17#ifdef __DOXYGEN_ONLY__
45#define PSA_CRYPTO_API_VERSION_MAJOR 1
50#define PSA_CRYPTO_API_VERSION_MINOR 0
103#ifdef __DOXYGEN_ONLY__
107#define PSA_KEY_ATTRIBUTES_INIT { 0 }
137#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
153 mbedtls_key_owner_id_t owner);
739 size_t *data_length);
814 size_t *data_length);
856 const uint8_t *input,
860 size_t *hash_length);
891 const uint8_t *input,
931#ifdef __DOXYGEN_ONLY__
935#define PSA_HASH_OPERATION_INIT { 0 }
1017 const uint8_t *input,
1018 size_t input_length);
1065 size_t *hash_length);
1104 const uint8_t *hash,
1105 size_t hash_length);
1214 const uint8_t *input,
1215 size_t input_length,
1218 size_t *mac_length);
1255 const uint8_t *input,
1256 size_t input_length,
1295#ifdef __DOXYGEN_ONLY__
1299#define PSA_MAC_OPERATION_INIT { 0 }
1457 const uint8_t *input,
1458 size_t input_length);
1508 size_t *mac_length);
1626 const uint8_t *input,
1627 size_t input_length,
1630 size_t *output_length);
1673 const uint8_t *input,
1674 size_t input_length,
1677 size_t *output_length);
1714#ifdef __DOXYGEN_ONLY__
1718#define PSA_CIPHER_OPERATION_INIT { 0 }
1968 const uint8_t *input,
1969 size_t input_length,
1972 size_t *output_length);
2022 size_t *output_length);
2120 const uint8_t *nonce,
2121 size_t nonce_length,
2122 const uint8_t *additional_data,
2123 size_t additional_data_length,
2124 const uint8_t *plaintext,
2125 size_t plaintext_length,
2126 uint8_t *ciphertext,
2127 size_t ciphertext_size,
2128 size_t *ciphertext_length);
2193 const uint8_t *nonce,
2194 size_t nonce_length,
2195 const uint8_t *additional_data,
2196 size_t additional_data_length,
2197 const uint8_t *ciphertext,
2198 size_t ciphertext_length,
2200 size_t plaintext_size,
2201 size_t *plaintext_length);
2238#ifdef __DOXYGEN_ONLY__
2242#define PSA_AEAD_OPERATION_INIT { 0 }
2423 size_t *nonce_length);
2461 const uint8_t *nonce,
2462 size_t nonce_length);
2507 size_t plaintext_length);
2554 const uint8_t *input,
2555 size_t input_length);
2638 const uint8_t *input,
2639 size_t input_length,
2642 size_t *output_length);
2724 uint8_t *ciphertext,
2725 size_t ciphertext_size,
2726 size_t *ciphertext_length,
2729 size_t *tag_length);
2808 size_t plaintext_size,
2809 size_t *plaintext_length,
2906 const uint8_t *input,
2907 size_t input_length,
2909 size_t signature_size,
2910 size_t *signature_length);
2958 const uint8_t *input,
2959 size_t input_length,
2960 const uint8_t *signature,
2961 size_t signature_length);
3011 const uint8_t *hash,
3014 size_t signature_size,
3015 size_t *signature_length);
3062 const uint8_t *hash,
3064 const uint8_t *signature,
3065 size_t signature_length);
3120 const uint8_t *input,
3121 size_t input_length,
3122 const uint8_t *salt,
3126 size_t *output_length);
3181 const uint8_t *input,
3182 size_t input_length,
3183 const uint8_t *salt,
3187 size_t *output_length);
3231#ifdef __DOXYGEN_ONLY__
3235#define PSA_KEY_DERIVATION_OPERATION_INIT { 0 }
3362#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t) (-1))
3407 const uint8_t *data,
3408 size_t data_length);
3527 const uint8_t *peer_key,
3528 size_t peer_key_length);
3570 size_t output_length);
3794 const uint8_t *peer_key,
3795 size_t peer_key_length,
3798 size_t *output_length);
3831 size_t output_size);
PSA cryptography module: Mbed TLS buffer size macros.
PSA cryptography module: Mbed TLS structured type implementations.
PSA cryptography module: type aliases.
PSA cryptography module: macros to build and analyze integer values.
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg)
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg)
static psa_mac_operation_t psa_mac_operation_init(void)
psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *mac, size_t mac_length)
psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg)
static psa_aead_operation_t psa_aead_operation_init(void)
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, uint8_t *nonce, size_t nonce_size, size_t *nonce_length)
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, const uint8_t *nonce, size_t nonce_length)
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_aead_finish(psa_aead_operation_t *operation, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length, uint8_t *tag, size_t tag_size, size_t *tag_length)
psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg)
psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, size_t ad_length, size_t plaintext_length)
psa_status_t psa_aead_verify(psa_aead_operation_t *operation, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length, const uint8_t *tag, size_t tag_length)
psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
psa_status_t psa_aead_update(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_verify_message(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *signature, size_t signature_length)
Verify the signature of a message with a public key, using a hash-and-sign verification algorithm.
psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a short message with a private key.
psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a hash or short message with a private key.
psa_status_t psa_sign_message(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a message with a private key. For hash-and-sign algorithms, this includes the hashing step.
psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a short message with a public key.
psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
Verify the signature of a hash or short message using a public key.
static psa_key_attributes_t psa_key_attributes_init(void)
void psa_reset_key_attributes(psa_key_attributes_t *attributes)
static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags)
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type)
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
static psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
static void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime)
static psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, psa_key_attributes_t *attributes)
static void psa_set_key_id(psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key)
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg)
static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits)
static mbedtls_svc_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
static psa_cipher_operation_t psa_cipher_operation_init(void)
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, uint8_t *iv, size_t iv_size, size_t *iv_length)
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg)
psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length)
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg)
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
uint16_t psa_key_type_t
Encoding of a key type.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
uint16_t psa_key_derivation_step_t
Encoding of the step of a key derivation.
int32_t psa_status_t
Function return status.
psa_status_t psa_hash_compare(psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, size_t hash_length)
psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation)
psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)
static psa_hash_operation_t psa_hash_operation_init(void)
psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length)
psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg)
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
psa_status_t psa_hash_compute(psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length)
psa_status_t psa_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, mbedtls_svc_key_id_t *key)
Import a key in binary format.
psa_status_t psa_export_key(mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a key in binary format.
psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a public key or the public part of a key pair in binary format.
psa_status_t psa_crypto_init(void)
Library initialization.
psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation, uint8_t *output, size_t output_length)
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, mbedtls_svc_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, mbedtls_svc_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length)
psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, size_t capacity)
static psa_key_derivation_operation_t psa_key_derivation_operation_init(void)
psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length)
psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, size_t *capacity)
psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, mbedtls_svc_key_id_t key)
psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, psa_algorithm_t alg)
psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, psa_key_derivation_operation_t *operation, mbedtls_svc_key_id_t *key)
uint32_t psa_key_lifetime_t
psa_key_id_t mbedtls_svc_key_id_t
psa_status_t psa_purge_key(mbedtls_svc_key_id_t key)
psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key)
Destroy a key.
psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, const psa_key_attributes_t *attributes, mbedtls_svc_key_id_t *target_key)
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
psa_status_t psa_generate_random(uint8_t *output, size_t output_size)
Generate random bytes.
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, mbedtls_svc_key_id_t *key)
Generate a key or key pair.