Add support for ECDHE_PSK key exchange

2025-12-23 15:55:10 +01:00 · 2013-10-11 16:53:50 +02:00 · 2013-10-11 16:53:50 +02:00 · 3ce3bbdc00
commit 3ce3bbdc00
parent d93d28e370
5 changed files with 197 additions and 24 deletions
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@ -280,6 +280,18 @@
 */
 #define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED

+/**
+ * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ *
+ * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: POLARSSL_ECDH_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ */
+#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+
 /**
 * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
 *
@ -1736,6 +1748,11 @@
 #error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
 #endif

+#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) &&                     \
+    !defined(POLARSSL_ECDH_C)
+#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
+#endif
+
 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) &&                   \
    ( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) ||           \
      !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
--- a/include/polarssl/ssl_ciphersuites.h
+++ b/include/polarssl/ssl_ciphersuites.h
@ -166,6 +166,7 @@ typedef enum {
    POLARSSL_KEY_EXCHANGE_PSK,
    POLARSSL_KEY_EXCHANGE_DHE_PSK,
    POLARSSL_KEY_EXCHANGE_RSA_PSK,
+    POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
 } key_exchange_type_t;

 typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t;