tls: Use the same function in TLS 1.2 and 1.3 to check PSK conf
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 8a1834f..ae60256 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1366,7 +1366,8 @@
int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl,
mbedtls_key_exchange_type_t key_ex );
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
-#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
+
+#if defined(MBEDTLS_SSL_CLI_C)
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf );
#endif
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a3586e7..b62e2ac 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1600,15 +1600,20 @@
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-
-MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_conf_psk_is_configured( mbedtls_ssl_config const *conf )
+int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
{
+ if( conf->psk_identity == NULL ||
+ conf->psk_identity_len == 0 )
+ {
+ return( 0 );
+ }
+
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( !mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
+ if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
return( 1 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
- if( conf->psk != NULL )
+
+ if( conf->psk != NULL && conf->psk_len != 0 )
return( 1 );
return( 0 );
@@ -1678,7 +1683,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* We currently only support one PSK, raw or opaque. */
- if( ssl_conf_psk_is_configured( conf ) )
+ if( mbedtls_ssl_conf_has_static_psk( conf ) )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
/* Check and set raw PSK */
@@ -1796,7 +1801,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* We currently only support one PSK, raw or opaque. */
- if( ssl_conf_psk_is_configured( conf ) )
+ if( mbedtls_ssl_conf_has_static_psk( conf ) )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
/* Check and set opaque PSK */
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 7b62e71..72c77bb 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -49,27 +49,6 @@
#include "hash_info.h"
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
-{
- if( conf->psk_identity == NULL ||
- conf->psk_identity_len == 0 )
- {
- return( 0 );
- }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
- return( 1 );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
- if( conf->psk != NULL && conf->psk_len != 0 )
- return( 1 );
-
- return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
#if defined(MBEDTLS_SSL_RENEGOTIATION)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 8510d8f..4aba59f 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -728,11 +728,6 @@
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-static int ssl_tls13_has_configured_psk( const mbedtls_ssl_config *conf )
-{
- return( conf->psk != NULL && conf->psk_identity != NULL );
-}
-
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_psk_get_identity( mbedtls_ssl_context *ssl,
psa_algorithm_t *hash_alg,
@@ -740,7 +735,7 @@
size_t *identity_len )
{
- if( !ssl_tls13_has_configured_psk( ssl->conf ) )
+ if( !mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
return( -1 );
*hash_alg = PSA_ALG_SHA_256;
@@ -756,7 +751,7 @@
size_t *psk_len )
{
- if( !ssl_tls13_has_configured_psk( ssl->conf ) )
+ if( !mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
return( -1 );
*hash_alg = PSA_ALG_SHA_256;
@@ -775,7 +770,7 @@
configured_psk_count++;
}
#endif
- if( ssl_tls13_has_configured_psk( ssl->conf ) )
+ if( mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK is configured" ) );
configured_psk_count++;
@@ -1094,7 +1089,7 @@
}
else
#endif
- if( ssl_tls13_has_configured_psk( ssl->conf ) )
+ if( mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
{
ret = ssl_tls13_psk_get_psk( ssl, &hash_alg, &psk, &psk_len );
}