PKCS5: always use MD
As a consequence, MD_C is now enabled in component accel_hash_use_psa.
Fix guards in X.509 info function to avoid this causing a failure now.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index 681c973..e66032d 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -80,6 +80,13 @@
#include MBEDTLS_USER_CONFIG_FILE
#endif
+/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it
+ * in a previous release, to ensure backwards compatibility.
+ */
+#if defined(MBEDTLS_PKCS5_C)
+#define MBEDTLS_MD_C
+#endif
+
/* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C.
* This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C.
*/
@@ -87,7 +94,8 @@
#define MBEDTLS_MD_LIGHT
#endif
-/* Auto-enable MBEDTLS_MD_LIGHT if some module needs it.
+/* Auto-enable MBEDTLS_MD_LIGHT if needed by a module that didn't require it
+ * in a previous release, to ensure backwards compatibility.
*/
#if defined(MBEDTLS_ECJPAKE_C) || \
defined(MBEDTLS_PEM_PARSE_C) || \
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 412bb0a..0d7ea14 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -169,8 +169,7 @@
#endif
#if defined(MBEDTLS_PKCS5_C) && \
- ( !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) || \
- !defined(MBEDTLS_CIPHER_C) )
+ !defined(MBEDTLS_CIPHER_C)
#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 225664e..70f7270 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -2849,15 +2849,11 @@
*
* Module: library/pkcs5.c
*
- * Requires: MBEDTLS_CIPHER_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C.
+ * Requires: MBEDTLS_CIPHER_C
+ * (auto-enables MBEDTLS_MD_C)
*
- * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
- * before doing any PKCS5 operation.
- *
- * \warning When building with MBEDTLS_MD_C, all hashes used with this
- * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C,
- * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by
- * this module in builds where MBEDTLS_MD_C is disabled.
+ * \warning If using a hash that is only provided by PSA drivers, you must
+ * call psa_crypto_init() before doing any PKCS5 operations.
*
* This module adds support for the PKCS#5 functions.
*/
diff --git a/library/pkcs5.c b/library/pkcs5.c
index f471b63..a755f23 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -47,12 +47,6 @@
#include "hash_info.h"
#include "mbedtls/psa_util.h"
-#if !defined(MBEDTLS_MD_C)
-#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
- psa_to_md_errors, \
- psa_generic_status_to_mbedtls)
-#endif
-
#if defined(MBEDTLS_ASN1_PARSE_C)
static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations,
@@ -221,7 +215,6 @@
}
#endif /* MBEDTLS_ASN1_PARSE_C */
-#if defined(MBEDTLS_MD_C)
static int pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx,
const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen,
@@ -322,7 +315,6 @@
key_length, output);
}
#endif
-#endif /* MBEDTLS_MD_C */
int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_alg,
const unsigned char *password,
@@ -330,7 +322,6 @@
unsigned int iteration_count,
uint32_t key_length, unsigned char *output)
{
-#if defined(MBEDTLS_MD_C)
mbedtls_md_context_t md_ctx;
const mbedtls_md_info_t *md_info = NULL;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -350,116 +341,6 @@
exit:
mbedtls_md_free(&md_ctx);
return ret;
-#else
- unsigned int i;
- unsigned char md1[PSA_HASH_MAX_SIZE];
- unsigned char work[PSA_HASH_MAX_SIZE];
- const unsigned char md_size = mbedtls_hash_info_get_size(md_alg);
- psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
-
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_status_t status_destruction = PSA_ERROR_CORRUPTION_DETECTED;
- size_t use_len, out_len;
- unsigned char *out_p = output;
- unsigned char counter[4];
- mbedtls_svc_key_id_t psa_hmac_key = MBEDTLS_SVC_KEY_ID_INIT;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- const psa_algorithm_t alg = PSA_ALG_HMAC(mbedtls_hash_info_psa_from_md(md_alg));
- const size_t out_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_HMAC, 0, alg);
-
- memset(counter, 0, sizeof(counter));
- counter[3] = 1;
-
- psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
- psa_set_key_algorithm(&attributes, alg);
- psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
-
- if (key_length == 0) {
- return 0;
- }
- if ((status = psa_import_key(&attributes,
- password, plen,
- &psa_hmac_key)) != PSA_SUCCESS) {
- return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA;
- }
-
-#if UINT_MAX > 0xFFFFFFFF
- if (iteration_count > 0xFFFFFFFF) {
- return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA;
- }
-#endif
-
- while (key_length) {
- status = psa_mac_sign_setup(&operation, psa_hmac_key,
- PSA_ALG_HMAC(alg));
- if (status != PSA_SUCCESS) {
- goto cleanup;
- }
- // U1 ends up in work
- if ((status = psa_mac_update(&operation, salt, slen)) != PSA_SUCCESS) {
- goto cleanup;
- }
-
- if ((status = psa_mac_update(&operation, counter, sizeof(counter))) != PSA_SUCCESS) {
- goto cleanup;
- }
-
- if ((status = psa_mac_sign_finish(&operation, work, out_size, &out_len))
- != PSA_SUCCESS) {
- goto cleanup;
- }
-
- memcpy(md1, work, out_len);
-
- for (i = 1; i < iteration_count; i++) {
- // U2 ends up in md1
- //
- status = psa_mac_sign_setup(&operation, psa_hmac_key,
- PSA_ALG_HMAC(alg));
- if (status != PSA_SUCCESS) {
- goto cleanup;
- }
- if ((status = psa_mac_update(&operation, md1, md_size)) != PSA_SUCCESS) {
- goto cleanup;
- }
- if ((status =
- psa_mac_sign_finish(&operation, md1, out_size, &out_len)) != PSA_SUCCESS) {
- goto cleanup;
- }
-
- // U1 xor U2
- //
- mbedtls_xor(work, work, md1, md_size);
- }
-
- use_len = (key_length < md_size) ? key_length : md_size;
- memcpy(out_p, work, use_len);
-
- key_length -= (uint32_t) use_len;
- out_p += use_len;
-
- for (i = 4; i > 0; i--) {
- if (++counter[i - 1] != 0) {
- break;
- }
- }
- }
-
-cleanup:
- /* Zeroise buffers to clear sensitive data from memory. */
- mbedtls_platform_zeroize(work, PSA_HASH_MAX_SIZE);
- mbedtls_platform_zeroize(md1, PSA_HASH_MAX_SIZE);
- status_destruction = psa_destroy_key(psa_hmac_key);
- if (status == PSA_SUCCESS && status_destruction != PSA_SUCCESS) {
- status = status_destruction;
- }
- status_destruction = psa_mac_abort(&operation);
- if (status == PSA_SUCCESS && status_destruction != PSA_SUCCESS) {
- status = status_destruction;
- }
-
- return PSA_TO_MBEDTLS_ERR(status);
-#endif /* !MBEDTLS_MD_C */
}
#if defined(MBEDTLS_SELF_TEST)
diff --git a/library/x509.c b/library/x509.c
index fc13b92..f20b3cf 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -135,31 +135,31 @@
static inline const char *md_type_to_string(mbedtls_md_type_t md_alg)
{
switch (md_alg) {
-#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA)
+#if defined(MBEDTLS_MD_CAN_MD5)
case MBEDTLS_MD_MD5:
return "MD5";
#endif
-#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA)
+#if defined(MBEDTLS_MD_CAN_SHA1)
case MBEDTLS_MD_SHA1:
return "SHA1";
#endif
-#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA)
+#if defined(MBEDTLS_MD_CAN_SHA224)
case MBEDTLS_MD_SHA224:
return "SHA224";
#endif
-#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA)
+#if defined(MBEDTLS_MD_CAN_SHA256)
case MBEDTLS_MD_SHA256:
return "SHA256";
#endif
-#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA)
+#if defined(MBEDTLS_MD_CAN_SHA384)
case MBEDTLS_MD_SHA384:
return "SHA384";
#endif
-#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA)
+#if defined(MBEDTLS_MD_CAN_SHA512)
case MBEDTLS_MD_SHA512:
return "SHA512";
#endif
-#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA)
+#if defined(MBEDTLS_MD_CAN_RIPEMD160)
case MBEDTLS_MD_RIPEMD160:
return "RIPEMD160";
#endif
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 555db66..3d56059 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1224,12 +1224,15 @@
scripts/config.py crypto_full
# Disable MD
scripts/config.py unset MBEDTLS_MD_C
- # Disable direct dependencies of MD
+ # Disable direct dependencies of MD_C
scripts/config.py unset MBEDTLS_HKDF_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_PKCS7_C
- # Disable indirect dependencies of MD
+ # Disable indirect dependencies of MD_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # needs HMAC_DRBG
+ # Disable things that would auto-enable MD_C
+ scripts/config.py unset MBEDTLS_PKCS5_C
+
# Note: MD-light is auto-enabled in build_info.h by modules that need it,
# which we haven't disabled, so no need to explicitly enable it.
make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
@@ -2671,9 +2674,7 @@
make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" all
# There's a risk of something getting re-enabled via config_psa.h;
- # make sure it did not happen. Note: it's OK for MD_LIGHT to be enabled,
- # but not the full MD_C (for now), so check mbedtls_md_hmac for that.
- not grep mbedtls_md_hmac library/md.o
+ # make sure it did not happen. Note: it's OK for MD_C to be enabled.
not grep mbedtls_md5 library/md5.o
not grep mbedtls_sha1 library/sha1.o
not grep mbedtls_sha256 library/sha256.o
diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index fd731e9..ef48f1e 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -14,14 +14,16 @@
{
unsigned char key[100];
- PSA_INIT_IF_NO_MD();
+ MD_PSA_INIT();
TEST_ASSERT(mbedtls_pkcs5_pbkdf2_hmac_ext(hash, pw_str->x, pw_str->len,
salt_str->x, salt_str->len,
it_cnt, key_len, key) == 0);
TEST_ASSERT(mbedtls_test_hexcmp(key, result_key_string->x,
key_len, result_key_string->len) == 0);
- PSA_DONE_IF_NO_MD();
+
+exit:
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -33,7 +35,7 @@
mbedtls_asn1_buf params;
unsigned char *my_out = NULL;
- PSA_INIT_IF_NO_MD();
+ MD_PSA_INIT();
params.tag = params_tag;
params.p = params_hex->x;
@@ -51,13 +53,17 @@
exit:
mbedtls_free(my_out);
- PSA_DONE_IF_NO_MD();
+ MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void pkcs5_selftest()
{
+ MD_PSA_INIT();
TEST_ASSERT(mbedtls_pkcs5_self_test(1) == 0);
+
+exit:
+ MD_PSA_DONE();
}
/* END_CASE */