mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 03:05:40 +00:00
tinyCrypt: Don't store public ECDH-share in handshake struct
Instead, write it to the message buffer directly.
This commit is contained in:
parent
b1626fb619
commit
8295ff0b04
|
@ -552,7 +552,6 @@ struct mbedtls_ssl_handshake_params
|
|||
|
||||
#if defined(MBEDTLS_USE_TINYCRYPT)
|
||||
uint8_t ecdh_privkey[NUM_ECC_BYTES];
|
||||
uint8_t ecdh_ownpubkey[2*NUM_ECC_BYTES];
|
||||
uint8_t ecdh_peerkey[2*NUM_ECC_BYTES];
|
||||
#endif /* MBEDTLS_USE_TINYCRYPT */
|
||||
};
|
||||
|
|
|
@ -3576,19 +3576,17 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
|
|||
((void) n);
|
||||
((void) ret);
|
||||
|
||||
if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey,
|
||||
ssl->handshake->ecdh_privkey,
|
||||
uecc_curve ) )
|
||||
{
|
||||
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
|
||||
}
|
||||
|
||||
if( (size_t)( end - p ) < 2 * NUM_ECC_BYTES + 2 )
|
||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||
|
||||
*p++ = 2 * NUM_ECC_BYTES + 1;
|
||||
*p++ = 0x04; /* uncompressed point presentation */
|
||||
memcpy( p, ssl->handshake->ecdh_ownpubkey, 2 * NUM_ECC_BYTES );
|
||||
|
||||
if( !uECC_make_key( p, ssl->handshake->ecdh_privkey,
|
||||
uecc_curve ) )
|
||||
{
|
||||
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
|
||||
}
|
||||
p += 2 * NUM_ECC_BYTES;
|
||||
}
|
||||
else
|
||||
|
|
|
@ -3398,14 +3398,6 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
|||
0x04 /* Uncompressed */
|
||||
};
|
||||
|
||||
if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey,
|
||||
ssl->handshake->ecdh_privkey,
|
||||
uecc_curve ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
|
||||
dig_signed = ssl->out_msg + ssl->out_msglen;
|
||||
#endif
|
||||
|
@ -3414,9 +3406,14 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
|
|||
ecdh_param_hdr, sizeof( ecdh_param_hdr ) );
|
||||
ssl->out_msglen += sizeof( ecdh_param_hdr );
|
||||
|
||||
memcpy( &ssl->out_msg[ssl->out_msglen],
|
||||
ssl->handshake->ecdh_ownpubkey,
|
||||
2*NUM_ECC_BYTES );
|
||||
if( !uECC_make_key( &ssl->out_msg[ ssl->out_msglen ],
|
||||
ssl->handshake->ecdh_privkey,
|
||||
uecc_curve ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
|
||||
ssl->out_msglen += 2*NUM_ECC_BYTES;
|
||||
}
|
||||
else
|
||||
|
|
Loading…
Reference in a new issue