TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 837130cf656d48b0ad73a36de716b1dc5d4e646a^! / .
commit837130cf656d48b0ad73a36de716b1dc5d4e646a[log] [tgz]
authorBen Taylor <ben.taylor@linaro.org>Tue Feb 04 07:40:59 2025 +0000
committerBen Taylor <ben.taylor@linaro.org>Tue Feb 04 07:50:19 2025 +0000
tree51eaaf149c45cd4ba2ea5bd922dbbb2c142f8ff2
parentd0498803a131c2822d4984873ead6e6b14d4ecd4 [diff]
Improve Changelog and correct alg selection

Improve the description of the API changes in the changelog and
fix some incorrect alg selection variables in ssl_server2.c.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>

diff --git a/ChangeLog.d/9874.txt b/ChangeLog.d/9874.txt
index efcaa3a..8f264ec 100644
--- a/ChangeLog.d/9874.txt
+++ b/ChangeLog.d/9874.txt

@@ -1,2 +1,5 @@
 API changes
-   * Convert the mbedtl_ssl_ticket_setup function to use the TF_PSA_Crypto API.
+   * Align the mbedtls_ssl_ticket_setup() function with the PSA Crypto API.
+     Instead of taking a mbedtls_cipher_type_t as an argument, this function now takes 3
+     new arguments: a PSA algorithm, key type and key size, to specify the AEAD for ticket
+     protection.

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index b1c1359..d9e5701 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c

@@ -1476,7 +1476,7 @@
 
 static int parse_cipher(char *buf)
 {
-    int rc = 0;
+    int ret = 0;
     if (strcmp(buf, "AES-128-CCM")) {
         opt.ticket_alg = PSA_ALG_CCM;
         opt.ticket_key_type = PSA_KEY_TYPE_AES;
@@ -1490,13 +1490,13 @@
         opt.ticket_key_type = PSA_KEY_TYPE_AES;
         opt.ticket_key_bits = 192;
     } else if (strcmp(buf, "AES-192-GCM")) {
-        opt.ticket_alg = PSA_ALG_CCM;
+        opt.ticket_alg = PSA_ALG_GCM;
         opt.ticket_key_type = PSA_KEY_TYPE_AES;
         opt.ticket_key_bits = 192;
     } else if (strcmp(buf, "AES-256-CCM")) {
         opt.ticket_alg = PSA_ALG_CCM;
         opt.ticket_key_type = PSA_KEY_TYPE_AES;
-        opt.ticket_key_bits = 128;
+        opt.ticket_key_bits = 256;
     } else if (strcmp(buf, "ARIA-128-CCM")) {
         opt.ticket_alg = PSA_ALG_CCM;
         opt.ticket_key_type = PSA_KEY_TYPE_ARIA;
@@ -1510,7 +1510,7 @@
         opt.ticket_key_type = PSA_KEY_TYPE_ARIA;
         opt.ticket_key_bits = 192;
     } else if (strcmp(buf, "ARIA-192-GCM")) {
-        opt.ticket_alg = PSA_ALG_CCM;
+        opt.ticket_alg = PSA_ALG_GCM;
         opt.ticket_key_type = PSA_KEY_TYPE_ARIA;
         opt.ticket_key_bits = 192;
     } else if (strcmp(buf, "ARIA-256-CCM")) {
@@ -1538,9 +1538,9 @@
         opt.ticket_key_type = PSA_KEY_TYPE_CHACHA20;
         opt.ticket_key_bits = 256;
     } else {
-        rc = -1;
+        ret = -1;
     }
-    return rc;
+    return ret;
 }
 
 int main(int argc, char *argv[])