mbed TLS v2.1.0
pk.h
Go to the documentation of this file.
1 
24 #ifndef MBEDTLS_PK_H
25 #define MBEDTLS_PK_H
26 
27 #if !defined(MBEDTLS_CONFIG_FILE)
28 #include "config.h"
29 #else
30 #include MBEDTLS_CONFIG_FILE
31 #endif
32 
33 #include "md.h"
34 
35 #if defined(MBEDTLS_RSA_C)
36 #include "rsa.h"
37 #endif
38 
39 #if defined(MBEDTLS_ECP_C)
40 #include "ecp.h"
41 #endif
42 
43 #if defined(MBEDTLS_ECDSA_C)
44 #include "ecdsa.h"
45 #endif
46 
47 #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80
48 #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00
49 #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80
50 #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00
51 #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
52 #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00
53 #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80
54 #define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00
55 #define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80
56 #define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00
57 #define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80
58 #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
59 #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
60 #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900
63 #ifdef __cplusplus
64 extern "C" {
65 #endif
66 
70 typedef enum {
79 
84 typedef struct
85 {
88 
90 
94 typedef enum
95 {
100 
104 typedef struct
105 {
107  const char *name;
108  void *value;
110 
112 #define MBEDTLS_PK_DEBUG_MAX_ITEMS 3
113 
118 
122 typedef struct
123 {
125  void * pk_ctx;
127 
128 #if defined(MBEDTLS_RSA_C)
129 
136 {
137  return( (mbedtls_rsa_context *) (pk).pk_ctx );
138 }
139 #endif /* MBEDTLS_RSA_C */
140 
141 #if defined(MBEDTLS_ECP_C)
142 
149 {
150  return( (mbedtls_ecp_keypair *) (pk).pk_ctx );
151 }
152 #endif /* MBEDTLS_ECP_C */
153 
154 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
155 
158 typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
159  const unsigned char *input, unsigned char *output,
160  size_t output_max_len );
161 typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
162  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
163  int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
164  const unsigned char *hash, unsigned char *sig );
165 typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
166 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
167 
176 
181 
186 
201 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
202 
203 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
204 
218 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
221  mbedtls_pk_rsa_alt_key_len_func key_len_func );
222 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
223 
231 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
232 
239 static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
240 {
241  return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
242 }
243 
254 
280  const unsigned char *hash, size_t hash_len,
281  const unsigned char *sig, size_t sig_len );
282 
312 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
314  const unsigned char *hash, size_t hash_len,
315  const unsigned char *sig, size_t sig_len );
316 
342  const unsigned char *hash, size_t hash_len,
343  unsigned char *sig, size_t *sig_len,
344  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
345 
363  const unsigned char *input, size_t ilen,
364  unsigned char *output, size_t *olen, size_t osize,
365  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
366 
384  const unsigned char *input, size_t ilen,
385  unsigned char *output, size_t *olen, size_t osize,
386  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
387 
396 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
397 
407 
415 const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
416 
425 
426 #if defined(MBEDTLS_PK_PARSE_C)
427 
447  const unsigned char *key, size_t keylen,
448  const unsigned char *pwd, size_t pwdlen );
449 
468  const unsigned char *key, size_t keylen );
469 
470 #if defined(MBEDTLS_FS_IO)
471 
488  const char *path, const char *password );
489 
505 int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
506 #endif /* MBEDTLS_FS_IO */
507 #endif /* MBEDTLS_PK_PARSE_C */
508 
509 #if defined(MBEDTLS_PK_WRITE_C)
510 
523 int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
524 
538 int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
539 
540 #if defined(MBEDTLS_PEM_WRITE_C)
541 
550 int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
551 
561 int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
562 #endif /* MBEDTLS_PEM_WRITE_C */
563 #endif /* MBEDTLS_PK_WRITE_C */
564 
565 /*
566  * WARNING: Low-level functions. You probably do not want to use these unless
567  * you are certain you do ;)
568  */
569 
570 #if defined(MBEDTLS_PK_PARSE_C)
571 
580 int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
581  mbedtls_pk_context *pk );
582 #endif /* MBEDTLS_PK_PARSE_C */
583 
584 #if defined(MBEDTLS_PK_WRITE_C)
585 
595 int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
596  const mbedtls_pk_context *key );
597 #endif /* MBEDTLS_PK_WRITE_C */
598 
599 /*
600  * Internal module functions. You probably do not want to use these unless you
601  * know you do.
602  */
603 #if defined(MBEDTLS_FS_IO)
604 int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
605 #endif
606 
607 #ifdef __cplusplus
608 }
609 #endif
610 
611 #endif /* MBEDTLS_PK_H */
int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size)
Write a public key to a PEM string.
Options for RSASSA-PSS signature verification.
Definition: pk.h:84
Public key container.
Definition: pk.h:122
int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key, mbedtls_pk_rsa_alt_decrypt_func decrypt_func, mbedtls_pk_rsa_alt_sign_func sign_func, mbedtls_pk_rsa_alt_key_len_func key_len_func)
Initialize an RSA-alt context.
int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, mbedtls_pk_context *pk)
Parse a SubjectPublicKeyInfo DER structure.
void mbedtls_pk_init(mbedtls_pk_context *ctx)
Initialize a mbedtls_pk_context (as NONE)
static mbedtls_rsa_context * mbedtls_pk_rsa(const mbedtls_pk_context pk)
Quick access to an RSA context inside a PK context.
Definition: pk.h:135
mbedtls_pk_debug_type
Types for interfacing with the debug module.
Definition: pk.h:94
int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type)
Tell if a context can do the operation given by type.
int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size)
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the bu...
int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *key)
Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer.
Elliptic curves over GF(p)
int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature, with options.
ECP key pair structure.
Definition: ecp.h:156
Elliptic curve DSA.
const mbedtls_pk_info_t * pk_info
Public key informations.
Definition: pk.h:124
int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message (including padding if relevant).
size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx)
Get the size in bits of the underlying key.
mbedtls_pk_type_t
Public key types.
Definition: pk.h:70
Compatibility names (set of defines)
void * value
Definition: pk.h:108
static size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
Get the length in bytes of the underlying key.
Definition: pk.h:239
mbedtls_pk_type_t type
Public key type.
Definition: pk_internal.h:38
int(* decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message.
Definition: pk_internal.h:62
size_t(* mbedtls_pk_rsa_alt_key_len_func)(void *ctx)
Definition: pk.h:165
int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature, including padding if relevant.
const char * name
Definition: pk.h:107
int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items)
Export debug information.
void * pk_ctx
Underlying public key context.
Definition: pk.h:125
int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen)
Parse a public key in PEM or DER format.
int mbedtls_pk_parse_key(mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen)
Parse a private key in PEM or DER format.
void mbedtls_pk_free(mbedtls_pk_context *ctx)
Free a mbedtls_pk_context.
mbedtls_md_type_t mgf1_hash_id
Definition: pk.h:86
int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, const char *path, const char *password)
Load and parse a private key.
The RSA public-key cryptosystem.
int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature (including padding if relevant).
mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx)
Get the key type.
int mbedtls_pk_write_key_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size)
Write a private key to a PKCS#1 or SEC1 PEM string.
int mbedtls_pk_write_key_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size)
Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer!...
const char * mbedtls_pk_get_name(const mbedtls_pk_context *ctx)
Access the type name.
int(* mbedtls_pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: pk.h:161
int(* mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Types for RSA-alt abstraction.
Definition: pk.h:158
int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n)
static mbedtls_ecp_keypair * mbedtls_pk_ec(const mbedtls_pk_context pk)
Quick access to an EC context inside a PK context.
Definition: pk.h:148
int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext...
mbedtls_pk_debug_type type
Definition: pk.h:106
int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv)
Check if a public-private pair of keys matches.
mbedtls_md_type_t
Definition: md.h:43
RSA context structure.
Definition: rsa.h:79
Item to send to the debug module.
Definition: pk.h:104
int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path)
Load and parse a public key.
const mbedtls_pk_info_t * mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type)
Return information associated with the given PK type.
int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message (including padding if relevant).
int(* sign_func)(void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature.
Definition: pk_internal.h:55