PKCS5: always use MD
As a consequence, MD_C is now enabled in component accel_hash_use_psa. Fix guards in X.509 info function to avoid this causing a failure now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
c1f10441e0
commit
49e67f814f
7 changed files with 37 additions and 146 deletions
|
@ -80,6 +80,13 @@
|
|||
#include MBEDTLS_USER_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it
|
||||
* in a previous release, to ensure backwards compatibility.
|
||||
*/
|
||||
#if defined(MBEDTLS_PKCS5_C)
|
||||
#define MBEDTLS_MD_C
|
||||
#endif
|
||||
|
||||
/* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C.
|
||||
* This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C.
|
||||
*/
|
||||
|
@ -87,7 +94,8 @@
|
|||
#define MBEDTLS_MD_LIGHT
|
||||
#endif
|
||||
|
||||
/* Auto-enable MBEDTLS_MD_LIGHT if some module needs it.
|
||||
/* Auto-enable MBEDTLS_MD_LIGHT if needed by a module that didn't require it
|
||||
* in a previous release, to ensure backwards compatibility.
|
||||
*/
|
||||
#if defined(MBEDTLS_ECJPAKE_C) || \
|
||||
defined(MBEDTLS_PEM_PARSE_C) || \
|
||||
|
|
|
@ -169,8 +169,7 @@
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PKCS5_C) && \
|
||||
( !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) || \
|
||||
!defined(MBEDTLS_CIPHER_C) )
|
||||
!defined(MBEDTLS_CIPHER_C)
|
||||
#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
|
|
|
@ -2849,15 +2849,11 @@
|
|||
*
|
||||
* Module: library/pkcs5.c
|
||||
*
|
||||
* Requires: MBEDTLS_CIPHER_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C.
|
||||
* Requires: MBEDTLS_CIPHER_C
|
||||
* (auto-enables MBEDTLS_MD_C)
|
||||
*
|
||||
* \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
|
||||
* before doing any PKCS5 operation.
|
||||
*
|
||||
* \warning When building with MBEDTLS_MD_C, all hashes used with this
|
||||
* need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C,
|
||||
* etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by
|
||||
* this module in builds where MBEDTLS_MD_C is disabled.
|
||||
* \warning If using a hash that is only provided by PSA drivers, you must
|
||||
* call psa_crypto_init() before doing any PKCS5 operations.
|
||||
*
|
||||
* This module adds support for the PKCS#5 functions.
|
||||
*/
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue