diff options
author | Christoph M. Wintersteiger <cwinter@microsoft.com> | 2018-12-12 17:26:41 +0000 |
---|---|---|
committer | Janos Follath <janos.follath@arm.com> | 2019-08-19 13:36:44 +0100 |
commit | 4936beb5136e26271247de49588045f71f740806 (patch) | |
tree | d02198ba0c3e230450fe220ad262921dd6599133 /3rdparty | |
parent | 48d26c21c61c3f0e1c4ca38035366f8ae968401b (diff) | |
download | mbedtls-4936beb5136e26271247de49588045f71f740806.zip mbedtls-4936beb5136e26271247de49588045f71f740806.tar.gz mbedtls-4936beb5136e26271247de49588045f71f740806.tar.bz2 |
ECDH: Clean up the interface to Everest code
Diffstat (limited to '3rdparty')
-rwxr-xr-x[-rw-r--r--] | 3rdparty/everest/include/everest/everest.h | 38 | ||||
-rwxr-xr-x[-rw-r--r--] | 3rdparty/everest/include/everest/x25519.h | 13 | ||||
-rwxr-xr-x | 3rdparty/everest/library/everest.c | 70 | ||||
-rwxr-xr-x[-rw-r--r--] | 3rdparty/everest/library/x25519.c | 8 |
4 files changed, 62 insertions, 67 deletions
diff --git a/3rdparty/everest/include/everest/everest.h b/3rdparty/everest/include/everest/everest.h index aceeeae..5806500 100644..100755 --- a/3rdparty/everest/include/everest/everest.h +++ b/3rdparty/everest/include/everest/everest.h @@ -22,17 +22,23 @@ #ifndef MBEDTLS_EVEREST_H #define MBEDTLS_EVEREST_H +#include "everest/x25519.h" + #ifdef __cplusplus extern "C" { #endif -struct mbedtls_ecdh_context; -typedef struct mbedtls_ecdh_context mbedtls_ecdh_context; - -struct mbedtls_x25519_context_; +/** + * Defines the source of the imported EC key. + */ +typedef enum +{ + MBEDTLS_EVEREST_ECDH_OURS, /**< Our key. */ + MBEDTLS_EVEREST_ECDH_THEIRS, /**< The key of the peer. */ +} mbedtls_everest_ecdh_side; typedef struct { - struct mbedtls_x25519_context_ *ctx; + mbedtls_x25519_context ctx; } mbedtls_ecdh_context_everest; @@ -48,18 +54,18 @@ typedef struct { * ciphersuites. * * \param ctx The ECDH context to set up. - * \param grp The group id of the group to set up the context for. + * \param grp_id The group id of the group to set up the context for. * * \return \c 0 on success. */ -int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp ); +int mbedtls_everest_setup( mbedtls_ecdh_context_everest *ctx, int grp_id ); /** * \brief This function frees a context. * * \param ctx The context to free. */ -void mbedtls_everest_free( mbedtls_ecdh_context *ctx ); +void mbedtls_everest_free( mbedtls_ecdh_context_everest *ctx ); /** * \brief This function generates a public key and a TLS @@ -84,7 +90,7 @@ void mbedtls_everest_free( mbedtls_ecdh_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ); @@ -106,7 +112,7 @@ int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, const unsigned char **buf, const unsigned char *end ); /** @@ -126,7 +132,7 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, const unsigned char **buf, const unsigned char *end ); /** @@ -147,8 +153,8 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, - int side ); +int mbedtls_everest_get_params( mbedtls_ecdh_context_everest *ctx, const mbedtls_ecp_keypair *key, + mbedtls_everest_ecdh_side side ); /** * \brief This function generates a public key and a TLS @@ -169,7 +175,7 @@ int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_key * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_public( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ); @@ -191,7 +197,7 @@ int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_public( mbedtls_ecdh_context_everest *ctx, const unsigned char *buf, size_t blen ); /** @@ -216,7 +222,7 @@ int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ); diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h index e332ff2..cdfb16f 100644..100755 --- a/3rdparty/everest/include/everest/x25519.h +++ b/3rdparty/everest/include/everest/x25519.h @@ -22,8 +22,6 @@ #ifndef MBEDTLS_X25519_H #define MBEDTLS_X25519_H -#include <mbedtls/ecdh.h> - #ifdef __cplusplus extern "C" { #endif @@ -31,6 +29,15 @@ extern "C" { #define MBEDTLS_ECP_TLS_CURVE25519 0x1d /** + * Defines the source of the imported EC key. + */ +typedef enum +{ + MBEDTLS_X25519_ECDH_OURS, /**< Our key. */ + MBEDTLS_X25519_ECDH_THEIRS, /**< The key of the peer. */ +} mbedtls_x25519_ecdh_side; + +/** * \brief The x25519 context structure. */ typedef struct mbedtls_x25519_context_ { @@ -109,7 +116,7 @@ int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, * */ int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key, - int side ); + mbedtls_x25519_ecdh_side side ); /** * \brief This function derives and exports the shared secret. diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c index 2b111af..4b3a799 100755 --- a/3rdparty/everest/library/everest.c +++ b/3rdparty/everest/library/everest.c @@ -41,89 +41,69 @@ #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) -int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp ) +int mbedtls_everest_setup( mbedtls_ecdh_context_everest *ctx, int grp_id ) { - if( grp != MBEDTLS_ECP_DP_CURVE25519 ) + if( grp_id != MBEDTLS_ECP_DP_CURVE25519 ) return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - - ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; - ctx->grp_id = grp; - - ctx->ctx.everest_ecdh.ctx = mbedtls_calloc( 1, sizeof( mbedtls_x25519_context ) ); - mbedtls_x25519_init( ctx->ctx.everest_ecdh.ctx ); - + mbedtls_x25519_init( &ctx->ctx ); return 0; } -void mbedtls_everest_free( mbedtls_ecdh_context *ctx ) +void mbedtls_everest_free( mbedtls_ecdh_context_everest *ctx ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - - mbedtls_x25519_free( x25519_ctx ); - mbedtls_free( x25519_ctx ); - - ctx->var = MBEDTLS_ECDH_VARIANT_NONE; - ctx->grp_id = MBEDTLS_ECP_DP_NONE; + mbedtls_x25519_free( &ctx->ctx ); } -int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_make_params( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } -int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, const unsigned char *end ) +int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, + const unsigned char **buf, + const unsigned char *end ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_read_params( x25519_ctx, buf, end ); } -int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, - int side ) +int mbedtls_everest_get_params( mbedtls_ecdh_context_everest *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_everest_ecdh_side side ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - return mbedtls_x25519_get_params( x25519_ctx, key, side ); + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; + mbedtls_x25519_ecdh_side s = side == MBEDTLS_EVEREST_ECDH_OURS ? + MBEDTLS_X25519_ECDH_OURS : + MBEDTLS_X25519_ECDH_THEIRS; + return mbedtls_x25519_get_params( x25519_ctx, key, s ); } -int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_public( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_make_public( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } -int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_public( mbedtls_ecdh_context_everest *ctx, const unsigned char *buf, size_t blen ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_read_public ( x25519_ctx, buf, blen ); } -int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_calc_secret( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index 72cab6b..830018c 100644..100755 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -27,6 +27,8 @@ #if defined(MBEDTLS_ECDH_C) +#include <mbedtls/ecdh.h> + #include <Hacl_Curve25519.h> #include <mbedtls/platform_util.h> @@ -100,16 +102,16 @@ int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, } int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key, - int side ) + mbedtls_x25519_ecdh_side side ) { size_t olen = 0; switch( side ) { - case MBEDTLS_ECDH_THEIRS: + case MBEDTLS_X25519_ECDH_THEIRS: mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, 32 ); /* untested; defensively throw an error for now. */ return(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE); - case MBEDTLS_ECDH_OURS: + case MBEDTLS_X25519_ECDH_OURS: mbedtls_mpi_write_binary( &key->d, ctx->our_secret, 32 ); /* CMW: key->Q = key->d * base; do we need to set up ctx.peer_point here? */ /* untested; defensively throw an error for now. */ |