diff --git a/include/polarssl/ecdh.h b/include/polarssl/ecdh.h index 4c82f25f2..d20f9bf27 100644 --- a/include/polarssl/ecdh.h +++ b/include/polarssl/ecdh.h @@ -33,6 +33,15 @@ extern "C" { #endif +/** + * When importing from an EC key, select if it is our key or the peer's key + */ +typedef enum +{ + POLARSSL_ECDH_OURS, + POLARSSL_ECDH_THEIRS, +} ecdh_side; + /** * \brief ECDH context structure */ @@ -134,6 +143,18 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen, int ecdh_read_params( ecdh_context *ctx, const unsigned char **buf, const unsigned char *end ); +/** + * \brief Setup an ECDH context from an EC key + * + * \param ctx ECDH constext to set + * \param key EC key to use + * \param ours Is it our key (1) or the peer's key (0) ? + * + * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code + */ +int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, + ecdh_side side ); + /** * \brief Setup and export the client's public value * diff --git a/library/ecdh.c b/library/ecdh.c index 400e45fa2..302531db8 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -165,6 +165,32 @@ int ecdh_read_params( ecdh_context *ctx, return 0; } +/* + * Get parameters from a keypair + */ +int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, + ecdh_side side ) +{ + int ret; + + if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ) + return( ret ); + + /* If it's not our key, just import the public part as Qp */ + if( side == POLARSSL_ECDH_THEIRS ) + return( ecp_copy( &ctx->Qp, &key->Q ) ); + + /* Our key: import public (as Q) and private parts */ + if( side != POLARSSL_ECDH_OURS ) + return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + + if( ( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 || + ( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 ) + return( ret ); + + return( 0 ); +} + /* * Setup and export the client public value */