Hannes Tschofenig
Example program to test AES-GCM functionality. Used for a workshop
SSL/include/polarssl/ecdh.h@0:796d0f61a05b, 2018-09-27 (annotated)
- Committer:
- HannesTschofenig
- Date:
- Thu Sep 27 06:34:22 2018 +0000
- Revision:
- 0:796d0f61a05b
Example AES-GCM test program
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| HannesTschofenig | 0:796d0f61a05b | 1 | /** |
| HannesTschofenig | 0:796d0f61a05b | 2 | * \file ecdh.h |
| HannesTschofenig | 0:796d0f61a05b | 3 | * |
| HannesTschofenig | 0:796d0f61a05b | 4 | * \brief Elliptic curve Diffie-Hellman |
| HannesTschofenig | 0:796d0f61a05b | 5 | * |
| HannesTschofenig | 0:796d0f61a05b | 6 | * Copyright (C) 2006-2013, Brainspark B.V. |
| HannesTschofenig | 0:796d0f61a05b | 7 | * |
| HannesTschofenig | 0:796d0f61a05b | 8 | * This file is part of PolarSSL (http://www.polarssl.org) |
| HannesTschofenig | 0:796d0f61a05b | 9 | * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> |
| HannesTschofenig | 0:796d0f61a05b | 10 | * |
| HannesTschofenig | 0:796d0f61a05b | 11 | * All rights reserved. |
| HannesTschofenig | 0:796d0f61a05b | 12 | * |
| HannesTschofenig | 0:796d0f61a05b | 13 | * This program is free software; you can redistribute it and/or modify |
| HannesTschofenig | 0:796d0f61a05b | 14 | * it under the terms of the GNU General Public License as published by |
| HannesTschofenig | 0:796d0f61a05b | 15 | * the Free Software Foundation; either version 2 of the License, or |
| HannesTschofenig | 0:796d0f61a05b | 16 | * (at your option) any later version. |
| HannesTschofenig | 0:796d0f61a05b | 17 | * |
| HannesTschofenig | 0:796d0f61a05b | 18 | * This program is distributed in the hope that it will be useful, |
| HannesTschofenig | 0:796d0f61a05b | 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| HannesTschofenig | 0:796d0f61a05b | 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| HannesTschofenig | 0:796d0f61a05b | 21 | * GNU General Public License for more details. |
| HannesTschofenig | 0:796d0f61a05b | 22 | * |
| HannesTschofenig | 0:796d0f61a05b | 23 | * You should have received a copy of the GNU General Public License along |
| HannesTschofenig | 0:796d0f61a05b | 24 | * with this program; if not, write to the Free Software Foundation, Inc., |
| HannesTschofenig | 0:796d0f61a05b | 25 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| HannesTschofenig | 0:796d0f61a05b | 26 | */ |
| HannesTschofenig | 0:796d0f61a05b | 27 | #ifndef POLARSSL_ECDH_H |
| HannesTschofenig | 0:796d0f61a05b | 28 | #define POLARSSL_ECDH_H |
| HannesTschofenig | 0:796d0f61a05b | 29 | |
| HannesTschofenig | 0:796d0f61a05b | 30 | #include "ecp.h" |
| HannesTschofenig | 0:796d0f61a05b | 31 | |
| HannesTschofenig | 0:796d0f61a05b | 32 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 33 | extern "C" { |
| HannesTschofenig | 0:796d0f61a05b | 34 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 35 | |
| HannesTschofenig | 0:796d0f61a05b | 36 | /** |
| HannesTschofenig | 0:796d0f61a05b | 37 | * When importing from an EC key, select if it is our key or the peer's key |
| HannesTschofenig | 0:796d0f61a05b | 38 | */ |
| HannesTschofenig | 0:796d0f61a05b | 39 | typedef enum |
| HannesTschofenig | 0:796d0f61a05b | 40 | { |
| HannesTschofenig | 0:796d0f61a05b | 41 | POLARSSL_ECDH_OURS, |
| HannesTschofenig | 0:796d0f61a05b | 42 | POLARSSL_ECDH_THEIRS, |
| HannesTschofenig | 0:796d0f61a05b | 43 | } ecdh_side; |
| HannesTschofenig | 0:796d0f61a05b | 44 | |
| HannesTschofenig | 0:796d0f61a05b | 45 | /** |
| HannesTschofenig | 0:796d0f61a05b | 46 | * \brief ECDH context structure |
| HannesTschofenig | 0:796d0f61a05b | 47 | */ |
| HannesTschofenig | 0:796d0f61a05b | 48 | typedef struct |
| HannesTschofenig | 0:796d0f61a05b | 49 | { |
| HannesTschofenig | 0:796d0f61a05b | 50 | ecp_group grp; /*!< ellipitic curve used */ |
| HannesTschofenig | 0:796d0f61a05b | 51 | mpi d; /*!< our secret value */ |
| HannesTschofenig | 0:796d0f61a05b | 52 | ecp_point Q; /*!< our public value */ |
| HannesTschofenig | 0:796d0f61a05b | 53 | ecp_point Qp; /*!< peer's public value */ |
| HannesTschofenig | 0:796d0f61a05b | 54 | mpi z; /*!< shared secret */ |
| HannesTschofenig | 0:796d0f61a05b | 55 | int point_format; /*!< format for point export */ |
| HannesTschofenig | 0:796d0f61a05b | 56 | ecp_point Vi; /*!< blinding value (for later) */ |
| HannesTschofenig | 0:796d0f61a05b | 57 | ecp_point Vf; /*!< un-blinding value (for later) */ |
| HannesTschofenig | 0:796d0f61a05b | 58 | mpi _d; /*!< previous d */ |
| HannesTschofenig | 0:796d0f61a05b | 59 | } |
| HannesTschofenig | 0:796d0f61a05b | 60 | ecdh_context; |
| HannesTschofenig | 0:796d0f61a05b | 61 | |
| HannesTschofenig | 0:796d0f61a05b | 62 | /** |
| HannesTschofenig | 0:796d0f61a05b | 63 | * \brief Generate a public key |
| HannesTschofenig | 0:796d0f61a05b | 64 | * |
| HannesTschofenig | 0:796d0f61a05b | 65 | * \param grp ECP group |
| HannesTschofenig | 0:796d0f61a05b | 66 | * \param d Destination MPI (secret exponent) |
| HannesTschofenig | 0:796d0f61a05b | 67 | * \param Q Destination point (public key) |
| HannesTschofenig | 0:796d0f61a05b | 68 | * \param f_rng RNG function |
| HannesTschofenig | 0:796d0f61a05b | 69 | * \param p_rng RNG parameter |
| HannesTschofenig | 0:796d0f61a05b | 70 | * |
| HannesTschofenig | 0:796d0f61a05b | 71 | * \return 0 if successful, |
| HannesTschofenig | 0:796d0f61a05b | 72 | * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 73 | */ |
| HannesTschofenig | 0:796d0f61a05b | 74 | int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q, |
| HannesTschofenig | 0:796d0f61a05b | 75 | int (*f_rng)(void *, unsigned char *, size_t), |
| HannesTschofenig | 0:796d0f61a05b | 76 | void *p_rng ); |
| HannesTschofenig | 0:796d0f61a05b | 77 | |
| HannesTschofenig | 0:796d0f61a05b | 78 | /** |
| HannesTschofenig | 0:796d0f61a05b | 79 | * \brief Compute shared secret |
| HannesTschofenig | 0:796d0f61a05b | 80 | * |
| HannesTschofenig | 0:796d0f61a05b | 81 | * \param grp ECP group |
| HannesTschofenig | 0:796d0f61a05b | 82 | * \param z Destination MPI (shared secret) |
| HannesTschofenig | 0:796d0f61a05b | 83 | * \param Q Public key from other party |
| HannesTschofenig | 0:796d0f61a05b | 84 | * \param d Our secret exponent |
| HannesTschofenig | 0:796d0f61a05b | 85 | * \param f_rng RNG function (see notes) |
| HannesTschofenig | 0:796d0f61a05b | 86 | * \param p_rng RNG parameter |
| HannesTschofenig | 0:796d0f61a05b | 87 | * |
| HannesTschofenig | 0:796d0f61a05b | 88 | * \return 0 if successful, |
| HannesTschofenig | 0:796d0f61a05b | 89 | * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 90 | * |
| HannesTschofenig | 0:796d0f61a05b | 91 | * \note If f_rng is not NULL, it is used to implement |
| HannesTschofenig | 0:796d0f61a05b | 92 | * countermeasures against potential elaborate timing |
| HannesTschofenig | 0:796d0f61a05b | 93 | * attacks, see \c ecp_mul() for details. |
| HannesTschofenig | 0:796d0f61a05b | 94 | */ |
| HannesTschofenig | 0:796d0f61a05b | 95 | int ecdh_compute_shared( ecp_group *grp, mpi *z, |
| HannesTschofenig | 0:796d0f61a05b | 96 | const ecp_point *Q, const mpi *d, |
| HannesTschofenig | 0:796d0f61a05b | 97 | int (*f_rng)(void *, unsigned char *, size_t), |
| HannesTschofenig | 0:796d0f61a05b | 98 | void *p_rng ); |
| HannesTschofenig | 0:796d0f61a05b | 99 | |
| HannesTschofenig | 0:796d0f61a05b | 100 | /** |
| HannesTschofenig | 0:796d0f61a05b | 101 | * \brief Initialize context |
| HannesTschofenig | 0:796d0f61a05b | 102 | * |
| HannesTschofenig | 0:796d0f61a05b | 103 | * \param ctx Context to initialize |
| HannesTschofenig | 0:796d0f61a05b | 104 | */ |
| HannesTschofenig | 0:796d0f61a05b | 105 | void ecdh_init( ecdh_context *ctx ); |
| HannesTschofenig | 0:796d0f61a05b | 106 | |
| HannesTschofenig | 0:796d0f61a05b | 107 | /** |
| HannesTschofenig | 0:796d0f61a05b | 108 | * \brief Free context |
| HannesTschofenig | 0:796d0f61a05b | 109 | * |
| HannesTschofenig | 0:796d0f61a05b | 110 | * \param ctx Context to free |
| HannesTschofenig | 0:796d0f61a05b | 111 | */ |
| HannesTschofenig | 0:796d0f61a05b | 112 | void ecdh_free( ecdh_context *ctx ); |
| HannesTschofenig | 0:796d0f61a05b | 113 | |
| HannesTschofenig | 0:796d0f61a05b | 114 | /** |
| HannesTschofenig | 0:796d0f61a05b | 115 | * \brief Setup and write the ServerKeyExhange parameters |
| HannesTschofenig | 0:796d0f61a05b | 116 | * |
| HannesTschofenig | 0:796d0f61a05b | 117 | * \param ctx ECDH context |
| HannesTschofenig | 0:796d0f61a05b | 118 | * \param olen number of chars written |
| HannesTschofenig | 0:796d0f61a05b | 119 | * \param buf destination buffer |
| HannesTschofenig | 0:796d0f61a05b | 120 | * \param blen length of buffer |
| HannesTschofenig | 0:796d0f61a05b | 121 | * \param f_rng RNG function |
| HannesTschofenig | 0:796d0f61a05b | 122 | * \param p_rng RNG parameter |
| HannesTschofenig | 0:796d0f61a05b | 123 | * |
| HannesTschofenig | 0:796d0f61a05b | 124 | * \note This function assumes that ctx->grp has already been |
| HannesTschofenig | 0:796d0f61a05b | 125 | * properly set (for example using ecp_use_known_dp). |
| HannesTschofenig | 0:796d0f61a05b | 126 | * |
| HannesTschofenig | 0:796d0f61a05b | 127 | * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 128 | */ |
| HannesTschofenig | 0:796d0f61a05b | 129 | int ecdh_make_params( ecdh_context *ctx, size_t *olen, |
| HannesTschofenig | 0:796d0f61a05b | 130 | unsigned char *buf, size_t blen, |
| HannesTschofenig | 0:796d0f61a05b | 131 | int (*f_rng)(void *, unsigned char *, size_t), |
| HannesTschofenig | 0:796d0f61a05b | 132 | void *p_rng ); |
| HannesTschofenig | 0:796d0f61a05b | 133 | |
| HannesTschofenig | 0:796d0f61a05b | 134 | /** |
| HannesTschofenig | 0:796d0f61a05b | 135 | * \brief Parse the ServerKeyExhange parameters |
| HannesTschofenig | 0:796d0f61a05b | 136 | * |
| HannesTschofenig | 0:796d0f61a05b | 137 | * \param ctx ECDH context |
| HannesTschofenig | 0:796d0f61a05b | 138 | * \param buf pointer to start of input buffer |
| HannesTschofenig | 0:796d0f61a05b | 139 | * \param end one past end of buffer |
| HannesTschofenig | 0:796d0f61a05b | 140 | * |
| HannesTschofenig | 0:796d0f61a05b | 141 | * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 142 | */ |
| HannesTschofenig | 0:796d0f61a05b | 143 | int ecdh_read_params( ecdh_context *ctx, |
| HannesTschofenig | 0:796d0f61a05b | 144 | const unsigned char **buf, const unsigned char *end ); |
| HannesTschofenig | 0:796d0f61a05b | 145 | |
| HannesTschofenig | 0:796d0f61a05b | 146 | /** |
| HannesTschofenig | 0:796d0f61a05b | 147 | * \brief Setup an ECDH context from an EC key |
| HannesTschofenig | 0:796d0f61a05b | 148 | * |
| HannesTschofenig | 0:796d0f61a05b | 149 | * \param ctx ECDH constext to set |
| HannesTschofenig | 0:796d0f61a05b | 150 | * \param key EC key to use |
| HannesTschofenig | 0:796d0f61a05b | 151 | * \param side Is it our key (1) or the peer's key (0) ? |
| HannesTschofenig | 0:796d0f61a05b | 152 | * |
| HannesTschofenig | 0:796d0f61a05b | 153 | * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 154 | */ |
| HannesTschofenig | 0:796d0f61a05b | 155 | int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, |
| HannesTschofenig | 0:796d0f61a05b | 156 | ecdh_side side ); |
| HannesTschofenig | 0:796d0f61a05b | 157 | |
| HannesTschofenig | 0:796d0f61a05b | 158 | /** |
| HannesTschofenig | 0:796d0f61a05b | 159 | * \brief Setup and export the client's public value |
| HannesTschofenig | 0:796d0f61a05b | 160 | * |
| HannesTschofenig | 0:796d0f61a05b | 161 | * \param ctx ECDH context |
| HannesTschofenig | 0:796d0f61a05b | 162 | * \param olen number of bytes actually written |
| HannesTschofenig | 0:796d0f61a05b | 163 | * \param buf destination buffer |
| HannesTschofenig | 0:796d0f61a05b | 164 | * \param blen size of destination buffer |
| HannesTschofenig | 0:796d0f61a05b | 165 | * \param f_rng RNG function |
| HannesTschofenig | 0:796d0f61a05b | 166 | * \param p_rng RNG parameter |
| HannesTschofenig | 0:796d0f61a05b | 167 | * |
| HannesTschofenig | 0:796d0f61a05b | 168 | * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 169 | */ |
| HannesTschofenig | 0:796d0f61a05b | 170 | int ecdh_make_public( ecdh_context *ctx, size_t *olen, |
| HannesTschofenig | 0:796d0f61a05b | 171 | unsigned char *buf, size_t blen, |
| HannesTschofenig | 0:796d0f61a05b | 172 | int (*f_rng)(void *, unsigned char *, size_t), |
| HannesTschofenig | 0:796d0f61a05b | 173 | void *p_rng ); |
| HannesTschofenig | 0:796d0f61a05b | 174 | |
| HannesTschofenig | 0:796d0f61a05b | 175 | /** |
| HannesTschofenig | 0:796d0f61a05b | 176 | * \brief Parse and import the client's public value |
| HannesTschofenig | 0:796d0f61a05b | 177 | * |
| HannesTschofenig | 0:796d0f61a05b | 178 | * \param ctx ECDH context |
| HannesTschofenig | 0:796d0f61a05b | 179 | * \param buf start of input buffer |
| HannesTschofenig | 0:796d0f61a05b | 180 | * \param blen length of input buffer |
| HannesTschofenig | 0:796d0f61a05b | 181 | * |
| HannesTschofenig | 0:796d0f61a05b | 182 | * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 183 | */ |
| HannesTschofenig | 0:796d0f61a05b | 184 | int ecdh_read_public( ecdh_context *ctx, |
| HannesTschofenig | 0:796d0f61a05b | 185 | const unsigned char *buf, size_t blen ); |
| HannesTschofenig | 0:796d0f61a05b | 186 | |
| HannesTschofenig | 0:796d0f61a05b | 187 | /** |
| HannesTschofenig | 0:796d0f61a05b | 188 | * \brief Derive and export the shared secret |
| HannesTschofenig | 0:796d0f61a05b | 189 | * |
| HannesTschofenig | 0:796d0f61a05b | 190 | * \param ctx ECDH context |
| HannesTschofenig | 0:796d0f61a05b | 191 | * \param olen number of bytes written |
| HannesTschofenig | 0:796d0f61a05b | 192 | * \param buf destination buffer |
| HannesTschofenig | 0:796d0f61a05b | 193 | * \param blen buffer length |
| HannesTschofenig | 0:796d0f61a05b | 194 | * \param f_rng RNG function, see notes for \c ecdh_compute_shared() |
| HannesTschofenig | 0:796d0f61a05b | 195 | * \param p_rng RNG parameter |
| HannesTschofenig | 0:796d0f61a05b | 196 | * |
| HannesTschofenig | 0:796d0f61a05b | 197 | * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code |
| HannesTschofenig | 0:796d0f61a05b | 198 | */ |
| HannesTschofenig | 0:796d0f61a05b | 199 | int ecdh_calc_secret( ecdh_context *ctx, size_t *olen, |
| HannesTschofenig | 0:796d0f61a05b | 200 | unsigned char *buf, size_t blen, |
| HannesTschofenig | 0:796d0f61a05b | 201 | int (*f_rng)(void *, unsigned char *, size_t), |
| HannesTschofenig | 0:796d0f61a05b | 202 | void *p_rng ); |
| HannesTschofenig | 0:796d0f61a05b | 203 | |
| HannesTschofenig | 0:796d0f61a05b | 204 | /** |
| HannesTschofenig | 0:796d0f61a05b | 205 | * \brief Checkup routine |
| HannesTschofenig | 0:796d0f61a05b | 206 | * |
| HannesTschofenig | 0:796d0f61a05b | 207 | * \return 0 if successful, or 1 if the test failed |
| HannesTschofenig | 0:796d0f61a05b | 208 | */ |
| HannesTschofenig | 0:796d0f61a05b | 209 | int ecdh_self_test( int verbose ); |
| HannesTschofenig | 0:796d0f61a05b | 210 | |
| HannesTschofenig | 0:796d0f61a05b | 211 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 212 | } |
| HannesTschofenig | 0:796d0f61a05b | 213 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 214 | |
| HannesTschofenig | 0:796d0f61a05b | 215 | #endif /* ecdh.h */ |
| HannesTschofenig | 0:796d0f61a05b | 216 | |
| HannesTschofenig | 0:796d0f61a05b | 217 |