mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 13:15:30 +00:00
Improve DHM documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full and clear sentences. - Make sure to adhere to the Arm writing guidelines. - Fix missing/incorrect Doxygen tags. - Standardize terminology used within the file. - Standardize defines documentation GitHub PR: #1323
This commit is contained in:
parent
332658d80e
commit
41ad082484
|
@ -1,10 +1,18 @@
|
|||
/**
|
||||
* \file dhm.h
|
||||
*
|
||||
* \brief Diffie-Hellman-Merkle key exchange
|
||||
* \brief Diffie-Hellman-Merkle key exchange.
|
||||
*
|
||||
* <em>RFC-3526: More Modular Exponential (MODP) Diffie-Hellman groups for
|
||||
* Internet Key Exchange (IKE)</em> defines a number of standardized
|
||||
* Diffie-Hellman groups for IKE.
|
||||
*
|
||||
* <em>RFC-5114: Additional Diffie-Hellman Groups for Use with IETF
|
||||
* Standards</em> defines a number of standardized Diffie-Hellman
|
||||
* groups that can be used.
|
||||
*/
|
||||
/*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
* Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
|
@ -19,8 +27,9 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
* This file is part of Mbed TLS (https://tls.mbed.org)
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_DHM_H
|
||||
#define MBEDTLS_DHM_H
|
||||
|
||||
|
@ -35,7 +44,7 @@
|
|||
/*
|
||||
* DHM Error codes
|
||||
*/
|
||||
#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */
|
||||
#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */
|
||||
#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
|
||||
#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
|
||||
#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
|
||||
|
@ -43,22 +52,22 @@
|
|||
#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
|
||||
#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
|
||||
#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
|
||||
#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */
|
||||
#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */
|
||||
#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500 /**< DHM hardware accelerator failed. */
|
||||
|
||||
|
||||
/* The following lists the source of the above groups in the standards:
|
||||
* - RFC-3526 section 3: 2048-bit MODP Group
|
||||
* - RFC-3526 section 4: 3072-bit MODP Group
|
||||
* - RFC-3526 section 5: 4096-bit MODP Group
|
||||
* - RFC-5114 section 2.2: 2048-bit MODP Group with 224-bit Prime Order Subgroup
|
||||
* .
|
||||
*/
|
||||
|
||||
/**
|
||||
* RFC 3526 defines a number of standardized Diffie-Hellman groups
|
||||
* for IKE.
|
||||
* RFC 5114 defines a number of standardized Diffie-Hellman groups
|
||||
* that can be used.
|
||||
*
|
||||
* Some are included here for convenience.
|
||||
*
|
||||
* Included are:
|
||||
* RFC 3526 3. 2048-bit MODP Group
|
||||
* RFC 3526 4. 3072-bit MODP Group
|
||||
* RFC 3526 5. 4096-bit MODP Group
|
||||
* RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
|
||||
* The hexadecimal presentation of the prime underlying the 2048-bit MODP
|
||||
* Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
|
||||
* Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC3526_MODP_2048_P \
|
||||
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
|
||||
|
@ -73,8 +82,18 @@
|
|||
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
|
||||
"15728E5A8AACAA68FFFFFFFFFFFFFFFF"
|
||||
|
||||
/**
|
||||
* The hexadecimal presentation of the chosen generator of the 2048-bit MODP
|
||||
* Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
|
||||
* Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC3526_MODP_2048_G "02"
|
||||
|
||||
/**
|
||||
* The hexadecimal presentation of the prime underlying the 3072-bit MODP
|
||||
* Group, as defined in <em>RFC-3072: More Modular Exponential (MODP)
|
||||
* Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC3526_MODP_3072_P \
|
||||
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
|
||||
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
|
||||
|
@ -93,8 +112,18 @@
|
|||
"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
|
||||
"43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
|
||||
|
||||
/**
|
||||
* The hexadecimal presentation of the chosen generator of the 3072-bit MODP
|
||||
* Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
|
||||
* Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC3526_MODP_3072_G "02"
|
||||
|
||||
/**
|
||||
* The hexadecimal presentation of the prime underlying the 4096-bit MODP
|
||||
* Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
|
||||
* Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC3526_MODP_4096_P \
|
||||
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
|
||||
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
|
||||
|
@ -119,8 +148,19 @@
|
|||
"93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \
|
||||
"FFFFFFFFFFFFFFFF"
|
||||
|
||||
/**
|
||||
* The hexadecimal presentation of the chosen generator of the 4096-bit MODP
|
||||
* Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
|
||||
* Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC3526_MODP_4096_G "02"
|
||||
|
||||
/**
|
||||
* The hexadecimal presentation of the prime underlying the
|
||||
* 2048-bit MODP Group with 224-bit Prime Order Subgroup, as defined
|
||||
* in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
|
||||
* IETF Standards</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC5114_MODP_2048_P \
|
||||
"AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
|
||||
"B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
|
||||
|
@ -134,6 +174,11 @@
|
|||
"C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \
|
||||
"CF9DE5384E71B81C0AC4DFFE0C10E64F"
|
||||
|
||||
/**
|
||||
* The hexadecimal presentation of the chosen generator of the 2048-bit MODP
|
||||
* Group with 224-bit Prime Order Subgroup, as defined in <em>RFC-5114:
|
||||
* Additional Diffie-Hellman Groups for Use with IETF Standards</em>.
|
||||
*/
|
||||
#define MBEDTLS_DHM_RFC5114_MODP_2048_G \
|
||||
"AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\
|
||||
"74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\
|
||||
|
@ -152,59 +197,62 @@ extern "C" {
|
|||
#endif
|
||||
|
||||
/**
|
||||
* \brief DHM context structure
|
||||
* \brief The DHM context structure.
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
size_t len; /*!< size(P) in chars */
|
||||
mbedtls_mpi P; /*!< prime modulus */
|
||||
mbedtls_mpi G; /*!< generator */
|
||||
mbedtls_mpi X; /*!< secret value */
|
||||
mbedtls_mpi GX; /*!< self = G^X mod P */
|
||||
mbedtls_mpi GY; /*!< peer = G^Y mod P */
|
||||
mbedtls_mpi K; /*!< key = GY^X mod P */
|
||||
mbedtls_mpi RP; /*!< cached R^2 mod P */
|
||||
mbedtls_mpi Vi; /*!< blinding value */
|
||||
mbedtls_mpi Vf; /*!< un-blinding value */
|
||||
mbedtls_mpi pX; /*!< previous X */
|
||||
size_t len; /*!< The size of \p P in Bytes. */
|
||||
mbedtls_mpi P; /*!< The prime modulus. */
|
||||
mbedtls_mpi G; /*!< The generator. */
|
||||
mbedtls_mpi X; /*!< Our secret value. */
|
||||
mbedtls_mpi GX; /*!< Our public key = \c G^X mod \c P. */
|
||||
mbedtls_mpi GY; /*!< The public key of the peer = \c G^Y mod \c P. */
|
||||
mbedtls_mpi K; /*!< The shared secret = \c G^(XY) mod \c P. */
|
||||
mbedtls_mpi RP; /*!< The cached value = \c R^2 mod \c P. */
|
||||
mbedtls_mpi Vi; /*!< The blinding value. */
|
||||
mbedtls_mpi Vf; /*!< The unblinding value. */
|
||||
mbedtls_mpi pX; /*!< The previous \c X. */
|
||||
}
|
||||
mbedtls_dhm_context;
|
||||
|
||||
/**
|
||||
* \brief Initialize DHM context
|
||||
* \brief This function initializes the DHM context.
|
||||
*
|
||||
* \param ctx DHM context to be initialized
|
||||
* \param ctx The DHM context to initialize.
|
||||
*/
|
||||
void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Parse the ServerKeyExchange parameters
|
||||
* \brief This function parses the ServerKeyExchange parameters.
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param p &(start of input buffer)
|
||||
* \param end end of buffer
|
||||
* \param ctx The DHM context.
|
||||
* \param p The start of the input buffer.
|
||||
* \param end The end of the input buffer.
|
||||
*
|
||||
* \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
|
||||
* \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
|
||||
unsigned char **p,
|
||||
const unsigned char *end );
|
||||
|
||||
/**
|
||||
* \brief Setup and write the ServerKeyExchange parameters
|
||||
* \brief This function sets up and writes the ServerKeyExchange
|
||||
* parameters.
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param x_size private value size in bytes
|
||||
* \param output destination buffer
|
||||
* \param olen number of chars written
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
* \param ctx The DHM context.
|
||||
* \param x_size The private value size in Bytes.
|
||||
* \param olen The number of characters written.
|
||||
* \param output The destination buffer.
|
||||
* \param f_rng The RNG function.
|
||||
* \param p_rng The RNG parameter.
|
||||
*
|
||||
* \note This function assumes that ctx->P and ctx->G
|
||||
* have already been properly set (for example
|
||||
* using mbedtls_mpi_read_string or mbedtls_mpi_read_binary).
|
||||
* \note This function assumes that the \c ctx->P and \c ctx->G have
|
||||
* already been properly set, for example, using
|
||||
* mbedtls_mpi_read_string() or mbedtls_mpi_read_binary().
|
||||
*
|
||||
* \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
|
||||
* \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t *olen,
|
||||
|
@ -212,28 +260,32 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
|
|||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Import the peer's public value G^Y
|
||||
* \brief This function imports the public value G^Y of the peer.
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param input input buffer
|
||||
* \param ilen size of buffer
|
||||
* \param ctx The DHM context.
|
||||
* \param input The input buffer.
|
||||
* \param ilen The size of the input buffer.
|
||||
*
|
||||
* \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
|
||||
* \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
|
||||
const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief Create own private value X and export G^X
|
||||
* \brief This function creates its own private value \c X and
|
||||
* exports \c G^X.
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param x_size private value size in bytes
|
||||
* \param output destination buffer
|
||||
* \param olen must be at least equal to the size of P, ctx->len
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
* \param ctx The DHM context.
|
||||
* \param x_size The private value size in Bytes.
|
||||
* \param output The destination buffer.
|
||||
* \param olen The length of the destination buffer. Must be at least
|
||||
equal to ctx->len (the size of \c P).
|
||||
* \param f_rng The RNG function.
|
||||
* \param p_rng The RNG parameter.
|
||||
*
|
||||
* \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
|
||||
* \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t olen,
|
||||
|
@ -241,22 +293,24 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
|
|||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Derive and export the shared secret (G^Y)^X mod P
|
||||
* \brief This function derives and exports the shared secret
|
||||
* \c (G^Y)^X mod \c P.
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param output destination buffer
|
||||
* \param output_size size of the destination buffer
|
||||
* \param olen on exit, holds the actual number of bytes written
|
||||
* \param f_rng RNG function, for blinding purposes
|
||||
* \param p_rng RNG parameter
|
||||
* \param ctx The DHM context.
|
||||
* \param output The destination buffer.
|
||||
* \param output_size The size of the destination buffer.
|
||||
* \param olen On exit, holds the actual number of Bytes written.
|
||||
* \param f_rng The RNG function, for blinding purposes.
|
||||
* \param p_rng The RNG parameter.
|
||||
*
|
||||
* \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
|
||||
* \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
|
||||
* on failure.
|
||||
*
|
||||
* \note If non-NULL, f_rng is used to blind the input as
|
||||
* countermeasure against timing attacks. Blinding is
|
||||
* automatically used if and only if our secret value X is
|
||||
* re-used and costs nothing otherwise, so it is recommended
|
||||
* to always pass a non-NULL f_rng argument.
|
||||
* \note If non-NULL, \p f_rng is used to blind the input as
|
||||
* a countermeasure against timing attacks. Blinding is used
|
||||
* only if our secret value \p X is re-used and omitted
|
||||
* otherwise. Therefore, we recommend always passing a
|
||||
* non-NULL \p f_rng argument.
|
||||
*/
|
||||
int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
|
||||
unsigned char *output, size_t output_size, size_t *olen,
|
||||
|
@ -264,23 +318,24 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
|
|||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Free and clear the components of a DHM key
|
||||
* \brief This function frees and clears the components of a DHM key.
|
||||
*
|
||||
* \param ctx DHM context to free and clear
|
||||
* \param ctx The DHM context to free and clear.
|
||||
*/
|
||||
void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
|
||||
|
||||
#if defined(MBEDTLS_ASN1_PARSE_C)
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Parse DHM parameters in PEM or DER format
|
||||
* \brief This function parses DHM parameters in PEM or DER format.
|
||||
*
|
||||
* \param dhm DHM context to be initialized
|
||||
* \param dhmin input buffer
|
||||
* \param dhminlen size of the buffer
|
||||
* (including the terminating null byte for PEM data)
|
||||
* \param dhm The DHM context to initialize.
|
||||
* \param dhmin The input buffer.
|
||||
* \param dhminlen The size of the buffer, including the terminating null
|
||||
* Byte for PEM data.
|
||||
*
|
||||
* \return 0 if successful, or a specific DHM or PEM error code
|
||||
* \return \c 0 on success, or a specific DHM or PEM error code
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
|
||||
size_t dhminlen );
|
||||
|
@ -288,12 +343,13 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
|
|||
#if defined(MBEDTLS_FS_IO)
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load and parse DHM parameters
|
||||
* \brief This function loads and parses DHM parameters from a file.
|
||||
*
|
||||
* \param dhm DHM context to be initialized
|
||||
* \param path filename to read the DHM Parameters from
|
||||
* \param dhm The DHM context to load the parameters to.
|
||||
* \param path The filename to read the DHM parameters from.
|
||||
*
|
||||
* \return 0 if successful, or a specific DHM or PEM error code
|
||||
* \return \c 0 on success, or a specific DHM or PEM error code
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
|
||||
#endif /* MBEDTLS_FS_IO */
|
||||
|
@ -312,9 +368,9 @@ extern "C" {
|
|||
#endif
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
* \brief The DMH checkup routine.
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
* \return \c 0 on success, or \c 1 on failure.
|
||||
*/
|
||||
int mbedtls_dhm_self_test( int verbose );
|
||||
|
||||
|
|
|
@ -227,7 +227,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
|
||||
#if defined(MBEDTLS_DHM_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA) )
|
||||
mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters to function" );
|
||||
mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters" );
|
||||
if( use_ret == -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) )
|
||||
|
@ -243,7 +243,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
if( use_ret == -(MBEDTLS_ERR_DHM_ALLOC_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
|
||||
mbedtls_snprintf( buf, buflen, "DHM - Read/write of file failed" );
|
||||
mbedtls_snprintf( buf, buflen, "DHM - Read or write of file failed" );
|
||||
if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_DHM_C */
|
||||
|
|
Loading…
Reference in a new issue