mirror of
https://github.com/dolphin-emu/dolphin.git
synced 2025-02-10 06:29:00 +01:00
9872473f70
PolarSSL has been renamed to "mbed TLS" and version 2.0 dropped backwards compatibility. This commit adds only the necessary files without any modifications, so it doesn't compile yet.
215 lines
7.6 KiB
C
215 lines
7.6 KiB
C
/**
|
|
* \file ecdh.h
|
|
*
|
|
* \brief Elliptic curve Diffie-Hellman
|
|
*
|
|
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
* This file is part of mbed TLS (https://tls.mbed.org)
|
|
*/
|
|
#ifndef MBEDTLS_ECDH_H
|
|
#define MBEDTLS_ECDH_H
|
|
|
|
#include "ecp.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
/**
|
|
* When importing from an EC key, select if it is our key or the peer's key
|
|
*/
|
|
typedef enum
|
|
{
|
|
MBEDTLS_ECDH_OURS,
|
|
MBEDTLS_ECDH_THEIRS,
|
|
} mbedtls_ecdh_side;
|
|
|
|
/**
|
|
* \brief ECDH context structure
|
|
*/
|
|
typedef struct
|
|
{
|
|
mbedtls_ecp_group grp; /*!< elliptic curve used */
|
|
mbedtls_mpi d; /*!< our secret value (private key) */
|
|
mbedtls_ecp_point Q; /*!< our public value (public key) */
|
|
mbedtls_ecp_point Qp; /*!< peer's public value (public key) */
|
|
mbedtls_mpi z; /*!< shared secret */
|
|
int point_format; /*!< format for point export in TLS messages */
|
|
mbedtls_ecp_point Vi; /*!< blinding value (for later) */
|
|
mbedtls_ecp_point Vf; /*!< un-blinding value (for later) */
|
|
mbedtls_mpi _d; /*!< previous d (for later) */
|
|
}
|
|
mbedtls_ecdh_context;
|
|
|
|
/**
|
|
* \brief Generate a public key.
|
|
* Raw function that only does the core computation.
|
|
*
|
|
* \param grp ECP group
|
|
* \param d Destination MPI (secret exponent, aka private key)
|
|
* \param Q Destination point (public key)
|
|
* \param f_rng RNG function
|
|
* \param p_rng RNG parameter
|
|
*
|
|
* \return 0 if successful,
|
|
* or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
|
|
*/
|
|
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng );
|
|
|
|
/**
|
|
* \brief Compute shared secret
|
|
* Raw function that only does the core computation.
|
|
*
|
|
* \param grp ECP group
|
|
* \param z Destination MPI (shared secret)
|
|
* \param Q Public key from other party
|
|
* \param d Our secret exponent (private key)
|
|
* \param f_rng RNG function (see notes)
|
|
* \param p_rng RNG parameter
|
|
*
|
|
* \return 0 if successful,
|
|
* or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
|
|
*
|
|
* \note If f_rng is not NULL, it is used to implement
|
|
* countermeasures against potential elaborate timing
|
|
* attacks, see \c mbedtls_ecp_mul() for details.
|
|
*/
|
|
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
|
|
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng );
|
|
|
|
/**
|
|
* \brief Initialize context
|
|
*
|
|
* \param ctx Context to initialize
|
|
*/
|
|
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
|
|
|
|
/**
|
|
* \brief Free context
|
|
*
|
|
* \param ctx Context to free
|
|
*/
|
|
void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
|
|
|
|
/**
|
|
* \brief Generate a public key and a TLS ServerKeyExchange payload.
|
|
* (First function used by a TLS server for ECDHE.)
|
|
*
|
|
* \param ctx ECDH context
|
|
* \param olen number of chars written
|
|
* \param buf destination buffer
|
|
* \param blen length of buffer
|
|
* \param f_rng RNG function
|
|
* \param p_rng RNG parameter
|
|
*
|
|
* \note This function assumes that ctx->grp has already been
|
|
* properly set (for example using mbedtls_ecp_group_load).
|
|
*
|
|
* \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
|
|
*/
|
|
int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
|
|
unsigned char *buf, size_t blen,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng );
|
|
|
|
/**
|
|
* \brief Parse and procress a TLS ServerKeyExhange payload.
|
|
* (First function used by a TLS client for ECDHE.)
|
|
*
|
|
* \param ctx ECDH context
|
|
* \param buf pointer to start of input buffer
|
|
* \param end one past end of buffer
|
|
*
|
|
* \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
|
|
*/
|
|
int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
|
|
const unsigned char **buf, const unsigned char *end );
|
|
|
|
/**
|
|
* \brief Setup an ECDH context from an EC key.
|
|
* (Used by clients and servers in place of the
|
|
* ServerKeyEchange for static ECDH: import ECDH parameters
|
|
* from a certificate's EC key information.)
|
|
*
|
|
* \param ctx ECDH constext to set
|
|
* \param key EC key to use
|
|
* \param side Is it our key (1) or the peer's key (0) ?
|
|
*
|
|
* \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
|
|
*/
|
|
int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
|
|
mbedtls_ecdh_side side );
|
|
|
|
/**
|
|
* \brief Generate a public key and a TLS ClientKeyExchange payload.
|
|
* (Second function used by a TLS client for ECDH(E).)
|
|
*
|
|
* \param ctx ECDH context
|
|
* \param olen number of bytes actually written
|
|
* \param buf destination buffer
|
|
* \param blen size of destination buffer
|
|
* \param f_rng RNG function
|
|
* \param p_rng RNG parameter
|
|
*
|
|
* \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
|
|
*/
|
|
int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
|
|
unsigned char *buf, size_t blen,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng );
|
|
|
|
/**
|
|
* \brief Parse and process a TLS ClientKeyExchange payload.
|
|
* (Second function used by a TLS server for ECDH(E).)
|
|
*
|
|
* \param ctx ECDH context
|
|
* \param buf start of input buffer
|
|
* \param blen length of input buffer
|
|
*
|
|
* \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
|
|
*/
|
|
int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
|
|
const unsigned char *buf, size_t blen );
|
|
|
|
/**
|
|
* \brief Derive and export the shared secret.
|
|
* (Last function used by both TLS client en servers.)
|
|
*
|
|
* \param ctx ECDH context
|
|
* \param olen number of bytes written
|
|
* \param buf destination buffer
|
|
* \param blen buffer length
|
|
* \param f_rng RNG function, see notes for \c mbedtls_ecdh_compute_shared()
|
|
* \param p_rng RNG parameter
|
|
*
|
|
* \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
|
|
*/
|
|
int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
|
|
unsigned char *buf, size_t blen,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng );
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* ecdh.h */
|