Define "light" subset of MD
See docs/architecture/psa-migration/md-cipher-dispatch.md
Regarding testing, the no_md component was never very useful, as that's
not something people are likely to want to do: it was mostly useful as
executable documentation of what depends on MD. It's going to be even
less useful when more and more modules auto-enable MD_LIGHT or even
MD_C. So, recycle it to test the build with only MD_LIGHT, which is
something that might happen in practice, and is necessary to ensure that
the division is consistent.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index bcf56a5..f9349e1 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -1,7 +1,15 @@
/**
* \file md.h
*
- * \brief This file contains the generic message-digest wrapper.
+ * \brief This file contains the generic functions for message-digest
+ * (hashing) and HMAC.
+ *
+ * Availability of function in this modules is controled by two
+ * feature macros:
+ * - MBEDTLS_MD_C enables the whole module;
+ * - MBEDTLS_MD_LIGHT enables only functions for hashing an accessing
+ * some hash metadata; is it automatically set whenever MBEDTLS_MD_C
+ * is set.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*/
@@ -107,6 +115,7 @@
void *MBEDTLS_PRIVATE(hmac_ctx);
} mbedtls_md_context_t;
+#if defined(MBEDTLS_MD_C)
/**
* \brief This function returns the list of digests supported by the
* generic digest module.
@@ -130,6 +139,7 @@
* \return NULL if the associated message-digest information is not found.
*/
const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name);
+#endif /* MBEDTLS_MD_C */
/**
* \brief This function returns the message-digest information
@@ -142,6 +152,7 @@
*/
const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type);
+#if defined(MBEDTLS_MD_C)
/**
* \brief This function returns the message-digest information
* from the given context.
@@ -154,6 +165,7 @@
*/
const mbedtls_md_info_t *mbedtls_md_info_from_ctx(
const mbedtls_md_context_t *ctx);
+#endif /* MBEDTLS_MD_C */
/**
* \brief This function initializes a message-digest context without
@@ -248,6 +260,7 @@
*/
mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info);
+#if defined(MBEDTLS_MD_C)
/**
* \brief This function extracts the message-digest name from the
* message-digest information structure.
@@ -258,6 +271,7 @@
* \return The name of the message digest.
*/
const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info);
+#endif /* MBEDTLS_MD_C */
/**
* \brief This function starts a message-digest computation.
@@ -337,7 +351,7 @@
int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output);
-#if defined(MBEDTLS_FS_IO)
+#if defined(MBEDTLS_FS_IO) && defined(MBEDTLS_MD_C)
/**
* \brief This function calculates the message-digest checksum
* result of the contents of the provided file.
@@ -358,8 +372,9 @@
MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path,
unsigned char *output);
-#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_FS_IO && MBEDTLS_MD_C */
+#if defined(MBEDTLS_MD_C)
/**
* \brief This function sets the HMAC key and prepares to
* authenticate a new message.
@@ -470,6 +485,7 @@
int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output);
+#endif /* MBEDTLS_MD_C */
#ifdef __cplusplus
}