pk.h File Reference

Public Key abstraction layer. More...

#include "config.h"
#include "md.h"
#include "rsa.h"
#include "ecp.h"
#include "ecdsa.h"
Include dependency graph for pk.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  pk_debug_item
 Item to send to the debug module. More...
struct  pk_info_t
 Public key information and operations. More...
struct  pk_context
 Public key container. More...

Defines

#define POLARSSL_ERR_PK_MALLOC_FAILED   -0x2F80
 Memory alloation failed.
#define POLARSSL_ERR_PK_TYPE_MISMATCH   -0x2F00
 Type mismatch, eg attempt to encrypt with an ECDSA key.
#define POLARSSL_ERR_PK_BAD_INPUT_DATA   -0x2E80
 Bad input parameters to function.
#define POLARSSL_ERR_PK_FILE_IO_ERROR   -0x2E00
 Read/write of file failed.
#define POLARSSL_ERR_PK_KEY_INVALID_VERSION   -0x2D80
 Unsupported key version.
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT   -0x2D00
 Invalid key tag or value.
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG   -0x2C80
 Key algorithm is unsupported (only RSA and EC are supported).
#define POLARSSL_ERR_PK_PASSWORD_REQUIRED   -0x2C00
 Private key password can't be empty.
#define POLARSSL_ERR_PK_PASSWORD_MISMATCH   -0x2B80
 Given private key password does not allow for correct decryption.
#define POLARSSL_ERR_PK_INVALID_PUBKEY   -0x2B00
 The pubkey tag or value is invalid (only RSA and EC are supported).
#define POLARSSL_ERR_PK_INVALID_ALG   -0x2A80
 The algorithm tag or value is invalid.
#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE   -0x2A00
 Elliptic curve is unsupported (only NIST curves are supported).
#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE   -0x2980
 Unavailable feature, e.g.
#define pk_rsa(pk)   ( (rsa_context *) (pk).pk_ctx )
 Quick access to an RSA context inside a PK context.
#define pk_ec(pk)   ( (ecp_keypair *) (pk).pk_ctx )
 Quick access to an EC context inside a PK context.
#define POLARSSL_PK_DEBUG_MAX_ITEMS   3
 Maximum number of item send for debugging, plus 1.

Typedefs

typedef int(* pk_rsa_alt_decrypt_func )(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
 Types for RSA-alt abstraction.
typedef int(* pk_rsa_alt_sign_func )(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, int hash_id, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
typedef size_t(* pk_rsa_alt_key_len_func )(void *ctx)

Enumerations

enum  pk_type_t {
  POLARSSL_PK_NONE = 0, POLARSSL_PK_RSA, POLARSSL_PK_ECKEY, POLARSSL_PK_ECKEY_DH,
  POLARSSL_PK_ECDSA, POLARSSL_PK_RSA_ALT
}
 

Public key types.

More...
enum  pk_debug_type { POLARSSL_PK_DEBUG_NONE = 0, POLARSSL_PK_DEBUG_MPI, POLARSSL_PK_DEBUG_ECP }
 

Types for interfacing with the debug module.

More...

Functions

const pk_info_tpk_info_from_type (pk_type_t pk_type)
 Return information associated with the given PK type.
void pk_init (pk_context *ctx)
 Initialize a pk_context (as NONE).
void pk_free (pk_context *ctx)
 Free a pk_context.
int pk_init_ctx (pk_context *ctx, const pk_info_t *info)
 Initialize a PK context with the information given and allocates the type-specific PK subcontext.
int pk_init_ctx_rsa_alt (pk_context *ctx, void *key, pk_rsa_alt_decrypt_func decrypt_func, pk_rsa_alt_sign_func sign_func, pk_rsa_alt_key_len_func key_len_func)
 Initialize an RSA-alt context.
size_t pk_get_size (const pk_context *ctx)
 Get the size in bits of the underlying key.
static size_t pk_get_len (const pk_context *ctx)
 Get the length in bytes of the underlying key.
int pk_can_do (pk_context *ctx, pk_type_t type)
 Tell if a context can do the operation given by type.
int pk_verify (pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
 Verify signature.
int pk_sign (pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Make signature.
int pk_decrypt (pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Decrypt message.
int pk_encrypt (pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Encrypt message.
int pk_debug (const pk_context *ctx, pk_debug_item *items)
 Export debug information.
const char * pk_get_name (const pk_context *ctx)
 Access the type name.
pk_type_t pk_get_type (const pk_context *ctx)
 Get the key type.
int pk_parse_key (pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen)
 Parse a private key.
int pk_parse_public_key (pk_context *ctx, const unsigned char *key, size_t keylen)
 Parse a public key.
int pk_parse_keyfile (pk_context *ctx, const char *path, const char *password)
 Load and parse a private key.
int pk_parse_public_keyfile (pk_context *ctx, const char *path)
 Load and parse a public key.
int pk_write_key_der (pk_context *pk, unsigned char *buf, size_t size)
 Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
int pk_write_pubkey_der (pk_context *key, unsigned char *buf, size_t size)
 Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
int pk_write_pubkey_pem (pk_context *key, unsigned char *buf, size_t size)
 Write a public key to a PEM string.
int pk_write_key_pem (pk_context *key, unsigned char *buf, size_t size)
 Write a private key to a PKCS#1 or SEC1 PEM string.
int pk_parse_subpubkey (unsigned char **p, const unsigned char *end, pk_context *pk)
 Parse a SubjectPublicKeyInfo DER structure.
int pk_write_pubkey (unsigned char **p, unsigned char *start, const pk_context *key)
 Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer.

Detailed Description

Public Key abstraction layer.

Public Key abstraction layer: wrapper functions.

Copyright (C) 2006-2013, Brainspark B.V.

This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>

All rights reserved.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

Definition in file pk.h.


Define Documentation

#define pk_ec ( pk   )     ( (ecp_keypair *) (pk).pk_ctx )

Quick access to an EC context inside a PK context.

Warning:
You must make sure the PK context actually holds an EC context before using this macro!

Definition at line 79 of file pk.h.

Referenced by pk_genkey(), pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), pk_write_key_der(), pk_write_pubkey(), pk_write_pubkey_der(), ssl_key_matches_curves(), test_suite_pk_ec_test_vec(), test_suite_pk_parse_keyfile_ec(), and test_suite_pk_parse_public_keyfile_ec().

#define pk_rsa ( pk   )     ( (rsa_context *) (pk).pk_ctx )

Quick access to an RSA context inside a PK context.

Warning:
You must make sure the PK context actually holds an RSA context before using this macro!

Definition at line 69 of file pk.h.

Referenced by pk_genkey(), pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), pk_write_key_der(), pk_write_pubkey(), ssl_set_own_cert_rsa(), test_suite_pk_parse_keyfile_rsa(), test_suite_pk_parse_public_keyfile_rsa(), test_suite_pk_rsa_decrypt_test_vec(), test_suite_pk_rsa_encrypt_test_vec(), and test_suite_pk_rsa_verify_test_vec().

#define POLARSSL_ERR_PK_BAD_INPUT_DATA   -0x2E80

Bad input parameters to function.

Definition at line 49 of file pk.h.

Referenced by pk_debug(), pk_decrypt(), pk_encrypt(), pk_init_ctx(), pk_init_ctx_rsa_alt(), pk_parse_key_pkcs8_encrypted_der(), pk_sign(), pk_verify(), and polarssl_strerror().

#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE   -0x2980

Unavailable feature, e.g.

RSA disabled for RSA key.

Definition at line 59 of file pk.h.

Referenced by pk_parse_key_pkcs8_encrypted_der(), pk_write_key_der(), pk_write_key_pem(), pk_write_pubkey(), and polarssl_strerror().

#define POLARSSL_ERR_PK_FILE_IO_ERROR   -0x2E00

Read/write of file failed.

Definition at line 50 of file pk.h.

Referenced by load_file(), and polarssl_strerror().

#define POLARSSL_ERR_PK_INVALID_ALG   -0x2A80

The algorithm tag or value is invalid.

Definition at line 57 of file pk.h.

Referenced by pk_get_pk_alg(), polarssl_strerror(), and verify_int().

#define POLARSSL_ERR_PK_INVALID_PUBKEY   -0x2B00

The pubkey tag or value is invalid (only RSA and EC are supported).

Definition at line 56 of file pk.h.

Referenced by pk_get_ecpubkey(), pk_get_rsapubkey(), pk_parse_subpubkey(), polarssl_strerror(), and verify_int().

#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT   -0x2D00
#define POLARSSL_ERR_PK_KEY_INVALID_VERSION   -0x2D80

Unsupported key version.

Definition at line 51 of file pk.h.

Referenced by pk_parse_key_pkcs1_der(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_key_sec1_der(), and polarssl_strerror().

#define POLARSSL_ERR_PK_MALLOC_FAILED   -0x2F80

Memory alloation failed.

Definition at line 47 of file pk.h.

Referenced by load_file(), pk_init_ctx(), pk_init_ctx_rsa_alt(), and polarssl_strerror().

#define POLARSSL_ERR_PK_PASSWORD_MISMATCH   -0x2B80

Given private key password does not allow for correct decryption.

Definition at line 55 of file pk.h.

Referenced by pk_parse_key(), pk_parse_key_pkcs8_encrypted_der(), polarssl_strerror(), and verify_int().

#define POLARSSL_ERR_PK_PASSWORD_REQUIRED   -0x2C00

Private key password can't be empty.

Definition at line 54 of file pk.h.

Referenced by pk_parse_key(), pk_parse_key_pkcs8_encrypted_der(), polarssl_strerror(), and verify_int().

#define POLARSSL_ERR_PK_TYPE_MISMATCH   -0x2F00

Type mismatch, eg attempt to encrypt with an ECDSA key.

Definition at line 48 of file pk.h.

Referenced by pk_decrypt(), pk_encrypt(), pk_sign(), pk_verify(), polarssl_strerror(), test_suite_pk_ec_nocrypt(), and verify_int().

#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE   -0x2A00

Elliptic curve is unsupported (only NIST curves are supported).

Definition at line 58 of file pk.h.

Referenced by pk_use_ecparams(), and polarssl_strerror().

#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG   -0x2C80

Key algorithm is unsupported (only RSA and EC are supported).

Definition at line 53 of file pk.h.

Referenced by pk_get_pk_alg(), pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), polarssl_strerror(), and verify_int().

#define POLARSSL_PK_DEBUG_MAX_ITEMS   3

Maximum number of item send for debugging, plus 1.

Definition at line 120 of file pk.h.

Referenced by debug_print_pk().


Typedef Documentation

typedef int(* pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)

Types for RSA-alt abstraction.

Definition at line 186 of file pk.h.

typedef size_t(* pk_rsa_alt_key_len_func)(void *ctx)

Definition at line 193 of file pk.h.

typedef int(* pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, int hash_id, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)

Definition at line 189 of file pk.h.


Enumeration Type Documentation

Types for interfacing with the debug module.

Enumerator:
POLARSSL_PK_DEBUG_NONE 
POLARSSL_PK_DEBUG_MPI 
POLARSSL_PK_DEBUG_ECP 

Definition at line 102 of file pk.h.

enum pk_type_t

Public key types.

Enumerator:
POLARSSL_PK_NONE 
POLARSSL_PK_RSA 
POLARSSL_PK_ECKEY 
POLARSSL_PK_ECKEY_DH 
POLARSSL_PK_ECDSA 
POLARSSL_PK_RSA_ALT 

Definition at line 90 of file pk.h.


Function Documentation

int pk_can_do ( pk_context ctx,
pk_type_t  type 
)
int pk_debug ( const pk_context ctx,
pk_debug_item items 
)

Export debug information.

Parameters:
ctx Context to use
items Place to write debug items
Returns:
0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA

Definition at line 256 of file pk.c.

References pk_info_t::debug_func, pk_context::pk_ctx, pk_context::pk_info, and POLARSSL_ERR_PK_BAD_INPUT_DATA.

Referenced by debug_print_pk().

int pk_decrypt ( pk_context ctx,
const unsigned char *  input,
size_t  ilen,
unsigned char *  output,
size_t *  olen,
size_t  osize,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Decrypt message.

Parameters:
ctx PK context to use
input Input to decrypt
ilen Input size
output Decrypted output
olen Decrypted message length
osize Size of the output buffer
f_rng RNG function
p_rng RNG parameter
Returns:
0 on success, or a specific error code.

Definition at line 209 of file pk.c.

References pk_info_t::decrypt_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, and POLARSSL_ERR_PK_TYPE_MISMATCH.

Referenced by ssl_parse_encrypted_pms(), test_suite_pk_ec_nocrypt(), and test_suite_pk_rsa_decrypt_test_vec().

int pk_encrypt ( pk_context ctx,
const unsigned char *  input,
size_t  ilen,
unsigned char *  output,
size_t *  olen,
size_t  osize,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Encrypt message.

Parameters:
ctx PK context to use
input Message to encrypt
ilen Message size
output Encrypted output
olen Encrypted output length
osize Size of the output buffer
f_rng RNG function
p_rng RNG parameter
Returns:
0 on success, or a specific error code.

Definition at line 227 of file pk.c.

References pk_info_t::encrypt_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, and POLARSSL_ERR_PK_TYPE_MISMATCH.

Referenced by ssl_write_encrypted_pms(), test_suite_pk_ec_nocrypt(), and test_suite_pk_rsa_encrypt_test_vec().

void pk_free ( pk_context ctx  ) 
static size_t pk_get_len ( const pk_context ctx  )  [inline, static]

Get the length in bytes of the underlying key.

Parameters:
ctx Context to use
Returns:
Key length in bytes, or 0 on error

Definition at line 264 of file pk.h.

References pk_get_size().

Referenced by ssl_parse_encrypted_pms(), test_suite_pk_rsa_verify_test_vec(), and test_suite_pk_utils().

const char* pk_get_name ( const pk_context ctx  ) 

Access the type name.

Parameters:
ctx Context to use
Returns:
Type name on success, or "invalid PK"

Definition at line 268 of file pk.c.

References pk_info_t::name, and pk_context::pk_info.

Referenced by test_suite_pk_utils(), x509_crt_info(), and x509_csr_info().

size_t pk_get_size ( const pk_context ctx  ) 

Get the size in bits of the underlying key.

Parameters:
ctx Context to use
Returns:
Key size in bits, or 0 on error

Definition at line 245 of file pk.c.

References pk_info_t::get_size, pk_context::pk_ctx, and pk_context::pk_info.

Referenced by pk_get_len(), test_suite_pk_utils(), x509_crt_info(), and x509_csr_info().

pk_type_t pk_get_type ( const pk_context ctx  ) 

Get the key type.

Parameters:
ctx Context to use
Returns:
Type on success, or POLARSSL_PK_NONE

Definition at line 279 of file pk.c.

References pk_context::pk_info, POLARSSL_PK_NONE, and pk_info_t::type.

Referenced by pk_genkey(), pk_write_key_der(), pk_write_key_pem(), pk_write_pubkey(), pk_write_pubkey_der(), test_suite_pk_utils(), x509write_crt_der(), and x509write_csr_der().

const pk_info_t* pk_info_from_type ( pk_type_t  pk_type  ) 
void pk_init ( pk_context ctx  ) 
int pk_init_ctx ( pk_context ctx,
const pk_info_t info 
)

Initialize a PK context with the information given and allocates the type-specific PK subcontext.

Parameters:
ctx Context to initialize. Must be empty (type NONE).
info Information to use
Returns:
0 on success, POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input, POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure.
Note:
For contexts holding an RSA-alt key, use pk_init_ctx_rsa_alt() instead.

Definition at line 98 of file pk.c.

References pk_info_t::ctx_alloc_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, and POLARSSL_ERR_PK_MALLOC_FAILED.

Referenced by pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), ssl_set_own_cert_rsa(), test_suite_pk_ec_nocrypt(), test_suite_pk_ec_test_vec(), test_suite_pk_rsa_decrypt_test_vec(), test_suite_pk_rsa_encrypt_test_vec(), test_suite_pk_rsa_verify_test_vec(), test_suite_pk_sign_verify(), and test_suite_pk_utils().

int pk_init_ctx_rsa_alt ( pk_context ctx,
void *  key,
pk_rsa_alt_decrypt_func  decrypt_func,
pk_rsa_alt_sign_func  sign_func,
pk_rsa_alt_key_len_func  key_len_func 
)

Initialize an RSA-alt context.

Parameters:
ctx Context to initialize. Must be empty (type NONE).
key RSA key pointer
decrypt_func Decryption function
sign_func Signing function
key_len_func Function returning key length
Returns:
0 on success, or POLARSSL_ERR_PK_BAD_INPUT_DATA if the context wasn't already initialized as RSA_ALT.
Note:
This function replaces pk_init_ctx() for RSA-alt.

Definition at line 114 of file pk.c.

References pk_info_t::ctx_alloc_func, rsa_alt_context::decrypt_func, rsa_alt_context::key, rsa_alt_context::key_len_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, POLARSSL_ERR_PK_MALLOC_FAILED, rsa_alt_info, and rsa_alt_context::sign_func.

Referenced by ssl_set_own_cert_alt().

int pk_parse_key ( pk_context ctx,
const unsigned char *  key,
size_t  keylen,
const unsigned char *  pwd,
size_t  pwdlen 
)
int pk_parse_keyfile ( pk_context ctx,
const char *  path,
const char *  password 
)

Load and parse a private key.

Parameters:
ctx key to be initialized
path filename to read the private key from
password password to decrypt the file (can be NULL)
Returns:
0 if successful, or a specific PK or PEM error code

Definition at line 107 of file pkparse.c.

References load_file(), pk_parse_key(), and polarssl_free.

Referenced by test_suite_pk_parse_keyfile_ec(), test_suite_pk_parse_keyfile_rsa(), test_suite_pk_write_key_check(), test_suite_x509_crt_check(), and test_suite_x509_csr_check().

int pk_parse_public_key ( pk_context ctx,
const unsigned char *  key,
size_t  keylen 
)

Parse a public key.

Parameters:
ctx key to be initialized
key input buffer
keylen size of the buffer
Returns:
0 if successful, or a specific PK or PEM error code

Definition at line 926 of file pkparse.c.

References pem_context::buf, pem_context::buflen, pem_free(), pem_init(), pem_read_buffer(), pk_parse_subpubkey(), and POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT.

Referenced by pk_parse_public_keyfile().

int pk_parse_public_keyfile ( pk_context ctx,
const char *  path 
)

Load and parse a public key.

Parameters:
ctx key to be initialized
path filename to read the private key from
Returns:
0 if successful, or a specific PK or PEM error code

Definition at line 132 of file pkparse.c.

References load_file(), pk_parse_public_key(), and polarssl_free.

Referenced by test_suite_pk_parse_public_keyfile_ec(), test_suite_pk_parse_public_keyfile_rsa(), and test_suite_pk_write_pubkey_check().

int pk_parse_subpubkey ( unsigned char **  p,
const unsigned char *  end,
pk_context pk 
)
int pk_sign ( pk_context ctx,
md_type_t  md_alg,
const unsigned char *  hash,
size_t  hash_len,
unsigned char *  sig,
size_t *  sig_len,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Make signature.

Parameters:
ctx PK context to use
md_alg Hash algorithm used (see notes)
hash Hash of the message to sign
hash_len Hash length or 0 (see notes)
sig Place to write the signature
sig_len Number of bytes written
f_rng RNG function
p_rng RNG parameter
Returns:
0 on success, or a specific error code.
Note:
If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.
md_alg may be POLARSSL_MD_NONE, only if hash_len != 0

Definition at line 190 of file pk.c.

References pk_context::pk_ctx, pk_hashlen_helper(), pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, POLARSSL_ERR_PK_TYPE_MISMATCH, and pk_info_t::sign_func.

Referenced by ssl_write_certificate_verify(), ssl_write_server_key_exchange(), test_suite_pk_sign_verify(), x509write_crt_der(), and x509write_csr_der().

int pk_verify ( pk_context ctx,
md_type_t  md_alg,
const unsigned char *  hash,
size_t  hash_len,
const unsigned char *  sig,
size_t  sig_len 
)

Verify signature.

Parameters:
ctx PK context to use
md_alg Hash algorithm used (see notes)
hash Hash of the message to sign
hash_len Hash length or 0 (see notes)
sig Signature to verify
sig_len Signature length
Returns:
0 on success (signature is valid), or a specific error code.
Note:
If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.
md_alg may be POLARSSL_MD_NONE, only if hash_len != 0

Definition at line 172 of file pk.c.

References pk_context::pk_ctx, pk_hashlen_helper(), pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, POLARSSL_ERR_PK_TYPE_MISMATCH, and pk_info_t::verify_func.

Referenced by ssl_parse_certificate_verify(), ssl_parse_server_key_exchange(), test_suite_pk_ec_test_vec(), test_suite_pk_rsa_verify_test_vec(), test_suite_pk_sign_verify(), x509_crt_verify_child(), x509_crt_verify_top(), and x509_crt_verifycrl().

int pk_write_key_der ( pk_context pk,
unsigned char *  buf,
size_t  size 
)

Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.

Parameters:
key private to write away
buf buffer to write to
size size of the buffer
Returns:
length of data written if successful, or a specific error code

Definition at line 195 of file pkwrite.c.

References ASN1_BIT_STRING, ASN1_CHK_ADD, ASN1_CONSTRUCTED, ASN1_CONTEXT_SPECIFIC, ASN1_OCTET_STRING, ASN1_SEQUENCE, asn1_write_int(), asn1_write_len(), asn1_write_mpi(), asn1_write_tag(), ecp_keypair::d, rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::E, rsa_context::N, rsa_context::P, pk_ec, pk_get_type(), pk_rsa, pk_write_ec_param(), pk_write_ec_pubkey(), POLARSSL_ERR_ASN1_BUF_TOO_SMALL, POLARSSL_ERR_PK_FEATURE_UNAVAILABLE, POLARSSL_PK_ECKEY, POLARSSL_PK_RSA, rsa_context::Q, and rsa_context::QP.

Referenced by pk_write_key_pem().

int pk_write_key_pem ( pk_context key,
unsigned char *  buf,
size_t  size 
)

Write a private key to a PKCS#1 or SEC1 PEM string.

Parameters:
key private to write away
buf buffer to write to
size size of the buffer
Returns:
0 successful, or a specific error code

Definition at line 311 of file pkwrite.c.

References PEM_BEGIN_PRIVATE_KEY_EC, PEM_BEGIN_PRIVATE_KEY_RSA, PEM_END_PRIVATE_KEY_EC, PEM_END_PRIVATE_KEY_RSA, pem_write_buffer(), pk_get_type(), pk_write_key_der(), POLARSSL_ERR_PK_FEATURE_UNAVAILABLE, POLARSSL_PK_ECKEY, and POLARSSL_PK_RSA.

Referenced by test_suite_pk_write_key_check().

int pk_write_pubkey ( unsigned char **  p,
unsigned char *  start,
const pk_context key 
)

Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer.

Parameters:
p reference to current position pointer
start start of the buffer (for bounds-checking)
key public key to write away
Returns:
the length written or a negative error code

Definition at line 127 of file pkwrite.c.

References ASN1_CHK_ADD, pk_ec, pk_get_type(), pk_rsa, pk_write_ec_pubkey(), pk_write_rsa_pubkey(), POLARSSL_ERR_PK_FEATURE_UNAVAILABLE, POLARSSL_PK_ECKEY, and POLARSSL_PK_RSA.

Referenced by pk_write_pubkey_der(), x509write_crt_set_authority_key_identifier(), and x509write_crt_set_subject_key_identifier().

int pk_write_pubkey_der ( pk_context key,
unsigned char *  buf,
size_t  size 
)

Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.

Parameters:
key public key to write away
buf buffer to write to
size size of the buffer
Returns:
length of data written if successful, or a specific error code

Definition at line 148 of file pkwrite.c.

References ASN1_BIT_STRING, ASN1_CHK_ADD, ASN1_CONSTRUCTED, ASN1_SEQUENCE, asn1_write_algorithm_identifier(), asn1_write_len(), asn1_write_tag(), oid_get_oid_by_pk_alg(), pk_ec, pk_get_type(), pk_write_ec_param(), pk_write_pubkey(), POLARSSL_ERR_ASN1_BUF_TOO_SMALL, and POLARSSL_PK_ECKEY.

Referenced by pk_write_pubkey_pem(), x509write_crt_der(), and x509write_csr_der().

int pk_write_pubkey_pem ( pk_context key,
unsigned char *  buf,
size_t  size 
)

Write a public key to a PEM string.

Parameters:
key public key to write away
buf buffer to write to
size size of the buffer
Returns:
0 successful, or a specific error code

Definition at line 289 of file pkwrite.c.

References PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, pem_write_buffer(), and pk_write_pubkey_der().

Referenced by test_suite_pk_write_pubkey_check().


Generated on 9 Apr 2014 for PolarSSL v1.3.2 by  doxygen 1.6.1