mbed TLS library
Dependents: HTTPClient-SSL WS_SERVER
polarssl/pk.c@0:137634ff4186, 2015-06-11 (annotated)
- Committer:
- ansond
- Date:
- Thu Jun 11 03:27:03 2015 +0000
- Revision:
- 0:137634ff4186
initial commit
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
ansond | 0:137634ff4186 | 1 | /* |
ansond | 0:137634ff4186 | 2 | * Public Key abstraction layer |
ansond | 0:137634ff4186 | 3 | * |
ansond | 0:137634ff4186 | 4 | * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved |
ansond | 0:137634ff4186 | 5 | * |
ansond | 0:137634ff4186 | 6 | * This file is part of mbed TLS (https://tls.mbed.org) |
ansond | 0:137634ff4186 | 7 | * |
ansond | 0:137634ff4186 | 8 | * This program is free software; you can redistribute it and/or modify |
ansond | 0:137634ff4186 | 9 | * it under the terms of the GNU General Public License as published by |
ansond | 0:137634ff4186 | 10 | * the Free Software Foundation; either version 2 of the License, or |
ansond | 0:137634ff4186 | 11 | * (at your option) any later version. |
ansond | 0:137634ff4186 | 12 | * |
ansond | 0:137634ff4186 | 13 | * This program is distributed in the hope that it will be useful, |
ansond | 0:137634ff4186 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
ansond | 0:137634ff4186 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
ansond | 0:137634ff4186 | 16 | * GNU General Public License for more details. |
ansond | 0:137634ff4186 | 17 | * |
ansond | 0:137634ff4186 | 18 | * You should have received a copy of the GNU General Public License along |
ansond | 0:137634ff4186 | 19 | * with this program; if not, write to the Free Software Foundation, Inc., |
ansond | 0:137634ff4186 | 20 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
ansond | 0:137634ff4186 | 21 | */ |
ansond | 0:137634ff4186 | 22 | |
ansond | 0:137634ff4186 | 23 | #if !defined(POLARSSL_CONFIG_FILE) |
ansond | 0:137634ff4186 | 24 | #include "polarssl/config.h" |
ansond | 0:137634ff4186 | 25 | #else |
ansond | 0:137634ff4186 | 26 | #include POLARSSL_CONFIG_FILE |
ansond | 0:137634ff4186 | 27 | #endif |
ansond | 0:137634ff4186 | 28 | |
ansond | 0:137634ff4186 | 29 | #if defined(POLARSSL_PK_C) |
ansond | 0:137634ff4186 | 30 | #include "polarssl/pk.h" |
ansond | 0:137634ff4186 | 31 | #include "polarssl/pk_wrap.h" |
ansond | 0:137634ff4186 | 32 | |
ansond | 0:137634ff4186 | 33 | #if defined(POLARSSL_RSA_C) |
ansond | 0:137634ff4186 | 34 | #include "polarssl/rsa.h" |
ansond | 0:137634ff4186 | 35 | #endif |
ansond | 0:137634ff4186 | 36 | #if defined(POLARSSL_ECP_C) |
ansond | 0:137634ff4186 | 37 | #include "polarssl/ecp.h" |
ansond | 0:137634ff4186 | 38 | #endif |
ansond | 0:137634ff4186 | 39 | #if defined(POLARSSL_ECDSA_C) |
ansond | 0:137634ff4186 | 40 | #include "polarssl/ecdsa.h" |
ansond | 0:137634ff4186 | 41 | #endif |
ansond | 0:137634ff4186 | 42 | |
ansond | 0:137634ff4186 | 43 | /* Implementation that should never be optimized out by the compiler */ |
ansond | 0:137634ff4186 | 44 | static void polarssl_zeroize( void *v, size_t n ) { |
ansond | 0:137634ff4186 | 45 | volatile unsigned char *p = v; while( n-- ) *p++ = 0; |
ansond | 0:137634ff4186 | 46 | } |
ansond | 0:137634ff4186 | 47 | |
ansond | 0:137634ff4186 | 48 | /* |
ansond | 0:137634ff4186 | 49 | * Initialise a pk_context |
ansond | 0:137634ff4186 | 50 | */ |
ansond | 0:137634ff4186 | 51 | void pk_init( pk_context *ctx ) |
ansond | 0:137634ff4186 | 52 | { |
ansond | 0:137634ff4186 | 53 | if( ctx == NULL ) |
ansond | 0:137634ff4186 | 54 | return; |
ansond | 0:137634ff4186 | 55 | |
ansond | 0:137634ff4186 | 56 | ctx->pk_info = NULL; |
ansond | 0:137634ff4186 | 57 | ctx->pk_ctx = NULL; |
ansond | 0:137634ff4186 | 58 | } |
ansond | 0:137634ff4186 | 59 | |
ansond | 0:137634ff4186 | 60 | /* |
ansond | 0:137634ff4186 | 61 | * Free (the components of) a pk_context |
ansond | 0:137634ff4186 | 62 | */ |
ansond | 0:137634ff4186 | 63 | void pk_free( pk_context *ctx ) |
ansond | 0:137634ff4186 | 64 | { |
ansond | 0:137634ff4186 | 65 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 66 | return; |
ansond | 0:137634ff4186 | 67 | |
ansond | 0:137634ff4186 | 68 | ctx->pk_info->ctx_free_func( ctx->pk_ctx ); |
ansond | 0:137634ff4186 | 69 | |
ansond | 0:137634ff4186 | 70 | polarssl_zeroize( ctx, sizeof( pk_context ) ); |
ansond | 0:137634ff4186 | 71 | } |
ansond | 0:137634ff4186 | 72 | |
ansond | 0:137634ff4186 | 73 | /* |
ansond | 0:137634ff4186 | 74 | * Get pk_info structure from type |
ansond | 0:137634ff4186 | 75 | */ |
ansond | 0:137634ff4186 | 76 | const pk_info_t * pk_info_from_type( pk_type_t pk_type ) |
ansond | 0:137634ff4186 | 77 | { |
ansond | 0:137634ff4186 | 78 | switch( pk_type ) { |
ansond | 0:137634ff4186 | 79 | #if defined(POLARSSL_RSA_C) |
ansond | 0:137634ff4186 | 80 | case POLARSSL_PK_RSA: |
ansond | 0:137634ff4186 | 81 | return( &rsa_info ); |
ansond | 0:137634ff4186 | 82 | #endif |
ansond | 0:137634ff4186 | 83 | #if defined(POLARSSL_ECP_C) |
ansond | 0:137634ff4186 | 84 | case POLARSSL_PK_ECKEY: |
ansond | 0:137634ff4186 | 85 | return( &eckey_info ); |
ansond | 0:137634ff4186 | 86 | case POLARSSL_PK_ECKEY_DH: |
ansond | 0:137634ff4186 | 87 | return( &eckeydh_info ); |
ansond | 0:137634ff4186 | 88 | #endif |
ansond | 0:137634ff4186 | 89 | #if defined(POLARSSL_ECDSA_C) |
ansond | 0:137634ff4186 | 90 | case POLARSSL_PK_ECDSA: |
ansond | 0:137634ff4186 | 91 | return( &ecdsa_info ); |
ansond | 0:137634ff4186 | 92 | #endif |
ansond | 0:137634ff4186 | 93 | /* POLARSSL_PK_RSA_ALT omitted on purpose */ |
ansond | 0:137634ff4186 | 94 | default: |
ansond | 0:137634ff4186 | 95 | return( NULL ); |
ansond | 0:137634ff4186 | 96 | } |
ansond | 0:137634ff4186 | 97 | } |
ansond | 0:137634ff4186 | 98 | |
ansond | 0:137634ff4186 | 99 | /* |
ansond | 0:137634ff4186 | 100 | * Initialise context |
ansond | 0:137634ff4186 | 101 | */ |
ansond | 0:137634ff4186 | 102 | int pk_init_ctx( pk_context *ctx, const pk_info_t *info ) |
ansond | 0:137634ff4186 | 103 | { |
ansond | 0:137634ff4186 | 104 | if( ctx == NULL || info == NULL || ctx->pk_info != NULL ) |
ansond | 0:137634ff4186 | 105 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 106 | |
ansond | 0:137634ff4186 | 107 | if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) |
ansond | 0:137634ff4186 | 108 | return( POLARSSL_ERR_PK_MALLOC_FAILED ); |
ansond | 0:137634ff4186 | 109 | |
ansond | 0:137634ff4186 | 110 | ctx->pk_info = info; |
ansond | 0:137634ff4186 | 111 | |
ansond | 0:137634ff4186 | 112 | return( 0 ); |
ansond | 0:137634ff4186 | 113 | } |
ansond | 0:137634ff4186 | 114 | |
ansond | 0:137634ff4186 | 115 | /* |
ansond | 0:137634ff4186 | 116 | * Initialize an RSA-alt context |
ansond | 0:137634ff4186 | 117 | */ |
ansond | 0:137634ff4186 | 118 | int pk_init_ctx_rsa_alt( pk_context *ctx, void * key, |
ansond | 0:137634ff4186 | 119 | pk_rsa_alt_decrypt_func decrypt_func, |
ansond | 0:137634ff4186 | 120 | pk_rsa_alt_sign_func sign_func, |
ansond | 0:137634ff4186 | 121 | pk_rsa_alt_key_len_func key_len_func ) |
ansond | 0:137634ff4186 | 122 | { |
ansond | 0:137634ff4186 | 123 | rsa_alt_context *rsa_alt; |
ansond | 0:137634ff4186 | 124 | const pk_info_t *info = &rsa_alt_info; |
ansond | 0:137634ff4186 | 125 | |
ansond | 0:137634ff4186 | 126 | if( ctx == NULL || ctx->pk_info != NULL ) |
ansond | 0:137634ff4186 | 127 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 128 | |
ansond | 0:137634ff4186 | 129 | if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) |
ansond | 0:137634ff4186 | 130 | return( POLARSSL_ERR_PK_MALLOC_FAILED ); |
ansond | 0:137634ff4186 | 131 | |
ansond | 0:137634ff4186 | 132 | ctx->pk_info = info; |
ansond | 0:137634ff4186 | 133 | |
ansond | 0:137634ff4186 | 134 | rsa_alt = (rsa_alt_context *) ctx->pk_ctx; |
ansond | 0:137634ff4186 | 135 | |
ansond | 0:137634ff4186 | 136 | rsa_alt->key = key; |
ansond | 0:137634ff4186 | 137 | rsa_alt->decrypt_func = decrypt_func; |
ansond | 0:137634ff4186 | 138 | rsa_alt->sign_func = sign_func; |
ansond | 0:137634ff4186 | 139 | rsa_alt->key_len_func = key_len_func; |
ansond | 0:137634ff4186 | 140 | |
ansond | 0:137634ff4186 | 141 | return( 0 ); |
ansond | 0:137634ff4186 | 142 | } |
ansond | 0:137634ff4186 | 143 | |
ansond | 0:137634ff4186 | 144 | /* |
ansond | 0:137634ff4186 | 145 | * Tell if a PK can do the operations of the given type |
ansond | 0:137634ff4186 | 146 | */ |
ansond | 0:137634ff4186 | 147 | int pk_can_do( pk_context *ctx, pk_type_t type ) |
ansond | 0:137634ff4186 | 148 | { |
ansond | 0:137634ff4186 | 149 | /* null or NONE context can't do anything */ |
ansond | 0:137634ff4186 | 150 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 151 | return( 0 ); |
ansond | 0:137634ff4186 | 152 | |
ansond | 0:137634ff4186 | 153 | return( ctx->pk_info->can_do( type ) ); |
ansond | 0:137634ff4186 | 154 | } |
ansond | 0:137634ff4186 | 155 | |
ansond | 0:137634ff4186 | 156 | /* |
ansond | 0:137634ff4186 | 157 | * Helper for pk_sign and pk_verify |
ansond | 0:137634ff4186 | 158 | */ |
ansond | 0:137634ff4186 | 159 | static inline int pk_hashlen_helper( md_type_t md_alg, size_t *hash_len ) |
ansond | 0:137634ff4186 | 160 | { |
ansond | 0:137634ff4186 | 161 | const md_info_t *md_info; |
ansond | 0:137634ff4186 | 162 | |
ansond | 0:137634ff4186 | 163 | if( *hash_len != 0 ) |
ansond | 0:137634ff4186 | 164 | return( 0 ); |
ansond | 0:137634ff4186 | 165 | |
ansond | 0:137634ff4186 | 166 | if( ( md_info = md_info_from_type( md_alg ) ) == NULL ) |
ansond | 0:137634ff4186 | 167 | return( -1 ); |
ansond | 0:137634ff4186 | 168 | |
ansond | 0:137634ff4186 | 169 | *hash_len = md_info->size; |
ansond | 0:137634ff4186 | 170 | return( 0 ); |
ansond | 0:137634ff4186 | 171 | } |
ansond | 0:137634ff4186 | 172 | |
ansond | 0:137634ff4186 | 173 | /* |
ansond | 0:137634ff4186 | 174 | * Verify a signature |
ansond | 0:137634ff4186 | 175 | */ |
ansond | 0:137634ff4186 | 176 | int pk_verify( pk_context *ctx, md_type_t md_alg, |
ansond | 0:137634ff4186 | 177 | const unsigned char *hash, size_t hash_len, |
ansond | 0:137634ff4186 | 178 | const unsigned char *sig, size_t sig_len ) |
ansond | 0:137634ff4186 | 179 | { |
ansond | 0:137634ff4186 | 180 | if( ctx == NULL || ctx->pk_info == NULL || |
ansond | 0:137634ff4186 | 181 | pk_hashlen_helper( md_alg, &hash_len ) != 0 ) |
ansond | 0:137634ff4186 | 182 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 183 | |
ansond | 0:137634ff4186 | 184 | if( ctx->pk_info->verify_func == NULL ) |
ansond | 0:137634ff4186 | 185 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 186 | |
ansond | 0:137634ff4186 | 187 | return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len, |
ansond | 0:137634ff4186 | 188 | sig, sig_len ) ); |
ansond | 0:137634ff4186 | 189 | } |
ansond | 0:137634ff4186 | 190 | |
ansond | 0:137634ff4186 | 191 | /* |
ansond | 0:137634ff4186 | 192 | * Verify a signature with options |
ansond | 0:137634ff4186 | 193 | */ |
ansond | 0:137634ff4186 | 194 | int pk_verify_ext( pk_type_t type, const void *options, |
ansond | 0:137634ff4186 | 195 | pk_context *ctx, md_type_t md_alg, |
ansond | 0:137634ff4186 | 196 | const unsigned char *hash, size_t hash_len, |
ansond | 0:137634ff4186 | 197 | const unsigned char *sig, size_t sig_len ) |
ansond | 0:137634ff4186 | 198 | { |
ansond | 0:137634ff4186 | 199 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 200 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 201 | |
ansond | 0:137634ff4186 | 202 | if( ! pk_can_do( ctx, type ) ) |
ansond | 0:137634ff4186 | 203 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 204 | |
ansond | 0:137634ff4186 | 205 | if( type == POLARSSL_PK_RSASSA_PSS ) |
ansond | 0:137634ff4186 | 206 | { |
ansond | 0:137634ff4186 | 207 | #if defined(POLARSSL_RSA_C) && defined(POLARSSL_PKCS1_V21) |
ansond | 0:137634ff4186 | 208 | int ret; |
ansond | 0:137634ff4186 | 209 | const pk_rsassa_pss_options *pss_opts; |
ansond | 0:137634ff4186 | 210 | |
ansond | 0:137634ff4186 | 211 | if( options == NULL ) |
ansond | 0:137634ff4186 | 212 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 213 | |
ansond | 0:137634ff4186 | 214 | pss_opts = (const pk_rsassa_pss_options *) options; |
ansond | 0:137634ff4186 | 215 | |
ansond | 0:137634ff4186 | 216 | if( sig_len < pk_get_len( ctx ) ) |
ansond | 0:137634ff4186 | 217 | return( POLARSSL_ERR_RSA_VERIFY_FAILED ); |
ansond | 0:137634ff4186 | 218 | |
ansond | 0:137634ff4186 | 219 | ret = rsa_rsassa_pss_verify_ext( pk_rsa( *ctx ), |
ansond | 0:137634ff4186 | 220 | NULL, NULL, RSA_PUBLIC, |
ansond | 0:137634ff4186 | 221 | md_alg, (unsigned int) hash_len, hash, |
ansond | 0:137634ff4186 | 222 | pss_opts->mgf1_hash_id, |
ansond | 0:137634ff4186 | 223 | pss_opts->expected_salt_len, |
ansond | 0:137634ff4186 | 224 | sig ); |
ansond | 0:137634ff4186 | 225 | if( ret != 0 ) |
ansond | 0:137634ff4186 | 226 | return( ret ); |
ansond | 0:137634ff4186 | 227 | |
ansond | 0:137634ff4186 | 228 | if( sig_len > pk_get_len( ctx ) ) |
ansond | 0:137634ff4186 | 229 | return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH ); |
ansond | 0:137634ff4186 | 230 | |
ansond | 0:137634ff4186 | 231 | return( 0 ); |
ansond | 0:137634ff4186 | 232 | #else |
ansond | 0:137634ff4186 | 233 | return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); |
ansond | 0:137634ff4186 | 234 | #endif |
ansond | 0:137634ff4186 | 235 | } |
ansond | 0:137634ff4186 | 236 | |
ansond | 0:137634ff4186 | 237 | /* General case: no options */ |
ansond | 0:137634ff4186 | 238 | if( options != NULL ) |
ansond | 0:137634ff4186 | 239 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 240 | |
ansond | 0:137634ff4186 | 241 | return( pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) ); |
ansond | 0:137634ff4186 | 242 | } |
ansond | 0:137634ff4186 | 243 | |
ansond | 0:137634ff4186 | 244 | /* |
ansond | 0:137634ff4186 | 245 | * Make a signature |
ansond | 0:137634ff4186 | 246 | */ |
ansond | 0:137634ff4186 | 247 | int pk_sign( pk_context *ctx, md_type_t md_alg, |
ansond | 0:137634ff4186 | 248 | const unsigned char *hash, size_t hash_len, |
ansond | 0:137634ff4186 | 249 | unsigned char *sig, size_t *sig_len, |
ansond | 0:137634ff4186 | 250 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
ansond | 0:137634ff4186 | 251 | { |
ansond | 0:137634ff4186 | 252 | if( ctx == NULL || ctx->pk_info == NULL || |
ansond | 0:137634ff4186 | 253 | pk_hashlen_helper( md_alg, &hash_len ) != 0 ) |
ansond | 0:137634ff4186 | 254 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 255 | |
ansond | 0:137634ff4186 | 256 | if( ctx->pk_info->sign_func == NULL ) |
ansond | 0:137634ff4186 | 257 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 258 | |
ansond | 0:137634ff4186 | 259 | return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len, |
ansond | 0:137634ff4186 | 260 | sig, sig_len, f_rng, p_rng ) ); |
ansond | 0:137634ff4186 | 261 | } |
ansond | 0:137634ff4186 | 262 | |
ansond | 0:137634ff4186 | 263 | /* |
ansond | 0:137634ff4186 | 264 | * Decrypt message |
ansond | 0:137634ff4186 | 265 | */ |
ansond | 0:137634ff4186 | 266 | int pk_decrypt( pk_context *ctx, |
ansond | 0:137634ff4186 | 267 | const unsigned char *input, size_t ilen, |
ansond | 0:137634ff4186 | 268 | unsigned char *output, size_t *olen, size_t osize, |
ansond | 0:137634ff4186 | 269 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
ansond | 0:137634ff4186 | 270 | { |
ansond | 0:137634ff4186 | 271 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 272 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 273 | |
ansond | 0:137634ff4186 | 274 | if( ctx->pk_info->decrypt_func == NULL ) |
ansond | 0:137634ff4186 | 275 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 276 | |
ansond | 0:137634ff4186 | 277 | return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen, |
ansond | 0:137634ff4186 | 278 | output, olen, osize, f_rng, p_rng ) ); |
ansond | 0:137634ff4186 | 279 | } |
ansond | 0:137634ff4186 | 280 | |
ansond | 0:137634ff4186 | 281 | /* |
ansond | 0:137634ff4186 | 282 | * Encrypt message |
ansond | 0:137634ff4186 | 283 | */ |
ansond | 0:137634ff4186 | 284 | int pk_encrypt( pk_context *ctx, |
ansond | 0:137634ff4186 | 285 | const unsigned char *input, size_t ilen, |
ansond | 0:137634ff4186 | 286 | unsigned char *output, size_t *olen, size_t osize, |
ansond | 0:137634ff4186 | 287 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
ansond | 0:137634ff4186 | 288 | { |
ansond | 0:137634ff4186 | 289 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 290 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 291 | |
ansond | 0:137634ff4186 | 292 | if( ctx->pk_info->encrypt_func == NULL ) |
ansond | 0:137634ff4186 | 293 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 294 | |
ansond | 0:137634ff4186 | 295 | return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen, |
ansond | 0:137634ff4186 | 296 | output, olen, osize, f_rng, p_rng ) ); |
ansond | 0:137634ff4186 | 297 | } |
ansond | 0:137634ff4186 | 298 | |
ansond | 0:137634ff4186 | 299 | /* |
ansond | 0:137634ff4186 | 300 | * Check public-private key pair |
ansond | 0:137634ff4186 | 301 | */ |
ansond | 0:137634ff4186 | 302 | int pk_check_pair( const pk_context *pub, const pk_context *prv ) |
ansond | 0:137634ff4186 | 303 | { |
ansond | 0:137634ff4186 | 304 | if( pub == NULL || pub->pk_info == NULL || |
ansond | 0:137634ff4186 | 305 | prv == NULL || prv->pk_info == NULL || |
ansond | 0:137634ff4186 | 306 | prv->pk_info->check_pair_func == NULL ) |
ansond | 0:137634ff4186 | 307 | { |
ansond | 0:137634ff4186 | 308 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 309 | } |
ansond | 0:137634ff4186 | 310 | |
ansond | 0:137634ff4186 | 311 | if( prv->pk_info->type == POLARSSL_PK_RSA_ALT ) |
ansond | 0:137634ff4186 | 312 | { |
ansond | 0:137634ff4186 | 313 | if( pub->pk_info->type != POLARSSL_PK_RSA ) |
ansond | 0:137634ff4186 | 314 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 315 | } |
ansond | 0:137634ff4186 | 316 | else |
ansond | 0:137634ff4186 | 317 | { |
ansond | 0:137634ff4186 | 318 | if( pub->pk_info != prv->pk_info ) |
ansond | 0:137634ff4186 | 319 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 320 | } |
ansond | 0:137634ff4186 | 321 | |
ansond | 0:137634ff4186 | 322 | return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) ); |
ansond | 0:137634ff4186 | 323 | } |
ansond | 0:137634ff4186 | 324 | |
ansond | 0:137634ff4186 | 325 | /* |
ansond | 0:137634ff4186 | 326 | * Get key size in bits |
ansond | 0:137634ff4186 | 327 | */ |
ansond | 0:137634ff4186 | 328 | size_t pk_get_size( const pk_context *ctx ) |
ansond | 0:137634ff4186 | 329 | { |
ansond | 0:137634ff4186 | 330 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 331 | return( 0 ); |
ansond | 0:137634ff4186 | 332 | |
ansond | 0:137634ff4186 | 333 | return( ctx->pk_info->get_size( ctx->pk_ctx ) ); |
ansond | 0:137634ff4186 | 334 | } |
ansond | 0:137634ff4186 | 335 | |
ansond | 0:137634ff4186 | 336 | /* |
ansond | 0:137634ff4186 | 337 | * Export debug information |
ansond | 0:137634ff4186 | 338 | */ |
ansond | 0:137634ff4186 | 339 | int pk_debug( const pk_context *ctx, pk_debug_item *items ) |
ansond | 0:137634ff4186 | 340 | { |
ansond | 0:137634ff4186 | 341 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 342 | return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); |
ansond | 0:137634ff4186 | 343 | |
ansond | 0:137634ff4186 | 344 | if( ctx->pk_info->debug_func == NULL ) |
ansond | 0:137634ff4186 | 345 | return( POLARSSL_ERR_PK_TYPE_MISMATCH ); |
ansond | 0:137634ff4186 | 346 | |
ansond | 0:137634ff4186 | 347 | ctx->pk_info->debug_func( ctx->pk_ctx, items ); |
ansond | 0:137634ff4186 | 348 | return( 0 ); |
ansond | 0:137634ff4186 | 349 | } |
ansond | 0:137634ff4186 | 350 | |
ansond | 0:137634ff4186 | 351 | /* |
ansond | 0:137634ff4186 | 352 | * Access the PK type name |
ansond | 0:137634ff4186 | 353 | */ |
ansond | 0:137634ff4186 | 354 | const char * pk_get_name( const pk_context *ctx ) |
ansond | 0:137634ff4186 | 355 | { |
ansond | 0:137634ff4186 | 356 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 357 | return( "invalid PK" ); |
ansond | 0:137634ff4186 | 358 | |
ansond | 0:137634ff4186 | 359 | return( ctx->pk_info->name ); |
ansond | 0:137634ff4186 | 360 | } |
ansond | 0:137634ff4186 | 361 | |
ansond | 0:137634ff4186 | 362 | /* |
ansond | 0:137634ff4186 | 363 | * Access the PK type |
ansond | 0:137634ff4186 | 364 | */ |
ansond | 0:137634ff4186 | 365 | pk_type_t pk_get_type( const pk_context *ctx ) |
ansond | 0:137634ff4186 | 366 | { |
ansond | 0:137634ff4186 | 367 | if( ctx == NULL || ctx->pk_info == NULL ) |
ansond | 0:137634ff4186 | 368 | return( POLARSSL_PK_NONE ); |
ansond | 0:137634ff4186 | 369 | |
ansond | 0:137634ff4186 | 370 | return( ctx->pk_info->type ); |
ansond | 0:137634ff4186 | 371 | } |
ansond | 0:137634ff4186 | 372 | |
ansond | 0:137634ff4186 | 373 | #endif /* POLARSSL_PK_C */ |
ansond | 0:137634ff4186 | 374 |