TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / b9309b69b76b04fcdfe331fbd96d1fc5e040f85a / . / lib / ext / t_cose / 0005-Remove-or-disable-unused-functions-in-PSA-Crypto-lay.patch
blob: 82448ca17e7e938134811cc90990f53f22cf7ca8 [file] [log] [blame]
From 1052a755db3b99a52babcfbf4dae711da8e4fd16 Mon Sep 17 00:00:00 2001
From: David Vincze <david.vincze@arm.com>
Date: Wed, 15 Jan 2025 19:31:41 +0000
Subject: [PATCH] Remove or disable unused functions in PSA Crypto layer
- Remove unused HKDF function from the PSA Crypto adaptor
layer to prevent build errors due to disabled MbedTLS
support that it depends on. HKDF is currently not
supported properly by the PSA Crypto adaptor layer.
- Disable unused functions to avoid unnecessary build
dependencies.
---
crypto_adapters/t_cose_psa_crypto.c | 53 -----------------------------
crypto_adapter s/t_cose_psa_crypto.h | 6 ++--
2 files changed, 3 insertions(+), 56 deletions(-)
diff --git a/crypto_adapters/t_cose_psa_crypto.c b/crypto_adapters/t_cose_psa_crypto.c
index 80d1961..2095002 100644
--- a/crypto_adapters/t_cose_psa_crypto.c
+++ b/crypto_adapters/t_cose_psa_crypto.c
@@ -43,9 +43,6 @@
#include <mbedtls/nist_kw.h>
#endif /* T_COSE_DISABLE_KEYWRAP */
-#include <mbedtls/hkdf.h>
-#include <mbedtls/md.h>
-
#include "t_cose_util.h"
#include "t_cose_psa_crypto.h"
@@ -1600,56 +1597,6 @@ t_cose_crypto_ecdh(struct t_cose_key private_key,
-
-/*
- * See documentation in t_cose_crypto.h
- */
-enum t_cose_err_t
-t_cose_crypto_hkdf(const int32_t cose_hash_algorithm_id,
- const struct q_useful_buf_c salt,
- const struct q_useful_buf_c ikm,
- const struct q_useful_buf_c info,
- const struct q_useful_buf okm_buffer)
-{
- int psa_result;
- const mbedtls_md_info_t *md_info;
- mbedtls_md_type_t hash_type;
-
- switch(cose_hash_algorithm_id) {
- case T_COSE_ALGORITHM_SHA_256:
- hash_type = MBEDTLS_MD_SHA256;
- break;
- case T_COSE_ALGORITHM_SHA_384:
- hash_type = MBEDTLS_MD_SHA384;
- break;
- case T_COSE_ALGORITHM_SHA_512:
- hash_type = MBEDTLS_MD_SHA512;
- break;
- default:
- hash_type = MBEDTLS_MD_NONE;
- break;
- }
-
- md_info = mbedtls_md_info_from_type(hash_type);
- if(md_info == NULL) {
- return T_COSE_ERR_UNSUPPORTED_HASH;
- }
-
- psa_result = mbedtls_hkdf(md_info,
- salt.ptr, salt.len,
- ikm.ptr, ikm.len,
- info.ptr, info.len,
- okm_buffer.ptr, okm_buffer.len);
- if(psa_result != PSA_SUCCESS) {
- return T_COSE_ERR_HKDF_FAIL;
- }
-
- return T_COSE_SUCCESS;
-}
-
-
-
-
/*
* See documentation in t_cose_crypto.h
*/
diff --git a/crypto_adapters/t_cose_psa_crypto.h b/crypto_adapters/t_cose_psa_crypto.h
index bf4963c..5718f81 100644
--- a/crypto_adapters/t_cose_psa_crypto.h
+++ b/crypto_adapters/t_cose_psa_crypto.h
@@ -14,9 +14,9 @@
#include <psa/crypto.h>
-#define PSA_CRYPTO_HAS_RESTARTABLE_SIGNING \
- ((MBEDTLS_VERSION_MAJOR == 3 && MBEDTLS_VERSION_MINOR >= 4) || \
- MBEDTLS_VERSION_MAJOR > 3)
+/* #define PSA_CRYPTO_HAS_RESTARTABLE_SIGNING \
+ * ((MBEDTLS_VERSION_MAJOR == 3 && MBEDTLS_VERSION_MINOR >= 4) || \
+ * MBEDTLS_VERSION_MAJOR > 3) */
#if PSA_CRYPTO_HAS_RESTARTABLE_SIGNING
struct t_cose_psa_crypto_context {
--
2.34.1