Move FFDH helper functions and macros to more suitable locations
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index b7c3256..c4616dc 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -92,20 +92,6 @@
/** Setting the modulus and generator failed. */
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
-/* Finite Field Groups (DHE) */
-#define MBEDTLS_DHM_GROUP_FFDHE2048 0x0100
-#define MBEDTLS_DHM_GROUP_FFDHE3072 0x0101
-#define MBEDTLS_DHM_GROUP_FFDHE4096 0x0102
-#define MBEDTLS_DHM_GROUP_FFDHE6144 0x0103
-#define MBEDTLS_DHM_GROUP_FFDHE8192 0x0104
-
-/* Finite Field Group Names (DHE) */
-#define MBEDTLS_DHM_GROUP_NAME_FFDHE2048 "ffdhe2048"
-#define MBEDTLS_DHM_GROUP_NAME_FFDHE3072 "ffdhe3072"
-#define MBEDTLS_DHM_GROUP_NAME_FFDHE4096 "ffdhe4096"
-#define MBEDTLS_DHM_GROUP_NAME_FFDHE6144 "ffdhe6144"
-#define MBEDTLS_DHM_GROUP_NAME_FFDHE8192 "ffdhe8192"
-
/** Which parameter to access in mbedtls_dhm_get_value(). */
typedef enum {
MBEDTLS_DHM_PARAM_P, /*!< The prime modulus. */
@@ -392,55 +378,6 @@
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */
-static inline uint16_t mbedtls_ssl_ffdh_group_from_name(const char *name)
-{
- if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE2048) == 0) {
- return MBEDTLS_DHM_GROUP_FFDHE2048;
- } else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE3072) == 0) {
- return MBEDTLS_DHM_GROUP_FFDHE3072;
- } else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE4096) == 0) {
- return MBEDTLS_DHM_GROUP_FFDHE4096;
- } else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE6144) == 0) {
- return MBEDTLS_DHM_GROUP_FFDHE6144;
- } else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE8192) == 0) {
- return MBEDTLS_DHM_GROUP_FFDHE8192;
- }
- return 0;
-}
-
-static inline const char *mbedtls_ssl_ffdh_name_from_group(uint16_t group)
-{
- switch (group) {
- case MBEDTLS_DHM_GROUP_FFDHE2048:
- return MBEDTLS_DHM_GROUP_NAME_FFDHE2048;
- case MBEDTLS_DHM_GROUP_FFDHE3072:
- return MBEDTLS_DHM_GROUP_NAME_FFDHE3072;
- case MBEDTLS_DHM_GROUP_FFDHE4096:
- return MBEDTLS_DHM_GROUP_NAME_FFDHE4096;
- case MBEDTLS_DHM_GROUP_FFDHE6144:
- return MBEDTLS_DHM_GROUP_NAME_FFDHE6144;
- case MBEDTLS_DHM_GROUP_FFDHE8192:
- return MBEDTLS_DHM_GROUP_NAME_FFDHE8192;
- default:
- return NULL;
- }
- return NULL;
-}
-
-static inline uint16_t *mbedtls_ssl_ffdh_supported_groups(void)
-{
- static uint16_t ffdh_groups[] = {
- MBEDTLS_DHM_GROUP_FFDHE2048,
- MBEDTLS_DHM_GROUP_FFDHE3072,
- MBEDTLS_DHM_GROUP_FFDHE4096,
- MBEDTLS_DHM_GROUP_FFDHE6144,
- MBEDTLS_DHM_GROUP_FFDHE8192,
- 0
- };
-
- return ffdh_groups;
-}
-
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index e67acdf..5e894c5 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -280,30 +280,6 @@
#define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \
PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS)
-static inline psa_key_type_t mbedtls_psa_parse_tls_ffdh_group(
- uint16_t tls_ecc_grp_reg_id, size_t *bits)
-{
- switch (tls_ecc_grp_reg_id) {
- case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:
- *bits = 2048;
- return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
- case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:
- *bits = 3072;
- return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
- case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:
- *bits = 4096;
- return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
- case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:
- *bits = 6144;
- return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
- case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:
- *bits = 8192;
- return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
- default:
- return 0;
- }
-}
-
/* Expose whatever RNG the PSA subsystem uses to applications using the
* mbedtls_xxx API. The declarations and definitions here need to be
* consistent with the implementation in library/psa_crypto_random_impl.h.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 4b73b41..b10a563 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -221,6 +221,12 @@
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096 0x0102
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144 0x0103
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192 0x0104
+/* Finite Field Group Names (DHE) */
+#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE2048 "ffdhe2048"
+#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE3072 "ffdhe3072"
+#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE4096 "ffdhe4096"
+#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE6144 "ffdhe6144"
+#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE8192 "ffdhe8192"
/*
* TLS 1.3 Key Exchange Modes
@@ -5333,4 +5339,23 @@
}
#endif
+static inline const char *mbedtls_ssl_ffdh_name_from_group(uint16_t group)
+{
+ switch (group) {
+ case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:
+ return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE2048;
+ case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:
+ return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE3072;
+ case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:
+ return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE4096;
+ case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:
+ return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE6144;
+ case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:
+ return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE8192;
+ default:
+ return NULL;
+ }
+ return NULL;
+}
+
#endif /* ssl.h */