data
|
||||
input */
|
||||
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
|
||||
}
|
||||
mbedtls_ccm_context;
|
||||
|
||||
|
164
include/mbedtls/config_adjust_legacy_crypto.h
Normal file
164
include/mbedtls/config_adjust_legacy_crypto.h
Normal file
@ -0,0 +1,164 @@
|
||||
/**
|
||||
* \file mbedtls/config_adjust_legacy_crypto.h
|
||||
* \brief Adjust legacy configuration configuration
|
||||
*
|
||||
* Automatically enable certain dependencies. Generally, MBEDLTS_xxx
|
||||
* configurations need to be explicitly enabled by the user: enabling
|
||||
* MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a
|
||||
* compilation error. However, we do automatically enable certain options
|
||||
* in some circumstances. One case is if MBEDTLS_xxx_B is an internal option
|
||||
* used to identify parts of a module that are used by other module, and we
|
||||
* don't want to make the symbol MBEDTLS_xxx_B part of the public API.
|
||||
* Another case is if A didn't depend on B in earlier versions, and we
|
||||
* want to use B in A but we need to preserve backward compatibility with
|
||||
* configurations that explicitly activate MBEDTLS_xxx_A but not
|
||||
* MBEDTLS_xxx_B.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
|
||||
#define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
|
||||
|
||||
/*
|
||||
* ECB, CBC, XTS, KW modes require both ENCRYPT and DECRYPT directions.
|
||||
* MBEDTLS_CIPHER_ENCRYPT_ONLY is only enabled when those modes
|
||||
* are not requested via the PSA API and are not enabled in the legacy API.
|
||||
*
|
||||
* Note: XTS, KW are not yet supported via the PSA API in Mbed TLS.
|
||||
*/
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
|
||||
#if !defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
|
||||
!defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
|
||||
!defined(PSA_WANT_ALG_CBC_PKCS7) && \
|
||||
!defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
!defined(MBEDTLS_CIPHER_MODE_XTS) && \
|
||||
!defined(MBEDTLS_NIST_KW_C)
|
||||
#define MBEDTLS_CIPHER_ENCRYPT_ONLY 1
|
||||
#endif
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
|
||||
|
||||
/* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C.
|
||||
* This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C.
|
||||
*/
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
#define MBEDTLS_MD_LIGHT
|
||||
#endif
|
||||
|
||||
/* Auto-enable MBEDTLS_MD_LIGHT if needed by a module that didn't require it
|
||||
* in a previous release, to ensure backwards compatibility.
|
||||
*/
|
||||
#if defined(MBEDTLS_ECJPAKE_C) || \
|
||||
defined(MBEDTLS_PEM_PARSE_C) || \
|
||||
defined(MBEDTLS_ENTROPY_C) || \
|
||||
defined(MBEDTLS_PK_C) || \
|
||||
defined(MBEDTLS_PKCS12_C) || \
|
||||
defined(MBEDTLS_RSA_C) || \
|
||||
defined(MBEDTLS_SSL_TLS_C) || \
|
||||
defined(MBEDTLS_X509_USE_C) || \
|
||||
defined(MBEDTLS_X509_CREATE_C)
|
||||
#define MBEDTLS_MD_LIGHT
|
||||
#endif
|
||||
|
||||
/* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols:
|
||||
* - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions
|
||||
* for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for
|
||||
* some reason, then MBEDTLS_ECP_LIGHT should be enabled as well.
|
||||
* - MBEDTLS_PK_PARSE_EC_EXTENDED and MBEDTLS_PK_PARSE_EC_COMPRESSED because
|
||||
* these features are not supported in PSA so the only way to have them is
|
||||
* to enable the built-in solution.
|
||||
* Both of them are temporary dependencies:
|
||||
* - PK_PARSE_EC_EXTENDED will be removed after #7779 and #7789
|
||||
* - support for compressed points should also be added to PSA, but in this
|
||||
* case there is no associated issue to track it yet.
|
||||
* - PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE because Weierstrass key derivation
|
||||
* still depends on ECP_LIGHT.
|
||||
* - PK_C + USE_PSA + PSA_WANT_ALG_ECDSA is a temporary dependency which will
|
||||
* be fixed by #7453.
|
||||
*/
|
||||
#if defined(MBEDTLS_ECP_C) || \
|
||||
defined(MBEDTLS_PK_PARSE_EC_EXTENDED) || \
|
||||
defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
|
||||
#define MBEDTLS_ECP_LIGHT
|
||||
#endif
|
||||
|
||||
/* MBEDTLS_PK_PARSE_EC_COMPRESSED is introduced in MbedTLS version 3.5, while
|
||||
* in previous version compressed points were automatically supported as long
|
||||
* as PK_PARSE_C and ECP_C were enabled. As a consequence, for backward
|
||||
* compatibility, we auto-enable PK_PARSE_EC_COMPRESSED when these conditions
|
||||
* are met. */
|
||||
#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_ECP_C)
|
||||
#define MBEDTLS_PK_PARSE_EC_COMPRESSED
|
||||
#endif
|
||||
|
||||
/* Helper symbol to state that there is support for ECDH, either through
|
||||
* library implementation (ECDH_C) or through PSA. */
|
||||
#if (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_ECDH)) || \
|
||||
(!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C))
|
||||
#define MBEDTLS_CAN_ECDH
|
||||
#endif
|
||||
|
||||
/* PK module can achieve ECDSA functionalities by means of either software
|
||||
* implementations (ECDSA_C) or through a PSA driver. The following defines
|
||||
* are meant to list these capabilities in a general way which abstracts how
|
||||
* they are implemented under the hood. */
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_SIGN
|
||||
#define MBEDTLS_PK_CAN_ECDSA_VERIFY
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
#if defined(PSA_WANT_ALG_ECDSA)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_SIGN
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_VERIFY
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
#endif /* PSA_WANT_ALG_ECDSA */
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) || defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
|
||||
#define MBEDTLS_PK_CAN_ECDSA_SOME
|
||||
#endif
|
||||
|
||||
/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
* is defined as well to include all PSA code.
|
||||
*/
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
#define MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
||||
/* The PK wrappers need pk_write functions to format RSA key objects
|
||||
* when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO,
|
||||
* and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). */
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C)
|
||||
#define MBEDTLS_PK_C
|
||||
#define MBEDTLS_PK_WRITE_C
|
||||
#define MBEDTLS_PK_PARSE_C
|
||||
#endif
|
||||
|
||||
/* Helper symbol to state that the PK module has support for EC keys. This
|
||||
* can either be provided through the legacy ECP solution or through the
|
||||
* PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA (see pk.h for its description). */
|
||||
#if defined(MBEDTLS_ECP_C) || \
|
||||
(defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
|
||||
#define MBEDTLS_PK_HAVE_ECC_KEYS
|
||||
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */
|
641
include/mbedtls/config_adjust_legacy_from_psa.h
Normal file
641
include/mbedtls/config_adjust_legacy_from_psa.h
Normal file
@ -0,0 +1,641 @@
|
||||
/**
|
||||
* \file mbedtls/config_adjust_legacy_from_psa.h
|
||||
* \brief Adjust PSA configuration: activate legacy implementations
|
||||
*
|
||||
* When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, activate legacy implementations
|
||||
* of cryptographic mechanisms as needed to fulfill the needs of the PSA
|
||||
* configuration. Generally speaking, we activate a legacy mechanism if
|
||||
* it's needed for a requested PSA mechanism and there is no PSA driver
|
||||
* for it.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
|
||||
#define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
|
||||
|
||||
#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
|
||||
#define MBEDTLS_ECDSA_DETERMINISTIC
|
||||
#define MBEDTLS_ECDSA_C
|
||||
#define MBEDTLS_HMAC_DRBG_C
|
||||
#define MBEDTLS_MD_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */
|
||||
#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
|
||||
|
||||
#if defined(PSA_WANT_ALG_ECDH)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
|
||||
#define MBEDTLS_ECDH_C
|
||||
#define MBEDTLS_ECP_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
|
||||
#endif /* PSA_WANT_ALG_ECDH */
|
||||
|
||||
#if defined(PSA_WANT_ALG_ECDSA)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
|
||||
#define MBEDTLS_ECDSA_C
|
||||
#define MBEDTLS_ECP_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_ASN1_PARSE_C
|
||||
#define MBEDTLS_ASN1_WRITE_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
|
||||
#endif /* PSA_WANT_ALG_ECDSA */
|
||||
|
||||
#if defined(PSA_WANT_ALG_FFDH)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */
|
||||
#endif /* PSA_WANT_ALG_FFDH */
|
||||
|
||||
#if defined(PSA_WANT_ALG_HKDF)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
|
||||
#endif /* PSA_WANT_ALG_HKDF */
|
||||
|
||||
#if defined(PSA_WANT_ALG_HKDF_EXTRACT)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
|
||||
#endif /* PSA_WANT_ALG_HKDF_EXTRACT */
|
||||
|
||||
#if defined(PSA_WANT_ALG_HKDF_EXPAND)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */
|
||||
#endif /* PSA_WANT_ALG_HKDF_EXPAND */
|
||||
|
||||
#if defined(PSA_WANT_ALG_HMAC)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
|
||||
#endif /* PSA_WANT_ALG_HMAC */
|
||||
|
||||
#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
|
||||
#define MBEDTLS_MD5_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_JPAKE)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
|
||||
#define MBEDTLS_PSA_BUILTIN_PAKE 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
|
||||
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_ECP_C
|
||||
#define MBEDTLS_ECJPAKE_C
|
||||
#endif /* MBEDTLS_PSA_ACCEL_ALG_JPAKE */
|
||||
#endif /* PSA_WANT_ALG_JPAKE */
|
||||
|
||||
#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
|
||||
#define MBEDTLS_RIPEMD160_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_RSA_OAEP)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
|
||||
#define MBEDTLS_RSA_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_OID_C
|
||||
#define MBEDTLS_PKCS1_V21
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
|
||||
#endif /* PSA_WANT_ALG_RSA_OAEP */
|
||||
|
||||
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
|
||||
#define MBEDTLS_RSA_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_OID_C
|
||||
#define MBEDTLS_PKCS1_V15
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
|
||||
#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
|
||||
|
||||
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
|
||||
#define MBEDTLS_RSA_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_OID_C
|
||||
#define MBEDTLS_PKCS1_V15
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
|
||||
#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
|
||||
|
||||
#if defined(PSA_WANT_ALG_RSA_PSS)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
|
||||
#define MBEDTLS_RSA_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_OID_C
|
||||
#define MBEDTLS_PKCS1_V21
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
|
||||
#endif /* PSA_WANT_ALG_RSA_PSS */
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
|
||||
#define MBEDTLS_SHA1_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
|
||||
#define MBEDTLS_SHA224_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
|
||||
#define MBEDTLS_SHA256_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
|
||||
#define MBEDTLS_SHA384_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
|
||||
#define MBEDTLS_SHA512_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
|
||||
#define MBEDTLS_SHA3_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
|
||||
#define MBEDTLS_SHA3_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
|
||||
#define MBEDTLS_SHA3_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
|
||||
#define MBEDTLS_SHA3_C
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_PBKDF2_HMAC)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
|
||||
#define PSA_HAVE_SOFT_PBKDF2_HMAC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
|
||||
#endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
|
||||
#endif /* PSA_WANT_ALG_PBKDF2_HMAC */
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_PRF)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
|
||||
#endif /* PSA_WANT_ALG_TLS12_PRF */
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
|
||||
#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
|
||||
|
||||
#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */
|
||||
#endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
|
||||
#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
|
||||
#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
|
||||
#define MBEDTLS_GENPRIME
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */
|
||||
#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */
|
||||
#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */
|
||||
#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
|
||||
#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */
|
||||
#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||
#define MBEDTLS_ECP_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */
|
||||
#endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||
#define MBEDTLS_RSA_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_OID_C
|
||||
#define MBEDTLS_PK_PARSE_C
|
||||
#define MBEDTLS_PK_WRITE_C
|
||||
#define MBEDTLS_PK_C
|
||||
#define MBEDTLS_ASN1_PARSE_C
|
||||
#define MBEDTLS_ASN1_WRITE_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
|
||||
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
|
||||
|
||||
/* If any of the block modes are requested that don't have an
|
||||
* associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
|
||||
* in the block cipher key types. */
|
||||
#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
|
||||
(defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
|
||||
(defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
|
||||
defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
|
||||
(defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
|
||||
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
|
||||
(defined(PSA_WANT_ALG_CBC_PKCS7) && \
|
||||
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
|
||||
(defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
|
||||
#define PSA_HAVE_SOFT_BLOCK_MODE 1
|
||||
#endif
|
||||
|
||||
#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \
|
||||
(defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM))
|
||||
#define PSA_HAVE_SOFT_BLOCK_AEAD 1
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
|
||||
#define PSA_HAVE_SOFT_PBKDF2_CMAC 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
|
||||
#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_AES)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
|
||||
#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
|
||||
#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_AEAD) || \
|
||||
defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
|
||||
#define MBEDTLS_AES_C
|
||||
#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_AES */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_ARIA)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
|
||||
#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
|
||||
#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_AEAD)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
|
||||
#define MBEDTLS_ARIA_C
|
||||
#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ARIA */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
|
||||
#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
|
||||
#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_AEAD)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
|
||||
#define MBEDTLS_CAMELLIA_C
|
||||
#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_DES)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
|
||||
#define PSA_HAVE_SOFT_KEY_TYPE_DES 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
|
||||
#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_MODE)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
|
||||
#define MBEDTLS_DES_C
|
||||
#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
|
||||
#endif /* PSA_WANT_KEY_TYPE_DES */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
|
||||
#define MBEDTLS_CHACHA20_C
|
||||
#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */
|
||||
#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
|
||||
|
||||
/* If any of the software block ciphers are selected, define
|
||||
* PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
|
||||
* situations. */
|
||||
#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
|
||||
#define PSA_HAVE_SOFT_BLOCK_CIPHER 1
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_STREAM_CIPHER)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
|
||||
#endif /* PSA_WANT_ALG_STREAM_CIPHER */
|
||||
|
||||
#if defined(PSA_WANT_ALG_CBC_MAC)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
|
||||
#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
|
||||
#endif /* PSA_WANT_ALG_CBC_MAC */
|
||||
|
||||
#if defined(PSA_WANT_ALG_CMAC)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || \
|
||||
defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
|
||||
#define MBEDTLS_CMAC_C
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
|
||||
#endif /* PSA_WANT_ALG_CMAC */
|
||||
|
||||
#if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
|
||||
defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
|
||||
#define PSA_HAVE_SOFT_PBKDF2 1
|
||||
#endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */
|
||||
|
||||
#if defined(PSA_WANT_ALG_CTR)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
|
||||
#define MBEDTLS_CIPHER_MODE_CTR
|
||||
#endif
|
||||
#endif /* PSA_WANT_ALG_CTR */
|
||||
|
||||
#if defined(PSA_WANT_ALG_CFB)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
|
||||
#define MBEDTLS_CIPHER_MODE_CFB
|
||||
#endif
|
||||
#endif /* PSA_WANT_ALG_CFB */
|
||||
|
||||
#if defined(PSA_WANT_ALG_OFB)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
|
||||
#define MBEDTLS_CIPHER_MODE_OFB
|
||||
#endif
|
||||
#endif /* PSA_WANT_ALG_OFB */
|
||||
|
||||
#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
|
||||
!defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
|
||||
#define MBEDTLS_CIPHER_MODE_CBC
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
|
||||
#endif
|
||||
#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
|
||||
|
||||
#if defined(PSA_WANT_ALG_CBC_PKCS7)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
|
||||
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
|
||||
#define MBEDTLS_CIPHER_MODE_CBC
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
|
||||
#define MBEDTLS_CIPHER_PADDING_PKCS7
|
||||
#endif
|
||||
#endif /* PSA_WANT_ALG_CBC_PKCS7 */
|
||||
|
||||
#if defined(PSA_WANT_ALG_CCM)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
|
||||
#define MBEDTLS_CCM_C
|
||||
#endif
|
||||
#endif /* PSA_WANT_ALG_CCM */
|
||||
|
||||
#if defined(PSA_WANT_ALG_GCM)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
|
||||
defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
|
||||
#define MBEDTLS_GCM_C
|
||||
#endif
|
||||
#endif /* PSA_WANT_ALG_GCM */
|
||||
|
||||
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
|
||||
#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
|
||||
#define MBEDTLS_CHACHAPOLY_C
|
||||
#define MBEDTLS_CHACHA20_C
|
||||
#define MBEDTLS_POLY1305_C
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
|
||||
#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
|
||||
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
|
||||
#define MBEDTLS_ECP_DP_BP256R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */
|
||||
#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)
|
||||
#define MBEDTLS_ECP_DP_BP384R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */
|
||||
#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)
|
||||
#define MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */
|
||||
#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_MONTGOMERY_255)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)
|
||||
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */
|
||||
#endif /* PSA_WANT_ECC_MONTGOMERY_255 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_MONTGOMERY_448)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
|
||||
#define MBEDTLS_ECP_DP_CURVE448_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */
|
||||
#endif /* PSA_WANT_ECC_MONTGOMERY_448 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_192)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)
|
||||
#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */
|
||||
#endif /* PSA_WANT_ECC_SECP_R1_192 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_224)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)
|
||||
#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */
|
||||
#endif /* PSA_WANT_ECC_SECP_R1_224 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_256)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)
|
||||
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */
|
||||
#endif /* PSA_WANT_ECC_SECP_R1_256 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_384)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)
|
||||
#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */
|
||||
#endif /* PSA_WANT_ECC_SECP_R1_384 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_521)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
|
||||
#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */
|
||||
#endif /* PSA_WANT_ECC_SECP_R1_521 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_K1_192)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)
|
||||
#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */
|
||||
#endif /* PSA_WANT_ECC_SECP_K1_192 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_K1_224)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
|
||||
/*
|
||||
* SECP224K1 is buggy via the PSA API in Mbed TLS
|
||||
* (https://github.com/Mbed-TLS/mbedtls/issues/3541).
|
||||
*/
|
||||
#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
|
||||
#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */
|
||||
#endif /* PSA_WANT_ECC_SECP_K1_224 */
|
||||
|
||||
#if defined(PSA_WANT_ECC_SECP_K1_256)
|
||||
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)
|
||||
#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
|
||||
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */
|
||||
#endif /* PSA_WANT_ECC_SECP_K1_256 */
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */
|
346
include/mbedtls/config_adjust_psa_from_legacy.h
Normal file
346
include/mbedtls/config_adjust_psa_from_legacy.h
Normal file
@ -0,0 +1,346 @@
|
||||
/**
|
||||
* \file mbedtls/config_adjust_psa_from_legacy.h
|
||||
* \brief Adjust PSA configuration: construct PSA configuration from legacy
|
||||
*
|
||||
* When MBEDTLS_PSA_CRYPTO_CONFIG is disabled, we automatically enable
|
||||
* cryptographic mechanisms through the PSA interface when the corresponding
|
||||
* legacy mechanism is enabled. In many cases, this just enables the PSA
|
||||
* wrapper code around the legacy implementation, but we also do this for
|
||||
* some mechanisms where PSA has its own independent implementation so
|
||||
* that high-level modules that can use either cryptographic API have the
|
||||
* same feature set in both cases.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
|
||||
#define MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
|
||||
|
||||
/*
|
||||
* Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
* is not defined
|
||||
*/
|
||||
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
|
||||
#define PSA_WANT_ALG_CCM 1
|
||||
#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
|
||||
#endif /* MBEDTLS_CCM_C */
|
||||
|
||||
#if defined(MBEDTLS_CMAC_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
|
||||
#define PSA_WANT_ALG_CMAC 1
|
||||
#endif /* MBEDTLS_CMAC_C */
|
||||
|
||||
#if defined(MBEDTLS_ECDH_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
|
||||
#define PSA_WANT_ALG_ECDH 1
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
|
||||
#define PSA_WANT_ALG_ECDSA 1
|
||||
#define PSA_WANT_ALG_ECDSA_ANY 1
|
||||
|
||||
// Only add in DETERMINISTIC support if ECDSA is also enabled
|
||||
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
|
||||
#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
|
||||
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
|
||||
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
|
||||
/* Normally we wouldn't enable this because it's not implemented in ecp.c,
|
||||
* but since it used to be available any time ECP_C was enabled, let's enable
|
||||
* it anyway for the sake of backwards compatibility */
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
|
||||
/* See comment for PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE above. */
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_DHM_C)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
|
||||
#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
|
||||
#define PSA_WANT_ALG_FFDH 1
|
||||
#define PSA_WANT_DH_FAMILY_RFC7919 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
|
||||
#endif /* MBEDTLS_DHM_C */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
|
||||
#define PSA_WANT_ALG_GCM 1
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
|
||||
/* Enable PSA HKDF algorithm if mbedtls HKDF is supported.
|
||||
* PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when
|
||||
* PSA HKDF is enabled, so enable both algorithms together
|
||||
* with PSA HKDF. */
|
||||
#if defined(MBEDTLS_HKDF_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||
#define PSA_WANT_ALG_HMAC 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
|
||||
#define PSA_WANT_ALG_HKDF 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
|
||||
#define PSA_WANT_ALG_HKDF_EXTRACT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
|
||||
#define PSA_WANT_ALG_HKDF_EXPAND 1
|
||||
#endif /* MBEDTLS_HKDF_C */
|
||||
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||
#define PSA_WANT_ALG_HMAC 1
|
||||
#define PSA_WANT_KEY_TYPE_HMAC 1
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
|
||||
#define PSA_WANT_ALG_TLS12_PRF 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
|
||||
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
|
||||
#define PSA_WANT_ALG_MD5 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECJPAKE_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_PAKE 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
|
||||
#define PSA_WANT_ALG_JPAKE 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
|
||||
#define PSA_WANT_ALG_RIPEMD160 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_PKCS1_V15)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
|
||||
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
|
||||
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
|
||||
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
|
||||
#endif /* MBEDTLS_PKCS1_V15 */
|
||||
#if defined(MBEDTLS_PKCS1_V21)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
|
||||
#define PSA_WANT_ALG_RSA_OAEP 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
|
||||
#define PSA_WANT_ALG_RSA_PSS 1
|
||||
#endif /* MBEDTLS_PKCS1_V21 */
|
||||
#if defined(MBEDTLS_GENPRIME)
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
|
||||
#endif /* MBEDTLS_GENPRIME */
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
|
||||
#define PSA_WANT_ALG_SHA_1 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
|
||||
#define PSA_WANT_ALG_SHA_224 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
|
||||
#define PSA_WANT_ALG_SHA_256 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
|
||||
#define PSA_WANT_ALG_SHA_384 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
|
||||
#define PSA_WANT_ALG_SHA_512 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA3_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
|
||||
#define PSA_WANT_ALG_SHA3_224 1
|
||||
#define PSA_WANT_ALG_SHA3_256 1
|
||||
#define PSA_WANT_ALG_SHA3_384 1
|
||||
#define PSA_WANT_ALG_SHA3_512 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
#define PSA_WANT_KEY_TYPE_AES 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
#define PSA_WANT_KEY_TYPE_ARIA 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
#define PSA_WANT_KEY_TYPE_CAMELLIA 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
#define PSA_WANT_KEY_TYPE_DES 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
|
||||
#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CHACHA20_C)
|
||||
#define PSA_WANT_KEY_TYPE_CHACHA20 1
|
||||
#define PSA_WANT_ALG_STREAM_CIPHER 1
|
||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
|
||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||
#define PSA_WANT_ALG_CHACHA20_POLY1305 1
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
|
||||
#define PSA_WANT_ALG_CBC_NO_PADDING 1
|
||||
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
|
||||
#define PSA_WANT_ALG_CBC_PKCS7 1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
|
||||
defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
|
||||
#define PSA_WANT_ALG_ECB_NO_PADDING 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
|
||||
#define PSA_WANT_ALG_CFB 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
|
||||
#define PSA_WANT_ALG_CTR 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_OFB)
|
||||
#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
|
||||
#define PSA_WANT_ALG_OFB 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
|
||||
#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
|
||||
#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
|
||||
#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
|
||||
#define PSA_WANT_ECC_MONTGOMERY_255 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
|
||||
#define PSA_WANT_ECC_MONTGOMERY_448 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
|
||||
#define PSA_WANT_ECC_SECP_R1_192 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
|
||||
#define PSA_WANT_ECC_SECP_R1_224 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
|
||||
#define PSA_WANT_ECC_SECP_R1_256 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
|
||||
#define PSA_WANT_ECC_SECP_R1_384 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
|
||||
#define PSA_WANT_ECC_SECP_R1_521 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
|
||||
#define PSA_WANT_ECC_SECP_K1_192 1
|
||||
#endif
|
||||
|
||||
/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */
|
||||
#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
|
||||
#define PSA_WANT_ECC_SECP_K1_224 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
|
||||
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
|
||||
#define PSA_WANT_ECC_SECP_K1_256 1
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H */
|
73
include/mbedtls/config_adjust_psa_superset_legacy.h
Normal file
73
include/mbedtls/config_adjust_psa_superset_legacy.h
Normal file
@ -0,0 +1,73 @@
|
||||
/**
|
||||
* \file mbedtls/config_adjust_psa_superset_legacy.h
|
||||
* \brief Adjust PSA configuration: automatic enablement from legacy
|
||||
*
|
||||
* To simplify some edge cases, we automatically enable certain cryptographic
|
||||
* mechanisms in the PSA API if they are enabled in the legacy API. The general
|
||||
* idea is that if legacy module M uses mechanism A internally, and A has
|
||||
* both a legacy and a PSA implementation, we enable A through PSA whenever
|
||||
* it's enabled through legacy. This facilitates the transition to PSA
|
||||
* implementations of A for users of M.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H
|
||||
#define MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H
|
||||
|
||||
/****************************************************************/
|
||||
/* Hashes that are built in are also enabled in PSA.
|
||||
* This simplifies dependency declarations especially
|
||||
* for modules that obey MBEDTLS_USE_PSA_CRYPTO. */
|
||||
/****************************************************************/
|
||||
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#define PSA_WANT_ALG_MD5 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#define PSA_WANT_ALG_RIPEMD160 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#define PSA_WANT_ALG_SHA_1 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#define PSA_WANT_ALG_SHA_224 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#define PSA_WANT_ALG_SHA_256 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#define PSA_WANT_ALG_SHA_384 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#define PSA_WANT_ALG_SHA_512 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA3_C)
|
||||
#define PSA_WANT_ALG_SHA3_224 1
|
||||
#define PSA_WANT_ALG_SHA3_256 1
|
||||
#define PSA_WANT_ALG_SHA3_384 1
|
||||
#define PSA_WANT_ALG_SHA3_512 1
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H */
|
88
include/mbedtls/config_adjust_ssl.h
Normal file
88
include/mbedtls/config_adjust_ssl.h
Normal file
@ -0,0 +1,88 @@
|
||||
/**
|
||||
* \file mbedtls/config_adjust_ssl.h
|
||||
* \brief Adjust TLS configuration
|
||||
*
|
||||
* Automatically enable certain dependencies. Generally, MBEDLTS_xxx
|
||||
* configurations need to be explicitly enabled by the user: enabling
|
||||
* MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a
|
||||
* compilation error. However, we do automatically enable certain options
|
||||
* in some circumstances. One case is if MBEDTLS_xxx_B is an internal option
|
||||
* used to identify parts of a module that are used by other module, and we
|
||||
* don't want to make the symbol MBEDTLS_xxx_B part of the public API.
|
||||
* Another case is if A didn't depend on B in earlier versions, and we
|
||||
* want to use B in A but we need to preserve backward compatibility with
|
||||
* configurations that explicitly activate MBEDTLS_xxx_A but not
|
||||
* MBEDTLS_xxx_B.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CONFIG_ADJUST_SSL_H
|
||||
#define MBEDTLS_CONFIG_ADJUST_SSL_H
|
||||
|
||||
/* The following blocks make it easier to disable all of TLS,
|
||||
* or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all
|
||||
* key exchanges, options and extensions related to them. */
|
||||
|
||||
#if !defined(MBEDTLS_SSL_TLS_C)
|
||||
#undef MBEDTLS_SSL_CLI_C
|
||||
#undef MBEDTLS_SSL_SRV_C
|
||||
#undef MBEDTLS_SSL_PROTO_TLS1_3
|
||||
#undef MBEDTLS_SSL_PROTO_TLS1_2
|
||||
#undef MBEDTLS_SSL_PROTO_DTLS
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY
|
||||
#undef MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
#undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT
|
||||
#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||
#undef MBEDTLS_SSL_DTLS_SRTP
|
||||
#undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
#undef MBEDTLS_SSL_ENCRYPT_THEN_MAC
|
||||
#undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET
|
||||
#undef MBEDTLS_SSL_RENEGOTIATION
|
||||
#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
#undef MBEDTLS_SSL_EARLY_DATA
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
|
||||
(defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED))
|
||||
#define MBEDTLS_SSL_TLS1_2_SOME_ECC
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_ADJUST_SSL_H */
|
37
include/mbedtls/config_adjust_x509.h
Normal file
37
include/mbedtls/config_adjust_x509.h
Normal file
@ -0,0 +1,37 @@
|
||||
/**
|
||||
* \file mbedtls/config_adjust_x509.h
|
||||
* \brief Adjust X.509 configuration
|
||||
*
|
||||
* Automatically enable certain dependencies. Generally, MBEDLTS_xxx
|
||||
* configurations need to be explicitly enabled by the user: enabling
|
||||
* MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a
|
||||
* compilation error. However, we do automatically enable certain options
|
||||
* in some circumstances. One case is if MBEDTLS_xxx_B is an internal option
|
||||
* used to identify parts of a module that are used by other module, and we
|
||||
* don't want to make the symbol MBEDTLS_xxx_B part of the public API.
|
||||
* Another case is if A didn't depend on B in earlier versions, and we
|
||||
* want to use B in A but we need to preserve backward compatibility with
|
||||
* configurations that explicitly activate MBEDTLS_xxx_A but not
|
||||
* MBEDTLS_xxx_B.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CONFIG_ADJUST_X509_H
|
||||
#define MBEDTLS_CONFIG_ADJUST_X509_H
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_ADJUST_X509_H */
|
File diff suppressed because it is too large
Load Diff
@ -115,10 +115,10 @@ mbedtls_entropy_source_state;
|
||||
* \brief Entropy context structure
|
||||
*/
|
||||
typedef struct mbedtls_entropy_context {
|
||||
mbedtls_md_context_t MBEDTLS_PRIVATE(accumulator);
|
||||
int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init.
|
||||
* 1 after the first update.
|
||||
* -1 after free. */
|
||||
mbedtls_md_context_t MBEDTLS_PRIVATE(accumulator);
|
||||
int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */
|
||||
mbedtls_entropy_source_state MBEDTLS_PRIVATE(source)[MBEDTLS_ENTROPY_MAX_SOURCES];
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
|
@ -85,6 +85,26 @@
|
||||
#define MBEDTLS_MD_RIPEMD160_VIA_PSA
|
||||
#define MBEDTLS_MD_SOME_PSA
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
|
||||
#define MBEDTLS_MD_CAN_SHA3_224
|
||||
#define MBEDTLS_MD_SHA3_224_VIA_PSA
|
||||
#define MBEDTLS_MD_SOME_PSA
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
|
||||
#define MBEDTLS_MD_CAN_SHA3_256
|
||||
#define MBEDTLS_MD_SHA3_256_VIA_PSA
|
||||
#define MBEDTLS_MD_SOME_PSA
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
|
||||
#define MBEDTLS_MD_CAN_SHA3_384
|
||||
#define MBEDTLS_MD_SHA3_384_VIA_PSA
|
||||
#define MBEDTLS_MD_SOME_PSA
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
|
||||
#define MBEDTLS_MD_CAN_SHA3_512
|
||||
#define MBEDTLS_MD_SHA3_512_VIA_PSA
|
||||
#define MBEDTLS_MD_SOME_PSA
|
||||
#endif
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
||||
/* Built-in implementations */
|
||||
@ -117,6 +137,7 @@
|
||||
#define MBEDTLS_MD_CAN_SHA3_256
|
||||
#define MBEDTLS_MD_CAN_SHA3_384
|
||||
#define MBEDTLS_MD_CAN_SHA3_512
|
||||
#define MBEDTLS_MD_SOME_LEGACY
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#define MBEDTLS_MD_CAN_RIPEMD160
|
||||
|
@ -270,6 +270,15 @@
|
||||
|
||||
#define MBEDTLS_OID_DIGEST_ALG_RIPEMD160 MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */
|
||||
|
||||
#define MBEDTLS_OID_DIGEST_ALG_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */
|
||||
|
||||
#define MBEDTLS_OID_DIGEST_ALG_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */
|
||||
|
||||
#define MBEDTLS_OID_DIGEST_ALG_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */
|
||||
|
||||
#define MBEDTLS_OID_DIGEST_ALG_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */
|
||||
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA224 MBEDTLS_OID_RSA_COMPANY "\x02\x08" /**< id-hmacWithSHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 8 } */
|
||||
@ -280,6 +289,16 @@
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA512 MBEDTLS_OID_RSA_COMPANY "\x02\x0B" /**< id-hmacWithSHA512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 11 } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x0d" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-224(13) } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x0e" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-256(14) } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x0f" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-384(15) } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x10" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-512(16) } */
|
||||
|
||||
#define MBEDTLS_OID_HMAC_RIPEMD160 MBEDTLS_OID_INTERNET "\x05\x05\x08\x01\x04" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= {iso(1) iso-identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1) hmacRIPEMD160(4)} */
|
||||
|
||||
/*
|
||||
* Encryption algorithms
|
||||
*/
|
||||
|
@ -145,6 +145,11 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
|
||||
#define MBEDTLS_IGNORE_RETURN(result) ((void) !(result))
|
||||
#endif
|
||||
|
||||
/* If the following macro is defined, the library is being built by the test
|
||||
* framework, and the framework is going to provide a replacement
|
||||
* mbedtls_platform_zeroize() using a preprocessor macro, so the function
|
||||
* declaration should be omitted. */
|
||||
#if !defined(MBEDTLS_TEST_DEFINES_ZEROIZE) //no-check-names
|
||||
/**
|
||||
* \brief Securely zeroize a buffer
|
||||
*
|
||||
@ -168,6 +173,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
|
||||
*
|
||||
*/
|
||||
void mbedtls_platform_zeroize(void *buf, size_t len);
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAVE_TIME_DATE)
|
||||
/**
|
||||
|
@ -50,9 +50,9 @@ extern "C" {
|
||||
* made in the call to mbedtls_sha256_starts().
|
||||
*/
|
||||
typedef struct mbedtls_sha256_context {
|
||||
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
|
||||
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
|
||||
uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */
|
||||
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
|
||||
int MBEDTLS_PRIVATE(is224); /*!< Determines which function to use:
|
||||
0: Use SHA-256, or 1: Use SHA-224. */
|
||||
}
|
||||
|
33
include/psa/crypto_adjust_auto_enabled.h
Normal file
33
include/psa/crypto_adjust_auto_enabled.h
Normal file
@ -0,0 +1,33 @@
|
||||
/**
|
||||
* \file psa/crypto_adjust_auto_enabled.h
|
||||
* \brief Adjust PSA configuration: enable always-on features
|
||||
*
|
||||
* Always enable certain features which require a negligible amount of code
|
||||
* to implement, to avoid some edge cases in the configuration combinatorics.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H
|
||||
#define PSA_CRYPTO_ADJUST_AUTO_ENABLED_H
|
||||
|
||||
#define PSA_WANT_KEY_TYPE_DERIVE 1
|
||||
#define PSA_WANT_KEY_TYPE_PASSWORD 1
|
||||
#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1
|
||||
#define PSA_WANT_KEY_TYPE_RAW_DATA 1
|
||||
|
||||
#endif /* PSA_CRYPTO_ADJUST_AUTO_ENABLED_H */
|
57
include/psa/crypto_adjust_config_synonyms.h
Normal file
57
include/psa/crypto_adjust_config_synonyms.h
Normal file
@ -0,0 +1,57 @@
|
||||
/**
|
||||
* \file psa/crypto_adjust_config_synonyms.h
|
||||
* \brief Adjust PSA configuration: enable quasi-synonyms
|
||||
*
|
||||
* When two features require almost the same code, we automatically enable
|
||||
* both when either one is requested, to reduce the combinatorics of
|
||||
* possible configurations.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H
|
||||
#define PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H
|
||||
|
||||
/****************************************************************/
|
||||
/* De facto synonyms */
|
||||
/****************************************************************/
|
||||
|
||||
#if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA)
|
||||
#define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY
|
||||
#elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA)
|
||||
#define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && !defined(PSA_WANT_ALG_CCM)
|
||||
#define PSA_WANT_ALG_CCM PSA_WANT_ALG_CCM_STAR_NO_TAG
|
||||
#elif !defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && defined(PSA_WANT_ALG_CCM)
|
||||
#define PSA_WANT_ALG_CCM_STAR_NO_TAG PSA_WANT_ALG_CCM
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
|
||||
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW
|
||||
#elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
|
||||
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS)
|
||||
#define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT
|
||||
#elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS)
|
||||
#define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS
|
||||
#endif
|
||||
|
||||
#endif /* PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H */
|
@ -45,6 +45,7 @@
|
||||
#include "mbedtls/sha1.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
#include "mbedtls/sha512.h"
|
||||
#include "mbedtls/sha3.h"
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
|
||||
@ -52,7 +53,11 @@
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
#define MBEDTLS_PSA_BUILTIN_HASH
|
||||
#endif
|
||||
|
||||
@ -76,6 +81,12 @@ typedef struct {
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
|
||||
mbedtls_sha512_context sha512;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
mbedtls_sha3_context sha3;
|
||||
#endif
|
||||
} MBEDTLS_PRIVATE(ctx);
|
||||
} mbedtls_psa_hash_operation_t;
|
||||
|
@ -87,6 +87,10 @@
|
||||
#define PSA_WANT_ALG_SHA_256 1
|
||||
#define PSA_WANT_ALG_SHA_384 1
|
||||
#define PSA_WANT_ALG_SHA_512 1
|
||||
#define PSA_WANT_ALG_SHA3_224 1
|
||||
#define PSA_WANT_ALG_SHA3_256 1
|
||||
#define PSA_WANT_ALG_SHA3_384 1
|
||||
#define PSA_WANT_ALG_SHA3_512 1
|
||||
#define PSA_WANT_ALG_STREAM_CIPHER 1
|
||||
#define PSA_WANT_ALG_TLS12_PRF 1
|
||||
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
|
||||
|
@ -125,28 +125,43 @@
|
||||
* This macro expands to a compile-time constant integer. This value
|
||||
* is the maximum size of a hash in bytes.
|
||||
*/
|
||||
/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
|
||||
/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-224,
|
||||
* 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
|
||||
* HMAC-SHA3-512. */
|
||||
/* Note: PSA_HASH_MAX_SIZE should be kept in sync with MBEDTLS_MD_MAX_SIZE,
|
||||
* see the note on MBEDTLS_MD_MAX_SIZE for details. */
|
||||
#if defined(PSA_WANT_ALG_SHA_512)
|
||||
#define PSA_HASH_MAX_SIZE 64
|
||||
#if defined(PSA_WANT_ALG_SHA3_224)
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 144
|
||||
#elif defined(PSA_WANT_ALG_SHA3_256)
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 136
|
||||
#elif defined(PSA_WANT_ALG_SHA_512)
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
|
||||
#elif defined(PSA_WANT_ALG_SHA_384)
|
||||
#define PSA_HASH_MAX_SIZE 48
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
|
||||
#elif defined(PSA_WANT_ALG_SHA3_384)
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 104
|
||||
#elif defined(PSA_WANT_ALG_SHA3_512)
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 72
|
||||
#elif defined(PSA_WANT_ALG_SHA_256)
|
||||
#define PSA_HASH_MAX_SIZE 32
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
|
||||
#elif defined(PSA_WANT_ALG_SHA_224)
|
||||
#define PSA_HASH_MAX_SIZE 28
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
|
||||
#else /* SHA-1 or smaller */
|
||||
#define PSA_HASH_MAX_SIZE 20
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
|
||||
#endif
|
||||
|
||||
#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA3_512)
|
||||
#define PSA_HASH_MAX_SIZE 64
|
||||
#elif defined(PSA_WANT_ALG_SHA_384) || defined(PSA_WANT_ALG_SHA3_384)
|
||||
#define PSA_HASH_MAX_SIZE 48
|
||||
#elif defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA3_256)
|
||||
#define PSA_HASH_MAX_SIZE 32
|
||||
#elif defined(PSA_WANT_ALG_SHA_224) || defined(PSA_WANT_ALG_SHA3_224)
|
||||
#define PSA_HASH_MAX_SIZE 28
|
||||
#else /* SHA-1 or smaller */
|
||||
#define PSA_HASH_MAX_SIZE 20
|
||||
#endif
|
||||
|
||||
/** \def PSA_MAC_MAX_SIZE
|
||||
*
|
||||
* Maximum size of a MAC.
|
||||
|
@ -77,38 +77,17 @@ size_t mbedtls_mpi_core_bitlen(const mbedtls_mpi_uint *A, size_t A_limbs)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint
|
||||
* into the storage form used by mbedtls_mpi. */
|
||||
static mbedtls_mpi_uint mpi_bigendian_to_host_c(mbedtls_mpi_uint a)
|
||||
{
|
||||
uint8_t i;
|
||||
unsigned char *a_ptr;
|
||||
mbedtls_mpi_uint tmp = 0;
|
||||
|
||||
for (i = 0, a_ptr = (unsigned char *) &a; i < ciL; i++, a_ptr++) {
|
||||
tmp <<= CHAR_BIT;
|
||||
tmp |= (mbedtls_mpi_uint) *a_ptr;
|
||||
}
|
||||
|
||||
return tmp;
|
||||
}
|
||||
|
||||
static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a)
|
||||
{
|
||||
if (MBEDTLS_IS_BIG_ENDIAN) {
|
||||
/* Nothing to do on bigendian systems. */
|
||||
return a;
|
||||
} else {
|
||||
switch (sizeof(mbedtls_mpi_uint)) {
|
||||
case 4:
|
||||
return (mbedtls_mpi_uint) MBEDTLS_BSWAP32((uint32_t) a);
|
||||
case 8:
|
||||
return (mbedtls_mpi_uint) MBEDTLS_BSWAP64((uint64_t) a);
|
||||
}
|
||||
|
||||
/* Fall back to C-based reordering if we don't know the byte order
|
||||
* or we couldn't use a compiler-specific builtin. */
|
||||
return mpi_bigendian_to_host_c(a);
|
||||
#if defined(MBEDTLS_HAVE_INT32)
|
||||
return (mbedtls_mpi_uint) MBEDTLS_BSWAP32(a);
|
||||
#elif defined(MBEDTLS_HAVE_INT64)
|
||||
return (mbedtls_mpi_uint) MBEDTLS_BSWAP64(a);
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -400,7 +400,6 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx,
|
||||
mbedtls_xor(ctx->y + offset, ctx->y + offset, local_output, use_len);
|
||||
|
||||
memcpy(output, local_output, use_len);
|
||||
mbedtls_platform_zeroize(local_output, 16);
|
||||
|
||||
if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
|
||||
if ((ret =
|
||||
|
@ -150,8 +150,13 @@ void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition,
|
||||
const unsigned char *src2,
|
||||
size_t len)
|
||||
{
|
||||
#if defined(MBEDTLS_CT_SIZE_64)
|
||||
const uint64_t mask = (uint64_t) condition;
|
||||
const uint64_t not_mask = (uint64_t) ~mbedtls_ct_compiler_opaque(condition);
|
||||
#else
|
||||
const uint32_t mask = (uint32_t) condition;
|
||||
const uint32_t not_mask = (uint32_t) ~mbedtls_ct_compiler_opaque(condition);
|
||||
#endif
|
||||
|
||||
/* If src2 is NULL, setup src2 so that we read from the destination address.
|
||||
*
|
||||
@ -165,11 +170,19 @@ void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition,
|
||||
/* dest[i] = c1 == c2 ? src[i] : dest[i] */
|
||||
size_t i = 0;
|
||||
#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS)
|
||||
#if defined(MBEDTLS_CT_SIZE_64)
|
||||
for (; (i + 8) <= len; i += 8) {
|
||||
uint64_t a = mbedtls_get_unaligned_uint64(src1 + i) & mask;
|
||||
uint64_t b = mbedtls_get_unaligned_uint64(src2 + i) & not_mask;
|
||||
mbedtls_put_unaligned_uint64(dest + i, a | b);
|
||||
}
|
||||
#else
|
||||
for (; (i + 4) <= len; i += 4) {
|
||||
uint32_t a = mbedtls_get_unaligned_uint32(src1 + i) & mask;
|
||||
uint32_t b = mbedtls_get_unaligned_uint32(src2 + i) & not_mask;
|
||||
mbedtls_put_unaligned_uint32(dest + i, a | b);
|
||||
}
|
||||
#endif /* defined(MBEDTLS_CT_SIZE_64) */
|
||||
#endif /* MBEDTLS_EFFICIENT_UNALIGNED_ACCESS */
|
||||
for (; i < len; i++) {
|
||||
dest[i] = (src1[i] & mask) | (src2[i] & not_mask);
|
||||
|
@ -48,8 +48,14 @@
|
||||
#pragma GCC diagnostic ignored "-Wredundant-decls"
|
||||
#endif
|
||||
|
||||
/* Disable asm under Memsan because it confuses Memsan and generates false errors */
|
||||
#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
|
||||
/* Disable asm under Memsan because it confuses Memsan and generates false errors.
|
||||
*
|
||||
* We also disable under Valgrind by default, because it's more useful
|
||||
* for Valgrind to test the plain C implementation. MBEDTLS_TEST_CONSTANT_FLOW_ASM //no-check-names
|
||||
* may be set to permit building asm under Valgrind.
|
||||
*/
|
||||
#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) || \
|
||||
(defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) && !defined(MBEDTLS_TEST_CONSTANT_FLOW_ASM)) //no-check-names
|
||||
#define MBEDTLS_CT_NO_ASM
|
||||
#elif defined(__has_feature)
|
||||
#if __has_feature(memory_sanitizer)
|
||||
@ -109,6 +115,28 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x)
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
* Selecting unified syntax is needed for gcc, and harmless on clang.
|
||||
*
|
||||
* This is needed because on Thumb 1, condition flags are always set, so
|
||||
* e.g. "negs" is supported but "neg" is not (on Thumb 2, both exist).
|
||||
*
|
||||
* Under Thumb 1 unified syntax, only the "negs" form is accepted, and
|
||||
* under divided syntax, only the "neg" form is accepted. clang only
|
||||
* supports unified syntax.
|
||||
*
|
||||
* On Thumb 2 and Arm, both compilers are happy with the "s" suffix,
|
||||
* although we don't actually care about setting the flags.
|
||||
*
|
||||
* For gcc, restore divided syntax afterwards - otherwise old versions of gcc
|
||||
* seem to apply unified syntax globally, which breaks other asm code.
|
||||
*/
|
||||
#if !defined(__clang__)
|
||||
#define RESTORE_ASM_SYNTAX ".syntax divided \n\t"
|
||||
#else
|
||||
#define RESTORE_ASM_SYNTAX
|
||||
#endif
|
||||
|
||||
/* Convert a number into a condition in constant time. */
|
||||
static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
|
||||
{
|
||||
@ -120,6 +148,34 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
|
||||
* Otherwise, we define a plain C fallback which (in May 2023) does not get optimised into
|
||||
* conditional instructions or branches by trunk clang, gcc, or MSVC v19.
|
||||
*/
|
||||
#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
|
||||
mbedtls_ct_uint_t s;
|
||||
asm volatile ("neg %x[s], %x[x] \n\t"
|
||||
"orr %x[x], %x[s], %x[x] \n\t"
|
||||
"asr %x[x], %x[x], 63"
|
||||
:
|
||||
[s] "=&r" (s),
|
||||
[x] "+&r" (x)
|
||||
:
|
||||
:
|
||||
);
|
||||
return (mbedtls_ct_condition_t) x;
|
||||
#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
|
||||
uint32_t s;
|
||||
asm volatile (".syntax unified \n\t"
|
||||
"negs %[s], %[x] \n\t"
|
||||
"orrs %[x], %[x], %[s] \n\t"
|
||||
"asrs %[x], %[x], #31 \n\t"
|
||||
RESTORE_ASM_SYNTAX
|
||||
:
|
||||
[s] "=&l" (s),
|
||||
[x] "+&l" (x)
|
||||
:
|
||||
:
|
||||
"cc" /* clobbers flag bits */
|
||||
);
|
||||
return (mbedtls_ct_condition_t) x;
|
||||
#else
|
||||
const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x);
|
||||
#if defined(_MSC_VER)
|
||||
/* MSVC has a warning about unary minus on unsigned, but this is
|
||||
@ -127,24 +183,98 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
return (mbedtls_ct_condition_t) (((mbedtls_ct_int_t) ((-xo) | -(xo >> 1))) >>
|
||||
(MBEDTLS_CT_SIZE - 1));
|
||||
// y is negative (i.e., top bit set) iff x is non-zero
|
||||
mbedtls_ct_int_t y = (-xo) | -(xo >> 1);
|
||||
|
||||
// extract only the sign bit of y so that y == 1 (if x is non-zero) or 0 (if x is zero)
|
||||
y = (((mbedtls_ct_uint_t) y) >> (MBEDTLS_CT_SIZE - 1));
|
||||
|
||||
// -y has all bits set (if x is non-zero), or all bits clear (if x is zero)
|
||||
return (mbedtls_ct_condition_t) (-y);
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
#endif
|
||||
}
|
||||
|
||||
static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
|
||||
mbedtls_ct_uint_t if1,
|
||||
mbedtls_ct_uint_t if0)
|
||||
{
|
||||
#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
|
||||
asm volatile ("and %x[if1], %x[if1], %x[condition] \n\t"
|
||||
"mvn %x[condition], %x[condition] \n\t"
|
||||
"and %x[condition], %x[condition], %x[if0] \n\t"
|
||||
"orr %x[condition], %x[if1], %x[condition]"
|
||||
:
|
||||
[condition] "+&r" (condition),
|
||||
[if1] "+&r" (if1)
|
||||
:
|
||||
[if0] "r" (if0)
|
||||
:
|
||||
);
|
||||
return (mbedtls_ct_uint_t) condition;
|
||||
#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
|
||||
asm volatile (".syntax unified \n\t"
|
||||
"ands %[if1], %[if1], %[condition] \n\t"
|
||||
"mvns %[condition], %[condition] \n\t"
|
||||
"ands %[condition], %[condition], %[if0] \n\t"
|
||||
"orrs %[condition], %[if1], %[condition] \n\t"
|
||||
RESTORE_ASM_SYNTAX
|
||||
:
|
||||
[condition] "+&l" (condition),
|
||||
[if1] "+&l" (if1)
|
||||
:
|
||||
[if0] "l" (if0)
|
||||
:
|
||||
"cc"
|
||||
);
|
||||
return (mbedtls_ct_uint_t) condition;
|
||||
#else
|
||||
mbedtls_ct_condition_t not_cond =
|
||||
(mbedtls_ct_condition_t) (~mbedtls_ct_compiler_opaque(condition));
|
||||
return (mbedtls_ct_uint_t) ((condition & if1) | (not_cond & if0));
|
||||
#endif
|
||||
}
|
||||
|
||||
static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
|
||||
{
|
||||
#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
|
||||
uint64_t s1;
|
||||
asm volatile ("eor %x[s1], %x[y], %x[x] \n\t"
|
||||
"sub %x[x], %x[x], %x[y] \n\t"
|
||||
"bic %x[x], %x[x], %x[s1] \n\t"
|
||||
"and %x[s1], %x[s1], %x[y] \n\t"
|
||||
"orr %x[s1], %x[x], %x[s1] \n\t"
|
||||
"asr %x[x], %x[s1], 63"
|
||||
: [s1] "=&r" (s1), [x] "+&r" (x)
|
||||
: [y] "r" (y)
|
||||
:
|
||||
);
|
||||
return (mbedtls_ct_condition_t) x;
|
||||
#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
|
||||
uint32_t s1;
|
||||
asm volatile (
|
||||
".syntax unified \n\t"
|
||||
#if defined(__thumb__) && !defined(__thumb2__)
|
||||
"movs %[s1], %[x] \n\t"
|
||||
"eors %[s1], %[s1], %[y] \n\t"
|
||||
#else
|
||||
"eors %[s1], %[x], %[y] \n\t"
|
||||
#endif
|
||||
"subs %[x], %[x], %[y] \n\t"
|
||||
"bics %[x], %[x], %[s1] \n\t"
|
||||
"ands %[y], %[s1], %[y] \n\t"
|
||||
"orrs %[x], %[x], %[y] \n\t"
|
||||
"asrs %[x], %[x], #31 \n\t"
|
||||
RESTORE_ASM_SYNTAX
|
||||
: [s1] "=&l" (s1), [x] "+&l" (x), [y] "+&l" (y)
|
||||
:
|
||||
:
|
||||
"cc"
|
||||
);
|
||||
return (mbedtls_ct_condition_t) x;
|
||||
#else
|
||||
/* Ensure that the compiler cannot optimise the following operations over x and y,
|
||||
* even if it knows the value of x and y.
|
||||
*/
|
||||
@ -173,6 +303,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe
|
||||
|
||||
// Convert to a condition (i.e., all bits set iff non-zero)
|
||||
return mbedtls_ct_bool(ret);
|
||||
#endif
|
||||
}
|
||||
|
||||
static inline mbedtls_ct_condition_t mbedtls_ct_uint_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
|
||||
@ -189,8 +320,8 @@ static inline unsigned char mbedtls_ct_uchar_in_range_if(unsigned char low,
|
||||
unsigned char c,
|
||||
unsigned char t)
|
||||
{
|
||||
const unsigned char co = (const unsigned char) mbedtls_ct_compiler_opaque(c);
|
||||
const unsigned char to = (const unsigned char) mbedtls_ct_compiler_opaque(t);
|
||||
const unsigned char co = (unsigned char) mbedtls_ct_compiler_opaque(c);
|
||||
const unsigned char to = (unsigned char) mbedtls_ct_compiler_opaque(t);
|
||||
|
||||
/* low_mask is: 0 if low <= c, 0x...ff if low > c */
|
||||
unsigned low_mask = ((unsigned) co - low) >> 8;
|
||||
|
@ -85,12 +85,14 @@ typedef ptrdiff_t mbedtls_ct_int_t;
|
||||
typedef uint64_t mbedtls_ct_condition_t;
|
||||
typedef uint64_t mbedtls_ct_uint_t;
|
||||
typedef int64_t mbedtls_ct_int_t;
|
||||
#define MBEDTLS_CT_SIZE_64
|
||||
#define MBEDTLS_CT_TRUE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(UINT64_MAX))
|
||||
#else
|
||||
/* Pointer size <= 32-bit, and no 64-bit MPIs */
|
||||
typedef uint32_t mbedtls_ct_condition_t;
|
||||
typedef uint32_t mbedtls_ct_uint_t;
|
||||
typedef int32_t mbedtls_ct_int_t;
|
||||
#define MBEDTLS_CT_SIZE_32
|
||||
#define MBEDTLS_CT_TRUE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(UINT32_MAX))
|
||||
#endif
|
||||
#define MBEDTLS_CT_FALSE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(0))
|
||||
|
@ -958,9 +958,8 @@ int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp,
|
||||
/*
|
||||
* Next two bytes are the namedcurve value
|
||||
*/
|
||||
tls_id = *(*buf)++;
|
||||
tls_id <<= 8;
|
||||
tls_id |= *(*buf)++;
|
||||
tls_id = MBEDTLS_GET_UINT16_BE(*buf, 0);
|
||||
*buf += 2;
|
||||
|
||||
if ((curve_info = mbedtls_ecp_curve_info_from_tls_id(tls_id)) == NULL) {
|
||||
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
|
||||
|
16
library/md.c
16
library/md.c
@ -231,6 +231,22 @@ static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info)
|
||||
#if defined(MBEDTLS_MD_SHA512_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return PSA_ALG_SHA_512;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA3_224_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA3_224:
|
||||
return PSA_ALG_SHA3_224;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA3_256_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA3_256:
|
||||
return PSA_ALG_SHA3_256;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA3_384_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA3_384:
|
||||
return PSA_ALG_SHA3_384;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_SHA3_512_VIA_PSA)
|
||||
case MBEDTLS_MD_SHA3_512:
|
||||
return PSA_ALG_SHA3_512;
|
||||
#endif
|
||||
default:
|
||||
return PSA_ALG_NONE;
|
||||
|
@ -760,6 +760,30 @@ static const oid_md_alg_t oid_md_alg[] =
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160"),
|
||||
MBEDTLS_MD_RIPEMD160,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_224)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_224, "id-sha3-224", "SHA-3-224"),
|
||||
MBEDTLS_MD_SHA3_224,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_256)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_256, "id-sha3-256", "SHA-3-256"),
|
||||
MBEDTLS_MD_SHA3_256,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_384)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_384, "id-sha3-384", "SHA-3-384"),
|
||||
MBEDTLS_MD_SHA3_384,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_512)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_512, "id-sha3-512", "SHA-3-512"),
|
||||
MBEDTLS_MD_SHA3_512,
|
||||
},
|
||||
#endif
|
||||
{
|
||||
NULL_OID_DESCRIPTOR,
|
||||
@ -796,7 +820,7 @@ static const oid_md_hmac_t oid_md_hmac[] =
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224"),
|
||||
MBEDTLS_MD_SHA224,
|
||||
},
|
||||
#endif
|
||||
#endif /* MBEDTLS_MD_CAN_SHA224 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256"),
|
||||
@ -815,6 +839,36 @@ static const oid_md_hmac_t oid_md_hmac[] =
|
||||
MBEDTLS_MD_SHA512,
|
||||
},
|
||||
#endif /* MBEDTLS_MD_CAN_SHA512 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_224)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_224, "hmacSHA3-224", "HMAC-SHA3-224"),
|
||||
MBEDTLS_MD_SHA3_224,
|
||||
},
|
||||
#endif /* MBEDTLS_MD_CAN_SHA3_224 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_256)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_256, "hmacSHA3-256", "HMAC-SHA3-256"),
|
||||
MBEDTLS_MD_SHA3_256,
|
||||
},
|
||||
#endif /* MBEDTLS_MD_CAN_SHA3_256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_384)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_384, "hmacSHA3-384", "HMAC-SHA3-384"),
|
||||
MBEDTLS_MD_SHA3_384,
|
||||
},
|
||||
#endif /* MBEDTLS_MD_CAN_SHA3_384 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA3_512)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_512, "hmacSHA3-512", "HMAC-SHA3-512"),
|
||||
MBEDTLS_MD_SHA3_512,
|
||||
},
|
||||
#endif /* MBEDTLS_MD_CAN_SHA3_512 */
|
||||
#if defined(MBEDTLS_MD_CAN_RIPEMD160)
|
||||
{
|
||||
OID_DESCRIPTOR(MBEDTLS_OID_HMAC_RIPEMD160, "hmacRIPEMD160", "HMAC-RIPEMD160"),
|
||||
MBEDTLS_MD_RIPEMD160,
|
||||
},
|
||||
#endif /* MBEDTLS_MD_CAN_RIPEMD160 */
|
||||
{
|
||||
NULL_OID_DESCRIPTOR,
|
||||
MBEDTLS_MD_NONE,
|
||||
|
@ -125,6 +125,26 @@ void mbedtls_platform_zeroize(void *buf, size_t len)
|
||||
SecureZeroMemory(buf, len);
|
||||
#else
|
||||
memset_func(buf, 0, len);
|
||||
#endif
|
||||
|
||||
#if defined(__GNUC__)
|
||||
/* For clang and recent gcc, pretend that we have some assembly that reads the
|
||||
* zero'd memory as an additional protection against being optimised away. */
|
||||
#if defined(__clang__) || (__GNUC__ >= 10)
|
||||
#if defined(__clang__)
|
||||
#pragma clang diagnostic push
|
||||
#pragma clang diagnostic ignored "-Wvla"
|
||||
#elif defined(MBEDTLS_COMPILER_IS_GCC)
|
||||
#pragma GCC diagnostic push
|
||||
#pragma GCC diagnostic ignored "-Wvla"
|
||||
#endif
|
||||
asm volatile ("" : : "m" (*(char (*)[len]) buf) :);
|
||||
#if defined(__clang__)
|
||||
#pragma clang diagnostic pop
|
||||
#elif defined(MBEDTLS_COMPILER_IS_GCC)
|
||||
#pragma GCC diagnostic pop
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
@ -64,6 +64,7 @@
|
||||
#include "mbedtls/cipher.h"
|
||||
#include "mbedtls/ccm.h"
|
||||
#include "mbedtls/cmac.h"
|
||||
#include "mbedtls/constant_time.h"
|
||||
#include "mbedtls/des.h"
|
||||
#include "mbedtls/ecdh.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
@ -104,9 +105,9 @@ static int key_type_is_raw_bytes(psa_key_type_t type)
|
||||
#define RNG_SEEDED 2
|
||||
|
||||
typedef struct {
|
||||
unsigned initialized : 1;
|
||||
unsigned rng_state : 2;
|
||||
unsigned drivers_initialized : 1;
|
||||
uint8_t initialized;
|
||||
uint8_t rng_state;
|
||||
uint8_t drivers_initialized;
|
||||
mbedtls_psa_random_context_t rng;
|
||||
} psa_global_data_t;
|
||||
|
||||
@ -152,9 +153,15 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
case 0:
|
||||
return PSA_SUCCESS;
|
||||
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH:
|
||||
case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
case MBEDTLS_ERR_AES_BAD_INPUT_DATA:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_ASN1_WRITE_C)
|
||||
case MBEDTLS_ERR_ASN1_OUT_OF_DATA:
|
||||
case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:
|
||||
case MBEDTLS_ERR_ASN1_INVALID_LENGTH:
|
||||
@ -165,26 +172,34 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
return PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||
case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
|
||||
#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
|
||||
case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
|
||||
case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH:
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
case MBEDTLS_ERR_CCM_BAD_INPUT:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
case MBEDTLS_ERR_CCM_AUTH_FAILED:
|
||||
return PSA_ERROR_INVALID_SIGNATURE;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CHACHA20_C)
|
||||
case MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||
case MBEDTLS_ERR_CHACHAPOLY_BAD_STATE:
|
||||
return PSA_ERROR_BAD_STATE;
|
||||
case MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED:
|
||||
return PSA_ERROR_INVALID_SIGNATURE;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_C)
|
||||
case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:
|
||||
@ -199,6 +214,7 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
return PSA_ERROR_INVALID_SIGNATURE;
|
||||
case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT:
|
||||
return PSA_ERROR_CORRUPTION_DETECTED;
|
||||
#endif
|
||||
|
||||
#if !(defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \
|
||||
defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE))
|
||||
@ -213,20 +229,24 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
return PSA_ERROR_INSUFFICIENT_ENTROPY;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
|
||||
case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
|
||||
case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
|
||||
case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
|
||||
return PSA_ERROR_INSUFFICIENT_ENTROPY;
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
case MBEDTLS_ERR_GCM_AUTH_FAILED:
|
||||
return PSA_ERROR_INVALID_SIGNATURE;
|
||||
case MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL:
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
case MBEDTLS_ERR_GCM_BAD_INPUT:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \
|
||||
defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
|
||||
@ -241,17 +261,24 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
return PSA_ERROR_INSUFFICIENT_ENTROPY;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MD_LIGHT)
|
||||
case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE:
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
case MBEDTLS_ERR_MD_BAD_INPUT_DATA:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
case MBEDTLS_ERR_MD_ALLOC_FAILED:
|
||||
return PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
case MBEDTLS_ERR_MD_FILE_IO_ERROR:
|
||||
return PSA_ERROR_STORAGE_FAILURE;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_BIGNUM_C)
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
case MBEDTLS_ERR_MPI_FILE_IO_ERROR:
|
||||
return PSA_ERROR_STORAGE_FAILURE;
|
||||
#endif
|
||||
case MBEDTLS_ERR_MPI_BAD_INPUT_DATA:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
case MBEDTLS_ERR_MPI_INVALID_CHARACTER:
|
||||
@ -266,14 +293,19 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
case MBEDTLS_ERR_MPI_ALLOC_FAILED:
|
||||
return PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PK_C)
|
||||
case MBEDTLS_ERR_PK_ALLOC_FAILED:
|
||||
return PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||
case MBEDTLS_ERR_PK_TYPE_MISMATCH:
|
||||
case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || defined(MBEDTLS_FS_IO) || \
|
||||
defined(MBEDTLS_PSA_ITS_FILE_C)
|
||||
case MBEDTLS_ERR_PK_FILE_IO_ERROR:
|
||||
return PSA_ERROR_STORAGE_FAILURE;
|
||||
#endif
|
||||
case MBEDTLS_ERR_PK_KEY_INVALID_VERSION:
|
||||
case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
@ -292,12 +324,14 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
return PSA_ERROR_INVALID_SIGNATURE;
|
||||
case MBEDTLS_ERR_PK_BUFFER_TOO_SMALL:
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
#endif
|
||||
|
||||
case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED:
|
||||
return PSA_ERROR_HARDWARE_FAILURE;
|
||||
case MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED:
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
case MBEDTLS_ERR_RSA_BAD_INPUT_DATA:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
case MBEDTLS_ERR_RSA_INVALID_PADDING:
|
||||
@ -315,7 +349,9 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
case MBEDTLS_ERR_RSA_RNG_FAILED:
|
||||
return PSA_ERROR_INSUFFICIENT_ENTROPY;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_LIGHT)
|
||||
case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
|
||||
case MBEDTLS_ERR_ECP_INVALID_KEY:
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
@ -331,8 +367,11 @@ psa_status_t mbedtls_to_psa_error(int ret)
|
||||
case MBEDTLS_ERR_ECP_RANDOM_FAILED:
|
||||
return PSA_ERROR_INSUFFICIENT_ENTROPY;
|
||||
|
||||
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||
case MBEDTLS_ERR_ECP_IN_PROGRESS:
|
||||
return PSA_OPERATION_INCOMPLETE;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED:
|
||||
return PSA_ERROR_CORRUPTION_DETECTED;
|
||||
@ -392,45 +431,71 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
|
||||
size_t *bits)
|
||||
{
|
||||
switch (grpid) {
|
||||
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP192R1:
|
||||
*bits = 192;
|
||||
return PSA_ECC_FAMILY_SECP_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP224R1:
|
||||
*bits = 224;
|
||||
return PSA_ECC_FAMILY_SECP_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP256R1:
|
||||
*bits = 256;
|
||||
return PSA_ECC_FAMILY_SECP_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP384R1:
|
||||
*bits = 384;
|
||||
return PSA_ECC_FAMILY_SECP_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP521R1:
|
||||
*bits = 521;
|
||||
return PSA_ECC_FAMILY_SECP_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_BP256R1:
|
||||
*bits = 256;
|
||||
return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_BP384R1:
|
||||
*bits = 384;
|
||||
return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_BP512R1:
|
||||
*bits = 512;
|
||||
return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
|
||||
case MBEDTLS_ECP_DP_CURVE25519:
|
||||
*bits = 255;
|
||||
return PSA_ECC_FAMILY_MONTGOMERY;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP192K1:
|
||||
*bits = 192;
|
||||
return PSA_ECC_FAMILY_SECP_K1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP224K1:
|
||||
*bits = 224;
|
||||
return PSA_ECC_FAMILY_SECP_K1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
|
||||
case MBEDTLS_ECP_DP_SECP256K1:
|
||||
*bits = 256;
|
||||
return PSA_ECC_FAMILY_SECP_K1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
|
||||
case MBEDTLS_ECP_DP_CURVE448:
|
||||
*bits = 448;
|
||||
return PSA_ECC_FAMILY_MONTGOMERY;
|
||||
#endif
|
||||
default:
|
||||
*bits = 0;
|
||||
return 0;
|
||||
@ -2356,7 +2421,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) {
|
||||
if (mbedtls_ct_memcmp(hash, actual_hash, actual_hash_length) != 0) {
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
}
|
||||
|
||||
@ -2405,7 +2470,7 @@ psa_status_t psa_hash_compare(psa_algorithm_t alg,
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
goto exit;
|
||||
}
|
||||
if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) {
|
||||
if (mbedtls_ct_memcmp(hash, actual_hash, actual_hash_length) != 0) {
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
}
|
||||
|
||||
@ -2787,7 +2852,7 @@ psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
goto exit;
|
||||
}
|
||||
if (mbedtls_psa_safer_memcmp(mac, actual_mac, actual_mac_length) != 0) {
|
||||
if (mbedtls_ct_memcmp(mac, actual_mac, actual_mac_length) != 0) {
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
goto exit;
|
||||
}
|
||||
|
@ -38,27 +38,6 @@
|
||||
*/
|
||||
int psa_can_do_hash(psa_algorithm_t hash_alg);
|
||||
|
||||
/** Constant-time buffer comparison
|
||||
*
|
||||
* \param[in] a Left-hand buffer for comparison.
|
||||
* \param[in] b Right-hand buffer for comparison.
|
||||
* \param n Amount of bytes to compare.
|
||||
*
|
||||
* \return 0 if the buffer contents are equal, non-zero otherwise
|
||||
*/
|
||||
static inline int mbedtls_psa_safer_memcmp(
|
||||
const uint8_t *a, const uint8_t *b, size_t n)
|
||||
{
|
||||
size_t i;
|
||||
unsigned char diff = 0;
|
||||
|
||||
for (i = 0; i < n; i++) {
|
||||
diff |= a[i] ^ b[i];
|
||||
}
|
||||
|
||||
return diff;
|
||||
}
|
||||
|
||||
/** The data structure representing a key slot, containing key material
|
||||
* and metadata for one key.
|
||||
*/
|
||||
|
@ -73,6 +73,25 @@ psa_status_t mbedtls_psa_hash_abort(
|
||||
case PSA_ALG_SHA_512:
|
||||
mbedtls_sha512_free(&operation->ctx.sha512);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
|
||||
case PSA_ALG_SHA3_224:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
|
||||
case PSA_ALG_SHA3_256:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
|
||||
case PSA_ALG_SHA3_384:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
case PSA_ALG_SHA3_512:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
mbedtls_sha3_free(&operation->ctx.sha3);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
return PSA_ERROR_BAD_STATE;
|
||||
@ -134,6 +153,30 @@ psa_status_t mbedtls_psa_hash_setup(
|
||||
mbedtls_sha512_init(&operation->ctx.sha512);
|
||||
ret = mbedtls_sha512_starts(&operation->ctx.sha512, 0);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
|
||||
case PSA_ALG_SHA3_224:
|
||||
mbedtls_sha3_init(&operation->ctx.sha3);
|
||||
ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_224);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
|
||||
case PSA_ALG_SHA3_256:
|
||||
mbedtls_sha3_init(&operation->ctx.sha3);
|
||||
ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_256);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
|
||||
case PSA_ALG_SHA3_384:
|
||||
mbedtls_sha3_init(&operation->ctx.sha3);
|
||||
ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_384);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
case PSA_ALG_SHA3_512:
|
||||
mbedtls_sha3_init(&operation->ctx.sha3);
|
||||
ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_512);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
return PSA_ALG_IS_HASH(alg) ?
|
||||
@ -196,6 +239,26 @@ psa_status_t mbedtls_psa_hash_clone(
|
||||
mbedtls_sha512_clone(&target_operation->ctx.sha512,
|
||||
&source_operation->ctx.sha512);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
|
||||
case PSA_ALG_SHA3_224:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
|
||||
case PSA_ALG_SHA3_256:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
|
||||
case PSA_ALG_SHA3_384:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
case PSA_ALG_SHA3_512:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
mbedtls_sha3_clone(&target_operation->ctx.sha3,
|
||||
&source_operation->ctx.sha3);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
(void) source_operation;
|
||||
@ -256,6 +319,26 @@ psa_status_t mbedtls_psa_hash_update(
|
||||
ret = mbedtls_sha512_update(&operation->ctx.sha512,
|
||||
input, input_length);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
|
||||
case PSA_ALG_SHA3_224:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
|
||||
case PSA_ALG_SHA3_256:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
|
||||
case PSA_ALG_SHA3_384:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
case PSA_ALG_SHA3_512:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
ret = mbedtls_sha3_update(&operation->ctx.sha3,
|
||||
input, input_length);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
(void) input;
|
||||
@ -326,6 +409,25 @@ psa_status_t mbedtls_psa_hash_finish(
|
||||
case PSA_ALG_SHA_512:
|
||||
ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash);
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
|
||||
case PSA_ALG_SHA3_224:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
|
||||
case PSA_ALG_SHA3_256:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
|
||||
case PSA_ALG_SHA3_384:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
case PSA_ALG_SHA3_512:
|
||||
#endif
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
|
||||
ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
(void) hash;
|
||||
|
@ -29,6 +29,7 @@
|
||||
#include <mbedtls/md.h>
|
||||
|
||||
#include <mbedtls/error.h>
|
||||
#include "mbedtls/constant_time.h"
|
||||
#include <string.h>
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
|
||||
@ -453,7 +454,7 @@ psa_status_t mbedtls_psa_mac_verify_finish(
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if (mbedtls_psa_safer_memcmp(mac, actual_mac, mac_length) != 0) {
|
||||
if (mbedtls_ct_memcmp(mac, actual_mac, mac_length) != 0) {
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
}
|
||||
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "psa_crypto_slot_management.h"
|
||||
|
||||
#include <mbedtls/ecjpake.h>
|
||||
#include <psa_util_internal.h>
|
||||
#include "psa_util_internal.h"
|
||||
|
||||
#include <mbedtls/platform.h>
|
||||
#include <mbedtls/error.h>
|
||||
|
@ -30,7 +30,7 @@
|
||||
#ifndef PSA_CRYPTO_RANDOM_IMPL_H
|
||||
#define PSA_CRYPTO_RANDOM_IMPL_H
|
||||
|
||||
#include <psa_util_internal.h>
|
||||
#include "psa_util_internal.h"
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
|
||||
|
||||
|
@ -38,7 +38,7 @@
|
||||
|
||||
typedef struct {
|
||||
psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
|
||||
unsigned key_slots_initialized : 1;
|
||||
uint8_t key_slots_initialized;
|
||||
} psa_global_data_t;
|
||||
|
||||
static psa_global_data_t global_data;
|
||||
|
@ -202,7 +202,7 @@ psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data,
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
/** This symbol is defined if transaction support is required. */
|
||||
#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS
|
||||
#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS 1
|
||||
#endif
|
||||
|
||||
#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
|
||||
|
@ -25,7 +25,7 @@
|
||||
#include <psa/crypto.h>
|
||||
|
||||
#include "psa_crypto_core.h"
|
||||
#include <psa_util_internal.h>
|
||||
#include "psa_util_internal.h"
|
||||
|
||||
/* The following includes are needed for MBEDTLS_ERR_XXX macros */
|
||||
#include <mbedtls/error.h>
|
||||
|
@ -259,10 +259,13 @@ int mbedtls_sha3_update(mbedtls_sha3_context *ctx,
|
||||
int mbedtls_sha3_finish(mbedtls_sha3_context *ctx,
|
||||
uint8_t *output, size_t olen)
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
/* Catch SHA-3 families, with fixed output length */
|
||||
if (ctx->olen > 0) {
|
||||
if (ctx->olen > olen) {
|
||||
return MBEDTLS_ERR_SHA3_BAD_INPUT_DATA;
|
||||
ret = MBEDTLS_ERR_SHA3_BAD_INPUT_DATA;
|
||||
goto exit;
|
||||
}
|
||||
olen = ctx->olen;
|
||||
}
|
||||
@ -280,7 +283,11 @@ int mbedtls_sha3_finish(mbedtls_sha3_context *ctx,
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
mbedtls_sha3_free(ctx);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -7722,7 +7722,7 @@ static int ssl_calc_finished_tls_generic(mbedtls_ssl_context *ssl, void *ctx,
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len);
|
||||
|
||||
mbedtls_platform_zeroize(padbuf, sizeof(padbuf));
|
||||
mbedtls_platform_zeroize(padbuf, hlen);
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished"));
|
||||
|
||||
|
@ -1097,6 +1097,7 @@ static int x509_get_other_name(const mbedtls_x509_buf *subject_alt_name,
|
||||
if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid) != 0) {
|
||||
return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
|
||||
}
|
||||
other_name->type_id = cur_oid;
|
||||
|
||||
p += len;
|
||||
if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
|
||||
@ -1488,7 +1489,7 @@ int mbedtls_x509_info_subject_alt_name(char **buf, size_t *size,
|
||||
MBEDTLS_X509_SAFE_SNPRINTF;
|
||||
|
||||
if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME,
|
||||
&other_name->value.hardware_module_name.oid) != 0) {
|
||||
&other_name->type_id) == 0) {
|
||||
ret = mbedtls_snprintf(p, n, "\n%s hardware module name :", prefix);
|
||||
MBEDTLS_X509_SAFE_SNPRINTF;
|
||||
ret =
|
||||
|
@ -2754,8 +2754,8 @@ static int x509_inet_pton_ipv6(const char *src, void *dst)
|
||||
p++;
|
||||
}
|
||||
if (num_digits != 0) {
|
||||
addr[nonzero_groups++] = MBEDTLS_IS_BIG_ENDIAN ? group :
|
||||
(group << 8) | (group >> 8);
|
||||
MBEDTLS_PUT_UINT16_BE(group, addr, nonzero_groups);
|
||||
nonzero_groups++;
|
||||
if (*p == '\0') {
|
||||
break;
|
||||
} else if (*p == '.') {
|
||||
|
@ -65,6 +65,7 @@ EOF
|
||||
mbedtls/mbedtls_config.h) :;; # not meant for direct inclusion
|
||||
mbedtls/config_*.h) :;; # not meant for direct inclusion
|
||||
psa/crypto_config.h) :;; # not meant for direct inclusion
|
||||
psa/crypto_ajdust_config*.h) :;; # not meant for direct inclusion
|
||||
# Some of the psa/crypto_*.h headers are not meant to be included
|
||||
# directly. They do have include guards that make them no-ops if
|
||||
# psa/crypto.h has been included before. Since psa/crypto.h comes
|
||||
|
@ -32,6 +32,7 @@
|
||||
#include "psa_crypto_rsa.h"
|
||||
|
||||
#include "mbedtls/platform.h"
|
||||
#include "mbedtls/constant_time.h"
|
||||
/* END-common headers */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
@ -2253,7 +2254,7 @@ psa_status_t psa_driver_wrapper_aead_verify(
|
||||
if( status == PSA_SUCCESS )
|
||||
{
|
||||
if( tag_length != check_tag_length ||
|
||||
mbedtls_psa_safer_memcmp( tag, check_tag, tag_length )
|
||||
mbedtls_ct_memcmp( tag, check_tag, tag_length )
|
||||
!= 0 )
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
}
|
||||
|
@ -19,12 +19,19 @@
|
||||
import os
|
||||
import inspect
|
||||
|
||||
def looks_like_psa_crypto_root(path: str) -> bool:
|
||||
"""Whether the given directory looks like the root of the PSA Crypto source tree."""
|
||||
return all(os.path.isdir(os.path.join(path, subdir))
|
||||
for subdir in ['include', 'core', 'drivers', 'programs', 'tests'])
|
||||
|
||||
def looks_like_mbedtls_root(path: str) -> bool:
|
||||
"""Whether the given directory looks like the root of the Mbed TLS source tree."""
|
||||
return all(os.path.isdir(os.path.join(path, subdir))
|
||||
for subdir in ['include', 'library', 'programs', 'tests'])
|
||||
|
||||
def looks_like_root(path: str) -> bool:
|
||||
return looks_like_psa_crypto_root(path) or looks_like_mbedtls_root(path)
|
||||
|
||||
def check_repo_path():
|
||||
"""
|
||||
Check that the current working directory is the project root, and throw
|
||||
@ -42,7 +49,7 @@ def chdir_to_root() -> None:
|
||||
for d in [os.path.curdir,
|
||||
os.path.pardir,
|
||||
os.path.join(os.path.pardir, os.path.pardir)]:
|
||||
if looks_like_mbedtls_root(d):
|
||||
if looks_like_root(d):
|
||||
os.chdir(d)
|
||||
return
|
||||
raise Exception('Mbed TLS source tree not found')
|
||||
@ -62,6 +69,6 @@ def guess_mbedtls_root():
|
||||
if d in dirs:
|
||||
continue
|
||||
dirs.add(d)
|
||||
if looks_like_mbedtls_root(d):
|
||||
if looks_like_root(d):
|
||||
return d
|
||||
raise Exception('Mbed TLS source tree not found')
|
||||
|
@ -27,6 +27,7 @@ from typing import Dict, List, Optional, Set, Union
|
||||
import unittest
|
||||
|
||||
from . import c_build_helper
|
||||
from . import build_tree
|
||||
|
||||
|
||||
class Expr:
|
||||
@ -51,13 +52,16 @@ class Expr:
|
||||
def update_cache(self) -> None:
|
||||
"""Update `value_cache` for expressions registered in `unknown_values`."""
|
||||
expressions = sorted(self.unknown_values)
|
||||
includes = ['include']
|
||||
if build_tree.looks_like_psa_crypto_root('.'):
|
||||
includes.append('drivers/builtin/include')
|
||||
values = c_build_helper.get_c_expression_values(
|
||||
'unsigned long', '%lu',
|
||||
expressions,
|
||||
header="""
|
||||
#include <psa/crypto.h>
|
||||
""",
|
||||
include_path=['include']) #type: List[str]
|
||||
include_path=includes) #type: List[str]
|
||||
for e, v in zip(expressions, values):
|
||||
self.value_cache[e] = int(v, 0)
|
||||
self.unknown_values.clear()
|
||||
|
@ -126,10 +126,41 @@ print_usage() {
|
||||
printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
|
||||
printf " -M|--memcheck\tCheck memory leaks and errors.\n"
|
||||
printf " -v|--verbose\tSet verbose output.\n"
|
||||
printf " --list-test-case\tList all potential test cases (No Execution)\n"
|
||||
printf " --outcome-file\tFile where test outcomes are written\n"
|
||||
printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n"
|
||||
}
|
||||
|
||||
# print_test_case <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
|
||||
print_test_case() {
|
||||
for i in $3; do
|
||||
uniform_title $1 $2 $i
|
||||
echo $TITLE
|
||||
done
|
||||
}
|
||||
|
||||
# list_test_case lists all potential test cases in compat.sh without execution
|
||||
list_test_case() {
|
||||
reset_ciphersuites
|
||||
for TYPE in $TYPES; do
|
||||
add_common_ciphersuites
|
||||
add_openssl_ciphersuites
|
||||
add_gnutls_ciphersuites
|
||||
add_mbedtls_ciphersuites
|
||||
done
|
||||
|
||||
for VERIFY in $VERIFIES; do
|
||||
VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
|
||||
for MODE in $MODES; do
|
||||
print_test_case m O "$O_CIPHERS"
|
||||
print_test_case O m "$O_CIPHERS"
|
||||
print_test_case m G "$G_CIPHERS"
|
||||
print_test_case G m "$G_CIPHERS"
|
||||
print_test_case m m "$M_CIPHERS"
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
get_options() {
|
||||
while [ $# -gt 0 ]; do
|
||||
case "$1" in
|
||||
@ -157,6 +188,12 @@ get_options() {
|
||||
-M|--memcheck)
|
||||
MEMCHECK=1
|
||||
;;
|
||||
# Please check scripts/check_test_cases.py correspondingly
|
||||
# if you have to modify option, --list-test-case
|
||||
--list-test-case)
|
||||
list_test_case
|
||||
exit $?
|
||||
;;
|
||||
--outcome-file)
|
||||
shift; MBEDTLS_TEST_OUTCOME_FILE=$1
|
||||
;;
|
||||
@ -826,6 +863,14 @@ wait_client_done() {
|
||||
echo "EXIT: $EXIT" >> $CLI_OUT
|
||||
}
|
||||
|
||||
# uniform_title <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
|
||||
# $TITLE is considered as test case description for both --list-test-case and
|
||||
# MBEDTLS_TEST_OUTCOME_FILE. This function aims to control the format of
|
||||
# each test case description.
|
||||
uniform_title() {
|
||||
TITLE="$1->$2 $MODE,$VERIF $3"
|
||||
}
|
||||
|
||||
# record_outcome <outcome> [<failure-reason>]
|
||||
record_outcome() {
|
||||
echo "$1"
|
||||
@ -863,8 +908,7 @@ report_fail() {
|
||||
run_client() {
|
||||
# announce what we're going to do
|
||||
TESTS=$(( $TESTS + 1 ))
|
||||
TITLE="${1%"${1#?}"}->${SERVER_NAME%"${SERVER_NAME#?}"}"
|
||||
TITLE="$TITLE $MODE,$VERIF $2"
|
||||
uniform_title "${1%"${1#?}"}" "${SERVER_NAME%"${SERVER_NAME#?}"}" $2
|
||||
DOTS72="........................................................................"
|
||||
printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72"
|
||||
|
||||
|
29
tests/configs/user-config-zeroize-memset.h
Normal file
29
tests/configs/user-config-zeroize-memset.h
Normal file
@ -0,0 +1,29 @@
|
||||
/* mbedtls_config.h modifier that defines mbedtls_platform_zeroize() to be
|
||||
* memset(), so that the compile can check arguments for us.
|
||||
* Used for testing.
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
||||
/* Define _ALT so we don't get the built-in implementation. The test code will
|
||||
* also need to define MBEDTLS_TEST_DEFINES_ZEROIZE so we don't get the
|
||||
* declaration. */
|
||||
#define MBEDTLS_PLATFORM_ZEROIZE_ALT
|
||||
|
||||
#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len)
|
@ -123,15 +123,27 @@ set -e -o pipefail -u
|
||||
# Enable ksh/bash extended file matching patterns
|
||||
shopt -s extglob
|
||||
|
||||
in_mbedtls_repo () {
|
||||
test -d include -a -d library -a -d programs -a -d tests
|
||||
}
|
||||
|
||||
in_psa_crypto_repo () {
|
||||
test -d include -a -d core -a -d drivers -a -d programs -a -d tests
|
||||
}
|
||||
|
||||
pre_check_environment () {
|
||||
if [ -d library -a -d include -a -d tests ]; then :; else
|
||||
echo "Must be run from mbed TLS root" >&2
|
||||
if in_mbedtls_repo || in_psa_crypto_repo; then :; else
|
||||
echo "Must be run from Mbed TLS / psa-crypto root" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
pre_initialize_variables () {
|
||||
CONFIG_H='include/mbedtls/mbedtls_config.h'
|
||||
if in_mbedtls_repo; then
|
||||
CONFIG_H='include/mbedtls/mbedtls_config.h'
|
||||
else
|
||||
CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h'
|
||||
fi
|
||||
CRYPTO_CONFIG_H='include/psa/crypto_config.h'
|
||||
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
|
||||
|
||||
@ -141,8 +153,10 @@ pre_initialize_variables () {
|
||||
backup_suffix='.all.bak'
|
||||
# Files clobbered by config.py
|
||||
files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
|
||||
# Files clobbered by in-tree cmake
|
||||
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
|
||||
if in_mbedtls_repo; then
|
||||
# Files clobbered by in-tree cmake
|
||||
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
|
||||
fi
|
||||
|
||||
append_outcome=0
|
||||
MEMORY=0
|
||||
@ -299,7 +313,9 @@ EOF
|
||||
# Does not remove generated source files.
|
||||
cleanup()
|
||||
{
|
||||
command make clean
|
||||
if in_mbedtls_repo; then
|
||||
command make clean
|
||||
fi
|
||||
|
||||
# Remove CMake artefacts
|
||||
find . -name .git -prune -o \
|
||||
@ -556,7 +572,7 @@ pre_check_git () {
|
||||
fi
|
||||
|
||||
if ! git diff --quiet "$CONFIG_H"; then
|
||||
err_msg "Warning - the configuration file 'include/mbedtls/mbedtls_config.h' has been edited. "
|
||||
err_msg "Warning - the configuration file '$CONFIG_H' has been edited. "
|
||||
echo "You can either delete or preserve your work, or force the test by rerunning the"
|
||||
echo "script as: $0 --force"
|
||||
exit 1
|
||||
@ -1872,6 +1888,16 @@ skip_suites_without_constant_flow () {
|
||||
export SKIP_TEST_SUITES
|
||||
}
|
||||
|
||||
skip_all_except_given_suite () {
|
||||
# Skip all but the given test suite
|
||||
SKIP_TEST_SUITES=$(
|
||||
ls -1 tests/suites/test_suite_*.function |
|
||||
grep -v $1.function |
|
||||
sed 's/tests.suites.test_suite_//; s/\.function$//' |
|
||||
tr '\n' ,)
|
||||
export SKIP_TEST_SUITES
|
||||
}
|
||||
|
||||
component_test_memsan_constant_flow () {
|
||||
# This tests both (1) accesses to undefined memory, and (2) branches or
|
||||
# memory access depending on secret values. To distinguish between those:
|
||||
@ -1931,6 +1957,16 @@ component_test_valgrind_constant_flow () {
|
||||
# details are left in Testing/<date>/DynamicAnalysis.xml
|
||||
msg "test: some suites (full minus MBEDTLS_USE_PSA_CRYPTO, valgrind + constant flow)"
|
||||
make memcheck
|
||||
|
||||
# Test asm path in constant time module - by default, it will test the plain C
|
||||
# path under Valgrind or Memsan. Running only the constant_time tests is fast (<1s)
|
||||
msg "test: valgrind asm constant_time"
|
||||
scripts/config.py --force set MBEDTLS_TEST_CONSTANT_FLOW_ASM
|
||||
skip_all_except_given_suite test_suite_constant_time
|
||||
cmake -D CMAKE_BUILD_TYPE:String=Release .
|
||||
make clean
|
||||
make
|
||||
make memcheck
|
||||
}
|
||||
|
||||
component_test_valgrind_constant_flow_psa () {
|
||||
@ -5215,6 +5251,16 @@ support_build_cmake_custom_config_file () {
|
||||
}
|
||||
|
||||
|
||||
component_build_zeroize_checks () {
|
||||
msg "build: check for obviously wrong calls to mbedtls_platform_zeroize()"
|
||||
|
||||
scripts/config.py full
|
||||
|
||||
# Only compile - we're looking for sizeof-pointer-memaccess warnings
|
||||
make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess"
|
||||
}
|
||||
|
||||
|
||||
component_test_zeroize () {
|
||||
# Test that the function mbedtls_platform_zeroize() is not optimized away by
|
||||
# different combinations of compilers and optimization flags by using an
|
||||
@ -5398,7 +5444,9 @@ pre_prepare_outcome_file
|
||||
pre_print_configuration
|
||||
pre_check_tools
|
||||
cleanup
|
||||
pre_generate_files
|
||||
if in_mbedtls_repo; then
|
||||
pre_generate_files
|
||||
fi
|
||||
|
||||
# Run the requested tests.
|
||||
for ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do
|
||||
|
@ -73,15 +73,22 @@ def execute_reference_driver_tests(ref_component, driver_component, outcome_file
|
||||
Results.log("Error: failed to run reference/driver components")
|
||||
sys.exit(ret_val)
|
||||
|
||||
def analyze_coverage(results, outcomes):
|
||||
def analyze_coverage(results, outcomes, allow_list, full_coverage):
|
||||
"""Check that all available test cases are executed at least once."""
|
||||
available = check_test_cases.collect_available_test_cases()
|
||||
for key in available:
|
||||
hits = outcomes[key].hits() if key in outcomes else 0
|
||||
if hits == 0:
|
||||
# Make this a warning, not an error, as long as we haven't
|
||||
# fixed this branch to have full coverage of test cases.
|
||||
results.warning('Test case not executed: {}', key)
|
||||
if hits == 0 and key not in allow_list:
|
||||
if full_coverage:
|
||||
results.error('Test case not executed: {}', key)
|
||||
else:
|
||||
results.warning('Test case not executed: {}', key)
|
||||
elif hits != 0 and key in allow_list:
|
||||
# Test Case should be removed from the allow list.
|
||||
if full_coverage:
|
||||
results.error('Allow listed test case was executed: {}', key)
|
||||
else:
|
||||
results.warning('Allow listed test case was executed: {}', key)
|
||||
|
||||
def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
|
||||
ignored_suites, ignored_test=None):
|
||||
@ -122,10 +129,11 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
|
||||
result = False
|
||||
return result
|
||||
|
||||
def analyze_outcomes(outcomes):
|
||||
def analyze_outcomes(outcomes, args):
|
||||
"""Run all analyses on the given outcome collection."""
|
||||
results = Results()
|
||||
analyze_coverage(results, outcomes)
|
||||
analyze_coverage(results, outcomes, args['allow_list'],
|
||||
args['full_coverage'])
|
||||
return results
|
||||
|
||||
def read_outcome_file(outcome_file):
|
||||
@ -151,10 +159,9 @@ by a semicolon.
|
||||
|
||||
def do_analyze_coverage(outcome_file, args):
|
||||
"""Perform coverage analysis."""
|
||||
del args # unused
|
||||
outcomes = read_outcome_file(outcome_file)
|
||||
Results.log("\n*** Analyze coverage ***\n")
|
||||
results = analyze_outcomes(outcomes)
|
||||
results = analyze_outcomes(outcomes, args)
|
||||
return results.error_count == 0
|
||||
|
||||
def do_analyze_driver_vs_reference(outcome_file, args):
|
||||
@ -175,8 +182,16 @@ def do_analyze_driver_vs_reference(outcome_file, args):
|
||||
TASKS = {
|
||||
'analyze_coverage': {
|
||||
'test_function': do_analyze_coverage,
|
||||
'args': {}
|
||||
},
|
||||
'args': {
|
||||
'allow_list': [
|
||||
# Algorithm not supported yet
|
||||
'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA',
|
||||
# Algorithm not supported yet
|
||||
'test_suite_psa_crypto_metadata;Cipher: XTS',
|
||||
],
|
||||
'full_coverage': False,
|
||||
}
|
||||
},
|
||||
# There are 2 options to use analyze_driver_vs_reference_xxx locally:
|
||||
# 1. Run tests and then analysis:
|
||||
# - tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
|
||||
@ -426,6 +441,11 @@ def main():
|
||||
'comma/space-separated list of tasks. ')
|
||||
parser.add_argument('--list', action='store_true',
|
||||
help='List all available tasks and exit.')
|
||||
parser.add_argument('--require-full-coverage', action='store_true',
|
||||
dest='full_coverage', help="Require all available "
|
||||
"test cases to be executed and issue an error "
|
||||
"otherwise. This flag is ignored if 'task' is "
|
||||
"neither 'all' nor 'analyze_coverage'")
|
||||
options = parser.parse_args()
|
||||
|
||||
if options.list:
|
||||
@ -445,6 +465,9 @@ def main():
|
||||
Results.log('Error: invalid task: {}'.format(task))
|
||||
sys.exit(1)
|
||||
|
||||
TASKS['analyze_coverage']['args']['full_coverage'] = \
|
||||
options.full_coverage
|
||||
|
||||
for task in TASKS:
|
||||
if task in tasks:
|
||||
if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']):
|
||||
|
@ -25,6 +25,7 @@ import argparse
|
||||
import glob
|
||||
import os
|
||||
import re
|
||||
import subprocess
|
||||
import sys
|
||||
|
||||
class Results:
|
||||
@ -111,6 +112,19 @@ state may override this method.
|
||||
self.process_test_case(descriptions,
|
||||
file_name, line_number, description)
|
||||
|
||||
def walk_compat_sh(self, file_name):
|
||||
"""Iterate over the test cases compat.sh with a similar format."""
|
||||
descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none
|
||||
compat_cmd = ['sh', file_name, '--list-test-case']
|
||||
compat_output = subprocess.check_output(compat_cmd)
|
||||
# Assume compat.sh is responsible for printing identical format of
|
||||
# test case description between --list-test-case and its OUTCOME.CSV
|
||||
description = compat_output.strip().split(b'\n')
|
||||
# idx indicates the number of test case since there is no line number
|
||||
# in `compat.sh` for each test case.
|
||||
for idx, descrip in enumerate(description):
|
||||
self.process_test_case(descriptions, file_name, idx, descrip)
|
||||
|
||||
@staticmethod
|
||||
def collect_test_directories():
|
||||
"""Get the relative path for the TLS and Crypto test directories."""
|
||||
@ -136,6 +150,9 @@ state may override this method.
|
||||
for ssl_opt_file_name in glob.glob(os.path.join(directory, 'opt-testcases',
|
||||
'*.sh')):
|
||||
self.walk_ssl_opt_sh(ssl_opt_file_name)
|
||||
compat_sh = os.path.join(directory, 'compat.sh')
|
||||
if os.path.exists(compat_sh):
|
||||
self.walk_compat_sh(compat_sh)
|
||||
|
||||
class TestDescriptions(TestDescriptionExplorer):
|
||||
"""Collect the available test cases."""
|
||||
|
@ -1,10 +1,10 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Run the PSA Crypto API compliance test suite.
|
||||
Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF,
|
||||
then compile and run the test suite. The clone is stored at <Mbed TLS root>/psa-arch-tests.
|
||||
Known defects in either the test suite or mbedtls - identified by their test number - are ignored,
|
||||
while unexpected failures AND successes are reported as errors,
|
||||
to help keep the list of known defects as up to date as possible.
|
||||
then compile and run the test suite. The clone is stored at <repository root>/psa-arch-tests.
|
||||
Known defects in either the test suite or mbedtls / psa-crypto - identified by their test
|
||||
number - are ignored, while unexpected failures AND successes are reported as errors, to help
|
||||
keep the list of known defects as up to date as possible.
|
||||
"""
|
||||
|
||||
# Copyright The Mbed TLS Contributors
|
||||
@ -22,13 +22,20 @@ to help keep the list of known defects as up to date as possible.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import argparse
|
||||
import os
|
||||
import re
|
||||
import shutil
|
||||
import subprocess
|
||||
import sys
|
||||
from typing import List
|
||||
|
||||
# PSA Compliance tests we expect to fail due to known defects in Mbed TLS (or the test suite)
|
||||
#pylint: disable=unused-import
|
||||
import scripts_path
|
||||
from mbedtls_dev import build_tree
|
||||
|
||||
# PSA Compliance tests we expect to fail due to known defects in Mbed TLS / PSA Crypto
|
||||
# (or the test suite).
|
||||
# The test numbers correspond to the numbers used by the console output of the test suite.
|
||||
# Test number 2xx corresponds to the files in the folder
|
||||
# psa-arch-tests/api-tests/dev_apis/crypto/test_c0xx
|
||||
@ -49,12 +56,32 @@ EXPECTED_FAILURES = {
|
||||
PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git'
|
||||
PSA_ARCH_TESTS_REF = 'fix-pr-5736'
|
||||
|
||||
#pylint: disable=too-many-branches,too-many-statements
|
||||
def main():
|
||||
mbedtls_dir = os.getcwd()
|
||||
#pylint: disable=too-many-branches,too-many-statements,too-many-locals
|
||||
def main(library_build_dir: str):
|
||||
root_dir = os.getcwd()
|
||||
|
||||
if not os.path.exists('library/libmbedcrypto.a'):
|
||||
subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a'])
|
||||
in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(root_dir)
|
||||
|
||||
if in_psa_crypto_repo:
|
||||
crypto_name = 'psacrypto'
|
||||
library_subdir = 'core'
|
||||
else:
|
||||
crypto_name = 'mbedcrypto'
|
||||
library_subdir = 'library'
|
||||
|
||||
crypto_lib_filename = (library_build_dir + '/' +
|
||||
library_subdir + '/' +
|
||||
'lib' + crypto_name + '.a')
|
||||
|
||||
if not os.path.exists(crypto_lib_filename):
|
||||
#pylint: disable=bad-continuation
|
||||
subprocess.check_call([
|
||||
'cmake', '.',
|
||||
'-GUnix Makefiles',
|
||||
'-B' + library_build_dir
|
||||
])
|
||||
subprocess.check_call(['cmake', '--build', library_build_dir,
|
||||
'--target', crypto_name])
|
||||
|
||||
psa_arch_tests_dir = 'psa-arch-tests'
|
||||
os.makedirs(psa_arch_tests_dir, exist_ok=True)
|
||||
@ -74,6 +101,9 @@ def main():
|
||||
os.mkdir(build_dir)
|
||||
os.chdir(build_dir)
|
||||
|
||||
extra_includes = (';{}/drivers/builtin/include'.format(root_dir)
|
||||
if in_psa_crypto_repo else '')
|
||||
|
||||
#pylint: disable=bad-continuation
|
||||
subprocess.check_call([
|
||||
'cmake', '..',
|
||||
@ -81,8 +111,9 @@ def main():
|
||||
'-DTARGET=tgt_dev_apis_stdc',
|
||||
'-DTOOLCHAIN=HOST_GCC',
|
||||
'-DSUITE=CRYPTO',
|
||||
'-DPSA_CRYPTO_LIB_FILENAME={}/library/libmbedcrypto.a'.format(mbedtls_dir),
|
||||
'-DPSA_INCLUDE_PATHS={}/include'.format(mbedtls_dir)
|
||||
'-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(root_dir,
|
||||
crypto_lib_filename),
|
||||
('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(root_dir)
|
||||
])
|
||||
subprocess.check_call(['cmake', '--build', '.'])
|
||||
|
||||
@ -95,8 +126,11 @@ def main():
|
||||
)
|
||||
test = -1
|
||||
unexpected_successes = set(EXPECTED_FAILURES)
|
||||
expected_failures = []
|
||||
unexpected_failures = []
|
||||
expected_failures = [] # type: List[int]
|
||||
unexpected_failures = [] # type: List[int]
|
||||
if proc.stdout is None:
|
||||
return 1
|
||||
|
||||
for line in proc.stdout:
|
||||
print(line, end='')
|
||||
match = test_re.match(line)
|
||||
@ -136,7 +170,18 @@ def main():
|
||||
print('SUCCESS')
|
||||
return 0
|
||||
finally:
|
||||
os.chdir(mbedtls_dir)
|
||||
os.chdir(root_dir)
|
||||
|
||||
if __name__ == '__main__':
|
||||
sys.exit(main())
|
||||
BUILD_DIR = 'out_of_source_build'
|
||||
|
||||
# pylint: disable=invalid-name
|
||||
parser = argparse.ArgumentParser()
|
||||
parser.add_argument('--build-dir', nargs=1,
|
||||
help='path to Mbed TLS / PSA Crypto build directory')
|
||||
args = parser.parse_args()
|
||||
|
||||
if args.build_dir is not None:
|
||||
BUILD_DIR = args.build_dir[0]
|
||||
|
||||
sys.exit(main(BUILD_DIR))
|
||||
|
@ -25,6 +25,8 @@
|
||||
|
||||
#include "test/drivers/aead.h"
|
||||
|
||||
#include "mbedtls/constant_time.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_aead.h"
|
||||
#endif
|
||||
@ -431,7 +433,7 @@ psa_status_t mbedtls_test_transparent_aead_verify(
|
||||
|
||||
if (mbedtls_test_driver_aead_hooks.driver_status == PSA_SUCCESS) {
|
||||
if (tag_length != check_tag_length ||
|
||||
mbedtls_psa_safer_memcmp(tag, check_tag, tag_length)
|
||||
mbedtls_ct_memcmp(tag, check_tag, tag_length)
|
||||
!= 0) {
|
||||
mbedtls_test_driver_aead_hooks.driver_status =
|
||||
PSA_ERROR_INVALID_SIGNATURE;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* BEGIN_HEADER */
|
||||
#include "../library/common.h"
|
||||
#include "common.h"
|
||||
|
||||
void fill_arrays(unsigned char *a, unsigned char *b, unsigned char *r1, unsigned char *r2, size_t n)
|
||||
{
|
||||
|
@ -1324,8 +1324,8 @@ void ecp_mod_p_generic_raw(int curve_id,
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM)
|
||||
case MBEDTLS_ECP_DP_SECP521R1:
|
||||
limbs = BITS_TO_LIMBS(522) * 2;
|
||||
curve_bits = 522;
|
||||
limbs = BITS_TO_LIMBS(521) * 2;
|
||||
curve_bits = 521;
|
||||
curve_func = &mbedtls_ecp_mod_p521_raw;
|
||||
break;
|
||||
#endif
|
||||
@ -1377,8 +1377,8 @@ void ecp_mod_p_generic_raw(int curve_id,
|
||||
|
||||
TEST_EQUAL((*curve_func)(X, limbs_X), 0);
|
||||
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), curve_bits);
|
||||
mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m);
|
||||
TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), curve_bits);
|
||||
TEST_MEMORY_COMPARE(X, bytes, res, bytes);
|
||||
|
||||
exit:
|
||||
|
@ -2,6 +2,9 @@
|
||||
#include "mbedtls/md.h"
|
||||
#include "md_psa.h"
|
||||
|
||||
#include "mbedtls/oid.h"
|
||||
#include "mbedtls/asn1.h"
|
||||
|
||||
#define MD_PSA(md, psa) \
|
||||
TEST_EQUAL(mbedtls_md_psa_alg_from_type(md), psa); \
|
||||
TEST_EQUAL(mbedtls_md_type_from_psa_alg(psa), md);
|
||||
@ -33,6 +36,24 @@ void mbedtls_md_list()
|
||||
TEST_EQUAL(0, mbedtls_md_starts(&ctx));
|
||||
TEST_EQUAL(0, mbedtls_md_finish(&ctx, out));
|
||||
mbedtls_md_free(&ctx);
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
/* Ensure that we can convert to and from a psa_algorithm_t */
|
||||
psa_algorithm_t p = mbedtls_md_psa_alg_from_type(*md_type_ptr);
|
||||
TEST_ASSERT(p != PSA_ALG_NONE);
|
||||
TEST_EQUAL(*md_type_ptr, mbedtls_md_type_from_psa_alg(p));
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_OID_C)
|
||||
mbedtls_asn1_buf asn1;
|
||||
/* Check that we have an OID definition */
|
||||
TEST_EQUAL(mbedtls_oid_get_oid_by_md((mbedtls_md_type_t) *md_type_ptr,
|
||||
(const char **) &asn1.p, &asn1.len), 0);
|
||||
/* Check that this OID definition maps back to the correct mbedtls_md_type_t */
|
||||
mbedtls_md_type_t m;
|
||||
TEST_EQUAL(mbedtls_oid_get_md_alg(&asn1, &m), 0);
|
||||
TEST_EQUAL(m, *md_type_ptr);
|
||||
#endif
|
||||
}
|
||||
|
||||
exit:
|
||||
@ -406,7 +427,6 @@ exit:
|
||||
void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine)
|
||||
{
|
||||
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
|
||||
TEST_ASSERT(md_info != NULL);
|
||||
mbedtls_md_context_t ctx1, ctx2;
|
||||
|
||||
/* Intentionally no PSA init here! (Will be done later.) */
|
||||
@ -414,6 +434,8 @@ void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine)
|
||||
mbedtls_md_init(&ctx1);
|
||||
mbedtls_md_init(&ctx2);
|
||||
|
||||
TEST_ASSERT(md_info != NULL);
|
||||
|
||||
/* Before PSA crypto init */
|
||||
TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx1, md_info, 0));
|
||||
TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx2, md_info, 0));
|
||||
|
@ -85,3 +85,51 @@ md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_
|
||||
PSA dispatch SHA512 legacy+driver
|
||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_MD_SHA512_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:0:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-224 legacy only
|
||||
depends_on:MBEDTLS_SHA3_224_C:!MBEDTLS_MD_SHA3_224_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_LEGACY
|
||||
|
||||
PSA dispatch SHA3-224 driver only
|
||||
depends_on:!MBEDTLS_SHA3_224_C:MBEDTLS_MD_SHA3_224_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-224 legacy+driver
|
||||
depends_on:MBEDTLS_SHA3_224_C:MBEDTLS_MD_SHA3_224_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-256 legacy only
|
||||
depends_on:MBEDTLS_SHA3_256_C:!MBEDTLS_MD_SHA3_256_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_LEGACY
|
||||
|
||||
PSA dispatch SHA3-256 driver only
|
||||
depends_on:!MBEDTLS_SHA3_256_C:MBEDTLS_MD_SHA3_256_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-256 legacy+driver
|
||||
depends_on:MBEDTLS_SHA3_256_C:MBEDTLS_MD_SHA3_256_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-384 legacy only
|
||||
depends_on:MBEDTLS_SHA3_384_C:!MBEDTLS_MD_SHA3_384_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_LEGACY
|
||||
|
||||
PSA dispatch SHA3-384 driver only
|
||||
depends_on:!MBEDTLS_SHA3_384_C:MBEDTLS_MD_SHA3_384_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-384 legacy+driver
|
||||
depends_on:MBEDTLS_SHA3_384_C:MBEDTLS_MD_SHA3_384_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-512 legacy only
|
||||
depends_on:MBEDTLS_SHA3_512_C:!MBEDTLS_MD_SHA3_512_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_LEGACY
|
||||
|
||||
PSA dispatch SHA3-512 driver only
|
||||
depends_on:!MBEDTLS_SHA3_512_C:MBEDTLS_MD_SHA3_512_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
|
||||
|
||||
PSA dispatch SHA3-512 legacy+driver
|
||||
depends_on:MBEDTLS_SHA3_512_C:MBEDTLS_MD_SHA3_512_VIA_PSA
|
||||
md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_PSA
|
||||
|
@ -82,6 +82,22 @@ OID hash id - id-sha512
|
||||
depends_on:MBEDTLS_MD_CAN_SHA512
|
||||
oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
|
||||
|
||||
OID hash id - id-sha3-224
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_224
|
||||
oid_get_md_alg_id:"608648016503040207":MBEDTLS_MD_SHA3_224
|
||||
|
||||
OID hash id - id-sha3-256
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_256
|
||||
oid_get_md_alg_id:"608648016503040208":MBEDTLS_MD_SHA3_256
|
||||
|
||||
OID hash id - id-sha3-384
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_384
|
||||
oid_get_md_alg_id:"608648016503040209":MBEDTLS_MD_SHA3_384
|
||||
|
||||
OID hash id - id-sha3-512
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_512
|
||||
oid_get_md_alg_id:"60864801650304020a":MBEDTLS_MD_SHA3_512
|
||||
|
||||
OID hash id - id-ripemd160
|
||||
depends_on:MBEDTLS_MD_CAN_RIPEMD160
|
||||
oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
|
||||
@ -185,3 +201,43 @@ oid_from_numeric_string:"2.4294967215":0:"8FFFFFFF7F"
|
||||
|
||||
OID from numeric string - OID with overflowing subidentifier
|
||||
oid_from_numeric_string:"2.4294967216":MBEDTLS_ERR_ASN1_INVALID_DATA:""
|
||||
|
||||
mbedtls_oid_get_md_hmac - RIPEMD160
|
||||
depends_on:MBEDTLS_MD_CAN_RIPEMD160
|
||||
mbedtls_oid_get_md_hmac:"2B06010505080104":MBEDTLS_MD_RIPEMD160
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA1
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
mbedtls_oid_get_md_hmac:"2A864886F70D0207":MBEDTLS_MD_SHA1
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA224
|
||||
depends_on:MBEDTLS_MD_CAN_SHA224
|
||||
mbedtls_oid_get_md_hmac:"2A864886F70D0208":MBEDTLS_MD_SHA224
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA256
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
mbedtls_oid_get_md_hmac:"2A864886F70D0209":MBEDTLS_MD_SHA256
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA384
|
||||
depends_on:MBEDTLS_MD_CAN_SHA384
|
||||
mbedtls_oid_get_md_hmac:"2A864886F70D020A":MBEDTLS_MD_SHA384
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA512
|
||||
depends_on:MBEDTLS_MD_CAN_SHA512
|
||||
mbedtls_oid_get_md_hmac:"2A864886F70D020B":MBEDTLS_MD_SHA512
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA3_224
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_224
|
||||
mbedtls_oid_get_md_hmac:"60864801650304020D":MBEDTLS_MD_SHA3_224
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA3_256
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_256
|
||||
mbedtls_oid_get_md_hmac:"60864801650304020E":MBEDTLS_MD_SHA3_256
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA3_384
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_384
|
||||
mbedtls_oid_get_md_hmac:"60864801650304020F":MBEDTLS_MD_SHA3_384
|
||||
|
||||
mbedtls_oid_get_md_hmac - SHA3_512
|
||||
depends_on:MBEDTLS_MD_CAN_SHA3_512
|
||||
mbedtls_oid_get_md_hmac:"608648016503040210":MBEDTLS_MD_SHA3_512
|
||||
|
@ -96,6 +96,29 @@ void oid_get_md_alg_id(data_t *oid, int exp_md_id)
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mbedtls_oid_get_md_hmac(data_t *oid, int exp_md_id)
|
||||
{
|
||||
mbedtls_asn1_buf md_oid = { 0, 0, NULL };
|
||||
int ret;
|
||||
mbedtls_md_type_t md_id = 0;
|
||||
|
||||
md_oid.tag = MBEDTLS_ASN1_OID;
|
||||
md_oid.p = oid->x;
|
||||
md_oid.len = oid->len;
|
||||
|
||||
ret = mbedtls_oid_get_md_hmac(&md_oid, &md_id);
|
||||
|
||||
if (exp_md_id < 0) {
|
||||
TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND);
|
||||
TEST_ASSERT(md_id == 0);
|
||||
} else {
|
||||
TEST_ASSERT(ret == 0);
|
||||
TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id);
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void oid_get_numeric_string(data_t *oid, int error_ret, char *result_str)
|
||||
{
|
||||
|
@ -194,7 +194,7 @@ void pk_write_public_from_private(char *priv_key_file, char *pub_key_file)
|
||||
pub_key_raw, pub_key_len);
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
mbedtls_platform_zeroize(derived_key_raw, sizeof(derived_key_raw));
|
||||
mbedtls_platform_zeroize(derived_key_raw, derived_key_len);
|
||||
|
||||
TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&priv_key, &opaque_key_id,
|
||||
PSA_ALG_NONE, PSA_KEY_USAGE_EXPORT,
|
||||
|
16
tests/suites/test_suite_psa_crypto.pbkdf2.data
Normal file
16
tests/suites/test_suite_psa_crypto.pbkdf2.data
Normal file
@ -0,0 +1,16 @@
|
||||
PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #4
|
||||
depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1
|
||||
derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"eefe3d61cd4da4e4e9945b3d6ba2158c2634e984":"":0:1:0
|
||||
|
||||
PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #2
|
||||
depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256
|
||||
derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d":"":0:1:0
|
||||
|
||||
# For PBKDF2_AES_CMAC_PRF_128 the output for the test vectors was generated using a python script. Refer commit message for details.
|
||||
PSA key derivation: PBKDF2-AES-CMAC-PRF-128, inputs from RFC6070 #4
|
||||
depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
|
||||
derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"c19b71d2daf483abc9e04fbc78928b4204398d1e":"":0:1:0
|
||||
|
||||
PSA key derivation: PBKDF2-AES-CMAC-PRF-128, inputs from RFC7914 #2
|
||||
depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
|
||||
derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"3298e89bc3560e61b59aef2c104f93380b5fa26e2e011cb5ac5895fcd5a3bd5a92e617d7cae020fa2c6ef895182d9ffa0cc8f9c22778beb02856127719d95570":"":0:1:0
|
@ -158,6 +158,70 @@ PSA hash finish: SHA-512 Test Vector NIST CAVS #8
|
||||
depends_on:PSA_WANT_ALG_SHA_512
|
||||
hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
|
||||
|
||||
PSA hash finish: SHA3-224 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"
|
||||
|
||||
PSA hash finish: SHA3-256 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_finish:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"
|
||||
|
||||
PSA hash finish: SHA3-384 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004"
|
||||
|
||||
PSA hash finish: SHA3-512 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"
|
||||
|
||||
PSA hash finish: SHA3-224 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf"
|
||||
|
||||
PSA hash finish: SHA3-256 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
|
||||
|
||||
PSA hash finish: SHA3-384 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25"
|
||||
|
||||
PSA hash finish: SHA3-512 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0"
|
||||
|
||||
PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33"
|
||||
|
||||
PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"
|
||||
|
||||
PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22"
|
||||
|
||||
PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e"
|
||||
|
||||
PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc"
|
||||
|
||||
PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18"
|
||||
|
||||
PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7"
|
||||
|
||||
PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"
|
||||
|
||||
PSA hash finish: MD5 Test vector RFC1321 #1
|
||||
depends_on:PSA_WANT_ALG_MD5
|
||||
hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
|
||||
@ -246,6 +310,22 @@ PSA hash verify: RIPEMD160
|
||||
depends_on:PSA_WANT_ALG_RIPEMD160
|
||||
hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
|
||||
|
||||
PSA hash verify: SHA3-224
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_verify:PSA_ALG_SHA3_224:"bd":"79bd1a58a357d1a0ac15b43400bc396d17bdc6d3d90369f16f650b25"
|
||||
|
||||
PSA hash verify: SHA3-256
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_verify:PSA_ALG_SHA3_256:"bd":"b389fa0f45f21196cc2736e8de396497a2414be31e7a500a499918b8cf3257b2"
|
||||
|
||||
PSA hash verify: SHA3-384
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_verify:PSA_ALG_SHA3_384:"bd":"5a337b67965736040c5b1f2d4df7f9ca76cf01866c7d64ed8dd812b97995da9b14ef07f9c4d9190888e4b15c4df2203d"
|
||||
|
||||
PSA hash verify: SHA3-512
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_verify:PSA_ALG_SHA3_512:"bd":"72bacd82495cb72a44523cda462f0f02c9f33b6312e24e44f5c40deed2bbc37854b606cb2f62cce6a394b4157d8e6e89b22682380dc129dddd402693ffa98a6c"
|
||||
|
||||
PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
|
||||
depends_on:PSA_WANT_ALG_SHA_1
|
||||
hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
|
||||
@ -465,3 +545,126 @@ hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565
|
||||
PSA hash multi part: RIPEMD160 Test vector from paper #8
|
||||
depends_on:PSA_WANT_ALG_RIPEMD160
|
||||
hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
|
||||
|
||||
PSA hash multi part: SHA3-224 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_multi_part:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"
|
||||
|
||||
PSA hash multi part: SHA3-256 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_multi_part:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"
|
||||
|
||||
PSA hash multi part: SHA3-384 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_multi_part:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004"
|
||||
|
||||
PSA hash multi part: SHA3-512 Test Vector NIST ""
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_multi_part:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"
|
||||
|
||||
PSA hash multi part: SHA3-224 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_multi_part:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf"
|
||||
|
||||
PSA hash multi part: SHA3-256 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
|
||||
|
||||
PSA hash multi part: SHA3-384 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_multi_part:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25"
|
||||
|
||||
PSA hash multi part: SHA3-512 Test Vector NIST "abc"
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_multi_part:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0"
|
||||
|
||||
PSA hash multi part: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_multi_part:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33"
|
||||
|
||||
PSA hash multi part: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_multi_part:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"
|
||||
|
||||
PSA hash multi part: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_multi_part:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22"
|
||||
|
||||
PSA hash multi part: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_multi_part:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e"
|
||||
|
||||
PSA hash multi part: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_multi_part:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc"
|
||||
|
||||
PSA hash multi part: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_multi_part:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18"
|
||||
|
||||
PSA hash multi part: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_multi_part:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7"
|
||||
|
||||
PSA hash multi part: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_multi_part:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"
|
||||
|
||||
# HMAC test vectors generated in python with e.g.
|
||||
# import hmac; hmac.new(bytes([0xaa]*32), b'abc', 'SHA3-224').hexdigest()
|
||||
|
||||
PSA HMAC SHA3-224
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hmac:PSA_ALG_SHA3_224:"abc":"bf0905154ad610b6a3d6d0b9a1c692494e987337d956624a066d7a1f"
|
||||
|
||||
PSA HMAC SHA3-256
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hmac:PSA_ALG_SHA3_256:"abc":"a986419a162b6d4731a8e96e44a2c6e784d50137907b457c9fb77c62705dc4d9"
|
||||
|
||||
PSA HMAC SHA3-384
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hmac:PSA_ALG_SHA3_384:"abc":"87b864ee25f8bfebd516eddd7cdd400d3c368a09e4b1fabaee5636da8a9c876c3f802c366537663910f2e6c5a8426381"
|
||||
|
||||
PSA HMAC SHA3-512
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hmac:PSA_ALG_SHA3_512:"abc":"2cef45b6950e41a70bc85cb431b2161d47c9e2932187fa15d80e3b7af1da38aa8fe823a72efd7e536e5236a5b0798418d8c8f08b0de5fc262867bb3752b6482d"
|
||||
|
||||
PSA HMAC SHA-1
|
||||
depends_on:PSA_WANT_ALG_SHA_1
|
||||
hmac:PSA_ALG_SHA_1:"abc":"0b3a7f96afea3e14a0835f7c9468a24649f85596"
|
||||
|
||||
PSA HMAC SHA-224
|
||||
depends_on:PSA_WANT_ALG_SHA_224
|
||||
hmac:PSA_ALG_SHA_224:"abc":"249c405cef8bcd3ceeafdb9a933179739fb9b1d7f174df4667ec82f3"
|
||||
|
||||
PSA HMAC SHA-256
|
||||
depends_on:PSA_WANT_ALG_SHA_256
|
||||
hmac:PSA_ALG_SHA_256:"abc":"b89a1b878289c739595104da55b6f7a8afec3e0757fc166080dc267c09c46841"
|
||||
|
||||
PSA HMAC SHA-384
|
||||
depends_on:PSA_WANT_ALG_SHA_384
|
||||
hmac:PSA_ALG_SHA_384:"abc":"25a8b55c884bc38286305f76332631726498f5586280b88bc6179cd00c6878fb7d1bb3ee1643fcd2fb02b95823ff1af2"
|
||||
|
||||
PSA HMAC SHA-512
|
||||
depends_on:PSA_WANT_ALG_SHA_512
|
||||
hmac:PSA_ALG_SHA_512:"abc":"d6e5eebb5cf27f5b686fefc416ee8c431bb10770216aa3c6ba13897ef3fc040b98abc53b95039f2c50622473f958af64a3cae1afbea8ffffa8d35ca24f31e222"
|
||||
|
||||
PSA HMAC RIPEMD160
|
||||
depends_on:PSA_WANT_ALG_RIPEMD160
|
||||
hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2"
|
||||
|
||||
PSA HMAC MD5
|
||||
depends_on:PSA_WANT_ALG_MD5
|
||||
hmac:PSA_ALG_MD5:"abc":"39677b12b80118927387aa4a65d16a5e"
|
||||
|
||||
PSA HMAC input length 0
|
||||
depends_on:PSA_WANT_ALG_SHA_256
|
||||
hmac:PSA_ALG_SHA_256:"":"63210aee265762634fa3db8c1aa920dcd07d31ec297309580394a21412f83372"
|
||||
|
||||
PSA HMAC input length 1
|
||||
depends_on:PSA_WANT_ALG_SHA_256
|
||||
hmac:PSA_ALG_SHA_256:"x":"f61c11d66441e3c0b9902a8491caa2da5a0d0d95ef0fc61d8a3b5ea5e0416f5c"
|
||||
|
||||
PSA HMAC input length 2890
|
||||
depends_on:PSA_WANT_ALG_SHA_256
|
||||
hmac:PSA_ALG_SHA_256:"0123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999":"dd2e08786029097be5f634fda74a7e20e3e1638e71282892c4fd21d9a71ae418"
|
||||
|
@ -1,6 +1,7 @@
|
||||
/* BEGIN_HEADER */
|
||||
|
||||
#include <stdint.h>
|
||||
#include "psa/crypto.h"
|
||||
|
||||
/* END_HEADER */
|
||||
|
||||
@ -34,6 +35,52 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void hmac(int alg_arg, char *input, data_t *expected_mac)
|
||||
{
|
||||
psa_algorithm_t alg = PSA_ALG_HMAC(alg_arg);
|
||||
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_type_t key_type = PSA_KEY_TYPE_HMAC;
|
||||
const uint8_t key_data[] = { // 32 bytes of 0xaa
|
||||
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
|
||||
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
|
||||
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
|
||||
};
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
|
||||
PSA_ASSERT(psa_crypto_init());
|
||||
|
||||
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
psa_set_key_type(&attributes, key_type);
|
||||
PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), &key));
|
||||
|
||||
uint8_t mac[PSA_MAC_MAX_SIZE + 10] = { 0 };
|
||||
size_t mac_length = 0;
|
||||
|
||||
size_t input_len = strlen(input);
|
||||
PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac),
|
||||
&mac_length));
|
||||
|
||||
// manual comparison against expected MAC
|
||||
ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length);
|
||||
|
||||
// use psa_mac_verify to compare to expected MAC
|
||||
PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x,
|
||||
expected_mac->len));
|
||||
|
||||
// corrupt the MAC and check that psa_mac_verify fails
|
||||
expected_mac->x[0] ^= 0x7f;
|
||||
TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x,
|
||||
expected_mac->len), PSA_ERROR_INVALID_SIGNATURE);
|
||||
|
||||
PSA_ASSERT(psa_destroy_key(key));
|
||||
exit:
|
||||
PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void hash_verify(int alg_arg, data_t *input, data_t *expected_hash)
|
||||
{
|
||||
|
@ -26,6 +26,22 @@ Hash: SHA-2 SHA-512
|
||||
depends_on:PSA_WANT_ALG_SHA_512
|
||||
hash_algorithm:PSA_ALG_SHA_512:64
|
||||
|
||||
Hash: SHA-3 SHA3-224
|
||||
depends_on:PSA_WANT_ALG_SHA3_224
|
||||
hash_algorithm:PSA_ALG_SHA3_224:28
|
||||
|
||||
Hash: SHA-3 SHA3-256
|
||||
depends_on:PSA_WANT_ALG_SHA3_256
|
||||
hash_algorithm:PSA_ALG_SHA3_256:32
|
||||
|
||||
Hash: SHA-3 SHA3-384
|
||||
depends_on:PSA_WANT_ALG_SHA3_384
|
||||
hash_algorithm:PSA_ALG_SHA3_384:48
|
||||
|
||||
Hash: SHA-3 SHA3-512
|
||||
depends_on:PSA_WANT_ALG_SHA3_512
|
||||
hash_algorithm:PSA_ALG_SHA3_512:64
|
||||
|
||||
MAC: HMAC-MD5
|
||||
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
|
||||
|
@ -10,7 +10,7 @@
|
||||
* before changing how test data is constructed or validated.
|
||||
*/
|
||||
|
||||
#include "../library/psa_crypto_its.h"
|
||||
#include "psa_crypto_its.h"
|
||||
|
||||
#include "test/psa_helpers.h"
|
||||
|
||||
|
@ -176,9 +176,12 @@ void sha3_invalid_param()
|
||||
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_NONE), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
|
||||
|
||||
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
|
||||
|
||||
TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 0), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
|
||||
|
||||
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
|
||||
TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 31), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
|
||||
|
||||
TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
|
||||
TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 32), 0);
|
||||
|
||||
exit:
|
||||
|
@ -242,7 +242,7 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
|
||||
MBEDTLS_X509_SAFE_SNPRINTF;
|
||||
|
||||
if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME,
|
||||
&san->san.other_name.value.hardware_module_name.oid) != 0) {
|
||||
&san->san.other_name.type_id) == 0) {
|
||||
ret = mbedtls_snprintf(p, n, " hardware module name :");
|
||||
MBEDTLS_X509_SAFE_SNPRINTF;
|
||||
ret = mbedtls_snprintf(p, n, " hardware type : ");
|
||||
|
Loading…
x
Reference in New Issue
Block a user