Replace MBEDTLS_PK_HAVE_ECC_KEYS with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 5b683bf..ade1c27 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1576,10 +1576,10 @@
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id);
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id);
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
/**
* \brief Return PSA EC info for the specified TLS ID.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bd2f591..0399548 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4765,14 +4765,14 @@
return;
}
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ssl->handshake->group_list_heap_allocated) {
mbedtls_free((void *) handshake->group_list);
}
handshake->group_list = NULL;
#endif /* MBEDTLS_DEPRECATED_REMOVED */
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -6217,7 +6217,7 @@
return -1;
}
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
/*
* Same as mbedtls_ssl_check_curve_tls_id() but with a mbedtls_ecp_group_id.
*/
@@ -6231,7 +6231,7 @@
return mbedtls_ssl_check_curve_tls_id(ssl, tls_id);
}
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
static const struct {
uint16_t tls_id;
@@ -8030,7 +8030,7 @@
* Secondary checks: always done, but change 'ret' only if it was 0
*/
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
{
const mbedtls_pk_context *pk = &chain->pk;
@@ -8057,7 +8057,7 @@
}
}
}
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
if (mbedtls_ssl_check_cert_usage(chain,
ciphersuite_info,
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 2fd56fb..5060ca3 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -92,7 +92,7 @@
MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) |
MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
0xFFFFFFF, /* Any PK alg */
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
/* Curves at or above 128-bit security level. Note that this selection
* should be aligned with ssl_preset_default_curves in ssl_tls.c. */
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) |
@@ -102,9 +102,9 @@
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP384R1) |
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP512R1) |
0,
-#else /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#else /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
0,
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
2048,
};
@@ -143,13 +143,13 @@
/* Only ECDSA */
MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECDSA) |
MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECKEY),
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
/* Only NIST P-256 and P-384 */
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) |
MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1),
-#else /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#else /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
0,
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
0,
};
@@ -219,7 +219,7 @@
}
#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
if (pk_alg == MBEDTLS_PK_ECDSA ||
pk_alg == MBEDTLS_PK_ECKEY ||
pk_alg == MBEDTLS_PK_ECKEY_DH) {
@@ -235,7 +235,7 @@
return -1;
}
-#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
return -1;
}