Merge pull request #5725 from tom-daubney-arm/x25519_program

Rewrite x25519 example program
This commit is contained in:
Gilles Peskine 2022-05-31 11:27:22 +02:00 committed by GitHub
commit f940693960
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 63 additions and 73 deletions

View File

@ -0,0 +1,4 @@
Bugfix
* Fix a bug in x25519 example program where the removal of
MBEDTLS_ECDH_LEGACY_CONTEXT caused the program not to run. Fixes #4901 and
#3191.

View File

@ -30,12 +30,12 @@
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */
#if !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDH_LEGACY_CONTEXT) || \
#if !defined(MBEDTLS_ECDH_C) || \
!defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
mbedtls_printf( "MBEDTLS_ECDH_C and/or MBEDTLS_ECDH_LEGACY_CONTEXT and/or "
mbedtls_printf( "MBEDTLS_ECDH_C and/or "
"MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or "
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
"not defined\n" );
@ -47,6 +47,8 @@ int main( void )
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/ecdh.h"
#include <string.h>
int main( int argc, char *argv[] )
{
@ -55,8 +57,15 @@ int main( int argc, char *argv[] )
mbedtls_ecdh_context ctx_cli, ctx_srv;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
unsigned char cli_to_srv[32], srv_to_cli[32];
unsigned char cli_to_srv[36], srv_to_cli[33];
const char pers[] = "ecdh";
size_t srv_olen;
size_t cli_olen;
unsigned char secret_cli[32] = { 0 };
unsigned char secret_srv[32] = { 0 };
const unsigned char *p_cli_to_srv = cli_to_srv;
((void) argc);
((void) argv);
@ -67,15 +76,17 @@ int main( int argc, char *argv[] )
/*
* Initialize random number generation
*/
mbedtls_printf( " . Seeding the random number generator..." );
mbedtls_printf( " . Seed the random number generator..." );
fflush( stdout );
mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers,
sizeof pers ) ) != 0 )
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
&entropy,
(const unsigned char *) pers,
sizeof pers ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n",
ret );
goto exit;
}
@ -84,28 +95,23 @@ int main( int argc, char *argv[] )
/*
* Client: initialize context and generate keypair
*/
mbedtls_printf( " . Setting up client context..." );
mbedtls_printf( " . Set up client context, generate EC key pair..." );
fflush( stdout );
ret = mbedtls_ecp_group_load( &ctx_cli.MBEDTLS_PRIVATE(grp), MBEDTLS_ECP_DP_CURVE25519 );
ret = mbedtls_ecdh_setup( &ctx_cli, MBEDTLS_ECP_DP_CURVE25519 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ecdh_setup returned %d\n", ret );
goto exit;
}
ret = mbedtls_ecdh_gen_public( &ctx_cli.MBEDTLS_PRIVATE(grp), &ctx_cli.MBEDTLS_PRIVATE(d), &ctx_cli.MBEDTLS_PRIVATE(Q),
mbedtls_ctr_drbg_random, &ctr_drbg );
ret = mbedtls_ecdh_make_params( &ctx_cli, &cli_olen, cli_to_srv,
sizeof( cli_to_srv ),
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_gen_public returned %d\n", ret );
goto exit;
}
ret = mbedtls_mpi_write_binary( &ctx_cli.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), cli_to_srv, 32 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ecdh_make_params returned %d\n",
ret );
goto exit;
}
@ -114,90 +120,70 @@ int main( int argc, char *argv[] )
/*
* Server: initialize context and generate keypair
*/
mbedtls_printf( " . Setting up server context..." );
mbedtls_printf( " . Server: read params, generate public key..." );
fflush( stdout );
ret = mbedtls_ecp_group_load( &ctx_srv.MBEDTLS_PRIVATE(grp), MBEDTLS_ECP_DP_CURVE25519 );
ret = mbedtls_ecdh_read_params( &ctx_srv, &p_cli_to_srv,
p_cli_to_srv + sizeof( cli_to_srv ) );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ecdh_read_params returned %d\n",
ret );
goto exit;
}
ret = mbedtls_ecdh_gen_public( &ctx_srv.MBEDTLS_PRIVATE(grp), &ctx_srv.MBEDTLS_PRIVATE(d), &ctx_srv.MBEDTLS_PRIVATE(Q),
mbedtls_ctr_drbg_random, &ctr_drbg );
ret = mbedtls_ecdh_make_public( &ctx_srv, &srv_olen, srv_to_cli,
sizeof( srv_to_cli ),
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_gen_public returned %d\n", ret );
goto exit;
}
ret = mbedtls_mpi_write_binary( &ctx_srv.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), srv_to_cli, 32 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ecdh_make_public returned %d\n",
ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* Server: read peer's key and generate shared secret
* Client: read public key
*/
mbedtls_printf( " . Server reading client key and computing secret..." );
mbedtls_printf( " . Client: read public key..." );
fflush( stdout );
ret = mbedtls_mpi_lset( &ctx_srv.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(Z), 1 );
ret = mbedtls_ecdh_read_public( &ctx_cli, srv_to_cli,
sizeof( srv_to_cli ) );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret );
goto exit;
}
ret = mbedtls_mpi_read_binary( &ctx_srv.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(X), cli_to_srv, 32 );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret );
goto exit;
}
ret = mbedtls_ecdh_compute_shared( &ctx_srv.MBEDTLS_PRIVATE(grp), &ctx_srv.MBEDTLS_PRIVATE(z),
&ctx_srv.MBEDTLS_PRIVATE(Qp), &ctx_srv.MBEDTLS_PRIVATE(d),
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ecdh_read_public returned %d\n",
ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* Client: read peer's key and generate shared secret
* Calculate secrets
*/
mbedtls_printf( " . Client reading server key and computing secret..." );
mbedtls_printf( " . Calculate secrets..." );
fflush( stdout );
ret = mbedtls_mpi_lset( &ctx_cli.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(Z), 1 );
ret = mbedtls_ecdh_calc_secret( &ctx_cli, &cli_olen, secret_cli,
sizeof( secret_cli ),
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ecdh_calc_secret returned %d\n",
ret );
goto exit;
}
ret = mbedtls_mpi_read_binary( &ctx_cli.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(X), srv_to_cli, 32 );
ret = mbedtls_ecdh_calc_secret( &ctx_srv, &srv_olen, secret_srv,
sizeof( secret_srv ),
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret );
goto exit;
}
ret = mbedtls_ecdh_compute_shared( &ctx_cli.MBEDTLS_PRIVATE(grp), &ctx_cli.MBEDTLS_PRIVATE(z),
&ctx_cli.MBEDTLS_PRIVATE(Qp), &ctx_cli.MBEDTLS_PRIVATE(d),
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ecdh_calc_secret returned %d\n",
ret );
goto exit;
}
@ -206,13 +192,13 @@ int main( int argc, char *argv[] )
/*
* Verification: are the computed secrets equal?
*/
mbedtls_printf( " . Checking if both computed secrets are equal..." );
mbedtls_printf( " . Check if both calculated secrets are equal..." );
fflush( stdout );
ret = mbedtls_mpi_cmp_mpi( &ctx_cli.MBEDTLS_PRIVATE(z), &ctx_srv.MBEDTLS_PRIVATE(z) );
if( ret != 0 )
ret = memcmp( secret_srv, secret_cli, srv_olen );
if( ret != 0 || ( cli_olen != srv_olen ) )
{
mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret );
mbedtls_printf( " failed\n ! Shared secrets not equal.\n" );
goto exit;
}