File pkcs5.h

PKCS#5 functions.

Author

Mathias Olsson mathias@kompetensum.com

Defines

MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA

Bad input parameters to function.

MBEDTLS_ERR_PKCS5_INVALID_FORMAT

Unexpected ASN.1 data.

MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE

Requested encryption or digest alg not available.

MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH

Given private key password does not allow for correct decryption.

MBEDTLS_PKCS5_DECRYPT
MBEDTLS_PKCS5_ENCRYPT

Functions

int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t datalen, unsigned char *output, size_t output_size, size_t *output_len)

PKCS#5 PBES2 function.

Warning

When decrypting:

  • This function validates the CBC padding and returns MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is invalid. Note that this can help active adversaries attempting to brute-forcing the password. Note also that there is no guarantee that an invalid password will be detected (the chances of a valid padding with a random password are about 1/255).

Parameters

  • pbe_params – the ASN.1 algorithm parameters

  • mode – either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT

  • pwd – password to use when generating key

  • pwdlen – length of password

  • data – data to process

  • datalen – length of data

  • output – Output buffer. On success, it contains the decrypted data. On failure, the content is indetermidate. For decryption, there must be enough room for datalen bytes. For encryption, there must be enough room for datalen + 1 bytes, rounded up to the block size of the block cipher identified by pbe_params.

  • output_size – size of output buffer. This must be big enough to accommodate for output plus padding data.

  • output_len – On success, length of actual data written to the output buffer.

Returns

0 on success, or a MBEDTLS_ERR_XXX code if parsing or decryption fails.

int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_type, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, unsigned int iteration_count, uint32_t key_length, unsigned char *output)

PKCS#5 PBKDF2 using HMAC without using the HMAC context.

Parameters

  • md_type – Hash algorithm used

  • password – Password to use when generating key

  • plen – Length of password

  • salt – Salt to use when generating key

  • slen – Length of salt

  • iteration_count – Iteration count

  • key_length – Length of generated key in bytes

  • output – Generated key. Must be at least as big as key_length

Returns

0 on success, or a MBEDTLS_ERR_XXX code if verification fails.

int mbedtls_pkcs5_self_test(int verbose)

Checkup routine.

Returns

0 if successful, or 1 if the test failed