ssl_client2/ss_server2: optimize code for opaque key
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index f273f88..3b0107b 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1720,6 +1720,20 @@
psa_algorithm_t psa_alg, psa_alg2;
psa_key_usage_t usage = PSA_KEY_USAGE_SIGN_HASH;
+ if( strcmp( opt.key_opaque_alg1, DFL_KEY_OPAQUE_ALG ) == 0 )
+ {
+ if( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY )
+ {
+ opt.key_opaque_alg1 = "ecdsa-sign";
+ opt.key_opaque_alg2 = "ecdh";
+ }
+ else
+ {
+ opt.key_opaque_alg1 = "rsa-sign-pkcs1";
+ opt.key_opaque_alg2 = "none";
+ }
+ }
+
if ( strcmp( opt.key_opaque_alg1, DFL_KEY_OPAQUE_ALG ) != 0 )
{
ret = key_opaque_set_alg_usage( opt.key_opaque_alg1,
@@ -1732,19 +1746,6 @@
goto exit;
}
}
- else
- {
- if( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY )
- {
- psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
- psa_alg2 = PSA_ALG_NONE;
- }
- else
- {
- psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
- psa_alg2 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
- }
- }
if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, psa_alg,
usage, psa_alg2 ) ) != 0 )