|
From: | Giuseppe Modugno |
Subject: | [lwip-devel] altcp_tls_mbedtls: MBEDTLS_ECP_RESTARTABLE |
Date: | Mon, 24 Jun 2019 18:04:18 +0200 |
User-agent: | Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 |
However I think the layer altcp_tls_mbedtls isn't compatible with MBEDTLS_ECP_RESTARTABLE. Indeed mbedtls_ssl_handshake() could return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, but this return value isn't managed in altcp_mbedtls_lower_recv_process(). Also mbedtls_ssl_read() and mbedtls_ssl_write() could return MBEDTLS_ECP_RESTARTABLE.
When one of the above functions return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, the application should call the function again with the same input parameters.
I'd like to invest some time to add MBEDTLS_ECP_RESTARTABLE support in altcp_tls_mbedtls, but I need some help how to do. I think we need a crypto_in_progress flag in altcp_mbedtls_state_t that is set when MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS is returned.
In poll callback we call again the function when the flag is set.However we don't have a poll callbak during handshake: the final poll callback will be set after successfull handshake. Do I create and use a temporary poll callback to set in altcp_mbedtls_setup_callbacks()?
After handshake, mbedtls_ssl_read() and mbedtls_ssl_write() could return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS. So this situation must be faced too. Any help?
[Prev in Thread] | Current Thread | [Next in Thread] |