TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 7de0b8aae7026fb73044c061a23874bba9e79915^1..7de0b8aae7026fb73044c061a23874bba9e79915 / .
commit7de0b8aae7026fb73044c061a23874bba9e79915[log] [tgz]
authorJaeden Amero <jaeden.amero@arm.com>Tue Jan 09 11:31:55 2018 +0000
committerJaeden Amero <jaeden.amero@arm.com>Tue Jan 09 11:31:55 2018 +0000
treeda1dbafd1d0b802b6b061a52d12cfcb7f96a855a
parent35285cca67aaba6204ff73f46de8df06e152d320 [diff]
parent3226d36d6170c36ef966b46779bcb53ca45d5182 [diff]
Merge remote-tracking branch 'upstream-public/pr/1046' into development

diff --git a/ChangeLog b/ChangeLog
index 54a740a..8322b0e 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -28,6 +28,12 @@
      The following functions from the ECDSA module can be replaced
      with alternative implementation:
      mbedtls_ecdsa_sign(), mbedtls_ecdsa_verify() and mbedtls_ecdsa_genkey().
+   * Add support for alternative implementation for ECDH, controlled by new
+     configuration flags MBEDTLS_ECDH_COMPUTE_SHARED_ALT and
+     MBEDTLS_ECDH_GEN_PUBLIC_ALT in config.h.
+     The following functions from the ECDH module can be replaced
+     with an alternative implementation:
+     mbedtls_ecdh_gen_public() and mbedtls_ecdh_compute_shared().
 
 New deprecations
    * Deprecate usage of RSA primitives with non-matching key-type

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 1848ac1..74e9f80 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -332,6 +332,8 @@
 //#define MBEDTLS_AES_SETKEY_DEC_ALT
 //#define MBEDTLS_AES_ENCRYPT_ALT
 //#define MBEDTLS_AES_DECRYPT_ALT
+//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
+//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
 //#define MBEDTLS_ECDSA_VERIFY_ALT
 //#define MBEDTLS_ECDSA_SIGN_ALT
 //#define MBEDTLS_ECDSA_GENKEY_ALT

diff --git a/library/ecdh.c b/library/ecdh.c
index c0a8147..61380b6 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c

@@ -38,6 +38,7 @@
 
 #include <string.h>
 
+#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
 /*
  * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
  */
@@ -47,7 +48,9 @@
 {
     return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
 }
+#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
 
+#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
 /*
  * Compute shared secret (SEC1 3.3.1)
  */
@@ -81,6 +84,7 @@
 
     return( ret );
 }
+#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
 
 /*
  * Initialize context

diff --git a/library/version_features.c b/library/version_features.c
index ceebcb0..ec4e67b 100644
--- a/library/version_features.c
+++ b/library/version_features.c

@@ -177,6 +177,12 @@
 #if defined(MBEDTLS_AES_DECRYPT_ALT)
     "MBEDTLS_AES_DECRYPT_ALT",
 #endif /* MBEDTLS_AES_DECRYPT_ALT */
+#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
+    "MBEDTLS_ECDH_GEN_PUBLIC_ALT",
+#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
+#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
+    "MBEDTLS_ECDH_COMPUTE_SHARED_ALT",
+#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
 #if defined(MBEDTLS_ECDSA_VERIFY_ALT)
     "MBEDTLS_ECDSA_VERIFY_ALT",
 #endif /* MBEDTLS_ECDSA_VERIFY_ALT */