mbed TLS v3.1.0
crypto_extra.h
Go to the documentation of this file.
1 
11 /*
12  * Copyright The Mbed TLS Contributors
13  * SPDX-License-Identifier: Apache-2.0
14  *
15  * Licensed under the Apache License, Version 2.0 (the "License"); you may
16  * not use this file except in compliance with the License.
17  * You may obtain a copy of the License at
18  *
19  * http://www.apache.org/licenses/LICENSE-2.0
20  *
21  * Unless required by applicable law or agreed to in writing, software
22  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24  * See the License for the specific language governing permissions and
25  * limitations under the License.
26  */
27 
28 #ifndef PSA_CRYPTO_EXTRA_H
29 #define PSA_CRYPTO_EXTRA_H
30 #include "mbedtls/private_access.h"
31 
32 #include "mbedtls/platform_util.h"
33 
34 #include "crypto_types.h"
35 #include "crypto_compat.h"
36 
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40 
41 /* UID for secure storage seed */
42 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
43 
44 /* See mbedtls_config.h for definition */
45 #if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
46 #define MBEDTLS_PSA_KEY_SLOT_COUNT 32
47 #endif
48 
73  psa_key_attributes_t *attributes,
74  psa_algorithm_t alg2)
75 {
76  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2;
77 }
78 
86  const psa_key_attributes_t *attributes)
87 {
88  return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) );
89 }
90 
91 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
92 
116  const psa_key_attributes_t *attributes,
117  psa_key_slot_number_t *slot_number );
118 
142 static inline void psa_set_key_slot_number(
143  psa_key_attributes_t *attributes,
144  psa_key_slot_number_t slot_number )
145 {
146  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
147  attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
148 }
149 
156 static inline void psa_clear_key_slot_number(
157  psa_key_attributes_t *attributes )
158 {
159  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
160 }
161 
206  const psa_key_attributes_t *attributes);
207 
208 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
209 
220 void mbedtls_psa_crypto_free( void );
221 
228 typedef struct mbedtls_psa_stats_s
229 {
231  size_t MBEDTLS_PRIVATE(volatile_slots);
234  size_t MBEDTLS_PRIVATE(persistent_slots);
237  size_t MBEDTLS_PRIVATE(external_slots);
240  size_t MBEDTLS_PRIVATE(half_filled_slots);
242  size_t MBEDTLS_PRIVATE(cache_slots);
244  size_t MBEDTLS_PRIVATE(empty_slots);
246  size_t MBEDTLS_PRIVATE(locked_slots);
248  psa_key_id_t MBEDTLS_PRIVATE(max_open_internal_key_id);
250  psa_key_id_t MBEDTLS_PRIVATE(max_open_external_key_id);
252 
261 
331 psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
332  size_t seed_size);
333 
345 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002)
346 
363 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
364 
366 #define PSA_KEY_TYPE_IS_DSA(type) \
367  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
368 
369 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400)
370 
384 #define PSA_ALG_DSA(hash_alg) \
385  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
386 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500)
387 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
388 
402 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
403  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
404 #define PSA_ALG_IS_DSA(alg) \
405  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
406  PSA_ALG_DSA_BASE)
407 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
408  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
409 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
410  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
411 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
412  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
413 
414 
415 /* We need to expand the sample definition of this macro from
416  * the API definition. */
417 #undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
418 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
419  PSA_ALG_IS_DSA(alg)
420 
433 #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
434 
435 
503  psa_key_type_t type,
504  const uint8_t *data,
505  size_t data_length);
506 
531  const psa_key_attributes_t *attributes,
532  uint8_t *data,
533  size_t data_size,
534  size_t *data_length);
535 
561 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
562  (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
563  PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
564  PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
565  0)
566 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
567  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
568 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
569  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
570 
577 #if defined(MBEDTLS_ECP_C)
578 #include "mbedtls/ecp.h"
579 
594  size_t *bits )
595 {
596  switch( grpid )
597  {
599  *bits = 192;
600  return( PSA_ECC_FAMILY_SECP_R1 );
602  *bits = 224;
603  return( PSA_ECC_FAMILY_SECP_R1 );
605  *bits = 256;
606  return( PSA_ECC_FAMILY_SECP_R1 );
608  *bits = 384;
609  return( PSA_ECC_FAMILY_SECP_R1 );
611  *bits = 521;
612  return( PSA_ECC_FAMILY_SECP_R1 );
614  *bits = 256;
617  *bits = 384;
620  *bits = 512;
623  *bits = 255;
624  return( PSA_ECC_FAMILY_MONTGOMERY );
626  *bits = 192;
627  return( PSA_ECC_FAMILY_SECP_K1 );
629  *bits = 224;
630  return( PSA_ECC_FAMILY_SECP_K1 );
632  *bits = 256;
633  return( PSA_ECC_FAMILY_SECP_K1 );
635  *bits = 448;
636  return( PSA_ECC_FAMILY_MONTGOMERY );
637  default:
638  *bits = 0;
639  return( 0 );
640  }
641 }
642 
663  size_t bits,
664  int bits_is_sloppy );
665 #endif /* MBEDTLS_ECP_C */
666 
673 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
674 
715  uint8_t *output, size_t output_size, size_t *output_length );
716 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
717 
735 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000)
736 
742 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff)
743 
748 typedef uint64_t psa_drv_slot_number_t;
749 
750 #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
751 
760 static inline int psa_key_id_is_builtin( psa_key_id_t key_id )
761 {
762  return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) &&
763  ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) );
764 }
765 
811  mbedtls_svc_key_id_t key_id,
812  psa_key_lifetime_t *lifetime,
813  psa_drv_slot_number_t *slot_number );
814 #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
815 
822 #define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000)
823 
833 #define PSA_ALG_IS_PAKE(alg) \
834  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE)
835 
951 #define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100)
952 
972 typedef uint8_t psa_pake_side_t;
973 
980 typedef uint8_t psa_pake_step_t;
981 
991 
997 typedef uint8_t psa_pake_family_t;
998 
1003 typedef uint32_t psa_pake_primitive_t;
1004 
1012 #define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x01)
1013 
1021 #define PSA_PAKE_SIDE_SECOND ((psa_pake_side_t)0x02)
1022 
1027 #define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x11)
1028 
1033 #define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x12)
1034 
1053 #define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01)
1054 
1073 #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02)
1074 
1094 #define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \
1095  ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \
1096  ((psa_pake_primitive_t) (((pake_type) << 24 | \
1097  (pake_family) << 16) | (pake_bits)))
1098 
1111 #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01)
1112 
1128 #define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02)
1129 
1149 #define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03)
1150 
1158 
1170  const psa_pake_cipher_suite_t* cipher_suite
1171  );
1172 
1189 static void psa_pake_cs_set_algorithm(
1190  psa_pake_cipher_suite_t* cipher_suite,
1192  );
1193 
1204 static psa_pake_primitive_t psa_pake_cs_get_primitive(
1205  const psa_pake_cipher_suite_t* cipher_suite
1206  );
1207 
1221 static void psa_pake_cs_set_primitive(
1222  psa_pake_cipher_suite_t* cipher_suite,
1223  psa_pake_primitive_t primitive
1224  );
1225 
1239  const psa_pake_cipher_suite_t* cipher_suite
1240  );
1241 
1262 static void psa_pake_cs_set_hash(
1263  psa_pake_cipher_suite_t* cipher_suite,
1265  );
1266 
1296 
1300 
1365  psa_pake_cipher_suite_t cipher_suite);
1366 
1405  mbedtls_svc_key_id_t password);
1406 
1444  const uint8_t *user_id,
1445  size_t user_id_len);
1446 
1486  const uint8_t *peer_id,
1487  size_t peer_id_len);
1488 
1526  psa_pake_side_t side);
1527 
1575  psa_pake_step_t step,
1576  uint8_t *output,
1577  size_t output_size,
1578  size_t *output_length);
1579 
1621  psa_pake_step_t step,
1622  uint8_t *input,
1623  size_t input_length);
1624 
1683 
1705 #define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) 0
1706 
1726 #define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) 0
1727 
1735 #define PSA_PAKE_OUTPUT_MAX_SIZE 0
1736 
1744 #define PSA_PAKE_INPUT_MAX_SIZE 0
1745 
1747 {
1749  psa_pake_primitive_type_t type;
1750  psa_pake_family_t family;
1751  uint16_t bits;
1753 };
1754 
1756  const psa_pake_cipher_suite_t *cipher_suite)
1757 {
1758  return(cipher_suite->algorithm);
1759 }
1760 
1761 static inline void psa_pake_cs_set_algorithm(
1762  psa_pake_cipher_suite_t *cipher_suite,
1763  psa_algorithm_t algorithm)
1764 {
1765  if(!PSA_ALG_IS_PAKE(algorithm))
1766  cipher_suite->algorithm = 0;
1767  else
1768  cipher_suite->algorithm = algorithm;
1769 }
1770 
1771 static inline psa_pake_primitive_t psa_pake_cs_get_primitive(
1772  const psa_pake_cipher_suite_t *cipher_suite)
1773 {
1774  return(PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family,
1775  cipher_suite->bits));
1776 }
1777 
1778 static inline void psa_pake_cs_set_primitive(
1779  psa_pake_cipher_suite_t *cipher_suite,
1780  psa_pake_primitive_t primitive)
1781 {
1782  cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24);
1783  cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16));
1784  cipher_suite->bits = (uint16_t) (0xFFFF & primitive);
1785 }
1786 
1788  const psa_pake_cipher_suite_t *cipher_suite)
1789 {
1790  return(cipher_suite->hash);
1791 }
1792 
1793 static inline void psa_pake_cs_set_hash(
1794  psa_pake_cipher_suite_t *cipher_suite,
1795  psa_algorithm_t hash)
1796 {
1797  if(!PSA_ALG_IS_HASH(hash))
1798  cipher_suite->hash = 0;
1799  else
1800  cipher_suite->hash = hash;
1801 }
1802 
1804 {
1806  union
1807  {
1808  /* Make the union non-empty even with no supported algorithms. */
1809  uint8_t dummy;
1810  } ctx;
1811 };
1812 
1813 /* This only zeroes out the first byte in the union, the rest is unspecified. */
1814 #define PSA_PAKE_OPERATION_INIT {0, {0}}
1816 {
1818  return(v);
1819 }
1820 
1821 #ifdef __cplusplus
1822 }
1823 #endif
1824 
1825 #endif /* PSA_CRYPTO_EXTRA_H */
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:593
uint32_t psa_pake_primitive_t
Encoding of the primitive associated with the PAKE.
static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t hash)
uint8_t psa_pake_step_t
Definition: crypto_extra.h:980
psa_status_t psa_pake_output(psa_pake_operation_t *operation, psa_pake_step_t step, uint8_t *output, size_t output_size, size_t *output_length)
void mbedtls_psa_crypto_free(void)
Library deinitialization.
static int psa_key_id_is_builtin(psa_key_id_t key_id)
Definition: crypto_extra.h:760
#define PSA_ECC_FAMILY_MONTGOMERY
PSA cryptography module: Backward compatibility aliases.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
Definition: crypto_extra.h:72
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
Definition: crypto_extra.h:735
static psa_algorithm_t psa_pake_cs_get_algorithm(const psa_pake_cipher_suite_t *cipher_suite)
This file provides an API for Elliptic Curves over GF(P) (ECP).
psa_pake_primitive_type_t type
#define PSA_PAKE_OPERATION_INIT
psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, psa_pake_side_t side)
PSA cryptography module: type aliases.
static void psa_clear_key_slot_number(psa_key_attributes_t *attributes)
Definition: crypto_extra.h:156
#define MBEDTLS_PRIVATE(member)
#define PSA_ALG_IS_PAKE(alg)
Definition: crypto_extra.h:833
union psa_pake_operation_s::@4 ctx
uint32_t psa_key_id_t
Definition: crypto_types.h:225
uint8_t psa_pake_side_t
Encoding of the side of PAKE.
Definition: crypto_extra.h:972
psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, psa_key_derivation_operation_t *output)
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
psa_status_t psa_get_key_slot_number(const psa_key_attributes_t *attributes, psa_key_slot_number_t *slot_number)
static psa_algorithm_t psa_pake_cs_get_hash(const psa_pake_cipher_suite_t *cipher_suite)
Common and shared functions used by multiple modules in the Mbed TLS library.
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite, psa_pake_primitive_t primitive)
psa_status_t mbedtls_psa_platform_get_builtin_key(mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime, psa_drv_slot_number_t *slot_number)
uint8_t psa_pake_family_t
Encoding of the family of the primitive associated with the PAKE.
Definition: crypto_extra.h:997
uint64_t psa_drv_slot_number_t
Definition: crypto_extra.h:748
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
Definition: crypto_extra.h:85
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:106
#define PSA_ECC_FAMILY_SECP_R1
psa_status_t mbedtls_psa_register_se_key(const psa_key_attributes_t *attributes)
Macro wrapper for struct's memebrs.
psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_pake_cipher_suite_t cipher_suite)
static void psa_set_key_slot_number(psa_key_attributes_t *attributes, psa_key_slot_number_t slot_number)
Definition: crypto_extra.h:142
uint8_t psa_pake_primitive_type_t
Definition: crypto_extra.h:990
psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password)
#define PSA_ALG_IS_HASH(alg)
mbedtls_ecp_group_id
Definition: ecp.h:113
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:74
psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, const uint8_t *user_id, size_t user_id_len)
#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits)
static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t algorithm)
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
Definition: crypto_extra.h:742
static psa_pake_primitive_t psa_pake_cs_get_primitive(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
static psa_pake_operation_t psa_pake_operation_init(void)
psa_pake_family_t family
#define PSA_ECC_FAMILY_SECP_K1
uint32_t psa_key_lifetime_t
Definition: crypto_types.h:147
psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, const uint8_t *peer_id, size_t peer_id_len)
uint8_t psa_ecc_family_t
Definition: crypto_types.h:85
psa_status_t psa_pake_input(psa_pake_operation_t *operation, psa_pake_step_t step, uint8_t *input, size_t input_length)
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:63
psa_algorithm_t algorithm
uint64_t psa_key_slot_number_t
Definition: crypto_types.h:369
psa_algorithm_t alg
psa_status_t mbedtls_psa_external_get_random(mbedtls_psa_external_random_context_t *context, uint8_t *output, size_t output_size, size_t *output_length)
psa_algorithm_t hash
Statistics about resource consumption related to the PSA keystore.
Definition: crypto_extra.h:228