Add the Labs projects provided in the V10.2.1_191129 zip file.

[freertos] / FreeRTOS-Labs / Source / mbedtls / include / mbedtls / pk.h

/**\r
 * \file pk.h\r
 *\r
 * \brief Public Key abstraction layer\r
 */\r
/*\r
 *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved\r
 *  SPDX-License-Identifier: Apache-2.0\r
 *\r
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may\r
 *  not use this file except in compliance with the License.\r
 *  You may obtain a copy of the License at\r
 *\r
 *  http://www.apache.org/licenses/LICENSE-2.0\r
 *\r
 *  Unless required by applicable law or agreed to in writing, software\r
 *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\r
 *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
 *  See the License for the specific language governing permissions and\r
 *  limitations under the License.\r
 *\r
 *  This file is part of mbed TLS (https://tls.mbed.org)\r
 */\r
\r
#ifndef MBEDTLS_PK_H\r
#define MBEDTLS_PK_H\r
\r
#if !defined(MBEDTLS_CONFIG_FILE)\r
#include "config.h"\r
#else\r
#include MBEDTLS_CONFIG_FILE\r
#endif\r
\r
#include "md.h"\r
\r
#if defined(MBEDTLS_RSA_C)\r
#include "rsa.h"\r
#endif\r
\r
#if defined(MBEDTLS_ECP_C)\r
#include "ecp.h"\r
#endif\r
\r
#if defined(MBEDTLS_ECDSA_C)\r
#include "ecdsa.h"\r
#endif\r
\r
#if defined(MBEDTLS_USE_PSA_CRYPTO)\r
#include "psa/crypto.h"\r
#endif\r
\r
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \\r
    !defined(inline) && !defined(__cplusplus)\r
#define inline __inline\r
#endif\r
\r
#define MBEDTLS_ERR_PK_ALLOC_FAILED        -0x3F80  /**< Memory allocation failed. */\r
#define MBEDTLS_ERR_PK_TYPE_MISMATCH       -0x3F00  /**< Type mismatch, eg attempt to encrypt with an ECDSA key */\r
#define MBEDTLS_ERR_PK_BAD_INPUT_DATA      -0x3E80  /**< Bad input parameters to function. */\r
#define MBEDTLS_ERR_PK_FILE_IO_ERROR       -0x3E00  /**< Read/write of file failed. */\r
#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80  /**< Unsupported key version */\r
#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT  -0x3D00  /**< Invalid key tag or value. */\r
#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG      -0x3C80  /**< Key algorithm is unsupported (only RSA and EC are supported). */\r
#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED   -0x3C00  /**< Private key password can't be empty. */\r
#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH   -0x3B80  /**< Given private key password does not allow for correct decryption. */\r
#define MBEDTLS_ERR_PK_INVALID_PUBKEY      -0x3B00  /**< The pubkey tag or value is invalid (only RSA and EC are supported). */\r
#define MBEDTLS_ERR_PK_INVALID_ALG         -0x3A80  /**< The algorithm tag or value is invalid. */\r
#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00  /**< Elliptic curve is unsupported (only NIST curves are supported). */\r
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980  /**< Unavailable feature, e.g. RSA disabled for RSA key. */\r
#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH    -0x3900  /**< The buffer contains a valid signature followed by more data. */\r
\r
/* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */\r
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED     -0x3880  /**< PK hardware accelerator failed. */\r
\r
#ifdef __cplusplus\r
extern "C" {\r
#endif\r
\r
/**\r
 * \brief          Public key types\r
 */\r
typedef enum {\r
    MBEDTLS_PK_NONE=0,\r
    MBEDTLS_PK_RSA,\r
    MBEDTLS_PK_ECKEY,\r
    MBEDTLS_PK_ECKEY_DH,\r
    MBEDTLS_PK_ECDSA,\r
    MBEDTLS_PK_RSA_ALT,\r
    MBEDTLS_PK_RSASSA_PSS,\r
    MBEDTLS_PK_OPAQUE,\r
} mbedtls_pk_type_t;\r
\r
/**\r
 * \brief           Options for RSASSA-PSS signature verification.\r
 *                  See \c mbedtls_rsa_rsassa_pss_verify_ext()\r
 */\r
typedef struct mbedtls_pk_rsassa_pss_options\r
{\r
    mbedtls_md_type_t mgf1_hash_id;\r
    int expected_salt_len;\r
\r
} mbedtls_pk_rsassa_pss_options;\r
\r
/**\r
 * \brief           Types for interfacing with the debug module\r
 */\r
typedef enum\r
{\r
    MBEDTLS_PK_DEBUG_NONE = 0,\r
    MBEDTLS_PK_DEBUG_MPI,\r
    MBEDTLS_PK_DEBUG_ECP,\r
} mbedtls_pk_debug_type;\r
\r
/**\r
 * \brief           Item to send to the debug module\r
 */\r
typedef struct mbedtls_pk_debug_item\r
{\r
    mbedtls_pk_debug_type type;\r
    const char *name;\r
    void *value;\r
} mbedtls_pk_debug_item;\r
\r
/** Maximum number of item send for debugging, plus 1 */\r
#define MBEDTLS_PK_DEBUG_MAX_ITEMS 3\r
\r
/**\r
 * \brief           Public key information and operations\r
 */\r
typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;\r
\r
/**\r
 * \brief           Public key container\r
 */\r
typedef struct mbedtls_pk_context\r
{\r
    const mbedtls_pk_info_t *   pk_info; /**< Public key information         */\r
    void *                      pk_ctx;  /**< Underlying public key context  */\r
} mbedtls_pk_context;\r
\r
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)\r
/**\r
 * \brief           Context for resuming operations\r
 */\r
typedef struct\r
{\r
    const mbedtls_pk_info_t *   pk_info; /**< Public key information         */\r
    void *                      rs_ctx;  /**< Underlying restart context     */\r
} mbedtls_pk_restart_ctx;\r
#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */\r
/* Now we can declare functions that take a pointer to that */\r
typedef void mbedtls_pk_restart_ctx;\r
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */\r
\r
#if defined(MBEDTLS_RSA_C)\r
/**\r
 * Quick access to an RSA context inside a PK context.\r
 *\r
 * \warning You must make sure the PK context actually holds an RSA context\r
 * before using this function!\r
 */\r
static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )\r
{\r
    return( (mbedtls_rsa_context *) (pk).pk_ctx );\r
}\r
#endif /* MBEDTLS_RSA_C */\r
\r
#if defined(MBEDTLS_ECP_C)\r
/**\r
 * Quick access to an EC context inside a PK context.\r
 *\r
 * \warning You must make sure the PK context actually holds an EC context\r
 * before using this function!\r
 */\r
static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )\r
{\r
    return( (mbedtls_ecp_keypair *) (pk).pk_ctx );\r
}\r
#endif /* MBEDTLS_ECP_C */\r
\r
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)\r
/**\r
 * \brief           Types for RSA-alt abstraction\r
 */\r
typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,\r
                    const unsigned char *input, unsigned char *output,\r
                    size_t output_max_len );\r
typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,\r
                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,\r
                    int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,\r
                    const unsigned char *hash, unsigned char *sig );\r
typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );\r
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */\r
\r
/**\r
 * \brief           Return information associated with the given PK type\r
 *\r
 * \param pk_type   PK type to search for.\r
 *\r
 * \return          The PK info associated with the type or NULL if not found.\r
 */\r
const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );\r
\r
/**\r
 * \brief           Initialize a #mbedtls_pk_context (as NONE).\r
 *\r
 * \param ctx       The context to initialize.\r
 *                  This must not be \c NULL.\r
 */\r
void mbedtls_pk_init( mbedtls_pk_context *ctx );\r
\r
/**\r
 * \brief           Free the components of a #mbedtls_pk_context.\r
 *\r
 * \param ctx       The context to clear. It must have been initialized.\r
 *                  If this is \c NULL, this function does nothing.\r
 *\r
 * \note            For contexts that have been set up with\r
 *                  mbedtls_pk_setup_opaque(), this does not free the underlying\r
 *                  key slot and you still need to call psa_destroy_key()\r
 *                  independently if you want to destroy that key.\r
 */\r
void mbedtls_pk_free( mbedtls_pk_context *ctx );\r
\r
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)\r
/**\r
 * \brief           Initialize a restart context\r
 *\r
 * \param ctx       The context to initialize.\r
 *                  This must not be \c NULL.\r
 */\r
void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );\r
\r
/**\r
 * \brief           Free the components of a restart context\r
 *\r
 * \param ctx       The context to clear. It must have been initialized.\r
 *                  If this is \c NULL, this function does nothing.\r
 */\r
void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );\r
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */\r
\r
/**\r
 * \brief           Initialize a PK context with the information given\r
 *                  and allocates the type-specific PK subcontext.\r
 *\r
 * \param ctx       Context to initialize. It must not have been set\r
 *                  up yet (type #MBEDTLS_PK_NONE).\r
 * \param info      Information to use\r
 *\r
 * \return          0 on success,\r
 *                  MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,\r
 *                  MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.\r
 *\r
 * \note            For contexts holding an RSA-alt key, use\r
 *                  \c mbedtls_pk_setup_rsa_alt() instead.\r
 */\r
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );\r
\r
#if defined(MBEDTLS_USE_PSA_CRYPTO)\r
/**\r
 * \brief           Initialize a PK context to wrap a PSA key slot.\r
 *\r
 * \note            This function replaces mbedtls_pk_setup() for contexts\r
 *                  that wrap a (possibly opaque) PSA key slot instead of\r
 *                  storing and manipulating the key material directly.\r
 *\r
 * \param ctx       The context to initialize. It must be empty (type NONE).\r
 * \param key       The PSA key slot to wrap, which must hold an ECC key pair\r
 *                  (see notes below).\r
 *\r
 * \note            The wrapped key slot must remain valid as long as the\r
 *                  wrapping PK context is in use, that is at least between\r
 *                  the point this function is called and the point\r
 *                  mbedtls_pk_free() is called on this context. The wrapped\r
 *                  key slot might then be independently used or destroyed.\r
 *\r
 * \note            This function is currently only available for ECC key\r
 *                  pairs (that is, ECC keys containing private key material).\r
 *                  Support for other key types may be added later.\r
 *\r
 * \return          \c 0 on success.\r
 * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input\r
 *                  (context already used, invalid key slot).\r
 * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an\r
 *                  ECC key pair.\r
 * \return          #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.\r
 */\r
int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key );\r
#endif /* MBEDTLS_USE_PSA_CRYPTO */\r
\r
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)\r
/**\r
 * \brief           Initialize an RSA-alt context\r
 *\r
 * \param ctx       Context to initialize. It must not have been set\r
 *                  up yet (type #MBEDTLS_PK_NONE).\r
 * \param key       RSA key pointer\r
 * \param decrypt_func  Decryption function\r
 * \param sign_func     Signing function\r
 * \param key_len_func  Function returning key length in bytes\r
 *\r
 * \return          0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the\r
 *                  context wasn't already initialized as RSA_ALT.\r
 *\r
 * \note            This function replaces \c mbedtls_pk_setup() for RSA-alt.\r
 */\r
int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,\r
                         mbedtls_pk_rsa_alt_decrypt_func decrypt_func,\r
                         mbedtls_pk_rsa_alt_sign_func sign_func,\r
                         mbedtls_pk_rsa_alt_key_len_func key_len_func );\r
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */\r
\r
/**\r
 * \brief           Get the size in bits of the underlying key\r
 *\r
 * \param ctx       The context to query. It must have been initialized.\r
 *\r
 * \return          Key size in bits, or 0 on error\r
 */\r
size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );\r
\r
/**\r
 * \brief           Get the length in bytes of the underlying key\r
 *\r
 * \param ctx       The context to query. It must have been initialized.\r
 *\r
 * \return          Key length in bytes, or 0 on error\r
 */\r
static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )\r
{\r
    return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );\r
}\r
\r
/**\r
 * \brief           Tell if a context can do the operation given by type\r
 *\r
 * \param ctx       The context to query. It must have been initialized.\r
 * \param type      The desired type.\r
 *\r
 * \return          1 if the context can do operations on the given type.\r
 * \return          0 if the context cannot do the operations on the given\r
 *                  type. This is always the case for a context that has\r
 *                  been initialized but not set up, or that has been\r
 *                  cleared with mbedtls_pk_free().\r
 */\r
int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );\r
\r
/**\r
 * \brief           Verify signature (including padding if relevant).\r
 *\r
 * \param ctx       The PK context to use. It must have been set up.\r
 * \param md_alg    Hash algorithm used (see notes)\r
 * \param hash      Hash of the message to sign\r
 * \param hash_len  Hash length or 0 (see notes)\r
 * \param sig       Signature to verify\r
 * \param sig_len   Signature length\r
 *\r
 * \return          0 on success (signature is valid),\r
 *                  #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid\r
 *                  signature in sig but its length is less than \p siglen,\r
 *                  or a specific error code.\r
 *\r
 * \note            For RSA keys, the default padding type is PKCS#1 v1.5.\r
 *                  Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )\r
 *                  to verify RSASSA_PSS signatures.\r
 *\r
 * \note            If hash_len is 0, then the length associated with md_alg\r
 *                  is used instead, or an error returned if it is invalid.\r
 *\r
 * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0\r
 */\r
int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,\r
               const unsigned char *hash, size_t hash_len,\r
               const unsigned char *sig, size_t sig_len );\r
\r
/**\r
 * \brief           Restartable version of \c mbedtls_pk_verify()\r
 *\r
 * \note            Performs the same job as \c mbedtls_pk_verify(), but can\r
 *                  return early and restart according to the limit set with\r
 *                  \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC\r
 *                  operations. For RSA, same as \c mbedtls_pk_verify().\r
 *\r
 * \param ctx       The PK context to use. It must have been set up.\r
 * \param md_alg    Hash algorithm used (see notes)\r
 * \param hash      Hash of the message to sign\r
 * \param hash_len  Hash length or 0 (see notes)\r
 * \param sig       Signature to verify\r
 * \param sig_len   Signature length\r
 * \param rs_ctx    Restart context (NULL to disable restart)\r
 *\r
 * \return          See \c mbedtls_pk_verify(), or\r
 * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of\r
 *                  operations was reached: see \c mbedtls_ecp_set_max_ops().\r
 */\r
int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,\r
               mbedtls_md_type_t md_alg,\r
               const unsigned char *hash, size_t hash_len,\r
               const unsigned char *sig, size_t sig_len,\r
               mbedtls_pk_restart_ctx *rs_ctx );\r
\r
/**\r
 * \brief           Verify signature, with options.\r
 *                  (Includes verification of the padding depending on type.)\r
 *\r
 * \param type      Signature type (inc. possible padding type) to verify\r
 * \param options   Pointer to type-specific options, or NULL\r
 * \param ctx       The PK context to use. It must have been set up.\r
 * \param md_alg    Hash algorithm used (see notes)\r
 * \param hash      Hash of the message to sign\r
 * \param hash_len  Hash length or 0 (see notes)\r
 * \param sig       Signature to verify\r
 * \param sig_len   Signature length\r
 *\r
 * \return          0 on success (signature is valid),\r
 *                  #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be\r
 *                  used for this type of signatures,\r
 *                  #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid\r
 *                  signature in sig but its length is less than \p siglen,\r
 *                  or a specific error code.\r
 *\r
 * \note            If hash_len is 0, then the length associated with md_alg\r
 *                  is used instead, or an error returned if it is invalid.\r
 *\r
 * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0\r
 *\r
 * \note            If type is MBEDTLS_PK_RSASSA_PSS, then options must point\r
 *                  to a mbedtls_pk_rsassa_pss_options structure,\r
 *                  otherwise it must be NULL.\r
 */\r
int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,\r
                   mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,\r
                   const unsigned char *hash, size_t hash_len,\r
                   const unsigned char *sig, size_t sig_len );\r
\r
/**\r
 * \brief           Make signature, including padding if relevant.\r
 *\r
 * \param ctx       The PK context to use. It must have been set up\r
 *                  with a private key.\r
 * \param md_alg    Hash algorithm used (see notes)\r
 * \param hash      Hash of the message to sign\r
 * \param hash_len  Hash length or 0 (see notes)\r
 * \param sig       Place to write the signature\r
 * \param sig_len   Number of bytes written\r
 * \param f_rng     RNG function\r
 * \param p_rng     RNG parameter\r
 *\r
 * \return          0 on success, or a specific error code.\r
 *\r
 * \note            For RSA keys, the default padding type is PKCS#1 v1.5.\r
 *                  There is no interface in the PK module to make RSASSA-PSS\r
 *                  signatures yet.\r
 *\r
 * \note            If hash_len is 0, then the length associated with md_alg\r
 *                  is used instead, or an error returned if it is invalid.\r
 *\r
 * \note            For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.\r
 *                  For ECDSA, md_alg may never be MBEDTLS_MD_NONE.\r
 */\r
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,\r
             const unsigned char *hash, size_t hash_len,\r
             unsigned char *sig, size_t *sig_len,\r
             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );\r
\r
/**\r
 * \brief           Restartable version of \c mbedtls_pk_sign()\r
 *\r
 * \note            Performs the same job as \c mbedtls_pk_sign(), but can\r
 *                  return early and restart according to the limit set with\r
 *                  \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC\r
 *                  operations. For RSA, same as \c mbedtls_pk_sign().\r
 *\r
 * \param ctx       The PK context to use. It must have been set up\r
 *                  with a private key.\r
 * \param md_alg    Hash algorithm used (see notes)\r
 * \param hash      Hash of the message to sign\r
 * \param hash_len  Hash length or 0 (see notes)\r
 * \param sig       Place to write the signature\r
 * \param sig_len   Number of bytes written\r
 * \param f_rng     RNG function\r
 * \param p_rng     RNG parameter\r
 * \param rs_ctx    Restart context (NULL to disable restart)\r
 *\r
 * \return          See \c mbedtls_pk_sign(), or\r
 * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of\r
 *                  operations was reached: see \c mbedtls_ecp_set_max_ops().\r
 */\r
int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,\r
             mbedtls_md_type_t md_alg,\r
             const unsigned char *hash, size_t hash_len,\r
             unsigned char *sig, size_t *sig_len,\r
             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,\r
             mbedtls_pk_restart_ctx *rs_ctx );\r
\r
/**\r
 * \brief           Decrypt message (including padding if relevant).\r
 *\r
 * \param ctx       The PK context to use. It must have been set up\r
 *                  with a private key.\r
 * \param input     Input to decrypt\r
 * \param ilen      Input size\r
 * \param output    Decrypted output\r
 * \param olen      Decrypted message length\r
 * \param osize     Size of the output buffer\r
 * \param f_rng     RNG function\r
 * \param p_rng     RNG parameter\r
 *\r
 * \note            For RSA keys, the default padding type is PKCS#1 v1.5.\r
 *\r
 * \return          0 on success, or a specific error code.\r
 */\r
int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,\r
                const unsigned char *input, size_t ilen,\r
                unsigned char *output, size_t *olen, size_t osize,\r
                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );\r
\r
/**\r
 * \brief           Encrypt message (including padding if relevant).\r
 *\r
 * \param ctx       The PK context to use. It must have been set up.\r
 * \param input     Message to encrypt\r
 * \param ilen      Message size\r
 * \param output    Encrypted output\r
 * \param olen      Encrypted output length\r
 * \param osize     Size of the output buffer\r
 * \param f_rng     RNG function\r
 * \param p_rng     RNG parameter\r
 *\r
 * \note            For RSA keys, the default padding type is PKCS#1 v1.5.\r
 *\r
 * \return          0 on success, or a specific error code.\r
 */\r
int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,\r
                const unsigned char *input, size_t ilen,\r
                unsigned char *output, size_t *olen, size_t osize,\r
                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );\r
\r
/**\r
 * \brief           Check if a public-private pair of keys matches.\r
 *\r
 * \param pub       Context holding a public key.\r
 * \param prv       Context holding a private (and public) key.\r
 *\r
 * \return          \c 0 on success (keys were checked and match each other).\r
 * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not\r
 *                  be checked - in that case they may or may not match.\r
 * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.\r
 * \return          Another non-zero value if the keys do not match.\r
 */\r
int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );\r
\r
/**\r
 * \brief           Export debug information\r
 *\r
 * \param ctx       The PK context to use. It must have been initialized.\r
 * \param items     Place to write debug items\r
 *\r
 * \return          0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA\r
 */\r
int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );\r
\r
/**\r
 * \brief           Access the type name\r
 *\r
 * \param ctx       The PK context to use. It must have been initialized.\r
 *\r
 * \return          Type name on success, or "invalid PK"\r
 */\r
const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );\r
\r
/**\r
 * \brief           Get the key type\r
 *\r
 * \param ctx       The PK context to use. It must have been initialized.\r
 *\r
 * \return          Type on success.\r
 * \return          #MBEDTLS_PK_NONE for a context that has not been set up.\r
 */\r
mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );\r
\r
#if defined(MBEDTLS_PK_PARSE_C)\r
/** \ingroup pk_module */\r
/**\r
 * \brief           Parse a private key in PEM or DER format\r
 *\r
 * \param ctx       The PK context to fill. It must have been initialized\r
 *                  but not set up.\r
 * \param key       Input buffer to parse.\r
 *                  The buffer must contain the input exactly, with no\r
 *                  extra trailing material. For PEM, the buffer must\r
 *                  contain a null-terminated string.\r
 * \param keylen    Size of \b key in bytes.\r
 *                  For PEM data, this includes the terminating null byte,\r
 *                  so \p keylen must be equal to `strlen(key) + 1`.\r
 * \param pwd       Optional password for decryption.\r
 *                  Pass \c NULL if expecting a non-encrypted key.\r
 *                  Pass a string of \p pwdlen bytes if expecting an encrypted\r
 *                  key; a non-encrypted key will also be accepted.\r
 *                  The empty password is not supported.\r
 * \param pwdlen    Size of the password in bytes.\r
 *                  Ignored if \p pwd is \c NULL.\r
 *\r
 * \note            On entry, ctx must be empty, either freshly initialised\r
 *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a\r
 *                  specific key type, check the result with mbedtls_pk_can_do().\r
 *\r
 * \note            The key is also checked for correctness.\r
 *\r
 * \return          0 if successful, or a specific PK or PEM error code\r
 */\r
int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,\r
                  const unsigned char *key, size_t keylen,\r
                  const unsigned char *pwd, size_t pwdlen );\r
\r
/** \ingroup pk_module */\r
/**\r
 * \brief           Parse a public key in PEM or DER format\r
 *\r
 * \param ctx       The PK context to fill. It must have been initialized\r
 *                  but not set up.\r
 * \param key       Input buffer to parse.\r
 *                  The buffer must contain the input exactly, with no\r
 *                  extra trailing material. For PEM, the buffer must\r
 *                  contain a null-terminated string.\r
 * \param keylen    Size of \b key in bytes.\r
 *                  For PEM data, this includes the terminating null byte,\r
 *                  so \p keylen must be equal to `strlen(key) + 1`.\r
 *\r
 * \note            On entry, ctx must be empty, either freshly initialised\r
 *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a\r
 *                  specific key type, check the result with mbedtls_pk_can_do().\r
 *\r
 * \note            The key is also checked for correctness.\r
 *\r
 * \return          0 if successful, or a specific PK or PEM error code\r
 */\r
int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,\r
                         const unsigned char *key, size_t keylen );\r
\r
#if defined(MBEDTLS_FS_IO)\r
/** \ingroup pk_module */\r
/**\r
 * \brief           Load and parse a private key\r
 *\r
 * \param ctx       The PK context to fill. It must have been initialized\r
 *                  but not set up.\r
 * \param path      filename to read the private key from\r
 * \param password  Optional password to decrypt the file.\r
 *                  Pass \c NULL if expecting a non-encrypted key.\r
 *                  Pass a null-terminated string if expecting an encrypted\r
 *                  key; a non-encrypted key will also be accepted.\r
 *                  The empty password is not supported.\r
 *\r
 * \note            On entry, ctx must be empty, either freshly initialised\r
 *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a\r
 *                  specific key type, check the result with mbedtls_pk_can_do().\r
 *\r
 * \note            The key is also checked for correctness.\r
 *\r
 * \return          0 if successful, or a specific PK or PEM error code\r
 */\r
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,\r
                      const char *path, const char *password );\r
\r
/** \ingroup pk_module */\r
/**\r
 * \brief           Load and parse a public key\r
 *\r
 * \param ctx       The PK context to fill. It must have been initialized\r
 *                  but not set up.\r
 * \param path      filename to read the public key from\r
 *\r
 * \note            On entry, ctx must be empty, either freshly initialised\r
 *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If\r
 *                  you need a specific key type, check the result with\r
 *                  mbedtls_pk_can_do().\r
 *\r
 * \note            The key is also checked for correctness.\r
 *\r
 * \return          0 if successful, or a specific PK or PEM error code\r
 */\r
int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );\r
#endif /* MBEDTLS_FS_IO */\r
#endif /* MBEDTLS_PK_PARSE_C */\r
\r
#if defined(MBEDTLS_PK_WRITE_C)\r
/**\r
 * \brief           Write a private key to a PKCS#1 or SEC1 DER structure\r
 *                  Note: data is written at the end of the buffer! Use the\r
 *                        return value to determine where you should start\r
 *                        using the buffer\r
 *\r
 * \param ctx       PK context which must contain a valid private key.\r
 * \param buf       buffer to write to\r
 * \param size      size of the buffer\r
 *\r
 * \return          length of data written if successful, or a specific\r
 *                  error code\r
 */\r
int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );\r
\r
/**\r
 * \brief           Write a public key to a SubjectPublicKeyInfo DER structure\r
 *                  Note: data is written at the end of the buffer! Use the\r
 *                        return value to determine where you should start\r
 *                        using the buffer\r
 *\r
 * \param ctx       PK context which must contain a valid public or private key.\r
 * \param buf       buffer to write to\r
 * \param size      size of the buffer\r
 *\r
 * \return          length of data written if successful, or a specific\r
 *                  error code\r
 */\r
int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );\r
\r
#if defined(MBEDTLS_PEM_WRITE_C)\r
/**\r
 * \brief           Write a public key to a PEM string\r
 *\r
 * \param ctx       PK context which must contain a valid public or private key.\r
 * \param buf       Buffer to write to. The output includes a\r
 *                  terminating null byte.\r
 * \param size      Size of the buffer in bytes.\r
 *\r
 * \return          0 if successful, or a specific error code\r
 */\r
int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );\r
\r
/**\r
 * \brief           Write a private key to a PKCS#1 or SEC1 PEM string\r
 *\r
 * \param ctx       PK context which must contain a valid private key.\r
 * \param buf       Buffer to write to. The output includes a\r
 *                  terminating null byte.\r
 * \param size      Size of the buffer in bytes.\r
 *\r
 * \return          0 if successful, or a specific error code\r
 */\r
int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );\r
#endif /* MBEDTLS_PEM_WRITE_C */\r
#endif /* MBEDTLS_PK_WRITE_C */\r
\r
/*\r
 * WARNING: Low-level functions. You probably do not want to use these unless\r
 *          you are certain you do ;)\r
 */\r
\r
#if defined(MBEDTLS_PK_PARSE_C)\r
/**\r
 * \brief           Parse a SubjectPublicKeyInfo DER structure\r
 *\r
 * \param p         the position in the ASN.1 data\r
 * \param end       end of the buffer\r
 * \param pk        The PK context to fill. It must have been initialized\r
 *                  but not set up.\r
 *\r
 * \return          0 if successful, or a specific PK error code\r
 */\r
int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,\r
                        mbedtls_pk_context *pk );\r
#endif /* MBEDTLS_PK_PARSE_C */\r
\r
#if defined(MBEDTLS_PK_WRITE_C)\r
/**\r
 * \brief           Write a subjectPublicKey to ASN.1 data\r
 *                  Note: function works backwards in data buffer\r
 *\r
 * \param p         reference to current position pointer\r
 * \param start     start of the buffer (for bounds-checking)\r
 * \param key       PK context which must contain a valid public or private key.\r
 *\r
 * \return          the length written or a negative error code\r
 */\r
int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,\r
                     const mbedtls_pk_context *key );\r
#endif /* MBEDTLS_PK_WRITE_C */\r
\r
/*\r
 * Internal module functions. You probably do not want to use these unless you\r
 * know you do.\r
 */\r
#if defined(MBEDTLS_FS_IO)\r
int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );\r
#endif\r
\r
#if defined(MBEDTLS_USE_PSA_CRYPTO)\r
/**\r
 * \brief           Turn an EC key into an Opaque one\r
 *\r
 * \warning         This is a temporary utility function for tests. It might\r
 *                  change or be removed at any time without notice.\r
 *\r
 * \note            Only ECDSA keys are supported so far. Signing with the\r
 *                  specified hash is the only allowed use of that key.\r
 *\r
 * \param pk        Input: the EC key to transfer to a PSA key slot.\r
 *                  Output: a PK context wrapping that PSA key slot.\r
 * \param slot      Output: the chosen slot for storing the key.\r
 *                  It's the caller's responsibility to destroy that slot\r
 *                  after calling mbedtls_pk_free() on the PK context.\r
 * \param hash_alg  The hash algorithm to allow for use with that key.\r
 *\r
 * \return          \c 0 if successful.\r
 * \return          An Mbed TLS error code otherwise.\r
 */\r
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,\r
                               psa_key_handle_t *slot,\r
                               psa_algorithm_t hash_alg );\r
#endif /* MBEDTLS_USE_PSA_CRYPTO */\r
\r
#ifdef __cplusplus\r
}\r
#endif\r
\r
#endif /* MBEDTLS_PK_H */\r