yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add ecjpake_kkpp_read/write

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-08-12 14:43:57 +02:00
parent 4f2cd95e1d
commit 082767ff0c
1 changed files with 115 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

151
library/ecjpake.c
View file

@ -249,8 +249,8 @@ cleanup:
} }
/* /*
* Parse verify a ECJPAKEKeyKP (7.4.2.2.1) * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof
* Output: public key X * Output: verified public key X
*/ */
static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info,
const mbedtls_ecp_group *grp, const mbedtls_ecp_group *grp,
@ -315,6 +315,71 @@ cleanup:
return( ret ); return( ret );
} }
/*
* Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs
* Ouputs: verified peer public keys Xa, Xb
*/
static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info,
const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *G,
mbedtls_ecp_point *Xa,
mbedtls_ecp_point *Xb,
const char *id,
const unsigned char *buf,
size_t len )
{
int ret;
unsigned char *p = (unsigned char *) buf;
const unsigned char *end = buf + len;
/*
* struct {
* ECJPAKEKeyKP ecjpake_key_kp_pair_list[2];
* } ECJPAKEKeyKPPairList;
*/
MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, G, Xa, id, &p, end ) );
MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, G, Xb, id, &p, end ) );
if( p != end )
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
cleanup:
return( ret );
}
/*
* Generate a ECJPAKEKeyKPPairList
* Outputs: the serialized structure, plus two private/public key pairs
*/
static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info,
const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *G,
mbedtls_mpi *xa,
mbedtls_ecp_point *Xa,
mbedtls_mpi *xb,
mbedtls_ecp_point *Xb,
const char *id,
unsigned char *buf,
size_t len,
size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
unsigned char *p = buf;
const unsigned char *end = buf + len;
MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, G, xa, Xa, id,
&p, end, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, G, xb, Xb, id,
&p, end, f_rng, p_rng ) );
*olen = p - buf;
cleanup:
return( ret );
}
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
@ -333,7 +398,7 @@ int mbedtls_ecjpake_self_test( int verbose )
} }
#else #else
static const unsigned char ecjpake_test_kkp[] = { static const unsigned char ecjpake_test_kkpp[] = {
0x41, 0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19, 0x41, 0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19,
0x33, 0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44, 0x33, 0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44,
0xe5, 0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad, 0xe5, 0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad,
@ -347,7 +412,21 @@ static const unsigned char ecjpake_test_kkp[] = {
0x36, 0xfb, 0x66, 0xa6, 0x58, 0x3d, 0x74, 0x49, 0x30, 0x8b, 0xab, 0xce, 0x36, 0xfb, 0x66, 0xa6, 0x58, 0x3d, 0x74, 0x49, 0x30, 0x8b, 0xab, 0xce,
0x20, 0x72, 0xfe, 0x16, 0x66, 0x29, 0x92, 0xe9, 0x23, 0x5c, 0x25, 0x00, 0x20, 0x72, 0xfe, 0x16, 0x66, 0x29, 0x92, 0xe9, 0x23, 0x5c, 0x25, 0x00,
0x2f, 0x11, 0xb1, 0x50, 0x87, 0xb8, 0x27, 0x38, 0xe0, 0x3c, 0x94, 0x5b, 0x2f, 0x11, 0xb1, 0x50, 0x87, 0xb8, 0x27, 0x38, 0xe0, 0x3c, 0x94, 0x5b,
0xf7, 0xa2, 0x99, 0x5d, 0xda, 0x1e, 0x98, 0x34, 0x58 0xf7, 0xa2, 0x99, 0x5d, 0xda, 0x1e, 0x98, 0x34, 0x58, 0x41, 0x04, 0x7e,
0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7, 0x92, 0x62,
0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40, 0x9a, 0xc5,
0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79, 0x0a, 0xeb,
0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1, 0xc3, 0x35,
0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3, 0x2b, 0xb0,
0x13, 0xbb, 0x2b, 0x41, 0x04, 0xa4, 0x95, 0x58, 0xd3, 0x2e, 0xd1, 0xeb,
0xfc, 0x18, 0x16, 0xaf, 0x4f, 0xf0, 0x9b, 0x55, 0xfc, 0xb4, 0xca, 0x47,
0xb2, 0xa0, 0x2d, 0x1e, 0x7c, 0xaf, 0x11, 0x79, 0xea, 0x3f, 0xe1, 0x39,
0x5b, 0x22, 0xb8, 0x61, 0x96, 0x40, 0x16, 0xfa, 0xba, 0xf7, 0x2c, 0x97,
0x56, 0x95, 0xd9, 0x3d, 0x4d, 0xf0, 0xe5, 0x19, 0x7f, 0xe9, 0xf0, 0x40,
0x63, 0x4e, 0xd5, 0x97, 0x64, 0x93, 0x77, 0x87, 0xbe, 0x20, 0xbc, 0x4d,
0xee, 0xbb, 0xf9, 0xb8, 0xd6, 0x0a, 0x33, 0x5f, 0x04, 0x6c, 0xa3, 0xaa,
0x94, 0x1e, 0x45, 0x86, 0x4c, 0x7c, 0xad, 0xef, 0x9c, 0xf7, 0x5b, 0x3d,
0x8b, 0x01, 0x0e, 0x44, 0x3e, 0xf0
}; };
/* For tests we don't need a secure RNG; /* For tests we don't need a secure RNG;
@ -387,62 +466,62 @@ int mbedtls_ecjpake_self_test( int verbose )
{ {
int ret; int ret;
mbedtls_ecp_group grp; mbedtls_ecp_group grp;
mbedtls_ecp_point X; mbedtls_ecp_point Xa, Xb;
mbedtls_mpi x; mbedtls_mpi xa, xb;
const mbedtls_md_info_t *md_info; const mbedtls_md_info_t *md_info;
unsigned char buf[1000]; unsigned char buf[1000];
unsigned char *p; size_t len;
const unsigned char *end;
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &X ); mbedtls_ecp_point_init( &Xa );
mbedtls_mpi_init( &x ); mbedtls_ecp_point_init( &Xb );
mbedtls_mpi_init( &xa );
mbedtls_mpi_init( &xb );
/* Common to all tests */ /* Common to all tests */
md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP256R1 ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP256R1 ) );
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( " ECJPAKE test #1 (kkp read): " ); mbedtls_printf( " ECJPAKE test #1 (kkpp read): " );
p = (unsigned char *) ecjpake_test_kkp; TEST_ASSERT( ecjpake_kkpp_read( md_info, &grp, &grp.G,
end = ecjpake_test_kkp + sizeof( ecjpake_test_kkp ); &Xa, &Xb, "client",
MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, &grp, &grp.G, &X, "client", ecjpake_test_kkpp,
&p, end ) ); sizeof( ecjpake_test_kkpp ) ) == 0 );
TEST_ASSERT( p == end ); /* Corrupt message */
memcpy( buf, ecjpake_test_kkpp, sizeof( ecjpake_test_kkpp ) );
/* Corrupt proof */ buf[sizeof( ecjpake_test_kkpp ) - 1]--;
memcpy( buf, ecjpake_test_kkp, sizeof( ecjpake_test_kkp ) ); TEST_ASSERT( ecjpake_kkpp_read( md_info, &grp, &grp.G,
buf[sizeof( ecjpake_test_kkp ) - 1]--; &Xa, &Xb, "client",
p = buf; buf, sizeof( ecjpake_test_kkpp ) )
end = buf + sizeof( ecjpake_test_kkp ); == MBEDTLS_ERR_ECP_VERIFY_FAILED );
ret = ecjpake_kkp_read( md_info, &grp, &grp.G, &X, "client", &p, end );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( " ECJPAKE test #2 (kkp write/read): " ); mbedtls_printf( " ECJPAKE test #2 (kkpp write/read): " );
p = buf; TEST_ASSERT( ecjpake_kkpp_write( md_info, &grp, &grp.G,
MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, &grp, &grp.G, &x, &X, "client", &xa, &Xa, &xb, &Xb, "client",
&p, buf + sizeof( buf ), buf, sizeof( buf ), &len,
ecjpake_lgc, NULL ) ); ecjpake_lgc, NULL ) == 0 );
end = p;
p = buf; TEST_ASSERT( ecjpake_kkpp_read( md_info, &grp, &grp.G,
MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, &grp, &grp.G, &X, "client", &Xa, &Xb, "client",
&p, end ) ); buf, len ) == 0 );
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "passed\n" ); mbedtls_printf( "passed\n" );
cleanup: cleanup:
mbedtls_ecp_group_free( &grp ); mbedtls_ecp_group_free( &grp );
mbedtls_ecp_point_free( &X ); mbedtls_ecp_point_free( &Xa );
mbedtls_mpi_free( &x ); mbedtls_ecp_point_free( &Xb );
mbedtls_mpi_free( &xa );
mbedtls_mpi_free( &xb );
if( ret != 0 ) if( ret != 0 )
{ {