tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED

Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard code specific to the TLS 1.3 ephemeral key exchange mode. Use it also for the dependencies of TLS 1.3 only tests relying on ephemeral key exchange mode, but for tests in tls13-kex-modes.sh where the change is done later using all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-04 16:14:26 +02:00 · 2022-10-04 16:14:26 +02:00 · 928cbd34e7
commit 928cbd34e7
parent d8d2ea5674
10 changed files with 950 additions and 852 deletions
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@ -83,7 +83,7 @@ cleanup:
    return( ret );
 }

-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
 /*
 * STATE HANDLING: Read CertificateVerify
 */
@ -285,12 +285,12 @@ error:
    return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );

 }
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */

 int mbedtls_ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
 {

-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    unsigned char verify_buffer[SSL_VERIFY_STRUCT_MAX_SIZE];
    size_t verify_buffer_len;
@ -348,7 +348,7 @@ cleanup:
    ((void) ssl);
    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
 }

 /*
@ -757,7 +757,7 @@ cleanup:
    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
    return( ret );
 }
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
 /*
 *  enum {
 *        X509(0),
@ -1078,7 +1078,7 @@ cleanup:
    return( ret );
 }

-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */

 /*
 *