mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-10 06:40:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pk: change guard for mbedtls_pk_can_do_ext() to CRYPTO_CLIENT

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-03-01 07:29:15 +01:00
parent 8f77d888d4
commit fbb1eef5b2
2 changed files with 3 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/mbedtls/pk.h
View File

@ -454,7 +454,7 @@ static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
*/
int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
#if defined(MBEDTLS_PSA_CRYPTO_C)
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
/**
* \brief Tell if context can do the operation given by PSA algorithm
*
@ -484,7 +484,7 @@ int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
*/
int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg,
psa_key_usage_t usage);
#endif /* MBEDTLS_PSA_CRYPTO_C */
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
#if defined(MBEDTLS_PSA_CRYPTO_C)
/**

9
library/pk.c
View File

@ -322,14 +322,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg,
}
psa_algorithm_t key_alg = psa_get_key_algorithm(&attributes);
/* Key's enrollment is available only when MBEDTLS_PSA_CRYPTO_CLIENT is
* defined, i.e. when the Mbed TLS implementation of PSA Crypto is being used.
* Even though we don't officially support using other implementations of PSA
* Crypto with TLS and X.509 (yet), we're still trying to simplify the life of
* people who would like to try it before it's officially supported. */
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
psa_algorithm_t key_alg2 = psa_get_key_enrollment_algorithm(&attributes);
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
key_usage = psa_get_key_usage_flags(&attributes);
psa_reset_key_attributes(&attributes);
@ -347,11 +340,9 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg,
if (alg == key_alg) {
return 1;
}
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
if (alg == key_alg2) {
return 1;
}
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
/*
* If key_alg [or key_alg2] is a hash-and-sign with a wildcard for the hash,