Rm dependency on MD in psa_crypto_rsa.c
The previous commit made the PKCS#1v1.5 part of rsa.c independent from
md.c, but there was still a dependency in the corresponding part in PSA.
This commit removes it.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
index 536c6c1..28e0b87 100644
--- a/library/psa_crypto_hash.c
+++ b/library/psa_crypto_hash.c
@@ -29,8 +29,7 @@
#include <mbedtls/error.h>
#include <string.h>
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
@@ -69,8 +68,7 @@
return( NULL );
}
}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index 68f4bf1..f4d3f9c 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@@ -41,6 +41,7 @@
#include <mbedtls/error.h>
#include <mbedtls/pk.h>
#include "pk_wrap.h"
+#include "md_internal.h"
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
@@ -319,6 +320,30 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+/* Convert a hash algorithm from PSA to MD identifier */
+static inline mbedtls_md_type_t get_md_alg_from_psa( psa_algorithm_t psa_alg )
+{
+ switch( psa_alg )
+ {
+ case PSA_ALG_MD5:
+ return( MBEDTLS_MD_MD5 );
+ case PSA_ALG_RIPEMD160:
+ return( MBEDTLS_MD_RIPEMD160 );
+ case PSA_ALG_SHA_1:
+ return( MBEDTLS_MD_SHA1 );
+ case PSA_ALG_SHA_224:
+ return( MBEDTLS_MD_SHA224 );
+ case PSA_ALG_SHA_256:
+ return( MBEDTLS_MD_SHA256 );
+ case PSA_ALG_SHA_384:
+ return( MBEDTLS_MD_SHA384 );
+ case PSA_ALG_SHA_512:
+ return( MBEDTLS_MD_SHA512 );
+ default:
+ return( MBEDTLS_MD_NONE );
+ }
+}
+
/* Decode the hash algorithm from alg and store the mbedtls encoding in
* md_alg. Verify that the hash length is acceptable. */
static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
@@ -326,8 +351,7 @@
mbedtls_md_type_t *md_alg )
{
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
- *md_alg = mbedtls_md_get_type( md_info );
+ *md_alg = get_md_alg_from_psa( hash_alg );
/* The Mbed TLS RSA module uses an unsigned int for hash length
* parameters. Validate that it fits so that we don't risk an
@@ -340,9 +364,9 @@
/* For signatures using a hash, the hash length must be correct. */
if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
{
- if( md_info == NULL )
+ if( *md_alg == MBEDTLS_MD_NONE )
return( PSA_ERROR_NOT_SUPPORTED );
- if( mbedtls_md_get_size( md_info ) != hash_length )
+ if( mbedtls_md_internal_get_size( *md_alg ) != hash_length )
return( PSA_ERROR_INVALID_ARGUMENT );
}