From dca849204369ca76b513bd81e717c77f61aed9c6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 15 Aug 2023 17:05:22 +0200 Subject: [PATCH] check_config: request at least 1 builtin EC alg if there is at least 1 builtin curve This slightly changes the previous requirement. Instead of enabling ALL builtin EC algs when there is at least 1 built in curve, we ask for at least one built alg if there is at least one builtin curve. This relaxes the previous check while still keeping the base idea: there must be a reason for which builtin curves are included into the build. Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 6 ++++++ include/mbedtls/config_adjust_legacy_from_psa.h | 3 --- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 37e38bd14b..f333f2e38c 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -125,6 +125,12 @@ #endif /* MBEDTLS_PSA_CRYPTO_CONFIG || MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_SOME_BUILTIN_EC) && \ + !(defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_ECDSA_DETERMINISTIC) || \ + defined(MBEDTLS_ECDH_C)) +#error "Some builtin curve is included, but there is no algorighm using it" +#endif + #if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 4938024b1e..0140145095 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -744,7 +744,4 @@ #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ -/* Undefine internal helpers */ -#undef MBEDTLS_SOME_BUILTIN_EC - #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */