Remove mbedtls_psa_tls_ecpoint_to_psa_ec()

Same reasons as for the previous commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2025-03-28 08:37:25 +00:00 · 2022-01-18 12:30:40 +01:00 · 2022-01-18 12:30:40 +01:00 · 4a0ac1f160
commit 4a0ac1f160
parent 58d2383ef4
2 changed files with 6 additions and 31 deletions
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@ -277,25 +277,6 @@ static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
 }
 #endif /* MBEDTLS_ECP_C */

-/* This function takes a buffer holding an ECPoint structure
- * (as contained in a TLS ServerKeyExchange message for ECDHE
- * exchanges) and converts it into a format that the PSA key
- * agreement API understands.
- */
-static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src,
-                                                     size_t srclen,
-                                                     unsigned char *dst,
-                                                     size_t dstlen,
-                                                     size_t *olen )
-{
-    if( srclen > dstlen )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    memcpy( dst, src, srclen );
-    *olen = srclen;
-    return( 0 );
-}
-
 /* Translations for PK layer */

 static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -2398,24 +2398,18 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl,
        return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
    handshake->ecdh_bits = (uint16_t) ecdh_bits;

-    /*
-     * Put peer's ECDH public key in the format understood by PSA.
-     */
-
+    /* Keep a copy of the peer's public key */
    ecpoint_len = *(*p)++;
    if( (size_t)( end - *p ) < ecpoint_len )
        return( MBEDTLS_ERR_SSL_DECODE_ERROR );

-    if( mbedtls_psa_tls_ecpoint_to_psa_ec(
-                                    *p, ecpoint_len,
-                                    handshake->ecdh_psa_peerkey,
-                                    sizeof( handshake->ecdh_psa_peerkey ),
-                                    &handshake->ecdh_psa_peerkey_len ) != 0 )
-    {
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
+    if( ecpoint_len > sizeof( handshake->ecdh_psa_peerkey ) )
+        return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );

+    memcpy( handshake->ecdh_psa_peerkey, *p, ecpoint_len );
+    handshake->ecdh_psa_peerkey_len = ecpoint_len;
    *p += ecpoint_len;
+
    return( 0 );
 }
 #endif /* MBEDTLS_USE_PSA_CRYPTO &&