commit 06b91be2100e5a017d9c3174f1367c5ab9842f31
author Sam Berry <sam.berry@arm.com> Wed Jun 19 11:43:03 2024 +0100
committer Sam Berry <sam.berry@arm.com> Wed Jul 17 10:02:34 2024 +0100
tree 5720f246078720c67fd1e8dee1fd00753e284af0
parent 71b58180cd4e375718407b9bdec41abbe0af84cb

Added support for MD5 in `requires_hash_alg`

Signed-off-by: Sam Berry <sam.berry@arm.com>

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 646daad..78f6a95 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -593,6 +593,7 @@
     *) PSK_ONLY="NO";;
 esac
 
+HAS_ALG_MD5="NO"
 HAS_ALG_SHA_1="NO"
 HAS_ALG_SHA_224="NO"
 HAS_ALG_SHA_256="NO"
@@ -611,7 +612,10 @@
     else
         CURR_ALG=MBEDTLS_${1}_C
         # Remove the second underscore to match MBEDTLS_* naming convention
-        CURR_ALG=$(echo "$CURR_ALG" | sed 's/_//2')
+        # MD5 is an exception to this convention
+        if [ "${1}" != "MD5" ]; then
+            CURR_ALG=$(echo "$CURR_ALG" | sed 's/_//2')
+        fi
     fi
 
     case $CONFIGS_ENABLED in
@@ -625,7 +629,7 @@
 
 populate_enabled_hash_algs()
 {
-    for hash_alg in SHA_1 SHA_224 SHA_256 SHA_384 SHA_512; do
+    for hash_alg in SHA_1 SHA_224 SHA_256 SHA_384 SHA_512 MD5; do
         if check_for_hash_alg "$hash_alg"; then
             hash_alg_variable=HAS_ALG_${hash_alg}
             eval ${hash_alg_variable}=YES
@@ -638,6 +642,7 @@
     HASH_DEFINE="Invalid"
     HAS_HASH_ALG="NO"
     case $1 in
+        MD5):;;
         SHA_1):;;
         SHA_224):;;
         SHA_256):;;
@@ -2107,11 +2112,11 @@
             -c "Key size is 128"
 
 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_enabled MBEDTLS_MD_CAN_MD5
 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
 # module does not support PSA dispatching so we need builtin support.
 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
 requires_config_enabled MBEDTLS_AES_C
+requires_hash_alg MD5
 requires_hash_alg SHA_256
 run_test    "TLS: password protected client key" \
             "$P_SRV force_version=tls12 auth_mode=required" \
@@ -2119,11 +2124,11 @@
             0
 
 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_enabled MBEDTLS_MD_CAN_MD5
 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
 # module does not support PSA dispatching so we need builtin support.
 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
 requires_config_enabled MBEDTLS_AES_C
+requires_hash_alg MD5
 requires_hash_alg SHA_256
 run_test    "TLS: password protected server key" \
             "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \
@@ -2132,11 +2137,11 @@
 
 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
 requires_config_enabled MBEDTLS_RSA_C
-requires_config_enabled MBEDTLS_MD_CAN_MD5
 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
 # module does not support PSA dispatching so we need builtin support.
 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
 requires_config_enabled MBEDTLS_AES_C
+requires_hash_alg MD5
 requires_hash_alg SHA_256
 run_test    "TLS: password protected server key, two certificates" \
             "$P_SRV force_version=tls12\