Greg Steiert / pegasus_dev

Dependents:   blinky_max32630fthr

features/mbedtls/src/ecdh.c@3:1198227e6421, 2016-12-16 (annotated)

Committer:
switches
Date:
Fri Dec 16 16:27:57 2016 +0000
Revision:
3:1198227e6421
Parent:
0:5c4d7b2438d3 
Changed ADC scale for MAX32625 platforms to 1.2V full scale to match MAX32630 platforms

Who changed what in which revision?

UserRevisionLine numberNew contents of line
switches 0:5c4d7b2438d3 1 /*
switches 0:5c4d7b2438d3 2 * Elliptic curve Diffie-Hellman
switches 0:5c4d7b2438d3 3 *
switches 0:5c4d7b2438d3 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
switches 0:5c4d7b2438d3 5 * SPDX-License-Identifier: Apache-2.0
switches 0:5c4d7b2438d3 6 *
switches 0:5c4d7b2438d3 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
switches 0:5c4d7b2438d3 8 * not use this file except in compliance with the License.
switches 0:5c4d7b2438d3 9 * You may obtain a copy of the License at
switches 0:5c4d7b2438d3 10 *
switches 0:5c4d7b2438d3 11 * http://www.apache.org/licenses/LICENSE-2.0
switches 0:5c4d7b2438d3 12 *
switches 0:5c4d7b2438d3 13 * Unless required by applicable law or agreed to in writing, software
switches 0:5c4d7b2438d3 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
switches 0:5c4d7b2438d3 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
switches 0:5c4d7b2438d3 16 * See the License for the specific language governing permissions and
switches 0:5c4d7b2438d3 17 * limitations under the License.
switches 0:5c4d7b2438d3 18 *
switches 0:5c4d7b2438d3 19 * This file is part of mbed TLS (https://tls.mbed.org)
switches 0:5c4d7b2438d3 20 */
switches 0:5c4d7b2438d3 21
switches 0:5c4d7b2438d3 22 /*
switches 0:5c4d7b2438d3 23 * References:
switches 0:5c4d7b2438d3 24 *
switches 0:5c4d7b2438d3 25 * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
switches 0:5c4d7b2438d3 26 * RFC 4492
switches 0:5c4d7b2438d3 27 */
switches 0:5c4d7b2438d3 28
switches 0:5c4d7b2438d3 29 #if !defined(MBEDTLS_CONFIG_FILE)
switches 0:5c4d7b2438d3 30 #include "mbedtls/config.h"
switches 0:5c4d7b2438d3 31 #else
switches 0:5c4d7b2438d3 32 #include MBEDTLS_CONFIG_FILE
switches 0:5c4d7b2438d3 33 #endif
switches 0:5c4d7b2438d3 34
switches 0:5c4d7b2438d3 35 #if defined(MBEDTLS_ECDH_C)
switches 0:5c4d7b2438d3 36
switches 0:5c4d7b2438d3 37 #include "mbedtls/ecdh.h"
switches 0:5c4d7b2438d3 38
switches 0:5c4d7b2438d3 39 #include <string.h>
switches 0:5c4d7b2438d3 40
switches 0:5c4d7b2438d3 41 /*
switches 0:5c4d7b2438d3 42 * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
switches 0:5c4d7b2438d3 43 */
switches 0:5c4d7b2438d3 44 int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
switches 0:5c4d7b2438d3 45 int (*f_rng)(void *, unsigned char *, size_t),
switches 0:5c4d7b2438d3 46 void *p_rng )
switches 0:5c4d7b2438d3 47 {
switches 0:5c4d7b2438d3 48 return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
switches 0:5c4d7b2438d3 49 }
switches 0:5c4d7b2438d3 50
switches 0:5c4d7b2438d3 51 /*
switches 0:5c4d7b2438d3 52 * Compute shared secret (SEC1 3.3.1)
switches 0:5c4d7b2438d3 53 */
switches 0:5c4d7b2438d3 54 int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
switches 0:5c4d7b2438d3 55 const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
switches 0:5c4d7b2438d3 56 int (*f_rng)(void *, unsigned char *, size_t),
switches 0:5c4d7b2438d3 57 void *p_rng )
switches 0:5c4d7b2438d3 58 {
switches 0:5c4d7b2438d3 59 int ret;
switches 0:5c4d7b2438d3 60 mbedtls_ecp_point P;
switches 0:5c4d7b2438d3 61
switches 0:5c4d7b2438d3 62 mbedtls_ecp_point_init( &P );
switches 0:5c4d7b2438d3 63
switches 0:5c4d7b2438d3 64 /*
switches 0:5c4d7b2438d3 65 * Make sure Q is a valid pubkey before using it
switches 0:5c4d7b2438d3 66 */
switches 0:5c4d7b2438d3 67 MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
switches 0:5c4d7b2438d3 68
switches 0:5c4d7b2438d3 69 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
switches 0:5c4d7b2438d3 70
switches 0:5c4d7b2438d3 71 if( mbedtls_ecp_is_zero( &P ) )
switches 0:5c4d7b2438d3 72 {
switches 0:5c4d7b2438d3 73 ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
switches 0:5c4d7b2438d3 74 goto cleanup;
switches 0:5c4d7b2438d3 75 }
switches 0:5c4d7b2438d3 76
switches 0:5c4d7b2438d3 77 MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) );
switches 0:5c4d7b2438d3 78
switches 0:5c4d7b2438d3 79 cleanup:
switches 0:5c4d7b2438d3 80 mbedtls_ecp_point_free( &P );
switches 0:5c4d7b2438d3 81
switches 0:5c4d7b2438d3 82 return( ret );
switches 0:5c4d7b2438d3 83 }
switches 0:5c4d7b2438d3 84
switches 0:5c4d7b2438d3 85 /*
switches 0:5c4d7b2438d3 86 * Initialize context
switches 0:5c4d7b2438d3 87 */
switches 0:5c4d7b2438d3 88 void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
switches 0:5c4d7b2438d3 89 {
switches 0:5c4d7b2438d3 90 memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
switches 0:5c4d7b2438d3 91 }
switches 0:5c4d7b2438d3 92
switches 0:5c4d7b2438d3 93 /*
switches 0:5c4d7b2438d3 94 * Free context
switches 0:5c4d7b2438d3 95 */
switches 0:5c4d7b2438d3 96 void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
switches 0:5c4d7b2438d3 97 {
switches 0:5c4d7b2438d3 98 if( ctx == NULL )
switches 0:5c4d7b2438d3 99 return;
switches 0:5c4d7b2438d3 100
switches 0:5c4d7b2438d3 101 mbedtls_ecp_group_free( &ctx->grp );
switches 0:5c4d7b2438d3 102 mbedtls_ecp_point_free( &ctx->Q );
switches 0:5c4d7b2438d3 103 mbedtls_ecp_point_free( &ctx->Qp );
switches 0:5c4d7b2438d3 104 mbedtls_ecp_point_free( &ctx->Vi );
switches 0:5c4d7b2438d3 105 mbedtls_ecp_point_free( &ctx->Vf );
switches 0:5c4d7b2438d3 106 mbedtls_mpi_free( &ctx->d );
switches 0:5c4d7b2438d3 107 mbedtls_mpi_free( &ctx->z );
switches 0:5c4d7b2438d3 108 mbedtls_mpi_free( &ctx->_d );
switches 0:5c4d7b2438d3 109 }
switches 0:5c4d7b2438d3 110
switches 0:5c4d7b2438d3 111 /*
switches 0:5c4d7b2438d3 112 * Setup and write the ServerKeyExhange parameters (RFC 4492)
switches 0:5c4d7b2438d3 113 * struct {
switches 0:5c4d7b2438d3 114 * ECParameters curve_params;
switches 0:5c4d7b2438d3 115 * ECPoint public;
switches 0:5c4d7b2438d3 116 * } ServerECDHParams;
switches 0:5c4d7b2438d3 117 */
switches 0:5c4d7b2438d3 118 int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
switches 0:5c4d7b2438d3 119 unsigned char *buf, size_t blen,
switches 0:5c4d7b2438d3 120 int (*f_rng)(void *, unsigned char *, size_t),
switches 0:5c4d7b2438d3 121 void *p_rng )
switches 0:5c4d7b2438d3 122 {
switches 0:5c4d7b2438d3 123 int ret;
switches 0:5c4d7b2438d3 124 size_t grp_len, pt_len;
switches 0:5c4d7b2438d3 125
switches 0:5c4d7b2438d3 126 if( ctx == NULL || ctx->grp.pbits == 0 )
switches 0:5c4d7b2438d3 127 return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
switches 0:5c4d7b2438d3 128
switches 0:5c4d7b2438d3 129 if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
switches 0:5c4d7b2438d3 130 != 0 )
switches 0:5c4d7b2438d3 131 return( ret );
switches 0:5c4d7b2438d3 132
switches 0:5c4d7b2438d3 133 if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
switches 0:5c4d7b2438d3 134 != 0 )
switches 0:5c4d7b2438d3 135 return( ret );
switches 0:5c4d7b2438d3 136
switches 0:5c4d7b2438d3 137 buf += grp_len;
switches 0:5c4d7b2438d3 138 blen -= grp_len;
switches 0:5c4d7b2438d3 139
switches 0:5c4d7b2438d3 140 if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
switches 0:5c4d7b2438d3 141 &pt_len, buf, blen ) ) != 0 )
switches 0:5c4d7b2438d3 142 return( ret );
switches 0:5c4d7b2438d3 143
switches 0:5c4d7b2438d3 144 *olen = grp_len + pt_len;
switches 0:5c4d7b2438d3 145 return( 0 );
switches 0:5c4d7b2438d3 146 }
switches 0:5c4d7b2438d3 147
switches 0:5c4d7b2438d3 148 /*
switches 0:5c4d7b2438d3 149 * Read the ServerKeyExhange parameters (RFC 4492)
switches 0:5c4d7b2438d3 150 * struct {
switches 0:5c4d7b2438d3 151 * ECParameters curve_params;
switches 0:5c4d7b2438d3 152 * ECPoint public;
switches 0:5c4d7b2438d3 153 * } ServerECDHParams;
switches 0:5c4d7b2438d3 154 */
switches 0:5c4d7b2438d3 155 int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
switches 0:5c4d7b2438d3 156 const unsigned char **buf, const unsigned char *end )
switches 0:5c4d7b2438d3 157 {
switches 0:5c4d7b2438d3 158 int ret;
switches 0:5c4d7b2438d3 159
switches 0:5c4d7b2438d3 160 if( ( ret = mbedtls_ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 )
switches 0:5c4d7b2438d3 161 return( ret );
switches 0:5c4d7b2438d3 162
switches 0:5c4d7b2438d3 163 if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) )
switches 0:5c4d7b2438d3 164 != 0 )
switches 0:5c4d7b2438d3 165 return( ret );
switches 0:5c4d7b2438d3 166
switches 0:5c4d7b2438d3 167 return( 0 );
switches 0:5c4d7b2438d3 168 }
switches 0:5c4d7b2438d3 169
switches 0:5c4d7b2438d3 170 /*
switches 0:5c4d7b2438d3 171 * Get parameters from a keypair
switches 0:5c4d7b2438d3 172 */
switches 0:5c4d7b2438d3 173 int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
switches 0:5c4d7b2438d3 174 mbedtls_ecdh_side side )
switches 0:5c4d7b2438d3 175 {
switches 0:5c4d7b2438d3 176 int ret;
switches 0:5c4d7b2438d3 177
switches 0:5c4d7b2438d3 178 if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 )
switches 0:5c4d7b2438d3 179 return( ret );
switches 0:5c4d7b2438d3 180
switches 0:5c4d7b2438d3 181 /* If it's not our key, just import the public part as Qp */
switches 0:5c4d7b2438d3 182 if( side == MBEDTLS_ECDH_THEIRS )
switches 0:5c4d7b2438d3 183 return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) );
switches 0:5c4d7b2438d3 184
switches 0:5c4d7b2438d3 185 /* Our key: import public (as Q) and private parts */
switches 0:5c4d7b2438d3 186 if( side != MBEDTLS_ECDH_OURS )
switches 0:5c4d7b2438d3 187 return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
switches 0:5c4d7b2438d3 188
switches 0:5c4d7b2438d3 189 if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
switches 0:5c4d7b2438d3 190 ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 )
switches 0:5c4d7b2438d3 191 return( ret );
switches 0:5c4d7b2438d3 192
switches 0:5c4d7b2438d3 193 return( 0 );
switches 0:5c4d7b2438d3 194 }
switches 0:5c4d7b2438d3 195
switches 0:5c4d7b2438d3 196 /*
switches 0:5c4d7b2438d3 197 * Setup and export the client public value
switches 0:5c4d7b2438d3 198 */
switches 0:5c4d7b2438d3 199 int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
switches 0:5c4d7b2438d3 200 unsigned char *buf, size_t blen,
switches 0:5c4d7b2438d3 201 int (*f_rng)(void *, unsigned char *, size_t),
switches 0:5c4d7b2438d3 202 void *p_rng )
switches 0:5c4d7b2438d3 203 {
switches 0:5c4d7b2438d3 204 int ret;
switches 0:5c4d7b2438d3 205
switches 0:5c4d7b2438d3 206 if( ctx == NULL || ctx->grp.pbits == 0 )
switches 0:5c4d7b2438d3 207 return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
switches 0:5c4d7b2438d3 208
switches 0:5c4d7b2438d3 209 if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
switches 0:5c4d7b2438d3 210 != 0 )
switches 0:5c4d7b2438d3 211 return( ret );
switches 0:5c4d7b2438d3 212
switches 0:5c4d7b2438d3 213 return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
switches 0:5c4d7b2438d3 214 olen, buf, blen );
switches 0:5c4d7b2438d3 215 }
switches 0:5c4d7b2438d3 216
switches 0:5c4d7b2438d3 217 /*
switches 0:5c4d7b2438d3 218 * Parse and import the client's public value
switches 0:5c4d7b2438d3 219 */
switches 0:5c4d7b2438d3 220 int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
switches 0:5c4d7b2438d3 221 const unsigned char *buf, size_t blen )
switches 0:5c4d7b2438d3 222 {
switches 0:5c4d7b2438d3 223 int ret;
switches 0:5c4d7b2438d3 224 const unsigned char *p = buf;
switches 0:5c4d7b2438d3 225
switches 0:5c4d7b2438d3 226 if( ctx == NULL )
switches 0:5c4d7b2438d3 227 return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
switches 0:5c4d7b2438d3 228
switches 0:5c4d7b2438d3 229 if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 )
switches 0:5c4d7b2438d3 230 return( ret );
switches 0:5c4d7b2438d3 231
switches 0:5c4d7b2438d3 232 if( (size_t)( p - buf ) != blen )
switches 0:5c4d7b2438d3 233 return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
switches 0:5c4d7b2438d3 234
switches 0:5c4d7b2438d3 235 return( 0 );
switches 0:5c4d7b2438d3 236 }
switches 0:5c4d7b2438d3 237
switches 0:5c4d7b2438d3 238 /*
switches 0:5c4d7b2438d3 239 * Derive and export the shared secret
switches 0:5c4d7b2438d3 240 */
switches 0:5c4d7b2438d3 241 int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
switches 0:5c4d7b2438d3 242 unsigned char *buf, size_t blen,
switches 0:5c4d7b2438d3 243 int (*f_rng)(void *, unsigned char *, size_t),
switches 0:5c4d7b2438d3 244 void *p_rng )
switches 0:5c4d7b2438d3 245 {
switches 0:5c4d7b2438d3 246 int ret;
switches 0:5c4d7b2438d3 247
switches 0:5c4d7b2438d3 248 if( ctx == NULL )
switches 0:5c4d7b2438d3 249 return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
switches 0:5c4d7b2438d3 250
switches 0:5c4d7b2438d3 251 if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
switches 0:5c4d7b2438d3 252 f_rng, p_rng ) ) != 0 )
switches 0:5c4d7b2438d3 253 {
switches 0:5c4d7b2438d3 254 return( ret );
switches 0:5c4d7b2438d3 255 }
switches 0:5c4d7b2438d3 256
switches 0:5c4d7b2438d3 257 if( mbedtls_mpi_size( &ctx->z ) > blen )
switches 0:5c4d7b2438d3 258 return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
switches 0:5c4d7b2438d3 259
switches 0:5c4d7b2438d3 260 *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
switches 0:5c4d7b2438d3 261 return mbedtls_mpi_write_binary( &ctx->z, buf, *olen );
switches 0:5c4d7b2438d3 262 }
switches 0:5c4d7b2438d3 263
switches 0:5c4d7b2438d3 264 #endif /* MBEDTLS_ECDH_C */