diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 681c9735e..e66032d68 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -80,6 +80,13 @@ #include MBEDTLS_USER_CONFIG_FILE #endif +/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it + * in a previous release, to ensure backwards compatibility. + */ +#if defined(MBEDTLS_PKCS5_C) +#define MBEDTLS_MD_C +#endif + /* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C. * This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C. */ @@ -87,7 +94,8 @@ #define MBEDTLS_MD_LIGHT #endif -/* Auto-enable MBEDTLS_MD_LIGHT if some module needs it. +/* Auto-enable MBEDTLS_MD_LIGHT if needed by a module that didn't require it + * in a previous release, to ensure backwards compatibility. */ #if defined(MBEDTLS_ECJPAKE_C) || \ defined(MBEDTLS_PEM_PARSE_C) || \ diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 412bb0a92..0d7ea1479 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -169,8 +169,7 @@ #endif #if defined(MBEDTLS_PKCS5_C) && \ - ( !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) || \ - !defined(MBEDTLS_CIPHER_C) ) + !defined(MBEDTLS_CIPHER_C) #error "MBEDTLS_PKCS5_C defined, but not all prerequisites" #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 225664ee8..70f727005 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2849,15 +2849,11 @@ * * Module: library/pkcs5.c * - * Requires: MBEDTLS_CIPHER_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. + * Requires: MBEDTLS_CIPHER_C + * (auto-enables MBEDTLS_MD_C) * - * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() - * before doing any PKCS5 operation. - * - * \warning When building with MBEDTLS_MD_C, all hashes used with this - * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, - * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by - * this module in builds where MBEDTLS_MD_C is disabled. + * \warning If using a hash that is only provided by PSA drivers, you must + * call psa_crypto_init() before doing any PKCS5 operations. * * This module adds support for the PKCS#5 functions. */ diff --git a/library/pkcs5.c b/library/pkcs5.c index f471b6378..a755f23cd 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -47,12 +47,6 @@ #include "hash_info.h" #include "mbedtls/psa_util.h" -#if !defined(MBEDTLS_MD_C) -#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ - psa_to_md_errors, \ - psa_generic_status_to_mbedtls) -#endif - #if defined(MBEDTLS_ASN1_PARSE_C) static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations, @@ -221,7 +215,6 @@ exit: } #endif /* MBEDTLS_ASN1_PARSE_C */ -#if defined(MBEDTLS_MD_C) static int pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, @@ -322,7 +315,6 @@ int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, key_length, output); } #endif -#endif /* MBEDTLS_MD_C */ int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_alg, const unsigned char *password, @@ -330,7 +322,6 @@ int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_alg, unsigned int iteration_count, uint32_t key_length, unsigned char *output) { -#if defined(MBEDTLS_MD_C) mbedtls_md_context_t md_ctx; const mbedtls_md_info_t *md_info = NULL; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -350,116 +341,6 @@ int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_alg, exit: mbedtls_md_free(&md_ctx); return ret; -#else - unsigned int i; - unsigned char md1[PSA_HASH_MAX_SIZE]; - unsigned char work[PSA_HASH_MAX_SIZE]; - const unsigned char md_size = mbedtls_hash_info_get_size(md_alg); - psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; - - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t status_destruction = PSA_ERROR_CORRUPTION_DETECTED; - size_t use_len, out_len; - unsigned char *out_p = output; - unsigned char counter[4]; - mbedtls_svc_key_id_t psa_hmac_key = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const psa_algorithm_t alg = PSA_ALG_HMAC(mbedtls_hash_info_psa_from_md(md_alg)); - const size_t out_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_HMAC, 0, alg); - - memset(counter, 0, sizeof(counter)); - counter[3] = 1; - - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); - - if (key_length == 0) { - return 0; - } - if ((status = psa_import_key(&attributes, - password, plen, - &psa_hmac_key)) != PSA_SUCCESS) { - return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA; - } - -#if UINT_MAX > 0xFFFFFFFF - if (iteration_count > 0xFFFFFFFF) { - return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA; - } -#endif - - while (key_length) { - status = psa_mac_sign_setup(&operation, psa_hmac_key, - PSA_ALG_HMAC(alg)); - if (status != PSA_SUCCESS) { - goto cleanup; - } - // U1 ends up in work - if ((status = psa_mac_update(&operation, salt, slen)) != PSA_SUCCESS) { - goto cleanup; - } - - if ((status = psa_mac_update(&operation, counter, sizeof(counter))) != PSA_SUCCESS) { - goto cleanup; - } - - if ((status = psa_mac_sign_finish(&operation, work, out_size, &out_len)) - != PSA_SUCCESS) { - goto cleanup; - } - - memcpy(md1, work, out_len); - - for (i = 1; i < iteration_count; i++) { - // U2 ends up in md1 - // - status = psa_mac_sign_setup(&operation, psa_hmac_key, - PSA_ALG_HMAC(alg)); - if (status != PSA_SUCCESS) { - goto cleanup; - } - if ((status = psa_mac_update(&operation, md1, md_size)) != PSA_SUCCESS) { - goto cleanup; - } - if ((status = - psa_mac_sign_finish(&operation, md1, out_size, &out_len)) != PSA_SUCCESS) { - goto cleanup; - } - - // U1 xor U2 - // - mbedtls_xor(work, work, md1, md_size); - } - - use_len = (key_length < md_size) ? key_length : md_size; - memcpy(out_p, work, use_len); - - key_length -= (uint32_t) use_len; - out_p += use_len; - - for (i = 4; i > 0; i--) { - if (++counter[i - 1] != 0) { - break; - } - } - } - -cleanup: - /* Zeroise buffers to clear sensitive data from memory. */ - mbedtls_platform_zeroize(work, PSA_HASH_MAX_SIZE); - mbedtls_platform_zeroize(md1, PSA_HASH_MAX_SIZE); - status_destruction = psa_destroy_key(psa_hmac_key); - if (status == PSA_SUCCESS && status_destruction != PSA_SUCCESS) { - status = status_destruction; - } - status_destruction = psa_mac_abort(&operation); - if (status == PSA_SUCCESS && status_destruction != PSA_SUCCESS) { - status = status_destruction; - } - - return PSA_TO_MBEDTLS_ERR(status); -#endif /* !MBEDTLS_MD_C */ } #if defined(MBEDTLS_SELF_TEST) diff --git a/library/x509.c b/library/x509.c index fc13b9213..f20b3cff9 100644 --- a/library/x509.c +++ b/library/x509.c @@ -135,31 +135,31 @@ int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, static inline const char *md_type_to_string(mbedtls_md_type_t md_alg) { switch (md_alg) { -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) case MBEDTLS_MD_MD5: return "MD5"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) case MBEDTLS_MD_SHA1: return "SHA1"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA224) case MBEDTLS_MD_SHA224: return "SHA224"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_MD_SHA256: return "SHA256"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_MD_SHA384: return "SHA384"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_MD_SHA512: return "SHA512"; #endif -#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) case MBEDTLS_MD_RIPEMD160: return "RIPEMD160"; #endif diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 555db66e2..3d5605953 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1224,12 +1224,15 @@ component_test_crypto_full_md_light_only () { scripts/config.py crypto_full # Disable MD scripts/config.py unset MBEDTLS_MD_C - # Disable direct dependencies of MD + # Disable direct dependencies of MD_C scripts/config.py unset MBEDTLS_HKDF_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_PKCS7_C - # Disable indirect dependencies of MD + # Disable indirect dependencies of MD_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # needs HMAC_DRBG + # Disable things that would auto-enable MD_C + scripts/config.py unset MBEDTLS_PKCS5_C + # Note: MD-light is auto-enabled in build_info.h by modules that need it, # which we haven't disabled, so no need to explicitly enable it. make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" @@ -2671,9 +2674,7 @@ component_test_psa_crypto_config_accel_hash_use_psa () { make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" all # There's a risk of something getting re-enabled via config_psa.h; - # make sure it did not happen. Note: it's OK for MD_LIGHT to be enabled, - # but not the full MD_C (for now), so check mbedtls_md_hmac for that. - not grep mbedtls_md_hmac library/md.o + # make sure it did not happen. Note: it's OK for MD_C to be enabled. not grep mbedtls_md5 library/md5.o not grep mbedtls_sha1 library/sha1.o not grep mbedtls_sha256 library/sha256.o diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index fd731e99f..ef48f1e57 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -14,14 +14,16 @@ void pbkdf2_hmac(int hash, data_t *pw_str, data_t *salt_str, { unsigned char key[100]; - PSA_INIT_IF_NO_MD(); + MD_PSA_INIT(); TEST_ASSERT(mbedtls_pkcs5_pbkdf2_hmac_ext(hash, pw_str->x, pw_str->len, salt_str->x, salt_str->len, it_cnt, key_len, key) == 0); TEST_ASSERT(mbedtls_test_hexcmp(key, result_key_string->x, key_len, result_key_string->len) == 0); - PSA_DONE_IF_NO_MD(); + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -33,7 +35,7 @@ void mbedtls_pkcs5_pbes2(int params_tag, data_t *params_hex, data_t *pw, mbedtls_asn1_buf params; unsigned char *my_out = NULL; - PSA_INIT_IF_NO_MD(); + MD_PSA_INIT(); params.tag = params_tag; params.p = params_hex->x; @@ -51,13 +53,17 @@ void mbedtls_pkcs5_pbes2(int params_tag, data_t *params_hex, data_t *pw, exit: mbedtls_free(my_out); - PSA_DONE_IF_NO_MD(); + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void pkcs5_selftest() { + MD_PSA_INIT(); TEST_ASSERT(mbedtls_pkcs5_self_test(1) == 0); + +exit: + MD_PSA_DONE(); } /* END_CASE */