xref: /optee_os/lib/libmbedtls/mbedtls/library/dhm.c

121 void mbedtls_dhm_init( mbedtls_dhm_context *ctx )  in mbedtls_dhm_init()  argument
123     DHM_VALIDATE( ctx != NULL );  in mbedtls_dhm_init()
124     memset( ctx, 0, sizeof( mbedtls_dhm_context ) );  in mbedtls_dhm_init()
130 int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,  in mbedtls_dhm_read_params()  argument
135     DHM_VALIDATE_RET( ctx != NULL );  in mbedtls_dhm_read_params()
139     if( ( ret = dhm_read_bignum( &ctx->P,  p, end ) ) != 0 ||  in mbedtls_dhm_read_params()
140         ( ret = dhm_read_bignum( &ctx->G,  p, end ) ) != 0 ||  in mbedtls_dhm_read_params()
141         ( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 )  in mbedtls_dhm_read_params()
144     if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )  in mbedtls_dhm_read_params()
147     ctx->len = mbedtls_mpi_size( &ctx->P );  in mbedtls_dhm_read_params()
167 static int dhm_make_common( mbedtls_dhm_context *ctx, int x_size,  in dhm_make_common()  argument
173     if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )  in dhm_make_common()
178     if( (unsigned) x_size < mbedtls_mpi_size( &ctx->P ) )  in dhm_make_common()
180         MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );  in dhm_make_common()
185         ret = dhm_random_below( &ctx->X, &ctx->P, f_rng, p_rng );  in dhm_make_common()
195     MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,  in dhm_make_common()
196                           &ctx->P , &ctx->RP ) );  in dhm_make_common()
198     if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )  in dhm_make_common()
208 int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,  in mbedtls_dhm_make_params()  argument
216     DHM_VALIDATE_RET( ctx != NULL );  in mbedtls_dhm_make_params()
221     ret = dhm_make_common( ctx, x_size, f_rng, p_rng );  in mbedtls_dhm_make_params()
239     n1 = mbedtls_mpi_size( &ctx->P  );  in mbedtls_dhm_make_params()
240     n2 = mbedtls_mpi_size( &ctx->G  );  in mbedtls_dhm_make_params()
241     n3 = mbedtls_mpi_size( &ctx->GX );  in mbedtls_dhm_make_params()
244     DHM_MPI_EXPORT( &ctx->P , n1 );  in mbedtls_dhm_make_params()
245     DHM_MPI_EXPORT( &ctx->G , n2 );  in mbedtls_dhm_make_params()
246     DHM_MPI_EXPORT( &ctx->GX, n3 );  in mbedtls_dhm_make_params()
250     ctx->len = n1;  in mbedtls_dhm_make_params()
261 int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,  in mbedtls_dhm_set_group()  argument
266     DHM_VALIDATE_RET( ctx != NULL );  in mbedtls_dhm_set_group()
270     if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ||  in mbedtls_dhm_set_group()
271         ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 )  in mbedtls_dhm_set_group()
276     ctx->len = mbedtls_mpi_size( &ctx->P );  in mbedtls_dhm_set_group()
283 int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,  in mbedtls_dhm_read_public()  argument
287     DHM_VALIDATE_RET( ctx != NULL );  in mbedtls_dhm_read_public()
290     if( ilen < 1 || ilen > ctx->len )  in mbedtls_dhm_read_public()
293     if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )  in mbedtls_dhm_read_public()
302 int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,  in mbedtls_dhm_make_public()  argument
308     DHM_VALIDATE_RET( ctx != NULL );  in mbedtls_dhm_make_public()
312     if( olen < 1 || olen > ctx->len )  in mbedtls_dhm_make_public()
315     ret = dhm_make_common( ctx, x_size, f_rng, p_rng );  in mbedtls_dhm_make_public()
321     MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) );  in mbedtls_dhm_make_public()
336 static int dhm_update_blinding( mbedtls_dhm_context *ctx,  in dhm_update_blinding()  argument
348     if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )  in dhm_update_blinding()
350         MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) );  in dhm_update_blinding()
351         MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) );  in dhm_update_blinding()
352         MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) );  in dhm_update_blinding()
361     if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 )  in dhm_update_blinding()
363         MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );  in dhm_update_blinding()
364         MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );  in dhm_update_blinding()
366         MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );  in dhm_update_blinding()
367         MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );  in dhm_update_blinding()
377     MBEDTLS_MPI_CHK( dhm_random_below( &ctx->Vi, &ctx->P, f_rng, p_rng ) );  in dhm_update_blinding()
382     MBEDTLS_MPI_CHK( dhm_random_below( &R, &ctx->P, f_rng, p_rng ) );  in dhm_update_blinding()
383     MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vi, &R ) );  in dhm_update_blinding()
384     MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );  in dhm_update_blinding()
385     MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vf, &ctx->P ) );  in dhm_update_blinding()
386     MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &R ) );  in dhm_update_blinding()
387     MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );  in dhm_update_blinding()
389     MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );  in dhm_update_blinding()
400 int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,  in mbedtls_dhm_calc_secret()  argument
407     DHM_VALIDATE_RET( ctx != NULL );  in mbedtls_dhm_calc_secret()
411     if( output_size < ctx->len )  in mbedtls_dhm_calc_secret()
414     if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )  in mbedtls_dhm_calc_secret()
422         MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );  in mbedtls_dhm_calc_secret()
423         MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );  in mbedtls_dhm_calc_secret()
424         MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );  in mbedtls_dhm_calc_secret()
427         MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) );  in mbedtls_dhm_calc_secret()
430     MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X,  in mbedtls_dhm_calc_secret()
431                           &ctx->P, &ctx->RP ) );  in mbedtls_dhm_calc_secret()
436         MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );  in mbedtls_dhm_calc_secret()
437         MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );  in mbedtls_dhm_calc_secret()
442     *olen = mbedtls_mpi_size( &ctx->K );  in mbedtls_dhm_calc_secret()
443     MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) );  in mbedtls_dhm_calc_secret()
457 void mbedtls_dhm_free( mbedtls_dhm_context *ctx )  in mbedtls_dhm_free()  argument
459     if( ctx == NULL )  in mbedtls_dhm_free()
462     mbedtls_mpi_free( &ctx->pX );  in mbedtls_dhm_free()
463     mbedtls_mpi_free( &ctx->Vf );  in mbedtls_dhm_free()
464     mbedtls_mpi_free( &ctx->Vi );  in mbedtls_dhm_free()
465     mbedtls_mpi_free( &ctx->RP );  in mbedtls_dhm_free()
466     mbedtls_mpi_free( &ctx->K  );  in mbedtls_dhm_free()
467     mbedtls_mpi_free( &ctx->GY );  in mbedtls_dhm_free()
468     mbedtls_mpi_free( &ctx->GX );  in mbedtls_dhm_free()
469     mbedtls_mpi_free( &ctx->X  );  in mbedtls_dhm_free()
470     mbedtls_mpi_free( &ctx->G  );  in mbedtls_dhm_free()
471     mbedtls_mpi_free( &ctx->P  );  in mbedtls_dhm_free()
473     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_dhm_context ) );  in mbedtls_dhm_free()

Last Index update Sat Jun 03 09:59:21 CST 2023