Add support for passphrase in the context
This commit is contained in:
parent
4e8bc78ad9
commit
23dcbe3f16
@ -42,6 +42,8 @@ typedef struct
|
|||||||
|
|
||||||
mbedtls_mpi xa; /**< Our first secret (x1 or x3) */
|
mbedtls_mpi xa; /**< Our first secret (x1 or x3) */
|
||||||
mbedtls_mpi xb; /**< Our second secret (x2 or x4) */
|
mbedtls_mpi xb; /**< Our second secret (x2 or x4) */
|
||||||
|
|
||||||
|
mbedtls_mpi s; /**< Pre-shared secret */
|
||||||
} mbedtls_ecjpake_context;
|
} mbedtls_ecjpake_context;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -61,13 +63,17 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
|
|||||||
* \param ctx context to set up
|
* \param ctx context to set up
|
||||||
* \param hash hash function to use (MBEDTLS_MD_XXX)
|
* \param hash hash function to use (MBEDTLS_MD_XXX)
|
||||||
* \param curve elliptic curve identifier (MBEDTLS_ECP_DP_XXX)
|
* \param curve elliptic curve identifier (MBEDTLS_ECP_DP_XXX)
|
||||||
|
* \param secret shared secret
|
||||||
|
* \param len length of the shared secret
|
||||||
*
|
*
|
||||||
* \return 0 if successfull,
|
* \return 0 if successfull,
|
||||||
* a negative error code otherwise
|
* a negative error code otherwise
|
||||||
*/
|
*/
|
||||||
int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
|
int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
|
||||||
mbedtls_md_type_t hash,
|
mbedtls_md_type_t hash,
|
||||||
mbedtls_ecp_group_id curve );
|
mbedtls_ecp_group_id curve,
|
||||||
|
const unsigned char *secret,
|
||||||
|
size_t len );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* \brief Generate and write contents of ClientHello extension
|
* \brief Generate and write contents of ClientHello extension
|
||||||
|
@ -54,6 +54,7 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx )
|
|||||||
|
|
||||||
mbedtls_mpi_init( &ctx->xa );
|
mbedtls_mpi_init( &ctx->xa );
|
||||||
mbedtls_mpi_init( &ctx->xb );
|
mbedtls_mpi_init( &ctx->xb );
|
||||||
|
mbedtls_mpi_init( &ctx->s );
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -74,6 +75,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx )
|
|||||||
|
|
||||||
mbedtls_mpi_free( &ctx->xa );
|
mbedtls_mpi_free( &ctx->xa );
|
||||||
mbedtls_mpi_free( &ctx->xb );
|
mbedtls_mpi_free( &ctx->xb );
|
||||||
|
mbedtls_mpi_free( &ctx->s );
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -81,17 +83,25 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx )
|
|||||||
*/
|
*/
|
||||||
int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
|
int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
|
||||||
mbedtls_md_type_t hash,
|
mbedtls_md_type_t hash,
|
||||||
mbedtls_ecp_group_id curve )
|
mbedtls_ecp_group_id curve,
|
||||||
|
const unsigned char *secret,
|
||||||
|
size_t len )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL )
|
if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL )
|
||||||
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
|
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ecp_group_load( &ctx->grp, curve ) ) != 0 )
|
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) );
|
||||||
return( ret );
|
|
||||||
|
|
||||||
return( 0 );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->s, secret, len ) );
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->s, &ctx->s, &ctx->grp.N ) );
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
if( ret != 0 )
|
||||||
|
mbedtls_ecjpake_free( ctx );
|
||||||
|
|
||||||
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -575,12 +585,15 @@ int mbedtls_ecjpake_self_test( int verbose )
|
|||||||
mbedtls_ecjpake_context ctx;
|
mbedtls_ecjpake_context ctx;
|
||||||
unsigned char buf[1000];
|
unsigned char buf[1000];
|
||||||
size_t len;
|
size_t len;
|
||||||
|
char secret[] = "test passphrase";
|
||||||
|
|
||||||
mbedtls_ecjpake_init( &ctx );
|
mbedtls_ecjpake_init( &ctx );
|
||||||
|
|
||||||
/* Common to all tests */
|
/* Common to all tests */
|
||||||
TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_MD_SHA256,
|
TEST_ASSERT( mbedtls_ecjpake_setup( &ctx,
|
||||||
MBEDTLS_ECP_DP_SECP256R1 ) == 0 );
|
MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1,
|
||||||
|
(const unsigned char *) secret,
|
||||||
|
sizeof( secret ) - 1 ) == 0 );
|
||||||
|
|
||||||
if( verbose != 0 )
|
if( verbose != 0 )
|
||||||
mbedtls_printf( " ECJPAKE test #1 (client ext read): " );
|
mbedtls_printf( " ECJPAKE test #1 (client ext read): " );
|
||||||
|
Loading…
Reference in New Issue
Block a user