commit 044a32c4c6ae20ec62e552e266605e9faca20f80
author Neil Armstrong <narmstrong@baylibre.com> Tue May 03 10:35:56 2022 +0200
committer Neil Armstrong <narmstrong@baylibre.com> Wed May 04 11:08:41 2022 +0200
tree 2f183a06eb3bfed8209b1ed9613b1796743eb49d
parent cd05f0b9e5e656af26e2d54477ef2b4f766f5174

Remove mbedtls_ssl_get_psk() and it's usage when MBEDTLS_USE_PSA_CRYPTO is selected

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index ba8be94..dd8ebeb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5533,17 +5533,19 @@
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
 int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex )
 {
+#if !defined(MBEDTLS_USE_PSA_CRYPTO) ||                 \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
     unsigned char *p = ssl->handshake->premaster;
     unsigned char *end = p + sizeof( ssl->handshake->premaster );
+#else
+    (void)ssl;
+    (void)key_ex;
+#endif /* !MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
     const unsigned char *psk = NULL;
     size_t psk_len = 0;
     int psk_ret = mbedtls_ssl_get_psk( ssl, &psk, &psk_len );
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO) &&                 \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-    (void) key_ex;
-#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-
     if( psk_ret == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
     {
         /*
@@ -5600,6 +5602,7 @@
     }
     else
 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#endif /* !MBEDTLS_USE_PSA_CRYPTO */
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
     if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
     {
@@ -5618,14 +5621,6 @@
         p += 2 + len;
 
         MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K  );
-
-        /* For opaque PSK fill premaster with the the shared secret without PSK. */
-        if( psk_ret == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1,
-                ( "skip PMS generation for opaque DHE-PSK" ) );
-            return( 0 );
-        }
     }
     else
 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
@@ -5657,6 +5652,7 @@
         return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
     }
 
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
     /* opaque psk<0..2^16-1>; */
     if( end - p < 2 )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -5671,6 +5667,7 @@
     p += psk_len;
 
     ssl->handshake->pmslen = p - ssl->handshake->premaster;
+#endif /* !MBEDTLS_USE_PSA_CRYPTO */
 
     return( 0 );
 }