Introduce mbedtls_pk_restart_ctx and use it

The fact that you needed to pass a pointer to mbedtls_ecdsa_restart_ctx (or
that you needed to know the key type of the PK context) was a breach of
abstraction.

Change the API (and callers) now, and the implementation will be changed in
the next commit.

include/mbedtls/pk.h

@@ -129,6 +129,19 @@ typedef struct
     void *                      pk_ctx;  /**< Underlying public key context  */
 } mbedtls_pk_context;
 
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief           Context for resuming operations
+ */
+typedef struct
+{
+    mbedtls_ecdsa_restart_ctx ecdsa;    /* temporary */
+} mbedtls_pk_restart_ctx;
+#else
+/* Now we can declare functions that take a pointer to that */
+typedef void mbedtls_pk_restart_ctx;
+#endif
+
 #if defined(MBEDTLS_RSA_C)
 /**
  * Quick access to an RSA context inside a PK context.
@@ -188,6 +201,18 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx );
  */
 void mbedtls_pk_free( mbedtls_pk_context *ctx );
 
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief           Initialize a restart context
+ */
+void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
+
+/**
+ * \brief           Free the components of a restart context
+ */
+void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
 /**
  * \brief           Initialize a PK context with the information given
  *                  and allocates the type-specific PK subcontext.
@@ -298,8 +323,7 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
  * \param hash_len  Hash length or 0 (see notes)
  * \param sig       Signature to verify
  * \param sig_len   Signature length
- * \param rs_ctx    Restart context: for ECC, must be NULL (no restart) or a
- *                  pointer to a \c mbedtls_ecdsa_restart_ctx. Ignored for RSA.
+ * \param rs_ctx    Restart context (NULL to disable restart)
  *
  * \return          See \c mbedtls_pk_verify(), or
  *                  MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
@@ -309,7 +333,7 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
                mbedtls_md_type_t md_alg,
                const unsigned char *hash, size_t hash_len,
                const unsigned char *sig, size_t sig_len,
-               void *rs_ctx );
+               mbedtls_pk_restart_ctx *rs_ctx );
 
 /**
  * \brief           Verify signature, with options.
@@ -390,8 +414,7 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
  * \param sig_len   Number of bytes written
  * \param f_rng     RNG function
  * \param p_rng     RNG parameter
- * \param rs_ctx    Restart context: for ECC, must be NULL (no restart) or a
- *                  pointer to a \c mbedtls_ecdsa_restart_ctx. Ignored for RSA.
+ * \param rs_ctx    Restart context (NULL to disable restart)
  *
  * \return          See \c mbedtls_pk_sign(), or
  *                  MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
@@ -402,7 +425,7 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
              const unsigned char *hash, size_t hash_len,
              unsigned char *sig, size_t *sig_len,
              int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             void *rs_ctx );
+             mbedtls_pk_restart_ctx *rs_ctx );
 
 /**
  * \brief           Decrypt message (including padding if relevant).

include/mbedtls/x509_crt.h

@@ -172,7 +172,7 @@ typedef struct
 typedef struct
 {
     /* for check_signature() */
-    mbedtls_ecdsa_restart_ctx   ecdsa;
+    mbedtls_pk_restart_ctx pk;
 
     /* for find_parent_in() */
     mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */