Mbed TLS v2.28.9
Loading...
Searching...
No Matches
ecjpake.h
Go to the documentation of this file.
1
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9 */
10#ifndef MBEDTLS_ECJPAKE_H
11#define MBEDTLS_ECJPAKE_H
12
13/*
14 * J-PAKE is a password-authenticated key exchange that allows deriving a
15 * strong shared secret from a (potentially low entropy) pre-shared
16 * passphrase, with forward secrecy and mutual authentication.
17 * https://en.wikipedia.org/wiki/Password_Authenticated_Key_Exchange_by_Juggling
18 *
19 * This file implements the Elliptic Curve variant of J-PAKE,
20 * as defined in Chapter 7.4 of the Thread v1.0 Specification,
21 * available to members of the Thread Group http://threadgroup.org/
22 *
23 * As the J-PAKE algorithm is inherently symmetric, so is our API.
24 * Each party needs to send its first round message, in any order, to the
25 * other party, then each sends its second round message, in any order.
26 * The payloads are serialized in a way suitable for use in TLS, but could
27 * also be use outside TLS.
28 */
29#if !defined(MBEDTLS_CONFIG_FILE)
30#include "mbedtls/config.h"
31#else
32#include MBEDTLS_CONFIG_FILE
33#endif
34
35#include "mbedtls/ecp.h"
36#include "mbedtls/md.h"
37
38#ifdef __cplusplus
39extern "C" {
40#endif
41
49
50#if !defined(MBEDTLS_ECJPAKE_ALT)
79
80#else /* MBEDTLS_ECJPAKE_ALT */
81#include "ecjpake_alt.h"
82#endif /* MBEDTLS_ECJPAKE_ALT */
83
91
117 const unsigned char *secret,
118 size_t len);
119
130
151 unsigned char *buf, size_t len, size_t *olen,
152 int (*f_rng)(void *, unsigned char *, size_t),
153 void *p_rng);
154
170 const unsigned char *buf,
171 size_t len);
172
192 unsigned char *buf, size_t len, size_t *olen,
193 int (*f_rng)(void *, unsigned char *, size_t),
194 void *p_rng);
195
210 const unsigned char *buf,
211 size_t len);
212
232 unsigned char *buf, size_t len, size_t *olen,
233 int (*f_rng)(void *, unsigned char *, size_t),
234 void *p_rng);
235
245
246#if defined(MBEDTLS_SELF_TEST)
247
254
255#endif /* MBEDTLS_SELF_TEST */
256
257#ifdef __cplusplus
258}
259#endif
260
261
262#endif /* ecjpake.h */
Configuration options (set of defines)
int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the first round message (TLS: contents of the Client/ServerHello extension,...
mbedtls_ecjpake_role
Definition ecjpake.h:45
@ MBEDTLS_ECJPAKE_CLIENT
Definition ecjpake.h:46
@ MBEDTLS_ECJPAKE_SERVER
Definition ecjpake.h:47
int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, mbedtls_ecjpake_role role, mbedtls_md_type_t hash, mbedtls_ecp_group_id curve, const unsigned char *secret, size_t len)
Set up an ECJPAKE context for use.
struct mbedtls_ecjpake_context mbedtls_ecjpake_context
void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx)
Initialize an ECJPAKE context.
int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Derive the shared secret (TLS: Pre-Master Secret).
int mbedtls_ecjpake_self_test(int verbose)
Checkup routine.
int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx)
Check if an ECJPAKE context is ready for use.
int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the first round message (TLS: contents of the Client/ServerHello extension,...
void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx)
This clears an ECJPAKE context and frees any embedded data structure.
This file provides an API for Elliptic Curves over GF(P) (ECP).
mbedtls_ecp_group_id
Definition ecp.h:113
This file contains the generic message-digest wrapper.
mbedtls_md_type_t
Supported message digests.
Definition md.h:50
struct mbedtls_md_info_t mbedtls_md_info_t
Definition md.h:78
const mbedtls_md_info_t * md_info
Definition ecjpake.h:63
mbedtls_ecp_point Xp1
Definition ecjpake.h:70
mbedtls_ecjpake_role role
Definition ecjpake.h:65
mbedtls_ecp_point Xm2
Definition ecjpake.h:69
mbedtls_ecp_point Xp2
Definition ecjpake.h:71
mbedtls_ecp_point Xp
Definition ecjpake.h:72
mbedtls_ecp_group grp
Definition ecjpake.h:64
mbedtls_ecp_point Xm1
Definition ecjpake.h:68
The ECP group structure.
Definition ecp.h:270
The ECP point structure, in Jacobian coordinates.
Definition ecp.h:167
MPI structure.
Definition bignum.h:196