Branch data     Line data    Source code

       1                 :            : /*
       2                 :            :  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
       3                 :            :  *
       4                 :            :  * Licensed under the Apache License, Version 2.0 (the "License").
       5                 :            :  * You may not use this file except in compliance with the License.
       6                 :            :  * A copy of the License is located at
       7                 :            :  *
       8                 :            :  *  http://aws.amazon.com/apache2.0
       9                 :            :  *
      10                 :            :  * or in the "license" file accompanying this file. This file is distributed
      11                 :            :  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
      12                 :            :  * express or implied. See the License for the specific language governing
      13                 :            :  * permissions and limitations under the License.
      14                 :            :  */
      15                 :            : 
      16                 :            : #pragma once
      17                 :            : 
      18                 :            : #include <openssl/evp.h>
      19                 :            : 
      20                 :            : #include "crypto/s2n_hash.h"
      21                 :            : #include "stuffer/s2n_stuffer.h"
      22                 :            : #include "tls/s2n_kex_data.h"
      23                 :            : #include "tls/s2n_tls_parameters.h"
      24                 :            : #include "utils/s2n_safety.h"
      25                 :            : 
      26                 :            : /* Share sizes are described here: https://tools.ietf.org/html/rfc8446#section-4.2.8.2
      27                 :            :  * and include the extra "legacy_form" byte */
      28                 :            : #define SECP256R1_SHARE_SIZE ((32 * 2) + 1)
      29                 :            : #define SECP384R1_SHARE_SIZE ((48 * 2) + 1)
      30                 :            : #define SECP521R1_SHARE_SIZE ((66 * 2) + 1)
      31                 :            : #define X25519_SHARE_SIZE    (32)
      32                 :            : 
      33                 :            : struct s2n_ecc_named_curve {
      34                 :            :     /* See https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 */
      35                 :            :     uint16_t iana_id;
      36                 :            :     /* See nid_list in openssl/ssl/t1_lib.c */
      37                 :            :     int libcrypto_nid;
      38                 :            :     const char *name;
      39                 :            :     const uint8_t share_size;
      40                 :            :     int (*generate_key)(const struct s2n_ecc_named_curve *named_curve, EVP_PKEY **evp_pkey);
      41                 :            : };
      42                 :            : 
      43                 :            : extern const struct s2n_ecc_named_curve s2n_ecc_curve_secp256r1;
      44                 :            : extern const struct s2n_ecc_named_curve s2n_ecc_curve_secp384r1;
      45                 :            : extern const struct s2n_ecc_named_curve s2n_ecc_curve_secp521r1;
      46                 :            : extern const struct s2n_ecc_named_curve s2n_ecc_curve_x25519;
      47                 :            : 
      48                 :            : /* BoringSSL only supports using EVP_PKEY_X25519 with "modern" EC EVP APIs. BoringSSL has a note to possibly add this in
      49                 :            :  * the future. See https://github.com/google/boringssl/blob/master/crypto/evp/p_x25519_asn1.c#L233
      50                 :            :  */
      51                 :            : #if S2N_OPENSSL_VERSION_AT_LEAST(1, 1, 0) && !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL)
      52                 :        164 :     #define EVP_APIS_SUPPORTED                 1
      53                 :            :     #define S2N_ECC_EVP_SUPPORTED_CURVES_COUNT 4
      54                 :            : #else
      55                 :            :     #define EVP_APIS_SUPPORTED                 0
      56                 :            :     #define S2N_ECC_EVP_SUPPORTED_CURVES_COUNT 3
      57                 :            : #endif
      58                 :            : 
      59                 :            : extern const struct s2n_ecc_named_curve *const s2n_all_supported_curves_list[];
      60                 :            : extern const size_t s2n_all_supported_curves_list_len;
      61                 :            : 
      62                 :            : struct s2n_ecc_evp_params {
      63                 :            :     const struct s2n_ecc_named_curve *negotiated_curve;
      64                 :            :     EVP_PKEY *evp_pkey;
      65                 :            : };
      66                 :            : 
      67                 :            : int s2n_ecc_evp_generate_ephemeral_key(struct s2n_ecc_evp_params *ecc_evp_params);
      68                 :            : int s2n_ecc_evp_compute_shared_secret_from_params(struct s2n_ecc_evp_params *private_ecc_evp_params,
      69                 :            :         struct s2n_ecc_evp_params *public_ecc_evp_params,
      70                 :            :         struct s2n_blob *shared_key);
      71                 :            : int s2n_ecc_evp_write_params_point(struct s2n_ecc_evp_params *ecc_evp_params, struct s2n_stuffer *out);
      72                 :            : int s2n_ecc_evp_read_params_point(struct s2n_stuffer *in, int point_size, struct s2n_blob *point_blob);
      73                 :            : int s2n_ecc_evp_compute_shared_secret_as_server(struct s2n_ecc_evp_params *server_ecc_evp_params,
      74                 :            :         struct s2n_stuffer *Yc_in, struct s2n_blob *shared_key);
      75                 :            : int s2n_ecc_evp_compute_shared_secret_as_client(struct s2n_ecc_evp_params *server_ecc_evp_params,
      76                 :            :         struct s2n_stuffer *Yc_out, struct s2n_blob *shared_key);
      77                 :            : int s2n_ecc_evp_parse_params_point(struct s2n_blob *point_blob, struct s2n_ecc_evp_params *ecc_evp_params);
      78                 :            : int s2n_ecc_evp_write_params(struct s2n_ecc_evp_params *ecc_evp_params, struct s2n_stuffer *out,
      79                 :            :         struct s2n_blob *written);
      80                 :            : int s2n_ecc_evp_read_params(struct s2n_stuffer *in, struct s2n_blob *data_to_verify,
      81                 :            :         struct s2n_ecdhe_raw_server_params *raw_server_ecc_params);
      82                 :            : int s2n_ecc_evp_parse_params(struct s2n_connection *conn,
      83                 :            :         struct s2n_ecdhe_raw_server_params *raw_server_ecc_params,
      84                 :            :         struct s2n_ecc_evp_params *ecc_evp_params);
      85                 :            : int s2n_ecc_evp_find_supported_curve(struct s2n_connection *conn, struct s2n_blob *iana_ids, const struct s2n_ecc_named_curve **found);
      86                 :            : int s2n_ecc_evp_params_free(struct s2n_ecc_evp_params *ecc_evp_params);
      87                 :            : int s2n_is_evp_apis_supported();
      88                 :            : bool s2n_ecc_evp_supports_fips_check();