Platform Security Architecture — cryptography and keystore interface  Working draft
crypto_enum.h
Go to the documentation of this file.
1 
17 /*
18  * Copyright (C) 2018, ARM Limited, All Rights Reserved
19  * SPDX-License-Identifier: Apache-2.0
20  *
21  * Licensed under the Apache License, Version 2.0 (the "License"); you may
22  * not use this file except in compliance with the License.
23  * You may obtain a copy of the License at
24  *
25  * http://www.apache.org/licenses/LICENSE-2.0
26  *
27  * Unless required by applicable law or agreed to in writing, software
28  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
29  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
30  * See the License for the specific language governing permissions and
31  * limitations under the License.
32  *
33  * This file is part of mbed TLS (https://tls.mbed.org)
34  */
35 
36 #ifndef PSA_CRYPTO_ENUM_H
37 #define PSA_CRYPTO_ENUM_H
38 
39 #include <stdint.h>
40 
45 #if defined(PSA_SUCCESS)
46 /* If PSA_SUCCESS is defined, assume that PSA crypto is being used
47  * together with PSA IPC, which also defines the identifier
48  * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
49  * the other error code names don't clash. Also define psa_status_t as
50  * an alias for the type used by PSA IPC. This is a temporary hack
51  * until we unify error reporting in PSA IPC and PSA crypto.
52  *
53  * Note that psa_defs.h must be included before this header!
54  */
55 typedef psa_error_t psa_status_t;
56 
57 #else /* defined(PSA_SUCCESS) */
58 
66 typedef int32_t psa_status_t;
67 
69 #define PSA_SUCCESS ((psa_status_t)0)
70 
71 #endif /* !defined(PSA_SUCCESS) */
72 
78 #define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1)
79 
87 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2)
88 
100 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3)
101 
112 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4)
113 
120 #define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5)
121 
128 #define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6)
129 
140 #define PSA_ERROR_BAD_STATE ((psa_status_t)7)
141 
156 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8)
157 
162 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9)
163 
171 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10)
172 
188 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
189 
213 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12)
214 
219 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13)
220 
250 #define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14)
251 
269 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15)
270 
279 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16)
280 
295 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)17)
296 
301 #define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
302 
305 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)19)
306 
315 typedef uint32_t psa_key_type_t;
316 
321 #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000)
322 
330 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000)
331 
332 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000)
333 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000)
334 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000)
335 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000)
336 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000)
337 
338 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000)
339 
341 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
342  (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
343 
348 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
349  (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
350  PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
351 
353 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
354  (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
355  & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
356  PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
357 
358 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
359  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
360 
362 #define PSA_KEY_TYPE_IS_KEYPAIR(type) \
363  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
364 
374 #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \
375  ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
376 
386 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
387  ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
388 
393 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001)
394 
403 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000)
404 
410 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000)
411 
417 #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001)
418 
428 #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002)
429 
432 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003)
433 
438 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004)
439 
441 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
442 
443 #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
444 
445 #define PSA_KEY_TYPE_IS_RSA(type) \
446  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
447 
449 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000)
450 
451 #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000)
452 
453 #define PSA_KEY_TYPE_IS_DSA(type) \
454  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
455 
456 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
457 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
458 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff)
459 
460 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \
461  (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
462 
463 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
464  (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
465 
467 #define PSA_KEY_TYPE_IS_ECC(type) \
468  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \
469  ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
470 
471 #define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \
472  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
473  PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
474 
475 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
476  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
477  PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
478 
480 typedef uint16_t psa_ecc_curve_t;
482 #define PSA_KEY_TYPE_GET_CURVE(type) \
483  ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
484  ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
485  0))
486 
487 /* The encoding of curve identifiers is currently aligned with the
488  * TLS Supported Groups Registry (formerly known as the
489  * TLS EC Named Curve Registry)
490  * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
491  * The values are defined by RFC 8422 and RFC 7027. */
492 #define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
493 #define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
494 #define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
495 #define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004)
496 #define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005)
497 #define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006)
498 #define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007)
499 #define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008)
500 #define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009)
501 #define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a)
502 #define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b)
503 #define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c)
504 #define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d)
505 #define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e)
506 #define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f)
507 #define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010)
508 #define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011)
509 #define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012)
510 #define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013)
511 #define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014)
512 #define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015)
513 #define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016)
514 #define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017)
515 #define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018)
516 #define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019)
517 #define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a)
518 #define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b)
519 #define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
520 #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
521 #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
522 
541 #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
542  ( \
543  (type) == PSA_KEY_TYPE_AES ? 16 : \
544  (type) == PSA_KEY_TYPE_DES ? 8 : \
545  (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \
546  (type) == PSA_KEY_TYPE_ARC4 ? 1 : \
547  0)
548 
557 typedef uint32_t psa_algorithm_t;
558 
559 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
560 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
561 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000)
562 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000)
563 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
564 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000)
565 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000)
566 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000)
567 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000)
568 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000)
569 #define PSA_ALG_CATEGORY_KEY_SELECTION ((psa_algorithm_t)0x31000000)
570 
571 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
572  (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
573 
582 #define PSA_ALG_IS_HASH(alg) \
583  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
584 
593 #define PSA_ALG_IS_MAC(alg) \
594  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
595 
604 #define PSA_ALG_IS_CIPHER(alg) \
605  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
606 
616 #define PSA_ALG_IS_AEAD(alg) \
617  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
618 
627 #define PSA_ALG_IS_SIGN(alg) \
628  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
629 
638 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
639  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
640 
641 #define PSA_ALG_KEY_SELECTION_FLAG ((psa_algorithm_t)0x01000000)
642 
650 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
651  (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) == \
652  PSA_ALG_CATEGORY_KEY_AGREEMENT)
653 
662 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
663  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
664 
673 #define PSA_ALG_IS_KEY_SELECTION(alg) \
674  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION)
675 
676 #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
677 #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
678 #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
679 #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
680 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004)
681 #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005)
682 
683 #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008)
684 
685 #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009)
686 
687 #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a)
688 
689 #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b)
690 
691 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c)
692 
693 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d)
694 
695 #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010)
696 
697 #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011)
698 
699 #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012)
700 
701 #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
702 
703 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
704 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000)
705 
716 #define PSA_ALG_HMAC(hash_alg) \
717  (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
718 
719 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
720  (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
721 
732 #define PSA_ALG_IS_HMAC(alg) \
733  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
734  PSA_ALG_HMAC_BASE)
735 
736 /* In the encoding of a MAC algorithm, the bits corresponding to
737  * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
738  * truncated. As an exception, the value 0 means the untruncated algorithm,
739  * whatever its length is. The length is encoded in 6 bits, so it can
740  * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
741  * to full length is correctly encoded as 0 and any non-trivial truncation
742  * is correctly encoded as a value between 1 and 63. */
743 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00)
744 #define PSA_MAC_TRUNCATION_OFFSET 8
745 
779 #define PSA_ALG_TRUNCATED_MAC(alg, mac_length) \
780  (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \
781  ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
782 
795 #define PSA_ALG_FULL_LENGTH_MAC(alg) \
796  ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
797 
809 #define PSA_MAC_TRUNCATED_LENGTH(alg) \
810  (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
811 
812 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
813 #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
814 #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002)
815 #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003)
816 
825 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
826  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
827  PSA_ALG_CIPHER_MAC_BASE)
828 
829 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
830 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
831 
844 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
845  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
846  (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
847 
850 #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001)
851 
859 #define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001)
860 
861 #define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002)
862 
863 #define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003)
864 
871 #define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff)
872 
880 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100)
881 
888 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101)
889 
890 #define PSA_ALG_CCM ((psa_algorithm_t)0x06001001)
891 #define PSA_ALG_GCM ((psa_algorithm_t)0x06001002)
892 
893 /* In the encoding of a AEAD algorithm, the bits corresponding to
894  * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
895  * The constants for default lengths follow this encoding.
896  */
897 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00)
898 #define PSA_AEAD_TAG_LENGTH_OFFSET 8
899 
918 #define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length) \
919  (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \
920  ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
921  PSA_ALG_AEAD_TAG_LENGTH_MASK))
922 
931 #define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) \
932  ( \
933  PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM) \
934  PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM) \
935  0)
936 #define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \
937  PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \
938  PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \
939  ref :
940 
941 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000)
942 
955 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
956  (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
957 
963 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
964 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
965  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
966 
967 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000)
968 
984 #define PSA_ALG_RSA_PSS(hash_alg) \
985  (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
986 #define PSA_ALG_IS_RSA_PSS(alg) \
987  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
988 
989 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000)
990 
1002 #define PSA_ALG_DSA(hash_alg) \
1003  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1004 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000)
1005 #define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000)
1006 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
1007  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1008 #define PSA_ALG_IS_DSA(alg) \
1009  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
1010  PSA_ALG_DSA_BASE)
1011 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
1012  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
1013 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
1014  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
1015 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
1016  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
1017 
1018 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000)
1019 
1037 #define PSA_ALG_ECDSA(hash_alg) \
1038  (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1039 
1048 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1049 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000)
1050 
1070 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1071  (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1072 #define PSA_ALG_IS_ECDSA(alg) \
1073  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
1074  PSA_ALG_ECDSA_BASE)
1075 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1076  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
1077 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1078  (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1079 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1080  (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1081 
1100 #define PSA_ALG_SIGN_GET_HASH(alg) \
1101  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1102  PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \
1103  ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \
1104  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1105  0)
1106 
1109 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000)
1110 
1111 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000)
1112 
1126 #define PSA_ALG_RSA_OAEP(hash_alg) \
1127  (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1128 #define PSA_ALG_IS_RSA_OAEP(alg) \
1129  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1130 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1131  (PSA_ALG_IS_RSA_OAEP(alg) ? \
1132  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1133  0)
1134 
1135 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100)
1136 
1147 #define PSA_ALG_HKDF(hash_alg) \
1148  (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1149 
1160 #define PSA_ALG_IS_HKDF(alg) \
1161  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1162 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1163  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1164 
1165 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x30000200)
1166 
1188 #define PSA_ALG_TLS12_PRF(hash_alg) \
1189  (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1190 
1199 #define PSA_ALG_IS_TLS12_PRF(alg) \
1200  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1201 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1202  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1203 
1204 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300)
1205 
1228 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
1229  (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1230 
1239 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
1240  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
1241 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
1242  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1243 
1244 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff)
1245 
1256 #define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001)
1257 
1258 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
1259  (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
1260 
1261 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
1262  ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK)
1263 
1264 #define PSA_ALG_FFDH_BASE ((psa_algorithm_t)0x22100000)
1265 
1287 #define PSA_ALG_FFDH(kdf_alg) \
1288  (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
1289 
1300 #define PSA_ALG_IS_FFDH(alg) \
1301  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE)
1302 
1303 #define PSA_ALG_ECDH_BASE ((psa_algorithm_t)0x22200000)
1304 
1343 #define PSA_ALG_ECDH(kdf_alg) \
1344  (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
1345 
1358 #define PSA_ALG_IS_ECDH(alg) \
1359  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE)
1360 
1369 typedef uint32_t psa_key_lifetime_t;
1370 
1373 typedef uint32_t psa_key_id_t;
1374 
1378 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
1379 
1392 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
1393 
1401 typedef uint32_t psa_key_usage_t;
1402 
1414 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
1415 
1425 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
1426 
1436 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
1437 
1446 #define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400)
1447 
1456 #define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800)
1457 
1460 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000)
1461 
1464 #endif /* PSA_CRYPTO_ENUM_H */
uint16_t psa_ecc_curve_t
Definition: crypto_enum.h:480
uint32_t psa_key_id_t
Definition: crypto_enum.h:1373
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_enum.h:557
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_enum.h:1401
uint32_t psa_key_type_t
Encoding of a key type.
Definition: crypto_enum.h:315
uint32_t psa_key_lifetime_t
Definition: crypto_enum.h:1369
int32_t psa_status_t
Function return status.
Definition: crypto_enum.h:66