Introduce MD handle type
As has been previously done for ciphersuites, this commit introduces
a zero-cost abstraction layer around the type
mbedtls_md_info const *
whose valid values represent implementations of message digest algorithms.
Access to a particular digest implementation can be requested by name or
digest ID through the API mbedtls_md_info_from_xxx(), which either returns
a valid implementation or NULL, representing failure.
This commit replaces such uses of `mbedtls_md_info const *` by an abstract
type `mbedtls_md_handle_t` whose valid values represent digest implementations,
and which has a designated invalid value MBEDTLS_MD_INVALID_HANDLE.
The purpose of this abstraction layer is to pave the way for builds which
support precisely one digest algorithm. In this case, mbedtls_md_handle_t
can be implemented as a two-valued type, with one value representing the
invalid handle, and the unique valid value representing the unique enabled
digest.
diff --git a/library/rsa.c b/library/rsa.c
index af1a878..2674c10 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1128,7 +1128,7 @@
int ret;
unsigned char *p = output;
unsigned int hlen;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
@@ -1145,7 +1145,7 @@
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
olen = ctx->len;
@@ -1326,7 +1326,7 @@
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
unsigned int hlen;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
@@ -1349,7 +1349,7 @@
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );
@@ -1767,7 +1767,7 @@
size_t slen, min_slen, hlen, offset = 0;
int ret;
size_t msb;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
@@ -1789,14 +1789,14 @@
{
/* Gather length of hash to sign */
md_info = mbedtls_md_info_from_type( md_alg );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hashlen = mbedtls_md_get_size( md_info );
}
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );
@@ -1910,8 +1910,8 @@
/* Are we signing hashed or raw data? */
if( md_alg != MBEDTLS_MD_NONE )
{
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
- if( md_info == NULL )
+ mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
@@ -2150,7 +2150,7 @@
unsigned char zeros[8];
unsigned int hlen;
size_t observed_salt_len, msb;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
@@ -2186,14 +2186,14 @@
{
/* Gather length of hash to sign */
md_info = mbedtls_md_info_from_type( md_alg );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hashlen = mbedtls_md_get_size( md_info );
}
md_info = mbedtls_md_info_from_type( mgf1_hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );