Manuel Pégourié-Gonnard
6657b8da3b
Fix curve-dependency test
2015-09-17 13:46:21 +02:00
Manuel Pégourié-Gonnard
75df902740
Add warning on config options
...
Note to self: actually disable before merging that branch!
2015-09-16 23:21:01 +02:00
Manuel Pégourié-Gonnard
921f2d02cf
Add test cases with DTLS and/or password mismatch
2015-09-16 22:58:30 +02:00
Manuel Pégourié-Gonnard
0f1660ab4f
Implement key exchange messages and PMS derivation
...
This completes the first working version. No interop testing done yet.
2015-09-16 22:58:30 +02:00
Manuel Pégourié-Gonnard
25dbeb002d
Skip certificate-related messages with ECJPAKE
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
0a1324aaa1
Add client-side extension parsing
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
55c7f99112
Add server writing of the extension
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
bf57be690e
Add server extension parsing
...
Only accept EC J-PAKE ciphersuite if extension was present and OK (single flag
for both), and ignore extension if we have no password.
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
e511b4e7cb
Ignore ECJPAKE suite if not configured on server
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
c1b46d0242
Fix bug in server parsing point formats extension
...
This bug becomes noticeable when the extension following the "supported point
formats" extension has a number starting with 0x01, which is the case of the
EC J-PAKE extension, which explains what I noticed the bug now.
This will be immediately backported to the stable branches,
see the corresponding commits for impact analysis.
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
60884a1597
Improve debug formatting of ciphersuites
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
70905a7855
Add ecjpake_pw option to ssl_client2/server2
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
eef142d753
Depend on ECJPAKE key exchange, not module
...
This is more consistent, as it doesn't make any sense for a user to be able to
set up an EC J-PAKE password with TLS if the corresponding key exchange is
disabled.
Arguably this is what we should de for other key exchanges as well instead of
depending on ECDH_C etc, but this is an independent issue, so let's just do
the right thing with the new key exchange and fix the other ones later. (This
is a marginal issue anyway, since people who disable all ECDH key exchange are
likely to also disable ECDH_C in order to minimize footprint.)
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
ddf97a6c92
Skip ECJPAKE suite in ClientHello if no pw set up
...
When we don't have a password, we want to skip the costly process of
generating the extension. So for consistency don't offer the ciphersuite
without the extension.
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
538cb7b0b4
Add the ECJPAKE ciphersuite
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
557535d8c4
Add ECJPAKE key exchange
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
294139b57a
Add client extension writing
2015-09-16 16:10:48 +02:00
Manuel Pégourié-Gonnard
b813accf84
Add mbedtls_ecjpake_check(), tells if set up
...
This will be used in SSL to avoid the computation-heavy processing of EC
J-PAKE hello extensions in case we don't have an EC J-PAKE password
2015-09-16 16:10:48 +02:00
Manuel Pégourié-Gonnard
7002f4a560
Add mbedtls_ssl_set_hs_ecjpake_password()
2015-09-16 16:10:48 +02:00
Manuel Pégourié-Gonnard
76cfd3f97f
Add EC J-PAKE context in handshake structure
2015-09-15 18:24:08 +02:00
Manuel Pégourié-Gonnard
f472179d44
Adjust dependencies for EC extensions
...
The Thread spec says we need those for EC J-PAKE too.
However, we won't be using the information, so we can skip the parsing
functions in an EC J-PAKE only config; keep the writing functions in order to
comply with the spec.
2015-09-15 18:22:00 +02:00
Manuel Pégourié-Gonnard
cd345898a0
Fix #ifdef in test suite
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
d9802af1d0
Add tests for round 2
...
Also move one check earlier as it makes more sense
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
3059095e86
Complete tests for reading round one
...
Also change the code to forbid public keys being 0
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
bbe4e52c3b
Start adding tests for EC J-PAKE round one
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
d0d8a935b2
Blind operations on the secret
...
I'm not sure this is necessary, because it is only multiplied by xm2 which is
already random and secret, but OTOH, xm2 is related to a public value, so
let's add blinding with a random value that's only use for blinding, just to
be extra sure.
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
55f3d84faa
fixup-include
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
c907081a20
Polish the source
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
f7368c983a
Polish API and documentation
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
e1927101fb
Unify round two
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
d8204a7bea
Provide symmetric API for the first round
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
e2d3a4e1b4
Unify loading of test vectors in tests
2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard
ce4567614b
Rename variable to prepare for cli/srv unification
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
6b798b9dae
Tune up some comments
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
e0ad57b0b3
Replace explicit IDs with table look-ups
...
That's a first step towards merging symmetric version of different functions
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
5f18829609
Add derive_pms, completing first working version
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
6449391852
Store our role in the context
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
614bd5e919
Add write_client_params
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
ec0eece2ba
Add read_client_params
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
bed9e41761
Add writing of server params
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
8d31e80da4
Improve testing strategy
...
- reference handshake tests that we get the right values (not much now, but
much more later when we get to deriving the PMS)
- random handshake in addition tests our generate/write functions against our
read functions, that are tested by the reference handshake, and will be
further tested in the test suite later against invalid inputs
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
1a7c5ef42b
Optimize some case of mbedtls_ecp_muladd()
...
Those are used by EC-JPAKE
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
cb7cd03412
Add first draft or read_server_params
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
23dcbe3f16
Add support for passphrase in the context
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
4e8bc78ad9
Add context-using functions for Hello extensions
...
Also re-order functions in the header so that they appear in the order they're
use, ie free() last.
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
7af8bc1007
Start introducing mbedtls_ecjpake_context
2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard
3aed1851b3
Re-order functions.
...
Use the same order for all read-write pair of functions
2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard
9028c5af9a
Improve const correctness of read() functions
2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard
082767ff0c
Add ecjpake_kkpp_read/write
2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard
4f2cd95e1d
Fix potential memory leaks
2015-09-07 12:43:09 +02:00