mbed TLS v1.3.14
pk.h
Go to the documentation of this file.
1 
25 #ifndef POLARSSL_PK_H
26 #define POLARSSL_PK_H
27 
28 #if !defined(POLARSSL_CONFIG_FILE)
29 #include "config.h"
30 #else
31 #include POLARSSL_CONFIG_FILE
32 #endif
33 
34 #include "md.h"
35 
36 #if defined(POLARSSL_RSA_C)
37 #include "rsa.h"
38 #endif
39 
40 #if defined(POLARSSL_ECP_C)
41 #include "ecp.h"
42 #endif
43 
44 #if defined(POLARSSL_ECDSA_C)
45 #include "ecdsa.h"
46 #endif
47 
48 #define POLARSSL_ERR_PK_MALLOC_FAILED -0x2F80
49 #define POLARSSL_ERR_PK_TYPE_MISMATCH -0x2F00
50 #define POLARSSL_ERR_PK_BAD_INPUT_DATA -0x2E80
51 #define POLARSSL_ERR_PK_FILE_IO_ERROR -0x2E00
52 #define POLARSSL_ERR_PK_KEY_INVALID_VERSION -0x2D80
53 #define POLARSSL_ERR_PK_KEY_INVALID_FORMAT -0x2D00
54 #define POLARSSL_ERR_PK_UNKNOWN_PK_ALG -0x2C80
55 #define POLARSSL_ERR_PK_PASSWORD_REQUIRED -0x2C00
56 #define POLARSSL_ERR_PK_PASSWORD_MISMATCH -0x2B80
57 #define POLARSSL_ERR_PK_INVALID_PUBKEY -0x2B00
58 #define POLARSSL_ERR_PK_INVALID_ALG -0x2A80
59 #define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00
60 #define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980
61 #define POLARSSL_ERR_PK_SIG_LEN_MISMATCH -0x2000
64 #if defined(POLARSSL_RSA_C)
65 
71 #define pk_rsa( pk ) ( (rsa_context *) (pk).pk_ctx )
72 #endif /* POLARSSL_RSA_C */
73 
74 #if defined(POLARSSL_ECP_C)
75 
81 #define pk_ec( pk ) ( (ecp_keypair *) (pk).pk_ctx )
82 #endif /* POLARSSL_ECP_C */
83 
84 
85 #ifdef __cplusplus
86 extern "C" {
87 #endif
88 
92 typedef enum {
100 } pk_type_t;
101 
106 typedef struct
107 {
110 
112 
116 typedef enum
117 {
121 } pk_debug_type;
122 
126 typedef struct
127 {
129  const char *name;
130  void *value;
131 } pk_debug_item;
132 
134 #define POLARSSL_PK_DEBUG_MAX_ITEMS 3
135 
139 typedef struct
140 {
143 
145  const char *name;
146 
148  size_t (*get_size)( const void * );
149 
151  int (*can_do)( pk_type_t type );
152 
154  int (*verify_func)( void *ctx, md_type_t md_alg,
155  const unsigned char *hash, size_t hash_len,
156  const unsigned char *sig, size_t sig_len );
157 
159  int (*sign_func)( void *ctx, md_type_t md_alg,
160  const unsigned char *hash, size_t hash_len,
161  unsigned char *sig, size_t *sig_len,
162  int (*f_rng)(void *, unsigned char *, size_t),
163  void *p_rng );
164 
166  int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
167  unsigned char *output, size_t *olen, size_t osize,
168  int (*f_rng)(void *, unsigned char *, size_t),
169  void *p_rng );
170 
172  int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
173  unsigned char *output, size_t *olen, size_t osize,
174  int (*f_rng)(void *, unsigned char *, size_t),
175  void *p_rng );
176 
178  int (*check_pair_func)( const void *pub, const void *prv );
179 
181  void * (*ctx_alloc_func)( void );
182 
184  void (*ctx_free_func)( void *ctx );
185 
187  void (*debug_func)( const void *ctx, pk_debug_item *items );
188 
189 } pk_info_t;
190 
194 typedef struct
195 {
196  const pk_info_t * pk_info;
197  void * pk_ctx;
198 } pk_context;
199 
203 typedef int (*pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
204  const unsigned char *input, unsigned char *output,
205  size_t output_max_len );
206 typedef int (*pk_rsa_alt_sign_func)( void *ctx,
207  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
208  int mode, md_type_t md_alg, unsigned int hashlen,
209  const unsigned char *hash, unsigned char *sig );
210 typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );
211 
219 const pk_info_t *pk_info_from_type( pk_type_t pk_type );
220 
224 void pk_init( pk_context *ctx );
225 
229 void pk_free( pk_context *ctx );
230 
245 int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
246 
261 int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
262  pk_rsa_alt_decrypt_func decrypt_func,
263  pk_rsa_alt_sign_func sign_func,
264  pk_rsa_alt_key_len_func key_len_func );
265 
273 size_t pk_get_size( const pk_context *ctx );
274 
281 static inline size_t pk_get_len( const pk_context *ctx )
282 {
283  return( ( pk_get_size( ctx ) + 7 ) / 8 );
284 }
285 
295 int pk_can_do( pk_context *ctx, pk_type_t type );
296 
321 int pk_verify( pk_context *ctx, md_type_t md_alg,
322  const unsigned char *hash, size_t hash_len,
323  const unsigned char *sig, size_t sig_len );
324 
354 int pk_verify_ext( pk_type_t type, const void *options,
355  pk_context *ctx, md_type_t md_alg,
356  const unsigned char *hash, size_t hash_len,
357  const unsigned char *sig, size_t sig_len );
358 
382 int pk_sign( pk_context *ctx, md_type_t md_alg,
383  const unsigned char *hash, size_t hash_len,
384  unsigned char *sig, size_t *sig_len,
385  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
386 
403 int pk_decrypt( pk_context *ctx,
404  const unsigned char *input, size_t ilen,
405  unsigned char *output, size_t *olen, size_t osize,
406  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
407 
424 int pk_encrypt( pk_context *ctx,
425  const unsigned char *input, size_t ilen,
426  unsigned char *output, size_t *olen, size_t osize,
427  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
428 
437 int pk_check_pair( const pk_context *pub, const pk_context *prv );
438 
447 int pk_debug( const pk_context *ctx, pk_debug_item *items );
448 
456 const char * pk_get_name( const pk_context *ctx );
457 
465 pk_type_t pk_get_type( const pk_context *ctx );
466 
467 #if defined(POLARSSL_PK_PARSE_C)
468 
486 int pk_parse_key( pk_context *ctx,
487  const unsigned char *key, size_t keylen,
488  const unsigned char *pwd, size_t pwdlen );
489 
507  const unsigned char *key, size_t keylen );
508 
509 #if defined(POLARSSL_FS_IO)
510 
526 int pk_parse_keyfile( pk_context *ctx,
527  const char *path, const char *password );
528 
544 int pk_parse_public_keyfile( pk_context *ctx, const char *path );
545 #endif /* POLARSSL_FS_IO */
546 #endif /* POLARSSL_PK_PARSE_C */
547 
548 #if defined(POLARSSL_PK_WRITE_C)
549 
562 int pk_write_key_der( pk_context *ctx, unsigned char *buf, size_t size );
563 
577 int pk_write_pubkey_der( pk_context *ctx, unsigned char *buf, size_t size );
578 
579 #if defined(POLARSSL_PEM_WRITE_C)
580 
589 int pk_write_pubkey_pem( pk_context *ctx, unsigned char *buf, size_t size );
590 
600 int pk_write_key_pem( pk_context *ctx, unsigned char *buf, size_t size );
601 #endif /* POLARSSL_PEM_WRITE_C */
602 #endif /* POLARSSL_PK_WRITE_C */
603 
604 /*
605  * WARNING: Low-level functions. You probably do not want to use these unless
606  * you are certain you do ;)
607  */
608 
609 #if defined(POLARSSL_PK_PARSE_C)
610 
619 int pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
620  pk_context *pk );
621 #endif /* POLARSSL_PK_PARSE_C */
622 
623 #if defined(POLARSSL_PK_WRITE_C)
624 
634 int pk_write_pubkey( unsigned char **p, unsigned char *start,
635  const pk_context *key );
636 #endif /* POLARSSL_PK_WRITE_C */
637 
638 /*
639  * Internal module functions. You probably do not want to use these unless you
640  * know you do.
641  */
642 #if defined(POLARSSL_FS_IO)
643 int pk_load_file( const char *path, unsigned char **buf, size_t *n );
644 #endif
645 
646 #ifdef __cplusplus
647 }
648 #endif
649 
650 #endif /* POLARSSL_PK_H */
size_t(* pk_rsa_alt_key_len_func)(void *ctx)
Definition: pk.h:210
static size_t pk_get_len(const pk_context *ctx)
Get the length in bytes of the underlying key.
Definition: pk.h:281
int pk_write_key_der(pk_context *ctx, unsigned char *buf, size_t size)
Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer!...
const pk_info_t * pk_info_from_type(pk_type_t pk_type)
Return information associated with the given PK type.
Elliptic curves over GF(p)
size_t pk_get_size(const pk_context *ctx)
Get the size in bits of the underlying key.
int pk_write_key_pem(pk_context *ctx, unsigned char *buf, size_t size)
Write a private key to a PKCS#1 or SEC1 PEM string.
Elliptic curve DSA.
Options for RSASSA-PSS signature verification.
Definition: pk.h:106
int pk_decrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message (including padding if relevant).
int pk_debug(const pk_context *ctx, pk_debug_item *items)
Export debug information.
Configuration options (set of defines)
const pk_info_t * pk_info
Public key informations.
Definition: pk.h:196
pk_type_t pk_get_type(const pk_context *ctx)
Get the key type.
const char * pk_get_name(const pk_context *ctx)
Access the type name.
int expected_salt_len
Definition: pk.h:109
int pk_init_ctx_rsa_alt(pk_context *ctx, void *key, pk_rsa_alt_decrypt_func decrypt_func, pk_rsa_alt_sign_func sign_func, pk_rsa_alt_key_len_func key_len_func)
Initialize an RSA-alt context.
int pk_verify_ext(pk_type_t type, const void *options, pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature, with options.
md_type_t
Definition: md.h:45
const char * name
Definition: pk.h:129
int pk_write_pubkey(unsigned char **p, unsigned char *start, const pk_context *key)
Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer.
int pk_check_pair(const pk_context *pub, const pk_context *prv)
Check if a public-private pair of keys matches.
pk_debug_type type
Definition: pk.h:128
int pk_write_pubkey_der(pk_context *ctx, unsigned char *buf, size_t size)
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the bu...
md_type_t mgf1_hash_id
Definition: pk.h:108
Item to send to the debug module.
Definition: pk.h:126
int pk_verify(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature (including padding if relevant).
int(* pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Types for RSA-alt abstraction.
Definition: pk.h:203
Public key information and operations.
Definition: pk.h:139
int pk_can_do(pk_context *ctx, pk_type_t type)
Tell if a context can do the operation given by type.
void * pk_ctx
Underlying public key context.
Definition: pk.h:197
pk_type_t
Public key types.
Definition: pk.h:92
int(* pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: pk.h:206
int pk_parse_public_keyfile(pk_context *ctx, const char *path)
Load and parse a public key.
int pk_parse_subpubkey(unsigned char **p, const unsigned char *end, pk_context *pk)
Parse a SubjectPublicKeyInfo DER structure.
int pk_init_ctx(pk_context *ctx, const pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext...
int pk_load_file(const char *path, unsigned char **buf, size_t *n)
Generic message digest wrapper.
The RSA public-key cryptosystem.
void pk_free(pk_context *ctx)
Free a pk_context.
int pk_sign(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature, including padding if relevant.
int pk_parse_public_key(pk_context *ctx, const unsigned char *key, size_t keylen)
Parse a public key.
int pk_encrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message (including padding if relevant).
void pk_init(pk_context *ctx)
Initialize a pk_context (as NONE)
pk_debug_type
Types for interfacing with the debug module.
Definition: pk.h:116
int pk_parse_key(pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen)
Parse a private key.
int pk_write_pubkey_pem(pk_context *ctx, unsigned char *buf, size_t size)
Write a public key to a PEM string.
const char * name
Type name.
Definition: pk.h:145
pk_type_t type
Public key type.
Definition: pk.h:142
int pk_parse_keyfile(pk_context *ctx, const char *path, const char *password)
Load and parse a private key.
void * value
Definition: pk.h:130
Public key container.
Definition: pk.h:194