Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2 TLS uses it to derive the session secret. The algorithm takes a serialized point in an uncompressed form, extracts the X coordinate and computes SHA256 of it. It is only expected to work with P-256. Fixes #5978. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

commit: 08d34b8693a03727e6731ae5adf44a8e081dfbf9 [log] [tgz]
author: Andrzej Kurek <andrzej.kurek@arm.com> Fri Jul 29 10:00:16 2022 -0400
committer: Andrzej Kurek <andrzej.kurek@arm.com> Wed Sep 14 08:39:26 2022 -0400
tree: f8e09c89ed1fd6c1ce2cc105fd88d7b9105c0d31
parent: f6a6a2d8154209886fc89e3f300108ff41e82efb [diff]
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index b84a80a..88052d2 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h

@@ -228,6 +228,12 @@
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
 
+#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */
+#endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */
+
 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
@@ -629,6 +635,8 @@
 #define PSA_WANT_ALG_TLS12_PRF 1
 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
+#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
 #endif /* MBEDTLS_MD_C */
 
 #if defined(MBEDTLS_MD5_C)
commit	08d34b8693a03727e6731ae5adf44a8e081dfbf9	[log] [tgz]
author	Andrzej Kurek <andrzej.kurek@arm.com>	Fri Jul 29 10:00:16 2022 -0400
committer	Andrzej Kurek <andrzej.kurek@arm.com>	Wed Sep 14 08:39:26 2022 -0400
tree	f8e09c89ed1fd6c1ce2cc105fd88d7b9105c0d31
parent	f6a6a2d8154209886fc89e3f300108ff41e82efb [diff]