mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 00:25:39 +01:00
Merge remote-tracking branch 'public/pr/2165' into development-proposed
This commit is contained in:
commit
51b6abbbf2
@ -108,6 +108,16 @@
|
|||||||
#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites"
|
#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE) && \
|
||||||
|
( defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) || \
|
||||||
|
defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) || \
|
||||||
|
defined(MBEDTLS_ECDSA_SIGN_ALT) || \
|
||||||
|
defined(MBEDTLS_ECDSA_VERIFY_ALT) || \
|
||||||
|
defined(MBEDTLS_ECDSA_GENKEY_ALT) || \
|
||||||
|
defined(MBEDTLS_ECP_ALT) )
|
||||||
|
#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation"
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
|
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
|
||||||
#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
|
#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
|
||||||
#endif
|
#endif
|
||||||
|
@ -694,6 +694,10 @@
|
|||||||
* for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
|
* for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
|
||||||
*
|
*
|
||||||
* Uncomment this macro to enable restartable ECC computations.
|
* Uncomment this macro to enable restartable ECC computations.
|
||||||
|
*
|
||||||
|
* \note This option only works with the default software implementation of
|
||||||
|
* elliptic curve functionality. It is incompatible with
|
||||||
|
* MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
|
||||||
*/
|
*/
|
||||||
//#define MBEDTLS_ECP_RESTARTABLE
|
//#define MBEDTLS_ECP_RESTARTABLE
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp
|
|||||||
{
|
{
|
||||||
return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) );
|
return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
|
#endif /* !MBEDTLS_ECDH_GEN_PUBLIC_ALT */
|
||||||
|
|
||||||
#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
|
#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
|
||||||
/*
|
/*
|
||||||
@ -110,7 +110,6 @@ cleanup:
|
|||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Compute shared secret (SEC1 3.3.1)
|
* Compute shared secret (SEC1 3.3.1)
|
||||||
@ -123,6 +122,7 @@ int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
|
|||||||
return( ecdh_compute_shared_restartable( grp, z, Q, d,
|
return( ecdh_compute_shared_restartable( grp, z, Q, d,
|
||||||
f_rng, p_rng, NULL ) );
|
f_rng, p_rng, NULL ) );
|
||||||
}
|
}
|
||||||
|
#endif /* !MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Initialize context
|
* Initialize context
|
||||||
@ -191,7 +191,9 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t grp_len, pt_len;
|
size_t grp_len, pt_len;
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
if( ctx == NULL || ctx->grp.pbits == 0 )
|
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||||
@ -201,9 +203,16 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
rs_ctx = &ctx->rs;
|
rs_ctx = &ctx->rs;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
|
if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
|
||||||
f_rng, p_rng, rs_ctx ) ) != 0 )
|
f_rng, p_rng, rs_ctx ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
#else
|
||||||
|
if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q,
|
||||||
|
f_rng, p_rng ) ) != 0 )
|
||||||
|
return( ret );
|
||||||
|
#endif /* MBEDTLS_ECP_RESTARTABLE */
|
||||||
|
|
||||||
if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
|
if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
|
||||||
!= 0 )
|
!= 0 )
|
||||||
@ -277,7 +286,9 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
void *p_rng )
|
void *p_rng )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
if( ctx == NULL || ctx->grp.pbits == 0 )
|
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||||
@ -287,9 +298,15 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
rs_ctx = &ctx->rs;
|
rs_ctx = &ctx->rs;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
|
if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
|
||||||
f_rng, p_rng, rs_ctx ) ) != 0 )
|
f_rng, p_rng, rs_ctx ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
#else
|
||||||
|
if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q,
|
||||||
|
f_rng, p_rng ) ) != 0 )
|
||||||
|
return( ret );
|
||||||
|
#endif /* MBEDTLS_ECP_RESTARTABLE */
|
||||||
|
|
||||||
return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
|
return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
|
||||||
olen, buf, blen );
|
olen, buf, blen );
|
||||||
@ -325,7 +342,9 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
void *p_rng )
|
void *p_rng )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
if( ctx == NULL || ctx->grp.pbits == 0 )
|
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||||
@ -335,11 +354,19 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
rs_ctx = &ctx->rs;
|
rs_ctx = &ctx->rs;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
if( ( ret = ecdh_compute_shared_restartable( &ctx->grp,
|
if( ( ret = ecdh_compute_shared_restartable( &ctx->grp,
|
||||||
&ctx->z, &ctx->Qp, &ctx->d, f_rng, p_rng, rs_ctx ) ) != 0 )
|
&ctx->z, &ctx->Qp, &ctx->d, f_rng, p_rng, rs_ctx ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp,
|
||||||
|
&ctx->d, f_rng, p_rng ) ) != 0 )
|
||||||
|
{
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
#endif /* MBEDTLS_ECP_RESTARTABLE */
|
||||||
|
|
||||||
if( mbedtls_mpi_size( &ctx->z ) > blen )
|
if( mbedtls_mpi_size( &ctx->z ) > blen )
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
@ -369,7 +369,6 @@ cleanup:
|
|||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ECDSA_SIGN_ALT */
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Compute ECDSA signature of a hashed message
|
* Compute ECDSA signature of a hashed message
|
||||||
@ -381,6 +380,7 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
|
|||||||
return( ecdsa_sign_restartable( grp, r, s, d, buf, blen,
|
return( ecdsa_sign_restartable( grp, r, s, d, buf, blen,
|
||||||
f_rng, p_rng, NULL ) );
|
f_rng, p_rng, NULL ) );
|
||||||
}
|
}
|
||||||
|
#endif /* !MBEDTLS_ECDSA_SIGN_ALT */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
|
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
|
||||||
/*
|
/*
|
||||||
@ -432,8 +432,13 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp,
|
|||||||
|
|
||||||
sign:
|
sign:
|
||||||
#endif
|
#endif
|
||||||
|
#if defined(MBEDTLS_ECDSA_SIGN_ALT)
|
||||||
|
ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
|
||||||
|
mbedtls_hmac_drbg_random, p_rng );
|
||||||
|
#else
|
||||||
ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen,
|
ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen,
|
||||||
mbedtls_hmac_drbg_random, p_rng, rs_ctx );
|
mbedtls_hmac_drbg_random, p_rng, rs_ctx );
|
||||||
|
#endif /* MBEDTLS_ECDSA_SIGN_ALT */
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
mbedtls_hmac_drbg_free( &rng_ctx );
|
mbedtls_hmac_drbg_free( &rng_ctx );
|
||||||
@ -564,7 +569,6 @@ cleanup:
|
|||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Verify ECDSA signature of hashed message
|
* Verify ECDSA signature of hashed message
|
||||||
@ -575,6 +579,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
|
|||||||
{
|
{
|
||||||
return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) );
|
return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) );
|
||||||
}
|
}
|
||||||
|
#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Convert a signature (given by context) to ASN.1
|
* Convert a signature (given by context) to ASN.1
|
||||||
@ -626,9 +631,14 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
|
|||||||
#else
|
#else
|
||||||
(void) md_alg;
|
(void) md_alg;
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECDSA_SIGN_ALT)
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
|
||||||
|
hash, hlen, f_rng, p_rng ) );
|
||||||
|
#else
|
||||||
MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d,
|
MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d,
|
||||||
hash, hlen, f_rng, p_rng, rs_ctx ) );
|
hash, hlen, f_rng, p_rng, rs_ctx ) );
|
||||||
#endif
|
#endif /* MBEDTLS_ECDSA_SIGN_ALT */
|
||||||
|
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
|
||||||
|
|
||||||
MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
|
MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
|
||||||
|
|
||||||
@ -712,10 +722,15 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
|
|||||||
ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
|
ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
|
||||||
|
if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
|
||||||
|
&ctx->Q, &r, &s ) ) != 0 )
|
||||||
|
goto cleanup;
|
||||||
|
#else
|
||||||
if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen,
|
if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen,
|
||||||
&ctx->Q, &r, &s, rs_ctx ) ) != 0 )
|
&ctx->Q, &r, &s, rs_ctx ) ) != 0 )
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
|
||||||
|
|
||||||
/* At this point we know that the buffer starts with a valid signature.
|
/* At this point we know that the buffer starts with a valid signature.
|
||||||
* Return 0 if the buffer just contains the signature, and a specific
|
* Return 0 if the buffer just contains the signature, and a specific
|
||||||
@ -740,7 +755,7 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
|
|||||||
return( mbedtls_ecp_group_load( &ctx->grp, gid ) ||
|
return( mbedtls_ecp_group_load( &ctx->grp, gid ) ||
|
||||||
mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
|
mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
|
#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Set context from an mbedtls_ecp_keypair
|
* Set context from an mbedtls_ecp_keypair
|
||||||
|
Loading…
Reference in New Issue
Block a user