tinydtls  0.8.6
crypto.c
Go to the documentation of this file.
1 /*******************************************************************************
2  *
3  * Copyright (c) 2011, 2012, 2013, 2014, 2015 Olaf Bergmann (TZI) and others.
4  * All rights reserved. This program and the accompanying materials
5  * are made available under the terms of the Eclipse Public License v1.0
6  * and Eclipse Distribution License v. 1.0 which accompanies this distribution.
7  *
8  * The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
9  * and the Eclipse Distribution License is available at
10  * http://www.eclipse.org/org/documents/edl-v10.php.
11  *
12  * Contributors:
13  * Olaf Bergmann - initial API and implementation
14  * Hauke Mehrtens - memory optimization, ECC integration
15  *
16  *******************************************************************************/
17 
18 #include <stdio.h>
19 
20 #include "tinydtls.h"
21 
22 #ifdef HAVE_ASSERT_H
23 #include <assert.h>
24 #else
25 #define assert(x)
26 #endif
27 
28 #include "global.h"
29 #include "dtls_debug.h"
30 #include "numeric.h"
31 #include "dtls.h"
32 #include "crypto.h"
33 #include "ccm.h"
34 #include "ecc/ecc.h"
35 #include "prng.h"
36 #include "netq.h"
37 
38 #ifndef WITH_CONTIKI
39 #include <pthread.h>
40 #endif
41 
42 #define HMAC_UPDATE_SEED(Context,Seed,Length) \
43  if (Seed) dtls_hmac_update(Context, (Seed), (Length))
44 
46 #ifndef WITH_CONTIKI
47 static pthread_mutex_t cipher_context_mutex = PTHREAD_MUTEX_INITIALIZER;
48 #endif
49 
51 {
52 #ifndef WITH_CONTIKI
53  pthread_mutex_lock(&cipher_context_mutex);
54 #endif
55  return &cipher_context;
56 }
57 
58 static void dtls_cipher_context_release(void)
59 {
60 #ifndef WITH_CONTIKI
61  pthread_mutex_unlock(&cipher_context_mutex);
62 #endif
63 }
64 
65 #ifndef WITH_CONTIKI
66 void crypto_init(void)
67 {
68 }
69 
71  return malloc(sizeof(dtls_handshake_parameters_t));
72 }
73 
75  free(handshake);
76 }
77 
79  return malloc(sizeof(dtls_security_parameters_t));
80 }
81 
83  free(security);
84 }
85 #else /* WITH_CONTIKI */
86 
87 #include "memb.h"
88 MEMB(handshake_storage, dtls_handshake_parameters_t, DTLS_HANDSHAKE_MAX);
89 MEMB(security_storage, dtls_security_parameters_t, DTLS_SECURITY_MAX);
90 
91 void crypto_init(void) {
92  memb_init(&handshake_storage);
93  memb_init(&security_storage);
94 }
95 
97  return memb_alloc(&handshake_storage);
98 }
99 
100 static void dtls_handshake_dealloc(dtls_handshake_parameters_t *handshake) {
101  memb_free(&handshake_storage, handshake);
102 }
103 
105  return memb_alloc(&security_storage);
106 }
107 
108 static void dtls_security_dealloc(dtls_security_parameters_t *security) {
109  memb_free(&security_storage, security);
110 }
111 #endif /* WITH_CONTIKI */
112 
114 {
115  dtls_handshake_parameters_t *handshake;
116 
117  handshake = dtls_handshake_malloc();
118  if (!handshake) {
119  dtls_crit("can not allocate a handshake struct\n");
120  return NULL;
121  }
122 
123  memset(handshake, 0, sizeof(*handshake));
124 
125  if (handshake) {
126  /* initialize the handshake hash wrt. the hard-coded DTLS version */
127  dtls_debug("DTLSv12: initialize HASH_SHA256\n");
128  /* TLS 1.2: PRF(secret, label, seed) = P_<hash>(secret, label + seed) */
129  /* FIXME: we use the default SHA256 here, might need to support other
130  hash functions as well */
131  dtls_hash_init(&handshake->hs_state.hs_hash);
132  }
133  return handshake;
134 }
135 
137 {
138  if (!handshake)
139  return;
140 
141  netq_delete_all(&handshake->reorder_queue);
142  dtls_handshake_dealloc(handshake);
143 }
144 
146 {
147  dtls_security_parameters_t *security;
148 
149  security = dtls_security_malloc();
150  if (!security) {
151  dtls_crit("can not allocate a security struct\n");
152  return NULL;
153  }
154 
155  memset(security, 0, sizeof(*security));
156 
157  if (security) {
158  security->cipher = TLS_NULL_WITH_NULL_NULL;
159  security->compression = TLS_COMPRESSION_NULL;
160  }
161  return security;
162 }
163 
165 {
166  if (!security)
167  return;
168 
169  dtls_security_dealloc(security);
170 }
171 
172 size_t
174  const unsigned char *key, size_t keylen,
175  const unsigned char *label, size_t labellen,
176  const unsigned char *random1, size_t random1len,
177  const unsigned char *random2, size_t random2len,
178  unsigned char *buf, size_t buflen) {
179  dtls_hmac_context_t *hmac_a, *hmac_p;
180 
181  unsigned char A[DTLS_HMAC_DIGEST_SIZE];
182  unsigned char tmp[DTLS_HMAC_DIGEST_SIZE];
183  size_t dlen; /* digest length */
184  size_t len = 0; /* result length */
185  (void)h;
186 
187  hmac_a = dtls_hmac_new(key, keylen);
188  if (!hmac_a)
189  return 0;
190 
191  /* calculate A(1) from A(0) == seed */
192  HMAC_UPDATE_SEED(hmac_a, label, labellen);
193  HMAC_UPDATE_SEED(hmac_a, random1, random1len);
194  HMAC_UPDATE_SEED(hmac_a, random2, random2len);
195 
196  dlen = dtls_hmac_finalize(hmac_a, A);
197 
198  hmac_p = dtls_hmac_new(key, keylen);
199  if (!hmac_p)
200  goto error;
201 
202  while (len + dlen < buflen) {
203 
204  /* FIXME: rewrite loop to avoid superflous call to dtls_hmac_init() */
205  dtls_hmac_init(hmac_p, key, keylen);
206  dtls_hmac_update(hmac_p, A, dlen);
207 
208  HMAC_UPDATE_SEED(hmac_p, label, labellen);
209  HMAC_UPDATE_SEED(hmac_p, random1, random1len);
210  HMAC_UPDATE_SEED(hmac_p, random2, random2len);
211 
212  len += dtls_hmac_finalize(hmac_p, tmp);
213  memcpy(buf, tmp, dlen);
214  buf += dlen;
215 
216  /* calculate A(i+1) */
217  dtls_hmac_init(hmac_a, key, keylen);
218  dtls_hmac_update(hmac_a, A, dlen);
219  dtls_hmac_finalize(hmac_a, A);
220  }
221 
222  dtls_hmac_init(hmac_p, key, keylen);
223  dtls_hmac_update(hmac_p, A, dlen);
224 
225  HMAC_UPDATE_SEED(hmac_p, label, labellen);
226  HMAC_UPDATE_SEED(hmac_p, random1, random1len);
227  HMAC_UPDATE_SEED(hmac_p, random2, random2len);
228 
229  dtls_hmac_finalize(hmac_p, tmp);
230  memcpy(buf, tmp, buflen - len);
231 
232  error:
233  dtls_hmac_free(hmac_a);
234  dtls_hmac_free(hmac_p);
235 
236  return buflen;
237 }
238 
239 size_t
240 dtls_prf(const unsigned char *key, size_t keylen,
241  const unsigned char *label, size_t labellen,
242  const unsigned char *random1, size_t random1len,
243  const unsigned char *random2, size_t random2len,
244  unsigned char *buf, size_t buflen) {
245 
246  /* Clear the result buffer */
247  memset(buf, 0, buflen);
248  return dtls_p_hash(HASH_SHA256,
249  key, keylen,
250  label, labellen,
251  random1, random1len,
252  random2, random2len,
253  buf, buflen);
254 }
255 
256 void
258  const unsigned char *record,
259  const unsigned char *packet, size_t length,
260  unsigned char *buf) {
261  uint16 L;
262  dtls_int_to_uint16(L, length);
263 
264  assert(hmac_ctx);
265  dtls_hmac_update(hmac_ctx, record +3, sizeof(uint16) + sizeof(uint48));
266  dtls_hmac_update(hmac_ctx, record, sizeof(uint8) + sizeof(uint16));
267  dtls_hmac_update(hmac_ctx, L, sizeof(uint16));
268  dtls_hmac_update(hmac_ctx, packet, length);
269 
270  dtls_hmac_finalize(hmac_ctx, buf);
271 }
272 
273 static size_t
274 dtls_ccm_encrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src, size_t srclen,
275  unsigned char *buf,
276  unsigned char *nounce,
277  const unsigned char *aad, size_t la) {
278  long int len;
279  (void)src;
280 
281  assert(ccm_ctx);
282 
283  len = dtls_ccm_encrypt_message(&ccm_ctx->ctx, 8 /* M */,
284  max(2, 15 - DTLS_CCM_NONCE_SIZE),
285  nounce,
286  buf, srclen,
287  aad, la);
288  return len;
289 }
290 
291 static size_t
292 dtls_ccm_decrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src,
293  size_t srclen, unsigned char *buf,
294  unsigned char *nounce,
295  const unsigned char *aad, size_t la) {
296  long int len;
297  (void)src;
298 
299  assert(ccm_ctx);
300 
301  len = dtls_ccm_decrypt_message(&ccm_ctx->ctx, 8 /* M */,
302  max(2, 15 - DTLS_CCM_NONCE_SIZE),
303  nounce,
304  buf, srclen,
305  aad, la);
306  return len;
307 }
308 
309 #ifdef DTLS_PSK
310 int
311 dtls_psk_pre_master_secret(unsigned char *key, size_t keylen,
312  unsigned char *result, size_t result_len) {
313  unsigned char *p = result;
314 
315  if (result_len < (2 * (sizeof(uint16) + keylen))) {
316  return -1;
317  }
318 
319  dtls_int_to_uint16(p, keylen);
320  p += sizeof(uint16);
321 
322  memset(p, 0, keylen);
323  p += keylen;
324 
325  memcpy(p, result, sizeof(uint16));
326  p += sizeof(uint16);
327 
328  memcpy(p, key, keylen);
329 
330  return 2 * (sizeof(uint16) + keylen);
331 }
332 #endif /* DTLS_PSK */
333 
334 #ifdef DTLS_ECC
335 static void dtls_ec_key_to_uint32(const unsigned char *key, size_t key_size,
336  uint32_t *result) {
337  int i;
338 
339  for (i = (key_size / sizeof(uint32_t)) - 1; i >= 0 ; i--) {
340  *result = dtls_uint32_to_int(&key[i * sizeof(uint32_t)]);
341  result++;
342  }
343 }
344 
345 static void dtls_ec_key_from_uint32(const uint32_t *key, size_t key_size,
346  unsigned char *result) {
347  int i;
348 
349  for (i = (key_size / sizeof(uint32_t)) - 1; i >= 0 ; i--) {
350  dtls_int_to_uint32(result, key[i]);
351  result += 4;
352  }
353 }
354 
355 int dtls_ec_key_from_uint32_asn1(const uint32_t *key, size_t key_size,
356  unsigned char *buf) {
357  int i;
358  unsigned char *buf_orig = buf;
359  int first = 1;
360 
361  for (i = (key_size / sizeof(uint32_t)) - 1; i >= 0 ; i--) {
362  if (key[i] == 0)
363  continue;
364  /* the first bit has to be set to zero, to indicate a poritive integer */
365  if (first && key[i] & 0x80000000) {
366  *buf = 0;
367  buf++;
368  dtls_int_to_uint32(buf, key[i]);
369  buf += 4;
370  } else if (first && !(key[i] & 0xFF800000)) {
371  buf[0] = (key[i] >> 16) & 0xff;
372  buf[1] = (key[i] >> 8) & 0xff;
373  buf[2] = key[i] & 0xff;
374  buf += 3;
375  } else if (first && !(key[i] & 0xFFFF8000)) {
376  buf[0] = (key[i] >> 8) & 0xff;
377  buf[1] = key[i] & 0xff;
378  buf += 2;
379  } else if (first && !(key[i] & 0xFFFFFF80)) {
380  buf[0] = key[i] & 0xff;
381  buf += 1;
382  } else {
383  dtls_int_to_uint32(buf, key[i]);
384  buf += 4;
385  }
386  first = 0;
387  }
388  return buf - buf_orig;
389 }
390 
391 int dtls_ecdh_pre_master_secret(unsigned char *priv_key,
392  unsigned char *pub_key_x,
393  unsigned char *pub_key_y,
394  size_t key_size,
395  unsigned char *result,
396  size_t result_len) {
397  uint32_t priv[8];
398  uint32_t pub_x[8];
399  uint32_t pub_y[8];
400  uint32_t result_x[8];
401  uint32_t result_y[8];
402 
403  if (result_len < key_size) {
404  return -1;
405  }
406 
407  dtls_ec_key_to_uint32(priv_key, key_size, priv);
408  dtls_ec_key_to_uint32(pub_key_x, key_size, pub_x);
409  dtls_ec_key_to_uint32(pub_key_y, key_size, pub_y);
410 
411  ecc_ecdh(pub_x, pub_y, priv, result_x, result_y);
412 
413  dtls_ec_key_from_uint32(result_x, key_size, result);
414  return key_size;
415 }
416 
417 void
418 dtls_ecdsa_generate_key(unsigned char *priv_key,
419  unsigned char *pub_key_x,
420  unsigned char *pub_key_y,
421  size_t key_size) {
422  uint32_t priv[8];
423  uint32_t pub_x[8];
424  uint32_t pub_y[8];
425 
426  do {
427  dtls_prng((unsigned char *)priv, key_size);
428  } while (!ecc_is_valid_key(priv));
429 
430  ecc_gen_pub_key(priv, pub_x, pub_y);
431 
432  dtls_ec_key_from_uint32(priv, key_size, priv_key);
433  dtls_ec_key_from_uint32(pub_x, key_size, pub_key_x);
434  dtls_ec_key_from_uint32(pub_y, key_size, pub_key_y);
435 }
436 
437 /* rfc4492#section-5.4 */
438 void
439 dtls_ecdsa_create_sig_hash(const unsigned char *priv_key, size_t key_size,
440  const unsigned char *sign_hash, size_t sign_hash_size,
441  uint32_t point_r[9], uint32_t point_s[9]) {
442  int ret;
443  uint32_t priv[8];
444  uint32_t hash[8];
445  uint32_t rand[8];
446 
447  dtls_ec_key_to_uint32(priv_key, key_size, priv);
448  dtls_ec_key_to_uint32(sign_hash, sign_hash_size, hash);
449  do {
450  dtls_prng((unsigned char *)rand, key_size);
451  ret = ecc_ecdsa_sign(priv, hash, rand, point_r, point_s);
452  } while (ret);
453 }
454 
455 void
456 dtls_ecdsa_create_sig(const unsigned char *priv_key, size_t key_size,
457  const unsigned char *client_random, size_t client_random_size,
458  const unsigned char *server_random, size_t server_random_size,
459  const unsigned char *keyx_params, size_t keyx_params_size,
460  uint32_t point_r[9], uint32_t point_s[9]) {
462  unsigned char sha256hash[DTLS_HMAC_DIGEST_SIZE];
463 
464  dtls_hash_init(&data);
465  dtls_hash_update(&data, client_random, client_random_size);
466  dtls_hash_update(&data, server_random, server_random_size);
467  dtls_hash_update(&data, keyx_params, keyx_params_size);
468  dtls_hash_finalize(sha256hash, &data);
469 
470  dtls_ecdsa_create_sig_hash(priv_key, key_size, sha256hash,
471  sizeof(sha256hash), point_r, point_s);
472 }
473 
474 /* rfc4492#section-5.4 */
475 int
476 dtls_ecdsa_verify_sig_hash(const unsigned char *pub_key_x,
477  const unsigned char *pub_key_y, size_t key_size,
478  const unsigned char *sign_hash, size_t sign_hash_size,
479  unsigned char *result_r, unsigned char *result_s) {
480  uint32_t pub_x[8];
481  uint32_t pub_y[8];
482  uint32_t hash[8];
483  uint32_t point_r[8];
484  uint32_t point_s[8];
485 
486  dtls_ec_key_to_uint32(pub_key_x, key_size, pub_x);
487  dtls_ec_key_to_uint32(pub_key_y, key_size, pub_y);
488  dtls_ec_key_to_uint32(result_r, key_size, point_r);
489  dtls_ec_key_to_uint32(result_s, key_size, point_s);
490  dtls_ec_key_to_uint32(sign_hash, sign_hash_size, hash);
491 
492  return ecc_ecdsa_validate(pub_x, pub_y, hash, point_r, point_s);
493 }
494 
495 int
496 dtls_ecdsa_verify_sig(const unsigned char *pub_key_x,
497  const unsigned char *pub_key_y, size_t key_size,
498  const unsigned char *client_random, size_t client_random_size,
499  const unsigned char *server_random, size_t server_random_size,
500  const unsigned char *keyx_params, size_t keyx_params_size,
501  unsigned char *result_r, unsigned char *result_s) {
503  unsigned char sha256hash[DTLS_HMAC_DIGEST_SIZE];
504 
505  dtls_hash_init(&data);
506  dtls_hash_update(&data, client_random, client_random_size);
507  dtls_hash_update(&data, server_random, server_random_size);
508  dtls_hash_update(&data, keyx_params, keyx_params_size);
509  dtls_hash_finalize(sha256hash, &data);
510 
511  return dtls_ecdsa_verify_sig_hash(pub_key_x, pub_key_y, key_size, sha256hash,
512  sizeof(sha256hash), result_r, result_s);
513 }
514 #endif /* DTLS_ECC */
515 
516 int
517 dtls_encrypt(const unsigned char *src, size_t length,
518  unsigned char *buf,
519  unsigned char *nounce,
520  unsigned char *key, size_t keylen,
521  const unsigned char *aad, size_t la)
522 {
523  int ret;
525 
526  ret = rijndael_set_key_enc_only(&ctx->data.ctx, key, 8 * keylen);
527  if (ret < 0) {
528  /* cleanup everything in case the key has the wrong size */
529  dtls_warn("cannot set rijndael key\n");
530  goto error;
531  }
532 
533  if (src != buf)
534  memmove(buf, src, length);
535  ret = dtls_ccm_encrypt(&ctx->data, src, length, buf, nounce, aad, la);
536 
537 error:
539  return ret;
540 }
541 
542 int
543 dtls_decrypt(const unsigned char *src, size_t length,
544  unsigned char *buf,
545  unsigned char *nounce,
546  unsigned char *key, size_t keylen,
547  const unsigned char *aad, size_t la)
548 {
549  int ret;
551 
552  ret = rijndael_set_key_enc_only(&ctx->data.ctx, key, 8 * keylen);
553  if (ret < 0) {
554  /* cleanup everything in case the key has the wrong size */
555  dtls_warn("cannot set rijndael key\n");
556  goto error;
557  }
558 
559  if (src != buf)
560  memmove(buf, src, length);
561  ret = dtls_ccm_decrypt(&ctx->data, src, length, buf, nounce, aad, la);
562 
563 error:
565  return ret;
566 }
567 
static void dtls_cipher_context_release(void)
Definition: crypto.c:58
void dtls_handshake_free(dtls_handshake_parameters_t *handshake)
Definition: crypto.c:136
static uint32_t dtls_uint32_to_int(const unsigned char *field)
Definition: numeric.h:104
#define max(A, B)
Definition: numeric.h:28
dtls_hs_state_t hs_state
Definition: crypto.h:124
public tinydtls API
static pthread_mutex_t cipher_context_mutex
Definition: crypto.c:47
void dtls_hmac_update(dtls_hmac_context_t *ctx, const unsigned char *input, size_t ilen)
Definition: hmac.c:70
int dtls_ecdh_pre_master_secret(unsigned char *priv_key, unsigned char *pub_key_x, unsigned char *pub_key_y, size_t key_size, unsigned char *result, size_t result_len)
Definition: crypto.c:391
int dtls_psk_pre_master_secret(unsigned char *key, size_t keylen, unsigned char *result, size_t result_len)
Definition: crypto.c:311
rijndael_ctx ctx
Definition: crypto.h:61
long int dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L, unsigned char nonce[DTLS_CCM_BLOCKSIZE], unsigned char *msg, size_t lm, const unsigned char *aad, size_t la)
Definition: ccm.c:232
size_t dtls_p_hash(dtls_hashfunc_t h, const unsigned char *key, size_t keylen, const unsigned char *label, size_t labellen, const unsigned char *random1, size_t random1len, const unsigned char *random2, size_t random2len, unsigned char *buf, size_t buflen)
Definition: crypto.c:173
int dtls_encrypt(const unsigned char *src, size_t length, unsigned char *buf, unsigned char *nounce, unsigned char *key, size_t keylen, const unsigned char *aad, size_t la)
Definition: crypto.c:517
void dtls_hmac_free(dtls_hmac_context_t *ctx)
Definition: hmac.c:115
void dtls_ecdsa_create_sig_hash(const unsigned char *priv_key, size_t key_size, const unsigned char *sign_hash, size_t sign_hash_size, uint32_t point_r[9], uint32_t point_s[9])
Definition: crypto.c:439
static dtls_handshake_parameters_t * dtls_handshake_malloc(void)
Definition: crypto.c:70
dtls_sha256_ctx dtls_hash_ctx
Definition: hmac.h:31
void netq_delete_all(netq_t **queue)
Definition: netq.c:141
aes128_ccm_t data
Definition: crypto.h:66
#define assert(x)
Definition: hmac.c:25
void dtls_ecdsa_generate_key(unsigned char *priv_key, unsigned char *pub_key_x, unsigned char *pub_key_y, size_t key_size)
Definition: crypto.c:418
int dtls_ec_key_from_uint32_asn1(const uint32_t *key, size_t key_size, unsigned char *buf)
Definition: crypto.c:355
unsigned char uint48[6]
Definition: global.h:43
#define dtls_warn(...)
Definition: dtls_debug.h:115
int dtls_ecdsa_verify_sig(const unsigned char *pub_key_x, const unsigned char *pub_key_y, size_t key_size, const unsigned char *client_random, size_t client_random_size, const unsigned char *server_random, size_t server_random_size, const unsigned char *keyx_params, size_t keyx_params_size, unsigned char *result_r, unsigned char *result_s)
Definition: crypto.c:496
static void dtls_ec_key_from_uint32(const uint32_t *key, size_t key_size, unsigned char *result)
Definition: crypto.c:345
#define DTLS_HMAC_DIGEST_SIZE
Definition: hmac.h:62
static void dtls_handshake_dealloc(dtls_handshake_parameters_t *handshake)
Definition: crypto.c:74
#define dtls_crit(...)
Definition: dtls_debug.h:114
dtls_hash_ctx hs_hash
Definition: state.h:54
#define dtls_debug(...)
Definition: dtls_debug.h:118
long int dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L, unsigned char nonce[DTLS_CCM_BLOCKSIZE], unsigned char *msg, size_t lm, const unsigned char *aad, size_t la)
Definition: ccm.c:168
static size_t dtls_ccm_encrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src, size_t srclen, unsigned char *buf, unsigned char *nounce, const unsigned char *aad, size_t la)
Definition: crypto.c:274
struct netq_t * reorder_queue
Definition: crypto.h:123
void dtls_hmac_init(dtls_hmac_context_t *ctx, const unsigned char *key, size_t klen)
Definition: hmac.c:88
dtls_hmac_context_t * dtls_hmac_new(const unsigned char *key, size_t klen)
Definition: hmac.c:77
static void dtls_hash_init(dtls_hash_t ctx)
Definition: hmac.h:36
unsigned char uint8
Definition: global.h:39
static size_t dtls_ccm_decrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src, size_t srclen, unsigned char *buf, unsigned char *nounce, const unsigned char *aad, size_t la)
Definition: crypto.c:292
dtls_security_parameters_t * dtls_security_new(void)
Definition: crypto.c:145
static int dtls_int_to_uint16(unsigned char *field, uint16_t value)
Definition: numeric.h:38
static void dtls_hash_update(dtls_hash_t ctx, const unsigned char *input, size_t len)
Definition: hmac.h:41
High level DTLS API and visible structures.
int dtls_hmac_finalize(dtls_hmac_context_t *ctx, unsigned char *result)
Definition: hmac.c:121
void dtls_ecdsa_create_sig(const unsigned char *priv_key, size_t key_size, const unsigned char *client_random, size_t client_random_size, const unsigned char *server_random, size_t server_random_size, const unsigned char *keyx_params, size_t keyx_params_size, uint32_t point_r[9], uint32_t point_s[9])
Definition: crypto.c:456
unsigned int uint32_t
Definition: uthash.h:78
int dtls_ecdsa_verify_sig_hash(const unsigned char *pub_key_x, const unsigned char *pub_key_y, size_t key_size, const unsigned char *sign_hash, size_t sign_hash_size, unsigned char *result_r, unsigned char *result_s)
Definition: crypto.c:476
static struct dtls_cipher_context_t cipher_context
Definition: crypto.c:45
dtls_compression_t compression
Definition: crypto.h:95
dtls_cipher_t cipher
Definition: crypto.h:97
static void dtls_security_dealloc(dtls_security_parameters_t *security)
Definition: crypto.c:82
void dtls_security_free(dtls_security_parameters_t *security)
Definition: crypto.c:164
static int dtls_int_to_uint32(unsigned char *field, uint32_t value)
Definition: numeric.h:53
static dtls_security_parameters_t * dtls_security_malloc(void)
Definition: crypto.c:78
#define HMAC_UPDATE_SEED(Context, Seed, Length)
Definition: crypto.c:42
dtls_hashfunc_t
Definition: hmac.h:71
#define DTLS_CCM_NONCE_SIZE
Definition: ccm.h:27
static struct dtls_cipher_context_t * dtls_cipher_context_get(void)
Definition: crypto.c:50
static int dtls_prng(unsigned char *buf, size_t len)
Definition: prng.h:42
static size_t dtls_hash_finalize(unsigned char *buf, dtls_hash_t ctx)
Definition: hmac.h:46
Pseudo Random Numbers.
dtls_handshake_parameters_t * dtls_handshake_new(void)
Definition: crypto.c:113
unsigned char uint16[2]
Definition: global.h:40
size_t dtls_prf(const unsigned char *key, size_t keylen, const unsigned char *label, size_t labellen, const unsigned char *random1, size_t random1len, const unsigned char *random2, size_t random2len, unsigned char *buf, size_t buflen)
Definition: crypto.c:240
void crypto_init(void)
Definition: crypto.c:66
void dtls_mac(dtls_hmac_context_t *hmac_ctx, const unsigned char *record, const unsigned char *packet, size_t length, unsigned char *buf)
Definition: crypto.c:257
int dtls_decrypt(const unsigned char *src, size_t length, unsigned char *buf, unsigned char *nounce, unsigned char *key, size_t keylen, const unsigned char *aad, size_t la)
Definition: crypto.c:543
static void dtls_ec_key_to_uint32(const unsigned char *key, size_t key_size, uint32_t *result)
Definition: crypto.c:335