Mbed-TLS · daverodgman · Aug 16, 2022 · Jul 15, 2022 · Jul 15, 2022 · Jul 15, 2022
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
@@ -162,7 +162,8 @@
 #error "MBEDTLS_PKCS12_C defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PKCS1_V21) && !defined(MBEDTLS_MD_C)
+#if defined(MBEDTLS_PKCS1_V21) && \
+    !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) )
 #error "MBEDTLS_PKCS1_V21 defined, but not all prerequisites"
 #endif
 

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
@@ -158,7 +158,6 @@ extern "C" {
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V21
-#define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
 #endif /* PSA_WANT_ALG_RSA_OAEP */
 
@@ -189,7 +188,6 @@ extern "C" {
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V21
-#define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
 #endif /* PSA_WANT_ALG_RSA_PSS */
 

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
@@ -1141,7 +1141,10 @@
  *
  * Enable support for PKCS#1 v2.1 encoding.
  *
- * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
+ * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C).
- * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C).
+ * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or (MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_MD5) ).
- * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C).
+ * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or (MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_MD5) ).
+ *
+ * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
+ * before doing any PKCS#1 v2.1 operation.
  *
  * This enables support for RSAES-OAEP and RSASSA-PSS operations.
  */

diff --git a/library/hash_info.c b/library/hash_info.c
@@ -22,6 +22,7 @@
 
 #include "hash_info.h"
 #include "legacy_or_psa.h"
+#include "mbedtls/error.h"
 
 typedef struct
 {
@@ -107,3 +108,20 @@ mbedtls_md_type_t mbedtls_hash_info_md_from_psa( psa_algorithm_t psa_alg )
 
     return entry->md_type;
 }
+
+int mbedtls_md_error_from_psa( psa_status_t status )
+{
+    switch( status )
+    {
+        case PSA_SUCCESS:
+            return( 0 );
+        case PSA_ERROR_NOT_SUPPORTED:
+            return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
+        case PSA_ERROR_INVALID_ARGUMENT:
+            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+        case PSA_ERROR_INSUFFICIENT_MEMORY:
+            return( MBEDTLS_ERR_MD_ALLOC_FAILED );
+        default:
+            return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
+    }
+}
diff --git a/library/hash_info.h b/library/hash_info.h
@@ -74,4 +74,12 @@ psa_algorithm_t mbedtls_hash_info_psa_from_md( mbedtls_md_type_t md_type );
  */
 mbedtls_md_type_t mbedtls_hash_info_md_from_psa( psa_algorithm_t psa_alg );
 
+/** Convert PSA status to MD error code.
+ *
+ * \param status    PSA status.
+ *
+ * \return          The corresponding MD error code,
+ */
+int mbedtls_md_error_from_psa( psa_status_t status );
+
 #endif /* MBEDTLS_HASH_INFO_H */
diff --git a/library/legacy_or_psa.h b/library/legacy_or_psa.h
@@ -27,7 +27,9 @@
  *      - low-level module API (aes.h, sha256.h), or
  *      - an abstraction layer (md.h, cipher.h);
  * - <condition> will be either:
- *      - depending on what's available in the build, or
+ *      - depending on what's available in the build:
+ *          legacy API used if available, PSA otherwise
+ *          (this is done to ensure backwards compatibility); or
  *      - depending on whether MBEDTLS_USE_PSA_CRYPTO is defined.
  *
  * Examples:
@@ -125,31 +127,38 @@
 
 /* Hashes using MD or PSA based on availability */
 #if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
-    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
 #define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
 #endif
 #if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
-    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
 #define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
 #endif
 #if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
-    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
 #define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
 #endif
 #if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
-    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
 #define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
 #endif
 #if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
-    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
 #define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
 #endif
 #if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
-    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
 #define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
 #endif
 #if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
-    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
 #define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
 #endif