00001
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025 #ifndef MBEDTLS_PK_H
00026 #define MBEDTLS_PK_H
00027
00028 #if !defined(MBEDTLS_CONFIG_FILE)
00029 #include "config.h"
00030 #else
00031 #include MBEDTLS_CONFIG_FILE
00032 #endif
00033
00034 #include "md.h"
00035
00036 #if defined(MBEDTLS_RSA_C)
00037 #include "rsa.h"
00038 #endif
00039
00040 #if defined(MBEDTLS_ECP_C)
00041 #include "ecp.h"
00042 #endif
00043
00044 #if defined(MBEDTLS_ECDSA_C)
00045 #include "ecdsa.h"
00046 #endif
00047
00048 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00049 !defined(inline) && !defined(__cplusplus)
00050 #define inline __inline
00051 #endif
00052
00053 #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80
00054 #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00
00055 #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80
00056 #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00
00057 #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
00058 #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00
00059 #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80
00060 #define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00
00061 #define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80
00062 #define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00
00063 #define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80
00064 #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
00065 #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
00066 #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900
00067 #define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880
00069 #ifdef __cplusplus
00070 extern "C" {
00071 #endif
00072
00076 typedef enum {
00077 MBEDTLS_PK_NONE=0,
00078 MBEDTLS_PK_RSA,
00079 MBEDTLS_PK_ECKEY,
00080 MBEDTLS_PK_ECKEY_DH,
00081 MBEDTLS_PK_ECDSA,
00082 MBEDTLS_PK_RSA_ALT,
00083 MBEDTLS_PK_RSASSA_PSS,
00084 } mbedtls_pk_type_t;
00085
00090 typedef struct
00091 {
00092 mbedtls_md_type_t mgf1_hash_id;
00093 int expected_salt_len;
00094
00095 } mbedtls_pk_rsassa_pss_options;
00096
00100 typedef enum
00101 {
00102 MBEDTLS_PK_DEBUG_NONE = 0,
00103 MBEDTLS_PK_DEBUG_MPI,
00104 MBEDTLS_PK_DEBUG_ECP,
00105 } mbedtls_pk_debug_type;
00106
00110 typedef struct
00111 {
00112 mbedtls_pk_debug_type type;
00113 const char *name;
00114 void *value;
00115 } mbedtls_pk_debug_item;
00116
00118 #define MBEDTLS_PK_DEBUG_MAX_ITEMS 3
00119
00123 typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
00124
00128 typedef struct
00129 {
00130 const mbedtls_pk_info_t * pk_info;
00131 void * pk_ctx;
00132 } mbedtls_pk_context;
00133
00134 #if defined(MBEDTLS_RSA_C)
00135
00141 static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
00142 {
00143 return( (mbedtls_rsa_context *) (pk).pk_ctx );
00144 }
00145 #endif
00146
00147 #if defined(MBEDTLS_ECP_C)
00148
00154 static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
00155 {
00156 return( (mbedtls_ecp_keypair *) (pk).pk_ctx );
00157 }
00158 #endif
00159
00160 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
00161
00164 typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
00165 const unsigned char *input, unsigned char *output,
00166 size_t output_max_len );
00167 typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
00168 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
00169 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
00170 const unsigned char *hash, unsigned char *sig );
00171 typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
00172 #endif
00173
00181 const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
00182
00186 void mbedtls_pk_init( mbedtls_pk_context *ctx );
00187
00191 void mbedtls_pk_free( mbedtls_pk_context *ctx );
00192
00207 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
00208
00209 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
00210
00224 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
00225 mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
00226 mbedtls_pk_rsa_alt_sign_func sign_func,
00227 mbedtls_pk_rsa_alt_key_len_func key_len_func );
00228 #endif
00229
00237 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
00238
00245 static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
00246 {
00247 return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
00248 }
00249
00259 int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
00260
00285 int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
00286 const unsigned char *hash, size_t hash_len,
00287 const unsigned char *sig, size_t sig_len );
00288
00318 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
00319 mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
00320 const unsigned char *hash, size_t hash_len,
00321 const unsigned char *sig, size_t sig_len );
00322
00347 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
00348 const unsigned char *hash, size_t hash_len,
00349 unsigned char *sig, size_t *sig_len,
00350 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
00351
00368 int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
00369 const unsigned char *input, size_t ilen,
00370 unsigned char *output, size_t *olen, size_t osize,
00371 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
00372
00389 int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
00390 const unsigned char *input, size_t ilen,
00391 unsigned char *output, size_t *olen, size_t osize,
00392 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
00393
00402 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
00403
00412 int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
00413
00421 const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
00422
00430 mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
00431
00432 #if defined(MBEDTLS_PK_PARSE_C)
00433
00452 int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
00453 const unsigned char *key, size_t keylen,
00454 const unsigned char *pwd, size_t pwdlen );
00455
00473 int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
00474 const unsigned char *key, size_t keylen );
00475
00476 #if defined(MBEDTLS_FS_IO)
00477
00493 int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
00494 const char *path, const char *password );
00495
00512 int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
00513 #endif
00514 #endif
00515
00516 #if defined(MBEDTLS_PK_WRITE_C)
00517
00530 int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00531
00545 int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00546
00547 #if defined(MBEDTLS_PEM_WRITE_C)
00548
00557 int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00558
00568 int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
00569 #endif
00570 #endif
00571
00572
00573
00574
00575
00576
00577 #if defined(MBEDTLS_PK_PARSE_C)
00578
00587 int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
00588 mbedtls_pk_context *pk );
00589 #endif
00590
00591 #if defined(MBEDTLS_PK_WRITE_C)
00592
00602 int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
00603 const mbedtls_pk_context *key );
00604 #endif
00605
00606
00607
00608
00609
00610 #if defined(MBEDTLS_FS_IO)
00611 int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
00612 #endif
00613
00614 #ifdef __cplusplus
00615 }
00616 #endif
00617
00618 #endif