1 /*
2 * Public Key abstraction layer
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6 *
7 * This file is provided under the Apache License 2.0, or the
8 * GNU General Public License v2.0 or later.
9 *
10 * **********
11 * Apache License 2.0:
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 *
25 * **********
26 *
27 * **********
28 * GNU General Public License v2.0 or later:
29 *
30 * This program is free software; you can redistribute it and/or modify
31 * it under the terms of the GNU General Public License as published by
32 * the Free Software Foundation; either version 2 of the License, or
33 * (at your option) any later version.
34 *
35 * This program is distributed in the hope that it will be useful,
36 * but WITHOUT ANY WARRANTY; without even the implied warranty of
37 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38 * GNU General Public License for more details.
39 *
40 * You should have received a copy of the GNU General Public License along
41 * with this program; if not, write to the Free Software Foundation, Inc.,
42 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
43 *
44 * **********
45 */
46
47 #if !defined(MBEDTLS_CONFIG_FILE)
48 #include "mbedtls/config.h"
49 #else
50 #include MBEDTLS_CONFIG_FILE
51 #endif
52
53 #if defined(MBEDTLS_PK_C)
54 #include "mbedtls/pk.h"
55 #include "mbedtls/pk_internal.h"
56
57 #include "mbedtls/platform_util.h"
58
59 #if defined(MBEDTLS_RSA_C)
60 #include "mbedtls/rsa.h"
61 #endif
62 #if defined(MBEDTLS_ECP_C)
63 #include "mbedtls/ecp.h"
64 #endif
65 #if defined(MBEDTLS_ECDSA_C)
66 #include "mbedtls/ecdsa.h"
67 #endif
68
69 #include <limits.h>
70 #include <stdint.h>
71
72 /* Parameter validation macros based on platform_util.h */
73 #define PK_VALIDATE_RET( cond ) \
74 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
75 #define PK_VALIDATE( cond ) \
76 MBEDTLS_INTERNAL_VALIDATE( cond )
77
78 /*
79 * Initialise a mbedtls_pk_context
80 */
mbedtls_pk_init(mbedtls_pk_context * ctx)81 void mbedtls_pk_init( mbedtls_pk_context *ctx )
82 {
83 PK_VALIDATE( ctx != NULL );
84
85 ctx->pk_info = NULL;
86 ctx->pk_ctx = NULL;
87 }
88
89 /*
90 * Free (the components of) a mbedtls_pk_context
91 */
mbedtls_pk_free(mbedtls_pk_context * ctx)92 void mbedtls_pk_free( mbedtls_pk_context *ctx )
93 {
94 if( ctx == NULL )
95 return;
96
97 if ( ctx->pk_info != NULL )
98 ctx->pk_info->ctx_free_func( ctx->pk_ctx );
99
100 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
101 }
102
103 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
104 /*
105 * Initialize a restart context
106 */
mbedtls_pk_restart_init(mbedtls_pk_restart_ctx * ctx)107 void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
108 {
109 PK_VALIDATE( ctx != NULL );
110 ctx->pk_info = NULL;
111 ctx->rs_ctx = NULL;
112 }
113
114 /*
115 * Free the components of a restart context
116 */
mbedtls_pk_restart_free(mbedtls_pk_restart_ctx * ctx)117 void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
118 {
119 if( ctx == NULL || ctx->pk_info == NULL ||
120 ctx->pk_info->rs_free_func == NULL )
121 {
122 return;
123 }
124
125 ctx->pk_info->rs_free_func( ctx->rs_ctx );
126
127 ctx->pk_info = NULL;
128 ctx->rs_ctx = NULL;
129 }
130 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
131
132 /*
133 * Get pk_info structure from type
134 */
mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type)135 const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
136 {
137 switch( pk_type ) {
138 #if defined(MBEDTLS_RSA_C)
139 case MBEDTLS_PK_RSA:
140 return( &mbedtls_rsa_info );
141 #endif
142 #if defined(MBEDTLS_ECP_C)
143 case MBEDTLS_PK_ECKEY:
144 return( &mbedtls_eckey_info );
145 case MBEDTLS_PK_ECKEY_DH:
146 return( &mbedtls_eckeydh_info );
147 #endif
148 #if defined(MBEDTLS_ECDSA_C)
149 case MBEDTLS_PK_ECDSA:
150 return( &mbedtls_ecdsa_info );
151 #endif
152 /* MBEDTLS_PK_RSA_ALT omitted on purpose */
153 default:
154 return( NULL );
155 }
156 }
157
158 /*
159 * Initialise context
160 */
mbedtls_pk_setup(mbedtls_pk_context * ctx,const mbedtls_pk_info_t * info)161 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
162 {
163 PK_VALIDATE_RET( ctx != NULL );
164 if( info == NULL || ctx->pk_info != NULL )
165 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
166
167 if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
168 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
169
170 ctx->pk_info = info;
171
172 return( 0 );
173 }
174
175 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
176 /*
177 * Initialize an RSA-alt context
178 */
mbedtls_pk_setup_rsa_alt(mbedtls_pk_context * ctx,void * key,mbedtls_pk_rsa_alt_decrypt_func decrypt_func,mbedtls_pk_rsa_alt_sign_func sign_func,mbedtls_pk_rsa_alt_key_len_func key_len_func)179 int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
180 mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
181 mbedtls_pk_rsa_alt_sign_func sign_func,
182 mbedtls_pk_rsa_alt_key_len_func key_len_func )
183 {
184 mbedtls_rsa_alt_context *rsa_alt;
185 const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
186
187 PK_VALIDATE_RET( ctx != NULL );
188 if( ctx->pk_info != NULL )
189 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
190
191 if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
192 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
193
194 ctx->pk_info = info;
195
196 rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
197
198 rsa_alt->key = key;
199 rsa_alt->decrypt_func = decrypt_func;
200 rsa_alt->sign_func = sign_func;
201 rsa_alt->key_len_func = key_len_func;
202
203 return( 0 );
204 }
205 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
206
207 /*
208 * Tell if a PK can do the operations of the given type
209 */
mbedtls_pk_can_do(const mbedtls_pk_context * ctx,mbedtls_pk_type_t type)210 int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
211 {
212 /* A context with null pk_info is not set up yet and can't do anything.
213 * For backward compatibility, also accept NULL instead of a context
214 * pointer. */
215 if( ctx == NULL || ctx->pk_info == NULL )
216 return( 0 );
217
218 return( ctx->pk_info->can_do( type ) );
219 }
220
221 /*
222 * Helper for mbedtls_pk_sign and mbedtls_pk_verify
223 */
pk_hashlen_helper(mbedtls_md_type_t md_alg,size_t * hash_len)224 static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
225 {
226 const mbedtls_md_info_t *md_info;
227
228 if( *hash_len != 0 && md_alg == MBEDTLS_MD_NONE )
229 return( 0 );
230
231 if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
232 return( -1 );
233
234 if ( *hash_len != 0 && *hash_len < mbedtls_md_get_size( md_info ) )
235 return ( -1 );
236
237 *hash_len = mbedtls_md_get_size( md_info );
238 return( 0 );
239 }
240
241 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
242 /*
243 * Helper to set up a restart context if needed
244 */
pk_restart_setup(mbedtls_pk_restart_ctx * ctx,const mbedtls_pk_info_t * info)245 static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx,
246 const mbedtls_pk_info_t *info )
247 {
248 /* Don't do anything if already set up or invalid */
249 if( ctx == NULL || ctx->pk_info != NULL )
250 return( 0 );
251
252 /* Should never happen when we're called */
253 if( info->rs_alloc_func == NULL || info->rs_free_func == NULL )
254 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
255
256 if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL )
257 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
258
259 ctx->pk_info = info;
260
261 return( 0 );
262 }
263 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
264
265 /*
266 * Verify a signature (restartable)
267 */
mbedtls_pk_verify_restartable(mbedtls_pk_context * ctx,mbedtls_md_type_t md_alg,const unsigned char * hash,size_t hash_len,const unsigned char * sig,size_t sig_len,mbedtls_pk_restart_ctx * rs_ctx)268 int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
269 mbedtls_md_type_t md_alg,
270 const unsigned char *hash, size_t hash_len,
271 const unsigned char *sig, size_t sig_len,
272 mbedtls_pk_restart_ctx *rs_ctx )
273 {
274 PK_VALIDATE_RET( ctx != NULL );
275 PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
276 hash != NULL );
277 PK_VALIDATE_RET( sig != NULL );
278
279 if( ctx->pk_info == NULL ||
280 pk_hashlen_helper( md_alg, &hash_len ) != 0 )
281 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
282
283 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
284 /* optimization: use non-restartable version if restart disabled */
285 if( rs_ctx != NULL &&
286 mbedtls_ecp_restart_is_enabled() &&
287 ctx->pk_info->verify_rs_func != NULL )
288 {
289 int ret;
290
291 if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
292 return( ret );
293
294 ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx,
295 md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx );
296
297 if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
298 mbedtls_pk_restart_free( rs_ctx );
299
300 return( ret );
301 }
302 #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
303 (void) rs_ctx;
304 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
305
306 if( ctx->pk_info->verify_func == NULL )
307 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
308
309 return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
310 sig, sig_len ) );
311 }
312
313 /*
314 * Verify a signature
315 */
mbedtls_pk_verify(mbedtls_pk_context * ctx,mbedtls_md_type_t md_alg,const unsigned char * hash,size_t hash_len,const unsigned char * sig,size_t sig_len)316 int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
317 const unsigned char *hash, size_t hash_len,
318 const unsigned char *sig, size_t sig_len )
319 {
320 return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len,
321 sig, sig_len, NULL ) );
322 }
323
324 /*
325 * Verify a signature with options
326 */
mbedtls_pk_verify_ext(mbedtls_pk_type_t type,const void * options,mbedtls_pk_context * ctx,mbedtls_md_type_t md_alg,const unsigned char * hash,size_t hash_len,const unsigned char * sig,size_t sig_len)327 int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
328 mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
329 const unsigned char *hash, size_t hash_len,
330 const unsigned char *sig, size_t sig_len )
331 {
332 PK_VALIDATE_RET( ctx != NULL );
333 PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
334 hash != NULL );
335 PK_VALIDATE_RET( sig != NULL );
336
337 if( ctx->pk_info == NULL )
338 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
339
340 if( ! mbedtls_pk_can_do( ctx, type ) )
341 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
342
343 if( type == MBEDTLS_PK_RSASSA_PSS )
344 {
345 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
346 int ret;
347 const mbedtls_pk_rsassa_pss_options *pss_opts;
348
349 #if SIZE_MAX > UINT_MAX
350 if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
351 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
352 #endif /* SIZE_MAX > UINT_MAX */
353
354 if( options == NULL )
355 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
356
357 pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
358
359 if( sig_len < mbedtls_pk_get_len( ctx ) )
360 return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
361
362 ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
363 NULL, NULL, MBEDTLS_RSA_PUBLIC,
364 md_alg, (unsigned int) hash_len, hash,
365 pss_opts->mgf1_hash_id,
366 pss_opts->expected_salt_len,
367 sig );
368 if( ret != 0 )
369 return( ret );
370
371 if( sig_len > mbedtls_pk_get_len( ctx ) )
372 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
373
374 return( 0 );
375 #else
376 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
377 #endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
378 }
379
380 /* General case: no options */
381 if( options != NULL )
382 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
383
384 return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
385 }
386
387 /*
388 * Make a signature (restartable)
389 */
mbedtls_pk_sign_restartable(mbedtls_pk_context * ctx,mbedtls_md_type_t md_alg,const unsigned char * hash,size_t hash_len,unsigned char * sig,size_t * sig_len,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng,mbedtls_pk_restart_ctx * rs_ctx)390 int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
391 mbedtls_md_type_t md_alg,
392 const unsigned char *hash, size_t hash_len,
393 unsigned char *sig, size_t *sig_len,
394 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
395 mbedtls_pk_restart_ctx *rs_ctx )
396 {
397 PK_VALIDATE_RET( ctx != NULL );
398 PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
399 hash != NULL );
400 PK_VALIDATE_RET( sig != NULL );
401
402 if( ctx->pk_info == NULL ||
403 pk_hashlen_helper( md_alg, &hash_len ) != 0 )
404 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
405
406 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
407 /* optimization: use non-restartable version if restart disabled */
408 if( rs_ctx != NULL &&
409 mbedtls_ecp_restart_is_enabled() &&
410 ctx->pk_info->sign_rs_func != NULL )
411 {
412 int ret;
413
414 if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
415 return( ret );
416
417 ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg,
418 hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx );
419
420 if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
421 mbedtls_pk_restart_free( rs_ctx );
422
423 return( ret );
424 }
425 #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
426 (void) rs_ctx;
427 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
428
429 if( ctx->pk_info->sign_func == NULL )
430 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
431
432 return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
433 sig, sig_len, f_rng, p_rng ) );
434 }
435
436 /*
437 * Make a signature
438 */
mbedtls_pk_sign(mbedtls_pk_context * ctx,mbedtls_md_type_t md_alg,const unsigned char * hash,size_t hash_len,unsigned char * sig,size_t * sig_len,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)439 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
440 const unsigned char *hash, size_t hash_len,
441 unsigned char *sig, size_t *sig_len,
442 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
443 {
444 return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len,
445 sig, sig_len, f_rng, p_rng, NULL ) );
446 }
447
448 /*
449 * Decrypt message
450 */
mbedtls_pk_decrypt(mbedtls_pk_context * ctx,const unsigned char * input,size_t ilen,unsigned char * output,size_t * olen,size_t osize,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)451 int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
452 const unsigned char *input, size_t ilen,
453 unsigned char *output, size_t *olen, size_t osize,
454 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
455 {
456 PK_VALIDATE_RET( ctx != NULL );
457 PK_VALIDATE_RET( input != NULL || ilen == 0 );
458 PK_VALIDATE_RET( output != NULL || osize == 0 );
459 PK_VALIDATE_RET( olen != NULL );
460
461 if( ctx->pk_info == NULL )
462 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
463
464 if( ctx->pk_info->decrypt_func == NULL )
465 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
466
467 return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
468 output, olen, osize, f_rng, p_rng ) );
469 }
470
471 /*
472 * Encrypt message
473 */
mbedtls_pk_encrypt(mbedtls_pk_context * ctx,const unsigned char * input,size_t ilen,unsigned char * output,size_t * olen,size_t osize,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)474 int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
475 const unsigned char *input, size_t ilen,
476 unsigned char *output, size_t *olen, size_t osize,
477 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
478 {
479 PK_VALIDATE_RET( ctx != NULL );
480 PK_VALIDATE_RET( input != NULL || ilen == 0 );
481 PK_VALIDATE_RET( output != NULL || osize == 0 );
482 PK_VALIDATE_RET( olen != NULL );
483
484 if( ctx->pk_info == NULL )
485 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
486
487 if( ctx->pk_info->encrypt_func == NULL )
488 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
489
490 return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
491 output, olen, osize, f_rng, p_rng ) );
492 }
493
494 /*
495 * Check public-private key pair
496 */
mbedtls_pk_check_pair(const mbedtls_pk_context * pub,const mbedtls_pk_context * prv)497 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
498 {
499 PK_VALIDATE_RET( pub != NULL );
500 PK_VALIDATE_RET( prv != NULL );
501
502 if( pub->pk_info == NULL ||
503 prv->pk_info == NULL ||
504 prv->pk_info->check_pair_func == NULL )
505 {
506 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
507 }
508
509 if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
510 {
511 if( pub->pk_info->type != MBEDTLS_PK_RSA )
512 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
513 }
514 else
515 {
516 if( pub->pk_info != prv->pk_info )
517 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
518 }
519
520 return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
521 }
522
523 /*
524 * Get key size in bits
525 */
mbedtls_pk_get_bitlen(const mbedtls_pk_context * ctx)526 size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
527 {
528 /* For backward compatibility, accept NULL or a context that
529 * isn't set up yet, and return a fake value that should be safe. */
530 if( ctx == NULL || ctx->pk_info == NULL )
531 return( 0 );
532
533 return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
534 }
535
536 /*
537 * Export debug information
538 */
mbedtls_pk_debug(const mbedtls_pk_context * ctx,mbedtls_pk_debug_item * items)539 int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
540 {
541 PK_VALIDATE_RET( ctx != NULL );
542 if( ctx->pk_info == NULL )
543 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
544
545 if( ctx->pk_info->debug_func == NULL )
546 return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
547
548 ctx->pk_info->debug_func( ctx->pk_ctx, items );
549 return( 0 );
550 }
551
552 /*
553 * Access the PK type name
554 */
mbedtls_pk_get_name(const mbedtls_pk_context * ctx)555 const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
556 {
557 if( ctx == NULL || ctx->pk_info == NULL )
558 return( "invalid PK" );
559
560 return( ctx->pk_info->name );
561 }
562
563 /*
564 * Access the PK type
565 */
mbedtls_pk_get_type(const mbedtls_pk_context * ctx)566 mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
567 {
568 if( ctx == NULL || ctx->pk_info == NULL )
569 return( MBEDTLS_PK_NONE );
570
571 return( ctx->pk_info->type );
572 }
573
574 #endif /* MBEDTLS_PK_C */
575