lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-07 06:42:56 +03:00
Code Activity

Implement ClientKeyExchange writing in PSA-based ECDHE suites

Browse Source 
- Populate the ECDH private key slot with a fresh private EC key
  designated for the correct algorithm.
- Export the public part of the ECDH private key from PSA and
  reformat it to suite the format of the ClientKeyExchange message.
- Perform the PSA-based ECDH key agreement and store the result
  as the premaster secret for the connection.
This commit is contained in:
Hanno Becker
2019-01-08 11:39:35 +00:00
parent bb89e2727f
commit 4a63ed421c
2 changed files with 115 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
library/ssl_tls.c
View File

@@ -9367,6 +9367,11 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
ssl_buffering_free( ssl );
#endif
#if defined(MBEDTLS_ECDH_C) && \
defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key( handshake->ecdh_psa_privkey );
#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
mbedtls_platform_zeroize( handshake,
sizeof( mbedtls_ssl_handshake_params ) );
}