Fix instances of old feature macros being used
sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data
Then manually revert programs/pkey/ecdsa.c as it's using a low-level
hash API.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index efe0830..e541340 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1091,13 +1091,13 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
!defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
#define MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN 48
-#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_MD_CAN_SHA256)
#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA256
#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 32
-#elif defined(MBEDTLS_SHA384_C)
+#elif defined(MBEDTLS_MD_CAN_SHA384)
#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA384
#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 48
-#elif defined(MBEDTLS_SHA1_C)
+#elif defined(MBEDTLS_MD_CAN_SHA1)
#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA1
#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 20
#else
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index b157302..af205aa 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -510,7 +510,7 @@
#if defined(MBEDTLS_SELF_TEST)
-#if !defined(MBEDTLS_SHA1_C)
+#if !defined(MBEDTLS_MD_CAN_SHA1)
/* Dummy checkup routine */
int mbedtls_hmac_drbg_self_test(int verbose)
{
@@ -639,7 +639,7 @@
return 0;
}
-#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_MD_CAN_SHA1 */
#endif /* MBEDTLS_SELF_TEST */
#endif /* MBEDTLS_HMAC_DRBG_C */
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index bc58a15..1fbf045 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -23,9 +23,9 @@
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
+ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
- defined(MBEDTLS_SHA1_C)
+ defined(MBEDTLS_MD_CAN_SHA1)
#include "mbedtls/net_sockets.h"
#include "mbedtls/aes.h"
#include "mbedtls/dhm.h"
@@ -43,14 +43,14 @@
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
+ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
- !defined(MBEDTLS_SHA1_C)
+ !defined(MBEDTLS_MD_CAN_SHA1)
int main(void)
{
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
"and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
- "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
+ "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or "
"MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit(0);
}
@@ -280,5 +280,5 @@
mbedtls_exit(exit_code);
}
#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+ MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 &&
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index 2514fc0..66f7d6f 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -23,9 +23,9 @@
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
+ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
- defined(MBEDTLS_SHA1_C)
+ defined(MBEDTLS_MD_CAN_SHA1)
#include "mbedtls/net_sockets.h"
#include "mbedtls/aes.h"
#include "mbedtls/dhm.h"
@@ -43,14 +43,14 @@
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
+ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
- !defined(MBEDTLS_SHA1_C)
+ !defined(MBEDTLS_MD_CAN_SHA1)
int main(void)
{
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
"and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
- "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
+ "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or "
"MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit(0);
}
@@ -302,5 +302,5 @@
mbedtls_exit(exit_code);
}
#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+ MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 &&
MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 21a75e9..f3bcdb2 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -22,13 +22,13 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+ !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_CTR_DRBG_C)
int main(void)
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
+ "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_MD_C and/or "
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
"MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit(0);
@@ -150,5 +150,5 @@
mbedtls_exit(exit_code);
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+ MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index b1fd1b6..e24f27f 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -22,12 +22,12 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \
- !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \
+ !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_PK_PARSE_C) || \
!defined(MBEDTLS_FS_IO)
int main(void)
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or "
- "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or "
+ "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_PK_PARSE_C and/or "
"MBEDTLS_FS_IO not defined.\n");
mbedtls_exit(0);
}
@@ -123,5 +123,5 @@
mbedtls_exit(exit_code);
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C &&
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_MD_CAN_SHA256 &&
MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index a8418d1..051db07 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -22,13 +22,13 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
- !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+ !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \
!defined(MBEDTLS_FS_IO)
int main(void)
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_MD_C and/or "
- "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
+ "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO not defined.\n");
mbedtls_exit(0);
}
#else
@@ -162,5 +162,5 @@
mbedtls_exit(exit_code);
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 &&
MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index 19ab962..4fa3582 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -22,13 +22,13 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
+ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_CTR_DRBG_C)
int main(void)
{
mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
+ "MBEDTLS_RSA_C and/or MBEDTLS_MD_CAN_SHA256 and/or "
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
"MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit(0);
@@ -156,5 +156,5 @@
mbedtls_exit(exit_code);
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
- MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+ MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
index 9c08435..e17d776 100644
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@@ -22,13 +22,13 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
- !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+ !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \
!defined(MBEDTLS_FS_IO)
int main(void)
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_MD_C and/or "
- "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
+ "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO not defined.\n");
mbedtls_exit(0);
}
#else
@@ -138,5 +138,5 @@
mbedtls_exit(exit_code);
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 &&
MBEDTLS_FS_IO */
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index df61e47..bbd8c17 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -22,13 +22,13 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
+ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_CTR_DRBG_C)
int main(void)
{
mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
+ "MBEDTLS_RSA_C and/or MBEDTLS_MD_CAN_SHA256 and/or "
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
"MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit(0);
@@ -131,5 +131,5 @@
mbedtls_exit(exit_code);
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 &&
MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 5241438..01d09bc 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -22,13 +22,13 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \
+ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_PEM_WRITE_C)
int main(void)
{
mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or "
+ "MBEDTLS_PK_PARSE_C and/or MBEDTLS_MD_CAN_SHA256 and/or "
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
"not defined.\n");
mbedtls_exit(0);
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 0daee56..99ede78 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -24,12 +24,12 @@
#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
- !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \
+ !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_PEM_WRITE_C)
int main(void)
{
mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
- "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or "
+ "MBEDTLS_FS_IO and/or MBEDTLS_MD_CAN_SHA256 and/or "
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
"MBEDTLS_ERROR_C not defined.\n");
mbedtls_exit(0);
@@ -771,7 +771,7 @@
mbedtls_printf(" ok\n");
}
-#if defined(MBEDTLS_SHA1_C)
+#if defined(MBEDTLS_MD_CAN_SHA1)
if (opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
opt.subject_identifier != 0) {
mbedtls_printf(" . Adding the Subject Key Identifier ...");
@@ -805,7 +805,7 @@
mbedtls_printf(" ok\n");
}
-#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_MD_CAN_SHA1 */
if (opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
opt.key_usage != 0) {
diff --git a/tests/scripts/generate_pkcs7_tests.py b/tests/scripts/generate_pkcs7_tests.py
index 187debc..0e73850 100755
--- a/tests/scripts/generate_pkcs7_tests.py
+++ b/tests/scripts/generate_pkcs7_tests.py
@@ -49,7 +49,7 @@
Take in test_suite_pkcs7.data file.
Allow for new tests to be added.
"""
- mandatory_dep = "MBEDTLS_SHA256_C"
+ mandatory_dep = "MBEDTLS_MD_CAN_SHA256"
test_name = "PKCS7 Parse Failure Invalid ASN1"
test_function = "pkcs7_asn1_fail:"
def __init__(self, file_name):
diff --git a/tests/suites/test_suite_random.data b/tests/suites/test_suite_random.data
index c23d922..9211591 100644
--- a/tests/suites/test_suite_random.data
+++ b/tests/suites/test_suite_random.data
@@ -2,15 +2,15 @@
random_twice_with_ctr_drbg:
Generate random twice with HMAC_DRBG(SHA-1)
-depends_on:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_MD_CAN_SHA1
random_twice_with_hmac_drbg:MBEDTLS_MD_SHA1
Generate random twice with HMAC_DRBG(SHA-256)
-depends_on:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_MD_CAN_SHA256
random_twice_with_hmac_drbg:MBEDTLS_MD_SHA256
Generate random twice with HMAC_DRBG(SHA-512)
-depends_on:MBEDTLS_SHA512_C
+depends_on:MBEDTLS_MD_CAN_SHA512
random_twice_with_hmac_drbg:MBEDTLS_MD_SHA512
Generate random twice with PSA classic wrapper