commit 2350b4ebdc20816df2b6fcfa7f88f75c20795eee
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue May 16 09:26:48 2017 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Aug 09 11:44:53 2017 +0200
tree acc97025ab42328de6b0cc0543d0f700f4949dcc
parent b3c8307960255a2d27788d0c40f118681bbb38b1

Adapt ECDHE_ECDSA key exchange to restartable EC

For now some other key exchanges (ECDHE_PSK) will just fail to work, this will
be either fixed or properly fixed later.

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index a2b9f8c..8d7bc45 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -2861,6 +2861,11 @@
          */
         i = 4;
 
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+        if( ssl->handshake->ecrs_state == ssl_ecrs_ecdh_public_done )
+            goto ecdh_calc_secret;
+#endif
+
         ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
                                 &n,
                                 &ssl->out_msg[i], 1000,
@@ -2873,6 +2878,13 @@
 
         MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q );
 
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+        ssl->handshake->ecrs_n = n;
+        ssl->handshake->ecrs_state++;
+
+ecdh_calc_secret:
+        n = ssl->handshake->ecrs_n;
+#endif
         if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
                                       &ssl->handshake->pmslen,
                                        ssl->handshake->premaster,
@@ -2884,6 +2896,10 @@
         }
 
         MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z );
+
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+        ssl->handshake->ecrs_state++;
+#endif
     }
     else
 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||