SSL asynchronous private key operation callbacks: interface New compile-time option MBEDTLS_SSL_ASYNC_PRIVATE_C, enabling callbacks to replace private key operations. These callbacks allow the SSL stack to make an asynchronous call to an external cryptographic module instead of calling the cryptography layer inside the library. The call is asynchronous in that it may return the new status code MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, in which case the SSL stack returns and can be later called where it left off. This commit introduces the configuration option. Later commits will implement the feature proper.

commit: 8bf79f6dc666efca9a7841935bef58508e584c1f [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri Jan 05 21:11:53 2018 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Tue Apr 24 09:32:28 2018 +0200
tree: b55ae1847459313a0151ca84f81fd45f9d4434f4
parent: 59e83d96dbd337b02c2260729d1d0d4173e98852 [diff] [blame]
diff --git a/library/error.c b/library/error.c
index 151ca4e..490a040 100644
--- a/library/error.c
+++ b/library/error.c

@@ -441,6 +441,8 @@
             mbedtls_snprintf( buf, buflen, "SSL - The alert message received indicates a non-fatal error" );
         if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH) )
             mbedtls_snprintf( buf, buflen, "SSL - Couldn't set the hash for verifying CertificateVerify" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) )
+            mbedtls_snprintf( buf, buflen, "SSL - Asynchronous operation is not completed yet" );
 #endif /* MBEDTLS_SSL_TLS_C */
 
 #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
commit	8bf79f6dc666efca9a7841935bef58508e584c1f	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Jan 05 21:11:53 2018 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Apr 24 09:32:28 2018 +0200
tree	b55ae1847459313a0151ca84f81fd45f9d4434f4
parent	59e83d96dbd337b02c2260729d1d0d4173e98852 [diff] [blame]