Willie Solano
mbed TLS Build
include/mbedtls/dhm.h@1:1a219dea6cb5, 2019-06-04 (annotated)
- Committer:
- williequesada
- Date:
- Tue Jun 04 16:03:38 2019 +0000
- Revision:
- 1:1a219dea6cb5
- Parent:
- 0:cdf462088d13
compartir a Pablo
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| markrad | 0:cdf462088d13 | 1 | /** |
| markrad | 0:cdf462088d13 | 2 | * \file dhm.h |
| markrad | 0:cdf462088d13 | 3 | * |
| markrad | 0:cdf462088d13 | 4 | * \brief Diffie-Hellman-Merkle key exchange |
| markrad | 0:cdf462088d13 | 5 | * |
| markrad | 0:cdf462088d13 | 6 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| markrad | 0:cdf462088d13 | 7 | * SPDX-License-Identifier: Apache-2.0 |
| markrad | 0:cdf462088d13 | 8 | * |
| markrad | 0:cdf462088d13 | 9 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| markrad | 0:cdf462088d13 | 10 | * not use this file except in compliance with the License. |
| markrad | 0:cdf462088d13 | 11 | * You may obtain a copy of the License at |
| markrad | 0:cdf462088d13 | 12 | * |
| markrad | 0:cdf462088d13 | 13 | * http://www.apache.org/licenses/LICENSE-2.0 |
| markrad | 0:cdf462088d13 | 14 | * |
| markrad | 0:cdf462088d13 | 15 | * Unless required by applicable law or agreed to in writing, software |
| markrad | 0:cdf462088d13 | 16 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| markrad | 0:cdf462088d13 | 17 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| markrad | 0:cdf462088d13 | 18 | * See the License for the specific language governing permissions and |
| markrad | 0:cdf462088d13 | 19 | * limitations under the License. |
| markrad | 0:cdf462088d13 | 20 | * |
| markrad | 0:cdf462088d13 | 21 | * This file is part of mbed TLS (https://tls.mbed.org) |
| markrad | 0:cdf462088d13 | 22 | */ |
| markrad | 0:cdf462088d13 | 23 | #ifndef MBEDTLS_DHM_H |
| markrad | 0:cdf462088d13 | 24 | #define MBEDTLS_DHM_H |
| markrad | 0:cdf462088d13 | 25 | |
| markrad | 0:cdf462088d13 | 26 | #include "bignum.h" |
| markrad | 0:cdf462088d13 | 27 | |
| markrad | 0:cdf462088d13 | 28 | /* |
| markrad | 0:cdf462088d13 | 29 | * DHM Error codes |
| markrad | 0:cdf462088d13 | 30 | */ |
| markrad | 0:cdf462088d13 | 31 | #define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */ |
| markrad | 0:cdf462088d13 | 32 | #define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ |
| markrad | 0:cdf462088d13 | 33 | #define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ |
| markrad | 0:cdf462088d13 | 34 | #define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ |
| markrad | 0:cdf462088d13 | 35 | #define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ |
| markrad | 0:cdf462088d13 | 36 | #define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ |
| markrad | 0:cdf462088d13 | 37 | #define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ |
| markrad | 0:cdf462088d13 | 38 | #define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ |
| markrad | 0:cdf462088d13 | 39 | #define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */ |
| markrad | 0:cdf462088d13 | 40 | |
| markrad | 0:cdf462088d13 | 41 | /** |
| markrad | 0:cdf462088d13 | 42 | * RFC 3526 defines a number of standardized Diffie-Hellman groups |
| markrad | 0:cdf462088d13 | 43 | * for IKE. |
| markrad | 0:cdf462088d13 | 44 | * RFC 5114 defines a number of standardized Diffie-Hellman groups |
| markrad | 0:cdf462088d13 | 45 | * that can be used. |
| markrad | 0:cdf462088d13 | 46 | * |
| markrad | 0:cdf462088d13 | 47 | * Some are included here for convenience. |
| markrad | 0:cdf462088d13 | 48 | * |
| markrad | 0:cdf462088d13 | 49 | * Included are: |
| markrad | 0:cdf462088d13 | 50 | * RFC 3526 3. 2048-bit MODP Group |
| markrad | 0:cdf462088d13 | 51 | * RFC 3526 4. 3072-bit MODP Group |
| markrad | 0:cdf462088d13 | 52 | * RFC 3526 5. 4096-bit MODP Group |
| markrad | 0:cdf462088d13 | 53 | * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup |
| markrad | 0:cdf462088d13 | 54 | */ |
| markrad | 0:cdf462088d13 | 55 | #define MBEDTLS_DHM_RFC3526_MODP_2048_P \ |
| markrad | 0:cdf462088d13 | 56 | "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ |
| markrad | 0:cdf462088d13 | 57 | "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ |
| markrad | 0:cdf462088d13 | 58 | "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ |
| markrad | 0:cdf462088d13 | 59 | "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ |
| markrad | 0:cdf462088d13 | 60 | "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ |
| markrad | 0:cdf462088d13 | 61 | "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ |
| markrad | 0:cdf462088d13 | 62 | "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ |
| markrad | 0:cdf462088d13 | 63 | "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ |
| markrad | 0:cdf462088d13 | 64 | "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ |
| markrad | 0:cdf462088d13 | 65 | "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ |
| markrad | 0:cdf462088d13 | 66 | "15728E5A8AACAA68FFFFFFFFFFFFFFFF" |
| markrad | 0:cdf462088d13 | 67 | |
| markrad | 0:cdf462088d13 | 68 | #define MBEDTLS_DHM_RFC3526_MODP_2048_G "02" |
| markrad | 0:cdf462088d13 | 69 | |
| markrad | 0:cdf462088d13 | 70 | #define MBEDTLS_DHM_RFC3526_MODP_3072_P \ |
| markrad | 0:cdf462088d13 | 71 | "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ |
| markrad | 0:cdf462088d13 | 72 | "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ |
| markrad | 0:cdf462088d13 | 73 | "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ |
| markrad | 0:cdf462088d13 | 74 | "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ |
| markrad | 0:cdf462088d13 | 75 | "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ |
| markrad | 0:cdf462088d13 | 76 | "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ |
| markrad | 0:cdf462088d13 | 77 | "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ |
| markrad | 0:cdf462088d13 | 78 | "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ |
| markrad | 0:cdf462088d13 | 79 | "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ |
| markrad | 0:cdf462088d13 | 80 | "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ |
| markrad | 0:cdf462088d13 | 81 | "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ |
| markrad | 0:cdf462088d13 | 82 | "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ |
| markrad | 0:cdf462088d13 | 83 | "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ |
| markrad | 0:cdf462088d13 | 84 | "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ |
| markrad | 0:cdf462088d13 | 85 | "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ |
| markrad | 0:cdf462088d13 | 86 | "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" |
| markrad | 0:cdf462088d13 | 87 | |
| markrad | 0:cdf462088d13 | 88 | #define MBEDTLS_DHM_RFC3526_MODP_3072_G "02" |
| markrad | 0:cdf462088d13 | 89 | |
| markrad | 0:cdf462088d13 | 90 | #define MBEDTLS_DHM_RFC3526_MODP_4096_P \ |
| markrad | 0:cdf462088d13 | 91 | "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ |
| markrad | 0:cdf462088d13 | 92 | "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ |
| markrad | 0:cdf462088d13 | 93 | "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ |
| markrad | 0:cdf462088d13 | 94 | "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ |
| markrad | 0:cdf462088d13 | 95 | "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ |
| markrad | 0:cdf462088d13 | 96 | "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ |
| markrad | 0:cdf462088d13 | 97 | "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ |
| markrad | 0:cdf462088d13 | 98 | "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ |
| markrad | 0:cdf462088d13 | 99 | "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ |
| markrad | 0:cdf462088d13 | 100 | "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ |
| markrad | 0:cdf462088d13 | 101 | "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ |
| markrad | 0:cdf462088d13 | 102 | "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ |
| markrad | 0:cdf462088d13 | 103 | "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ |
| markrad | 0:cdf462088d13 | 104 | "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ |
| markrad | 0:cdf462088d13 | 105 | "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ |
| markrad | 0:cdf462088d13 | 106 | "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" \ |
| markrad | 0:cdf462088d13 | 107 | "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" \ |
| markrad | 0:cdf462088d13 | 108 | "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" \ |
| markrad | 0:cdf462088d13 | 109 | "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \ |
| markrad | 0:cdf462088d13 | 110 | "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \ |
| markrad | 0:cdf462088d13 | 111 | "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \ |
| markrad | 0:cdf462088d13 | 112 | "FFFFFFFFFFFFFFFF" |
| markrad | 0:cdf462088d13 | 113 | |
| markrad | 0:cdf462088d13 | 114 | #define MBEDTLS_DHM_RFC3526_MODP_4096_G "02" |
| markrad | 0:cdf462088d13 | 115 | |
| markrad | 0:cdf462088d13 | 116 | #define MBEDTLS_DHM_RFC5114_MODP_2048_P \ |
| markrad | 0:cdf462088d13 | 117 | "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ |
| markrad | 0:cdf462088d13 | 118 | "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ |
| markrad | 0:cdf462088d13 | 119 | "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \ |
| markrad | 0:cdf462088d13 | 120 | "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \ |
| markrad | 0:cdf462088d13 | 121 | "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \ |
| markrad | 0:cdf462088d13 | 122 | "B3BF8A317091883681286130BC8985DB1602E714415D9330" \ |
| markrad | 0:cdf462088d13 | 123 | "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \ |
| markrad | 0:cdf462088d13 | 124 | "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \ |
| markrad | 0:cdf462088d13 | 125 | "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \ |
| markrad | 0:cdf462088d13 | 126 | "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ |
| markrad | 0:cdf462088d13 | 127 | "CF9DE5384E71B81C0AC4DFFE0C10E64F" |
| markrad | 0:cdf462088d13 | 128 | |
| markrad | 0:cdf462088d13 | 129 | #define MBEDTLS_DHM_RFC5114_MODP_2048_G \ |
| markrad | 0:cdf462088d13 | 130 | "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\ |
| markrad | 0:cdf462088d13 | 131 | "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\ |
| markrad | 0:cdf462088d13 | 132 | "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\ |
| markrad | 0:cdf462088d13 | 133 | "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"\ |
| markrad | 0:cdf462088d13 | 134 | "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"\ |
| markrad | 0:cdf462088d13 | 135 | "F180EB34118E98D119529A45D6F834566E3025E316A330EF"\ |
| markrad | 0:cdf462088d13 | 136 | "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"\ |
| markrad | 0:cdf462088d13 | 137 | "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"\ |
| markrad | 0:cdf462088d13 | 138 | "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"\ |
| markrad | 0:cdf462088d13 | 139 | "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\ |
| markrad | 0:cdf462088d13 | 140 | "81BC087F2A7065B384B890D3191F2BFA" |
| markrad | 0:cdf462088d13 | 141 | |
| markrad | 0:cdf462088d13 | 142 | #ifdef __cplusplus |
| markrad | 0:cdf462088d13 | 143 | extern "C" { |
| markrad | 0:cdf462088d13 | 144 | #endif |
| markrad | 0:cdf462088d13 | 145 | |
| markrad | 0:cdf462088d13 | 146 | /** |
| markrad | 0:cdf462088d13 | 147 | * \brief DHM context structure |
| markrad | 0:cdf462088d13 | 148 | */ |
| markrad | 0:cdf462088d13 | 149 | typedef struct |
| markrad | 0:cdf462088d13 | 150 | { |
| markrad | 0:cdf462088d13 | 151 | size_t len; /*!< size(P) in chars */ |
| markrad | 0:cdf462088d13 | 152 | mbedtls_mpi P; /*!< prime modulus */ |
| markrad | 0:cdf462088d13 | 153 | mbedtls_mpi G; /*!< generator */ |
| markrad | 0:cdf462088d13 | 154 | mbedtls_mpi X; /*!< secret value */ |
| markrad | 0:cdf462088d13 | 155 | mbedtls_mpi GX; /*!< self = G^X mod P */ |
| markrad | 0:cdf462088d13 | 156 | mbedtls_mpi GY; /*!< peer = G^Y mod P */ |
| markrad | 0:cdf462088d13 | 157 | mbedtls_mpi K; /*!< key = GY^X mod P */ |
| markrad | 0:cdf462088d13 | 158 | mbedtls_mpi RP; /*!< cached R^2 mod P */ |
| markrad | 0:cdf462088d13 | 159 | mbedtls_mpi Vi; /*!< blinding value */ |
| markrad | 0:cdf462088d13 | 160 | mbedtls_mpi Vf; /*!< un-blinding value */ |
| markrad | 0:cdf462088d13 | 161 | mbedtls_mpi pX; /*!< previous X */ |
| markrad | 0:cdf462088d13 | 162 | } |
| markrad | 0:cdf462088d13 | 163 | mbedtls_dhm_context; |
| markrad | 0:cdf462088d13 | 164 | |
| markrad | 0:cdf462088d13 | 165 | /** |
| markrad | 0:cdf462088d13 | 166 | * \brief Initialize DHM context |
| markrad | 0:cdf462088d13 | 167 | * |
| markrad | 0:cdf462088d13 | 168 | * \param ctx DHM context to be initialized |
| markrad | 0:cdf462088d13 | 169 | */ |
| markrad | 0:cdf462088d13 | 170 | void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); |
| markrad | 0:cdf462088d13 | 171 | |
| markrad | 0:cdf462088d13 | 172 | /** |
| markrad | 0:cdf462088d13 | 173 | * \brief Parse the ServerKeyExchange parameters |
| markrad | 0:cdf462088d13 | 174 | * |
| markrad | 0:cdf462088d13 | 175 | * \param ctx DHM context |
| markrad | 0:cdf462088d13 | 176 | * \param p &(start of input buffer) |
| markrad | 0:cdf462088d13 | 177 | * \param end end of buffer |
| markrad | 0:cdf462088d13 | 178 | * |
| markrad | 0:cdf462088d13 | 179 | * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code |
| markrad | 0:cdf462088d13 | 180 | */ |
| markrad | 0:cdf462088d13 | 181 | int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, |
| markrad | 0:cdf462088d13 | 182 | unsigned char **p, |
| markrad | 0:cdf462088d13 | 183 | const unsigned char *end ); |
| markrad | 0:cdf462088d13 | 184 | |
| markrad | 0:cdf462088d13 | 185 | /** |
| markrad | 0:cdf462088d13 | 186 | * \brief Setup and write the ServerKeyExchange parameters |
| markrad | 0:cdf462088d13 | 187 | * |
| markrad | 0:cdf462088d13 | 188 | * \param ctx DHM context |
| markrad | 0:cdf462088d13 | 189 | * \param x_size private value size in bytes |
| markrad | 0:cdf462088d13 | 190 | * \param output destination buffer |
| markrad | 0:cdf462088d13 | 191 | * \param olen number of chars written |
| markrad | 0:cdf462088d13 | 192 | * \param f_rng RNG function |
| markrad | 0:cdf462088d13 | 193 | * \param p_rng RNG parameter |
| markrad | 0:cdf462088d13 | 194 | * |
| markrad | 0:cdf462088d13 | 195 | * \note This function assumes that ctx->P and ctx->G |
| markrad | 0:cdf462088d13 | 196 | * have already been properly set (for example |
| markrad | 0:cdf462088d13 | 197 | * using mbedtls_mpi_read_string or mbedtls_mpi_read_binary). |
| markrad | 0:cdf462088d13 | 198 | * |
| markrad | 0:cdf462088d13 | 199 | * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code |
| markrad | 0:cdf462088d13 | 200 | */ |
| markrad | 0:cdf462088d13 | 201 | int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, |
| markrad | 0:cdf462088d13 | 202 | unsigned char *output, size_t *olen, |
| markrad | 0:cdf462088d13 | 203 | int (*f_rng)(void *, unsigned char *, size_t), |
| markrad | 0:cdf462088d13 | 204 | void *p_rng ); |
| markrad | 0:cdf462088d13 | 205 | |
| markrad | 0:cdf462088d13 | 206 | /** |
| markrad | 0:cdf462088d13 | 207 | * \brief Import the peer's public value G^Y |
| markrad | 0:cdf462088d13 | 208 | * |
| markrad | 0:cdf462088d13 | 209 | * \param ctx DHM context |
| markrad | 0:cdf462088d13 | 210 | * \param input input buffer |
| markrad | 0:cdf462088d13 | 211 | * \param ilen size of buffer |
| markrad | 0:cdf462088d13 | 212 | * |
| markrad | 0:cdf462088d13 | 213 | * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code |
| markrad | 0:cdf462088d13 | 214 | */ |
| markrad | 0:cdf462088d13 | 215 | int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, |
| markrad | 0:cdf462088d13 | 216 | const unsigned char *input, size_t ilen ); |
| markrad | 0:cdf462088d13 | 217 | |
| markrad | 0:cdf462088d13 | 218 | /** |
| markrad | 0:cdf462088d13 | 219 | * \brief Create own private value X and export G^X |
| markrad | 0:cdf462088d13 | 220 | * |
| markrad | 0:cdf462088d13 | 221 | * \param ctx DHM context |
| markrad | 0:cdf462088d13 | 222 | * \param x_size private value size in bytes |
| markrad | 0:cdf462088d13 | 223 | * \param output destination buffer |
| markrad | 0:cdf462088d13 | 224 | * \param olen must be at least equal to the size of P, ctx->len |
| markrad | 0:cdf462088d13 | 225 | * \param f_rng RNG function |
| markrad | 0:cdf462088d13 | 226 | * \param p_rng RNG parameter |
| markrad | 0:cdf462088d13 | 227 | * |
| markrad | 0:cdf462088d13 | 228 | * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code |
| markrad | 0:cdf462088d13 | 229 | */ |
| markrad | 0:cdf462088d13 | 230 | int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, |
| markrad | 0:cdf462088d13 | 231 | unsigned char *output, size_t olen, |
| markrad | 0:cdf462088d13 | 232 | int (*f_rng)(void *, unsigned char *, size_t), |
| markrad | 0:cdf462088d13 | 233 | void *p_rng ); |
| markrad | 0:cdf462088d13 | 234 | |
| markrad | 0:cdf462088d13 | 235 | /** |
| markrad | 0:cdf462088d13 | 236 | * \brief Derive and export the shared secret (G^Y)^X mod P |
| markrad | 0:cdf462088d13 | 237 | * |
| markrad | 0:cdf462088d13 | 238 | * \param ctx DHM context |
| markrad | 0:cdf462088d13 | 239 | * \param output destination buffer |
| markrad | 0:cdf462088d13 | 240 | * \param output_size size of the destination buffer |
| markrad | 0:cdf462088d13 | 241 | * \param olen on exit, holds the actual number of bytes written |
| markrad | 0:cdf462088d13 | 242 | * \param f_rng RNG function, for blinding purposes |
| markrad | 0:cdf462088d13 | 243 | * \param p_rng RNG parameter |
| markrad | 0:cdf462088d13 | 244 | * |
| markrad | 0:cdf462088d13 | 245 | * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code |
| markrad | 0:cdf462088d13 | 246 | * |
| markrad | 0:cdf462088d13 | 247 | * \note If non-NULL, f_rng is used to blind the input as |
| markrad | 0:cdf462088d13 | 248 | * countermeasure against timing attacks. Blinding is |
| markrad | 0:cdf462088d13 | 249 | * automatically used if and only if our secret value X is |
| markrad | 0:cdf462088d13 | 250 | * re-used and costs nothing otherwise, so it is recommended |
| markrad | 0:cdf462088d13 | 251 | * to always pass a non-NULL f_rng argument. |
| markrad | 0:cdf462088d13 | 252 | */ |
| markrad | 0:cdf462088d13 | 253 | int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, |
| markrad | 0:cdf462088d13 | 254 | unsigned char *output, size_t output_size, size_t *olen, |
| markrad | 0:cdf462088d13 | 255 | int (*f_rng)(void *, unsigned char *, size_t), |
| markrad | 0:cdf462088d13 | 256 | void *p_rng ); |
| markrad | 0:cdf462088d13 | 257 | |
| markrad | 0:cdf462088d13 | 258 | /** |
| markrad | 0:cdf462088d13 | 259 | * \brief Free and clear the components of a DHM key |
| markrad | 0:cdf462088d13 | 260 | * |
| markrad | 0:cdf462088d13 | 261 | * \param ctx DHM context to free and clear |
| markrad | 0:cdf462088d13 | 262 | */ |
| markrad | 0:cdf462088d13 | 263 | void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); |
| markrad | 0:cdf462088d13 | 264 | |
| markrad | 0:cdf462088d13 | 265 | #if defined(MBEDTLS_ASN1_PARSE_C) |
| markrad | 0:cdf462088d13 | 266 | /** \ingroup x509_module */ |
| markrad | 0:cdf462088d13 | 267 | /** |
| markrad | 0:cdf462088d13 | 268 | * \brief Parse DHM parameters in PEM or DER format |
| markrad | 0:cdf462088d13 | 269 | * |
| markrad | 0:cdf462088d13 | 270 | * \param dhm DHM context to be initialized |
| markrad | 0:cdf462088d13 | 271 | * \param dhmin input buffer |
| markrad | 0:cdf462088d13 | 272 | * \param dhminlen size of the buffer |
| markrad | 0:cdf462088d13 | 273 | * (including the terminating null byte for PEM data) |
| markrad | 0:cdf462088d13 | 274 | * |
| markrad | 0:cdf462088d13 | 275 | * \return 0 if successful, or a specific DHM or PEM error code |
| markrad | 0:cdf462088d13 | 276 | */ |
| markrad | 0:cdf462088d13 | 277 | int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, |
| markrad | 0:cdf462088d13 | 278 | size_t dhminlen ); |
| markrad | 0:cdf462088d13 | 279 | |
| markrad | 0:cdf462088d13 | 280 | #if defined(MBEDTLS_FS_IO) |
| markrad | 0:cdf462088d13 | 281 | /** \ingroup x509_module */ |
| markrad | 0:cdf462088d13 | 282 | /** |
| markrad | 0:cdf462088d13 | 283 | * \brief Load and parse DHM parameters |
| markrad | 0:cdf462088d13 | 284 | * |
| markrad | 0:cdf462088d13 | 285 | * \param dhm DHM context to be initialized |
| markrad | 0:cdf462088d13 | 286 | * \param path filename to read the DHM Parameters from |
| markrad | 0:cdf462088d13 | 287 | * |
| markrad | 0:cdf462088d13 | 288 | * \return 0 if successful, or a specific DHM or PEM error code |
| markrad | 0:cdf462088d13 | 289 | */ |
| markrad | 0:cdf462088d13 | 290 | int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); |
| markrad | 0:cdf462088d13 | 291 | #endif /* MBEDTLS_FS_IO */ |
| markrad | 0:cdf462088d13 | 292 | #endif /* MBEDTLS_ASN1_PARSE_C */ |
| markrad | 0:cdf462088d13 | 293 | |
| markrad | 0:cdf462088d13 | 294 | /** |
| markrad | 0:cdf462088d13 | 295 | * \brief Checkup routine |
| markrad | 0:cdf462088d13 | 296 | * |
| markrad | 0:cdf462088d13 | 297 | * \return 0 if successful, or 1 if the test failed |
| markrad | 0:cdf462088d13 | 298 | */ |
| markrad | 0:cdf462088d13 | 299 | int mbedtls_dhm_self_test( int verbose ); |
| markrad | 0:cdf462088d13 | 300 | |
| markrad | 0:cdf462088d13 | 301 | #ifdef __cplusplus |
| markrad | 0:cdf462088d13 | 302 | } |
| markrad | 0:cdf462088d13 | 303 | #endif |
| markrad | 0:cdf462088d13 | 304 | |
| markrad | 0:cdf462088d13 | 305 | #endif /* dhm.h */ |
