OPTIGA Trust M  1.1.0
C++ library for Optiga Trust M Chip Security Controller
pk.h File Reference

Public Key abstraction layer. More...

#include "config.h"
#include "md.h"
Include dependency graph for pk.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  mbedtls_pk_rsassa_pss_options
 Options for RSASSA-PSS signature verification. See mbedtls_rsa_rsassa_pss_verify_ext() More...
 
struct  mbedtls_pk_debug_item
 Item to send to the debug module. More...
 
struct  mbedtls_pk_context
 Public key container. More...
 

Macros

#define MBEDTLS_ERR_PK_ALLOC_FAILED   -0x3F80
 
#define MBEDTLS_ERR_PK_TYPE_MISMATCH   -0x3F00
 
#define MBEDTLS_ERR_PK_BAD_INPUT_DATA   -0x3E80
 
#define MBEDTLS_ERR_PK_FILE_IO_ERROR   -0x3E00
 
#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION   -0x3D80
 
#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT   -0x3D00
 
#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG   -0x3C80
 
#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED   -0x3C00
 
#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH   -0x3B80
 
#define MBEDTLS_ERR_PK_INVALID_PUBKEY   -0x3B00
 
#define MBEDTLS_ERR_PK_INVALID_ALG   -0x3A80
 
#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE   -0x3A00
 
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE   -0x3980
 
#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH   -0x3900
 
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED   -0x3880
 
#define MBEDTLS_PK_DEBUG_MAX_ITEMS   3
 

Typedefs

typedef struct mbedtls_pk_rsassa_pss_options mbedtls_pk_rsassa_pss_options
 Options for RSASSA-PSS signature verification. See mbedtls_rsa_rsassa_pss_verify_ext() More...
 
typedef struct mbedtls_pk_debug_item mbedtls_pk_debug_item
 Item to send to the debug module. More...
 
typedef struct mbedtls_pk_info_t mbedtls_pk_info_t
 Public key information and operations. More...
 
typedef struct mbedtls_pk_context mbedtls_pk_context
 Public key container. More...
 
typedef void mbedtls_pk_restart_ctx
 

Enumerations

enum  mbedtls_pk_type_t {
  MBEDTLS_PK_NONE =0, MBEDTLS_PK_RSA, MBEDTLS_PK_ECKEY, MBEDTLS_PK_ECKEY_DH,
  MBEDTLS_PK_ECDSA, MBEDTLS_PK_RSA_ALT, MBEDTLS_PK_RSASSA_PSS
}
 Public key types. More...
 
enum  mbedtls_pk_debug_type { MBEDTLS_PK_DEBUG_NONE = 0, MBEDTLS_PK_DEBUG_MPI, MBEDTLS_PK_DEBUG_ECP }
 Types for interfacing with the debug module. More...
 

Functions

const mbedtls_pk_info_tmbedtls_pk_info_from_type (mbedtls_pk_type_t pk_type)
 Return information associated with the given PK type. More...
 
void mbedtls_pk_init (mbedtls_pk_context *ctx)
 Initialize a mbedtls_pk_context (as NONE). More...
 
void mbedtls_pk_free (mbedtls_pk_context *ctx)
 Free the components of a mbedtls_pk_context. More...
 
int mbedtls_pk_setup (mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info)
 Initialize a PK context with the information given and allocates the type-specific PK subcontext. More...
 
size_t mbedtls_pk_get_bitlen (const mbedtls_pk_context *ctx)
 Get the size in bits of the underlying key. More...
 
int mbedtls_pk_can_do (const mbedtls_pk_context *ctx, mbedtls_pk_type_t type)
 Tell if a context can do the operation given by type. More...
 
int mbedtls_pk_verify (mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
 Verify signature (including padding if relevant). More...
 
int mbedtls_pk_verify_restartable (mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, mbedtls_pk_restart_ctx *rs_ctx)
 Restartable version of mbedtls_pk_verify() More...
 
int mbedtls_pk_verify_ext (mbedtls_pk_type_t type, const void *options, mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)
 Verify signature, with options. (Includes verification of the padding depending on type.) More...
 
int mbedtls_pk_sign (mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Make signature, including padding if relevant. More...
 
int mbedtls_pk_sign_restartable (mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_pk_restart_ctx *rs_ctx)
 Restartable version of mbedtls_pk_sign() More...
 
int mbedtls_pk_decrypt (mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Decrypt message (including padding if relevant). More...
 
int mbedtls_pk_encrypt (mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Encrypt message (including padding if relevant). More...
 
int mbedtls_pk_check_pair (const mbedtls_pk_context *pub, const mbedtls_pk_context *prv)
 Check if a public-private pair of keys matches. More...
 
int mbedtls_pk_debug (const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items)
 Export debug information. More...
 
const char * mbedtls_pk_get_name (const mbedtls_pk_context *ctx)
 Access the type name. More...
 
mbedtls_pk_type_t mbedtls_pk_get_type (const mbedtls_pk_context *ctx)
 Get the key type. More...
 

Detailed Description

Public Key abstraction layer.

Macro Definition Documentation

◆ MBEDTLS_ERR_PK_ALLOC_FAILED

#define MBEDTLS_ERR_PK_ALLOC_FAILED   -0x3F80

Memory allocation failed.

◆ MBEDTLS_ERR_PK_BAD_INPUT_DATA

#define MBEDTLS_ERR_PK_BAD_INPUT_DATA   -0x3E80

Bad input parameters to function.

◆ MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE

#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE   -0x3980

Unavailable feature, e.g. RSA disabled for RSA key.

◆ MBEDTLS_ERR_PK_FILE_IO_ERROR

#define MBEDTLS_ERR_PK_FILE_IO_ERROR   -0x3E00

Read/write of file failed.

◆ MBEDTLS_ERR_PK_HW_ACCEL_FAILED

#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED   -0x3880

PK hardware accelerator failed.

◆ MBEDTLS_ERR_PK_INVALID_ALG

#define MBEDTLS_ERR_PK_INVALID_ALG   -0x3A80

The algorithm tag or value is invalid.

◆ MBEDTLS_ERR_PK_INVALID_PUBKEY

#define MBEDTLS_ERR_PK_INVALID_PUBKEY   -0x3B00

The pubkey tag or value is invalid (only RSA and EC are supported).

◆ MBEDTLS_ERR_PK_KEY_INVALID_FORMAT

#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT   -0x3D00

Invalid key tag or value.

◆ MBEDTLS_ERR_PK_KEY_INVALID_VERSION

#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION   -0x3D80

Unsupported key version

◆ MBEDTLS_ERR_PK_PASSWORD_MISMATCH

#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH   -0x3B80

Given private key password does not allow for correct decryption.

◆ MBEDTLS_ERR_PK_PASSWORD_REQUIRED

#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED   -0x3C00

Private key password can't be empty.

◆ MBEDTLS_ERR_PK_SIG_LEN_MISMATCH

#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH   -0x3900

The buffer contains a valid signature followed by more data.

◆ MBEDTLS_ERR_PK_TYPE_MISMATCH

#define MBEDTLS_ERR_PK_TYPE_MISMATCH   -0x3F00

Type mismatch, eg attempt to encrypt with an ECDSA key

◆ MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE

#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE   -0x3A00

Elliptic curve is unsupported (only NIST curves are supported).

◆ MBEDTLS_ERR_PK_UNKNOWN_PK_ALG

#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG   -0x3C80

Key algorithm is unsupported (only RSA and EC are supported).

◆ MBEDTLS_PK_DEBUG_MAX_ITEMS

#define MBEDTLS_PK_DEBUG_MAX_ITEMS   3

Maximum number of item send for debugging, plus 1

Typedef Documentation

◆ mbedtls_pk_context

Public key container.

◆ mbedtls_pk_debug_item

Item to send to the debug module.

◆ mbedtls_pk_info_t

Public key information and operations.

◆ mbedtls_pk_restart_ctx

typedef void mbedtls_pk_restart_ctx

◆ mbedtls_pk_rsassa_pss_options

Options for RSASSA-PSS signature verification. See mbedtls_rsa_rsassa_pss_verify_ext()

Enumeration Type Documentation

◆ mbedtls_pk_debug_type

Types for interfacing with the debug module.

Enumerator
MBEDTLS_PK_DEBUG_NONE 
MBEDTLS_PK_DEBUG_MPI 
MBEDTLS_PK_DEBUG_ECP 

◆ mbedtls_pk_type_t

Public key types.

Enumerator
MBEDTLS_PK_NONE 
MBEDTLS_PK_RSA 
MBEDTLS_PK_ECKEY 
MBEDTLS_PK_ECKEY_DH 
MBEDTLS_PK_ECDSA 
MBEDTLS_PK_RSA_ALT 
MBEDTLS_PK_RSASSA_PSS 

Function Documentation

◆ mbedtls_pk_can_do()

int mbedtls_pk_can_do ( const mbedtls_pk_context ctx,
mbedtls_pk_type_t  type 
)

Tell if a context can do the operation given by type.

Parameters
ctxThe context to query. It must have been initialized.
typeThe desired type.
Returns
1 if the context can do operations on the given type.
0 if the context cannot do the operations on the given type. This is always the case for a context that has been initialized but not set up, or that has been cleared with mbedtls_pk_free().

◆ mbedtls_pk_check_pair()

int mbedtls_pk_check_pair ( const mbedtls_pk_context pub,
const mbedtls_pk_context prv 
)

Check if a public-private pair of keys matches.

Parameters
pubContext holding a public key.
prvContext holding a private (and public) key.
Returns
0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA

◆ mbedtls_pk_debug()

int mbedtls_pk_debug ( const mbedtls_pk_context ctx,
mbedtls_pk_debug_item items 
)

Export debug information.

Parameters
ctxThe PK context to use. It must have been initialized.
itemsPlace to write debug items
Returns
0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA

◆ mbedtls_pk_decrypt()

int mbedtls_pk_decrypt ( mbedtls_pk_context ctx,
const unsigned char *  input,
size_t  ilen,
unsigned char *  output,
size_t *  olen,
size_t  osize,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Decrypt message (including padding if relevant).

Parameters
ctxThe PK context to use. It must have been set up with a private key.
inputInput to decrypt
ilenInput size
outputDecrypted output
olenDecrypted message length
osizeSize of the output buffer
f_rngRNG function
p_rngRNG parameter
Note
For RSA keys, the default padding type is PKCS#1 v1.5.
Returns
0 on success, or a specific error code.

◆ mbedtls_pk_encrypt()

int mbedtls_pk_encrypt ( mbedtls_pk_context ctx,
const unsigned char *  input,
size_t  ilen,
unsigned char *  output,
size_t *  olen,
size_t  osize,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Encrypt message (including padding if relevant).

Parameters
ctxThe PK context to use. It must have been set up.
inputMessage to encrypt
ilenMessage size
outputEncrypted output
olenEncrypted output length
osizeSize of the output buffer
f_rngRNG function
p_rngRNG parameter
Note
For RSA keys, the default padding type is PKCS#1 v1.5.
Returns
0 on success, or a specific error code.

◆ mbedtls_pk_free()

void mbedtls_pk_free ( mbedtls_pk_context ctx)

Free the components of a mbedtls_pk_context.

Parameters
ctxThe context to clear. It must have been initialized. If this is NULL, this function does nothing.

◆ mbedtls_pk_get_bitlen()

size_t mbedtls_pk_get_bitlen ( const mbedtls_pk_context ctx)

Get the size in bits of the underlying key.

Parameters
ctxThe context to query. It must have been initialized.
Returns
Key size in bits, or 0 on error

◆ mbedtls_pk_get_name()

const char* mbedtls_pk_get_name ( const mbedtls_pk_context ctx)

Access the type name.

Parameters
ctxThe PK context to use. It must have been initialized.
Returns
Type name on success, or "invalid PK"

◆ mbedtls_pk_get_type()

mbedtls_pk_type_t mbedtls_pk_get_type ( const mbedtls_pk_context ctx)

Get the key type.

Parameters
ctxThe PK context to use. It must have been initialized.
Returns
Type on success.
MBEDTLS_PK_NONE for a context that has not been set up.

◆ mbedtls_pk_info_from_type()

const mbedtls_pk_info_t* mbedtls_pk_info_from_type ( mbedtls_pk_type_t  pk_type)

Return information associated with the given PK type.

Parameters
pk_typePK type to search for.
Returns
The PK info associated with the type or NULL if not found.

◆ mbedtls_pk_init()

void mbedtls_pk_init ( mbedtls_pk_context ctx)

Initialize a mbedtls_pk_context (as NONE).

Parameters
ctxThe context to initialize. This must not be NULL.

◆ mbedtls_pk_setup()

int mbedtls_pk_setup ( mbedtls_pk_context ctx,
const mbedtls_pk_info_t info 
)

Initialize a PK context with the information given and allocates the type-specific PK subcontext.

Parameters
ctxContext to initialize. It must not have been set up yet (type MBEDTLS_PK_NONE).
infoInformation to use
Returns
0 on success, MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
Note
For contexts holding an RSA-alt key, use mbedtls_pk_setup_rsa_alt() instead.

◆ mbedtls_pk_sign()

int mbedtls_pk_sign ( mbedtls_pk_context ctx,
mbedtls_md_type_t  md_alg,
const unsigned char *  hash,
size_t  hash_len,
unsigned char *  sig,
size_t *  sig_len,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Make signature, including padding if relevant.

Parameters
ctxThe PK context to use. It must have been set up with a private key.
md_algHash algorithm used (see notes)
hashHash of the message to sign
hash_lenHash length or 0 (see notes)
sigPlace to write the signature
sig_lenNumber of bytes written
f_rngRNG function
p_rngRNG parameter
Returns
0 on success, or a specific error code.
Note
For RSA keys, the default padding type is PKCS#1 v1.5. There is no interface in the PK module to make RSASSA-PSS signatures yet.
If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.
For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. For ECDSA, md_alg may never be MBEDTLS_MD_NONE.

◆ mbedtls_pk_sign_restartable()

int mbedtls_pk_sign_restartable ( mbedtls_pk_context ctx,
mbedtls_md_type_t  md_alg,
const unsigned char *  hash,
size_t  hash_len,
unsigned char *  sig,
size_t *  sig_len,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng,
mbedtls_pk_restart_ctx rs_ctx 
)

Restartable version of mbedtls_pk_sign()

Note
Performs the same job as mbedtls_pk_sign(), but can return early and restart according to the limit set with mbedtls_ecp_set_max_ops() to reduce blocking for ECC operations. For RSA, same as mbedtls_pk_sign().
Parameters
ctxThe PK context to use. It must have been set up with a private key.
md_algHash algorithm used (see notes)
hashHash of the message to sign
hash_lenHash length or 0 (see notes)
sigPlace to write the signature
sig_lenNumber of bytes written
f_rngRNG function
p_rngRNG parameter
rs_ctxRestart context (NULL to disable restart)
Returns
See mbedtls_pk_sign(), or
MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of operations was reached: see mbedtls_ecp_set_max_ops().

◆ mbedtls_pk_verify()

int mbedtls_pk_verify ( mbedtls_pk_context ctx,
mbedtls_md_type_t  md_alg,
const unsigned char *  hash,
size_t  hash_len,
const unsigned char *  sig,
size_t  sig_len 
)

Verify signature (including padding if relevant).

Parameters
ctxThe PK context to use. It must have been set up.
md_algHash algorithm used (see notes)
hashHash of the message to sign
hash_lenHash length or 0 (see notes)
sigSignature to verify
sig_lenSignature length
Returns
0 on success (signature is valid), MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid signature in sig but its length is less than siglen, or a specific error code.
Note
For RSA keys, the default padding type is PKCS#1 v1.5. Use mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) to verify RSASSA_PSS signatures.
If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.
md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0

◆ mbedtls_pk_verify_ext()

int mbedtls_pk_verify_ext ( mbedtls_pk_type_t  type,
const void *  options,
mbedtls_pk_context ctx,
mbedtls_md_type_t  md_alg,
const unsigned char *  hash,
size_t  hash_len,
const unsigned char *  sig,
size_t  sig_len 
)

Verify signature, with options. (Includes verification of the padding depending on type.)

Parameters
typeSignature type (inc. possible padding type) to verify
optionsPointer to type-specific options, or NULL
ctxThe PK context to use. It must have been set up.
md_algHash algorithm used (see notes)
hashHash of the message to sign
hash_lenHash length or 0 (see notes)
sigSignature to verify
sig_lenSignature length
Returns
0 on success (signature is valid), MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be used for this type of signatures, MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid signature in sig but its length is less than siglen, or a specific error code.
Note
If hash_len is 0, then the length associated with md_alg is used instead, or an error returned if it is invalid.
md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
If type is MBEDTLS_PK_RSASSA_PSS, then options must point to a mbedtls_pk_rsassa_pss_options structure, otherwise it must be NULL.

◆ mbedtls_pk_verify_restartable()

int mbedtls_pk_verify_restartable ( mbedtls_pk_context ctx,
mbedtls_md_type_t  md_alg,
const unsigned char *  hash,
size_t  hash_len,
const unsigned char *  sig,
size_t  sig_len,
mbedtls_pk_restart_ctx rs_ctx 
)

Restartable version of mbedtls_pk_verify()

Note
Performs the same job as mbedtls_pk_verify(), but can return early and restart according to the limit set with mbedtls_ecp_set_max_ops() to reduce blocking for ECC operations. For RSA, same as mbedtls_pk_verify().
Parameters
ctxThe PK context to use. It must have been set up.
md_algHash algorithm used (see notes)
hashHash of the message to sign
hash_lenHash length or 0 (see notes)
sigSignature to verify
sig_lenSignature length
rs_ctxRestart context (NULL to disable restart)
Returns
See mbedtls_pk_verify(), or
MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of operations was reached: see mbedtls_ecp_set_max_ops().