mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 03:15:43 +01:00
TinyCrypt SSL: Impl. ECDH-param extraction from CRT for TinyCrypt
This commit is contained in:
parent
ecf5d3fdb1
commit
b3a244847d
@ -2551,9 +2551,13 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
const mbedtls_ecp_keypair *peer_key;
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
||||
/* Acquire peer's PK context: In case we store peer's entire
|
||||
* certificate, we extract the context from it. Otherwise,
|
||||
* we can use a temporary copy we've made for the purpose of
|
||||
* signature verification. */
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
peer_pk = &ssl->handshake->peer_pubkey;
|
||||
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
@ -2580,6 +2584,18 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/* Extract ECDH parameters from peer's PK context. */
|
||||
|
||||
{
|
||||
#if defined(MBEDTLS_USE_TINYCRYPT)
|
||||
mbedtls_uecc_keypair *peer_key =
|
||||
mbedtls_pk_uecc( *peer_pk );
|
||||
|
||||
memcpy( ssl->handshake->ecdh_peerkey,
|
||||
peer_key->public_key,
|
||||
sizeof( ssl->handshake->ecdh_peerkey ) );
|
||||
#else /* MBEDTLS_USE_TINYCRYPT */
|
||||
const mbedtls_ecp_keypair *peer_key;
|
||||
peer_key = mbedtls_pk_ec( *peer_pk );
|
||||
|
||||
if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key,
|
||||
@ -2595,6 +2611,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
|
||||
goto cleanup;
|
||||
}
|
||||
#endif /* MBEDTLS_USE_TINYCRYPT */
|
||||
}
|
||||
|
||||
cleanup:
|
||||
|
||||
|
@ -3198,6 +3198,26 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
|
||||
#if defined(MBEDTLS_USE_TINYCRYPT)
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_uecc_keypair *own_key =
|
||||
mbedtls_pk_uecc( *mbedtls_ssl_own_key( ssl ) );
|
||||
|
||||
if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) );
|
||||
return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
||||
memcpy( ssl->handshake->ecdh_privkey,
|
||||
own_key->private_key,
|
||||
sizeof( ssl->handshake->ecdh_privkey ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#else /* MBEDTLS_USE_TINYCRYPT */
|
||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
@ -3218,6 +3238,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_USE_TINYCRYPT */
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
|
||||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user