lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-07 06:42:56 +03:00
Code Activity

Made supported curves configurable

Browse Source
This commit is contained in:
Paul Bakker
2013-06-29 23:26:34 +02:00
parent e2ab84f4a1
commit 5dc6b5fb05
6 changed files with 141 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
library/ecp.c
View File

@@ -352,6 +352,7 @@ cleanup:
return( ret );
}
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
/*
* 192 bits in terms of t_uint
*/
@@ -425,7 +426,9 @@ static int ecp_mod_p192( mpi *N )
cleanup:
return( ret );
}
#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */
#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
/*
* Size of p521 in terms of t_uint
*/
@@ -467,6 +470,7 @@ static int ecp_mod_p521( mpi *N )
cleanup:
return( ret );
}
#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */
/*
* Domain parameters for secp192r1
@@ -562,32 +566,42 @@ int ecp_use_known_dp( ecp_group *grp, ecp_group_id id )
switch( id )
{
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
case POLARSSL_ECP_DP_SECP192R1:
grp->modp = ecp_mod_p192;
return( ecp_group_read_string( grp, 16,
SECP192R1_P, SECP192R1_B,
SECP192R1_GX, SECP192R1_GY, SECP192R1_N ) );
#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */
#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
case POLARSSL_ECP_DP_SECP224R1:
return( ecp_group_read_string( grp, 16,
SECP224R1_P, SECP224R1_B,
SECP224R1_GX, SECP224R1_GY, SECP224R1_N ) );
#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */
#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
case POLARSSL_ECP_DP_SECP256R1:
return( ecp_group_read_string( grp, 16,
SECP256R1_P, SECP256R1_B,
SECP256R1_GX, SECP256R1_GY, SECP256R1_N ) );
#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */
#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
case POLARSSL_ECP_DP_SECP384R1:
return( ecp_group_read_string( grp, 16,
SECP384R1_P, SECP384R1_B,
SECP384R1_GX, SECP384R1_GY, SECP384R1_N ) );
#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */
#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
case POLARSSL_ECP_DP_SECP521R1:
grp->modp = ecp_mod_p521;
return( ecp_group_read_string( grp, 16,
SECP521R1_P, SECP521R1_B,
SECP521R1_GX, SECP521R1_GY, SECP521R1_N ) );
#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */
}
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
@@ -1311,7 +1325,27 @@ int ecp_self_test( int verbose )
ecp_point_init( &R );
mpi_init( &m );
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP192R1 ) );
#else
#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP224R1 ) );
#else
#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP256R1 ) );
#else
#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP384R1 ) );
#else
#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP521R1 ) );
#else
#error No curves defines
#endif /* POLARSSL_ECP_DP_SECP512R1_ENABLED */
#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */
#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */
#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */
#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */
if( verbose != 0 )
printf( " ECP test #1 (SPA resistance): " );

13
library/ssl_cli.c
View File

@@ -200,16 +200,29 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,
SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );
#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP521R1;
#endif
#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP384R1;
#endif
#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP256R1;
#endif
#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP224R1;
#endif
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP192R1;
#endif
if( elliptic_curve_len == 0 )
return;
*p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) & 0xFF );

37
library/ssl_srv.c
View File

@@ -213,16 +213,41 @@ static int ssl_parse_supported_elliptic_curves( ssl_context *ssl,
p = buf + 2;
while( list_size > 0 )
{
if( p[0] == 0x00 && (
p[1] == POLARSSL_ECP_DP_SECP192R1 ||
p[1] == POLARSSL_ECP_DP_SECP224R1 ||
p[1] == POLARSSL_ECP_DP_SECP256R1 ||
p[1] == POLARSSL_ECP_DP_SECP384R1 ||
p[1] == POLARSSL_ECP_DP_SECP521R1 ) )
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
if( p[0] == 0x00 && p[1] == POLARSSL_ECP_DP_SECP192R1 )
{
ssl->handshake->ec_curve = p[1];
return( 0 );
}
#endif
#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
if( p[0] == 0x00 && p[1] == POLARSSL_ECP_DP_SECP224R1 )
{
ssl->handshake->ec_curve = p[1];
return( 0 );
}
#endif
#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
if( p[0] == 0x00 && p[1] == POLARSSL_ECP_DP_SECP256R1 )
{
ssl->handshake->ec_curve = p[1];
return( 0 );
}
#endif
#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
if( p[0] == 0x00 && p[1] == POLARSSL_ECP_DP_SECP384R1 )
{
ssl->handshake->ec_curve = p[1];
return( 0 );
}
#endif
#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
if( p[0] == 0x00 && p[1] == POLARSSL_ECP_DP_SECP521R1 )
{
ssl->handshake->ec_curve = p[1];
return( 0 );
}
#endif
list_size -= 2;
p += 2;