5b16e9eabc
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
168 lines
5.7 KiB
C
168 lines
5.7 KiB
C
/**
|
|
* \file pk_wrap.h
|
|
*
|
|
* \brief Public Key abstraction layer: wrapper functions
|
|
*/
|
|
/*
|
|
* Copyright The Mbed TLS Contributors
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#ifndef MBEDTLS_PK_WRAP_H
|
|
#define MBEDTLS_PK_WRAP_H
|
|
|
|
#include "mbedtls/build_info.h"
|
|
|
|
#include "mbedtls/pk.h"
|
|
|
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
|
#include "psa/crypto.h"
|
|
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
|
|
|
#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) || defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
|
|
#define MBEDTLS_PK_CAN_ECDSA_SOME
|
|
#endif
|
|
|
|
struct mbedtls_pk_info_t {
|
|
/** Public key type */
|
|
mbedtls_pk_type_t type;
|
|
|
|
/** Type name */
|
|
const char *name;
|
|
|
|
/** Get key size in bits */
|
|
size_t (*get_bitlen)(const void *);
|
|
|
|
/** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
|
|
int (*can_do)(mbedtls_pk_type_t type);
|
|
|
|
/** Verify signature */
|
|
int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg,
|
|
const unsigned char *hash, size_t hash_len,
|
|
const unsigned char *sig, size_t sig_len);
|
|
|
|
/** Make signature */
|
|
int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg,
|
|
const unsigned char *hash, size_t hash_len,
|
|
unsigned char *sig, size_t sig_size, size_t *sig_len,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng);
|
|
|
|
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
|
|
/** Verify signature (restartable) */
|
|
int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg,
|
|
const unsigned char *hash, size_t hash_len,
|
|
const unsigned char *sig, size_t sig_len,
|
|
void *rs_ctx);
|
|
|
|
/** Make signature (restartable) */
|
|
int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg,
|
|
const unsigned char *hash, size_t hash_len,
|
|
unsigned char *sig, size_t sig_size, size_t *sig_len,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng, void *rs_ctx);
|
|
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
|
|
|
|
/** Decrypt message */
|
|
int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen,
|
|
unsigned char *output, size_t *olen, size_t osize,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng);
|
|
|
|
/** Encrypt message */
|
|
int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen,
|
|
unsigned char *output, size_t *olen, size_t osize,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng);
|
|
|
|
/** Check public-private key pair */
|
|
int (*check_pair_func)(const void *pub, const void *prv,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng);
|
|
|
|
/** Allocate a new context */
|
|
void * (*ctx_alloc_func)(void);
|
|
|
|
/** Free the given context */
|
|
void (*ctx_free_func)(void *ctx);
|
|
|
|
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
|
|
/** Allocate the restart context */
|
|
void *(*rs_alloc_func)(void);
|
|
|
|
/** Free the restart context */
|
|
void (*rs_free_func)(void *rs_ctx);
|
|
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
|
|
|
|
/** Interface with the debug module */
|
|
void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items);
|
|
|
|
};
|
|
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
|
|
/* Container for RSA-alt */
|
|
typedef struct {
|
|
void *key;
|
|
mbedtls_pk_rsa_alt_decrypt_func decrypt_func;
|
|
mbedtls_pk_rsa_alt_sign_func sign_func;
|
|
mbedtls_pk_rsa_alt_key_len_func key_len_func;
|
|
} mbedtls_rsa_alt_context;
|
|
#endif
|
|
|
|
#if defined(MBEDTLS_RSA_C)
|
|
extern const mbedtls_pk_info_t mbedtls_rsa_info;
|
|
#endif
|
|
|
|
#if defined(MBEDTLS_ECP_C)
|
|
extern const mbedtls_pk_info_t mbedtls_eckey_info;
|
|
extern const mbedtls_pk_info_t mbedtls_eckeydh_info;
|
|
#endif
|
|
|
|
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
|
extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
|
|
#endif
|
|
|
|
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
|
|
extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
|
|
#endif
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
extern const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info;
|
|
extern const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info;
|
|
|
|
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
|
int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status);
|
|
#endif
|
|
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
|
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
|
int mbedtls_pk_error_from_psa(psa_status_t status);
|
|
|
|
#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \
|
|
defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
|
|
int mbedtls_pk_error_from_psa_rsa(psa_status_t status);
|
|
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
|
|
|
|
#if defined(MBEDTLS_RSA_C)
|
|
int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md,
|
|
mbedtls_rsa_context *rsa_ctx,
|
|
const unsigned char *hash, size_t hash_len,
|
|
unsigned char *sig, size_t sig_size,
|
|
size_t *sig_len);
|
|
#endif /* MBEDTLS_RSA_C */
|
|
|
|
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
|
|
|
#endif /* MBEDTLS_PK_WRAP_H */
|