sandbox
/
mbedtls
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
mbedtls
by 
Christopher Haster
source/ecdh.c@1:24750b9ad5ef, 2016-01-22 (annotated)
- Committer:
- Christopher Haster
- Date:
- Fri Jan 22 16:44:49 2016 -0600
- Revision:
- 1:24750b9ad5ef
Initial move of mbedtls to mercurial
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| Christopher Haster |
1:24750b9ad5ef | 1 | /* |
| Christopher Haster |
1:24750b9ad5ef | 2 | * Elliptic curve Diffie-Hellman |
| Christopher Haster |
1:24750b9ad5ef | 3 | * |
| Christopher Haster |
1:24750b9ad5ef | 4 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| Christopher Haster |
1:24750b9ad5ef | 5 | * SPDX-License-Identifier: Apache-2.0 |
| Christopher Haster |
1:24750b9ad5ef | 6 | * |
| Christopher Haster |
1:24750b9ad5ef | 7 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| Christopher Haster |
1:24750b9ad5ef | 8 | * not use this file except in compliance with the License. |
| Christopher Haster |
1:24750b9ad5ef | 9 | * You may obtain a copy of the License at |
| Christopher Haster |
1:24750b9ad5ef | 10 | * |
| Christopher Haster |
1:24750b9ad5ef | 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
| Christopher Haster |
1:24750b9ad5ef | 12 | * |
| Christopher Haster |
1:24750b9ad5ef | 13 | * Unless required by applicable law or agreed to in writing, software |
| Christopher Haster |
1:24750b9ad5ef | 14 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| Christopher Haster |
1:24750b9ad5ef | 15 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| Christopher Haster |
1:24750b9ad5ef | 16 | * See the License for the specific language governing permissions and |
| Christopher Haster |
1:24750b9ad5ef | 17 | * limitations under the License. |
| Christopher Haster |
1:24750b9ad5ef | 18 | * |
| Christopher Haster |
1:24750b9ad5ef | 19 | * This file is part of mbed TLS (https://tls.mbed.org) |
| Christopher Haster |
1:24750b9ad5ef | 20 | */ |
| Christopher Haster |
1:24750b9ad5ef | 21 | |
| Christopher Haster |
1:24750b9ad5ef | 22 | /* |
| Christopher Haster |
1:24750b9ad5ef | 23 | * References: |
| Christopher Haster |
1:24750b9ad5ef | 24 | * |
| Christopher Haster |
1:24750b9ad5ef | 25 | * SEC1 http://www.secg.org/index.php?action=secg,docs_secg |
| Christopher Haster |
1:24750b9ad5ef | 26 | * RFC 4492 |
| Christopher Haster |
1:24750b9ad5ef | 27 | */ |
| Christopher Haster |
1:24750b9ad5ef | 28 | |
| Christopher Haster |
1:24750b9ad5ef | 29 | #if !defined(MBEDTLS_CONFIG_FILE) |
| Christopher Haster |
1:24750b9ad5ef | 30 | #include "mbedtls/config.h" |
| Christopher Haster |
1:24750b9ad5ef | 31 | #else |
| Christopher Haster |
1:24750b9ad5ef | 32 | #include MBEDTLS_CONFIG_FILE |
| Christopher Haster |
1:24750b9ad5ef | 33 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 34 | |
| Christopher Haster |
1:24750b9ad5ef | 35 | #if defined(MBEDTLS_ECDH_C) |
| Christopher Haster |
1:24750b9ad5ef | 36 | |
| Christopher Haster |
1:24750b9ad5ef | 37 | #include "mbedtls/ecdh.h" |
| Christopher Haster |
1:24750b9ad5ef | 38 | |
| Christopher Haster |
1:24750b9ad5ef | 39 | #include <string.h> |
| Christopher Haster |
1:24750b9ad5ef | 40 | |
| Christopher Haster |
1:24750b9ad5ef | 41 | /* |
| Christopher Haster |
1:24750b9ad5ef | 42 | * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair |
| Christopher Haster |
1:24750b9ad5ef | 43 | */ |
| Christopher Haster |
1:24750b9ad5ef | 44 | int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, |
| Christopher Haster |
1:24750b9ad5ef | 45 | int (*f_rng)(void *, unsigned char *, size_t), |
| Christopher Haster |
1:24750b9ad5ef | 46 | void *p_rng ) |
| Christopher Haster |
1:24750b9ad5ef | 47 | { |
| Christopher Haster |
1:24750b9ad5ef | 48 | return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng ); |
| Christopher Haster |
1:24750b9ad5ef | 49 | } |
| Christopher Haster |
1:24750b9ad5ef | 50 | |
| Christopher Haster |
1:24750b9ad5ef | 51 | /* |
| Christopher Haster |
1:24750b9ad5ef | 52 | * Compute shared secret (SEC1 3.3.1) |
| Christopher Haster |
1:24750b9ad5ef | 53 | */ |
| Christopher Haster |
1:24750b9ad5ef | 54 | int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, |
| Christopher Haster |
1:24750b9ad5ef | 55 | const mbedtls_ecp_point *Q, const mbedtls_mpi *d, |
| Christopher Haster |
1:24750b9ad5ef | 56 | int (*f_rng)(void *, unsigned char *, size_t), |
| Christopher Haster |
1:24750b9ad5ef | 57 | void *p_rng ) |
| Christopher Haster |
1:24750b9ad5ef | 58 | { |
| Christopher Haster |
1:24750b9ad5ef | 59 | int ret; |
| Christopher Haster |
1:24750b9ad5ef | 60 | mbedtls_ecp_point P; |
| Christopher Haster |
1:24750b9ad5ef | 61 | |
| Christopher Haster |
1:24750b9ad5ef | 62 | mbedtls_ecp_point_init( &P ); |
| Christopher Haster |
1:24750b9ad5ef | 63 | |
| Christopher Haster |
1:24750b9ad5ef | 64 | /* |
| Christopher Haster |
1:24750b9ad5ef | 65 | * Make sure Q is a valid pubkey before using it |
| Christopher Haster |
1:24750b9ad5ef | 66 | */ |
| Christopher Haster |
1:24750b9ad5ef | 67 | MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); |
| Christopher Haster |
1:24750b9ad5ef | 68 | |
| Christopher Haster |
1:24750b9ad5ef | 69 | MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) ); |
| Christopher Haster |
1:24750b9ad5ef | 70 | |
| Christopher Haster |
1:24750b9ad5ef | 71 | if( mbedtls_ecp_is_zero( &P ) ) |
| Christopher Haster |
1:24750b9ad5ef | 72 | { |
| Christopher Haster |
1:24750b9ad5ef | 73 | ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; |
| Christopher Haster |
1:24750b9ad5ef | 74 | goto cleanup; |
| Christopher Haster |
1:24750b9ad5ef | 75 | } |
| Christopher Haster |
1:24750b9ad5ef | 76 | |
| Christopher Haster |
1:24750b9ad5ef | 77 | MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) ); |
| Christopher Haster |
1:24750b9ad5ef | 78 | |
| Christopher Haster |
1:24750b9ad5ef | 79 | cleanup: |
| Christopher Haster |
1:24750b9ad5ef | 80 | mbedtls_ecp_point_free( &P ); |
| Christopher Haster |
1:24750b9ad5ef | 81 | |
| Christopher Haster |
1:24750b9ad5ef | 82 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 83 | } |
| Christopher Haster |
1:24750b9ad5ef | 84 | |
| Christopher Haster |
1:24750b9ad5ef | 85 | /* |
| Christopher Haster |
1:24750b9ad5ef | 86 | * Initialize context |
| Christopher Haster |
1:24750b9ad5ef | 87 | */ |
| Christopher Haster |
1:24750b9ad5ef | 88 | void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) |
| Christopher Haster |
1:24750b9ad5ef | 89 | { |
| Christopher Haster |
1:24750b9ad5ef | 90 | memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); |
| Christopher Haster |
1:24750b9ad5ef | 91 | } |
| Christopher Haster |
1:24750b9ad5ef | 92 | |
| Christopher Haster |
1:24750b9ad5ef | 93 | /* |
| Christopher Haster |
1:24750b9ad5ef | 94 | * Free context |
| Christopher Haster |
1:24750b9ad5ef | 95 | */ |
| Christopher Haster |
1:24750b9ad5ef | 96 | void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) |
| Christopher Haster |
1:24750b9ad5ef | 97 | { |
| Christopher Haster |
1:24750b9ad5ef | 98 | if( ctx == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 99 | return; |
| Christopher Haster |
1:24750b9ad5ef | 100 | |
| Christopher Haster |
1:24750b9ad5ef | 101 | mbedtls_ecp_group_free( &ctx->grp ); |
| Christopher Haster |
1:24750b9ad5ef | 102 | mbedtls_ecp_point_free( &ctx->Q ); |
| Christopher Haster |
1:24750b9ad5ef | 103 | mbedtls_ecp_point_free( &ctx->Qp ); |
| Christopher Haster |
1:24750b9ad5ef | 104 | mbedtls_ecp_point_free( &ctx->Vi ); |
| Christopher Haster |
1:24750b9ad5ef | 105 | mbedtls_ecp_point_free( &ctx->Vf ); |
| Christopher Haster |
1:24750b9ad5ef | 106 | mbedtls_mpi_free( &ctx->d ); |
| Christopher Haster |
1:24750b9ad5ef | 107 | mbedtls_mpi_free( &ctx->z ); |
| Christopher Haster |
1:24750b9ad5ef | 108 | mbedtls_mpi_free( &ctx->_d ); |
| Christopher Haster |
1:24750b9ad5ef | 109 | } |
| Christopher Haster |
1:24750b9ad5ef | 110 | |
| Christopher Haster |
1:24750b9ad5ef | 111 | /* |
| Christopher Haster |
1:24750b9ad5ef | 112 | * Setup and write the ServerKeyExhange parameters (RFC 4492) |
| Christopher Haster |
1:24750b9ad5ef | 113 | * struct { |
| Christopher Haster |
1:24750b9ad5ef | 114 | * ECParameters curve_params; |
| Christopher Haster |
1:24750b9ad5ef | 115 | * ECPoint public; |
| Christopher Haster |
1:24750b9ad5ef | 116 | * } ServerECDHParams; |
| Christopher Haster |
1:24750b9ad5ef | 117 | */ |
| Christopher Haster |
1:24750b9ad5ef | 118 | int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, |
| Christopher Haster |
1:24750b9ad5ef | 119 | unsigned char *buf, size_t blen, |
| Christopher Haster |
1:24750b9ad5ef | 120 | int (*f_rng)(void *, unsigned char *, size_t), |
| Christopher Haster |
1:24750b9ad5ef | 121 | void *p_rng ) |
| Christopher Haster |
1:24750b9ad5ef | 122 | { |
| Christopher Haster |
1:24750b9ad5ef | 123 | int ret; |
| Christopher Haster |
1:24750b9ad5ef | 124 | size_t grp_len, pt_len; |
| Christopher Haster |
1:24750b9ad5ef | 125 | |
| Christopher Haster |
1:24750b9ad5ef | 126 | if( ctx == NULL || ctx->grp.pbits == 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 127 | return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); |
| Christopher Haster |
1:24750b9ad5ef | 128 | |
| Christopher Haster |
1:24750b9ad5ef | 129 | if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) |
| Christopher Haster |
1:24750b9ad5ef | 130 | != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 131 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 132 | |
| Christopher Haster |
1:24750b9ad5ef | 133 | if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) ) |
| Christopher Haster |
1:24750b9ad5ef | 134 | != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 135 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 136 | |
| Christopher Haster |
1:24750b9ad5ef | 137 | buf += grp_len; |
| Christopher Haster |
1:24750b9ad5ef | 138 | blen -= grp_len; |
| Christopher Haster |
1:24750b9ad5ef | 139 | |
| Christopher Haster |
1:24750b9ad5ef | 140 | if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, |
| Christopher Haster |
1:24750b9ad5ef | 141 | &pt_len, buf, blen ) ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 142 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 143 | |
| Christopher Haster |
1:24750b9ad5ef | 144 | *olen = grp_len + pt_len; |
| Christopher Haster |
1:24750b9ad5ef | 145 | return( 0 ); |
| Christopher Haster |
1:24750b9ad5ef | 146 | } |
| Christopher Haster |
1:24750b9ad5ef | 147 | |
| Christopher Haster |
1:24750b9ad5ef | 148 | /* |
| Christopher Haster |
1:24750b9ad5ef | 149 | * Read the ServerKeyExhange parameters (RFC 4492) |
| Christopher Haster |
1:24750b9ad5ef | 150 | * struct { |
| Christopher Haster |
1:24750b9ad5ef | 151 | * ECParameters curve_params; |
| Christopher Haster |
1:24750b9ad5ef | 152 | * ECPoint public; |
| Christopher Haster |
1:24750b9ad5ef | 153 | * } ServerECDHParams; |
| Christopher Haster |
1:24750b9ad5ef | 154 | */ |
| Christopher Haster |
1:24750b9ad5ef | 155 | int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, |
| Christopher Haster |
1:24750b9ad5ef | 156 | const unsigned char **buf, const unsigned char *end ) |
| Christopher Haster |
1:24750b9ad5ef | 157 | { |
| Christopher Haster |
1:24750b9ad5ef | 158 | int ret; |
| Christopher Haster |
1:24750b9ad5ef | 159 | |
| Christopher Haster |
1:24750b9ad5ef | 160 | if( ( ret = mbedtls_ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 161 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 162 | |
| Christopher Haster |
1:24750b9ad5ef | 163 | if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) ) |
| Christopher Haster |
1:24750b9ad5ef | 164 | != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 165 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 166 | |
| Christopher Haster |
1:24750b9ad5ef | 167 | return( 0 ); |
| Christopher Haster |
1:24750b9ad5ef | 168 | } |
| Christopher Haster |
1:24750b9ad5ef | 169 | |
| Christopher Haster |
1:24750b9ad5ef | 170 | /* |
| Christopher Haster |
1:24750b9ad5ef | 171 | * Get parameters from a keypair |
| Christopher Haster |
1:24750b9ad5ef | 172 | */ |
| Christopher Haster |
1:24750b9ad5ef | 173 | int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, |
| Christopher Haster |
1:24750b9ad5ef | 174 | mbedtls_ecdh_side side ) |
| Christopher Haster |
1:24750b9ad5ef | 175 | { |
| Christopher Haster |
1:24750b9ad5ef | 176 | int ret; |
| Christopher Haster |
1:24750b9ad5ef | 177 | |
| Christopher Haster |
1:24750b9ad5ef | 178 | if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 179 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 180 | |
| Christopher Haster |
1:24750b9ad5ef | 181 | /* If it's not our key, just import the public part as Qp */ |
| Christopher Haster |
1:24750b9ad5ef | 182 | if( side == MBEDTLS_ECDH_THEIRS ) |
| Christopher Haster |
1:24750b9ad5ef | 183 | return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) ); |
| Christopher Haster |
1:24750b9ad5ef | 184 | |
| Christopher Haster |
1:24750b9ad5ef | 185 | /* Our key: import public (as Q) and private parts */ |
| Christopher Haster |
1:24750b9ad5ef | 186 | if( side != MBEDTLS_ECDH_OURS ) |
| Christopher Haster |
1:24750b9ad5ef | 187 | return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); |
| Christopher Haster |
1:24750b9ad5ef | 188 | |
| Christopher Haster |
1:24750b9ad5ef | 189 | if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 || |
| Christopher Haster |
1:24750b9ad5ef | 190 | ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 191 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 192 | |
| Christopher Haster |
1:24750b9ad5ef | 193 | return( 0 ); |
| Christopher Haster |
1:24750b9ad5ef | 194 | } |
| Christopher Haster |
1:24750b9ad5ef | 195 | |
| Christopher Haster |
1:24750b9ad5ef | 196 | /* |
| Christopher Haster |
1:24750b9ad5ef | 197 | * Setup and export the client public value |
| Christopher Haster |
1:24750b9ad5ef | 198 | */ |
| Christopher Haster |
1:24750b9ad5ef | 199 | int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, |
| Christopher Haster |
1:24750b9ad5ef | 200 | unsigned char *buf, size_t blen, |
| Christopher Haster |
1:24750b9ad5ef | 201 | int (*f_rng)(void *, unsigned char *, size_t), |
| Christopher Haster |
1:24750b9ad5ef | 202 | void *p_rng ) |
| Christopher Haster |
1:24750b9ad5ef | 203 | { |
| Christopher Haster |
1:24750b9ad5ef | 204 | int ret; |
| Christopher Haster |
1:24750b9ad5ef | 205 | |
| Christopher Haster |
1:24750b9ad5ef | 206 | if( ctx == NULL || ctx->grp.pbits == 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 207 | return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); |
| Christopher Haster |
1:24750b9ad5ef | 208 | |
| Christopher Haster |
1:24750b9ad5ef | 209 | if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) |
| Christopher Haster |
1:24750b9ad5ef | 210 | != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 211 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 212 | |
| Christopher Haster |
1:24750b9ad5ef | 213 | return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, |
| Christopher Haster |
1:24750b9ad5ef | 214 | olen, buf, blen ); |
| Christopher Haster |
1:24750b9ad5ef | 215 | } |
| Christopher Haster |
1:24750b9ad5ef | 216 | |
| Christopher Haster |
1:24750b9ad5ef | 217 | /* |
| Christopher Haster |
1:24750b9ad5ef | 218 | * Parse and import the client's public value |
| Christopher Haster |
1:24750b9ad5ef | 219 | */ |
| Christopher Haster |
1:24750b9ad5ef | 220 | int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, |
| Christopher Haster |
1:24750b9ad5ef | 221 | const unsigned char *buf, size_t blen ) |
| Christopher Haster |
1:24750b9ad5ef | 222 | { |
| Christopher Haster |
1:24750b9ad5ef | 223 | int ret; |
| Christopher Haster |
1:24750b9ad5ef | 224 | const unsigned char *p = buf; |
| Christopher Haster |
1:24750b9ad5ef | 225 | |
| Christopher Haster |
1:24750b9ad5ef | 226 | if( ctx == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 227 | return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); |
| Christopher Haster |
1:24750b9ad5ef | 228 | |
| Christopher Haster |
1:24750b9ad5ef | 229 | if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 230 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 231 | |
| Christopher Haster |
1:24750b9ad5ef | 232 | if( (size_t)( p - buf ) != blen ) |
| Christopher Haster |
1:24750b9ad5ef | 233 | return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); |
| Christopher Haster |
1:24750b9ad5ef | 234 | |
| Christopher Haster |
1:24750b9ad5ef | 235 | return( 0 ); |
| Christopher Haster |
1:24750b9ad5ef | 236 | } |
| Christopher Haster |
1:24750b9ad5ef | 237 | |
| Christopher Haster |
1:24750b9ad5ef | 238 | /* |
| Christopher Haster |
1:24750b9ad5ef | 239 | * Derive and export the shared secret |
| Christopher Haster |
1:24750b9ad5ef | 240 | */ |
| Christopher Haster |
1:24750b9ad5ef | 241 | int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, |
| Christopher Haster |
1:24750b9ad5ef | 242 | unsigned char *buf, size_t blen, |
| Christopher Haster |
1:24750b9ad5ef | 243 | int (*f_rng)(void *, unsigned char *, size_t), |
| Christopher Haster |
1:24750b9ad5ef | 244 | void *p_rng ) |
| Christopher Haster |
1:24750b9ad5ef | 245 | { |
| Christopher Haster |
1:24750b9ad5ef | 246 | int ret; |
| Christopher Haster |
1:24750b9ad5ef | 247 | |
| Christopher Haster |
1:24750b9ad5ef | 248 | if( ctx == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 249 | return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); |
| Christopher Haster |
1:24750b9ad5ef | 250 | |
| Christopher Haster |
1:24750b9ad5ef | 251 | if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d, |
| Christopher Haster |
1:24750b9ad5ef | 252 | f_rng, p_rng ) ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 253 | { |
| Christopher Haster |
1:24750b9ad5ef | 254 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 255 | } |
| Christopher Haster |
1:24750b9ad5ef | 256 | |
| Christopher Haster |
1:24750b9ad5ef | 257 | if( mbedtls_mpi_size( &ctx->z ) > blen ) |
| Christopher Haster |
1:24750b9ad5ef | 258 | return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); |
| Christopher Haster |
1:24750b9ad5ef | 259 | |
| Christopher Haster |
1:24750b9ad5ef | 260 | *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 ); |
| Christopher Haster |
1:24750b9ad5ef | 261 | return mbedtls_mpi_write_binary( &ctx->z, buf, *olen ); |
| Christopher Haster |
1:24750b9ad5ef | 262 | } |
| Christopher Haster |
1:24750b9ad5ef | 263 | |
| Christopher Haster |
1:24750b9ad5ef | 264 | #endif /* MBEDTLS_ECDH_C */ |