From e6d3edaf327ec3097ad18f442df42b0369d90556 Mon Sep 17 00:00:00 2001
From: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Date: Thu, 26 Aug 2021 11:46:14 +0200
Subject: [PATCH] Add missing PSA_ALG_IS_SIGN_HASH macro.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
---
 include/psa/crypto.h        |  8 ++++++--
 include/psa/crypto_values.h | 15 +++++++++++++++
 library/psa_crypto.c        |  2 +-
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 5d9854a7b..ee4b54cbf 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2990,7 +2990,9 @@ psa_status_t psa_verify_message( mbedtls_svc_key_id_t key,
  * \param key                   Identifier of the key to use for the operation.
  *                              It must be an asymmetric key pair. The key must
  *                              allow the usage #PSA_KEY_USAGE_SIGN_HASH.
- * \param alg                   A signature algorithm that is compatible with
+ * \param alg                   A signature algorithm (PSA_ALG_XXX
+ *                              value such that #PSA_ALG_IS_SIGN_HASH(\p alg)
+ *                              is true), that is compatible with
  *                              the type of \p key.
  * \param[in] hash              The hash or message to sign.
  * \param hash_length           Size of the \p hash buffer in bytes.
@@ -3043,7 +3045,9 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
  *                          must be a public key or an asymmetric key pair. The
  *                          key must allow the usage
  *                          #PSA_KEY_USAGE_VERIFY_HASH.
- * \param alg               A signature algorithm that is compatible with
+ * \param alg               A signature algorithm (PSA_ALG_XXX
+ *                          value such that #PSA_ALG_IS_SIGN_HASH(\p alg)
+ *                          is true), that is compatible with
  *                          the type of \p key.
  * \param[in] hash          The hash or message whose signature is to be
  *                          verified.
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 621b872fc..526b4549d 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1621,6 +1621,21 @@
 #define PSA_ALG_IS_SIGN_MESSAGE(alg)                                    \
     (PSA_ALG_IS_HASH_AND_SIGN(alg) || (alg) == PSA_ALG_PURE_EDDSA )
 
+/** Whether the specified algorithm is a signature algorithm that can be used
+ * with psa_sign_hash() and psa_verify_hash().
+ *
+ * \param alg An algorithm identifier (value of type psa_algorithm_t).
+ *
+ * \return 1 if alg is a signature algorithm that can be used to sign a
+ *         hash. 0 if alg is a signature algorithm that can only be used
+ *         to sign a message. 0 if alg is not a signature algorithm.
+ *         This macro can return either 0 or 1 if alg is not a
+ *         supported algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN_HASH(alg)                                       \
+    (PSA_ALG_IS_HASH_AND_SIGN(alg) || (alg) == PSA_ALG_ED25519PH ||     \
+    (alg) == PSA_ALG_ED448PH)
+
 /** Get the hash used by a hash-and-sign signature algorithm.
  *
  * A hash-and-sign algorithm is a signature algorithm which is
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3670071a5..84b85667c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2652,7 +2652,7 @@ static psa_status_t psa_sign_verify_check_alg( int input_is_message,
     }
     else
     {
-        if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) )
+        if( ! PSA_ALG_IS_SIGN_HASH( alg ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
     }