Remove ECDH code specific to TLS 1.3

ECDH operations in TLS 1.3 are now done through PSA. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-07-28 00:21:48 +03:00 · 2022-04-05 16:25:33 +02:00
parent 9d0a3e8296
commit fd8cbda3ec
4 changed files with 0 additions and 197 deletions
--- a/library/ecdh.c
+++ b/library/ecdh.c
@ -32,8 +32,6 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"

-#include "ecdh_misc.h"
-
 #include <string.h>

 /* Parameter validation macros based on platform_util.h */
@ -727,140 +725,4 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
    }
 #endif
 }
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-
-static int ecdh_tls13_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
-                                            size_t *out_len, int point_format,
-                                            unsigned char *buf, size_t buf_len,
-                int ( *f_rng )( void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ctx->grp.pbits == 0 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q,
-                                         f_rng, p_rng ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_ecp_point_write_binary( &ctx->grp, &ctx->Q, point_format,
-                                          out_len, buf, buf_len );
-    if( ret != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *out_len,
-                            unsigned char *buf, size_t buf_len,
-                            int ( *f_rng )( void *, unsigned char *, size_t ),
-                            void *p_rng )
-{
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( out_len != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-    ECDH_VALIDATE_RET( f_rng != NULL );
-
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( ctx-> restart_enabled )
-        return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-#endif
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_tls13_make_params_internal( ctx, out_len, ctx->point_format,
-                                             buf, buf_len, f_rng, p_rng ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_tls13_make_params_internal( &ctx->ctx.mbed_ecdh,
-                                               out_len, ctx->point_format,
-                                               buf, buf_len, f_rng, p_rng ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif
-}
-
-/*
- * Setup context without Everest
- */
-int mbedtls_ecdh_setup_no_everest( mbedtls_ecdh_context *ctx,
-                                   mbedtls_ecp_group_id grp_id )
-{
-    ECDH_VALIDATE_RET( ctx != NULL );
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_setup_internal( ctx, grp_id ) );
-#else
-    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
-    ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0;
-    ctx->grp_id = grp_id;
-    ecdh_init_internal( &ctx->ctx.mbed_ecdh );
-    return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) );
-#endif
-}
-
-static int ecdh_tls13_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
-                                            const unsigned char *buf,
-                                            size_t buf_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const unsigned char *p = buf;
-    size_t data_len;
-
-    if( buf_len < 3 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    data_len = MBEDTLS_GET_UINT16_BE( p, 0 );
-    p += 2;
-
-    if( data_len < 1 || data_len != ( buf_len - 2 ) )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    if( ( ret = mbedtls_ecp_point_read_binary( &ctx->grp,
-                                               &ctx->Qp, p, data_len ) ) != 0)
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * Parse and import the client's TLS 1.3 public value
- */
-int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx,
-                                    const unsigned char *buf,
-                                    size_t buf_len )
-{
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_tls13_read_public_internal( ctx, buf, buf_len ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_tls13_read_public_internal( &ctx->ctx.mbed_ecdh,
-                                                     buf, buf_len ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif
-}
-
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
-
 #endif /* MBEDTLS_ECDH_C */