From 4d8685b4ff1c92f1000635ebf4c0c9383c13847f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 5 Aug 2015 15:44:42 +0200 Subject: [PATCH] Add skeleton for EC J-PAKE module --- include/mbedtls/check_config.h | 5 ++ include/mbedtls/config.h | 16 ++++++ include/mbedtls/ecjpake.h | 46 ++++++++++++++++++ library/CMakeLists.txt | 1 + library/Makefile | 3 +- library/ecjpake.c | 62 ++++++++++++++++++++++++ library/version_features.c | 3 ++ programs/test/selftest.c | 6 +++ tests/CMakeLists.txt | 3 +- tests/Makefile | 6 ++- tests/suites/test_suite_ecjpake.data | 2 + tests/suites/test_suite_ecjpake.function | 15 ++++++ 12 files changed, 165 insertions(+), 3 deletions(-) create mode 100644 include/mbedtls/ecjpake.h create mode 100644 library/ecjpake.c create mode 100644 tests/suites/test_suite_ecjpake.data create mode 100644 tests/suites/test_suite_ecjpake.function diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index cb707e9bc..ee89c9fad 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -88,6 +88,11 @@ #error "MBEDTLS_ECDSA_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_ECJPAKE_C) && \ + ( !defined(MBEDTLS_ECP_C) || !defined(MBEDTLS_MD_C) ) +#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 66657da55..fa202756f 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1670,6 +1670,21 @@ */ #define MBEDTLS_ECDSA_C +/** + * \def MBEDTLS_ECJPAKE_C + * + * Enable the elliptic curve J-PAKE library. + * + * Module: library/ecjpake.c + * Caller: + * + * This module is used by the following key exchanges: + * ECJPAKE + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C + */ +#define MBEDTLS_ECJPAKE_C + /** * \def MBEDTLS_ECP_C * @@ -1678,6 +1693,7 @@ * Module: library/ecp.c * Caller: library/ecdh.c * library/ecdsa.c + * library/ecjpake.c * * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED */ diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h new file mode 100644 index 000000000..57f4b15e4 --- /dev/null +++ b/include/mbedtls/ecjpake.h @@ -0,0 +1,46 @@ +/** + * \file ecjpake.h + * + * \brief Elliptic curve J-PAKE + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_ECJPAKE_H +#define MBEDTLS_ECJPAKE_H + +#include "ecp.h" +#include "md.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(MBEDTLS_SELF_TEST) +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if a test failed + */ +int mbedtls_ecjpake_self_test( int verbose ); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* ecjpake.h */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index c458117d4..d6c551a74 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -20,6 +20,7 @@ set(src_crypto dhm.c ecdh.c ecdsa.c + ecjpake.c ecp.c ecp_curves.c entropy.c diff --git a/library/Makefile b/library/Makefile index f72ae8e35..7d253434c 100644 --- a/library/Makefile +++ b/library/Makefile @@ -49,7 +49,8 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ bignum.o blowfish.o camellia.o \ ccm.o cipher.o cipher_wrap.o \ ctr_drbg.o des.o dhm.o \ - ecdh.o ecdsa.o ecp.o \ + ecdh.o ecdsa.o ecjpake.o \ + ecp.o \ ecp_curves.o entropy.o entropy_poll.o \ error.o gcm.o havege.o \ hmac_drbg.o md.o md2.o \ diff --git a/library/ecjpake.c b/library/ecjpake.c new file mode 100644 index 000000000..4895990f2 --- /dev/null +++ b/library/ecjpake.c @@ -0,0 +1,62 @@ +/* + * Elliptic curve J-PAKE + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/* + * EC-JPAKE is defined in Chapter 7.4 of the Thread specification. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_ECJPAKE_C) + +#include "mbedtls/ecjpake.h" + +#if defined(MBEDTLS_SELF_TEST) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_printf printf +#endif + +/* + * Checkup routine + */ +int mbedtls_ecjpake_self_test( int verbose ) +{ + int ret; + + ret = 0; /* XXX */ + + if( verbose != 0 ) + mbedtls_printf( "\n" ); + + return( ret ); +} + +#endif /* MBEDTLS_SELF_TEST */ + +#endif /* MBEDTLS_ECJPAKE_C */ diff --git a/library/version_features.c b/library/version_features.c index c2f30f21c..fa7a99809 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -462,6 +462,9 @@ static const char *features[] = { #if defined(MBEDTLS_ECDSA_C) "MBEDTLS_ECDSA_C", #endif /* MBEDTLS_ECDSA_C */ +#if defined(MBEDTLS_ECJPAKE_C) + "MBEDTLS_ECJPAKE_C", +#endif /* MBEDTLS_ECJPAKE_C */ #if defined(MBEDTLS_ECP_C) "MBEDTLS_ECP_C", #endif /* MBEDTLS_ECP_C */ diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 82e9581f0..fe5d51426 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -49,6 +49,7 @@ #include "mbedtls/xtea.h" #include "mbedtls/pkcs5.h" #include "mbedtls/ecp.h" +#include "mbedtls/ecjpake.h" #include "mbedtls/timing.h" #include @@ -244,6 +245,11 @@ int main( int argc, char *argv[] ) return( ret ); #endif +#if defined(MBEDTLS_ECJPAKE_C) + if( ( ret = mbedtls_ecjpake_self_test( v ) ) != 0 ) + return( ret ); +#endif + #if defined(MBEDTLS_DHM_C) if( ( ret = mbedtls_dhm_self_test( v ) ) != 0 ) return( ret ); diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 864ea77d1..1cca81830 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -60,9 +60,10 @@ add_test_suite(ctr_drbg) add_test_suite(debug) add_test_suite(des) add_test_suite(dhm) -add_test_suite(ecp) add_test_suite(ecdh) add_test_suite(ecdsa) +add_test_suite(ecjpake) +add_test_suite(ecp) add_test_suite(entropy) add_test_suite(error) add_test_suite(gcm gcm.aes128_en) diff --git a/tests/Makefile b/tests/Makefile index e97887ae1..c5172e4d6 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -60,7 +60,7 @@ APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \ test_suite_ctr_drbg$(EXEXT) test_suite_debug$(EXEXT) \ test_suite_des$(EXEXT) test_suite_dhm$(EXEXT) \ test_suite_ecdh$(EXEXT) test_suite_ecdsa$(EXEXT) \ - test_suite_ecp$(EXEXT) \ + test_suite_ecjpake$(EXEXT) test_suite_ecp$(EXEXT) \ test_suite_error$(EXEXT) test_suite_entropy$(EXEXT) \ test_suite_gcm.aes128_de$(EXEXT) \ test_suite_gcm.aes192_de$(EXEXT) \ @@ -292,6 +292,10 @@ test_suite_ecdsa$(EXEXT): test_suite_ecdsa.c $(DEP) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +test_suite_ecjpake$(EXEXT): test_suite_ecjpake.c $(DEP) + echo " CC $<" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + test_suite_ecp$(EXEXT): test_suite_ecp.c $(DEP) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/tests/suites/test_suite_ecjpake.data b/tests/suites/test_suite_ecjpake.data new file mode 100644 index 000000000..3aff2eddb --- /dev/null +++ b/tests/suites/test_suite_ecjpake.data @@ -0,0 +1,2 @@ +ECJPAKE selftest +ecjpake_selftest: diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function new file mode 100644 index 000000000..44a1f009b --- /dev/null +++ b/tests/suites/test_suite_ecjpake.function @@ -0,0 +1,15 @@ +/* BEGIN_HEADER */ +#include "mbedtls/ecjpake.h" +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_ECJPAKE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ +void ecjpake_selftest() +{ + TEST_ASSERT( mbedtls_ecjpake_self_test( 0 ) == 0 ); +} +/* END_CASE */