TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b3d9187cea02e745b05d4fd686d95f0836d81c08^! / . / include / polarssl
commitb3d9187cea02e745b05d4fd686d95f0836d81c08[log] [tgz]
authorManuel Pégourié-Gonnard <mpg@elzevir.fr>Wed Aug 14 15:56:19 2013 +0200
committerManuel Pégourié-Gonnard <mpg@elzevir.fr>Tue Aug 20 20:46:04 2013 +0200
tree3270d8a1a4880a6b831ffd086bdf80d17111b22f
parent765db07dfbb68f9eb0bfdd7d0a5a02386580d3a2 [diff]
PK: add nice interface functions

Also fix a const-corectness issue.

diff --git a/include/polarssl/error.h b/include/polarssl/error.h
index 45a6640..10e68f8 100644
--- a/include/polarssl/error.h
+++ b/include/polarssl/error.h

@@ -84,7 +84,7 @@
  * ECP      4   4 (Started from top)
  * MD       5   4
  * CIPHER   6   5
- * SSL      6   5 (Started from top)
+ * SSL      6   6 (Started from top)
  * SSL      7   31
  *
  * Module dependent error code (5 bits 0x.08.-0x.F8.)

diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h
index 83dc2d0..4f9fdb1 100644
--- a/include/polarssl/pk.h
+++ b/include/polarssl/pk.h

@@ -93,7 +93,7 @@
     const char *name;
 
     /** Get key size in bits */
-    size_t (*get_size)( void * );
+    size_t (*get_size)( const void * );
 
     /** Tell if the context implements this type (eg ECKEY can do ECDSA) */
     int (*can_do)( pk_type_t type );
@@ -146,6 +146,42 @@
  */
 int pk_set_type( pk_context *ctx, pk_type_t type );
 
+/**
+ * \brief           Get the size in bits of the underlying key
+ *
+ * \param ctx       Context to use
+ *
+ * \return          Key size in bits, or 0 on error
+ */
+size_t pk_get_size( const pk_context *ctx );
+
+/**
+ * \brief           Tell if a context can do the operation given by type
+ *
+ * \param ctx       Context to test
+ * \param type      Target type
+ *
+ * \return          0 if context can't do the operations,
+ *                  1 otherwise.
+ */
+int pk_can_do( pk_context *ctx, pk_type_t type );
+
+/**
+ * \brief           Verify signature
+ *
+ * \param ctx       PK context to use
+ * \param hash      Hash of the message to sign
+ * \param md_info   Information about the hash function used
+ * \param sig       Signature to verify
+ * \param sig_len   Signature length
+ *
+ * \return          0 on success (signature is valid),
+ *                  or a specific error code.
+ */
+int pk_verify( pk_context *ctx,
+               const unsigned char *hash, const md_info_t *md_info,
+               const unsigned char *sig, size_t sig_len );
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 7a468c4..d5a2fc0 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h

@@ -110,7 +110,7 @@
 #define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION           -0x6E80  /**< Handshake protocol not within min/max boundaries */
 #define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET         -0x6E00  /**< Processing of the NewSessionTicket handshake message failed. */
 #define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED            -0x6D80  /**< Session ticket has expired. */
-
+#define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH                  -0x6D00  /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
 
 /*
  * Various constants