mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-18 05:42:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tls: remove useless legacy function

Browse Source 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti 2023-01-04 16:08:04 +01:00
parent 73260b6e65
commit 40d9ca907b
4 changed files with 25 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
library/ssl_misc.h
View File

@ -1619,26 +1619,10 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id )
* *
* \param tls_id The TLS ID to look for * \param tls_id The TLS ID to look for
* \return A pointer to a const string with the proper name. If TLS * \return A pointer to a const string with the proper name. If TLS
* ID is not suppoted, a NULL pointer is returned insted. * ID is not suppoted, a NULL pointer is returned instead.
*/ */
const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ); const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id );
/* This function transforms an ECC group identifier from
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
* into a PSA ECC group identifier. */
#if defined(MBEDTLS_ECP_C)
static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
uint16_t tls_ecc_grp_reg_id, size_t *bits )
{
mbedtls_ecp_group_id grp_id =
mbedtls_ssl_get_ecp_group_id_from_tls_id( tls_ecc_grp_reg_id );
if( grp_id == MBEDTLS_ECP_DP_NONE )
return( 0 );
return( PSA_KEY_TYPE_ECC_KEY_PAIR(
mbedtls_ecc_group_to_psa( grp_id, bits ) ) );
}
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_DTLS_SRTP) #if defined(MBEDTLS_SSL_DTLS_SRTP)
static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
( const uint16_t srtp_profile_value ) ( const uint16_t srtp_profile_value )

12
library/ssl_tls12_client.c
View File

@ -1800,9 +1800,10 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
unsigned char *end ) unsigned char *end )
{ {
uint16_t tls_id; uint16_t tls_id;
size_t ecdh_bits = 0;
uint8_t ecpoint_len; uint8_t ecpoint_len;
mbedtls_ssl_handshake_params *handshake = ssl->handshake; mbedtls_ssl_handshake_params *handshake = ssl->handshake;
psa_ecc_family_t ec_psa_family = 0;
size_t ec_bits = 0;
/* /*
* struct { * struct {
@ -1836,13 +1837,14 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
} }
/* Convert EC group to PSA key type. */ /* Convert EC's TLS ID to PSA key type. */
if( ( handshake->ecdh_psa_type = if( mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id, &ec_psa_family,
mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) &ec_bits ) == PSA_ERROR_NOT_SUPPORTED )
{ {
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
} }
handshake->ecdh_bits = ecdh_bits; handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family );
handshake->ecdh_bits = ec_bits;
/* Keep a copy of the peer's public key */ /* Keep a copy of the peer's public key */
ecpoint_len = *(*p)++; ecpoint_len = *(*p)++;

14
library/ssl_tls12_server.c
View File

@ -3019,24 +3019,24 @@ curve_matching_done:
psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t key_attributes; psa_key_attributes_t key_attributes;
mbedtls_ssl_handshake_params *handshake = ssl->handshake; mbedtls_ssl_handshake_params *handshake = ssl->handshake;
size_t ecdh_bits = 0;
uint8_t *p = ssl->out_msg + ssl->out_msglen; uint8_t *p = ssl->out_msg + ssl->out_msglen;
const size_t header_size = 4; // curve_type(1), namedcurve(2), const size_t header_size = 4; // curve_type(1), namedcurve(2),
// data length(1) // data length(1)
const size_t data_length_size = 1; const size_t data_length_size = 1;
psa_ecc_family_t ec_psa_family = 0;
size_t ec_bits = 0;
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) );
/* Convert EC group to PSA key type. */ /* Convert EC's TLS ID to PSA key type. */
handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group( if( mbedtls_ssl_get_psa_curve_info_from_tls_id( *curr_tls_id,
*curr_tls_id, &ecdh_bits ); &ec_psa_family, &ec_bits ) == PSA_ERROR_NOT_SUPPORTED )
if( handshake->ecdh_psa_type == 0 )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Invalid ecc group parse." ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "Invalid ecc group parse." ) );
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
} }
handshake->ecdh_bits = ecdh_bits; handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family );
handshake->ecdh_bits = ec_bits;
key_attributes = psa_key_attributes_init(); key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );

17
library/ssl_tls13_generic.c
View File

@ -1518,16 +1518,19 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
psa_key_attributes_t key_attributes; psa_key_attributes_t key_attributes;
size_t own_pubkey_len; size_t own_pubkey_len;
mbedtls_ssl_handshake_params *handshake = ssl->handshake; mbedtls_ssl_handshake_params *handshake = ssl->handshake;
size_t ecdh_bits = 0; psa_ecc_family_t ec_psa_family = 0;
size_t ec_bits = 0;
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) );
/* Convert EC group to PSA key type. */ /* Convert EC's TLS ID to PSA key type. */
if( ( handshake->ecdh_psa_type = if( mbedtls_ssl_get_psa_curve_info_from_tls_id( named_group,
mbedtls_psa_parse_tls_ecc_group( named_group, &ecdh_bits ) ) == 0 ) &ec_psa_family, &ec_bits ) == PSA_ERROR_NOT_SUPPORTED )
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); {
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
ssl->handshake->ecdh_bits = ecdh_bits; }
handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family );
ssl->handshake->ecdh_bits = ec_bits;
key_attributes = psa_key_attributes_init(); key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );