From df51dbe17f6c31eecef309cd7ccaa39bf9808b11 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 18 Feb 2019 16:41:55 +0000 Subject: [PATCH] Add fields for PSA-based ECDHE to handshake structure This is the first in a series of commits adding client-side support for PSA-based ECDHE. Previously, the state of an ECDHE key agreement was maintained in the field mbedtls_ssl_handshake_params::ecdh_ctx, of type ::mbedtls_ecdh_context and manipulated through the ECDH API. The ECDH API will be superseeded by the PSA Crypto API for key agreement, which needs the following data: (a) A raw buffer holding the public part of the key agreement received from our peer. (b) A key slot holding the private part of the key agreement. (c) The algorithm to use. The commit adds fields to ::mbedtls_ssl_handshake_params representing these three inputs to PSA-based key agreement. Specifically, it adds a field for the key slot holding the ECDH private key, a field for the EC curve identifier, and a buffer holding the peer's public key. Note: Storing the peer's public key buffer is slightly inefficient, as one could perform the ECDH computation as soon as the peer sends its public key, either working with in-place or using a stack-buffer to reformat the public key before passing it to PSA. This optimization is left for a later commit. --- include/mbedtls/psa_util.h | 2 ++ include/mbedtls/ssl_internal.h | 15 ++++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index dca4fa4f5..a678a777a 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -235,6 +235,8 @@ static inline int mbedtls_psa_get_ecc_oid_from_id( return( -1 ); } +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 256 + static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) { switch( grpid ) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 3159cd32b..be7f41b1d 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -57,6 +57,11 @@ #include "ecjpake.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "psa_util.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline @@ -280,7 +285,15 @@ struct mbedtls_ssl_handshake_params #endif #if defined(MBEDTLS_ECDH_C) mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ -#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_ecc_curve_t ecdh_psa_curve; + psa_key_handle_t ecdh_psa_privkey; + unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t ecdh_psa_peerkey_len; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_ECDH_C */ + #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) mbedtls_ecjpake_context ecjpake_ctx; /*!< EC J-PAKE key exchange */ #if defined(MBEDTLS_SSL_CLI_C)