ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-09 00:21:18 +08:00
Code Issues Releases Wiki Activity

Rm dead !USE_PSA code: X.509

Browse Source 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/x509*.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2025-01-22 11:49:25 +01:00
parent 189dcf630f
commit f60b09b019
4 changed files with 0 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
library/x509_crt.c
View File

@ -32,11 +32,9 @@
#include "mbedtls/pem.h" #include "mbedtls/pem.h"
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
#include "psa_util_internal.h" #include "psa_util_internal.h"
#include "mbedtls/psa_util.h" #include "mbedtls/psa_util.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#include "pk_internal.h" #include "pk_internal.h"
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
@ -2013,11 +2011,7 @@ static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
{ {
int flags = 0; int flags = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE]; unsigned char hash[MBEDTLS_MD_MAX_SIZE];
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm_t psa_algorithm; psa_algorithm_t psa_algorithm;
#else
const mbedtls_md_info_t *md_info;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
size_t hash_length; size_t hash_length;
if (ca == NULL) { if (ca == NULL) {
@ -2051,7 +2045,6 @@ static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
flags |= MBEDTLS_X509_BADCRL_BAD_PK; flags |= MBEDTLS_X509_BADCRL_BAD_PK;
} }
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm = mbedtls_md_psa_alg_from_type(crl_list->sig_md); psa_algorithm = mbedtls_md_psa_alg_from_type(crl_list->sig_md);
if (psa_hash_compute(psa_algorithm, if (psa_hash_compute(psa_algorithm,
crl_list->tbs.p, crl_list->tbs.p,
@ -2063,18 +2056,6 @@ static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
break; break;
} }
#else
md_info = mbedtls_md_info_from_type(crl_list->sig_md);
hash_length = mbedtls_md_get_size(md_info);
if (mbedtls_md(md_info,
crl_list->tbs.p,
crl_list->tbs.len,
hash) != 0) {
/* Note: this can't happen except after an internal error */
flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
break;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if (x509_profile_check_key(profile, &ca->pk) != 0) { if (x509_profile_check_key(profile, &ca->pk) != 0) {
flags |= MBEDTLS_X509_BADCERT_BAD_KEY; flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
@ -2126,16 +2107,6 @@ static int x509_crt_check_signature(const mbedtls_x509_crt *child,
{ {
size_t hash_len; size_t hash_len;
unsigned char hash[MBEDTLS_MD_MAX_SIZE]; unsigned char hash[MBEDTLS_MD_MAX_SIZE];
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
const mbedtls_md_info_t *md_info;
md_info = mbedtls_md_info_from_type(child->sig_md);
hash_len = mbedtls_md_get_size(md_info);
/* Note: hash errors can happen only after an internal error */
if (mbedtls_md(md_info, child->tbs.p, child->tbs.len, hash) != 0) {
return -1;
}
#else
psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(child->sig_md); psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(child->sig_md);
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
@ -2149,7 +2120,6 @@ static int x509_crt_check_signature(const mbedtls_x509_crt *child,
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
} }
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Skip expensive computation on obvious mismatch */ /* Skip expensive computation on obvious mismatch */
if (!mbedtls_pk_can_do(&parent->pk, child->sig_pk)) { if (!mbedtls_pk_can_do(&parent->pk, child->sig_pk)) {
return -1; return -1;

2
library/x509write.c
View File

@ -22,11 +22,9 @@
#include "mbedtls/pem.h" #include "mbedtls/pem.h"
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
#include "mbedtls/psa_util.h" #include "mbedtls/psa_util.h"
#include "md_psa.h" #include "md_psa.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#define CHECK_OVERFLOW_ADD(a, b) \ #define CHECK_OVERFLOW_ADD(a, b) \
do \ do \

22
library/x509write_crt.c
View File

@ -30,11 +30,9 @@
#include "mbedtls/pem.h" #include "mbedtls/pem.h"
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
#include "psa_util_internal.h" #include "psa_util_internal.h"
#include "mbedtls/psa_util.h" #include "mbedtls/psa_util.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx) void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx)
{ {
@ -179,10 +177,8 @@ static int mbedtls_x509write_crt_set_key_identifier(mbedtls_x509write_cert *ctx,
unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
unsigned char *c = buf + sizeof(buf); unsigned char *c = buf + sizeof(buf);
size_t len = 0; size_t len = 0;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t hash_length; size_t hash_length;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
memset(buf, 0, sizeof(buf)); memset(buf, 0, sizeof(buf));
MBEDTLS_ASN1_CHK_ADD(len, MBEDTLS_ASN1_CHK_ADD(len,
@ -193,7 +189,6 @@ static int mbedtls_x509write_crt_set_key_identifier(mbedtls_x509write_cert *ctx,
ctx->subject_key)); ctx->subject_key));
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_hash_compute(PSA_ALG_SHA_1, status = psa_hash_compute(PSA_ALG_SHA_1,
buf + sizeof(buf) - len, buf + sizeof(buf) - len,
len, len,
@ -203,14 +198,6 @@ static int mbedtls_x509write_crt_set_key_identifier(mbedtls_x509write_cert *ctx,
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
} }
#else
ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1),
buf + sizeof(buf) - len, len,
buf + sizeof(buf) - 20);
if (ret != 0) {
return ret;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
c = buf + sizeof(buf) - 20; c = buf + sizeof(buf) - 20;
len = 20; len = 20;
@ -403,10 +390,8 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
size_t hash_length = 0; size_t hash_length = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE]; unsigned char hash[MBEDTLS_MD_MAX_SIZE];
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_algorithm_t psa_algorithm; psa_algorithm_t psa_algorithm;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len; size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0; size_t len = 0;
@ -572,7 +557,6 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
*/ */
/* Compute hash of CRT. */ /* Compute hash of CRT. */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm = mbedtls_md_psa_alg_from_type(ctx->md_alg); psa_algorithm = mbedtls_md_psa_alg_from_type(ctx->md_alg);
status = psa_hash_compute(psa_algorithm, status = psa_hash_compute(psa_algorithm,
@ -584,12 +568,6 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
} }
#else
if ((ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c,
len, hash)) != 0) {
return ret;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if ((ret = mbedtls_pk_sign(ctx->issuer_key, ctx->md_alg, if ((ret = mbedtls_pk_sign(ctx->issuer_key, ctx->md_alg,

11
library/x509write_csr.c
View File

@ -20,11 +20,9 @@
#include "mbedtls/oid.h" #include "mbedtls/oid.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
#include "psa_util_internal.h" #include "psa_util_internal.h"
#include "mbedtls/psa_util.h" #include "mbedtls/psa_util.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
@ -145,10 +143,8 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
size_t pub_len = 0, sig_and_oid_len = 0, sig_len; size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0; size_t len = 0;
mbedtls_pk_type_t pk_alg; mbedtls_pk_type_t pk_alg;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
size_t hash_len; size_t hash_len;
psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(ctx->md_alg); psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(ctx->md_alg);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Write the CSR backwards starting from the end of buf */ /* Write the CSR backwards starting from the end of buf */
c = buf + size; c = buf + size;
@ -213,7 +209,6 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
* Sign the written CSR data into the sig buffer * Sign the written CSR data into the sig buffer
* Note: hash errors can happen only after an internal error * Note: hash errors can happen only after an internal error
*/ */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if (psa_hash_compute(hash_alg, if (psa_hash_compute(hash_alg,
c, c,
len, len,
@ -222,12 +217,6 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
&hash_len) != PSA_SUCCESS) { &hash_len) != PSA_SUCCESS) {
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
} }
#else /* MBEDTLS_USE_PSA_CRYPTO */
ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c, len, hash);
if (ret != 0) {
return ret;
}
#endif
if ((ret = mbedtls_pk_sign(ctx->key, ctx->md_alg, hash, 0, if ((ret = mbedtls_pk_sign(ctx->key, ctx->md_alg, hash, 0,
sig, sig_size, &sig_len, sig, sig_size, &sig_len,
f_rng, p_rng)) != 0) { f_rng, p_rng)) != 0) {