forked from wolfSSL/wolfssl
New Atmel support (WOLFSSL_ATMEL) and port for ATECC508A (WOLFSSL_ATECC508A). Adds wolfCrypt support for ECC Hardware acceleration using the ATECC508A. Adds new PK callback for ECC shared secret. Fixed missing "wc_InitRng_ex" when using "CUSTOM_RAND_GENERATE_BLOCK". Added ATECC508A RNG block function for P-RNG bypass ability. Added internal "wolfSSL_GetEccPrivateKey" function for getting reference to private key for ECC shared secret (used in test.h for testing PK_CALLBACK mode). Added README.md for using the Atmel ATECC508A port.
This commit is contained in:
David Garske
65
src/ssl.c
65
src/ssl.c
@@ -958,6 +958,51 @@ int wolfSSL_SetMinEccKey_Sz(WOLFSSL* ssl, short keySz)
|
||||
ssl->options.minEccKeySz = keySz / 8;
|
||||
return SSL_SUCCESS;
|
||||
}
|
||||
|
||||
/* Gets ECC key for shared secret callback testing
|
||||
* Client side: returns peer key
|
||||
* Server side: returns private key
|
||||
*/
|
||||
int wolfSSL_GetEccKey(WOLFSSL* ssl, struct ecc_key** key)
|
||||
{
|
||||
if (ssl == NULL || key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ssl->options.side == WOLFSSL_CLIENT_END) {
|
||||
if (ssl->specs.static_ecdh) {
|
||||
if (!ssl->peerEccDsaKey || !ssl->peerEccDsaKeyPresent ||
|
||||
!ssl->peerEccDsaKey->dp) {
|
||||
return NO_PEER_KEY;
|
||||
}
|
||||
*key = (struct ecc_key*)ssl->peerEccDsaKey;
|
||||
}
|
||||
else {
|
||||
if (!ssl->peerEccKey || !ssl->peerEccKeyPresent ||
|
||||
!ssl->peerEccKey->dp) {
|
||||
return NO_PEER_KEY;
|
||||
}
|
||||
*key = (struct ecc_key*)ssl->peerEccKey;
|
||||
}
|
||||
}
|
||||
else if (ssl->options.side == WOLFSSL_SERVER_END) {
|
||||
if (ssl->specs.static_ecdh) {
|
||||
if (ssl->sigKey == NULL) {
|
||||
return NO_PRIVATE_KEY;
|
||||
}
|
||||
*key = (struct ecc_key*)ssl->sigKey;
|
||||
}
|
||||
else {
|
||||
if (!ssl->eccTempKeyPresent) {
|
||||
return NO_PRIVATE_KEY;
|
||||
}
|
||||
*key = (struct ecc_key*)ssl->eccTempKey;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#ifndef NO_RSA
|
||||
@@ -18202,6 +18247,26 @@ void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void wolfSSL_CTX_SetEccSharedSecretCb(WOLFSSL_CTX* ctx, CallbackEccSharedSecret cb)
|
||||
{
|
||||
if (ctx)
|
||||
ctx->EccSharedSecretCb = cb;
|
||||
}
|
||||
|
||||
void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx)
|
||||
{
|
||||
if (ssl)
|
||||
ssl->EccSharedSecretCtx = ctx;
|
||||
}
|
||||
|
||||
|
||||
void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl)
|
||||
{
|
||||
if (ssl)
|
||||
return ssl->EccSharedSecretCtx;
|
||||
|
||||
return NULL;
|
||||
}
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#ifndef NO_RSA
|
||||
|
||||
Reference in New Issue
Block a user