Simplify PSA fallback logic in ssl_ticket.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2025-05-09 19:31:18 +08:00 · 2022-11-07 14:41:13 +00:00 · 2022-11-07 14:41:13 +00:00 · bcc18f2bec
commit bcc18f2bec
parent 9fc2f959b3
1 changed files with 14 additions and 8 deletions
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@ -148,16 +148,22 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,

    int do_mbedtls_cipher_setup = 1;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    do_mbedtls_cipher_setup = 0;
-
    ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
                                    cipher_info, TICKET_AUTH_TAG_BYTES );
-    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-        return( ret );
+
+    switch( ret )
+    {
+        case 0:
+            do_mbedtls_cipher_setup = 0;
+            break;
+        case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
            /* We don't yet expect to support all ciphers through PSA,
             * so allow fallback to ordinary mbedtls_cipher_setup(). */
-    if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
            do_mbedtls_cipher_setup = 1;
+            break;
+        default:
+            return( ret );
+    }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
    if( do_mbedtls_cipher_setup )
        if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) )