Function esp_idf_sys::mbedtls_pk_verify
source · pub unsafe extern "C" fn mbedtls_pk_verify(
ctx: *mut mbedtls_pk_context,
md_alg: mbedtls_md_type_t,
hash: *const c_uchar,
hash_len: usize,
sig: *const c_uchar,
sig_len: usize,
) -> c_int
Expand description
\brief Verify signature (including padding if relevant).
\param ctx The PK context to use. It must have been set up. \param md_alg Hash algorithm used. This can be #MBEDTLS_MD_NONE if the signature algorithm does not rely on a hash algorithm (non-deterministic ECDSA, RSA PKCS#1 v1.5). For PKCS#1 v1.5, if \p md_alg is #MBEDTLS_MD_NONE, then \p hash is the DigestInfo structure used by RFC 8017 §9.2 steps 3–6. If \p md_alg is a valid hash algorithm then \p hash is the digest itself, and this function calculates the DigestInfo encoding internally. \param hash Hash of the message to sign \param hash_len Hash length \param sig Signature to verify \param sig_len Signature length
\note For keys of type #MBEDTLS_PK_RSA, the signature algorithm is either PKCS#1 v1.5 or PSS (accepting any salt length), depending on the padding mode in the underlying RSA context. For a pk object constructed by parsing, this is PKCS#1 v1.5 by default. Use mbedtls_pk_verify_ext() to explicitly select a different algorithm.
\return 0 on success (signature is valid), #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid signature in \p sig but its length is less than \p sig_len, or a specific error code.