mbed TLS v3.1.0
|
PKCS#12 Personal Information Exchange Syntax. More...
#include "mbedtls/build_info.h"
#include "mbedtls/md.h"
#include "mbedtls/cipher.h"
#include "mbedtls/asn1.h"
#include <stddef.h>
Go to the source code of this file.
Macros | |
#define | MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 |
#define | MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 |
#define | MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 |
#define | MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 |
#define | MBEDTLS_PKCS12_DERIVE_KEY 1 |
#define | MBEDTLS_PKCS12_DERIVE_IV 2 |
#define | MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 |
#define | MBEDTLS_PKCS12_PBE_DECRYPT 0 |
#define | MBEDTLS_PKCS12_PBE_ENCRYPT 1 |
Functions | |
int | mbedtls_pkcs12_pbe (mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, const unsigned char *input, size_t len, unsigned char *output) |
PKCS12 Password Based function (encryption / decryption) for cipher-based and mbedtls_md-based PBE's. More... | |
int | mbedtls_pkcs12_derivation (unsigned char *data, size_t datalen, const unsigned char *pwd, size_t pwdlen, const unsigned char *salt, size_t saltlen, mbedtls_md_type_t mbedtls_md, int id, int iterations) |
The PKCS#12 derivation function uses a password and a salt to produce pseudo-random bits for a particular "purpose". More... | |
PKCS#12 Personal Information Exchange Syntax.
Definition in file pkcs12.h.
#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 |
#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 |
#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 |
#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 |
#define MBEDTLS_PKCS12_DERIVE_KEY 1 |
int mbedtls_pkcs12_derivation | ( | unsigned char * | data, |
size_t | datalen, | ||
const unsigned char * | pwd, | ||
size_t | pwdlen, | ||
const unsigned char * | salt, | ||
size_t | saltlen, | ||
mbedtls_md_type_t | mbedtls_md, | ||
int | id, | ||
int | iterations | ||
) |
The PKCS#12 derivation function uses a password and a salt to produce pseudo-random bits for a particular "purpose".
Depending on the given id, this function can produce an encryption/decryption key, an initialization vector or an integrity key.
data | buffer to store the derived data in |
datalen | length of buffer to fill |
pwd | The password to use. For compliance with PKCS#12 §B.1, this should be a BMPString, i.e. a Unicode string where each character is encoded as 2 bytes in big-endian order, with no byte order mark and with a null terminator (i.e. the last two bytes should be 0x00 0x00). |
pwdlen | length of the password (may be 0). |
salt | Salt buffer to use This may only be NULL when saltlen is 0. |
saltlen | length of the salt (may be zero) |
mbedtls_md | mbedtls_md type to use during the derivation |
id | id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY) |
iterations | number of iterations |
int mbedtls_pkcs12_pbe | ( | mbedtls_asn1_buf * | pbe_params, |
int | mode, | ||
mbedtls_cipher_type_t | cipher_type, | ||
mbedtls_md_type_t | md_type, | ||
const unsigned char * | pwd, | ||
size_t | pwdlen, | ||
const unsigned char * | input, | ||
size_t | len, | ||
unsigned char * | output | ||
) |
PKCS12 Password Based function (encryption / decryption) for cipher-based and mbedtls_md-based PBE's.
pbe_params | an ASN1 buffer containing the pkcs-12 PbeParams structure |
mode | either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT |
cipher_type | the cipher used |
md_type | the mbedtls_md used |
pwd | Latin1-encoded password used. This may only be NULL when pwdlen is 0. No null terminator should be used. |
pwdlen | length of the password (may be 0) |
input | the input data |
len | data length |
output | the output buffer |