Add a hash wildcard value for hash-and-sign algorithm
You can use PSA_ALG_ANY_HASH to build the algorithm value for a
hash-and-sign algorithm in a policy. Then the policy allows usage with
this hash-and-sign family with any hash.
Test that PSA_ALG_ANY_HASH-based policies allow a specific hash, but
not a different hash-and-sign family. Test that PSA_ALG_ANY_HASH is
not valid for operations, only in policies.
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index a4257da..f072487 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -641,6 +641,7 @@
(((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION)
#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
+
#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
@@ -667,6 +668,41 @@
/** SHA3-512 */
#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
+/** Allow any hash algorithm.
+ *
+ * This value may only be used to form the algorithm usage field of a policy
+ * for a signature algorithm that is parametrized by a hash. That is,
+ * suppose that `PSA_xxx_SIGNATURE` is one of the following macros:
+ * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS,
+ * - #PSA_ALG_DSA, #PSA_ALG_DETERMINISTIC_DSA,
+ * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA.
+ * Then you may create a key as follows:
+ * - Set the key usage field using #PSA_ALG_ANY_HASH, for example:
+ * ```
+ * psa_key_policy_set_usage(&policy,
+ * PSA_KEY_USAGE_SIGN, //or PSA_KEY_USAGE_VERIFY
+ * PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH));
+ * psa_set_key_policy(handle, &policy);
+ * ```
+ * - Import or generate key material.
+ * - Call psa_asymmetric_sign() or psa_asymmetric_verify(), passing
+ * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each
+ * call to sign or verify a message may use a different hash.
+ * ```
+ * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...);
+ * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...);
+ * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...);
+ * ```
+ *
+ * This value may not be used to build other algorithms that are
+ * parametrized over a hash. For any valid use of this macro to build
+ * an algorithm `\p alg`, #PSA_ALG_IS_HASH_AND_SIGN(\p alg) is true.
+ *
+ * This value may not be used to build an algorithm specification to
+ * perform an operation. It is only valid to build policies.
+ */
+#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff)
+
#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000)
/** Macro to build an HMAC algorithm.
@@ -914,6 +950,8 @@
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
*
* \return The corresponding RSA PKCS#1 v1.5 signature algorithm.
* \return Unspecified if \p alg is not a supported
@@ -943,6 +981,8 @@
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
*
* \return The corresponding RSA PSS signature algorithm.
* \return Unspecified if \p alg is not a supported
@@ -961,6 +1001,8 @@
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
*
* \return The corresponding DSA signature algorithm.
* \return Unspecified if \p alg is not a supported
@@ -996,6 +1038,8 @@
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
*
* \return The corresponding ECDSA signature algorithm.
* \return Unspecified if \p alg is not a supported
@@ -1028,6 +1072,8 @@
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
*
* \return The corresponding deterministic ECDSA signature
* algorithm.
@@ -1341,6 +1387,24 @@
#define PSA_ALG_IS_ECDH(alg) \
(PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE)
+/** Whether the specified algorithm encoding is a wildcard.
+ *
+ * Wildcard values may only be used to set the usage algorithm field in
+ * a policy, not to perform an operation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a wildcard algorithm encoding.
+ * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for
+ * an operation).
+ * \return This macro may return either 0 or 1 if \c alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_WILDCARD(alg) \
+ (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
+ PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
+ (alg) == PSA_ALG_ANY_HASH)
+
/**@}*/
/** \defgroup key_lifetimes Key lifetimes