xref: /third_party/mbedtls/library/pk_wrap.h (revision a8e1175b) 
1/**
2 * \file pk_wrap.h
3 *
4 * \brief Public Key abstraction layer: wrapper functions
5 */
6/*
7 *  Copyright The Mbed TLS Contributors
8 *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9 */
10
11#ifndef MBEDTLS_PK_WRAP_H
12#define MBEDTLS_PK_WRAP_H
13
14#include "mbedtls/build_info.h"
15
16#include "mbedtls/pk.h"
17
18#if defined(MBEDTLS_USE_PSA_CRYPTO)
19#include "psa/crypto.h"
20#endif
21
22struct mbedtls_pk_info_t {
23    /** Public key type */
24    mbedtls_pk_type_t type;
25
26    /** Type name */
27    const char *name;
28
29    /** Get key size in bits */
30    size_t (*get_bitlen)(mbedtls_pk_context *pk);
31
32    /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
33    int (*can_do)(mbedtls_pk_type_t type);
34
35    /** Verify signature */
36    int (*verify_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
37                       const unsigned char *hash, size_t hash_len,
38                       const unsigned char *sig, size_t sig_len);
39
40    /** Make signature */
41    int (*sign_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
42                     const unsigned char *hash, size_t hash_len,
43                     unsigned char *sig, size_t sig_size, size_t *sig_len,
44                     int (*f_rng)(void *, unsigned char *, size_t),
45                     void *p_rng);
46
47#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
48    /** Verify signature (restartable) */
49    int (*verify_rs_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
50                          const unsigned char *hash, size_t hash_len,
51                          const unsigned char *sig, size_t sig_len,
52                          void *rs_ctx);
53
54    /** Make signature (restartable) */
55    int (*sign_rs_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
56                        const unsigned char *hash, size_t hash_len,
57                        unsigned char *sig, size_t sig_size, size_t *sig_len,
58                        int (*f_rng)(void *, unsigned char *, size_t),
59                        void *p_rng, void *rs_ctx);
60#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
61
62    /** Decrypt message */
63    int (*decrypt_func)(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen,
64                        unsigned char *output, size_t *olen, size_t osize,
65                        int (*f_rng)(void *, unsigned char *, size_t),
66                        void *p_rng);
67
68    /** Encrypt message */
69    int (*encrypt_func)(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen,
70                        unsigned char *output, size_t *olen, size_t osize,
71                        int (*f_rng)(void *, unsigned char *, size_t),
72                        void *p_rng);
73
74    /** Check public-private key pair */
75    int (*check_pair_func)(mbedtls_pk_context *pub, mbedtls_pk_context *prv,
76                           int (*f_rng)(void *, unsigned char *, size_t),
77                           void *p_rng);
78
79    /** Allocate a new context */
80    void * (*ctx_alloc_func)(void);
81
82    /** Free the given context */
83    void (*ctx_free_func)(void *ctx);
84
85#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
86    /** Allocate the restart context */
87    void *(*rs_alloc_func)(void);
88
89    /** Free the restart context */
90    void (*rs_free_func)(void *rs_ctx);
91#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
92
93    /** Interface with the debug module */
94    void (*debug_func)(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items);
95
96};
97#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
98/* Container for RSA-alt */
99typedef struct {
100    void *key;
101    mbedtls_pk_rsa_alt_decrypt_func decrypt_func;
102    mbedtls_pk_rsa_alt_sign_func sign_func;
103    mbedtls_pk_rsa_alt_key_len_func key_len_func;
104} mbedtls_rsa_alt_context;
105#endif
106
107#if defined(MBEDTLS_RSA_C)
108extern const mbedtls_pk_info_t mbedtls_rsa_info;
109#endif
110
111#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
112extern const mbedtls_pk_info_t mbedtls_eckey_info;
113extern const mbedtls_pk_info_t mbedtls_eckeydh_info;
114#endif
115
116#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
117extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
118#endif
119
120#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
121extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
122#endif
123
124#if defined(MBEDTLS_USE_PSA_CRYPTO)
125extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info;
126extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info;
127
128#if defined(MBEDTLS_RSA_C)
129int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md,
130                                mbedtls_rsa_context *rsa_ctx,
131                                const unsigned char *hash, size_t hash_len,
132                                unsigned char *sig, size_t sig_size,
133                                size_t *sig_len);
134#endif /* MBEDTLS_RSA_C */
135
136#endif /* MBEDTLS_USE_PSA_CRYPTO */
137
138#endif /* MBEDTLS_PK_WRAP_H */
139