From 2c87a200a3e45be6643fa0679c7efaf8b11ae0bc Mon Sep 17 00:00:00 2001 From: Przemyslaw Stekiel Date: Mon, 31 Jan 2022 10:59:30 +0100 Subject: [PATCH] ssl_write_encrypt_then_mac_ext(): adapt to psa crypto Signed-off-by: Przemyslaw Stekiel --- library/ssl_srv.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index f189e1d60..2512c47e7 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2035,7 +2035,13 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, { unsigned char *p = buf; const mbedtls_ssl_ciphersuite_t *suite = NULL; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_type_t key_type; + psa_algorithm_t alg; + size_t key_bits; +#else const mbedtls_cipher_info_t *cipher = NULL; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ) { @@ -2051,8 +2057,13 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, */ if( ( suite = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) == NULL || +#if defined(MBEDTLS_USE_PSA_CRYPTO) + ( mbedtls_ssl_cipher_to_psa( suite->cipher, 0, &alg, &key_type, &key_bits ) != PSA_SUCCESS) || + alg != PSA_ALG_CBC_NO_PADDING ) +#else ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL || cipher->mode != MBEDTLS_MODE_CBC ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ { *olen = 0; return;