lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-08 23:21:59 +03:00
Code Activity

library: tls12: remove usage of MBEDTLS_PK_USE_PSA_EC_DATA

Browse Source 
PK module will now always use PSA storing pattern when working with
EC keys therefore MBEDTLS_PK_USE_PSA_EC_DATA is assumed to be always
enabled.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
2025-05-05 15:34:28 +02:00
parent c2b7f85747
commit ae89dcc4be
2 changed files with 0 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
library/ssl_tls12_client.c
View File

@ -1758,10 +1758,6 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl)
return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
}
#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
const mbedtls_ecp_keypair *peer_key = mbedtls_pk_ec_ro(*peer_pk);
#endif /* !defined(MBEDTLS_PK_USE_PSA_EC_DATA) */
uint16_t tls_id = 0;
psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(peer_pk);
@ -1786,23 +1782,9 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl)
ssl->handshake->xxdh_psa_type = key_type;
/* Store peer's public key in psa format. */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
memcpy(ssl->handshake->xxdh_psa_peerkey, peer_pk->pub_raw, peer_pk->pub_raw_len);
ssl->handshake->xxdh_psa_peerkey_len = peer_pk->pub_raw_len;
ret = 0;
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
size_t olen = 0;
ret = mbedtls_ecp_point_write_binary(&peer_key->grp, &peer_key->Q,
MBEDTLS_ECP_PF_UNCOMPRESSED, &olen,
ssl->handshake->xxdh_psa_peerkey,
sizeof(ssl->handshake->xxdh_psa_peerkey));
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecp_point_write_binary"), ret);
return ret;
}
ssl->handshake->xxdh_psa_peerkey_len = olen;
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/* We don't need the peer's public key anymore. Free it,
* so that more RAM is available for upcoming expensive