commit e6d3edaf327ec3097ad18f442df42b0369d90556
author Mateusz Starzyk <mateusz.starzyk@mobica.com> Thu Aug 26 11:46:14 2021 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Nov 03 15:47:03 2021 +0100
tree 9953dadb6e30032af6934564e349155b30a2b933
parent 308d618d8d0ee4470c777aa4c47c705e950700bf

Add missing PSA_ALG_IS_SIGN_HASH macro.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>

include/psa/crypto.h

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 5d9854a..ee4b54c 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2990,7 +2990,9 @@
  * \param key                   Identifier of the key to use for the operation.
  *                              It must be an asymmetric key pair. The key must
  *                              allow the usage #PSA_KEY_USAGE_SIGN_HASH.
- * \param alg                   A signature algorithm that is compatible with
+ * \param alg                   A signature algorithm (PSA_ALG_XXX
+ *                              value such that #PSA_ALG_IS_SIGN_HASH(\p alg)
+ *                              is true), that is compatible with
  *                              the type of \p key.
  * \param[in] hash              The hash or message to sign.
  * \param hash_length           Size of the \p hash buffer in bytes.
@@ -3043,7 +3045,9 @@
  *                          must be a public key or an asymmetric key pair. The
  *                          key must allow the usage
  *                          #PSA_KEY_USAGE_VERIFY_HASH.
- * \param alg               A signature algorithm that is compatible with
+ * \param alg               A signature algorithm (PSA_ALG_XXX
+ *                          value such that #PSA_ALG_IS_SIGN_HASH(\p alg)
+ *                          is true), that is compatible with
  *                          the type of \p key.
  * \param[in] hash          The hash or message whose signature is to be
  *                          verified.

include/psa/crypto_values.h

diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 621b872..526b454 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1621,6 +1621,21 @@
 #define PSA_ALG_IS_SIGN_MESSAGE(alg)                                    \
     (PSA_ALG_IS_HASH_AND_SIGN(alg) || (alg) == PSA_ALG_PURE_EDDSA )
 
+/** Whether the specified algorithm is a signature algorithm that can be used
+ * with psa_sign_hash() and psa_verify_hash().
+ *
+ * \param alg An algorithm identifier (value of type psa_algorithm_t).
+ *
+ * \return 1 if alg is a signature algorithm that can be used to sign a
+ *         hash. 0 if alg is a signature algorithm that can only be used
+ *         to sign a message. 0 if alg is not a signature algorithm.
+ *         This macro can return either 0 or 1 if alg is not a
+ *         supported algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN_HASH(alg)                                       \
+    (PSA_ALG_IS_HASH_AND_SIGN(alg) || (alg) == PSA_ALG_ED25519PH ||     \
+    (alg) == PSA_ALG_ED448PH)
+
 /** Get the hash used by a hash-and-sign signature algorithm.
  *
  * A hash-and-sign algorithm is a signature algorithm which is

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3670071..84b8566 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2652,7 +2652,7 @@
     }
     else
     {
-        if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) )
+        if( ! PSA_ALG_IS_SIGN_HASH( alg ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
     }