lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Rm dead !USE_PSA code: SSL hooks

Browse Source 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_{ticket,cookie}.[ch]

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
2025-01-22 12:09:14 +01:00
parent f60b09b019
commit b18c8b957b
4 changed files with 0 additions and 237 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
include/mbedtls/ssl_cookie.h
View File

@ -15,11 +15,6 @@
#include "mbedtls/ssl.h"
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h"
#endif
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
/**
* \name SECTION: Module settings
@ -42,23 +37,14 @@ extern "C" {
* \brief Context for the default cookie functions.
*/
typedef struct mbedtls_ssl_cookie_ctx {
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac_key); /*!< key id for the HMAC portion */
psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */
#else
mbedtls_md_context_t MBEDTLS_PRIVATE(hmac_ctx); /*!< context for the HMAC portion */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if !defined(MBEDTLS_HAVE_TIME)
unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */
#endif
unsigned long MBEDTLS_PRIVATE(timeout); /*!< timeout delay, in seconds if HAVE_TIME,
or in number of tickets issued */
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_THREADING_C)
mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
#endif
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
} mbedtls_ssl_cookie_ctx;
/**

6
include/mbedtls/ssl_ticket.h
View File

@ -26,9 +26,7 @@
#include "mbedtls/platform_time.h"
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#endif
#if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h"
@ -54,14 +52,10 @@ typedef struct mbedtls_ssl_ticket_key {
* tickets created under that key.
*/
uint32_t MBEDTLS_PRIVATE(lifetime);
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_cipher_context_t MBEDTLS_PRIVATE(ctx); /*!< context for auth enc/decryption */
#else
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(key); /*!< key used for auth enc/decryption */
psa_algorithm_t MBEDTLS_PRIVATE(alg); /*!< algorithm of auth enc/decryption */
psa_key_type_t MBEDTLS_PRIVATE(key_type); /*!< key type */
size_t MBEDTLS_PRIVATE(key_bits); /*!< key length in bits */
#endif
}
mbedtls_ssl_ticket_key;

128
library/ssl_cookie.c
View File

@ -22,7 +22,6 @@
#include <string.h>
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "mbedtls/psa_util.h"
/* Define a local translating function to save code size by not using too many
* arguments in each translating place. */
@ -33,7 +32,6 @@ static int local_err_translation(psa_status_t status)
psa_generic_status_to_mbedtls);
}
#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status)
#endif
/*
* If DTLS is in use, then at least one of SHA-256 or SHA-384 is
@ -59,21 +57,12 @@ static int local_err_translation(psa_status_t status)
void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx)
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ctx->psa_hmac_key = MBEDTLS_SVC_KEY_ID_INIT;
#else
mbedtls_md_init(&ctx->hmac_ctx);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if !defined(MBEDTLS_HAVE_TIME)
ctx->serial = 0;
#endif
ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT;
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init(&ctx->mutex);
#endif
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
}
void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay)
@ -87,15 +76,7 @@ void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx)
return;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key(ctx->psa_hmac_key);
#else
mbedtls_md_free(&ctx->hmac_ctx);
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free(&ctx->mutex);
#endif
#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_cookie_ctx));
}
@ -104,7 +85,6 @@ int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_algorithm_t alg;
@ -130,57 +110,10 @@ int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
&ctx->psa_hmac_key)) != PSA_SUCCESS) {
return PSA_TO_MBEDTLS_ERR(status);
}
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char key[COOKIE_MD_OUTLEN];
if ((ret = f_rng(p_rng, key, sizeof(key))) != 0) {
return ret;
}
ret = mbedtls_md_setup(&ctx->hmac_ctx, mbedtls_md_info_from_type(COOKIE_MD), 1);
if (ret != 0) {
return ret;
}
ret = mbedtls_md_hmac_starts(&ctx->hmac_ctx, key, sizeof(key));
if (ret != 0) {
return ret;
}
mbedtls_platform_zeroize(key, sizeof(key));
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return 0;
}
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
/*
* Generate the HMAC part of a cookie
*/
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_cookie_hmac(mbedtls_md_context_t *hmac_ctx,
const unsigned char time[4],
unsigned char **p, unsigned char *end,
const unsigned char *cli_id, size_t cli_id_len)
{
unsigned char hmac_out[COOKIE_MD_OUTLEN];
MBEDTLS_SSL_CHK_BUF_PTR(*p, end, COOKIE_HMAC_LEN);
if (mbedtls_md_hmac_reset(hmac_ctx) != 0 ||
mbedtls_md_hmac_update(hmac_ctx, time, 4) != 0 ||
mbedtls_md_hmac_update(hmac_ctx, cli_id, cli_id_len) != 0 ||
mbedtls_md_hmac_finish(hmac_ctx, hmac_out) != 0) {
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
memcpy(*p, hmac_out, COOKIE_HMAC_LEN);
*p += COOKIE_HMAC_LEN;
return 0;
}
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
/*
* Generate cookie for DTLS ClientHello verification
@ -189,11 +122,9 @@ int mbedtls_ssl_cookie_write(void *p_ctx,
unsigned char **p, unsigned char *end,
const unsigned char *cli_id, size_t cli_id_len)
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t sign_mac_length = 0;
#endif
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
unsigned long t;
@ -213,7 +144,6 @@ int mbedtls_ssl_cookie_write(void *p_ctx,
MBEDTLS_PUT_UINT32_BE(t, *p, 0);
*p += 4;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_mac_sign_setup(&operation, ctx->psa_hmac_key,
ctx->psa_hmac_alg);
if (status != PSA_SUCCESS) {
@ -243,31 +173,12 @@ int mbedtls_ssl_cookie_write(void *p_ctx,
*p += COOKIE_HMAC_LEN;
ret = 0;
#else
#if defined(MBEDTLS_THREADING_C)
if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret);
}
#endif
ret = ssl_cookie_hmac(&ctx->hmac_ctx, *p - 4,
p, end, cli_id, cli_id_len);
#if defined(MBEDTLS_THREADING_C)
if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR,
MBEDTLS_ERR_THREADING_MUTEX_ERROR);
}
#endif
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
exit:
status = psa_mac_abort(&operation);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return ret;
}
@ -278,13 +189,8 @@ int mbedtls_ssl_cookie_check(void *p_ctx,
const unsigned char *cookie, size_t cookie_len,
const unsigned char *cli_id, size_t cli_id_len)
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#else
unsigned char ref_hmac[COOKIE_HMAC_LEN];
unsigned char *p = ref_hmac;
#endif
int ret = 0;
mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
unsigned long cur_time, cookie_time;
@ -297,7 +203,6 @@ int mbedtls_ssl_cookie_check(void *p_ctx,
return -1;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_mac_verify_setup(&operation, ctx->psa_hmac_key,
ctx->psa_hmac_alg);
if (status != PSA_SUCCESS) {
@ -326,35 +231,6 @@ int mbedtls_ssl_cookie_check(void *p_ctx,
}
ret = 0;
#else
#if defined(MBEDTLS_THREADING_C)
if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret);
}
#endif
if (ssl_cookie_hmac(&ctx->hmac_ctx, cookie,
&p, p + sizeof(ref_hmac),
cli_id, cli_id_len) != 0) {
ret = -1;
}
#if defined(MBEDTLS_THREADING_C)
if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR,
MBEDTLS_ERR_THREADING_MUTEX_ERROR);
}
#endif
if (ret != 0) {
goto exit;
}
if (mbedtls_ct_memcmp(cookie + 4, ref_hmac, sizeof(ref_hmac)) != 0) {
ret = -1;
goto exit;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_HAVE_TIME)
cur_time = (unsigned long) mbedtls_time(NULL);
@ -370,14 +246,10 @@ int mbedtls_ssl_cookie_check(void *p_ctx,
}
exit:
#if defined(MBEDTLS_USE_PSA_CRYPTO)
status = psa_mac_abort(&operation);
if (status != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
}
#else
mbedtls_platform_zeroize(ref_hmac, sizeof(ref_hmac));
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return ret;
}
#endif /* MBEDTLS_SSL_COOKIE_C */

89
library/ssl_ticket.c
View File

@ -17,7 +17,6 @@
#include <string.h>
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/* Define a local translating function to save code size by not using too many
* arguments in each translating place. */
static int local_err_translation(psa_status_t status)
@ -27,7 +26,6 @@ static int local_err_translation(psa_status_t status)
psa_generic_status_to_mbedtls);
}
#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status)
#endif
/*
* Initialize context
@ -67,9 +65,7 @@ static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx,
unsigned char buf[MAX_KEY_BYTES] = { 0 };
mbedtls_ssl_ticket_key *key = ctx->keys + index;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
#endif
#if defined(MBEDTLS_HAVE_TIME)
key->generation_time = mbedtls_time(NULL);
@ -87,7 +83,6 @@ static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx,
return ret;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_set_key_usage_flags(&attributes,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
psa_set_key_algorithm(&attributes, key->alg);
@ -98,12 +93,6 @@ static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx,
psa_import_key(&attributes, buf,
PSA_BITS_TO_BYTES(key->key_bits),
&key->key));
#else
/* With GCM and CCM, same context can encrypt & decrypt */
ret = mbedtls_cipher_setkey(&key->ctx, buf,
mbedtls_cipher_get_key_bitlen(&key->ctx),
MBEDTLS_ENCRYPT);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_platform_zeroize(buf, sizeof(buf));
@ -124,9 +113,7 @@ static int ssl_ticket_update_keys(mbedtls_ssl_ticket_context *ctx)
mbedtls_time_t current_time = mbedtls_time(NULL);
mbedtls_time_t key_time = key->generation_time;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#endif
if (current_time >= key_time &&
(uint64_t) (current_time - key_time) < key->lifetime) {
@ -135,11 +122,9 @@ static int ssl_ticket_update_keys(mbedtls_ssl_ticket_context *ctx)
ctx->active = 1 - ctx->active;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if ((status = psa_destroy_key(ctx->keys[ctx->active].key)) != PSA_SUCCESS) {
return PSA_TO_MBEDTLS_ERR(status);
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return ssl_ticket_gen_key(ctx, ctx->active);
} else
@ -159,19 +144,14 @@ int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx,
mbedtls_ssl_ticket_key * const key = ctx->keys + idx;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const size_t bitlen = key->key_bits;
#else
const int bitlen = mbedtls_cipher_get_key_bitlen(&key->ctx);
#endif
if (nlength < TICKET_KEY_NAME_BYTES || klength * 8 < (size_t) bitlen) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if ((status = psa_destroy_key(key->key)) != PSA_SUCCESS) {
ret = PSA_TO_MBEDTLS_ERR(status);
return ret;
@ -189,12 +169,6 @@ int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx,
ret = PSA_TO_MBEDTLS_ERR(status);
return ret;
}
#else
ret = mbedtls_cipher_setkey(&key->ctx, k, bitlen, MBEDTLS_ENCRYPT);
if (ret != 0) {
return ret;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
ctx->active = idx;
ctx->ticket_lifetime = lifetime;
@ -218,14 +192,9 @@ int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t key_bits;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm_t alg;
psa_key_type_t key_type;
#else
const mbedtls_cipher_info_t *cipher_info;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if (mbedtls_ssl_cipher_to_psa(cipher, TICKET_AUTH_TAG_BYTES,
&alg, &key_type, &key_bits) != PSA_SUCCESS) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
@ -234,17 +203,6 @@ int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
if (PSA_ALG_IS_AEAD(alg) == 0) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
#else
cipher_info = mbedtls_cipher_info_from_type(cipher);
if (mbedtls_cipher_info_get_mode(cipher_info) != MBEDTLS_MODE_GCM &&
mbedtls_cipher_info_get_mode(cipher_info) != MBEDTLS_MODE_CCM &&
mbedtls_cipher_info_get_mode(cipher_info) != MBEDTLS_MODE_CHACHAPOLY) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
key_bits = mbedtls_cipher_info_get_key_bitlen(cipher_info);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if (key_bits > 8 * MAX_KEY_BYTES) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
@ -255,7 +213,6 @@ int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
ctx->ticket_lifetime = lifetime;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ctx->keys[0].alg = alg;
ctx->keys[0].key_type = key_type;
ctx->keys[0].key_bits = key_bits;
@ -263,15 +220,6 @@ int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
ctx->keys[1].alg = alg;
ctx->keys[1].key_type = key_type;
ctx->keys[1].key_bits = key_bits;
#else
if ((ret = mbedtls_cipher_setup(&ctx->keys[0].ctx, cipher_info)) != 0) {
return ret;
}
if ((ret = mbedtls_cipher_setup(&ctx->keys[1].ctx, cipher_info)) != 0) {
return ret;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if ((ret = ssl_ticket_gen_key(ctx, 0)) != 0 ||
(ret = ssl_ticket_gen_key(ctx, 1)) != 0) {
@ -311,9 +259,7 @@ int mbedtls_ssl_ticket_write(void *p_ticket,
unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES;
size_t clear_len, ciph_len;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#endif
*tlen = 0;
@ -355,7 +301,6 @@ int mbedtls_ssl_ticket_write(void *p_ticket,
MBEDTLS_PUT_UINT16_BE(clear_len, state_len_bytes, 0);
/* Encrypt and authenticate */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if ((status = psa_aead_encrypt(key->key, key->alg, iv, TICKET_IV_BYTES,
key_name, TICKET_ADD_DATA_LEN,
state, clear_len,
@ -364,17 +309,6 @@ int mbedtls_ssl_ticket_write(void *p_ticket,
ret = PSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
#else
if ((ret = mbedtls_cipher_auth_encrypt_ext(&key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
state, clear_len,
state, (size_t) (end - state), &ciph_len,
TICKET_AUTH_TAG_BYTES)) != 0) {
goto cleanup;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if (ciph_len != clear_len + TICKET_AUTH_TAG_BYTES) {
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@ -428,9 +362,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket,
unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES;
size_t enc_len, clear_len;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#endif
if (ctx == NULL || ctx->f_rng == NULL) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
@ -466,7 +398,6 @@ int mbedtls_ssl_ticket_parse(void *p_ticket,
}
/* Decrypt and authenticate */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if ((status = psa_aead_decrypt(key->key, key->alg, iv, TICKET_IV_BYTES,
key_name, TICKET_ADD_DATA_LEN,
ticket, enc_len + TICKET_AUTH_TAG_BYTES,
@ -474,21 +405,6 @@ int mbedtls_ssl_ticket_parse(void *p_ticket,
ret = PSA_TO_MBEDTLS_ERR(status);
goto cleanup;
}
#else
if ((ret = mbedtls_cipher_auth_decrypt_ext(&key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
ticket, enc_len + TICKET_AUTH_TAG_BYTES,
ticket, enc_len, &clear_len,
TICKET_AUTH_TAG_BYTES)) != 0) {
if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
ret = MBEDTLS_ERR_SSL_INVALID_MAC;
}
goto cleanup;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if (clear_len != enc_len) {
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@ -537,13 +453,8 @@ void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx)
return;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key(ctx->keys[0].key);
psa_destroy_key(ctx->keys[1].key);
#else
mbedtls_cipher_free(&ctx->keys[0].ctx);
mbedtls_cipher_free(&ctx->keys[1].ctx);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free(&ctx->mutex);