/usr/include/mbedtls/pkcs12.h is in libmbedtls-dev 2.4.2-1+deb9u3.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 | /**
* \file pkcs12.h
*
* \brief PKCS#12 Personal Information Exchange Syntax
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
#ifndef MBEDTLS_PKCS12_H
#define MBEDTLS_PKCS12_H
#include "md.h"
#include "cipher.h"
#include "asn1.h"
#include <stddef.h>
#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
#define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
#define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */
#define MBEDTLS_PKCS12_PBE_DECRYPT 0
#define MBEDTLS_PKCS12_PBE_ENCRYPT 1
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief PKCS12 Password Based function (encryption / decryption)
* for pbeWithSHAAnd128BitRC4
*
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
* \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
* \param pwd the password used (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0)
* \param input the input data
* \param len data length
* \param output the output buffer
*
* \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/
int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len,
unsigned char *output );
/**
* \brief PKCS12 Password Based function (encryption / decryption)
* for cipher-based and mbedtls_md-based PBE's
*
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
* \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
* \param cipher_type the cipher used
* \param md_type the mbedtls_md used
* \param pwd the password used (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0)
* \param input the input data
* \param len data length
* \param output the output buffer
*
* \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/
int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len,
unsigned char *output );
/**
* \brief The PKCS#12 derivation function uses a password and a salt
* to produce pseudo-random bits for a particular "purpose".
*
* Depending on the given id, this function can produce an
* encryption/decryption key, an nitialization vector or an
* integrity key.
*
* \param data buffer to store the derived data in
* \param datalen length to fill
* \param pwd password to use (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0)
* \param salt salt buffer to use
* \param saltlen length of the salt
* \param mbedtls_md mbedtls_md type to use during the derivation
* \param id id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY,
* MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY)
* \param iterations number of iterations
*
* \return 0 if successful, or a MD, BIGNUM type error.
*/
int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *salt, size_t saltlen,
mbedtls_md_type_t mbedtls_md, int id, int iterations );
#ifdef __cplusplus
}
#endif
#endif /* pkcs12.h */
|