From 77a904c761b05cfd0104dcd8c136548db1cd393d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 24 Mar 2023 07:28:49 +0100 Subject: [PATCH] ssl: remove useless guard Signed-off-by: Valerio Setti --- include/mbedtls/ssl.h | 6 +----- library/ssl_misc.h | 11 ++--------- library/ssl_tls12_client.c | 6 ++---- library/ssl_tls12_server.c | 6 ++---- 4 files changed, 7 insertions(+), 22 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index e011b1ae3..7d526a7ab 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -40,11 +40,7 @@ #include "mbedtls/dhm.h" #endif -/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due - * to guards in TLS code. There is a gap in functionality that access to - * ecdh_ctx structure is needed for MBEDTLS_ECDSA_C which does not seem correct. - */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) #include "mbedtls/ecdh.h" #endif diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 0e3d3af32..14a3c7ef0 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -751,16 +751,9 @@ struct mbedtls_ssl_handshake_params { mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ #endif -/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due - * to guards in client and server code. There is a gap in functionality that - * access to ecdh_ctx structure is needed for MBEDTLS_ECDSA_C which does not - * seem correct. - */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_PK_CAN_ECDSA_SOME) -#if !defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ -#endif /* !MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C && !MBEDTLS_USE_PSA_CRYPTO */ #if defined(PSA_WANT_ALG_ECDH) && \ (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 890e9a906..a6551c6e2 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -831,11 +831,9 @@ static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl, while (list_size > 0) { if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || p[0] == MBEDTLS_ECP_PF_COMPRESSED) { -#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ - (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) && (defined(MBEDTLS_ECDH_C)) ssl->handshake->ecdh_ctx.point_format = p[0]; -#endif /* !MBEDTLS_USE_PSA_CRYPTO && - ( MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ) */ +#endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_ECDH_C */ #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) mbedtls_ecjpake_set_point_format(&ssl->handshake->ecjpake_ctx, diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 0fc4a5c6f..656c40d5b 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -266,11 +266,9 @@ static int ssl_parse_supported_point_formats(mbedtls_ssl_context *ssl, while (list_size > 0) { if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || p[0] == MBEDTLS_ECP_PF_COMPRESSED) { -#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ - (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C) ssl->handshake->ecdh_ctx.point_format = p[0]; -#endif /* !MBEDTLS_USE_PSA_CRYPTO && - ( MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ) */ +#endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_ECDH_C */ #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) mbedtls_ecjpake_set_point_format(&ssl->handshake->ecjpake_ctx,