28 #ifndef PSA_CRYPTO_EXTRA_H
29 #define PSA_CRYPTO_EXTRA_H
42 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
45 #if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
46 #define MBEDTLS_PSA_KEY_SLOT_COUNT 32
76 attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2;
88 return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) );
91 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
147 attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
345 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002)
363 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
366 #define PSA_KEY_TYPE_IS_DSA(type) \
367 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
369 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400)
384 #define PSA_ALG_DSA(hash_alg) \
385 (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
386 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500)
387 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
402 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
403 (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
404 #define PSA_ALG_IS_DSA(alg) \
405 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
407 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
408 (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
409 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
410 (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
411 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
412 (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
417 #undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
418 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
433 #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
534 size_t *data_length);
561 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
562 (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
563 PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
564 PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
566 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
567 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 )
568 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
569 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 + 34 )
577 #if defined(MBEDTLS_ECP_C)
664 int bits_is_sloppy );
673 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
715 uint8_t *output,
size_t output_size,
size_t *output_length );
735 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000)
742 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff)
750 #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
813 psa_drv_slot_number_t *slot_number );
822 #define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000)
833 #define PSA_ALG_IS_PAKE(alg) \
834 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE)
951 #define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100)
1012 #define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x01)
1021 #define PSA_PAKE_SIDE_SECOND ((psa_pake_side_t)0x02)
1027 #define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x11)
1033 #define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x12)
1053 #define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01)
1073 #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02)
1094 #define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \
1095 ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \
1096 ((psa_pake_primitive_t) (((pake_type) << 24 | \
1097 (pake_family) << 16) | (pake_bits)))
1111 #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01)
1128 #define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02)
1149 #define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03)
1223 psa_pake_primitive_t primitive
1444 const uint8_t *user_id,
1445 size_t user_id_len);
1486 const uint8_t *peer_id,
1487 size_t peer_id_len);
1526 psa_pake_side_t side);
1575 psa_pake_step_t step,
1578 size_t *output_length);
1621 psa_pake_step_t step,
1623 size_t input_length);
1705 #define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) 0
1726 #define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) 0
1735 #define PSA_PAKE_OUTPUT_MAX_SIZE 0
1744 #define PSA_PAKE_INPUT_MAX_SIZE 0
1775 cipher_suite->
bits));
1780 psa_pake_primitive_t primitive)
1784 cipher_suite->
bits = (uint16_t) (0xFFFF & primitive);
1790 return(cipher_suite->
hash);
1798 cipher_suite->
hash = 0;
1800 cipher_suite->
hash = hash;
1814 #define PSA_PAKE_OPERATION_INIT {0, {0}}
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
uint32_t psa_pake_primitive_t
Encoding of the primitive associated with the PAKE.
static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t hash)
psa_status_t psa_pake_output(psa_pake_operation_t *operation, psa_pake_step_t step, uint8_t *output, size_t output_size, size_t *output_length)
static int psa_key_id_is_builtin(psa_key_id_t key_id)
#define PSA_ECC_FAMILY_MONTGOMERY
PSA cryptography module: Backward compatibility aliases.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
static psa_algorithm_t psa_pake_cs_get_algorithm(const psa_pake_cipher_suite_t *cipher_suite)
This file provides an API for Elliptic Curves over GF(P) (ECP).
psa_pake_primitive_type_t type
psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, psa_pake_side_t side)
PSA cryptography module: type aliases.
static void psa_clear_key_slot_number(psa_key_attributes_t *attributes)
#define MBEDTLS_PRIVATE(member)
#define PSA_ALG_IS_PAKE(alg)
union psa_pake_operation_s::@4 ctx
uint8_t psa_pake_side_t
Encoding of the side of PAKE.
psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, psa_key_derivation_operation_t *output)
psa_status_t psa_get_key_slot_number(const psa_key_attributes_t *attributes, psa_key_slot_number_t *slot_number)
static psa_algorithm_t psa_pake_cs_get_hash(const psa_pake_cipher_suite_t *cipher_suite)
static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite, psa_pake_primitive_t primitive)
psa_status_t mbedtls_psa_platform_get_builtin_key(mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime, psa_drv_slot_number_t *slot_number)
uint8_t psa_pake_family_t
Encoding of the family of the primitive associated with the PAKE.
uint64_t psa_drv_slot_number_t
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
#define PSA_ECC_FAMILY_SECP_R1
psa_status_t mbedtls_psa_register_se_key(const psa_key_attributes_t *attributes)
Macro wrapper for struct's memebrs.
psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_pake_cipher_suite_t cipher_suite)
static void psa_set_key_slot_number(psa_key_attributes_t *attributes, psa_key_slot_number_t slot_number)
uint8_t psa_pake_primitive_type_t
psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password)
#define PSA_ALG_IS_HASH(alg)
uint16_t psa_key_type_t
Encoding of a key type.
psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, const uint8_t *user_id, size_t user_id_len)
#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits)
static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t algorithm)
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
static psa_pake_primitive_t psa_pake_cs_get_primitive(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
static psa_pake_operation_t psa_pake_operation_init(void)
#define PSA_ECC_FAMILY_SECP_K1
uint32_t psa_key_lifetime_t
psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, const uint8_t *peer_id, size_t peer_id_len)
psa_status_t psa_pake_input(psa_pake_operation_t *operation, psa_pake_step_t step, uint8_t *input, size_t input_length)
int32_t psa_status_t
Function return status.
psa_algorithm_t algorithm
uint64_t psa_key_slot_number_t
psa_status_t mbedtls_psa_external_get_random(mbedtls_psa_external_random_context_t *context, uint8_t *output, size_t output_size, size_t *output_length)
Statistics about resource consumption related to the PSA keystore.