mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 21:05:37 +01:00
df51dbe17f
This is the first in a series of commits adding client-side support for PSA-based ECDHE. Previously, the state of an ECDHE key agreement was maintained in the field mbedtls_ssl_handshake_params::ecdh_ctx, of type ::mbedtls_ecdh_context and manipulated through the ECDH API. The ECDH API will be superseeded by the PSA Crypto API for key agreement, which needs the following data: (a) A raw buffer holding the public part of the key agreement received from our peer. (b) A key slot holding the private part of the key agreement. (c) The algorithm to use. The commit adds fields to ::mbedtls_ssl_handshake_params representing these three inputs to PSA-based key agreement. Specifically, it adds a field for the key slot holding the ECDH private key, a field for the EC curve identifier, and a buffer holding the peer's public key. Note: Storing the peer's public key buffer is slightly inefficient, as one could perform the ECDH computation as soon as the peer sends its public key, either working with in-place or using a stack-buffer to reformat the public key before passing it to PSA. This optimization is left for a later commit. |
||
---|---|---|
.. | ||
mbedtls | ||
.gitignore | ||
CMakeLists.txt |