common/mbedtls/pk.c

   1 /*
   2  *  Public Key abstraction layer
   3  *
   4  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
   5  *  SPDX-License-Identifier: GPL-2.0
   6  *
   7  *  This program is free software; you can redistribute it and/or modify
   8  *  it under the terms of the GNU General Public License as published by
   9  *  the Free Software Foundation; either version 2 of the License, or
  10  *  (at your option) any later version.
  11  *
  12  *  This program is distributed in the hope that it will be useful,
  13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  *  GNU General Public License for more details.
  16  *
  17  *  You should have received a copy of the GNU General Public License along
  18  *  with this program; if not, write to the Free Software Foundation, Inc.,
  19  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  *  This file is part of mbed TLS (https://tls.mbed.org)
  22  */
  23
  24 #if !defined(MBEDTLS_CONFIG_FILE)
  25 #include "mbedtls/config.h"
  26 #else
  27 #include MBEDTLS_CONFIG_FILE
  28 #endif
  29
  30 #if defined(MBEDTLS_PK_C)
  31 #include "mbedtls/pk.h"
  32 #include "mbedtls/pk_internal.h"
  33
  34 #include "mbedtls/platform_util.h"
  35
  36 #if defined(MBEDTLS_RSA_C)
  37 #include "mbedtls/rsa.h"
  38 #endif
  39 #if defined(MBEDTLS_ECP_C)
  40 #include "mbedtls/ecp.h"
  41 #endif
  42 #if defined(MBEDTLS_ECDSA_C)
  43 #include "mbedtls/ecdsa.h"
  44 #endif
  45
  46 #include <limits.h>
  47 #include <stdint.h>
  48
  49 /*
  50  * Initialise a mbedtls_pk_context
  51  */
  52 void mbedtls_pk_init( mbedtls_pk_context *ctx )
  53 {
  54     if( ctx == NULL )
  55         return;
  56
  57     ctx->pk_info = NULL;
  58     ctx->pk_ctx = NULL;
  59 }
  60
  61 /*
  62  * Free (the components of) a mbedtls_pk_context
  63  */
  64 void mbedtls_pk_free( mbedtls_pk_context *ctx )
  65 {
  66     if( ctx == NULL || ctx->pk_info == NULL )
  67         return;
  68
  69     ctx->pk_info->ctx_free_func( ctx->pk_ctx );
  70
  71     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
  72 }
  73
  74 /*
  75  * Get pk_info structure from type
  76  */
  77 const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
  78 {
  79     switch( pk_type ) {
  80 #if defined(MBEDTLS_RSA_C)
  81         case MBEDTLS_PK_RSA:
  82             return( &mbedtls_rsa_info );
  83 #endif
  84 #if defined(MBEDTLS_ECP_C)
  85         case MBEDTLS_PK_ECKEY:
  86             return( &mbedtls_eckey_info );
  87         case MBEDTLS_PK_ECKEY_DH:
  88             return( &mbedtls_eckeydh_info );
  89 #endif
  90 #if defined(MBEDTLS_ECDSA_C)
  91         case MBEDTLS_PK_ECDSA:
  92             return( &mbedtls_ecdsa_info );
  93 #endif
  94         /* MBEDTLS_PK_RSA_ALT omitted on purpose */
  95         default:
  96             return( NULL );
  97     }
  98 }
  99
 100 /*
 101  * Initialise context
 102  */
 103 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
 104 {
 105     if( ctx == NULL || info == NULL || ctx->pk_info != NULL )
 106         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 107
 108     if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
 109         return( MBEDTLS_ERR_PK_ALLOC_FAILED );
 110
 111     ctx->pk_info = info;
 112
 113     return( 0 );
 114 }
 115
 116 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
 117 /*
 118  * Initialize an RSA-alt context
 119  */
 120 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
 121                          mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
 122                          mbedtls_pk_rsa_alt_sign_func sign_func,
 123                          mbedtls_pk_rsa_alt_key_len_func key_len_func )
 124 {
 125     mbedtls_rsa_alt_context *rsa_alt;
 126     const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
 127
 128     if( ctx == NULL || ctx->pk_info != NULL )
 129         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 130
 131     if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
 132         return( MBEDTLS_ERR_PK_ALLOC_FAILED );
 133
 134     ctx->pk_info = info;
 135
 136     rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
 137
 138     rsa_alt->key = key;
 139     rsa_alt->decrypt_func = decrypt_func;
 140     rsa_alt->sign_func = sign_func;
 141     rsa_alt->key_len_func = key_len_func;
 142
 143     return( 0 );
 144 }
 145 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
 146
 147 /*
 148  * Tell if a PK can do the operations of the given type
 149  */
 150 int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
 151 {
 152     /* null or NONE context can't do anything */
 153     if( ctx == NULL || ctx->pk_info == NULL )
 154         return( 0 );
 155
 156     return( ctx->pk_info->can_do( type ) );
 157 }
 158
 159 /*
 160  * Helper for mbedtls_pk_sign and mbedtls_pk_verify
 161  */
 162 static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
 163 {
 164     const mbedtls_md_info_t *md_info;
 165
 166     if( *hash_len != 0 )
 167         return( 0 );
 168
 169     if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
 170         return( -1 );
 171
 172     *hash_len = mbedtls_md_get_size( md_info );
 173     return( 0 );
 174 }
 175
 176 /*
 177  * Verify a signature
 178  */
 179 int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
 180                const unsigned char *hash, size_t hash_len,
 181                const unsigned char *sig, size_t sig_len )
 182 {
 183     if( ctx == NULL || ctx->pk_info == NULL ||
 184         pk_hashlen_helper( md_alg, &hash_len ) != 0 )
 185         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 186
 187     if( ctx->pk_info->verify_func == NULL )
 188         return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 189
 190     return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
 191                                        sig, sig_len ) );
 192 }
 193
 194 /*
 195  * Verify a signature with options
 196  */
 197 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
 198                    mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
 199                    const unsigned char *hash, size_t hash_len,
 200                    const unsigned char *sig, size_t sig_len )
 201 {
 202     if( ctx == NULL || ctx->pk_info == NULL )
 203         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 204
 205     if( ! mbedtls_pk_can_do( ctx, type ) )
 206         return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 207
 208     if( type == MBEDTLS_PK_RSASSA_PSS )
 209     {
 210 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
 211         int ret;
 212         const mbedtls_pk_rsassa_pss_options *pss_opts;
 213
 214 #if SIZE_MAX > UINT_MAX
 215         if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
 216             return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 217 #endif /* SIZE_MAX > UINT_MAX */
 218
 219         if( options == NULL )
 220             return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 221
 222         pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
 223
 224         if( sig_len < mbedtls_pk_get_len( ctx ) )
 225             return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
 226
 227         ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
 228                 NULL, NULL, MBEDTLS_RSA_PUBLIC,
 229                 md_alg, (unsigned int) hash_len, hash,
 230                 pss_opts->mgf1_hash_id,
 231                 pss_opts->expected_salt_len,
 232                 sig );
 233         if( ret != 0 )
 234             return( ret );
 235
 236         if( sig_len > mbedtls_pk_get_len( ctx ) )
 237             return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
 238
 239         return( 0 );
 240 #else
 241         return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
 242 #endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
 243     }
 244
 245     /* General case: no options */
 246     if( options != NULL )
 247         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 248
 249     return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
 250 }
 251
 252 /*
 253  * Make a signature
 254  */
 255 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
 256              const unsigned char *hash, size_t hash_len,
 257              unsigned char *sig, size_t *sig_len,
 258              int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
 259 {
 260     if( ctx == NULL || ctx->pk_info == NULL ||
 261         pk_hashlen_helper( md_alg, &hash_len ) != 0 )
 262         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 263
 264     if( ctx->pk_info->sign_func == NULL )
 265         return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 266
 267     return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
 268                                      sig, sig_len, f_rng, p_rng ) );
 269 }
 270
 271 /*
 272  * Decrypt message
 273  */
 274 int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
 275                 const unsigned char *input, size_t ilen,
 276                 unsigned char *output, size_t *olen, size_t osize,
 277                 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
 278 {
 279     if( ctx == NULL || ctx->pk_info == NULL )
 280         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 281
 282     if( ctx->pk_info->decrypt_func == NULL )
 283         return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 284
 285     return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
 286                 output, olen, osize, f_rng, p_rng ) );
 287 }
 288
 289 /*
 290  * Encrypt message
 291  */
 292 int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
 293                 const unsigned char *input, size_t ilen,
 294                 unsigned char *output, size_t *olen, size_t osize,
 295                 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
 296 {
 297     if( ctx == NULL || ctx->pk_info == NULL )
 298         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 299
 300     if( ctx->pk_info->encrypt_func == NULL )
 301         return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 302
 303     return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
 304                 output, olen, osize, f_rng, p_rng ) );
 305 }
 306
 307 /*
 308  * Check public-private key pair
 309  */
 310 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
 311 {
 312     if( pub == NULL || pub->pk_info == NULL ||
 313         prv == NULL || prv->pk_info == NULL ||
 314         prv->pk_info->check_pair_func == NULL )
 315     {
 316         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 317     }
 318
 319     if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
 320     {
 321         if( pub->pk_info->type != MBEDTLS_PK_RSA )
 322             return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 323     }
 324     else
 325     {
 326         if( pub->pk_info != prv->pk_info )
 327             return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 328     }
 329
 330     return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
 331 }
 332
 333 /*
 334  * Get key size in bits
 335  */
 336 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
 337 {
 338     if( ctx == NULL || ctx->pk_info == NULL )
 339         return( 0 );
 340
 341     return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
 342 }
 343
 344 /*
 345  * Export debug information
 346  */
 347 int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
 348 {
 349     if( ctx == NULL || ctx->pk_info == NULL )
 350         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 351
 352     if( ctx->pk_info->debug_func == NULL )
 353         return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
 354
 355     ctx->pk_info->debug_func( ctx->pk_ctx, items );
 356     return( 0 );
 357 }
 358
 359 /*
 360  * Access the PK type name
 361  */
 362 const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
 363 {
 364     if( ctx == NULL || ctx->pk_info == NULL )
 365         return( "invalid PK" );
 366
 367     return( ctx->pk_info->name );
 368 }
 369
 370 /*
 371  * Access the PK type
 372  */
 373 mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
 374 {
 375     if( ctx == NULL || ctx->pk_info == NULL )
 376         return( MBEDTLS_PK_NONE );
 377
 378     return( ctx->pk_info->type );
 379 }
 380
 381 #endif /* MBEDTLS_PK_C */