eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implement ClientKeyExchange writing in PSA-based ECDHE suites

Browse source 
- Populate the ECDH private key slot with a fresh private EC key
  designated for the correct algorithm.
- Export the public part of the ECDH private key from PSA and
  reformat it to suite the format of the ClientKeyExchange message.
- Perform the PSA-based ECDH key agreement and store the result
  as the premaster secret for the connection.
This commit is contained in:
Hanno Becker 2019-01-08 11:39:35 +00:00
parent bb89e2727f
commit 4a63ed421c
2 changed files with 115 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_tls.c
View file

@ -9367,6 +9367,11 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
ssl_buffering_free( ssl );
#endif
#if defined(MBEDTLS_ECDH_C) && \
defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key( handshake->ecdh_psa_privkey );
#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
mbedtls_platform_zeroize( handshake,
sizeof( mbedtls_ssl_handshake_params ) );
}