Nicolas Borla / Mbed OS BBR_1Ebene

BBR 1 Ebene

mbed-os/features/mbedtls/src/pk.c@0:fbdae7e6d805, 2018-05-14 (annotated)

Committer:
borlanic
Date:
Mon May 14 11:29:06 2018 +0000
Revision:
0:fbdae7e6d805
BBR

Who changed what in which revision?

UserRevisionLine numberNew contents of line
borlanic 0:fbdae7e6d805 1 /*
borlanic 0:fbdae7e6d805 2 * Public Key abstraction layer
borlanic 0:fbdae7e6d805 3 *
borlanic 0:fbdae7e6d805 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
borlanic 0:fbdae7e6d805 5 * SPDX-License-Identifier: Apache-2.0
borlanic 0:fbdae7e6d805 6 *
borlanic 0:fbdae7e6d805 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
borlanic 0:fbdae7e6d805 8 * not use this file except in compliance with the License.
borlanic 0:fbdae7e6d805 9 * You may obtain a copy of the License at
borlanic 0:fbdae7e6d805 10 *
borlanic 0:fbdae7e6d805 11 * http://www.apache.org/licenses/LICENSE-2.0
borlanic 0:fbdae7e6d805 12 *
borlanic 0:fbdae7e6d805 13 * Unless required by applicable law or agreed to in writing, software
borlanic 0:fbdae7e6d805 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
borlanic 0:fbdae7e6d805 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
borlanic 0:fbdae7e6d805 16 * See the License for the specific language governing permissions and
borlanic 0:fbdae7e6d805 17 * limitations under the License.
borlanic 0:fbdae7e6d805 18 *
borlanic 0:fbdae7e6d805 19 * This file is part of mbed TLS (https://tls.mbed.org)
borlanic 0:fbdae7e6d805 20 */
borlanic 0:fbdae7e6d805 21
borlanic 0:fbdae7e6d805 22 #if !defined(MBEDTLS_CONFIG_FILE)
borlanic 0:fbdae7e6d805 23 #include "mbedtls/config.h"
borlanic 0:fbdae7e6d805 24 #else
borlanic 0:fbdae7e6d805 25 #include MBEDTLS_CONFIG_FILE
borlanic 0:fbdae7e6d805 26 #endif
borlanic 0:fbdae7e6d805 27
borlanic 0:fbdae7e6d805 28 #if defined(MBEDTLS_PK_C)
borlanic 0:fbdae7e6d805 29 #include "mbedtls/pk.h"
borlanic 0:fbdae7e6d805 30 #include "mbedtls/pk_internal.h"
borlanic 0:fbdae7e6d805 31
borlanic 0:fbdae7e6d805 32 #if defined(MBEDTLS_RSA_C)
borlanic 0:fbdae7e6d805 33 #include "mbedtls/rsa.h"
borlanic 0:fbdae7e6d805 34 #endif
borlanic 0:fbdae7e6d805 35 #if defined(MBEDTLS_ECP_C)
borlanic 0:fbdae7e6d805 36 #include "mbedtls/ecp.h"
borlanic 0:fbdae7e6d805 37 #endif
borlanic 0:fbdae7e6d805 38 #if defined(MBEDTLS_ECDSA_C)
borlanic 0:fbdae7e6d805 39 #include "mbedtls/ecdsa.h"
borlanic 0:fbdae7e6d805 40 #endif
borlanic 0:fbdae7e6d805 41
borlanic 0:fbdae7e6d805 42 #include <limits.h>
borlanic 0:fbdae7e6d805 43 #include <stdint.h>
borlanic 0:fbdae7e6d805 44
borlanic 0:fbdae7e6d805 45 /* Implementation that should never be optimized out by the compiler */
borlanic 0:fbdae7e6d805 46 static void mbedtls_zeroize( void *v, size_t n ) {
borlanic 0:fbdae7e6d805 47 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
borlanic 0:fbdae7e6d805 48 }
borlanic 0:fbdae7e6d805 49
borlanic 0:fbdae7e6d805 50 /*
borlanic 0:fbdae7e6d805 51 * Initialise a mbedtls_pk_context
borlanic 0:fbdae7e6d805 52 */
borlanic 0:fbdae7e6d805 53 void mbedtls_pk_init( mbedtls_pk_context *ctx )
borlanic 0:fbdae7e6d805 54 {
borlanic 0:fbdae7e6d805 55 if( ctx == NULL )
borlanic 0:fbdae7e6d805 56 return;
borlanic 0:fbdae7e6d805 57
borlanic 0:fbdae7e6d805 58 ctx->pk_info = NULL;
borlanic 0:fbdae7e6d805 59 ctx->pk_ctx = NULL;
borlanic 0:fbdae7e6d805 60 }
borlanic 0:fbdae7e6d805 61
borlanic 0:fbdae7e6d805 62 /*
borlanic 0:fbdae7e6d805 63 * Free (the components of) a mbedtls_pk_context
borlanic 0:fbdae7e6d805 64 */
borlanic 0:fbdae7e6d805 65 void mbedtls_pk_free( mbedtls_pk_context *ctx )
borlanic 0:fbdae7e6d805 66 {
borlanic 0:fbdae7e6d805 67 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 68 return;
borlanic 0:fbdae7e6d805 69
borlanic 0:fbdae7e6d805 70 ctx->pk_info->ctx_free_func( ctx->pk_ctx );
borlanic 0:fbdae7e6d805 71
borlanic 0:fbdae7e6d805 72 mbedtls_zeroize( ctx, sizeof( mbedtls_pk_context ) );
borlanic 0:fbdae7e6d805 73 }
borlanic 0:fbdae7e6d805 74
borlanic 0:fbdae7e6d805 75 /*
borlanic 0:fbdae7e6d805 76 * Get pk_info structure from type
borlanic 0:fbdae7e6d805 77 */
borlanic 0:fbdae7e6d805 78 const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
borlanic 0:fbdae7e6d805 79 {
borlanic 0:fbdae7e6d805 80 switch( pk_type ) {
borlanic 0:fbdae7e6d805 81 #if defined(MBEDTLS_RSA_C)
borlanic 0:fbdae7e6d805 82 case MBEDTLS_PK_RSA:
borlanic 0:fbdae7e6d805 83 return( &mbedtls_rsa_info );
borlanic 0:fbdae7e6d805 84 #endif
borlanic 0:fbdae7e6d805 85 #if defined(MBEDTLS_ECP_C)
borlanic 0:fbdae7e6d805 86 case MBEDTLS_PK_ECKEY:
borlanic 0:fbdae7e6d805 87 return( &mbedtls_eckey_info );
borlanic 0:fbdae7e6d805 88 case MBEDTLS_PK_ECKEY_DH:
borlanic 0:fbdae7e6d805 89 return( &mbedtls_eckeydh_info );
borlanic 0:fbdae7e6d805 90 #endif
borlanic 0:fbdae7e6d805 91 #if defined(MBEDTLS_ECDSA_C)
borlanic 0:fbdae7e6d805 92 case MBEDTLS_PK_ECDSA:
borlanic 0:fbdae7e6d805 93 return( &mbedtls_ecdsa_info );
borlanic 0:fbdae7e6d805 94 #endif
borlanic 0:fbdae7e6d805 95 /* MBEDTLS_PK_RSA_ALT omitted on purpose */
borlanic 0:fbdae7e6d805 96 default:
borlanic 0:fbdae7e6d805 97 return( NULL );
borlanic 0:fbdae7e6d805 98 }
borlanic 0:fbdae7e6d805 99 }
borlanic 0:fbdae7e6d805 100
borlanic 0:fbdae7e6d805 101 /*
borlanic 0:fbdae7e6d805 102 * Initialise context
borlanic 0:fbdae7e6d805 103 */
borlanic 0:fbdae7e6d805 104 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
borlanic 0:fbdae7e6d805 105 {
borlanic 0:fbdae7e6d805 106 if( ctx == NULL || info == NULL || ctx->pk_info != NULL )
borlanic 0:fbdae7e6d805 107 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 108
borlanic 0:fbdae7e6d805 109 if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
borlanic 0:fbdae7e6d805 110 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
borlanic 0:fbdae7e6d805 111
borlanic 0:fbdae7e6d805 112 ctx->pk_info = info;
borlanic 0:fbdae7e6d805 113
borlanic 0:fbdae7e6d805 114 return( 0 );
borlanic 0:fbdae7e6d805 115 }
borlanic 0:fbdae7e6d805 116
borlanic 0:fbdae7e6d805 117 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
borlanic 0:fbdae7e6d805 118 /*
borlanic 0:fbdae7e6d805 119 * Initialize an RSA-alt context
borlanic 0:fbdae7e6d805 120 */
borlanic 0:fbdae7e6d805 121 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
borlanic 0:fbdae7e6d805 122 mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
borlanic 0:fbdae7e6d805 123 mbedtls_pk_rsa_alt_sign_func sign_func,
borlanic 0:fbdae7e6d805 124 mbedtls_pk_rsa_alt_key_len_func key_len_func )
borlanic 0:fbdae7e6d805 125 {
borlanic 0:fbdae7e6d805 126 mbedtls_rsa_alt_context *rsa_alt;
borlanic 0:fbdae7e6d805 127 const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
borlanic 0:fbdae7e6d805 128
borlanic 0:fbdae7e6d805 129 if( ctx == NULL || ctx->pk_info != NULL )
borlanic 0:fbdae7e6d805 130 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 131
borlanic 0:fbdae7e6d805 132 if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
borlanic 0:fbdae7e6d805 133 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
borlanic 0:fbdae7e6d805 134
borlanic 0:fbdae7e6d805 135 ctx->pk_info = info;
borlanic 0:fbdae7e6d805 136
borlanic 0:fbdae7e6d805 137 rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
borlanic 0:fbdae7e6d805 138
borlanic 0:fbdae7e6d805 139 rsa_alt->key = key;
borlanic 0:fbdae7e6d805 140 rsa_alt->decrypt_func = decrypt_func;
borlanic 0:fbdae7e6d805 141 rsa_alt->sign_func = sign_func;
borlanic 0:fbdae7e6d805 142 rsa_alt->key_len_func = key_len_func;
borlanic 0:fbdae7e6d805 143
borlanic 0:fbdae7e6d805 144 return( 0 );
borlanic 0:fbdae7e6d805 145 }
borlanic 0:fbdae7e6d805 146 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
borlanic 0:fbdae7e6d805 147
borlanic 0:fbdae7e6d805 148 /*
borlanic 0:fbdae7e6d805 149 * Tell if a PK can do the operations of the given type
borlanic 0:fbdae7e6d805 150 */
borlanic 0:fbdae7e6d805 151 int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
borlanic 0:fbdae7e6d805 152 {
borlanic 0:fbdae7e6d805 153 /* null or NONE context can't do anything */
borlanic 0:fbdae7e6d805 154 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 155 return( 0 );
borlanic 0:fbdae7e6d805 156
borlanic 0:fbdae7e6d805 157 return( ctx->pk_info->can_do( type ) );
borlanic 0:fbdae7e6d805 158 }
borlanic 0:fbdae7e6d805 159
borlanic 0:fbdae7e6d805 160 /*
borlanic 0:fbdae7e6d805 161 * Helper for mbedtls_pk_sign and mbedtls_pk_verify
borlanic 0:fbdae7e6d805 162 */
borlanic 0:fbdae7e6d805 163 static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
borlanic 0:fbdae7e6d805 164 {
borlanic 0:fbdae7e6d805 165 const mbedtls_md_info_t *md_info;
borlanic 0:fbdae7e6d805 166
borlanic 0:fbdae7e6d805 167 if( *hash_len != 0 )
borlanic 0:fbdae7e6d805 168 return( 0 );
borlanic 0:fbdae7e6d805 169
borlanic 0:fbdae7e6d805 170 if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
borlanic 0:fbdae7e6d805 171 return( -1 );
borlanic 0:fbdae7e6d805 172
borlanic 0:fbdae7e6d805 173 *hash_len = mbedtls_md_get_size( md_info );
borlanic 0:fbdae7e6d805 174 return( 0 );
borlanic 0:fbdae7e6d805 175 }
borlanic 0:fbdae7e6d805 176
borlanic 0:fbdae7e6d805 177 /*
borlanic 0:fbdae7e6d805 178 * Verify a signature
borlanic 0:fbdae7e6d805 179 */
borlanic 0:fbdae7e6d805 180 int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
borlanic 0:fbdae7e6d805 181 const unsigned char *hash, size_t hash_len,
borlanic 0:fbdae7e6d805 182 const unsigned char *sig, size_t sig_len )
borlanic 0:fbdae7e6d805 183 {
borlanic 0:fbdae7e6d805 184 if( ctx == NULL || ctx->pk_info == NULL ||
borlanic 0:fbdae7e6d805 185 pk_hashlen_helper( md_alg, &hash_len ) != 0 )
borlanic 0:fbdae7e6d805 186 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 187
borlanic 0:fbdae7e6d805 188 if( ctx->pk_info->verify_func == NULL )
borlanic 0:fbdae7e6d805 189 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 190
borlanic 0:fbdae7e6d805 191 return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
borlanic 0:fbdae7e6d805 192 sig, sig_len ) );
borlanic 0:fbdae7e6d805 193 }
borlanic 0:fbdae7e6d805 194
borlanic 0:fbdae7e6d805 195 /*
borlanic 0:fbdae7e6d805 196 * Verify a signature with options
borlanic 0:fbdae7e6d805 197 */
borlanic 0:fbdae7e6d805 198 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
borlanic 0:fbdae7e6d805 199 mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
borlanic 0:fbdae7e6d805 200 const unsigned char *hash, size_t hash_len,
borlanic 0:fbdae7e6d805 201 const unsigned char *sig, size_t sig_len )
borlanic 0:fbdae7e6d805 202 {
borlanic 0:fbdae7e6d805 203 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 204 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 205
borlanic 0:fbdae7e6d805 206 if( ! mbedtls_pk_can_do( ctx, type ) )
borlanic 0:fbdae7e6d805 207 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 208
borlanic 0:fbdae7e6d805 209 if( type == MBEDTLS_PK_RSASSA_PSS )
borlanic 0:fbdae7e6d805 210 {
borlanic 0:fbdae7e6d805 211 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
borlanic 0:fbdae7e6d805 212 int ret;
borlanic 0:fbdae7e6d805 213 const mbedtls_pk_rsassa_pss_options *pss_opts;
borlanic 0:fbdae7e6d805 214
borlanic 0:fbdae7e6d805 215 #if SIZE_MAX > UINT_MAX
borlanic 0:fbdae7e6d805 216 if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
borlanic 0:fbdae7e6d805 217 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 218 #endif /* SIZE_MAX > UINT_MAX */
borlanic 0:fbdae7e6d805 219
borlanic 0:fbdae7e6d805 220 if( options == NULL )
borlanic 0:fbdae7e6d805 221 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 222
borlanic 0:fbdae7e6d805 223 pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
borlanic 0:fbdae7e6d805 224
borlanic 0:fbdae7e6d805 225 if( sig_len < mbedtls_pk_get_len( ctx ) )
borlanic 0:fbdae7e6d805 226 return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
borlanic 0:fbdae7e6d805 227
borlanic 0:fbdae7e6d805 228 ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
borlanic 0:fbdae7e6d805 229 NULL, NULL, MBEDTLS_RSA_PUBLIC,
borlanic 0:fbdae7e6d805 230 md_alg, (unsigned int) hash_len, hash,
borlanic 0:fbdae7e6d805 231 pss_opts->mgf1_hash_id,
borlanic 0:fbdae7e6d805 232 pss_opts->expected_salt_len,
borlanic 0:fbdae7e6d805 233 sig );
borlanic 0:fbdae7e6d805 234 if( ret != 0 )
borlanic 0:fbdae7e6d805 235 return( ret );
borlanic 0:fbdae7e6d805 236
borlanic 0:fbdae7e6d805 237 if( sig_len > mbedtls_pk_get_len( ctx ) )
borlanic 0:fbdae7e6d805 238 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
borlanic 0:fbdae7e6d805 239
borlanic 0:fbdae7e6d805 240 return( 0 );
borlanic 0:fbdae7e6d805 241 #else
borlanic 0:fbdae7e6d805 242 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
borlanic 0:fbdae7e6d805 243 #endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
borlanic 0:fbdae7e6d805 244 }
borlanic 0:fbdae7e6d805 245
borlanic 0:fbdae7e6d805 246 /* General case: no options */
borlanic 0:fbdae7e6d805 247 if( options != NULL )
borlanic 0:fbdae7e6d805 248 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 249
borlanic 0:fbdae7e6d805 250 return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
borlanic 0:fbdae7e6d805 251 }
borlanic 0:fbdae7e6d805 252
borlanic 0:fbdae7e6d805 253 /*
borlanic 0:fbdae7e6d805 254 * Make a signature
borlanic 0:fbdae7e6d805 255 */
borlanic 0:fbdae7e6d805 256 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
borlanic 0:fbdae7e6d805 257 const unsigned char *hash, size_t hash_len,
borlanic 0:fbdae7e6d805 258 unsigned char *sig, size_t *sig_len,
borlanic 0:fbdae7e6d805 259 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
borlanic 0:fbdae7e6d805 260 {
borlanic 0:fbdae7e6d805 261 if( ctx == NULL || ctx->pk_info == NULL ||
borlanic 0:fbdae7e6d805 262 pk_hashlen_helper( md_alg, &hash_len ) != 0 )
borlanic 0:fbdae7e6d805 263 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 264
borlanic 0:fbdae7e6d805 265 if( ctx->pk_info->sign_func == NULL )
borlanic 0:fbdae7e6d805 266 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 267
borlanic 0:fbdae7e6d805 268 return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
borlanic 0:fbdae7e6d805 269 sig, sig_len, f_rng, p_rng ) );
borlanic 0:fbdae7e6d805 270 }
borlanic 0:fbdae7e6d805 271
borlanic 0:fbdae7e6d805 272 /*
borlanic 0:fbdae7e6d805 273 * Decrypt message
borlanic 0:fbdae7e6d805 274 */
borlanic 0:fbdae7e6d805 275 int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
borlanic 0:fbdae7e6d805 276 const unsigned char *input, size_t ilen,
borlanic 0:fbdae7e6d805 277 unsigned char *output, size_t *olen, size_t osize,
borlanic 0:fbdae7e6d805 278 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
borlanic 0:fbdae7e6d805 279 {
borlanic 0:fbdae7e6d805 280 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 281 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 282
borlanic 0:fbdae7e6d805 283 if( ctx->pk_info->decrypt_func == NULL )
borlanic 0:fbdae7e6d805 284 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 285
borlanic 0:fbdae7e6d805 286 return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
borlanic 0:fbdae7e6d805 287 output, olen, osize, f_rng, p_rng ) );
borlanic 0:fbdae7e6d805 288 }
borlanic 0:fbdae7e6d805 289
borlanic 0:fbdae7e6d805 290 /*
borlanic 0:fbdae7e6d805 291 * Encrypt message
borlanic 0:fbdae7e6d805 292 */
borlanic 0:fbdae7e6d805 293 int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
borlanic 0:fbdae7e6d805 294 const unsigned char *input, size_t ilen,
borlanic 0:fbdae7e6d805 295 unsigned char *output, size_t *olen, size_t osize,
borlanic 0:fbdae7e6d805 296 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
borlanic 0:fbdae7e6d805 297 {
borlanic 0:fbdae7e6d805 298 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 299 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 300
borlanic 0:fbdae7e6d805 301 if( ctx->pk_info->encrypt_func == NULL )
borlanic 0:fbdae7e6d805 302 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 303
borlanic 0:fbdae7e6d805 304 return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
borlanic 0:fbdae7e6d805 305 output, olen, osize, f_rng, p_rng ) );
borlanic 0:fbdae7e6d805 306 }
borlanic 0:fbdae7e6d805 307
borlanic 0:fbdae7e6d805 308 /*
borlanic 0:fbdae7e6d805 309 * Check public-private key pair
borlanic 0:fbdae7e6d805 310 */
borlanic 0:fbdae7e6d805 311 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
borlanic 0:fbdae7e6d805 312 {
borlanic 0:fbdae7e6d805 313 if( pub == NULL || pub->pk_info == NULL ||
borlanic 0:fbdae7e6d805 314 prv == NULL || prv->pk_info == NULL ||
borlanic 0:fbdae7e6d805 315 prv->pk_info->check_pair_func == NULL )
borlanic 0:fbdae7e6d805 316 {
borlanic 0:fbdae7e6d805 317 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 318 }
borlanic 0:fbdae7e6d805 319
borlanic 0:fbdae7e6d805 320 if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
borlanic 0:fbdae7e6d805 321 {
borlanic 0:fbdae7e6d805 322 if( pub->pk_info->type != MBEDTLS_PK_RSA )
borlanic 0:fbdae7e6d805 323 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 324 }
borlanic 0:fbdae7e6d805 325 else
borlanic 0:fbdae7e6d805 326 {
borlanic 0:fbdae7e6d805 327 if( pub->pk_info != prv->pk_info )
borlanic 0:fbdae7e6d805 328 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 329 }
borlanic 0:fbdae7e6d805 330
borlanic 0:fbdae7e6d805 331 return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
borlanic 0:fbdae7e6d805 332 }
borlanic 0:fbdae7e6d805 333
borlanic 0:fbdae7e6d805 334 /*
borlanic 0:fbdae7e6d805 335 * Get key size in bits
borlanic 0:fbdae7e6d805 336 */
borlanic 0:fbdae7e6d805 337 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
borlanic 0:fbdae7e6d805 338 {
borlanic 0:fbdae7e6d805 339 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 340 return( 0 );
borlanic 0:fbdae7e6d805 341
borlanic 0:fbdae7e6d805 342 return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
borlanic 0:fbdae7e6d805 343 }
borlanic 0:fbdae7e6d805 344
borlanic 0:fbdae7e6d805 345 /*
borlanic 0:fbdae7e6d805 346 * Export debug information
borlanic 0:fbdae7e6d805 347 */
borlanic 0:fbdae7e6d805 348 int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
borlanic 0:fbdae7e6d805 349 {
borlanic 0:fbdae7e6d805 350 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 351 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
borlanic 0:fbdae7e6d805 352
borlanic 0:fbdae7e6d805 353 if( ctx->pk_info->debug_func == NULL )
borlanic 0:fbdae7e6d805 354 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
borlanic 0:fbdae7e6d805 355
borlanic 0:fbdae7e6d805 356 ctx->pk_info->debug_func( ctx->pk_ctx, items );
borlanic 0:fbdae7e6d805 357 return( 0 );
borlanic 0:fbdae7e6d805 358 }
borlanic 0:fbdae7e6d805 359
borlanic 0:fbdae7e6d805 360 /*
borlanic 0:fbdae7e6d805 361 * Access the PK type name
borlanic 0:fbdae7e6d805 362 */
borlanic 0:fbdae7e6d805 363 const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
borlanic 0:fbdae7e6d805 364 {
borlanic 0:fbdae7e6d805 365 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 366 return( "invalid PK" );
borlanic 0:fbdae7e6d805 367
borlanic 0:fbdae7e6d805 368 return( ctx->pk_info->name );
borlanic 0:fbdae7e6d805 369 }
borlanic 0:fbdae7e6d805 370
borlanic 0:fbdae7e6d805 371 /*
borlanic 0:fbdae7e6d805 372 * Access the PK type
borlanic 0:fbdae7e6d805 373 */
borlanic 0:fbdae7e6d805 374 mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
borlanic 0:fbdae7e6d805 375 {
borlanic 0:fbdae7e6d805 376 if( ctx == NULL || ctx->pk_info == NULL )
borlanic 0:fbdae7e6d805 377 return( MBEDTLS_PK_NONE );
borlanic 0:fbdae7e6d805 378
borlanic 0:fbdae7e6d805 379 return( ctx->pk_info->type );
borlanic 0:fbdae7e6d805 380 }
borlanic 0:fbdae7e6d805 381
borlanic 0:fbdae7e6d805 382 #endif /* MBEDTLS_PK_C */