RSA: always use MD light
Note: already auto-enabled in build_info.h
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7b7ecba..412bb0a 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -174,11 +174,6 @@
#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_PKCS1_V21) && \
- !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) )
-#error "MBEDTLS_PKCS1_V21 defined, but not all prerequisites"
-#endif
-
#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \
!defined(MBEDTLS_SHA256_C))
#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index f460e0d..225664e 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1180,15 +1180,10 @@
*
* Enable support for PKCS#1 v2.1 encoding.
*
- * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C).
+ * Requires: MBEDTLS_RSA_C
*
- * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
- * before doing any PKCS#1 v2.1 operation.
- *
- * \warning When building with MBEDTLS_MD_C, all hashes used with this
- * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C,
- * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by
- * this module in builds where MBEDTLS_MD_C is disabled.
+ * \warning If using a hash that is only provided by PSA drivers, you must
+ * call psa_crypto_init() before doing any PKCS#1 v2.1 operation.
*
* This enables support for RSAES-OAEP and RSASSA-PSS operations.
*/
diff --git a/library/rsa.c b/library/rsa.c
index 01159df..558cee0 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -54,18 +54,6 @@
#include <stdlib.h>
#endif
-/* We use MD first if it's available (for compatibility reasons)
- * and "fall back" to PSA otherwise (which needs psa_crypto_init()). */
-#if defined(MBEDTLS_PKCS1_V21)
-#if !defined(MBEDTLS_MD_C)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
- psa_to_md_errors, \
- psa_generic_status_to_mbedtls)
-#endif /* !MBEDTLS_MD_C */
-#endif /* MBEDTLS_PKCS1_V21 */
-
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_RSA_ALT)
@@ -1089,7 +1077,6 @@
unsigned int hlen;
size_t i, use_len;
unsigned char mask[MBEDTLS_HASH_MAX_SIZE];
-#if defined(MBEDTLS_MD_C)
int ret = 0;
const mbedtls_md_info_t *md_info;
mbedtls_md_context_t md_ctx;
@@ -1106,14 +1093,6 @@
}
hlen = mbedtls_md_get_size(md_info);
-#else
- psa_hash_operation_t op = PSA_HASH_OPERATION_INIT;
- psa_algorithm_t alg = mbedtls_psa_translate_md(md_alg);
- psa_status_t status = PSA_SUCCESS;
- size_t out_len;
-
- hlen = PSA_HASH_LENGTH(alg);
-#endif
memset(mask, 0, sizeof(mask));
memset(counter, 0, 4);
@@ -1127,7 +1106,6 @@
use_len = dlen;
}
-#if defined(MBEDTLS_MD_C)
if ((ret = mbedtls_md_starts(&md_ctx)) != 0) {
goto exit;
}
@@ -1140,21 +1118,6 @@
if ((ret = mbedtls_md_finish(&md_ctx, mask)) != 0) {
goto exit;
}
-#else
- if ((status = psa_hash_setup(&op, alg)) != PSA_SUCCESS) {
- goto exit;
- }
- if ((status = psa_hash_update(&op, src, slen)) != PSA_SUCCESS) {
- goto exit;
- }
- if ((status = psa_hash_update(&op, counter, 4)) != PSA_SUCCESS) {
- goto exit;
- }
- status = psa_hash_finish(&op, mask, sizeof(mask), &out_len);
- if (status != PSA_SUCCESS) {
- goto exit;
- }
-#endif
for (i = 0; i < use_len; ++i) {
*p++ ^= mask[i];
@@ -1167,15 +1130,9 @@
exit:
mbedtls_platform_zeroize(mask, sizeof(mask));
-#if defined(MBEDTLS_MD_C)
mbedtls_md_free(&md_ctx);
return ret;
-#else
- psa_hash_abort(&op);
-
- return PSA_TO_MBEDTLS_ERR(status);
-#endif
}
/**
@@ -1194,7 +1151,6 @@
{
const unsigned char zeros[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
-#if defined(MBEDTLS_MD_C)
mbedtls_md_context_t md_ctx;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -1227,35 +1183,6 @@
mbedtls_md_free(&md_ctx);
return ret;
-#else
- psa_hash_operation_t op = PSA_HASH_OPERATION_INIT;
- psa_algorithm_t alg = mbedtls_psa_translate_md(md_alg);
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- size_t out_size = PSA_HASH_LENGTH(alg);
- size_t out_len;
-
- if ((status = psa_hash_setup(&op, alg)) != PSA_SUCCESS) {
- goto exit;
- }
- if ((status = psa_hash_update(&op, zeros, sizeof(zeros))) != PSA_SUCCESS) {
- goto exit;
- }
- if ((status = psa_hash_update(&op, hash, hlen)) != PSA_SUCCESS) {
- goto exit;
- }
- if ((status = psa_hash_update(&op, salt, slen)) != PSA_SUCCESS) {
- goto exit;
- }
- status = psa_hash_finish(&op, out, out_size, &out_len);
- if (status != PSA_SUCCESS) {
- goto exit;
- }
-
-exit:
- psa_hash_abort(&op);
-
- return PSA_TO_MBEDTLS_ERR(status);
-#endif /* !MBEDTLS_MD_C */
}
/**
@@ -1270,7 +1197,6 @@
const unsigned char *input, size_t ilen,
unsigned char *output)
{
-#if defined(MBEDTLS_MD_C)
const mbedtls_md_info_t *md_info;
md_info = mbedtls_md_info_from_type(md_alg);
@@ -1279,16 +1205,6 @@
}
return mbedtls_md(md_info, input, ilen, output);
-#else
- psa_algorithm_t alg = mbedtls_psa_translate_md(md_alg);
- psa_status_t status;
- size_t out_size = PSA_HASH_LENGTH(alg);
- size_t out_len;
-
- status = psa_hash_compute(alg, input, ilen, output, out_size, &out_len);
-
- return PSA_TO_MBEDTLS_ERR(status);
-#endif /* !MBEDTLS_MD_C */
}
#endif /* MBEDTLS_PKCS1_V21 */
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index 75dbc35..2eece0a 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -18,6 +18,8 @@
mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, E;
+ MD_PSA_INIT();
+
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
@@ -53,6 +55,7 @@
exit:
mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
mbedtls_rsa_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -69,6 +72,8 @@
mbedtls_mpi N, P, Q, E;
((void) seed);
+ MD_PSA_INIT();
+
mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
@@ -114,6 +119,7 @@
mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
mbedtls_rsa_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -129,6 +135,8 @@
mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, P, Q, E;
+ MD_PSA_INIT();
+
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
@@ -179,6 +187,7 @@
mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
mbedtls_rsa_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -191,6 +200,8 @@
mbedtls_mpi N, E;
((void) salt);
+ MD_PSA_INIT();
+
mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
mbedtls_rsa_init(&ctx);
TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
@@ -213,6 +224,7 @@
exit:
mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
mbedtls_rsa_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -227,6 +239,8 @@
mbedtls_rsa_context ctx;
mbedtls_mpi N, E;
+ MD_PSA_INIT();
+
mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
mbedtls_rsa_init(&ctx);
TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
@@ -254,5 +268,6 @@
exit:
mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
mbedtls_rsa_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index a2fe6c8..96fc59b 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -1376,6 +1376,10 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void rsa_selftest()
{
+ MD_PSA_INIT();
TEST_ASSERT(mbedtls_rsa_self_test(1) == 0);
+
+exit:
+ MD_PSA_DONE();
}
/* END_CASE */