mbed TLS v2.6.0
Data Structures | Enumerations | Functions
ecdh.h File Reference

Elliptic curve Diffie-Hellman. More...

#include "ecp.h"
Include dependency graph for ecdh.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  mbedtls_ecdh_context
 ECDH context structure. More...
 

Enumerations

enum  mbedtls_ecdh_side { MBEDTLS_ECDH_OURS, MBEDTLS_ECDH_THEIRS }
 When importing from an EC key, select if it is our key or the peer's key. More...
 

Functions

int mbedtls_ecdh_gen_public (mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate a public key. More...
 
int mbedtls_ecdh_compute_shared (mbedtls_ecp_group *grp, mbedtls_mpi *z, const mbedtls_ecp_point *Q, const mbedtls_mpi *d, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Compute shared secret Raw function that only does the core computation. More...
 
void mbedtls_ecdh_init (mbedtls_ecdh_context *ctx)
 Initialize context. More...
 
void mbedtls_ecdh_free (mbedtls_ecdh_context *ctx)
 Free context. More...
 
int mbedtls_ecdh_make_params (mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate a public key and a TLS ServerKeyExchange payload. More...
 
int mbedtls_ecdh_read_params (mbedtls_ecdh_context *ctx, const unsigned char **buf, const unsigned char *end)
 Parse and procress a TLS ServerKeyExhange payload. More...
 
int mbedtls_ecdh_get_params (mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side)
 Setup an ECDH context from an EC key. More...
 
int mbedtls_ecdh_make_public (mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate a public key and a TLS ClientKeyExchange payload. More...
 
int mbedtls_ecdh_read_public (mbedtls_ecdh_context *ctx, const unsigned char *buf, size_t blen)
 Parse and process a TLS ClientKeyExchange payload. More...
 
int mbedtls_ecdh_calc_secret (mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Derive and export the shared secret. More...
 

Detailed Description

Elliptic curve Diffie-Hellman.

Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: GPL-2.0

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

This file is part of mbed TLS (https://tls.mbed.org)

Definition in file ecdh.h.

Enumeration Type Documentation

When importing from an EC key, select if it is our key or the peer's key.

Enumerator
MBEDTLS_ECDH_OURS 
MBEDTLS_ECDH_THEIRS 

Definition at line 37 of file ecdh.h.

Function Documentation

int mbedtls_ecdh_calc_secret ( mbedtls_ecdh_context ctx,
size_t *  olen,
unsigned char *  buf,
size_t  blen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Derive and export the shared secret.

(Last function used by both TLS client en servers.)

Parameters
ctxECDH context
olennumber of bytes written
bufdestination buffer
blenbuffer length
f_rngRNG function, see notes for mbedtls_ecdh_compute_shared()
p_rngRNG parameter
Returns
0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
int mbedtls_ecdh_compute_shared ( mbedtls_ecp_group grp,
mbedtls_mpi z,
const mbedtls_ecp_point Q,
const mbedtls_mpi d,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Compute shared secret Raw function that only does the core computation.

Parameters
grpECP group
zDestination MPI (shared secret)
QPublic key from other party
dOur secret exponent (private key)
f_rngRNG function (see notes)
p_rngRNG parameter
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
Note
If f_rng is not NULL, it is used to implement countermeasures against potential elaborate timing attacks, see mbedtls_ecp_mul() for details.
void mbedtls_ecdh_free ( mbedtls_ecdh_context ctx)

Free context.

Parameters
ctxContext to free
int mbedtls_ecdh_gen_public ( mbedtls_ecp_group grp,
mbedtls_mpi d,
mbedtls_ecp_point Q,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Generate a public key.

Raw function that only does the core computation.

Parameters
grpECP group
dDestination MPI (secret exponent, aka private key)
QDestination point (public key)
f_rngRNG function
p_rngRNG parameter
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
int mbedtls_ecdh_get_params ( mbedtls_ecdh_context ctx,
const mbedtls_ecp_keypair key,
mbedtls_ecdh_side  side 
)

Setup an ECDH context from an EC key.

(Used by clients and servers in place of the ServerKeyEchange for static ECDH: import ECDH parameters from a certificate's EC key information.)

Parameters
ctxECDH constext to set
keyEC key to use
sideIs it our key (1) or the peer's key (0) ?
Returns
0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
void mbedtls_ecdh_init ( mbedtls_ecdh_context ctx)

Initialize context.

Parameters
ctxContext to initialize
int mbedtls_ecdh_make_params ( mbedtls_ecdh_context ctx,
size_t *  olen,
unsigned char *  buf,
size_t  blen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Generate a public key and a TLS ServerKeyExchange payload.

(First function used by a TLS server for ECDHE.)

Parameters
ctxECDH context
olennumber of chars written
bufdestination buffer
blenlength of buffer
f_rngRNG function
p_rngRNG parameter
Note
This function assumes that ctx->grp has already been properly set (for example using mbedtls_ecp_group_load).
Returns
0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
int mbedtls_ecdh_make_public ( mbedtls_ecdh_context ctx,
size_t *  olen,
unsigned char *  buf,
size_t  blen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Generate a public key and a TLS ClientKeyExchange payload.

(Second function used by a TLS client for ECDH(E).)

Parameters
ctxECDH context
olennumber of bytes actually written
bufdestination buffer
blensize of destination buffer
f_rngRNG function
p_rngRNG parameter
Returns
0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
int mbedtls_ecdh_read_params ( mbedtls_ecdh_context ctx,
const unsigned char **  buf,
const unsigned char *  end 
)

Parse and procress a TLS ServerKeyExhange payload.

(First function used by a TLS client for ECDHE.)

Parameters
ctxECDH context
bufpointer to start of input buffer
endone past end of buffer
Returns
0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
int mbedtls_ecdh_read_public ( mbedtls_ecdh_context ctx,
const unsigned char *  buf,
size_t  blen 
)

Parse and process a TLS ClientKeyExchange payload.

(Second function used by a TLS server for ECDH(E).)

Parameters
ctxECDH context
bufstart of input buffer
blenlength of input buffer
Returns
0 if successful, or an MBEDTLS_ERR_ECP_XXX error code