ssl_misc: fix guards for PSA data used in XXDH key exchanges

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-07 16:00:20 +02:00 · 2023-07-07 16:00:20 +02:00 · 3d237b5ff1
commit 3d237b5ff1
parent 0a0d0d5527
6 changed files with 23 additions and 23 deletions
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -837,7 +837,7 @@ static int ssl_tls13_parse_supported_groups_ext(mbedtls_ssl_context *ssl,

 #define SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH 1

-#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED)
 /*
 *  ssl_tls13_parse_key_shares_ext() verifies whether the information in the
 *  extension is correct and stores the first acceptable key share and its
@ -940,7 +940,7 @@ static int ssl_tls13_parse_key_shares_ext(mbedtls_ssl_context *ssl,
    }
    return 0;
 }
-#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED */

 MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_client_hello_has_exts(mbedtls_ssl_context *ssl,
@ -1563,7 +1563,7 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
                break;
 #endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH*/

-#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED)
            case MBEDTLS_TLS_EXT_KEY_SHARE:
                MBEDTLS_SSL_DEBUG_MSG(3, ("found key share extension"));

@ -1588,7 +1588,7 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
                }

                break;
-#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED */

            case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS:
                /* Already parsed */
@ -1913,7 +1913,7 @@ static int ssl_tls13_generate_and_write_key_share(mbedtls_ssl_context *ssl,

    *out_len = 0;

-#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED)
    if (mbedtls_ssl_tls13_named_group_is_ecdhe(named_group) ||
        mbedtls_ssl_tls13_named_group_is_ffdh(named_group)) {
        ret = mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange(
@ -1925,7 +1925,7 @@ static int ssl_tls13_generate_and_write_key_share(mbedtls_ssl_context *ssl,
            return ret;
        }
    } else
-#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED */
    if (0 /* Other kinds of KEMs */) {
    } else {
        ((void) ssl);