|
Platform Security Architecture — cryptography and keystore interface
Working draft
|
PSA cryptography module: Mbed TLS buffer size macros. More...
#include "../mbedtls/config.h"

Go to the source code of this file.
Macros | |
| #define | PSA_HASH_MAX_SIZE 64 |
| #define | PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 |
| #define | PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE |
| #define | PSA_VENDOR_RSA_MAX_KEY_BITS 4096 |
| #define | PSA_VENDOR_ECC_MAX_CURVE_BITS 521 |
| #define | PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE |
| #define | PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) |
| #define | PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) |
| #define | PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) |
| #define | PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) |
| #define | PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) |
| #define | PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) |
PSA cryptography module: Mbed TLS buffer size macros.
This file contains the definitions of macros that are useful to compute buffer sizes. The signatures and semantics of these macros are standardized, but the definitions are not, because they depend on the available algorithms and, in some cases, on permitted tolerances on buffer sizes.
In implementations with isolation between the application and the cryptography module, implementers should take care to ensure that the definitions that are exposed to applications match what the module implements.
Macros that compute sizes whose values do not depend on the implementation are in crypto.h.
| #define PSA_AEAD_DECRYPT_OUTPUT_SIZE | ( | alg, | |
| ciphertext_length | |||
| ) |
The maximum size of the output of psa_aead_decrypt(), in bytes.
If the size of the plaintext buffer is at least this large, it is guaranteed that psa_aead_decrypt() will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the plaintext may be smaller.
| alg | An AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true). |
| ciphertext_length | Size of the plaintext in bytes. |
| #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE | ( | alg, | |
| plaintext_length | |||
| ) |
The maximum size of the output of psa_aead_encrypt(), in bytes.
If the size of the ciphertext buffer is at least this large, it is guaranteed that psa_aead_encrypt() will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the ciphertext may be smaller.
| alg | An AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true). |
| plaintext_length | Size of the plaintext in bytes. |
| #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE | ( | key_type, | |
| key_bits, | |||
| alg | |||
| ) |
Safe output buffer size for psa_asymmetric_decrypt().
This macro returns a safe buffer size for a ciphertext produced using a key of the specified type and size, with the specified algorithm. Note that the actual size of the ciphertext may be smaller, depending on the algorithm.
| key_type | An asymmetric key type (this may indifferently be a key pair type or a public key type). |
| key_bits | The size of the key in bits. |
| alg | The signature algorithm. |
| #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE | ( | key_type, | |
| key_bits, | |||
| alg | |||
| ) |
Safe output buffer size for psa_asymmetric_encrypt().
This macro returns a safe buffer size for a ciphertext produced using a key of the specified type and size, with the specified algorithm. Note that the actual size of the ciphertext may be smaller, depending on the algorithm.
| key_type | An asymmetric key type (this may indifferently be a key pair type or a public key type). |
| key_bits | The size of the key in bits. |
| alg | The signature algorithm. |
| #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE | ( | key_type, | |
| key_bits, | |||
| alg | |||
| ) |
Safe signature buffer size for psa_asymmetric_sign().
This macro returns a safe buffer size for a signature using a key of the specified type and size, with the specified algorithm. Note that the actual size of the signature may be smaller (some algorithms produce a variable-size signature).
| key_type | An asymmetric key type (this may indifferently be a key pair type or a public key type). |
| key_bits | The size of the key in bits. |
| alg | The signature algorithm. |
| #define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE |
Maximum size of an asymmetric signature.
This macro must expand to a compile-time constant integer. This value should be the maximum size of a MAC supported by the implementation, in bytes, and must be no smaller than this maximum.
| #define PSA_HASH_MAX_SIZE 64 |
Maximum size of a hash.
This macro must expand to a compile-time constant integer. This value should be the maximum size of a hash supported by the implementation, in bytes, and must be no smaller than this maximum.
| #define PSA_MAC_FINAL_SIZE | ( | key_type, | |
| key_bits, | |||
| alg | |||
| ) |
The size of the output of psa_mac_sign_finish(), in bytes.
This is also the MAC size that psa_mac_verify_finish() expects.
| key_type | The type of the MAC key. |
| key_bits | The size of the MAC key in bits. |
| alg | A MAC algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_MAC(alg) is true). |
| #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE |
Maximum size of a MAC.
This macro must expand to a compile-time constant integer. This value should be the maximum size of a MAC supported by the implementation, in bytes, and must be no smaller than this maximum.
1.8.13