mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-04-01 04:20:45 +00:00
Move FFDH helper functions and macros to more suitable locations
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel
parent
63706628d0
commit
e7db09bede
@ -92,20 +92,6 @@
|
|||||||
/** Setting the modulus and generator failed. */
|
/** Setting the modulus and generator failed. */
|
||||||
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
|
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
|
||||||
|
|
||||||
/* Finite Field Groups (DHE) */
|
|
||||||
#define MBEDTLS_DHM_GROUP_FFDHE2048 0x0100
|
|
||||||
#define MBEDTLS_DHM_GROUP_FFDHE3072 0x0101
|
|
||||||
#define MBEDTLS_DHM_GROUP_FFDHE4096 0x0102
|
|
||||||
#define MBEDTLS_DHM_GROUP_FFDHE6144 0x0103
|
|
||||||
#define MBEDTLS_DHM_GROUP_FFDHE8192 0x0104
|
|
||||||
|
|
||||||
/* Finite Field Group Names (DHE) */
|
|
||||||
#define MBEDTLS_DHM_GROUP_NAME_FFDHE2048 "ffdhe2048"
|
|
||||||
#define MBEDTLS_DHM_GROUP_NAME_FFDHE3072 "ffdhe3072"
|
|
||||||
#define MBEDTLS_DHM_GROUP_NAME_FFDHE4096 "ffdhe4096"
|
|
||||||
#define MBEDTLS_DHM_GROUP_NAME_FFDHE6144 "ffdhe6144"
|
|
||||||
#define MBEDTLS_DHM_GROUP_NAME_FFDHE8192 "ffdhe8192"
|
|
||||||
|
|
||||||
/** Which parameter to access in mbedtls_dhm_get_value(). */
|
/** Which parameter to access in mbedtls_dhm_get_value(). */
|
||||||
typedef enum {
|
typedef enum {
|
||||||
MBEDTLS_DHM_PARAM_P, /*!< The prime modulus. */
|
MBEDTLS_DHM_PARAM_P, /*!< The prime modulus. */
|
||||||
@ -392,55 +378,6 @@ int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path);
|
|||||||
#endif /* MBEDTLS_FS_IO */
|
#endif /* MBEDTLS_FS_IO */
|
||||||
#endif /* MBEDTLS_ASN1_PARSE_C */
|
#endif /* MBEDTLS_ASN1_PARSE_C */
|
||||||
|
|
||||||
static inline uint16_t mbedtls_ssl_ffdh_group_from_name(const char *name)
|
|
||||||
{
|
|
||||||
if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE2048) == 0) {
|
|
||||||
return MBEDTLS_DHM_GROUP_FFDHE2048;
|
|
||||||
} else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE3072) == 0) {
|
|
||||||
return MBEDTLS_DHM_GROUP_FFDHE3072;
|
|
||||||
} else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE4096) == 0) {
|
|
||||||
return MBEDTLS_DHM_GROUP_FFDHE4096;
|
|
||||||
} else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE6144) == 0) {
|
|
||||||
return MBEDTLS_DHM_GROUP_FFDHE6144;
|
|
||||||
} else if (strcmp(name, MBEDTLS_DHM_GROUP_NAME_FFDHE8192) == 0) {
|
|
||||||
return MBEDTLS_DHM_GROUP_FFDHE8192;
|
|
||||||
}
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline const char *mbedtls_ssl_ffdh_name_from_group(uint16_t group)
|
|
||||||
{
|
|
||||||
switch (group) {
|
|
||||||
case MBEDTLS_DHM_GROUP_FFDHE2048:
|
|
||||||
return MBEDTLS_DHM_GROUP_NAME_FFDHE2048;
|
|
||||||
case MBEDTLS_DHM_GROUP_FFDHE3072:
|
|
||||||
return MBEDTLS_DHM_GROUP_NAME_FFDHE3072;
|
|
||||||
case MBEDTLS_DHM_GROUP_FFDHE4096:
|
|
||||||
return MBEDTLS_DHM_GROUP_NAME_FFDHE4096;
|
|
||||||
case MBEDTLS_DHM_GROUP_FFDHE6144:
|
|
||||||
return MBEDTLS_DHM_GROUP_NAME_FFDHE6144;
|
|
||||||
case MBEDTLS_DHM_GROUP_FFDHE8192:
|
|
||||||
return MBEDTLS_DHM_GROUP_NAME_FFDHE8192;
|
|
||||||
default:
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline uint16_t *mbedtls_ssl_ffdh_supported_groups(void)
|
|
||||||
{
|
|
||||||
static uint16_t ffdh_groups[] = {
|
|
||||||
MBEDTLS_DHM_GROUP_FFDHE2048,
|
|
||||||
MBEDTLS_DHM_GROUP_FFDHE3072,
|
|
||||||
MBEDTLS_DHM_GROUP_FFDHE4096,
|
|
||||||
MBEDTLS_DHM_GROUP_FFDHE6144,
|
|
||||||
MBEDTLS_DHM_GROUP_FFDHE8192,
|
|
||||||
0
|
|
||||||
};
|
|
||||||
|
|
||||||
return ffdh_groups;
|
|
||||||
}
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SELF_TEST)
|
#if defined(MBEDTLS_SELF_TEST)
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -280,30 +280,6 @@ static inline int mbedtls_psa_get_ecc_oid_from_id(
|
|||||||
#define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \
|
#define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \
|
||||||
PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS)
|
PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS)
|
||||||
|
|
||||||
static inline psa_key_type_t mbedtls_psa_parse_tls_ffdh_group(
|
|
||||||
uint16_t tls_ecc_grp_reg_id, size_t *bits)
|
|
||||||
{
|
|
||||||
switch (tls_ecc_grp_reg_id) {
|
|
||||||
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:
|
|
||||||
*bits = 2048;
|
|
||||||
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
|
||||||
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:
|
|
||||||
*bits = 3072;
|
|
||||||
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
|
||||||
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:
|
|
||||||
*bits = 4096;
|
|
||||||
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
|
||||||
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:
|
|
||||||
*bits = 6144;
|
|
||||||
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
|
||||||
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:
|
|
||||||
*bits = 8192;
|
|
||||||
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
|
||||||
default:
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Expose whatever RNG the PSA subsystem uses to applications using the
|
/* Expose whatever RNG the PSA subsystem uses to applications using the
|
||||||
* mbedtls_xxx API. The declarations and definitions here need to be
|
* mbedtls_xxx API. The declarations and definitions here need to be
|
||||||
* consistent with the implementation in library/psa_crypto_random_impl.h.
|
* consistent with the implementation in library/psa_crypto_random_impl.h.
|
||||||
|
|||||||
@ -221,6 +221,12 @@
|
|||||||
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096 0x0102
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096 0x0102
|
||||||
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144 0x0103
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144 0x0103
|
||||||
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192 0x0104
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192 0x0104
|
||||||
|
/* Finite Field Group Names (DHE) */
|
||||||
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE2048 "ffdhe2048"
|
||||||
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE3072 "ffdhe3072"
|
||||||
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE4096 "ffdhe4096"
|
||||||
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE6144 "ffdhe6144"
|
||||||
|
#define MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE8192 "ffdhe8192"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* TLS 1.3 Key Exchange Modes
|
* TLS 1.3 Key Exchange Modes
|
||||||
@ -5333,4 +5339,23 @@ int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
static inline const char *mbedtls_ssl_ffdh_name_from_group(uint16_t group)
|
||||||
|
{
|
||||||
|
switch (group) {
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE2048;
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE3072;
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE4096;
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE6144;
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE8192;
|
||||||
|
default:
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* ssl.h */
|
#endif /* ssl.h */
|
||||||
|
|||||||
@ -1572,6 +1572,30 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
|
|||||||
#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */
|
#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_FFDH)
|
#if defined(PSA_WANT_ALG_FFDH)
|
||||||
|
static psa_key_type_t mbedtls_psa_parse_tls_ffdh_group(
|
||||||
|
uint16_t tls_ecc_grp_reg_id, size_t *bits)
|
||||||
|
{
|
||||||
|
switch (tls_ecc_grp_reg_id) {
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:
|
||||||
|
*bits = 2048;
|
||||||
|
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:
|
||||||
|
*bits = 3072;
|
||||||
|
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:
|
||||||
|
*bits = 4096;
|
||||||
|
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:
|
||||||
|
*bits = 6144;
|
||||||
|
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
||||||
|
case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:
|
||||||
|
*bits = 8192;
|
||||||
|
return PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919);
|
||||||
|
default:
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
int mbedtls_ssl_tls13_generate_and_write_dhe_key_exchange(
|
int mbedtls_ssl_tls13_generate_and_write_dhe_key_exchange(
|
||||||
mbedtls_ssl_context *ssl,
|
mbedtls_ssl_context *ssl,
|
||||||
uint16_t named_group,
|
uint16_t named_group,
|
||||||
|
|||||||
@ -449,4 +449,34 @@ void test_hooks_free(void)
|
|||||||
|
|
||||||
#endif /* MBEDTLS_TEST_HOOKS */
|
#endif /* MBEDTLS_TEST_HOOKS */
|
||||||
|
|
||||||
|
uint16_t mbedtls_ssl_ffdh_group_from_name(const char *name)
|
||||||
|
{
|
||||||
|
if (strcmp(name, MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE2048) == 0) {
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048;
|
||||||
|
} else if (strcmp(name, MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE3072) == 0) {
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072;
|
||||||
|
} else if (strcmp(name, MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE4096) == 0) {
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096;
|
||||||
|
} else if (strcmp(name, MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE6144) == 0) {
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144;
|
||||||
|
} else if (strcmp(name, MBEDTLS_SSL_IANA_TLS_GROUP_NAME_FFDHE8192) == 0) {
|
||||||
|
return MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
uint16_t *mbedtls_ssl_ffdh_supported_groups(void)
|
||||||
|
{
|
||||||
|
static uint16_t ffdh_groups[] = {
|
||||||
|
MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048,
|
||||||
|
MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072,
|
||||||
|
MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096,
|
||||||
|
MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144,
|
||||||
|
MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192,
|
||||||
|
0
|
||||||
|
};
|
||||||
|
|
||||||
|
return ffdh_groups;
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
|
#endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
|
||||||
|
|||||||
@ -307,5 +307,9 @@ void test_hooks_free(void);
|
|||||||
|
|
||||||
#endif /* !MBEDTLS_TEST_HOOKS */
|
#endif /* !MBEDTLS_TEST_HOOKS */
|
||||||
|
|
||||||
|
/* Helper functions for FFDH groups. */
|
||||||
|
uint16_t mbedtls_ssl_ffdh_group_from_name(const char *name);
|
||||||
|
uint16_t *mbedtls_ssl_ffdh_supported_groups(void);
|
||||||
|
|
||||||
#endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */
|
#endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */
|
||||||
#endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */
|
#endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user