Fix build flags for opaque/raw psk checks
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 294ed48..441aa0f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5001,8 +5001,13 @@
return( 0 );
}
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && \
- defined(MBEDTLS_USE_PSA_CRYPTO)
+
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) )
static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
{
if( ssl->conf->f_psk != NULL )
@@ -5021,7 +5026,10 @@
return( 0 );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO &&
- MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+ ( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ) */
/*
* Compute master secret if needed
@@ -5093,10 +5101,11 @@
}
#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
- ( defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) )
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) )
if( ( handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index f6a21cb..d286764 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -73,7 +73,9 @@
return( 0 );
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ) || \
+ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) )
static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf )
{
if( conf->psk_identity == NULL ||
@@ -87,7 +89,9 @@
return( 0 );
}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ ( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ) */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 5fa5643..e9a505a 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -171,7 +171,10 @@
return( 0 );
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ) || \
+ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) )
static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
{
if( ssl->conf->f_psk != NULL )
@@ -190,7 +193,10 @@
return( 0 );
}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ ( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,