TlsContext *tlsInit(void) { TlsContext *context; //Allocate a memory buffer to hold the TLS context context = osAllocMem(sizeof(TlsContext)); //Failed to allocate memory if(!context) return NULL; //Clear TLS context memset(context, 0, sizeof(TlsContext)); //Reference to the underlying socket #if (TLS_BSD_SOCKET_SUPPORT == ENABLED) context->socket = -1; #else context->socket = NULL; #endif //Default operation mode context->entity = TLS_CONNECTION_END_CLIENT; //Default TLS version context->version = TLS_MIN_VERSION; //Default client authentication mode context->clientAuthMode = TLS_CLIENT_AUTH_NONE; //Initialize Diffie-Hellman context dhInit(&context->dhContext); //Initialize ECDH context ecdhInit(&context->ecdhContext); //Initialize peer's RSA public key rsaInitPublicKey(&context->peerRsaPublicKey); //Initialize peer's DSA public key dsaInitPublicKey(&context->peerDsaPublicKey); //Initialize peer's EC domain parameters ecInitDomainParameters(&context->peerEcParams); //Initialize peer's EC public key ecInit(&context->peerEcPublicKey); //Allocate send and receive buffers context->txBuffer = osAllocMem(TLS_TX_BUFFER_SIZE); context->rxBuffer = osAllocMem(TLS_RX_BUFFER_SIZE); //Failed to allocate memory? if(!context->txBuffer || !context->rxBuffer) { //Free previously allocated memory osFreeMem(context->txBuffer); osFreeMem(context->rxBuffer); osFreeMem(context); //Report an error return NULL; } //Clear send and receive buffers memset(context->txBuffer, 0, TLS_TX_BUFFER_SIZE); memset(context->rxBuffer, 0, TLS_RX_BUFFER_SIZE); //Return a handle to the freshly created TLS context return context; }
void ecInitDomainParameters(EcDomainParameters *params) { //Initialize structure params->type = EC_CURVE_TYPE_NONE; params->mod = NULL; //Initialize EC domain parameters mpiInit(¶ms->p); mpiInit(¶ms->a); mpiInit(¶ms->b); ecInit(¶ms->g); mpiInit(¶ms->q); }
error_t ecFullSub(const EcDomainParameters *params, EcPoint *r, const EcPoint *s, const EcPoint *t) { error_t error; EcPoint u; //Initialize EC point ecInit(&u); //Set Ux = Tx and Uz = Tz MPI_CHECK(mpiCopy(&u.x, &t->x)); MPI_CHECK(mpiCopy(&u.z, &t->z)); //Set Uy = p - Ty MPI_CHECK(mpiSub(&u.y, ¶ms->p, &t->y)); //Compute R = S + U EC_CHECK(ecFullAdd(params, r, s, &u)); end: //Release EC point ecFree(&u); //Return status code return error; }
error_t ecTwinMult(const EcDomainParameters *params, EcPoint *r, const Mpi *d0, const EcPoint *s, const Mpi *d1, const EcPoint *t) { error_t error; int_t k; uint_t m; uint_t m0; uint_t m1; uint_t c0; uint_t c1; uint_t h0; uint_t h1; int_t u0; int_t u1; EcPoint spt; EcPoint smt; //Initialize EC points ecInit(&spt); ecInit(&smt); //Precompute SpT = S + T EC_CHECK(ecFullAdd(params, &spt, s, t)); //Precompute SmT = S - T EC_CHECK(ecFullSub(params, &smt, s, t)); //Let m0 be the bit length of d0 m0 = mpiGetBitLength(d0); //Let m1 be the bit length of d1 m1 = mpiGetBitLength(d1); //Let m = MAX(m0, m1) m = MAX(m0, m1); //Let c be a 2 x 6 binary matrix c0 = mpiGetBitValue(d0, m - 4); c0 |= mpiGetBitValue(d0, m - 3) << 1; c0 |= mpiGetBitValue(d0, m - 2) << 2; c0 |= mpiGetBitValue(d0, m - 1) << 3; c1 = mpiGetBitValue(d1, m - 4); c1 |= mpiGetBitValue(d1, m - 3) << 1; c1 |= mpiGetBitValue(d1, m - 2) << 2; c1 |= mpiGetBitValue(d1, m - 1) << 3; //Set R = (1, 1, 0) MPI_CHECK(mpiSetValue(&r->x, 1)); MPI_CHECK(mpiSetValue(&r->y, 1)); MPI_CHECK(mpiSetValue(&r->z, 0)); //Calculate both multiplications at the same time for(k = m; k >= 0; k--) { //Compute h(0) = 16 * c(0,1) + 8 * c(0,2) + 4 * c(0,3) + 2 * c(0,4) + c(0,5) h0 = c0 & 0x1F; //Check whether c(0,0) == 1 if(c0 & 0x20) h0 = 31 - h0; //Compute h(1) = 16 * c(1,1) + 8 * c(1,2) + 4 * c(1,3) + 2 * c(1,4) + c(1,5) h1 = c1 & 0x1F; //Check whether c(1,0) == 1 if(c1 & 0x20) h1 = 31 - h1; //Compute u(0) if(h0 < ecTwinMultF(h1)) u0 = 0; else if(c0 & 0x20) u0 = -1; else u0 = 1; //Compute u(1) if(h1 < ecTwinMultF(h0)) u1 = 0; else if(c1 & 0x20) u1 = -1; else u1 = 1; //Update c matrix c0 <<= 1; c0 |= mpiGetBitValue(d0, k - 5); c0 ^= u0 ? 0x20 : 0x00; c1 <<= 1; c1 |= mpiGetBitValue(d1, k - 5); c1 ^= u1 ? 0x20 : 0x00; //Point doubling EC_CHECK(ecDouble(params, r, r)); //Check u(0) and u(1) if(u0 == -1 && u1 == -1) { //Compute R = R - SpT EC_CHECK(ecFullSub(params, r, r, &spt)); } else if(u0 == -1 && u1 == 0) { //Compute R = R - S EC_CHECK(ecFullSub(params, r, r, s)); } else if(u0 == -1 && u1 == 1) { //Compute R = R - SmT EC_CHECK(ecFullSub(params, r, r, &smt)); } else if(u0 == 0 && u1 == -1) { //Compute R = R - T EC_CHECK(ecFullSub(params, r, r, t)); } else if(u0 == 0 && u1 == 1) { //Compute R = R + T EC_CHECK(ecFullAdd(params, r, r, t)); } else if(u0 == 1 && u1 == -1) { //Compute R = R + SmT EC_CHECK(ecFullAdd(params, r, r, &smt)); } else if(u0 == 1 && u1 == 0) { //Compute R = R + S EC_CHECK(ecFullAdd(params, r, r, s)); } else if(u0 == 1 && u1 == 1) { //Compute R = R + SpT EC_CHECK(ecFullAdd(params, r, r, &spt)); } } end: //Release EC points ecFree(&spt); ecFree(&smt); //Return status code return error; }