Doug Anson / mbedTLSLibrary

mbed TLS library

Dependents:   HTTPClient-SSL WS_SERVER

include/polarssl/pkcs12.h@0:137634ff4186, 2015-06-11 (annotated)

Committer:
ansond
Date:
Thu Jun 11 03:27:03 2015 +0000
Revision:
0:137634ff4186
initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
ansond 0:137634ff4186 1 /**
ansond 0:137634ff4186 2 * \file pkcs12.h
ansond 0:137634ff4186 3 *
ansond 0:137634ff4186 4 * \brief PKCS#12 Personal Information Exchange Syntax
ansond 0:137634ff4186 5 *
ansond 0:137634ff4186 6 * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
ansond 0:137634ff4186 7 *
ansond 0:137634ff4186 8 * This file is part of mbed TLS (https://tls.mbed.org)
ansond 0:137634ff4186 9 *
ansond 0:137634ff4186 10 * This program is free software; you can redistribute it and/or modify
ansond 0:137634ff4186 11 * it under the terms of the GNU General Public License as published by
ansond 0:137634ff4186 12 * the Free Software Foundation; either version 2 of the License, or
ansond 0:137634ff4186 13 * (at your option) any later version.
ansond 0:137634ff4186 14 *
ansond 0:137634ff4186 15 * This program is distributed in the hope that it will be useful,
ansond 0:137634ff4186 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
ansond 0:137634ff4186 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
ansond 0:137634ff4186 18 * GNU General Public License for more details.
ansond 0:137634ff4186 19 *
ansond 0:137634ff4186 20 * You should have received a copy of the GNU General Public License along
ansond 0:137634ff4186 21 * with this program; if not, write to the Free Software Foundation, Inc.,
ansond 0:137634ff4186 22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
ansond 0:137634ff4186 23 */
ansond 0:137634ff4186 24 #ifndef POLARSSL_PKCS12_H
ansond 0:137634ff4186 25 #define POLARSSL_PKCS12_H
ansond 0:137634ff4186 26
ansond 0:137634ff4186 27 #include "md.h"
ansond 0:137634ff4186 28 #include "cipher.h"
ansond 0:137634ff4186 29 #include "asn1.h"
ansond 0:137634ff4186 30
ansond 0:137634ff4186 31 #include <stddef.h>
ansond 0:137634ff4186 32
ansond 0:137634ff4186 33 #define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
ansond 0:137634ff4186 34 #define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
ansond 0:137634ff4186 35 #define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
ansond 0:137634ff4186 36 #define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
ansond 0:137634ff4186 37
ansond 0:137634ff4186 38 #define PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
ansond 0:137634ff4186 39 #define PKCS12_DERIVE_IV 2 /**< initialization vector */
ansond 0:137634ff4186 40 #define PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */
ansond 0:137634ff4186 41
ansond 0:137634ff4186 42 #define PKCS12_PBE_DECRYPT 0
ansond 0:137634ff4186 43 #define PKCS12_PBE_ENCRYPT 1
ansond 0:137634ff4186 44
ansond 0:137634ff4186 45 #ifdef __cplusplus
ansond 0:137634ff4186 46 extern "C" {
ansond 0:137634ff4186 47 #endif
ansond 0:137634ff4186 48
ansond 0:137634ff4186 49 /**
ansond 0:137634ff4186 50 * \brief PKCS12 Password Based function (encryption / decryption)
ansond 0:137634ff4186 51 * for pbeWithSHAAnd128BitRC4
ansond 0:137634ff4186 52 *
ansond 0:137634ff4186 53 * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
ansond 0:137634ff4186 54 * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
ansond 0:137634ff4186 55 * \param pwd the password used (may be NULL if no password is used)
ansond 0:137634ff4186 56 * \param pwdlen length of the password (may be 0)
ansond 0:137634ff4186 57 * \param input the input data
ansond 0:137634ff4186 58 * \param len data length
ansond 0:137634ff4186 59 * \param output the output buffer
ansond 0:137634ff4186 60 *
ansond 0:137634ff4186 61 * \return 0 if successful, or a POLARSSL_ERR_xxx code
ansond 0:137634ff4186 62 */
ansond 0:137634ff4186 63 int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
ansond 0:137634ff4186 64 const unsigned char *pwd, size_t pwdlen,
ansond 0:137634ff4186 65 const unsigned char *input, size_t len,
ansond 0:137634ff4186 66 unsigned char *output );
ansond 0:137634ff4186 67
ansond 0:137634ff4186 68 /**
ansond 0:137634ff4186 69 * \brief PKCS12 Password Based function (encryption / decryption)
ansond 0:137634ff4186 70 * for cipher-based and md-based PBE's
ansond 0:137634ff4186 71 *
ansond 0:137634ff4186 72 * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
ansond 0:137634ff4186 73 * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
ansond 0:137634ff4186 74 * \param cipher_type the cipher used
ansond 0:137634ff4186 75 * \param md_type the md used
ansond 0:137634ff4186 76 * \param pwd the password used (may be NULL if no password is used)
ansond 0:137634ff4186 77 * \param pwdlen length of the password (may be 0)
ansond 0:137634ff4186 78 * \param input the input data
ansond 0:137634ff4186 79 * \param len data length
ansond 0:137634ff4186 80 * \param output the output buffer
ansond 0:137634ff4186 81 *
ansond 0:137634ff4186 82 * \return 0 if successful, or a POLARSSL_ERR_xxx code
ansond 0:137634ff4186 83 */
ansond 0:137634ff4186 84 int pkcs12_pbe( asn1_buf *pbe_params, int mode,
ansond 0:137634ff4186 85 cipher_type_t cipher_type, md_type_t md_type,
ansond 0:137634ff4186 86 const unsigned char *pwd, size_t pwdlen,
ansond 0:137634ff4186 87 const unsigned char *input, size_t len,
ansond 0:137634ff4186 88 unsigned char *output );
ansond 0:137634ff4186 89
ansond 0:137634ff4186 90 /**
ansond 0:137634ff4186 91 * \brief The PKCS#12 derivation function uses a password and a salt
ansond 0:137634ff4186 92 * to produce pseudo-random bits for a particular "purpose".
ansond 0:137634ff4186 93 *
ansond 0:137634ff4186 94 * Depending on the given id, this function can produce an
ansond 0:137634ff4186 95 * encryption/decryption key, an nitialization vector or an
ansond 0:137634ff4186 96 * integrity key.
ansond 0:137634ff4186 97 *
ansond 0:137634ff4186 98 * \param data buffer to store the derived data in
ansond 0:137634ff4186 99 * \param datalen length to fill
ansond 0:137634ff4186 100 * \param pwd password to use (may be NULL if no password is used)
ansond 0:137634ff4186 101 * \param pwdlen length of the password (may be 0)
ansond 0:137634ff4186 102 * \param salt salt buffer to use
ansond 0:137634ff4186 103 * \param saltlen length of the salt
ansond 0:137634ff4186 104 * \param md md type to use during the derivation
ansond 0:137634ff4186 105 * \param id id that describes the purpose (can be PKCS12_DERIVE_KEY,
ansond 0:137634ff4186 106 * PKCS12_DERIVE_IV or PKCS12_DERIVE_MAC_KEY)
ansond 0:137634ff4186 107 * \param iterations number of iterations
ansond 0:137634ff4186 108 *
ansond 0:137634ff4186 109 * \return 0 if successful, or a MD, BIGNUM type error.
ansond 0:137634ff4186 110 */
ansond 0:137634ff4186 111 int pkcs12_derivation( unsigned char *data, size_t datalen,
ansond 0:137634ff4186 112 const unsigned char *pwd, size_t pwdlen,
ansond 0:137634ff4186 113 const unsigned char *salt, size_t saltlen,
ansond 0:137634ff4186 114 md_type_t md, int id, int iterations );
ansond 0:137634ff4186 115
ansond 0:137634ff4186 116 #ifdef __cplusplus
ansond 0:137634ff4186 117 }
ansond 0:137634ff4186 118 #endif
ansond 0:137634ff4186 119
ansond 0:137634ff4186 120 #endif /* pkcs12.h */
ansond 0:137634ff4186 121