ssl: replace PSA_ALG_ECDSA with MBEDTLS_PK_ALG_ECDSA When the key is parsed from PK it is assigned the pseudo-alg MBEDTLS_PK_ALG_ECDSA. Trying to run "mbedtls_pk_can_do_psa" with an hardcoded deterministc/randomized ECDSA can make the function to fail if the proper variant is not the one also used by PK. This commit fixes this problem. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

commit: 7b2d72aaf078810436be7617817e87cadc36ce87 [log] [tgz]
author: Valerio Setti <valerio.setti@nordicsemi.no> Mon Sep 08 13:36:08 2025 +0200
committer: Valerio Setti <valerio.setti@nordicsemi.no> Tue Sep 16 16:12:07 2025 +0200
tree: dae8c8015fd61f26ffe382825f756e2d363a377d
parent: 0009b042ac876e05092643125fec0189d6d66e1f [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index c6a119f..37e4259 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -8148,7 +8148,7 @@
 
                 if (sig_alg_received == MBEDTLS_SSL_SIG_ECDSA &&
                     !mbedtls_pk_can_do_psa(ssl->handshake->key_cert->key,
-                                           PSA_ALG_ECDSA(psa_hash_alg),
+                                           MBEDTLS_PK_ALG_ECDSA(psa_hash_alg),
                                            PSA_KEY_USAGE_SIGN_HASH)) {
                     continue;
                 }
commit	7b2d72aaf078810436be7617817e87cadc36ce87	[log] [tgz]
author	Valerio Setti <valerio.setti@nordicsemi.no>	Mon Sep 08 13:36:08 2025 +0200
committer	Valerio Setti <valerio.setti@nordicsemi.no>	Tue Sep 16 16:12:07 2025 +0200
tree	dae8c8015fd61f26ffe382825f756e2d363a377d
parent	0009b042ac876e05092643125fec0189d6d66e1f [diff] [blame]