mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 09:04:22 +01:00
Make ECDH functions actually restartable
This commit is contained in:
parent
71b2c53254
commit
66ba48a3c8
@ -52,6 +52,9 @@ typedef struct
|
|||||||
mbedtls_ecp_point Vi; /*!< blinding value (for later) */
|
mbedtls_ecp_point Vi; /*!< blinding value (for later) */
|
||||||
mbedtls_ecp_point Vf; /*!< un-blinding value (for later) */
|
mbedtls_ecp_point Vf; /*!< un-blinding value (for later) */
|
||||||
mbedtls_mpi _d; /*!< previous d (for later) */
|
mbedtls_mpi _d; /*!< previous d (for later) */
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
|
mbedtls_ecp_restart_ctx rs; /*!< restart context for EC computations */
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
mbedtls_ecdh_context;
|
mbedtls_ecdh_context;
|
||||||
|
|
||||||
|
@ -39,22 +39,48 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
|
* Generate public key (restartable version)
|
||||||
|
*/
|
||||||
|
static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp,
|
||||||
|
mbedtls_mpi *d, mbedtls_ecp_point *Q,
|
||||||
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
|
void *p_rng,
|
||||||
|
mbedtls_ecp_restart_ctx *rs_ctx )
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
/* If multiplication is in progress, we already generated a privkey */
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
|
if( rs_ctx == NULL || rs_ctx->rsm == NULL )
|
||||||
|
#endif
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
|
||||||
|
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G,
|
||||||
|
f_rng, p_rng, rs_ctx ) );
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Generate public key
|
||||||
*/
|
*/
|
||||||
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
|
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
|
||||||
int (*f_rng)(void *, unsigned char *, size_t),
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
void *p_rng )
|
void *p_rng )
|
||||||
{
|
{
|
||||||
return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
|
return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Compute shared secret (SEC1 3.3.1)
|
* Compute shared secret (SEC1 3.3.1)
|
||||||
*/
|
*/
|
||||||
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
|
static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp,
|
||||||
|
mbedtls_mpi *z,
|
||||||
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
|
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
|
||||||
int (*f_rng)(void *, unsigned char *, size_t),
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
void *p_rng )
|
void *p_rng,
|
||||||
|
mbedtls_ecp_restart_ctx *rs_ctx )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
mbedtls_ecp_point P;
|
mbedtls_ecp_point P;
|
||||||
@ -66,7 +92,8 @@ int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
|
|||||||
*/
|
*/
|
||||||
MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
|
MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
|
||||||
|
|
||||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
|
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &P, d, Q,
|
||||||
|
f_rng, p_rng, rs_ctx ) );
|
||||||
|
|
||||||
if( mbedtls_ecp_is_zero( &P ) )
|
if( mbedtls_ecp_is_zero( &P ) )
|
||||||
{
|
{
|
||||||
@ -82,12 +109,28 @@ cleanup:
|
|||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Compute shared secret (SEC1 3.3.1)
|
||||||
|
*/
|
||||||
|
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
|
||||||
|
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
|
||||||
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
|
void *p_rng )
|
||||||
|
{
|
||||||
|
return( ecdh_compute_shared_restartable( grp, z, Q, d,
|
||||||
|
f_rng, p_rng, NULL ) );
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Initialize context
|
* Initialize context
|
||||||
*/
|
*/
|
||||||
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
|
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
|
||||||
{
|
{
|
||||||
memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
|
memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
|
mbedtls_ecp_restart_init( &ctx->rs );
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -106,6 +149,10 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
|
|||||||
mbedtls_mpi_free( &ctx->d );
|
mbedtls_mpi_free( &ctx->d );
|
||||||
mbedtls_mpi_free( &ctx->z );
|
mbedtls_mpi_free( &ctx->z );
|
||||||
mbedtls_mpi_free( &ctx->_d );
|
mbedtls_mpi_free( &ctx->_d );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
|
mbedtls_ecp_restart_free( &ctx->rs );
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -122,12 +169,17 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t grp_len, pt_len;
|
size_t grp_len, pt_len;
|
||||||
|
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
||||||
|
|
||||||
if( ctx == NULL || ctx->grp.pbits == 0 )
|
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
!= 0 )
|
rs_ctx = &ctx->rs;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
|
||||||
|
f_rng, p_rng, rs_ctx ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
|
if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
|
||||||
@ -202,12 +254,17 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
void *p_rng )
|
void *p_rng )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
||||||
|
|
||||||
if( ctx == NULL || ctx->grp.pbits == 0 )
|
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
!= 0 )
|
rs_ctx = &ctx->rs;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
|
||||||
|
f_rng, p_rng, rs_ctx ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
|
return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
|
||||||
@ -244,12 +301,17 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
|
|||||||
void *p_rng )
|
void *p_rng )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
|
||||||
|
|
||||||
if( ctx == NULL )
|
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
f_rng, p_rng ) ) != 0 )
|
rs_ctx = &ctx->rs;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if( ( ret = ecdh_compute_shared_restartable( &ctx->grp,
|
||||||
|
&ctx->z, &ctx->Qp, &ctx->d, f_rng, p_rng, rs_ctx ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
@ -41,3 +41,15 @@ ecdh_exchange:MBEDTLS_ECP_DP_SECP521R1
|
|||||||
ECDH restartable rfc 5903 p256 restart disabled
|
ECDH restartable rfc 5903 p256 restart disabled
|
||||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":0:0:0
|
ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":0:0:0
|
||||||
|
|
||||||
|
ECDH restartable rfc 5903 p256 restart max_ops=1
|
||||||
|
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":1:1:10000
|
||||||
|
|
||||||
|
ECDH restartable rfc 5903 p256 restart max_ops=10000
|
||||||
|
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":10000:0:0
|
||||||
|
|
||||||
|
ECDH restartable rfc 5903 p256 restart max_ops=250
|
||||||
|
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":250:2:32
|
||||||
|
Loading…
Reference in New Issue
Block a user