You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm an Mbed TLS maintainer. I've just had a look at how Mbed TLS is used in OpenThread as of 848de78. I'm not otherwise familiar with OpenThread. I noticed a few aspects where the OpenThread integration could be improved.
As far as I can tell, only AES-128 is used, not other key sizes. You can save code size by defining MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH in mbedtls-config.h when MBEDTLS_VERSION_NUMBER >= 0x03050000.
Only the encryption direction of AES is used. You can save code size by defining MBEDTLS_BLOCK_CIPHER_NO_DECRYPT in mbedtls-config.h when MBEDTLS_VERSION_NUMBER >= 0x03060000.
In otPlatCryptoEcdsaGetPublicKey, since Mbed TLS 3.6, you can call mbedtls_ecp_write_public_key to get the public key in standard format (0x04 then fixed-size x and y).
The text was updated successfully, but these errors were encountered:
I'm an Mbed TLS maintainer. I've just had a look at how Mbed TLS is used in OpenThread as of 848de78. I'm not otherwise familiar with OpenThread. I noticed a few aspects where the OpenThread integration could be improved.
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
inmbedtls-config.h
whenMBEDTLS_VERSION_NUMBER >= 0x03050000
.MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
inmbedtls-config.h
whenMBEDTLS_VERSION_NUMBER >= 0x03060000
.mbedtls_hkdf_expand
andmbedtls_hkdf_extract
(available since before Mbed TLS 2.16) instead of reimplementing it on top of HMAC.otPlatCryptoEcdsaGetPublicKey
, since Mbed TLS 3.6, you can callmbedtls_ecp_write_public_key
to get the public key in standard format (0x04 then fixed-size x and y).The text was updated successfully, but these errors were encountered: