Remove MBEDTLS_RSA_ALT

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2024-06-04 18:15:44 +01:00
parent 675e150b0f
commit f47b66eca5
9 changed files with 12 additions and 48 deletions

View File

@ -390,7 +390,6 @@
//#define MBEDTLS_MD5_ALT
//#define MBEDTLS_POLY1305_ALT
//#define MBEDTLS_RIPEMD160_ALT
//#define MBEDTLS_RSA_ALT
//#define MBEDTLS_SHA1_ALT
//#define MBEDTLS_SHA256_ALT
//#define MBEDTLS_SHA512_ALT

View File

@ -146,7 +146,7 @@ int mbedtls_ct_memcmp_partial(const void *a,
#endif
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
void mbedtls_ct_memmove_left(void *start, size_t total, size_t offset)
{
@ -165,7 +165,7 @@ void mbedtls_ct_memmove_left(void *start, size_t total, size_t offset)
}
}
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C */
void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition,
unsigned char *dest,
@ -227,7 +227,7 @@ void mbedtls_ct_memcpy_offset(unsigned char *dest,
}
}
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
void mbedtls_ct_zeroize_if(mbedtls_ct_condition_t condition, void *buf, size_t len)
{
@ -245,4 +245,4 @@ void mbedtls_ct_zeroize_if(mbedtls_ct_condition_t condition, void *buf, size_t l
}
}
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) */
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) */

View File

@ -433,7 +433,7 @@ static inline int mbedtls_ct_error_if_else_0(mbedtls_ct_condition_t condition, i
* Block memory operations
*/
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
/** Conditionally set a block of memory to zero.
*
@ -466,7 +466,7 @@ void mbedtls_ct_memmove_left(void *start,
size_t total,
size_t offset);
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) */
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) */
/** Conditional memcpy.
*

View File

@ -470,11 +470,6 @@ static void rsa_free_wrap(void *ctx)
static void rsa_debug(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items)
{
#if defined(MBEDTLS_RSA_ALT)
/* Not supported */
(void) pk;
(void) items;
#else
mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx;
items->type = MBEDTLS_PK_DEBUG_MPI;
@ -486,7 +481,6 @@ static void rsa_debug(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items)
items->type = MBEDTLS_PK_DEBUG_MPI;
items->name = "rsa.E";
items->value = &(rsa->E);
#endif
}
const mbedtls_pk_info_t mbedtls_rsa_info = {

View File

@ -155,7 +155,7 @@ int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, si
goto cleanup;
}
#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT)
#if !defined(MBEDTLS_RSA_NO_CRT)
/*
* The RSA CRT parameters DP, DQ and QP are nominally redundant, in
* that they can be easily recomputed from D, P and Q. However by
@ -411,7 +411,7 @@ end_of_export:
return (int) len;
}
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
/** This function performs the unpadding part of a PKCS#1 v1.5 decryption
* operation (EME-PKCS1-v1_5 decoding).
@ -564,9 +564,7 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input,
return ret;
}
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
#if !defined(MBEDTLS_RSA_ALT)
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C */
int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
const mbedtls_mpi *N,
@ -2841,8 +2839,6 @@ void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
#endif
}
#endif /* !MBEDTLS_RSA_ALT */
#if defined(MBEDTLS_SELF_TEST)

View File

@ -1,16 +0,0 @@
/* rsa_alt.h with dummy types for MBEDTLS_RSA_ALT */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef RSA_ALT_H
#define RSA_ALT_H
typedef struct mbedtls_rsa_context {
int dummy;
}
mbedtls_rsa_context;
#endif /* rsa_alt.h */

View File

@ -171,7 +171,7 @@ void mbedtls_ct_if(char *c_str, char *t_str, char *f_str)
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:!MBEDTLS_RSA_ALT */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
void mbedtls_ct_zeroize_if(char *c_str, int len)
{
uint8_t *buf = NULL;
@ -431,7 +431,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:!MBEDTLS_RSA_ALT */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
void mbedtls_ct_memmove_left(int len, int offset)
{
size_t l = (size_t) len;

View File

@ -235,7 +235,6 @@ void pkcs1_v15_decode(data_t *input,
size_t i;
size_t count = 0;
#if !defined(MBEDTLS_RSA_ALT)
/* Check that the output in invalid cases is what the default
* implementation currently does. Alternative implementations
* may produce different output, so we only perform these precise
@ -244,7 +243,7 @@ void pkcs1_v15_decode(data_t *input,
for (i = 0; i < max_payload_length; i++) {
TEST_ASSERT(final[i] == 0);
}
#endif
/* Even in alternative implementations, the outputs must have
* changed, otherwise it indicates at least a timing vulnerability
* because no write to the outputs is performed in the bad case. */

View File

@ -69,10 +69,6 @@
extern "C" {
#endif
#if !defined(MBEDTLS_RSA_ALT)
// Regular implementation
//
#if !defined(MBEDTLS_RSA_GEN_KEY_MIN_BITS)
#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024
#elif MBEDTLS_RSA_GEN_KEY_MIN_BITS < 128
@ -122,10 +118,6 @@ typedef struct mbedtls_rsa_context {
}
mbedtls_rsa_context;
#else /* MBEDTLS_RSA_ALT */
#include "rsa_alt.h"
#endif /* MBEDTLS_RSA_ALT */
/**
* \brief This function initializes an RSA context.
*