mbedTLS
mbedtls_rsa_rsassa_pss_verify() is only used within mbedTLS.
 
Symbols
loading...
Files
loading...
CodeScopeSTM32 Libraries and SamplesmbedTLSmbedtls_rsa_rsassa_pss_verify()

mbedtls_rsa_rsassa_pss_verify() function

This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY). The hash function for the MGF mask generating function is that specified in the RSA context. \deprecated It is deprecated and discouraged to call this function in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library are likely to remove the \p mode argument and have it implicitly set to #MBEDTLS_RSA_PUBLIC.

Syntax

int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,     int (*f_rng)(void *, unsigned char *, size_t),     void *p_rng,     int mode,     mbedtls_md_type_t md_alg,     unsigned int hashlen,     const unsigned char *hash,     const unsigned char *sig );

Arguments

ctx

The initialized RSA public key context to use.

f_rng

The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, this is used for blinding and should be provided; see mbedtls_rsa_private() for more. Otherwise, it is ignored.

p_rng

The RNG context to be passed to \p f_rng. This may be \c NULL if \p f_rng is \c NULL or doesn't need a context.

mode

The mode of operation. This must be either #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).

md_alg

The message-digest algorithm used to hash the original data. Use #MBEDTLS_MD_NONE for signing raw data.

hashlen

The length of the message digest. This is only used if \p md_alg is #MBEDTLS_MD_NONE.

hash

The buffer holding the message digest or raw data. If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable buffer of length \p hashlen Bytes. If \p md_alg is not #MBEDTLS_MD_NONE, it must be a readable buffer of length the size of the hash corresponding to \p md_alg.

sig

The buffer holding the signature. This must be a readable buffer of length \c ctx->len Bytes. For example, \c 256 Bytes for an 2048-bit RSA modulus.

Return value

\c 0 if the verify operation was successful. An \c MBEDTLS_ERR_RSA_XXX error code on failure.

Notes

The \p hash_id in the RSA context is the one used for the verification. \p md_alg in the function call is the type of hash that is verified. According to RFC-3447: Public-Key Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography Specifications it is advised to keep both hashes the same. If \p hash_id in the RSA context is unset, the \p md_alg from the function call is used. Alternative implementations of RSA need not support mode being set to #MBEDTLS_RSA_PRIVATE and might instead return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.

References

LocationText
rsa.h:1176
int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,