Arm Mbed OS support forum

ECDH using a known private key and a server certificate

Hi,

I’m working on an application where a device has a ECC based private key and a server certificate programmed into secure flash during production. I need to use these to generate a shared secret based on ECHD to then create session key via HKDF.

I have both the private key and certificate parsed into mbedtls_pk_context and mbedtls_x509_crt respectively.

How do I then create a mbedtls_ecdh_context using my existing keys? Looking through the examples I have found they all look to be generating new key pairs not using certificate-based keys. I’m sure I’m just missing something here.

Thank you in advance.

Reuben