Lines Matching defs:curve
26 /* The mandatory to support and the default NIST P-256 curve needs to
99 static int dpp_hash_vector(const struct dpp_curve_params *curve,
103 if (curve->hash_len == 32)
105 if (curve->hash_len == 48)
107 if (curve->hash_len == 64)
270 struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve)
276 key = crypto_ec_key_gen(curve->ike_group);
284 struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve,
302 *curve = dpp_get_curve_ike_group(group);
303 if (!*curve) {
305 "DPP: Unsupported curve (group=%d) in pre-assigned key",
333 int dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve,
341 bi->curve = dpp_get_curve_name(curve);
342 if (!bi->curve) {
343 wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", curve);
348 bi->pubkey = dpp_set_keypair(&bi->curve, privkey, privkey_len);
350 bi->pubkey = dpp_gen_keypair(bi->curve);
446 unsigned int hash_len = auth->curve->hash_len;
447 size_t nonce_len = auth->curve->nonce_len;
591 bi->curve = dpp_get_curve_ike_group(crypto_ec_key_group(key));
592 if (!bi->curve) {
594 "DPP: Unsupported SubjectPublicKeyInfo curve: group %d",
608 dpp_parse_jws_prot_hdr(const struct dpp_curve_params *curve,
649 if (os_strcmp(token->string, curve->jws_alg) != 0) {
652 token->string, curve->jws_alg);
730 const struct dpp_curve_params *curve;
733 curve = dpp_get_curve_ike_group(crypto_ec_key_group(csign_pub));
734 if (!curve)
736 wpa_printf(MSG_DEBUG, "DPP: C-sign-key group: %s", curve->jwk_crv);
756 kid = dpp_parse_jws_prot_hdr(curve, prot_hdr, prot_hdr_len, &hash_func);
812 hash = os_malloc(curve->hash_len);
833 hash, curve->hash_len,
897 nonce_len = auth->curve->nonce_len;
956 res = dpp_hash_vector(auth->curve, num_elem, addr, len, r_auth);
959 auth->curve->hash_len);
980 nonce_len = auth->curve->nonce_len;
1043 res = dpp_hash_vector(auth->curve, num_elem, addr, len, i_auth);
1046 auth->curve->hash_len);
1169 int dpp_derive_pmkid(const struct dpp_curve_params *curve,
1422 dpp_pkex_get_role_elem(const struct dpp_curve_params *curve, int init)
1426 switch (curve->ike_group) {
1455 return crypto_ec_key_set_pub(curve->ike_group, x, y, curve->prime_len);
1460 dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, const u8 *mac_init,
1493 if (dpp_hash_vector(curve, num_elem, addr, len, hash) < 0)
1497 hash, curve->hash_len);
1498 Pi_key = dpp_pkex_get_role_elem(curve, 1);
1503 ec = crypto_ec_init(curve->ike_group);
1509 hash_bn = crypto_bignum_init_set(hash, curve->hash_len);
1535 dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, const u8 *mac_resp,
1568 if (dpp_hash_vector(curve, num_elem, addr, len, hash) < 0)
1572 hash, curve->hash_len);
1573 Pr_key = dpp_pkex_get_role_elem(curve, 0);
1578 ec = crypto_ec_init(curve->ike_group);
1584 hash_bn = crypto_bignum_init_set(hash, curve->hash_len);
1694 const struct dpp_curve_params *curve;
1698 own_key = dpp_set_keypair(&auth->curve, net_access_key,
1705 peer_key = dpp_parse_jwk(peer_net_access_key, &curve);
1710 if (auth->curve != curve) {
1713 auth->curve->name, curve->name);
1717 auth->own_protocol_key = dpp_gen_keypair(curve);
1721 if (random_get_bytes(auth->e_nonce, auth->curve->nonce_len)) {
1726 auth->e_nonce, auth->curve->nonce_len);
1729 ec = crypto_ec_init(curve->ike_group);
1746 wpa_hexdump_key(MSG_DEBUG, "DPP: M.x", Mx, curve->prime_len);
1751 os_memcpy(nonces, auth->c_nonce, curve->nonce_len);
1752 os_memcpy(&nonces[curve->nonce_len], auth->e_nonce, curve->nonce_len);
1753 if (dpp_hmac(curve->hash_len, nonces, 2 * curve->nonce_len,
1754 Mx, curve->prime_len, prk) < 0)
1756 wpa_hexdump_key(MSG_DEBUG, "DPP: PRK", prk, curve->hash_len);
1759 if (dpp_hkdf_expand(curve->hash_len, prk, curve->hash_len,
1760 "dpp reconfig key", auth->ke, curve->hash_len) < 0)
1764 auth->ke, curve->hash_len);
1796 const struct dpp_curve_params *curve;
1810 peer_key = dpp_parse_jwk(net_access_key, &curve);
1814 if (auth->curve != curve) {
1817 auth->curve->name, curve->name);
1822 ec = crypto_ec_init(curve->ike_group);
1839 wpa_hexdump_key(MSG_DEBUG, "DPP: M.x", Mx, curve->prime_len);
1844 os_memcpy(nonces, auth->c_nonce, curve->nonce_len);
1845 os_memcpy(&nonces[curve->nonce_len], auth->e_nonce, curve->nonce_len);
1846 if (dpp_hmac(curve->hash_len, nonces, 2 * curve->nonce_len,
1847 Mx, curve->prime_len, prk) < 0)
1849 wpa_hexdump_key(MSG_DEBUG, "DPP: PRK", prk, curve->hash_len);
1852 if (dpp_hkdf_expand(curve->hash_len, prk, curve->hash_len,
1853 "dpp reconfig key", auth->ke, curve->hash_len) < 0)
1857 auth->ke, curve->hash_len);
1889 json_add_string(jws_prot_hdr, "alg", conf->curve->jws_alg);
1905 const struct dpp_curve_params *curve;
1921 curve = conf->curve;
1922 hash = os_malloc(curve->hash_len);
1925 if (curve->hash_len == SHA256_MAC_LEN) {
1927 } else if (curve->hash_len == SHA384_MAC_LEN) {
1929 } else if (curve->hash_len == SHA512_MAC_LEN) {
1940 hash, curve->hash_len);
1942 sig = crypto_ec_key_sign_r_s(conf->csign, hash, curve->hash_len);
2012 own_key = dpp_set_keypair(&pfs->curve, net_access_key,
2020 pfs->ecdh = crypto_ecdh_init(pfs->curve->ike_group);
2025 pub = wpabuf_zeropad(pub, pfs->curve->prime_len);
2035 wpabuf_put_le16(pfs->ie, pfs->curve->ike_group);
2053 if (WPA_GET_LE16(peer_ie) != pfs->curve->ike_group) {
2060 pfs->secret = wpabuf_zeropad(pfs->secret, pfs->curve->prime_len);
2086 unsigned int hash_len = auth->curve->hash_len;
2161 unsigned int hash_len = auth->curve->hash_len;
2404 hash_len = auth->curve->hash_len;
2411 * len(new-curve-hash-out))
2415 * updated to use the new keys. The new curve determines the size of
2417 * algorithm, k) are determined based on the initially determined curve
2447 len[0] = auth->curve->nonce_len;
2526 const struct dpp_curve_params *curve)
2534 ec = crypto_ec_init(curve->ike_group);
2535 x = wpabuf_put(msg, curve->prime_len);
2536 y = wpabuf_put(msg, curve->prime_len);
2542 key = crypto_ec_key_gen(curve->ike_group);
2552 y[curve->prime_len - 1] ^= 0x01;