lib64polarssl-devel/apidoc/pk_8h_source.html

#ifndef POLARSSL_PK_H

#define POLARSSL_PK_H


#if !defined(POLARSSL_CONFIG_FILE)

#include "config.h"

#else

#include POLARSSL_CONFIG_FILE

#endif


#include "md.h"


#if defined(POLARSSL_RSA_C)

#include "rsa.h"

#endif


#if defined(POLARSSL_ECP_C)

#include "ecp.h"

#endif


#if defined(POLARSSL_ECDSA_C)

#include "ecdsa.h"

#endif


#define POLARSSL_ERR_PK_MALLOC_FAILED       -0x2F80

#define POLARSSL_ERR_PK_TYPE_MISMATCH       -0x2F00

#define POLARSSL_ERR_PK_BAD_INPUT_DATA      -0x2E80

#define POLARSSL_ERR_PK_FILE_IO_ERROR       -0x2E00

#define POLARSSL_ERR_PK_KEY_INVALID_VERSION -0x2D80

#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT  -0x2D00

#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG      -0x2C80

#define POLARSSL_ERR_PK_PASSWORD_REQUIRED   -0x2C00

#define POLARSSL_ERR_PK_PASSWORD_MISMATCH   -0x2B80

#define POLARSSL_ERR_PK_INVALID_PUBKEY      -0x2B00

#define POLARSSL_ERR_PK_INVALID_ALG         -0x2A80

#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00

#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980

#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH    -0x2000

#if defined(POLARSSL_RSA_C)

#define pk_rsa( pk )        ( (rsa_context *) (pk).pk_ctx )

#endif /* POLARSSL_RSA_C */


#if defined(POLARSSL_ECP_C)

#define pk_ec( pk )         ( (ecp_keypair *) (pk).pk_ctx )

#endif /* POLARSSL_ECP_C */


#ifdef __cplusplus

extern "C" {

#endif


typedef enum {

    POLARSSL_PK_NONE=0,

    POLARSSL_PK_RSA,

    POLARSSL_PK_ECKEY,

    POLARSSL_PK_ECKEY_DH,

    POLARSSL_PK_ECDSA,

    POLARSSL_PK_RSA_ALT,

    POLARSSL_PK_RSASSA_PSS,

} pk_type_t;


typedef struct

{

    md_type_t mgf1_hash_id;

    int expected_salt_len;


} pk_rsassa_pss_options;


typedef enum

{

    POLARSSL_PK_DEBUG_NONE = 0,

    POLARSSL_PK_DEBUG_MPI,

    POLARSSL_PK_DEBUG_ECP,

} pk_debug_type;


typedef struct

{

    pk_debug_type type;

    const char *name;

    void *value;

} pk_debug_item;


#define POLARSSL_PK_DEBUG_MAX_ITEMS 3


typedef struct

{

    pk_type_t type;


    const char *name;


    size_t (*get_size)( const void * );


    int (*can_do)( pk_type_t type );


    int (*verify_func)( void *ctx, md_type_t md_alg,

                        const unsigned char *hash, size_t hash_len,

                        const unsigned char *sig, size_t sig_len );


    int (*sign_func)( void *ctx, md_type_t md_alg,

                      const unsigned char *hash, size_t hash_len,

                      unsigned char *sig, size_t *sig_len,

                      int (*f_rng)(void *, unsigned char *, size_t),

                      void *p_rng );


    int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,

                         unsigned char *output, size_t *olen, size_t osize,

                         int (*f_rng)(void *, unsigned char *, size_t),

                         void *p_rng );


    int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen,

                         unsigned char *output, size_t *olen, size_t osize,

                         int (*f_rng)(void *, unsigned char *, size_t),

                         void *p_rng );


    void * (*ctx_alloc_func)( void );


    void (*ctx_free_func)( void *ctx );


    void (*debug_func)( const void *ctx, pk_debug_item *items );


} pk_info_t;


typedef struct

{

    const pk_info_t *   pk_info;

    void *              pk_ctx;

} pk_context;


typedef int (*pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,

                    const unsigned char *input, unsigned char *output,

                    size_t output_max_len );

typedef int (*pk_rsa_alt_sign_func)( void *ctx,

                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,

                    int mode, md_type_t md_alg, unsigned int hashlen,

                    const unsigned char *hash, unsigned char *sig );

typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );


const pk_info_t *pk_info_from_type( pk_type_t pk_type );


void pk_init( pk_context *ctx );


void pk_free( pk_context *ctx );


int pk_init_ctx( pk_context *ctx, const pk_info_t *info );


int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,

                         pk_rsa_alt_decrypt_func decrypt_func,

                         pk_rsa_alt_sign_func sign_func,

                         pk_rsa_alt_key_len_func key_len_func );


size_t pk_get_size( const pk_context *ctx );


static inline size_t pk_get_len( const pk_context *ctx )

{

    return( ( pk_get_size( ctx ) + 7 ) / 8 );

}


int pk_can_do( pk_context *ctx, pk_type_t type );


int pk_verify( pk_context *ctx, md_type_t md_alg,

               const unsigned char *hash, size_t hash_len,

               const unsigned char *sig, size_t sig_len );


int pk_verify_ext( pk_type_t type, const void *options,

                   pk_context *ctx, md_type_t md_alg,

                   const unsigned char *hash, size_t hash_len,

                   const unsigned char *sig, size_t sig_len );


int pk_sign( pk_context *ctx, md_type_t md_alg,

             const unsigned char *hash, size_t hash_len,

             unsigned char *sig, size_t *sig_len,

             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );


int pk_decrypt( pk_context *ctx,

                const unsigned char *input, size_t ilen,

                unsigned char *output, size_t *olen, size_t osize,

                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );


int pk_encrypt( pk_context *ctx,

                const unsigned char *input, size_t ilen,

                unsigned char *output, size_t *olen, size_t osize,

                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );


int pk_debug( const pk_context *ctx, pk_debug_item *items );


const char * pk_get_name( const pk_context *ctx );


pk_type_t pk_get_type( const pk_context *ctx );


#if defined(POLARSSL_PK_PARSE_C)

int pk_parse_key( pk_context *ctx,

                  const unsigned char *key, size_t keylen,

                  const unsigned char *pwd, size_t pwdlen );


int pk_parse_public_key( pk_context *ctx,

                         const unsigned char *key, size_t keylen );


#if defined(POLARSSL_FS_IO)

int pk_parse_keyfile( pk_context *ctx,

                      const char *path, const char *password );


int pk_parse_public_keyfile( pk_context *ctx, const char *path );

#endif /* POLARSSL_FS_IO */

#endif /* POLARSSL_PK_PARSE_C */


#if defined(POLARSSL_PK_WRITE_C)

int pk_write_key_der( pk_context *ctx, unsigned char *buf, size_t size );


int pk_write_pubkey_der( pk_context *ctx, unsigned char *buf, size_t size );


#if defined(POLARSSL_PEM_WRITE_C)

int pk_write_pubkey_pem( pk_context *ctx, unsigned char *buf, size_t size );


int pk_write_key_pem( pk_context *ctx, unsigned char *buf, size_t size );

#endif /* POLARSSL_PEM_WRITE_C */

#endif /* POLARSSL_PK_WRITE_C */


/*

 * WARNING: Low-level functions. You probably do not want to use these unless

 *          you are certain you do ;)

 */


#if defined(POLARSSL_PK_PARSE_C)

int pk_parse_subpubkey( unsigned char **p, const unsigned char *end,

                        pk_context *pk );

#endif /* POLARSSL_PK_PARSE_C */


#if defined(POLARSSL_PK_WRITE_C)

int pk_write_pubkey( unsigned char **p, unsigned char *start,

                     const pk_context *key );

#endif /* POLARSSL_PK_WRITE_C */


#ifdef __cplusplus

}

#endif


#endif /* POLARSSL_PK_H */

config.h
Configuration options (set of defines)

ecdsa.h
Elliptic curve DSA.

ecp.h
Elliptic curves over GF(p)

md.h
Generic message digest wrapper.

md_type_t
md_type_t
Definition md.h:51

pk_get_name
const char * pk_get_name(const pk_context *ctx)
Access the type name.

pk_info_from_type
const pk_info_t * pk_info_from_type(pk_type_t pk_type)
Return information associated with the given PK type.

pk_rsa_alt_sign_func
int(* pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition pk.h:206

pk_init_ctx_rsa_alt
int pk_init_ctx_rsa_alt(pk_context *ctx, void *key, pk_rsa_alt_decrypt_func decrypt_func, pk_rsa_alt_sign_func sign_func, pk_rsa_alt_key_len_func key_len_func)
Initialize an RSA-alt context.

pk_write_pubkey_der
int pk_write_pubkey_der(pk_context *ctx, unsigned char *buf, size_t size)
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the bu...

pk_encrypt
int pk_encrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message (including padding if relevant).

pk_init_ctx
int pk_init_ctx(pk_context *ctx, const pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext.

pk_parse_key
int pk_parse_key(pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen)
Parse a private key.

pk_decrypt
int pk_decrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message (including padding if relevant).

pk_verify_ext
int pk_verify_ext(pk_type_t type, const void *options, pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature, with options.

pk_parse_keyfile
int pk_parse_keyfile(pk_context *ctx, const char *path, const char *password)
Load and parse a private key.

pk_write_pubkey_pem
int pk_write_pubkey_pem(pk_context *ctx, unsigned char *buf, size_t size)
Write a public key to a PEM string.

pk_parse_public_key
int pk_parse_public_key(pk_context *ctx, const unsigned char *key, size_t keylen)
Parse a public key.

pk_write_key_pem
int pk_write_key_pem(pk_context *ctx, unsigned char *buf, size_t size)
Write a private key to a PKCS#1 or SEC1 PEM string.

pk_free
void pk_free(pk_context *ctx)
Free a pk_context.

pk_sign
int pk_sign(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature, including padding if relevant.

pk_get_len
static size_t pk_get_len(const pk_context *ctx)
Get the length in bytes of the underlying key.
Definition pk.h:281

pk_parse_subpubkey
int pk_parse_subpubkey(unsigned char **p, const unsigned char *end, pk_context *pk)
Parse a SubjectPublicKeyInfo DER structure.

pk_write_key_der
int pk_write_key_der(pk_context *ctx, unsigned char *buf, size_t size)
Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer!...

pk_verify
int pk_verify(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature (including padding if relevant).

pk_debug_type
pk_debug_type
Types for interfacing with the debug module.
Definition pk.h:120

POLARSSL_PK_DEBUG_NONE
@ POLARSSL_PK_DEBUG_NONE
Definition pk.h:121

POLARSSL_PK_DEBUG_MPI
@ POLARSSL_PK_DEBUG_MPI
Definition pk.h:122

POLARSSL_PK_DEBUG_ECP
@ POLARSSL_PK_DEBUG_ECP
Definition pk.h:123

pk_parse_public_keyfile
int pk_parse_public_keyfile(pk_context *ctx, const char *path)
Load and parse a public key.

pk_get_size
size_t pk_get_size(const pk_context *ctx)
Get the size in bits of the underlying key.

pk_debug
int pk_debug(const pk_context *ctx, pk_debug_item *items)
Export debug information.

pk_get_type
pk_type_t pk_get_type(const pk_context *ctx)
Get the key type.

pk_rsa_alt_decrypt_func
int(* pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Types for RSA-alt abstraction.
Definition pk.h:203

pk_init
void pk_init(pk_context *ctx)
Initialize a pk_context (as NONE)

pk_write_pubkey
int pk_write_pubkey(unsigned char **p, unsigned char *start, const pk_context *key)
Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer.

pk_rsa_alt_key_len_func
size_t(* pk_rsa_alt_key_len_func)(void *ctx)
Definition pk.h:210

pk_type_t
pk_type_t
Public key types.
Definition pk.h:95

POLARSSL_PK_ECDSA
@ POLARSSL_PK_ECDSA
Definition pk.h:100

POLARSSL_PK_ECKEY
@ POLARSSL_PK_ECKEY
Definition pk.h:98

POLARSSL_PK_ECKEY_DH
@ POLARSSL_PK_ECKEY_DH
Definition pk.h:99

POLARSSL_PK_RSASSA_PSS
@ POLARSSL_PK_RSASSA_PSS
Definition pk.h:102

POLARSSL_PK_RSA_ALT
@ POLARSSL_PK_RSA_ALT
Definition pk.h:101

POLARSSL_PK_RSA
@ POLARSSL_PK_RSA
Definition pk.h:97

POLARSSL_PK_NONE
@ POLARSSL_PK_NONE
Definition pk.h:96

pk_can_do
int pk_can_do(pk_context *ctx, pk_type_t type)
Tell if a context can do the operation given by type.

rsa.h
The RSA public-key cryptosystem.

pk_context
Public key container.
Definition pk.h:195

pk_context::pk_info
const pk_info_t * pk_info
Public key informations
Definition pk.h:196

pk_context::pk_ctx
void * pk_ctx
Underlying public key context
Definition pk.h:197

pk_debug_item
Item to send to the debug module.
Definition pk.h:130

pk_debug_item::type
pk_debug_type type
Definition pk.h:131

pk_debug_item::value
void * value
Definition pk.h:133

pk_debug_item::name
const char * name
Definition pk.h:132

pk_info_t
Public key information and operations.
Definition pk.h:143

pk_info_t::type
pk_type_t type
Public key type.
Definition pk.h:145

pk_info_t::name
const char * name
Type name.
Definition pk.h:148

pk_rsassa_pss_options
Options for RSASSA-PSS signature verification.
Definition pk.h:110

pk_rsassa_pss_options::mgf1_hash_id
md_type_t mgf1_hash_id
Definition pk.h:111

pk_rsassa_pss_options::expected_salt_len
int expected_salt_len
Definition pk.h:112