00001
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052 #ifndef MBEDTLS_PK_H
00053 #define MBEDTLS_PK_H
00054
00055 #if !defined(MBEDTLS_CONFIG_FILE)
00056 #include "config.h"
00057 #else
00058 #include MBEDTLS_CONFIG_FILE
00059 #endif
00060
00061 #include "md.h"
00062
00063 #if defined(MBEDTLS_RSA_C)
00064 #include "rsa.h"
00065 #endif
00066
00067 #if defined(MBEDTLS_ECP_C)
00068 #include "ecp.h"
00069 #endif
00070
00071 #if defined(MBEDTLS_ECDSA_C)
00072 #include "ecdsa.h"
00073 #endif
00074
00075 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00076 !defined(inline) && !defined(__cplusplus)
00077 #define inline __inline
00078 #endif
00079
00080 #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80
00081 #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00
00082 #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80
00083 #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00
00084 #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
00085 #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00
00086 #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80
00087 #define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00
00088 #define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80
00089 #define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00
00090 #define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80
00091 #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
00092 #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
00093 #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900
00094 #define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880
00096 #ifdef __cplusplus
00097 extern "C" {
00098 #endif
00099
00103 typedef enum {
00104 MBEDTLS_PK_NONE=0,
00105 MBEDTLS_PK_RSA,
00106 MBEDTLS_PK_ECKEY,
00107 MBEDTLS_PK_ECKEY_DH,
00108 MBEDTLS_PK_ECDSA,
00109 MBEDTLS_PK_RSA_ALT,
00110 MBEDTLS_PK_RSASSA_PSS,
00111 } mbedtls_pk_type_t;
00112
00117 typedef struct
00118 {
00119 mbedtls_md_type_t mgf1_hash_id;
00120 int expected_salt_len;
00121
00122 } mbedtls_pk_rsassa_pss_options;
00123
00127 typedef enum
00128 {
00129 MBEDTLS_PK_DEBUG_NONE = 0,
00130 MBEDTLS_PK_DEBUG_MPI,
00131 MBEDTLS_PK_DEBUG_ECP,
00132 } mbedtls_pk_debug_type;
00133
00137 typedef struct
00138 {
00139 mbedtls_pk_debug_type type;
00140 const char *name;
00141 void *value;
00142 } mbedtls_pk_debug_item;
00143
00145 #define MBEDTLS_PK_DEBUG_MAX_ITEMS 3
00146
00150 typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
00151
00155 typedef struct
00156 {
00157 const mbedtls_pk_info_t * pk_info;
00158 void * pk_ctx;
00159 } mbedtls_pk_context;
00160
00161 #if defined(MBEDTLS_RSA_C)
00162
00168 static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
00169 {
00170 return( (mbedtls_rsa_context *) (pk).pk_ctx );
00171 }
00172 #endif
00173
00174 #if defined(MBEDTLS_ECP_C)
00175
00181 static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
00182 {
00183 return( (mbedtls_ecp_keypair *) (pk).pk_ctx );
00184 }
00185 #endif
00186
00187 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
00188
00191 typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
00192 const unsigned char *input, unsigned char *output,
00193 size_t output_max_len );
00194 typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
00195 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
00196 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
00197 const unsigned char *hash, unsigned char *sig );
00198 typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
00199 #endif
00200
00208 const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
00209
00213 void mbedtls_pk_init( mbedtls_pk_context *ctx );
00214
00218 void mbedtls_pk_free( mbedtls_pk_context *ctx );
00219
00234 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
00235
00236 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
00237
00251 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
00252 mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
00253 mbedtls_pk_rsa_alt_sign_func sign_func,
00254 mbedtls_pk_rsa_alt_key_len_func key_len_func );
00255 #endif
00256
00264 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
00265
00272 static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
00273 {
00274 return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
00275 }
00276
00286 int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
00287
00312 int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
00313 const unsigned char *hash, size_t hash_len,
00314 const unsigned char *sig, size_t sig_len );
00315
00345 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
00346 mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
00347 const unsigned char *hash, size_t hash_len,
00348 const unsigned char *sig, size_t sig_len );
00349
00378 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
00379 const unsigned char *hash, size_t hash_len,
00380 unsigned char *sig, size_t *sig_len,
00381 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
00382
00399 int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
00400 const unsigned char *input, size_t ilen,
00401 unsigned char *output, size_t *olen, size_t osize,
00402 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
00403
00420 int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
00421 const unsigned char *input, size_t ilen,
00422 unsigned char *output, size_t *olen, size_t osize,
00423 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
00424
00433 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
00434
00443 int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
00444
00452 const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
00453
00461 mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
00462
00463 #if defined(MBEDTLS_PK_PARSE_C)
00464
00483 int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
00484 const unsigned char *key, size_t keylen,
00485 const unsigned char *pwd, size_t pwdlen );
00486
00504 int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
00505 const unsigned char *key, size_t keylen );
00506
00507 #if defined(MBEDTLS_FS_IO)
00508
00524 int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
00525 const char *path, const char *password );
00526
00543 int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
00544 #endif
00545 #endif
00546
00547 #if defined(MBEDTLS_PK_WRITE_C)
00548
00561 int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00562
00576 int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00577
00578 #if defined(MBEDTLS_PEM_WRITE_C)
00579
00588 int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00589
00599 int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00600 #endif
00601 #endif
00602
00603
00604
00605
00606
00607
00608 #if defined(MBEDTLS_PK_PARSE_C)
00609
00618 int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
00619 mbedtls_pk_context *pk );
00620 #endif
00621
00622 #if defined(MBEDTLS_PK_WRITE_C)
00623
00633 int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
00634 const mbedtls_pk_context *key );
00635 #endif
00636
00637
00638
00639
00640
00641 #if defined(MBEDTLS_FS_IO)
00642 int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
00643 #endif
00644
00645 #ifdef __cplusplus
00646 }
00647 #endif
00648
00649 #endif