Skip to content

Commit

Permalink
[crypto] Fix CASE on some embedded platforms (#7948)
Browse files Browse the repository at this point in the history
Establishing a CASE session requires support for
P256Keypair::ECDH_derive_secret() function which was
disabled for platforms which define MBEDTLS_ECP_ALT.
It is quite common on embedded devices equipped with
dedicated crypto chips to provide custom ECP
implementations.
  • Loading branch information
Damian-Nordic authored and pull[bot] committed Jul 29, 2021
1 parent 783db40 commit 710d474
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/crypto/CHIPCryptoPALmbedTLS.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -559,7 +559,8 @@ CHIP_ERROR P256PublicKey::ECDSA_validate_hash_signature(const uint8_t * hash, co

CHIP_ERROR P256Keypair::ECDH_derive_secret(const P256PublicKey & remote_public_key, P256ECDHDerivedSecret & out_secret) const
{
#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_ALT)
// TODO: Enable ECDH_derive_secret for Qorvo when their mbedTLS static libraries are updated
#if defined(MBEDTLS_ECDH_C) && !defined(QORVO_CRYPTO_ENGINE)
CHIP_ERROR error = CHIP_NO_ERROR;
int result = 0;
size_t secret_length = (out_secret.Length() == 0) ? out_secret.Capacity() : out_secret.Length();
Expand Down

0 comments on commit 710d474

Please sign in to comment.