Make use of MBEDTLS_MAX_HASH_SIZE macro
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 06b0c12..f335079 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -324,7 +324,7 @@
unsigned char diversifier[128];
unsigned char salt_block[128], pwd_block[128], hash_block[128] = {0};
- unsigned char hash_output[64]; /* Maximal hash size for SHA512 */
+ unsigned char hash_output[MBEDTLS_HASH_MAX_SIZE];
unsigned char *p;
unsigned char c;
int use_password = 0;
diff --git a/library/rsa.c b/library/rsa.c
index 50d15a1..e597555 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -57,12 +57,9 @@
/* We use MD first if it's available (for compatibility reasons)
* and "fall back" to PSA otherwise (which needs psa_crypto_init()). */
#if defined(MBEDTLS_PKCS1_V21)
-#if defined(MBEDTLS_MD_C)
-#define HASH_MAX_SIZE MBEDTLS_MD_MAX_SIZE
-#else /* MBEDTLS_MD_C */
+#if !defined(MBEDTLS_MD_C)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
-#define HASH_MAX_SIZE PSA_HASH_MAX_SIZE
#endif /* MBEDTLS_MD_C */
#endif /* MBEDTLS_PKCS1_V21 */
@@ -1114,7 +1111,7 @@
unsigned char *p;
unsigned int hlen;
size_t i, use_len;
- unsigned char mask[HASH_MAX_SIZE];
+ unsigned char mask[MBEDTLS_HASH_MAX_SIZE];
#if defined(MBEDTLS_MD_C)
int ret = 0;
const mbedtls_md_info_t *md_info;
@@ -1469,7 +1466,7 @@
size_t ilen, i, pad_len;
unsigned char *p, bad, pad_done;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
- unsigned char lhash[HASH_MAX_SIZE];
+ unsigned char lhash[MBEDTLS_HASH_MAX_SIZE];
unsigned int hlen;
RSA_VALIDATE_RET( ctx != NULL );
@@ -2064,7 +2061,7 @@
size_t siglen;
unsigned char *p;
unsigned char *hash_start;
- unsigned char result[HASH_MAX_SIZE];
+ unsigned char result[MBEDTLS_HASH_MAX_SIZE];
unsigned int hlen;
size_t observed_salt_len, msb;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = {0};
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index f814094..d1ec55c 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -2330,11 +2330,8 @@
if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
{
size_t sig_len, hashlen;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- unsigned char hash[PSA_HASH_MAX_SIZE];
-#else
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-#endif
+ unsigned char hash[MBEDTLS_HASH_MAX_SIZE];
+
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
diff --git a/library/x509_crt.c b/library/x509_crt.c
index ad235bf..d96abb2 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -47,8 +47,8 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
-#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#include "hash_info.h"
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
@@ -2354,11 +2354,10 @@
const mbedtls_x509_crt_profile *profile )
{
int flags = 0;
+ unsigned char hash[MBEDTLS_HASH_MAX_SIZE];
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- unsigned char hash[PSA_HASH_MAX_SIZE];
psa_algorithm_t psa_algorithm;
#else
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
const mbedtls_md_info_t *md_info;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
size_t hash_length;
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 986e1fe..e51a385 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -43,9 +43,9 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
-#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#include "hash_info.h"
#include "legacy_or_psa.h"
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
@@ -360,12 +360,10 @@
unsigned char *c, *c2;
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
size_t hash_length = 0;
+ unsigned char hash[MBEDTLS_HASH_MAX_SIZE];
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_algorithm_t psa_algorithm;
- unsigned char hash[PSA_HASH_MAX_SIZE];
-#else
- unsigned char hash[64];
#endif /* MBEDTLS_USE_PSA_CRYPTO */
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index a8b1e45..7e1daa2 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -1,11 +1,11 @@
/* BEGIN_HEADER */
#include "mbedtls/ecdsa.h"
+#include "hash_info.h"
#include "legacy_or_psa.h"
#if ( defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_SHA256_C) ) || \
( !defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) )
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC
#endif
-#define MBEDTLS_TEST_HASH_MAX_SIZE 64
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -20,7 +20,7 @@
mbedtls_ecp_point Q;
mbedtls_mpi d, r, s;
mbedtls_test_rnd_pseudo_info rnd_info;
- unsigned char buf[MBEDTLS_TEST_HASH_MAX_SIZE];
+ unsigned char buf[MBEDTLS_HASH_MAX_SIZE];
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &Q );
@@ -52,7 +52,7 @@
mbedtls_ecp_point Q;
mbedtls_mpi d, r, s;
mbedtls_test_rnd_pseudo_info rnd_info;
- unsigned char buf[MBEDTLS_TEST_HASH_MAX_SIZE];
+ unsigned char buf[MBEDTLS_HASH_MAX_SIZE];
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &Q );