1 /** 2 * \file pk_wrap.h 3 * 4 * \brief Public Key abstraction layer: wrapper functions 5 */ 6 /* 7 * Copyright The Mbed TLS Contributors 8 * SPDX-License-Identifier: Apache-2.0 9 * 10 * Licensed under the Apache License, Version 2.0 (the "License"); you may 11 * not use this file except in compliance with the License. 12 * You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, software 17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 * See the License for the specific language governing permissions and 20 * limitations under the License. 21 */ 22 23 #ifndef MBEDTLS_PK_WRAP_H 24 #define MBEDTLS_PK_WRAP_H 25 26 #include "mbedtls/build_info.h" 27 28 #include "mbedtls/pk.h" 29 30 #if defined(MBEDTLS_PSA_CRYPTO_C) 31 #include "psa/crypto.h" 32 #endif /* MBEDTLS_PSA_CRYPTO_C */ 33 34 struct mbedtls_pk_info_t { 35 /** Public key type */ 36 mbedtls_pk_type_t type; 37 38 /** Type name */ 39 const char *name; 40 41 /** Get key size in bits */ 42 size_t (*get_bitlen)(const void *); 43 44 /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ 45 int (*can_do)(mbedtls_pk_type_t type); 46 47 /** Verify signature */ 48 int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg, 49 const unsigned char *hash, size_t hash_len, 50 const unsigned char *sig, size_t sig_len); 51 52 /** Make signature */ 53 int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg, 54 const unsigned char *hash, size_t hash_len, 55 unsigned char *sig, size_t sig_size, size_t *sig_len, 56 int (*f_rng)(void *, unsigned char *, size_t), 57 void *p_rng); 58 59 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 60 /** Verify signature (restartable) */ 61 int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg, 62 const unsigned char *hash, size_t hash_len, 63 const unsigned char *sig, size_t sig_len, 64 void *rs_ctx); 65 66 /** Make signature (restartable) */ 67 int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg, 68 const unsigned char *hash, size_t hash_len, 69 unsigned char *sig, size_t sig_size, size_t *sig_len, 70 int (*f_rng)(void *, unsigned char *, size_t), 71 void *p_rng, void *rs_ctx); 72 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 73 74 /** Decrypt message */ 75 int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, 76 unsigned char *output, size_t *olen, size_t osize, 77 int (*f_rng)(void *, unsigned char *, size_t), 78 void *p_rng); 79 80 /** Encrypt message */ 81 int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, 82 unsigned char *output, size_t *olen, size_t osize, 83 int (*f_rng)(void *, unsigned char *, size_t), 84 void *p_rng); 85 86 /** Check public-private key pair */ 87 int (*check_pair_func)(const void *pub, const void *prv, 88 int (*f_rng)(void *, unsigned char *, size_t), 89 void *p_rng); 90 91 /** Allocate a new context */ 92 void * (*ctx_alloc_func)(void); 93 94 /** Free the given context */ 95 void (*ctx_free_func)(void *ctx); 96 97 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 98 /** Allocate the restart context */ 99 void *(*rs_alloc_func)(void); 100 101 /** Free the restart context */ 102 void (*rs_free_func)(void *rs_ctx); 103 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 104 105 /** Interface with the debug module */ 106 void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items); 107 108 }; 109 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 110 /* Container for RSA-alt */ 111 typedef struct { 112 void *key; 113 mbedtls_pk_rsa_alt_decrypt_func decrypt_func; 114 mbedtls_pk_rsa_alt_sign_func sign_func; 115 mbedtls_pk_rsa_alt_key_len_func key_len_func; 116 } mbedtls_rsa_alt_context; 117 #endif 118 119 #if defined(MBEDTLS_RSA_C) 120 extern const mbedtls_pk_info_t mbedtls_rsa_info; 121 #endif 122 123 #if defined(MBEDTLS_ECP_C) 124 extern const mbedtls_pk_info_t mbedtls_eckey_info; 125 extern const mbedtls_pk_info_t mbedtls_eckeydh_info; 126 #endif 127 128 #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) 129 extern const mbedtls_pk_info_t mbedtls_ecdsa_info; 130 #endif 131 132 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 133 extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; 134 #endif 135 136 #if defined(MBEDTLS_USE_PSA_CRYPTO) 137 extern const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info; 138 extern const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info; 139 140 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 141 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 142 int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); 143 #endif 144 #endif 145 146 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 147 148 #if defined(MBEDTLS_PSA_CRYPTO_C) 149 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 150 int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status); 151 152 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ 153 defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) 154 int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status); 155 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ 156 #endif /* !MBEDTLS_DEPRECATED_REMOVED */ 157 158 #if defined(MBEDTLS_RSA_C) 159 int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, 160 mbedtls_rsa_context *rsa_ctx, 161 const unsigned char *hash, size_t hash_len, 162 unsigned char *sig, size_t sig_size, 163 size_t *sig_len); 164 #endif /* MBEDTLS_RSA_C */ 165 166 #endif /* MBEDTLS_PSA_CRYPTO_C */ 167 168 #endif /* MBEDTLS_PK_WRAP_H */ 169
