mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-08-08 17:42:09 +03:00
Replace MBEDTLS_PK_HAVE_ECC_KEYS with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
This commit is contained in:
Elena Uziunaite
@@ -1576,10 +1576,10 @@ int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md);
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id);
|
||||
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id);
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
|
||||
/**
|
||||
* \brief Return PSA EC info for the specified TLS ID.
|
||||
|
||||
@@ -4765,14 +4765,14 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl)
|
||||
return;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
if (ssl->handshake->group_list_heap_allocated) {
|
||||
mbedtls_free((void *) handshake->group_list);
|
||||
}
|
||||
handshake->group_list = NULL;
|
||||
#endif /* MBEDTLS_DEPRECATED_REMOVED */
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
|
||||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
@@ -6217,7 +6217,7 @@ int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_
|
||||
return -1;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
/*
|
||||
* Same as mbedtls_ssl_check_curve_tls_id() but with a mbedtls_ecp_group_id.
|
||||
*/
|
||||
@@ -6231,7 +6231,7 @@ int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id
|
||||
|
||||
return mbedtls_ssl_check_curve_tls_id(ssl, tls_id);
|
||||
}
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
|
||||
static const struct {
|
||||
uint16_t tls_id;
|
||||
@@ -8030,7 +8030,7 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl,
|
||||
* Secondary checks: always done, but change 'ret' only if it was 0
|
||||
*/
|
||||
|
||||
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
{
|
||||
const mbedtls_pk_context *pk = &chain->pk;
|
||||
|
||||
@@ -8057,7 +8057,7 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl,
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
|
||||
if (mbedtls_ssl_check_cert_usage(chain,
|
||||
ciphersuite_info,
|
||||
|
||||
@@ -92,7 +92,7 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) |
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
|
||||
0xFFFFFFF, /* Any PK alg */
|
||||
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
/* Curves at or above 128-bit security level. Note that this selection
|
||||
* should be aligned with ssl_preset_default_curves in ssl_tls.c. */
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) |
|
||||
@@ -102,9 +102,9 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP384R1) |
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP512R1) |
|
||||
0,
|
||||
#else /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#else /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
0,
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
2048,
|
||||
};
|
||||
|
||||
@@ -143,13 +143,13 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb =
|
||||
/* Only ECDSA */
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECDSA) |
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECKEY),
|
||||
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
/* Only NIST P-256 and P-384 */
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) |
|
||||
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1),
|
||||
#else /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#else /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
0,
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
0,
|
||||
};
|
||||
|
||||
@@ -219,7 +219,7 @@ static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile,
|
||||
}
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
|
||||
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
|
||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
if (pk_alg == MBEDTLS_PK_ECDSA ||
|
||||
pk_alg == MBEDTLS_PK_ECKEY ||
|
||||
pk_alg == MBEDTLS_PK_ECKEY_DH) {
|
||||
@@ -235,7 +235,7 @@ static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile,
|
||||
|
||||
return -1;
|
||||
}
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user