ECDH: Clean up the interface to Everest code

author: Christoph M. Wintersteiger <cwinter@microsoft.com> 2018-12-12 17:26:41 +0000
committer: Janos Follath <janos.follath@arm.com> 2019-08-19 13:36:44 +0100
commit: 4936beb5136e26271247de49588045f71f740806 (patch)
tree: d02198ba0c3e230450fe220ad262921dd6599133 /3rdparty
parent: 48d26c21c61c3f0e1c4ca38035366f8ae968401b (diff)
download: mbedtls-4936beb5136e26271247de49588045f71f740806.zip
mbedtls-4936beb5136e26271247de49588045f71f740806.tar.gz
mbedtls-4936beb5136e26271247de49588045f71f740806.tar.bz2
4 files changed, 62 insertions, 67 deletions
diff --git a/3rdparty/everest/include/everest/everest.h b/3rdparty/everest/include/everest/everest.h
index aceeeae..5806500 100644..100755
--- a/3rdparty/everest/include/everest/everest.h
+++ b/3rdparty/everest/include/everest/everest.h
@@ -22,17 +22,23 @@
 #ifndef MBEDTLS_EVEREST_H
 #define MBEDTLS_EVEREST_H
 
+#include "everest/x25519.h"
+
 #ifdef __cplusplus
 extern "C" {
 #endif
 
-struct mbedtls_ecdh_context;
-typedef struct mbedtls_ecdh_context mbedtls_ecdh_context;
-
-struct mbedtls_x25519_context_;
+/**
+ * Defines the source of the imported EC key.
+ */
+typedef enum
+{
+    MBEDTLS_EVEREST_ECDH_OURS,   /**< Our key. */
+    MBEDTLS_EVEREST_ECDH_THEIRS, /**< The key of the peer. */
+} mbedtls_everest_ecdh_side;
 
 typedef struct {
-    struct mbedtls_x25519_context_ *ctx;
+    mbedtls_x25519_context ctx;
 } mbedtls_ecdh_context_everest;
 
 
@@ -48,18 +54,18 @@ typedef struct {
  *                  ciphersuites.
  *
  * \param ctx       The ECDH context to set up.
- * \param grp       The group id of the group to set up the context for.
+ * \param grp_id    The group id of the group to set up the context for.
  *
  * \return          \c 0 on success.
  */
-int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp );
+int mbedtls_everest_setup( mbedtls_ecdh_context_everest *ctx, int grp_id );
 
 /**
  * \brief           This function frees a context.
  *
  * \param ctx       The context to free.
  */
-void mbedtls_everest_free( mbedtls_ecdh_context *ctx );
+void mbedtls_everest_free( mbedtls_ecdh_context_everest *ctx );
 
 /**
  * \brief           This function generates a public key and a TLS
@@ -84,7 +90,7 @@ void mbedtls_everest_free( mbedtls_ecdh_context *ctx );
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
+int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen,
                                  unsigned char *buf, size_t blen,
                                  int( *f_rng )( void *, unsigned char *, size_t ),
                                  void *p_rng );
@@ -106,7 +112,7 @@ int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  *
  */
-int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx,
+int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx,
                                  const unsigned char **buf, const unsigned char *end );
 
 /**
@@ -126,7 +132,7 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx,
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  *
  */
-int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx,
+int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx,
                                  const unsigned char **buf, const unsigned char *end );
 
 /**
@@ -147,8 +153,8 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx,
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  *
  */
-int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
-                                int side );
+int mbedtls_everest_get_params( mbedtls_ecdh_context_everest *ctx, const mbedtls_ecp_keypair *key,
+                                mbedtls_everest_ecdh_side side );
 
 /**
  * \brief           This function generates a public key and a TLS
@@ -169,7 +175,7 @@ int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_key
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
+int mbedtls_everest_make_public( mbedtls_ecdh_context_everest *ctx, size_t *olen,
                                  unsigned char *buf, size_t blen,
                                  int( *f_rng )( void *, unsigned char *, size_t ),
                                  void *p_rng );
@@ -191,7 +197,7 @@ int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
  * \return      \c 0 on success.
  * \return      An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx,
+int mbedtls_everest_read_public( mbedtls_ecdh_context_everest *ctx,
                                  const unsigned char *buf, size_t blen );
 
 /**
@@ -216,7 +222,7 @@ int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx,
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
+int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen,
                                  unsigned char *buf, size_t blen,
                                  int( *f_rng )( void *, unsigned char *, size_t ),
                                  void *p_rng );
diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h
index e332ff2..cdfb16f 100644..100755
--- a/3rdparty/everest/include/everest/x25519.h
+++ b/3rdparty/everest/include/everest/x25519.h
@@ -22,8 +22,6 @@
 #ifndef MBEDTLS_X25519_H
 #define MBEDTLS_X25519_H
 
-#include <mbedtls/ecdh.h>
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -31,6 +29,15 @@ extern "C" {
 #define MBEDTLS_ECP_TLS_CURVE25519 0x1d
 
 /**
+ * Defines the source of the imported EC key.
+ */
+typedef enum
+{
+    MBEDTLS_X25519_ECDH_OURS,   /**< Our key. */
+    MBEDTLS_X25519_ECDH_THEIRS, /**< The key of the peer. */
+} mbedtls_x25519_ecdh_side;
+
+/**
  * \brief           The x25519 context structure.
  */
 typedef struct mbedtls_x25519_context_ {
@@ -109,7 +116,7 @@ int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx,
  *
  */
 int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key,
-                        int side );
+                               mbedtls_x25519_ecdh_side side );
 
 /**
  * \brief           This function derives and exports the shared secret.
diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c
index 2b111af..4b3a799 100755
--- a/3rdparty/everest/library/everest.c
+++ b/3rdparty/everest/library/everest.c
@@ -41,89 +41,69 @@
 
 #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
 
-int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp )
+int mbedtls_everest_setup( mbedtls_ecdh_context_everest *ctx, int grp_id )
 {
-    if( grp != MBEDTLS_ECP_DP_CURVE25519 )
+    if( grp_id != MBEDTLS_ECP_DP_CURVE25519 )
         return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-
-    ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST;
-    ctx->grp_id = grp;
-
-    ctx->ctx.everest_ecdh.ctx = mbedtls_calloc( 1, sizeof( mbedtls_x25519_context ) );
-    mbedtls_x25519_init( ctx->ctx.everest_ecdh.ctx );
-
+    mbedtls_x25519_init( &ctx->ctx );
     return 0;
 }
 
-void mbedtls_everest_free( mbedtls_ecdh_context *ctx )
+void mbedtls_everest_free( mbedtls_ecdh_context_everest *ctx )
 {
-    mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh;
-    mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx;
-
-    mbedtls_x25519_free( x25519_ctx );
-    mbedtls_free( x25519_ctx );
-
-    ctx->var = MBEDTLS_ECDH_VARIANT_NONE;
-    ctx->grp_id = MBEDTLS_ECP_DP_NONE;
+    mbedtls_x25519_free( &ctx->ctx );
 }
 
-int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
+int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen,
                                  unsigned char *buf, size_t blen,
                                  int( *f_rng )( void *, unsigned char *, size_t ),
                                  void *p_rng )
 {
-    mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh;
-    mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx;
-    if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    mbedtls_x25519_context *x25519_ctx = &ctx->ctx;
     return mbedtls_x25519_make_params( x25519_ctx, olen, buf, blen, f_rng, p_rng );
 }
 
-int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx,
-                                 const unsigned char **buf, const unsigned char *end )
+int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx,
+                                 const unsigned char **buf,
+                                 const unsigned char *end )
 {
-    mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh;
-    mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx;
-    if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    mbedtls_x25519_context *x25519_ctx = &ctx->ctx;
     return mbedtls_x25519_read_params( x25519_ctx, buf, end );
 }
 
-int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
-    int side )
+int mbedtls_everest_get_params( mbedtls_ecdh_context_everest *ctx,
+                                const mbedtls_ecp_keypair *key,
+                                mbedtls_everest_ecdh_side side )
 {
-    mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh;
-    mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx;
-    if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
-    return mbedtls_x25519_get_params( x25519_ctx, key, side );
+    mbedtls_x25519_context *x25519_ctx = &ctx->ctx;
+    mbedtls_x25519_ecdh_side s = side == MBEDTLS_EVEREST_ECDH_OURS ?
+                                            MBEDTLS_X25519_ECDH_OURS :
+                                            MBEDTLS_X25519_ECDH_THEIRS;
+    return mbedtls_x25519_get_params( x25519_ctx, key, s );
 }
 
-int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
+int mbedtls_everest_make_public( mbedtls_ecdh_context_everest *ctx, size_t *olen,
                                  unsigned char *buf, size_t blen,
                                  int( *f_rng )( void *, unsigned char *, size_t ),
                                  void *p_rng )
 {
-    mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh;
-    mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx;
-    if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    mbedtls_x25519_context *x25519_ctx = &ctx->ctx;
     return mbedtls_x25519_make_public( x25519_ctx, olen, buf, blen, f_rng, p_rng );
 }
 
-int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx,
+int mbedtls_everest_read_public( mbedtls_ecdh_context_everest *ctx,
                                  const unsigned char *buf, size_t blen )
 {
-    mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh;
-    mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx;
-    if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    mbedtls_x25519_context *x25519_ctx = &ctx->ctx;
     return mbedtls_x25519_read_public ( x25519_ctx, buf, blen );
 }
 
-int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
+int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen,
                                  unsigned char *buf, size_t blen,
                                  int( *f_rng )( void *, unsigned char *, size_t ),
                                  void *p_rng )
 {
-    mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh;
-    mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx;
-    if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    mbedtls_x25519_context *x25519_ctx = &ctx->ctx;
     return mbedtls_x25519_calc_secret( x25519_ctx, olen, buf, blen, f_rng, p_rng );
 }
 
diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c
index 72cab6b..830018c 100644..100755
--- a/3rdparty/everest/library/x25519.c
+++ b/3rdparty/everest/library/x25519.c
@@ -27,6 +27,8 @@
 
 #if defined(MBEDTLS_ECDH_C)
 
+#include <mbedtls/ecdh.h>
+
 #include <Hacl_Curve25519.h>
 #include <mbedtls/platform_util.h>
 
@@ -100,16 +102,16 @@ int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx,
 }
 
 int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key,
-                        int side )
+                               mbedtls_x25519_ecdh_side side )
 {
     size_t olen = 0;
 
     switch( side ) {
-    case MBEDTLS_ECDH_THEIRS:
+    case MBEDTLS_X25519_ECDH_THEIRS:
         mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, 32 );
         /* untested; defensively throw an error for now. */
         return(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE);
-    case MBEDTLS_ECDH_OURS:
+    case MBEDTLS_X25519_ECDH_OURS:
         mbedtls_mpi_write_binary( &key->d, ctx->our_secret, 32 );
         /* CMW: key->Q = key->d * base; do we need to set up ctx.peer_point here? */
         /* untested; defensively throw an error for now. */
author	Christoph M. Wintersteiger <cwinter@microsoft.com>	2018-12-12 17:26:41 +0000
committer	Janos Follath <janos.follath@arm.com>	2019-08-19 13:36:44 +0100
commit	4936beb5136e26271247de49588045f71f740806 (patch)
tree	d02198ba0c3e230450fe220ad262921dd6599133 /3rdparty
parent	48d26c21c61c3f0e1c4ca38035366f8ae968401b (diff)
download	mbedtls-4936beb5136e26271247de49588045f71f740806.zip mbedtls-4936beb5136e26271247de49588045f71f740806.tar.gz mbedtls-4936beb5136e26271247de49588045f71f740806.tar.bz2