Switch handshake->ecdh_bits to size_t and remove now useless cast & limit checks
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index e13b3d9..00f3989 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -630,7 +630,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
psa_key_type_t ecdh_psa_type;
- uint16_t ecdh_bits;
+ size_t ecdh_bits;
mbedtls_svc_key_id_t ecdh_psa_privkey;
uint8_t ecdh_psa_shared_key;
unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 7b609e9..a8ce5c9 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -2352,9 +2352,7 @@
{
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
- if( ecdh_bits > 0xffff )
- return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
- handshake->ecdh_bits = (uint16_t) ecdh_bits;
+ handshake->ecdh_bits = ecdh_bits;
/* Keep a copy of the peer's public key */
ecpoint_len = *(*p)++;
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index e0b5aab..f3e9d14 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -2913,10 +2913,7 @@
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
- if( ecdh_bits > 0xffff )
- return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
-
- ssl->handshake->ecdh_bits = (uint16_t) ecdh_bits;
+ ssl->handshake->ecdh_bits = ecdh_bits;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
@@ -3186,12 +3183,12 @@
handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group(
(*curve)->tls_id, &ecdh_bits );
- if( handshake->ecdh_psa_type == 0 || ecdh_bits > 0xffff )
+ if( handshake->ecdh_psa_type == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Invalid ecc group parse." ) );
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
}
- handshake->ecdh_bits = (uint16_t) ecdh_bits;
+ handshake->ecdh_bits = ecdh_bits;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 9f22e1d..c0094c0 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -288,9 +288,7 @@
mbedtls_psa_parse_tls_ecc_group( named_group, &ecdh_bits ) ) == 0 )
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
- if( ecdh_bits > 0xffff )
- return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
- ssl->handshake->ecdh_bits = (uint16_t) ecdh_bits;
+ ssl->handshake->ecdh_bits = ecdh_bits;
key_attributes = psa_key_attributes_init();
psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );