Merge pull request #10190 from valeriosetti/prerequisites-for-ecp-restartable

[development] Some prerequisites for PR #10187
2025-09-24 05:00:45 -04:00 · 2025-05-26 15:15:23 +00:00 · 2025-05-26 15:15:23 +00:00 · 36f424e240
commit 36f424e240
parent 127c78e589 4a2e7b9ed8
4 changed files with 4 additions and 92 deletions
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@ -51,11 +51,6 @@
 #endif /* MBEDTLS_X509_REMOVE_INFO */
 #endif /* MBEDTLS_X509_CRT_PARSE_C */

-#if defined(MBEDTLS_ECDH_C)
-#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)               \
-    mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
-#endif
-
 #else /* MBEDTLS_DEBUG_C */

 #define MBEDTLS_SSL_DEBUG_MSG(level, args)            do { } while (0)
@ -64,7 +59,6 @@
 #define MBEDTLS_SSL_DEBUG_MPI(level, text, X)         do { } while (0)
 #define MBEDTLS_SSL_DEBUG_ECP(level, text, X)         do { } while (0)
 #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)       do { } while (0)
-#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)     do { } while (0)

 #endif /* MBEDTLS_DEBUG_C */

--- a/library/debug.c
+++ b/library/debug.c
@ -230,9 +230,9 @@ static void mbedtls_debug_print_ec_coord(const mbedtls_ssl_context *ssl, int lev
    }
 }

-void mbedtls_debug_print_psa_ec(const mbedtls_ssl_context *ssl, int level,
-                                const char *file, int line,
-                                const char *text, const mbedtls_pk_context *pk)
+static void mbedtls_debug_print_psa_ec(const mbedtls_ssl_context *ssl, int level,
+                                       const char *file, int line,
+                                       const char *text, const mbedtls_pk_context *pk)
 {
    char str[DEBUG_BUF_SIZE];
    const uint8_t *coord_start;
@ -412,54 +412,4 @@ void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
 }
 #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */

-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \
-    defined(MBEDTLS_ECDH_C)
-static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl,
-                                               int level, const char *file,
-                                               int line,
-                                               const mbedtls_ecdh_context *ecdh,
-                                               mbedtls_debug_ecdh_attr attr)
-{
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    const mbedtls_ecdh_context *ctx = ecdh;
-#else
-    const mbedtls_ecdh_context_mbed *ctx = &ecdh->ctx.mbed_ecdh;
-#endif
-
-    switch (attr) {
-        case MBEDTLS_DEBUG_ECDH_Q:
-            mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Q",
-                                    &ctx->Q);
-            break;
-        case MBEDTLS_DEBUG_ECDH_QP:
-            mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Qp",
-                                    &ctx->Qp);
-            break;
-        case MBEDTLS_DEBUG_ECDH_Z:
-            mbedtls_debug_print_mpi(ssl, level, file, line, "ECDH: z",
-                                    &ctx->z);
-            break;
-        default:
-            break;
-    }
-}
-
-void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
-                               const char *file, int line,
-                               const mbedtls_ecdh_context *ecdh,
-                               mbedtls_debug_ecdh_attr attr)
-{
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, attr);
-#else
-    switch (ecdh->var) {
-        default:
-            mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh,
-                                               attr);
-    }
-#endif
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED &&
-          MBEDTLS_ECDH_C */
-
 #endif /* MBEDTLS_DEBUG_C */
--- a/library/debug_internal.h
+++ b/library/debug_internal.h
@ -136,37 +136,4 @@ void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
                             const char *text, const mbedtls_x509_crt *crt);
 #endif

-/* Note: the MBEDTLS_ECDH_C guard here is mandatory because this debug function
-         only works for the built-in implementation. */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \
-    defined(MBEDTLS_ECDH_C)
-typedef enum {
-    MBEDTLS_DEBUG_ECDH_Q,
-    MBEDTLS_DEBUG_ECDH_QP,
-    MBEDTLS_DEBUG_ECDH_Z,
-} mbedtls_debug_ecdh_attr;
-
-/**
- * \brief   Print a field of the ECDH structure in the SSL context to the debug
- *          output. This function is always used through the
- *          MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file
- *          and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the error has occurred in
- * \param line      line number the error has occurred in
- * \param ecdh      the ECDH context
- * \param attr      the identifier of the attribute being output
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
-                               const char *file, int line,
-                               const mbedtls_ecdh_context *ecdh,
-                               mbedtls_debug_ecdh_attr attr);
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED &&
-          MBEDTLS_ECDH_C */
-
 #endif /* MBEDTLS_DEBUG_INTERNAL_H */
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@ -679,6 +679,7 @@ void x509_verify_restart(char *crt_file, char *ca_file,
    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
    TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0);

+    psa_interruptible_set_max_ops(max_ops);
    mbedtls_ecp_set_max_ops(max_ops);

    cnt_restart = 0;