tls: remove useless legacy function
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index acb38cf..b9fd53e 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1619,26 +1619,10 @@
*
* \param tls_id The TLS ID to look for
* \return A pointer to a const string with the proper name. If TLS
- * ID is not suppoted, a NULL pointer is returned insted.
+ * ID is not suppoted, a NULL pointer is returned instead.
*/
const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id );
-/* This function transforms an ECC group identifier from
- * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
- * into a PSA ECC group identifier. */
-#if defined(MBEDTLS_ECP_C)
-static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
- uint16_t tls_ecc_grp_reg_id, size_t *bits )
-{
- mbedtls_ecp_group_id grp_id =
- mbedtls_ssl_get_ecp_group_id_from_tls_id( tls_ecc_grp_reg_id );
- if( grp_id == MBEDTLS_ECP_DP_NONE )
- return( 0 );
- return( PSA_KEY_TYPE_ECC_KEY_PAIR(
- mbedtls_ecc_group_to_psa( grp_id, bits ) ) );
-}
-#endif /* MBEDTLS_ECP_C */
-
#if defined(MBEDTLS_SSL_DTLS_SRTP)
static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
( const uint16_t srtp_profile_value )
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 7c54820..58f0a37 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -1800,9 +1800,10 @@
unsigned char *end )
{
uint16_t tls_id;
- size_t ecdh_bits = 0;
uint8_t ecpoint_len;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+ psa_ecc_family_t ec_psa_family = 0;
+ size_t ec_bits = 0;
/*
* struct {
@@ -1836,13 +1837,14 @@
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
- /* Convert EC group to PSA key type. */
- if( ( handshake->ecdh_psa_type =
- mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 )
+ /* Convert EC's TLS ID to PSA key type. */
+ if( mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id, &ec_psa_family,
+ &ec_bits ) == PSA_ERROR_NOT_SUPPORTED )
{
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
- handshake->ecdh_bits = ecdh_bits;
+ handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family );
+ handshake->ecdh_bits = ec_bits;
/* Keep a copy of the peer's public key */
ecpoint_len = *(*p)++;
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index a90617f..fb053c6 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -3019,24 +3019,24 @@
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t key_attributes;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
- size_t ecdh_bits = 0;
uint8_t *p = ssl->out_msg + ssl->out_msglen;
const size_t header_size = 4; // curve_type(1), namedcurve(2),
// data length(1)
const size_t data_length_size = 1;
+ psa_ecc_family_t ec_psa_family = 0;
+ size_t ec_bits = 0;
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) );
- /* Convert EC group to PSA key type. */
- handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group(
- *curr_tls_id, &ecdh_bits );
-
- if( handshake->ecdh_psa_type == 0 )
+ /* Convert EC's TLS ID to PSA key type. */
+ if( mbedtls_ssl_get_psa_curve_info_from_tls_id( *curr_tls_id,
+ &ec_psa_family, &ec_bits ) == PSA_ERROR_NOT_SUPPORTED )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Invalid ecc group parse." ) );
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
}
- handshake->ecdh_bits = ecdh_bits;
+ handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family );
+ handshake->ecdh_bits = ec_bits;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 761c00e..7a85063 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1518,16 +1518,19 @@
psa_key_attributes_t key_attributes;
size_t own_pubkey_len;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
- size_t ecdh_bits = 0;
+ psa_ecc_family_t ec_psa_family = 0;
+ size_t ec_bits = 0;
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) );
- /* Convert EC group to PSA key type. */
- if( ( handshake->ecdh_psa_type =
- mbedtls_psa_parse_tls_ecc_group( named_group, &ecdh_bits ) ) == 0 )
- return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
-
- ssl->handshake->ecdh_bits = ecdh_bits;
+ /* Convert EC's TLS ID to PSA key type. */
+ if( mbedtls_ssl_get_psa_curve_info_from_tls_id( named_group,
+ &ec_psa_family, &ec_bits ) == PSA_ERROR_NOT_SUPPORTED )
+ {
+ return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
+ }
+ handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family );
+ ssl->handshake->ecdh_bits = ec_bits;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );