source: azure_iot_hub_mbedtls/trunk/mbedtls-2.16.1/library/pk_wrap.c@ 398

Last change on this file since 398 was 398, checked in by coas-nagasima, 5 years ago

mbedTLS版Azure IoT Hub接続サンプルのソースコードを追加
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc;charset=UTF-8
File size: 20.1 KB
Line 
1/*
2 * Public Key abstraction layer: wrapper functions
3 *
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
28#if defined(MBEDTLS_PK_C)
29#include "mbedtls/pk_internal.h"
30
31/* Even if RSA not activated, for the sake of RSA-alt */
32#include "mbedtls/rsa.h"
33
34#include <string.h>
35
36#if defined(MBEDTLS_ECP_C)
37#include "mbedtls/ecp.h"
38#endif
39
40#if defined(MBEDTLS_ECDSA_C)
41#include "mbedtls/ecdsa.h"
42#endif
43
44#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
45#include "mbedtls/platform_util.h"
46#endif
47
48#if defined(MBEDTLS_PLATFORM_C)
49#include "mbedtls/platform.h"
50#else
51#include <stdlib.h>
52#define mbedtls_calloc calloc
53#define mbedtls_free free
54#endif
55
56#include <limits.h>
57#include <stdint.h>
58
59#if defined(MBEDTLS_RSA_C)
60static int rsa_can_do( mbedtls_pk_type_t type )
61{
62 return( type == MBEDTLS_PK_RSA ||
63 type == MBEDTLS_PK_RSASSA_PSS );
64}
65
66static size_t rsa_get_bitlen( const void *ctx )
67{
68 const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
69 return( 8 * mbedtls_rsa_get_len( rsa ) );
70}
71
72static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
73 const unsigned char *hash, size_t hash_len,
74 const unsigned char *sig, size_t sig_len )
75{
76 int ret;
77 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
78 size_t rsa_len = mbedtls_rsa_get_len( rsa );
79
80#if SIZE_MAX > UINT_MAX
81 if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
82 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
83#endif /* SIZE_MAX > UINT_MAX */
84
85 if( sig_len < rsa_len )
86 return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
87
88 if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL,
89 MBEDTLS_RSA_PUBLIC, md_alg,
90 (unsigned int) hash_len, hash, sig ) ) != 0 )
91 return( ret );
92
93 /* The buffer contains a valid signature followed by extra data.
94 * We have a special error code for that so that so that callers can
95 * use mbedtls_pk_verify() to check "Does the buffer start with a
96 * valid signature?" and not just "Does the buffer contain a valid
97 * signature?". */
98 if( sig_len > rsa_len )
99 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
100
101 return( 0 );
102}
103
104static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
105 const unsigned char *hash, size_t hash_len,
106 unsigned char *sig, size_t *sig_len,
107 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
108{
109 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
110
111#if SIZE_MAX > UINT_MAX
112 if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
113 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
114#endif /* SIZE_MAX > UINT_MAX */
115
116 *sig_len = mbedtls_rsa_get_len( rsa );
117
118 return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
119 md_alg, (unsigned int) hash_len, hash, sig ) );
120}
121
122static int rsa_decrypt_wrap( void *ctx,
123 const unsigned char *input, size_t ilen,
124 unsigned char *output, size_t *olen, size_t osize,
125 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
126{
127 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
128
129 if( ilen != mbedtls_rsa_get_len( rsa ) )
130 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
131
132 return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng,
133 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
134}
135
136static int rsa_encrypt_wrap( void *ctx,
137 const unsigned char *input, size_t ilen,
138 unsigned char *output, size_t *olen, size_t osize,
139 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
140{
141 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
142 *olen = mbedtls_rsa_get_len( rsa );
143
144 if( *olen > osize )
145 return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
146
147 return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC,
148 ilen, input, output ) );
149}
150
151static int rsa_check_pair_wrap( const void *pub, const void *prv )
152{
153 return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
154 (const mbedtls_rsa_context *) prv ) );
155}
156
157static void *rsa_alloc_wrap( void )
158{
159 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) );
160
161 if( ctx != NULL )
162 mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 );
163
164 return( ctx );
165}
166
167static void rsa_free_wrap( void *ctx )
168{
169 mbedtls_rsa_free( (mbedtls_rsa_context *) ctx );
170 mbedtls_free( ctx );
171}
172
173static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items )
174{
175 items->type = MBEDTLS_PK_DEBUG_MPI;
176 items->name = "rsa.N";
177 items->value = &( ((mbedtls_rsa_context *) ctx)->N );
178
179 items++;
180
181 items->type = MBEDTLS_PK_DEBUG_MPI;
182 items->name = "rsa.E";
183 items->value = &( ((mbedtls_rsa_context *) ctx)->E );
184}
185
186const mbedtls_pk_info_t mbedtls_rsa_info = {
187 MBEDTLS_PK_RSA,
188 "RSA",
189 rsa_get_bitlen,
190 rsa_can_do,
191 rsa_verify_wrap,
192 rsa_sign_wrap,
193#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
194 NULL,
195 NULL,
196#endif
197 rsa_decrypt_wrap,
198 rsa_encrypt_wrap,
199 rsa_check_pair_wrap,
200 rsa_alloc_wrap,
201 rsa_free_wrap,
202#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
203 NULL,
204 NULL,
205#endif
206 rsa_debug,
207};
208#endif /* MBEDTLS_RSA_C */
209
210#if defined(MBEDTLS_ECP_C)
211/*
212 * Generic EC key
213 */
214static int eckey_can_do( mbedtls_pk_type_t type )
215{
216 return( type == MBEDTLS_PK_ECKEY ||
217 type == MBEDTLS_PK_ECKEY_DH ||
218 type == MBEDTLS_PK_ECDSA );
219}
220
221static size_t eckey_get_bitlen( const void *ctx )
222{
223 return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits );
224}
225
226#if defined(MBEDTLS_ECDSA_C)
227/* Forward declarations */
228static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
229 const unsigned char *hash, size_t hash_len,
230 const unsigned char *sig, size_t sig_len );
231
232static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
233 const unsigned char *hash, size_t hash_len,
234 unsigned char *sig, size_t *sig_len,
235 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
236
237static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
238 const unsigned char *hash, size_t hash_len,
239 const unsigned char *sig, size_t sig_len )
240{
241 int ret;
242 mbedtls_ecdsa_context ecdsa;
243
244 mbedtls_ecdsa_init( &ecdsa );
245
246 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
247 ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
248
249 mbedtls_ecdsa_free( &ecdsa );
250
251 return( ret );
252}
253
254static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
255 const unsigned char *hash, size_t hash_len,
256 unsigned char *sig, size_t *sig_len,
257 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
258{
259 int ret;
260 mbedtls_ecdsa_context ecdsa;
261
262 mbedtls_ecdsa_init( &ecdsa );
263
264 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
265 ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
266 f_rng, p_rng );
267
268 mbedtls_ecdsa_free( &ecdsa );
269
270 return( ret );
271}
272
273#if defined(MBEDTLS_ECP_RESTARTABLE)
274/* Forward declarations */
275static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
276 const unsigned char *hash, size_t hash_len,
277 const unsigned char *sig, size_t sig_len,
278 void *rs_ctx );
279
280static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
281 const unsigned char *hash, size_t hash_len,
282 unsigned char *sig, size_t *sig_len,
283 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
284 void *rs_ctx );
285
286/*
287 * Restart context for ECDSA operations with ECKEY context
288 *
289 * We need to store an actual ECDSA context, as we need to pass the same to
290 * the underlying ecdsa function, so we can't create it on the fly every time.
291 */
292typedef struct
293{
294 mbedtls_ecdsa_restart_ctx ecdsa_rs;
295 mbedtls_ecdsa_context ecdsa_ctx;
296} eckey_restart_ctx;
297
298static void *eckey_rs_alloc( void )
299{
300 eckey_restart_ctx *rs_ctx;
301
302 void *ctx = mbedtls_calloc( 1, sizeof( eckey_restart_ctx ) );
303
304 if( ctx != NULL )
305 {
306 rs_ctx = ctx;
307 mbedtls_ecdsa_restart_init( &rs_ctx->ecdsa_rs );
308 mbedtls_ecdsa_init( &rs_ctx->ecdsa_ctx );
309 }
310
311 return( ctx );
312}
313
314static void eckey_rs_free( void *ctx )
315{
316 eckey_restart_ctx *rs_ctx;
317
318 if( ctx == NULL)
319 return;
320
321 rs_ctx = ctx;
322 mbedtls_ecdsa_restart_free( &rs_ctx->ecdsa_rs );
323 mbedtls_ecdsa_free( &rs_ctx->ecdsa_ctx );
324
325 mbedtls_free( ctx );
326}
327
328static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
329 const unsigned char *hash, size_t hash_len,
330 const unsigned char *sig, size_t sig_len,
331 void *rs_ctx )
332{
333 int ret;
334 eckey_restart_ctx *rs = rs_ctx;
335
336 /* Should never happen */
337 if( rs == NULL )
338 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
339
340 /* set up our own sub-context if needed (that is, on first run) */
341 if( rs->ecdsa_ctx.grp.pbits == 0 )
342 MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) );
343
344 MBEDTLS_MPI_CHK( ecdsa_verify_rs_wrap( &rs->ecdsa_ctx,
345 md_alg, hash, hash_len,
346 sig, sig_len, &rs->ecdsa_rs ) );
347
348cleanup:
349 return( ret );
350}
351
352static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
353 const unsigned char *hash, size_t hash_len,
354 unsigned char *sig, size_t *sig_len,
355 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
356 void *rs_ctx )
357{
358 int ret;
359 eckey_restart_ctx *rs = rs_ctx;
360
361 /* Should never happen */
362 if( rs == NULL )
363 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
364
365 /* set up our own sub-context if needed (that is, on first run) */
366 if( rs->ecdsa_ctx.grp.pbits == 0 )
367 MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) );
368
369 MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg,
370 hash, hash_len, sig, sig_len,
371 f_rng, p_rng, &rs->ecdsa_rs ) );
372
373cleanup:
374 return( ret );
375}
376#endif /* MBEDTLS_ECP_RESTARTABLE */
377#endif /* MBEDTLS_ECDSA_C */
378
379static int eckey_check_pair( const void *pub, const void *prv )
380{
381 return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
382 (const mbedtls_ecp_keypair *) prv ) );
383}
384
385static void *eckey_alloc_wrap( void )
386{
387 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
388
389 if( ctx != NULL )
390 mbedtls_ecp_keypair_init( ctx );
391
392 return( ctx );
393}
394
395static void eckey_free_wrap( void *ctx )
396{
397 mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx );
398 mbedtls_free( ctx );
399}
400
401static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items )
402{
403 items->type = MBEDTLS_PK_DEBUG_ECP;
404 items->name = "eckey.Q";
405 items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
406}
407
408const mbedtls_pk_info_t mbedtls_eckey_info = {
409 MBEDTLS_PK_ECKEY,
410 "EC",
411 eckey_get_bitlen,
412 eckey_can_do,
413#if defined(MBEDTLS_ECDSA_C)
414 eckey_verify_wrap,
415 eckey_sign_wrap,
416#if defined(MBEDTLS_ECP_RESTARTABLE)
417 eckey_verify_rs_wrap,
418 eckey_sign_rs_wrap,
419#endif
420#else /* MBEDTLS_ECDSA_C */
421 NULL,
422 NULL,
423#endif /* MBEDTLS_ECDSA_C */
424 NULL,
425 NULL,
426 eckey_check_pair,
427 eckey_alloc_wrap,
428 eckey_free_wrap,
429#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
430 eckey_rs_alloc,
431 eckey_rs_free,
432#endif
433 eckey_debug,
434};
435
436/*
437 * EC key restricted to ECDH
438 */
439static int eckeydh_can_do( mbedtls_pk_type_t type )
440{
441 return( type == MBEDTLS_PK_ECKEY ||
442 type == MBEDTLS_PK_ECKEY_DH );
443}
444
445const mbedtls_pk_info_t mbedtls_eckeydh_info = {
446 MBEDTLS_PK_ECKEY_DH,
447 "EC_DH",
448 eckey_get_bitlen, /* Same underlying key structure */
449 eckeydh_can_do,
450 NULL,
451 NULL,
452#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
453 NULL,
454 NULL,
455#endif
456 NULL,
457 NULL,
458 eckey_check_pair,
459 eckey_alloc_wrap, /* Same underlying key structure */
460 eckey_free_wrap, /* Same underlying key structure */
461#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
462 NULL,
463 NULL,
464#endif
465 eckey_debug, /* Same underlying key structure */
466};
467#endif /* MBEDTLS_ECP_C */
468
469#if defined(MBEDTLS_ECDSA_C)
470static int ecdsa_can_do( mbedtls_pk_type_t type )
471{
472 return( type == MBEDTLS_PK_ECDSA );
473}
474
475static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
476 const unsigned char *hash, size_t hash_len,
477 const unsigned char *sig, size_t sig_len )
478{
479 int ret;
480 ((void) md_alg);
481
482 ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx,
483 hash, hash_len, sig, sig_len );
484
485 if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
486 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
487
488 return( ret );
489}
490
491static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
492 const unsigned char *hash, size_t hash_len,
493 unsigned char *sig, size_t *sig_len,
494 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
495{
496 return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx,
497 md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
498}
499
500#if defined(MBEDTLS_ECP_RESTARTABLE)
501static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
502 const unsigned char *hash, size_t hash_len,
503 const unsigned char *sig, size_t sig_len,
504 void *rs_ctx )
505{
506 int ret;
507 ((void) md_alg);
508
509 ret = mbedtls_ecdsa_read_signature_restartable(
510 (mbedtls_ecdsa_context *) ctx,
511 hash, hash_len, sig, sig_len,
512 (mbedtls_ecdsa_restart_ctx *) rs_ctx );
513
514 if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
515 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
516
517 return( ret );
518}
519
520static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
521 const unsigned char *hash, size_t hash_len,
522 unsigned char *sig, size_t *sig_len,
523 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
524 void *rs_ctx )
525{
526 return( mbedtls_ecdsa_write_signature_restartable(
527 (mbedtls_ecdsa_context *) ctx,
528 md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng,
529 (mbedtls_ecdsa_restart_ctx *) rs_ctx ) );
530
531}
532#endif /* MBEDTLS_ECP_RESTARTABLE */
533
534static void *ecdsa_alloc_wrap( void )
535{
536 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) );
537
538 if( ctx != NULL )
539 mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx );
540
541 return( ctx );
542}
543
544static void ecdsa_free_wrap( void *ctx )
545{
546 mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx );
547 mbedtls_free( ctx );
548}
549
550#if defined(MBEDTLS_ECP_RESTARTABLE)
551static void *ecdsa_rs_alloc( void )
552{
553 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) );
554
555 if( ctx != NULL )
556 mbedtls_ecdsa_restart_init( ctx );
557
558 return( ctx );
559}
560
561static void ecdsa_rs_free( void *ctx )
562{
563 mbedtls_ecdsa_restart_free( ctx );
564 mbedtls_free( ctx );
565}
566#endif /* MBEDTLS_ECP_RESTARTABLE */
567
568const mbedtls_pk_info_t mbedtls_ecdsa_info = {
569 MBEDTLS_PK_ECDSA,
570 "ECDSA",
571 eckey_get_bitlen, /* Compatible key structures */
572 ecdsa_can_do,
573 ecdsa_verify_wrap,
574 ecdsa_sign_wrap,
575#if defined(MBEDTLS_ECP_RESTARTABLE)
576 ecdsa_verify_rs_wrap,
577 ecdsa_sign_rs_wrap,
578#endif
579 NULL,
580 NULL,
581 eckey_check_pair, /* Compatible key structures */
582 ecdsa_alloc_wrap,
583 ecdsa_free_wrap,
584#if defined(MBEDTLS_ECP_RESTARTABLE)
585 ecdsa_rs_alloc,
586 ecdsa_rs_free,
587#endif
588 eckey_debug, /* Compatible key structures */
589};
590#endif /* MBEDTLS_ECDSA_C */
591
592#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
593/*
594 * Support for alternative RSA-private implementations
595 */
596
597static int rsa_alt_can_do( mbedtls_pk_type_t type )
598{
599 return( type == MBEDTLS_PK_RSA );
600}
601
602static size_t rsa_alt_get_bitlen( const void *ctx )
603{
604 const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx;
605
606 return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
607}
608
609static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
610 const unsigned char *hash, size_t hash_len,
611 unsigned char *sig, size_t *sig_len,
612 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
613{
614 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
615
616#if SIZE_MAX > UINT_MAX
617 if( UINT_MAX < hash_len )
618 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
619#endif /* SIZE_MAX > UINT_MAX */
620
621 *sig_len = rsa_alt->key_len_func( rsa_alt->key );
622
623 return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
624 md_alg, (unsigned int) hash_len, hash, sig ) );
625}
626
627static int rsa_alt_decrypt_wrap( void *ctx,
628 const unsigned char *input, size_t ilen,
629 unsigned char *output, size_t *olen, size_t osize,
630 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
631{
632 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
633
634 ((void) f_rng);
635 ((void) p_rng);
636
637 if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
638 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
639
640 return( rsa_alt->decrypt_func( rsa_alt->key,
641 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
642}
643
644#if defined(MBEDTLS_RSA_C)
645static int rsa_alt_check_pair( const void *pub, const void *prv )
646{
647 unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
648 unsigned char hash[32];
649 size_t sig_len = 0;
650 int ret;
651
652 if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) )
653 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
654
655 memset( hash, 0x2a, sizeof( hash ) );
656
657 if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
658 hash, sizeof( hash ),
659 sig, &sig_len, NULL, NULL ) ) != 0 )
660 {
661 return( ret );
662 }
663
664 if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE,
665 hash, sizeof( hash ), sig, sig_len ) != 0 )
666 {
667 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
668 }
669
670 return( 0 );
671}
672#endif /* MBEDTLS_RSA_C */
673
674static void *rsa_alt_alloc_wrap( void )
675{
676 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) );
677
678 if( ctx != NULL )
679 memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) );
680
681 return( ctx );
682}
683
684static void rsa_alt_free_wrap( void *ctx )
685{
686 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) );
687 mbedtls_free( ctx );
688}
689
690const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
691 MBEDTLS_PK_RSA_ALT,
692 "RSA-alt",
693 rsa_alt_get_bitlen,
694 rsa_alt_can_do,
695 NULL,
696 rsa_alt_sign_wrap,
697#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
698 NULL,
699 NULL,
700#endif
701 rsa_alt_decrypt_wrap,
702 NULL,
703#if defined(MBEDTLS_RSA_C)
704 rsa_alt_check_pair,
705#else
706 NULL,
707#endif
708 rsa_alt_alloc_wrap,
709 rsa_alt_free_wrap,
710#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
711 NULL,
712 NULL,
713#endif
714 NULL,
715};
716
717#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
718
719#endif /* MBEDTLS_PK_C */
Note: See TracBrowser for help on using the repository browser.