Mbed TLS v3.6.3
Loading...
Searching...
No Matches
Macros | Typedefs
Key derivation

Macros

#define PSA_KEY_DERIVATION_INPUT_SECRET   ((psa_key_derivation_step_t) 0x0101)
 
#define PSA_KEY_DERIVATION_INPUT_PASSWORD   ((psa_key_derivation_step_t) 0x0102)
 
#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET    ((psa_key_derivation_step_t) 0x0103)
 
#define PSA_KEY_DERIVATION_INPUT_LABEL   ((psa_key_derivation_step_t) 0x0201)
 
#define PSA_KEY_DERIVATION_INPUT_SALT   ((psa_key_derivation_step_t) 0x0202)
 
#define PSA_KEY_DERIVATION_INPUT_INFO   ((psa_key_derivation_step_t) 0x0203)
 
#define PSA_KEY_DERIVATION_INPUT_SEED   ((psa_key_derivation_step_t) 0x0204)
 
#define PSA_KEY_DERIVATION_INPUT_COST   ((psa_key_derivation_step_t) 0x0205)
 

Typedefs

typedef uint16_t psa_key_derivation_step_t
 Encoding of the step of a key derivation.
 
typedef struct psa_custom_key_parameters_s psa_custom_key_parameters_t
 Custom parameters for key generation or key derivation.
 
typedef struct psa_key_production_parameters_s psa_key_production_parameters_t
 Custom parameters for key generation or key derivation.
 

Detailed Description

Macro Definition Documentation

◆ PSA_KEY_DERIVATION_INPUT_COST

#define PSA_KEY_DERIVATION_INPUT_COST   ((psa_key_derivation_step_t) 0x0205)

A cost parameter for password hashing / key stretching.

This must be a direct input, passed to psa_key_derivation_input_integer().

Definition at line 2742 of file crypto_values.h.

◆ PSA_KEY_DERIVATION_INPUT_INFO

#define PSA_KEY_DERIVATION_INPUT_INFO   ((psa_key_derivation_step_t) 0x0203)

An information string for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.

Definition at line 2729 of file crypto_values.h.

◆ PSA_KEY_DERIVATION_INPUT_LABEL

#define PSA_KEY_DERIVATION_INPUT_LABEL   ((psa_key_derivation_step_t) 0x0201)

A label for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.

Definition at line 2714 of file crypto_values.h.

◆ PSA_KEY_DERIVATION_INPUT_OTHER_SECRET

#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET    ((psa_key_derivation_step_t) 0x0103)

A high-entropy additional secret input for key derivation.

This is typically the shared secret resulting from a key agreement obtained via psa_key_derivation_key_agreement(). It may alternatively be a key of type PSA_KEY_TYPE_DERIVE passed to psa_key_derivation_input_key(), or a direct input passed to psa_key_derivation_input_bytes().

Definition at line 2706 of file crypto_values.h.

◆ PSA_KEY_DERIVATION_INPUT_PASSWORD

#define PSA_KEY_DERIVATION_INPUT_PASSWORD   ((psa_key_derivation_step_t) 0x0102)

A low-entropy secret input for password hashing / key stretching.

This is usually a key of type PSA_KEY_TYPE_PASSWORD (passed to psa_key_derivation_input_key()) or a direct input (passed to psa_key_derivation_input_bytes()) that is a password or passphrase. It can also be high-entropy secret such as a key of type PSA_KEY_TYPE_DERIVE or the shared secret resulting from a key agreement.

The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().

Definition at line 2697 of file crypto_values.h.

◆ PSA_KEY_DERIVATION_INPUT_SALT

#define PSA_KEY_DERIVATION_INPUT_SALT   ((psa_key_derivation_step_t) 0x0202)

A salt for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA or PSA_KEY_TYPE_PEPPER.

Definition at line 2722 of file crypto_values.h.

◆ PSA_KEY_DERIVATION_INPUT_SECRET

#define PSA_KEY_DERIVATION_INPUT_SECRET   ((psa_key_derivation_step_t) 0x0101)

A secret input for key derivation.

This should be a key of type PSA_KEY_TYPE_DERIVE (passed to psa_key_derivation_input_key()) or the shared secret resulting from a key agreement (obtained via psa_key_derivation_key_agreement()).

The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().

Definition at line 2679 of file crypto_values.h.

◆ PSA_KEY_DERIVATION_INPUT_SEED

#define PSA_KEY_DERIVATION_INPUT_SEED   ((psa_key_derivation_step_t) 0x0204)

A seed for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.

Definition at line 2736 of file crypto_values.h.

Typedef Documentation

◆ psa_custom_key_parameters_t

Custom parameters for key generation or key derivation.

This is a structure type with at least the following field:

  • flags: an unsigned integer type. 0 for the default production parameters.

Functions that take such a structure as input also take an associated input buffer custom_data of length custom_data_length.

The interpretation of this structure and the associated custom_data parameter depend on the type of the created key.

  • PSA_KEY_TYPE_RSA_KEY_PAIR:
    • flags: must be 0.
    • custom_data: the public exponent, in little-endian order. This must be an odd integer and must not be 1. Implementations must support 65537, should support 3 and may support other values. When not using a driver, Mbed TLS supports values up to INT_MAX. If this is empty, the default value 65537 is used.
  • Other key types: reserved for future use. flags must be 0.

Definition at line 480 of file crypto_types.h.

◆ psa_key_derivation_step_t

typedef uint16_t psa_key_derivation_step_t

Encoding of the step of a key derivation.

Values of this type are generally constructed by macros called PSA_KEY_DERIVATION_INPUT_xxx.

Definition at line 456 of file crypto_types.h.

◆ psa_key_production_parameters_t

Custom parameters for key generation or key derivation.

This is a structure type with at least the following fields:

  • flags: an unsigned integer type. 0 for the default production parameters.
  • data: a flexible array of bytes.

The interpretation of this structure depend on the type of the created key.

  • PSA_KEY_TYPE_RSA_KEY_PAIR:
    • flags: must be 0.
    • data: the public exponent, in little-endian order. This must be an odd integer and must not be 1. Implementations must support 65537, should support 3 and may support other values. When not using a driver, Mbed TLS supports values up to INT_MAX. If this is empty or if the custom production parameters are omitted altogether, the default value 65537 is used.
  • Other key types: reserved for future use. flags must be 0.

Definition at line 504 of file crypto_types.h.