mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 17:05:42 +01:00
Updates to PSA crypto library based on review comments
Moved new check_crypto_config.h file from include/psa to library directory and the file is now included from *.c instead of the crypto_config.h file. Fixed guards in PSA crypto library based on review comments for new PSA crypto config features. Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
This commit is contained in:
parent
5cc8dfb404
commit
07cc04a8ad
@ -40,13 +40,6 @@ extern "C" {
|
|||||||
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
|
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_ECDSA)
|
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
|
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
|
|
||||||
#define MBEDTLS_ECDSA_C
|
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
|
|
||||||
#endif /* PSA_WANT_ALG_ECDSA */
|
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
|
#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
|
||||||
@ -66,38 +59,26 @@ extern "C" {
|
|||||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
|
||||||
#endif /* PSA_WANT_ALG_ECDH */
|
#endif /* PSA_WANT_ALG_ECDH */
|
||||||
|
|
||||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
#if defined(PSA_WANT_ALG_ECDSA)
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
|
||||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
|
||||||
#define MBEDTLS_ECP_C
|
#define MBEDTLS_ECDSA_C
|
||||||
#define MBEDTLS_BIGNUM_C
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
|
#endif /* PSA_WANT_ALG_ECDSA */
|
||||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
|
||||||
|
|
||||||
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
|
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
|
|
||||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
|
|
||||||
#define MBEDTLS_ECP_C
|
|
||||||
#define MBEDTLS_BIGNUM_C
|
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */
|
|
||||||
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */
|
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_HMAC)
|
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
|
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
|
||||||
#define MBEDTLS_MD_C
|
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
|
|
||||||
#endif /* PSA_WANT_ALG_HMAC */
|
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_HKDF)
|
#if defined(PSA_WANT_ALG_HKDF)
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
|
||||||
#define MBEDTLS_HKDF_C
|
|
||||||
#define MBEDTLS_MD_C
|
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
|
||||||
#endif /* PSA_WANT_ALG_HKDF */
|
#endif /* PSA_WANT_ALG_HKDF */
|
||||||
|
|
||||||
|
#if defined(PSA_WANT_ALG_HMAC)
|
||||||
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||||
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
|
||||||
|
#endif /* PSA_WANT_ALG_HMAC */
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_RSA_OAEP)
|
#if defined(PSA_WANT_ALG_RSA_OAEP)
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
|
||||||
@ -105,19 +86,10 @@ extern "C" {
|
|||||||
#define MBEDTLS_BIGNUM_C
|
#define MBEDTLS_BIGNUM_C
|
||||||
#define MBEDTLS_OID_C
|
#define MBEDTLS_OID_C
|
||||||
#define MBEDTLS_PKCS1_V21
|
#define MBEDTLS_PKCS1_V21
|
||||||
|
#define MBEDTLS_MD_C
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
|
||||||
#endif /* PSA_WANT_ALG_RSA_OAEP */
|
#endif /* PSA_WANT_ALG_RSA_OAEP */
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_RSA_PSS)
|
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
|
|
||||||
#define MBEDTLS_RSA_C
|
|
||||||
#define MBEDTLS_BIGNUM_C
|
|
||||||
#define MBEDTLS_OID_C
|
|
||||||
#define MBEDTLS_PKCS1_V21
|
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
|
|
||||||
#endif /* PSA_WANT_ALG_RSA_PSS */
|
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
|
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
|
||||||
@ -135,9 +107,49 @@ extern "C" {
|
|||||||
#define MBEDTLS_BIGNUM_C
|
#define MBEDTLS_BIGNUM_C
|
||||||
#define MBEDTLS_OID_C
|
#define MBEDTLS_OID_C
|
||||||
#define MBEDTLS_PKCS1_V15
|
#define MBEDTLS_PKCS1_V15
|
||||||
|
#define MBEDTLS_MD_C
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
|
||||||
#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
|
#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
|
||||||
|
|
||||||
|
#if defined(PSA_WANT_ALG_RSA_PSS)
|
||||||
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
|
||||||
|
#define MBEDTLS_RSA_C
|
||||||
|
#define MBEDTLS_BIGNUM_C
|
||||||
|
#define MBEDTLS_OID_C
|
||||||
|
#define MBEDTLS_PKCS1_V21
|
||||||
|
#define MBEDTLS_MD_C
|
||||||
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
|
||||||
|
#endif /* PSA_WANT_ALG_RSA_PSS */
|
||||||
|
|
||||||
|
#if defined(PSA_WANT_ALG_TLS12_PRF)
|
||||||
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
|
||||||
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
|
||||||
|
#endif /* PSA_WANT_ALG_TLS12_PRF */
|
||||||
|
|
||||||
|
#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
|
||||||
|
#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
|
||||||
|
#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
|
||||||
|
#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
|
||||||
|
|
||||||
|
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
|
||||||
|
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
|
||||||
|
#define MBEDTLS_ECP_C
|
||||||
|
#define MBEDTLS_BIGNUM_C
|
||||||
|
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */
|
||||||
|
#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */
|
||||||
|
|
||||||
|
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||||
|
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||||
|
#define MBEDTLS_ECP_C
|
||||||
|
#define MBEDTLS_BIGNUM_C
|
||||||
|
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||||
|
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||||
|
|
||||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
|
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
|
||||||
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
|
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
|
||||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
|
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
|
||||||
@ -145,6 +157,9 @@ extern "C" {
|
|||||||
#define MBEDTLS_BIGNUM_C
|
#define MBEDTLS_BIGNUM_C
|
||||||
#define MBEDTLS_OID_C
|
#define MBEDTLS_OID_C
|
||||||
#define MBEDTLS_GENPRIME
|
#define MBEDTLS_GENPRIME
|
||||||
|
#define MBEDTLS_PK_PARSE_C
|
||||||
|
#define MBEDTLS_PK_WRITE_C
|
||||||
|
#define MBEDTLS_PK_C
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */
|
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */
|
||||||
#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
|
#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
|
||||||
|
|
||||||
@ -154,7 +169,9 @@ extern "C" {
|
|||||||
#define MBEDTLS_RSA_C
|
#define MBEDTLS_RSA_C
|
||||||
#define MBEDTLS_BIGNUM_C
|
#define MBEDTLS_BIGNUM_C
|
||||||
#define MBEDTLS_OID_C
|
#define MBEDTLS_OID_C
|
||||||
#define MBEDTLS_GENPRIME
|
#define MBEDTLS_PK_PARSE_C
|
||||||
|
#define MBEDTLS_PK_WRITE_C
|
||||||
|
#define MBEDTLS_PK_C
|
||||||
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
|
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
|
||||||
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
|
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
|
||||||
|
|
||||||
@ -164,6 +181,10 @@ extern "C" {
|
|||||||
* Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
|
* Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
|
||||||
* is not defined
|
* is not defined
|
||||||
*/
|
*/
|
||||||
|
#if defined(MBEDTLS_ECDH_C)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
|
||||||
|
#endif /* MBEDTLS_ECDH_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECDSA_C)
|
#if defined(MBEDTLS_ECDSA_C)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
|
||||||
|
|
||||||
@ -174,24 +195,22 @@ extern "C" {
|
|||||||
|
|
||||||
#endif /* MBEDTLS_ECDSA_C */
|
#endif /* MBEDTLS_ECDSA_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECDH_C)
|
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
|
|
||||||
#endif /* MBEDTLS_ECDH_C */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
|
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
|
||||||
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
|
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||||
#endif /* MBEDTLS_ECP_C */
|
#endif /* MBEDTLS_ECP_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_MD_C)
|
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
|
||||||
#endif /* MBEDTLS_MD_C */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_HKDF_C)
|
#if defined(MBEDTLS_HKDF_C)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
|
||||||
#endif /* MBEDTLS_HKDF_C */
|
#endif /* MBEDTLS_HKDF_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_MD_C)
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
|
||||||
|
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
|
||||||
|
#endif /* MBEDTLS_MD_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_RSA_C)
|
#if defined(MBEDTLS_RSA_C)
|
||||||
#if defined(MBEDTLS_PKCS1_V15)
|
#if defined(MBEDTLS_PKCS1_V15)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
|
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
|
||||||
|
@ -42,7 +42,12 @@
|
|||||||
#include "mbedtls/dhm.h"
|
#include "mbedtls/dhm.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECDH_C) || defined(PSA_WANT_ALG_ECDH)
|
/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
|
||||||
|
* to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
|
||||||
|
* in functionality that access to ecdh_ctx structure is needed for
|
||||||
|
* MBEDTLS_ECDSA_C which does not seem correct.
|
||||||
|
*/
|
||||||
|
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
|
||||||
#include "mbedtls/ecdh.h"
|
#include "mbedtls/ecdh.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -437,7 +437,12 @@ struct mbedtls_ssl_handshake_params
|
|||||||
#if defined(MBEDTLS_DHM_C)
|
#if defined(MBEDTLS_DHM_C)
|
||||||
mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */
|
mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_ECDH_C) || defined(PSA_WANT_ALG_ECDH)
|
/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
|
||||||
|
* to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
|
||||||
|
* in functionality that access to ecdh_ctx structure is needed for
|
||||||
|
* MBEDTLS_ECDSA_C which does not seem correct.
|
||||||
|
*/
|
||||||
|
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
|
||||||
mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */
|
mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */
|
||||||
|
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
@ -447,7 +452,7 @@ struct mbedtls_ssl_handshake_params
|
|||||||
unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
|
unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
|
||||||
size_t ecdh_psa_peerkey_len;
|
size_t ecdh_psa_peerkey_len;
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
#endif /* MBEDTLS_ECDH_C || PSA_WANT_ALG_ECDH */
|
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
mbedtls_ecjpake_context ecjpake_ctx; /*!< EC J-PAKE key exchange */
|
mbedtls_ecjpake_context ecjpake_ctx; /*!< EC J-PAKE key exchange */
|
||||||
|
@ -50,20 +50,20 @@
|
|||||||
#ifndef PSA_CRYPTO_CONFIG_H
|
#ifndef PSA_CRYPTO_CONFIG_H
|
||||||
#define PSA_CRYPTO_CONFIG_H
|
#define PSA_CRYPTO_CONFIG_H
|
||||||
|
|
||||||
#define PSA_WANT_ALG_ECDSA 1
|
|
||||||
#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
|
#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
|
||||||
#define PSA_WANT_ALG_ECDH 1
|
#define PSA_WANT_ALG_ECDH 1
|
||||||
#define PSA_WANT_ALG_HMAC 1
|
#define PSA_WANT_ALG_ECDSA 1
|
||||||
#define PSA_WANT_ALG_HKDF 1
|
#define PSA_WANT_ALG_HKDF 1
|
||||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
|
#define PSA_WANT_ALG_HMAC 1
|
||||||
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
#define PSA_WANT_ALG_RSA_OAEP 1
|
||||||
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
|
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
|
||||||
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
|
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
|
||||||
#define PSA_WANT_ALG_RSA_OAEP 1
|
|
||||||
#define PSA_WANT_ALG_RSA_PSS 1
|
#define PSA_WANT_ALG_RSA_PSS 1
|
||||||
|
#define PSA_WANT_ALG_TLS12_PRF 1
|
||||||
|
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
|
||||||
|
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
|
||||||
|
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
|
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
|
||||||
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
|
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||||
|
|
||||||
#include "psa/check_crypto_config.h"
|
|
||||||
|
|
||||||
#endif /* PSA_CRYPTO_CONFIG_H */
|
#endif /* PSA_CRYPTO_CONFIG_H */
|
||||||
|
@ -64,4 +64,9 @@
|
|||||||
#error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
|
#error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
|
||||||
|
!defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||||
|
#error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR defined, but not all prerequisites"
|
||||||
|
#endif
|
||||||
|
|
||||||
#endif /* MBEDTLS_CHECK_CRYPTO_CONFIG_H */
|
#endif /* MBEDTLS_CHECK_CRYPTO_CONFIG_H */
|
@ -22,6 +22,10 @@
|
|||||||
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
|
||||||
|
#include "check_crypto_config.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
#include "psa_crypto_service_integration.h"
|
#include "psa_crypto_service_integration.h"
|
||||||
#include "psa/crypto.h"
|
#include "psa/crypto.h"
|
||||||
|
|
||||||
@ -370,6 +374,11 @@ static inline int psa_key_slot_is_external( const psa_key_slot_t *slot )
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
|
|
||||||
|
/* For now the MBEDTLS_PSA_ACCEL_ guards are also used here since the
|
||||||
|
* current test driver in key_management.c is using this function
|
||||||
|
* when accelerators are used for ECC key pair and public key.
|
||||||
|
* Once that dependency is resolved these guards can be removed.
|
||||||
|
*/
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
|
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
|
||||||
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
|
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
|
||||||
@ -502,7 +511,6 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
|
|||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||||
|
|
||||||
#if defined(MBEDTLS_PK_PARSE_C)
|
|
||||||
/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
|
/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
|
||||||
* that are not a multiple of 8) well. For example, there is only
|
* that are not a multiple of 8) well. For example, there is only
|
||||||
* mbedtls_rsa_get_len(), which returns a number of bytes, and no
|
* mbedtls_rsa_get_len(), which returns a number of bytes, and no
|
||||||
@ -524,7 +532,6 @@ static psa_status_t psa_check_rsa_key_byte_aligned(
|
|||||||
mbedtls_mpi_free( &n );
|
mbedtls_mpi_free( &n );
|
||||||
return( status );
|
return( status );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PK_PARSE_C */
|
|
||||||
|
|
||||||
/** Load the contents of a key buffer into an internal RSA representation
|
/** Load the contents of a key buffer into an internal RSA representation
|
||||||
*
|
*
|
||||||
@ -541,7 +548,6 @@ static psa_status_t psa_load_rsa_representation( psa_key_type_t type,
|
|||||||
size_t data_length,
|
size_t data_length,
|
||||||
mbedtls_rsa_context **p_rsa )
|
mbedtls_rsa_context **p_rsa )
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_PK_PARSE_C)
|
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
mbedtls_pk_context ctx;
|
mbedtls_pk_context ctx;
|
||||||
size_t bits;
|
size_t bits;
|
||||||
@ -586,13 +592,6 @@ static psa_status_t psa_load_rsa_representation( psa_key_type_t type,
|
|||||||
exit:
|
exit:
|
||||||
mbedtls_pk_free( &ctx );
|
mbedtls_pk_free( &ctx );
|
||||||
return( status );
|
return( status );
|
||||||
#else
|
|
||||||
(void) data;
|
|
||||||
(void) data_length;
|
|
||||||
(void) type;
|
|
||||||
(void) rsa;
|
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
#endif /* MBEDTLS_PK_PARSE_C */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
|
||||||
@ -1463,11 +1462,7 @@ psa_status_t psa_get_key_domain_parameters(
|
|||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||||
static psa_status_t psa_get_rsa_public_exponent(
|
static psa_status_t psa_get_rsa_public_exponent(
|
||||||
const mbedtls_rsa_context *rsa,
|
const mbedtls_rsa_context *rsa,
|
||||||
@ -1508,11 +1503,7 @@ exit:
|
|||||||
mbedtls_free( buffer );
|
mbedtls_free( buffer );
|
||||||
return( mbedtls_to_psa_error( ret ) );
|
return( mbedtls_to_psa_error( ret ) );
|
||||||
}
|
}
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||||
|
|
||||||
/** Retrieve all the publicly-accessible attributes of a key.
|
/** Retrieve all the publicly-accessible attributes of a key.
|
||||||
@ -1540,11 +1531,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle,
|
|||||||
|
|
||||||
switch( slot->attr.type )
|
switch( slot->attr.type )
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||||
case PSA_KEY_TYPE_RSA_KEY_PAIR:
|
case PSA_KEY_TYPE_RSA_KEY_PAIR:
|
||||||
case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
|
case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
|
||||||
@ -1572,11 +1559,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle,
|
|||||||
mbedtls_free( rsa );
|
mbedtls_free( rsa );
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||||
default:
|
default:
|
||||||
/* Nothing else to do. */
|
/* Nothing else to do. */
|
||||||
@ -2352,8 +2335,7 @@ exit:
|
|||||||
/* Message digests */
|
/* Message digests */
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
|
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
|
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||||
@ -2399,8 +2381,7 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
|
|||||||
return( NULL );
|
return( NULL );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
|
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
|
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
|
||||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||||
@ -2947,7 +2928,7 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg )
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) */
|
||||||
|
|
||||||
/* Initialize the MAC operation structure. Once this function has been
|
/* Initialize the MAC operation structure. Once this function has been
|
||||||
* called, psa_mac_abort can run and will do the right thing. */
|
* called, psa_mac_abort can run and will do the right thing. */
|
||||||
@ -3525,10 +3506,6 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
|
|||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
mbedtls_md_type_t md_alg;
|
mbedtls_md_type_t md_alg;
|
||||||
#if !defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
|
||||||
(void)hash;
|
|
||||||
(void)signature;
|
|
||||||
#endif /* !MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
|
||||||
|
|
||||||
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
@ -3587,10 +3564,6 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
|
|||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
mbedtls_md_type_t md_alg;
|
mbedtls_md_type_t md_alg;
|
||||||
#if !defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
|
||||||
(void)hash;
|
|
||||||
(void)signature;
|
|
||||||
#endif /* !MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
|
||||||
|
|
||||||
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
@ -5014,6 +4987,12 @@ exit:
|
|||||||
/* Generators */
|
/* Generators */
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
|
||||||
|
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
|
||||||
|
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
|
#define AT_LEAST_ONE_BUILTIN_KDF
|
||||||
|
#endif
|
||||||
|
|
||||||
#define HKDF_STATE_INIT 0 /* no input yet */
|
#define HKDF_STATE_INIT 0 /* no input yet */
|
||||||
#define HKDF_STATE_STARTED 1 /* got salt */
|
#define HKDF_STATE_STARTED 1 /* got salt */
|
||||||
#define HKDF_STATE_KEYED 2 /* got key */
|
#define HKDF_STATE_KEYED 2 /* got key */
|
||||||
@ -5028,7 +5007,6 @@ static psa_algorithm_t psa_key_derivation_get_kdf_alg(
|
|||||||
return( operation->alg );
|
return( operation->alg );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation )
|
psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation )
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_SUCCESS;
|
psa_status_t status = PSA_SUCCESS;
|
||||||
@ -5046,7 +5024,11 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation
|
|||||||
mbedtls_free( operation->ctx.hkdf.info );
|
mbedtls_free( operation->ctx.hkdf.info );
|
||||||
status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac );
|
status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac );
|
||||||
}
|
}
|
||||||
else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
|
else
|
||||||
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
|
||||||
|
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
|
if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
|
||||||
/* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */
|
/* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */
|
||||||
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
||||||
{
|
{
|
||||||
@ -5070,7 +5052,8 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation
|
|||||||
* mbedtls_platform_zeroize() in the end of this function. */
|
* mbedtls_platform_zeroize() in the end of this function. */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
|
||||||
|
* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) */
|
||||||
{
|
{
|
||||||
status = PSA_ERROR_BAD_STATE;
|
status = PSA_ERROR_BAD_STATE;
|
||||||
}
|
}
|
||||||
@ -5171,7 +5154,10 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd
|
|||||||
|
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
|
||||||
|
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
static psa_status_t psa_key_derivation_tls12_prf_generate_next_block(
|
static psa_status_t psa_key_derivation_tls12_prf_generate_next_block(
|
||||||
psa_tls12_prf_key_derivation_t *tls12_prf,
|
psa_tls12_prf_key_derivation_t *tls12_prf,
|
||||||
psa_algorithm_t alg )
|
psa_algorithm_t alg )
|
||||||
@ -5318,7 +5304,8 @@ static psa_status_t psa_key_derivation_tls12_prf_read(
|
|||||||
|
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
|
||||||
|
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
|
||||||
|
|
||||||
psa_status_t psa_key_derivation_output_bytes(
|
psa_status_t psa_key_derivation_output_bytes(
|
||||||
psa_key_derivation_operation_t *operation,
|
psa_key_derivation_operation_t *operation,
|
||||||
@ -5326,9 +5313,7 @@ psa_status_t psa_key_derivation_output_bytes(
|
|||||||
size_t output_length )
|
size_t output_length )
|
||||||
{
|
{
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
|
|
||||||
psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation );
|
psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation );
|
||||||
#endif
|
|
||||||
|
|
||||||
if( operation->alg == 0 )
|
if( operation->alg == 0 )
|
||||||
{
|
{
|
||||||
@ -5364,15 +5349,19 @@ psa_status_t psa_key_derivation_output_bytes(
|
|||||||
output, output_length );
|
output, output_length );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
|
||||||
|
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
|
if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
|
||||||
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
||||||
{
|
{
|
||||||
status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf,
|
status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf,
|
||||||
kdf_alg, output,
|
kdf_alg, output,
|
||||||
output_length );
|
output_length );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
|
||||||
|
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
|
||||||
{
|
{
|
||||||
return( PSA_ERROR_BAD_STATE );
|
return( PSA_ERROR_BAD_STATE );
|
||||||
}
|
}
|
||||||
@ -5482,22 +5471,36 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut
|
|||||||
/* Key derivation */
|
/* Key derivation */
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
|
|
||||||
|
#ifdef AT_LEAST_ONE_BUILTIN_KDF
|
||||||
static psa_status_t psa_key_derivation_setup_kdf(
|
static psa_status_t psa_key_derivation_setup_kdf(
|
||||||
psa_key_derivation_operation_t *operation,
|
psa_key_derivation_operation_t *operation,
|
||||||
psa_algorithm_t kdf_alg )
|
psa_algorithm_t kdf_alg )
|
||||||
{
|
{
|
||||||
#if !defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
|
int is_kdf_alg_supported;
|
||||||
(void)kdf_alg;
|
|
||||||
#endif
|
|
||||||
/* Make sure that operation->ctx is properly zero-initialised. (Macro
|
/* Make sure that operation->ctx is properly zero-initialised. (Macro
|
||||||
* initialisers for this union leave some bytes unspecified.) */
|
* initialisers for this union leave some bytes unspecified.) */
|
||||||
memset( &operation->ctx, 0, sizeof( operation->ctx ) );
|
memset( &operation->ctx, 0, sizeof( operation->ctx ) );
|
||||||
|
|
||||||
/* Make sure that kdf_alg is a supported key derivation algorithm. */
|
/* Make sure that kdf_alg is a supported key derivation algorithm. */
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
|
||||||
if( PSA_ALG_IS_HKDF( kdf_alg ) ||
|
if( PSA_ALG_IS_HKDF( kdf_alg ) )
|
||||||
PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
|
is_kdf_alg_supported = 1;
|
||||||
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
else
|
||||||
|
#endif
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF)
|
||||||
|
if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) )
|
||||||
|
is_kdf_alg_supported = 1;
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
|
if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
||||||
|
is_kdf_alg_supported = 1;
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
is_kdf_alg_supported = 0;
|
||||||
|
|
||||||
|
if( is_kdf_alg_supported )
|
||||||
{
|
{
|
||||||
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
|
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
|
||||||
size_t hash_size = PSA_HASH_SIZE( hash_alg );
|
size_t hash_size = PSA_HASH_SIZE( hash_alg );
|
||||||
@ -5512,10 +5515,10 @@ static psa_status_t psa_key_derivation_setup_kdf(
|
|||||||
operation->capacity = 255 * hash_size;
|
operation->capacity = 255 * hash_size;
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
}
|
}
|
||||||
|
#endif /* AT_LEAST_ONE_BUILTIN_KDF */
|
||||||
|
|
||||||
psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation,
|
psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation,
|
||||||
psa_algorithm_t alg )
|
psa_algorithm_t alg )
|
||||||
@ -5527,6 +5530,7 @@ psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation
|
|||||||
|
|
||||||
if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
|
if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
#ifdef AT_LEAST_ONE_BUILTIN_KDF
|
||||||
else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
|
else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
|
||||||
{
|
{
|
||||||
psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
|
psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
|
||||||
@ -5536,6 +5540,7 @@ psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation
|
|||||||
{
|
{
|
||||||
status = psa_key_derivation_setup_kdf( operation, alg );
|
status = psa_key_derivation_setup_kdf( operation, alg );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
else
|
else
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
@ -5609,7 +5614,10 @@ static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf,
|
|||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
|
||||||
|
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf,
|
static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf,
|
||||||
const uint8_t *data,
|
const uint8_t *data,
|
||||||
size_t data_length )
|
size_t data_length )
|
||||||
@ -5650,41 +5658,6 @@ static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf,
|
|||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
|
|
||||||
static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
|
|
||||||
psa_tls12_prf_key_derivation_t *prf,
|
|
||||||
psa_algorithm_t hash_alg,
|
|
||||||
const uint8_t *data,
|
|
||||||
size_t data_length )
|
|
||||||
{
|
|
||||||
psa_status_t status;
|
|
||||||
uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ];
|
|
||||||
uint8_t *cur = pms;
|
|
||||||
|
|
||||||
if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN )
|
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
|
||||||
|
|
||||||
/* Quoting RFC 4279, Section 2:
|
|
||||||
*
|
|
||||||
* The premaster secret is formed as follows: if the PSK is N octets
|
|
||||||
* long, concatenate a uint16 with the value N, N zero octets, a second
|
|
||||||
* uint16 with the value N, and the PSK itself.
|
|
||||||
*/
|
|
||||||
|
|
||||||
*cur++ = ( data_length >> 8 ) & 0xff;
|
|
||||||
*cur++ = ( data_length >> 0 ) & 0xff;
|
|
||||||
memset( cur, 0, data_length );
|
|
||||||
cur += data_length;
|
|
||||||
*cur++ = pms[0];
|
|
||||||
*cur++ = pms[1];
|
|
||||||
memcpy( cur, data, data_length );
|
|
||||||
cur += data_length;
|
|
||||||
|
|
||||||
status = psa_tls12_prf_set_key( prf, hash_alg, pms, cur - pms );
|
|
||||||
|
|
||||||
mbedtls_platform_zeroize( pms, sizeof( pms ) );
|
|
||||||
return( status );
|
|
||||||
}
|
|
||||||
|
|
||||||
static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf,
|
static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf,
|
||||||
const uint8_t *data,
|
const uint8_t *data,
|
||||||
size_t data_length )
|
size_t data_length )
|
||||||
@ -5725,6 +5698,44 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf,
|
|||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
|
||||||
|
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
|
static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
|
||||||
|
psa_tls12_prf_key_derivation_t *prf,
|
||||||
|
psa_algorithm_t hash_alg,
|
||||||
|
const uint8_t *data,
|
||||||
|
size_t data_length )
|
||||||
|
{
|
||||||
|
psa_status_t status;
|
||||||
|
uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ];
|
||||||
|
uint8_t *cur = pms;
|
||||||
|
|
||||||
|
if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
|
/* Quoting RFC 4279, Section 2:
|
||||||
|
*
|
||||||
|
* The premaster secret is formed as follows: if the PSK is N octets
|
||||||
|
* long, concatenate a uint16 with the value N, N zero octets, a second
|
||||||
|
* uint16 with the value N, and the PSK itself.
|
||||||
|
*/
|
||||||
|
|
||||||
|
*cur++ = ( data_length >> 8 ) & 0xff;
|
||||||
|
*cur++ = ( data_length >> 0 ) & 0xff;
|
||||||
|
memset( cur, 0, data_length );
|
||||||
|
cur += data_length;
|
||||||
|
*cur++ = pms[0];
|
||||||
|
*cur++ = pms[1];
|
||||||
|
memcpy( cur, data, data_length );
|
||||||
|
cur += data_length;
|
||||||
|
|
||||||
|
status = psa_tls12_prf_set_key( prf, hash_alg, pms, cur - pms );
|
||||||
|
|
||||||
|
mbedtls_platform_zeroize( pms, sizeof( pms ) );
|
||||||
|
return( status );
|
||||||
|
}
|
||||||
|
|
||||||
static psa_status_t psa_tls12_prf_psk_to_ms_input(
|
static psa_status_t psa_tls12_prf_psk_to_ms_input(
|
||||||
psa_tls12_prf_key_derivation_t *prf,
|
psa_tls12_prf_key_derivation_t *prf,
|
||||||
@ -5741,7 +5752,7 @@ static psa_status_t psa_tls12_prf_psk_to_ms_input(
|
|||||||
|
|
||||||
return( psa_tls12_prf_input( prf, hash_alg, step, data, data_length ) );
|
return( psa_tls12_prf_input( prf, hash_alg, step, data, data_length ) );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
|
||||||
|
|
||||||
/** Check whether the given key type is acceptable for the given
|
/** Check whether the given key type is acceptable for the given
|
||||||
* input step of a key derivation.
|
* input step of a key derivation.
|
||||||
@ -5785,12 +5796,7 @@ static psa_status_t psa_key_derivation_input_internal(
|
|||||||
size_t data_length )
|
size_t data_length )
|
||||||
{
|
{
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
|
|
||||||
psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation );
|
psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation );
|
||||||
#else
|
|
||||||
(void)data;
|
|
||||||
(void)data_length;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
|
||||||
|
|
||||||
status = psa_key_derivation_check_input_type( step, key_type );
|
status = psa_key_derivation_check_input_type( step, key_type );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
@ -5803,20 +5809,26 @@ static psa_status_t psa_key_derivation_input_internal(
|
|||||||
PSA_ALG_HKDF_GET_HASH( kdf_alg ),
|
PSA_ALG_HKDF_GET_HASH( kdf_alg ),
|
||||||
step, data, data_length );
|
step, data, data_length );
|
||||||
}
|
}
|
||||||
else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) )
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF)
|
||||||
|
if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) )
|
||||||
{
|
{
|
||||||
status = psa_tls12_prf_input( &operation->ctx.tls12_prf,
|
status = psa_tls12_prf_input( &operation->ctx.tls12_prf,
|
||||||
PSA_ALG_HKDF_GET_HASH( kdf_alg ),
|
PSA_ALG_HKDF_GET_HASH( kdf_alg ),
|
||||||
step, data, data_length );
|
step, data, data_length );
|
||||||
}
|
}
|
||||||
else if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
|
||||||
|
if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
|
||||||
{
|
{
|
||||||
status = psa_tls12_prf_psk_to_ms_input( &operation->ctx.tls12_prf,
|
status = psa_tls12_prf_psk_to_ms_input( &operation->ctx.tls12_prf,
|
||||||
PSA_ALG_HKDF_GET_HASH( kdf_alg ),
|
PSA_ALG_HKDF_GET_HASH( kdf_alg ),
|
||||||
step, data, data_length );
|
step, data, data_length );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
|
||||||
{
|
{
|
||||||
/* This can't happen unless the operation object was not initialized */
|
/* This can't happen unless the operation object was not initialized */
|
||||||
return( PSA_ERROR_BAD_STATE );
|
return( PSA_ERROR_BAD_STATE );
|
||||||
@ -6121,8 +6133,7 @@ psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed,
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
|
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
||||||
defined(MBEDTLS_GENPRIME)
|
|
||||||
static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
|
static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
|
||||||
size_t domain_parameters_size,
|
size_t domain_parameters_size,
|
||||||
int *exponent )
|
int *exponent )
|
||||||
@ -6148,8 +6159,7 @@ static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
|
|||||||
*exponent = acc;
|
*exponent = acc;
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) &&
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||||
* defined(MBEDTLS_GENPRIME) */
|
|
||||||
|
|
||||||
static psa_status_t psa_generate_key_internal(
|
static psa_status_t psa_generate_key_internal(
|
||||||
psa_key_slot_t *slot, size_t bits,
|
psa_key_slot_t *slot, size_t bits,
|
||||||
@ -6187,8 +6197,7 @@ static psa_status_t psa_generate_key_internal(
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
||||||
defined(MBEDTLS_GENPRIME)
|
|
||||||
if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
||||||
{
|
{
|
||||||
mbedtls_rsa_context rsa;
|
mbedtls_rsa_context rsa;
|
||||||
@ -6236,8 +6245,7 @@ static psa_status_t psa_generate_key_internal(
|
|||||||
return( status );
|
return( status );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) &&
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||||
* defined(MBEDTLS_GENPRIME) */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
|
||||||
if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
|
if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
|
||||||
|
@ -1369,7 +1369,7 @@ component_build_psa_accel_key_type_ecc_key_pair() {
|
|||||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
||||||
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
|
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
|
||||||
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
|
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
|
||||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
|
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||||
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
|
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
|
||||||
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
|
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
|
||||||
}
|
}
|
||||||
|
@ -221,7 +221,6 @@
|
|||||||
<ClInclude Include="..\..\include\mbedtls\x509_crt.h" />
|
<ClInclude Include="..\..\include\mbedtls\x509_crt.h" />
|
||||||
<ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
|
<ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
|
||||||
<ClInclude Include="..\..\include\mbedtls\xtea.h" />
|
<ClInclude Include="..\..\include\mbedtls\xtea.h" />
|
||||||
<ClInclude Include="..\..\include\psa\check_crypto_config.h" />
|
|
||||||
<ClInclude Include="..\..\include\psa\crypto.h" />
|
<ClInclude Include="..\..\include\psa\crypto.h" />
|
||||||
<ClInclude Include="..\..\include\psa\crypto_accel_driver.h" />
|
<ClInclude Include="..\..\include\psa\crypto_accel_driver.h" />
|
||||||
<ClInclude Include="..\..\include\psa\crypto_compat.h" />
|
<ClInclude Include="..\..\include\psa\crypto_compat.h" />
|
||||||
@ -246,6 +245,7 @@
|
|||||||
<ClInclude Include="..\..\tests\include\test\drivers\signature.h" />
|
<ClInclude Include="..\..\tests\include\test\drivers\signature.h" />
|
||||||
<ClInclude Include="..\..\tests\include\test\drivers\size.h" />
|
<ClInclude Include="..\..\tests\include\test\drivers\size.h" />
|
||||||
<ClInclude Include="..\..\tests\include\test\drivers\test_driver.h" />
|
<ClInclude Include="..\..\tests\include\test\drivers\test_driver.h" />
|
||||||
|
<ClInclude Include="..\..\library\check_crypto_config.h" />
|
||||||
<ClInclude Include="..\..\library\common.h" />
|
<ClInclude Include="..\..\library\common.h" />
|
||||||
<ClInclude Include="..\..\library\psa_crypto_core.h" />
|
<ClInclude Include="..\..\library\psa_crypto_core.h" />
|
||||||
<ClInclude Include="..\..\library\psa_crypto_driver_wrappers.h" />
|
<ClInclude Include="..\..\library\psa_crypto_driver_wrappers.h" />
|
||||||
|
Loading…
Reference in New Issue
Block a user