docs/1.1.0/html/appendix/encodings.html - mirror/mbed-crypto - TrustedFirmware Git Browser


 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 <html xmlns="http://www.w3.org/1999/xhtml">
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
     <title>Algorithm and key type encoding &#8212; PSA Crypto API 1.1.0 documentation</title>
     <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
     <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
     <script type="text/javascript">
       var DOCUMENTATION_OPTIONS = {
         URL_ROOT:    '../',
         VERSION:     '1.1.0',
         COLLAPSE_INDEX: false,
         FILE_SUFFIX: '.html',
         HAS_SOURCE:  false,
         SOURCELINK_SUFFIX: '.txt'
       };
     </script>
     <script type="text/javascript" src="../_static/jquery.js"></script>
     <script type="text/javascript" src="../_static/underscore.js"></script>
     <script type="text/javascript" src="../_static/doctools.js"></script>
     <link rel="author" title="About these documents" href="../about.html" />
     <link rel="index" title="Index" href="../genindex.html" />
     <link rel="search" title="Search" href="../search.html" />
     <link rel="next" title="Example macro implementations" href="specdef_values.html" />
     <link rel="prev" title="Example header file" href="example_header.html" />

   <link rel="stylesheet" href="../_static/custom.css" type="text/css" />

   <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />

   </head>
   <body>


     <div class="document">
       <div class="documentwrapper">
         <div class="bodywrapper">
           <div class="body" role="main">

   <div class="section" id="algorithm-and-key-type-encoding">
 <span id="appendix-encodings"></span><h1>Algorithm and key type encoding</h1>
 <p>Algorithm identifiers (<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>) and key types (<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>) in the PSA Crypto API are structured integer values.</p>
 <ul class="simple">
 <li><a class="reference internal" href="#algorithm-encoding"><span class="secref">Algorithm identifier encoding</span></a> describes the encoding scheme for algorithm identifiers</li>
 <li><a class="reference internal" href="#key-type-encoding"><span class="secref">Key type encoding</span></a> describes the encoding scheme for key types</li>
 </ul>
 <div class="section" id="algorithm-identifier-encoding">
 <span id="algorithm-encoding"></span><h2>Algorithm identifier encoding</h2>
 <p>Algorithm identifiers are 32-bit integer values of the type <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>. Algorithm identifier values have the structure shown in <span><a class="reference internal" href="#fig-algorithm-fields"><span class="numref">Figure 1</span></a></span>.</p>
 <div class="figure" id="fig-algorithm-fields">
 <img alt="../_images/algorithm_fields.svg" src="../_images/algorithm_fields.svg" /><p class="caption"><span class="caption-number">Figure 1 </span><span class="caption-text">Encoding of <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a></span></p>
 </div>
 <p><span><a class="reference internal" href="#table-algorithm-fields"><span class="numref">Table 6</span></a></span> describes the meaning of the bit-fields — some of the bit-fields are used in different ways by different algorithm categories.</p>
 <table border="1" class="colwidths-given longtable docutils align-right" id="table-algorithm-fields">
 <caption><span class="caption-number">Table 6 </span><span class="caption-text">Bit fields in an algorithm identifier</span></caption>
 <colgroup>
 <col width="10%" />
 <col width="10%" />
 <col width="81%" />
 </colgroup>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Field</th>
 <th class="head">Bits</th>
 <th class="head">Description</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>V</td>
 <td>[31]</td>
 <td><p class="first">Flag to indicate an implementation-defined algorithm identifier, when V=1.</p>
 <p class="last">Algorithm identifiers defined by this specification always have V=0.</p>
 </td>
 </tr>
 <tr class="row-odd"><td>CAT</td>
 <td>[30:24]</td>
 <td>Algorithm category. See <a class="reference internal" href="#algorithm-category"><span class="secref">Algorithm categories</span></a>.</td>
 </tr>
 <tr class="row-even"><td>S</td>
 <td>[23]</td>
 <td><p class="first">For a cipher algorithm, this flag indicates a stream cipher when S=1.</p>
 <p class="last">For a key derivation algorithm, this flag indicates a key-stretching or password-hashing algorithm when S=1.</p>
 </td>
 </tr>
 <tr class="row-odd"><td>B</td>
 <td>[22]</td>
 <td>Flag to indicate an algorithm built on a block cipher, when B=1.</td>
 </tr>
 <tr class="row-even"><td>LEN/T2</td>
 <td>[21:16]</td>
 <td>LEN is the length of a MAC or AEAD tag, T2 is a key agreement algorithm sub-type.</td>
 </tr>
 <tr class="row-odd"><td>T1</td>
 <td>[15:8]</td>
 <td>Algorithm sub-type for most algorithm categories.</td>
 </tr>
 <tr class="row-even"><td>H</td>
 <td>[7:0]</td>
 <td>Hash algorithm sub-type, also used in any algorithm that is parameterized by a hash.</td>
 </tr>
 </tbody>
 </table>
 <div class="section" id="algorithm-categories">
 <span id="algorithm-category"></span><h3>Algorithm categories</h3>
 <p>The CAT field in an algorithm identifier takes the values shown in <span><a class="reference internal" href="#table-algorithm-category"><span class="numref">Table 7</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-algorithm-category">
 <caption><span class="caption-number">Table 7 </span><span class="caption-text">Algorithm identifier categories</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Algorithm category</th>
 <th class="head">CAT</th>
 <th class="head">Category details</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>None</td>
 <td><code class="docutils literal"><span class="pre">0x00</span></code></td>
 <td>See <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_NONE" title="PSA_ALG_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_NONE</span></code></a></td>
 </tr>
 <tr class="row-odd"><td>Hash</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td>See <a class="reference internal" href="#hash-encoding"><span class="secref">Hash algorithm encoding</span></a></td>
 </tr>
 <tr class="row-even"><td>MAC</td>
 <td><code class="docutils literal"><span class="pre">0x03</span></code></td>
 <td>See <a class="reference internal" href="#mac-encoding"><span class="secref">MAC algorithm encoding</span></a></td>
 </tr>
 <tr class="row-odd"><td>Cipher</td>
 <td><code class="docutils literal"><span class="pre">0x04</span></code></td>
 <td>See <a class="reference internal" href="#cipher-encoding"><span class="secref">Cipher algorithm encoding</span></a></td>
 </tr>
 <tr class="row-even"><td>AEAD</td>
 <td><code class="docutils literal"><span class="pre">0x05</span></code></td>
 <td>See <a class="reference internal" href="#aead-encoding"><span class="secref">AEAD algorithm encoding</span></a></td>
 </tr>
 <tr class="row-odd"><td>Key derivation</td>
 <td><code class="docutils literal"><span class="pre">0x08</span></code></td>
 <td>See <a class="reference internal" href="#kdf-encoding"><span class="secref">Key derivation algorithm encoding</span></a></td>
 </tr>
 <tr class="row-even"><td>Asymmetric signature</td>
 <td><code class="docutils literal"><span class="pre">0x06</span></code></td>
 <td>See <a class="reference internal" href="#sign-encoding"><span class="secref">Asymmetric signature algorithm encoding</span></a></td>
 </tr>
 <tr class="row-odd"><td>Asymmetric encryption</td>
 <td><code class="docutils literal"><span class="pre">0x07</span></code></td>
 <td>See <a class="reference internal" href="#pke-encoding"><span class="secref">Asymmetric encryption algorithm encoding</span></a></td>
 </tr>
 <tr class="row-even"><td>Key agreement</td>
 <td><code class="docutils literal"><span class="pre">0x09</span></code></td>
 <td>See <a class="reference internal" href="#ka-encoding"><span class="secref">Key agreement algorithm encoding</span></a></td>
 </tr>
 </tbody>
 </table>
 </div>
 <div class="section" id="hash-algorithm-encoding">
 <span id="hash-encoding"></span><h3>Hash algorithm encoding</h3>
 <p>The algorithm identifier for hash algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-hash-fields"><span class="numref">Figure 2</span></a></span>.</p>
 <div class="figure" id="fig-hash-fields">
 <img alt="../_images/hash_fields.svg" src="../_images/hash_fields.svg" /><p class="caption"><span class="caption-number">Figure 2 </span><span class="caption-text">Hash algorithm encoding</span></p>
 </div>
 <p>The defined values for HASH-TYPE are shown in <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-hash-type">
 <caption><span class="caption-number">Table 8 </span><span class="caption-text">Hash algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Hash algorithm</th>
 <th class="head">HASH-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>MD2</td>
 <td><code class="docutils literal"><span class="pre">0x01</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD2" title="PSA_ALG_MD2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD2</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000001</span></code></td>
 </tr>
 <tr class="row-odd"><td>MD4</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD4" title="PSA_ALG_MD4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD4</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000002</span></code></td>
 </tr>
 <tr class="row-even"><td>MD5</td>
 <td><code class="docutils literal"><span class="pre">0x03</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD5" title="PSA_ALG_MD5"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD5</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000003</span></code></td>
 </tr>
 <tr class="row-odd"><td>RIPEMD-160</td>
 <td><code class="docutils literal"><span class="pre">0x04</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RIPEMD160</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000004</span></code></td>
 </tr>
 <tr class="row-even"><td>SHA1</td>
 <td><code class="docutils literal"><span class="pre">0x05</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_1</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000005</span></code></td>
 </tr>
 <tr class="row-odd"><td>SHA-224</td>
 <td><code class="docutils literal"><span class="pre">0x08</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_224</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000008</span></code></td>
 </tr>
 <tr class="row-even"><td>SHA-256</td>
 <td><code class="docutils literal"><span class="pre">0x09</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000009</span></code></td>
 </tr>
 <tr class="row-odd"><td>SHA-384</td>
 <td><code class="docutils literal"><span class="pre">0x0A</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_384</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x0200000A</span></code></td>
 </tr>
 <tr class="row-even"><td>SHA-512</td>
 <td><code class="docutils literal"><span class="pre">0x0B</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x0200000B</span></code></td>
 </tr>
 <tr class="row-odd"><td>SHA-512/224</td>
 <td><code class="docutils literal"><span class="pre">0x0C</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_224</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x0200000C</span></code></td>
 </tr>
 <tr class="row-even"><td>SHA-512/256</td>
 <td><code class="docutils literal"><span class="pre">0x0D</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_256</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x0200000D</span></code></td>
 </tr>
 <tr class="row-odd"><td>SHA3-224</td>
 <td><code class="docutils literal"><span class="pre">0x10</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_224" title="PSA_ALG_SHA3_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_224</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000010</span></code></td>
 </tr>
 <tr class="row-even"><td>SHA3-256</td>
 <td><code class="docutils literal"><span class="pre">0x11</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_256" title="PSA_ALG_SHA3_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_256</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000011</span></code></td>
 </tr>
 <tr class="row-odd"><td>SHA3-384</td>
 <td><code class="docutils literal"><span class="pre">0x12</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_384" title="PSA_ALG_SHA3_384"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_384</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000012</span></code></td>
 </tr>
 <tr class="row-even"><td>SHA3-512</td>
 <td><code class="docutils literal"><span class="pre">0x13</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_512" title="PSA_ALG_SHA3_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_512</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000013</span></code></td>
 </tr>
 <tr class="row-odd"><td>SM3</td>
 <td><code class="docutils literal"><span class="pre">0x14</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SM3" title="PSA_ALG_SM3"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SM3</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000014</span></code></td>
 </tr>
 <tr class="row-even"><td>SHAKE256-512</td>
 <td><code class="docutils literal"><span class="pre">0x15</span></code></td>
 <td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHAKE256_512" title="PSA_ALG_SHAKE256_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHAKE256_512</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x02000015</span></code></td>
 </tr>
 <tr class="row-odd"><td><em>wildcard</em> <sup>a</sup></td>
 <td><code class="docutils literal"><span class="pre">0xFF</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x020000FF</span></code></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li>The wildcard hash <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> can be used to parameterize a signature algorithm which defines a key usage policy, allowing any hash algorithm to be specified in a signature operation using the key.</li>
 </ol>
 </div>
 <div class="section" id="mac-algorithm-encoding">
 <span id="mac-encoding"></span><h3>MAC algorithm encoding</h3>
 <p>The algorithm identifier for MAC algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-mac-fields"><span class="numref">Figure 3</span></a></span>.</p>
 <div class="figure" id="fig-mac-fields">
 <img alt="../_images/mac_fields.svg" src="../_images/mac_fields.svg" /><p class="caption"><span class="caption-number">Figure 3 </span><span class="caption-text">MAC algorithm encoding</span></p>
 </div>
 <p>The defined values for B and MAC-TYPE are shown in <span><a class="reference internal" href="#table-mac-type"><span class="numref">Table 9</span></a></span>.</p>
 <p>LEN = 0 specifies a default length output MAC, other values for LEN specify a truncated MAC.</p>
 <p>W is a flag to indicate a wildcard permitted-algorithm policy:</p>
 <ul class="simple">
 <li>W = 0 indicates a specific MAC algorithm and MAC length.</li>
 <li>W = 1 indicates a wildcard key usage policy, which permits the MAC algorithm with a MAC length of at least LEN to be specified in a MAC operation using the key. LEN must not be zero.</li>
 </ul>
 <p>H = HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) for hash-based MAC algorithms, otherwise H = 0.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-mac-type">
 <caption><span class="caption-number">Table 9 </span><span class="caption-text">MAC algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">MAC algorithm</th>
 <th class="head">B</th>
 <th class="head">MAC-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>HMAC</td>
 <td>0</td>
 <td><code class="docutils literal"><span class="pre">0x00</span></code></td>
 <td><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_HMAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x038000hh</span></code> <sup>a b</sup></td>
 </tr>
 <tr class="row-odd"><td>CBC-MAC <sup>c</sup></td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x01</span></code></td>
 <td><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x03c00100</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-even"><td>CMAC <sup>c</sup></td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x03c00200</span></code> <sup>a</sup></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li>This is the default algorithm identifier, specifying a standard length tag. <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TRUNCATED_MAC()</span></code></a> generates identifiers with non-default LEN values. <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC" title="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC()</span></code></a> generates permitted-algorithm policies with W = 1.</li>
 <li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the MAC algorithm.</li>
 <li>This is a MAC constructed using an underlying block cipher. The block cipher is determined by the key type that is provided to the MAC operation.</li>
 </ol>
 </div>
 <div class="section" id="cipher-algorithm-encoding">
 <span id="cipher-encoding"></span><h3>Cipher algorithm encoding</h3>
 <p>The algorithm identifier for CIPHER algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-cipher-fields"><span class="numref">Figure 4</span></a></span>.</p>
 <div class="figure" id="fig-cipher-fields">
 <img alt="../_images/cipher_fields.svg" src="../_images/cipher_fields.svg" /><p class="caption"><span class="caption-number">Figure 4 </span><span class="caption-text">CIPHER algorithm encoding</span></p>
 </div>
 <p>The defined values for S, B, and CIPHER-TYPE are shown in <span><a class="reference internal" href="#table-cipher-type"><span class="numref">Table 10</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-cipher-type">
 <caption><span class="caption-number">Table 10 </span><span class="caption-text">Cipher algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Cipher algorithm</th>
 <th class="head">S</th>
 <th class="head">B</th>
 <th class="head">CIPHER-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td><em>Stream cipher</em> <sup>a</sup></td>
 <td>1</td>
 <td>0</td>
 <td><code class="docutils literal"><span class="pre">0x01</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x04800100</span></code></td>
 </tr>
 <tr class="row-odd"><td>CTR mode <sup>b</sup></td>
 <td>1</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x10</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x04C01000</span></code></td>
 </tr>
 <tr class="row-even"><td>CFB mode <sup>b</sup></td>
 <td>1</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x11</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x04C01100</span></code></td>
 </tr>
 <tr class="row-odd"><td>OFB mode <sup>b</sup></td>
 <td>1</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x12</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x04C01200</span></code></td>
 </tr>
 <tr class="row-even"><td>XTS mode <sup>b</sup></td>
 <td>0</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0xFF</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x0440FF00</span></code></td>
 </tr>
 <tr class="row-odd"><td>CBC mode without padding <sup>b</sup></td>
 <td>0</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x40</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x04404000</span></code></td>
 </tr>
 <tr class="row-even"><td>CBC mode with PKCS#7 padding <sup>b</sup></td>
 <td>0</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x41</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x04404100</span></code></td>
 </tr>
 <tr class="row-odd"><td>ECB mode without padding <sup>b</sup></td>
 <td>0</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x44</span></code></td>
 <td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x04404400</span></code></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li>The stream cipher algorithm identifier <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a> is used with specific stream cipher key types, such as <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a>.</li>
 <li>This is a cipher mode of an underlying block cipher. The block cipher is determined by the key type that is provided to the cipher operation.</li>
 </ol>
 </div>
 <div class="section" id="aead-algorithm-encoding">
 <span id="aead-encoding"></span><h3>AEAD algorithm encoding</h3>
 <p>The algorithm identifier for AEAD algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-aead-fields"><span class="numref">Figure 5</span></a></span>.</p>
 <div class="figure" id="fig-aead-fields">
 <img alt="../_images/aead_fields.svg" src="../_images/aead_fields.svg" /><p class="caption"><span class="caption-number">Figure 5 </span><span class="caption-text">AEAD algorithm encoding</span></p>
 </div>
 <p>The defined values for B and AEAD-TYPE are shown in <span><a class="reference internal" href="#table-aead-type"><span class="numref">Table 11</span></a></span>.</p>
 <p>LEN = 1..31 specifies the output tag length.</p>
 <p>W is a flag to indicate a wildcard permitted-algorithm policy:</p>
 <ul class="simple">
 <li>W = 0 indicates a specific AEAD algorithm and tag length.</li>
 <li>W = 1 indicates a wildcard key usage policy, which permits the AEAD algorithm with a tag length of at least LEN to be specified in an AEAD operation using the key.</li>
 </ul>
 <table border="1" class="colwidths-auto docutils align-left" id="table-aead-type">
 <caption><span class="caption-number">Table 11 </span><span class="caption-text">AEAD algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">AEAD algorithm</th>
 <th class="head">B</th>
 <th class="head">AEAD-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>CCM <sup>a</sup></td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x01</span></code></td>
 <td><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x05500100</span></code> <sup>b</sup></td>
 </tr>
 <tr class="row-odd"><td>GCM <sup>a</sup></td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x05500200</span></code> <sup>b</sup></td>
 </tr>
 <tr class="row-even"><td>ChaCha20-poly1305</td>
 <td>0</td>
 <td><code class="docutils literal"><span class="pre">0x05</span></code></td>
 <td><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x05100500</span></code> <sup>b</sup></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li>This is an AEAD mode of an underlying block cipher. The block cipher is determined by the key type that is provided to the AEAD operation.</li>
 <li>This is the default algorithm identifier, specifying the default tag length for the algorithm. <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG()</span></code></a> generates identifiers with alternative LEN values. <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG()</span></code></a> generates wildcard permitted-algorithm policies with W = 1.</li>
 </ol>
 </div>
 <div class="section" id="key-derivation-algorithm-encoding">
 <span id="kdf-encoding"></span><h3>Key derivation algorithm encoding</h3>
 <p>The algorithm identifier for key derivation algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-kdf-fields"><span class="numref">Figure 6</span></a></span>.</p>
 <div class="figure" id="fig-kdf-fields">
 <img alt="../_images/kdf_fields.svg" src="../_images/kdf_fields.svg" /><p class="caption"><span class="caption-number">Figure 6 </span><span class="caption-text">Key derivation algorithm encoding</span></p>
 </div>
 <p>The defined values for S and KDF-TYPE are shown in <span><a class="reference internal" href="#table-kdf-type"><span class="numref">Table 12</span></a></span>.</p>
 <p>The permitted values of HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) depend on the specific KDF algorithm.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-kdf-type">
 <caption><span class="caption-number">Table 12 </span><span class="caption-text">Key derivation algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Key derivation algorithm</th>
 <th class="head">S</th>
 <th class="head">KDF-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>HKDF</td>
 <td>0</td>
 <td><code class="docutils literal"><span class="pre">0x01</span></code></td>
 <td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="docutils literal"><span class="pre">PSA_ALG_HKDF</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x080001hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-odd"><td>TLS-1.2 PRF</td>
 <td>0</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PRF</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x080002hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-even"><td>TLS-1.2 PSK-to-MasterSecret</td>
 <td>0</td>
 <td><code class="docutils literal"><span class="pre">0x03</span></code></td>
 <td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x080003hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-odd"><td>PBKDF2-HMAC</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x01</span></code></td>
 <td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x088001hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-even"><td>PBKDF2-AES-CMAC-PRF-128</td>
 <td>1</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x08800200</span></code></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the key derivation algorithm.</li>
 </ol>
 </div>
 <div class="section" id="asymmetric-signature-algorithm-encoding">
 <span id="sign-encoding"></span><h3>Asymmetric signature algorithm encoding</h3>
 <p>The algorithm identifier for asymmetric signature algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-sign-fields"><span class="numref">Figure 7</span></a></span>.</p>
 <div class="figure" id="fig-sign-fields">
 <img alt="../_images/sign_fields.svg" src="../_images/sign_fields.svg" /><p class="caption"><span class="caption-number">Figure 7 </span><span class="caption-text">Asymmetric signature algorithm encoding</span></p>
 </div>
 <p>The defined values for SIGN-TYPE are shown in <span><a class="reference internal" href="#table-sign-type"><span class="numref">Table 13</span></a></span>.</p>
 <p>H = HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) for message signature algorithms that are parameterized by a hash algorithm, otherwise H = 0.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-sign-type">
 <caption><span class="caption-number">Table 13 </span><span class="caption-text">Asymmetric signature algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Signature algorithm</th>
 <th class="head">SIGN-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>RSA PKCS#1 v1.5</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x060002hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-odd"><td>RSA PKCS#1 v1.5 no hash <sup>b</sup></td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x06000200</span></code></td>
 </tr>
 <tr class="row-even"><td>RSA PSS</td>
 <td><code class="docutils literal"><span class="pre">0x03</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x060003hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-odd"><td>RSA PSS any salt length</td>
 <td><code class="docutils literal"><span class="pre">0x13</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x060013hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-even"><td>Randomized ECDSA</td>
 <td><code class="docutils literal"><span class="pre">0x06</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x060006hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-odd"><td>Randomized ECDSA no hash <sup>b</sup></td>
 <td><code class="docutils literal"><span class="pre">0x06</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x06000600</span></code></td>
 </tr>
 <tr class="row-even"><td>Deterministic ECDSA</td>
 <td><code class="docutils literal"><span class="pre">0x07</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x060007hh</span></code> <sup>a</sup></td>
 </tr>
 <tr class="row-odd"><td>PureEdDSA</td>
 <td><code class="docutils literal"><span class="pre">0x08</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_PURE_EDDSA" title="PSA_ALG_PURE_EDDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PURE_EDDSA</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x06000800</span></code></td>
 </tr>
 <tr class="row-even"><td>HashEdDSA</td>
 <td><code class="docutils literal"><span class="pre">0x09</span></code></td>
 <td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED25519PH" title="PSA_ALG_ED25519PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED25519PH</span></code></a> and <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x060009hh</span></code> <sup>c</sup></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the signature algorithm.</li>
 <li>Asymmetric signature algorithms without hashing can only be used with <a class="reference internal" href="../api/ops/sign.html#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="../api/ops/sign.html#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>.</li>
 <li>The HASH-TYPE for HashEdDSA is determined by the curve. SHA-512 is used for Ed25519ph, and the first 64 bytes of output from SHAKE256 is used for Ed448ph.</li>
 </ol>
 </div>
 <div class="section" id="asymmetric-encryption-algorithm-encoding">
 <span id="pke-encoding"></span><h3>Asymmetric encryption algorithm encoding</h3>
 <p>The algorithm identifier for asymmetric encryption algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-pke-fields"><span class="numref">Figure 8</span></a></span>.</p>
 <div class="figure" id="fig-pke-fields">
 <img alt="../_images/pke_fields.svg" src="../_images/pke_fields.svg" /><p class="caption"><span class="caption-number">Figure 8 </span><span class="caption-text">Asymmetric encryption algorithm encoding</span></p>
 </div>
 <p>The defined values for ENCRYPT-TYPE are shown in <span><a class="reference internal" href="#table-pke-type"><span class="numref">Table 14</span></a></span>.</p>
 <p>H = HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) for asymmetric encryption algorithms that are parameterized by a hash algorithm, otherwise H = 0.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-pke-type">
 <caption><span class="caption-number">Table 14 </span><span class="caption-text">Asymmetric encryption algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Asymmetric encryption algorithm</th>
 <th class="head">ENCRYPT-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>RSA PKCS#1 v1.5</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x07000200</span></code></td>
 </tr>
 <tr class="row-odd"><td>RSA OAEP</td>
 <td><code class="docutils literal"><span class="pre">0x03</span></code></td>
 <td><a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_OAEP</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x070003hh</span></code> <sup>a</sup></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the encryption algorithm.</li>
 </ol>
 </div>
 <div class="section" id="key-agreement-algorithm-encoding">
 <span id="ka-encoding"></span><h3>Key agreement algorithm encoding</h3>
 <p>A key agreement algorithm identifier can either be for the raw key agreement algorithm, or for a combined key agreement with key derivation algorithm. The former can only be used with <a class="reference internal" href="../api/ops/ka.html#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>, while the latter are used with <a class="reference internal" href="../api/ops/ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a> and the shared secret is not exposed to the client.</p>
 <p>The algorithm identifier for raw key agreement algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-ka-raw-fields"><span class="numref">Figure 9</span></a></span>.</p>
 <div class="figure" id="fig-ka-raw-fields">
 <img alt="../_images/ka_raw_fields.svg" src="../_images/ka_raw_fields.svg" /><p class="caption"><span class="caption-number">Figure 9 </span><span class="caption-text">Raw key agreement algorithm encoding</span></p>
 </div>
 <p>The defined values for KA-TYPE are shown in <span><a class="reference internal" href="#table-ka-type"><span class="numref">Table 15</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-ka-type">
 <caption><span class="caption-number">Table 15 </span><span class="caption-text">Key agreement algorithm sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Key agreement algorithm</th>
 <th class="head">KA-TYPE</th>
 <th class="head">Algorithm identifier</th>
 <th class="head">Algorithm value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>FFDH</td>
 <td><code class="docutils literal"><span class="pre">0x01</span></code></td>
 <td><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x09010000</span></code></td>
 </tr>
 <tr class="row-odd"><td>ECDH</td>
 <td><code class="docutils literal"><span class="pre">0x02</span></code></td>
 <td><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x09020000</span></code></td>
 </tr>
 </tbody>
 </table>
 <p>A combined key agreement is constructed by a bitwise OR of the raw key agreement algorithm identifier and the key derivation algorithm identifier. This operation is provided by the <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a> macro.</p>
 <div class="figure" id="id7">
 <img alt="../_images/ka_combined_fields.svg" src="../_images/ka_combined_fields.svg" /><p class="caption"><span class="caption-number">Figure 10 </span><span class="caption-text">Combined key agreement algorithm encoding</span></p>
 </div>
 <p>The underlying raw key agreement algorithm can be extracted from the KA-TYPE field, and the key derivation algorithm from the KDF-TYPE and HASH-TYPE fields.</p>
 </div>
 </div>
 <div class="section" id="key-type-encoding">
 <span id="id1"></span><h2>Key type encoding</h2>
 <p>Key types are 16-bit integer values of the type <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>. Key type values have the structure shown in <span><a class="reference internal" href="#fig-key-type-fields"><span class="numref">Figure 11</span></a></span>.</p>
 <div class="figure" id="fig-key-type-fields">
 <img alt="../_images/key_type_fields.svg" src="../_images/key_type_fields.svg" /><p class="caption"><span class="caption-number">Figure 11 </span><span class="caption-text">Encoding of <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a></span></p>
 </div>
 <p><span><a class="reference internal" href="#table-key-type-fields"><span class="numref">Table 16</span></a></span> describes the meaning of the bit-fields — some of bit-fields are used in different ways by different key type categories.</p>
 <table border="1" class="colwidths-given longtable docutils align-right" id="table-key-type-fields">
 <caption><span class="caption-number">Table 16 </span><span class="caption-text">Bit fields in a key type</span></caption>
 <colgroup>
 <col width="24%" />
 <col width="10%" />
 <col width="67%" />
 </colgroup>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Field</th>
 <th class="head">Bits</th>
 <th class="head">Description</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>V</td>
 <td>[15]</td>
 <td><p class="first">Flag to indicate an implementation-defined key type, when V=1.</p>
 <p class="last">Key types defined by this specification always have V=0.</p>
 </td>
 </tr>
 <tr class="row-odd"><td>A</td>
 <td>[14]</td>
 <td>Flag to indicate an asymmetric key type, when A=1.</td>
 </tr>
 <tr class="row-even"><td>CAT</td>
 <td>[13:12]</td>
 <td>Key type category. See <a class="reference internal" href="#key-type-categories"><span class="secref">Key type categories</span></a>.</td>
 </tr>
 <tr class="row-odd"><td><em>category-specific type</em></td>
 <td>[11:1]</td>
 <td>The meaning of this field is specific to each key category.</td>
 </tr>
 <tr class="row-even"><td>P</td>
 <td>[0]</td>
 <td>Parity bit. Valid key type values have even parity.</td>
 </tr>
 </tbody>
 </table>
 <div class="section" id="key-type-categories">
 <span id="id2"></span><h3>Key type categories</h3>
 <p>The A and CAT fields in a key type take the values shown in <span><a class="reference internal" href="#table-key-type-category"><span class="numref">Table 17</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-key-type-category">
 <caption><span class="caption-number">Table 17 </span><span class="caption-text">Key type categories</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Key type category</th>
 <th class="head">A</th>
 <th class="head">CAT</th>
 <th class="head">Category details</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>None</td>
 <td>0</td>
 <td>0</td>
 <td>See <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code></a></td>
 </tr>
 <tr class="row-odd"><td>Raw data</td>
 <td>0</td>
 <td>1</td>
 <td>See <a class="reference internal" href="#raw-key-encoding"><span class="secref">Raw key encoding</span></a></td>
 </tr>
 <tr class="row-even"><td>Symmetric key</td>
 <td>0</td>
 <td>2</td>
 <td>See <a class="reference internal" href="#symmetric-key-encoding"><span class="secref">Symmetric key encoding</span></a></td>
 </tr>
 <tr class="row-odd"><td>Asymmetric public key</td>
 <td>1</td>
 <td>0</td>
 <td>See <a class="reference internal" href="#asymmetric-key-encoding"><span class="secref">Asymmetric key encoding</span></a></td>
 </tr>
 <tr class="row-even"><td>Asymmetric key pair</td>
 <td>1</td>
 <td>3</td>
 <td>See <a class="reference internal" href="#asymmetric-key-encoding"><span class="secref">Asymmetric key encoding</span></a></td>
 </tr>
 </tbody>
 </table>
 </div>
 <div class="section" id="raw-key-encoding">
 <span id="id3"></span><h3>Raw key encoding</h3>
 <p>The key type for raw keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-raw-key-fields"><span class="numref">Figure 12</span></a></span>.</p>
 <div class="figure" id="fig-raw-key-fields">
 <img alt="../_images/raw_key_fields.svg" src="../_images/raw_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 12 </span><span class="caption-text">Raw key encoding</span></p>
 </div>
 <p>The defined values for RAW-TYPE, SUB-TYPE, and P are shown in <span><a class="reference internal" href="#table-raw-type"><span class="numref">Table 18</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-raw-type">
 <caption><span class="caption-number">Table 18 </span><span class="caption-text">Raw key sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Raw key type</th>
 <th class="head">RAW-TYPE</th>
 <th class="head">SUB-TYPE</th>
 <th class="head">P</th>
 <th class="head">Key type</th>
 <th class="head">Key type value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>Raw data</td>
 <td>0</td>
 <td>0</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x1001</span></code></td>
 </tr>
 <tr class="row-odd"><td>HMAC</td>
 <td>1</td>
 <td>0</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x1100</span></code></td>
 </tr>
 <tr class="row-even"><td>Derivation secret</td>
 <td>2</td>
 <td>0</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x1200</span></code></td>
 </tr>
 <tr class="row-odd"><td>Password</td>
 <td>2</td>
 <td>1</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x1203</span></code></td>
 </tr>
 <tr class="row-even"><td>Password hash</td>
 <td>2</td>
 <td>2</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x1205</span></code></td>
 </tr>
 <tr class="row-odd"><td>Derivation pepper</td>
 <td>2</td>
 <td>3</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x1206</span></code></td>
 </tr>
 </tbody>
 </table>
 </div>
 <div class="section" id="symmetric-key-encoding">
 <span id="id4"></span><h3>Symmetric key encoding</h3>
 <p>The key type for symmetric keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-symmetric-key-fields"><span class="numref">Figure 13</span></a></span>.</p>
 <div class="figure" id="fig-symmetric-key-fields">
 <img alt="../_images/symmetric_key_fields.svg" src="../_images/symmetric_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 13 </span><span class="caption-text">Symmetric key encoding</span></p>
 </div>
 <p>For block-based cipher keys, the block size for the cipher algorithm is 2<sup>BLK</sup>.</p>
 <p>The defined values for BLK, SYM-TYPE and P are shown in <span><a class="reference internal" href="#table-symmetric-type"><span class="numref">Table 19</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-symmetric-type">
 <caption><span class="caption-number">Table 19 </span><span class="caption-text">Symmetric key sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Symmetric key type</th>
 <th class="head">BLK</th>
 <th class="head">SYM-TYPE</th>
 <th class="head">P</th>
 <th class="head">Key type</th>
 <th class="head">Key type value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>ARC4</td>
 <td>0</td>
 <td>1</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x2002</span></code></td>
 </tr>
 <tr class="row-odd"><td>ChaCha20</td>
 <td>0</td>
 <td>2</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x2004</span></code></td>
 </tr>
 <tr class="row-even"><td>DES</td>
 <td>3</td>
 <td>0</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x2301</span></code></td>
 </tr>
 <tr class="row-odd"><td>AES</td>
 <td>4</td>
 <td>0</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x2400</span></code></td>
 </tr>
 <tr class="row-even"><td>CAMELLIA</td>
 <td>4</td>
 <td>1</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x2403</span></code></td>
 </tr>
 <tr class="row-odd"><td>SM4</td>
 <td>4</td>
 <td>2</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x2405</span></code></td>
 </tr>
 <tr class="row-even"><td>ARIA</td>
 <td>4</td>
 <td>3</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x2406</span></code></td>
 </tr>
 </tbody>
 </table>
 </div>
 <div class="section" id="asymmetric-key-encoding">
 <span id="id5"></span><h3>Asymmetric key encoding</h3>
 <p>The key type for asymmetric keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-asymmetric-key-fields"><span class="numref">Figure 14</span></a></span>.</p>
 <div class="figure" id="fig-asymmetric-key-fields">
 <img alt="../_images/asymmetric_key_fields.svg" src="../_images/asymmetric_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 14 </span><span class="caption-text">Asymmetric key encoding</span></p>
 </div>
 <p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
 <p>The defined values for ASYM-TYPE are shown in <span><a class="reference internal" href="#table-asymmetric-type"><span class="numref">Table 20</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-asymmetric-type">
 <caption><span class="caption-number">Table 20 </span><span class="caption-text">Asymmetric key sub-type values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Asymmetric key type</th>
 <th class="head">ASYM-TYPE</th>
 <th class="head">Details</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>RSA</td>
 <td>0</td>
 <td>See <a class="reference internal" href="#rsa-key-encoding"><span class="secref">RSA key encoding</span></a></td>
 </tr>
 <tr class="row-odd"><td>Elliptic Curve</td>
 <td>1</td>
 <td>See <a class="reference internal" href="#ecc-key-encoding"><span class="secref">Elliptic Curve key encoding</span></a></td>
 </tr>
 <tr class="row-even"><td>Diffie-Hellman</td>
 <td>2</td>
 <td>See <a class="reference internal" href="#dh-key-encoding"><span class="secref">Diffie Hellman key encoding</span></a></td>
 </tr>
 </tbody>
 </table>
 <div class="section" id="rsa-key-encoding">
 <span id="id6"></span><h4>RSA key encoding</h4>
 <p>The key type for RSA keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-rsa-key-fields"><span class="numref">Figure 15</span></a></span>.</p>
 <div class="figure" id="fig-rsa-key-fields">
 <img alt="../_images/rsa_key_fields.svg" src="../_images/rsa_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 15 </span><span class="caption-text">RSA key encoding</span></p>
 </div>
 <p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
 <p>The defined values for RSA keys are shown in <span><a class="reference internal" href="#table-rsa-type"><span class="numref">Table 21</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-rsa-type">
 <caption><span class="caption-number">Table 21 </span><span class="caption-text">RSA key values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">RSA key type</th>
 <th class="head">Key type</th>
 <th class="head">Key type value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>Public key</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4001</span></code></td>
 </tr>
 <tr class="row-odd"><td>Key pair</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x7001</span></code></td>
 </tr>
 </tbody>
 </table>
 </div>
 <div class="section" id="elliptic-curve-key-encoding">
 <span id="ecc-key-encoding"></span><h4>Elliptic Curve key encoding</h4>
 <p>The key type for Elliptic Curve keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-ecc-key-fields"><span class="numref">Figure 16</span></a></span>.</p>
 <div class="figure" id="fig-ecc-key-fields">
 <img alt="../_images/ecc_key_fields.svg" src="../_images/ecc_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 16 </span><span class="caption-text">Elliptic Curve key encoding</span></p>
 </div>
 <p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
 <p>The defined values for ECC-FAMILY and P are shown in <span><a class="reference internal" href="#table-ecc-type"><span class="numref">Table 22</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-ecc-type">
 <caption><span class="caption-number">Table 22 </span><span class="caption-text">ECC key family values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">ECC key family</th>
 <th class="head">ECC-FAMILY</th>
 <th class="head">P</th>
 <th class="head">ECC family <sup>a</sup></th>
 <th class="head">Public key value</th>
 <th class="head">Key pair value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>SECP K1</td>
 <td>0x0B</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_K1" title="PSA_ECC_FAMILY_SECP_K1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_K1</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4117</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7117</span></code></td>
 </tr>
 <tr class="row-odd"><td>SECP R1</td>
 <td>0x09</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R1" title="PSA_ECC_FAMILY_SECP_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R1</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4112</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7112</span></code></td>
 </tr>
 <tr class="row-even"><td>SECP R2</td>
 <td>0x0D</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R2" title="PSA_ECC_FAMILY_SECP_R2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R2</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x411B</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x711B</span></code></td>
 </tr>
 <tr class="row-odd"><td>SECT K1</td>
 <td>0x13</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_K1" title="PSA_ECC_FAMILY_SECT_K1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_K1</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4127</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7127</span></code></td>
 </tr>
 <tr class="row-even"><td>SECT R1</td>
 <td>0x11</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R1" title="PSA_ECC_FAMILY_SECT_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R1</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4122</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7122</span></code></td>
 </tr>
 <tr class="row-odd"><td>SECT R2</td>
 <td>0x15</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R2" title="PSA_ECC_FAMILY_SECT_R2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R2</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x412B</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x712B</span></code></td>
 </tr>
 <tr class="row-even"><td>Brainpool-P R1</td>
 <td>0x18</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4130</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7130</span></code></td>
 </tr>
 <tr class="row-odd"><td>FRP</td>
 <td>0x19</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4133</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7133</span></code></td>
 </tr>
 <tr class="row-even"><td>Montgomery</td>
 <td>0x20</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4141</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7141</span></code></td>
 </tr>
 <tr class="row-odd"><td>Twisted Edwards</td>
 <td>0x21</td>
 <td>0</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4142</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7142</span></code></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li>The key type value is constructed from the Elliptic Curve family using either <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> or <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> as required.</li>
 </ol>
 </div>
 <div class="section" id="diffie-hellman-key-encoding">
 <span id="dh-key-encoding"></span><h4>Diffie Hellman key encoding</h4>
 <p>The key type for Diffie Hellman keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-dh-key-fields"><span class="numref">Figure 17</span></a></span>.</p>
 <div class="figure" id="fig-dh-key-fields">
 <img alt="../_images/dh_key_fields.svg" src="../_images/dh_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 17 </span><span class="caption-text">Diffie Hellman key encoding</span></p>
 </div>
 <p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
 <p>The defined values for DH-FAMILY and P are shown in <span><a class="reference internal" href="#table-dh-type"><span class="numref">Table 23</span></a></span>.</p>
 <table border="1" class="colwidths-auto docutils align-left" id="table-dh-type">
 <caption><span class="caption-number">Table 23 </span><span class="caption-text">Diffie Hellman key group values</span></caption>
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">DH key group</th>
 <th class="head">DH-FAMILY</th>
 <th class="head">P</th>
 <th class="head">DH group <sup>a</sup></th>
 <th class="head">Public key value</th>
 <th class="head">Key pair value</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>RFC7919</td>
 <td>0x01</td>
 <td>1</td>
 <td><a class="reference internal" href="../api/keys/types.html#c.PSA_DH_FAMILY_RFC7919" title="PSA_DH_FAMILY_RFC7919"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_DH_FAMILY_RFC7919</span></code></a></td>
 <td><code class="docutils literal"><span class="pre">0x4203</span></code></td>
 <td><code class="docutils literal"><span class="pre">0x7203</span></code></td>
 </tr>
 </tbody>
 </table>
 <ol class="loweralpha simple">
 <li>The key type value is constructed from the Diffie Hellman family using either <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_DH_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> or <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> as required.</li>
 </ol>
 </div>
 </div>
 </div>
 </div>


           </div>
         </div>
       </div>
       <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
         <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
 IHI 0086<br/>
 Non-confidential<br/>
 Version 1.1.0
 <span style="color: red; font-weight: bold;"></span>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
 </ul>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="../overview/intro.html">1. Introduction</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../overview/goals.html">2. Design goals</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../overview/functionality.html">3. Functionality overview</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../overview/sample-arch.html">4. Sample architectures</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../overview/conventions.html">5. Library conventions</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../overview/implementation.html">6. Implementation considerations</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../overview/usage.html">7. Usage considerations</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
 <li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
 </ul>
 <ul class="current">
 <li class="toctree-l1"><a class="reference internal" href="example_header.html">Example header file</a></li>
 <li class="toctree-l1 current"><a class="current reference internal" href="#">Algorithm and key type encoding</a><ul>
 <li class="toctree-l2"><a class="reference internal" href="#algorithm-identifier-encoding">Algorithm identifier encoding</a><ul>
 <li class="toctree-l3"><a class="reference internal" href="#algorithm-categories">Algorithm categories</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#hash-algorithm-encoding">Hash algorithm encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#mac-algorithm-encoding">MAC algorithm encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#cipher-algorithm-encoding">Cipher algorithm encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#aead-algorithm-encoding">AEAD algorithm encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#key-derivation-algorithm-encoding">Key derivation algorithm encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#asymmetric-signature-algorithm-encoding">Asymmetric signature algorithm encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#asymmetric-encryption-algorithm-encoding">Asymmetric encryption algorithm encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#key-agreement-algorithm-encoding">Key agreement algorithm encoding</a></li>
 </ul>
 </li>
 <li class="toctree-l2"><a class="reference internal" href="#key-type-encoding">Key type encoding</a><ul>
 <li class="toctree-l3"><a class="reference internal" href="#key-type-categories">Key type categories</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#raw-key-encoding">Raw key encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#symmetric-key-encoding">Symmetric key encoding</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#asymmetric-key-encoding">Asymmetric key encoding</a></li>
 </ul>
 </li>
 </ul>
 </li>
 <li class="toctree-l1"><a class="reference internal" href="specdef_values.html">Example macro implementations</a></li>
 <li class="toctree-l1"><a class="reference internal" href="sra.html">Security Risk Assessment</a></li>
 <li class="toctree-l1"><a class="reference internal" href="history.html">Changes to the API</a></li>
 </ul>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
 </ul>
 <div id="searchbox" style="display: none" role="search">
   <h3>Quick search</h3>
     <form class="search" action="../search.html" method="get">
       <div><input type="text" name="q" /></div>
       <div><input type="submit" value="Go" /></div>
       <input type="hidden" name="check_keywords" value="yes" />
       <input type="hidden" name="area" value="default" />
     </form>
 </div>
 <script type="text/javascript">$('#searchbox').show(0);</script>
         </div>
       </div>
       <div class="clearer"></div>
     </div>
     <div class="footer">
       &copy; 2018-2022, Arm Limited or its affiliates. All rights reserved.

       |
       Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
       &amp; <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>

     </div>


   </body>
 </html>