Add skeleton for EC J-PAKE module

include/mbedtls/check_config.h

@@ -88,6 +88,11 @@
 #error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_ECJPAKE_C) &&           \
+    ( !defined(MBEDTLS_ECP_C) || !defined(MBEDTLS_MD_C) )
+#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
 #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
 #endif

include/mbedtls/config.h

@@ -1670,6 +1670,21 @@
  */
 #define MBEDTLS_ECDSA_C
 
+/**
+ * \def MBEDTLS_ECJPAKE_C
+ *
+ * Enable the elliptic curve J-PAKE library.
+ *
+ * Module:  library/ecjpake.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ *      ECJPAKE
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
+ */
+#define MBEDTLS_ECJPAKE_C
+
 /**
  * \def MBEDTLS_ECP_C
  *
@@ -1678,6 +1693,7 @@
  * Module:  library/ecp.c
  * Caller:  library/ecdh.c
  *          library/ecdsa.c
+ *          library/ecjpake.c
  *
  * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
  */

include/mbedtls/ecjpake.h

@@ -0,0 +1,46 @@
+/**
+ * \file ecjpake.h
+ *
+ * \brief Elliptic curve J-PAKE
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ECJPAKE_H
+#define MBEDTLS_ECJPAKE_H
+
+#include "ecp.h"
+#include "md.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int mbedtls_ecjpake_self_test( int verbose );
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ecjpake.h */

library/CMakeLists.txt

@@ -20,6 +20,7 @@ set(src_crypto
     dhm.c
     ecdh.c
     ecdsa.c
+    ecjpake.c
     ecp.c
     ecp_curves.c
     entropy.c

library/Makefile

@@ -49,7 +49,8 @@ OBJS_CRYPTO=	aes.o		aesni.o		arc4.o		\
 		bignum.o	blowfish.o	camellia.o	\
 		ccm.o		cipher.o	cipher_wrap.o	\
 		ctr_drbg.o	des.o		dhm.o		\
-		ecdh.o		ecdsa.o		ecp.o		\
+		ecdh.o		ecdsa.o		ecjpake.o	\
+		ecp.o						\
 		ecp_curves.o	entropy.o	entropy_poll.o	\
 		error.o		gcm.o		havege.o	\
 		hmac_drbg.o	md.o		md2.o		\

library/ecjpake.c

@@ -0,0 +1,62 @@
+/*
+ *  Elliptic curve J-PAKE
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * EC-JPAKE is defined in Chapter 7.4 of the Thread specification.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ECJPAKE_C)
+
+#include "mbedtls/ecjpake.h"
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf     printf
+#endif
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ecjpake_self_test( int verbose )
+{
+    int ret;
+
+    ret = 0; /* XXX */
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ECJPAKE_C */

library/version_features.c

@@ -462,6 +462,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_ECDSA_C)
     "MBEDTLS_ECDSA_C",
 #endif /* MBEDTLS_ECDSA_C */
+#if defined(MBEDTLS_ECJPAKE_C)
+    "MBEDTLS_ECJPAKE_C",
+#endif /* MBEDTLS_ECJPAKE_C */
 #if defined(MBEDTLS_ECP_C)
     "MBEDTLS_ECP_C",
 #endif /* MBEDTLS_ECP_C */

programs/test/selftest.c

@@ -49,6 +49,7 @@
 #include "mbedtls/xtea.h"
 #include "mbedtls/pkcs5.h"
 #include "mbedtls/ecp.h"
+#include "mbedtls/ecjpake.h"
 #include "mbedtls/timing.h"
 
 #include <stdio.h>
@@ -244,6 +245,11 @@ int main( int argc, char *argv[] )
         return( ret );
 #endif
 
+#if defined(MBEDTLS_ECJPAKE_C)
+    if( ( ret = mbedtls_ecjpake_self_test( v ) ) != 0 )
+        return( ret );
+#endif
+
 #if defined(MBEDTLS_DHM_C)
     if( ( ret = mbedtls_dhm_self_test( v ) ) != 0 )
         return( ret );

tests/CMakeLists.txt

@@ -60,9 +60,10 @@ add_test_suite(ctr_drbg)
 add_test_suite(debug)
 add_test_suite(des)
 add_test_suite(dhm)
-add_test_suite(ecp)
 add_test_suite(ecdh)
 add_test_suite(ecdsa)
+add_test_suite(ecjpake)
+add_test_suite(ecp)
 add_test_suite(entropy)
 add_test_suite(error)
 add_test_suite(gcm gcm.aes128_en)

tests/Makefile

@@ -60,7 +60,7 @@ APPS =	test_suite_aes.ecb$(EXEXT)	test_suite_aes.cbc$(EXEXT)	\
 	test_suite_ctr_drbg$(EXEXT)	test_suite_debug$(EXEXT)	\
 	test_suite_des$(EXEXT)		test_suite_dhm$(EXEXT)		\
 	test_suite_ecdh$(EXEXT)		test_suite_ecdsa$(EXEXT)	\
-	test_suite_ecp$(EXEXT)						\
+	test_suite_ecjpake$(EXEXT)	test_suite_ecp$(EXEXT)		\
 	test_suite_error$(EXEXT)	test_suite_entropy$(EXEXT)	\
 	test_suite_gcm.aes128_de$(EXEXT)				\
 	test_suite_gcm.aes192_de$(EXEXT)				\
@@ -292,6 +292,10 @@ test_suite_ecdsa$(EXEXT): test_suite_ecdsa.c $(DEP)
 	echo "  CC    $<"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
 
+test_suite_ecjpake$(EXEXT): test_suite_ecjpake.c $(DEP)
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
 test_suite_ecp$(EXEXT): test_suite_ecp.c $(DEP)
 	echo "  CC    $<"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@

tests/suites/test_suite_ecjpake.data

@@ -0,0 +1,2 @@
+ECJPAKE selftest
+ecjpake_selftest:

tests/suites/test_suite_ecjpake.function

@@ -0,0 +1,15 @@
+/* BEGIN_HEADER */
+#include "mbedtls/ecjpake.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECJPAKE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void ecjpake_selftest()
+{
+    TEST_ASSERT( mbedtls_ecjpake_self_test( 0 ) == 0 );
+}
+/* END_CASE */