Remove MBEDTLS_ECDSA_VERIFY_ALT
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index a260761..f8197e4 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -186,7 +186,6 @@
#if defined(MBEDTLS_ECP_RESTARTABLE) && \
( defined(MBEDTLS_ECDSA_SIGN_ALT) || \
- defined(MBEDTLS_ECDSA_VERIFY_ALT) || \
defined(MBEDTLS_ECDSA_GENKEY_ALT) )
#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation"
#endif
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index a675f31..dd047e9 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -350,7 +350,6 @@
*/
//#define MBEDTLS_TIMING_ALT
-//#define MBEDTLS_ECDSA_VERIFY_ALT
//#define MBEDTLS_ECDSA_SIGN_ALT
//#define MBEDTLS_ECDSA_GENKEY_ALT
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h
index 2ecf349..557f02b 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h
@@ -375,7 +375,6 @@
const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
const mbedtls_mpi *s);
-#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
/**
* \brief This function verifies the ECDSA signature of a
* previously-hashed message, in a restartable manner
@@ -418,8 +417,6 @@
const mbedtls_mpi *s,
mbedtls_ecdsa_restart_ctx *rs_ctx);
-#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */
-
/**
* \brief This function computes the ECDSA signature and writes it
* to a buffer, serialized as defined in <em>RFC-4492:
diff --git a/tf-psa-crypto/drivers/builtin/src/ecdsa.c b/tf-psa-crypto/drivers/builtin/src/ecdsa.c
index 2f7a996..da4c9e8 100644
--- a/tf-psa-crypto/drivers/builtin/src/ecdsa.c
+++ b/tf-psa-crypto/drivers/builtin/src/ecdsa.c
@@ -194,8 +194,7 @@
#endif /* MBEDTLS_ECP_RESTARTABLE */
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \
- !defined(MBEDTLS_ECDSA_SIGN_ALT) || \
- !defined(MBEDTLS_ECDSA_VERIFY_ALT)
+ !defined(MBEDTLS_ECDSA_SIGN_ALT)
/*
* Derive a suitable integer for group grp from a buffer of length len
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
@@ -220,7 +219,7 @@
cleanup:
return ret;
}
-#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */
+#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT */
int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid)
{
@@ -480,7 +479,6 @@
}
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
/*
* Verify ECDSA signature of hashed message (SEC1 4.1.4)
* Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
@@ -601,7 +599,6 @@
{
return mbedtls_ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL);
}
-#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */
/*
* Convert a signature (given by context) to ASN.1
@@ -741,19 +738,11 @@
ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
-#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
- (void) rs_ctx;
- if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen,
- &ctx->Q, &r, &s)) != 0) {
- goto cleanup;
- }
-#else
if ((ret = mbedtls_ecdsa_verify_restartable(&ctx->grp, hash, hlen,
&ctx->Q, &r, &s, rs_ctx)) != 0) {
goto cleanup;
}
-#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
/* At this point we know that the buffer starts with a valid signature.
* Return 0 if the buffer just contains the signature, and a specific