Rm dependency on MD in psa_crypto_rsa.c

The previous commit made the PKCS#1v1.5 part of rsa.c independent from md.c, but there was still a dependency in the corresponding part in PSA. This commit removes it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-05 11:30:31 +02:00 · 2022-07-05 11:30:31 +02:00 · 3f4778995e
commit 3f4778995e
parent fe2b9b5397
3 changed files with 30 additions and 9 deletions
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@ -41,6 +41,7 @@
 #include <mbedtls/error.h>
 #include <mbedtls/pk.h>
 #include "pk_wrap.h"
+#include "md_internal.h"

 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
@ -319,6 +320,30 @@ psa_status_t mbedtls_psa_rsa_generate_key(
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)

+/* Convert a hash algorithm from PSA to MD identifier */
+static inline mbedtls_md_type_t get_md_alg_from_psa( psa_algorithm_t psa_alg )
+{
+    switch( psa_alg )
+    {
+        case PSA_ALG_MD5:
+            return( MBEDTLS_MD_MD5 );
+        case PSA_ALG_RIPEMD160:
+            return( MBEDTLS_MD_RIPEMD160 );
+        case PSA_ALG_SHA_1:
+            return( MBEDTLS_MD_SHA1 );
+        case PSA_ALG_SHA_224:
+            return( MBEDTLS_MD_SHA224 );
+        case PSA_ALG_SHA_256:
+            return( MBEDTLS_MD_SHA256 );
+        case PSA_ALG_SHA_384:
+            return( MBEDTLS_MD_SHA384 );
+        case PSA_ALG_SHA_512:
+            return( MBEDTLS_MD_SHA512 );
+        default:
+            return( MBEDTLS_MD_NONE );
+    }
+}
+
 /* Decode the hash algorithm from alg and store the mbedtls encoding in
 * md_alg. Verify that the hash length is acceptable. */
 static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
@ -326,8 +351,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
                                            mbedtls_md_type_t *md_alg )
 {
    psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
-    *md_alg = mbedtls_md_get_type( md_info );
+    *md_alg = get_md_alg_from_psa( hash_alg );

    /* The Mbed TLS RSA module uses an unsigned int for hash length
     * parameters. Validate that it fits so that we don't risk an
@ -340,9 +364,9 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
    /* For signatures using a hash, the hash length must be correct. */
    if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
    {
-        if( md_info == NULL )
+        if( *md_alg == MBEDTLS_MD_NONE )
            return( PSA_ERROR_NOT_SUPPORTED );
-        if( mbedtls_md_get_size( md_info ) != hash_length )
+        if( mbedtls_md_internal_get_size( *md_alg ) != hash_length )
            return( PSA_ERROR_INVALID_ARGUMENT );
    }