ECDH: Enable Everest Curve25519 in ECDH/ECDSA/ECP

This commit is contained in:
Christoph M. Wintersteiger 2018-10-25 13:03:05 +01:00 committed by Janos Follath
parent 696dedaed6
commit c9f737b4ba
3 changed files with 46 additions and 3 deletions

View file

@ -47,6 +47,10 @@
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed;
#else
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
#include "everest/everest.h"
#endif
#endif #endif
static mbedtls_ecp_group_id mbedtls_ecdh_grp_id( static mbedtls_ecp_group_id mbedtls_ecdh_grp_id(
@ -215,6 +219,11 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id )
#else #else
switch( grp_id ) switch( grp_id )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECP_DP_CURVE25519:
return( mbedtls_everest_setup( ctx, grp_id ) );
#endif
break;
default: default:
ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0;
@ -266,6 +275,11 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
mbedtls_everest_free( ctx );
break;
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
ecdh_free_internal( &ctx->ctx.mbed_ecdh ); ecdh_free_internal( &ctx->ctx.mbed_ecdh );
break; break;
@ -331,7 +345,7 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
} }
/* /*
* Setup and write the ServerKeyExhange parameters (RFC 4492) * Setup and write the ServerKeyExchange parameters (RFC 4492)
* struct { * struct {
* ECParameters curve_params; * ECParameters curve_params;
* ECPoint public; * ECPoint public;
@ -360,6 +374,10 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_make_params( ctx, olen, buf, blen, f_rng, p_rng ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen, return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen,
ctx->point_format, buf, blen, ctx->point_format, buf, blen,
@ -409,6 +427,10 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_read_params( ctx, buf, end) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh, return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh,
buf, end ) ); buf, end ) );
@ -473,6 +495,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_get_params( ctx, key, side ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh, return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh,
key, side ) ); key, side ) );
@ -544,6 +570,10 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_make_public( ctx, olen, buf, blen, f_rng, p_rng ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen, return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen,
ctx->point_format, buf, blen, ctx->point_format, buf, blen,
@ -585,6 +615,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_read_public( ctx, buf, blen ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh, return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh,
buf, blen ) ); buf, blen ) );
@ -667,6 +701,10 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
#else #else
switch( ctx->var ) switch( ctx->var )
{ {
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
case MBEDTLS_ECDH_VARIANT_EVEREST:
return( mbedtls_everest_calc_secret( ctx, olen, buf, blen, f_rng, p_rng ) );
#endif
case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf, return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf,
blen, f_rng, p_rng, blen, f_rng, p_rng,

View file

@ -263,8 +263,10 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
mbedtls_mpi *pk = &k, *pr = r; mbedtls_mpi *pk = &k, *pr = r;
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL ) if( grp->id == MBEDTLS_ECP_DP_CURVE25519 ||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); grp->id == MBEDTLS_ECP_DP_CURVE448 ||
grp->N.p == NULL )
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
/* Make sure d is in range 1..n-1 */ /* Make sure d is in range 1..n-1 */
if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )

View file

@ -409,6 +409,9 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] =
#endif #endif
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
{ MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" }, { MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" },
#endif
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
{ MBEDTLS_ECP_DP_CURVE25519, 0x001D, 256, "x25519" },
#endif #endif
{ MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, { MBEDTLS_ECP_DP_NONE, 0, 0, NULL },
}; };