diff --git a/library/ecdh.c b/library/ecdh.c index b1d7c2a3b3..b72bd1fe08 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -31,7 +31,6 @@ #include "mbedtls/ecdh.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#include "ssl_misc.h" #include "ecdh_misc.h" @@ -691,55 +690,6 @@ static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx, return mbedtls_mpi_write_binary( &ctx->z, buf, *olen ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - -static int ecdh_read_tls13_public_internal( mbedtls_ecdh_context_mbed *ctx, - const unsigned char *buf, - size_t blen ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const unsigned char *p = buf; - - if( ( ret = mbedtls_ecp_tls13_read_point( &ctx->grp, &ctx->Qp, &p, - blen ) ) != 0 ) - return( ret ); - - if( (size_t)( p - buf ) != blen ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - - return( 0 ); -} - -/* - * Parse and import the client's TLS 1.3 public value - */ -int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, size_t blen ) -{ - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); - -#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_read_tls13_public_internal( ctx, buf, blen ) ); -#else - switch( ctx->var ) - { -#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_read_public( &ctx->ctx.everest_ecdh, - buf, blen ) ); -#endif - case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_read_tls13_public_internal( &ctx->ctx.mbed_ecdh, - buf, blen ) ); - default: - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - } -#endif -} - -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - /* * Derive and export the shared secret */ diff --git a/library/ecp.c b/library/ecp.c index a49cc457bc..0212069c83 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -79,7 +79,6 @@ #include "bn_mul.h" #include "ecp_invasive.h" -#include "ssl_misc.h" #include @@ -1052,39 +1051,6 @@ cleanup: return( ret ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - -int mbedtls_ecp_tls13_read_point( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char **buf, size_t buf_len ) -{ - unsigned char data_len; - const unsigned char *buf_start; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( *buf != NULL ); - - if( buf_len < 3 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - - data_len = ( *( *buf ) << 8 ) | *( *buf+1 ); - *buf += 2; - - if( data_len < 1 || data_len > buf_len - 2 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - - /* - * Save buffer start for read_binary and update buf - */ - buf_start = *buf; - *buf += data_len; - - return( mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ) ); -} - -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - /* * Fast mod-p functions expect their argument to be in the 0..p^2 range. * diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 44bfcb0062..8c5a32d67a 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1539,24 +1539,6 @@ void mbedtls_ssl_tls13_add_hs_msg_to_checksum( mbedtls_ssl_context *ssl, unsigned char const *msg, size_t msg_len ); -#if defined(MBEDTLS_ECDH_C) -/* - * TLS 1.3 version of mbedtls_ecdh_read_public in ecdh.h - */ -int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, - size_t blen ); -#endif /* MBEDTLS_ECDH_C */ - -#if defined(MBEDTLS_ECP_C) -/* - * TLS 1.3 version of mbedtls_ecp_tls_read_point in ecp.h - */ -int mbedtls_ecp_tls13_read_point( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char **buf, size_t len ); -#endif /* MBEDTLS_ECP_C */ - #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * Write TLS 1.3 Signature Algorithm extension