Remove mbedtls_ssl_get_psk() and it's usage when MBEDTLS_USE_PSA_CRYPTO is selected
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong
parent
cd05f0b9e5
commit
044a32c4c6
@ -1313,6 +1313,26 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl,
|
||||
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
/**
|
||||
* Get the first defined opaque PSK by order of precedence:
|
||||
* 1. handshake PSK set by \c mbedtls_ssl_set_hs_psk_opaque() in the PSK
|
||||
* callback
|
||||
* 2. static PSK configured by \c mbedtls_ssl_conf_psk_opaque()
|
||||
* Return an opaque PSK
|
||||
*/
|
||||
static inline mbedtls_svc_key_id_t mbedtls_ssl_get_opaque_psk(
|
||||
const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
|
||||
return( ssl->handshake->psk_opaque );
|
||||
|
||||
if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
|
||||
return( ssl->conf->psk_opaque );
|
||||
|
||||
return( MBEDTLS_SVC_KEY_ID_INIT );
|
||||
}
|
||||
#else
|
||||
/**
|
||||
* Get the first defined PSK by order of precedence:
|
||||
* 1. handshake PSK set by \c mbedtls_ssl_set_hs_psk() in the PSK callback
|
||||
@ -1322,12 +1342,6 @@ int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf );
|
||||
static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl,
|
||||
const unsigned char **psk, size_t *psk_len )
|
||||
{
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
(void) ssl;
|
||||
*psk = NULL;
|
||||
*psk_len = 0;
|
||||
return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
#else
|
||||
if( ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0 )
|
||||
{
|
||||
*psk = ssl->handshake->psk;
|
||||
@ -1348,29 +1362,7 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl,
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
/**
|
||||
* Get the first defined opaque PSK by order of precedence:
|
||||
* 1. handshake PSK set by \c mbedtls_ssl_set_hs_psk_opaque() in the PSK
|
||||
* callback
|
||||
* 2. static PSK configured by \c mbedtls_ssl_conf_psk_opaque()
|
||||
* Return an opaque PSK
|
||||
*/
|
||||
static inline mbedtls_svc_key_id_t mbedtls_ssl_get_opaque_psk(
|
||||
const mbedtls_ssl_context *ssl )
|
||||
{
|
||||
if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
|
||||
return( ssl->handshake->psk_opaque );
|
||||
|
||||
if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
|
||||
return( ssl->conf->psk_opaque );
|
||||
|
||||
return( MBEDTLS_SVC_KEY_ID_INIT );
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
||||
@ -5533,17 +5533,19 @@ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl,
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex )
|
||||
{
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
unsigned char *p = ssl->handshake->premaster;
|
||||
unsigned char *end = p + sizeof( ssl->handshake->premaster );
|
||||
#else
|
||||
(void)ssl;
|
||||
(void)key_ex;
|
||||
#endif /* !MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
const unsigned char *psk = NULL;
|
||||
size_t psk_len = 0;
|
||||
int psk_ret = mbedtls_ssl_get_psk( ssl, &psk, &psk_len );
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
||||
(void) key_ex;
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||
|
||||
if( psk_ret == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
|
||||
{
|
||||
/*
|
||||
@ -5600,6 +5602,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
||||
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
|
||||
{
|
||||
@ -5618,14 +5621,6 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
||||
p += 2 + len;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
|
||||
|
||||
/* For opaque PSK fill premaster with the the shared secret without PSK. */
|
||||
if( psk_ret == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "skip PMS generation for opaque DHE-PSK" ) );
|
||||
return( 0 );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
@ -5657,6 +5652,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
/* opaque psk<0..2^16-1>; */
|
||||
if( end - p < 2 )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
@ -5671,6 +5667,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
||||
p += psk_len;
|
||||
|
||||
ssl->handshake->pmslen = p - ssl->handshake->premaster;
|
||||
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user