TinyCrypt SSL: Declare EC-related TLS RFC constants in SSL namespace

mbedtls/ecp.h defines constants MBEDTLS_ECP_PF_UNCOMPRESSED MBEDTLS_ECP_PF_COMPRESSED MBEDTLS_ECP_TLS_NAMED_CURVE which regard the encoding of elliptic curves and curve point formats in TLS. As such, they should be defined in the SSL namespace. Asides, this will help replacing the legacy ECC crypto by alternative ECC implementations.
2024-11-22 22:45:48 +01:00 · 2019-08-23 14:39:50 +01:00 · 2019-08-23 14:39:50 +01:00 · 27b7e50dcd
commit 27b7e50dcd
parent ee902df678
3 changed files with 20 additions and 8 deletions
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -1885,4 +1885,16 @@ int mbedtls_ssl_ecdh_read_peerkey( mbedtls_ssl_context *ssl,
                                   unsigned char **p, unsigned char *end );
 #endif /* MBEDTLS_USE_TINYCRYPT */

+
+/*
+ * Point formats, from RFC 4492's enum ECPointFormat
+ */
+#define MBEDTLS_SSL_EC_PF_UNCOMPRESSED    0   /**< Uncompressed point format. */
+#define MBEDTLS_SSL_EC_PF_COMPRESSED      1   /**< Compressed point format. */
+
+/*
+ * Some other constants from RFC 4492
+ */
+#define MBEDTLS_SSL_EC_TLS_NAMED_CURVE    3   /**< The named_curve of ECCurveType. */
+
 #endif /* ssl_internal.h */
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -331,7 +331,7 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
    *p++ = 2;

    *p++ = 1;
-    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
+    *p++ = MBEDTLS_SSL_EC_PF_UNCOMPRESSED;

    *olen = 6;
 }
@ -1405,8 +1405,8 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
    p = buf + 1;
    while( list_size > 0 )
    {
-        if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
-            p[0] == MBEDTLS_ECP_PF_COMPRESSED )
+        if( p[0] == MBEDTLS_SSL_EC_PF_UNCOMPRESSED ||
+            p[0] == MBEDTLS_SSL_EC_PF_COMPRESSED )
        {
 #if defined(MBEDTLS_ECDH_C)
            ssl->handshake->ecdh_ctx.point_format = p[0];
@ -2817,7 +2817,7 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl,
        == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA )
    {
        static const unsigned char ecdh_group[] = {
-            MBEDTLS_ECP_TLS_NAMED_CURVE,
+            MBEDTLS_SSL_EC_TLS_NAMED_CURVE,
            0  /* high bits of secp256r1 TLS ID  */,
            23 /* low bits of secp256r1 TLS ID   */,
        };
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -347,8 +347,8 @@ static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl,
    p = buf + 1;
    while( list_size > 0 )
    {
-        if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
-            p[0] == MBEDTLS_ECP_PF_COMPRESSED )
+        if( p[0] == MBEDTLS_SSL_EC_PF_UNCOMPRESSED ||
+            p[0] == MBEDTLS_SSL_EC_PF_COMPRESSED )
        {
 #if defined(MBEDTLS_ECDH_C)
            ssl->handshake->ecdh_ctx.point_format = p[0];
@ -2579,7 +2579,7 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
    *p++ = 2;

    *p++ = 1;
-    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
+    *p++ = MBEDTLS_SSL_EC_PF_UNCOMPRESSED;

    *olen = 6;
 }
@ -3400,7 +3400,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
            == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA )
        {
            static const unsigned char ecdh_param_hdr[] = {
-                MBEDTLS_ECP_TLS_NAMED_CURVE,
+                MBEDTLS_SSL_EC_TLS_NAMED_CURVE,
                0  /* high bits of secp256r1 TLS ID  */,
                23 /* low bits of secp256r1 TLS ID   */,
                2 * NUM_ECC_BYTES + 1,