p_chinagoldgroup_hand_acid_libs
/
blelib_sdk
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
1 Branch
0 Tags
64 MiB
Tree: d9cf40c8e6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd9cf40c8e6'
${ noResults }
blelib_sdk/external/mbedtls/library/pk.c

571 lines
16 KiB
Raw Normal View History

init
2 years ago
  1. /*
  2. * Public Key abstraction layer
  3. *
  4. * Copyright The Mbed TLS Contributors
  5. * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  6. *
  7. * This file is provided under the Apache License 2.0, or the
  8. * GNU General Public License v2.0 or later.
  9. *
  10. * **********
  11. * Apache License 2.0:
  12. *
  13. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  14. * not use this file except in compliance with the License.
  15. * You may obtain a copy of the License at
  16. *
  17. * http://www.apache.org/licenses/LICENSE-2.0
  18. *
  19. * Unless required by applicable law or agreed to in writing, software
  20. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  21. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  22. * See the License for the specific language governing permissions and
  23. * limitations under the License.
  24. *
  25. * **********
  26. *
  27. * **********
  28. * GNU General Public License v2.0 or later:
  29. *
  30. * This program is free software; you can redistribute it and/or modify
  31. * it under the terms of the GNU General Public License as published by
  32. * the Free Software Foundation; either version 2 of the License, or
  33. * (at your option) any later version.
  34. *
  35. * This program is distributed in the hope that it will be useful,
  36. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  37. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  38. * GNU General Public License for more details.
  39. *
  40. * You should have received a copy of the GNU General Public License along
  41. * with this program; if not, write to the Free Software Foundation, Inc.,
  42. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  43. *
  44. * **********
  45. */
  47. #if !defined(MBEDTLS_CONFIG_FILE)
  48. #include "mbedtls/config.h"
  49. #else
  50. #include MBEDTLS_CONFIG_FILE
  51. #endif
  53. #if defined(MBEDTLS_PK_C)
  54. #include "mbedtls/pk.h"
  55. #include "mbedtls/pk_internal.h"
  57. #include "mbedtls/platform_util.h"
  59. #if defined(MBEDTLS_RSA_C)
  60. #include "mbedtls/rsa.h"
  61. #endif
  62. #if defined(MBEDTLS_ECP_C)
  63. #include "mbedtls/ecp.h"
  64. #endif
  65. #if defined(MBEDTLS_ECDSA_C)
  66. #include "mbedtls/ecdsa.h"
  67. #endif
  69. #include <limits.h>
  70. #include <stdint.h>
  72. /* Parameter validation macros based on platform_util.h */
  73. #define PK_VALIDATE_RET( cond ) \
  74. MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
  75. #define PK_VALIDATE( cond ) \
  76. MBEDTLS_INTERNAL_VALIDATE( cond )
  78. /*
  79. * Initialise a mbedtls_pk_context
  80. */
  81. void mbedtls_pk_init( mbedtls_pk_context *ctx )
  82. {
  83. PK_VALIDATE( ctx != NULL );
  85. ctx->pk_info = NULL;
  86. ctx->pk_ctx = NULL;
  87. }
  89. /*
  90. * Free (the components of) a mbedtls_pk_context
  91. */
  92. void mbedtls_pk_free( mbedtls_pk_context *ctx )
  93. {
  94. if( ctx == NULL )
  95. return;
  97. if ( ctx->pk_info != NULL )
  98. ctx->pk_info->ctx_free_func( ctx->pk_ctx );
  100. mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
  101. }
  103. #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
  104. /*
  105. * Initialize a restart context
  106. */
  107. void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
  108. {
  109. PK_VALIDATE( ctx != NULL );
  110. ctx->pk_info = NULL;
  111. ctx->rs_ctx = NULL;
  112. }
  114. /*
  115. * Free the components of a restart context
  116. */
  117. void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
  118. {
  119. if( ctx == NULL || ctx->pk_info == NULL ||
  120. ctx->pk_info->rs_free_func == NULL )
  121. {
  122. return;
  123. }
  125. ctx->pk_info->rs_free_func( ctx->rs_ctx );
  127. ctx->pk_info = NULL;
  128. ctx->rs_ctx = NULL;
  129. }
  130. #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
  132. /*
  133. * Get pk_info structure from type
  134. */
  135. const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
  136. {
  137. switch( pk_type ) {
  138. #if defined(MBEDTLS_RSA_C)
  139. case MBEDTLS_PK_RSA:
  140. return( &mbedtls_rsa_info );
  141. #endif
  142. #if defined(MBEDTLS_ECP_C)
  143. case MBEDTLS_PK_ECKEY:
  144. return( &mbedtls_eckey_info );
  145. case MBEDTLS_PK_ECKEY_DH:
  146. return( &mbedtls_eckeydh_info );
  147. #endif
  148. #if defined(MBEDTLS_ECDSA_C)
  149. case MBEDTLS_PK_ECDSA:
  150. return( &mbedtls_ecdsa_info );
  151. #endif
  152. /* MBEDTLS_PK_RSA_ALT omitted on purpose */
  153. default:
  154. return( NULL );
  155. }
  156. }
  158. /*
  159. * Initialise context
  160. */
  161. int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
  162. {
  163. PK_VALIDATE_RET( ctx != NULL );
  164. if( info == NULL || ctx->pk_info != NULL )
  165. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  167. if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
  168. return( MBEDTLS_ERR_PK_ALLOC_FAILED );
  170. ctx->pk_info = info;
  172. return( 0 );
  173. }
  175. #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
  176. /*
  177. * Initialize an RSA-alt context
  178. */
  179. int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
  180. mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
  181. mbedtls_pk_rsa_alt_sign_func sign_func,
  182. mbedtls_pk_rsa_alt_key_len_func key_len_func )
  183. {
  184. mbedtls_rsa_alt_context *rsa_alt;
  185. const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
  187. PK_VALIDATE_RET( ctx != NULL );
  188. if( ctx->pk_info != NULL )
  189. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  191. if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
  192. return( MBEDTLS_ERR_PK_ALLOC_FAILED );
  194. ctx->pk_info = info;
  196. rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
  198. rsa_alt->key = key;
  199. rsa_alt->decrypt_func = decrypt_func;
  200. rsa_alt->sign_func = sign_func;
  201. rsa_alt->key_len_func = key_len_func;
  203. return( 0 );
  204. }
  205. #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
  207. /*
  208. * Tell if a PK can do the operations of the given type
  209. */
  210. int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
  211. {
  212. /* A context with null pk_info is not set up yet and can't do anything.
  213. * For backward compatibility, also accept NULL instead of a context
  214. * pointer. */
  215. if( ctx == NULL || ctx->pk_info == NULL )
  216. return( 0 );
  218. return( ctx->pk_info->can_do( type ) );
  219. }
  221. /*
  222. * Helper for mbedtls_pk_sign and mbedtls_pk_verify
  223. */
  224. static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
  225. {
  226. const mbedtls_md_info_t *md_info;
  228. if( *hash_len != 0 )
  229. return( 0 );
  231. if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
  232. return( -1 );
  234. *hash_len = mbedtls_md_get_size( md_info );
  235. return( 0 );
  236. }
  238. #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
  239. /*
  240. * Helper to set up a restart context if needed
  241. */
  242. static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx,
  243. const mbedtls_pk_info_t *info )
  244. {
  245. /* Don't do anything if already set up or invalid */
  246. if( ctx == NULL || ctx->pk_info != NULL )
  247. return( 0 );
  249. /* Should never happen when we're called */
  250. if( info->rs_alloc_func == NULL || info->rs_free_func == NULL )
  251. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  253. if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL )
  254. return( MBEDTLS_ERR_PK_ALLOC_FAILED );
  256. ctx->pk_info = info;
  258. return( 0 );
  259. }
  260. #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
  262. /*
  263. * Verify a signature (restartable)
  264. */
  265. int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
  266. mbedtls_md_type_t md_alg,
  267. const unsigned char *hash, size_t hash_len,
  268. const unsigned char *sig, size_t sig_len,
  269. mbedtls_pk_restart_ctx *rs_ctx )
  270. {
  271. PK_VALIDATE_RET( ctx != NULL );
  272. PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
  273. hash != NULL );
  274. PK_VALIDATE_RET( sig != NULL );
  276. if( ctx->pk_info == NULL ||
  277. pk_hashlen_helper( md_alg, &hash_len ) != 0 )
  278. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  280. #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
  281. /* optimization: use non-restartable version if restart disabled */
  282. if( rs_ctx != NULL &&
  283. mbedtls_ecp_restart_is_enabled() &&
  284. ctx->pk_info->verify_rs_func != NULL )
  285. {
  286. int ret;
  288. if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
  289. return( ret );
  291. ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx,
  292. md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx );
  294. if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
  295. mbedtls_pk_restart_free( rs_ctx );
  297. return( ret );
  298. }
  299. #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
  300. (void) rs_ctx;
  301. #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
  303. if( ctx->pk_info->verify_func == NULL )
  304. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  306. return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
  307. sig, sig_len ) );
  308. }
  310. /*
  311. * Verify a signature
  312. */
  313. int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
  314. const unsigned char *hash, size_t hash_len,
  315. const unsigned char *sig, size_t sig_len )
  316. {
  317. return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len,
  318. sig, sig_len, NULL ) );
  319. }
  321. /*
  322. * Verify a signature with options
  323. */
  324. int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
  325. mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
  326. const unsigned char *hash, size_t hash_len,
  327. const unsigned char *sig, size_t sig_len )
  328. {
  329. PK_VALIDATE_RET( ctx != NULL );
  330. PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
  331. hash != NULL );
  332. PK_VALIDATE_RET( sig != NULL );
  334. if( ctx->pk_info == NULL )
  335. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  337. if( ! mbedtls_pk_can_do( ctx, type ) )
  338. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  340. if( type == MBEDTLS_PK_RSASSA_PSS )
  341. {
  342. #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
  343. int ret;
  344. const mbedtls_pk_rsassa_pss_options *pss_opts;
  346. #if SIZE_MAX > UINT_MAX
  347. if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
  348. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  349. #endif /* SIZE_MAX > UINT_MAX */
  351. if( options == NULL )
  352. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  354. pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
  356. if( sig_len < mbedtls_pk_get_len( ctx ) )
  357. return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
  359. ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
  360. NULL, NULL, MBEDTLS_RSA_PUBLIC,
  361. md_alg, (unsigned int) hash_len, hash,
  362. pss_opts->mgf1_hash_id,
  363. pss_opts->expected_salt_len,
  364. sig );
  365. if( ret != 0 )
  366. return( ret );
  368. if( sig_len > mbedtls_pk_get_len( ctx ) )
  369. return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
  371. return( 0 );
  372. #else
  373. return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
  374. #endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
  375. }
  377. /* General case: no options */
  378. if( options != NULL )
  379. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  381. return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
  382. }
  384. /*
  385. * Make a signature (restartable)
  386. */
  387. int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
  388. mbedtls_md_type_t md_alg,
  389. const unsigned char *hash, size_t hash_len,
  390. unsigned char *sig, size_t *sig_len,
  391. int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
  392. mbedtls_pk_restart_ctx *rs_ctx )
  393. {
  394. PK_VALIDATE_RET( ctx != NULL );
  395. PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
  396. hash != NULL );
  397. PK_VALIDATE_RET( sig != NULL );
  399. if( ctx->pk_info == NULL ||
  400. pk_hashlen_helper( md_alg, &hash_len ) != 0 )
  401. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  403. #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
  404. /* optimization: use non-restartable version if restart disabled */
  405. if( rs_ctx != NULL &&
  406. mbedtls_ecp_restart_is_enabled() &&
  407. ctx->pk_info->sign_rs_func != NULL )
  408. {
  409. int ret;
  411. if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
  412. return( ret );
  414. ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg,
  415. hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx );
  417. if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
  418. mbedtls_pk_restart_free( rs_ctx );
  420. return( ret );
  421. }
  422. #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
  423. (void) rs_ctx;
  424. #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
  426. if( ctx->pk_info->sign_func == NULL )
  427. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  429. return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
  430. sig, sig_len, f_rng, p_rng ) );
  431. }
  433. /*
  434. * Make a signature
  435. */
  436. int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
  437. const unsigned char *hash, size_t hash_len,
  438. unsigned char *sig, size_t *sig_len,
  439. int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
  440. {
  441. return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len,
  442. sig, sig_len, f_rng, p_rng, NULL ) );
  443. }
  445. /*
  446. * Decrypt message
  447. */
  448. int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
  449. const unsigned char *input, size_t ilen,
  450. unsigned char *output, size_t *olen, size_t osize,
  451. int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
  452. {
  453. PK_VALIDATE_RET( ctx != NULL );
  454. PK_VALIDATE_RET( input != NULL || ilen == 0 );
  455. PK_VALIDATE_RET( output != NULL || osize == 0 );
  456. PK_VALIDATE_RET( olen != NULL );
  458. if( ctx->pk_info == NULL )
  459. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  461. if( ctx->pk_info->decrypt_func == NULL )
  462. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  464. return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
  465. output, olen, osize, f_rng, p_rng ) );
  466. }
  468. /*
  469. * Encrypt message
  470. */
  471. int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
  472. const unsigned char *input, size_t ilen,
  473. unsigned char *output, size_t *olen, size_t osize,
  474. int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
  475. {
  476. PK_VALIDATE_RET( ctx != NULL );
  477. PK_VALIDATE_RET( input != NULL || ilen == 0 );
  478. PK_VALIDATE_RET( output != NULL || osize == 0 );
  479. PK_VALIDATE_RET( olen != NULL );
  481. if( ctx->pk_info == NULL )
  482. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  484. if( ctx->pk_info->encrypt_func == NULL )
  485. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  487. return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
  488. output, olen, osize, f_rng, p_rng ) );
  489. }
  491. /*
  492. * Check public-private key pair
  493. */
  494. int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
  495. {
  496. PK_VALIDATE_RET( pub != NULL );
  497. PK_VALIDATE_RET( prv != NULL );
  499. if( pub->pk_info == NULL ||
  500. prv->pk_info == NULL ||
  501. prv->pk_info->check_pair_func == NULL )
  502. {
  503. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  504. }
  506. if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
  507. {
  508. if( pub->pk_info->type != MBEDTLS_PK_RSA )
  509. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  510. }
  511. else
  512. {
  513. if( pub->pk_info != prv->pk_info )
  514. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  515. }
  517. return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
  518. }
  520. /*
  521. * Get key size in bits
  522. */
  523. size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
  524. {
  525. /* For backward compatibility, accept NULL or a context that
  526. * isn't set up yet, and return a fake value that should be safe. */
  527. if( ctx == NULL || ctx->pk_info == NULL )
  528. return( 0 );
  530. return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
  531. }
  533. /*
  534. * Export debug information
  535. */
  536. int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
  537. {
  538. PK_VALIDATE_RET( ctx != NULL );
  539. if( ctx->pk_info == NULL )
  540. return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
  542. if( ctx->pk_info->debug_func == NULL )
  543. return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
  545. ctx->pk_info->debug_func( ctx->pk_ctx, items );
  546. return( 0 );
  547. }
  549. /*
  550. * Access the PK type name
  551. */
  552. const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
  553. {
  554. if( ctx == NULL || ctx->pk_info == NULL )
  555. return( "invalid PK" );
  557. return( ctx->pk_info->name );
  558. }
  560. /*
  561. * Access the PK type
  562. */
  563. mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
  564. {
  565. if( ctx == NULL || ctx->pk_info == NULL )
  566. return( MBEDTLS_PK_NONE );
  568. return( ctx->pk_info->type );
  569. }
  571. #endif /* MBEDTLS_PK_C */