From c1051b62aaae6f6a916891a41810d55b7165105a Mon Sep 17 00:00:00 2001
From: Gabor Mezei <gabor.mezei@arm.com>
Date: Tue, 10 May 2022 13:13:58 +0200
Subject: [PATCH] Remove `MBEDTLS_SSL_SIG_ALG_SET` macro

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
---
 library/ssl_misc.h         | 13 -------------
 library/ssl_tls.c          | 35 ++++++++++++++++++++++++++++++-----
 library/ssl_tls12_server.c |  9 ++++++++-
 3 files changed, 38 insertions(+), 19 deletions(-)

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 5479815c52..9c3c2ddb82 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -248,22 +248,9 @@
 #define MBEDTLS_TLS_SIG_NONE MBEDTLS_TLS1_3_SIG_NONE
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-
 #define MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( sig, hash ) (( hash << 8 ) | sig)
 #define MBEDTLS_SSL_TLS12_SIG_ALG_FROM_SIG_AND_HASH_ALG(alg) (alg & 0xFF)
 #define MBEDTLS_SSL_TLS12_HASH_ALG_FROM_SIG_AND_HASH_ALG(alg) (alg >> 8)
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_RSA_C)
-#define MBEDTLS_SSL_SIG_ALG_SET( hash ) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA, hash ), \
-                                        MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA, hash ),
-#elif defined(MBEDTLS_ECDSA_C)
-#define MBEDTLS_SSL_SIG_ALG_SET( hash ) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA, hash ),
-#elif defined(MBEDTLS_RSA_C)
-#define MBEDTLS_SSL_SIG_ALG_SET( hash ) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA, hash ),
-#else
-#define MBEDTLS_SSL_SIG_ALG_SET( hash )
-#endif
-
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
 
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 34817d9edc..8c0ac8f8cc 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4145,14 +4145,29 @@ static uint16_t ssl_preset_default_sig_algs[] = {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
 static uint16_t ssl_tls12_preset_default_sig_algs[] = {
 #if defined(MBEDTLS_SHA512_C)
-    MBEDTLS_SSL_SIG_ALG_SET( MBEDTLS_SSL_HASH_SHA512 )
+#if defined(MBEDTLS_ECDSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512 ),
 #endif
+#if defined(MBEDTLS_RSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA512 ),
+#endif
+#endif /* MBEDTLS_SHA512_C */
 #if defined(MBEDTLS_SHA384_C)
-    MBEDTLS_SSL_SIG_ALG_SET( MBEDTLS_SSL_HASH_SHA384 )
+#if defined(MBEDTLS_ECDSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384 ),
 #endif
+#if defined(MBEDTLS_RSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384 ),
+#endif
+#endif /* MBEDTLS_SHA384_C */
 #if defined(MBEDTLS_SHA256_C)
-    MBEDTLS_SSL_SIG_ALG_SET( MBEDTLS_SSL_HASH_SHA256 )
+#if defined(MBEDTLS_ECDSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256 ),
 #endif
+#if defined(MBEDTLS_RSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256 ),
+#endif
+#endif /* MBEDTLS_SHA256_C */
     MBEDTLS_TLS_SIG_NONE
 };
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -4186,11 +4201,21 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
 static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = {
 #if defined(MBEDTLS_SHA256_C)
-    MBEDTLS_SSL_SIG_ALG_SET( MBEDTLS_SSL_HASH_SHA256 )
+#if defined(MBEDTLS_ECDSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256 ),
 #endif
+#if defined(MBEDTLS_RSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256 ),
+#endif
+#endif /* MBEDTLS_SHA256_C */
 #if defined(MBEDTLS_SHA384_C)
-    MBEDTLS_SSL_SIG_ALG_SET( MBEDTLS_SSL_HASH_SHA384 )
+#if defined(MBEDTLS_ECDSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384 ),
 #endif
+#if defined(MBEDTLS_RSA_C)
+    MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384 ),
+#endif
+#endif /* MBEDTLS_SHA256_C */
     MBEDTLS_TLS_SIG_NONE
 };
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 449b63570a..e579a866ec 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -1632,7 +1632,14 @@ read_record_header:
     {
         uint16_t *set = ssl->handshake->received_sig_algs;
         const uint16_t sig_algs[] = {
-            MBEDTLS_SSL_SIG_ALG_SET( MBEDTLS_SSL_HASH_SHA1 )
+#if defined(MBEDTLS_ECDSA_C)
+            MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_ECDSA,
+                                                MBEDTLS_SSL_HASH_SHA1 ),
+#endif
+#if defined(MBEDTLS_RSA_C)
+            MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG( MBEDTLS_SSL_SIG_RSA,
+                                                MBEDTLS_SSL_HASH_SHA1 ),
+#endif
         };
         const uint16_t invalid_sig_alg = MBEDTLS_TLS_SIG_NONE;
         size_t count = sizeof( sig_algs ) / sizeof( sig_algs[0] );