eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #140 from yanesca/everest_integration

Browse source 
Everest integration
This commit is contained in:
Jaeden Amero 2019-08-29 16:02:49 +01:00 committed by GitHub
commit f0716542c4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
92 changed files with 4457 additions and 217 deletions
Download patch file Download diff file Expand all files Collapse all files

2
library/CMakeLists.txt
View file

@ -94,6 +94,8 @@ set(src_crypto
)
endif()
list(APPEND src_crypto ${thirdparty_src})
if(CMAKE_COMPILER_IS_GNUCC)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes")
endif(CMAKE_COMPILER_IS_GNUCC)

7
library/Makefile
View file

@ -101,6 +101,10 @@ OBJS_CRYPTO += version.o
OBJS_CRYPTO += version_features.o
endif
include ../3rdparty/Makefile.inc
LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS)
.SILENT:
.PHONY: all static shared clean
@ -148,8 +152,9 @@ libmbedcrypto.dll: $(OBJS_CRYPTO)
clean:
ifndef WINDOWS
rm -f *.o libmbed*
rm -f *.o libmbed* $(OBJS_CRYPTO)
else
if exist *.o del /Q /F *.o
if exist libmbed* del /Q /F libmbed*
if exist $(OBJS_CRYPTO) del /Q /F $(OBJS_CRYPTO)
endif

56
library/ecdh.c
View file

@ -59,6 +59,13 @@ static mbedtls_ecp_group_id mbedtls_ecdh_grp_id(
#endif
}
int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid )
{
/* At this time, all groups support ECDH. */
(void) gid;
return( 1 );
}
#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
/*
* Generate public key (restartable version)
@ -215,6 +222,13 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id )
#else
switch( grp_id )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECP_DP_CURVE25519:
ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED;
ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST;
ctx->grp_id = grp_id;
return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) );
#endif
default:
ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0;
@ -266,6 +280,11 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
#else
switch( ctx->var )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
mbedtls_everest_free( &ctx->ctx.everest_ecdh );
break;
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
ecdh_free_internal( &ctx->ctx.mbed_ecdh );
break;
@ -331,7 +350,7 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
}
/*
* Setup and write the ServerKeyExhange parameters (RFC 4492)
* Setup and write the ServerKeyExchange parameters (RFC 4492)
* struct {
* ECParameters curve_params;
* ECPoint public;
@ -360,6 +379,11 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
#else
switch( ctx->var )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_make_params( &ctx->ctx.everest_ecdh, olen,
buf, blen, f_rng, p_rng ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen,
ctx->point_format, buf, blen,
@ -409,6 +433,11 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
#else
switch( ctx->var )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_read_params( &ctx->ctx.everest_ecdh,
buf, end) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh,
buf, end ) );
@ -473,6 +502,16 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
#else
switch( ctx->var )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
{
mbedtls_everest_ecdh_side s = side == MBEDTLS_ECDH_OURS ?
MBEDTLS_EVEREST_ECDH_OURS :
MBEDTLS_EVEREST_ECDH_THEIRS;
return( mbedtls_everest_get_params( &ctx->ctx.everest_ecdh,
key, s) );
}
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh,
key, side ) );
@ -544,6 +583,11 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
#else
switch( ctx->var )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_make_public( &ctx->ctx.everest_ecdh, olen,
buf, blen, f_rng, p_rng ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen,
ctx->point_format, buf, blen,
@ -585,6 +629,11 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
#else
switch( ctx->var )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_read_public( &ctx->ctx.everest_ecdh,
buf, blen ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh,
buf, blen ) );
@ -667,6 +716,11 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
#else
switch( ctx->var )
{
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_calc_secret( &ctx->ctx.everest_ecdh, olen,
buf, blen, f_rng, p_rng ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf,
blen, f_rng, p_rng,

18
library/ecdsa.c
View file

@ -263,7 +263,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
mbedtls_mpi *pk = &k, *pr = r;
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/* Make sure d is in range 1..n-1 */
@ -378,6 +378,20 @@ cleanup:
return( ret );
}
int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid )
{
switch( gid )
{
#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED
case MBEDTLS_ECP_DP_CURVE25519: return 0;
#endif
#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED
case MBEDTLS_ECP_DP_CURVE448: return 0;
#endif
default: return 1;
}
}
/*
* Compute ECDSA signature of a hashed message
*/
@ -502,7 +516,7 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp,
mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
ECDSA_RS_ENTER( ver );

5
library/ecp.c
View file

@ -366,7 +366,7 @@ int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
/*
* List of supported curves:
* - internal ID
* - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2)
* - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2, RFC 8446 sec. 4.2.7)
* - size in bits
* - readable name
*
@ -409,6 +409,9 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] =
#endif
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
{ MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" },
#endif
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
{ MBEDTLS_ECP_DP_CURVE25519, 29, 256, "x25519" },
#endif
{ MBEDTLS_ECP_DP_NONE, 0, 0, NULL },
};