ECDH: Enable Everest Curve25519 in ECDH/ECDSA/ECP

commit: c9f737b4ba075435c6a27f6fff2631762a487c99 [log] [tgz]
author: Christoph M. Wintersteiger <cwinter@microsoft.com> Thu Oct 25 13:03:05 2018 +0100
committer: Janos Follath <janos.follath@arm.com> Mon Aug 19 13:36:44 2019 +0100
tree: a8d4e76f2be021ff104059a35d9a794262958744
parent: 696dedaed695a82a5f12f6af4150e2e458cde5a9 [diff]
diff --git a/library/ecdh.c b/library/ecdh.c
index eecae91..be36374 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c

@@ -47,6 +47,10 @@
 
 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
 typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed;
+#else
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+#include "everest/everest.h"
+#endif
 #endif
 
 static mbedtls_ecp_group_id mbedtls_ecdh_grp_id(
@@ -215,6 +219,11 @@
 #else
     switch( grp_id )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE25519:
+            return( mbedtls_everest_setup( ctx, grp_id ) );
+#endif
+            break;
         default:
             ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
             ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0;
@@ -266,6 +275,11 @@
 #else
     switch( ctx->var )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            mbedtls_everest_free( ctx );
+            break;
+#endif
         case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
             ecdh_free_internal( &ctx->ctx.mbed_ecdh );
             break;
@@ -331,7 +345,7 @@
 }
 
 /*
- * Setup and write the ServerKeyExhange parameters (RFC 4492)
+ * Setup and write the ServerKeyExchange parameters (RFC 4492)
  *      struct {
  *          ECParameters    curve_params;
  *          ECPoint         public;
@@ -360,6 +374,10 @@
 #else
     switch( ctx->var )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return( mbedtls_everest_make_params( ctx, olen, buf, blen, f_rng, p_rng ) );
+#endif
         case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
             return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen,
                                                ctx->point_format, buf, blen,
@@ -409,6 +427,10 @@
 #else
     switch( ctx->var )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return( mbedtls_everest_read_params( ctx, buf, end) );
+#endif
         case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
             return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh,
                                                buf, end ) );
@@ -473,6 +495,10 @@
 #else
     switch( ctx->var )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return( mbedtls_everest_get_params( ctx, key, side ) );
+#endif
         case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
             return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh,
                                               key, side ) );
@@ -544,6 +570,10 @@
 #else
     switch( ctx->var )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return( mbedtls_everest_make_public( ctx, olen, buf, blen, f_rng, p_rng ) );
+#endif
         case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
             return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen,
                                                ctx->point_format, buf, blen,
@@ -585,6 +615,10 @@
 #else
     switch( ctx->var )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return( mbedtls_everest_read_public( ctx, buf, blen ) );
+#endif
         case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
             return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh,
                                                        buf, blen ) );
@@ -667,6 +701,10 @@
 #else
     switch( ctx->var )
     {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return( mbedtls_everest_calc_secret( ctx, olen, buf, blen, f_rng, p_rng ) );
+#endif
         case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
             return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf,
                                                blen, f_rng, p_rng,

diff --git a/library/ecdsa.c b/library/ecdsa.c
index 58e1a5f..6411a5e 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c

@@ -263,8 +263,10 @@
     mbedtls_mpi *pk = &k, *pr = r;
 
     /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
-    if( grp->N.p == NULL )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+    if( grp->id == MBEDTLS_ECP_DP_CURVE25519 ||
+        grp->id == MBEDTLS_ECP_DP_CURVE448 ||
+        grp->N.p == NULL )
+        return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
 
     /* Make sure d is in range 1..n-1 */
     if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )

diff --git a/library/ecp.c b/library/ecp.c
index 3804047..1420f22 100644
--- a/library/ecp.c
+++ b/library/ecp.c

@@ -410,6 +410,9 @@
 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
     { MBEDTLS_ECP_DP_SECP192K1,    18,     192,    "secp192k1"         },
 #endif
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+    { MBEDTLS_ECP_DP_CURVE25519,   0x001D, 256,    "x25519"            },
+#endif
     { MBEDTLS_ECP_DP_NONE,          0,     0,      NULL                },
 };
commit	c9f737b4ba075435c6a27f6fff2631762a487c99	[log] [tgz]
author	Christoph M. Wintersteiger <cwinter@microsoft.com>	Thu Oct 25 13:03:05 2018 +0100
committer	Janos Follath <janos.follath@arm.com>	Mon Aug 19 13:36:44 2019 +0100
tree	a8d4e76f2be021ff104059a35d9a794262958744
parent	696dedaed695a82a5f12f6af4150e2e458cde5a9 [diff]