yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 23:25:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Making sure that the ECDHE pre-computation is only done once.

Browse Source
This commit is contained in:
Hannes Tschofenig 2020-12-15 12:33:45 +01:00
parent c162895030
commit 34630562cd
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
library/ssl_cli.c
View File

@ -4259,6 +4259,9 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
{ {
case MBEDTLS_SSL_HELLO_REQUEST: case MBEDTLS_SSL_HELLO_REQUEST:
ssl->state = MBEDTLS_SSL_CLIENT_HELLO; ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
#if defined(MBEDTLS_EARLY_KEY_COMPUTATION)
int ecdhe_computed = 0;
#endif /* MBEDTLS_EARLY_KEY_COMPUTATION */
break; break;
/* /*
@ -4277,11 +4280,16 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
*/ */
case MBEDTLS_SSL_SERVER_HELLO: case MBEDTLS_SSL_SERVER_HELLO:
#if defined(MBEDTLS_EARLY_KEY_COMPUTATION) && defined(MBEDTLS_USE_TINYCRYPT) #if defined(MBEDTLS_EARLY_KEY_COMPUTATION) && defined(MBEDTLS_USE_TINYCRYPT)
ret = uECC_make_key( ssl->handshake->ecdh_publickey, ssl->handshake->ecdh_privkey ); /* Make sure that the ECDHE pre-computation is only done once */
if( ret == UECC_FAULT_DETECTED ) if( ecdhe_computed == 0 )
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); {
if( ret != UECC_SUCCESS ) ret = uECC_make_key( ssl->handshake->ecdh_publickey, ssl->handshake->ecdh_privkey );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); if( ret == UECC_FAULT_DETECTED )
return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
if( ret != UECC_SUCCESS )
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
ecdhe_computed = 1;
}
#endif /* MBEDTLS_EARLY_KEY_COMPUTATION && MBEDTLS_USE_TINYCRYPT */ #endif /* MBEDTLS_EARLY_KEY_COMPUTATION && MBEDTLS_USE_TINYCRYPT */
ret = ssl_parse_server_hello( ssl ); ret = ssl_parse_server_hello( ssl );