Mbed TLS v2.28.8
Loading...
Searching...
No Matches
crypto_extra.h
Go to the documentation of this file.
1
11/*
12 * Copyright The Mbed TLS Contributors
13 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
14 */
15
16#ifndef PSA_CRYPTO_EXTRA_H
17#define PSA_CRYPTO_EXTRA_H
18
20
21#include "crypto_types.h"
22#include "crypto_compat.h"
23
24#ifdef __cplusplus
25extern "C" {
26#endif
27
28/* UID for secure storage seed */
29#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
30
31/* See config.h for definition */
32#if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
33#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
34#endif
35
60 psa_key_attributes_t *attributes,
61 psa_algorithm_t alg2)
62{
63 attributes->core.policy.alg2 = alg2;
64}
65
73 const psa_key_attributes_t *attributes)
74{
75 return attributes->core.policy.alg2;
76}
77
78#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
79
102psa_status_t psa_get_key_slot_number(
103 const psa_key_attributes_t *attributes,
104 psa_key_slot_number_t *slot_number);
105
129static inline void psa_set_key_slot_number(
130 psa_key_attributes_t *attributes,
131 psa_key_slot_number_t slot_number)
132{
134 attributes->slot_number = slot_number;
135}
136
143static inline void psa_clear_key_slot_number(
144 psa_key_attributes_t *attributes)
145{
146 attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
147}
148
189psa_status_t mbedtls_psa_register_se_key(
190 const psa_key_attributes_t *attributes);
191
192#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
193
205
235
244
313 size_t seed_size);
314
326#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
327
344#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
345
347#define PSA_KEY_TYPE_IS_DSA(type) \
348 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
349
350#define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
365#define PSA_ALG_DSA(hash_alg) \
366 (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
367#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
368#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
383#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
384 (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
385#define PSA_ALG_IS_DSA(alg) \
386 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
387 PSA_ALG_DSA_BASE)
388#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
389 (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
390#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
391 (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
392#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
393 (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
394
395
396/* We need to expand the sample definition of this macro from
397 * the API definition. */
398#undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
399#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
400 PSA_ALG_IS_DSA(alg)
401
414#define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
415
416
484 psa_key_type_t type,
485 const uint8_t *data,
486 size_t data_length);
487
512 const psa_key_attributes_t *attributes,
513 uint8_t *data,
514 size_t data_size,
515 size_t *data_length);
516
542#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
543 (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
544 PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
545 PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
546 0)
547#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
548 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
549#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
550 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
551
558#if defined(MBEDTLS_ECP_C)
559#include <mbedtls/ecp.h>
560
575 size_t *bits)
576{
577 switch (grpid) {
579 *bits = 192;
582 *bits = 224;
585 *bits = 256;
588 *bits = 384;
591 *bits = 521;
594 *bits = 256;
597 *bits = 384;
600 *bits = 512;
603 *bits = 255;
606 *bits = 192;
609 *bits = 224;
612 *bits = 256;
615 *bits = 448;
617 default:
618 *bits = 0;
619 return 0;
620 }
621}
622
643 size_t bits,
644 int bits_is_sloppy);
645#endif /* MBEDTLS_ECP_C */
646
653#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
693psa_status_t mbedtls_psa_external_get_random(
694 mbedtls_psa_external_random_context_t *context,
695 uint8_t *output, size_t output_size, size_t *output_length);
696#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
697
715#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
716
722#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
723
728typedef uint64_t psa_drv_slot_number_t;
729
730#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
740static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
741{
742 return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
744}
745
790psa_status_t mbedtls_psa_platform_get_builtin_key(
792 psa_key_lifetime_t *lifetime,
793 psa_drv_slot_number_t *slot_number);
794#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
795
798#ifdef __cplusplus
799}
800#endif
801
802#endif /* PSA_CRYPTO_EXTRA_H */
PSA cryptography module: Backward compatibility aliases.
void mbedtls_psa_crypto_free(void)
Library deinitialization.
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
PSA cryptography module: type aliases.
This file provides an API for Elliptic Curves over GF(P) (ECP).
mbedtls_ecp_group_id
Definition ecp.h:113
@ MBEDTLS_ECP_DP_SECP192K1
Definition ecp.h:124
@ MBEDTLS_ECP_DP_SECP384R1
Definition ecp.h:118
@ MBEDTLS_ECP_DP_CURVE448
Definition ecp.h:127
@ MBEDTLS_ECP_DP_CURVE25519
Definition ecp.h:123
@ MBEDTLS_ECP_DP_SECP256K1
Definition ecp.h:126
@ MBEDTLS_ECP_DP_BP512R1
Definition ecp.h:122
@ MBEDTLS_ECP_DP_SECP224R1
Definition ecp.h:116
@ MBEDTLS_ECP_DP_SECP521R1
Definition ecp.h:119
@ MBEDTLS_ECP_DP_BP384R1
Definition ecp.h:121
@ MBEDTLS_ECP_DP_SECP224K1
Definition ecp.h:125
@ MBEDTLS_ECP_DP_BP256R1
Definition ecp.h:120
@ MBEDTLS_ECP_DP_SECP192R1
Definition ecp.h:115
@ MBEDTLS_ECP_DP_SECP256R1
Definition ecp.h:117
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
#define PSA_ECC_FAMILY_MONTGOMERY
#define PSA_ECC_FAMILY_SECP_R1
#define PSA_ECC_FAMILY_SECP_K1
uint16_t psa_key_type_t
Encoding of a key type.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
uint8_t psa_ecc_family_t
int32_t psa_status_t
Function return status.
uint32_t psa_key_id_t
uint32_t psa_key_lifetime_t
psa_key_id_t mbedtls_svc_key_id_t
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
uint64_t psa_drv_slot_number_t
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
uint64_t psa_key_slot_number_t
Common and shared functions used by multiple modules in the Mbed TLS library.
Statistics about resource consumption related to the PSA keystore.
psa_key_id_t max_open_internal_key_id
psa_key_id_t max_open_external_key_id
psa_key_attributes_flag_t flags
psa_core_key_attributes_t core
psa_algorithm_t alg2