Embed:
(wiki syntax)
Show/hide line numbers
pk.h
Go to the documentation of this file.
00001 /** 00002 * \file pk.h 00003 * 00004 * \brief Public Key abstraction layer 00005 */ 00006 /* 00007 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00008 * SPDX-License-Identifier: Apache-2.0 00009 * 00010 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00011 * not use this file except in compliance with the License. 00012 * You may obtain a copy of the License at 00013 * 00014 * http://www.apache.org/licenses/LICENSE-2.0 00015 * 00016 * Unless required by applicable law or agreed to in writing, software 00017 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00018 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00019 * See the License for the specific language governing permissions and 00020 * limitations under the License. 00021 * 00022 * This file is part of mbed TLS (https://tls.mbed.org) 00023 */ 00024 00025 #ifndef MBEDTLS_PK_H 00026 #define MBEDTLS_PK_H 00027 00028 #if !defined(MBEDTLS_CONFIG_FILE) 00029 #include "config.h" 00030 #else 00031 #include MBEDTLS_CONFIG_FILE 00032 #endif 00033 00034 #include "md.h" 00035 00036 #if defined(MBEDTLS_RSA_C) 00037 #include "rsa.h" 00038 #endif 00039 00040 #if defined(MBEDTLS_ECP_C) 00041 #include "ecp.h" 00042 #endif 00043 00044 #if defined(MBEDTLS_ECDSA_C) 00045 #include "ecdsa.h" 00046 #endif 00047 00048 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ 00049 !defined(inline) && !defined(__cplusplus) 00050 #define inline __inline 00051 #endif 00052 00053 #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */ 00054 #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */ 00055 #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */ 00056 #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */ 00057 #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */ 00058 #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */ 00059 #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */ 00060 #define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 /**< Private key password can't be empty. */ 00061 #define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 /**< Given private key password does not allow for correct decryption. */ 00062 #define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */ 00063 #define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */ 00064 #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ 00065 #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ 00066 #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The signature is valid but its length is less than expected. */ 00067 #define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */ 00068 00069 #ifdef __cplusplus 00070 extern "C" { 00071 #endif 00072 00073 /** 00074 * \brief Public key types 00075 */ 00076 typedef enum { 00077 MBEDTLS_PK_NONE=0, 00078 MBEDTLS_PK_RSA, 00079 MBEDTLS_PK_ECKEY, 00080 MBEDTLS_PK_ECKEY_DH, 00081 MBEDTLS_PK_ECDSA, 00082 MBEDTLS_PK_RSA_ALT, 00083 MBEDTLS_PK_RSASSA_PSS, 00084 } mbedtls_pk_type_t; 00085 00086 /** 00087 * \brief Options for RSASSA-PSS signature verification. 00088 * See \c mbedtls_rsa_rsassa_pss_verify_ext() 00089 */ 00090 typedef struct 00091 { 00092 mbedtls_md_type_t mgf1_hash_id; 00093 int expected_salt_len; 00094 00095 } mbedtls_pk_rsassa_pss_options; 00096 00097 /** 00098 * \brief Types for interfacing with the debug module 00099 */ 00100 typedef enum 00101 { 00102 MBEDTLS_PK_DEBUG_NONE = 0, 00103 MBEDTLS_PK_DEBUG_MPI, 00104 MBEDTLS_PK_DEBUG_ECP, 00105 } mbedtls_pk_debug_type; 00106 00107 /** 00108 * \brief Item to send to the debug module 00109 */ 00110 typedef struct 00111 { 00112 mbedtls_pk_debug_type type; 00113 const char *name; 00114 void *value; 00115 } mbedtls_pk_debug_item; 00116 00117 /** Maximum number of item send for debugging, plus 1 */ 00118 #define MBEDTLS_PK_DEBUG_MAX_ITEMS 3 00119 00120 /** 00121 * \brief Public key information and operations 00122 */ 00123 typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; 00124 00125 /** 00126 * \brief Public key container 00127 */ 00128 typedef struct 00129 { 00130 const mbedtls_pk_info_t * pk_info; /**< Public key informations */ 00131 void * pk_ctx; /**< Underlying public key context */ 00132 } mbedtls_pk_context; 00133 00134 #if defined(MBEDTLS_RSA_C) 00135 /** 00136 * Quick access to an RSA context inside a PK context. 00137 * 00138 * \warning You must make sure the PK context actually holds an RSA context 00139 * before using this function! 00140 */ 00141 static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) 00142 { 00143 return( (mbedtls_rsa_context *) (pk).pk_ctx ); 00144 } 00145 #endif /* MBEDTLS_RSA_C */ 00146 00147 #if defined(MBEDTLS_ECP_C) 00148 /** 00149 * Quick access to an EC context inside a PK context. 00150 * 00151 * \warning You must make sure the PK context actually holds an EC context 00152 * before using this function! 00153 */ 00154 static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) 00155 { 00156 return( (mbedtls_ecp_keypair *) (pk).pk_ctx ); 00157 } 00158 #endif /* MBEDTLS_ECP_C */ 00159 00160 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00161 /** 00162 * \brief Types for RSA-alt abstraction 00163 */ 00164 typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, 00165 const unsigned char *input, unsigned char *output, 00166 size_t output_max_len ); 00167 typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, 00168 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, 00169 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, 00170 const unsigned char *hash, unsigned char *sig ); 00171 typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); 00172 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ 00173 00174 /** 00175 * \brief Return information associated with the given PK type 00176 * 00177 * \param pk_type PK type to search for. 00178 * 00179 * \return The PK info associated with the type or NULL if not found. 00180 */ 00181 const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); 00182 00183 /** 00184 * \brief Initialize a mbedtls_pk_context (as NONE) 00185 */ 00186 void mbedtls_pk_init( mbedtls_pk_context *ctx ); 00187 00188 /** 00189 * \brief Free a mbedtls_pk_context 00190 */ 00191 void mbedtls_pk_free( mbedtls_pk_context *ctx ); 00192 00193 /** 00194 * \brief Initialize a PK context with the information given 00195 * and allocates the type-specific PK subcontext. 00196 * 00197 * \param ctx Context to initialize. Must be empty (type NONE). 00198 * \param info Information to use 00199 * 00200 * \return 0 on success, 00201 * MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, 00202 * MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. 00203 * 00204 * \note For contexts holding an RSA-alt key, use 00205 * \c mbedtls_pk_setup_rsa_alt() instead. 00206 */ 00207 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); 00208 00209 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00210 /** 00211 * \brief Initialize an RSA-alt context 00212 * 00213 * \param ctx Context to initialize. Must be empty (type NONE). 00214 * \param key RSA key pointer 00215 * \param decrypt_func Decryption function 00216 * \param sign_func Signing function 00217 * \param key_len_func Function returning key length in bytes 00218 * 00219 * \return 0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the 00220 * context wasn't already initialized as RSA_ALT. 00221 * 00222 * \note This function replaces \c mbedtls_pk_setup() for RSA-alt. 00223 */ 00224 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, 00225 mbedtls_pk_rsa_alt_decrypt_func decrypt_func, 00226 mbedtls_pk_rsa_alt_sign_func sign_func, 00227 mbedtls_pk_rsa_alt_key_len_func key_len_func ); 00228 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ 00229 00230 /** 00231 * \brief Get the size in bits of the underlying key 00232 * 00233 * \param ctx Context to use 00234 * 00235 * \return Key size in bits, or 0 on error 00236 */ 00237 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); 00238 00239 /** 00240 * \brief Get the length in bytes of the underlying key 00241 * \param ctx Context to use 00242 * 00243 * \return Key length in bytes, or 0 on error 00244 */ 00245 static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) 00246 { 00247 return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 ); 00248 } 00249 00250 /** 00251 * \brief Tell if a context can do the operation given by type 00252 * 00253 * \param ctx Context to test 00254 * \param type Target type 00255 * 00256 * \return 0 if context can't do the operations, 00257 * 1 otherwise. 00258 */ 00259 int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); 00260 00261 /** 00262 * \brief Verify signature (including padding if relevant). 00263 * 00264 * \param ctx PK context to use 00265 * \param md_alg Hash algorithm used (see notes) 00266 * \param hash Hash of the message to sign 00267 * \param hash_len Hash length or 0 (see notes) 00268 * \param sig Signature to verify 00269 * \param sig_len Signature length 00270 * 00271 * \return 0 on success (signature is valid), 00272 * MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is 00273 * valid but its actual length is less than sig_len, 00274 * or a specific error code. 00275 * 00276 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00277 * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) 00278 * to verify RSASSA_PSS signatures. 00279 * 00280 * \note If hash_len is 0, then the length associated with md_alg 00281 * is used instead, or an error returned if it is invalid. 00282 * 00283 * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 00284 */ 00285 int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, 00286 const unsigned char *hash, size_t hash_len, 00287 const unsigned char *sig, size_t sig_len ); 00288 00289 /** 00290 * \brief Verify signature, with options. 00291 * (Includes verification of the padding depending on type.) 00292 * 00293 * \param type Signature type (inc. possible padding type) to verify 00294 * \param options Pointer to type-specific options, or NULL 00295 * \param ctx PK context to use 00296 * \param md_alg Hash algorithm used (see notes) 00297 * \param hash Hash of the message to sign 00298 * \param hash_len Hash length or 0 (see notes) 00299 * \param sig Signature to verify 00300 * \param sig_len Signature length 00301 * 00302 * \return 0 on success (signature is valid), 00303 * MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be 00304 * used for this type of signatures, 00305 * MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is 00306 * valid but its actual length is less than sig_len, 00307 * or a specific error code. 00308 * 00309 * \note If hash_len is 0, then the length associated with md_alg 00310 * is used instead, or an error returned if it is invalid. 00311 * 00312 * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 00313 * 00314 * \note If type is MBEDTLS_PK_RSASSA_PSS, then options must point 00315 * to a mbedtls_pk_rsassa_pss_options structure, 00316 * otherwise it must be NULL. 00317 */ 00318 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, 00319 mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, 00320 const unsigned char *hash, size_t hash_len, 00321 const unsigned char *sig, size_t sig_len ); 00322 00323 /** 00324 * \brief Make signature, including padding if relevant. 00325 * 00326 * \param ctx PK context to use - must hold a private key 00327 * \param md_alg Hash algorithm used (see notes) 00328 * \param hash Hash of the message to sign 00329 * \param hash_len Hash length or 0 (see notes) 00330 * \param sig Place to write the signature 00331 * \param sig_len Number of bytes written 00332 * \param f_rng RNG function 00333 * \param p_rng RNG parameter 00334 * 00335 * \return 0 on success, or a specific error code. 00336 * 00337 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00338 * There is no interface in the PK module to make RSASSA-PSS 00339 * signatures yet. 00340 * 00341 * \note If hash_len is 0, then the length associated with md_alg 00342 * is used instead, or an error returned if it is invalid. 00343 * 00344 * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. 00345 * For ECDSA, md_alg may never be MBEDTLS_MD_NONE. 00346 */ 00347 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, 00348 const unsigned char *hash, size_t hash_len, 00349 unsigned char *sig, size_t *sig_len, 00350 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00351 00352 /** 00353 * \brief Decrypt message (including padding if relevant). 00354 * 00355 * \param ctx PK context to use - must hold a private key 00356 * \param input Input to decrypt 00357 * \param ilen Input size 00358 * \param output Decrypted output 00359 * \param olen Decrypted message length 00360 * \param osize Size of the output buffer 00361 * \param f_rng RNG function 00362 * \param p_rng RNG parameter 00363 * 00364 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00365 * 00366 * \return 0 on success, or a specific error code. 00367 */ 00368 int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, 00369 const unsigned char *input, size_t ilen, 00370 unsigned char *output, size_t *olen, size_t osize, 00371 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00372 00373 /** 00374 * \brief Encrypt message (including padding if relevant). 00375 * 00376 * \param ctx PK context to use 00377 * \param input Message to encrypt 00378 * \param ilen Message size 00379 * \param output Encrypted output 00380 * \param olen Encrypted output length 00381 * \param osize Size of the output buffer 00382 * \param f_rng RNG function 00383 * \param p_rng RNG parameter 00384 * 00385 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00386 * 00387 * \return 0 on success, or a specific error code. 00388 */ 00389 int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, 00390 const unsigned char *input, size_t ilen, 00391 unsigned char *output, size_t *olen, size_t osize, 00392 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00393 00394 /** 00395 * \brief Check if a public-private pair of keys matches. 00396 * 00397 * \param pub Context holding a public key. 00398 * \param prv Context holding a private (and public) key. 00399 * 00400 * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA 00401 */ 00402 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ); 00403 00404 /** 00405 * \brief Export debug information 00406 * 00407 * \param ctx Context to use 00408 * \param items Place to write debug items 00409 * 00410 * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA 00411 */ 00412 int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ); 00413 00414 /** 00415 * \brief Access the type name 00416 * 00417 * \param ctx Context to use 00418 * 00419 * \return Type name on success, or "invalid PK" 00420 */ 00421 const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); 00422 00423 /** 00424 * \brief Get the key type 00425 * 00426 * \param ctx Context to use 00427 * 00428 * \return Type on success, or MBEDTLS_PK_NONE 00429 */ 00430 mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); 00431 00432 #if defined(MBEDTLS_PK_PARSE_C) 00433 /** \ingroup pk_module */ 00434 /** 00435 * \brief Parse a private key in PEM or DER format 00436 * 00437 * \param ctx key to be initialized 00438 * \param key input buffer 00439 * \param keylen size of the buffer 00440 * (including the terminating null byte for PEM data) 00441 * \param pwd password for decryption (optional) 00442 * \param pwdlen size of the password 00443 * 00444 * \note On entry, ctx must be empty, either freshly initialised 00445 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a 00446 * specific key type, check the result with mbedtls_pk_can_do(). 00447 * 00448 * \note The key is also checked for correctness. 00449 * 00450 * \return 0 if successful, or a specific PK or PEM error code 00451 */ 00452 int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, 00453 const unsigned char *key, size_t keylen, 00454 const unsigned char *pwd, size_t pwdlen ); 00455 00456 /** \ingroup pk_module */ 00457 /** 00458 * \brief Parse a public key in PEM or DER format 00459 * 00460 * \param ctx key to be initialized 00461 * \param key input buffer 00462 * \param keylen size of the buffer 00463 * (including the terminating null byte for PEM data) 00464 * 00465 * \note On entry, ctx must be empty, either freshly initialised 00466 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a 00467 * specific key type, check the result with mbedtls_pk_can_do(). 00468 * 00469 * \note The key is also checked for correctness. 00470 * 00471 * \return 0 if successful, or a specific PK or PEM error code 00472 */ 00473 int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, 00474 const unsigned char *key, size_t keylen ); 00475 00476 #if defined(MBEDTLS_FS_IO) 00477 /** \ingroup pk_module */ 00478 /** 00479 * \brief Load and parse a private key 00480 * 00481 * \param ctx key to be initialized 00482 * \param path filename to read the private key from 00483 * \param password password to decrypt the file (can be NULL) 00484 * 00485 * \note On entry, ctx must be empty, either freshly initialised 00486 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a 00487 * specific key type, check the result with mbedtls_pk_can_do(). 00488 * 00489 * \note The key is also checked for correctness. 00490 * 00491 * \return 0 if successful, or a specific PK or PEM error code 00492 */ 00493 int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, 00494 const char *path, const char *password ); 00495 00496 /** \ingroup pk_module */ 00497 /** 00498 * \brief Load and parse a public key 00499 * 00500 * \param ctx key to be initialized 00501 * \param path filename to read the public key from 00502 * 00503 * \note On entry, ctx must be empty, either freshly initialised 00504 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If 00505 * you need a specific key type, check the result with 00506 * mbedtls_pk_can_do(). 00507 * 00508 * \note The key is also checked for correctness. 00509 * 00510 * \return 0 if successful, or a specific PK or PEM error code 00511 */ 00512 int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ); 00513 #endif /* MBEDTLS_FS_IO */ 00514 #endif /* MBEDTLS_PK_PARSE_C */ 00515 00516 #if defined(MBEDTLS_PK_WRITE_C) 00517 /** 00518 * \brief Write a private key to a PKCS#1 or SEC1 DER structure 00519 * Note: data is written at the end of the buffer! Use the 00520 * return value to determine where you should start 00521 * using the buffer 00522 * 00523 * \param ctx private to write away 00524 * \param buf buffer to write to 00525 * \param size size of the buffer 00526 * 00527 * \return length of data written if successful, or a specific 00528 * error code 00529 */ 00530 int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00531 00532 /** 00533 * \brief Write a public key to a SubjectPublicKeyInfo DER structure 00534 * Note: data is written at the end of the buffer! Use the 00535 * return value to determine where you should start 00536 * using the buffer 00537 * 00538 * \param ctx public key to write away 00539 * \param buf buffer to write to 00540 * \param size size of the buffer 00541 * 00542 * \return length of data written if successful, or a specific 00543 * error code 00544 */ 00545 int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00546 00547 #if defined(MBEDTLS_PEM_WRITE_C) 00548 /** 00549 * \brief Write a public key to a PEM string 00550 * 00551 * \param ctx public key to write away 00552 * \param buf buffer to write to 00553 * \param size size of the buffer 00554 * 00555 * \return 0 if successful, or a specific error code 00556 */ 00557 int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00558 00559 /** 00560 * \brief Write a private key to a PKCS#1 or SEC1 PEM string 00561 * 00562 * \param ctx private to write away 00563 * \param buf buffer to write to 00564 * \param size size of the buffer 00565 * 00566 * \return 0 if successful, or a specific error code 00567 */ 00568 int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00569 #endif /* MBEDTLS_PEM_WRITE_C */ 00570 #endif /* MBEDTLS_PK_WRITE_C */ 00571 00572 /* 00573 * WARNING: Low-level functions. You probably do not want to use these unless 00574 * you are certain you do ;) 00575 */ 00576 00577 #if defined(MBEDTLS_PK_PARSE_C) 00578 /** 00579 * \brief Parse a SubjectPublicKeyInfo DER structure 00580 * 00581 * \param p the position in the ASN.1 data 00582 * \param end end of the buffer 00583 * \param pk the key to fill 00584 * 00585 * \return 0 if successful, or a specific PK error code 00586 */ 00587 int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, 00588 mbedtls_pk_context *pk ); 00589 #endif /* MBEDTLS_PK_PARSE_C */ 00590 00591 #if defined(MBEDTLS_PK_WRITE_C) 00592 /** 00593 * \brief Write a subjectPublicKey to ASN.1 data 00594 * Note: function works backwards in data buffer 00595 * 00596 * \param p reference to current position pointer 00597 * \param start start of the buffer (for bounds-checking) 00598 * \param key public key to write away 00599 * 00600 * \return the length written or a negative error code 00601 */ 00602 int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, 00603 const mbedtls_pk_context *key ); 00604 #endif /* MBEDTLS_PK_WRITE_C */ 00605 00606 /* 00607 * Internal module functions. You probably do not want to use these unless you 00608 * know you do. 00609 */ 00610 #if defined(MBEDTLS_FS_IO) 00611 int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); 00612 #endif 00613 00614 #ifdef __cplusplus 00615 } 00616 #endif 00617 00618 #endif /* MBEDTLS_PK_H */
Generated on Tue Jul 12 2022 12:22:17 by
1.7.2