#include "mbedtls/config.h"
#include "mbedtls/pk.h"
#include "mbedtls/pk_internal.h"
#include "mbedtls/bignum.h"
#include "mbedtls/rsa.h"
#include "mbedtls/ecp.h"
#include "mbedtls/ecdsa.h"
#include <limits.h>
#include "arc4_alt.h"

Include dependency graph for pk.c:

Functions
void	mbedtls_pk_init (mbedtls_pk_context *ctx)
	Initialize a mbedtls_pk_context (as NONE) More...

void	mbedtls_pk_free (mbedtls_pk_context *ctx)
	Free a mbedtls_pk_context. More...

const mbedtls_pk_info_t *	mbedtls_pk_info_from_type (mbedtls_pk_type_t pk_type)
	Return information associated with the given PK type. More...

int	mbedtls_pk_setup (mbedtls_pk_context ctx, const mbedtls_pk_info_t info)
	Initialize a PK context with the information given and allocates the type-specific PK subcontext. More...

int	mbedtls_pk_setup_rsa_alt (mbedtls_pk_context ctx, void key, mbedtls_pk_rsa_alt_decrypt_func decrypt_func, mbedtls_pk_rsa_alt_sign_func sign_func, mbedtls_pk_rsa_alt_key_len_func key_len_func)
	Initialize an RSA-alt context. More...

int	mbedtls_pk_can_do (const mbedtls_pk_context *ctx, mbedtls_pk_type_t type)
	Tell if a context can do the operation given by type. More...

static int	pk_hashlen_helper (mbedtls_md_type_t md_alg, size_t *hash_len)

int	mbedtls_pk_verify (mbedtls_pk_context ctx, mbedtls_md_type_t md_alg, const unsigned char hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
	Verify signature (including padding if relevant). More...

int	mbedtls_pk_verify_ext (mbedtls_pk_type_t type, const void options, mbedtls_pk_context ctx, mbedtls_md_type_t md_alg, const unsigned char hash, size_t hash_len, const unsigned char sig, size_t sig_len)
	Verify signature, with options. (Includes verification of the padding depending on type.) More...

int	mbedtls_pk_sign (mbedtls_pk_context ctx, mbedtls_md_type_t md_alg, const unsigned char hash, size_t hash_len, unsigned char sig, size_t sig_len, int(f_rng)(void , unsigned char , size_t), void p_rng)
	Make signature, including padding if relevant. More...

int	mbedtls_pk_decrypt (mbedtls_pk_context ctx, const unsigned char input, size_t ilen, unsigned char output, size_t olen, size_t osize, int(f_rng)(void , unsigned char , size_t), void p_rng)
	Decrypt message (including padding if relevant). More...

int	mbedtls_pk_encrypt (mbedtls_pk_context ctx, const unsigned char input, size_t ilen, unsigned char output, size_t olen, size_t osize, int(f_rng)(void , unsigned char , size_t), void p_rng)
	Encrypt message (including padding if relevant). More...

int	mbedtls_pk_check_pair (const mbedtls_pk_context pub, const mbedtls_pk_context prv)
	Check if a public-private pair of keys matches. More...

size_t	mbedtls_pk_get_bitlen (const mbedtls_pk_context *ctx)
	Get the size in bits of the underlying key. More...

int	mbedtls_pk_debug (const mbedtls_pk_context ctx, mbedtls_pk_debug_item items)
	Export debug information. More...

const char *	mbedtls_pk_get_name (const mbedtls_pk_context *ctx)
	Access the type name. More...

mbedtls_pk_type_t	mbedtls_pk_get_type (const mbedtls_pk_context *ctx)
	Get the key type. More...

Function Documentation

◆ mbedtls_pk_can_do()

int mbedtls_pk_can_do	(	const mbedtls_pk_context *	ctx,
		mbedtls_pk_type_t	type
	)

Tell if a context can do the operation given by type.

Parameters

ctx	Context to test
type	Target type

Returns: 0 if context can't do the operations, 1 otherwise.

Here is the caller graph for this function:

◆ mbedtls_pk_check_pair()

int mbedtls_pk_check_pair	(	const mbedtls_pk_context *	pub,
		const mbedtls_pk_context *	prv
	)

Check if a public-private pair of keys matches.

Parameters

pub	Context holding a public key.
prv	Context holding a private (and public) key.

Returns: 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA

◆ mbedtls_pk_debug()

int mbedtls_pk_debug	(	const mbedtls_pk_context *	ctx,
		mbedtls_pk_debug_item *	items
	)

Export debug information.

Parameters

ctx	Context to use
items	Place to write debug items

Returns: 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA

Here is the caller graph for this function:

◆ mbedtls_pk_decrypt()

int mbedtls_pk_decrypt	(	mbedtls_pk_context *	ctx,
		const unsigned char *	input,
		size_t	ilen,
		unsigned char *	output,
		size_t *	olen,
		size_t	osize,
		int()(void , unsigned char *, size_t)	f_rng,
		void *	p_rng
	)

Decrypt message (including padding if relevant).

Parameters

ctx	PK context to use - must hold a private key
input	Input to decrypt
ilen	Input size
output	Decrypted output
olen	Decrypted message length
osize	Size of the output buffer
f_rng	RNG function
p_rng	RNG parameter

Note: For RSA keys, the default padding type is PKCS#1 v1.5.

Returns: 0 on success, or a specific error code.

Here is the caller graph for this function:

◆ mbedtls_pk_encrypt()

int mbedtls_pk_encrypt	(	mbedtls_pk_context *	ctx,
		const unsigned char *	input,
		size_t	ilen,
		unsigned char *	output,
		size_t *	olen,
		size_t	osize,
		int()(void , unsigned char *, size_t)	f_rng,
		void *	p_rng
	)

Encrypt message (including padding if relevant).

Parameters

ctx	PK context to use
input	Message to encrypt
ilen	Message size
output	Encrypted output
olen	Encrypted output length
osize	Size of the output buffer
f_rng	RNG function
p_rng	RNG parameter

Note: For RSA keys, the default padding type is PKCS#1 v1.5.

Returns: 0 on success, or a specific error code.

Here is the caller graph for this function:

◆ mbedtls_pk_free()

void mbedtls_pk_free ( mbedtls_pk_context * ctx )

Free a mbedtls_pk_context.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_pk_get_bitlen()

size_t mbedtls_pk_get_bitlen ( const mbedtls_pk_context * ctx )

Get the size in bits of the underlying key.

Parameters

ctx	Context to use

Returns: Key size in bits, or 0 on error

Here is the caller graph for this function:

◆ mbedtls_pk_get_name()

const char* mbedtls_pk_get_name ( const mbedtls_pk_context * ctx )

Access the type name.

Parameters

ctx	Context to use

Returns: Type name on success, or "invalid PK"

Here is the caller graph for this function:

◆ mbedtls_pk_get_type()

mbedtls_pk_type_t mbedtls_pk_get_type ( const mbedtls_pk_context * ctx )

Get the key type.

Parameters

ctx	Context to use

Returns: Type on success, or MBEDTLS_PK_NONE

Here is the caller graph for this function:

◆ mbedtls_pk_info_from_type()

const mbedtls_pk_info_t* mbedtls_pk_info_from_type ( mbedtls_pk_type_t pk_type )

Return information associated with the given PK type.

Parameters

pk_type PK type to search for.

Returns: The PK info associated with the type or NULL if not found.

Here is the caller graph for this function:

◆ mbedtls_pk_init()

void mbedtls_pk_init ( mbedtls_pk_context * ctx )

Initialize a mbedtls_pk_context (as NONE)

◆ mbedtls_pk_setup()

int mbedtls_pk_setup	(	mbedtls_pk_context *	ctx,
		const mbedtls_pk_info_t *	info
	)

Initialize a PK context with the information given and allocates the type-specific PK subcontext.

Parameters

ctx	Context to initialize. Must be empty (type NONE).
info	Information to use

Returns: 0 on success, MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.

Note: For contexts holding an RSA-alt key, use mbedtls_pk_setup_rsa_alt() instead.

Here is the caller graph for this function:

◆ mbedtls_pk_setup_rsa_alt()

int mbedtls_pk_setup_rsa_alt	(	mbedtls_pk_context *	ctx,
		void *	key,
		mbedtls_pk_rsa_alt_decrypt_func	decrypt_func,
		mbedtls_pk_rsa_alt_sign_func	sign_func,
		mbedtls_pk_rsa_alt_key_len_func	key_len_func
	)

Initialize an RSA-alt context.

Parameters

ctx	Context to initialize. Must be empty (type NONE).
key	RSA key pointer
decrypt_func	Decryption function
sign_func	Signing function
key_len_func	Function returning key length in bytes

Returns: 0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the context wasn't already initialized as RSA_ALT.

Note: This function replaces mbedtls_pk_setup() for RSA-alt.

◆ mbedtls_pk_sign()

int mbedtls_pk_sign	(	mbedtls_pk_context *	ctx,
		mbedtls_md_type_t	md_alg,
		const unsigned char *	hash,
		size_t	hash_len,
		unsigned char *	sig,
		size_t *	sig_len,
		int()(void , unsigned char *, size_t)	f_rng,
		void *	p_rng
	)

Make signature, including padding if relevant.

Parameters

ctx	PK context to use - must hold a private key
md_alg	Hash algorithm used (see notes)
hash	Hash of the message to sign
hash_len	Hash length or 0 (see notes)
sig	Place to write the signature
sig_len	Number of bytes written
f_rng	RNG function
p_rng	RNG parameter

Returns: 0 on success, or a specific error code.

Note: For RSA keys, the default padding type is PKCS#1 v1.5. There is no interface in the PK module to make RSASSA-PSS signatures yet.; If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.; For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. For ECDSA, md_alg may never be MBEDTLS_MD_NONE.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_pk_verify()

int mbedtls_pk_verify	(	mbedtls_pk_context *	ctx,
		mbedtls_md_type_t	md_alg,
		const unsigned char *	hash,
		size_t	hash_len,
		const unsigned char *	sig,
		size_t	sig_len
	)

Verify signature (including padding if relevant).

Parameters

ctx	PK context to use
md_alg	Hash algorithm used (see notes)
hash	Hash of the message to sign
hash_len	Hash length or 0 (see notes)
sig	Signature to verify
sig_len	Signature length

Returns: 0 on success (signature is valid), MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is valid but its actual length is less than sig_len, or a specific error code.

Note: For RSA keys, the default padding type is PKCS#1 v1.5. Use mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) to verify RSASSA_PSS signatures.; If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.; md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_pk_verify_ext()

int mbedtls_pk_verify_ext	(	mbedtls_pk_type_t	type,
		const void *	options,
		mbedtls_pk_context *	ctx,
		mbedtls_md_type_t	md_alg,
		const unsigned char *	hash,
		size_t	hash_len,
		const unsigned char *	sig,
		size_t	sig_len
	)

Verify signature, with options. (Includes verification of the padding depending on type.)

Parameters

type	Signature type (inc. possible padding type) to verify
options	Pointer to type-specific options, or NULL
ctx	PK context to use
md_alg	Hash algorithm used (see notes)
hash	Hash of the message to sign
hash_len	Hash length or 0 (see notes)
sig	Signature to verify
sig_len	Signature length

Returns: 0 on success (signature is valid), MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be used for this type of signatures, MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is valid but its actual length is less than sig_len, or a specific error code.

Note: If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.; md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0; If type is MBEDTLS_PK_RSASSA_PSS, then options must point to a mbedtls_pk_rsassa_pss_options structure, otherwise it must be NULL.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ pk_hashlen_helper()

static int pk_hashlen_helper	(	mbedtls_md_type_t	md_alg,
		size_t *	hash_len
	)

inlinestatic

Here is the call graph for this function:

Here is the caller graph for this function:

Functions

Function Documentation

◆ mbedtls_pk_can_do()

◆ mbedtls_pk_check_pair()

◆ mbedtls_pk_debug()

◆ mbedtls_pk_decrypt()

◆ mbedtls_pk_encrypt()

◆ mbedtls_pk_free()

◆ mbedtls_pk_get_bitlen()

◆ mbedtls_pk_get_name()

◆ mbedtls_pk_get_type()

◆ mbedtls_pk_info_from_type()

◆ mbedtls_pk_init()

◆ mbedtls_pk_setup()

◆ mbedtls_pk_setup_rsa_alt()

◆ mbedtls_pk_sign()

◆ mbedtls_pk_verify()

◆ mbedtls_pk_verify_ext()

◆ pk_hashlen_helper()