1*32b31808SJens Wiklander /** 2*32b31808SJens Wiklander * \file pk_wrap.h 3*32b31808SJens Wiklander * 4*32b31808SJens Wiklander * \brief Public Key abstraction layer: wrapper functions 5*32b31808SJens Wiklander */ 6*32b31808SJens Wiklander /* 7*32b31808SJens Wiklander * Copyright The Mbed TLS Contributors 8*32b31808SJens Wiklander * SPDX-License-Identifier: Apache-2.0 9*32b31808SJens Wiklander * 10*32b31808SJens Wiklander * Licensed under the Apache License, Version 2.0 (the "License"); you may 11*32b31808SJens Wiklander * not use this file except in compliance with the License. 12*32b31808SJens Wiklander * You may obtain a copy of the License at 13*32b31808SJens Wiklander * 14*32b31808SJens Wiklander * http://www.apache.org/licenses/LICENSE-2.0 15*32b31808SJens Wiklander * 16*32b31808SJens Wiklander * Unless required by applicable law or agreed to in writing, software 17*32b31808SJens Wiklander * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 18*32b31808SJens Wiklander * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19*32b31808SJens Wiklander * See the License for the specific language governing permissions and 20*32b31808SJens Wiklander * limitations under the License. 21*32b31808SJens Wiklander */ 22*32b31808SJens Wiklander 23*32b31808SJens Wiklander #ifndef MBEDTLS_PK_WRAP_H 24*32b31808SJens Wiklander #define MBEDTLS_PK_WRAP_H 25*32b31808SJens Wiklander 26*32b31808SJens Wiklander #include "mbedtls/build_info.h" 27*32b31808SJens Wiklander 28*32b31808SJens Wiklander #include "mbedtls/pk.h" 29*32b31808SJens Wiklander 30*32b31808SJens Wiklander #if defined(MBEDTLS_PSA_CRYPTO_C) 31*32b31808SJens Wiklander #include "psa/crypto.h" 32*32b31808SJens Wiklander #endif /* MBEDTLS_PSA_CRYPTO_C */ 33*32b31808SJens Wiklander 34*32b31808SJens Wiklander struct mbedtls_pk_info_t { 35*32b31808SJens Wiklander /** Public key type */ 36*32b31808SJens Wiklander mbedtls_pk_type_t type; 37*32b31808SJens Wiklander 38*32b31808SJens Wiklander /** Type name */ 39*32b31808SJens Wiklander const char *name; 40*32b31808SJens Wiklander 41*32b31808SJens Wiklander /** Get key size in bits */ 42*32b31808SJens Wiklander size_t (*get_bitlen)(const void *); 43*32b31808SJens Wiklander 44*32b31808SJens Wiklander /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ 45*32b31808SJens Wiklander int (*can_do)(mbedtls_pk_type_t type); 46*32b31808SJens Wiklander 47*32b31808SJens Wiklander /** Verify signature */ 48*32b31808SJens Wiklander int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg, 49*32b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 50*32b31808SJens Wiklander const unsigned char *sig, size_t sig_len); 51*32b31808SJens Wiklander 52*32b31808SJens Wiklander /** Make signature */ 53*32b31808SJens Wiklander int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg, 54*32b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 55*32b31808SJens Wiklander unsigned char *sig, size_t sig_size, size_t *sig_len, 56*32b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 57*32b31808SJens Wiklander void *p_rng); 58*32b31808SJens Wiklander 59*32b31808SJens Wiklander #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 60*32b31808SJens Wiklander /** Verify signature (restartable) */ 61*32b31808SJens Wiklander int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg, 62*32b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 63*32b31808SJens Wiklander const unsigned char *sig, size_t sig_len, 64*32b31808SJens Wiklander void *rs_ctx); 65*32b31808SJens Wiklander 66*32b31808SJens Wiklander /** Make signature (restartable) */ 67*32b31808SJens Wiklander int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg, 68*32b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 69*32b31808SJens Wiklander unsigned char *sig, size_t sig_size, size_t *sig_len, 70*32b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 71*32b31808SJens Wiklander void *p_rng, void *rs_ctx); 72*32b31808SJens Wiklander #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 73*32b31808SJens Wiklander 74*32b31808SJens Wiklander /** Decrypt message */ 75*32b31808SJens Wiklander int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, 76*32b31808SJens Wiklander unsigned char *output, size_t *olen, size_t osize, 77*32b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 78*32b31808SJens Wiklander void *p_rng); 79*32b31808SJens Wiklander 80*32b31808SJens Wiklander /** Encrypt message */ 81*32b31808SJens Wiklander int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, 82*32b31808SJens Wiklander unsigned char *output, size_t *olen, size_t osize, 83*32b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 84*32b31808SJens Wiklander void *p_rng); 85*32b31808SJens Wiklander 86*32b31808SJens Wiklander /** Check public-private key pair */ 87*32b31808SJens Wiklander int (*check_pair_func)(const void *pub, const void *prv, 88*32b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 89*32b31808SJens Wiklander void *p_rng); 90*32b31808SJens Wiklander 91*32b31808SJens Wiklander /** Allocate a new context */ 92*32b31808SJens Wiklander void * (*ctx_alloc_func)(void); 93*32b31808SJens Wiklander 94*32b31808SJens Wiklander /** Free the given context */ 95*32b31808SJens Wiklander void (*ctx_free_func)(void *ctx); 96*32b31808SJens Wiklander 97*32b31808SJens Wiklander #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 98*32b31808SJens Wiklander /** Allocate the restart context */ 99*32b31808SJens Wiklander void *(*rs_alloc_func)(void); 100*32b31808SJens Wiklander 101*32b31808SJens Wiklander /** Free the restart context */ 102*32b31808SJens Wiklander void (*rs_free_func)(void *rs_ctx); 103*32b31808SJens Wiklander #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 104*32b31808SJens Wiklander 105*32b31808SJens Wiklander /** Interface with the debug module */ 106*32b31808SJens Wiklander void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items); 107*32b31808SJens Wiklander 108*32b31808SJens Wiklander }; 109*32b31808SJens Wiklander #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 110*32b31808SJens Wiklander /* Container for RSA-alt */ 111*32b31808SJens Wiklander typedef struct { 112*32b31808SJens Wiklander void *key; 113*32b31808SJens Wiklander mbedtls_pk_rsa_alt_decrypt_func decrypt_func; 114*32b31808SJens Wiklander mbedtls_pk_rsa_alt_sign_func sign_func; 115*32b31808SJens Wiklander mbedtls_pk_rsa_alt_key_len_func key_len_func; 116*32b31808SJens Wiklander } mbedtls_rsa_alt_context; 117*32b31808SJens Wiklander #endif 118*32b31808SJens Wiklander 119*32b31808SJens Wiklander #if defined(MBEDTLS_RSA_C) 120*32b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_rsa_info; 121*32b31808SJens Wiklander #endif 122*32b31808SJens Wiklander 123*32b31808SJens Wiklander #if defined(MBEDTLS_ECP_C) 124*32b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_eckey_info; 125*32b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_eckeydh_info; 126*32b31808SJens Wiklander #endif 127*32b31808SJens Wiklander 128*32b31808SJens Wiklander #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) 129*32b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_ecdsa_info; 130*32b31808SJens Wiklander #endif 131*32b31808SJens Wiklander 132*32b31808SJens Wiklander #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 133*32b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; 134*32b31808SJens Wiklander #endif 135*32b31808SJens Wiklander 136*32b31808SJens Wiklander #if defined(MBEDTLS_USE_PSA_CRYPTO) 137*32b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info; 138*32b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info; 139*32b31808SJens Wiklander 140*32b31808SJens Wiklander #if !defined(MBEDTLS_DEPRECATED_REMOVED) 141*32b31808SJens Wiklander #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 142*32b31808SJens Wiklander int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); 143*32b31808SJens Wiklander #endif 144*32b31808SJens Wiklander #endif 145*32b31808SJens Wiklander 146*32b31808SJens Wiklander #endif /* MBEDTLS_USE_PSA_CRYPTO */ 147*32b31808SJens Wiklander 148*32b31808SJens Wiklander #if defined(MBEDTLS_PSA_CRYPTO_C) 149*32b31808SJens Wiklander #if !defined(MBEDTLS_DEPRECATED_REMOVED) 150*32b31808SJens Wiklander int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status); 151*32b31808SJens Wiklander 152*32b31808SJens Wiklander #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ 153*32b31808SJens Wiklander defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) 154*32b31808SJens Wiklander int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status); 155*32b31808SJens Wiklander #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ 156*32b31808SJens Wiklander #endif /* !MBEDTLS_DEPRECATED_REMOVED */ 157*32b31808SJens Wiklander 158*32b31808SJens Wiklander #if defined(MBEDTLS_RSA_C) 159*32b31808SJens Wiklander int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, 160*32b31808SJens Wiklander mbedtls_rsa_context *rsa_ctx, 161*32b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 162*32b31808SJens Wiklander unsigned char *sig, size_t sig_size, 163*32b31808SJens Wiklander size_t *sig_len); 164*32b31808SJens Wiklander #endif /* MBEDTLS_RSA_C */ 165*32b31808SJens Wiklander 166*32b31808SJens Wiklander #endif /* MBEDTLS_PSA_CRYPTO_C */ 167*32b31808SJens Wiklander 168*32b31808SJens Wiklander #endif /* MBEDTLS_PK_WRAP_H */ 169