commit 1efa815db78808b70c7e0856a8ebb944376d82a2
author Jerry Yu <jerry.h.yu@arm.com> Thu Sep 09 15:42:32 2021 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Mon Oct 25 10:41:28 2021 +0800
tree cfeac9843841e039702d56a355220858ce57f70c
parent a0650ebb9d99204d1e14183ee2da0893ade4efab

tls13: add ecdh_read_public

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

library/ecdh.c

diff --git a/library/ecdh.c b/library/ecdh.c
index b72bd1f..0067e0b 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -806,6 +806,64 @@
 #endif
 }
 
+static int ecdh_tls1_3_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
+                                             const unsigned char *buf,
+                                             size_t blen )
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const unsigned char *p = buf;
+    const unsigned char *end = buf + blen;
+    size_t data_len;
+
+    if( end - p < 3 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    data_len = MBEDTLS_GET_UINT16_BE( p, 0 );
+    p += 2;
+
+    if( data_len < 1 || data_len != ( blen - 2 ) )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * Save buffer start for read_binary and update buf
+     */
+    if( ( ret = mbedtls_ecp_point_read_binary( &ctx->grp,
+                                        &ctx->Qp, p, data_len ) ) != 0)
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Parse and import the client's TLS 1.3 public value
+ */
+int mbedtls_ecdh_tls1_3_read_public( mbedtls_ecdh_context *ctx,
+                                     const unsigned char *buf,
+                                     size_t blen )
+{
+    ECDH_VALIDATE_RET( ctx != NULL );
+    ECDH_VALIDATE_RET( buf != NULL );
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return( ecdh_tls1_3_read_public_internal( ctx, buf, blen ) );
+#else
+    switch( ctx->var )
+    {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            return( ecdh_tls1_3_read_public_internal( &ctx->ctx.mbed_ecdh,
+                                                      buf, blen ) );
+        default:
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+#endif
+}
+
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 
 #endif /* MBEDTLS_ECDH_C */