Lines Matching +full:for +full:- +full:context
8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
36 #define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80
38 #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00
40 #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80
42 #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00
44 #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
46 #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00
48 #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80
50 #define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00
51 /** Given private key password does not allow for correct decryption. */
52 #define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80
54 #define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00
56 #define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80
58 #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
59 /** Unavailable feature, e.g. RSA disabled for RSA key. */
60 #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
62 #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900
64 #define MBEDTLS_ERR_PK_BUFFER_TOO_SMALL -0x3880
85 * \brief Options for RSASSA-PSS signature verification.
89 /** The digest to use for MGF1 in PSS.
115 * then incrementally increasing to be large enough for each supported
118 * The resulting value can be 0, for example if MBEDTLS_ECDH_C is enabled
126 /* For RSA, the signature can be as large as the bignum module allows.
127 * For RSA_ALT, the signature size is not necessarily tied to what the
136 /* For ECDSA, the ecdsa module exports a constant for the maximum
151 /* The Mbed TLS representation is different for ECDSA signatures:
154 * Add the overhead of ASN.1: up to (1+2) + 2 * (1+2+1) for the
163 * should be used for EC keys: legacy ecp_keypair or the raw (PSA friendly)
165 * which functions are used for various operations. The overall picture looks
167 * - if USE_PSA is not defined and ECP_C is defined then use ecp_keypair data
169 * - if USE_PSA is defined and
170 * - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly
172 * - if !ECP_C then use new raw data and PSA functions directly.
174 * The main reason for the "intermediate" (USE_PSA + ECP_C) above is that as long
185 * \brief Types for interfacing with the debug module
203 /** Maximum number of item send for debugging, plus 1 */
210 * only built-in structures returned by
222 void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
225 * - opaque key when MBEDTLS_USE_PSA_CRYPTO is defined
226 * - normal key when MBEDTLS_PK_USE_PSA_EC_DATA is defined. In this case:
227 * - the pk_ctx above is not not used to store the private key anymore.
230 * - this ID is used for all private key operations (ex: sign, check
235 * context. */
237 mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */
239 /* The following fields are meant for storing the public key in raw format
240 * which is handy for:
241 * - easily importing it into the PSA context
242 * - reducing the ECP module dependencies in the PK one.
245 * - the pk_ctx above is not used anymore for storing the public key
247 * - the following fields are used for all public key operations: signature
249 * - For a key pair, priv_id contains the private key. For a public key,
252 * ecp_keypair structure is used for storing the public key and performing
255 * Note: This new public key storing solution only works for EC keys, not
257 * context.
269 * \brief Context for resuming operations
273 void *MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */
282 * \brief Types for RSA-alt abstraction
298 * \param pk_type PK type to search for.
307 * \param ctx The context to initialize.
315 * \param ctx The context to clear. It must have been initialized.
318 * \note For contexts that have been set up with
327 * \brief Initialize a restart context
329 * \param ctx The context to initialize.
335 * \brief Free the components of a restart context
337 * \param ctx The context to clear. It must have been initialized.
344 * \brief Initialize a PK context with the information given
345 * and allocates the type-specific PK subcontext.
347 * \param ctx Context to initialize. It must not have been set
355 * \note For contexts holding an RSA-alt key, use
362 * \brief Initialize a PK context to wrap a PSA key.
364 * This function creates a PK context which wraps a PSA key. The PSA wrapped
377 * In order for the above operations to succeed, the policy of the wrapped PSA
384 * context is in use, that is at least between the point this function
385 * is called and the point mbedtls_pk_free() is called on this context.
387 * \param ctx The context to initialize. It must be empty (type NONE).
391 * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input (context already
403 * \brief Initialize an RSA-alt context
405 * \param ctx Context to initialize. It must not have been set
413 * context wasn't already initialized as RSA_ALT.
415 * \note This function replaces \c mbedtls_pk_setup() for RSA-alt.
426 * \param ctx The context to query. It must have been initialized.
435 * \param ctx The context to query. It must have been initialized.
445 * \brief Tell if a context can do the operation given by type
447 * \param ctx The context to query. It must have been initialized.
450 * \return 1 if the context can do operations on the given type.
451 * \return 0 if the context cannot do the operations on the given
452 * type. This is always the case for a context that has
460 * \brief Tell if context can do the operation given by PSA algorithm
462 * \param ctx The context to query. It must have been initialized.
473 * Context key must match all passed usage flags.
477 * be taken in account for non-allowed algorithms and usage
480 * \return 1 if the context can do operations on the given type.
481 * \return 0 if the context cannot do the operations on the given
482 * type, for non-allowed algorithms and usage flags, or
483 * for a context that has been initialized but not set up
496 * for calling mbedtls_pk_import_into_psa() to create
510 * \note This function does not support RSA-alt contexts
513 * \param[in] pk The PK context to use. It must have been set up.
516 * - #PSA_KEY_USAGE_DECRYPT: \p pk must contain a
521 * - #PSA_KEY_USAGE_DERIVE: \p pk must contain a
524 * - #PSA_KEY_USAGE_ENCRYPT: The output
526 * - #PSA_KEY_USAGE_SIGN_HASH: \p pk must contain a
531 * - #PSA_KEY_USAGE_SIGN_MESSAGE: \p pk must contain a
536 * - #PSA_KEY_USAGE_VERIFY_HASH: The output
538 * - #PSA_KEY_USAGE_VERIFY_MESSAGE: The output
542 * - The lifetime and key identifier are unchanged. If the
549 * - The key type and bit-size are determined by the contents
550 * of the PK context. If the PK context contains a key
553 * \p usage. If the PK context contains a public key,
555 * - The key's policy is determined by the key type and
558 * possibly other permissions as documented for the
563 * - #MBEDTLS_PK_RSA whose underlying
570 * - #MBEDTLS_PK_RSA whose underlying
578 * - #MBEDTLS_PK_RSA_ALT: not supported.
579 * - #MBEDTLS_PK_ECDSA or #MBEDTLS_PK_ECKEY
584 * - #MBEDTLS_PK_ECKEY_DH or #MBEDTLS_PK_ECKEY
587 * - #MBEDTLS_PK_OPAQUE: same as the primary algorithm
588 * set for the underlying PSA key, except that
611 * -# Call mbedtls_pk_get_psa_attributes() to obtain
612 * attributes for the given key.
613 * -# If desired, modify the attributes, for example:
614 * - To create a persistent key, call
617 * - To import only the public part of a key pair:
622 * - Restrict the key usage if desired.
623 * -# Call mbedtls_pk_import_into_psa().
625 * \note This function does not support RSA-alt contexts
628 * \param[in] pk The PK context to use. It must have been set up.
631 * The attributes to use for the new key. They must be
652 * \brief Create a PK context starting from a key stored in PSA.
654 * - must be exportable and
655 * - must be an RSA or EC key pair or public key (FFDH is not supported in PK).
658 * - #MBEDTLS_PK_RSA for RSA keys or
659 * - #MBEDTLS_PK_ECKEY for EC keys.
666 * PK context will perform the corresponding algorithm for that
667 * PK context type.
668 * * For ECDSA, the choice of deterministic vs randomized will
669 * be based on the compile-time setting #MBEDTLS_ECDSA_DETERMINISTIC.
670 * * For an RSA key, the output PK context will allow both
678 * \param pk The PK context that will be filled. It must be initialized,
688 * \brief Create a PK context for the public key of a PSA key.
693 * - #MBEDTLS_PK_RSA for RSA keys or
694 * - #MBEDTLS_PK_ECKEY for EC keys.
701 * PK context will perform the corresponding algorithm for that
702 * PK context type.
704 * For an RSA key, the output PK context will allow both
711 * \param pk The PK context that will be filled. It must be initialized,
724 * \param ctx The PK context to use. It must have been set up.
727 * does not rely on a hash algorithm (non-deterministic
729 * For PKCS#1 v1.5, if \p md_alg is #MBEDTLS_MD_NONE, then
739 * \note For keys of type #MBEDTLS_PK_RSA, the signature algorithm is
741 * depending on the padding mode in the underlying RSA context.
742 * For a pk object constructed by parsing, this is PKCS#1 v1.5
760 * \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
761 * operations. For RSA, same as \c mbedtls_pk_verify().
763 * \param ctx The PK context to use. It must have been set up.
769 * \param rs_ctx Restart context (NULL to disable restart)
786 * \param options Pointer to type-specific options, or NULL
787 * \param ctx The PK context to use. It must have been set up.
795 * #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
796 * used for this type of signatures,
820 * \param ctx The PK context to use. It must have been set up
826 * It must have enough room for the signature.
836 * \note For keys of type #MBEDTLS_PK_RSA, the signature algorithm is
839 * in the underlying RSA context. For a pk object constructed
846 * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
847 * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
858 * \param ctx The PK context to use. It must have been set up
864 * It must have enough room for the signature.
877 * see #PSA_ALG_RSA_PSS for a description of PSS options used.
879 * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
880 * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
896 * \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
897 * operations. For RSA, same as \c mbedtls_pk_sign().
899 * \param ctx The PK context to use. It must have been set up
901 * \param md_alg Hash algorithm used (see notes for mbedtls_pk_sign())
905 * It must have enough room for the signature.
914 * \param rs_ctx Restart context (NULL to disable restart)
930 * \param ctx The PK context to use. It must have been set up
940 * \note For keys of type #MBEDTLS_PK_RSA, the signature algorithm is
942 * the underlying RSA context. For a pk object constructed by
955 * \param ctx The PK context to use. It must have been set up.
964 * \note For keys of type #MBEDTLS_PK_RSA, the signature algorithm is
966 * the underlying RSA context. For a pk object constructed by
969 * \note \p f_rng is used for padding generation.
979 * \brief Check if a public-private pair of keys matches.
981 * \param pub Context holding a public key.
982 * \param prv Context holding a private (and public) key.
988 * be checked - in that case they may or may not match.
989 * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
990 * \return Another non-zero value if the keys do not match.
1000 * \param ctx The PK context to use. It must have been initialized.
1010 * \param ctx The PK context to use. It must have been initialized.
1019 * \param ctx The PK context to use. It must have been initialized.
1022 * \return #MBEDTLS_PK_NONE for a context that has not been set up.
1028 * Quick access to an RSA context inside a PK context.
1030 * \warning This function can only be used when the type of the context, as
1035 * \return The internal RSA context held by the PK context, or NULL.
1050 * Quick access to an EC context inside a PK context.
1052 * \warning This function can only be used when the type of the context, as
1058 * \return The internal EC context held by the PK context, or NULL.
1082 * \param ctx The PK context to fill. It must have been initialized
1086 * extra trailing material. For PEM, the buffer must
1087 * contain a null-terminated string.
1089 * For PEM data, this includes the terminating null byte,
1091 * \param pwd Optional password for decryption.
1092 * Pass \c NULL if expecting a non-encrypted key.
1094 * key; a non-encrypted key will also be accepted.
1098 * \param f_rng RNG function, must not be \c NULL. Used for blinding.
1105 * \note The key is also checked for correctness.
1122 * \param ctx The PK context to fill. It must have been initialized
1126 * extra trailing material. For PEM, the buffer must
1127 * contain a null-terminated string.
1129 * For PEM data, this includes the terminating null byte,
1136 * \note For compressed points, see #MBEDTLS_ECP_PF_COMPRESSED for
1139 * \note The key is also checked for correctness.
1155 * \param ctx The PK context to fill. It must have been initialized
1159 * Pass \c NULL if expecting a non-encrypted key.
1160 * Pass a null-terminated string if expecting an encrypted
1161 * key; a non-encrypted key will also be accepted.
1163 * \param f_rng RNG function, must not be \c NULL. Used for blinding.
1170 * \note The key is also checked for correctness.
1182 * \param ctx The PK context to fill. It must have been initialized
1191 * \note The key is also checked for correctness.
1206 * \param ctx PK context which must contain a valid private key.
1221 * \param ctx PK context which must contain a valid public or private key.
1234 * \param ctx PK context which must contain a valid public or private key.
1246 * \param ctx PK context which must contain a valid private key.
1258 * WARNING: Low-level functions. You probably do not want to use these unless
1268 * \param pk The PK context to fill. It must have been initialized
1283 * \param start start of the buffer (for bounds-checking)
1284 * \param key PK context which must contain a valid public or private key.