Function esp_idf_svc::sys::mbedtls_rsa_check_privkey

source ยท
pub unsafe extern "C" fn mbedtls_rsa_check_privkey(
    ctx: *const mbedtls_rsa_context,
) -> i32
Expand description

\brief This function checks if a context contains an RSA private key and perform basic consistency checks.

\note The consistency checks performed by this function not only ensure that mbedtls_rsa_private() can be called successfully on the given context, but that the various parameters are mutually consistent with high probability, in the sense that mbedtls_rsa_public() and mbedtls_rsa_private() are inverses.

\warning This function should catch accidental misconfigurations like swapping of parameters, but it cannot establish full trust in neither the quality nor the consistency of the key material that was used to setup the given RSA context:

  • Consistency: Imported parameters that are irrelevant for the implementation might be silently dropped. If dropped, the current function does not have access to them, and therefore cannot check them. See mbedtls_rsa_complete(). If you want to check the consistency of the entire content of a PKCS1-encoded RSA private key, for example, you should use mbedtls_rsa_validate_params() before setting up the RSA context. Additionally, if the implementation performs empirical checks, these checks substantiate but do not guarantee consistency.
  • Quality: This function is not expected to perform extended quality assessments like checking that the prime factors are safe. Additionally, it is the responsibility of the user to ensure the trustworthiness of the source of his RSA parameters, which goes beyond what is effectively checkable by the library.

\param ctx The initialized RSA context to check.

\return \c 0 on success. \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.