mbed TLS v3.1.0
|
Elliptic curve J-PAKE. More...
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "mbedtls/ecp.h"
#include "mbedtls/md.h"
#include "ecjpake_alt.h"
Go to the source code of this file.
Enumerations | |
enum | mbedtls_ecjpake_role { MBEDTLS_ECJPAKE_CLIENT = 0, MBEDTLS_ECJPAKE_SERVER } |
Functions | |
void | mbedtls_ecjpake_init (mbedtls_ecjpake_context *ctx) |
Initialize an ECJPAKE context. More... | |
int | mbedtls_ecjpake_setup (mbedtls_ecjpake_context *ctx, mbedtls_ecjpake_role role, mbedtls_md_type_t hash, mbedtls_ecp_group_id curve, const unsigned char *secret, size_t len) |
Set up an ECJPAKE context for use. More... | |
int | mbedtls_ecjpake_set_point_format (mbedtls_ecjpake_context *ctx, int point_format) |
Set the point format for future reads and writes. More... | |
int | mbedtls_ecjpake_check (const mbedtls_ecjpake_context *ctx) |
Check if an ECJPAKE context is ready for use. More... | |
int | mbedtls_ecjpake_write_round_one (mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Generate and write the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes). More... | |
int | mbedtls_ecjpake_read_round_one (mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len) |
Read and process the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes). More... | |
int | mbedtls_ecjpake_write_round_two (mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange). More... | |
int | mbedtls_ecjpake_read_round_two (mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len) |
Read and process the second round message (TLS: contents of the Client/ServerKeyExchange). More... | |
int | mbedtls_ecjpake_derive_secret (mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Derive the shared secret (TLS: Pre-Master Secret). More... | |
void | mbedtls_ecjpake_free (mbedtls_ecjpake_context *ctx) |
This clears an ECJPAKE context and frees any embedded data structure. More... | |
int | mbedtls_ecjpake_self_test (int verbose) |
Checkup routine. More... | |
Elliptic curve J-PAKE.
Definition in file ecjpake.h.
enum mbedtls_ecjpake_role |
int mbedtls_ecjpake_check | ( | const mbedtls_ecjpake_context * | ctx | ) |
Check if an ECJPAKE context is ready for use.
ctx | The ECJPAKE context to check. This must be initialized. |
0
if the context is ready for use. int mbedtls_ecjpake_derive_secret | ( | mbedtls_ecjpake_context * | ctx, |
unsigned char * | buf, | ||
size_t | len, | ||
size_t * | olen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Derive the shared secret (TLS: Pre-Master Secret).
ctx | The ECJPAKE context to use. This must be initialized, set up and have performed both round one and two. |
buf | The buffer to write the derived secret to. This must be a writable buffer of length len Bytes. |
len | The length of buf in Bytes. |
olen | The address at which to store the total number of Bytes written to buf . This must not be NULL . |
f_rng | The RNG function to use. This must not be NULL . |
p_rng | The RNG parameter to be passed to f_rng . This may be NULL if f_rng doesn't use a context. |
0
if successful. void mbedtls_ecjpake_free | ( | mbedtls_ecjpake_context * | ctx | ) |
This clears an ECJPAKE context and frees any embedded data structure.
ctx | The ECJPAKE context to free. This may be NULL , in which case this function does nothing. If it is not NULL , it must point to an initialized ECJPAKE context. |
void mbedtls_ecjpake_init | ( | mbedtls_ecjpake_context * | ctx | ) |
Initialize an ECJPAKE context.
ctx | The ECJPAKE context to initialize. This must not be NULL . |
int mbedtls_ecjpake_read_round_one | ( | mbedtls_ecjpake_context * | ctx, |
const unsigned char * | buf, | ||
size_t | len | ||
) |
Read and process the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes).
ctx | The ECJPAKE context to use. This must be initialized and set up. |
buf | The buffer holding the first round message. This must be a readable buffer of length len Bytes. |
len | The length in Bytes of buf . |
0
if successful. int mbedtls_ecjpake_read_round_two | ( | mbedtls_ecjpake_context * | ctx, |
const unsigned char * | buf, | ||
size_t | len | ||
) |
Read and process the second round message (TLS: contents of the Client/ServerKeyExchange).
ctx | The ECJPAKE context to use. This must be initialized and set up and already have performed round one. |
buf | The buffer holding the second round message. This must be a readable buffer of length len Bytes. |
len | The length in Bytes of buf . |
0
if successful. int mbedtls_ecjpake_self_test | ( | int | verbose | ) |
Checkup routine.
int mbedtls_ecjpake_set_point_format | ( | mbedtls_ecjpake_context * | ctx, |
int | point_format | ||
) |
Set the point format for future reads and writes.
ctx | The ECJPAKE context to configure. |
point_format | The point format to use: MBEDTLS_ECP_PF_UNCOMPRESSED (default) or MBEDTLS_ECP_PF_COMPRESSED. |
0
if successful. point_format
is invalid. int mbedtls_ecjpake_setup | ( | mbedtls_ecjpake_context * | ctx, |
mbedtls_ecjpake_role | role, | ||
mbedtls_md_type_t | hash, | ||
mbedtls_ecp_group_id | curve, | ||
const unsigned char * | secret, | ||
size_t | len | ||
) |
Set up an ECJPAKE context for use.
ctx | The ECJPAKE context to set up. This must be initialized. |
role | The role of the caller. This must be either MBEDTLS_ECJPAKE_CLIENT or MBEDTLS_ECJPAKE_SERVER. |
hash | The identifier of the hash function to use, for example MBEDTLS_MD_SHA256. |
curve | The identifier of the elliptic curve to use, for example MBEDTLS_ECP_DP_SECP256R1. |
secret | The pre-shared secret (passphrase). This must be a readable buffer of length len Bytes. It need only be valid for the duration of this call. |
len | The length of the pre-shared secret secret . |
0
if successful. int mbedtls_ecjpake_write_round_one | ( | mbedtls_ecjpake_context * | ctx, |
unsigned char * | buf, | ||
size_t | len, | ||
size_t * | olen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Generate and write the first round message (TLS: contents of the Client/ServerHello extension, excluding extension type and length bytes).
ctx | The ECJPAKE context to use. This must be initialized and set up. |
buf | The buffer to write the contents to. This must be a writable buffer of length len Bytes. |
len | The length of buf in Bytes. |
olen | The address at which to store the total number of Bytes written to buf . This must not be NULL . |
f_rng | The RNG function to use. This must not be NULL . |
p_rng | The RNG parameter to be passed to f_rng . This may be NULL if f_rng doesn't use a context. |
0
if successful. int mbedtls_ecjpake_write_round_two | ( | mbedtls_ecjpake_context * | ctx, |
unsigned char * | buf, | ||
size_t | len, | ||
size_t * | olen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange).
ctx | The ECJPAKE context to use. This must be initialized, set up, and already have performed round one. |
buf | The buffer to write the round two contents to. This must be a writable buffer of length len Bytes. |
len | The size of buf in Bytes. |
olen | The address at which to store the total number of Bytes written to buf . This must not be NULL . |
f_rng | The RNG function to use. This must not be NULL . |
p_rng | The RNG parameter to be passed to f_rng . This may be NULL if f_rng doesn't use a context. |
0
if successful.