Platform Security Architecture — cryptography and keystore interface  beta 1 — 2019-01-21
crypto_values.h
Go to the documentation of this file.
1 
17 /*
18  * Copyright (C) 2018, ARM Limited, All Rights Reserved
19  * SPDX-License-Identifier: Apache-2.0
20  *
21  * Licensed under the Apache License, Version 2.0 (the "License"); you may
22  * not use this file except in compliance with the License.
23  * You may obtain a copy of the License at
24  *
25  * http://www.apache.org/licenses/LICENSE-2.0
26  *
27  * Unless required by applicable law or agreed to in writing, software
28  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
29  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
30  * See the License for the specific language governing permissions and
31  * limitations under the License.
32  *
33  * This file is part of mbed TLS (https://tls.mbed.org)
34  */
35 
36 #ifndef PSA_CRYPTO_VALUES_H
37 #define PSA_CRYPTO_VALUES_H
38 
43 #if !defined(PSA_SUCCESS)
44 /* If PSA_SUCCESS is defined, assume that PSA crypto is being used
45  * together with PSA IPC, which also defines the identifier
46  * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
47  * the other error code names don't clash. This is a temporary hack
48  * until we unify error reporting in PSA IPC and PSA crypto.
49  *
50  * Note that psa_defs.h must be included before this header!
51  */
53 #define PSA_SUCCESS ((psa_status_t)0)
54 #endif /* !defined(PSA_SUCCESS) */
55 
61 #define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1)
62 
70 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2)
71 
83 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3)
84 
95 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4)
96 
103 #define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5)
104 
111 #define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6)
112 
123 #define PSA_ERROR_BAD_STATE ((psa_status_t)7)
124 
139 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8)
140 
145 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9)
146 
154 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10)
155 
171 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
172 
196 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12)
197 
202 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13)
203 
233 #define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14)
234 
252 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15)
253 
262 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16)
263 
278 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)17)
279 
284 #define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
285 
288 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)19)
289 
300 #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000)
301 
309 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000)
310 
311 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000)
312 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000)
313 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000)
314 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000)
315 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000)
316 
317 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000)
318 
320 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
321  (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
322 
327 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
328  (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
329  PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
330 
332 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
333  (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
334  & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
335  PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
336 
337 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
338  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
339 
341 #define PSA_KEY_TYPE_IS_KEYPAIR(type) \
342  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
343 
353 #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \
354  ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
355 
365 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
366  ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
367 
372 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001)
373 
382 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000)
383 
389 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000)
390 
396 #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001)
397 
407 #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002)
408 
411 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003)
412 
417 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004)
418 
420 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
421 
422 #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
423 
424 #define PSA_KEY_TYPE_IS_RSA(type) \
425  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
426 
428 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000)
429 
430 #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000)
431 
432 #define PSA_KEY_TYPE_IS_DSA(type) \
433  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
434 
435 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
436 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
437 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff)
438 
439 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \
440  (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
441 
442 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
443  (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
444 
446 #define PSA_KEY_TYPE_IS_ECC(type) \
447  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \
448  ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
449 
450 #define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \
451  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
452  PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
453 
454 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
455  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
456  PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
457 
459 #define PSA_KEY_TYPE_GET_CURVE(type) \
460  ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
461  ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
462  0))
463 
464 /* The encoding of curve identifiers is currently aligned with the
465  * TLS Supported Groups Registry (formerly known as the
466  * TLS EC Named Curve Registry)
467  * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
468  * The values are defined by RFC 8422 and RFC 7027. */
469 #define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
470 #define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
471 #define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
472 #define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004)
473 #define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005)
474 #define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006)
475 #define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007)
476 #define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008)
477 #define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009)
478 #define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a)
479 #define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b)
480 #define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c)
481 #define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d)
482 #define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e)
483 #define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f)
484 #define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010)
485 #define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011)
486 #define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012)
487 #define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013)
488 #define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014)
489 #define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015)
490 #define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016)
491 #define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017)
492 #define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018)
493 #define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019)
494 #define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a)
495 #define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b)
496 #define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
497 #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
498 #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
499 
501 #define PSA_KEY_TYPE_DH_PUBLIC_KEY ((psa_key_type_t)0x60040000)
502 
503 #define PSA_KEY_TYPE_DH_KEYPAIR ((psa_key_type_t)0x70040000)
504 
506 #define PSA_KEY_TYPE_IS_DH(type) \
507  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DH_PUBLIC_KEY)
508 
527 #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
528  ( \
529  (type) == PSA_KEY_TYPE_AES ? 16 : \
530  (type) == PSA_KEY_TYPE_DES ? 8 : \
531  (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \
532  (type) == PSA_KEY_TYPE_ARC4 ? 1 : \
533  0)
534 
535 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
536 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
537 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000)
538 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000)
539 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
540 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000)
541 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000)
542 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000)
543 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000)
544 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000)
545 
546 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
547  (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
548 
557 #define PSA_ALG_IS_HASH(alg) \
558  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
559 
568 #define PSA_ALG_IS_MAC(alg) \
569  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
570 
579 #define PSA_ALG_IS_CIPHER(alg) \
580  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
581 
591 #define PSA_ALG_IS_AEAD(alg) \
592  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
593 
602 #define PSA_ALG_IS_SIGN(alg) \
603  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
604 
613 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
614  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
615 
616 #define PSA_ALG_KEY_SELECTION_FLAG ((psa_algorithm_t)0x01000000)
617 
625 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
626  (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) == \
627  PSA_ALG_CATEGORY_KEY_AGREEMENT)
628 
637 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
638  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
639 
648 #define PSA_ALG_IS_KEY_SELECTION(alg) \
649  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION)
650 
651 #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
652 
653 #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
654 #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
655 #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
656 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004)
657 #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005)
658 
659 #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008)
660 
661 #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009)
662 
663 #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a)
664 
665 #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b)
666 
667 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c)
668 
669 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d)
670 
671 #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010)
672 
673 #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011)
674 
675 #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012)
676 
677 #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
678 
712 #define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff)
713 
714 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
715 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000)
716 
727 #define PSA_ALG_HMAC(hash_alg) \
728  (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
729 
730 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
731  (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
732 
743 #define PSA_ALG_IS_HMAC(alg) \
744  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
745  PSA_ALG_HMAC_BASE)
746 
747 /* In the encoding of a MAC algorithm, the bits corresponding to
748  * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
749  * truncated. As an exception, the value 0 means the untruncated algorithm,
750  * whatever its length is. The length is encoded in 6 bits, so it can
751  * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
752  * to full length is correctly encoded as 0 and any non-trivial truncation
753  * is correctly encoded as a value between 1 and 63. */
754 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00)
755 #define PSA_MAC_TRUNCATION_OFFSET 8
756 
790 #define PSA_ALG_TRUNCATED_MAC(alg, mac_length) \
791  (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \
792  ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
793 
806 #define PSA_ALG_FULL_LENGTH_MAC(alg) \
807  ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
808 
820 #define PSA_MAC_TRUNCATED_LENGTH(alg) \
821  (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
822 
823 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
824 #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
825 #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002)
826 #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003)
827 
836 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
837  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
838  PSA_ALG_CIPHER_MAC_BASE)
839 
840 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
841 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
842 
855 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
856  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
857  (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
858 
861 #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001)
862 
870 #define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001)
871 
872 #define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002)
873 
874 #define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003)
875 
882 #define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff)
883 
891 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100)
892 
899 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101)
900 
901 #define PSA_ALG_CCM ((psa_algorithm_t)0x06001001)
902 #define PSA_ALG_GCM ((psa_algorithm_t)0x06001002)
903 
904 /* In the encoding of a AEAD algorithm, the bits corresponding to
905  * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
906  * The constants for default lengths follow this encoding.
907  */
908 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00)
909 #define PSA_AEAD_TAG_LENGTH_OFFSET 8
910 
929 #define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length) \
930  (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \
931  ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
932  PSA_ALG_AEAD_TAG_LENGTH_MASK))
933 
942 #define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) \
943  ( \
944  PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM) \
945  PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM) \
946  0)
947 #define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \
948  PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \
949  PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \
950  ref :
951 
952 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000)
953 
968 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
969  (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
970 
976 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
977 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
978  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
979 
980 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000)
981 
999 #define PSA_ALG_RSA_PSS(hash_alg) \
1000  (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1001 #define PSA_ALG_IS_RSA_PSS(alg) \
1002  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1003 
1004 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000)
1005 
1019 #define PSA_ALG_DSA(hash_alg) \
1020  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1021 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000)
1022 #define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000)
1023 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
1024  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1025 #define PSA_ALG_IS_DSA(alg) \
1026  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
1027  PSA_ALG_DSA_BASE)
1028 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
1029  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
1030 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
1031  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
1032 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
1033  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
1034 
1035 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000)
1036 
1056 #define PSA_ALG_ECDSA(hash_alg) \
1057  (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1058 
1067 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1068 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000)
1069 
1091 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1092  (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1093 #define PSA_ALG_IS_ECDSA(alg) \
1094  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
1095  PSA_ALG_ECDSA_BASE)
1096 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1097  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
1098 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1099  (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1100 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1101  (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1102 
1116 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1117  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1118  PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
1119 
1138 #define PSA_ALG_SIGN_GET_HASH(alg) \
1139  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1140  ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \
1141  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1142  0)
1143 
1146 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000)
1147 
1148 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000)
1149 
1163 #define PSA_ALG_RSA_OAEP(hash_alg) \
1164  (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1165 #define PSA_ALG_IS_RSA_OAEP(alg) \
1166  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1167 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1168  (PSA_ALG_IS_RSA_OAEP(alg) ? \
1169  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1170  0)
1171 
1172 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100)
1173 
1193 #define PSA_ALG_HKDF(hash_alg) \
1194  (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1195 
1206 #define PSA_ALG_IS_HKDF(alg) \
1207  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1208 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1209  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1210 
1211 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200)
1212 
1234 #define PSA_ALG_TLS12_PRF(hash_alg) \
1235  (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1236 
1245 #define PSA_ALG_IS_TLS12_PRF(alg) \
1246  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1247 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1248  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1249 
1250 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300)
1251 
1274 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
1275  (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1276 
1285 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
1286  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
1287 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
1288  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1289 
1290 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x080fffff)
1291 #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10f00000)
1292 
1307 #define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
1308  ((ka_alg) | (kdf_alg))
1309 
1310 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
1311  (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
1312 
1313 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
1314  (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
1315 
1316 #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
1317  (PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
1318 
1319 #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
1320  ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
1321 
1330 #define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000)
1331 
1343 #define PSA_ALG_IS_FFDH(alg) \
1344  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
1345 
1371 #define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000)
1372 
1386 #define PSA_ALG_IS_ECDH(alg) \
1387  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
1388 
1402 #define PSA_ALG_IS_WILDCARD(alg) \
1403  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1404  PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
1405  (alg) == PSA_ALG_ANY_HASH)
1406 
1420 #define PSA_ALG_IS_WILDCARD(alg) \
1421  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1422  PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
1423  (alg) == PSA_ALG_ANY_HASH)
1424 
1434 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
1435 
1448 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
1449 
1467 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
1468 
1478 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
1479 
1489 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
1490 
1499 #define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400)
1500 
1509 #define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800)
1510 
1513 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000)
1514 
1525 #define PSA_KDF_STEP_SECRET ((psa_key_derivation_step_t)0x0101)
1526 
1531 #define PSA_KDF_STEP_LABEL ((psa_key_derivation_step_t)0x0201)
1532 
1537 #define PSA_KDF_STEP_SALT ((psa_key_derivation_step_t)0x0202)
1538 
1543 #define PSA_KDF_STEP_INFO ((psa_key_derivation_step_t)0x0203)
1544 
1547 #endif /* PSA_CRYPTO_VALUES_H */