Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
pk.h
00001 /** 00002 * \file pk.h 00003 * 00004 * \brief Public Key abstraction layer 00005 */ 00006 /* 00007 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00008 * SPDX-License-Identifier: Apache-2.0 00009 * 00010 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00011 * not use this file except in compliance with the License. 00012 * You may obtain a copy of the License at 00013 * 00014 * http://www.apache.org/licenses/LICENSE-2.0 00015 * 00016 * Unless required by applicable law or agreed to in writing, software 00017 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00018 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00019 * See the License for the specific language governing permissions and 00020 * limitations under the License. 00021 * 00022 * This file is part of mbed TLS (https://tls.mbed.org) 00023 */ 00024 00025 #ifndef MBEDTLS_PK_H 00026 #define MBEDTLS_PK_H 00027 00028 #if !defined(MBEDTLS_CONFIG_FILE) 00029 #include "config.h" 00030 #else 00031 #include MBEDTLS_CONFIG_FILE 00032 #endif 00033 00034 #include "md.h" 00035 00036 #if defined(MBEDTLS_RSA_C) 00037 #include "rsa.h" 00038 #endif 00039 00040 #if defined(MBEDTLS_ECP_C) 00041 #include "ecp.h" 00042 #endif 00043 00044 #if defined(MBEDTLS_ECDSA_C) 00045 #include "ecdsa.h" 00046 #endif 00047 00048 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ 00049 !defined(inline) && !defined(__cplusplus) 00050 #define inline __inline 00051 #endif 00052 00053 #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */ 00054 #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */ 00055 #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */ 00056 #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */ 00057 #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */ 00058 #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */ 00059 #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */ 00060 #define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 /**< Private key password can't be empty. */ 00061 #define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 /**< Given private key password does not allow for correct decryption. */ 00062 #define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */ 00063 #define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */ 00064 #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ 00065 #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ 00066 #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */ 00067 #define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */ 00068 00069 #ifdef __cplusplus 00070 extern "C" { 00071 #endif 00072 00073 /** 00074 * \brief Public key types 00075 */ 00076 typedef enum { 00077 MBEDTLS_PK_NONE=0, 00078 MBEDTLS_PK_RSA, 00079 MBEDTLS_PK_ECKEY, 00080 MBEDTLS_PK_ECKEY_DH, 00081 MBEDTLS_PK_ECDSA, 00082 MBEDTLS_PK_RSA_ALT, 00083 MBEDTLS_PK_RSASSA_PSS, 00084 } mbedtls_pk_type_t; 00085 00086 /** 00087 * \brief Options for RSASSA-PSS signature verification. 00088 * See \c mbedtls_rsa_rsassa_pss_verify_ext() 00089 */ 00090 typedef struct 00091 { 00092 mbedtls_md_type_t mgf1_hash_id; 00093 int expected_salt_len; 00094 00095 } mbedtls_pk_rsassa_pss_options; 00096 00097 /** 00098 * \brief Types for interfacing with the debug module 00099 */ 00100 typedef enum 00101 { 00102 MBEDTLS_PK_DEBUG_NONE = 0, 00103 MBEDTLS_PK_DEBUG_MPI, 00104 MBEDTLS_PK_DEBUG_ECP, 00105 } mbedtls_pk_debug_type; 00106 00107 /** 00108 * \brief Item to send to the debug module 00109 */ 00110 typedef struct 00111 { 00112 mbedtls_pk_debug_type type; 00113 const char *name; 00114 void *value; 00115 } mbedtls_pk_debug_item; 00116 00117 /** Maximum number of item send for debugging, plus 1 */ 00118 #define MBEDTLS_PK_DEBUG_MAX_ITEMS 3 00119 00120 /** 00121 * \brief Public key information and operations 00122 */ 00123 typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; 00124 00125 /** 00126 * \brief Public key container 00127 */ 00128 typedef struct 00129 { 00130 const mbedtls_pk_info_t * pk_info; /**< Public key informations */ 00131 void * pk_ctx; /**< Underlying public key context */ 00132 } mbedtls_pk_context; 00133 00134 #if defined(MBEDTLS_RSA_C) 00135 /** 00136 * Quick access to an RSA context inside a PK context. 00137 * 00138 * \warning You must make sure the PK context actually holds an RSA context 00139 * before using this function! 00140 */ 00141 static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) 00142 { 00143 return( (mbedtls_rsa_context *) (pk).pk_ctx ); 00144 } 00145 #endif /* MBEDTLS_RSA_C */ 00146 00147 #if defined(MBEDTLS_ECP_C) 00148 /** 00149 * Quick access to an EC context inside a PK context. 00150 * 00151 * \warning You must make sure the PK context actually holds an EC context 00152 * before using this function! 00153 */ 00154 static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) 00155 { 00156 return( (mbedtls_ecp_keypair *) (pk).pk_ctx ); 00157 } 00158 #endif /* MBEDTLS_ECP_C */ 00159 00160 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00161 /** 00162 * \brief Types for RSA-alt abstraction 00163 */ 00164 typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, 00165 const unsigned char *input, unsigned char *output, 00166 size_t output_max_len ); 00167 typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, 00168 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, 00169 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, 00170 const unsigned char *hash, unsigned char *sig ); 00171 typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); 00172 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ 00173 00174 /** 00175 * \brief Return information associated with the given PK type 00176 * 00177 * \param pk_type PK type to search for. 00178 * 00179 * \return The PK info associated with the type or NULL if not found. 00180 */ 00181 const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); 00182 00183 /** 00184 * \brief Initialize a mbedtls_pk_context (as NONE) 00185 */ 00186 void mbedtls_pk_init( mbedtls_pk_context *ctx ); 00187 00188 /** 00189 * \brief Free a mbedtls_pk_context 00190 */ 00191 void mbedtls_pk_free( mbedtls_pk_context *ctx ); 00192 00193 /** 00194 * \brief Initialize a PK context with the information given 00195 * and allocates the type-specific PK subcontext. 00196 * 00197 * \param ctx Context to initialize. Must be empty (type NONE). 00198 * \param info Information to use 00199 * 00200 * \return 0 on success, 00201 * MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, 00202 * MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. 00203 * 00204 * \note For contexts holding an RSA-alt key, use 00205 * \c mbedtls_pk_setup_rsa_alt() instead. 00206 */ 00207 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); 00208 00209 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00210 /** 00211 * \brief Initialize an RSA-alt context 00212 * 00213 * \param ctx Context to initialize. Must be empty (type NONE). 00214 * \param key RSA key pointer 00215 * \param decrypt_func Decryption function 00216 * \param sign_func Signing function 00217 * \param key_len_func Function returning key length in bytes 00218 * 00219 * \return 0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the 00220 * context wasn't already initialized as RSA_ALT. 00221 * 00222 * \note This function replaces \c mbedtls_pk_setup() for RSA-alt. 00223 */ 00224 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, 00225 mbedtls_pk_rsa_alt_decrypt_func decrypt_func, 00226 mbedtls_pk_rsa_alt_sign_func sign_func, 00227 mbedtls_pk_rsa_alt_key_len_func key_len_func ); 00228 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ 00229 00230 /** 00231 * \brief Get the size in bits of the underlying key 00232 * 00233 * \param ctx Context to use 00234 * 00235 * \return Key size in bits, or 0 on error 00236 */ 00237 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); 00238 00239 /** 00240 * \brief Get the length in bytes of the underlying key 00241 * \param ctx Context to use 00242 * 00243 * \return Key length in bytes, or 0 on error 00244 */ 00245 static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) 00246 { 00247 return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 ); 00248 } 00249 00250 /** 00251 * \brief Tell if a context can do the operation given by type 00252 * 00253 * \param ctx Context to test 00254 * \param type Target type 00255 * 00256 * \return 0 if context can't do the operations, 00257 * 1 otherwise. 00258 */ 00259 int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); 00260 00261 /** 00262 * \brief Verify signature (including padding if relevant). 00263 * 00264 * \param ctx PK context to use 00265 * \param md_alg Hash algorithm used (see notes) 00266 * \param hash Hash of the message to sign 00267 * \param hash_len Hash length or 0 (see notes) 00268 * \param sig Signature to verify 00269 * \param sig_len Signature length 00270 * 00271 * \return 0 on success (signature is valid), 00272 * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid 00273 * signature in sig but its length is less than \p siglen, 00274 * or a specific error code. 00275 * 00276 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00277 * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) 00278 * to verify RSASSA_PSS signatures. 00279 * 00280 * \note If hash_len is 0, then the length associated with md_alg 00281 * is used instead, or an error returned if it is invalid. 00282 * 00283 * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 00284 */ 00285 int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, 00286 const unsigned char *hash, size_t hash_len, 00287 const unsigned char *sig, size_t sig_len ); 00288 00289 /** 00290 * \brief Verify signature, with options. 00291 * (Includes verification of the padding depending on type.) 00292 * 00293 * \param type Signature type (inc. possible padding type) to verify 00294 * \param options Pointer to type-specific options, or NULL 00295 * \param ctx PK context to use 00296 * \param md_alg Hash algorithm used (see notes) 00297 * \param hash Hash of the message to sign 00298 * \param hash_len Hash length or 0 (see notes) 00299 * \param sig Signature to verify 00300 * \param sig_len Signature length 00301 * 00302 * \return 0 on success (signature is valid), 00303 * #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be 00304 * used for this type of signatures, 00305 * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid 00306 * signature in sig but its length is less than \p siglen, 00307 * or a specific error code. 00308 * 00309 * \note If hash_len is 0, then the length associated with md_alg 00310 * is used instead, or an error returned if it is invalid. 00311 * 00312 * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 00313 * 00314 * \note If type is MBEDTLS_PK_RSASSA_PSS, then options must point 00315 * to a mbedtls_pk_rsassa_pss_options structure, 00316 * otherwise it must be NULL. 00317 */ 00318 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, 00319 mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, 00320 const unsigned char *hash, size_t hash_len, 00321 const unsigned char *sig, size_t sig_len ); 00322 00323 /** 00324 * \brief Make signature, including padding if relevant. 00325 * 00326 * \param ctx PK context to use - must hold a private key 00327 * \param md_alg Hash algorithm used (see notes) 00328 * \param hash Hash of the message to sign 00329 * \param hash_len Hash length or 0 (see notes) 00330 * \param sig Place to write the signature 00331 * \param sig_len Number of bytes written 00332 * \param f_rng RNG function 00333 * \param p_rng RNG parameter 00334 * 00335 * \return 0 on success, or a specific error code. 00336 * 00337 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00338 * There is no interface in the PK module to make RSASSA-PSS 00339 * signatures yet. 00340 * 00341 * \note If hash_len is 0, then the length associated with md_alg 00342 * is used instead, or an error returned if it is invalid. 00343 * 00344 * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. 00345 * For ECDSA, md_alg may never be MBEDTLS_MD_NONE. 00346 */ 00347 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, 00348 const unsigned char *hash, size_t hash_len, 00349 unsigned char *sig, size_t *sig_len, 00350 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00351 00352 /** 00353 * \brief Decrypt message (including padding if relevant). 00354 * 00355 * \param ctx PK context to use - must hold a private key 00356 * \param input Input to decrypt 00357 * \param ilen Input size 00358 * \param output Decrypted output 00359 * \param olen Decrypted message length 00360 * \param osize Size of the output buffer 00361 * \param f_rng RNG function 00362 * \param p_rng RNG parameter 00363 * 00364 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00365 * 00366 * \return 0 on success, or a specific error code. 00367 */ 00368 int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, 00369 const unsigned char *input, size_t ilen, 00370 unsigned char *output, size_t *olen, size_t osize, 00371 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00372 00373 /** 00374 * \brief Encrypt message (including padding if relevant). 00375 * 00376 * \param ctx PK context to use 00377 * \param input Message to encrypt 00378 * \param ilen Message size 00379 * \param output Encrypted output 00380 * \param olen Encrypted output length 00381 * \param osize Size of the output buffer 00382 * \param f_rng RNG function 00383 * \param p_rng RNG parameter 00384 * 00385 * \note For RSA keys, the default padding type is PKCS#1 v1.5. 00386 * 00387 * \return 0 on success, or a specific error code. 00388 */ 00389 int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, 00390 const unsigned char *input, size_t ilen, 00391 unsigned char *output, size_t *olen, size_t osize, 00392 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00393 00394 /** 00395 * \brief Check if a public-private pair of keys matches. 00396 * 00397 * \param pub Context holding a public key. 00398 * \param prv Context holding a private (and public) key. 00399 * 00400 * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA 00401 */ 00402 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ); 00403 00404 /** 00405 * \brief Export debug information 00406 * 00407 * \param ctx Context to use 00408 * \param items Place to write debug items 00409 * 00410 * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA 00411 */ 00412 int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ); 00413 00414 /** 00415 * \brief Access the type name 00416 * 00417 * \param ctx Context to use 00418 * 00419 * \return Type name on success, or "invalid PK" 00420 */ 00421 const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); 00422 00423 /** 00424 * \brief Get the key type 00425 * 00426 * \param ctx Context to use 00427 * 00428 * \return Type on success, or MBEDTLS_PK_NONE 00429 */ 00430 mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); 00431 00432 #if defined(MBEDTLS_PK_PARSE_C) 00433 /** \ingroup pk_module */ 00434 /** 00435 * \brief Parse a private key in PEM or DER format 00436 * 00437 * \param ctx key to be initialized 00438 * \param key input buffer 00439 * \param keylen size of the buffer 00440 * (including the terminating null byte for PEM data) 00441 * \param pwd password for decryption (optional) 00442 * \param pwdlen size of the password 00443 * 00444 * \note On entry, ctx must be empty, either freshly initialised 00445 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a 00446 * specific key type, check the result with mbedtls_pk_can_do(). 00447 * 00448 * \note The key is also checked for correctness. 00449 * 00450 * \return 0 if successful, or a specific PK or PEM error code 00451 */ 00452 int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, 00453 const unsigned char *key, size_t keylen, 00454 const unsigned char *pwd, size_t pwdlen ); 00455 00456 /** \ingroup pk_module */ 00457 /** 00458 * \brief Parse a public key in PEM or DER format 00459 * 00460 * \param ctx key to be initialized 00461 * \param key input buffer 00462 * \param keylen size of the buffer 00463 * (including the terminating null byte for PEM data) 00464 * 00465 * \note On entry, ctx must be empty, either freshly initialised 00466 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a 00467 * specific key type, check the result with mbedtls_pk_can_do(). 00468 * 00469 * \note The key is also checked for correctness. 00470 * 00471 * \return 0 if successful, or a specific PK or PEM error code 00472 */ 00473 int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, 00474 const unsigned char *key, size_t keylen ); 00475 00476 #if defined(MBEDTLS_FS_IO) 00477 /** \ingroup pk_module */ 00478 /** 00479 * \brief Load and parse a private key 00480 * 00481 * \param ctx key to be initialized 00482 * \param path filename to read the private key from 00483 * \param password password to decrypt the file (can be NULL) 00484 * 00485 * \note On entry, ctx must be empty, either freshly initialised 00486 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a 00487 * specific key type, check the result with mbedtls_pk_can_do(). 00488 * 00489 * \note The key is also checked for correctness. 00490 * 00491 * \return 0 if successful, or a specific PK or PEM error code 00492 */ 00493 int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, 00494 const char *path, const char *password ); 00495 00496 /** \ingroup pk_module */ 00497 /** 00498 * \brief Load and parse a public key 00499 * 00500 * \param ctx key to be initialized 00501 * \param path filename to read the public key from 00502 * 00503 * \note On entry, ctx must be empty, either freshly initialised 00504 * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If 00505 * you need a specific key type, check the result with 00506 * mbedtls_pk_can_do(). 00507 * 00508 * \note The key is also checked for correctness. 00509 * 00510 * \return 0 if successful, or a specific PK or PEM error code 00511 */ 00512 int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ); 00513 #endif /* MBEDTLS_FS_IO */ 00514 #endif /* MBEDTLS_PK_PARSE_C */ 00515 00516 #if defined(MBEDTLS_PK_WRITE_C) 00517 /** 00518 * \brief Write a private key to a PKCS#1 or SEC1 DER structure 00519 * Note: data is written at the end of the buffer! Use the 00520 * return value to determine where you should start 00521 * using the buffer 00522 * 00523 * \param ctx private to write away 00524 * \param buf buffer to write to 00525 * \param size size of the buffer 00526 * 00527 * \return length of data written if successful, or a specific 00528 * error code 00529 */ 00530 int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00531 00532 /** 00533 * \brief Write a public key to a SubjectPublicKeyInfo DER structure 00534 * Note: data is written at the end of the buffer! Use the 00535 * return value to determine where you should start 00536 * using the buffer 00537 * 00538 * \param ctx public key to write away 00539 * \param buf buffer to write to 00540 * \param size size of the buffer 00541 * 00542 * \return length of data written if successful, or a specific 00543 * error code 00544 */ 00545 int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00546 00547 #if defined(MBEDTLS_PEM_WRITE_C) 00548 /** 00549 * \brief Write a public key to a PEM string 00550 * 00551 * \param ctx public key to write away 00552 * \param buf buffer to write to 00553 * \param size size of the buffer 00554 * 00555 * \return 0 if successful, or a specific error code 00556 */ 00557 int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00558 00559 /** 00560 * \brief Write a private key to a PKCS#1 or SEC1 PEM string 00561 * 00562 * \param ctx private to write away 00563 * \param buf buffer to write to 00564 * \param size size of the buffer 00565 * 00566 * \return 0 if successful, or a specific error code 00567 */ 00568 int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); 00569 #endif /* MBEDTLS_PEM_WRITE_C */ 00570 #endif /* MBEDTLS_PK_WRITE_C */ 00571 00572 /* 00573 * WARNING: Low-level functions. You probably do not want to use these unless 00574 * you are certain you do ;) 00575 */ 00576 00577 #if defined(MBEDTLS_PK_PARSE_C) 00578 /** 00579 * \brief Parse a SubjectPublicKeyInfo DER structure 00580 * 00581 * \param p the position in the ASN.1 data 00582 * \param end end of the buffer 00583 * \param pk the key to fill 00584 * 00585 * \return 0 if successful, or a specific PK error code 00586 */ 00587 int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, 00588 mbedtls_pk_context *pk ); 00589 #endif /* MBEDTLS_PK_PARSE_C */ 00590 00591 #if defined(MBEDTLS_PK_WRITE_C) 00592 /** 00593 * \brief Write a subjectPublicKey to ASN.1 data 00594 * Note: function works backwards in data buffer 00595 * 00596 * \param p reference to current position pointer 00597 * \param start start of the buffer (for bounds-checking) 00598 * \param key public key to write away 00599 * 00600 * \return the length written or a negative error code 00601 */ 00602 int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, 00603 const mbedtls_pk_context *key ); 00604 #endif /* MBEDTLS_PK_WRITE_C */ 00605 00606 /* 00607 * Internal module functions. You probably do not want to use these unless you 00608 * know you do. 00609 */ 00610 #if defined(MBEDTLS_FS_IO) 00611 int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); 00612 #endif 00613 00614 #ifdef __cplusplus 00615 } 00616 #endif 00617 00618 #endif /* MBEDTLS_PK_H */
Generated on Tue Jul 12 2022 12:45:41 by
