1 files changed, 215 insertions, 0 deletions
diff --git a/include/mbedtls/legacy_or_psa.h b/include/mbedtls/legacy_or_psa.h
new file mode 100644
index 000000000..f872ddaf1
--- /dev/null
+++ b/include/mbedtls/legacy_or_psa.h
@@ -0,0 +1,215 @@
+/**
+ *  Macros to express dependencies for code and tests that may use either the
+ *  legacy API or PSA in various builds. This whole header file is currently
+ *  for internal use only and both the header file and the macros it defines
+ *  may change or be removed without notice.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/*
+ * Note: applications that are targeting a specific configuration do not need
+ * to use these macros; instead they should directly use the functions they
+ * know are available in their configuration.
+ *
+ * Note: code that is purely based on PSA Crypto (psa_xxx() functions)
+ * does not need to use these macros; instead it should use the relevant
+ * PSA_WANT_xxx macros.
+ *
+ * Note: code that is purely based on the legacy crypto APIs (mbedtls_xxx())
+ * does not need to use these macros; instead it should use the relevant
+ * MBEDTLS_xxx macros.
+ *
+ * These macros are for code that wants to use <crypto feature> and will do so
+ * using <legacy API> or PSA depending on <condition>, where:
+ * - <crypto feature> will generally be an algorithm (SHA-256, ECDH) but may
+ *   also be a key type (AES, RSA, EC) or domain parameters (elliptic curve);
+ * - <legacy API> will be either:
+ *      - low-level module API (aes.h, sha256.h), or
+ *      - an abstraction layer (md.h, cipher.h);
+ * - <condition> will be either:
+ *      - depending on what's available in the build:
+ *          legacy API used if available, PSA otherwise
+ *          (this is done to ensure backwards compatibility); or
+ *      - depending on whether MBEDTLS_USE_PSA_CRYPTO is defined.
+ *
+ * Examples:
+ * - TLS 1.2 will compute hashes using either mbedtls_md_xxx() (and
+ *   mbedtls_sha256_xxx()) or psa_aead_xxx() depending on whether
+ *   MBEDTLS_USE_PSA_CRYPTO is defined;
+ * - RSA PKCS#1 v2.1 will compute hashes (for padding) using either
+ *   `mbedtls_md()` if it's available, or `psa_hash_compute()` otherwise;
+ * - PEM decoding of PEM-encrypted keys will compute MD5 hashes using either
+ *   `mbedtls_md5_xxx()` if it's available, or `psa_hash_xxx()` otherwise.
+ *
+ * Note: the macros are essential to express test dependencies. Inside code,
+ * we could instead just use the equivalent pre-processor condition, but
+ * that's not possible in test dependencies where we need a single macro.
+ * Hopefully, using these macros in code will also help with consistency.
+ *
+ * The naming scheme for these macros is:
+ *      MBEDTLS_HAS_feature_VIA_legacy_OR_PSA(_condition)
+ * where:
+ * - feature is expressed the same way as in PSA_WANT macros, for example:
+ *   KEY_TYPE_AES, ALG_SHA_256, ECC_SECP_R1_256;
+ * - legacy is either LOWLEVEL or the name of the layer: MD, CIPHER;
+ * - condition is omitted if it's based on availability, else it's
+ *   BASED_ON_USE_PSA.
+ *
+ * Coming back to the examples above:
+ * - TLS 1.2 will determine if it can use SHA-256 using
+ *      MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+ *   for the purposes of negotiation, and in test dependencies;
+ * - RSA PKCS#1 v2.1 tests that used SHA-256 will depend on
+ *      MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
+ * - PEM decoding code and its associated tests will depend on
+ *      MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
+ *
+ * Note: every time it's possible to use, say SHA-256, via the MD API, then
+ * it's also possible to use it via the low-level API. So, code that wants to
+ * use SHA-256 via both APIs only needs to depend on the MD macro. Also, it
+ * just so happens that all the code choosing which API to use based on
+ * MBEDTLS_USE_PSA_CRYPTO (X.509, TLS 1.2/shared), always uses the abstraction
+ * layer (sometimes in addition to the low-level API), so we don't need the
+ * MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA_BASED_ON_USE_PSA macros.
+ * (PK, while obeying MBEDTLS_USE_PSA_CRYPTO, doesn't compute hashes itself,
+ * even less makes use of ciphers.)
+ *
+ * Note: the macros MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA are the minimal
+ * condition for being able to use <feature> at all. As such, they should be
+ * used for guarding data about <feature>, such as OIDs or size. For example,
+ * OID values related to SHA-256 are only useful when SHA-256 can be used at
+ * least in some way.
+ */
+
+#ifndef MBEDTLS_OR_PSA_HELPERS_H
+#define MBEDTLS_OR_PSA_HELPERS_H
+
+#include "mbedtls/build_info.h"
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+/*
+ * Hashes
+ */
+
+/* Hashes using low-level or PSA based on availability */
+#if defined(MBEDTLS_MD5_C) || \
+    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
+#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
+#endif
+#if defined(MBEDTLS_RIPEMD160_C) || \
+    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
+#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
+#endif
+#if defined(MBEDTLS_SHA1_C) || \
+    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
+#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
+#endif
+#if defined(MBEDTLS_SHA224_C) || \
+    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
+#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
+#endif
+#if defined(MBEDTLS_SHA256_C) || \
+    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
+#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
+#endif
+#if defined(MBEDTLS_SHA384_C) || \
+    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
+#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
+#endif
+#if defined(MBEDTLS_SHA512_C) || \
+    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
+#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
+#endif
+
+/* Hashes using MD or PSA based on availability */
+#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
+#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
+#endif
+#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
+#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
+#endif
+#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
+#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
+#endif
+#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
+#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
+#endif
+#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
+#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
+#endif
+#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
+#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
+#endif
+#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
+    ( !defined(MBEDTLS_MD_C) && \
+        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
+#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
+#endif
+
+/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
+#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
+        defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
+    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5) )
+#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+#endif
+#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
+        defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
+    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160) )
+#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+#endif
+#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
+        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
+    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) )
+#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+#endif
+#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
+        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
+    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) )
+#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+#endif
+#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
+        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
+    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) )
+#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+#endif
+#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
+        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
+    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) )
+#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+#endif
+#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
+        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
+    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) )
+#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
+#endif
+
+#endif /* MBEDTLS_OR_PSA_HELPERS_H */