- Generated by
1.16.1
|
CDC Badge OS
Firmware for the CDC Badge v1.0 hardware security key
|
#include "ecdh.h"#include <mbedtls/ecdh.h>#include <mbedtls/ecp.h>#include <mbedtls/ctr_drbg.h>#include <mbedtls/entropy.h>#include <mbedtls/platform_util.h>#include <esp_random.h>#include <string.h>Go to the source code of this file.
Macros | |
| #define | ECP_POINT_X(P) |
| MbedTLS 3.x/4.x compatibility macros for ECP point field access. | |
| #define | ECP_POINT_Y(P) |
| #define | ECP_POINT_Z(P) |
Functions | |
| static int | hw_random (void *ctx, unsigned char *buf, size_t len) |
| Hardware RNG callback used by MbedTLS. | |
| void | ecdh_secure_clear (void *ptr, size_t size) |
| Securely clears sensitive memory using platform zeroize. | |
| bool | ecdh_p256_compute_shared_secret (uint8_t *privkey, const uint8_t *peer_pubkey, uint8_t *shared_out) |
| Computes ECDH shared secret on P-256 using local private key and peer public key. | |
| bool | ecdh_p256_generate_keypair (uint8_t *privkey_out, uint8_t *pubkey_out) |
| bool | ecdh_p256_derive_pubkey (const uint8_t *privkey, uint8_t *pubkey_out) |
| #define ECP_POINT_X | ( | P | ) |
MbedTLS 3.x/4.x compatibility macros for ECP point field access.
ECDH P-256 Implementation for OpenPGP PSO:DECIPHER
SECURITY NOTE: The TROPIC01 secure element does NOT support native ECDH operations. This module provides software-based ECDH using MbedTLS with the private key temporarily loaded from encrypted R-Memory storage.
See docs/GPG_ECDH_SECURITY.md for security analysis and trade-offs.
Definition at line 29 of file ecdh.cpp.
Referenced by ecdh_p256_compute_shared_secret(), ecdh_p256_derive_pubkey(), and ecdh_p256_generate_keypair().
| #define ECP_POINT_Y | ( | P | ) |
Definition at line 30 of file ecdh.cpp.
Referenced by ecdh_p256_compute_shared_secret(), ecdh_p256_derive_pubkey(), and ecdh_p256_generate_keypair().
| #define ECP_POINT_Z | ( | P | ) |
Definition at line 31 of file ecdh.cpp.
Referenced by ecdh_p256_compute_shared_secret().
| bool ecdh_p256_compute_shared_secret | ( | uint8_t * | privkey, |
| const uint8_t * | peer_pubkey, | ||
| uint8_t * | shared_out ) |
Computes ECDH shared secret on P-256 using local private key and peer public key.
| privkey | In/out private key buffer (cleared on completion/failure). |
| peer_pubkey | Peer uncompressed public key (0x04 || X || Y). |
| shared_out | Output 32-byte shared secret (X coordinate). |
Definition at line 63 of file ecdh.cpp.
References ecdh_secure_clear(), ECP_POINT_X, ECP_POINT_Y, ECP_POINT_Z, and hw_random().
Referenced by cmd_pso_decipher().
| bool ecdh_p256_derive_pubkey | ( | const uint8_t * | privkey, |
| uint8_t * | pubkey_out ) |
Derive public key from private key
| privkey | 32-byte private key |
| pubkey_out | 65-byte output for public key (04 || X || Y) |
Definition at line 214 of file ecdh.cpp.
References ECP_POINT_X, ECP_POINT_Y, and hw_random().
Referenced by read_public_key().
| bool ecdh_p256_generate_keypair | ( | uint8_t * | privkey_out, |
| uint8_t * | pubkey_out ) |
Generate ephemeral P-256 key pair for ECDH
| privkey_out | 32-byte output for private key |
| pubkey_out | 65-byte output for public key (04 || X || Y) |
Definition at line 153 of file ecdh.cpp.
References ecdh_secure_clear(), ECP_POINT_X, ECP_POINT_Y, and hw_random().
Referenced by generate_dec_key(), and gpg_generate_key().
| void ecdh_secure_clear | ( | void * | ptr, |
| size_t | size ) |
Securely clears sensitive memory using platform zeroize.
| ptr | Memory region start. |
| size | Number of bytes to clear. |
Definition at line 52 of file ecdh.cpp.
Referenced by ecdh_p256_compute_shared_secret(), and ecdh_p256_generate_keypair().
|
static |
Hardware RNG callback used by MbedTLS.
| ctx | Unused callback context. |
| buf | Output buffer to fill with random bytes. |
| len | Number of random bytes requested. |
Definition at line 41 of file ecdh.cpp.
Referenced by ecdh_p256_compute_shared_secret(), ecdh_p256_derive_pubkey(), and ecdh_p256_generate_keypair().
1.16.1