Symbols ![]()
loading...
Files ![]()
loading...
mbedtls_pkcs5_pbes2() function
PKCS#5 PBES2 function \warning When decrypting: - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile time, this function validates the CBC padding and returns #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is invalid. Note that this can help active adversaries attempting to brute-forcing the password. Note also that there is no guarantee that an invalid password will be detected (the chances of a valid padding with a random password are about 1/255). - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile time, this function does not validate the CBC padding.
Syntax
int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params,
int mode,
const unsigned char *pwd,
size_t pwdlen,
const unsigned char *data,
size_t datalen,
unsigned char *output);
Implemented in ![]()
pkcs5.c:109
Return value
0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
Notes
When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must be enabled at compile time.
Related Functions
Found 44 other functions taking a ![]()
mbedtls_asn1_buf
argument:
Function
Description
Retrieve an AlgorithmIdentifier ASN.1 sequence. Updates the pointer to immediately behind the full AlgorithmIdentifier.
Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no params. Updates the pointer to immediately behind the full AlgorithmIdentifier.
This function parses an item in the SubjectAlternativeNames extension. \warning The target structure contains pointers to the raw data of the parsed certificate, and its lifetime is restricted by the lifetime of the certificate.
Store the certificate serial in printable form into buf; no more than size characters will be written.
Translate an ASN.1 OID into its numeric representation (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549")
Translate an X.509 extension OID into local values
Translate an X.509 attribute type OID into the short name (e.g. the OID for an X520 Common Name into "CN")
Translate PublicKeyAlgorithm OID into pk_type
Translate NamedCurve OID into an EC group identifier
Translate SignatureAlgorithm OID into md_type and pk_type
Translate SignatureAlgorithm OID into description
Translate hmac algorithm OID into md_type
Translate Extended Key Usage OID into description
Translate certificate policies OID into description
Translate encryption algorithm OID into cipher_type
oid_sig_alg_from_asn1()
Translate hash algorithm OID into md_type
oid_pk_alg_from_asn1()
oid_cipher_alg_from_asn1()
oid_grp_id_from_asn1()
oid_md_hmac_from_asn1()
oid_md_alg_from_asn1()
oid_x509_ext_from_asn1()
oid_x520_attr_from_asn1()
oid_certificate_policies_from_asn1()
oid_ext_key_usage_from_asn1()