-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Design how to access the fields of mbedtls_ecdh_context
#5016
Comments
ECDH has a complex interface for two reasons. One reason is that there are really two interfaces: the “classic” interface (gen_public, compute_shared, …) and the TLS-oriented interface which is similar to the DHM module (make_params, make_public, …). Another reason is that under the hood, there are two very different implementations, which use different context structures: the Everest implementation (Curve25519 only, very fast but large code size) and the generic Mbed TLS implementation. Furthermore the context structure is currently in a state of flux between the “legacy” context (needed for the generic code in restartable mode, usable by the generic code in normal mode) and the “new” context (needed for Everest, usable by the generic code in normal mode). So I think in this case we'll need to stick to functions, which are tricky due to the need to balance performance with clear pointer lifetimes. We may need to add new functions that aren't just simple getters/setters. |
So I understand that this status is closed, but I'm looking for a little guidance here. I'm backporting some old code that reads a private key from binary and reconstructs the public key. That used to be possible, but doesn't appear possible anymore. How should one approach this? |
@xlanor Could you clarify what you're trying to do? There are functions to manipulate private keys and public keys in |
This is a design task, as part of #4683, to solve the private field access of
mbedtls_ecdh_context
byMBEDTLS_PRIVATE
macro in programs.The APIs in
ecdh.h
seems inconsistent, the lower level ones (mbedtls_ecdh_gen_public
,mbedtls_ecdh_compute_shared
) uses thembedtls_ecp_group
and the higher level ones uses thembedtls_ecdh_context
. This also cause private field access to gather thembedtls_ecp_group
from thembedtls_ecdh_context
.Possible option to solve the private access:
The text was updated successfully, but these errors were encountered: