Static ECDH is of interest to us as developers because it's a generic
scalar multiplication (as opposed to using the standard base point) and
it's useful to have that handy.
For reference the other operations of interest to developers are:
- multiplication of the conventional base point: ECDSA signing is almost
exactly that (just a few field ops on top, notably 1 inversion);
- linear combination: ECDSA verification is almost exactly that too.
Including ephemeral as well, because it's hopefully what's of interest
to most users.
Compared to the previous version, include only one side of the
operations. I don't think including both sides is of interest to anyone.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
We have two blocks of code to benchmark ECDH. One uses the legacy context
structure, which is only enabled when MBEDTLS_ECP_RESTARTABLE is enabled.
That block doesn't convey any information that's specific to restartable
ECC, it exists only for historical reasons (it came first). The other block
uses only the implementation-agnostic API.
Remove the block that uses the legacy context. It doesn't provide much
extra information and most users won't even see it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Apply Gilles suggestion to fix the problem with make on the CI when everest is enabled, i.e. use $(THIRDPARTY_DIR) instead of a fuzz specific hack involving $(THIRDPARTY_INCLUDES)
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Move the flags and find of Threads to root CMakeLists.txt, rather
than duplicate these everywhere. Make explicit linking of library with
PThreads use the same mechanism.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Both programs use mbedtls_md_info_from_string() which is only
available as long as MBEDTLS_MD_C is enabled.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Adjusted to use `MBEDTLS_SHA256_C` instead of `MBEDTLS_MD_CAN_SHA256`
since the former is being used in accelerated driver configurations.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
The purpose of this change is to eventually base
the calculation in ssl_ticket.c of the ticket age
when parsing a ticket on the ticket creation time
both in TLS 1.2 and TLS 1.3 case.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Use the same mechanisms used to link other programs against pthread with
make, i.e. include common.make, and remove common code from programs/
fuzz/Makefile
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
All programs are now linked directly with all test code, thus adding a
pthread abstraction into the test code means having to link the programs
with pthread (if the library is found under cmake).
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
`$(MBEDTLS_TEST_OBJS)` included TLS-specific test support modules in
`tests/Makefile` but not in `programs/Makefile`. This difference is not
actually necessary. What is necessary is that all programs that use
functions from TLS-specific test support modules are linked with those
modules in addition to `-lmbedtls`, and programs that are not linked with
`-lmbedtls` are not linked with TLS-specific test support modules. Since we
always pass `-lmbedtls` when linking programs in `programs/Makefile`, we can
link with the TLS-specific test support modules as well. This keeps things
simpler.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
fixup "Create common.make with LOCAL_CFLAGS and friends"
The code wasn't what I had intended, although it was functionally
equivalent. Make it more readable and more robust.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>