Function esp_idf_svc::sys::mbedtls_pk_verify

source ·
pub unsafe extern "C" fn mbedtls_pk_verify(
    ctx: *mut mbedtls_pk_context,
    md_alg: u32,
    hash: *const u8,
    hash_len: usize,
    sig: *const u8,
    sig_len: usize,
) -> i32
Expand description

\brief Verify signature (including padding if relevant).

\param ctx The PK context to use. It must have been set up. \param md_alg Hash algorithm used. This can be #MBEDTLS_MD_NONE if the signature algorithm does not rely on a hash algorithm (non-deterministic ECDSA, RSA PKCS#1 v1.5). For PKCS#1 v1.5, if \p md_alg is #MBEDTLS_MD_NONE, then \p hash is the DigestInfo structure used by RFC 8017 §9.2 steps 3–6. If \p md_alg is a valid hash algorithm then \p hash is the digest itself, and this function calculates the DigestInfo encoding internally. \param hash Hash of the message to sign \param hash_len Hash length \param sig Signature to verify \param sig_len Signature length

\note For keys of type #MBEDTLS_PK_RSA, the signature algorithm is either PKCS#1 v1.5 or PSS (accepting any salt length), depending on the padding mode in the underlying RSA context. For a pk object constructed by parsing, this is PKCS#1 v1.5 by default. Use mbedtls_pk_verify_ext() to explicitly select a different algorithm.

\return 0 on success (signature is valid), #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid signature in \p sig but its length is less than \p sig_len, or a specific error code.