TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 40859ac3b6ad62fccbd5078207480515b654bdbd^! / .
commit40859ac3b6ad62fccbd5078207480515b654bdbd[log] [tgz]
authorValerio Setti <valerio.setti@nordicsemi.no>Wed Oct 09 14:45:51 2024 +0200
committerValerio Setti <valerio.setti@nordicsemi.no>Tue Oct 22 13:31:19 2024 +0200
tree7c647fc52b6b7efde2ec92bc37e3827f9c9be157
parenta71c75f0fbc9327fea2a2139e58c3e2379fefa37 [diff]
fix PR9302 backporting issues

- psa_crypto_helpers.h

mbedtls-3.6 branch misses some crypto client changes that has
been done in the development branch since the LTS release. Therefore
CRYPTO_C guard here is more accurate than CRYPTO_CLIENT.

- entropy.h

In the development branch MBEDTLS_ENTROPY_BLOCK_SIZE is defined
when PSA_WANT_ALG_SHA_[256/512] is defined while in the mbedtls-3.6
branch is guarded by MBEDTLS_MD_CAN_SHA[256/512] which is slightly
different. Since MBEDTLS_ENTROPY_BLOCK_SIZE is used in some tests's
data files, we need to have it defined also if the related test
is skipped. Therefore we add the PSA_WANT_ALG_SHA conditions together
with the MBEDTLS_MD_CAN_SHA ones to mimic the development behavior.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 20fd687..6c64e3e 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h

@@ -17,12 +17,13 @@
 
 #include "md.h"
 
-#if defined(MBEDTLS_MD_CAN_SHA512) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
+#if (defined(MBEDTLS_MD_CAN_SHA512) || defined(PSA_WANT_ALG_SHA_512)) && \
+    !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
 #define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR
 #define MBEDTLS_ENTROPY_MD  MBEDTLS_MD_SHA512
 #define MBEDTLS_ENTROPY_BLOCK_SIZE      64      /**< Block size of entropy accumulator (SHA-512) */
 #else
-#if defined(MBEDTLS_MD_CAN_SHA256)
+#if (defined(MBEDTLS_MD_CAN_SHA256) || defined(PSA_WANT_ALG_SHA_256))
 #define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR
 #define MBEDTLS_ENTROPY_MD  MBEDTLS_MD_SHA256
 #define MBEDTLS_ENTROPY_BLOCK_SIZE      32      /**< Block size of entropy accumulator (SHA-256) */

diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
index 195f871..bf0707d 100644
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h

@@ -471,7 +471,7 @@
 /* A couple of helper macros to verify if MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE is
  * large enough to contain an RSA key pair of the given size. This is meant to be
  * used in test cases where MBEDTLS_PSA_STATIC_KEY_SLOTS is enabled. */
-#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+#if defined(MBEDTLS_PSA_CRYPTO_C)
 
 #if (MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE >= PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(4096))
 #define MBEDTLS_TEST_STATIC_KEY_SLOTS_SUPPORT_RSA_4096
@@ -481,7 +481,7 @@
 #define MBEDTLS_TEST_STATIC_KEY_SLOTS_SUPPORT_RSA_2048
 #endif
 
-#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
+#endif /* MBEDTLS_PSA_CRYPTO_C */
 
 /* Helper macro to get the size of the each key slot buffer. */
 #if defined(MBEDTLS_PSA_STATIC_KEY_SLOTS)