diff --git a/ChangeLog b/ChangeLog index 23698c233..76a27b666 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,8 +36,11 @@ Changes * Clarify ECDSA documentation and improve the sample code to avoid misunderstandings and potentially dangerous use of the API. Pointed out by Jean-Philippe Aumasson. + +Features * Add support for alternative implementation for ECDH, controlled by new - configuration flag MBEDTLS_ECDH_ALT in config.h. + configuration flags MBEDTLS_ECDH_COMPUTE_SHARED_ALT and + MBEDTLS_ECDH_GEN_PUBLIC_ALT in config.h. The following functions from the ECDH module can be replaced with an alternative implementation: mbedtls_ecdh_gen_public() and mbedtls_ecdh_compute_shared(). diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index a29312a26..a151f77cc 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -238,7 +238,6 @@ //#define MBEDTLS_BLOWFISH_ALT //#define MBEDTLS_CAMELLIA_ALT //#define MBEDTLS_DES_ALT -//#define MBEDTLS_ECDH_ALT //#define MBEDTLS_XTEA_ALT //#define MBEDTLS_MD2_ALT //#define MBEDTLS_MD4_ALT @@ -295,6 +294,8 @@ //#define MBEDTLS_AES_SETKEY_DEC_ALT //#define MBEDTLS_AES_ENCRYPT_ALT //#define MBEDTLS_AES_DECRYPT_ALT +//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT +//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT /** * \def MBEDTLS_ECP_INTERNAL_ALT diff --git a/library/ecdh.c b/library/ecdh.c index b66cb5867..61380b693 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -38,7 +38,7 @@ #include -#if !defined(MBEDTLS_ECDH_ALT) +#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) /* * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair */ @@ -48,7 +48,9 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp { return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng ); } +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ +#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) /* * Compute shared secret (SEC1 3.3.1) */ @@ -82,7 +84,8 @@ cleanup: return( ret ); } -#endif /* MBEDTLS_ECDH_ALT */ +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ + /* * Initialize context */ diff --git a/library/version_features.c b/library/version_features.c index 7b08f04be..802832ce9 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -93,9 +93,6 @@ static const char *features[] = { #if defined(MBEDTLS_DES_ALT) "MBEDTLS_DES_ALT", #endif /* MBEDTLS_DES_ALT */ -#if defined(MBEDTLS_ECDH_ALT) - "MBEDTLS_ECDH_ALT", -#endif /* MBEDTLS_ECDH_ALT */ #if defined(MBEDTLS_XTEA_ALT) "MBEDTLS_XTEA_ALT", #endif /* MBEDTLS_XTEA_ALT */ @@ -165,6 +162,12 @@ static const char *features[] = { #if defined(MBEDTLS_AES_DECRYPT_ALT) "MBEDTLS_AES_DECRYPT_ALT", #endif /* MBEDTLS_AES_DECRYPT_ALT */ +#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) + "MBEDTLS_ECDH_GEN_PUBLIC_ALT", +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ +#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) + "MBEDTLS_ECDH_GEN_PUBLIC_ALT", +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ #if defined(MBEDTLS_ECP_INTERNAL_ALT) "MBEDTLS_ECP_INTERNAL_ALT", #endif /* MBEDTLS_ECP_INTERNAL_ALT */