Mbed TLS v2.28.9
Loading...
Searching...
No Matches
crypto_extra.h
Go to the documentation of this file.
1
11/*
12 * Copyright The Mbed TLS Contributors
13 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
14 */
15
16#ifndef PSA_CRYPTO_EXTRA_H
17#define PSA_CRYPTO_EXTRA_H
18
20
21#include "crypto_types.h"
22#include "crypto_compat.h"
23
24#ifdef __cplusplus
25extern "C" {
26#endif
27
28/* UID for secure storage seed */
29#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
30
31/* See config.h for definition */
32#if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
33#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
34#endif
35
60 psa_key_attributes_t *attributes,
61 psa_algorithm_t alg2)
62{
63 attributes->core.policy.alg2 = alg2;
64}
65
73 const psa_key_attributes_t *attributes)
74{
75 return attributes->core.policy.alg2;
76}
77
78#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
79
102psa_status_t psa_get_key_slot_number(
103 const psa_key_attributes_t *attributes,
104 psa_key_slot_number_t *slot_number);
105
129static inline void psa_set_key_slot_number(
130 psa_key_attributes_t *attributes,
131 psa_key_slot_number_t slot_number)
132{
134 attributes->slot_number = slot_number;
135}
136
143static inline void psa_clear_key_slot_number(
144 psa_key_attributes_t *attributes)
145{
146 attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
147}
148
197psa_status_t mbedtls_psa_register_se_key(
198 const psa_key_attributes_t *attributes);
199
200#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
201
213
243
252
321 size_t seed_size);
322
334#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
335
352#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
353
355#define PSA_KEY_TYPE_IS_DSA(type) \
356 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
357
358#define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
373#define PSA_ALG_DSA(hash_alg) \
374 (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
375#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
376#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
391#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
392 (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
393#define PSA_ALG_IS_DSA(alg) \
394 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
395 PSA_ALG_DSA_BASE)
396#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
397 (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
398#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
399 (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
400#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
401 (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
402
403
404/* We need to expand the sample definition of this macro from
405 * the API definition. */
406#undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
407#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
408 PSA_ALG_IS_DSA(alg)
409
422#define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
423
424
492 psa_key_type_t type,
493 const uint8_t *data,
494 size_t data_length);
495
520 const psa_key_attributes_t *attributes,
521 uint8_t *data,
522 size_t data_size,
523 size_t *data_length);
524
550#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
551 (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
552 PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
553 PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
554 0)
555#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
556 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
557#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
558 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
559
566#if defined(MBEDTLS_ECP_C)
567#include <mbedtls/ecp.h>
568
583 size_t *bits)
584{
585 switch (grpid) {
587 *bits = 192;
590 *bits = 224;
593 *bits = 256;
596 *bits = 384;
599 *bits = 521;
602 *bits = 256;
605 *bits = 384;
608 *bits = 512;
611 *bits = 255;
614 *bits = 192;
617 *bits = 224;
620 *bits = 256;
623 *bits = 448;
625 default:
626 *bits = 0;
627 return 0;
628 }
629}
630
651 size_t bits,
652 int bits_is_sloppy);
653#endif /* MBEDTLS_ECP_C */
654
661#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
701psa_status_t mbedtls_psa_external_get_random(
702 mbedtls_psa_external_random_context_t *context,
703 uint8_t *output, size_t output_size, size_t *output_length);
704#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
705
723#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
724
730#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
731
736typedef uint64_t psa_drv_slot_number_t;
737
738#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
748static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
749{
750 return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
752}
753
798psa_status_t mbedtls_psa_platform_get_builtin_key(
800 psa_key_lifetime_t *lifetime,
801 psa_drv_slot_number_t *slot_number);
802#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
803
806#ifdef __cplusplus
807}
808#endif
809
810#endif /* PSA_CRYPTO_EXTRA_H */
PSA cryptography module: Backward compatibility aliases.
void mbedtls_psa_crypto_free(void)
Library deinitialization.
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
PSA cryptography module: type aliases.
This file provides an API for Elliptic Curves over GF(P) (ECP).
mbedtls_ecp_group_id
Definition ecp.h:113
@ MBEDTLS_ECP_DP_SECP192K1
Definition ecp.h:124
@ MBEDTLS_ECP_DP_SECP384R1
Definition ecp.h:118
@ MBEDTLS_ECP_DP_CURVE448
Definition ecp.h:127
@ MBEDTLS_ECP_DP_CURVE25519
Definition ecp.h:123
@ MBEDTLS_ECP_DP_SECP256K1
Definition ecp.h:126
@ MBEDTLS_ECP_DP_BP512R1
Definition ecp.h:122
@ MBEDTLS_ECP_DP_SECP224R1
Definition ecp.h:116
@ MBEDTLS_ECP_DP_SECP521R1
Definition ecp.h:119
@ MBEDTLS_ECP_DP_BP384R1
Definition ecp.h:121
@ MBEDTLS_ECP_DP_SECP224K1
Definition ecp.h:125
@ MBEDTLS_ECP_DP_BP256R1
Definition ecp.h:120
@ MBEDTLS_ECP_DP_SECP192R1
Definition ecp.h:115
@ MBEDTLS_ECP_DP_SECP256R1
Definition ecp.h:117
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
#define PSA_ECC_FAMILY_MONTGOMERY
#define PSA_ECC_FAMILY_SECP_R1
#define PSA_ECC_FAMILY_SECP_K1
uint16_t psa_key_type_t
Encoding of a key type.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
uint8_t psa_ecc_family_t
int32_t psa_status_t
Function return status.
uint32_t psa_key_id_t
uint32_t psa_key_lifetime_t
psa_key_id_t mbedtls_svc_key_id_t
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
uint64_t psa_drv_slot_number_t
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
uint64_t psa_key_slot_number_t
Common and shared functions used by multiple modules in the Mbed TLS library.
Statistics about resource consumption related to the PSA keystore.
psa_key_id_t max_open_internal_key_id
psa_key_id_t max_open_external_key_id
psa_key_attributes_flag_t flags
psa_core_key_attributes_t core
psa_algorithm_t alg2