eden-emu/mbedtls
20
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

PSA PAKE: divide setup into several steps

Browse source 
There are too many parameters to the setup function. This makes it hard
to figure out how to call the function and read code that calls the
function. This also opens the suspicion that there's yet another
parameter that we're missing.

Signed-off-by: Janos Follath <janos.follath@arm.com>
This commit is contained in:
Janos Follath 2021-05-13 10:51:01 +01:00
parent beb78d4d41
commit a86c3131a8
2 changed files with 147 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

5
include/psa/crypto_values.h
View file

@ -1985,6 +1985,11 @@
* Implementations of the present specification use Schnorr NIZKP and this does
* not need to be configured in the cipher suites.
*
* J-PAKE doesn't differentiate between sides and has a distinct identifier
* associated with each entity. This means that both psa_pake_set_user() and
* psa_pake_set_peer() needs to be called before commencing the operation.
* Another conseque is that psa_pake_set_side() is optional and is ignored.
*
* The key exchange flow for JPAKE is as follows:
* -# To get the first round data that needs to be sent to the peer, call
* // Get g1