Hannes Tschofenig
Example program to test AES-GCM functionality. Used for a workshop
SSL/include/polarssl/pkcs12.h@0:796d0f61a05b, 2018-09-27 (annotated)
- Committer:
- HannesTschofenig
- Date:
- Thu Sep 27 06:34:22 2018 +0000
- Revision:
- 0:796d0f61a05b
Example AES-GCM test program
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| HannesTschofenig | 0:796d0f61a05b | 1 | /** |
| HannesTschofenig | 0:796d0f61a05b | 2 | * \file pkcs12.h |
| HannesTschofenig | 0:796d0f61a05b | 3 | * |
| HannesTschofenig | 0:796d0f61a05b | 4 | * \brief PKCS#12 Personal Information Exchange Syntax |
| HannesTschofenig | 0:796d0f61a05b | 5 | * |
| HannesTschofenig | 0:796d0f61a05b | 6 | * Copyright (C) 2006-2013, Brainspark B.V. |
| HannesTschofenig | 0:796d0f61a05b | 7 | * |
| HannesTschofenig | 0:796d0f61a05b | 8 | * This file is part of PolarSSL (http://www.polarssl.org) |
| HannesTschofenig | 0:796d0f61a05b | 9 | * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> |
| HannesTschofenig | 0:796d0f61a05b | 10 | * |
| HannesTschofenig | 0:796d0f61a05b | 11 | * All rights reserved. |
| HannesTschofenig | 0:796d0f61a05b | 12 | * |
| HannesTschofenig | 0:796d0f61a05b | 13 | * This program is free software; you can redistribute it and/or modify |
| HannesTschofenig | 0:796d0f61a05b | 14 | * it under the terms of the GNU General Public License as published by |
| HannesTschofenig | 0:796d0f61a05b | 15 | * the Free Software Foundation; either version 2 of the License, or |
| HannesTschofenig | 0:796d0f61a05b | 16 | * (at your option) any later version. |
| HannesTschofenig | 0:796d0f61a05b | 17 | * |
| HannesTschofenig | 0:796d0f61a05b | 18 | * This program is distributed in the hope that it will be useful, |
| HannesTschofenig | 0:796d0f61a05b | 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| HannesTschofenig | 0:796d0f61a05b | 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| HannesTschofenig | 0:796d0f61a05b | 21 | * GNU General Public License for more details. |
| HannesTschofenig | 0:796d0f61a05b | 22 | * |
| HannesTschofenig | 0:796d0f61a05b | 23 | * You should have received a copy of the GNU General Public License along |
| HannesTschofenig | 0:796d0f61a05b | 24 | * with this program; if not, write to the Free Software Foundation, Inc., |
| HannesTschofenig | 0:796d0f61a05b | 25 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| HannesTschofenig | 0:796d0f61a05b | 26 | */ |
| HannesTschofenig | 0:796d0f61a05b | 27 | #ifndef POLARSSL_PKCS12_H |
| HannesTschofenig | 0:796d0f61a05b | 28 | #define POLARSSL_PKCS12_H |
| HannesTschofenig | 0:796d0f61a05b | 29 | |
| HannesTschofenig | 0:796d0f61a05b | 30 | #include <string.h> |
| HannesTschofenig | 0:796d0f61a05b | 31 | |
| HannesTschofenig | 0:796d0f61a05b | 32 | #include "md.h" |
| HannesTschofenig | 0:796d0f61a05b | 33 | #include "cipher.h" |
| HannesTschofenig | 0:796d0f61a05b | 34 | #include "asn1.h" |
| HannesTschofenig | 0:796d0f61a05b | 35 | |
| HannesTschofenig | 0:796d0f61a05b | 36 | #define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ |
| HannesTschofenig | 0:796d0f61a05b | 37 | #define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ |
| HannesTschofenig | 0:796d0f61a05b | 38 | #define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ |
| HannesTschofenig | 0:796d0f61a05b | 39 | #define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */ |
| HannesTschofenig | 0:796d0f61a05b | 40 | |
| HannesTschofenig | 0:796d0f61a05b | 41 | #define PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */ |
| HannesTschofenig | 0:796d0f61a05b | 42 | #define PKCS12_DERIVE_IV 2 /**< initialization vector */ |
| HannesTschofenig | 0:796d0f61a05b | 43 | #define PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */ |
| HannesTschofenig | 0:796d0f61a05b | 44 | |
| HannesTschofenig | 0:796d0f61a05b | 45 | #define PKCS12_PBE_DECRYPT 0 |
| HannesTschofenig | 0:796d0f61a05b | 46 | #define PKCS12_PBE_ENCRYPT 1 |
| HannesTschofenig | 0:796d0f61a05b | 47 | |
| HannesTschofenig | 0:796d0f61a05b | 48 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 49 | extern "C" { |
| HannesTschofenig | 0:796d0f61a05b | 50 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 51 | |
| HannesTschofenig | 0:796d0f61a05b | 52 | /** |
| HannesTschofenig | 0:796d0f61a05b | 53 | * \brief PKCS12 Password Based function (encryption / decryption) |
| HannesTschofenig | 0:796d0f61a05b | 54 | * for pbeWithSHAAnd128BitRC4 |
| HannesTschofenig | 0:796d0f61a05b | 55 | * |
| HannesTschofenig | 0:796d0f61a05b | 56 | * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure |
| HannesTschofenig | 0:796d0f61a05b | 57 | * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT |
| HannesTschofenig | 0:796d0f61a05b | 58 | * \param pwd the password used (may be NULL if no password is used) |
| HannesTschofenig | 0:796d0f61a05b | 59 | * \param pwdlen length of the password (may be 0) |
| HannesTschofenig | 0:796d0f61a05b | 60 | * \param input the input data |
| HannesTschofenig | 0:796d0f61a05b | 61 | * \param len data length |
| HannesTschofenig | 0:796d0f61a05b | 62 | * \param output the output buffer |
| HannesTschofenig | 0:796d0f61a05b | 63 | * |
| HannesTschofenig | 0:796d0f61a05b | 64 | * \return 0 if successful, or a PolarSSL error code |
| HannesTschofenig | 0:796d0f61a05b | 65 | */ |
| HannesTschofenig | 0:796d0f61a05b | 66 | int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode, |
| HannesTschofenig | 0:796d0f61a05b | 67 | const unsigned char *pwd, size_t pwdlen, |
| HannesTschofenig | 0:796d0f61a05b | 68 | const unsigned char *input, size_t len, |
| HannesTschofenig | 0:796d0f61a05b | 69 | unsigned char *output ); |
| HannesTschofenig | 0:796d0f61a05b | 70 | |
| HannesTschofenig | 0:796d0f61a05b | 71 | /** |
| HannesTschofenig | 0:796d0f61a05b | 72 | * \brief PKCS12 Password Based function (encryption / decryption) |
| HannesTschofenig | 0:796d0f61a05b | 73 | * for cipher-based and md-based PBE's |
| HannesTschofenig | 0:796d0f61a05b | 74 | * |
| HannesTschofenig | 0:796d0f61a05b | 75 | * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure |
| HannesTschofenig | 0:796d0f61a05b | 76 | * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT |
| HannesTschofenig | 0:796d0f61a05b | 77 | * \param cipher_type the cipher used |
| HannesTschofenig | 0:796d0f61a05b | 78 | * \param md_type the md used |
| HannesTschofenig | 0:796d0f61a05b | 79 | * \param pwd the password used (may be NULL if no password is used) |
| HannesTschofenig | 0:796d0f61a05b | 80 | * \param pwdlen length of the password (may be 0) |
| HannesTschofenig | 0:796d0f61a05b | 81 | * \param input the input data |
| HannesTschofenig | 0:796d0f61a05b | 82 | * \param len data length |
| HannesTschofenig | 0:796d0f61a05b | 83 | * \param output the output buffer |
| HannesTschofenig | 0:796d0f61a05b | 84 | * |
| HannesTschofenig | 0:796d0f61a05b | 85 | * \return 0 if successful, or a PolarSSL error code |
| HannesTschofenig | 0:796d0f61a05b | 86 | */ |
| HannesTschofenig | 0:796d0f61a05b | 87 | int pkcs12_pbe( asn1_buf *pbe_params, int mode, |
| HannesTschofenig | 0:796d0f61a05b | 88 | cipher_type_t cipher_type, md_type_t md_type, |
| HannesTschofenig | 0:796d0f61a05b | 89 | const unsigned char *pwd, size_t pwdlen, |
| HannesTschofenig | 0:796d0f61a05b | 90 | const unsigned char *input, size_t len, |
| HannesTschofenig | 0:796d0f61a05b | 91 | unsigned char *output ); |
| HannesTschofenig | 0:796d0f61a05b | 92 | |
| HannesTschofenig | 0:796d0f61a05b | 93 | /** |
| HannesTschofenig | 0:796d0f61a05b | 94 | * \brief The PKCS#12 derivation function uses a password and a salt |
| HannesTschofenig | 0:796d0f61a05b | 95 | * to produce pseudo-random bits for a particular "purpose". |
| HannesTschofenig | 0:796d0f61a05b | 96 | * |
| HannesTschofenig | 0:796d0f61a05b | 97 | * Depending on the given id, this function can produce an |
| HannesTschofenig | 0:796d0f61a05b | 98 | * encryption/decryption key, an nitialization vector or an |
| HannesTschofenig | 0:796d0f61a05b | 99 | * integrity key. |
| HannesTschofenig | 0:796d0f61a05b | 100 | * |
| HannesTschofenig | 0:796d0f61a05b | 101 | * \param data buffer to store the derived data in |
| HannesTschofenig | 0:796d0f61a05b | 102 | * \param datalen length to fill |
| HannesTschofenig | 0:796d0f61a05b | 103 | * \param pwd password to use (may be NULL if no password is used) |
| HannesTschofenig | 0:796d0f61a05b | 104 | * \param pwdlen length of the password (may be 0) |
| HannesTschofenig | 0:796d0f61a05b | 105 | * \param salt salt buffer to use |
| HannesTschofenig | 0:796d0f61a05b | 106 | * \param saltlen length of the salt |
| HannesTschofenig | 0:796d0f61a05b | 107 | * \param md md type to use during the derivation |
| HannesTschofenig | 0:796d0f61a05b | 108 | * \param id id that describes the purpose (can be PKCS12_DERIVE_KEY, |
| HannesTschofenig | 0:796d0f61a05b | 109 | * PKCS12_DERIVE_IV or PKCS12_DERIVE_MAC_KEY) |
| HannesTschofenig | 0:796d0f61a05b | 110 | * \param iterations number of iterations |
| HannesTschofenig | 0:796d0f61a05b | 111 | * |
| HannesTschofenig | 0:796d0f61a05b | 112 | * \return 0 if successful, or a MD, BIGNUM type error. |
| HannesTschofenig | 0:796d0f61a05b | 113 | */ |
| HannesTschofenig | 0:796d0f61a05b | 114 | int pkcs12_derivation( unsigned char *data, size_t datalen, |
| HannesTschofenig | 0:796d0f61a05b | 115 | const unsigned char *pwd, size_t pwdlen, |
| HannesTschofenig | 0:796d0f61a05b | 116 | const unsigned char *salt, size_t saltlen, |
| HannesTschofenig | 0:796d0f61a05b | 117 | md_type_t md, int id, int iterations ); |
| HannesTschofenig | 0:796d0f61a05b | 118 | |
| HannesTschofenig | 0:796d0f61a05b | 119 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 120 | } |
| HannesTschofenig | 0:796d0f61a05b | 121 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 122 | |
| HannesTschofenig | 0:796d0f61a05b | 123 | #endif /* pkcs12.h */ |
| HannesTschofenig | 0:796d0f61a05b | 124 | |
| HannesTschofenig | 0:796d0f61a05b | 125 |