| /** |
| * \file ecjpake.h |
| * |
| * \brief Elliptic curve J-PAKE |
| * |
| * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| * SPDX-License-Identifier: Apache-2.0 |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| * not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| * |
| * This file is part of mbed TLS (https://tls.mbed.org) |
| */ |
| #ifndef MBEDTLS_ECJPAKE_H |
| #define MBEDTLS_ECJPAKE_H |
| |
| #include "ecp.h" |
| #include "md.h" |
| |
| #ifdef __cplusplus |
| extern "C" { |
| #endif |
| |
| typedef enum { |
| MBEDTLS_ECJPAKE_CLIENT = 0, |
| MBEDTLS_ECJPAKE_SERVER, |
| } mbedtls_ecjpake_role; |
| |
| typedef struct |
| { |
| const mbedtls_md_info_t *md_info; /**< Hash to use */ |
| mbedtls_ecp_group grp; /**< Elliptic curve */ |
| mbedtls_ecjpake_role role; /**< Are we client or server? */ |
| |
| mbedtls_ecp_point X1; /**< Public key one */ |
| mbedtls_ecp_point X2; /**< Public key two */ |
| mbedtls_ecp_point X3; /**< Public key three */ |
| mbedtls_ecp_point X4; /**< Public key four */ |
| mbedtls_ecp_point Xp; /**< Peer's public key (Xs or Xc) */ |
| |
| mbedtls_mpi xa; /**< Our first secret (x1 or x3) */ |
| mbedtls_mpi xb; /**< Our second secret (x2 or x4) */ |
| |
| mbedtls_mpi s; /**< Pre-shared secret */ |
| } mbedtls_ecjpake_context; |
| |
| /* |
| * \brief Initialize a context |
| * (just makes it ready for setup() or free()). |
| * |
| * \param ctx context to initialize |
| */ |
| void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); |
| |
| /* |
| * \brief Set up a context for use |
| * |
| * \note Currently the only values for hash/curve allowed by the |
| * standard are MBEDTLS_MD_SHA256/MBEDTLS_ECP_DP_SECP256R1. |
| * |
| * \param ctx context to set up |
| * \param role Our role: client or server |
| * \param hash hash function to use (MBEDTLS_MD_XXX) |
| * \param curve elliptic curve identifier (MBEDTLS_ECP_DP_XXX) |
| * \param secret shared secret |
| * \param len length of the shared secret |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, |
| mbedtls_ecjpake_role role, |
| mbedtls_md_type_t hash, |
| mbedtls_ecp_group_id curve, |
| const unsigned char *secret, |
| size_t len ); |
| |
| /* |
| * \brief Generate and write contents of ClientHello extension |
| * (excluding extension type and length bytes) |
| * |
| * \param ctx Context to use |
| * \param buf Buffer to write the contents to |
| * \param len Buffer size |
| * \param olen Will be updated with the number of bytes written |
| * \param f_rng RNG function |
| * \param p_rng RNG parameter |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_write_client_ext( mbedtls_ecjpake_context *ctx, |
| unsigned char *buf, size_t len, size_t *olen, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng ); |
| /* |
| * \brief Read and process contents of the ClientHello extension |
| * (excluding extension type and length bytes) |
| * |
| * \param ctx Context to use |
| * \param buf Pointer to extension contents |
| * \param len Extension length |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_read_client_ext( mbedtls_ecjpake_context *ctx, |
| const unsigned char *buf, |
| size_t len ); |
| |
| /* |
| * \brief Generate and write contents of ServerHello extension |
| * (excluding extension type and length bytes) |
| * |
| * \param ctx Context to use |
| * \param buf Buffer to write the contents to |
| * \param len Buffer size |
| * \param olen Will be updated with the number of bytes written |
| * \param f_rng RNG function |
| * \param p_rng RNG parameter |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_write_server_ext( mbedtls_ecjpake_context *ctx, |
| unsigned char *buf, size_t len, size_t *olen, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng ); |
| |
| /* |
| * \brief Read and process contents of the ServerHello extension |
| * (excluding extension type and length bytes) |
| * |
| * \param ctx Context to use |
| * \param buf Pointer to extension contents |
| * \param len Extension length |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_read_server_ext( mbedtls_ecjpake_context *ctx, |
| const unsigned char *buf, |
| size_t len ); |
| |
| /* |
| * \brief Generate and write ServerECJPAKEParams |
| * (the contents for the ServerKeyExchange) |
| * |
| * \param ctx Context to use |
| * \param buf Buffer to write the contents to |
| * \param len Buffer size |
| * \param olen Will be updated with the number of bytes written |
| * \param f_rng RNG function |
| * \param p_rng RNG parameter |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_write_server_params( mbedtls_ecjpake_context *ctx, |
| unsigned char *buf, size_t len, size_t *olen, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng ); |
| |
| /* |
| * \brief Read and process ServerECJPAKEParams |
| * (the contents for the ServerKeyExchange) |
| * |
| * \param ctx Context to use |
| * \param buf Pointer to the message |
| * \param len Message length |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_read_server_params( mbedtls_ecjpake_context *ctx, |
| const unsigned char *buf, |
| size_t len ); |
| |
| /* |
| * \brief Generate and write ClientECJPAKEParams |
| * (the contents for the ClientKeyExchange) |
| * |
| * \param ctx Context to use |
| * \param buf Buffer to write the contents to |
| * \param len Buffer size |
| * \param olen Will be updated with the number of bytes written |
| * \param f_rng RNG function |
| * \param p_rng RNG parameter |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_write_client_params( mbedtls_ecjpake_context *ctx, |
| unsigned char *buf, size_t len, size_t *olen, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng ); |
| |
| /* |
| * \brief Read and process ClientECJPAKEParams |
| * (the contents for the ClientKeyExchange) |
| * |
| * \param ctx Context to use |
| * \param buf Pointer to the message |
| * \param len Message length |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_read_client_params( mbedtls_ecjpake_context *ctx, |
| const unsigned char *buf, |
| size_t len ); |
| |
| /* |
| * \brief Derive the Pre-Master Secret used by TLS |
| * |
| * \param ctx |
| * \param buf Buffer to write the contents to |
| * \param len Buffer size |
| * \param olen Will be updated with the number of bytes written |
| * \param f_rng RNG function |
| * \param p_rng RNG parameter |
| * |
| * \return 0 if successfull, |
| * a negative error code otherwise |
| */ |
| int mbedtls_ecjpake_tls_derive_pms( mbedtls_ecjpake_context *ctx, |
| unsigned char *buf, size_t len, size_t *olen, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng ); |
| |
| /* |
| * \brief Free a context's content |
| * |
| * \param ctx context to free |
| */ |
| void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); |
| |
| #if defined(MBEDTLS_SELF_TEST) |
| /** |
| * \brief Checkup routine |
| * |
| * \return 0 if successful, or 1 if a test failed |
| */ |
| int mbedtls_ecjpake_self_test( int verbose ); |
| #endif |
| |
| #ifdef __cplusplus |
| } |
| #endif |
| |
| #endif /* ecjpake.h */ |
