espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-31 19:24:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(esp_wifi): Replace crypto_key with crypto_ec_key

Browse Source 
Replaced all occurances of crypto_key with crypto_ec_key struct
    to make the code more consistent with upstream.
This commit is contained in:
aditi
2024-07-23 18:27:43 +05:30
committed by Aditi
parent d45588ff51
commit 7490867a4d
5 changed files with 91 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-ec.c
View File

@@ -454,7 +454,7 @@ int crypto_ec_point_cmp(const struct crypto_ec *e,
(const mbedtls_ecp_point *) b); (const mbedtls_ecp_point *) b);
} }
int crypto_key_compare(struct crypto_key *key1, struct crypto_key *key2) int crypto_ec_key_compare(struct crypto_ec_key *key1, struct crypto_ec_key *key2)
{ {
int ret = 0; int ret = 0;
mbedtls_entropy_context entropy; mbedtls_entropy_context entropy;
@@ -489,7 +489,7 @@ void crypto_debug_print_point(const char *title, struct crypto_ec *e,
wpa_hexdump(MSG_ERROR, "y:", y, 32); wpa_hexdump(MSG_ERROR, "y:", y, 32);
} }
static struct crypto_key *crypto_alloc_key(void) static struct crypto_ec_key *crypto_alloc_key(void)
{ {
mbedtls_pk_context *key = os_malloc(sizeof(*key)); mbedtls_pk_context *key = os_malloc(sizeof(*key));
@@ -499,14 +499,14 @@ static struct crypto_key *crypto_alloc_key(void)
} }
mbedtls_pk_init(key); mbedtls_pk_init(key);
return (struct crypto_key *)key; return (struct crypto_ec_key *)key;
} }
struct crypto_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *group, struct crypto_ec_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *group,
const u8 *buf, size_t len) const u8 *buf, size_t len)
{ {
mbedtls_ecp_point *point = NULL; mbedtls_ecp_point *point = NULL;
struct crypto_key *pkey = NULL; struct crypto_ec_key *pkey = NULL;
int ret; int ret;
mbedtls_pk_context *key = (mbedtls_pk_context *)crypto_alloc_key(); mbedtls_pk_context *key = (mbedtls_pk_context *)crypto_alloc_key();
mbedtls_ecp_group *ecp_grp = (mbedtls_ecp_group *)group; mbedtls_ecp_group *ecp_grp = (mbedtls_ecp_group *)group;
@@ -544,7 +544,7 @@ struct crypto_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *gro
mbedtls_ecp_copy(&mbedtls_pk_ec(*key)->MBEDTLS_PRIVATE(Q), point); mbedtls_ecp_copy(&mbedtls_pk_ec(*key)->MBEDTLS_PRIVATE(Q), point);
mbedtls_ecp_group_load(&mbedtls_pk_ec(*key)->MBEDTLS_PRIVATE(grp), ecp_grp->id); mbedtls_ecp_group_load(&mbedtls_pk_ec(*key)->MBEDTLS_PRIVATE(grp), ecp_grp->id);
pkey = (struct crypto_key *)key; pkey = (struct crypto_ec_key *)key;
crypto_ec_point_deinit((struct crypto_ec_point *)point, 0); crypto_ec_point_deinit((struct crypto_ec_point *)point, 0);
return pkey; return pkey;
fail: fail:
@@ -558,21 +558,21 @@ fail:
return pkey; return pkey;
} }
void crypto_ec_free_key(struct crypto_key *key) void crypto_ec_free_key(struct crypto_ec_key *key)
{ {
mbedtls_pk_context *pkey = (mbedtls_pk_context *)key; mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
mbedtls_pk_free(pkey); mbedtls_pk_free(pkey);
os_free(key); os_free(key);
} }
struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_key *key) struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_ec_key *key)
{ {
mbedtls_pk_context *pkey = (mbedtls_pk_context *)key; mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
return (struct crypto_ec_point *)&mbedtls_pk_ec(*pkey)->MBEDTLS_PRIVATE(Q); return (struct crypto_ec_point *)&mbedtls_pk_ec(*pkey)->MBEDTLS_PRIVATE(Q);
} }
int crypto_ec_get_priv_key_der(struct crypto_key *key, unsigned char **key_data, int *key_len) int crypto_ec_get_priv_key_der(struct crypto_ec_key *key, unsigned char **key_data, int *key_len)
{ {
mbedtls_pk_context *pkey = (mbedtls_pk_context *)key; mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
char *der_data = os_malloc(ECP_PRV_DER_MAX_BYTES); char *der_data = os_malloc(ECP_PRV_DER_MAX_BYTES);
@@ -600,7 +600,7 @@ int crypto_ec_get_priv_key_der(struct crypto_key *key, unsigned char **key_data,
return 0; return 0;
} }
struct crypto_ec_group *crypto_ec_get_group_from_key(struct crypto_key *key) struct crypto_ec_group *crypto_ec_get_group_from_key(struct crypto_ec_key *key)
{ {
mbedtls_pk_context *pkey = (mbedtls_pk_context *)key; mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
@@ -615,14 +615,14 @@ int crypto_ec_key_group(struct crypto_ec_key *key)
return iana_group; return iana_group;
} }
struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_key *key) struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_ec_key *key)
{ {
mbedtls_pk_context *pkey = (mbedtls_pk_context *)key; mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
return ((struct crypto_bignum *) & (mbedtls_pk_ec(*pkey)->MBEDTLS_PRIVATE(d))); return ((struct crypto_bignum *) & (mbedtls_pk_ec(*pkey)->MBEDTLS_PRIVATE(d)));
} }
int crypto_ec_get_publickey_buf(struct crypto_key *key, u8 *key_buf, int len) int crypto_ec_get_publickey_buf(struct crypto_ec_key *key, u8 *key_buf, int len)
{ {
mbedtls_pk_context *pkey = (mbedtls_pk_context *)key; mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE + 10]; /* tag, length + MPI */ unsigned char buf[MBEDTLS_MPI_MAX_SIZE + 10]; /* tag, length + MPI */
@@ -645,7 +645,7 @@ int crypto_ec_get_publickey_buf(struct crypto_key *key, u8 *key_buf, int len)
return pk_len; return pk_len;
} }
int crypto_write_pubkey_der(struct crypto_key *key, unsigned char **key_buf) int crypto_write_pubkey_der(struct crypto_ec_key *key, unsigned char **key_buf)
{ {
unsigned char *buf = os_malloc(ECP_PUB_DER_MAX_BYTES); unsigned char *buf = os_malloc(ECP_PUB_DER_MAX_BYTES);
@@ -670,7 +670,7 @@ int crypto_write_pubkey_der(struct crypto_key *key, unsigned char **key_buf)
return len; return len;
} }
struct crypto_key *crypto_ec_key_parse_priv(const u8 *privkey, size_t privkey_len) struct crypto_ec_key *crypto_ec_key_parse_priv(const u8 *privkey, size_t privkey_len)
{ {
int ret; int ret;
mbedtls_pk_context *kctx = (mbedtls_pk_context *)crypto_alloc_key(); mbedtls_pk_context *kctx = (mbedtls_pk_context *)crypto_alloc_key();
@@ -686,7 +686,7 @@ struct crypto_key *crypto_ec_key_parse_priv(const u8 *privkey, size_t privkey_le
goto fail; goto fail;
} }
return (struct crypto_key *)kctx; return (struct crypto_ec_key *)kctx;
fail: fail:
mbedtls_pk_free(kctx); mbedtls_pk_free(kctx);
@@ -729,7 +729,7 @@ int crypto_ec_get_curve_id(const struct crypto_ec_group *group)
return (crypto_ec_get_mbedtls_to_nist_group_id(grp->id)); return (crypto_ec_get_mbedtls_to_nist_group_id(grp->id));
} }
int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer, int crypto_ecdh(struct crypto_ec_key *key_own, struct crypto_ec_key *key_peer,
u8 *secret, size_t *secret_len) u8 *secret, size_t *secret_len)
{ {
mbedtls_ecdh_context *ctx = NULL; mbedtls_ecdh_context *ctx = NULL;
@@ -796,7 +796,7 @@ fail:
} }
int crypto_ecdsa_get_sign(unsigned char *hash, int crypto_ecdsa_get_sign(unsigned char *hash,
const struct crypto_bignum *r, const struct crypto_bignum *s, struct crypto_key *csign, int hash_len) const struct crypto_bignum *r, const struct crypto_bignum *s, struct crypto_ec_key *csign, int hash_len)
{ {
int ret = -1; int ret = -1;
mbedtls_pk_context *pkey = (mbedtls_pk_context *)csign; mbedtls_pk_context *pkey = (mbedtls_pk_context *)csign;
@@ -822,7 +822,7 @@ fail:
} }
int crypto_edcsa_sign_verify(const unsigned char *hash, int crypto_edcsa_sign_verify(const unsigned char *hash,
const struct crypto_bignum *r, const struct crypto_bignum *s, struct crypto_key *csign, int hlen) const struct crypto_bignum *r, const struct crypto_bignum *s, struct crypto_ec_key *csign, int hlen)
{ {
/* (mbedtls_ecdsa_context *) */ /* (mbedtls_ecdsa_context *) */
mbedtls_ecp_keypair *ecp_kp = mbedtls_pk_ec(*(mbedtls_pk_context *)csign); mbedtls_ecp_keypair *ecp_kp = mbedtls_pk_ec(*(mbedtls_pk_context *)csign);
@@ -842,7 +842,7 @@ int crypto_edcsa_sign_verify(const unsigned char *hash,
return ret; return ret;
} }
void crypto_ec_key_debug_print(const char *title, struct crypto_key *key) void crypto_ec_key_debug_print(const char *title, struct crypto_ec_key *key)
{ {
#ifdef DEBUG_PRINT #ifdef DEBUG_PRINT
mbedtls_pk_context *pkey = (mbedtls_pk_context *)key; mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
@@ -862,7 +862,7 @@ void crypto_ec_key_debug_print(const char *title, struct crypto_key *key)
#endif #endif
} }
struct crypto_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len) struct crypto_ec_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len)
{ {
int ret; int ret;
mbedtls_pk_context *pkey = (mbedtls_pk_context *)crypto_alloc_key(); mbedtls_pk_context *pkey = (mbedtls_pk_context *)crypto_alloc_key();
@@ -872,7 +872,7 @@ struct crypto_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len
} }
ret = mbedtls_pk_parse_subpubkey((unsigned char **)&p, p + len, pkey); ret = mbedtls_pk_parse_subpubkey((unsigned char **)&p, p + len, pkey);
if (ret == 0) { if (ret == 0) {
return (struct crypto_key *)pkey; return (struct crypto_ec_key *)pkey;
} }
mbedtls_pk_free(pkey); mbedtls_pk_free(pkey);
@@ -880,13 +880,13 @@ struct crypto_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len
return NULL; return NULL;
} }
int crypto_is_ec_key(struct crypto_key *key) int crypto_is_ec_key(struct crypto_ec_key *key)
{ {
int ret = mbedtls_pk_can_do((mbedtls_pk_context *)key, MBEDTLS_PK_ECKEY); int ret = mbedtls_pk_can_do((mbedtls_pk_context *)key, MBEDTLS_PK_ECKEY);
return ret; return ret;
} }
struct crypto_key * crypto_ec_key_gen(u16 ike_group) struct crypto_ec_key * crypto_ec_key_gen(u16 ike_group)
{ {
mbedtls_pk_context *kctx = (mbedtls_pk_context *)crypto_alloc_key(); mbedtls_pk_context *kctx = (mbedtls_pk_context *)crypto_alloc_key();
@@ -903,7 +903,7 @@ struct crypto_key * crypto_ec_key_gen(u16 ike_group)
mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP256R1, mbedtls_pk_ec(*kctx), //get this from argument mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP256R1, mbedtls_pk_ec(*kctx), //get this from argument
crypto_rng_wrapper, NULL); crypto_rng_wrapper, NULL);
return (struct crypto_key *)kctx; return (struct crypto_ec_key *)kctx;
fail: fail:
mbedtls_pk_free(kctx); mbedtls_pk_free(kctx);
os_free(kctx); os_free(kctx);
@@ -1019,7 +1019,7 @@ int crypto_pk_write_formatted_pubkey_der(mbedtls_pk_context *key, unsigned char
return ((int) len); return ((int) len);
} }
int crypto_ec_write_pub_key(struct crypto_key *key, unsigned char **key_buf) int crypto_ec_write_pub_key(struct crypto_ec_key *key, unsigned char **key_buf)
{ {
unsigned char output_buf[1600] = {0}; unsigned char output_buf[1600] = {0};
int len = crypto_pk_write_formatted_pubkey_der((mbedtls_pk_context *)key, output_buf, 1600, 1); int len = crypto_pk_write_formatted_pubkey_der((mbedtls_pk_context *)key, output_buf, 1600, 1);
@@ -1141,7 +1141,7 @@ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y,
struct crypto_bignum *bn_x = NULL; struct crypto_bignum *bn_x = NULL;
struct crypto_ec_point *ec_pt = NULL; struct crypto_ec_point *ec_pt = NULL;
uint8_t *px = NULL, *py = NULL, *buf = NULL; uint8_t *px = NULL, *py = NULL, *buf = NULL;
struct crypto_key *pkey = NULL; struct crypto_ec_key *pkey = NULL;
struct wpabuf *sh_secret = NULL; struct wpabuf *sh_secret = NULL;
int secret_key = 0; int secret_key = 0;

20
components/wpa_supplicant/src/common/dpp.c
View File

@@ -1730,7 +1730,7 @@ dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
unsigned int curr_chan, const u8 *hdr, const u8 *attr_start, unsigned int curr_chan, const u8 *hdr, const u8 *attr_start,
size_t attr_len) size_t attr_len)
{ {
struct crypto_key *pi = NULL; struct crypto_ec_key *pi = NULL;
size_t secret_len; size_t secret_len;
const u8 *addr[2]; const u8 *addr[2];
size_t len[2]; size_t len[2];
@@ -2275,7 +2275,7 @@ struct wpabuf *
dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,
const u8 *attr_start, size_t attr_len) const u8 *attr_start, size_t attr_len)
{ {
struct crypto_key *pr; struct crypto_ec_key *pr;
size_t secret_len; size_t secret_len;
const u8 *addr[2]; const u8 *addr[2];
size_t len[2]; size_t len[2];
@@ -3203,7 +3203,7 @@ dpp_build_conf_start(struct dpp_authentication *auth,
return buf; return buf;
} }
static int dpp_build_jwk(struct wpabuf *buf, const char *name, struct crypto_key *key, static int dpp_build_jwk(struct wpabuf *buf, const char *name, struct crypto_ec_key *key,
const char *kid, const struct dpp_curve_params *curve) const char *kid, const struct dpp_curve_params *curve)
{ {
struct wpabuf *pub; struct wpabuf *pub;
@@ -3907,7 +3907,7 @@ static int dpp_parse_cred_legacy(struct dpp_config_obj *conf,
return 0; return 0;
} }
static struct crypto_key * dpp_parse_jwk(struct json_token *jwk, static struct crypto_ec_key * dpp_parse_jwk(struct json_token *jwk,
const struct dpp_curve_params **key_curve) const struct dpp_curve_params **key_curve)
{ {
struct json_token *token; struct json_token *token;
@@ -3915,7 +3915,7 @@ static struct crypto_key * dpp_parse_jwk(struct json_token *jwk,
struct wpabuf *x = NULL, *y = NULL; struct wpabuf *x = NULL, *y = NULL;
unsigned char *a = NULL; unsigned char *a = NULL;
struct crypto_ec_group *group; struct crypto_ec_group *group;
struct crypto_key *pkey = NULL; struct crypto_ec_key *pkey = NULL;
size_t len; size_t len;
token = json_get_member(jwk, "kty"); token = json_get_member(jwk, "kty");
@@ -4077,7 +4077,7 @@ static int dpp_parse_connector(struct dpp_authentication *auth,
{ {
struct json_token *root, *groups, *netkey, *token; struct json_token *root, *groups, *netkey, *token;
int ret = -1; int ret = -1;
struct crypto_key *key = NULL; struct crypto_ec_key *key = NULL;
const struct dpp_curve_params *curve; const struct dpp_curve_params *curve;
unsigned int rules = 0; unsigned int rules = 0;
@@ -4144,7 +4144,7 @@ skip_groups:
goto fail; goto fail;
dpp_debug_print_key("DPP: Received netAccessKey", key); dpp_debug_print_key("DPP: Received netAccessKey", key);
if (crypto_key_compare(key, auth->own_protocol_key) != 1) { if (crypto_ec_key_compare(key, auth->own_protocol_key) != 1) {
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"DPP: netAccessKey in connector does not match own protocol key"); "DPP: netAccessKey in connector does not match own protocol key");
#ifdef CONFIG_TESTING_OPTIONS #ifdef CONFIG_TESTING_OPTIONS
@@ -4166,7 +4166,7 @@ fail:
return ret; return ret;
} }
static void dpp_copy_csign(struct dpp_config_obj *conf, struct crypto_key *csign) static void dpp_copy_csign(struct dpp_config_obj *conf, struct crypto_ec_key *csign)
{ {
unsigned char *der = NULL; unsigned char *der = NULL;
int der_len; int der_len;
@@ -4200,7 +4200,7 @@ static int dpp_parse_cred_dpp(struct dpp_authentication *auth,
struct dpp_signed_connector_info info; struct dpp_signed_connector_info info;
struct json_token *token, *csign; struct json_token *token, *csign;
int ret = -1; int ret = -1;
struct crypto_key *csign_pub = NULL; struct crypto_ec_key *csign_pub = NULL;
const struct dpp_curve_params *key_curve = NULL; const struct dpp_curve_params *key_curve = NULL;
const char *signed_connector; const char *signed_connector;
@@ -4836,7 +4836,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
struct json_token *root = NULL, *netkey, *token; struct json_token *root = NULL, *netkey, *token;
struct json_token *own_root = NULL; struct json_token *own_root = NULL;
enum dpp_status_error ret = 255, res; enum dpp_status_error ret = 255, res;
struct crypto_key *own_key = NULL, *peer_key = NULL; struct crypto_ec_key *own_key = NULL, *peer_key = NULL;
struct wpabuf *own_key_pub = NULL; struct wpabuf *own_key_pub = NULL;
const struct dpp_curve_params *curve, *own_curve; const struct dpp_curve_params *curve, *own_curve;
struct dpp_signed_connector_info info; struct dpp_signed_connector_info info;

34
components/wpa_supplicant/src/common/dpp.h
View File

@@ -164,7 +164,7 @@ struct dpp_bootstrap_info {
unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ]; unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ];
unsigned int num_freq; unsigned int num_freq;
int own; int own;
struct crypto_key *pubkey; struct crypto_ec_key *pubkey;
u8 pubkey_hash[SHA256_MAC_LEN]; u8 pubkey_hash[SHA256_MAC_LEN];
const struct dpp_curve_params *curve; const struct dpp_curve_params *curve;
unsigned int pkex_t; /* number of failures before dpp_pkex unsigned int pkex_t; /* number of failures before dpp_pkex
@@ -183,12 +183,12 @@ struct dpp_pkex {
u8 peer_mac[ETH_ALEN]; u8 peer_mac[ETH_ALEN];
char *identifier; char *identifier;
char *code; char *code;
struct crypto_key *x; struct crypto_ec_key *x;
struct crypto_key *y; struct crypto_ec_key *y;
u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; u8 Mx[DPP_MAX_SHARED_SECRET_LEN];
u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; u8 Nx[DPP_MAX_SHARED_SECRET_LEN];
u8 z[DPP_MAX_HASH_LEN]; u8 z[DPP_MAX_HASH_LEN];
struct crypto_key *peer_bootstrap_key; struct crypto_ec_key *peer_bootstrap_key;
struct wpabuf *exchange_req; struct wpabuf *exchange_req;
struct wpabuf *exchange_resp; struct wpabuf *exchange_resp;
unsigned int t; /* number of failures on code use */ unsigned int t; /* number of failures on code use */
@@ -251,8 +251,8 @@ struct dpp_authentication {
u8 e_nonce[DPP_MAX_NONCE_LEN]; u8 e_nonce[DPP_MAX_NONCE_LEN];
u8 i_capab; u8 i_capab;
u8 r_capab; u8 r_capab;
struct crypto_key *own_protocol_key; struct crypto_ec_key *own_protocol_key;
struct crypto_key *peer_protocol_key; struct crypto_ec_key *peer_protocol_key;
struct wpabuf *req_msg; struct wpabuf *req_msg;
struct wpabuf *resp_msg; struct wpabuf *resp_msg;
/* Intersection of possible frequencies for initiating DPP /* Intersection of possible frequencies for initiating DPP
@@ -321,7 +321,7 @@ struct dpp_configurator {
struct dl_list list; struct dl_list list;
unsigned int id; unsigned int id;
int own; int own;
struct crypto_key *csign; struct crypto_ec_key *csign;
char *kid; char *kid;
const struct dpp_curve_params *curve; const struct dpp_curve_params *curve;
}; };
@@ -605,7 +605,7 @@ struct dpp_signed_connector_info {
const struct dpp_curve_params *dpp_get_curve_name(const char *name); const struct dpp_curve_params *dpp_get_curve_name(const char *name);
const struct dpp_curve_params *dpp_get_curve_jwk_crv(const char *name); const struct dpp_curve_params *dpp_get_curve_jwk_crv(const char *name);
const struct dpp_curve_params * dpp_get_curve_group_id(int group_id); const struct dpp_curve_params * dpp_get_curve_group_id(int group_id);
void dpp_debug_print_key(const char *title, struct crypto_key *key); void dpp_debug_print_key(const char *title, struct crypto_ec_key *key);
int dpp_hash_vector(const struct dpp_curve_params *curve, int dpp_hash_vector(const struct dpp_curve_params *curve,
size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac);
int dpp_hkdf_expand(size_t hash_len, const u8 *secret, size_t secret_len, int dpp_hkdf_expand(size_t hash_len, const u8 *secret, size_t secret_len,
@@ -615,10 +615,10 @@ int dpp_hmac_vector(size_t hash_len, const u8 *key, size_t key_len,
const size_t *len, u8 *mac); const size_t *len, u8 *mac);
int dpp_hmac(size_t hash_len, const u8 *key, size_t key_len, int dpp_hmac(size_t hash_len, const u8 *key, size_t key_len,
const u8 *data, size_t data_len, u8 *mac); const u8 *data, size_t data_len, u8 *mac);
struct crypto_key * dpp_set_pubkey_point(struct crypto_key *group_key, struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key,
const u8 *buf, size_t len); const u8 *buf, size_t len);
struct crypto_key * dpp_gen_keypair(const struct dpp_curve_params *curve); struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve);
struct crypto_key * dpp_set_keypair(const struct dpp_curve_params **curve, struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve,
const u8 *privkey, size_t privkey_len); const u8 *privkey, size_t privkey_len);
int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi); int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi);
char * dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve, char * dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve,
@@ -627,13 +627,13 @@ int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1,
unsigned int hash_len); unsigned int hash_len);
int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2, int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2,
unsigned int hash_len); unsigned int hash_len);
int dpp_ecdh(struct crypto_key *own, struct crypto_key *peer, int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer,
u8 *secret, size_t *secret_len); u8 *secret, size_t *secret_len);
struct wpabuf *dpp_parse_jws_prot_hdr(const struct dpp_curve_params *curve, struct wpabuf *dpp_parse_jws_prot_hdr(const struct dpp_curve_params *curve,
const u8 *prot_hdr, u16 prot_hdr_len, int *hash_func); const u8 *prot_hdr, u16 prot_hdr_len, int *hash_func);
int dpp_check_pubkey_match(struct crypto_key *pub, struct wpabuf *r_hash); int dpp_check_pubkey_match(struct crypto_ec_key *pub, struct wpabuf *r_hash);
enum dpp_status_error dpp_process_signed_connector(struct dpp_signed_connector_info *info, enum dpp_status_error dpp_process_signed_connector(struct dpp_signed_connector_info *info,
struct crypto_key *csign_pub, const char *connector); struct crypto_ec_key *csign_pub, const char *connector);
int dpp_gen_r_auth(struct dpp_authentication *auth, u8 *r_auth); int dpp_gen_r_auth(struct dpp_authentication *auth, u8 *r_auth);
int dpp_gen_i_auth(struct dpp_authentication *auth, u8 *i_auth); int dpp_gen_i_auth(struct dpp_authentication *auth, u8 *i_auth);
int dpp_auth_derive_l_responder(struct dpp_authentication *auth); int dpp_auth_derive_l_responder(struct dpp_authentication *auth);
@@ -641,10 +641,10 @@ int dpp_auth_derive_l_initiator(struct dpp_authentication *auth);
int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk, int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk,
unsigned int hash_len); unsigned int hash_len);
int dpp_derive_pmkid(const struct dpp_curve_params *curve, int dpp_derive_pmkid(const struct dpp_curve_params *curve,
struct crypto_key *own_key, struct crypto_key *peer_key, u8 *pmkid); struct crypto_ec_key *own_key, struct crypto_ec_key *peer_key, u8 *pmkid);
int dpp_bn2bin_pad(const struct crypto_bignum *bn, u8 *pos, size_t len); int dpp_bn2bin_pad(const struct crypto_bignum *bn, u8 *pos, size_t len);
struct wpabuf * dpp_bootstrap_key_der(struct crypto_key *key); struct wpabuf * dpp_bootstrap_key_der(struct crypto_ec_key *key);
struct wpabuf * dpp_get_pubkey_point(struct crypto_key *pkey, int prefix); struct wpabuf * dpp_get_pubkey_point(struct crypto_ec_key *pkey, int prefix);
int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len); int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len);
int dpp_derive_bk_ke(struct dpp_authentication *auth); int dpp_derive_bk_ke(struct dpp_authentication *auth);
enum dpp_status_error enum dpp_status_error

30
components/wpa_supplicant/src/common/dpp_crypto.c
View File

@@ -74,7 +74,7 @@ const struct dpp_curve_params * dpp_get_curve_group_id(int group_id)
return NULL; return NULL;
} }
void dpp_debug_print_key(const char *title, struct crypto_key *key) void dpp_debug_print_key(const char *title, struct crypto_ec_key *key)
{ {
crypto_ec_key_debug_print(title, key); crypto_ec_key_debug_print(title, key);
} }
@@ -146,11 +146,11 @@ int dpp_hmac(size_t hash_len, const u8 *key, size_t key_len,
return -1; return -1;
} }
struct crypto_key * dpp_set_pubkey_point(struct crypto_key *group_key, struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key,
const u8 *buf, size_t len) const u8 *buf, size_t len)
{ {
const struct crypto_ec_group *group; const struct crypto_ec_group *group;
struct crypto_key *pkey = NULL; struct crypto_ec_key *pkey = NULL;
if (len & 1) if (len & 1)
return NULL; return NULL;
@@ -165,9 +165,9 @@ struct crypto_key * dpp_set_pubkey_point(struct crypto_key *group_key,
return pkey; return pkey;
} }
struct crypto_key * dpp_gen_keypair(const struct dpp_curve_params *curve) struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve)
{ {
struct crypto_key *key = crypto_ec_key_gen(curve->ike_group); struct crypto_ec_key *key = crypto_ec_key_gen(curve->ike_group);
wpa_printf(MSG_DEBUG, "DPP: Generating a keypair"); wpa_printf(MSG_DEBUG, "DPP: Generating a keypair");
dpp_debug_print_key("Own generated key", key); dpp_debug_print_key("Own generated key", key);
@@ -175,11 +175,11 @@ struct crypto_key * dpp_gen_keypair(const struct dpp_curve_params *curve)
return key; return key;
} }
struct crypto_key * dpp_set_keypair(const struct dpp_curve_params **curve, struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve,
const u8 *privkey, size_t privkey_len) const u8 *privkey, size_t privkey_len)
{ {
struct crypto_ec_group *group; struct crypto_ec_group *group;
struct crypto_key *pkey = crypto_ec_key_parse_priv(privkey, privkey_len); struct crypto_ec_key *pkey = crypto_ec_key_parse_priv(privkey, privkey_len);
int id; int id;
if (!pkey) { if (!pkey) {
@@ -204,7 +204,7 @@ struct crypto_key * dpp_set_keypair(const struct dpp_curve_params **curve,
return pkey; return pkey;
} }
struct wpabuf * dpp_bootstrap_key_der(struct crypto_key *key) struct wpabuf * dpp_bootstrap_key_der(struct crypto_ec_key *key)
{ {
unsigned char *der = NULL; unsigned char *der = NULL;
struct wpabuf *ret = NULL; struct wpabuf *ret = NULL;
@@ -365,7 +365,7 @@ int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2,
return 0; return 0;
} }
int dpp_ecdh(struct crypto_key *own, struct crypto_key *peer, int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer,
u8 *secret, size_t *secret_len) u8 *secret, size_t *secret_len)
{ {
return crypto_ecdh(own, peer, secret, secret_len); return crypto_ecdh(own, peer, secret, secret_len);
@@ -442,7 +442,7 @@ fail:
int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len) int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len)
{ {
struct crypto_key *pkey; struct crypto_ec_key *pkey;
const unsigned char *p; const unsigned char *p;
struct crypto_ec_group *group; struct crypto_ec_group *group;
int id; int id;
@@ -565,7 +565,7 @@ int dpp_derive_bk_ke(struct dpp_authentication *auth)
return 0; return 0;
} }
struct wpabuf * dpp_get_pubkey_point(struct crypto_key *pkey, int prefix) struct wpabuf * dpp_get_pubkey_point(struct crypto_ec_key *pkey, int prefix)
{ {
int len, res; int len, res;
struct wpabuf *buf; struct wpabuf *buf;
@@ -604,7 +604,7 @@ struct wpabuf * dpp_get_pubkey_point(struct crypto_key *pkey, int prefix)
return buf; return buf;
} }
int dpp_check_pubkey_match(struct crypto_key *pub, struct wpabuf *r_hash) int dpp_check_pubkey_match(struct crypto_ec_key *pub, struct wpabuf *r_hash)
{ {
struct wpabuf *uncomp; struct wpabuf *uncomp;
int res; int res;
@@ -637,7 +637,7 @@ int dpp_check_pubkey_match(struct crypto_key *pub, struct wpabuf *r_hash)
enum dpp_status_error enum dpp_status_error
dpp_process_signed_connector(struct dpp_signed_connector_info *info, dpp_process_signed_connector(struct dpp_signed_connector_info *info,
struct crypto_key *csign_pub, const char *connector) struct crypto_ec_key *csign_pub, const char *connector)
{ {
enum dpp_status_error ret = 255; enum dpp_status_error ret = 255;
const char *pos, *end, *signed_start, *signed_end; const char *pos, *end, *signed_start, *signed_end;
@@ -776,7 +776,7 @@ dpp_check_signed_connector(struct dpp_signed_connector_info *info,
const u8 *csign_key, size_t csign_key_len, const u8 *csign_key, size_t csign_key_len,
const u8 *peer_connector, size_t peer_connector_len) const u8 *peer_connector, size_t peer_connector_len)
{ {
struct crypto_key *csign; struct crypto_ec_key *csign;
char *signed_connector = NULL; char *signed_connector = NULL;
enum dpp_status_error res = DPP_STATUS_INVALID_CONNECTOR; enum dpp_status_error res = DPP_STATUS_INVALID_CONNECTOR;
const unsigned char *p; const unsigned char *p;
@@ -1096,7 +1096,7 @@ int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk,
} }
int dpp_derive_pmkid(const struct dpp_curve_params *curve, int dpp_derive_pmkid(const struct dpp_curve_params *curve,
struct crypto_key *own_key, struct crypto_key *peer_key, u8 *pmkid) struct crypto_ec_key *own_key, struct crypto_ec_key *peer_key, u8 *pmkid)
{ {
struct wpabuf *nkx, *pkx; struct wpabuf *nkx, *pkx;
int ret = -1, res; int ret = -1, res;

46
components/wpa_supplicant/src/crypto/crypto.h
View File

@@ -932,6 +932,9 @@ int crypto_ec_point_cmp(const struct crypto_ec *e,
const struct crypto_ec_point *a, const struct crypto_ec_point *a,
const struct crypto_ec_point *b); const struct crypto_ec_point *b);
struct crypto_ec_key;
/** /**
* crypto_ec_get_publickey_buf - Write EC public key to buffer * crypto_ec_get_publickey_buf - Write EC public key to buffer
* @key: crypto key * @key: crypto key
@@ -939,21 +942,21 @@ int crypto_ec_point_cmp(const struct crypto_ec *e,
* @len: length of buffer * @len: length of buffer
* Returns: 0 on success, non-zero otherwise * Returns: 0 on success, non-zero otherwise
*/ */
int crypto_ec_get_publickey_buf(struct crypto_key *key, u8 *key_buf, int len); int crypto_ec_get_publickey_buf(struct crypto_ec_key *key, u8 *key_buf, int len);
/** /**
* crypto_ec_get_group_from_key - Write EC group from key * crypto_ec_get_group_from_key - Write EC group from key
* @key: crypto key * @key: crypto key
* Returns: EC group * Returns: EC group
*/ */
struct crypto_ec_group *crypto_ec_get_group_from_key(struct crypto_key *key); struct crypto_ec_group *crypto_ec_get_group_from_key(struct crypto_ec_key *key);
/** /**
* crypto_ec_key_get_private_key - Get EC private key (in bignum format) * crypto_ec_key_get_private_key - Get EC private key (in bignum format)
* @key: crypto key * @key: crypto key
* Returns: Private key * Returns: Private key
*/ */
struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_key *key); struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_ec_key *key);
/** /**
* crypto_ec_key_parse_priv - Read key from character stream * crypto_ec_key_parse_priv - Read key from character stream
@@ -961,7 +964,7 @@ struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_key *key);
* @privkey_len: private key len * @privkey_len: private key len
* Returns: Crypto key * Returns: Crypto key
*/ */
struct crypto_key *crypto_ec_key_parse_priv(const u8 *privkey, size_t privkey_len); struct crypto_ec_key *crypto_ec_key_parse_priv(const u8 *privkey, size_t privkey_len);
/** /**
* crypto_ec_get_mbedtls_to_nist_group_id - get nist group from mbedtls internal group * crypto_ec_get_mbedtls_to_nist_group_id - get nist group from mbedtls internal group
@@ -985,7 +988,7 @@ int crypto_ec_get_curve_id(const struct crypto_ec_group *group);
* @secret_len: secret len * @secret_len: secret len
* Returns: 0 if success else negative value * Returns: 0 if success else negative value
*/ */
int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer, int crypto_ecdh(struct crypto_ec_key *key_own, struct crypto_ec_key *key_peer,
u8 *secret, size_t *secret_len); u8 *secret, size_t *secret_len);
/** /**
@@ -999,7 +1002,7 @@ int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer,
*/ */
int crypto_ecdsa_get_sign(unsigned char *hash, int crypto_ecdsa_get_sign(unsigned char *hash,
const struct crypto_bignum *r, const struct crypto_bignum *s, const struct crypto_bignum *r, const struct crypto_bignum *s,
struct crypto_key *csign, int hash_len); struct crypto_ec_key *csign, int hash_len);
/** /**
* crypto_edcsa_sign_verify: verify crypto ecdsa signed hash * crypto_edcsa_sign_verify: verify crypto ecdsa signed hash
@@ -1011,29 +1014,29 @@ int crypto_ecdsa_get_sign(unsigned char *hash,
* Return: 0 if success else negative value * Return: 0 if success else negative value
*/ */
int crypto_edcsa_sign_verify(const unsigned char *hash, const struct crypto_bignum *r, int crypto_edcsa_sign_verify(const unsigned char *hash, const struct crypto_bignum *r,
const struct crypto_bignum *s, struct crypto_key *csign, int hlen); const struct crypto_bignum *s, struct crypto_ec_key *csign, int hlen);
/** /**
* crypto_ec_parse_subpub_key: get EC key context from sub public key * crypto_ec_parse_subpub_key: get EC key context from sub public key
* @p: data * @p: data
* @len: data len * @len: data len
* Return: crypto_key * Return: crypto_ec_key
*/ */
struct crypto_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len); struct crypto_ec_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len);
/** /**
* crypto_is_ec_key: check whether a key is EC key or not * crypto_is_ec_key: check whether a key is EC key or not
* @key: crypto key * @key: crypto key
* Return: true if key else false * Return: true if key else false
*/ */
int crypto_is_ec_key(struct crypto_key *key); int crypto_is_ec_key(struct crypto_ec_key *key);
/** /**
* crypto_ec_key_gen: generate crypto ec keypair * crypto_ec_key_gen: generate crypto ec keypair
* @ike_group: grpup * @ike_group: grpup
* Return: crypto key * Return: crypto key
*/ */
struct crypto_key * crypto_ec_key_gen(u16 ike_group); struct crypto_ec_key * crypto_ec_key_gen(u16 ike_group);
/** /**
* crypto_ec_write_pub_key: return public key in character buffer * crypto_ec_write_pub_key: return public key in character buffer
@@ -1041,7 +1044,7 @@ struct crypto_key * crypto_ec_key_gen(u16 ike_group);
* @der_len: buffer len * @der_len: buffer len
* Return: public key buffer * Return: public key buffer
*/ */
int crypto_ec_write_pub_key(struct crypto_key *key, unsigned char **key_buf); int crypto_ec_write_pub_key(struct crypto_ec_key *key, unsigned char **key_buf);
/** /**
* crypto_ec_set_pubkey_point: set bignum point on ec curve * crypto_ec_set_pubkey_point: set bignum point on ec curve
@@ -1050,27 +1053,27 @@ int crypto_ec_write_pub_key(struct crypto_key *key, unsigned char **key_buf);
* @len: length of x and y coordinate * @len: length of x and y coordinate
* Return : crypto key * Return : crypto key
*/ */
struct crypto_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *group, struct crypto_ec_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *group,
const u8 *buf, size_t len); const u8 *buf, size_t len);
/** /**
* crypto_ec_free_key: free crypto key * crypto_ec_free_key: free crypto key
* Return : None * Return : None
*/ */
void crypto_ec_free_key(struct crypto_key *key); void crypto_ec_free_key(struct crypto_ec_key *key);
/** /**
* crypto_ec_key_debug_print: print ec key * crypto_ec_key_debug_print: print ec key
* @title: title * @title: title
* @key: crypto key * @key: crypto key
* Return: None * Return: None
*/ */
void crypto_ec_key_debug_print(const char *title, struct crypto_key *key); void crypto_ec_key_debug_print(const char *title, struct crypto_ec_key *key);
/** /**
* crypto_ec_key_get_public_key: Public key from crypto key * crypto_ec_key_get_public_key: Public key from crypto key
* @key: crypto key * @key: crypto key
* Return : Public key * Return : Public key
*/ */
struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_key *key); struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_ec_key *key);
/** /**
* crypto_get_order: free crypto key * crypto_get_order: free crypto key
@@ -1097,10 +1100,10 @@ int crypto_ec_get_affine_coordinates(struct crypto_ec *e, struct crypto_ec_point
struct crypto_ec_group *crypto_ec_get_group_byname(const char *name); struct crypto_ec_group *crypto_ec_get_group_byname(const char *name);
/** /**
* crypto_key_compare: check whether two keys belong to same * crypto_ec_key_compare: check whether two keys belong to same
* Return : 1 if yes else 0 * Return : 1 if yes else 0
*/ */
int crypto_key_compare(struct crypto_key *key1, struct crypto_key *key2); int crypto_ec_key_compare(struct crypto_ec_key *key1, struct crypto_ec_key *key2);
/* /*
* crypto_write_pubkey_der: get public key in der format * crypto_write_pubkey_der: get public key in der format
@@ -1108,7 +1111,7 @@ int crypto_key_compare(struct crypto_key *key1, struct crypto_key *key2);
* @key_buf: key buffer in character format * @key_buf: key buffer in character format
* Return : len of char buffer if success * Return : len of char buffer if success
*/ */
int crypto_write_pubkey_der(struct crypto_key *csign, unsigned char **key_buf); int crypto_write_pubkey_der(struct crypto_ec_key *csign, unsigned char **key_buf);
/** /**
* crypto_free_buffer: free buffer allocated by crypto API * crypto_free_buffer: free buffer allocated by crypto API
@@ -1124,7 +1127,7 @@ void crypto_free_buffer(unsigned char *buf);
* @key_len = key length of character buffer * @key_len = key length of character buffer
* Return : 0 if success * Return : 0 if success
*/ */
int crypto_ec_get_priv_key_der(struct crypto_key *key, unsigned char **key_data, int *key_len); int crypto_ec_get_priv_key_der(struct crypto_ec_key *key, unsigned char **key_data, int *key_len);
/** /**
* crypto_bignum_to_string: get big number in ascii format * crypto_bignum_to_string: get big number in ascii format
@@ -1148,9 +1151,6 @@ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y,
const u8 *key, size_t len); const u8 *key, size_t len);
struct crypto_ec_key;
/** /**
* crypto_ec_key_parse_pub - Initialize EC key pair from SubjectPublicKeyInfo ASN.1 * crypto_ec_key_parse_pub - Initialize EC key pair from SubjectPublicKeyInfo ASN.1
* @der: DER encoding of ASN.1 SubjectPublicKeyInfo * @der: DER encoding of ASN.1 SubjectPublicKeyInfo