Merge pull request #10333 from valeriosetti/issue10266

gilles-peskine-arm · web-flow · commit d66898e9a72b · 2025-09-16T16:41:59.000Z
[development] Migrate from mbedtls_pk_can_do_ext to mbedtls_pk_can_do_psa (2/2)
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
@@ -924,7 +924,7 @@ psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_cip
                 mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac));
 
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac));
+            return MBEDTLS_PK_ALG_ECDSA(mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac));
 
         default:
             return PSA_ALG_NONE;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
@@ -8147,14 +8147,14 @@ unsigned int mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg(
                     mbedtls_md_psa_alg_from_type(md_alg);
 
                 if (sig_alg_received == MBEDTLS_SSL_SIG_ECDSA &&
-                    !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key,
-                                           PSA_ALG_ECDSA(psa_hash_alg),
+                    !mbedtls_pk_can_do_psa(ssl->handshake->key_cert->key,
+                                           MBEDTLS_PK_ALG_ECDSA(psa_hash_alg),
                                            PSA_KEY_USAGE_SIGN_HASH)) {
                     continue;
                 }
 
                 if (sig_alg_received == MBEDTLS_SSL_SIG_RSA &&
-                    !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key,
+                    !mbedtls_pk_can_do_psa(ssl->handshake->key_cert->key,
                                            PSA_ALG_RSA_PKCS1V15_SIGN(
                                                psa_hash_alg),
                                            PSA_KEY_USAGE_SIGN_HASH)) {
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
@@ -693,11 +693,12 @@ static int ssl_pick_cert(mbedtls_ssl_context *ssl,
         int key_type_matches = 0;
 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
         key_type_matches = ((ssl->conf->f_async_sign_start != NULL ||
-                             mbedtls_pk_can_do_ext(cur->key, pk_alg, pk_usage)) &&
-                            mbedtls_pk_can_do_ext(&cur->cert->pk, pk_alg, pk_usage));
+                             mbedtls_pk_can_do_psa(cur->key, pk_alg, pk_usage)) &&
+                            mbedtls_pk_can_do_psa(&cur->cert->pk, pk_alg,
+                                                  PSA_KEY_USAGE_VERIFY_HASH));
 #else
         key_type_matches = (
-            mbedtls_pk_can_do_ext(cur->key, pk_alg, pk_usage));
+            mbedtls_pk_can_do_psa(cur->key, pk_alg, pk_usage));
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
         if (!key_type_matches) {
             MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: key type"));
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
@@ -1076,11 +1076,11 @@ static psa_algorithm_t ssl_tls13_iana_sig_alg_to_psa_alg(uint16_t sig_alg)
 {
     switch (sig_alg) {
         case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
-            return PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+            return MBEDTLS_PK_ALG_ECDSA(PSA_ALG_SHA_256);
         case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384:
-            return PSA_ALG_ECDSA(PSA_ALG_SHA_384);
+            return MBEDTLS_PK_ALG_ECDSA(PSA_ALG_SHA_384);
         case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512:
-            return PSA_ALG_ECDSA(PSA_ALG_SHA_512);
+            return MBEDTLS_PK_ALG_ECDSA(PSA_ALG_SHA_512);
         case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
             return PSA_ALG_RSA_PSS(PSA_ALG_SHA_256);
         case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
@@ -1160,8 +1160,8 @@ static int ssl_tls13_pick_key_cert(mbedtls_ssl_context *ssl)
             if (mbedtls_ssl_tls13_check_sig_alg_cert_key_match(
                     *sig_alg, &key_cert->cert->pk)
                 && psa_alg != PSA_ALG_NONE &&
-                mbedtls_pk_can_do_ext(&key_cert->cert->pk, psa_alg,
-                                      PSA_KEY_USAGE_SIGN_HASH) == 1
+                mbedtls_pk_can_do_psa(&key_cert->cert->pk, psa_alg,
+                                      PSA_KEY_USAGE_VERIFY_HASH) == 1
                 ) {
                 ssl->handshake->key_cert = key_cert;
                 MBEDTLS_SSL_DEBUG_MSG(3,
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
@@ -242,7 +242,7 @@ int key_opaque_set_alg_usage(const char *alg1, const char *alg2,
                 *psa_algs[i] = PSA_ALG_RSA_PSS(PSA_ALG_SHA_512);
                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
             } else if (strcmp(algs[i], "ecdsa-sign") == 0) {
-                *psa_algs[i] = PSA_ALG_ECDSA(PSA_ALG_ANY_HASH);
+                *psa_algs[i] = MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH);
                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
             } else if (strcmp(algs[i], "ecdh") == 0) {
                 *psa_algs[i] = PSA_ALG_ECDH;
@@ -253,7 +253,7 @@ int key_opaque_set_alg_usage(const char *alg1, const char *alg2,
         }
     } else {
         if (key_type == MBEDTLS_PK_ECKEY) {
-            *psa_alg1 = PSA_ALG_ECDSA(PSA_ALG_ANY_HASH);
+            *psa_alg1 = MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH);
             *psa_alg2 = PSA_ALG_ECDH;
             *usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
         } else if (key_type == MBEDTLS_PK_RSA) {
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
@@ -457,11 +457,11 @@ handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA
 
 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH
 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
+handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
 
 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256
 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
+handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":MBEDTLS_PK_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
 
 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg
 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
