TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 8bb9851e01e72a7cba87251b1944f7cf7b180dc7 / . / interface / include / mbedtls / pkcs12.h
blob: 87f7681f29a7be05bee7ff7a9786faf692f987f4 [file] [log] [blame]
Antonio de Angelis8bb98512024-01-16 14:13:36 +0000[diff] [blame^]1/**
2 * \file pkcs12.h
3 *
4 * \brief PKCS#12 Personal Information Exchange Syntax
5 */
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9 */
10#ifndef MBEDTLS_PKCS12_H
11#define MBEDTLS_PKCS12_H
12
13#include "mbedtls/build_info.h"
14
15#include "mbedtls/md.h"
16#include "mbedtls/cipher.h"
17#include "mbedtls/asn1.h"
18
19#include <stddef.h>
20
21/** Bad input parameters to function. */
22#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80
23/** Feature not available, e.g. unsupported encryption scheme. */
24#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00
25/** PBE ASN.1 data not as expected. */
26#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80
27/** Given private key password does not allow for correct decryption. */
28#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00
29
30#define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
31#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
32#define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */
33
34#define MBEDTLS_PKCS12_PBE_DECRYPT MBEDTLS_DECRYPT
35#define MBEDTLS_PKCS12_PBE_ENCRYPT MBEDTLS_ENCRYPT
36
37#ifdef __cplusplus
38extern "C" {
39#endif
40
41#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C)
42
43#if !defined(MBEDTLS_DEPRECATED_REMOVED)
44/**
45 * \brief PKCS12 Password Based function (encryption / decryption)
46 * for cipher-based and mbedtls_md-based PBE's
47 *
48 * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must
49 * be enabled at compile time.
50 *
51 * \deprecated This function is deprecated and will be removed in a
52 * future version of the library.
53 * Please use mbedtls_pkcs12_pbe_ext() instead.
54 *
55 * \warning When decrypting:
56 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile
57 * time, this function validates the CBC padding and returns
58 * #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is
59 * invalid. Note that this can help active adversaries
60 * attempting to brute-forcing the password. Note also that
61 * there is no guarantee that an invalid password will be
62 * detected (the chances of a valid padding with a random
63 * password are about 1/255).
64 * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile
65 * time, this function does not validate the CBC padding.
66 *
67 * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure
68 * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or
69 * #MBEDTLS_PKCS12_PBE_DECRYPT
70 * \param cipher_type the cipher used
71 * \param md_type the mbedtls_md used
72 * \param pwd Latin1-encoded password used. This may only be \c NULL when
73 * \p pwdlen is 0. No null terminator should be used.
74 * \param pwdlen length of the password (may be 0)
75 * \param data the input data
76 * \param len data length
77 * \param output Output buffer.
78 * On success, it contains the encrypted or decrypted data,
79 * possibly followed by the CBC padding.
80 * On failure, the content is indeterminate.
81 * For decryption, there must be enough room for \p len
82 * bytes.
83 * For encryption, there must be enough room for
84 * \p len + 1 bytes, rounded up to the block size of
85 * the block cipher identified by \p pbe_params.
86 *
87 * \return 0 if successful, or a MBEDTLS_ERR_XXX code
88 */
89int MBEDTLS_DEPRECATED mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
90 mbedtls_cipher_type_t cipher_type,
91 mbedtls_md_type_t md_type,
92 const unsigned char *pwd, size_t pwdlen,
93 const unsigned char *data, size_t len,
94 unsigned char *output);
95#endif /* MBEDTLS_DEPRECATED_REMOVED */
96
97#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
98
99/**
100 * \brief PKCS12 Password Based function (encryption / decryption)
101 * for cipher-based and mbedtls_md-based PBE's
102 *
103 *
104 * \warning When decrypting:
105 * - This function validates the CBC padding and returns
106 * #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is
107 * invalid. Note that this can help active adversaries
108 * attempting to brute-forcing the password. Note also that
109 * there is no guarantee that an invalid password will be
110 * detected (the chances of a valid padding with a random
111 * password are about 1/255).
112 *
113 * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure
114 * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or
115 * #MBEDTLS_PKCS12_PBE_DECRYPT
116 * \param cipher_type the cipher used
117 * \param md_type the mbedtls_md used
118 * \param pwd Latin1-encoded password used. This may only be \c NULL when
119 * \p pwdlen is 0. No null terminator should be used.
120 * \param pwdlen length of the password (may be 0)
121 * \param data the input data
122 * \param len data length
123 * \param output Output buffer.
124 * On success, it contains the encrypted or decrypted data,
125 * possibly followed by the CBC padding.
126 * On failure, the content is indeterminate.
127 * For decryption, there must be enough room for \p len
128 * bytes.
129 * For encryption, there must be enough room for
130 * \p len + 1 bytes, rounded up to the block size of
131 * the block cipher identified by \p pbe_params.
132 * \param output_size size of output buffer.
133 * This must be big enough to accommodate for output plus
134 * padding data.
135 * \param output_len On success, length of actual data written to the output buffer.
136 *
137 * \return 0 if successful, or a MBEDTLS_ERR_XXX code
138 */
139int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode,
140 mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
141 const unsigned char *pwd, size_t pwdlen,
142 const unsigned char *data, size_t len,
143 unsigned char *output, size_t output_size,
144 size_t *output_len);
145
146#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
147
148#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C */
149
150/**
151 * \brief The PKCS#12 derivation function uses a password and a salt
152 * to produce pseudo-random bits for a particular "purpose".
153 *
154 * Depending on the given id, this function can produce an
155 * encryption/decryption key, an initialization vector or an
156 * integrity key.
157 *
158 * \param data buffer to store the derived data in
159 * \param datalen length of buffer to fill
160 * \param pwd The password to use. For compliance with PKCS#12 §B.1, this
161 * should be a BMPString, i.e. a Unicode string where each
162 * character is encoded as 2 bytes in big-endian order, with
163 * no byte order mark and with a null terminator (i.e. the
164 * last two bytes should be 0x00 0x00).
165 * \param pwdlen length of the password (may be 0).
166 * \param salt Salt buffer to use. This may only be \c NULL when
167 * \p saltlen is 0.
168 * \param saltlen length of the salt (may be zero)
169 * \param mbedtls_md mbedtls_md type to use during the derivation
170 * \param id id that describes the purpose (can be
171 * #MBEDTLS_PKCS12_DERIVE_KEY, #MBEDTLS_PKCS12_DERIVE_IV or
172 * #MBEDTLS_PKCS12_DERIVE_MAC_KEY)
173 * \param iterations number of iterations
174 *
175 * \return 0 if successful, or a MD, BIGNUM type error.
176 */
177int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen,
178 const unsigned char *pwd, size_t pwdlen,
179 const unsigned char *salt, size_t saltlen,
180 mbedtls_md_type_t mbedtls_md, int id, int iterations);
181
182#ifdef __cplusplus
183}
184#endif
185
186#endif /* pkcs12.h */