ssl_write_encrypt_then_mac_ext(): adapt to psa crypto
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f189e1d..2512c47 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2035,7 +2035,13 @@
{
unsigned char *p = buf;
const mbedtls_ssl_ciphersuite_t *suite = NULL;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_key_type_t key_type;
+ psa_algorithm_t alg;
+ size_t key_bits;
+#else
const mbedtls_cipher_info_t *cipher = NULL;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED )
{
@@ -2051,8 +2057,13 @@
*/
if( ( suite = mbedtls_ssl_ciphersuite_from_id(
ssl->session_negotiate->ciphersuite ) ) == NULL ||
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ ( mbedtls_ssl_cipher_to_psa( suite->cipher, 0, &alg, &key_type, &key_bits ) != PSA_SUCCESS) ||
+ alg != PSA_ALG_CBC_NO_PADDING )
+#else
( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL ||
cipher->mode != MBEDTLS_MODE_CBC )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
*olen = 0;
return;