client-lwip-lightswitch-demo-expanded - mbed client lightswitch demo

Users » mbedAustin » Code » client-lwip-lightswitch-demo-expanded

Austin Blackstone / Mbed 2 deprecated client-lwip-lightswitch-demo-expanded

mbed client lightswitch demo

Dependencies: mbed Socket lwip-eth lwip-sys lwip

Fork of mbed-client-classic-example-lwip by Austin Blackstone

mbedtls/source/pk_wrap.c@11:cada08fc8a70, 2016-06-09 (annotated)

Committer:: mbedAustin
Date:: Thu Jun 09 17:08:36 2016 +0000
Revision:: 11:cada08fc8a70

Commit for public Consumption

Who changed what in which revision?

User	Revision	Line number	New contents of line
mbedAustin	11:cada08fc8a70	1	/*
mbedAustin	11:cada08fc8a70	2	* Public Key abstraction layer: wrapper functions
mbedAustin	11:cada08fc8a70	3	*
mbedAustin	11:cada08fc8a70	4	* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
mbedAustin	11:cada08fc8a70	5	* SPDX-License-Identifier: Apache-2.0
mbedAustin	11:cada08fc8a70	6	*
mbedAustin	11:cada08fc8a70	7	* Licensed under the Apache License, Version 2.0 (the "License"); you may
mbedAustin	11:cada08fc8a70	8	* not use this file except in compliance with the License.
mbedAustin	11:cada08fc8a70	9	* You may obtain a copy of the License at
mbedAustin	11:cada08fc8a70	10	*
mbedAustin	11:cada08fc8a70	11	* http://www.apache.org/licenses/LICENSE-2.0
mbedAustin	11:cada08fc8a70	12	*
mbedAustin	11:cada08fc8a70	13	* Unless required by applicable law or agreed to in writing, software
mbedAustin	11:cada08fc8a70	14	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
mbedAustin	11:cada08fc8a70	15	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
mbedAustin	11:cada08fc8a70	16	* See the License for the specific language governing permissions and
mbedAustin	11:cada08fc8a70	17	* limitations under the License.
mbedAustin	11:cada08fc8a70	18	*
mbedAustin	11:cada08fc8a70	19	* This file is part of mbed TLS (https://tls.mbed.org)
mbedAustin	11:cada08fc8a70	20	*/
mbedAustin	11:cada08fc8a70	21
mbedAustin	11:cada08fc8a70	22	#if !defined(MBEDTLS_CONFIG_FILE)
mbedAustin	11:cada08fc8a70	23	#include "mbedtls/config.h"
mbedAustin	11:cada08fc8a70	24	#else
mbedAustin	11:cada08fc8a70	25	#include MBEDTLS_CONFIG_FILE
mbedAustin	11:cada08fc8a70	26	#endif
mbedAustin	11:cada08fc8a70	27
mbedAustin	11:cada08fc8a70	28	#if defined(MBEDTLS_PK_C)
mbedAustin	11:cada08fc8a70	29	#include "mbedtls/pk_internal.h"
mbedAustin	11:cada08fc8a70	30
mbedAustin	11:cada08fc8a70	31	/* Even if RSA not activated, for the sake of RSA-alt */
mbedAustin	11:cada08fc8a70	32	#include "mbedtls/rsa.h"
mbedAustin	11:cada08fc8a70	33
mbedAustin	11:cada08fc8a70	34	#include <string.h>
mbedAustin	11:cada08fc8a70	35
mbedAustin	11:cada08fc8a70	36	#if defined(MBEDTLS_ECP_C)
mbedAustin	11:cada08fc8a70	37	#include "mbedtls/ecp.h"
mbedAustin	11:cada08fc8a70	38	#endif
mbedAustin	11:cada08fc8a70	39
mbedAustin	11:cada08fc8a70	40	#if defined(MBEDTLS_ECDSA_C)
mbedAustin	11:cada08fc8a70	41	#include "mbedtls/ecdsa.h"
mbedAustin	11:cada08fc8a70	42	#endif
mbedAustin	11:cada08fc8a70	43
mbedAustin	11:cada08fc8a70	44	#if defined(MBEDTLS_PLATFORM_C)
mbedAustin	11:cada08fc8a70	45	#include "mbedtls/platform.h"
mbedAustin	11:cada08fc8a70	46	#else
mbedAustin	11:cada08fc8a70	47	#include <stdlib.h>
mbedAustin	11:cada08fc8a70	48	#define mbedtls_calloc calloc
mbedAustin	11:cada08fc8a70	49	#define mbedtls_free free
mbedAustin	11:cada08fc8a70	50	#endif
mbedAustin	11:cada08fc8a70	51
mbedAustin	11:cada08fc8a70	52	#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
mbedAustin	11:cada08fc8a70	53	/* Implementation that should never be optimized out by the compiler */
mbedAustin	11:cada08fc8a70	54	static void mbedtls_zeroize( void *v, size_t n ) {
mbedAustin	11:cada08fc8a70	55	volatile unsigned char p = v; while( n-- ) p++ = 0;
mbedAustin	11:cada08fc8a70	56	}
mbedAustin	11:cada08fc8a70	57	#endif
mbedAustin	11:cada08fc8a70	58
mbedAustin	11:cada08fc8a70	59	#if defined(MBEDTLS_RSA_C)
mbedAustin	11:cada08fc8a70	60	static int rsa_can_do( mbedtls_pk_type_t type )
mbedAustin	11:cada08fc8a70	61	{
mbedAustin	11:cada08fc8a70	62	return( type == MBEDTLS_PK_RSA \|\|
mbedAustin	11:cada08fc8a70	63	type == MBEDTLS_PK_RSASSA_PSS );
mbedAustin	11:cada08fc8a70	64	}
mbedAustin	11:cada08fc8a70	65
mbedAustin	11:cada08fc8a70	66	static size_t rsa_get_bitlen( const void *ctx )
mbedAustin	11:cada08fc8a70	67	{
mbedAustin	11:cada08fc8a70	68	return( 8 * ((const mbedtls_rsa_context *) ctx)->len );
mbedAustin	11:cada08fc8a70	69	}
mbedAustin	11:cada08fc8a70	70
mbedAustin	11:cada08fc8a70	71	static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	72	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	73	const unsigned char *sig, size_t sig_len )
mbedAustin	11:cada08fc8a70	74	{
mbedAustin	11:cada08fc8a70	75	int ret;
mbedAustin	11:cada08fc8a70	76
mbedAustin	11:cada08fc8a70	77	if( sig_len < ((mbedtls_rsa_context *) ctx)->len )
mbedAustin	11:cada08fc8a70	78	return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
mbedAustin	11:cada08fc8a70	79
mbedAustin	11:cada08fc8a70	80	if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL,
mbedAustin	11:cada08fc8a70	81	MBEDTLS_RSA_PUBLIC, md_alg,
mbedAustin	11:cada08fc8a70	82	(unsigned int) hash_len, hash, sig ) ) != 0 )
mbedAustin	11:cada08fc8a70	83	return( ret );
mbedAustin	11:cada08fc8a70	84
mbedAustin	11:cada08fc8a70	85	if( sig_len > ((mbedtls_rsa_context *) ctx)->len )
mbedAustin	11:cada08fc8a70	86	return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
mbedAustin	11:cada08fc8a70	87
mbedAustin	11:cada08fc8a70	88	return( 0 );
mbedAustin	11:cada08fc8a70	89	}
mbedAustin	11:cada08fc8a70	90
mbedAustin	11:cada08fc8a70	91	static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	92	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	93	unsigned char sig, size_t sig_len,
mbedAustin	11:cada08fc8a70	94	int (f_rng)(void , unsigned char , size_t), void p_rng )
mbedAustin	11:cada08fc8a70	95	{
mbedAustin	11:cada08fc8a70	96	sig_len = ((mbedtls_rsa_context ) ctx)->len;
mbedAustin	11:cada08fc8a70	97
mbedAustin	11:cada08fc8a70	98	return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
mbedAustin	11:cada08fc8a70	99	md_alg, (unsigned int) hash_len, hash, sig ) );
mbedAustin	11:cada08fc8a70	100	}
mbedAustin	11:cada08fc8a70	101
mbedAustin	11:cada08fc8a70	102	static int rsa_decrypt_wrap( void *ctx,
mbedAustin	11:cada08fc8a70	103	const unsigned char *input, size_t ilen,
mbedAustin	11:cada08fc8a70	104	unsigned char output, size_t olen, size_t osize,
mbedAustin	11:cada08fc8a70	105	int (f_rng)(void , unsigned char , size_t), void p_rng )
mbedAustin	11:cada08fc8a70	106	{
mbedAustin	11:cada08fc8a70	107	if( ilen != ((mbedtls_rsa_context *) ctx)->len )
mbedAustin	11:cada08fc8a70	108	return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
mbedAustin	11:cada08fc8a70	109
mbedAustin	11:cada08fc8a70	110	return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
mbedAustin	11:cada08fc8a70	111	MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
mbedAustin	11:cada08fc8a70	112	}
mbedAustin	11:cada08fc8a70	113
mbedAustin	11:cada08fc8a70	114	static int rsa_encrypt_wrap( void *ctx,
mbedAustin	11:cada08fc8a70	115	const unsigned char *input, size_t ilen,
mbedAustin	11:cada08fc8a70	116	unsigned char output, size_t olen, size_t osize,
mbedAustin	11:cada08fc8a70	117	int (f_rng)(void , unsigned char , size_t), void p_rng )
mbedAustin	11:cada08fc8a70	118	{
mbedAustin	11:cada08fc8a70	119	olen = ((mbedtls_rsa_context ) ctx)->len;
mbedAustin	11:cada08fc8a70	120
mbedAustin	11:cada08fc8a70	121	if( *olen > osize )
mbedAustin	11:cada08fc8a70	122	return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
mbedAustin	11:cada08fc8a70	123
mbedAustin	11:cada08fc8a70	124	return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx,
mbedAustin	11:cada08fc8a70	125	f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) );
mbedAustin	11:cada08fc8a70	126	}
mbedAustin	11:cada08fc8a70	127
mbedAustin	11:cada08fc8a70	128	static int rsa_check_pair_wrap( const void pub, const void prv )
mbedAustin	11:cada08fc8a70	129	{
mbedAustin	11:cada08fc8a70	130	return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
mbedAustin	11:cada08fc8a70	131	(const mbedtls_rsa_context *) prv ) );
mbedAustin	11:cada08fc8a70	132	}
mbedAustin	11:cada08fc8a70	133
mbedAustin	11:cada08fc8a70	134	static void *rsa_alloc_wrap( void )
mbedAustin	11:cada08fc8a70	135	{
mbedAustin	11:cada08fc8a70	136	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) );
mbedAustin	11:cada08fc8a70	137
mbedAustin	11:cada08fc8a70	138	if( ctx != NULL )
mbedAustin	11:cada08fc8a70	139	mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 );
mbedAustin	11:cada08fc8a70	140
mbedAustin	11:cada08fc8a70	141	return( ctx );
mbedAustin	11:cada08fc8a70	142	}
mbedAustin	11:cada08fc8a70	143
mbedAustin	11:cada08fc8a70	144	static void rsa_free_wrap( void *ctx )
mbedAustin	11:cada08fc8a70	145	{
mbedAustin	11:cada08fc8a70	146	mbedtls_rsa_free( (mbedtls_rsa_context *) ctx );
mbedAustin	11:cada08fc8a70	147	mbedtls_free( ctx );
mbedAustin	11:cada08fc8a70	148	}
mbedAustin	11:cada08fc8a70	149
mbedAustin	11:cada08fc8a70	150	static void rsa_debug( const void ctx, mbedtls_pk_debug_item items )
mbedAustin	11:cada08fc8a70	151	{
mbedAustin	11:cada08fc8a70	152	items->type = MBEDTLS_PK_DEBUG_MPI;
mbedAustin	11:cada08fc8a70	153	items->name = "rsa.N";
mbedAustin	11:cada08fc8a70	154	items->value = &( ((mbedtls_rsa_context *) ctx)->N );
mbedAustin	11:cada08fc8a70	155
mbedAustin	11:cada08fc8a70	156	items++;
mbedAustin	11:cada08fc8a70	157
mbedAustin	11:cada08fc8a70	158	items->type = MBEDTLS_PK_DEBUG_MPI;
mbedAustin	11:cada08fc8a70	159	items->name = "rsa.E";
mbedAustin	11:cada08fc8a70	160	items->value = &( ((mbedtls_rsa_context *) ctx)->E );
mbedAustin	11:cada08fc8a70	161	}
mbedAustin	11:cada08fc8a70	162
mbedAustin	11:cada08fc8a70	163	const mbedtls_pk_info_t mbedtls_rsa_info = {
mbedAustin	11:cada08fc8a70	164	MBEDTLS_PK_RSA,
mbedAustin	11:cada08fc8a70	165	"RSA",
mbedAustin	11:cada08fc8a70	166	rsa_get_bitlen,
mbedAustin	11:cada08fc8a70	167	rsa_can_do,
mbedAustin	11:cada08fc8a70	168	rsa_verify_wrap,
mbedAustin	11:cada08fc8a70	169	rsa_sign_wrap,
mbedAustin	11:cada08fc8a70	170	rsa_decrypt_wrap,
mbedAustin	11:cada08fc8a70	171	rsa_encrypt_wrap,
mbedAustin	11:cada08fc8a70	172	rsa_check_pair_wrap,
mbedAustin	11:cada08fc8a70	173	rsa_alloc_wrap,
mbedAustin	11:cada08fc8a70	174	rsa_free_wrap,
mbedAustin	11:cada08fc8a70	175	rsa_debug,
mbedAustin	11:cada08fc8a70	176	};
mbedAustin	11:cada08fc8a70	177	#endif /* MBEDTLS_RSA_C */
mbedAustin	11:cada08fc8a70	178
mbedAustin	11:cada08fc8a70	179	#if defined(MBEDTLS_ECP_C)
mbedAustin	11:cada08fc8a70	180	/*
mbedAustin	11:cada08fc8a70	181	* Generic EC key
mbedAustin	11:cada08fc8a70	182	*/
mbedAustin	11:cada08fc8a70	183	static int eckey_can_do( mbedtls_pk_type_t type )
mbedAustin	11:cada08fc8a70	184	{
mbedAustin	11:cada08fc8a70	185	return( type == MBEDTLS_PK_ECKEY \|\|
mbedAustin	11:cada08fc8a70	186	type == MBEDTLS_PK_ECKEY_DH \|\|
mbedAustin	11:cada08fc8a70	187	type == MBEDTLS_PK_ECDSA );
mbedAustin	11:cada08fc8a70	188	}
mbedAustin	11:cada08fc8a70	189
mbedAustin	11:cada08fc8a70	190	static size_t eckey_get_bitlen( const void *ctx )
mbedAustin	11:cada08fc8a70	191	{
mbedAustin	11:cada08fc8a70	192	return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits );
mbedAustin	11:cada08fc8a70	193	}
mbedAustin	11:cada08fc8a70	194
mbedAustin	11:cada08fc8a70	195	#if defined(MBEDTLS_ECDSA_C)
mbedAustin	11:cada08fc8a70	196	/* Forward declarations */
mbedAustin	11:cada08fc8a70	197	static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	198	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	199	const unsigned char *sig, size_t sig_len );
mbedAustin	11:cada08fc8a70	200
mbedAustin	11:cada08fc8a70	201	static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	202	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	203	unsigned char sig, size_t sig_len,
mbedAustin	11:cada08fc8a70	204	int (f_rng)(void , unsigned char , size_t), void p_rng );
mbedAustin	11:cada08fc8a70	205
mbedAustin	11:cada08fc8a70	206	static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	207	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	208	const unsigned char *sig, size_t sig_len )
mbedAustin	11:cada08fc8a70	209	{
mbedAustin	11:cada08fc8a70	210	int ret;
mbedAustin	11:cada08fc8a70	211	mbedtls_ecdsa_context ecdsa;
mbedAustin	11:cada08fc8a70	212
mbedAustin	11:cada08fc8a70	213	mbedtls_ecdsa_init( &ecdsa );
mbedAustin	11:cada08fc8a70	214
mbedAustin	11:cada08fc8a70	215	if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
mbedAustin	11:cada08fc8a70	216	ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
mbedAustin	11:cada08fc8a70	217
mbedAustin	11:cada08fc8a70	218	mbedtls_ecdsa_free( &ecdsa );
mbedAustin	11:cada08fc8a70	219
mbedAustin	11:cada08fc8a70	220	return( ret );
mbedAustin	11:cada08fc8a70	221	}
mbedAustin	11:cada08fc8a70	222
mbedAustin	11:cada08fc8a70	223	static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	224	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	225	unsigned char sig, size_t sig_len,
mbedAustin	11:cada08fc8a70	226	int (f_rng)(void , unsigned char , size_t), void p_rng )
mbedAustin	11:cada08fc8a70	227	{
mbedAustin	11:cada08fc8a70	228	int ret;
mbedAustin	11:cada08fc8a70	229	mbedtls_ecdsa_context ecdsa;
mbedAustin	11:cada08fc8a70	230
mbedAustin	11:cada08fc8a70	231	mbedtls_ecdsa_init( &ecdsa );
mbedAustin	11:cada08fc8a70	232
mbedAustin	11:cada08fc8a70	233	if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
mbedAustin	11:cada08fc8a70	234	ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
mbedAustin	11:cada08fc8a70	235	f_rng, p_rng );
mbedAustin	11:cada08fc8a70	236
mbedAustin	11:cada08fc8a70	237	mbedtls_ecdsa_free( &ecdsa );
mbedAustin	11:cada08fc8a70	238
mbedAustin	11:cada08fc8a70	239	return( ret );
mbedAustin	11:cada08fc8a70	240	}
mbedAustin	11:cada08fc8a70	241
mbedAustin	11:cada08fc8a70	242	#endif /* MBEDTLS_ECDSA_C */
mbedAustin	11:cada08fc8a70	243
mbedAustin	11:cada08fc8a70	244	static int eckey_check_pair( const void pub, const void prv )
mbedAustin	11:cada08fc8a70	245	{
mbedAustin	11:cada08fc8a70	246	return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
mbedAustin	11:cada08fc8a70	247	(const mbedtls_ecp_keypair *) prv ) );
mbedAustin	11:cada08fc8a70	248	}
mbedAustin	11:cada08fc8a70	249
mbedAustin	11:cada08fc8a70	250	static void *eckey_alloc_wrap( void )
mbedAustin	11:cada08fc8a70	251	{
mbedAustin	11:cada08fc8a70	252	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
mbedAustin	11:cada08fc8a70	253
mbedAustin	11:cada08fc8a70	254	if( ctx != NULL )
mbedAustin	11:cada08fc8a70	255	mbedtls_ecp_keypair_init( ctx );
mbedAustin	11:cada08fc8a70	256
mbedAustin	11:cada08fc8a70	257	return( ctx );
mbedAustin	11:cada08fc8a70	258	}
mbedAustin	11:cada08fc8a70	259
mbedAustin	11:cada08fc8a70	260	static void eckey_free_wrap( void *ctx )
mbedAustin	11:cada08fc8a70	261	{
mbedAustin	11:cada08fc8a70	262	mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx );
mbedAustin	11:cada08fc8a70	263	mbedtls_free( ctx );
mbedAustin	11:cada08fc8a70	264	}
mbedAustin	11:cada08fc8a70	265
mbedAustin	11:cada08fc8a70	266	static void eckey_debug( const void ctx, mbedtls_pk_debug_item items )
mbedAustin	11:cada08fc8a70	267	{
mbedAustin	11:cada08fc8a70	268	items->type = MBEDTLS_PK_DEBUG_ECP;
mbedAustin	11:cada08fc8a70	269	items->name = "eckey.Q";
mbedAustin	11:cada08fc8a70	270	items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
mbedAustin	11:cada08fc8a70	271	}
mbedAustin	11:cada08fc8a70	272
mbedAustin	11:cada08fc8a70	273	const mbedtls_pk_info_t mbedtls_eckey_info = {
mbedAustin	11:cada08fc8a70	274	MBEDTLS_PK_ECKEY,
mbedAustin	11:cada08fc8a70	275	"EC",
mbedAustin	11:cada08fc8a70	276	eckey_get_bitlen,
mbedAustin	11:cada08fc8a70	277	eckey_can_do,
mbedAustin	11:cada08fc8a70	278	#if defined(MBEDTLS_ECDSA_C)
mbedAustin	11:cada08fc8a70	279	eckey_verify_wrap,
mbedAustin	11:cada08fc8a70	280	eckey_sign_wrap,
mbedAustin	11:cada08fc8a70	281	#else
mbedAustin	11:cada08fc8a70	282	NULL,
mbedAustin	11:cada08fc8a70	283	NULL,
mbedAustin	11:cada08fc8a70	284	#endif
mbedAustin	11:cada08fc8a70	285	NULL,
mbedAustin	11:cada08fc8a70	286	NULL,
mbedAustin	11:cada08fc8a70	287	eckey_check_pair,
mbedAustin	11:cada08fc8a70	288	eckey_alloc_wrap,
mbedAustin	11:cada08fc8a70	289	eckey_free_wrap,
mbedAustin	11:cada08fc8a70	290	eckey_debug,
mbedAustin	11:cada08fc8a70	291	};
mbedAustin	11:cada08fc8a70	292
mbedAustin	11:cada08fc8a70	293	/*
mbedAustin	11:cada08fc8a70	294	* EC key restricted to ECDH
mbedAustin	11:cada08fc8a70	295	*/
mbedAustin	11:cada08fc8a70	296	static int eckeydh_can_do( mbedtls_pk_type_t type )
mbedAustin	11:cada08fc8a70	297	{
mbedAustin	11:cada08fc8a70	298	return( type == MBEDTLS_PK_ECKEY \|\|
mbedAustin	11:cada08fc8a70	299	type == MBEDTLS_PK_ECKEY_DH );
mbedAustin	11:cada08fc8a70	300	}
mbedAustin	11:cada08fc8a70	301
mbedAustin	11:cada08fc8a70	302	const mbedtls_pk_info_t mbedtls_eckeydh_info = {
mbedAustin	11:cada08fc8a70	303	MBEDTLS_PK_ECKEY_DH,
mbedAustin	11:cada08fc8a70	304	"EC_DH",
mbedAustin	11:cada08fc8a70	305	eckey_get_bitlen, /* Same underlying key structure */
mbedAustin	11:cada08fc8a70	306	eckeydh_can_do,
mbedAustin	11:cada08fc8a70	307	NULL,
mbedAustin	11:cada08fc8a70	308	NULL,
mbedAustin	11:cada08fc8a70	309	NULL,
mbedAustin	11:cada08fc8a70	310	NULL,
mbedAustin	11:cada08fc8a70	311	eckey_check_pair,
mbedAustin	11:cada08fc8a70	312	eckey_alloc_wrap, /* Same underlying key structure */
mbedAustin	11:cada08fc8a70	313	eckey_free_wrap, /* Same underlying key structure */
mbedAustin	11:cada08fc8a70	314	eckey_debug, /* Same underlying key structure */
mbedAustin	11:cada08fc8a70	315	};
mbedAustin	11:cada08fc8a70	316	#endif /* MBEDTLS_ECP_C */
mbedAustin	11:cada08fc8a70	317
mbedAustin	11:cada08fc8a70	318	#if defined(MBEDTLS_ECDSA_C)
mbedAustin	11:cada08fc8a70	319	static int ecdsa_can_do( mbedtls_pk_type_t type )
mbedAustin	11:cada08fc8a70	320	{
mbedAustin	11:cada08fc8a70	321	return( type == MBEDTLS_PK_ECDSA );
mbedAustin	11:cada08fc8a70	322	}
mbedAustin	11:cada08fc8a70	323
mbedAustin	11:cada08fc8a70	324	static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	325	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	326	const unsigned char *sig, size_t sig_len )
mbedAustin	11:cada08fc8a70	327	{
mbedAustin	11:cada08fc8a70	328	int ret;
mbedAustin	11:cada08fc8a70	329	((void) md_alg);
mbedAustin	11:cada08fc8a70	330
mbedAustin	11:cada08fc8a70	331	ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx,
mbedAustin	11:cada08fc8a70	332	hash, hash_len, sig, sig_len );
mbedAustin	11:cada08fc8a70	333
mbedAustin	11:cada08fc8a70	334	if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
mbedAustin	11:cada08fc8a70	335	return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
mbedAustin	11:cada08fc8a70	336
mbedAustin	11:cada08fc8a70	337	return( ret );
mbedAustin	11:cada08fc8a70	338	}
mbedAustin	11:cada08fc8a70	339
mbedAustin	11:cada08fc8a70	340	static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	341	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	342	unsigned char sig, size_t sig_len,
mbedAustin	11:cada08fc8a70	343	int (f_rng)(void , unsigned char , size_t), void p_rng )
mbedAustin	11:cada08fc8a70	344	{
mbedAustin	11:cada08fc8a70	345	return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx,
mbedAustin	11:cada08fc8a70	346	md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
mbedAustin	11:cada08fc8a70	347	}
mbedAustin	11:cada08fc8a70	348
mbedAustin	11:cada08fc8a70	349	static void *ecdsa_alloc_wrap( void )
mbedAustin	11:cada08fc8a70	350	{
mbedAustin	11:cada08fc8a70	351	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) );
mbedAustin	11:cada08fc8a70	352
mbedAustin	11:cada08fc8a70	353	if( ctx != NULL )
mbedAustin	11:cada08fc8a70	354	mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx );
mbedAustin	11:cada08fc8a70	355
mbedAustin	11:cada08fc8a70	356	return( ctx );
mbedAustin	11:cada08fc8a70	357	}
mbedAustin	11:cada08fc8a70	358
mbedAustin	11:cada08fc8a70	359	static void ecdsa_free_wrap( void *ctx )
mbedAustin	11:cada08fc8a70	360	{
mbedAustin	11:cada08fc8a70	361	mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx );
mbedAustin	11:cada08fc8a70	362	mbedtls_free( ctx );
mbedAustin	11:cada08fc8a70	363	}
mbedAustin	11:cada08fc8a70	364
mbedAustin	11:cada08fc8a70	365	const mbedtls_pk_info_t mbedtls_ecdsa_info = {
mbedAustin	11:cada08fc8a70	366	MBEDTLS_PK_ECDSA,
mbedAustin	11:cada08fc8a70	367	"ECDSA",
mbedAustin	11:cada08fc8a70	368	eckey_get_bitlen, /* Compatible key structures */
mbedAustin	11:cada08fc8a70	369	ecdsa_can_do,
mbedAustin	11:cada08fc8a70	370	ecdsa_verify_wrap,
mbedAustin	11:cada08fc8a70	371	ecdsa_sign_wrap,
mbedAustin	11:cada08fc8a70	372	NULL,
mbedAustin	11:cada08fc8a70	373	NULL,
mbedAustin	11:cada08fc8a70	374	eckey_check_pair, /* Compatible key structures */
mbedAustin	11:cada08fc8a70	375	ecdsa_alloc_wrap,
mbedAustin	11:cada08fc8a70	376	ecdsa_free_wrap,
mbedAustin	11:cada08fc8a70	377	eckey_debug, /* Compatible key structures */
mbedAustin	11:cada08fc8a70	378	};
mbedAustin	11:cada08fc8a70	379	#endif /* MBEDTLS_ECDSA_C */
mbedAustin	11:cada08fc8a70	380
mbedAustin	11:cada08fc8a70	381	#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
mbedAustin	11:cada08fc8a70	382	/*
mbedAustin	11:cada08fc8a70	383	* Support for alternative RSA-private implementations
mbedAustin	11:cada08fc8a70	384	*/
mbedAustin	11:cada08fc8a70	385
mbedAustin	11:cada08fc8a70	386	static int rsa_alt_can_do( mbedtls_pk_type_t type )
mbedAustin	11:cada08fc8a70	387	{
mbedAustin	11:cada08fc8a70	388	return( type == MBEDTLS_PK_RSA );
mbedAustin	11:cada08fc8a70	389	}
mbedAustin	11:cada08fc8a70	390
mbedAustin	11:cada08fc8a70	391	static size_t rsa_alt_get_bitlen( const void *ctx )
mbedAustin	11:cada08fc8a70	392	{
mbedAustin	11:cada08fc8a70	393	const mbedtls_rsa_alt_context rsa_alt = (const mbedtls_rsa_alt_context ) ctx;
mbedAustin	11:cada08fc8a70	394
mbedAustin	11:cada08fc8a70	395	return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
mbedAustin	11:cada08fc8a70	396	}
mbedAustin	11:cada08fc8a70	397
mbedAustin	11:cada08fc8a70	398	static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
mbedAustin	11:cada08fc8a70	399	const unsigned char *hash, size_t hash_len,
mbedAustin	11:cada08fc8a70	400	unsigned char sig, size_t sig_len,
mbedAustin	11:cada08fc8a70	401	int (f_rng)(void , unsigned char , size_t), void p_rng )
mbedAustin	11:cada08fc8a70	402	{
mbedAustin	11:cada08fc8a70	403	mbedtls_rsa_alt_context rsa_alt = (mbedtls_rsa_alt_context ) ctx;
mbedAustin	11:cada08fc8a70	404
mbedAustin	11:cada08fc8a70	405	*sig_len = rsa_alt->key_len_func( rsa_alt->key );
mbedAustin	11:cada08fc8a70	406
mbedAustin	11:cada08fc8a70	407	return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
mbedAustin	11:cada08fc8a70	408	md_alg, (unsigned int) hash_len, hash, sig ) );
mbedAustin	11:cada08fc8a70	409	}
mbedAustin	11:cada08fc8a70	410
mbedAustin	11:cada08fc8a70	411	static int rsa_alt_decrypt_wrap( void *ctx,
mbedAustin	11:cada08fc8a70	412	const unsigned char *input, size_t ilen,
mbedAustin	11:cada08fc8a70	413	unsigned char output, size_t olen, size_t osize,
mbedAustin	11:cada08fc8a70	414	int (f_rng)(void , unsigned char , size_t), void p_rng )
mbedAustin	11:cada08fc8a70	415	{
mbedAustin	11:cada08fc8a70	416	mbedtls_rsa_alt_context rsa_alt = (mbedtls_rsa_alt_context ) ctx;
mbedAustin	11:cada08fc8a70	417
mbedAustin	11:cada08fc8a70	418	((void) f_rng);
mbedAustin	11:cada08fc8a70	419	((void) p_rng);
mbedAustin	11:cada08fc8a70	420
mbedAustin	11:cada08fc8a70	421	if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
mbedAustin	11:cada08fc8a70	422	return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
mbedAustin	11:cada08fc8a70	423
mbedAustin	11:cada08fc8a70	424	return( rsa_alt->decrypt_func( rsa_alt->key,
mbedAustin	11:cada08fc8a70	425	MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
mbedAustin	11:cada08fc8a70	426	}
mbedAustin	11:cada08fc8a70	427
mbedAustin	11:cada08fc8a70	428	#if defined(MBEDTLS_RSA_C)
mbedAustin	11:cada08fc8a70	429	static int rsa_alt_check_pair( const void pub, const void prv )
mbedAustin	11:cada08fc8a70	430	{
mbedAustin	11:cada08fc8a70	431	unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
mbedAustin	11:cada08fc8a70	432	unsigned char hash[32];
mbedAustin	11:cada08fc8a70	433	size_t sig_len = 0;
mbedAustin	11:cada08fc8a70	434	int ret;
mbedAustin	11:cada08fc8a70	435
mbedAustin	11:cada08fc8a70	436	if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) )
mbedAustin	11:cada08fc8a70	437	return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
mbedAustin	11:cada08fc8a70	438
mbedAustin	11:cada08fc8a70	439	memset( hash, 0x2a, sizeof( hash ) );
mbedAustin	11:cada08fc8a70	440
mbedAustin	11:cada08fc8a70	441	if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
mbedAustin	11:cada08fc8a70	442	hash, sizeof( hash ),
mbedAustin	11:cada08fc8a70	443	sig, &sig_len, NULL, NULL ) ) != 0 )
mbedAustin	11:cada08fc8a70	444	{
mbedAustin	11:cada08fc8a70	445	return( ret );
mbedAustin	11:cada08fc8a70	446	}
mbedAustin	11:cada08fc8a70	447
mbedAustin	11:cada08fc8a70	448	if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE,
mbedAustin	11:cada08fc8a70	449	hash, sizeof( hash ), sig, sig_len ) != 0 )
mbedAustin	11:cada08fc8a70	450	{
mbedAustin	11:cada08fc8a70	451	return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
mbedAustin	11:cada08fc8a70	452	}
mbedAustin	11:cada08fc8a70	453
mbedAustin	11:cada08fc8a70	454	return( 0 );
mbedAustin	11:cada08fc8a70	455	}
mbedAustin	11:cada08fc8a70	456	#endif /* MBEDTLS_RSA_C */
mbedAustin	11:cada08fc8a70	457
mbedAustin	11:cada08fc8a70	458	static void *rsa_alt_alloc_wrap( void )
mbedAustin	11:cada08fc8a70	459	{
mbedAustin	11:cada08fc8a70	460	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) );
mbedAustin	11:cada08fc8a70	461
mbedAustin	11:cada08fc8a70	462	if( ctx != NULL )
mbedAustin	11:cada08fc8a70	463	memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) );
mbedAustin	11:cada08fc8a70	464
mbedAustin	11:cada08fc8a70	465	return( ctx );
mbedAustin	11:cada08fc8a70	466	}
mbedAustin	11:cada08fc8a70	467
mbedAustin	11:cada08fc8a70	468	static void rsa_alt_free_wrap( void *ctx )
mbedAustin	11:cada08fc8a70	469	{
mbedAustin	11:cada08fc8a70	470	mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) );
mbedAustin	11:cada08fc8a70	471	mbedtls_free( ctx );
mbedAustin	11:cada08fc8a70	472	}
mbedAustin	11:cada08fc8a70	473
mbedAustin	11:cada08fc8a70	474	const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
mbedAustin	11:cada08fc8a70	475	MBEDTLS_PK_RSA_ALT,
mbedAustin	11:cada08fc8a70	476	"RSA-alt",
mbedAustin	11:cada08fc8a70	477	rsa_alt_get_bitlen,
mbedAustin	11:cada08fc8a70	478	rsa_alt_can_do,
mbedAustin	11:cada08fc8a70	479	NULL,
mbedAustin	11:cada08fc8a70	480	rsa_alt_sign_wrap,
mbedAustin	11:cada08fc8a70	481	rsa_alt_decrypt_wrap,
mbedAustin	11:cada08fc8a70	482	NULL,
mbedAustin	11:cada08fc8a70	483	#if defined(MBEDTLS_RSA_C)
mbedAustin	11:cada08fc8a70	484	rsa_alt_check_pair,
mbedAustin	11:cada08fc8a70	485	#else
mbedAustin	11:cada08fc8a70	486	NULL,
mbedAustin	11:cada08fc8a70	487	#endif
mbedAustin	11:cada08fc8a70	488	rsa_alt_alloc_wrap,
mbedAustin	11:cada08fc8a70	489	rsa_alt_free_wrap,
mbedAustin	11:cada08fc8a70	490	NULL,
mbedAustin	11:cada08fc8a70	491	};
mbedAustin	11:cada08fc8a70	492
mbedAustin	11:cada08fc8a70	493	#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
mbedAustin	11:cada08fc8a70	494
mbedAustin	11:cada08fc8a70	495	#endif /* MBEDTLS_PK_C */

Repository toolbox

Export to desktop IDE

Build repository

Repository details

Type:	Program
Mbed OS support:	Mbed 2 deprecated
Created:	16 Jun 2016
Imports:	15
Forks:	0
Commits:	12
Dependents:	0
Dependencies:	5
Followers:	2

The code in this repository is Apache licensed.

mbedtls/source/pk_wrap.c@11:cada08fc8a70, 2016-06-09 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning