Mbed TLS is now part of TrustedFirmware.org.

Mutexing for the alternate implementation of ECP

Jan 19, 2018 10:32

Inside mbedtls-2.5.1 he ecp.c code contained mutexing functionality when MBEDTLS_THREADING_C and MBEDTLS_ECP_INTERNAL_ALT was enabled. This feature was removed due to a request (see https://github.com/ARMmbed/mbedtls/issues/863). Is there any chance to bring this back and have a compile time option to en-/disable it for those whoe require it and those who do not?

Jan 24, 2018 18:14
Ron Eldor

Hi Trinity,
The reason for removing the mutexing, is as you mentioned, was a reasonable request. One of the reasonos is that having the mutex within the ECP module does not follow the Mbed TLS philosophy.
Reading your comment in the github issue, I understand you can't lock and unlock the mutex inside every single addition and doubling operation, but would it be reasonable that the user application will add the mutex to lock and unlock the full ECDSA \ ECDH \ ECP operations?
Mbed TLS Team member

Jan 25, 2018 07:43

In most cases, the user that invokes our (mbedtls) routines, does not know anything about thread-safety and resource sharing, they just assume that it is "properly done", when concurrency and sharing resources matter.