PKCS#1 v2.1 now builds with PSA if no MD_C
Test coverage not there yet, as the entire test_suite_pkcs1_v21 is
skipped so far - dependencies to be adjusted in a future commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/rsa.c b/library/rsa.c
index d879a30..5e7cbcc 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -54,6 +54,18 @@
#include <stdlib.h>
#endif
+/* We use MD first if it's available (for compatibility reasons)
+ * and "fall back" to PSA otherwise (which needs psa_crypto_init()). */
+#if defined(MBEDTLS_PKCS1_V21)
+#if defined(MBEDTLS_MD_C)
+#define HASH_MAX_SIZE MBEDTLS_MD_MAX_SIZE
+#else /* MBEDTLS_MD_C */
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#define HASH_MAX_SIZE PSA_HASH_MAX_SIZE
+#endif /* MBEDTLS_MD_C */
+#endif /* MBEDTLS_PKCS1_V21 */
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
@@ -1086,6 +1098,25 @@
}
#if defined(MBEDTLS_PKCS1_V21)
+#if !defined(MBEDTLS_MD_C)
+static int ret_from_status( psa_status_t status )
+{
+ switch( status )
+ {
+ case PSA_SUCCESS:
+ return( 0 );
+ case PSA_ERROR_NOT_SUPPORTED:
+ return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
+ case PSA_ERROR_INVALID_ARGUMENT:
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+ case PSA_ERROR_INSUFFICIENT_MEMORY:
+ return( MBEDTLS_ERR_MD_ALLOC_FAILED );
+ default:
+ return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
+ }
+}
+#endif /* !MBEDTLS_MD_C */
+
/**
* Generate and apply the MGF1 operation (from PKCS#1 v2.1) to a buffer.
*
@@ -1098,19 +1129,17 @@
static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
size_t slen, mbedtls_md_type_t md_alg )
{
- const mbedtls_md_info_t *md_info;
- mbedtls_md_context_t md_ctx;
- unsigned char mask[MBEDTLS_MD_MAX_SIZE];
unsigned char counter[4];
unsigned char *p;
unsigned int hlen;
size_t i, use_len;
+ unsigned char mask[HASH_MAX_SIZE];
+#if defined(MBEDTLS_MD_C)
int ret = 0;
+ const mbedtls_md_info_t *md_info;
+ mbedtls_md_context_t md_ctx;
mbedtls_md_init( &md_ctx );
- memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
- memset( counter, 0, 4 );
-
md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@@ -1120,6 +1149,17 @@
goto exit;
hlen = mbedtls_md_get_size( md_info );
+#else
+ psa_hash_operation_t op = PSA_HASH_OPERATION_INIT;
+ psa_algorithm_t alg = mbedtls_psa_translate_md( md_alg );
+ psa_status_t status = PSA_SUCCESS;
+ size_t out_len;
+
+ hlen = PSA_HASH_LENGTH( alg );
+#endif
+
+ memset( mask, 0, sizeof( mask ) );
+ memset( counter, 0, 4 );
/* Generate and apply dbMask */
p = dst;
@@ -1130,6 +1170,7 @@
if( dlen < hlen )
use_len = dlen;
+#if defined(MBEDTLS_MD_C)
if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, src, slen ) ) != 0 )
@@ -1138,6 +1179,17 @@
goto exit;
if( ( ret = mbedtls_md_finish( &md_ctx, mask ) ) != 0 )
goto exit;
+#else
+ if( ( status = psa_hash_setup( &op, alg ) ) != PSA_SUCCESS )
+ goto exit;
+ if( ( status = psa_hash_update( &op, src, slen ) ) != PSA_SUCCESS )
+ goto exit;
+ if( ( status = psa_hash_update( &op, counter, 4 ) ) != PSA_SUCCESS )
+ goto exit;
+ status = psa_hash_finish( &op, mask, sizeof( mask ), &out_len );
+ if( status != PSA_SUCCESS )
+ goto exit;
+#endif
for( i = 0; i < use_len; ++i )
*p++ ^= mask[i];
@@ -1148,10 +1200,16 @@
}
exit:
- mbedtls_md_free( &md_ctx );
mbedtls_platform_zeroize( mask, sizeof( mask ) );
+#if defined(MBEDTLS_MD_C)
+ mbedtls_md_free( &md_ctx );
return( ret );
+#else
+ psa_hash_abort( &op );
+
+ return( ret_from_status( status ) );
+#endif
}
/**
@@ -1169,6 +1227,8 @@
unsigned char *out, mbedtls_md_type_t md_alg )
{
const unsigned char zeros[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
+
+#if defined(MBEDTLS_MD_C)
mbedtls_md_context_t md_ctx;
int ret;
@@ -1194,6 +1254,30 @@
mbedtls_md_free( &md_ctx );
return( ret );
+#else
+ psa_hash_operation_t op = PSA_HASH_OPERATION_INIT;
+ psa_algorithm_t alg = mbedtls_psa_translate_md( md_alg );
+ psa_status_t status = PSA_SUCCESS;
+ size_t out_size = PSA_HASH_LENGTH( alg );
+ size_t out_len;
+
+ if( ( status = psa_hash_setup( &op, alg ) ) != PSA_SUCCESS )
+ goto exit;
+ if( ( status = psa_hash_update( &op, zeros, sizeof( zeros ) ) ) != PSA_SUCCESS )
+ goto exit;
+ if( ( status = psa_hash_update( &op, hash, hlen ) ) != PSA_SUCCESS )
+ goto exit;
+ if( ( status = psa_hash_update( &op, salt, slen ) ) != PSA_SUCCESS )
+ goto exit;
+ status = psa_hash_finish( &op, out, out_size, &out_len );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+exit:
+ psa_hash_abort( &op );
+
+ return( ret_from_status( status ) );
+#endif /* !MBEDTLS_MD_C */
}
/**
@@ -1208,6 +1292,7 @@
const unsigned char *input, size_t ilen,
unsigned char *output )
{
+#if defined(MBEDTLS_MD_C)
const mbedtls_md_info_t *md_info;
md_info = mbedtls_md_info_from_type( md_alg );
@@ -1215,6 +1300,16 @@
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
return( mbedtls_md( md_info, input, ilen, output ) );
+#else
+ psa_algorithm_t alg = mbedtls_psa_translate_md( md_alg );
+ psa_status_t status;
+ size_t out_size = PSA_HASH_LENGTH( alg );
+ size_t out_len;
+
+ status = psa_hash_compute( alg, input, ilen, output, out_size, &out_len );
+
+ return( ret_from_status( status ) );
+#endif /* !MBEDTLS_MD_C */
}
#endif /* MBEDTLS_PKCS1_V21 */
@@ -1393,7 +1488,7 @@
size_t ilen, i, pad_len;
unsigned char *p, bad, pad_done;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
- unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
+ unsigned char lhash[HASH_MAX_SIZE];
unsigned int hlen;
RSA_VALIDATE_RET( ctx != NULL );
@@ -1988,7 +2083,7 @@
size_t siglen;
unsigned char *p;
unsigned char *hash_start;
- unsigned char result[MBEDTLS_MD_MAX_SIZE];
+ unsigned char result[HASH_MAX_SIZE];
unsigned int hlen;
size_t observed_salt_len, msb;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = {0};