Remove calls to MD layer functions from X.509 #5158

mpg · 2021-11-12T08:43:29Z

Currently calls to PSA for hashing in X.509 are conditional to MBEDTLS_USE_PSA_CRYPTO. Since we're now auto-enabling that, we don't need the alternative code path any more.

This task is to replace two instances of:

#if defined(MBEDTLS_USE_PSA_CRYPTO)
/* code using psa_hash */
#else
/* code using mbedtls_md */
#endif

with:

/* code using psa_hash */

While at it, the PSA version, which currently uses the multi-part API (with psa_hash_operation_t) can be simplified to use the single-part API psa_hash_compute().

replaced in x509_crt_check_signature()
replaced in mbedtls_x509write_csr_der_internal()

Depends on: #5156 (to be able to use PSA without #ifdefs).
See also: #5157

Note: this task is only about MD functions. PK functions may require more care and will be handled as a separate task.

The text was updated successfully, but these errors were encountered:

mpg · 2021-12-02T11:33:02Z

Closing as this no longer makes sense with the change of strategy (USE_PSA_CRYPTO will remain optional for now).

mpg added enhancement Product Backlog size-s Estimated task size: small (~2d) labels Nov 12, 2021

mpg mentioned this issue Nov 12, 2021

MD: X.509 hashing #5157

Closed

6 tasks

mpg changed the title ~~Remove calls to MD layers from X.509~~ Remove calls to MD layer functions from X.509 Nov 12, 2021

mpg mentioned this issue Nov 22, 2021

Study: Build X.509 without MD #5209

Closed

mpg closed this as completed Dec 2, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove calls to MD layer functions from X.509 #5158

Remove calls to MD layer functions from X.509 #5158

mpg commented Nov 12, 2021

mpg commented Dec 2, 2021

Remove calls to MD layer functions from X.509 #5158

Remove calls to MD layer functions from X.509 #5158

Comments

mpg commented Nov 12, 2021

mpg commented Dec 2, 2021