Function esp_idf_sys::mbedtls_pk_verify

source ·
pub unsafe extern "C" fn mbedtls_pk_verify(
    ctx: *mut mbedtls_pk_context,
    md_alg: mbedtls_md_type_t,
    hash: *const c_uchar,
    hash_len: usize,
    sig: *const c_uchar,
    sig_len: usize,
) -> c_int
Expand description

\brief Verify signature (including padding if relevant).

\param ctx The PK context to use. It must have been set up. \param md_alg Hash algorithm used. This can be #MBEDTLS_MD_NONE if the signature algorithm does not rely on a hash algorithm (non-deterministic ECDSA, RSA PKCS#1 v1.5). For PKCS#1 v1.5, if \p md_alg is #MBEDTLS_MD_NONE, then \p hash is the DigestInfo structure used by RFC 8017 §9.2 steps 3–6. If \p md_alg is a valid hash algorithm then \p hash is the digest itself, and this function calculates the DigestInfo encoding internally. \param hash Hash of the message to sign \param hash_len Hash length \param sig Signature to verify \param sig_len Signature length

\return 0 on success (signature is valid), #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid signature in \p sig but its length is less than \p sig_len, or a specific error code.

\note For RSA keys, the default padding type is PKCS#1 v1.5. Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, … ) to verify RSASSA_PSS signatures.