mbed TLS v2.16.1
ecjpake.h
Go to the documentation of this file.
1 
6 /*
7  * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
8  * SPDX-License-Identifier: GPL-2.0
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation; either version 2 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License along
21  * with this program; if not, write to the Free Software Foundation, Inc.,
22  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23  *
24  * This file is part of mbed TLS (https://tls.mbed.org)
25  */
26 #ifndef MBEDTLS_ECJPAKE_H
27 #define MBEDTLS_ECJPAKE_H
28 
29 /*
30  * J-PAKE is a password-authenticated key exchange that allows deriving a
31  * strong shared secret from a (potentially low entropy) pre-shared
32  * passphrase, with forward secrecy and mutual authentication.
33  * https://en.wikipedia.org/wiki/Password_Authenticated_Key_Exchange_by_Juggling
34  *
35  * This file implements the Elliptic Curve variant of J-PAKE,
36  * as defined in Chapter 7.4 of the Thread v1.0 Specification,
37  * available to members of the Thread Group http://threadgroup.org/
38  *
39  * As the J-PAKE algorithm is inherently symmetric, so is our API.
40  * Each party needs to send its first round message, in any order, to the
41  * other party, then each sends its second round message, in any order.
42  * The payloads are serialized in a way suitable for use in TLS, but could
43  * also be use outside TLS.
44  */
45 #if !defined(MBEDTLS_CONFIG_FILE)
46 #include "config.h"
47 #else
48 #include MBEDTLS_CONFIG_FILE
49 #endif
50 
51 #include "ecp.h"
52 #include "md.h"
53 
54 #ifdef __cplusplus
55 extern "C" {
56 #endif
57 
61 typedef enum {
65 
66 #if !defined(MBEDTLS_ECJPAKE_ALT)
67 
79 {
96 
97 #else /* MBEDTLS_ECJPAKE_ALT */
98 #include "ecjpake_alt.h"
99 #endif /* MBEDTLS_ECJPAKE_ALT */
100 
108 
132  mbedtls_md_type_t hash,
133  mbedtls_ecp_group_id curve,
134  const unsigned char *secret,
135  size_t len );
136 
147 
168  unsigned char *buf, size_t len, size_t *olen,
169  int (*f_rng)(void *, unsigned char *, size_t),
170  void *p_rng );
171 
187  const unsigned char *buf,
188  size_t len );
189 
209  unsigned char *buf, size_t len, size_t *olen,
210  int (*f_rng)(void *, unsigned char *, size_t),
211  void *p_rng );
212 
227  const unsigned char *buf,
228  size_t len );
229 
249  unsigned char *buf, size_t len, size_t *olen,
250  int (*f_rng)(void *, unsigned char *, size_t),
251  void *p_rng );
252 
262 
263 #if defined(MBEDTLS_SELF_TEST)
264 
270 int mbedtls_ecjpake_self_test( int verbose );
271 
272 #endif /* MBEDTLS_SELF_TEST */
273 
274 #ifdef __cplusplus
275 }
276 #endif
277 
278 
279 #endif /* ecjpake.h */
mbedtls_mpi xm1
Definition: ecjpake.h:91
mbedtls_ecp_point Xp2
Definition: ecjpake.h:88
mbedtls_ecp_point Xp1
Definition: ecjpake.h:87
mbedtls_ecp_point Xm1
Definition: ecjpake.h:85
int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx)
Check if an ECJPAKE context is ready for use.
This file provides an API for Elliptic Curves over GF(P) (ECP).
const mbedtls_md_info_t * md_info
Definition: ecjpake.h:80
Configuration options (set of defines)
int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, mbedtls_ecjpake_role role, mbedtls_md_type_t hash, mbedtls_ecp_group_id curve, const unsigned char *secret, size_t len)
Set up an ECJPAKE context for use.
The ECP group structure.
Definition: ecp.h:175
mbedtls_ecp_point Xp
Definition: ecjpake.h:89
mbedtls_ecp_point Xm2
Definition: ecjpake.h:86
mbedtls_ecp_group grp
Definition: ecjpake.h:81
mbedtls_mpi xm2
Definition: ecjpake.h:92
void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx)
This clears an ECJPAKE context and frees any embedded data structure.
int mbedtls_ecjpake_self_test(int verbose)
Checkup routine.
int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the first round message (TLS: contents of the Client/ServerHello extension...
int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange).
mbedtls_ecjpake_role role
Definition: ecjpake.h:82
void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx)
Initialize an ECJPAKE context.
int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Derive the shared secret (TLS: Pre-Master Secret).
mbedtls_ecp_group_id
Definition: ecp.h:79
mbedtls_ecjpake_role
Definition: ecjpake.h:61
This file contains the generic message-digest wrapper.
struct mbedtls_ecjpake_context mbedtls_ecjpake_context
int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the first round message (TLS: contents of the Client/ServerHello extension...
MPI structure.
Definition: bignum.h:182
struct mbedtls_md_info_t mbedtls_md_info_t
Definition: md.h:82
The ECP point structure, in Jacobian coordinates.
Definition: ecp.h:126
int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the second round message (TLS: contents of the Client/ServerKeyExchange).
mbedtls_md_type_t
Supported message digests.
Definition: md.h:60