2 * Public Key abstraction layer
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: GPL-2.0
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 * This file is part of mbed TLS (https://tls.mbed.org)
24 #if !defined(MBEDTLS_CONFIG_FILE)
25 #include "mbedtls/config.h"
27 #include MBEDTLS_CONFIG_FILE
30 #if defined(MBEDTLS_PK_C)
31 #include "mbedtls/pk.h"
32 #include "mbedtls/pk_internal.h"
34 #include "mbedtls/bignum.h"
36 #if defined(MBEDTLS_RSA_C)
37 #include "mbedtls/rsa.h"
39 #if defined(MBEDTLS_ECP_C)
40 #include "mbedtls/ecp.h"
42 #if defined(MBEDTLS_ECDSA_C)
43 #include "mbedtls/ecdsa.h"
48 /* Implementation that should never be optimized out by the compiler */
49 static void mbedtls_zeroize( void *v
, size_t n
) {
50 volatile unsigned char *p
= v
; while( n
-- ) *p
++ = 0;
54 * Initialise a mbedtls_pk_context
56 void mbedtls_pk_init( mbedtls_pk_context
*ctx
)
66 * Free (the components of) a mbedtls_pk_context
68 void mbedtls_pk_free( mbedtls_pk_context
*ctx
)
70 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
73 ctx
->pk_info
->ctx_free_func( ctx
->pk_ctx
);
75 mbedtls_zeroize( ctx
, sizeof( mbedtls_pk_context
) );
79 * Get pk_info structure from type
81 const mbedtls_pk_info_t
* mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type
)
84 #if defined(MBEDTLS_RSA_C)
86 return( &mbedtls_rsa_info
);
88 #if defined(MBEDTLS_ECP_C)
89 case MBEDTLS_PK_ECKEY
:
90 return( &mbedtls_eckey_info
);
91 case MBEDTLS_PK_ECKEY_DH
:
92 return( &mbedtls_eckeydh_info
);
94 #if defined(MBEDTLS_ECDSA_C)
95 case MBEDTLS_PK_ECDSA
:
96 return( &mbedtls_ecdsa_info
);
98 /* MBEDTLS_PK_RSA_ALT omitted on purpose */
107 int mbedtls_pk_setup( mbedtls_pk_context
*ctx
, const mbedtls_pk_info_t
*info
)
109 if( ctx
== NULL
|| info
== NULL
|| ctx
->pk_info
!= NULL
)
110 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
112 if( ( ctx
->pk_ctx
= info
->ctx_alloc_func() ) == NULL
)
113 return( MBEDTLS_ERR_PK_ALLOC_FAILED
);
120 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
122 * Initialize an RSA-alt context
124 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context
*ctx
, void * key
,
125 mbedtls_pk_rsa_alt_decrypt_func decrypt_func
,
126 mbedtls_pk_rsa_alt_sign_func sign_func
,
127 mbedtls_pk_rsa_alt_key_len_func key_len_func
)
129 mbedtls_rsa_alt_context
*rsa_alt
;
130 const mbedtls_pk_info_t
*info
= &mbedtls_rsa_alt_info
;
132 if( ctx
== NULL
|| ctx
->pk_info
!= NULL
)
133 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
135 if( ( ctx
->pk_ctx
= info
->ctx_alloc_func() ) == NULL
)
136 return( MBEDTLS_ERR_PK_ALLOC_FAILED
);
140 rsa_alt
= (mbedtls_rsa_alt_context
*) ctx
->pk_ctx
;
143 rsa_alt
->decrypt_func
= decrypt_func
;
144 rsa_alt
->sign_func
= sign_func
;
145 rsa_alt
->key_len_func
= key_len_func
;
149 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
152 * Tell if a PK can do the operations of the given type
154 int mbedtls_pk_can_do( const mbedtls_pk_context
*ctx
, mbedtls_pk_type_t type
)
156 /* null or NONE context can't do anything */
157 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
160 return( ctx
->pk_info
->can_do( type
) );
164 * Helper for mbedtls_pk_sign and mbedtls_pk_verify
166 static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg
, size_t *hash_len
)
168 const mbedtls_md_info_t
*md_info
;
173 if( ( md_info
= mbedtls_md_info_from_type( md_alg
) ) == NULL
)
176 *hash_len
= mbedtls_md_get_size( md_info
);
183 int mbedtls_pk_verify( mbedtls_pk_context
*ctx
, mbedtls_md_type_t md_alg
,
184 const unsigned char *hash
, size_t hash_len
,
185 const unsigned char *sig
, size_t sig_len
)
187 if( ctx
== NULL
|| ctx
->pk_info
== NULL
||
188 pk_hashlen_helper( md_alg
, &hash_len
) != 0 )
189 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
191 if( ctx
->pk_info
->verify_func
== NULL
)
192 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
194 return( ctx
->pk_info
->verify_func( ctx
->pk_ctx
, md_alg
, hash
, hash_len
,
199 * Verify a signature with options
201 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type
, const void *options
,
202 mbedtls_pk_context
*ctx
, mbedtls_md_type_t md_alg
,
203 const unsigned char *hash
, size_t hash_len
,
204 const unsigned char *sig
, size_t sig_len
)
206 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
207 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
209 if( ! mbedtls_pk_can_do( ctx
, type
) )
210 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
212 if( type
== MBEDTLS_PK_RSASSA_PSS
)
214 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
216 const mbedtls_pk_rsassa_pss_options
*pss_opts
;
218 #if defined(MBEDTLS_HAVE_INT64)
219 if( md_alg
== MBEDTLS_MD_NONE
&& UINT_MAX
< hash_len
)
220 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
221 #endif /* MBEDTLS_HAVE_INT64 */
223 if( options
== NULL
)
224 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
226 pss_opts
= (const mbedtls_pk_rsassa_pss_options
*) options
;
228 if( sig_len
< mbedtls_pk_get_len( ctx
) )
229 return( MBEDTLS_ERR_RSA_VERIFY_FAILED
);
231 ret
= mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx
),
232 NULL
, NULL
, MBEDTLS_RSA_PUBLIC
,
233 md_alg
, (unsigned int) hash_len
, hash
,
234 pss_opts
->mgf1_hash_id
,
235 pss_opts
->expected_salt_len
,
240 if( sig_len
> mbedtls_pk_get_len( ctx
) )
241 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
);
245 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
);
246 #endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
249 /* General case: no options */
250 if( options
!= NULL
)
251 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
253 return( mbedtls_pk_verify( ctx
, md_alg
, hash
, hash_len
, sig
, sig_len
) );
259 int mbedtls_pk_sign( mbedtls_pk_context
*ctx
, mbedtls_md_type_t md_alg
,
260 const unsigned char *hash
, size_t hash_len
,
261 unsigned char *sig
, size_t *sig_len
,
262 int (*f_rng
)(void *, unsigned char *, size_t), void *p_rng
)
264 if( ctx
== NULL
|| ctx
->pk_info
== NULL
||
265 pk_hashlen_helper( md_alg
, &hash_len
) != 0 )
266 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
268 if( ctx
->pk_info
->sign_func
== NULL
)
269 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
271 return( ctx
->pk_info
->sign_func( ctx
->pk_ctx
, md_alg
, hash
, hash_len
,
272 sig
, sig_len
, f_rng
, p_rng
) );
278 int mbedtls_pk_decrypt( mbedtls_pk_context
*ctx
,
279 const unsigned char *input
, size_t ilen
,
280 unsigned char *output
, size_t *olen
, size_t osize
,
281 int (*f_rng
)(void *, unsigned char *, size_t), void *p_rng
)
283 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
284 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
286 if( ctx
->pk_info
->decrypt_func
== NULL
)
287 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
289 return( ctx
->pk_info
->decrypt_func( ctx
->pk_ctx
, input
, ilen
,
290 output
, olen
, osize
, f_rng
, p_rng
) );
296 int mbedtls_pk_encrypt( mbedtls_pk_context
*ctx
,
297 const unsigned char *input
, size_t ilen
,
298 unsigned char *output
, size_t *olen
, size_t osize
,
299 int (*f_rng
)(void *, unsigned char *, size_t), void *p_rng
)
301 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
302 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
304 if( ctx
->pk_info
->encrypt_func
== NULL
)
305 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
307 return( ctx
->pk_info
->encrypt_func( ctx
->pk_ctx
, input
, ilen
,
308 output
, olen
, osize
, f_rng
, p_rng
) );
312 * Check public-private key pair
314 int mbedtls_pk_check_pair( const mbedtls_pk_context
*pub
, const mbedtls_pk_context
*prv
)
316 if( pub
== NULL
|| pub
->pk_info
== NULL
||
317 prv
== NULL
|| prv
->pk_info
== NULL
||
318 prv
->pk_info
->check_pair_func
== NULL
)
320 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
323 if( prv
->pk_info
->type
== MBEDTLS_PK_RSA_ALT
)
325 if( pub
->pk_info
->type
!= MBEDTLS_PK_RSA
)
326 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
330 if( pub
->pk_info
!= prv
->pk_info
)
331 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
334 return( prv
->pk_info
->check_pair_func( pub
->pk_ctx
, prv
->pk_ctx
) );
338 * Get key size in bits
340 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context
*ctx
)
342 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
345 return( ctx
->pk_info
->get_bitlen( ctx
->pk_ctx
) );
349 * Export debug information
351 int mbedtls_pk_debug( const mbedtls_pk_context
*ctx
, mbedtls_pk_debug_item
*items
)
353 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
354 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA
);
356 if( ctx
->pk_info
->debug_func
== NULL
)
357 return( MBEDTLS_ERR_PK_TYPE_MISMATCH
);
359 ctx
->pk_info
->debug_func( ctx
->pk_ctx
, items
);
364 * Access the PK type name
366 const char *mbedtls_pk_get_name( const mbedtls_pk_context
*ctx
)
368 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
369 return( "invalid PK" );
371 return( ctx
->pk_info
->name
);
377 mbedtls_pk_type_t
mbedtls_pk_get_type( const mbedtls_pk_context
*ctx
)
379 if( ctx
== NULL
|| ctx
->pk_info
== NULL
)
380 return( MBEDTLS_PK_NONE
);
382 return( ctx
->pk_info
->type
);
385 #endif /* MBEDTLS_PK_C */