ReactOS 0.4.15-dev-8339-g4028de8
pk.c
Go to the documentation of this file.
1/*
2 * Public Key abstraction layer
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6 *
7 * This file is provided under the Apache License 2.0, or the
8 * GNU General Public License v2.0 or later.
9 *
10 * **********
11 * Apache License 2.0:
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 *
25 * **********
26 *
27 * **********
28 * GNU General Public License v2.0 or later:
29 *
30 * This program is free software; you can redistribute it and/or modify
31 * it under the terms of the GNU General Public License as published by
32 * the Free Software Foundation; either version 2 of the License, or
33 * (at your option) any later version.
34 *
35 * This program is distributed in the hope that it will be useful,
36 * but WITHOUT ANY WARRANTY; without even the implied warranty of
37 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38 * GNU General Public License for more details.
39 *
40 * You should have received a copy of the GNU General Public License along
41 * with this program; if not, write to the Free Software Foundation, Inc.,
42 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
43 *
44 * **********
45 */
46
47#if !defined(MBEDTLS_CONFIG_FILE)
48#include "mbedtls/config.h"
49#else
50#include MBEDTLS_CONFIG_FILE
51#endif
52
53#if defined(MBEDTLS_PK_C)
54#include "mbedtls/pk.h"
55#include "mbedtls/pk_internal.h"
56
58
59#if defined(MBEDTLS_RSA_C)
60#include "mbedtls/rsa.h"
61#endif
62#if defined(MBEDTLS_ECP_C)
63#include "mbedtls/ecp.h"
64#endif
65#if defined(MBEDTLS_ECDSA_C)
66#include "mbedtls/ecdsa.h"
67#endif
68
69#include <limits.h>
70#include <stdint.h>
71
72/* Parameter validation macros based on platform_util.h */
73#define PK_VALIDATE_RET( cond ) \
74 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
75#define PK_VALIDATE( cond ) \
76 MBEDTLS_INTERNAL_VALIDATE( cond )
77
78/*
79 * Initialise a mbedtls_pk_context
80 */
82{
83 PK_VALIDATE( ctx != NULL );
84
85 ctx->pk_info = NULL;
86 ctx->pk_ctx = NULL;
87}
88
89/*
90 * Free (the components of) a mbedtls_pk_context
91 */
93{
94 if( ctx == NULL )
95 return;
96
97 if ( ctx->pk_info != NULL )
98 ctx->pk_info->ctx_free_func( ctx->pk_ctx );
99
101}
102
103#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
104/*
105 * Initialize a restart context
106 */
107void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
108{
109 PK_VALIDATE( ctx != NULL );
110 ctx->pk_info = NULL;
111 ctx->rs_ctx = NULL;
112}
113
114/*
115 * Free the components of a restart context
116 */
117void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
118{
119 if( ctx == NULL || ctx->pk_info == NULL ||
120 ctx->pk_info->rs_free_func == NULL )
121 {
122 return;
123 }
124
125 ctx->pk_info->rs_free_func( ctx->rs_ctx );
126
127 ctx->pk_info = NULL;
128 ctx->rs_ctx = NULL;
129}
130#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
131
132/*
133 * Get pk_info structure from type
134 */
136{
137 switch( pk_type ) {
138#if defined(MBEDTLS_RSA_C)
139 case MBEDTLS_PK_RSA:
140 return( &mbedtls_rsa_info );
141#endif
142#if defined(MBEDTLS_ECP_C)
143 case MBEDTLS_PK_ECKEY:
144 return( &mbedtls_eckey_info );
146 return( &mbedtls_eckeydh_info );
147#endif
148#if defined(MBEDTLS_ECDSA_C)
149 case MBEDTLS_PK_ECDSA:
150 return( &mbedtls_ecdsa_info );
151#endif
152 /* MBEDTLS_PK_RSA_ALT omitted on purpose */
153 default:
154 return( NULL );
155 }
156}
157
158/*
159 * Initialise context
160 */
162{
163 PK_VALIDATE_RET( ctx != NULL );
164 if( info == NULL || ctx->pk_info != NULL )
166
167 if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
169
170 ctx->pk_info = info;
171
172 return( 0 );
173}
174
175#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
176/*
177 * Initialize an RSA-alt context
178 */
183{
186
187 PK_VALIDATE_RET( ctx != NULL );
188 if( ctx->pk_info != NULL )
190
191 if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
193
194 ctx->pk_info = info;
195
196 rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
197
198 rsa_alt->key = key;
199 rsa_alt->decrypt_func = decrypt_func;
200 rsa_alt->sign_func = sign_func;
201 rsa_alt->key_len_func = key_len_func;
202
203 return( 0 );
204}
205#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
206
207/*
208 * Tell if a PK can do the operations of the given type
209 */
211{
212 /* A context with null pk_info is not set up yet and can't do anything.
213 * For backward compatibility, also accept NULL instead of a context
214 * pointer. */
215 if( ctx == NULL || ctx->pk_info == NULL )
216 return( 0 );
217
218 return( ctx->pk_info->can_do( type ) );
219}
220
221/*
222 * Helper for mbedtls_pk_sign and mbedtls_pk_verify
223 */
224static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
225{
226 const mbedtls_md_info_t *md_info;
227
228 if( *hash_len != 0 && md_alg == MBEDTLS_MD_NONE )
229 return( 0 );
230
231 if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
232 return( -1 );
233
234 if ( *hash_len != 0 && *hash_len < mbedtls_md_get_size( md_info ) )
235 return ( -1 );
236
237 *hash_len = mbedtls_md_get_size( md_info );
238 return( 0 );
239}
240
241#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
242/*
243 * Helper to set up a restart context if needed
244 */
245static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx,
246 const mbedtls_pk_info_t *info )
247{
248 /* Don't do anything if already set up or invalid */
249 if( ctx == NULL || ctx->pk_info != NULL )
250 return( 0 );
251
252 /* Should never happen when we're called */
253 if( info->rs_alloc_func == NULL || info->rs_free_func == NULL )
255
256 if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL )
258
259 ctx->pk_info = info;
260
261 return( 0 );
262}
263#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
264
265/*
266 * Verify a signature (restartable)
267 */
269 mbedtls_md_type_t md_alg,
270 const unsigned char *hash, size_t hash_len,
271 const unsigned char *sig, size_t sig_len,
272 mbedtls_pk_restart_ctx *rs_ctx )
273{
274 PK_VALIDATE_RET( ctx != NULL );
275 PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
276 hash != NULL );
277 PK_VALIDATE_RET( sig != NULL );
278
279 if( ctx->pk_info == NULL ||
280 pk_hashlen_helper( md_alg, &hash_len ) != 0 )
282
283#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
284 /* optimization: use non-restartable version if restart disabled */
285 if( rs_ctx != NULL &&
286 mbedtls_ecp_restart_is_enabled() &&
287 ctx->pk_info->verify_rs_func != NULL )
288 {
289 int ret;
290
291 if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
292 return( ret );
293
294 ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx,
295 md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx );
296
298 mbedtls_pk_restart_free( rs_ctx );
299
300 return( ret );
301 }
302#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
303 (void) rs_ctx;
304#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
305
306 if( ctx->pk_info->verify_func == NULL )
308
309 return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
310 sig, sig_len ) );
311}
312
313/*
314 * Verify a signature
315 */
317 const unsigned char *hash, size_t hash_len,
318 const unsigned char *sig, size_t sig_len )
319{
320 return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len,
321 sig, sig_len, NULL ) );
322}
323
324/*
325 * Verify a signature with options
326 */
329 const unsigned char *hash, size_t hash_len,
330 const unsigned char *sig, size_t sig_len )
331{
332 PK_VALIDATE_RET( ctx != NULL );
333 PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
334 hash != NULL );
335 PK_VALIDATE_RET( sig != NULL );
336
337 if( ctx->pk_info == NULL )
339
340 if( ! mbedtls_pk_can_do( ctx, type ) )
342
344 {
345#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
346 int ret;
347 const mbedtls_pk_rsassa_pss_options *pss_opts;
348
349#if SIZE_MAX > UINT_MAX
350 if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
352#endif /* SIZE_MAX > UINT_MAX */
353
354 if( options == NULL )
356
357 pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
358
359 if( sig_len < mbedtls_pk_get_len( ctx ) )
361
364 md_alg, (unsigned int) hash_len, hash,
365 pss_opts->mgf1_hash_id,
366 pss_opts->expected_salt_len,
367 sig );
368 if( ret != 0 )
369 return( ret );
370
371 if( sig_len > mbedtls_pk_get_len( ctx ) )
373
374 return( 0 );
375#else
377#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
378 }
379
380 /* General case: no options */
381 if( options != NULL )
383
384 return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
385}
386
387/*
388 * Make a signature (restartable)
389 */
391 mbedtls_md_type_t md_alg,
392 const unsigned char *hash, size_t hash_len,
393 unsigned char *sig, size_t *sig_len,
394 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
395 mbedtls_pk_restart_ctx *rs_ctx )
396{
397 PK_VALIDATE_RET( ctx != NULL );
398 PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
399 hash != NULL );
400 PK_VALIDATE_RET( sig != NULL );
401
402 if( ctx->pk_info == NULL ||
403 pk_hashlen_helper( md_alg, &hash_len ) != 0 )
405
406#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
407 /* optimization: use non-restartable version if restart disabled */
408 if( rs_ctx != NULL &&
409 mbedtls_ecp_restart_is_enabled() &&
410 ctx->pk_info->sign_rs_func != NULL )
411 {
412 int ret;
413
414 if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
415 return( ret );
416
417 ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg,
418 hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx );
419
421 mbedtls_pk_restart_free( rs_ctx );
422
423 return( ret );
424 }
425#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
426 (void) rs_ctx;
427#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
428
429 if( ctx->pk_info->sign_func == NULL )
431
432 return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
433 sig, sig_len, f_rng, p_rng ) );
434}
435
436/*
437 * Make a signature
438 */
440 const unsigned char *hash, size_t hash_len,
441 unsigned char *sig, size_t *sig_len,
442 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
443{
444 return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len,
445 sig, sig_len, f_rng, p_rng, NULL ) );
446}
447
448/*
449 * Decrypt message
450 */
452 const unsigned char *input, size_t ilen,
453 unsigned char *output, size_t *olen, size_t osize,
454 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
455{
456 PK_VALIDATE_RET( ctx != NULL );
457 PK_VALIDATE_RET( input != NULL || ilen == 0 );
458 PK_VALIDATE_RET( output != NULL || osize == 0 );
459 PK_VALIDATE_RET( olen != NULL );
460
461 if( ctx->pk_info == NULL )
463
464 if( ctx->pk_info->decrypt_func == NULL )
466
467 return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
468 output, olen, osize, f_rng, p_rng ) );
469}
470
471/*
472 * Encrypt message
473 */
475 const unsigned char *input, size_t ilen,
476 unsigned char *output, size_t *olen, size_t osize,
477 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
478{
479 PK_VALIDATE_RET( ctx != NULL );
480 PK_VALIDATE_RET( input != NULL || ilen == 0 );
481 PK_VALIDATE_RET( output != NULL || osize == 0 );
482 PK_VALIDATE_RET( olen != NULL );
483
484 if( ctx->pk_info == NULL )
486
487 if( ctx->pk_info->encrypt_func == NULL )
489
490 return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
491 output, olen, osize, f_rng, p_rng ) );
492}
493
494/*
495 * Check public-private key pair
496 */
498{
499 PK_VALIDATE_RET( pub != NULL );
500 PK_VALIDATE_RET( prv != NULL );
501
502 if( pub->pk_info == NULL ||
503 prv->pk_info == NULL ||
504 prv->pk_info->check_pair_func == NULL )
505 {
507 }
508
509 if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
510 {
511 if( pub->pk_info->type != MBEDTLS_PK_RSA )
513 }
514 else
515 {
516 if( pub->pk_info != prv->pk_info )
518 }
519
520 return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
521}
522
523/*
524 * Get key size in bits
525 */
527{
528 /* For backward compatibility, accept NULL or a context that
529 * isn't set up yet, and return a fake value that should be safe. */
530 if( ctx == NULL || ctx->pk_info == NULL )
531 return( 0 );
532
533 return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
534}
535
536/*
537 * Export debug information
538 */
540{
541 PK_VALIDATE_RET( ctx != NULL );
542 if( ctx->pk_info == NULL )
544
545 if( ctx->pk_info->debug_func == NULL )
547
548 ctx->pk_info->debug_func( ctx->pk_ctx, items );
549 return( 0 );
550}
551
552/*
553 * Access the PK type name
554 */
555const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
556{
557 if( ctx == NULL || ctx->pk_info == NULL )
558 return( "invalid PK" );
559
560 return( ctx->pk_info->name );
561}
562
563/*
564 * Access the PK type
565 */
567{
568 if( ctx == NULL || ctx->pk_info == NULL )
569 return( MBEDTLS_PK_NONE );
570
571 return( ctx->pk_info->type );
572}
573
574#endif /* MBEDTLS_PK_C */
#define NULL
Definition: types.h:112
This file contains ECDSA definitions and functions.
This file provides an API for Elliptic Curves over GF(P) (ECP).
#define MBEDTLS_ERR_ECP_IN_PROGRESS
Definition: ecp.h:87
GLuint GLuint GLsizei GLenum type
Definition: gl.h:1545
GLenum GLenum GLenum input
Definition: glext.h:9031
#define UINT_MAX
Definition: limits.h:41
mbedtls_md_type_t
Supported message digests.
Definition: md.h:83
@ MBEDTLS_MD_NONE
Definition: md.h:84
unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info)
This function extracts the message-digest size from the message-digest information structure.
static TCHAR * items[]
Definition: page1.c:45
Public Key abstraction layer.
int(* mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Types for RSA-alt abstraction.
Definition: pk.h:205
int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items)
Export debug information.
static size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
Get the length in bytes of the underlying key.
Definition: pk.h:313
int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_pk_restart_ctx *rs_ctx)
Restartable version of mbedtls_pk_sign()
int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type)
Tell if a context can do the operation given by type.
mbedtls_pk_type_t
Public key types.
Definition: pk.h:103
@ MBEDTLS_PK_NONE
Definition: pk.h:104
@ MBEDTLS_PK_ECDSA
Definition: pk.h:108
@ MBEDTLS_PK_RSASSA_PSS
Definition: pk.h:110
@ MBEDTLS_PK_RSA_ALT
Definition: pk.h:109
@ MBEDTLS_PK_RSA
Definition: pk.h:105
@ MBEDTLS_PK_ECKEY_DH
Definition: pk.h:107
@ MBEDTLS_PK_ECKEY
Definition: pk.h:106
int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message (including padding if relevant).
static mbedtls_rsa_context * mbedtls_pk_rsa(const mbedtls_pk_context pk)
Definition: pk.h:182
int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature, including padding if relevant.
#define MBEDTLS_ERR_PK_TYPE_MISMATCH
Definition: pk.h:79
int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext.
int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature, with options. (Includes verification of the padding depending on type....
int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv)
Check if a public-private pair of keys matches.
void mbedtls_pk_init(mbedtls_pk_context *ctx)
Initialize a mbedtls_pk_context (as NONE).
const mbedtls_pk_info_t * mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type)
Return information associated with the given PK type.
int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, mbedtls_pk_restart_ctx *rs_ctx)
Restartable version of mbedtls_pk_verify()
#define MBEDTLS_ERR_PK_BAD_INPUT_DATA
Definition: pk.h:80
mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx)
Get the key type.
int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key, mbedtls_pk_rsa_alt_decrypt_func decrypt_func, mbedtls_pk_rsa_alt_sign_func sign_func, mbedtls_pk_rsa_alt_key_len_func key_len_func)
Initialize an RSA-alt context.
#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
Definition: pk.h:91
int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature (including padding if relevant).
size_t(* mbedtls_pk_rsa_alt_key_len_func)(void *ctx)
Definition: pk.h:212
void mbedtls_pk_free(mbedtls_pk_context *ctx)
Free the components of a mbedtls_pk_context.
int(* mbedtls_pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: pk.h:208
#define MBEDTLS_ERR_PK_ALLOC_FAILED
Definition: pk.h:78
int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message (including padding if relevant).
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
Definition: pk.h:90
const char * mbedtls_pk_get_name(const mbedtls_pk_context *ctx)
Access the type name.
Public Key abstraction layer: wrapper functions.
const mbedtls_pk_info_t mbedtls_rsa_alt_info
const mbedtls_pk_info_t mbedtls_rsa_info
const mbedtls_pk_info_t mbedtls_ecdsa_info
const mbedtls_pk_info_t mbedtls_eckeydh_info
const mbedtls_pk_info_t mbedtls_eckey_info
void mbedtls_platform_zeroize(void *buf, size_t len)
Securely zeroize a buffer.
Definition: platform_util.c:98
Common and shared functions used by multiple modules in the Mbed TLS library.
This file provides an API for the RSA public-key cryptosystem.
#define MBEDTLS_RSA_PUBLIC
Definition: rsa.h:94
#define MBEDTLS_ERR_RSA_VERIFY_FAILED
Definition: rsa.h:80
int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
#define mbedtls_md_info_from_type
#define mbedtls_pk_get_bitlen
Configuration options (set of defines)
Definition: _hash_fun.h:40
Definition: copy.c:22
Public key container.
Definition: pk.h:156
const mbedtls_pk_info_t * pk_info
Definition: pk.h:157
void * pk_ctx
Definition: pk.h:158
Item to send to the debug module.
Definition: pk.h:138
mbedtls_pk_type_t type
Definition: pk_internal.h:64
int(* check_pair_func)(const void *pub, const void *prv)
Definition: pk_internal.h:115
Options for RSASSA-PSS signature verification. See mbedtls_rsa_rsassa_pss_verify_ext()
Definition: pk.h:118
mbedtls_md_type_t mgf1_hash_id
Definition: pk.h:119
mbedtls_pk_rsa_alt_key_len_func key_len_func
Definition: pk_internal.h:142
mbedtls_pk_rsa_alt_decrypt_func decrypt_func
Definition: pk_internal.h:140
mbedtls_pk_rsa_alt_sign_func sign_func
Definition: pk_internal.h:141
int ret