TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / refs/heads/mbedtls-2.28 / . / include / mbedtls / pkcs5.h
blob: 05bea484f17a777549708e88b77a48944bef62ed [file] [log] [blame]
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]1/**
Paul Bakkerdcbfdcc2013-09-10 16:16:50 +0200[diff] [blame]2 * \file pkcs5.h
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]3 *
4 * \brief PKCS#5 functions
5 *
6 * \author Mathias Olsson <mathias@kompetensum.com>
Darryl Greena40a1012018-01-05 15:33:17 +0000[diff] [blame]7 */
8/*
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]9 * Copyright The Mbed TLS Contributors
Dave Rodgman7ff79652023-11-03 12:04:52 +0000[diff] [blame]10 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]11 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]12#ifndef MBEDTLS_PKCS5_H
13#define MBEDTLS_PKCS5_H
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]14
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]15#if !defined(MBEDTLS_CONFIG_FILE)
Jaeden Ameroc49fbbf2019-07-04 20:01:14 +0100[diff] [blame]16#include "mbedtls/config.h"
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]17#else
18#include MBEDTLS_CONFIG_FILE
19#endif
20
Jaeden Ameroc49fbbf2019-07-04 20:01:14 +0100[diff] [blame]21#include "mbedtls/asn1.h"
22#include "mbedtls/md.h"
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]23
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]24#include <stddef.h>
Manuel Pégourié-Gonnardab229102015-04-15 11:53:16 +0200[diff] [blame]25#include <stdint.h>
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]26
Gilles Peskinea3974432021-07-26 18:48:10 +0200[diff] [blame]27/** Bad input parameters to function. */
28#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80
29/** Unexpected ASN.1 data. */
30#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00
31/** Requested encryption or digest alg not available. */
32#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80
33/** Given private key password does not allow for correct decryption. */
34#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]35
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]36#define MBEDTLS_PKCS5_DECRYPT 0
37#define MBEDTLS_PKCS5_ENCRYPT 1
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]38
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]39#ifdef __cplusplus
40extern "C" {
41#endif
42
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]43#if defined(MBEDTLS_ASN1_PARSE_C)
44
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]45/**
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]46 * \brief PKCS#5 PBES2 function
47 *
Waleed Elmelegy412629c2023-07-19 14:01:35 +0100[diff] [blame]48 * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must
49 * be enabled at compile time.
50 *
51 * \warning When decrypting:
52 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile
53 * time, this function validates the CBC padding and returns
54 * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is
55 * invalid. Note that this can help active adversaries
56 * attempting to brute-forcing the password. Note also that
57 * there is no guarantee that an invalid password will be
58 * detected (the chances of a valid padding with a random
59 * password are about 1/255).
60 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile
61 * time, this function does not validate the CBC padding.
62 *
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]63 * \param pbe_params the ASN.1 algorithm parameters
Waleed Elmelegydcad1682023-08-29 14:55:03 +0100[diff] [blame]64 * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]65 * \param pwd password to use when generating key
Paul Bakkerdcbfdcc2013-09-10 16:16:50 +0200[diff] [blame]66 * \param pwdlen length of password
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]67 * \param data data to process
68 * \param datalen length of data
Waleed Elmelegy412629c2023-07-19 14:01:35 +0100[diff] [blame]69 * \param output Output buffer.
Waleed Elmelegy01b6df72023-08-03 15:42:55 +0100[diff] [blame]70 * On success, it contains the encrypted or decrypted data,
71 * possibly followed by the CBC padding.
72 * On failure, the content is indeterminate.
Waleed Elmelegy412629c2023-07-19 14:01:35 +0100[diff] [blame]73 * For decryption, there must be enough room for \p datalen
74 * bytes.
75 * For encryption, there must be enough room for
76 * \p datalen + 1 bytes, rounded up to the block size of
77 * the block cipher identified by \p pbe_params.
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]78 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]79 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]80 */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]81int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
82 const unsigned char *pwd, size_t pwdlen,
83 const unsigned char *data, size_t datalen,
84 unsigned char *output);
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]85
Waleed Elmelegyb66cb652023-08-01 14:56:30 +0100[diff] [blame]86#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
87
88/**
89 * \brief PKCS#5 PBES2 function
90 *
91 * \warning When decrypting:
92 * - This function validates the CBC padding and returns
93 * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is
94 * invalid. Note that this can help active adversaries
95 * attempting to brute-forcing the password. Note also that
96 * there is no guarantee that an invalid password will be
97 * detected (the chances of a valid padding with a random
98 * password are about 1/255).
99 *
100 * \param pbe_params the ASN.1 algorithm parameters
Waleed Elmelegydcad1682023-08-29 14:55:03 +0100[diff] [blame]101 * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT
Waleed Elmelegyb66cb652023-08-01 14:56:30 +0100[diff] [blame]102 * \param pwd password to use when generating key
103 * \param pwdlen length of password
104 * \param data data to process
105 * \param datalen length of data
106 * \param output Output buffer.
Waleed Elmelegy7d8f95b2023-08-17 15:08:03 +0100[diff] [blame]107 * On success, it contains the decrypted data.
Waleed Elmelegyb66cb652023-08-01 14:56:30 +0100[diff] [blame]108 * On failure, the content is indetermidate.
109 * For decryption, there must be enough room for \p datalen
110 * bytes.
111 * For encryption, there must be enough room for
112 * \p datalen + 1 bytes, rounded up to the block size of
113 * the block cipher identified by \p pbe_params.
114 * \param output_size size of output buffer.
115 * This must be big enough to accommodate for output plus
116 * padding data.
Waleed Elmelegy7d8f95b2023-08-17 15:08:03 +0100[diff] [blame]117 * \param output_len On success, length of actual data written to the output buffer.
Waleed Elmelegyb66cb652023-08-01 14:56:30 +0100[diff] [blame]118 *
Waleed Elmelegydcad1682023-08-29 14:55:03 +0100[diff] [blame]119 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if parsing or decryption fails.
Waleed Elmelegyb66cb652023-08-01 14:56:30 +0100[diff] [blame]120 */
121int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode,
122 const unsigned char *pwd, size_t pwdlen,
123 const unsigned char *data, size_t datalen,
124 unsigned char *output, size_t output_size,
125 size_t *output_len);
126
127#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
128
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129#endif /* MBEDTLS_ASN1_PARSE_C */
130
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]131/**
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]132 * \brief PKCS#5 PBKDF2 using HMAC
133 *
134 * \param ctx Generic HMAC context
135 * \param password Password to use when generating key
136 * \param plen Length of password
137 * \param salt Salt to use when generating key
138 * \param slen Length of salt
139 * \param iteration_count Iteration count
Manuel Pégourié-Gonnard898e0aa2015-06-18 15:28:12 +0200[diff] [blame]140 * \param key_length Length of generated key in bytes
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]141 * \param output Generated key. Must be at least as big as key_length
142 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]143 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]144 */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]145int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password,
146 size_t plen, const unsigned char *salt, size_t slen,
147 unsigned int iteration_count,
148 uint32_t key_length, unsigned char *output);
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]149
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]150#if defined(MBEDTLS_SELF_TEST)
151
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]152/**
153 * \brief Checkup routine
154 *
155 * \return 0 if successful, or 1 if the test failed
156 */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]157int mbedtls_pkcs5_self_test(int verbose);
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]158
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]159#endif /* MBEDTLS_SELF_TEST */
160
Paul Bakkerb0c19a42013-06-24 19:26:38 +0200[diff] [blame]161#ifdef __cplusplus
162}
163#endif
164
165#endif /* pkcs5.h */