SSL asynchronous private key operation callbacks: interface New compile-time option MBEDTLS_SSL_ASYNC_PRIVATE_C, enabling callbacks to replace private key operations. These callbacks allow the SSL stack to make an asynchronous call to an external cryptographic module instead of calling the cryptography layer inside the library. The call is asynchronous in that it may return the new status code MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, in which case the SSL stack returns and can be later called where it left off. This commit introduces the configuration option. Later commits will implement the feature proper.

commit: 8bf79f6dc666efca9a7841935bef58508e584c1f [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri Jan 05 21:11:53 2018 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Tue Apr 24 09:32:28 2018 +0200
tree: b55ae1847459313a0151ca84f81fd45f9d4434f4
parent: 59e83d96dbd337b02c2260729d1d0d4173e98852 [diff] [blame]
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 7c06815..80a4fef 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -2334,6 +2334,17 @@
 #define MBEDTLS_SHA512_C
 
 /**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE_C
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+#define MBEDTLS_SSL_ASYNC_PRIVATE_C
+
+/**
  * \def MBEDTLS_SSL_CACHE_C
  *
  * Enable simple SSL cache implementation.
commit	8bf79f6dc666efca9a7841935bef58508e584c1f	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Jan 05 21:11:53 2018 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Apr 24 09:32:28 2018 +0200
tree	b55ae1847459313a0151ca84f81fd45f9d4434f4
parent	59e83d96dbd337b02c2260729d1d0d4173e98852 [diff] [blame]