Remove additional ifdef's

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
2025-12-14 02:22:15 +03:00 · 2025-07-11 08:37:22 +01:00
parent 15f1d7f812
commit 558766d814
3 changed files with 3 additions and 30 deletions
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -217,8 +217,7 @@ typedef enum {
 #endif

 /* Key exchanges that don't involve ephemeral keys */
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)           || \
-    defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
 #define MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
 #endif

@@ -244,8 +243,7 @@ typedef enum {
 #endif

 /* TLS 1.2 key exchanges using ECDH or ECDHE*/
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) || \
-    defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
 #define MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED
 #endif

--- a/library/ssl_ciphersuites_internal.h
+++ b/library/ssl_ciphersuites_internal.h
@@ -54,18 +54,6 @@ static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */

-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
-{
-    switch (info->MBEDTLS_PRIVATE(key_exchange)) {
-    return 1;
-
-        default:
-            return 0;
-    }
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
-
 static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
 {
    switch (info->MBEDTLS_PRIVATE(key_exchange)) {
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -22,8 +22,7 @@

 /* Define a local translating function to save code size by not using too many
 * arguments in each translating place. */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) || \
-    defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
 static int local_err_translation(psa_status_t status)
 {
    return psa_status_to_mbedtls(status, psa_to_ssl_errors,
@@ -2914,18 +2913,6 @@ static int ssl_write_server_key_exchange(mbedtls_ssl_context *ssl)
    /* Extract static ECDH parameters and abort if ServerKeyExchange
     * is not needed. */
    if (mbedtls_ssl_ciphersuite_no_pfs(ciphersuite_info)) {
-        /* For suites involving ECDH, extract DH parameters
-         * from certificate at this point. */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
-        if (mbedtls_ssl_ciphersuite_uses_ecdh(ciphersuite_info)) {
-            ret = ssl_get_ecdh_params_from_cert(ssl);
-            if (ret != 0) {
-                MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_ecdh_params_from_cert", ret);
-                return ret;
-            }
-        }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
-
        /* Key exchanges not involving ephemeral keys don't use
         * ServerKeyExchange, so end here. */
        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write server key exchange"));