1 /** 2 * \file pkcs5.h 3 * 4 * \brief PKCS#5 functions 5 * 6 * \author Mathias Olsson <mathias@kompetensum.com> 7 */ 8 /* 9 * Copyright The Mbed TLS Contributors 10 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 11 */ 12 #ifndef MBEDTLS_PKCS5_H 13 #define MBEDTLS_PKCS5_H 14 15 #include "mbedtls/build_info.h" 16 #include "mbedtls/platform_util.h" 17 18 #include "mbedtls/asn1.h" 19 #include "mbedtls/md.h" 20 #include "mbedtls/cipher.h" 21 22 #include <stddef.h> 23 #include <stdint.h> 24 25 /** Bad input parameters to function. */ 26 #define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 27 /** Unexpected ASN.1 data. */ 28 #define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 29 /** Requested encryption or digest alg not available. */ 30 #define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 31 /** Given private key password does not allow for correct decryption. */ 32 #define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 33 34 #define MBEDTLS_PKCS5_DECRYPT MBEDTLS_DECRYPT 35 #define MBEDTLS_PKCS5_ENCRYPT MBEDTLS_ENCRYPT 36 37 #ifdef __cplusplus 38 extern "C" { 39 #endif 40 41 #if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C) 42 43 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 44 /** 45 * \brief PKCS#5 PBES2 function 46 * 47 * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must 48 * be enabled at compile time. 49 * 50 * \deprecated This function is deprecated and will be removed in a 51 * future version of the library. 52 * Please use mbedtls_pkcs5_pbes2_ext() instead. 53 * 54 * \warning When decrypting: 55 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile 56 * time, this function validates the CBC padding and returns 57 * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is 58 * invalid. Note that this can help active adversaries 59 * attempting to brute-forcing the password. Note also that 60 * there is no guarantee that an invalid password will be 61 * detected (the chances of a valid padding with a random 62 * password are about 1/255). 63 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile 64 * time, this function does not validate the CBC padding. 65 * 66 * \param pbe_params the ASN.1 algorithm parameters 67 * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT 68 * \param pwd password to use when generating key 69 * \param pwdlen length of password 70 * \param data data to process 71 * \param datalen length of data 72 * \param output Output buffer. 73 * On success, it contains the encrypted or decrypted data, 74 * possibly followed by the CBC padding. 75 * On failure, the content is indeterminate. 76 * For decryption, there must be enough room for \p datalen 77 * bytes. 78 * For encryption, there must be enough room for 79 * \p datalen + 1 bytes, rounded up to the block size of 80 * the block cipher identified by \p pbe_params. 81 * 82 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. 83 */ 84 int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, 85 const unsigned char *pwd, size_t pwdlen, 86 const unsigned char *data, size_t datalen, 87 unsigned char *output); 88 #endif /* MBEDTLS_DEPRECATED_REMOVED */ 89 90 #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) 91 92 /** 93 * \brief PKCS#5 PBES2 function 94 * 95 * \warning When decrypting: 96 * - This function validates the CBC padding and returns 97 * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is 98 * invalid. Note that this can help active adversaries 99 * attempting to brute-forcing the password. Note also that 100 * there is no guarantee that an invalid password will be 101 * detected (the chances of a valid padding with a random 102 * password are about 1/255). 103 * 104 * \param pbe_params the ASN.1 algorithm parameters 105 * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT 106 * \param pwd password to use when generating key 107 * \param pwdlen length of password 108 * \param data data to process 109 * \param datalen length of data 110 * \param output Output buffer. 111 * On success, it contains the decrypted data. 112 * On failure, the content is indetermidate. 113 * For decryption, there must be enough room for \p datalen 114 * bytes. 115 * For encryption, there must be enough room for 116 * \p datalen + 1 bytes, rounded up to the block size of 117 * the block cipher identified by \p pbe_params. 118 * \param output_size size of output buffer. 119 * This must be big enough to accommodate for output plus 120 * padding data. 121 * \param output_len On success, length of actual data written to the output buffer. 122 * 123 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if parsing or decryption fails. 124 */ 125 int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, 126 const unsigned char *pwd, size_t pwdlen, 127 const unsigned char *data, size_t datalen, 128 unsigned char *output, size_t output_size, 129 size_t *output_len); 130 131 #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ 132 133 #endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C*/ 134 135 /** 136 * \brief PKCS#5 PBKDF2 using HMAC without using the HMAC context 137 * 138 * \param md_type Hash algorithm used 139 * \param password Password to use when generating key 140 * \param plen Length of password 141 * \param salt Salt to use when generating key 142 * \param slen Length of salt 143 * \param iteration_count Iteration count 144 * \param key_length Length of generated key in bytes 145 * \param output Generated key. Must be at least as big as key_length 146 * 147 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. 148 */ 149 int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_type, 150 const unsigned char *password, 151 size_t plen, const unsigned char *salt, size_t slen, 152 unsigned int iteration_count, 153 uint32_t key_length, unsigned char *output); 154 155 #if defined(MBEDTLS_MD_C) 156 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 157 /** 158 * \brief PKCS#5 PBKDF2 using HMAC 159 * 160 * \deprecated Superseded by mbedtls_pkcs5_pbkdf2_hmac_ext(). 161 * 162 * \param ctx Generic HMAC context 163 * \param password Password to use when generating key 164 * \param plen Length of password 165 * \param salt Salt to use when generating key 166 * \param slen Length of salt 167 * \param iteration_count Iteration count 168 * \param key_length Length of generated key in bytes 169 * \param output Generated key. Must be at least as big as key_length 170 * 171 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. 172 */ 173 int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, 174 const unsigned char *password, 175 size_t plen, 176 const unsigned char *salt, 177 size_t slen, 178 unsigned int iteration_count, 179 uint32_t key_length, 180 unsigned char *output); 181 #endif /* !MBEDTLS_DEPRECATED_REMOVED */ 182 #endif /* MBEDTLS_MD_C */ 183 #if defined(MBEDTLS_SELF_TEST) 184 185 /** 186 * \brief Checkup routine 187 * 188 * \return 0 if successful, or 1 if the test failed 189 */ 190 int mbedtls_pkcs5_self_test(int verbose); 191 192 #endif /* MBEDTLS_SELF_TEST */ 193 194 #ifdef __cplusplus 195 } 196 #endif 197 198 #endif /* pkcs5.h */ 199
