TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / fb779f17000ff50d02c97788f0647b820c4bc422^! / .
commitfb779f17000ff50d02c97788f0647b820c4bc422[log] [tgz]
authorChristoph M. Wintersteiger <cwinter@microsoft.com>Fri Feb 15 16:20:54 2019 +0000
committerJanos Follath <janos.follath@arm.com>Mon Aug 19 13:37:46 2019 +0100
tree77f743368537b794aa1c7a222f3209efe0f024ca
parentf21aba4cb2869d0f229c5a2d9e8461ce23592ea0 [diff]
3rdparty: Pull Everest x25519 key size into macro

diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h
index b8cc214..7a973dc 100644
--- a/3rdparty/everest/include/everest/x25519.h
+++ b/3rdparty/everest/include/everest/x25519.h

@@ -27,6 +27,7 @@
 #endif
 
 #define MBEDTLS_ECP_TLS_CURVE25519 0x1d
+#define MBEDTLS_X25519_KEY_SIZE_BYTES 32
 
 /**
  * Defines the source of the imported EC key.
@@ -42,8 +43,8 @@
  */
 typedef struct
 {
-  unsigned char our_secret[32];
-  unsigned char peer_point[32];
+  unsigned char our_secret[MBEDTLS_X25519_KEY_SIZE_BYTES];
+  unsigned char peer_point[MBEDTLS_X25519_KEY_SIZE_BYTES];
 } mbedtls_x25519_context;
 
 /**

diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c
index 830018c..52496c6 100644
--- a/3rdparty/everest/library/x25519.c
+++ b/3rdparty/everest/library/x25519.c

@@ -52,8 +52,8 @@
     if( ctx == NULL )
         return;
 
-    mbedtls_platform_zeroize( ctx->our_secret, 32 );
-    mbedtls_platform_zeroize( ctx->peer_point, 32 );
+    mbedtls_platform_zeroize( ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES );
+    mbedtls_platform_zeroize( ctx->peer_point, MBEDTLS_X25519_KEY_SIZE_BYTES );
 }
 
 int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen,
@@ -63,9 +63,9 @@
 {
     int ret = 0;
 
-    uint8_t base[32] = {0};
+    uint8_t base[MBEDTLS_X25519_KEY_SIZE_BYTES] = {0};
 
-    if( ( ret = f_rng( p_rng, ctx->our_secret, 32 ) ) != 0 )
+    if( ( ret = f_rng( p_rng, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ) ) != 0 )
         return ret;
 
     *olen = 36;
@@ -75,13 +75,13 @@
     *buf++ = MBEDTLS_ECP_TLS_NAMED_CURVE;
     *buf++ = MBEDTLS_ECP_TLS_CURVE25519 >> 8;
     *buf++ = MBEDTLS_ECP_TLS_CURVE25519 & 0xFF;
-    *buf++ = 32;
+    *buf++ = MBEDTLS_X25519_KEY_SIZE_BYTES;
 
     base[0] = 9;
     Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, base );
 
     base[0] = 0;
-    if( memcmp( buf, base, 32) == 0 )
+    if( memcmp( buf, base, MBEDTLS_X25519_KEY_SIZE_BYTES) == 0 )
         return MBEDTLS_ERR_ECP_RANDOM_FAILED;
 
     return( 0 );
@@ -93,11 +93,11 @@
     if( end - *buf < 33 )
         return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
 
-    if( ( *(*buf)++ != 32 ) )
+    if( ( *(*buf)++ != MBEDTLS_X25519_KEY_SIZE_BYTES ) )
         return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
 
-    memcpy( ctx->peer_point, *buf, 32 );
-    *buf += 32;
+    memcpy( ctx->peer_point, *buf, MBEDTLS_X25519_KEY_SIZE_BYTES );
+    *buf += MBEDTLS_X25519_KEY_SIZE_BYTES;
     return( 0 );
 }
 
@@ -108,11 +108,11 @@
 
     switch( side ) {
     case MBEDTLS_X25519_ECDH_THEIRS:
-        mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, 32 );
+        mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, MBEDTLS_X25519_KEY_SIZE_BYTES );
         /* untested; defensively throw an error for now. */
         return(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE);
     case MBEDTLS_X25519_ECDH_OURS:
-        mbedtls_mpi_write_binary( &key->d, ctx->our_secret, 32 );
+        mbedtls_mpi_write_binary( &key->d, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES );
         /* CMW: key->Q = key->d * base; do we need to set up ctx.peer_point here? */
         /* untested; defensively throw an error for now. */
         return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
@@ -130,7 +130,7 @@
     (( void )f_rng);
     (( void )p_rng);
 
-    *olen = 32;
+    *olen = MBEDTLS_X25519_KEY_SIZE_BYTES;
 
     if( blen < *olen )
         return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
@@ -138,8 +138,8 @@
     Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, ctx->peer_point);
 
     /* Wipe the DH secret and don't let the peer chose a small subgroup point */
-    memset( ctx->our_secret, 0, 32 );
-    if( memcmp( buf, ctx->our_secret, 32) == 0 )
+    memset( ctx->our_secret, 0, MBEDTLS_X25519_KEY_SIZE_BYTES );
+    if( memcmp( buf, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES) == 0 )
         return MBEDTLS_ERR_ECP_RANDOM_FAILED;
 
     return( 0 );
@@ -150,7 +150,7 @@
                         int( *f_rng )(void *, unsigned char *, size_t),
                         void *p_rng )
 {
-    unsigned char base[32] = { 0 };
+    unsigned char base[MBEDTLS_X25519_KEY_SIZE_BYTES] = { 0 };
 
     /* CMW: Is it okay that f_rng, p_rng are not used? */
     (( void )f_rng);
@@ -162,13 +162,13 @@
     *olen = 33;
     if( blen < *olen )
         return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL);
-    *buf++ = 32;
+    *buf++ = MBEDTLS_X25519_KEY_SIZE_BYTES;
 
     base[0] = 9;
     Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, base );
 
     base[0] = 0;
-    if( memcmp( buf, base, 32 ) == 0 )
+    if( memcmp( buf, base, MBEDTLS_X25519_KEY_SIZE_BYTES ) == 0 )
         return MBEDTLS_ERR_ECP_RANDOM_FAILED;
 
     return(0);
@@ -179,9 +179,9 @@
 {
     if( blen < 33 )
         return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL);
-    if( (*buf++ != 32) )
+    if( (*buf++ != MBEDTLS_X25519_KEY_SIZE_BYTES) )
         return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA);
-    memcpy( ctx->peer_point, buf, 32 );
+    memcpy( ctx->peer_point, buf, MBEDTLS_X25519_KEY_SIZE_BYTES );
     return(0);
 }