TinyCrypt SSL: Implement mbedtls_ssl_check_curve() for TinyCrypt
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index df221fe..1ba1fe0 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -32,6 +32,7 @@
#include "ssl.h"
#include "cipher.h"
+#include "oid.h"
#if defined(MBEDTLS_MD5_C)
#include "md5.h"
@@ -1013,8 +1014,14 @@
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
unsigned char mbedtls_ssl_hash_from_md_alg( int md );
+#if defined(MBEDTLS_USE_TINYCRYPT)
+int mbedtls_ssl_check_curve_uecc( const mbedtls_ssl_context *ssl,
+ mbedtls_uecc_group_id grp_id );
+#endif
+
#if defined(MBEDTLS_ECP_C)
-int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
+int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl,
+ mbedtls_ecp_group_id grp_id );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
@@ -1743,6 +1750,17 @@
#define MBEDTLS_SSL_END_FOR_EACH_SUPPORTED_EC_TLS_ID \
}
+#if defined(MBEDTLS_USE_TINYCRYPT)
+#define MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_UECC_GRP_ID( EC_ID_VAR ) \
+ { \
+ mbedtls_uecc_group_id EC_ID_VAR = MBEDTLS_SSL_CONF_SINGLE_UECC_GRP_ID; \
+ ((void) ssl);
+
+#define MBEDTLS_SSL_END_FOR_EACH_SUPPORTED_UECC_GRP_ID \
+ }
+#endif /* MBEDTLS_USE_TINYCRYPT */
+
+#if defined(MBEDTLS_ECP_C)
#define MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_EC_GRP_ID( EC_ID_VAR ) \
{ \
mbedtls_ecp_group_id EC_ID_VAR = MBEDTLS_SSL_CONF_SINGLE_EC_GRP_ID; \
@@ -1750,6 +1768,7 @@
#define MBEDTLS_SSL_END_FOR_EACH_SUPPORTED_EC_GRP_ID \
}
+#endif /* MBEDTLS_ECP_C */
#endif /* MBEDTLS_SSL_CONF_SINGLE_EC */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 400d61f..2e8a076 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7181,7 +7181,7 @@
{
int ret;
#if defined(MBEDTLS_USE_TINYCRYPT)
- ret = mbedtls_ssl_check_curve( ssl, MBEDTLS_UECC_DP_SECP256R1 );
+ ret = mbedtls_ssl_check_curve_uecc( ssl, MBEDTLS_UECC_DP_SECP256R1 );
#else /* MBEDTLS_USE_TINYCRYPT */
mbedtls_pk_context *pk;
ret = mbedtls_x509_crt_pk_acquire( chain, &pk );
@@ -12227,12 +12227,30 @@
}
}
+#if defined(MBEDTLS_USE_TINYCRYPT)
+/*
+ * Check if a curve proposed by the peer is in our list.
+ * Return 0 if we're willing to use it, -1 otherwise.
+ */
+int mbedtls_ssl_check_curve_uecc( const mbedtls_ssl_context *ssl,
+ mbedtls_uecc_group_id grp_id )
+{
+ MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_UECC_GRP_ID( own_ec_id )
+ if( own_ec_id == grp_id )
+ return( 0 );
+ MBEDTLS_SSL_END_FOR_EACH_SUPPORTED_UECC_GRP_ID
+
+ return( -1 );
+}
+#endif /* MBEDTLS_USE_TINYCRYPT */
+
#if defined(MBEDTLS_ECP_C)
/*
* Check if a curve proposed by the peer is in our list.
* Return 0 if we're willing to use it, -1 otherwise.
*/
-int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id )
+int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl,
+ mbedtls_ecp_group_id grp_id )
{
MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_EC_GRP_ID( own_ec_id )
if( own_ec_id == grp_id )