Migrate from old inline to new actual function.
This is mostly:
sed -i 's/mbedtls_psa_translate_md/mbedtls_hash_info_psa_from_md/' \
library/*.c tests/suites/*.function
This should be good for code size as the old inline function was used
from 10 translation units inside the library, so we have 10 copies at
least.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index dcca12a..f030bea 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -124,6 +124,9 @@
/* Translations for hashing. */
+/* Note: this function should not be used from inside the library, use
+ * mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead.
+ * It is kept only for compatibility in case applications were using it. */
static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
{
switch( md_alg )
diff --git a/library/pk.c b/library/pk.c
index f2c1ad5..5dd0fa8 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -509,7 +509,7 @@
psa_status_t status = PSA_ERROR_DATA_CORRUPT;
psa_status_t destruction_status = PSA_ERROR_DATA_CORRUPT;
- psa_algorithm_t psa_md_alg = mbedtls_psa_translate_md( md_alg );
+ psa_algorithm_t psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t psa_sig_alg =
@@ -674,7 +674,7 @@
}
#if defined(MBEDTLS_RSA_C)
- psa_md_alg = mbedtls_psa_translate_md( md_alg );
+ psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
if( psa_md_alg == 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index e234a8d..3ea4ad1 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -52,6 +52,7 @@
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
#include "mbedtls/asn1.h"
+#include "hash_info.h"
#endif
#if defined(MBEDTLS_PLATFORM_C)
@@ -179,7 +180,7 @@
int key_len;
unsigned char buf[MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES];
psa_algorithm_t psa_alg_md =
- PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_psa_translate_md( md_alg ) );
+ PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_hash_info_psa_from_md( md_alg ) );
size_t rsa_len = mbedtls_rsa_get_len( rsa );
#if SIZE_MAX > UINT_MAX
@@ -328,7 +329,7 @@
((void) p_rng);
psa_algorithm_t psa_md_alg;
- psa_md_alg = mbedtls_psa_translate_md( md_alg );
+ psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
if( psa_md_alg == 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@@ -1168,7 +1169,7 @@
unsigned char buf[MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES];
unsigned char *p;
psa_algorithm_t psa_sig_md =
- PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
+ PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( md_alg ) );
size_t curve_bits;
psa_ecc_family_t curve =
mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits );
@@ -1542,12 +1543,12 @@
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
- alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
+ alg = PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( md_alg ) );
else
#endif /* MBEDTLS_ECDSA_C */
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( type ) )
- alg = PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_psa_translate_md( md_alg ) );
+ alg = PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_hash_info_psa_from_md( md_alg ) );
else
#endif /* MBEDTLS_RSA_C */
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 835159e..6b024bf 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -1933,10 +1933,10 @@
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
return( PSA_ALG_RSA_PKCS1V15_SIGN(
- mbedtls_psa_translate_md( info->mac ) ) );
+ mbedtls_hash_info_psa_from_md( info->mac ) ) );
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
- return( PSA_ALG_ECDSA( mbedtls_psa_translate_md( info->mac ) ) );
+ return( PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( info->mac ) ) );
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 4b2d2d2..f68ae71 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -117,7 +117,7 @@
(void)f_rng;
(void)p_rng;
- alg = mbedtls_psa_translate_md( COOKIE_MD );
+ alg = mbedtls_hash_info_psa_from_md( COOKIE_MD );
if( alg == 0 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 39a47ca..4b6e03a 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -30,6 +30,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
+#include "hash_info.h"
#endif
#if defined(MBEDTLS_MD5_C)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e60b82f..a055a45 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7235,10 +7235,10 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- mac_alg = mbedtls_psa_translate_md( ciphersuite_info->mac );
+ mac_alg = mbedtls_hash_info_psa_from_md( ciphersuite_info->mac );
if( mac_alg == 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_psa_translate_md for %u not found",
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_hash_info_psa_from_md for %u not found",
(unsigned) ciphersuite_info->mac ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -7618,7 +7618,7 @@
{
psa_status_t status;
psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
- psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg );
+ psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( md_alg );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) );
@@ -7759,7 +7759,7 @@
if( ssl->handshake->key_cert && ssl->handshake->key_cert->key )
{
psa_algorithm_t psa_hash_alg =
- mbedtls_psa_translate_md( hash_alg_received );
+ mbedtls_hash_info_psa_from_md( hash_alg_received );
if( sig_alg_received == MBEDTLS_SSL_SIG_ECDSA &&
! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key,
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 265d6d3..93604e7 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -219,7 +219,7 @@
goto error;
}
- hash_alg = mbedtls_psa_translate_md( md_alg );
+ hash_alg = mbedtls_hash_info_psa_from_md( md_alg );
if( hash_alg == 0 )
{
goto error;
@@ -1043,7 +1043,7 @@
p += 2;
/* Hash verify buffer with indicated hash function */
- psa_algorithm = mbedtls_psa_translate_md( md_alg );
+ psa_algorithm = mbedtls_hash_info_psa_from_md( md_alg );
status = psa_hash_compute( psa_algorithm,
verify_buffer,
verify_buffer_len,
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 51743bb..a56fbee 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -622,7 +622,7 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
- psa_algorithm_t const hash_alg = mbedtls_psa_translate_md(
+ psa_algorithm_t const hash_alg = mbedtls_hash_info_psa_from_md(
handshake->ciphersuite_info->mac );
/*
@@ -734,7 +734,7 @@
mbedtls_md_type_t const md_type = ssl->handshake->ciphersuite_info->mac;
- psa_algorithm_t hash_alg = mbedtls_psa_translate_md(
+ psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md(
ssl->handshake->ciphersuite_info->mac );
size_t const hash_len = PSA_HASH_LENGTH( hash_alg );
@@ -1059,7 +1059,7 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- hash_alg = mbedtls_psa_translate_md( handshake->ciphersuite_info->mac );
+ hash_alg = mbedtls_hash_info_psa_from_md( handshake->ciphersuite_info->mac );
ret = mbedtls_ssl_tls13_evolve_secret( hash_alg, NULL, NULL, 0,
handshake->tls13_master_secrets.early );
@@ -1134,7 +1134,7 @@
md_type = ciphersuite_info->mac;
- hash_alg = mbedtls_psa_translate_md( ciphersuite_info->mac );
+ hash_alg = mbedtls_hash_info_psa_from_md( ciphersuite_info->mac );
hash_len = PSA_HASH_LENGTH( hash_alg );
ret = mbedtls_ssl_get_handshake_transcript( ssl, md_type,
@@ -1228,7 +1228,7 @@
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED && MBEDTLS_ECDH_C */
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
- psa_algorithm_t const hash_alg = mbedtls_psa_translate_md(
+ psa_algorithm_t const hash_alg = mbedtls_hash_info_psa_from_md(
handshake->ciphersuite_info->mac );
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
@@ -1340,7 +1340,7 @@
md_type = handshake->ciphersuite_info->mac;
- hash_alg = mbedtls_psa_translate_md( handshake->ciphersuite_info->mac );
+ hash_alg = mbedtls_hash_info_psa_from_md( handshake->ciphersuite_info->mac );
hash_len = PSA_HASH_LENGTH( hash_alg );
/* Compute current handshake transcript. It's the caller's responsibility
diff --git a/library/x509_crt.c b/library/x509_crt.c
index b38dff08..5677a5c 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -47,6 +47,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
+#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PLATFORM_C)
@@ -2379,7 +2380,7 @@
flags |= MBEDTLS_X509_BADCRL_BAD_PK;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_algorithm = mbedtls_psa_translate_md( crl_list->sig_md );
+ psa_algorithm = mbedtls_hash_info_psa_from_md( crl_list->sig_md );
if( psa_hash_compute( psa_algorithm,
crl_list->tbs.p,
crl_list->tbs.len,
@@ -2460,7 +2461,7 @@
return( -1 );
#else
unsigned char hash[PSA_HASH_MAX_SIZE];
- psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md );
+ psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( child->sig_md );
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
status = psa_hash_compute( hash_alg,
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 2992dba..c565b60 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -43,6 +43,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
+#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
@@ -500,7 +501,7 @@
/* Compute hash of CRT. */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_algorithm = mbedtls_psa_translate_md( ctx->md_alg );
+ psa_algorithm = mbedtls_hash_info_psa_from_md( ctx->md_alg );
status = psa_hash_compute( psa_algorithm,
c,
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 1cee318..b7a507e 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -35,6 +35,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
+#include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#include <string.h>
@@ -150,7 +151,7 @@
mbedtls_pk_type_t pk_alg;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
size_t hash_len;
- psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
+ psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( ctx->md_alg );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Write the CSR backwards starting from the end of buf */
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index ca471f1..27b6972 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -1321,7 +1321,7 @@
unsigned char pkey[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
unsigned char *pkey_start;
unsigned char hash[PSA_HASH_MAX_SIZE];
- psa_algorithm_t psa_md_alg = mbedtls_psa_translate_md( md_alg );
+ psa_algorithm_t psa_md_alg = mbedtls_hash_info_psa_from_md( md_alg );
psa_algorithm_t psa_alg;
size_t hash_len = PSA_HASH_LENGTH( psa_md_alg );
void const *options = NULL;
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 9a031b6..47d8f2e 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1458,7 +1458,7 @@
memset( md1, 0x6, maclen );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- alg = mbedtls_psa_translate_md( mbedtls_md_get_type( md_info ) );
+ alg = mbedtls_hash_info_psa_from_md( mbedtls_md_get_type( md_info ) );
CHK( alg != 0 );
@@ -5277,7 +5277,7 @@
USE_PSA_INIT( );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- alg = PSA_ALG_HMAC( mbedtls_psa_translate_md( hash ) );
+ alg = PSA_ALG_HMAC( mbedtls_hash_info_psa_from_md( hash ) );
out_len = PSA_HASH_LENGTH( alg );
block_size = PSA_HASH_BLOCK_LENGTH( alg );
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 8f5c947..7a47477 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -6,6 +6,8 @@
#include "mbedtls/oid.h"
#include "mbedtls/rsa.h"
+#include "hash_info.h"
+
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output,
@@ -181,7 +183,7 @@
PSA_INIT( );
memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
- md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
+ md_alg_psa = mbedtls_hash_info_psa_from_md( (mbedtls_md_type_t) md_type );
TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
mbedtls_pk_init( &key );
@@ -294,7 +296,7 @@
{
psa_algorithm_t alg_psa, md_alg_psa;
- md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
+ md_alg_psa = mbedtls_hash_info_psa_from_md( (mbedtls_md_type_t) md_type );
TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
if( mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_ECKEY )