Use actual function instead of static inline
Large static inline functions used from several translation units in the
library are bad for code size as we end up with multiple copies. Use the
actual function instead. There's already a comment that says so.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 937463d..48780d8 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -672,7 +672,7 @@
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite);
if (ciphersuite_info != NULL) {
- return mbedtls_psa_translate_md(ciphersuite_info->mac);
+ return mbedtls_md_psa_alg_from_type(ciphersuite_info->mac);
}
return PSA_ALG_NONE;
@@ -1126,7 +1126,7 @@
return ret;
}
- if (mbedtls_psa_translate_md(ssl->handshake->ciphersuite_info->mac)
+ if (mbedtls_md_psa_alg_from_type(ssl->handshake->ciphersuite_info->mac)
!= hash_alg) {
MBEDTLS_SSL_DEBUG_MSG(
1, ("Invalid ciphersuite for external psk."));
@@ -2844,7 +2844,7 @@
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
- psa_hash_alg = mbedtls_psa_translate_md(ciphersuite_info->mac);
+ psa_hash_alg = mbedtls_md_psa_alg_from_type(ciphersuite_info->mac);
hash_length = PSA_HASH_LENGTH(psa_hash_alg);
if (hash_length == -1 ||
(size_t) hash_length > sizeof(session->resumption_key)) {
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 74dbe48..533865d 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1766,7 +1766,7 @@
}
ret = mbedtls_ssl_tls13_derive_resumption_master_secret(
- mbedtls_psa_translate_md(md_type),
+ mbedtls_md_psa_alg_from_type(md_type),
handshake->tls13_master_secrets.app,
transcript, transcript_len,
&ssl->session_negotiate->app_secrets);
@@ -1781,7 +1781,7 @@
MBEDTLS_SSL_DEBUG_BUF(
4, "Resumption master secret",
ssl->session_negotiate->app_secrets.resumption_master_secret,
- PSA_HASH_LENGTH(mbedtls_psa_translate_md(md_type)));
+ PSA_HASH_LENGTH(mbedtls_md_psa_alg_from_type(md_type)));
MBEDTLS_SSL_DEBUG_MSG(
2, ("<= mbedtls_ssl_tls13_compute_resumption_master_secret"));
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 8403151..60ffd26 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -406,7 +406,7 @@
/* MAC of selected ciphersuite MUST be same with PSK binder if exist.
* Otherwise, client should reject.
*/
- if (psk_hash_alg == mbedtls_psa_translate_md(ciphersuite_info->mac)) {
+ if (psk_hash_alg == mbedtls_md_psa_alg_from_type(ciphersuite_info->mac)) {
*selected_ciphersuite = cipher_suite;
*selected_ciphersuite_info = ciphersuite_info;
return 0;
@@ -612,7 +612,7 @@
ret = ssl_tls13_offered_psks_check_binder_match(
ssl, binder, binder_len, psk_type,
- mbedtls_psa_translate_md(ciphersuite_info->mac));
+ mbedtls_md_psa_alg_from_type(ciphersuite_info->mac));
if (ret != SSL_TLS1_3_OFFERED_PSK_MATCH) {
/* For security reasons, the handshake should be aborted when we
* fail to validate a binder value. See RFC 8446 section 4.2.11.2
@@ -2783,7 +2783,7 @@
ciphersuite_info =
(mbedtls_ssl_ciphersuite_t *) ssl->handshake->ciphersuite_info;
- psa_hash_alg = mbedtls_psa_translate_md(ciphersuite_info->mac);
+ psa_hash_alg = mbedtls_md_psa_alg_from_type(ciphersuite_info->mac);
hash_length = PSA_HASH_LENGTH(psa_hash_alg);
if (hash_length == -1 ||
(size_t) hash_length > sizeof(session->resumption_key)) {