1 /* 2 * Interface to code from Project Everest 3 * 4 * Copyright 2016-2018 INRIA and Microsoft Corporation 5 * SPDX-License-Identifier: Apache-2.0 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may 8 * not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 * 19 * This file is part of Mbed TLS (https://tls.mbed.org). 20 */ 21 22 #ifndef MBEDTLS_EVEREST_H 23 #define MBEDTLS_EVEREST_H 24 25 #include "everest/x25519.h" 26 27 #ifdef __cplusplus 28 extern "C" { 29 #endif 30 31 /** 32 * Defines the source of the imported EC key. 33 */ 34 typedef enum 35 { 36 MBEDTLS_EVEREST_ECDH_OURS, /**< Our key. */ 37 MBEDTLS_EVEREST_ECDH_THEIRS, /**< The key of the peer. */ 38 } mbedtls_everest_ecdh_side; 39 40 typedef struct { 41 mbedtls_x25519_context ctx; 42 } mbedtls_ecdh_context_everest; 43 44 45 /** 46 * \brief This function sets up the ECDH context with the information 47 * given. 48 * 49 * This function should be called after mbedtls_ecdh_init() but 50 * before mbedtls_ecdh_make_params(). There is no need to call 51 * this function before mbedtls_ecdh_read_params(). 52 * 53 * This is the first function used by a TLS server for ECDHE 54 * ciphersuites. 55 * 56 * \param ctx The ECDH context to set up. 57 * \param grp_id The group id of the group to set up the context for. 58 * 59 * \return \c 0 on success. 60 */ 61 int mbedtls_everest_setup( mbedtls_ecdh_context_everest *ctx, int grp_id ); 62 63 /** 64 * \brief This function frees a context. 65 * 66 * \param ctx The context to free. 67 */ 68 void mbedtls_everest_free( mbedtls_ecdh_context_everest *ctx ); 69 70 /** 71 * \brief This function generates a public key and a TLS 72 * ServerKeyExchange payload. 73 * 74 * This is the second function used by a TLS server for ECDHE 75 * ciphersuites. (It is called after mbedtls_ecdh_setup().) 76 * 77 * \note This function assumes that the ECP group (grp) of the 78 * \p ctx context has already been properly set, 79 * for example, using mbedtls_ecp_group_load(). 80 * 81 * \see ecp.h 82 * 83 * \param ctx The ECDH context. 84 * \param olen The number of characters written. 85 * \param buf The destination buffer. 86 * \param blen The length of the destination buffer. 87 * \param f_rng The RNG function. 88 * \param p_rng The RNG context. 89 * 90 * \return \c 0 on success. 91 * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. 92 */ 93 int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen, 94 unsigned char *buf, size_t blen, 95 int( *f_rng )( void *, unsigned char *, size_t ), 96 void *p_rng ); 97 98 /** 99 * \brief This function parses and processes a TLS ServerKeyExhange 100 * payload. 101 * 102 * This is the first function used by a TLS client for ECDHE 103 * ciphersuites. 104 * 105 * \see ecp.h 106 * 107 * \param ctx The ECDH context. 108 * \param buf The pointer to the start of the input buffer. 109 * \param end The address for one Byte past the end of the buffer. 110 * 111 * \return \c 0 on success. 112 * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. 113 * 114 */ 115 int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, 116 const unsigned char **buf, const unsigned char *end ); 117 118 /** 119 * \brief This function parses and processes a TLS ServerKeyExhange 120 * payload. 121 * 122 * This is the first function used by a TLS client for ECDHE 123 * ciphersuites. 124 * 125 * \see ecp.h 126 * 127 * \param ctx The ECDH context. 128 * \param buf The pointer to the start of the input buffer. 129 * \param end The address for one Byte past the end of the buffer. 130 * 131 * \return \c 0 on success. 132 * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. 133 * 134 */ 135 int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, 136 const unsigned char **buf, const unsigned char *end ); 137 138 /** 139 * \brief This function sets up an ECDH context from an EC key. 140 * 141 * It is used by clients and servers in place of the 142 * ServerKeyEchange for static ECDH, and imports ECDH 143 * parameters from the EC key information of a certificate. 144 * 145 * \see ecp.h 146 * 147 * \param ctx The ECDH context to set up. 148 * \param key The EC key to use. 149 * \param side Defines the source of the key: 1: Our key, or 150 * 0: The key of the peer. 151 * 152 * \return \c 0 on success. 153 * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. 154 * 155 */ 156 int mbedtls_everest_get_params( mbedtls_ecdh_context_everest *ctx, const mbedtls_ecp_keypair *key, 157 mbedtls_everest_ecdh_side side ); 158 159 /** 160 * \brief This function generates a public key and a TLS 161 * ClientKeyExchange payload. 162 * 163 * This is the second function used by a TLS client for ECDH(E) 164 * ciphersuites. 165 * 166 * \see ecp.h 167 * 168 * \param ctx The ECDH context. 169 * \param olen The number of Bytes written. 170 * \param buf The destination buffer. 171 * \param blen The size of the destination buffer. 172 * \param f_rng The RNG function. 173 * \param p_rng The RNG context. 174 * 175 * \return \c 0 on success. 176 * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. 177 */ 178 int mbedtls_everest_make_public( mbedtls_ecdh_context_everest *ctx, size_t *olen, 179 unsigned char *buf, size_t blen, 180 int( *f_rng )( void *, unsigned char *, size_t ), 181 void *p_rng ); 182 183 /** 184 * \brief This function parses and processes a TLS ClientKeyExchange 185 * payload. 186 * 187 * This is the third function used by a TLS server for ECDH(E) 188 * ciphersuites. (It is called after mbedtls_ecdh_setup() and 189 * mbedtls_ecdh_make_params().) 190 * 191 * \see ecp.h 192 * 193 * \param ctx The ECDH context. 194 * \param buf The start of the input buffer. 195 * \param blen The length of the input buffer. 196 * 197 * \return \c 0 on success. 198 * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. 199 */ 200 int mbedtls_everest_read_public( mbedtls_ecdh_context_everest *ctx, 201 const unsigned char *buf, size_t blen ); 202 203 /** 204 * \brief This function derives and exports the shared secret. 205 * 206 * This is the last function used by both TLS client 207 * and servers. 208 * 209 * \note If \p f_rng is not NULL, it is used to implement 210 * countermeasures against side-channel attacks. 211 * For more information, see mbedtls_ecp_mul(). 212 * 213 * \see ecp.h 214 * 215 * \param ctx The ECDH context. 216 * \param olen The number of Bytes written. 217 * \param buf The destination buffer. 218 * \param blen The length of the destination buffer. 219 * \param f_rng The RNG function. 220 * \param p_rng The RNG context. 221 * 222 * \return \c 0 on success. 223 * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. 224 */ 225 int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen, 226 unsigned char *buf, size_t blen, 227 int( *f_rng )( void *, unsigned char *, size_t ), 228 void *p_rng ); 229 230 #ifdef __cplusplus 231 } 232 #endif 233 234 #endif /* MBEDTLS_EVEREST_H */ 235