Remove curve parameter from public functions

2026-05-13 23:34:08 +02:00 · 2019-11-21 12:00:43 +01:00
parent be5f833c9c
commit 1a5337179f
14 changed files with 55 additions and 110 deletions
--- a/library/pk.c
+++ b/library/pk.c
@@ -580,7 +580,6 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
    volatile int ret_fi;
    uint8_t signature[2*NUM_ECC_BYTES];
    unsigned char *p;
-    uECC_Curve uecc_curve = uECC_secp256r1();
    const mbedtls_uecc_keypair *keypair = (const mbedtls_uecc_keypair *) ctx;

    ((void) md_alg);
@@ -591,7 +590,7 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
        return( ret );

    ret_fi = uECC_verify( keypair->public_key, hash,
-                          (unsigned) hash_len, signature, uecc_curve );
+                          (unsigned) hash_len, signature );

    if( ret_fi == UECC_ATTACK_DETECTED )
        return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
@@ -704,7 +703,6 @@ static int uecc_eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
 {
    const mbedtls_uecc_keypair *keypair = (const mbedtls_uecc_keypair *) ctx;
-    uECC_Curve uecc_curve = uECC_secp256r1();
    int ret;

    /*
@@ -724,7 +722,7 @@ static int uecc_eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
     */
     #define MAX_SECP256R1_ECDSA_SIG_LEN ( 3 + 2 * ( 3 + NUM_ECC_BYTES ) )

-    ret = uECC_sign( keypair->private_key, hash, hash_len, sig, uecc_curve );
+    ret = uECC_sign( keypair->private_key, hash, hash_len, sig );
    /* TinyCrypt uses 0 to signal errors. */
    if( ret == 0 )
        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -986,8 +986,7 @@ static int pk_parse_key_sec1_der( mbedtls_uecc_keypair *keypair,
    if( !pubkey_done )
    {
        ret = uECC_compute_public_key( keypair->private_key,
-                                       keypair->public_key,
-                                       uECC_secp256r1() );
+                                       keypair->public_key );
        if( ret == 0 )
            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
    }
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -3567,7 +3567,6 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
        == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )

    {
-        uECC_Curve uecc_curve = uECC_secp256r1();
        ((void) n);
        ((void) ret);

@@ -3577,8 +3576,7 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
        *p++ = 2 * NUM_ECC_BYTES + 1;
        *p++ = 0x04; /* uncompressed point presentation */

-        if( !uECC_make_key( p, ssl->handshake->ecdh_privkey,
-                            uecc_curve ) )
+        if( !uECC_make_key( p, ssl->handshake->ecdh_privkey ) )
        {
            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
        }
@@ -3718,7 +3716,6 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
            == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
        {
 #if defined(MBEDTLS_USE_TINYCRYPT)
-            uECC_Curve uecc_curve = uECC_secp256r1();
            ((void) n);
            ((void) ret);

@@ -3728,8 +3725,7 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
            *p++ = 2 * NUM_ECC_BYTES + 1;
            *p++ = 0x04; /* uncompressed point presentation */

-            if( !uECC_make_key( p, ssl->handshake->ecdh_privkey,
-                                uecc_curve ) )
+            if( !uECC_make_key( p, ssl->handshake->ecdh_privkey ) )
            {
                return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
            }
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -3279,9 +3279,6 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
    unsigned char *dig_signed = NULL;
 #endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */
-#if defined(MBEDTLS_USE_TINYCRYPT)
-    uECC_Curve uecc_curve = uECC_secp256r1();
-#endif

    (void) ciphersuite_info; /* unused in some configurations */
 #if !defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
@@ -3430,8 +3427,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
            ssl->out_msglen += sizeof( ecdh_param_hdr );

            if( !uECC_make_key( &ssl->out_msg[ ssl->out_msglen ],
-                                ssl->handshake->ecdh_privkey,
-                                uecc_curve ) )
+                                ssl->handshake->ecdh_privkey ) )
            {
                MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) );
                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1973,13 +1973,11 @@ int mbedtls_ssl_build_pms( mbedtls_ssl_context *ssl )
        mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
        == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
    {
-        uECC_Curve uecc_curve = uECC_secp256r1();
        ((void) ret);

        if( !uECC_shared_secret( ssl->handshake->ecdh_peerkey,
                                 ssl->handshake->ecdh_privkey,
-                                 ssl->handshake->premaster,
-                                 uecc_curve ) )
+                                 ssl->handshake->premaster ) )
        {
            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
        }
@@ -2170,13 +2168,11 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
        size_t zlen;

 #if defined(MBEDTLS_USE_TINYCRYPT)
-        uECC_Curve uecc_curve = uECC_secp256r1();
        ((void) ret);

        if( !uECC_shared_secret( ssl->handshake->ecdh_peerkey,
                                 ssl->handshake->ecdh_privkey,
-                                 p + 2,
-                                 uecc_curve ) )
+                                 p + 2 ) )
        {
            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
        }