TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 15d7df2ba8ca706b944b771958cd23b6c2163f81^! / . / library
commit15d7df2ba8ca706b944b771958cd23b6c2163f81[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Thu Aug 17 14:33:31 2017 +0200
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Thu Aug 17 15:16:11 2017 +0200
tree7e86a2190faf39c3858121405bdeabe5c5e5e6ad
parent98a6778d478b62423bbb6ba85ec638e9f10b2374 [diff]
Introduce mbedtls_pk_restart_ctx and use it

The fact that you needed to pass a pointer to mbedtls_ecdsa_restart_ctx (or
that you needed to know the key type of the PK context) was a breach of
abstraction.

Change the API (and callers) now, and the implementation will be changed in
the next commit.

diff --git a/library/pk.c b/library/pk.c
index e439c7a..27ca5f3 100644
--- a/library/pk.c
+++ b/library/pk.c

@@ -73,6 +73,27 @@
     mbedtls_zeroize( ctx, sizeof( mbedtls_pk_context ) );
 }
 
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Initialize a restart context
+ */
+void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
+{
+    mbedtls_ecdsa_restart_init( &ctx->ecdsa );
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_ecdsa_restart_free( &ctx->ecdsa );
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
 /*
  * Get pk_info structure from type
  */
@@ -182,7 +203,7 @@
                mbedtls_md_type_t md_alg,
                const unsigned char *hash, size_t hash_len,
                const unsigned char *sig, size_t sig_len,
-               void *rs_ctx )
+               mbedtls_pk_restart_ctx *rs_ctx )
 {
     if( ctx == NULL || ctx->pk_info == NULL ||
         pk_hashlen_helper( md_alg, &hash_len ) != 0 )
@@ -282,7 +303,7 @@
              const unsigned char *hash, size_t hash_len,
              unsigned char *sig, size_t *sig_len,
              int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             void *rs_ctx )
+             mbedtls_pk_restart_ctx *rs_ctx )
 {
     if( ctx == NULL || ctx->pk_info == NULL ||
         pk_hashlen_helper( md_alg, &hash_len ) != 0 )

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7ffeb5b..d53f7b2 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -2615,7 +2615,7 @@
 
 #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
         if( ssl->handshake->ecrs_enabled )
-            rs_ctx = &ssl->handshake->ecrs_ctx.ecdsa;
+            rs_ctx = &ssl->handshake->ecrs_ctx.pk;
 #endif
 
         if( ( ret = mbedtls_pk_verify_restartable(
@@ -3290,7 +3290,7 @@
 
 #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
     if( ssl->handshake->ecrs_enabled )
-        rs_ctx = &ssl->handshake->ecrs_ctx.ecdsa;
+        rs_ctx = &ssl->handshake->ecrs_ctx.pk;
 #endif
 
     if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ),

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 9ab376d..a6f6a78 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -1875,7 +1875,7 @@
     {
         return( mbedtls_pk_verify_restartable( &parent->pk,
                     child->sig_md, hash, mbedtls_md_get_size( md_info ),
-                    child->sig.p, child->sig.len, &rs_ctx->ecdsa ) );
+                    child->sig.p, child->sig.len, &rs_ctx->pk ) );
     }
 #else
     (void) rs_ctx;
@@ -2653,7 +2653,7 @@
  */
 void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx )
 {
-    mbedtls_ecdsa_restart_init( &ctx->ecdsa );
+    mbedtls_pk_restart_init( &ctx->pk );
 
     ctx->parent = NULL;
     ctx->fallback_parent = NULL;
@@ -2675,7 +2675,7 @@
     if( ctx == NULL )
         return;
 
-    mbedtls_ecdsa_restart_free( &ctx->ecdsa );
+    mbedtls_pk_restart_free( &ctx->pk );
 
     mbedtls_x509_crt_restart_init( ctx );
 }