mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 10:54:25 +01:00
Add function parsing a TLS ECParameters record
This commit is contained in:
parent
cf4a70c8ed
commit
1a96728964
@ -89,12 +89,14 @@ ecp_group;
|
|||||||
* \warning This library does not support validation of arbitrary domain
|
* \warning This library does not support validation of arbitrary domain
|
||||||
* parameters. Therefore, only well-known domain parameters from trusted
|
* parameters. Therefore, only well-known domain parameters from trusted
|
||||||
* sources should be used. See ecp_use_known_dp().
|
* sources should be used. See ecp_use_known_dp().
|
||||||
|
*
|
||||||
|
* \note The values are taken from RFC 4492's enum NamedCurve.
|
||||||
*/
|
*/
|
||||||
#define POLARSSL_ECP_DP_SECP192R1 0
|
#define POLARSSL_ECP_DP_SECP192R1 19
|
||||||
#define POLARSSL_ECP_DP_SECP224R1 1
|
#define POLARSSL_ECP_DP_SECP224R1 21
|
||||||
#define POLARSSL_ECP_DP_SECP256R1 2
|
#define POLARSSL_ECP_DP_SECP256R1 23
|
||||||
#define POLARSSL_ECP_DP_SECP384R1 3
|
#define POLARSSL_ECP_DP_SECP384R1 24
|
||||||
#define POLARSSL_ECP_DP_SECP521R1 4
|
#define POLARSSL_ECP_DP_SECP521R1 25
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Maximum bit size of the groups (that is, of N)
|
* Maximum bit size of the groups (that is, of N)
|
||||||
@ -120,6 +122,12 @@ ecp_group;
|
|||||||
#define POLARSSL_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format */
|
#define POLARSSL_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format */
|
||||||
#define POLARSSL_ECP_PF_COMPRESSED 1 /**< Compressed point format */
|
#define POLARSSL_ECP_PF_COMPRESSED 1 /**< Compressed point format */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Some constants from RFC 4492 (ECC for TLS)
|
||||||
|
*/
|
||||||
|
#define POLARSSL_ECP_TLS_NAMED_CURVE 3 /**< ECCurveType named_curve */
|
||||||
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
@ -259,6 +267,7 @@ int ecp_write_binary( const ecp_group *grp, const ecp_point *P, int format,
|
|||||||
*/
|
*/
|
||||||
int ecp_read_binary( const ecp_group *grp, ecp_point *P, int format,
|
int ecp_read_binary( const ecp_group *grp, ecp_point *P, int format,
|
||||||
const unsigned char *buf, size_t ilen );
|
const unsigned char *buf, size_t ilen );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Set a group using well-known domain parameters
|
* \brief Set a group using well-known domain parameters
|
||||||
*
|
*
|
||||||
@ -269,9 +278,23 @@ int ecp_read_binary( const ecp_group *grp, ecp_point *P, int format,
|
|||||||
* POLARSSL_ERR_MPI_XXX if initialization failed
|
* POLARSSL_ERR_MPI_XXX if initialization failed
|
||||||
* POLARSSL_ERR_ECP_GENERIC if index is out of range
|
* POLARSSL_ERR_ECP_GENERIC if index is out of range
|
||||||
*
|
*
|
||||||
* \note Index should be a POLARSSL_ECP_DP_XXX macro.
|
* \note Index should be a value of RFC 4492's enum NamdeCurve,
|
||||||
|
* possibly in the form of a POLARSSL_ECP_DP_XXX macro.
|
||||||
*/
|
*/
|
||||||
int ecp_use_known_dp( ecp_group *grp, size_t index );
|
int ecp_use_known_dp( ecp_group *grp, uint16_t index );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Read a group from an ECParameters record
|
||||||
|
*
|
||||||
|
* \param grp Destination group
|
||||||
|
* \param buf Start of input buffer
|
||||||
|
* \param len Buffer length
|
||||||
|
*
|
||||||
|
* \return O if successful,
|
||||||
|
* POLARSSL_ERR_MPI_XXX if initialization failed
|
||||||
|
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid
|
||||||
|
*/
|
||||||
|
int ecp_tls_read_group( ecp_group *grp, const unsigned char *buf, size_t len );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Addition: R = P + Q
|
* \brief Addition: R = P + Q
|
||||||
|
@ -29,6 +29,7 @@
|
|||||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
||||||
* GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
|
* GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
|
||||||
* FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
|
* FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
|
||||||
|
* RFC 4492 for the related TLS structures and constants
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "polarssl/config.h"
|
#include "polarssl/config.h"
|
||||||
@ -493,7 +494,7 @@ cleanup:
|
|||||||
/*
|
/*
|
||||||
* Set a group using well-known domain parameters
|
* Set a group using well-known domain parameters
|
||||||
*/
|
*/
|
||||||
int ecp_use_known_dp( ecp_group *grp, size_t index )
|
int ecp_use_known_dp( ecp_group *grp, uint16_t index )
|
||||||
{
|
{
|
||||||
switch( index )
|
switch( index )
|
||||||
{
|
{
|
||||||
@ -525,7 +526,33 @@ int ecp_use_known_dp( ecp_group *grp, size_t index )
|
|||||||
SECP521R1_GX, SECP521R1_GY, SECP521R1_N ) );
|
SECP521R1_GX, SECP521R1_GY, SECP521R1_N ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
return( POLARSSL_ERR_ECP_GENERIC );
|
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set a group from an ECParameters record (RFC 4492)
|
||||||
|
*/
|
||||||
|
int ecp_tls_read_group( ecp_group *grp, const unsigned char *buf, size_t len )
|
||||||
|
{
|
||||||
|
uint16_t namedcurve;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We expect at least three bytes (see below)
|
||||||
|
*/
|
||||||
|
if( len < 3 )
|
||||||
|
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First byte is curve_type; only named_curve is handled
|
||||||
|
*/
|
||||||
|
if( *buf++ != POLARSSL_ECP_TLS_NAMED_CURVE )
|
||||||
|
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Next two bytes are the namedcurve
|
||||||
|
*/
|
||||||
|
namedcurve = 256 * buf[0] + buf[1];
|
||||||
|
return ecp_use_known_dp( grp, namedcurve );
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -184,6 +184,21 @@ ecp_read_binary:SECP192R1:"0548d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ce
|
|||||||
ECP read binary #6 (non-zero, OK)
|
ECP read binary #6 (non-zero, OK)
|
||||||
ecp_read_binary:SECP192R1:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":UNCOMPRESSED:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":0
|
ecp_read_binary:SECP192R1:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":UNCOMPRESSED:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":0
|
||||||
|
|
||||||
|
ECP read params #1 (record too short)
|
||||||
|
ecp_read_params:"0313":POLARSSL_ERR_ECP_BAD_INPUT_DATA:0
|
||||||
|
|
||||||
|
ECP read params #2 (bad curve_type)
|
||||||
|
ecp_read_params:"010013":POLARSSL_ERR_ECP_BAD_INPUT_DATA:0
|
||||||
|
|
||||||
|
ECP read params #3 (unknown curve)
|
||||||
|
ecp_read_params:"030010":POLARSSL_ERR_ECP_BAD_INPUT_DATA:0
|
||||||
|
|
||||||
|
ECP read params #4 (OK, buffer just fits)
|
||||||
|
ecp_read_params:"030017":0:256
|
||||||
|
|
||||||
|
ECP read params #5 (OK, buffer continues)
|
||||||
|
ecp_read_params:"030018DEAD":0:384
|
||||||
|
|
||||||
ECP gen keypair
|
ECP gen keypair
|
||||||
ecp_gen_keypair:SECP192R1
|
ecp_gen_keypair:SECP192R1
|
||||||
|
|
||||||
|
@ -322,6 +322,28 @@ ecp_gen_keypair:id
|
|||||||
}
|
}
|
||||||
END_CASE
|
END_CASE
|
||||||
|
|
||||||
|
BEGIN_CASE
|
||||||
|
ecp_read_params:record:ret:bits
|
||||||
|
{
|
||||||
|
ecp_group grp;
|
||||||
|
unsigned char buf[10];
|
||||||
|
int len, ret;
|
||||||
|
|
||||||
|
ecp_group_init( &grp );
|
||||||
|
memset( buf, 0x00, sizeof( buf ) );
|
||||||
|
|
||||||
|
len = unhexify( buf, {record} );
|
||||||
|
|
||||||
|
ret = ecp_tls_read_group( &grp, buf, len );
|
||||||
|
|
||||||
|
TEST_ASSERT( ret == {ret} );
|
||||||
|
if( ret == 0)
|
||||||
|
TEST_ASSERT( mpi_msb( &grp.P ) == {bits} );
|
||||||
|
|
||||||
|
ecp_group_free( &grp );
|
||||||
|
}
|
||||||
|
END_CASE
|
||||||
|
|
||||||
BEGIN_CASE
|
BEGIN_CASE
|
||||||
ecp_selftest:
|
ecp_selftest:
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user