Mbed TLS v3.6.1
crypto_struct.h
Go to the documentation of this file.
1 
44 /*
45  * Copyright The Mbed TLS Contributors
46  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
47  */
48 
49 #ifndef PSA_CRYPTO_STRUCT_H
50 #define PSA_CRYPTO_STRUCT_H
51 #include "mbedtls/private_access.h"
52 
53 #ifdef __cplusplus
54 extern "C" {
55 #endif
56 
57 /*
58  * Include the build-time configuration information header. Here, we do not
59  * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
60  * is basically just an alias to it. This is to ease the maintenance of the
61  * TF-PSA-Crypto repository which has a different build system and
62  * configuration.
63  */
64 #include "psa/build_info.h"
65 
66 /* Include the context definition for the compiled-in drivers for the primitive
67  * algorithms. */
69 
71 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
72  mbedtls_psa_client_handle_t handle;
73 #else
80  unsigned int MBEDTLS_PRIVATE(id);
82 #endif
83 };
84 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
85 #define PSA_HASH_OPERATION_INIT { 0 }
86 #else
87 #define PSA_HASH_OPERATION_INIT { 0, { 0 } }
88 #endif
89 static inline struct psa_hash_operation_s psa_hash_operation_init(void)
90 {
92  return v;
93 }
94 
96 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
97  mbedtls_psa_client_handle_t handle;
98 #else
105  unsigned int MBEDTLS_PRIVATE(id);
106 
107  unsigned int MBEDTLS_PRIVATE(iv_required) : 1;
108  unsigned int MBEDTLS_PRIVATE(iv_set) : 1;
109 
110  uint8_t MBEDTLS_PRIVATE(default_iv_length);
111 
113 #endif
114 };
115 
116 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
117 #define PSA_CIPHER_OPERATION_INIT { 0 }
118 #else
119 #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
120 #endif
121 static inline struct psa_cipher_operation_s psa_cipher_operation_init(void)
122 {
124  return v;
125 }
126 
127 /* Include the context definition for the compiled-in drivers for the composite
128  * algorithms. */
130 
132 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
133  mbedtls_psa_client_handle_t handle;
134 #else
141  unsigned int MBEDTLS_PRIVATE(id);
142  uint8_t MBEDTLS_PRIVATE(mac_size);
143  unsigned int MBEDTLS_PRIVATE(is_sign) : 1;
145 #endif
146 };
147 
148 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
149 #define PSA_MAC_OPERATION_INIT { 0 }
150 #else
151 #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
152 #endif
153 static inline struct psa_mac_operation_s psa_mac_operation_init(void)
154 {
156  return v;
157 }
158 
160 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
161  mbedtls_psa_client_handle_t handle;
162 #else
169  unsigned int MBEDTLS_PRIVATE(id);
170 
173 
174  size_t MBEDTLS_PRIVATE(ad_remaining);
175  size_t MBEDTLS_PRIVATE(body_remaining);
176 
177  unsigned int MBEDTLS_PRIVATE(nonce_set) : 1;
178  unsigned int MBEDTLS_PRIVATE(lengths_set) : 1;
179  unsigned int MBEDTLS_PRIVATE(ad_started) : 1;
180  unsigned int MBEDTLS_PRIVATE(body_started) : 1;
181  unsigned int MBEDTLS_PRIVATE(is_encrypt) : 1;
182 
184 #endif
185 };
186 
187 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
188 #define PSA_AEAD_OPERATION_INIT { 0 }
189 #else
190 #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
191 #endif
192 static inline struct psa_aead_operation_s psa_aead_operation_init(void)
193 {
195  return v;
196 }
197 
198 /* Include the context definition for the compiled-in drivers for the key
199  * derivation algorithms. */
201 
203 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
204  mbedtls_psa_client_handle_t handle;
205 #else
207  unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
208  size_t MBEDTLS_PRIVATE(capacity);
210 #endif
211 };
212 
213 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
214 #define PSA_KEY_DERIVATION_OPERATION_INIT { 0 }
215 #else
216 /* This only zeroes out the first byte in the union, the rest is unspecified. */
217 #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
218 #endif
220  void)
221 {
223  return v;
224 }
225 
227  /* Future versions may add other fields in this structure. */
228  uint32_t flags;
229 };
230 
238 #define PSA_CUSTOM_KEY_PARAMETERS_INIT { 0 }
239 
240 #ifndef __cplusplus
241 /* Omitted when compiling in C++, because one of the parameters is a
242  * pointer to a struct with a flexible array member, and that is not
243  * standard C++.
244  * https://github.com/Mbed-TLS/mbedtls/issues/9020
245  */
246 /* This is a deprecated variant of `struct psa_custom_key_parameters_s`.
247  * It has exactly the same layout, plus an extra field which is a flexible
248  * array member. Thus a `const struct psa_key_production_parameters_s *`
249  * can be passed to any function that reads a
250  * `const struct psa_custom_key_parameters_s *`.
251  */
253  uint32_t flags;
254  uint8_t data[];
255 };
256 
265 #define PSA_KEY_PRODUCTION_PARAMETERS_INIT { 0 }
266 #endif /* !__cplusplus */
267 
272 };
273 typedef struct psa_key_policy_s psa_key_policy_t;
274 
275 #define PSA_KEY_POLICY_INIT { 0, 0, 0 }
276 static inline struct psa_key_policy_s psa_key_policy_init(void)
277 {
278  const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
279  return v;
280 }
281 
282 /* The type used internally for key sizes.
283  * Public interfaces use size_t, but internally we use a smaller type. */
284 typedef uint16_t psa_key_bits_t;
285 /* The maximum value of the type used to represent bit-sizes.
286  * This is used to mark an invalid key size. */
287 #define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) -1)
288 /* The maximum size of a key in bits.
289  * Currently defined as the maximum that can be represented, rounded down
290  * to a whole number of bytes.
291  * This is an uncast value so that it can be used in preprocessor
292  * conditionals. */
293 #define PSA_MAX_KEY_BITS 0xfff8
294 
296 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
298  int MBEDTLS_PRIVATE(has_slot_number);
299 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
304  /* This type has a different layout in the client view wrt the
305  * service view of the key id, i.e. in service view usually is
306  * expected to have MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined
307  * thus adding an owner field to the standard psa_key_id_t. For
308  * implementations with client/service separation, this means the
309  * object will be marshalled through a transport channel and
310  * interpreted differently at each side of the transport. Placing
311  * it at the end of structures allows to interpret the structure
312  * at the client without reorganizing the memory layout of the
313  * struct
314  */
316 };
317 
318 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
319 #define PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER 0, 0,
320 #else
321 #define PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER
322 #endif
323 #define PSA_KEY_ATTRIBUTES_INIT { PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER \
324  PSA_KEY_TYPE_NONE, 0, \
325  PSA_KEY_LIFETIME_VOLATILE, \
326  PSA_KEY_POLICY_INIT, \
327  MBEDTLS_SVC_KEY_ID_INIT }
328 
329 static inline struct psa_key_attributes_s psa_key_attributes_init(void)
330 {
332  return v;
333 }
334 
335 static inline void psa_set_key_id(psa_key_attributes_t *attributes,
337 {
338  psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(lifetime);
339 
340  attributes->MBEDTLS_PRIVATE(id) = key;
341 
342  if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
343  attributes->MBEDTLS_PRIVATE(lifetime) =
347  }
348 }
349 
351  const psa_key_attributes_t *attributes)
352 {
353  return attributes->MBEDTLS_PRIVATE(id);
354 }
355 
356 #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
357 static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
358  mbedtls_key_owner_id_t owner)
359 {
360  attributes->MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner;
361 }
362 #endif
363 
364 static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
365  psa_key_lifetime_t lifetime)
366 {
367  attributes->MBEDTLS_PRIVATE(lifetime) = lifetime;
368  if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
369 #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
370  attributes->MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0;
371 #else
372  attributes->MBEDTLS_PRIVATE(id) = 0;
373 #endif
374  }
375 }
376 
378  const psa_key_attributes_t *attributes)
379 {
380  return attributes->MBEDTLS_PRIVATE(lifetime);
381 }
382 
383 static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
384 {
385  if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
386  *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
387  }
388 
389  if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
390  *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
391  }
392 }
393 
394 static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
395  psa_key_usage_t usage_flags)
396 {
397  psa_extend_key_usage_flags(&usage_flags);
398  attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
399 }
400 
402  const psa_key_attributes_t *attributes)
403 {
404  return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage);
405 }
406 
407 static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
408  psa_algorithm_t alg)
409 {
410  attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg;
411 }
412 
414  const psa_key_attributes_t *attributes)
415 {
416  return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
417 }
418 
419 static inline void psa_set_key_type(psa_key_attributes_t *attributes,
420  psa_key_type_t type)
421 {
422  attributes->MBEDTLS_PRIVATE(type) = type;
423 }
424 
426  const psa_key_attributes_t *attributes)
427 {
428  return attributes->MBEDTLS_PRIVATE(type);
429 }
430 
431 static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
432  size_t bits)
433 {
434  if (bits > PSA_MAX_KEY_BITS) {
435  attributes->MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE;
436  } else {
437  attributes->MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits;
438  }
439 }
440 
441 static inline size_t psa_get_key_bits(
442  const psa_key_attributes_t *attributes)
443 {
444  return attributes->MBEDTLS_PRIVATE(bits);
445 }
446 
451 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
452  mbedtls_psa_client_handle_t handle;
453 #else
460  unsigned int MBEDTLS_PRIVATE(id);
461 
463 
464  unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
465 
466  uint32_t MBEDTLS_PRIVATE(num_ops);
467 #endif
468 };
469 
470 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
471 #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
472 #else
473 #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
474 #endif
475 
476 static inline struct psa_sign_hash_interruptible_operation_s
478 {
481 
482  return v;
483 }
484 
489 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
490  mbedtls_psa_client_handle_t handle;
491 #else
498  unsigned int MBEDTLS_PRIVATE(id);
499 
501 
502  unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
503 
504  uint32_t MBEDTLS_PRIVATE(num_ops);
505 #endif
506 };
507 
508 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
509 #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
510 #else
511 #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
512 #endif
513 
516 {
519 
520  return v;
521 }
522 
523 #ifdef __cplusplus
524 }
525 #endif
526 
527 #endif /* PSA_CRYPTO_STRUCT_H */
#define PSA_KEY_BITS_TOO_LARGE
static struct psa_sign_hash_interruptible_operation_s psa_sign_hash_interruptible_operation_init(void)
static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags)
static struct psa_aead_operation_s psa_aead_operation_init(void)
static struct psa_verify_hash_interruptible_operation_s psa_verify_hash_interruptible_operation_init(void)
uint16_t psa_key_bits_t
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
#define PSA_KEY_POLICY_INIT
static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type)
static struct psa_key_attributes_s psa_key_attributes_init(void)
static struct psa_cipher_operation_s psa_cipher_operation_init(void)
static struct psa_key_derivation_s psa_key_derivation_operation_init(void)
#define PSA_MAX_KEY_BITS
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
static psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
static void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
static struct psa_mac_operation_s psa_mac_operation_init(void)
static void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime)
static psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
static struct psa_hash_operation_s psa_hash_operation_init(void)
Definition: crypto_struct.h:89
static void psa_set_key_id(psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key)
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT
static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg)
#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT
static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits)
static mbedtls_svc_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
static struct psa_key_policy_s psa_key_policy_init(void)
#define PSA_MAC_OPERATION_INIT
#define PSA_AEAD_OPERATION_INIT
#define PSA_KEY_ATTRIBUTES_INIT
#define PSA_CIPHER_OPERATION_INIT
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:78
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:134
#define PSA_HASH_OPERATION_INIT
Definition: crypto_struct.h:87
#define PSA_KEY_DERIVATION_OPERATION_INIT
#define PSA_KEY_LIFETIME_PERSISTENT
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)
#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)
uint32_t psa_key_lifetime_t
Definition: crypto_types.h:183
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:292
#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location)
#define PSA_KEY_USAGE_SIGN_HASH
#define PSA_KEY_USAGE_SIGN_MESSAGE
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:323
#define PSA_KEY_USAGE_VERIFY_MESSAGE
#define PSA_KEY_USAGE_VERIFY_HASH
uint64_t psa_key_slot_number_t
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
Build-time PSA configuration info.
The context for PSA interruptible hash signing.
The context for PSA interruptible hash verification.