Kenji Arai
mbed-os5 only for TYBLE16
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
features/cryptocell/FEATURE_CRYPTOCELL310/ecdh_alt.c@1:9db0e321a9f4, 2019-12-31 (annotated)
- Committer:
- kenjiArai
- Date:
- Tue Dec 31 06:02:27 2019 +0000
- Revision:
- 1:9db0e321a9f4
- Parent:
- 0:5b88d5760320
updated based on mbed-os5.15.0
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| kenjiArai | 0:5b88d5760320 | 1 | /* |
| kenjiArai | 0:5b88d5760320 | 2 | * ecdh_alt.c |
| kenjiArai | 0:5b88d5760320 | 3 | * |
| kenjiArai | 0:5b88d5760320 | 4 | * Copyright (C) 2018, Arm Limited, All Rights Reserved |
| kenjiArai | 0:5b88d5760320 | 5 | * SPDX-License-Identifier: Apache-2.0 |
| kenjiArai | 0:5b88d5760320 | 6 | * |
| kenjiArai | 0:5b88d5760320 | 7 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| kenjiArai | 0:5b88d5760320 | 8 | * not use this file except in compliance with the License. |
| kenjiArai | 0:5b88d5760320 | 9 | * You may obtain a copy of the License at |
| kenjiArai | 0:5b88d5760320 | 10 | * |
| kenjiArai | 0:5b88d5760320 | 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
| kenjiArai | 0:5b88d5760320 | 12 | * |
| kenjiArai | 0:5b88d5760320 | 13 | * Unless required by applicable law or agreed to in writing, software |
| kenjiArai | 0:5b88d5760320 | 14 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| kenjiArai | 0:5b88d5760320 | 15 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| kenjiArai | 0:5b88d5760320 | 16 | * See the License for the specific language governing permissions and |
| kenjiArai | 0:5b88d5760320 | 17 | * limitations under the License. |
| kenjiArai | 0:5b88d5760320 | 18 | * |
| kenjiArai | 0:5b88d5760320 | 19 | */ |
| kenjiArai | 0:5b88d5760320 | 20 | |
| kenjiArai | 0:5b88d5760320 | 21 | #include "mbedtls/ecdh.h" |
| kenjiArai | 0:5b88d5760320 | 22 | #include <string.h> |
| kenjiArai | 0:5b88d5760320 | 23 | #include "crys_ecpki_dh.h" |
| kenjiArai | 0:5b88d5760320 | 24 | #include "crys_ecpki_build.h" |
| kenjiArai | 0:5b88d5760320 | 25 | #include "crys_common.h" |
| kenjiArai | 0:5b88d5760320 | 26 | #include "crys_ecpki_kg.h" |
| kenjiArai | 0:5b88d5760320 | 27 | #include "crys_ecpki_domain.h" |
| kenjiArai | 0:5b88d5760320 | 28 | #include "crys_ec_mont_api.h" |
| kenjiArai | 0:5b88d5760320 | 29 | #include "mbedtls/platform.h" |
| kenjiArai | 0:5b88d5760320 | 30 | #include "mbedtls/platform_util.h" |
| kenjiArai | 0:5b88d5760320 | 31 | #include "cc_internal.h" |
| kenjiArai | 0:5b88d5760320 | 32 | |
| kenjiArai | 0:5b88d5760320 | 33 | |
| kenjiArai | 0:5b88d5760320 | 34 | #if defined (MBEDTLS_ECDH_GEN_PUBLIC_ALT) |
| kenjiArai | 0:5b88d5760320 | 35 | int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, |
| kenjiArai | 0:5b88d5760320 | 36 | int ( *f_rng )( void *, unsigned char *, size_t ), |
| kenjiArai | 0:5b88d5760320 | 37 | void *p_rng ) |
| kenjiArai | 0:5b88d5760320 | 38 | { |
| kenjiArai | 0:5b88d5760320 | 39 | int ret = 0; |
| kenjiArai | 0:5b88d5760320 | 40 | void* pHeap = NULL; |
| kenjiArai | 0:5b88d5760320 | 41 | size_t heapSize = 0; |
| kenjiArai | 0:5b88d5760320 | 42 | |
| kenjiArai | 0:5b88d5760320 | 43 | uint32_t public_key_size = (2 * MAX_KEY_SIZE_IN_BYTES + 1); |
| kenjiArai | 0:5b88d5760320 | 44 | const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); |
| kenjiArai | 0:5b88d5760320 | 45 | mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; |
| kenjiArai | 0:5b88d5760320 | 46 | |
| kenjiArai | 0:5b88d5760320 | 47 | if ( pDomain ) |
| kenjiArai | 0:5b88d5760320 | 48 | { |
| kenjiArai | 0:5b88d5760320 | 49 | uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; |
| kenjiArai | 0:5b88d5760320 | 50 | cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof( cc_ecc_ws_keygen_params_t ) ); |
| kenjiArai | 0:5b88d5760320 | 51 | |
| kenjiArai | 0:5b88d5760320 | 52 | if ( kgParams == NULL ) |
| kenjiArai | 0:5b88d5760320 | 53 | return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); |
| kenjiArai | 0:5b88d5760320 | 54 | pHeap = kgParams; |
| kenjiArai | 0:5b88d5760320 | 55 | heapSize = sizeof( cc_ecc_ws_keygen_params_t ); |
| kenjiArai | 0:5b88d5760320 | 56 | |
| kenjiArai | 0:5b88d5760320 | 57 | ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand, |
| kenjiArai | 0:5b88d5760320 | 58 | pDomain, &kgParams->privKey, |
| kenjiArai | 0:5b88d5760320 | 59 | &kgParams->pubKey, |
| kenjiArai | 0:5b88d5760320 | 60 | &kgParams->kgTempData, NULL ) ); |
| kenjiArai | 0:5b88d5760320 | 61 | if( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 62 | { |
| kenjiArai | 0:5b88d5760320 | 63 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 64 | } |
| kenjiArai | 0:5b88d5760320 | 65 | |
| kenjiArai | 0:5b88d5760320 | 66 | ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_ExportPublKey( &kgParams->pubKey, |
| kenjiArai | 0:5b88d5760320 | 67 | CRYS_EC_PointUncompressed,temp_buf, &public_key_size ) ); |
| kenjiArai | 0:5b88d5760320 | 68 | if( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 69 | { |
| kenjiArai | 0:5b88d5760320 | 70 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 71 | } |
| kenjiArai | 0:5b88d5760320 | 72 | |
| kenjiArai | 0:5b88d5760320 | 73 | |
| kenjiArai | 0:5b88d5760320 | 74 | MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( grp, Q, temp_buf, public_key_size ) ); |
| kenjiArai | 0:5b88d5760320 | 75 | memset ( temp_buf, 0 , sizeof(temp_buf) ); |
| kenjiArai | 0:5b88d5760320 | 76 | |
| kenjiArai | 0:5b88d5760320 | 77 | ret = convert_CrysError_to_mbedtls_err( CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (grp->nbits+7)/8, |
| kenjiArai | 0:5b88d5760320 | 78 | kgParams->privKey.PrivKeyDbBuff, |
| kenjiArai | 0:5b88d5760320 | 79 | 4*((((grp->nbits+7)/8)+3)/4) ) ); |
| kenjiArai | 0:5b88d5760320 | 80 | if( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 81 | { |
| kenjiArai | 0:5b88d5760320 | 82 | mbedtls_platform_zeroize( temp_buf, sizeof( temp_buf ) ); |
| kenjiArai | 0:5b88d5760320 | 83 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 84 | } |
| kenjiArai | 0:5b88d5760320 | 85 | |
| kenjiArai | 0:5b88d5760320 | 86 | MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary( d, temp_buf, (grp->nbits+7)/8 ) ); |
| kenjiArai | 0:5b88d5760320 | 87 | mbedtls_platform_zeroize( temp_buf, sizeof( temp_buf ) ); |
| kenjiArai | 0:5b88d5760320 | 88 | } |
| kenjiArai | 0:5b88d5760320 | 89 | |
| kenjiArai | 0:5b88d5760320 | 90 | /* if CRYS_ECPKI_GetEcDomain returns NULL, then the given curve is either Montgomery 25519 |
| kenjiArai | 0:5b88d5760320 | 91 | * or another curve which is not supported by CC310*/ |
| kenjiArai | 0:5b88d5760320 | 92 | else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) |
| kenjiArai | 0:5b88d5760320 | 93 | { |
| kenjiArai | 0:5b88d5760320 | 94 | size_t priv_key_size = public_key_size = CURVE_25519_KEY_SIZE ; |
| kenjiArai | 0:5b88d5760320 | 95 | |
| kenjiArai | 0:5b88d5760320 | 96 | cc_ecc_25519_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_keygen_params_t) ); |
| kenjiArai | 0:5b88d5760320 | 97 | |
| kenjiArai | 0:5b88d5760320 | 98 | if ( kgParams == NULL ) |
| kenjiArai | 0:5b88d5760320 | 99 | return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); |
| kenjiArai | 0:5b88d5760320 | 100 | pHeap = ( uint8_t* )kgParams; |
| kenjiArai | 0:5b88d5760320 | 101 | heapSize = sizeof(cc_ecc_25519_keygen_params_t); |
| kenjiArai | 0:5b88d5760320 | 102 | |
| kenjiArai | 0:5b88d5760320 | 103 | ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_KeyPair( kgParams->pubKey, ( size_t* )&public_key_size, kgParams->privKey, |
| kenjiArai | 0:5b88d5760320 | 104 | &priv_key_size, &cc_rand, convert_mbedtls_to_cc_rand, |
| kenjiArai | 0:5b88d5760320 | 105 | &kgParams->kgTempData ) ); |
| kenjiArai | 0:5b88d5760320 | 106 | if( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 107 | { |
| kenjiArai | 0:5b88d5760320 | 108 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 109 | } |
| kenjiArai | 0:5b88d5760320 | 110 | |
| kenjiArai | 0:5b88d5760320 | 111 | MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( d, kgParams->privKey, priv_key_size ) ); |
| kenjiArai | 0:5b88d5760320 | 112 | MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Q->X, kgParams->pubKey, public_key_size ) ); |
| kenjiArai | 0:5b88d5760320 | 113 | MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Q->Z, 1 ) ); |
| kenjiArai | 0:5b88d5760320 | 114 | } |
| kenjiArai | 0:5b88d5760320 | 115 | else |
| kenjiArai | 0:5b88d5760320 | 116 | ret = MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED; |
| kenjiArai | 0:5b88d5760320 | 117 | |
| kenjiArai | 0:5b88d5760320 | 118 | cleanup: |
| kenjiArai | 0:5b88d5760320 | 119 | |
| kenjiArai | 0:5b88d5760320 | 120 | if ( pHeap ) |
| kenjiArai | 0:5b88d5760320 | 121 | { |
| kenjiArai | 0:5b88d5760320 | 122 | mbedtls_platform_zeroize( pHeap, heapSize ); |
| kenjiArai | 0:5b88d5760320 | 123 | mbedtls_free( pHeap ); |
| kenjiArai | 0:5b88d5760320 | 124 | } |
| kenjiArai | 0:5b88d5760320 | 125 | |
| kenjiArai | 0:5b88d5760320 | 126 | return ( ret ); |
| kenjiArai | 0:5b88d5760320 | 127 | } |
| kenjiArai | 0:5b88d5760320 | 128 | #endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ |
| kenjiArai | 0:5b88d5760320 | 129 | |
| kenjiArai | 0:5b88d5760320 | 130 | /* |
| kenjiArai | 0:5b88d5760320 | 131 | * Compute shared secret (SEC1 3.3.1) |
| kenjiArai | 0:5b88d5760320 | 132 | */ |
| kenjiArai | 0:5b88d5760320 | 133 | #if defined (MBEDTLS_ECDH_COMPUTE_SHARED_ALT) |
| kenjiArai | 0:5b88d5760320 | 134 | int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, |
| kenjiArai | 0:5b88d5760320 | 135 | const mbedtls_ecp_point *Q, const mbedtls_mpi *d, |
| kenjiArai | 0:5b88d5760320 | 136 | int (*f_rng)(void *, unsigned char *, size_t), |
| kenjiArai | 0:5b88d5760320 | 137 | void *p_rng ) |
| kenjiArai | 0:5b88d5760320 | 138 | { |
| kenjiArai | 0:5b88d5760320 | 139 | int ret; |
| kenjiArai | 0:5b88d5760320 | 140 | void* pHeap = NULL; |
| kenjiArai | 0:5b88d5760320 | 141 | size_t heapSize = 0; |
| kenjiArai | 0:5b88d5760320 | 142 | |
| kenjiArai | 0:5b88d5760320 | 143 | size_t public_key_size = (grp->nbits+7)/8 ; |
| kenjiArai | 0:5b88d5760320 | 144 | const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); |
| kenjiArai | 0:5b88d5760320 | 145 | uint32_t secret_size = ( ( grp->nbits + 7 ) / 8 ) ; |
| kenjiArai | 0:5b88d5760320 | 146 | const uint32_t secret_size_in_heap = secret_size; |
| kenjiArai | 0:5b88d5760320 | 147 | uint8_t* secret = mbedtls_calloc( 1, secret_size_in_heap ); |
| kenjiArai | 0:5b88d5760320 | 148 | if ( secret == NULL ) |
| kenjiArai | 0:5b88d5760320 | 149 | return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); |
| kenjiArai | 0:5b88d5760320 | 150 | |
| kenjiArai | 0:5b88d5760320 | 151 | /* |
| kenjiArai | 0:5b88d5760320 | 152 | * Make sure Q is a valid pubkey before using it |
| kenjiArai | 0:5b88d5760320 | 153 | */ |
| kenjiArai | 0:5b88d5760320 | 154 | MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); |
| kenjiArai | 0:5b88d5760320 | 155 | if ( pDomain ) |
| kenjiArai | 0:5b88d5760320 | 156 | { |
| kenjiArai | 0:5b88d5760320 | 157 | uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; |
| kenjiArai | 0:5b88d5760320 | 158 | cc_ecc_ws_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_comp_shared_params_t) ); |
| kenjiArai | 0:5b88d5760320 | 159 | |
| kenjiArai | 0:5b88d5760320 | 160 | if ( ecdhParams == NULL ) |
| kenjiArai | 0:5b88d5760320 | 161 | { |
| kenjiArai | 0:5b88d5760320 | 162 | ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; |
| kenjiArai | 0:5b88d5760320 | 163 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 164 | } |
| kenjiArai | 0:5b88d5760320 | 165 | |
| kenjiArai | 0:5b88d5760320 | 166 | pHeap = ecdhParams; |
| kenjiArai | 0:5b88d5760320 | 167 | heapSize = sizeof(cc_ecc_ws_comp_shared_params_t); |
| kenjiArai | 0:5b88d5760320 | 168 | |
| kenjiArai | 0:5b88d5760320 | 169 | |
| kenjiArai | 0:5b88d5760320 | 170 | MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED, |
| kenjiArai | 0:5b88d5760320 | 171 | &public_key_size, temp_buf, sizeof(temp_buf) ) ); |
| kenjiArai | 0:5b88d5760320 | 172 | |
| kenjiArai | 0:5b88d5760320 | 173 | ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPublKey( pDomain, temp_buf, public_key_size, |
| kenjiArai | 0:5b88d5760320 | 174 | &ecdhParams->pubKey ) ); |
| kenjiArai | 0:5b88d5760320 | 175 | if ( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 176 | { |
| kenjiArai | 0:5b88d5760320 | 177 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 178 | } |
| kenjiArai | 0:5b88d5760320 | 179 | |
| kenjiArai | 0:5b88d5760320 | 180 | memset ( temp_buf, 0, sizeof(temp_buf) ); |
| kenjiArai | 0:5b88d5760320 | 181 | |
| kenjiArai | 0:5b88d5760320 | 182 | MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) ); |
| kenjiArai | 0:5b88d5760320 | 183 | |
| kenjiArai | 0:5b88d5760320 | 184 | ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPrivKey( pDomain, |
| kenjiArai | 0:5b88d5760320 | 185 | temp_buf, |
| kenjiArai | 0:5b88d5760320 | 186 | mbedtls_mpi_size( d ), |
| kenjiArai | 0:5b88d5760320 | 187 | &ecdhParams->privKey ) ); |
| kenjiArai | 0:5b88d5760320 | 188 | mbedtls_platform_zeroize( temp_buf, sizeof( temp_buf ) ); |
| kenjiArai | 0:5b88d5760320 | 189 | if ( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 190 | { |
| kenjiArai | 0:5b88d5760320 | 191 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 192 | } |
| kenjiArai | 0:5b88d5760320 | 193 | |
| kenjiArai | 0:5b88d5760320 | 194 | ret = convert_CrysError_to_mbedtls_err( CRYS_ECDH_SVDP_DH( &ecdhParams->pubKey, &ecdhParams->privKey, |
| kenjiArai | 0:5b88d5760320 | 195 | secret, &secret_size, |
| kenjiArai | 0:5b88d5760320 | 196 | &ecdhParams->ecdhTempData ) ); |
| kenjiArai | 0:5b88d5760320 | 197 | if ( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 198 | { |
| kenjiArai | 0:5b88d5760320 | 199 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 200 | } |
| kenjiArai | 0:5b88d5760320 | 201 | } |
| kenjiArai | 0:5b88d5760320 | 202 | else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) |
| kenjiArai | 0:5b88d5760320 | 203 | { |
| kenjiArai | 1:9db0e321a9f4 | 204 | uint8_t temp_buf[CURVE_25519_KEY_SIZE] = {0}; |
| kenjiArai | 0:5b88d5760320 | 205 | cc_ecc_25519_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_comp_shared_params_t) ); |
| kenjiArai | 0:5b88d5760320 | 206 | if ( ecdhParams == NULL ) |
| kenjiArai | 0:5b88d5760320 | 207 | { |
| kenjiArai | 0:5b88d5760320 | 208 | ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; |
| kenjiArai | 0:5b88d5760320 | 209 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 210 | } |
| kenjiArai | 0:5b88d5760320 | 211 | |
| kenjiArai | 0:5b88d5760320 | 212 | pHeap = ecdhParams; |
| kenjiArai | 0:5b88d5760320 | 213 | heapSize = sizeof(cc_ecc_25519_comp_shared_params_t); |
| kenjiArai | 0:5b88d5760320 | 214 | |
| kenjiArai | 1:9db0e321a9f4 | 215 | if( mbedtls_mpi_size( d ) != CURVE_25519_KEY_SIZE ) |
| kenjiArai | 1:9db0e321a9f4 | 216 | { |
| kenjiArai | 1:9db0e321a9f4 | 217 | ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; |
| kenjiArai | 1:9db0e321a9f4 | 218 | goto cleanup; |
| kenjiArai | 1:9db0e321a9f4 | 219 | } |
| kenjiArai | 1:9db0e321a9f4 | 220 | MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, |
| kenjiArai | 1:9db0e321a9f4 | 221 | mbedtls_mpi_size( d ) ) ) ; |
| kenjiArai | 1:9db0e321a9f4 | 222 | ret = convert_CrysError_to_mbedtls_err( |
| kenjiArai | 1:9db0e321a9f4 | 223 | CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( ecdhParams->privKey, |
| kenjiArai | 1:9db0e321a9f4 | 224 | CURVE_25519_KEY_SIZE, |
| kenjiArai | 1:9db0e321a9f4 | 225 | (uint32_t*)temp_buf, |
| kenjiArai | 1:9db0e321a9f4 | 226 | sizeof( temp_buf) ) ); |
| kenjiArai | 1:9db0e321a9f4 | 227 | if ( ret != 0 ) |
| kenjiArai | 1:9db0e321a9f4 | 228 | { |
| kenjiArai | 1:9db0e321a9f4 | 229 | mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) ); |
| kenjiArai | 1:9db0e321a9f4 | 230 | goto cleanup; |
| kenjiArai | 1:9db0e321a9f4 | 231 | } |
| kenjiArai | 0:5b88d5760320 | 232 | |
| kenjiArai | 1:9db0e321a9f4 | 233 | if( public_key_size != CURVE_25519_KEY_SIZE ) |
| kenjiArai | 1:9db0e321a9f4 | 234 | { |
| kenjiArai | 1:9db0e321a9f4 | 235 | ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; |
| kenjiArai | 1:9db0e321a9f4 | 236 | goto cleanup; |
| kenjiArai | 1:9db0e321a9f4 | 237 | } |
| kenjiArai | 0:5b88d5760320 | 238 | |
| kenjiArai | 1:9db0e321a9f4 | 239 | MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &Q->X, temp_buf, public_key_size ) ); |
| kenjiArai | 1:9db0e321a9f4 | 240 | ret = convert_CrysError_to_mbedtls_err( |
| kenjiArai | 1:9db0e321a9f4 | 241 | CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( ecdhParams->pubKey, |
| kenjiArai | 1:9db0e321a9f4 | 242 | CURVE_25519_KEY_SIZE, |
| kenjiArai | 1:9db0e321a9f4 | 243 | (uint32_t*)temp_buf, |
| kenjiArai | 1:9db0e321a9f4 | 244 | sizeof( temp_buf) ) ); |
| kenjiArai | 1:9db0e321a9f4 | 245 | if ( ret != 0 ) |
| kenjiArai | 1:9db0e321a9f4 | 246 | { |
| kenjiArai | 1:9db0e321a9f4 | 247 | mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) ); |
| kenjiArai | 1:9db0e321a9f4 | 248 | goto cleanup; |
| kenjiArai | 1:9db0e321a9f4 | 249 | } |
| kenjiArai | 1:9db0e321a9f4 | 250 | |
| kenjiArai | 1:9db0e321a9f4 | 251 | if( secret_size != CURVE_25519_KEY_SIZE ) |
| kenjiArai | 1:9db0e321a9f4 | 252 | { |
| kenjiArai | 1:9db0e321a9f4 | 253 | ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; |
| kenjiArai | 1:9db0e321a9f4 | 254 | goto cleanup; |
| kenjiArai | 1:9db0e321a9f4 | 255 | } |
| kenjiArai | 1:9db0e321a9f4 | 256 | |
| kenjiArai | 1:9db0e321a9f4 | 257 | ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_Scalarmult( temp_buf, ( size_t* )&secret_size, |
| kenjiArai | 0:5b88d5760320 | 258 | ecdhParams->privKey, CURVE_25519_KEY_SIZE , |
| kenjiArai | 0:5b88d5760320 | 259 | ecdhParams->pubKey, CURVE_25519_KEY_SIZE , |
| kenjiArai | 0:5b88d5760320 | 260 | &ecdhParams->kgTempData ) ); |
| kenjiArai | 0:5b88d5760320 | 261 | if ( ret != 0 ) |
| kenjiArai | 0:5b88d5760320 | 262 | { |
| kenjiArai | 0:5b88d5760320 | 263 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 264 | } |
| kenjiArai | 1:9db0e321a9f4 | 265 | ret = convert_CrysError_to_mbedtls_err( |
| kenjiArai | 1:9db0e321a9f4 | 266 | CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( secret, |
| kenjiArai | 1:9db0e321a9f4 | 267 | secret_size, |
| kenjiArai | 1:9db0e321a9f4 | 268 | (uint32_t*)temp_buf, |
| kenjiArai | 1:9db0e321a9f4 | 269 | CURVE_25519_KEY_SIZE ) ); |
| kenjiArai | 1:9db0e321a9f4 | 270 | if ( ret != 0 ) |
| kenjiArai | 1:9db0e321a9f4 | 271 | { |
| kenjiArai | 1:9db0e321a9f4 | 272 | mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) ); |
| kenjiArai | 1:9db0e321a9f4 | 273 | goto cleanup; |
| kenjiArai | 1:9db0e321a9f4 | 274 | } |
| kenjiArai | 0:5b88d5760320 | 275 | } |
| kenjiArai | 0:5b88d5760320 | 276 | else |
| kenjiArai | 0:5b88d5760320 | 277 | { |
| kenjiArai | 0:5b88d5760320 | 278 | ret = MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED; |
| kenjiArai | 0:5b88d5760320 | 279 | goto cleanup; |
| kenjiArai | 0:5b88d5760320 | 280 | } |
| kenjiArai | 0:5b88d5760320 | 281 | |
| kenjiArai | 0:5b88d5760320 | 282 | MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( z, secret, secret_size ) ); |
| kenjiArai | 0:5b88d5760320 | 283 | |
| kenjiArai | 0:5b88d5760320 | 284 | cleanup: |
| kenjiArai | 0:5b88d5760320 | 285 | |
| kenjiArai | 0:5b88d5760320 | 286 | if ( pHeap ) |
| kenjiArai | 0:5b88d5760320 | 287 | { |
| kenjiArai | 0:5b88d5760320 | 288 | mbedtls_platform_zeroize( pHeap, heapSize ); |
| kenjiArai | 0:5b88d5760320 | 289 | mbedtls_free ( pHeap ); |
| kenjiArai | 0:5b88d5760320 | 290 | } |
| kenjiArai | 0:5b88d5760320 | 291 | |
| kenjiArai | 0:5b88d5760320 | 292 | if ( secret ) |
| kenjiArai | 0:5b88d5760320 | 293 | { |
| kenjiArai | 0:5b88d5760320 | 294 | mbedtls_platform_zeroize( secret, secret_size_in_heap ); |
| kenjiArai | 0:5b88d5760320 | 295 | mbedtls_free ( secret ); |
| kenjiArai | 0:5b88d5760320 | 296 | } |
| kenjiArai | 0:5b88d5760320 | 297 | |
| kenjiArai | 0:5b88d5760320 | 298 | return ( ret ); |
| kenjiArai | 0:5b88d5760320 | 299 | } |
| kenjiArai | 0:5b88d5760320 | 300 | #endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ |