| /** |
| * \file pk_wrap.h |
| * |
| * \brief Public Key abstraction layer: wrapper functions |
| */ |
| /* |
| * Copyright The Mbed TLS Contributors |
| * SPDX-License-Identifier: Apache-2.0 |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| * not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #ifndef MBEDTLS_PK_WRAP_H |
| #define MBEDTLS_PK_WRAP_H |
| |
| #include "mbedtls/build_info.h" |
| |
| #include "mbedtls/pk.h" |
| |
| #if defined(MBEDTLS_PSA_CRYPTO_C) |
| #include "psa/crypto.h" |
| #endif /* MBEDTLS_PSA_CRYPTO_C */ |
| |
| struct mbedtls_pk_info_t { |
| /** Public key type */ |
| mbedtls_pk_type_t type; |
| |
| /** Type name */ |
| const char *name; |
| |
| /** Get key size in bits */ |
| size_t (*get_bitlen)(const void *); |
| |
| /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ |
| int (*can_do)(mbedtls_pk_type_t type); |
| |
| /** Verify signature */ |
| int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg, |
| const unsigned char *hash, size_t hash_len, |
| const unsigned char *sig, size_t sig_len); |
| |
| /** Make signature */ |
| int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg, |
| const unsigned char *hash, size_t hash_len, |
| unsigned char *sig, size_t sig_size, size_t *sig_len, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng); |
| |
| #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
| /** Verify signature (restartable) */ |
| int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg, |
| const unsigned char *hash, size_t hash_len, |
| const unsigned char *sig, size_t sig_len, |
| void *rs_ctx); |
| |
| /** Make signature (restartable) */ |
| int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg, |
| const unsigned char *hash, size_t hash_len, |
| unsigned char *sig, size_t sig_size, size_t *sig_len, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng, void *rs_ctx); |
| #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ |
| |
| /** Decrypt message */ |
| int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, |
| unsigned char *output, size_t *olen, size_t osize, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng); |
| |
| /** Encrypt message */ |
| int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, |
| unsigned char *output, size_t *olen, size_t osize, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng); |
| |
| /** Check public-private key pair */ |
| int (*check_pair_func)(const void *pub, const void *prv, |
| int (*f_rng)(void *, unsigned char *, size_t), |
| void *p_rng); |
| |
| /** Allocate a new context */ |
| void * (*ctx_alloc_func)(void); |
| |
| /** Free the given context */ |
| void (*ctx_free_func)(void *ctx); |
| |
| #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
| /** Allocate the restart context */ |
| void *(*rs_alloc_func)(void); |
| |
| /** Free the restart context */ |
| void (*rs_free_func)(void *rs_ctx); |
| #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ |
| |
| /** Interface with the debug module */ |
| void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items); |
| |
| }; |
| #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) |
| /* Container for RSA-alt */ |
| typedef struct { |
| void *key; |
| mbedtls_pk_rsa_alt_decrypt_func decrypt_func; |
| mbedtls_pk_rsa_alt_sign_func sign_func; |
| mbedtls_pk_rsa_alt_key_len_func key_len_func; |
| } mbedtls_rsa_alt_context; |
| #endif |
| |
| #if defined(MBEDTLS_RSA_C) |
| extern const mbedtls_pk_info_t mbedtls_rsa_info; |
| #endif |
| |
| #if defined(MBEDTLS_ECP_C) |
| extern const mbedtls_pk_info_t mbedtls_eckey_info; |
| extern const mbedtls_pk_info_t mbedtls_eckeydh_info; |
| #endif |
| |
| #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) |
| extern const mbedtls_pk_info_t mbedtls_ecdsa_info; |
| #endif |
| |
| #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) |
| extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; |
| #endif |
| |
| #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| extern const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info; |
| extern const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info; |
| |
| #if !defined(MBEDTLS_DEPRECATED_REMOVED) |
| #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) |
| int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); |
| #endif |
| #endif |
| |
| #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| |
| #if defined(MBEDTLS_PSA_CRYPTO_C) |
| #if !defined(MBEDTLS_DEPRECATED_REMOVED) |
| int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status); |
| |
| #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ |
| defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) |
| int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status); |
| #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ |
| #endif /* !MBEDTLS_DEPRECATED_REMOVED */ |
| |
| #if defined(MBEDTLS_RSA_C) |
| int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, |
| mbedtls_rsa_context *rsa_ctx, |
| const unsigned char *hash, size_t hash_len, |
| unsigned char *sig, size_t sig_size, |
| size_t *sig_len); |
| #endif /* MBEDTLS_RSA_C */ |
| |
| #endif /* MBEDTLS_PSA_CRYPTO_C */ |
| |
| #endif /* MBEDTLS_PK_WRAP_H */ |
