PolarSSL v1.3.7
pk.c
Go to the documentation of this file.
1 /*
2  * Public Key abstraction layer
3  *
4  * Copyright (C) 2006-2013, Brainspark B.V.
5  *
6  * This file is part of PolarSSL (http://www.polarssl.org)
7  * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8  *
9  * All rights reserved.
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License along
22  * with this program; if not, write to the Free Software Foundation, Inc.,
23  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24  */
25 
26 #if !defined(POLARSSL_CONFIG_FILE)
27 #include "polarssl/config.h"
28 #else
29 #include POLARSSL_CONFIG_FILE
30 #endif
31 
32 #if defined(POLARSSL_PK_C)
33 
34 #include "polarssl/pk.h"
35 #include "polarssl/pk_wrap.h"
36 
37 #if defined(POLARSSL_RSA_C)
38 #include "polarssl/rsa.h"
39 #endif
40 #if defined(POLARSSL_ECP_C)
41 #include "polarssl/ecp.h"
42 #endif
43 #if defined(POLARSSL_ECDSA_C)
44 #include "polarssl/ecdsa.h"
45 #endif
46 
47 /*
48  * Initialise a pk_context
49  */
50 void pk_init( pk_context *ctx )
51 {
52  if( ctx == NULL )
53  return;
54 
55  ctx->pk_info = NULL;
56  ctx->pk_ctx = NULL;
57 }
58 
59 /*
60  * Free (the components of) a pk_context
61  */
62 void pk_free( pk_context *ctx )
63 {
64  if( ctx == NULL || ctx->pk_info == NULL)
65  return;
66 
67  ctx->pk_info->ctx_free_func( ctx->pk_ctx );
68  ctx->pk_ctx = NULL;
69 
70  ctx->pk_info = NULL;
71 }
72 
73 /*
74  * Get pk_info structure from type
75  */
76 const pk_info_t * pk_info_from_type( pk_type_t pk_type )
77 {
78  switch( pk_type ) {
79 #if defined(POLARSSL_RSA_C)
80  case POLARSSL_PK_RSA:
81  return &rsa_info;
82 #endif
83 #if defined(POLARSSL_ECP_C)
84  case POLARSSL_PK_ECKEY:
85  return &eckey_info;
87  return &eckeydh_info;
88 #endif
89 #if defined(POLARSSL_ECDSA_C)
90  case POLARSSL_PK_ECDSA:
91  return &ecdsa_info;
92 #endif
93  /* POLARSSL_PK_RSA_ALT omitted on purpose */
94  default:
95  return NULL;
96  }
97 }
98 
99 /*
100  * Initialise context
101  */
102 int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
103 {
104  if( ctx == NULL || info == NULL || ctx->pk_info != NULL )
106 
107  if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
109 
110  ctx->pk_info = info;
111 
112  return( 0 );
113 }
114 
115 /*
116  * Initialize an RSA-alt context
117  */
118 int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
119  pk_rsa_alt_decrypt_func decrypt_func,
120  pk_rsa_alt_sign_func sign_func,
121  pk_rsa_alt_key_len_func key_len_func )
122 {
123  rsa_alt_context *rsa_alt;
124  const pk_info_t *info = &rsa_alt_info;
125 
126  if( ctx == NULL || ctx->pk_info != NULL )
128 
129  if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
131 
132  ctx->pk_info = info;
133 
134  rsa_alt = (rsa_alt_context *) ctx->pk_ctx;
135 
136  rsa_alt->key = key;
137  rsa_alt->decrypt_func = decrypt_func;
138  rsa_alt->sign_func = sign_func;
139  rsa_alt->key_len_func = key_len_func;
140 
141  return( 0 );
142 }
143 
144 /*
145  * Tell if a PK can do the operations of the given type
146  */
147 int pk_can_do( pk_context *ctx, pk_type_t type )
148 {
149  /* null or NONE context can't do anything */
150  if( ctx == NULL || ctx->pk_info == NULL )
151  return( 0 );
152 
153  return( ctx->pk_info->can_do( type ) );
154 }
155 
156 /*
157  * Helper for pk_sign and pk_verify
158  */
159 static inline int pk_hashlen_helper( md_type_t md_alg, size_t *hash_len )
160 {
161  const md_info_t *md_info;
162 
163  if( *hash_len != 0 )
164  return( 0 );
165 
166  if( ( md_info = md_info_from_type( md_alg ) ) == NULL )
167  return( -1 );
168 
169  *hash_len = md_info->size;
170  return( 0 );
171 }
172 
173 /*
174  * Verify a signature
175  */
176 int pk_verify( pk_context *ctx, md_type_t md_alg,
177  const unsigned char *hash, size_t hash_len,
178  const unsigned char *sig, size_t sig_len )
179 {
180  if( ctx == NULL || ctx->pk_info == NULL ||
181  pk_hashlen_helper( md_alg, &hash_len ) != 0 )
183 
184  if( ctx->pk_info->verify_func == NULL )
186 
187  return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
188  sig, sig_len ) );
189 }
190 
191 /*
192  * Make a signature
193  */
194 int pk_sign( pk_context *ctx, md_type_t md_alg,
195  const unsigned char *hash, size_t hash_len,
196  unsigned char *sig, size_t *sig_len,
197  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
198 {
199  if( ctx == NULL || ctx->pk_info == NULL ||
200  pk_hashlen_helper( md_alg, &hash_len ) != 0 )
202 
203  if( ctx->pk_info->sign_func == NULL )
205 
206  return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
207  sig, sig_len, f_rng, p_rng ) );
208 }
209 
210 /*
211  * Decrypt message
212  */
213 int pk_decrypt( pk_context *ctx,
214  const unsigned char *input, size_t ilen,
215  unsigned char *output, size_t *olen, size_t osize,
216  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
217 {
218  if( ctx == NULL || ctx->pk_info == NULL )
220 
221  if( ctx->pk_info->decrypt_func == NULL )
223 
224  return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
225  output, olen, osize, f_rng, p_rng ) );
226 }
227 
228 /*
229  * Encrypt message
230  */
231 int pk_encrypt( pk_context *ctx,
232  const unsigned char *input, size_t ilen,
233  unsigned char *output, size_t *olen, size_t osize,
234  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
235 {
236  if( ctx == NULL || ctx->pk_info == NULL )
238 
239  if( ctx->pk_info->encrypt_func == NULL )
241 
242  return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
243  output, olen, osize, f_rng, p_rng ) );
244 }
245 
246 /*
247  * Get key size in bits
248  */
249 size_t pk_get_size( const pk_context *ctx )
250 {
251  if( ctx == NULL || ctx->pk_info == NULL )
252  return( 0 );
253 
254  return( ctx->pk_info->get_size( ctx->pk_ctx ) );
255 }
256 
257 /*
258  * Export debug information
259  */
260 int pk_debug( const pk_context *ctx, pk_debug_item *items )
261 {
262  if( ctx == NULL || ctx->pk_info == NULL )
264 
265  if( ctx->pk_info->debug_func == NULL )
267 
268  ctx->pk_info->debug_func( ctx->pk_ctx, items );
269  return( 0 );
270 }
271 
272 /*
273  * Access the PK type name
274  */
275 const char * pk_get_name( const pk_context *ctx )
276 {
277  if( ctx == NULL || ctx->pk_info == NULL )
278  return( "invalid PK" );
279 
280  return( ctx->pk_info->name );
281 }
282 
283 /*
284  * Access the PK type
285  */
286 pk_type_t pk_get_type( const pk_context *ctx )
287 {
288  if( ctx == NULL || ctx->pk_info == NULL )
289  return( POLARSSL_PK_NONE );
290 
291  return( ctx->pk_info->type );
292 }
293 
294 #endif /* POLARSSL_PK_C */
const pk_info_t * pk_info_from_type(pk_type_t pk_type)
Return information associated with the given PK type.
pk_rsa_alt_decrypt_func decrypt_func
Definition: pk_wrap.h:43
const pk_info_t eckeydh_info
int(* verify_func)(void *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature.
Definition: pk.h:145
Elliptic curves over GF(p)
size_t pk_get_size(const pk_context *ctx)
Get the size in bits of the underlying key.
Elliptic curve DSA.
int pk_decrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message.
int pk_debug(const pk_context *ctx, pk_debug_item *items)
Export debug information.
Configuration options (set of defines)
const pk_info_t * pk_info
Public key informations.
Definition: pk.h:184
pk_type_t pk_get_type(const pk_context *ctx)
Get the key type.
const char * pk_get_name(const pk_context *ctx)
Access the type name.
Public Key abstraction layer.
int pk_init_ctx_rsa_alt(pk_context *ctx, void *key, pk_rsa_alt_decrypt_func decrypt_func, pk_rsa_alt_sign_func sign_func, pk_rsa_alt_key_len_func key_len_func)
Initialize an RSA-alt context.
#define POLARSSL_ERR_PK_BAD_INPUT_DATA
Bad input parameters to function.
Definition: pk.h:53
md_type_t
Definition: md.h:51
int(* encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message.
Definition: pk.h:163
int(* pk_rsa_alt_sign_func)(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: pk.h:194
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
void(* debug_func)(const void *ctx, pk_debug_item *items)
Interface with the debug module.
Definition: pk.h:175
int(* can_do)(pk_type_t type)
Tell if the context implements this type (e.g.
Definition: pk.h:142
Item to send to the debug module.
Definition: pk.h:117
int pk_verify(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
Verify signature.
Public key information and operations.
Definition: pk.h:130
int pk_can_do(pk_context *ctx, pk_type_t type)
Tell if a context can do the operation given by type.
#define POLARSSL_ERR_PK_MALLOC_FAILED
Memory alloation failed.
Definition: pk.h:51
size_t(* get_size)(const void *)
Get key size in bits.
Definition: pk.h:139
void * pk_ctx
Underlying public key context.
Definition: pk.h:185
pk_type_t
Public key types.
Definition: pk.h:95
pk_rsa_alt_sign_func sign_func
Definition: pk_wrap.h:44
int pk_init_ctx(pk_context *ctx, const pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext...
const pk_info_t rsa_alt_info
The RSA public-key cryptosystem.
size_t(* pk_rsa_alt_key_len_func)(void *ctx)
Definition: pk.h:198
#define POLARSSL_ERR_PK_TYPE_MISMATCH
Type mismatch, eg attempt to encrypt with an ECDSA key.
Definition: pk.h:52
void pk_free(pk_context *ctx)
Free a pk_context.
int pk_sign(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature.
void *(* ctx_alloc_func)(void)
Allocate a new context.
Definition: pk.h:169
const pk_info_t eckey_info
const pk_info_t rsa_info
const pk_info_t ecdsa_info
int(* pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Types for RSA-alt abstraction.
Definition: pk.h:191
int pk_encrypt(pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Encrypt message.
void pk_init(pk_context *ctx)
Initialize a pk_context (as NONE)
int size
Output length of the digest function.
Definition: md.h:82
const char * name
Type name.
Definition: pk.h:136
pk_rsa_alt_key_len_func key_len_func
Definition: pk_wrap.h:45
void * key
Definition: pk_wrap.h:42
pk_type_t type
Public key type.
Definition: pk.h:133
int(* sign_func)(void *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature.
Definition: pk.h:150
Message digest information.
Definition: md.h:74
Public key container.
Definition: pk.h:182
int(* decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Decrypt message.
Definition: pk.h:157
void(* ctx_free_func)(void *ctx)
Free the given context.
Definition: pk.h:172