Public Key abstraction layer. More...
#include "config.h"
#include "md.h"
#include "rsa.h"
#include "ecp.h"
#include "ecdsa.h"
Go to the source code of this file.
Data Structures | |
struct | pk_debug_item |
Item to send to the debug module. More... | |
struct | pk_info_t |
Public key information and operations. More... | |
struct | pk_context |
Public key container. More... | |
Defines | |
#define | POLARSSL_ERR_PK_MALLOC_FAILED -0x2F80 |
Memory alloation failed. | |
#define | POLARSSL_ERR_PK_TYPE_MISMATCH -0x2F00 |
Type mismatch, eg attempt to encrypt with an ECDSA key. | |
#define | POLARSSL_ERR_PK_BAD_INPUT_DATA -0x2E80 |
Bad input parameters to function. | |
#define | POLARSSL_ERR_PK_FILE_IO_ERROR -0x2E00 |
Read/write of file failed. | |
#define | POLARSSL_ERR_PK_KEY_INVALID_VERSION -0x2D80 |
Unsupported key version. | |
#define | POLARSSL_ERR_PK_KEY_INVALID_FORMAT -0x2D00 |
Invalid key tag or value. | |
#define | POLARSSL_ERR_PK_UNKNOWN_PK_ALG -0x2C80 |
Key algorithm is unsupported (only RSA and EC are supported). | |
#define | POLARSSL_ERR_PK_PASSWORD_REQUIRED -0x2C00 |
Private key password can't be empty. | |
#define | POLARSSL_ERR_PK_PASSWORD_MISMATCH -0x2B80 |
Given private key password does not allow for correct decryption. | |
#define | POLARSSL_ERR_PK_INVALID_PUBKEY -0x2B00 |
The pubkey tag or value is invalid (only RSA and EC are supported). | |
#define | POLARSSL_ERR_PK_INVALID_ALG -0x2A80 |
The algorithm tag or value is invalid. | |
#define | POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 |
Elliptic curve is unsupported (only NIST curves are supported). | |
#define | POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980 |
Unavailable feature, e.g. | |
#define | pk_rsa(pk) ( (rsa_context *) (pk).pk_ctx ) |
Quick access to an RSA context inside a PK context. | |
#define | pk_ec(pk) ( (ecp_keypair *) (pk).pk_ctx ) |
Quick access to an EC context inside a PK context. | |
#define | POLARSSL_PK_DEBUG_MAX_ITEMS 3 |
Maximum number of item send for debugging, plus 1. | |
Typedefs | |
typedef int(* | pk_rsa_alt_decrypt_func )(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
Types for RSA-alt abstraction. | |
typedef int(* | pk_rsa_alt_sign_func )(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, int hash_id, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
typedef size_t(* | pk_rsa_alt_key_len_func )(void *ctx) |
Enumerations | |
enum | pk_type_t { POLARSSL_PK_NONE = 0, POLARSSL_PK_RSA, POLARSSL_PK_ECKEY, POLARSSL_PK_ECKEY_DH, POLARSSL_PK_ECDSA, POLARSSL_PK_RSA_ALT } |
Public key types. More... | |
enum | pk_debug_type { POLARSSL_PK_DEBUG_NONE = 0, POLARSSL_PK_DEBUG_MPI, POLARSSL_PK_DEBUG_ECP } |
Types for interfacing with the debug module. More... | |
Functions | |
const pk_info_t * | pk_info_from_type (pk_type_t pk_type) |
Return information associated with the given PK type. | |
void | pk_init (pk_context *ctx) |
Initialize a pk_context (as NONE). | |
void | pk_free (pk_context *ctx) |
Free a pk_context. | |
int | pk_init_ctx (pk_context *ctx, const pk_info_t *info) |
Initialize a PK context with the information given and allocates the type-specific PK subcontext. | |
int | pk_init_ctx_rsa_alt (pk_context *ctx, void *key, pk_rsa_alt_decrypt_func decrypt_func, pk_rsa_alt_sign_func sign_func, pk_rsa_alt_key_len_func key_len_func) |
Initialize an RSA-alt context. | |
size_t | pk_get_size (const pk_context *ctx) |
Get the size in bits of the underlying key. | |
static size_t | pk_get_len (const pk_context *ctx) |
Get the length in bytes of the underlying key. | |
int | pk_can_do (pk_context *ctx, pk_type_t type) |
Tell if a context can do the operation given by type. | |
int | pk_verify (pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) |
Verify signature. | |
int | pk_sign (pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Make signature. | |
int | pk_decrypt (pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Decrypt message. | |
int | pk_encrypt (pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Encrypt message. | |
int | pk_debug (const pk_context *ctx, pk_debug_item *items) |
Export debug information. | |
const char * | pk_get_name (const pk_context *ctx) |
Access the type name. | |
pk_type_t | pk_get_type (const pk_context *ctx) |
Get the key type. | |
int | pk_parse_key (pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen) |
Parse a private key. | |
int | pk_parse_public_key (pk_context *ctx, const unsigned char *key, size_t keylen) |
Parse a public key. | |
int | pk_parse_keyfile (pk_context *ctx, const char *path, const char *password) |
Load and parse a private key. | |
int | pk_parse_public_keyfile (pk_context *ctx, const char *path) |
Load and parse a public key. | |
int | pk_write_key_der (pk_context *pk, unsigned char *buf, size_t size) |
Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. | |
int | pk_write_pubkey_der (pk_context *key, unsigned char *buf, size_t size) |
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. | |
int | pk_write_pubkey_pem (pk_context *key, unsigned char *buf, size_t size) |
Write a public key to a PEM string. | |
int | pk_write_key_pem (pk_context *key, unsigned char *buf, size_t size) |
Write a private key to a PKCS#1 or SEC1 PEM string. | |
int | pk_parse_subpubkey (unsigned char **p, const unsigned char *end, pk_context *pk) |
Parse a SubjectPublicKeyInfo DER structure. | |
int | pk_write_pubkey (unsigned char **p, unsigned char *start, const pk_context *key) |
Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer. |
Public Key abstraction layer.
Public Key abstraction layer: wrapper functions.
Copyright (C) 2006-2013, Brainspark B.V.
This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
All rights reserved.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Definition in file pk.h.
#define pk_ec | ( | pk | ) | ( (ecp_keypair *) (pk).pk_ctx ) |
Quick access to an EC context inside a PK context.
Definition at line 79 of file pk.h.
Referenced by pk_genkey(), pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), pk_write_key_der(), pk_write_pubkey(), pk_write_pubkey_der(), ssl_key_matches_curves(), test_suite_pk_ec_test_vec(), test_suite_pk_parse_keyfile_ec(), and test_suite_pk_parse_public_keyfile_ec().
#define pk_rsa | ( | pk | ) | ( (rsa_context *) (pk).pk_ctx ) |
Quick access to an RSA context inside a PK context.
Definition at line 69 of file pk.h.
Referenced by pk_genkey(), pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), pk_write_key_der(), pk_write_pubkey(), ssl_set_own_cert_rsa(), test_suite_pk_parse_keyfile_rsa(), test_suite_pk_parse_public_keyfile_rsa(), test_suite_pk_rsa_decrypt_test_vec(), test_suite_pk_rsa_encrypt_test_vec(), and test_suite_pk_rsa_verify_test_vec().
#define POLARSSL_ERR_PK_BAD_INPUT_DATA -0x2E80 |
Bad input parameters to function.
Definition at line 49 of file pk.h.
Referenced by pk_debug(), pk_decrypt(), pk_encrypt(), pk_init_ctx(), pk_init_ctx_rsa_alt(), pk_parse_key_pkcs8_encrypted_der(), pk_sign(), pk_verify(), and polarssl_strerror().
#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980 |
Unavailable feature, e.g.
RSA disabled for RSA key.
Definition at line 59 of file pk.h.
Referenced by pk_parse_key_pkcs8_encrypted_der(), pk_write_key_der(), pk_write_key_pem(), pk_write_pubkey(), and polarssl_strerror().
#define POLARSSL_ERR_PK_FILE_IO_ERROR -0x2E00 |
Read/write of file failed.
Definition at line 50 of file pk.h.
Referenced by load_file(), and polarssl_strerror().
#define POLARSSL_ERR_PK_INVALID_ALG -0x2A80 |
The algorithm tag or value is invalid.
Definition at line 57 of file pk.h.
Referenced by pk_get_pk_alg(), polarssl_strerror(), and verify_int().
#define POLARSSL_ERR_PK_INVALID_PUBKEY -0x2B00 |
The pubkey tag or value is invalid (only RSA and EC are supported).
Definition at line 56 of file pk.h.
Referenced by pk_get_ecpubkey(), pk_get_rsapubkey(), pk_parse_subpubkey(), polarssl_strerror(), and verify_int().
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT -0x2D00 |
Invalid key tag or value.
Definition at line 52 of file pk.h.
Referenced by pk_get_ecparams(), pk_parse_key(), pk_parse_key_pkcs1_der(), pk_parse_key_pkcs8_encrypted_der(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_key_sec1_der(), pk_parse_subpubkey(), pk_use_ecparams(), polarssl_strerror(), and verify_int().
#define POLARSSL_ERR_PK_KEY_INVALID_VERSION -0x2D80 |
Unsupported key version.
Definition at line 51 of file pk.h.
Referenced by pk_parse_key_pkcs1_der(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_key_sec1_der(), and polarssl_strerror().
#define POLARSSL_ERR_PK_MALLOC_FAILED -0x2F80 |
Memory alloation failed.
Definition at line 47 of file pk.h.
Referenced by load_file(), pk_init_ctx(), pk_init_ctx_rsa_alt(), and polarssl_strerror().
#define POLARSSL_ERR_PK_PASSWORD_MISMATCH -0x2B80 |
Given private key password does not allow for correct decryption.
Definition at line 55 of file pk.h.
Referenced by pk_parse_key(), pk_parse_key_pkcs8_encrypted_der(), polarssl_strerror(), and verify_int().
#define POLARSSL_ERR_PK_PASSWORD_REQUIRED -0x2C00 |
Private key password can't be empty.
Definition at line 54 of file pk.h.
Referenced by pk_parse_key(), pk_parse_key_pkcs8_encrypted_der(), polarssl_strerror(), and verify_int().
#define POLARSSL_ERR_PK_TYPE_MISMATCH -0x2F00 |
Type mismatch, eg attempt to encrypt with an ECDSA key.
Definition at line 48 of file pk.h.
Referenced by pk_decrypt(), pk_encrypt(), pk_sign(), pk_verify(), polarssl_strerror(), test_suite_pk_ec_nocrypt(), and verify_int().
#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 |
Elliptic curve is unsupported (only NIST curves are supported).
Definition at line 58 of file pk.h.
Referenced by pk_use_ecparams(), and polarssl_strerror().
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG -0x2C80 |
Key algorithm is unsupported (only RSA and EC are supported).
Definition at line 53 of file pk.h.
Referenced by pk_get_pk_alg(), pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), polarssl_strerror(), and verify_int().
#define POLARSSL_PK_DEBUG_MAX_ITEMS 3 |
Maximum number of item send for debugging, plus 1.
Definition at line 120 of file pk.h.
Referenced by debug_print_pk().
typedef int(* pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
typedef size_t(* pk_rsa_alt_key_len_func)(void *ctx) |
typedef int(* pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, int hash_id, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
enum pk_debug_type |
enum pk_type_t |
int pk_can_do | ( | pk_context * | ctx, | |
pk_type_t | type | |||
) |
Tell if a context can do the operation given by type.
ctx | Context to test | |
type | Target type |
Definition at line 143 of file pk.c.
References pk_info_t::can_do, and pk_context::pk_info.
Referenced by ssl_parse_certificate_request(), ssl_parse_certificate_verify(), ssl_parse_encrypted_pms(), ssl_parse_server_key_exchange(), ssl_pick_cert(), ssl_sig_from_pk(), ssl_write_certificate_verify(), ssl_write_encrypted_pms(), test_suite_pk_ec_test_vec(), test_suite_pk_parse_keyfile_ec(), test_suite_pk_parse_keyfile_rsa(), test_suite_pk_parse_public_keyfile_ec(), test_suite_pk_parse_public_keyfile_rsa(), test_suite_pk_utils(), x509_crt_verify_child(), x509_crt_verify_top(), and x509_crt_verifycrl().
int pk_debug | ( | const pk_context * | ctx, | |
pk_debug_item * | items | |||
) |
Export debug information.
ctx | Context to use | |
items | Place to write debug items |
Definition at line 256 of file pk.c.
References pk_info_t::debug_func, pk_context::pk_ctx, pk_context::pk_info, and POLARSSL_ERR_PK_BAD_INPUT_DATA.
Referenced by debug_print_pk().
int pk_decrypt | ( | pk_context * | ctx, | |
const unsigned char * | input, | |||
size_t | ilen, | |||
unsigned char * | output, | |||
size_t * | olen, | |||
size_t | osize, | |||
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng | |||
) |
Decrypt message.
ctx | PK context to use | |
input | Input to decrypt | |
ilen | Input size | |
output | Decrypted output | |
olen | Decrypted message length | |
osize | Size of the output buffer | |
f_rng | RNG function | |
p_rng | RNG parameter |
Definition at line 209 of file pk.c.
References pk_info_t::decrypt_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, and POLARSSL_ERR_PK_TYPE_MISMATCH.
Referenced by ssl_parse_encrypted_pms(), test_suite_pk_ec_nocrypt(), and test_suite_pk_rsa_decrypt_test_vec().
int pk_encrypt | ( | pk_context * | ctx, | |
const unsigned char * | input, | |||
size_t | ilen, | |||
unsigned char * | output, | |||
size_t * | olen, | |||
size_t | osize, | |||
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng | |||
) |
Encrypt message.
ctx | PK context to use | |
input | Message to encrypt | |
ilen | Message size | |
output | Encrypted output | |
olen | Encrypted output length | |
osize | Size of the output buffer | |
f_rng | RNG function | |
p_rng | RNG parameter |
Definition at line 227 of file pk.c.
References pk_info_t::encrypt_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, and POLARSSL_ERR_PK_TYPE_MISMATCH.
Referenced by ssl_write_encrypted_pms(), test_suite_pk_ec_nocrypt(), and test_suite_pk_rsa_encrypt_test_vec().
void pk_free | ( | pk_context * | ctx | ) |
Free a pk_context.
Definition at line 58 of file pk.c.
References pk_info_t::ctx_free_func, pk_context::pk_ctx, and pk_context::pk_info.
Referenced by pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), ssl_key_cert_free(), test_suite_pk_ec_nocrypt(), test_suite_pk_ec_test_vec(), test_suite_pk_parse_key_rsa(), test_suite_pk_parse_keyfile_ec(), test_suite_pk_parse_keyfile_rsa(), test_suite_pk_parse_public_keyfile_ec(), test_suite_pk_parse_public_keyfile_rsa(), test_suite_pk_rsa_decrypt_test_vec(), test_suite_pk_rsa_encrypt_test_vec(), test_suite_pk_rsa_verify_test_vec(), test_suite_pk_sign_verify(), test_suite_pk_utils(), test_suite_pk_write_key_check(), test_suite_pk_write_pubkey_check(), test_suite_x509_crt_check(), test_suite_x509_csr_check(), x509_crt_free(), and x509_csr_free().
static size_t pk_get_len | ( | const pk_context * | ctx | ) | [inline, static] |
Get the length in bytes of the underlying key.
ctx | Context to use |
Definition at line 264 of file pk.h.
References pk_get_size().
Referenced by ssl_parse_encrypted_pms(), test_suite_pk_rsa_verify_test_vec(), and test_suite_pk_utils().
const char* pk_get_name | ( | const pk_context * | ctx | ) |
Access the type name.
ctx | Context to use |
Definition at line 268 of file pk.c.
References pk_info_t::name, and pk_context::pk_info.
Referenced by test_suite_pk_utils(), x509_crt_info(), and x509_csr_info().
size_t pk_get_size | ( | const pk_context * | ctx | ) |
Get the size in bits of the underlying key.
ctx | Context to use |
Definition at line 245 of file pk.c.
References pk_info_t::get_size, pk_context::pk_ctx, and pk_context::pk_info.
Referenced by pk_get_len(), test_suite_pk_utils(), x509_crt_info(), and x509_csr_info().
pk_type_t pk_get_type | ( | const pk_context * | ctx | ) |
Get the key type.
ctx | Context to use |
Definition at line 279 of file pk.c.
References pk_context::pk_info, POLARSSL_PK_NONE, and pk_info_t::type.
Referenced by pk_genkey(), pk_write_key_der(), pk_write_key_pem(), pk_write_pubkey(), pk_write_pubkey_der(), test_suite_pk_utils(), x509write_crt_der(), and x509write_csr_der().
Return information associated with the given PK type.
pk_type | PK type to search for. |
Definition at line 72 of file pk.c.
References ecdsa_info, eckey_info, eckeydh_info, POLARSSL_PK_ECDSA, POLARSSL_PK_ECKEY, POLARSSL_PK_ECKEY_DH, POLARSSL_PK_RSA, and rsa_info.
Referenced by pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), ssl_set_own_cert_rsa(), test_suite_pk_ec_nocrypt(), test_suite_pk_ec_test_vec(), test_suite_pk_rsa_decrypt_test_vec(), test_suite_pk_rsa_encrypt_test_vec(), test_suite_pk_rsa_verify_test_vec(), test_suite_pk_sign_verify(), and test_suite_pk_utils().
void pk_init | ( | pk_context * | ctx | ) |
Initialize a pk_context (as NONE).
Definition at line 46 of file pk.c.
References pk_context::pk_ctx, and pk_context::pk_info.
Referenced by ssl_set_own_cert_alt(), ssl_set_own_cert_rsa(), test_suite_pk_ec_nocrypt(), test_suite_pk_ec_test_vec(), test_suite_pk_parse_key_rsa(), test_suite_pk_parse_keyfile_ec(), test_suite_pk_parse_keyfile_rsa(), test_suite_pk_parse_public_keyfile_ec(), test_suite_pk_parse_public_keyfile_rsa(), test_suite_pk_rsa_decrypt_test_vec(), test_suite_pk_rsa_encrypt_test_vec(), test_suite_pk_rsa_verify_test_vec(), test_suite_pk_sign_verify(), test_suite_pk_utils(), test_suite_pk_write_key_check(), test_suite_pk_write_pubkey_check(), test_suite_x509_crt_check(), and test_suite_x509_csr_check().
int pk_init_ctx | ( | pk_context * | ctx, | |
const pk_info_t * | info | |||
) |
Initialize a PK context with the information given and allocates the type-specific PK subcontext.
ctx | Context to initialize. Must be empty (type NONE). | |
info | Information to use |
pk_init_ctx_rsa_alt()
instead. Definition at line 98 of file pk.c.
References pk_info_t::ctx_alloc_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, and POLARSSL_ERR_PK_MALLOC_FAILED.
Referenced by pk_parse_key(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_subpubkey(), ssl_set_own_cert_rsa(), test_suite_pk_ec_nocrypt(), test_suite_pk_ec_test_vec(), test_suite_pk_rsa_decrypt_test_vec(), test_suite_pk_rsa_encrypt_test_vec(), test_suite_pk_rsa_verify_test_vec(), test_suite_pk_sign_verify(), and test_suite_pk_utils().
int pk_init_ctx_rsa_alt | ( | pk_context * | ctx, | |
void * | key, | |||
pk_rsa_alt_decrypt_func | decrypt_func, | |||
pk_rsa_alt_sign_func | sign_func, | |||
pk_rsa_alt_key_len_func | key_len_func | |||
) |
Initialize an RSA-alt context.
ctx | Context to initialize. Must be empty (type NONE). | |
key | RSA key pointer | |
decrypt_func | Decryption function | |
sign_func | Signing function | |
key_len_func | Function returning key length |
pk_init_ctx()
for RSA-alt. Definition at line 114 of file pk.c.
References pk_info_t::ctx_alloc_func, rsa_alt_context::decrypt_func, rsa_alt_context::key, rsa_alt_context::key_len_func, pk_context::pk_ctx, pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, POLARSSL_ERR_PK_MALLOC_FAILED, rsa_alt_info, and rsa_alt_context::sign_func.
Referenced by ssl_set_own_cert_alt().
int pk_parse_key | ( | pk_context * | ctx, | |
const unsigned char * | key, | |||
size_t | keylen, | |||
const unsigned char * | pwd, | |||
size_t | pwdlen | |||
) |
Parse a private key.
ctx | key to be initialized | |
key | input buffer | |
keylen | size of the buffer | |
pwd | password for decryption (optional) | |
pwdlen | size of the password |
Definition at line 759 of file pkparse.c.
References pem_context::buf, pem_context::buflen, pem_free(), pem_init(), pem_read_buffer(), pk_ec, pk_free(), pk_info_from_type(), pk_init_ctx(), pk_parse_key_pkcs1_der(), pk_parse_key_pkcs8_encrypted_der(), pk_parse_key_pkcs8_unencrypted_der(), pk_parse_key_sec1_der(), pk_rsa, POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, POLARSSL_ERR_PEM_PASSWORD_MISMATCH, POLARSSL_ERR_PEM_PASSWORD_REQUIRED, POLARSSL_ERR_PK_KEY_INVALID_FORMAT, POLARSSL_ERR_PK_PASSWORD_MISMATCH, POLARSSL_ERR_PK_PASSWORD_REQUIRED, POLARSSL_ERR_PK_UNKNOWN_PK_ALG, POLARSSL_PK_ECKEY, and POLARSSL_PK_RSA.
Referenced by pk_parse_keyfile(), and test_suite_pk_parse_key_rsa().
int pk_parse_keyfile | ( | pk_context * | ctx, | |
const char * | path, | |||
const char * | password | |||
) |
Load and parse a private key.
ctx | key to be initialized | |
path | filename to read the private key from | |
password | password to decrypt the file (can be NULL) |
Definition at line 107 of file pkparse.c.
References load_file(), pk_parse_key(), and polarssl_free.
Referenced by test_suite_pk_parse_keyfile_ec(), test_suite_pk_parse_keyfile_rsa(), test_suite_pk_write_key_check(), test_suite_x509_crt_check(), and test_suite_x509_csr_check().
int pk_parse_public_key | ( | pk_context * | ctx, | |
const unsigned char * | key, | |||
size_t | keylen | |||
) |
Parse a public key.
ctx | key to be initialized | |
key | input buffer | |
keylen | size of the buffer |
Definition at line 926 of file pkparse.c.
References pem_context::buf, pem_context::buflen, pem_free(), pem_init(), pem_read_buffer(), pk_parse_subpubkey(), and POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT.
Referenced by pk_parse_public_keyfile().
int pk_parse_public_keyfile | ( | pk_context * | ctx, | |
const char * | path | |||
) |
Load and parse a public key.
ctx | key to be initialized | |
path | filename to read the private key from |
Definition at line 132 of file pkparse.c.
References load_file(), pk_parse_public_key(), and polarssl_free.
Referenced by test_suite_pk_parse_public_keyfile_ec(), test_suite_pk_parse_public_keyfile_rsa(), and test_suite_pk_write_pubkey_check().
int pk_parse_subpubkey | ( | unsigned char ** | p, | |
const unsigned char * | end, | |||
pk_context * | pk | |||
) |
Parse a SubjectPublicKeyInfo DER structure.
p | the position in the ASN.1 data | |
end | end of the buffer | |
pk | the key to fill |
Definition at line 305 of file pkparse.c.
References ASN1_CONSTRUCTED, asn1_get_bitstring_null(), asn1_get_tag(), ASN1_SEQUENCE, pk_ec, pk_free(), pk_get_ecpubkey(), pk_get_pk_alg(), pk_get_rsapubkey(), pk_info_from_type(), pk_init_ctx(), pk_rsa, pk_use_ecparams(), POLARSSL_ERR_ASN1_LENGTH_MISMATCH, POLARSSL_ERR_PK_INVALID_PUBKEY, POLARSSL_ERR_PK_KEY_INVALID_FORMAT, POLARSSL_ERR_PK_UNKNOWN_PK_ALG, POLARSSL_PK_ECKEY, POLARSSL_PK_ECKEY_DH, POLARSSL_PK_NONE, and POLARSSL_PK_RSA.
Referenced by pk_parse_public_key(), x509_crt_parse_der_core(), and x509_csr_parse().
int pk_sign | ( | pk_context * | ctx, | |
md_type_t | md_alg, | |||
const unsigned char * | hash, | |||
size_t | hash_len, | |||
unsigned char * | sig, | |||
size_t * | sig_len, | |||
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng | |||
) |
Make signature.
ctx | PK context to use | |
md_alg | Hash algorithm used (see notes) | |
hash | Hash of the message to sign | |
hash_len | Hash length or 0 (see notes) | |
sig | Place to write the signature | |
sig_len | Number of bytes written | |
f_rng | RNG function | |
p_rng | RNG parameter |
Definition at line 190 of file pk.c.
References pk_context::pk_ctx, pk_hashlen_helper(), pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, POLARSSL_ERR_PK_TYPE_MISMATCH, and pk_info_t::sign_func.
Referenced by ssl_write_certificate_verify(), ssl_write_server_key_exchange(), test_suite_pk_sign_verify(), x509write_crt_der(), and x509write_csr_der().
int pk_verify | ( | pk_context * | ctx, | |
md_type_t | md_alg, | |||
const unsigned char * | hash, | |||
size_t | hash_len, | |||
const unsigned char * | sig, | |||
size_t | sig_len | |||
) |
Verify signature.
ctx | PK context to use | |
md_alg | Hash algorithm used (see notes) | |
hash | Hash of the message to sign | |
hash_len | Hash length or 0 (see notes) | |
sig | Signature to verify | |
sig_len | Signature length |
Definition at line 172 of file pk.c.
References pk_context::pk_ctx, pk_hashlen_helper(), pk_context::pk_info, POLARSSL_ERR_PK_BAD_INPUT_DATA, POLARSSL_ERR_PK_TYPE_MISMATCH, and pk_info_t::verify_func.
Referenced by ssl_parse_certificate_verify(), ssl_parse_server_key_exchange(), test_suite_pk_ec_test_vec(), test_suite_pk_rsa_verify_test_vec(), test_suite_pk_sign_verify(), x509_crt_verify_child(), x509_crt_verify_top(), and x509_crt_verifycrl().
int pk_write_key_der | ( | pk_context * | pk, | |
unsigned char * | buf, | |||
size_t | size | |||
) |
Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
key | private to write away | |
buf | buffer to write to | |
size | size of the buffer |
Definition at line 195 of file pkwrite.c.
References ASN1_BIT_STRING, ASN1_CHK_ADD, ASN1_CONSTRUCTED, ASN1_CONTEXT_SPECIFIC, ASN1_OCTET_STRING, ASN1_SEQUENCE, asn1_write_int(), asn1_write_len(), asn1_write_mpi(), asn1_write_tag(), ecp_keypair::d, rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::E, rsa_context::N, rsa_context::P, pk_ec, pk_get_type(), pk_rsa, pk_write_ec_param(), pk_write_ec_pubkey(), POLARSSL_ERR_ASN1_BUF_TOO_SMALL, POLARSSL_ERR_PK_FEATURE_UNAVAILABLE, POLARSSL_PK_ECKEY, POLARSSL_PK_RSA, rsa_context::Q, and rsa_context::QP.
Referenced by pk_write_key_pem().
int pk_write_key_pem | ( | pk_context * | key, | |
unsigned char * | buf, | |||
size_t | size | |||
) |
Write a private key to a PKCS#1 or SEC1 PEM string.
key | private to write away | |
buf | buffer to write to | |
size | size of the buffer |
Definition at line 311 of file pkwrite.c.
References PEM_BEGIN_PRIVATE_KEY_EC, PEM_BEGIN_PRIVATE_KEY_RSA, PEM_END_PRIVATE_KEY_EC, PEM_END_PRIVATE_KEY_RSA, pem_write_buffer(), pk_get_type(), pk_write_key_der(), POLARSSL_ERR_PK_FEATURE_UNAVAILABLE, POLARSSL_PK_ECKEY, and POLARSSL_PK_RSA.
Referenced by test_suite_pk_write_key_check().
int pk_write_pubkey | ( | unsigned char ** | p, | |
unsigned char * | start, | |||
const pk_context * | key | |||
) |
Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer.
p | reference to current position pointer | |
start | start of the buffer (for bounds-checking) | |
key | public key to write away |
Definition at line 127 of file pkwrite.c.
References ASN1_CHK_ADD, pk_ec, pk_get_type(), pk_rsa, pk_write_ec_pubkey(), pk_write_rsa_pubkey(), POLARSSL_ERR_PK_FEATURE_UNAVAILABLE, POLARSSL_PK_ECKEY, and POLARSSL_PK_RSA.
Referenced by pk_write_pubkey_der(), x509write_crt_set_authority_key_identifier(), and x509write_crt_set_subject_key_identifier().
int pk_write_pubkey_der | ( | pk_context * | key, | |
unsigned char * | buf, | |||
size_t | size | |||
) |
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
key | public key to write away | |
buf | buffer to write to | |
size | size of the buffer |
Definition at line 148 of file pkwrite.c.
References ASN1_BIT_STRING, ASN1_CHK_ADD, ASN1_CONSTRUCTED, ASN1_SEQUENCE, asn1_write_algorithm_identifier(), asn1_write_len(), asn1_write_tag(), oid_get_oid_by_pk_alg(), pk_ec, pk_get_type(), pk_write_ec_param(), pk_write_pubkey(), POLARSSL_ERR_ASN1_BUF_TOO_SMALL, and POLARSSL_PK_ECKEY.
Referenced by pk_write_pubkey_pem(), x509write_crt_der(), and x509write_csr_der().
int pk_write_pubkey_pem | ( | pk_context * | key, | |
unsigned char * | buf, | |||
size_t | size | |||
) |
Write a public key to a PEM string.
key | public key to write away | |
buf | buffer to write to | |
size | size of the buffer |
Definition at line 289 of file pkwrite.c.
References PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, pem_write_buffer(), and pk_write_pubkey_der().
Referenced by test_suite_pk_write_pubkey_check().