mbed TLS v2.2.0
|
Elliptic curve Diffie-Hellman.
Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This file is part of mbed TLS (https://tls.mbed.org)
Definition in file ecdh.h.
#include "ecp.h"
Go to the source code of this file.
Data Structures | |
struct | mbedtls_ecdh_context |
ECDH context structure. More... | |
Enumerations | |
enum | mbedtls_ecdh_side { MBEDTLS_ECDH_OURS, MBEDTLS_ECDH_THEIRS } |
When importing from an EC key, select if it is our key or the peer's key. More... | |
Functions | |
int | mbedtls_ecdh_gen_public (mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Generate a public key. More... | |
int | mbedtls_ecdh_compute_shared (mbedtls_ecp_group *grp, mbedtls_mpi *z, const mbedtls_ecp_point *Q, const mbedtls_mpi *d, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Compute shared secret Raw function that only does the core computation. More... | |
void | mbedtls_ecdh_init (mbedtls_ecdh_context *ctx) |
Initialize context. More... | |
void | mbedtls_ecdh_free (mbedtls_ecdh_context *ctx) |
Free context. More... | |
int | mbedtls_ecdh_make_params (mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Generate a public key and a TLS ServerKeyExchange payload. More... | |
int | mbedtls_ecdh_read_params (mbedtls_ecdh_context *ctx, const unsigned char **buf, const unsigned char *end) |
Parse and procress a TLS ServerKeyExhange payload. More... | |
int | mbedtls_ecdh_get_params (mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side) |
Setup an ECDH context from an EC key. More... | |
int | mbedtls_ecdh_make_public (mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Generate a public key and a TLS ClientKeyExchange payload. More... | |
int | mbedtls_ecdh_read_public (mbedtls_ecdh_context *ctx, const unsigned char *buf, size_t blen) |
Parse and process a TLS ClientKeyExchange payload. More... | |
int | mbedtls_ecdh_calc_secret (mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Derive and export the shared secret. More... | |
enum mbedtls_ecdh_side |
int mbedtls_ecdh_calc_secret | ( | mbedtls_ecdh_context * | ctx, |
size_t * | olen, | ||
unsigned char * | buf, | ||
size_t | blen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Derive and export the shared secret.
(Last function used by both TLS client en servers.)
ctx | ECDH context |
olen | number of bytes written |
buf | destination buffer |
blen | buffer length |
f_rng | RNG function, see notes for mbedtls_ecdh_compute_shared() |
p_rng | RNG parameter |
int mbedtls_ecdh_compute_shared | ( | mbedtls_ecp_group * | grp, |
mbedtls_mpi * | z, | ||
const mbedtls_ecp_point * | Q, | ||
const mbedtls_mpi * | d, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Compute shared secret Raw function that only does the core computation.
grp | ECP group |
z | Destination MPI (shared secret) |
Q | Public key from other party |
d | Our secret exponent (private key) |
f_rng | RNG function (see notes) |
p_rng | RNG parameter |
mbedtls_ecp_mul()
for details. void mbedtls_ecdh_free | ( | mbedtls_ecdh_context * | ctx | ) |
Free context.
ctx | Context to free |
int mbedtls_ecdh_gen_public | ( | mbedtls_ecp_group * | grp, |
mbedtls_mpi * | d, | ||
mbedtls_ecp_point * | Q, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Generate a public key.
Raw function that only does the core computation.
grp | ECP group |
d | Destination MPI (secret exponent, aka private key) |
Q | Destination point (public key) |
f_rng | RNG function |
p_rng | RNG parameter |
int mbedtls_ecdh_get_params | ( | mbedtls_ecdh_context * | ctx, |
const mbedtls_ecp_keypair * | key, | ||
mbedtls_ecdh_side | side | ||
) |
Setup an ECDH context from an EC key.
(Used by clients and servers in place of the ServerKeyEchange for static ECDH: import ECDH parameters from a certificate's EC key information.)
ctx | ECDH constext to set |
key | EC key to use |
side | Is it our key (1) or the peer's key (0) ? |
void mbedtls_ecdh_init | ( | mbedtls_ecdh_context * | ctx | ) |
Initialize context.
ctx | Context to initialize |
int mbedtls_ecdh_make_params | ( | mbedtls_ecdh_context * | ctx, |
size_t * | olen, | ||
unsigned char * | buf, | ||
size_t | blen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Generate a public key and a TLS ServerKeyExchange payload.
(First function used by a TLS server for ECDHE.)
ctx | ECDH context |
olen | number of chars written |
buf | destination buffer |
blen | length of buffer |
f_rng | RNG function |
p_rng | RNG parameter |
int mbedtls_ecdh_make_public | ( | mbedtls_ecdh_context * | ctx, |
size_t * | olen, | ||
unsigned char * | buf, | ||
size_t | blen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Generate a public key and a TLS ClientKeyExchange payload.
(Second function used by a TLS client for ECDH(E).)
ctx | ECDH context |
olen | number of bytes actually written |
buf | destination buffer |
blen | size of destination buffer |
f_rng | RNG function |
p_rng | RNG parameter |
int mbedtls_ecdh_read_params | ( | mbedtls_ecdh_context * | ctx, |
const unsigned char ** | buf, | ||
const unsigned char * | end | ||
) |
Parse and procress a TLS ServerKeyExhange payload.
(First function used by a TLS client for ECDHE.)
ctx | ECDH context |
buf | pointer to start of input buffer |
end | one past end of buffer |
int mbedtls_ecdh_read_public | ( | mbedtls_ecdh_context * | ctx, |
const unsigned char * | buf, | ||
size_t | blen | ||
) |
Parse and process a TLS ClientKeyExchange payload.
(Second function used by a TLS server for ECDH(E).)
ctx | ECDH context |
buf | start of input buffer |
blen | length of input buffer |