PolarSSL v1.3.4
pk.c
Go to the documentation of this file.
1 /*
2  * Public Key abstraction layer
3  *
4  * Copyright (C) 2006-2013, Brainspark B.V.
5  *
6  * This file is part of PolarSSL (http://www.polarssl.org)
7  * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8  *
9  * All rights reserved.
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License along
22  * with this program; if not, write to the Free Software Foundation, Inc.,
23  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24  */
25 
26 #include "polarssl/config.h"
27 
28 #if defined(POLARSSL_PK_C)
29 
30 #include "polarssl/pk.h"
31 #include "polarssl/pk_wrap.h"
32 
33 #if defined(POLARSSL_RSA_C)
34 #include "polarssl/rsa.h"
35 #endif
36 #if defined(POLARSSL_ECP_C)
37 #include "polarssl/ecp.h"
38 #endif
39 #if defined(POLARSSL_ECDSA_C)
40 #include "polarssl/ecdsa.h"
41 #endif
42 
43 /*
44  * Initialise a pk_context
45  */
46 void pk_init( pk_context *ctx )
47 {
48  if( ctx == NULL )
49  return;
50 
51  ctx->pk_info = NULL;
52  ctx->pk_ctx = NULL;
53 }
54 
55 /*
56  * Free (the components of) a pk_context
57  */
58 void pk_free( pk_context *ctx )
59 {
60  if( ctx == NULL || ctx->pk_info == NULL)
61  return;
62 
63  ctx->pk_info->ctx_free_func( ctx->pk_ctx );
64  ctx->pk_ctx = NULL;
65 
66  ctx->pk_info = NULL;
67 }
68 
69 /*
70  * Get pk_info structure from type
71  */
72 const pk_info_t * pk_info_from_type( pk_type_t pk_type )
73 {
74  switch( pk_type ) {
75 #if defined(POLARSSL_RSA_C)
76  case POLARSSL_PK_RSA:
77  return &rsa_info;
78 #endif
79 #if defined(POLARSSL_ECP_C)
80  case POLARSSL_PK_ECKEY:
81  return &eckey_info;
83  return &eckeydh_info;
84 #endif
85 #if defined(POLARSSL_ECDSA_C)
86  case POLARSSL_PK_ECDSA:
87  return &ecdsa_info;
88 #endif
89  /* POLARSSL_PK_RSA_ALT ommited on purpose */
90  default:
91  return NULL;
92  }
93 }
94 
95 /*
96  * Initialise context
97  */
98 int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
99 {
100  if( ctx == NULL || info == NULL || ctx->pk_info != NULL )
102 
103  if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
105 
106  ctx->pk_info = info;
107 
108  return( 0 );
109 }
110 
111 /*
112  * Initialize an RSA-alt context
113  */
114 int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
115  pk_rsa_alt_decrypt_func decrypt_func,
116  pk_rsa_alt_sign_func sign_func,
117  pk_rsa_alt_key_len_func key_len_func )
118 {
119  rsa_alt_context *rsa_alt;
120  const pk_info_t *info = &rsa_alt_info;
121 
122  if( ctx == NULL || ctx->pk_info != NULL )
124 
125  if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
127 
128  ctx->pk_info = info;
129 
130  rsa_alt = (rsa_alt_context *) ctx->pk_ctx;
131 
132  rsa_alt->key = key;
133  rsa_alt->decrypt_func = decrypt_func;
134  rsa_alt->sign_func = sign_func;
135  rsa_alt->key_len_func = key_len_func;
136 
137  return( 0 );
138 }
139 
140 /*
141  * Tell if a PK can do the operations of the given type
142  */
143 int pk_can_do( pk_context *ctx, pk_type_t type )
144 {
145  /* null or NONE context can't do anything */
146  if( ctx == NULL || ctx->pk_info == NULL )
147  return( 0 );
148 
149  return( ctx->pk_info->can_do( type ) );
150 }
151 
152 /*
153  * Helper for pk_sign and pk_verify
154  */
155 static inline int pk_hashlen_helper( md_type_t md_alg, size_t *hash_len )
156 {
157  const md_info_t *md_info;
158 
159  if( *hash_len != 0 )
160  return( 0 );
161 
162  if( ( md_info = md_info_from_type( md_alg ) ) == NULL )
163  return( -1 );
164 
165  *hash_len = md_info->size;
166  return( 0 );
167 }
168 
169 /*
170  * Verify a signature
171  */
172 int pk_verify( pk_context *ctx, md_type_t md_alg,
173  const unsigned char *hash, size_t hash_len,
174  const unsigned char *sig, size_t sig_len )
175 {
176  if( ctx == NULL || ctx->pk_info == NULL ||
177  pk_hashlen_helper( md_alg, &hash_len ) != 0 )
179 
180  if( ctx->pk_info->verify_func == NULL )
182 
183  return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
184  sig, sig_len ) );
185 }
186 
187 /*
188  * Make a signature
189  */
190 int pk_sign( pk_context *ctx, md_type_t md_alg,
191  const unsigned char *hash, size_t hash_len,
192  unsigned char *sig, size_t *sig_len,
193  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
194 {
195  if( ctx == NULL || ctx->pk_info == NULL ||
196  pk_hashlen_helper( md_alg, &hash_len ) != 0 )
198 
199  if( ctx->pk_info->sign_func == NULL )
201 
202  return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
203  sig, sig_len, f_rng, p_rng ) );
204 }
205 
206 /*
207  * Decrypt message
208  */
209 int pk_decrypt( pk_context *ctx,
210  const unsigned char *input, size_t ilen,
211  unsigned char *output, size_t *olen, size_t osize,
212  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
213 {
214  if( ctx == NULL || ctx->pk_info == NULL )
216 
217  if( ctx->pk_info->decrypt_func == NULL )
219 
220  return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
221  output, olen, osize, f_rng, p_rng ) );
222 }
223 
224 /*
225  * Encrypt message
226  */
227 int pk_encrypt( pk_context *ctx,
228  const unsigned char *input, size_t ilen,
229  unsigned char *output, size_t *olen, size_t osize,
230  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
231 {
232  if( ctx == NULL || ctx->pk_info == NULL )
234 
235  if( ctx->pk_info->encrypt_func == NULL )
237 
238  return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
239  output, olen, osize, f_rng, p_rng ) );
240 }
241 
242 /*
243  * Get key size in bits
244  */
245 size_t pk_get_size( const pk_context *ctx )
246 {
247  if( ctx == NULL || ctx->pk_info == NULL )
248  return( 0 );
249 
250  return( ctx->pk_info->get_size( ctx->pk_ctx ) );
251 }
252 
253 /*
254  * Export debug information
255  */
256 int pk_debug( const pk_context *ctx, pk_debug_item *items )
257 {
258  if( ctx == NULL || ctx->pk_info == NULL )
260 
261  ctx->pk_info->debug_func( ctx->pk_ctx, items );
262  return( 0 );
263 }
264 
265 /*
266  * Access the PK type name
267  */
268 const char * pk_get_name( const pk_context *ctx )
269 {
270  if( ctx == NULL || ctx->pk_info == NULL )
271  return( "invalid PK" );
272 
273  return( ctx->pk_info->name );
274 }
275 
276 /*
277  * Access the PK type
278  */
279 pk_type_t pk_get_type( const pk_context *ctx )
280 {
281  if( ctx == NULL || ctx->pk_info == NULL )
282  return( POLARSSL_PK_NONE );
283 
284  return( ctx->pk_info->type );
285 }
286 
287 #endif /* POLARSSL_PK_C */
const pk_info_t * pk_info_from_type(pk_type_t pk_type)
Return information associated with the given PK type.
pk_rsa_alt_decrypt_func decrypt_func
Definition: pk_wrap.h:39
const pk_info_t eckeydh_info
int(* verify_func)(void *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature.
Definition: pk.h:140
Elliptic curves over GF(p)
size_t pk_get_size(const pk_context *ctx)
Get the size in bits of the underlying key.
Elliptic curve DSA.
int pk_decrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message.
int pk_debug(const pk_context *ctx, pk_debug_item *items)
Export debug information.
Configuration options (set of defines)
const pk_info_t * pk_info
Public key informations.
Definition: pk.h:179
pk_type_t pk_get_type(const pk_context *ctx)
Get the key type.
const char * pk_get_name(const pk_context *ctx)
Access the type name.
Public Key abstraction layer.
int pk_init_ctx_rsa_alt(pk_context *ctx, void *key, pk_rsa_alt_decrypt_func decrypt_func, pk_rsa_alt_sign_func sign_func, pk_rsa_alt_key_len_func key_len_func)
Initialize an RSA-alt context.
#define POLARSSL_ERR_PK_BAD_INPUT_DATA
Bad input parameters to function.
Definition: pk.h:49
md_type_t
Definition: md.h:51
int(* encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message.
Definition: pk.h:158
int(* pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: pk.h:189
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
void(* debug_func)(const void *ctx, pk_debug_item *items)
Interface with the debug module.
Definition: pk.h:170
int(* can_do)(pk_type_t type)
Tell if the context implements this type (e.g.
Definition: pk.h:137
Item to send to the debug module.
Definition: pk.h:112
int pk_verify(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature.
Public key information and operations.
Definition: pk.h:125
int pk_can_do(pk_context *ctx, pk_type_t type)
Tell if a context can do the operation given by type.
#define POLARSSL_ERR_PK_MALLOC_FAILED
Memory alloation failed.
Definition: pk.h:47
size_t(* get_size)(const void *)
Get key size in bits.
Definition: pk.h:134
void * pk_ctx
Underlying public key context.
Definition: pk.h:180
pk_type_t
Public key types.
Definition: pk.h:90
pk_rsa_alt_sign_func sign_func
Definition: pk_wrap.h:40
int pk_init_ctx(pk_context *ctx, const pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext...
const pk_info_t rsa_alt_info
The RSA public-key cryptosystem.
size_t(* pk_rsa_alt_key_len_func)(void *ctx)
Definition: pk.h:193
#define POLARSSL_ERR_PK_TYPE_MISMATCH
Type mismatch, eg attempt to encrypt with an ECDSA key.
Definition: pk.h:48
void pk_free(pk_context *ctx)
Free a pk_context.
int pk_sign(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature.
void *(* ctx_alloc_func)(void)
Allocate a new context.
Definition: pk.h:164
const pk_info_t eckey_info
const pk_info_t rsa_info
const pk_info_t ecdsa_info
int(* pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Types for RSA-alt abstraction.
Definition: pk.h:186
int pk_encrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message.
void pk_init(pk_context *ctx)
Initialize a pk_context (as NONE)
int size
Output length of the digest function.
Definition: md.h:82
const char * name
Type name.
Definition: pk.h:131
pk_rsa_alt_key_len_func key_len_func
Definition: pk_wrap.h:41
void * key
Definition: pk_wrap.h:38
pk_type_t type
Public key type.
Definition: pk.h:128
int(* sign_func)(void *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature.
Definition: pk.h:145
Message digest information.
Definition: md.h:74
Public key container.
Definition: pk.h:177
int(* decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message.
Definition: pk.h:152
void(* ctx_free_func)(void *ctx)
Free the given context.
Definition: pk.h:167