Symbols ![]()
loading...
Files ![]()
loading...
mbedtls_pk_verify() function
Verify signature (including padding if relevant).
Syntax
int mbedtls_pk_verify(mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg,
const unsigned char *hash,
size_t hash_len,
const unsigned char *sig,
size_t sig_len);
Implemented in ![]()
pk.c:1092
Return value
0 on success (signature is valid), #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid signature in \p sig but its length is less than \p sig_len, or a specific error code.
Notes
For keys of type #MBEDTLS_PK_RSA, the signature algorithm is either PKCS#1 v1.5 or PSS (accepting any salt length), depending on the padding mode in the underlying RSA context. For a pk object constructed by parsing, this is PKCS#1 v1.5 by default. Use mbedtls_pk_verify_ext() to explicitly select a different algorithm.
Related Functions
Found 82 other functions taking a ![]()
mbedtls_pk_context
argument:
Function
Description
Free the components of a #mbedtls_pk_context.
Quick access to an RSA context inside a PK context. \warning This function can only be used when the type of the context, as returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_RSA. Ensuring that is the caller's responsibility. Alternatively, you can check whether this function returns NULL.
Tell if a context can do the operation given by type
Quick access to an EC context inside a PK context. \warning This function can only be used when the type of the context, as returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_ECKEY, #MBEDTLS_PK_ECKEY_DH, or #MBEDTLS_PK_ECDSA. Ensuring that is the caller's responsibility. Alternatively, you can check whether this function returns NULL.
Get the key type
Initialize a PK context with the information given and allocates the type-specific PK subcontext.
Initialize a #mbedtls_pk_context (as NONE).
Parse a private key in PEM or DER format
Public function mbedtls_pk_ec() can be used to get direct access to the wrapped ecp_keypair structure pointed to the pk_ctx. However this is not ideal because it bypasses the PK module on the control of its internal structure (pk_context) fields. For backward compatibility we keep mbedtls_pk_ec() when ECP_C is defined, but we provide 2 very similar functions when only ECP_LIGHT is enabled and not ECP_C. These variants embed the "ro" or "rw" keywords in their name to make the usage of the returned pointer explicit. Of course the returned value is const or non-const accordingly.
Parse a SubjectPublicKeyInfo DER structure
Get the size in bits of the underlying key
Generic helpers
Parse a public key in PEM or DER format
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer
Verify signature, with options. (Includes verification of the padding depending on type.)
Make signature, including padding if relevant.
Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer
Write a subjectPublicKey to ASN.1 data Note: function works backwards in data buffer
Get the length in bytes of the underlying key
Set own certificate chain and private key
Restartable version of \c mbedtls_pk_sign()
Decrypt message (including padding if relevant).
Access the type name
Restartable version of \c mbedtls_pk_verify()
PKCS#8 parsing functions
Check if a public-private pair of keys matches.
Encrypt message (including padding if relevant).
Set own certificate and key for the current handshake
Make signature given a signature type.
Export debug information
Load and parse a private key
Load and parse a public key
Write a public key to a PEM string
Write a private key to a PKCS#1 or SEC1 PEM string
Initialize an RSA-alt context
Determine valid PSA attributes that can be used to import a key into PSA. The attributes determined by this function are suitable for calling mbedtls_pk_import_into_psa() to create a PSA key with the same key material. The typical flow of operations involving this function is ``` psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; int ret = mbedtls_pk_get_psa_attributes(pk, &attributes); if (ret != 0) ...; // error handling omitted // Tweak attributes if desired psa_key_id_t key_id = 0; ret = mbedtls_pk_import_into_psa(pk, &attributes, &key_id); if (ret != 0) ...; // error handling omitted ```
Import a key into the PSA key store. This function is equivalent to calling psa_import_key() with the key material from \p pk. The typical way to use this function is: -# Call mbedtls_pk_get_psa_attributes() to obtain attributes for the given key. -# If desired, modify the attributes, for example: - To create a persistent key, call psa_set_key_identifier() and optionally psa_set_key_lifetime(). - To import only the public part of a key pair: psa_set_key_type(&attributes, PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( psa_get_key_type(&attributes))); - Restrict the key usage if desired. -# Call mbedtls_pk_import_into_psa().
Create a PK context starting from a key stored in PSA. This key: - must be exportable and - must be an RSA or EC key pair or public key (FFDH is not supported in PK). The resulting PK object will be a transparent type: - #MBEDTLS_PK_RSA for RSA keys or - #MBEDTLS_PK_ECKEY for EC keys. Once this functions returns the PK object will be completely independent from the original PSA key that it was generated from. Calling mbedtls_pk_sign(), mbedtls_pk_verify(), mbedtls_pk_encrypt(), mbedtls_pk_decrypt() on the resulting PK context will perform the corresponding algorithm for that PK context type. * For ECDSA, the choice of deterministic vs randomized will be based on the compile-time setting #MBEDTLS_ECDSA_DETERMINISTIC. * For an RSA key, the output PK context will allow both encrypt/decrypt and sign/verify regardless of the original key's policy. The original key's policy determines the output key's padding mode: PCKS1 v2.1 is set if the PSA key policy is OAEP or PSS, otherwise PKCS1 v1.5 is set.
Create a PK context for the public key of a PSA key. The key must be an RSA or ECC key. It can be either a public key or a key pair, and only the public key is copied. The resulting PK object will be a transparent type: - #MBEDTLS_PK_RSA for RSA keys or - #MBEDTLS_PK_ECKEY for EC keys. Once this functions returns the PK object will be completely independent from the original PSA key that it was generated from. Calling mbedtls_pk_verify() or mbedtls_pk_encrypt() on the resulting PK context will perform the corresponding algorithm for that PK context type. For an RSA key, the output PK context will allow both encrypt and verify regardless of the original key's policy. The original key's policy determines the output key's padding mode: PCKS1 v2.1 is set if the PSA key policy is OAEP or PSS, otherwise PKCS1 v1.5 is set.
Set the subject public key for the certificate
Set the issuer key used for signing the certificate
Internal functions for RSA keys.
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it)
References
Code
Location
Referrer
Call Tree
mbedtls_pk_verify() is called by 3 functions and calls 1 function:
Data Use
mbedtls_pk_verify():