TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_os / 2616e2d9709fa36caf5f50f5d92999b301aabc00 / . / lib / libmbedtls / mbedtls / include / mbedtls / pkcs5.h
blob: d4bb36dfae4ce3bc75cff577d7f5af3cf05ed837 [file] [log] [blame]
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]1/**
2 * \file pkcs5.h
3 *
4 * \brief PKCS#5 functions
5 *
6 * \author Mathias Olsson <mathias@kompetensum.com>
Jens Wiklander50a57cf2019-03-13 10:41:54 +0100[diff] [blame]7 */
8/*
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]9 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Jens Wiklander50a57cf2019-03-13 10:41:54 +0100[diff] [blame]10 * SPDX-License-Identifier: Apache-2.0
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]11 *
12 * Licensed under the Apache License, Version 2.0 (the "License"); you may
13 * not use this file except in compliance with the License.
14 * You may obtain a copy of the License at
15 *
16 * http://www.apache.org/licenses/LICENSE-2.0
17 *
18 * Unless required by applicable law or agreed to in writing, software
19 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21 * See the License for the specific language governing permissions and
22 * limitations under the License.
23 *
24 * This file is part of mbed TLS (https://tls.mbed.org)
25 */
26#ifndef MBEDTLS_PKCS5_H
27#define MBEDTLS_PKCS5_H
28
29#include "asn1.h"
30#include "md.h"
31
32#include <stddef.h>
33#include <stdint.h>
34
35#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 /**< Bad input parameters to function. */
36#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 /**< Unexpected ASN.1 data. */
37#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 /**< Requested encryption or digest alg not available. */
38#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 /**< Given private key password does not allow for correct decryption. */
39
40#define MBEDTLS_PKCS5_DECRYPT 0
41#define MBEDTLS_PKCS5_ENCRYPT 1
42
43#ifdef __cplusplus
44extern "C" {
45#endif
46
Jens Wiklander50a57cf2019-03-13 10:41:54 +0100[diff] [blame]47#if defined(MBEDTLS_ASN1_PARSE_C)
48
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]49/**
50 * \brief PKCS#5 PBES2 function
51 *
52 * \param pbe_params the ASN.1 algorithm parameters
53 * \param mode either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT
54 * \param pwd password to use when generating key
55 * \param pwdlen length of password
56 * \param data data to process
57 * \param datalen length of data
58 * \param output output buffer
59 *
60 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
61 */
62int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
63 const unsigned char *pwd, size_t pwdlen,
64 const unsigned char *data, size_t datalen,
65 unsigned char *output );
66
Jens Wiklander50a57cf2019-03-13 10:41:54 +0100[diff] [blame]67#endif /* MBEDTLS_ASN1_PARSE_C */
68
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]69/**
70 * \brief PKCS#5 PBKDF2 using HMAC
71 *
72 * \param ctx Generic HMAC context
73 * \param password Password to use when generating key
74 * \param plen Length of password
75 * \param salt Salt to use when generating key
76 * \param slen Length of salt
77 * \param iteration_count Iteration count
78 * \param key_length Length of generated key in bytes
79 * \param output Generated key. Must be at least as big as key_length
80 *
81 * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
82 */
83int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
84 size_t plen, const unsigned char *salt, size_t slen,
85 unsigned int iteration_count,
86 uint32_t key_length, unsigned char *output );
87
88/**
89 * \brief Checkup routine
90 *
91 * \return 0 if successful, or 1 if the test failed
92 */
93int mbedtls_pkcs5_self_test( int verbose );
94
95#ifdef __cplusplus
96}
97#endif
98
99#endif /* pkcs5.h */