USE_PSA_CRYPTO: don't rely on the curve encoding

Adapt to the change of encoding of elliptic curve key types in PSA crypto. Before, an EC key type encoded the TLS curve identifier. Now the EC key type only includes an ad hoc curve family identifier, and determining the exact curve requires both the key type and size. This commit moves from the old encoding and old definitions from crypto/include/mbedtls/psa_util.h to the new encoding and definitions from the immediately preceding crypto submodule update.
2026-05-09 03:04:24 +02:00 · 2019-12-19 13:31:53 +01:00
parent 81d3100250
commit 42459805ce
2 changed files with 11 additions and 9 deletions
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -319,7 +319,8 @@ struct mbedtls_ssl_handshake_params
    mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */

 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_ecc_curve_t ecdh_psa_curve;
+    psa_key_type_t ecdh_psa_type;
+    uint16_t ecdh_bits;
    psa_key_handle_t ecdh_psa_privkey;
    unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
    size_t ecdh_psa_peerkey_len;