132b31808SJens Wiklander /** 232b31808SJens Wiklander * \file pk_wrap.h 332b31808SJens Wiklander * 432b31808SJens Wiklander * \brief Public Key abstraction layer: wrapper functions 532b31808SJens Wiklander */ 632b31808SJens Wiklander /* 732b31808SJens Wiklander * Copyright The Mbed TLS Contributors 8*b0563631STom Van Eyck * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 932b31808SJens Wiklander */ 1032b31808SJens Wiklander 1132b31808SJens Wiklander #ifndef MBEDTLS_PK_WRAP_H 1232b31808SJens Wiklander #define MBEDTLS_PK_WRAP_H 1332b31808SJens Wiklander 1432b31808SJens Wiklander #include "mbedtls/build_info.h" 1532b31808SJens Wiklander 1632b31808SJens Wiklander #include "mbedtls/pk.h" 1732b31808SJens Wiklander 18*b0563631STom Van Eyck #if defined(MBEDTLS_USE_PSA_CRYPTO) 1932b31808SJens Wiklander #include "psa/crypto.h" 20*b0563631STom Van Eyck #endif 2132b31808SJens Wiklander 2232b31808SJens Wiklander struct mbedtls_pk_info_t { 2332b31808SJens Wiklander /** Public key type */ 2432b31808SJens Wiklander mbedtls_pk_type_t type; 2532b31808SJens Wiklander 2632b31808SJens Wiklander /** Type name */ 2732b31808SJens Wiklander const char *name; 2832b31808SJens Wiklander 2932b31808SJens Wiklander /** Get key size in bits */ 30*b0563631STom Van Eyck size_t (*get_bitlen)(mbedtls_pk_context *pk); 3132b31808SJens Wiklander 3232b31808SJens Wiklander /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ 3332b31808SJens Wiklander int (*can_do)(mbedtls_pk_type_t type); 3432b31808SJens Wiklander 3532b31808SJens Wiklander /** Verify signature */ 36*b0563631STom Van Eyck int (*verify_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, 3732b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 3832b31808SJens Wiklander const unsigned char *sig, size_t sig_len); 3932b31808SJens Wiklander 4032b31808SJens Wiklander /** Make signature */ 41*b0563631STom Van Eyck int (*sign_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, 4232b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 4332b31808SJens Wiklander unsigned char *sig, size_t sig_size, size_t *sig_len, 4432b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 4532b31808SJens Wiklander void *p_rng); 4632b31808SJens Wiklander 4732b31808SJens Wiklander #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 4832b31808SJens Wiklander /** Verify signature (restartable) */ 49*b0563631STom Van Eyck int (*verify_rs_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, 5032b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 5132b31808SJens Wiklander const unsigned char *sig, size_t sig_len, 5232b31808SJens Wiklander void *rs_ctx); 5332b31808SJens Wiklander 5432b31808SJens Wiklander /** Make signature (restartable) */ 55*b0563631STom Van Eyck int (*sign_rs_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, 5632b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 5732b31808SJens Wiklander unsigned char *sig, size_t sig_size, size_t *sig_len, 5832b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 5932b31808SJens Wiklander void *p_rng, void *rs_ctx); 6032b31808SJens Wiklander #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 6132b31808SJens Wiklander 6232b31808SJens Wiklander /** Decrypt message */ 63*b0563631STom Van Eyck int (*decrypt_func)(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, 6432b31808SJens Wiklander unsigned char *output, size_t *olen, size_t osize, 6532b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 6632b31808SJens Wiklander void *p_rng); 6732b31808SJens Wiklander 6832b31808SJens Wiklander /** Encrypt message */ 69*b0563631STom Van Eyck int (*encrypt_func)(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, 7032b31808SJens Wiklander unsigned char *output, size_t *olen, size_t osize, 7132b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 7232b31808SJens Wiklander void *p_rng); 7332b31808SJens Wiklander 7432b31808SJens Wiklander /** Check public-private key pair */ 75*b0563631STom Van Eyck int (*check_pair_func)(mbedtls_pk_context *pub, mbedtls_pk_context *prv, 7632b31808SJens Wiklander int (*f_rng)(void *, unsigned char *, size_t), 7732b31808SJens Wiklander void *p_rng); 7832b31808SJens Wiklander 7932b31808SJens Wiklander /** Allocate a new context */ 8032b31808SJens Wiklander void * (*ctx_alloc_func)(void); 8132b31808SJens Wiklander 8232b31808SJens Wiklander /** Free the given context */ 8332b31808SJens Wiklander void (*ctx_free_func)(void *ctx); 8432b31808SJens Wiklander 8532b31808SJens Wiklander #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 8632b31808SJens Wiklander /** Allocate the restart context */ 8732b31808SJens Wiklander void *(*rs_alloc_func)(void); 8832b31808SJens Wiklander 8932b31808SJens Wiklander /** Free the restart context */ 9032b31808SJens Wiklander void (*rs_free_func)(void *rs_ctx); 9132b31808SJens Wiklander #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 9232b31808SJens Wiklander 9332b31808SJens Wiklander /** Interface with the debug module */ 94*b0563631STom Van Eyck void (*debug_func)(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items); 9532b31808SJens Wiklander 9632b31808SJens Wiklander }; 9732b31808SJens Wiklander #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 9832b31808SJens Wiklander /* Container for RSA-alt */ 9932b31808SJens Wiklander typedef struct { 10032b31808SJens Wiklander void *key; 10132b31808SJens Wiklander mbedtls_pk_rsa_alt_decrypt_func decrypt_func; 10232b31808SJens Wiklander mbedtls_pk_rsa_alt_sign_func sign_func; 10332b31808SJens Wiklander mbedtls_pk_rsa_alt_key_len_func key_len_func; 10432b31808SJens Wiklander } mbedtls_rsa_alt_context; 10532b31808SJens Wiklander #endif 10632b31808SJens Wiklander 10732b31808SJens Wiklander #if defined(MBEDTLS_RSA_C) 10832b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_rsa_info; 10932b31808SJens Wiklander #endif 11032b31808SJens Wiklander 111*b0563631STom Van Eyck #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) 11232b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_eckey_info; 11332b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_eckeydh_info; 11432b31808SJens Wiklander #endif 11532b31808SJens Wiklander 11632b31808SJens Wiklander #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) 11732b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_ecdsa_info; 11832b31808SJens Wiklander #endif 11932b31808SJens Wiklander 12032b31808SJens Wiklander #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 12132b31808SJens Wiklander extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; 12232b31808SJens Wiklander #endif 12332b31808SJens Wiklander 12432b31808SJens Wiklander #if defined(MBEDTLS_USE_PSA_CRYPTO) 125*b0563631STom Van Eyck extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info; 126*b0563631STom Van Eyck extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info; 12732b31808SJens Wiklander 12832b31808SJens Wiklander #if defined(MBEDTLS_RSA_C) 12932b31808SJens Wiklander int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, 13032b31808SJens Wiklander mbedtls_rsa_context *rsa_ctx, 13132b31808SJens Wiklander const unsigned char *hash, size_t hash_len, 13232b31808SJens Wiklander unsigned char *sig, size_t sig_size, 13332b31808SJens Wiklander size_t *sig_len); 13432b31808SJens Wiklander #endif /* MBEDTLS_RSA_C */ 13532b31808SJens Wiklander 136*b0563631STom Van Eyck #endif /* MBEDTLS_USE_PSA_CRYPTO */ 13732b31808SJens Wiklander 13832b31808SJens Wiklander #endif /* MBEDTLS_PK_WRAP_H */ 139