Add fields for PSA-based ECDHE to handshake structure

This is the first in a series of commits adding client-side support for PSA-based ECDHE. Previously, the state of an ECDHE key agreement was maintained in the field mbedtls_ssl_handshake_params::ecdh_ctx, of type ::mbedtls_ecdh_context and manipulated through the ECDH API. The ECDH API will be superseeded by the PSA Crypto API for key agreement, which needs the following data: (a) A raw buffer holding the public part of the key agreement received from our peer. (b) A key slot holding the private part of the key agreement. (c) The algorithm to use. The commit adds fields to ::mbedtls_ssl_handshake_params representing these three inputs to PSA-based key agreement. Specifically, it adds a field for the key slot holding the ECDH private key, a field for the EC curve identifier, and a buffer holding the peer's public key. Note: Storing the peer's public key buffer is slightly inefficient, as one could perform the ECDH computation as soon as the peer sends its public key, either working with in-place or using a stack-buffer to reformat the public key before passing it to PSA. This optimization is left for a later commit.
2024-11-26 11:05:47 +01:00 · 2019-02-18 16:41:55 +00:00 · 2019-02-18 16:41:55 +00:00 · df51dbe17f
commit df51dbe17f
parent f75f912c31
2 changed files with 16 additions and 1 deletions
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@ -235,6 +235,8 @@ static inline int mbedtls_psa_get_ecc_oid_from_id(
     return( -1 );
 }

+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 256
+
 static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
 {
    switch( grpid )
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -57,6 +57,11 @@
 #include "ecjpake.h"
 #endif

+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "psa_util.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
    !defined(inline) && !defined(__cplusplus)
 #define inline __inline
@ -280,7 +285,15 @@ struct mbedtls_ssl_handshake_params
 #endif
 #if defined(MBEDTLS_ECDH_C)
    mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
-#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_ecc_curve_t ecdh_psa_curve;
+    psa_key_handle_t ecdh_psa_privkey;
+    unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
+    size_t ecdh_psa_peerkey_len;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_ECDH_C */
+
 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
    mbedtls_ecjpake_context ecjpake_ctx;        /*!< EC J-PAKE key exchange */
 #if defined(MBEDTLS_SSL_CLI_C)