commit 8493f80e65781d1de73bd40c5aa463b8ed0a99a4
author Ron Eldor <Ron.Eldor@arm.com> Thu Nov 01 11:32:15 2018 +0200
committer Ron Eldor <Ron.Eldor@arm.com> Thu Nov 01 11:32:15 2018 +0200
tree b3e031abf11c248ff86e59e38ce0e0eed2e0ee3f
parent 2b5be1e630dde3f2a87367ecedf2d8d7ad92715e

conditionaly compile ECDH and ECDSA alt functions

Return the condition compilation flags surrounding
`mbedtls_ecdh_compute_shared()`, `mbedtls_ecdh_gen_public()`,
`mbedtls_ecdsa_sign()` and `mbedtls_ecdsa_verify()` that were accidentally
removed in a previous merge.
Resolves #2163

library/ecdsa.c

diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015..37379bc 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -237,7 +237,6 @@
     return( ret );
 }
 
-#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
 /*
  * Compute ECDSA signature of a hashed message (SEC1 4.1.3)
  * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
@@ -369,8 +368,8 @@
 
     return( ret );
 }
-#endif /* MBEDTLS_ECDSA_SIGN_ALT */
 
+#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
 /*
  * Compute ECDSA signature of a hashed message
  */
@@ -381,6 +380,7 @@
     return( ecdsa_sign_restartable( grp, r, s, d, buf, blen,
                                     f_rng, p_rng, NULL ) );
 }
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
 
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
 /*
@@ -432,8 +432,13 @@
 
 sign:
 #endif
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+    ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
+                              mbedtls_hmac_drbg_random, p_rng );
+#else
     ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen,
                       mbedtls_hmac_drbg_random, p_rng, rs_ctx );
+#endif
 
 cleanup:
     mbedtls_hmac_drbg_free( &rng_ctx );
@@ -455,7 +460,6 @@
 }
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
 
-#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
 /*
  * Verify ECDSA signature of hashed message (SEC1 4.1.4)
  * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
@@ -564,8 +568,8 @@
 
     return( ret );
 }
-#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
 
+#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
 /*
  * Verify ECDSA signature of hashed message
  */
@@ -575,6 +579,7 @@
 {
     return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) );
 }
+#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
 
 /*
  * Convert a signature (given by context) to ASN.1
@@ -626,9 +631,14 @@
 #else
     (void) md_alg;
 
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+    MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
+                         hash, hlen, f_rng, p_rng ) );
+#else
     MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d,
                          hash, hlen, f_rng, p_rng, rs_ctx ) );
 #endif
+#endif
 
     MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
 
@@ -712,10 +722,15 @@
         ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
         goto cleanup;
     }
-
+#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+    if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
+                                      &ctx->Q, &r, &s ) ) != 0 )
+        goto cleanup;
+#else
     if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen,
                               &ctx->Q, &r, &s, rs_ctx ) ) != 0 )
         goto cleanup;
+#endif
 
     /* At this point we know that the buffer starts with a valid signature.
      * Return 0 if the buffer just contains the signature, and a specific