mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 03:05:40 +00:00
tinyCrypt: Don't store public ECDH-share in handshake struct
Instead, write it to the message buffer directly.
This commit is contained in:
parent
b1626fb619
commit
8295ff0b04
|
@ -552,7 +552,6 @@ struct mbedtls_ssl_handshake_params
|
||||||
|
|
||||||
#if defined(MBEDTLS_USE_TINYCRYPT)
|
#if defined(MBEDTLS_USE_TINYCRYPT)
|
||||||
uint8_t ecdh_privkey[NUM_ECC_BYTES];
|
uint8_t ecdh_privkey[NUM_ECC_BYTES];
|
||||||
uint8_t ecdh_ownpubkey[2*NUM_ECC_BYTES];
|
|
||||||
uint8_t ecdh_peerkey[2*NUM_ECC_BYTES];
|
uint8_t ecdh_peerkey[2*NUM_ECC_BYTES];
|
||||||
#endif /* MBEDTLS_USE_TINYCRYPT */
|
#endif /* MBEDTLS_USE_TINYCRYPT */
|
||||||
};
|
};
|
||||||
|
|
|
@ -3576,19 +3576,17 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
|
||||||
((void) n);
|
((void) n);
|
||||||
((void) ret);
|
((void) ret);
|
||||||
|
|
||||||
if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey,
|
|
||||||
ssl->handshake->ecdh_privkey,
|
|
||||||
uecc_curve ) )
|
|
||||||
{
|
|
||||||
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
|
|
||||||
}
|
|
||||||
|
|
||||||
if( (size_t)( end - p ) < 2 * NUM_ECC_BYTES + 2 )
|
if( (size_t)( end - p ) < 2 * NUM_ECC_BYTES + 2 )
|
||||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||||
|
|
||||||
*p++ = 2 * NUM_ECC_BYTES + 1;
|
*p++ = 2 * NUM_ECC_BYTES + 1;
|
||||||
*p++ = 0x04; /* uncompressed point presentation */
|
*p++ = 0x04; /* uncompressed point presentation */
|
||||||
memcpy( p, ssl->handshake->ecdh_ownpubkey, 2 * NUM_ECC_BYTES );
|
|
||||||
|
if( !uECC_make_key( p, ssl->handshake->ecdh_privkey,
|
||||||
|
uecc_curve ) )
|
||||||
|
{
|
||||||
|
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
|
||||||
|
}
|
||||||
p += 2 * NUM_ECC_BYTES;
|
p += 2 * NUM_ECC_BYTES;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
|
@ -3398,14 +3398,6 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
||||||
0x04 /* Uncompressed */
|
0x04 /* Uncompressed */
|
||||||
};
|
};
|
||||||
|
|
||||||
if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey,
|
|
||||||
ssl->handshake->ecdh_privkey,
|
|
||||||
uecc_curve ) )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
|
||||||
}
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
|
||||||
dig_signed = ssl->out_msg + ssl->out_msglen;
|
dig_signed = ssl->out_msg + ssl->out_msglen;
|
||||||
#endif
|
#endif
|
||||||
|
@ -3414,9 +3406,14 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
||||||
ecdh_param_hdr, sizeof( ecdh_param_hdr ) );
|
ecdh_param_hdr, sizeof( ecdh_param_hdr ) );
|
||||||
ssl->out_msglen += sizeof( ecdh_param_hdr );
|
ssl->out_msglen += sizeof( ecdh_param_hdr );
|
||||||
|
|
||||||
memcpy( &ssl->out_msg[ssl->out_msglen],
|
if( !uECC_make_key( &ssl->out_msg[ ssl->out_msglen ],
|
||||||
ssl->handshake->ecdh_ownpubkey,
|
ssl->handshake->ecdh_privkey,
|
||||||
2*NUM_ECC_BYTES );
|
uecc_curve ) )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
|
}
|
||||||
|
|
||||||
ssl->out_msglen += 2*NUM_ECC_BYTES;
|
ssl->out_msglen += 2*NUM_ECC_BYTES;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in a new issue