47#if !defined(MBEDTLS_CONFIG_FILE)
50#include MBEDTLS_CONFIG_FILE
53#if defined(MBEDTLS_PK_PARSE_C)
62#if defined(MBEDTLS_RSA_C)
65#if defined(MBEDTLS_ECP_C)
68#if defined(MBEDTLS_ECDSA_C)
71#if defined(MBEDTLS_PEM_PARSE_C)
74#if defined(MBEDTLS_PKCS5_C)
77#if defined(MBEDTLS_PKCS12_C)
81#if defined(MBEDTLS_PLATFORM_C)
85#define mbedtls_calloc calloc
86#define mbedtls_free free
90#define PK_VALIDATE_RET( cond ) \
91 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
92#define PK_VALIDATE( cond ) \
93 MBEDTLS_INTERNAL_VALIDATE( cond )
95#if defined(MBEDTLS_FS_IO)
103int mbedtls_pk_load_file(
const char *
path,
unsigned char **
buf,
size_t *
n )
109 PK_VALIDATE_RET(
buf !=
NULL );
110 PK_VALIDATE_RET(
n !=
NULL );
156 const char *
path,
const char *
pwd )
162 PK_VALIDATE_RET(
ctx !=
NULL );
165 if( (
ret = mbedtls_pk_load_file(
path, &
buf, &
n ) ) != 0 )
189 PK_VALIDATE_RET(
ctx !=
NULL );
192 if( (
ret = mbedtls_pk_load_file(
path, &
buf, &
n ) ) != 0 )
204#if defined(MBEDTLS_ECP_C)
213static int pk_get_ecparams(
unsigned char **
p,
const unsigned char *
end,
249#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
274 const unsigned char *end_field, *end_curve;
282 if( ver < 1 || ver > 3 )
376 (
const unsigned char *)
p,
len ) ) != 0 )
383 (
p[0] != 0x02 &&
p[0] != 0x03 ) ||
466 if( (
ret = pk_group_from_specified(
params, &grp ) ) != 0 )
469 ret = pk_group_id_from_group( &grp, grp_id );
498#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
499 if( (
ret = pk_group_id_from_specified(
params, &grp_id ) ) != 0 )
525static int pk_get_ecpubkey(
unsigned char **
p,
const unsigned char *
end,
531 (
const unsigned char *) *
p,
end - *
p ) ) == 0 )
539 *
p = (
unsigned char *)
end;
545#if defined(MBEDTLS_RSA_C)
552static int pk_get_rsapubkey(
unsigned char **
p,
553 const unsigned char *
end,
607static int pk_get_pk_alg(
unsigned char **
p,
608 const unsigned char *
end,
649 PK_VALIDATE_RET(
p !=
NULL );
650 PK_VALIDATE_RET( *
p !=
NULL );
651 PK_VALIDATE_RET(
end !=
NULL );
652 PK_VALIDATE_RET( pk !=
NULL );
662 if( (
ret = pk_get_pk_alg(
p,
end, &pk_alg, &alg_params ) ) != 0 )
678#if defined(MBEDTLS_RSA_C)
684#if defined(MBEDTLS_ECP_C)
704#if defined(MBEDTLS_RSA_C)
715static int asn1_get_nonzero_mpi(
unsigned char **
p,
716 const unsigned char *
end,
735 const unsigned char *
key,
740 unsigned char *
p, *
end;
745 p = (
unsigned char *)
key;
783 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
789 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
795 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
801 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
807 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
812#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT)
825 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
830 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
835 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
841 if( (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
842 (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 ||
843 (
ret = asn1_get_nonzero_mpi( &
p,
end, &
T ) ) != 0 )
875 if( (
ret & 0xff80 ) == 0 )
887#if defined(MBEDTLS_ECP_C)
892 const unsigned char *
key,
899 unsigned char *
p = (
unsigned char *)
key;
900 unsigned char *
end =
p + keylen;
975 if(
p +
len != end2 )
979 if( (
ret = pk_get_ecpubkey( &
p, end2, eck ) ) == 0 )
1029static int pk_parse_key_pkcs8_unencrypted_der(
1031 const unsigned char*
key,
1037 unsigned char *
p = (
unsigned char *)
key;
1038 unsigned char *
end =
p + keylen;
1072 if( (
ret = pk_get_pk_alg( &
p,
end, &pk_alg, &
params ) ) != 0 )
1088#if defined(MBEDTLS_RSA_C)
1098#if defined(MBEDTLS_ECP_C)
1123#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
1124static int pk_parse_key_pkcs8_encrypted_der(
1126 unsigned char *
key,
size_t keylen,
1127 const unsigned char *
pwd,
size_t pwdlen )
1129 int ret, decrypted = 0;
1132 unsigned char *
p, *
end;
1134#if defined(MBEDTLS_PKCS12_C)
1179#if defined(MBEDTLS_PKCS12_C)
1214#if defined(MBEDTLS_PKCS5_C)
1234 if( decrypted == 0 )
1237 return( pk_parse_key_pkcs8_unencrypted_der( pk,
buf,
len ) );
1245 const unsigned char *
key,
size_t keylen,
1246 const unsigned char *
pwd,
size_t pwdlen )
1250#if defined(MBEDTLS_PEM_PARSE_C)
1252 mbedtls_pem_context pem;
1255 PK_VALIDATE_RET( pk !=
NULL );
1258 PK_VALIDATE_RET(
key !=
NULL );
1260#if defined(MBEDTLS_PEM_PARSE_C)
1261 mbedtls_pem_init( &pem );
1263#if defined(MBEDTLS_RSA_C)
1265 if(
key[keylen - 1] !=
'\0' )
1268 ret = mbedtls_pem_read_buffer( &pem,
1269 "-----BEGIN RSA PRIVATE KEY-----",
1270 "-----END RSA PRIVATE KEY-----",
1278 pem.buf, pem.buflen ) ) != 0 )
1283 mbedtls_pem_free( &pem );
1294#if defined(MBEDTLS_ECP_C)
1296 if(
key[keylen - 1] !=
'\0' )
1299 ret = mbedtls_pem_read_buffer( &pem,
1300 "-----BEGIN EC PRIVATE KEY-----",
1301 "-----END EC PRIVATE KEY-----",
1309 pem.buf, pem.buflen ) ) != 0 )
1314 mbedtls_pem_free( &pem );
1326 if(
key[keylen - 1] !=
'\0' )
1329 ret = mbedtls_pem_read_buffer( &pem,
1330 "-----BEGIN PRIVATE KEY-----",
1331 "-----END PRIVATE KEY-----",
1335 if( (
ret = pk_parse_key_pkcs8_unencrypted_der( pk,
1336 pem.buf, pem.buflen ) ) != 0 )
1341 mbedtls_pem_free( &pem );
1347#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
1349 if(
key[keylen - 1] !=
'\0' )
1352 ret = mbedtls_pem_read_buffer( &pem,
1353 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
1354 "-----END ENCRYPTED PRIVATE KEY-----",
1358 if( (
ret = pk_parse_key_pkcs8_encrypted_der( pk,
1359 pem.buf, pem.buflen,
1360 pwd, pwdlen ) ) != 0 )
1365 mbedtls_pem_free( &pem );
1383#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
1385 unsigned char *key_copy;
1392 ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen,
1411 if( (
ret = pk_parse_key_pkcs8_unencrypted_der( pk,
key, keylen ) ) == 0 )
1417#if defined(MBEDTLS_RSA_C)
1430#if defined(MBEDTLS_ECP_C)
1434 key, keylen ) == 0 )
1458 const unsigned char *
key,
size_t keylen )
1462#if defined(MBEDTLS_RSA_C)
1465#if defined(MBEDTLS_PEM_PARSE_C)
1467 mbedtls_pem_context pem;
1470 PK_VALIDATE_RET(
ctx !=
NULL );
1473 PK_VALIDATE_RET(
key !=
NULL || keylen == 0 );
1475#if defined(MBEDTLS_PEM_PARSE_C)
1476 mbedtls_pem_init( &pem );
1477#if defined(MBEDTLS_RSA_C)
1479 if(
key[keylen - 1] !=
'\0' )
1482 ret = mbedtls_pem_read_buffer( &pem,
1483 "-----BEGIN RSA PUBLIC KEY-----",
1484 "-----END RSA PUBLIC KEY-----",
1499 mbedtls_pem_free( &pem );
1504 mbedtls_pem_free( &pem );
1510 if(
key[keylen - 1] !=
'\0' )
1513 ret = mbedtls_pem_read_buffer( &pem,
1514 "-----BEGIN PUBLIC KEY-----",
1515 "-----END PUBLIC KEY-----",
1526 mbedtls_pem_free( &pem );
1531 mbedtls_pem_free( &pem );
1534 mbedtls_pem_free( &pem );
1537#if defined(MBEDTLS_RSA_C)
1544 p = (
unsigned char *)
key;
1556 p = (
unsigned char *)
key;
char * strstr(char *String1, char *String2)
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
ACPI_SIZE strlen(const char *String)
void pwd(int argc, const char *argv[])
int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y)
Make a copy of an MPI.
size_t mbedtls_mpi_size(const mbedtls_mpi *X)
Return the total size of an MPI value in bytes.
int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z)
Store integer value in MPI.
size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X)
Return the number of bits up to and including the most significant bit of value 1.
int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buflen)
Import an MPI from unsigned big endian binary data.
int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y)
Compare two MPIs.
void mbedtls_mpi_init(mbedtls_mpi *X)
Initialize an MPI context.
#define MBEDTLS_MPI_CHK(f)
int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos)
Get a specific bit from an MPI.
void mbedtls_mpi_free(mbedtls_mpi *X)
This function frees the components of an MPI context.
int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z)
Compare an MPI with an integer.
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
static const WCHAR version[]
static void cleanup(void)
This file contains ECDSA definitions and functions.
GLenum const GLfloat * params
GLenum GLuint GLenum GLsizei const GLchar * buf
#define MBEDTLS_ASN1_OCTET_STRING
#define MBEDTLS_OID_CMP(oid_str, oid_buf)
int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end, size_t *len)
Retrieve a bitstring ASN.1 tag without unused bits and its value. Updates the pointer to the beginnin...
#define MBEDTLS_ERR_ASN1_OUT_OF_DATA
int mbedtls_asn1_get_mpi(unsigned char **p, const unsigned char *end, mbedtls_mpi *X)
Retrieve a MPI value from an integer ASN.1 tag. Updates the pointer to immediately behind the full ta...
#define MBEDTLS_ASN1_SEQUENCE
#define MBEDTLS_ASN1_INTEGER
int mbedtls_asn1_get_int(unsigned char **p, const unsigned char *end, int *val)
Retrieve an integer ASN.1 tag and its value. Updates the pointer to immediately behind the full tag.
#define MBEDTLS_ASN1_CONTEXT_SPECIFIC
#define MBEDTLS_ASN1_CONSTRUCTED
#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
#define MBEDTLS_OID_SIZE(x)
#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
int mbedtls_asn1_get_alg(unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params)
Retrieve an AlgorithmIdentifier ASN.1 sequence. Updates the pointer to immediately behind the full Al...
#define MBEDTLS_ASN1_NULL
int mbedtls_asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)
Get the tag and length of the tag. Check for the requested tag. Updates the pointer to immediately be...
#define MBEDTLS_ASN1_BIT_STRING
_Check_return_opt_ _CRTIMP size_t __cdecl fread(_Out_writes_bytes_(_ElementSize *_Count) void *_DstBuf, _In_ size_t _ElementSize, _In_ size_t _Count, _Inout_ FILE *_File)
_Check_return_ _CRTIMP FILE *__cdecl fopen(_In_z_ const char *_Filename, _In_z_ const char *_Mode)
_Check_return_opt_ _CRTIMP int __cdecl fseek(_Inout_ FILE *_File, _In_ long _Offset, _In_ int _Origin)
_Check_return_opt_ _CRTIMP int __cdecl fclose(_Inout_ FILE *_File)
_Check_return_ _CRTIMP long __cdecl ftell(_Inout_ FILE *_File)
mbedtls_md_type_t
Supported message digests.
#define memcpy(s1, s2, n)
Object Identifier (OID) database.
#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128
int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg)
Translate PublicKeyAlgorithm OID into pk_type.
int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id)
Translate NamedCurve OID into an EC group identifier.
#define MBEDTLS_OID_PKCS5_PBES2
#define MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD
int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, mbedtls_cipher_type_t *cipher_alg)
Translate PKCS#12 PBE algorithm OID into md_type and cipher_type.
Privacy Enhanced Mail (PEM) decoding.
#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT
#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED
#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH
Public Key abstraction layer.
int mbedtls_pk_parse_key(mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen)
Parse a private key in PEM or DER format.
#define MBEDTLS_ERR_PK_INVALID_PUBKEY
#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH
int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, mbedtls_pk_context *pk)
Parse a SubjectPublicKeyInfo DER structure.
#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
#define MBEDTLS_ERR_PK_FILE_IO_ERROR
mbedtls_pk_type_t
Public key types.
static mbedtls_rsa_context * mbedtls_pk_rsa(const mbedtls_pk_context pk)
#define MBEDTLS_ERR_PK_INVALID_ALG
static mbedtls_ecp_keypair * mbedtls_pk_ec(const mbedtls_pk_context pk)
int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext.
#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE
#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG
void mbedtls_pk_init(mbedtls_pk_context *ctx)
Initialize a mbedtls_pk_context (as NONE).
#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION
#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED
const mbedtls_pk_info_t * mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type)
Return information associated with the given PK type.
void mbedtls_pk_free(mbedtls_pk_context *ctx)
Free the components of a mbedtls_pk_context.
#define MBEDTLS_ERR_PK_ALLOC_FAILED
int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen)
Parse a public key in PEM or DER format.
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
PKCS#12 Personal Information Exchange Syntax.
#define MBEDTLS_PKCS12_PBE_DECRYPT
#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH
int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, const unsigned char *input, size_t len, unsigned char *output)
PKCS12 Password Based function (encryption / decryption) for cipher-based and mbedtls_md-based PBE's.
int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *input, size_t len, unsigned char *output)
PKCS12 Password Based function (encryption / decryption) for pbeWithSHAAnd128BitRC4.
#define MBEDTLS_PKCS5_DECRYPT
int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t datalen, unsigned char *output)
PKCS#5 PBES2 function.
#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH
This file provides an API for the RSA public-key cryptosystem.
int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
This function completes an RSA context from a set of imported core parameters.
int mbedtls_rsa_import(mbedtls_rsa_context *ctx, const mbedtls_mpi *N, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E)
This function imports a set of core parameters into an RSA context.
int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, unsigned char const *N, size_t N_len, unsigned char const *P, size_t P_len, unsigned char const *Q, size_t Q_len, unsigned char const *D, size_t D_len, unsigned char const *E, size_t E_len)
This function imports core RSA parameters, in raw big-endian binary format, into an RSA context.
void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
This function frees the components of an RSA key.
int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains at least an RSA public key.
Configuration options (set of defines)
#define MBEDTLS_PK_PARSE_EC_EXTENDED
This file provides an API for Elliptic Curves over GF(P) (ECP).
void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key)
This function frees the components of a key pair.
int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, const unsigned char *buf, size_t ilen)
This function imports a point from unsigned binary data.
int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function performs a scalar multiplication of a point by an integer: R = m * P.
const mbedtls_ecp_group_id * mbedtls_ecp_grp_id_list(void)
This function retrieves the list of internal group identifiers of all supported curves in the order o...
void mbedtls_ecp_group_init(mbedtls_ecp_group *grp)
This function initializes an ECP group context without loading any domain parameters.
int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, const mbedtls_mpi *d)
This function checks that an mbedtls_mpi is a valid private key for this curve.
int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id)
This function sets up an ECP group context from a standardized set of domain parameters.
void mbedtls_ecp_group_free(mbedtls_ecp_group *grp)
This function frees the components of an ECP group.
#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt)
This function checks that a point is a valid public key on this curve.
The ECP key-pair structure.
The RSA context structure.