Mbed TLS v2.28.9
Loading...
Searching...
No Matches
crypto_compat.h
Go to the documentation of this file.
1
13/*
14 * Copyright The Mbed TLS Contributors
15 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
16 */
17
18#ifndef PSA_CRYPTO_COMPAT_H
19#define PSA_CRYPTO_COMPAT_H
20
21#ifdef __cplusplus
22extern "C" {
23#endif
24
25/*
26 * To support both openless APIs and psa_open_key() temporarily, define
27 * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the
28 * type and its utility macros and functions deprecated yet. This will be done
29 * in a subsequent phase.
30 */
32
33#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
34
42{
43 return mbedtls_svc_key_id_is_null(handle);
44}
45
46#if !defined(MBEDTLS_DEPRECATED_REMOVED)
47
48/*
49 * Mechanism for declaring deprecated values
50 */
51#if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED)
52#define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated))
53#else
54#define MBEDTLS_PSA_DEPRECATED
55#endif
56
65
66#define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY
67#define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY
68
69#define MBEDTLS_DEPRECATED_CONSTANT(type, value) \
70 ((mbedtls_deprecated_##type) (value))
71
72/*
73 * Deprecated PSA Crypto error code definitions (PSA Crypto API <= 1.0 beta2)
74 */
75#define PSA_ERROR_UNKNOWN_ERROR \
76 MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_GENERIC_ERROR)
77#define PSA_ERROR_OCCUPIED_SLOT \
78 MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_ALREADY_EXISTS)
79#define PSA_ERROR_EMPTY_SLOT \
80 MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_DOES_NOT_EXIST)
81#define PSA_ERROR_INSUFFICIENT_CAPACITY \
82 MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_INSUFFICIENT_DATA)
83#define PSA_ERROR_TAMPERING_DETECTED \
84 MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_CORRUPTION_DETECTED)
85
86/*
87 * Deprecated PSA Crypto numerical encodings (PSA Crypto API <= 1.0 beta3)
88 */
89#define PSA_KEY_USAGE_SIGN \
90 MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH)
91#define PSA_KEY_USAGE_VERIFY \
92 MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH)
93
94/*
95 * Deprecated PSA Crypto size calculation macros (PSA Crypto API <= 1.0 beta3)
96 */
97#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \
98 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGNATURE_MAX_SIZE)
99#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
100 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg))
101#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \
102 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits))
103#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
104 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH(type))
105#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE \
106 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
107#define PSA_HASH_SIZE(alg) \
108 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_HASH_LENGTH(alg))
109#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
110 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_MAC_LENGTH(key_type, key_bits, alg))
111#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN \
112 MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE)
113
114/*
115 * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3)
116 */
118 psa_algorithm_t alg,
119 const uint8_t *hash,
120 size_t hash_length,
121 uint8_t *signature,
122 size_t signature_size,
123 size_t *signature_length)
124{
125 return psa_sign_hash(key, alg, hash, hash_length, signature, signature_size, signature_length);
126}
127
129 psa_algorithm_t alg,
130 const uint8_t *hash,
131 size_t hash_length,
132 const uint8_t *signature,
133 size_t signature_length)
134{
135 return psa_verify_hash(key, alg, hash, hash_length, signature, signature_length);
136}
137
138/*
139 * Size-specific elliptic curve families.
140 */
141#define PSA_ECC_CURVE_SECP160K1 \
142 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
143#define PSA_ECC_CURVE_SECP192K1 \
144 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
145#define PSA_ECC_CURVE_SECP224K1 \
146 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
147#define PSA_ECC_CURVE_SECP256K1 \
148 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
149#define PSA_ECC_CURVE_SECP160R1 \
150 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
151#define PSA_ECC_CURVE_SECP192R1 \
152 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
153#define PSA_ECC_CURVE_SECP224R1 \
154 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
155#define PSA_ECC_CURVE_SECP256R1 \
156 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
157#define PSA_ECC_CURVE_SECP384R1 \
158 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
159#define PSA_ECC_CURVE_SECP521R1 \
160 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
161#define PSA_ECC_CURVE_SECP160R2 \
162 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2)
163#define PSA_ECC_CURVE_SECT163K1 \
164 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
165#define PSA_ECC_CURVE_SECT233K1 \
166 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
167#define PSA_ECC_CURVE_SECT239K1 \
168 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
169#define PSA_ECC_CURVE_SECT283K1 \
170 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
171#define PSA_ECC_CURVE_SECT409K1 \
172 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
173#define PSA_ECC_CURVE_SECT571K1 \
174 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
175#define PSA_ECC_CURVE_SECT163R1 \
176 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
177#define PSA_ECC_CURVE_SECT193R1 \
178 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
179#define PSA_ECC_CURVE_SECT233R1 \
180 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
181#define PSA_ECC_CURVE_SECT283R1 \
182 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
183#define PSA_ECC_CURVE_SECT409R1 \
184 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
185#define PSA_ECC_CURVE_SECT571R1 \
186 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
187#define PSA_ECC_CURVE_SECT163R2 \
188 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2)
189#define PSA_ECC_CURVE_SECT193R2 \
190 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2)
191#define PSA_ECC_CURVE_BRAINPOOL_P256R1 \
192 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
193#define PSA_ECC_CURVE_BRAINPOOL_P384R1 \
194 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
195#define PSA_ECC_CURVE_BRAINPOOL_P512R1 \
196 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
197#define PSA_ECC_CURVE_CURVE25519 \
198 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY)
199#define PSA_ECC_CURVE_CURVE448 \
200 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY)
201
202/*
203 * Curves that changed name due to PSA specification.
204 */
205#define PSA_ECC_CURVE_SECP_K1 \
206 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
207#define PSA_ECC_CURVE_SECP_R1 \
208 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
209#define PSA_ECC_CURVE_SECP_R2 \
210 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2)
211#define PSA_ECC_CURVE_SECT_K1 \
212 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
213#define PSA_ECC_CURVE_SECT_R1 \
214 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
215#define PSA_ECC_CURVE_SECT_R2 \
216 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2)
217#define PSA_ECC_CURVE_BRAINPOOL_P_R1 \
218 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
219#define PSA_ECC_CURVE_MONTGOMERY \
220 MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY)
221
222/*
223 * Finite-field Diffie-Hellman families.
224 */
225#define PSA_DH_GROUP_FFDHE2048 \
226 MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
227#define PSA_DH_GROUP_FFDHE3072 \
228 MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
229#define PSA_DH_GROUP_FFDHE4096 \
230 MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
231#define PSA_DH_GROUP_FFDHE6144 \
232 MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
233#define PSA_DH_GROUP_FFDHE8192 \
234 MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
235
236/*
237 * Diffie-Hellman families that changed name due to PSA specification.
238 */
239#define PSA_DH_GROUP_RFC7919 \
240 MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
241#define PSA_DH_GROUP_CUSTOM \
242 MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_CUSTOM)
243
244/*
245 * Deprecated PSA Crypto stream cipher algorithms (PSA Crypto API <= 1.0 beta3)
246 */
247#define PSA_ALG_ARC4 \
248 MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER)
249#define PSA_ALG_CHACHA20 \
250 MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER)
251
252/*
253 * Renamed AEAD tag length macros (PSA Crypto API <= 1.0 beta3)
254 */
255#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \
256 MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg))
257#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \
258 MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, \
259 PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length))
260
261/*
262 * Deprecated PSA AEAD output size macros (PSA Crypto API <= 1.0 beta3)
263 */
264
277#define PSA_AEAD_TAG_LENGTH_1_ARG(alg) \
278 MBEDTLS_DEPRECATED_CONSTANT(size_t, \
279 PSA_ALG_IS_AEAD(alg) ? \
280 PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
281 0)
282
303#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG(alg, plaintext_length) \
304 MBEDTLS_DEPRECATED_CONSTANT(size_t, \
305 PSA_ALG_IS_AEAD(alg) ? \
306 (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
307 0)
308
329#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG(alg, ciphertext_length) \
330 MBEDTLS_DEPRECATED_CONSTANT(size_t, \
331 PSA_ALG_IS_AEAD(alg) && \
332 (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
333 (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
334 0)
335
356/* For all the AEAD modes defined in this specification, it is possible
357 * to emit output without delay. However, hardware may not always be
358 * capable of this. So for modes based on a block cipher, allow the
359 * implementation to delay the output until it has a full block. */
360#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG(alg, input_length) \
361 MBEDTLS_DEPRECATED_CONSTANT(size_t, \
362 PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
363 PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \
364 (input_length)) : \
365 (input_length))
366
382#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG(alg) \
383 MBEDTLS_DEPRECATED_CONSTANT(size_t, \
384 PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
385 PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
386 0)
387
403#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG(alg) \
404 MBEDTLS_DEPRECATED_CONSTANT(size_t, \
405 PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
406 PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
407 0)
408
409#endif /* MBEDTLS_DEPRECATED_REMOVED */
410
472 psa_key_handle_t *handle);
473
513
514#ifdef __cplusplus
515}
516#endif
517
518#endif /* PSA_CRYPTO_COMPAT_H */
static MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_verify(psa_key_handle_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
mbedtls_svc_key_id_t psa_key_handle_t
#define MBEDTLS_PSA_DEPRECATED
MBEDTLS_PSA_DEPRECATED psa_dh_family_t mbedtls_deprecated_psa_dh_family_t
MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t
static MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_sign(psa_key_handle_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t
MBEDTLS_PSA_DEPRECATED psa_ecc_family_t mbedtls_deprecated_psa_ecc_family_t
MBEDTLS_PSA_DEPRECATED psa_ecc_family_t psa_ecc_curve_t
MBEDTLS_PSA_DEPRECATED psa_algorithm_t mbedtls_deprecated_psa_algorithm_t
psa_status_t psa_open_key(mbedtls_svc_key_id_t key, psa_key_handle_t *handle)
psa_status_t psa_close_key(psa_key_handle_t handle)
MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t
static int psa_key_handle_is_null(psa_key_handle_t handle)
MBEDTLS_PSA_DEPRECATED psa_dh_family_t psa_dh_group_t
psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a hash or short message with a private key.
psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
Verify the signature of a hash or short message using a public key.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
uint8_t psa_ecc_family_t
uint8_t psa_dh_family_t
int32_t psa_status_t
Function return status.
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
psa_key_id_t mbedtls_svc_key_id_t
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.