I am currently doing an ECDH exchange over MQTT (i.e. at the message layer; MQTT is fundamentally `untrusted') - with a bit of out of band work to confirm end to end integrity.

That worked nicely (and interoperable with java-bouncy-castle and openssl, etc with:

mbedtls_ecp_group_load( &ctx_cli.grp, MBEDTLS_ECP_DP_CURVE25519 ) mbedtls_ecdh_gen_public( &ctx_cli.grp, &ctx_cli.d, &ctx_cli.Q, mbedtls_ctr_drbg_random, &ctr_drbg) mbedtls_mpi_write_binary( &ctx_cli.Q.X, node_publicsession, 32 )

to create the keys and with

mbedtls_mpi_lset( &ctx_cli.private_Qp.Z, 1 )) mbedtls_mpi_read_binary( &ctx_cli.private_Qp.X, pubencr_tmp, CURVE259919_KEYLEN)) mbedtls_ecdh_compute_shared( &ctx_cli.grp, &ctx_cli.private_z, &ctx_cli.private_Qp, &ctx_cli.private_d, mbedtls_ctr_drbg_random, &ctr_drbg ) mbedtls_mpi_write_binary( &ctx_cli.private_z, sessionkey, CURVE259919_KEYLEN)

to calculate the emphemeral session key.

With the mbedtls_ecdh_context going increasingly private; I assume I can change the latter with:

mbedtls_ecdh_calc_secret(&ctx_cli, &len_sessionkey, sessionkey, sizeof(sessionkey), mbedtls_ctr_drbg_random, &ctr_drbg)

but am struggling to see how I an replace the key generation itself. Is there a similar option that does not look `into' ctx_cli ??

With kind regards,

Dw.

PS: actual code at https://github.com/MakerSpaceLeiden/AccesSystem/blob/master/lib-arduino/ACNo...