ECJPAKE: always use MD light
This enables access to all available hashes, instead of the previous
situation where you had to choose by including MD_C or not.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index bfbf9de..b84aaee 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -89,7 +89,8 @@
/* Auto-enable MBEDTLS_MD_LIGHT if some module needs it.
*/
-#if defined(MBEDTLS_PEM_PARSE_C) || \
+#if defined(MBEDTLS_ECJPAKE_C) || \
+ defined(MBEDTLS_PEM_PARSE_C) || \
defined(MBEDTLS_RSA_C)
#define MBEDTLS_MD_LIGHT
#endif
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index ffaeccb..4f214cf 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -374,12 +374,10 @@
#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites"
#endif
-/* Use of EC J-PAKE in TLS requires SHA-256.
- * This will be taken from MD if it is present, or from PSA if MD is absent.
- * Note: MBEDTLS_ECJPAKE_C depends on MBEDTLS_MD_C || MBEDTLS_PSA_CRYPTO_C. */
+/* Use of EC J-PAKE in TLS requires SHA-256. */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \
- !( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) && \
- !( !defined(MBEDTLS_MD_C) && defined(PSA_WANT_ALG_SHA_256) )
+ !(defined(MBEDTLS_SHA256_C) || \
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256)))
#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index bf88f61..0940cb6 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -993,9 +993,13 @@
* might still happen. For this reason, this is disabled by default.
*
* Requires: MBEDTLS_ECJPAKE_C
- * SHA-256 (via MD if present, or via PSA, see MBEDTLS_ECJPAKE_C)
+ * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver)
* MBEDTLS_ECP_DP_SECP256R1_ENABLED
*
+ * \warning If SHA-256 is provided only by a PSA driver, you must call
+ * psa_crypto_init() before the first hanshake (even if
+ * MBEDTLS_USE_PSA_CRYPTO is disabled).
+ *
* This enables the following ciphersuites (if other requisites are
* enabled as well):
* MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
@@ -2504,13 +2508,8 @@
*
* Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C
*
- * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
- * before doing any EC J-PAKE operations.
- *
- * \warning When building with MBEDTLS_MD_C, all hashes used with this
- * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C,
- * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by
- * this module in builds where MBEDTLS_MD_C is disabled.
+ * \warning If using a hash that is only provided by PSA drivers, you must
+ * call psa_crypto_init() before doing any EC J-PAKE operations.
*/
#define MBEDTLS_ECJPAKE_C
diff --git a/library/ecjpake.c b/library/ecjpake.c
index 36c1327..d3836ac 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -30,18 +30,6 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
-/* We use MD first if it's available (for compatibility reasons)
- * and "fall back" to PSA otherwise (which needs psa_crypto_init()). */
-#if !defined(MBEDTLS_MD_C)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#if !defined(MBEDTLS_ECJPAKE_ALT)
-#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
- psa_to_md_errors, \
- psa_generic_status_to_mbedtls)
-#endif /* !MBEDTLS_ECJPAKE_ALT */
-#endif /* !MBEDTLS_MD_C */
-
#include "hash_info.h"
#include <string.h>
@@ -66,19 +54,8 @@
const unsigned char *input, size_t ilen,
unsigned char *output)
{
-#if defined(MBEDTLS_MD_C)
return mbedtls_md(mbedtls_md_info_from_type(md_type),
input, ilen, output);
-#else
- psa_algorithm_t alg = mbedtls_psa_translate_md(md_type);
- psa_status_t status;
- size_t out_size = PSA_HASH_LENGTH(alg);
- size_t out_len;
-
- status = psa_hash_compute(alg, input, ilen, output, out_size, &out_len);
-
- return PSA_TO_MBEDTLS_ERR(status);
-#endif /* !MBEDTLS_MD_C */
}
/*
@@ -142,15 +119,9 @@
ctx->role = role;
-#if defined(MBEDTLS_MD_C)
if ((mbedtls_md_info_from_type(hash)) == NULL) {
return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
}
-#else
- if (mbedtls_psa_translate_md(hash) == MBEDTLS_MD_NONE) {
- return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
- }
-#endif
ctx->md_type = hash;
diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function
index d5c0f07..20f1bf8 100644
--- a/tests/suites/test_suite_ecjpake.function
+++ b/tests/suites/test_suite_ecjpake.function
@@ -109,6 +109,8 @@
mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1;
+ MD_PSA_INIT();
+
mbedtls_ecjpake_init(&ctx);
TEST_EQUAL(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
@@ -118,14 +120,19 @@
valid_group,
buf, len));
exit:
- return;
+ MD_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void ecjpake_selftest()
{
+ MD_PSA_INIT();
+
TEST_ASSERT(mbedtls_ecjpake_self_test(1) == 0);
+
+exit:
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -137,6 +144,8 @@
const size_t pw_len = 0;
int any_role = MBEDTLS_ECJPAKE_CLIENT;
+ MD_PSA_INIT();
+
mbedtls_ecjpake_init(&corrupt_ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&corrupt_ctx, any_role,
MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw,
@@ -148,6 +157,7 @@
exit:
mbedtls_ecjpake_free(&corrupt_ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -158,6 +168,8 @@
const unsigned char *pw = NULL;
const size_t pw_len = 0;
+ MD_PSA_INIT();
+
mbedtls_ecjpake_init(&ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, role,
@@ -168,6 +180,7 @@
exit:
mbedtls_ecjpake_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -178,6 +191,8 @@
const unsigned char *pw = NULL;
const size_t pw_len = 0;
+ MD_PSA_INIT();
+
mbedtls_ecjpake_init(&ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_CLIENT,
@@ -194,6 +209,7 @@
exit:
mbedtls_ecjpake_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */
@@ -204,6 +220,8 @@
const unsigned char *pw = NULL;
const size_t pw_len = 0;
+ MD_PSA_INIT();
+
mbedtls_ecjpake_init(&ctx);
TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_SERVER,
@@ -220,5 +238,6 @@
exit:
mbedtls_ecjpake_free(&ctx);
+ MD_PSA_DONE();
}
/* END_CASE */