TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a69e872001f8bb8209b68918e3c27122400eb45f / . / include / mbedtls / pkcs5.h
blob: 9ba5689d4a259338c7dbc03c1b4f4e4c7f3b1047 [file] [log] [blame]
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]1/**
Paul Bakkerdcbfdcc2013-09-10 16:16:50 +0200[diff] [blame]2 * \file pkcs5.h
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]3 *
4 * \brief PKCS#5 functions
5 *
6 * \author Mathias Olsson <mathias@kompetensum.com>
Darryl Greena40a1012018-01-05 15:33:17 +0000[diff] [blame]7 */
8/*
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]9 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]10 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]11 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]12#ifndef MBEDTLS_PKCS5_H
13#define MBEDTLS_PKCS5_H
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]14
Bence Szépkútic662b362021-05-27 11:25:03 +0200[diff] [blame]15#include "mbedtls/build_info.h"
Waleed Elmelegyc9f40402023-08-08 15:28:15 +0100[diff] [blame]16#include "mbedtls/platform_util.h"
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]17
Jaeden Ameroc49fbbf2019-07-04 20:01:14 +0100[diff] [blame]18#include "mbedtls/asn1.h"
19#include "mbedtls/md.h"
Valerio Setti4577bda2023-12-01 16:51:24 +0100[diff] [blame]20#include "mbedtls/cipher.h"
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]21
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]22#include <stddef.h>
Manuel Pégourié-Gonnardab229102015-04-15 11:53:16 +0200[diff] [blame]23#include <stdint.h>
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]24
Gilles Peskined2971572021-07-26 18:48:10 +0200[diff] [blame]25/** Bad input parameters to function. */
26#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80
27/** Unexpected ASN.1 data. */
28#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00
29/** Requested encryption or digest alg not available. */
30#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80
31/** Given private key password does not allow for correct decryption. */
32#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]33
Valerio Setti4577bda2023-12-01 16:51:24 +0100[diff] [blame]34#define MBEDTLS_PKCS5_DECRYPT MBEDTLS_DECRYPT
35#define MBEDTLS_PKCS5_ENCRYPT MBEDTLS_ENCRYPT
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]36
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]37#ifdef __cplusplus
38extern "C" {
39#endif
40
Valerio Settia69e8722023-12-21 16:37:29 +0100[diff] [blame^]41#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C)
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]42
Waleed Elmelegyc9f40402023-08-08 15:28:15 +0100[diff] [blame]43#if !defined(MBEDTLS_DEPRECATED_REMOVED)
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]44/**
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]45 * \brief PKCS#5 PBES2 function
46 *
Waleed Elmelegy708d78f2023-07-19 14:01:35 +0100[diff] [blame]47 * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must
48 * be enabled at compile time.
49 *
Waleed Elmelegyc9f40402023-08-08 15:28:15 +0100[diff] [blame]50 * \deprecated This function is deprecated and will be removed in a
51 * future version of the library.
52 * Please use mbedtls_pkcs5_pbes2_ext() instead.
53 *
Waleed Elmelegy708d78f2023-07-19 14:01:35 +0100[diff] [blame]54 * \warning When decrypting:
55 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile
56 * time, this function validates the CBC padding and returns
57 * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is
58 * invalid. Note that this can help active adversaries
59 * attempting to brute-forcing the password. Note also that
60 * there is no guarantee that an invalid password will be
61 * detected (the chances of a valid padding with a random
62 * password are about 1/255).
63 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile
64 * time, this function does not validate the CBC padding.
65 *
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]66 * \param pbe_params the ASN.1 algorithm parameters
Waleed Elmelegy79b6e262023-08-29 14:55:03 +0100[diff] [blame]67 * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]68 * \param pwd password to use when generating key
Paul Bakkerdcbfdcc2013-09-10 16:16:50 +0200[diff] [blame]69 * \param pwdlen length of password
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]70 * \param data data to process
71 * \param datalen length of data
Waleed Elmelegy708d78f2023-07-19 14:01:35 +0100[diff] [blame]72 * \param output Output buffer.
Waleed Elmelegyf50767d2023-08-03 15:42:55 +0100[diff] [blame]73 * On success, it contains the encrypted or decrypted data,
74 * possibly followed by the CBC padding.
75 * On failure, the content is indeterminate.
Waleed Elmelegy708d78f2023-07-19 14:01:35 +0100[diff] [blame]76 * For decryption, there must be enough room for \p datalen
77 * bytes.
78 * For encryption, there must be enough room for
79 * \p datalen + 1 bytes, rounded up to the block size of
80 * the block cipher identified by \p pbe_params.
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]81 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]82 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]83 */
Waleed Elmelegyc9f40402023-08-08 15:28:15 +0100[diff] [blame]84int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
85 const unsigned char *pwd, size_t pwdlen,
86 const unsigned char *data, size_t datalen,
87 unsigned char *output);
88#endif /* MBEDTLS_DEPRECATED_REMOVED */
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]89
Waleed Elmelegy5d3f3152023-08-01 14:56:30 +0100[diff] [blame]90#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
91
92/**
93 * \brief PKCS#5 PBES2 function
94 *
95 * \warning When decrypting:
96 * - This function validates the CBC padding and returns
97 * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is
98 * invalid. Note that this can help active adversaries
99 * attempting to brute-forcing the password. Note also that
100 * there is no guarantee that an invalid password will be
101 * detected (the chances of a valid padding with a random
102 * password are about 1/255).
103 *
104 * \param pbe_params the ASN.1 algorithm parameters
Waleed Elmelegy79b6e262023-08-29 14:55:03 +0100[diff] [blame]105 * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT
Waleed Elmelegy5d3f3152023-08-01 14:56:30 +0100[diff] [blame]106 * \param pwd password to use when generating key
107 * \param pwdlen length of password
108 * \param data data to process
109 * \param datalen length of data
110 * \param output Output buffer.
Waleed Elmelegy12dd0402023-08-17 15:08:03 +0100[diff] [blame]111 * On success, it contains the decrypted data.
Waleed Elmelegy5d3f3152023-08-01 14:56:30 +0100[diff] [blame]112 * On failure, the content is indetermidate.
113 * For decryption, there must be enough room for \p datalen
114 * bytes.
115 * For encryption, there must be enough room for
116 * \p datalen + 1 bytes, rounded up to the block size of
117 * the block cipher identified by \p pbe_params.
118 * \param output_size size of output buffer.
119 * This must be big enough to accommodate for output plus
120 * padding data.
Waleed Elmelegy12dd0402023-08-17 15:08:03 +0100[diff] [blame]121 * \param output_len On success, length of actual data written to the output buffer.
Waleed Elmelegy5d3f3152023-08-01 14:56:30 +0100[diff] [blame]122 *
Waleed Elmelegy79b6e262023-08-29 14:55:03 +0100[diff] [blame]123 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if parsing or decryption fails.
Waleed Elmelegy5d3f3152023-08-01 14:56:30 +0100[diff] [blame]124 */
125int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode,
126 const unsigned char *pwd, size_t pwdlen,
127 const unsigned char *data, size_t datalen,
128 unsigned char *output, size_t output_size,
129 size_t *output_len);
130
131#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
132
Valerio Settia69e8722023-12-21 16:37:29 +0100[diff] [blame^]133#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C*/
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]134
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]135/**
Andrzej Kurekdd36c762022-08-31 13:29:38 -0400[diff] [blame]136 * \brief PKCS#5 PBKDF2 using HMAC without using the HMAC context
137 *
138 * \param md_type Hash algorithm used
139 * \param password Password to use when generating key
140 * \param plen Length of password
141 * \param salt Salt to use when generating key
142 * \param slen Length of salt
143 * \param iteration_count Iteration count
144 * \param key_length Length of generated key in bytes
145 * \param output Generated key. Must be at least as big as key_length
146 *
147 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
148 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]149int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_type,
150 const unsigned char *password,
151 size_t plen, const unsigned char *salt, size_t slen,
152 unsigned int iteration_count,
153 uint32_t key_length, unsigned char *output);
Andrzej Kurekdd36c762022-08-31 13:29:38 -0400[diff] [blame]154
Andrzej Kurekf0004712022-08-31 19:10:42 -0400[diff] [blame]155#if defined(MBEDTLS_MD_C)
Andrzej Kurek890e78a2022-08-31 14:43:53 -0400[diff] [blame]156#if !defined(MBEDTLS_DEPRECATED_REMOVED)
Andrzej Kurekdd36c762022-08-31 13:29:38 -0400[diff] [blame]157/**
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]158 * \brief PKCS#5 PBKDF2 using HMAC
159 *
Andrzej Kurek890e78a2022-08-31 14:43:53 -0400[diff] [blame]160 * \deprecated Superseded by mbedtls_pkcs5_pbkdf2_hmac_ext().
161 *
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]162 * \param ctx Generic HMAC context
163 * \param password Password to use when generating key
164 * \param plen Length of password
165 * \param salt Salt to use when generating key
166 * \param slen Length of salt
167 * \param iteration_count Iteration count
Manuel Pégourié-Gonnard898e0aa2015-06-18 15:28:12 +0200[diff] [blame]168 * \param key_length Length of generated key in bytes
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]169 * \param output Generated key. Must be at least as big as key_length
170 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]171 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]172 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]173int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx,
174 const unsigned char *password,
175 size_t plen,
176 const unsigned char *salt,
177 size_t slen,
178 unsigned int iteration_count,
179 uint32_t key_length,
180 unsigned char *output);
Andrzej Kurek890e78a2022-08-31 14:43:53 -0400[diff] [blame]181#endif /* !MBEDTLS_DEPRECATED_REMOVED */
Andrzej Kurekf0004712022-08-31 19:10:42 -0400[diff] [blame]182#endif /* MBEDTLS_MD_C */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183#if defined(MBEDTLS_SELF_TEST)
184
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]185/**
186 * \brief Checkup routine
187 *
188 * \return 0 if successful, or 1 if the test failed
189 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]190int mbedtls_pkcs5_self_test(int verbose);
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]191
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192#endif /* MBEDTLS_SELF_TEST */
193
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]194#ifdef __cplusplus
195}
196#endif
197
198#endif /* pkcs5.h */