add mbedtls_ecdh_setup_no_everest

Setup ecdh without everest for TLS1.3

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-09-15 11:10:15 +08:00
parent bdc71888fc
commit dd1fb9e37e
3 changed files with 31 additions and 2 deletions

View file

@ -787,6 +787,25 @@ int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
#endif #endif
} }
/*
* Setup context without everst
*/
int mbedtls_ecdh_setup_no_everest( mbedtls_ecdh_context *ctx,
mbedtls_ecp_group_id grp_id )
{
ECDH_VALIDATE_RET( ctx != NULL );
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
return( ecdh_setup_internal( ctx, grp_id ) );
#else
ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0;
ctx->grp_id = grp_id;
ecdh_init_internal( &ctx->ctx.mbed_ecdh );
return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) );
#endif
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_ECDH_C */ #endif /* MBEDTLS_ECDH_C */

View file

@ -22,10 +22,19 @@
#if !defined(MBEDTLS_ECDH_MISC_H) #if !defined(MBEDTLS_ECDH_MISC_H)
#define MBEDTLS_ECDH_MISC_H #define MBEDTLS_ECDH_MISC_H
#include "mbedtls/ecdh.h"
#include "mbedtls/ecp.h"
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
/*
* Setup context without everst
*/
int mbedtls_ecdh_setup_no_everest( mbedtls_ecdh_context *ctx,
mbedtls_ecp_group_id grp_id );
/* /*
* TLS 1.3 version of mbedtls_ecdh_make_params in ecdh.h * TLS 1.3 version of mbedtls_ecdh_make_params in ecdh.h
*/ */
@ -34,6 +43,7 @@ int mbedtls_ecdh_tls13_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
int ( *f_rng )( void *, unsigned char *, size_t ), int ( *f_rng )( void *, unsigned char *, size_t ),
void *p_rng ); void *p_rng );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_ECDH_C */ #endif /* MBEDTLS_ECDH_C */

View file

@ -272,8 +272,8 @@ static int ssl_tls13_generate_and_write_ecdh_key_exchange(
MBEDTLS_SSL_DEBUG_MSG( 3, ( "offer curve %s", curve_info->name ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "offer curve %s", curve_info->name ) );
if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, if( ( ret = mbedtls_ecdh_setup_no_everest( &ssl->handshake->ecdh_ctx,
curve_info->grp_id ) ) != 0 ) curve_info->grp_id ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret );
return( ret ); return( ret );