Add function to convert sig_alg to psa alg and use it

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

library/ssl_tls13_generic.c

@@ -927,19 +927,10 @@ int mbedtls_ssl_tls13_check_sig_alg_cert_key_match( uint16_t sig_alg,
     return( 0 );
 }
 
-MBEDTLS_CHECK_RETURN_CRITICAL
+static psa_algorithm_t ssl_tls13_select_sig_alg_to_psa_alg( uint16_t sig_alg )
-static int ssl_tls13_select_sig_alg_for_certificate_verify(
-                                          mbedtls_ssl_context *ssl,
-                                          mbedtls_pk_context *own_key,
-                                          uint16_t *algorithm )
 {
-    uint16_t *sig_alg = ssl->handshake->received_sig_algs;
     psa_algorithm_t psa_alg = 0;
-
+    switch( sig_alg )
-    *algorithm = MBEDTLS_TLS1_3_SIG_NONE;
-    for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; sig_alg++ )
-    {
-        switch( *sig_alg )
     {
         case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
             psa_alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
@@ -967,6 +958,22 @@ static int ssl_tls13_select_sig_alg_for_certificate_verify(
         default:
             break;
     }
+    return( psa_alg );
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_tls13_select_sig_alg_for_certificate_verify(
+                                          mbedtls_ssl_context *ssl,
+                                          mbedtls_pk_context *own_key,
+                                          uint16_t *algorithm )
+{
+    uint16_t *sig_alg = ssl->handshake->received_sig_algs;
+    psa_algorithm_t psa_alg = 0;
+
+    *algorithm = MBEDTLS_TLS1_3_SIG_NONE;
+    for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; sig_alg++ )
+    {
+        psa_alg = ssl_tls13_select_sig_alg_to_psa_alg( *sig_alg );
 
         if( mbedtls_ssl_sig_alg_is_offered( ssl, *sig_alg ) &&
             mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported( *sig_alg ) &&