Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace MBEDTLS_PK_CAN/HAVE_ECDSA* with its PSA_WANT counterparts #9337

Closed
gabor-mezei-arm opened this issue Jul 2, 2024 · 1 comment · Fixed by #9369 or #9385
Closed

Replace MBEDTLS_PK_CAN/HAVE_ECDSA* with its PSA_WANT counterparts #9337

gabor-mezei-arm opened this issue Jul 2, 2024 · 1 comment · Fixed by #9369 or #9385
Assignees
@eleuzi01
Labels
component-crypto Crypto primitives and low-level interfaces enhancement size-s Estimated task size: small (~2d)

Comments

@gabor-mezei-arm
Copy link
Contributor

gabor-mezei-arm commented Jul 2, 2024
edited
Loading

Replace these macros:

  • MBEDTLS_PK_HAVE_ECC_KEYS to PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
  • MBEDTLS_PK_CAN_ECDSA_SIGN to PSA_WANT_ALG_ECDSA && PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC
  • MBEDTLS_PK_CAN_ECDSA_VERIFY to PSA_WANT_ALG_ECDSA && PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
  • MBEDTLS_PK_CAN_ECDSA_SOME to PSA_WANT_ALG_ECDSA

The macros should be replaced in all files except mbedtls_config.h, check_config.h and config_adjust_*.h.

Ensure that the test are run in the same way.
@gabor-mezei-arm gabor-mezei-arm added enhancement component-crypto Crypto primitives and low-level interfaces size-s Estimated task size: small (~2d) labels Jul 2, 2024
@eleuzi01 eleuzi01 self-assigned this Jul 5, 2024
@eleuzi01 eleuzi01 changed the title Replace MBEDTLS_PK_CAN/HAVA_ECDSA* with its PSA_WANT counterpartarts Replace MBEDTLS_PK_CAN/HAVE_ECDSA* with its PSA_WANT counterpartarts Jul 5, 2024
This was referenced Jul 5, 2024
Merged
Merged
@eleuzi01 eleuzi01 changed the title Replace MBEDTLS_PK_CAN/HAVE_ECDSA* with its PSA_WANT counterpartarts Replace MBEDTLS_PK_CAN/HAVE_ECDSA* with its PSA_WANT counterparts Jul 10, 2024
@eleuzi01 eleuzi01 mentioned this issue Jul 11, 2024
Merged
4 tasks
@gilles-peskine-arm
Copy link
Contributor

It's never PSA_WANT_ALG_ECDSA but instead PSA_WANT_ALG_ECDSA || PSA_WANT_ALG_DETERMNISTIC_ECDSA. (Randomized) ECDSA and deterministic ECDSA are distinct signature algorithms, but they are functionally equivalent. This comes up often, so we should define a symbol like

#define PSA_HAVE_ALG_SOME_ECDSA (PSA_WANT_ALG_ECDSA || PSA_WANT_ALG_DETERMNISTIC_ECDSA)

in include/psa/*adjust*.h.

@eleuzi01 eleuzi01 reopened this Aug 8, 2024
@mpg mpg mentioned this issue Aug 12, 2024
Merged
4 tasks
@gilles-peskine-arm gilles-peskine-arm mentioned this issue Aug 12, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eleuzi01 eleuzi01

Labels
component-crypto Crypto primitives and low-level interfaces enhancement size-s Estimated task size: small (~2d)
Projects
Mbed TLS Epics
Status: Remove legacy symbols
Milestone
No milestone
3 participants
@gilles-peskine-arm @gabor-mezei-arm @eleuzi01