TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / f61e486179843ea7b6346066629b1bfa9f37b5fc^! / . / include / mbedtls / ecdh.h
commitf61e486179843ea7b6346066629b1bfa9f37b5fc[log] [tgz]
authorJanos Follath <janos.follath@arm.com>Tue Oct 30 11:53:25 2018 +0000
committerJanos Follath <janos.follath@arm.com>Fri Nov 30 14:09:57 2018 +0000
treef4a22b00af6093d662d640efb47745e39384fbb5
parent89ac8c9266184bb8edc2c04111f7b0df220bb440 [diff] [blame]
ECDH: Add mbedtls_ecdh_setup()

In the future we want to support alternative ECDH implementations. We
can't make assumptions about the structure of the context they might
use, and therefore shouldn't access the members of
`mbedtls_ecdh_context`.

Currently the lifecycle of the context can't be done without direct
manipulation. This commit adds `mbedtls_ecdh_setup()` to complete
covering the context lifecycle with functions.

diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index 27f2ffc..68a6989 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h

@@ -135,6 +135,24 @@
 void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
 
 /**
+ * \brief           This function sets up the ECDH context with the information
+ *                  given.
+ *
+ *                  This function should be called after mbedtls_ecdh_init() but
+ *                  before mbedtls_ecdh_make_params(). There is no need to call
+ *                  this function before mbedtls_ecdh_read_params().
+ *
+ *                  This is the first function used by a TLS server for ECDHE
+ *                  ciphersuites.
+ *
+ * \param ctx       The ECDH context to set up.
+ * \param grp_id    The group id of the group to set up the context for.
+ *
+ * \return          \c 0 on success.
+ */
+int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id );
+
+/**
  * \brief           This function frees a context.
  *
  * \param ctx       The context to free.
@@ -145,8 +163,8 @@
  * \brief           This function generates a public key and a TLS
  *                  ServerKeyExchange payload.
  *
- *                  This is the first function used by a TLS server for ECDHE
- *                  ciphersuites.
+ *                  This is the second function used by a TLS server for ECDHE
+ *                  ciphersuites. (It is called after mbedtls_ecdh_setup().)
  *
  * \note            This function assumes that the ECP group (grp) of the
  *                  \p ctx context has already been properly set,
@@ -242,8 +260,9 @@
  * \brief       This function parses and processes a TLS ClientKeyExchange
  *              payload.
  *
- *              This is the second function used by a TLS server for ECDH(E)
- *              ciphersuites.
+ *              This is the third function used by a TLS server for ECDH(E)
+ *              ciphersuites. (It is called after mbedtls_ecdh_setup() and
+ *              mbedtls_ecdh_make_params().)
  *
  * \see         ecp.h
  *