25 #include "crypto_platform.h" 29 #ifdef __DOXYGEN_ONLY__ 64 #if defined(PSA_SUCCESS) 88 #define PSA_SUCCESS ((psa_status_t)0) 97 #define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1) 106 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2) 119 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3) 131 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4) 139 #define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5) 147 #define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6) 159 #define PSA_ERROR_BAD_STATE ((psa_status_t)7) 170 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8) 176 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9) 185 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10) 202 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11) 227 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12) 233 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13) 264 #define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14) 283 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15) 293 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16) 309 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)17) 315 #define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18) 335 #define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) 336 #define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) 352 #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) 361 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) 363 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) 369 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000) 371 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000) 372 #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000) 373 #define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000) 383 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) 390 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x02000101) 397 #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x04000001) 408 #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x04000002) 412 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x04000003) 418 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x04000004) 421 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x06010000) 423 #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x07010000) 426 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x06020000) 428 #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x07020000) 430 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x06030000) 431 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x07030000) 432 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) 434 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ 435 (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) 437 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ 438 (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) 441 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ 442 (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) 445 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ 446 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) 448 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ 449 (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ 450 PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) 453 #define PSA_KEY_TYPE_IS_KEYPAIR(type) \ 454 (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ 455 (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG)) 457 #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ 458 ((type) | PSA_KEY_TYPE_PAIR_FLAG) 460 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ 461 ((type) & ~PSA_KEY_TYPE_PAIR_FLAG) 463 #define PSA_KEY_TYPE_IS_RSA(type) \ 464 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) 467 #define PSA_KEY_TYPE_IS_ECC(type) \ 468 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ 469 ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) 470 #define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \ 471 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ 472 PSA_KEY_TYPE_ECC_KEYPAIR_BASE) 473 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ 474 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ 475 PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) 480 #define PSA_KEY_TYPE_GET_CURVE(type) \ 481 ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ 482 ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ 490 #define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) 491 #define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) 492 #define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) 493 #define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) 494 #define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) 495 #define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) 496 #define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) 497 #define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) 498 #define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) 499 #define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) 500 #define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) 501 #define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) 502 #define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) 503 #define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) 504 #define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) 505 #define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) 506 #define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) 507 #define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) 508 #define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) 509 #define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) 510 #define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) 511 #define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) 512 #define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) 513 #define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) 514 #define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) 515 #define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) 516 #define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) 517 #define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) 518 #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) 519 #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) 520 #define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100) 521 #define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101) 522 #define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102) 523 #define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103) 524 #define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104) 544 #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ 546 (type) == PSA_KEY_TYPE_AES ? 16 : \ 547 (type) == PSA_KEY_TYPE_DES ? 8 : \ 548 (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ 549 (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ 562 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) 563 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) 564 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) 565 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) 566 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) 567 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) 568 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) 569 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) 570 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000) 571 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000) 573 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \ 574 (((alg) & PSA_ALG_VENDOR_FLAG) != 0) 584 #define PSA_ALG_IS_HASH(alg) \ 585 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) 595 #define PSA_ALG_IS_MAC(alg) \ 596 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) 606 #define PSA_ALG_IS_CIPHER(alg) \ 607 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) 618 #define PSA_ALG_IS_AEAD(alg) \ 619 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) 629 #define PSA_ALG_IS_SIGN(alg) \ 630 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) 640 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ 641 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) 651 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \ 652 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) 662 #define PSA_ALG_IS_KEY_DERIVATION(alg) \ 663 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) 665 #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) 666 #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) 667 #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) 668 #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) 669 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) 670 #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) 672 #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) 674 #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) 676 #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) 678 #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) 680 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) 682 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) 684 #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) 686 #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) 688 #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) 690 #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) 692 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) 693 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) 705 #define PSA_ALG_HMAC(hash_alg) \ 706 (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 708 #define PSA_ALG_HMAC_HASH(hmac_alg) \ 709 (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) 721 #define PSA_ALG_IS_HMAC(alg) \ 722 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ 725 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) 726 #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) 727 #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) 728 #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) 738 #define PSA_ALG_IS_CIPHER_MAC(alg) \ 739 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ 740 PSA_ALG_CIPHER_MAC_BASE) 742 #define PSA_ALG_CIPHER_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) 743 #define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000000) 744 #define PSA_ALG_BLOCK_CIPHER_MODE_MASK ((psa_algorithm_t)0x000000ff) 745 #define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x003f0000) 752 #define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000) 754 #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000) 776 #define PSA_ALG_IS_BLOCK_CIPHER(alg) \ 777 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ 778 PSA_ALG_BLOCK_CIPHER_BASE) 782 #define PSA_ALG_CBC_BASE ((psa_algorithm_t)0x04000001) 783 #define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002) 784 #define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003) 785 #define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) 787 #define PSA_ALG_STREAM_CIPHER_BASE ((psa_algorithm_t)0x04800000) 796 #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) 800 #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) 814 #define PSA_ALG_IS_STREAM_CIPHER(alg) \ 815 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ 816 PSA_ALG_STREAM_CIPHER_BASE) 818 #define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) 819 #define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) 821 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) 835 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ 836 (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 843 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE 844 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ 845 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) 847 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) 864 #define PSA_ALG_RSA_PSS(hash_alg) \ 865 (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 866 #define PSA_ALG_IS_RSA_PSS(alg) \ 867 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) 869 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) 882 #define PSA_ALG_DSA(hash_alg) \ 883 (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 884 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) 885 #define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) 886 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ 887 (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 888 #define PSA_ALG_IS_DSA(alg) \ 889 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ 891 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ 892 (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) 893 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ 894 (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) 895 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ 896 (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) 898 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) 917 #define PSA_ALG_ECDSA(hash_alg) \ 918 (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 928 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE 929 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) 950 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ 951 (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 952 #define PSA_ALG_IS_ECDSA(alg) \ 953 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ 955 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ 956 (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) 957 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ 958 (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) 959 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ 960 (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) 980 #define PSA_ALG_SIGN_GET_HASH(alg) \ 981 (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ 982 PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ 983 ((alg) & PSA_ALG_HASH_MASK) == 0 ? 0 : \ 984 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 989 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) 991 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) 1006 #define PSA_ALG_RSA_OAEP(hash_alg) \ 1007 (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 1008 #define PSA_ALG_IS_RSA_OAEP(alg) \ 1009 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) 1010 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ 1011 (PSA_ALG_IS_RSA_OAEP(alg) ? \ 1012 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 1015 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100) 1027 #define PSA_ALG_HKDF(hash_alg) \ 1028 (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 1040 #define PSA_ALG_IS_HKDF(alg) \ 1041 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) 1042 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ 1043 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) 1081 psa_key_type_t type,
1082 const uint8_t *data,
1083 size_t data_length);
1139 psa_key_type_t *type,
1185 size_t *data_length);
1216 size_t *data_length);
1238 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) 1249 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) 1260 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) 1270 #define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) 1280 #define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) 1284 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) 1311 psa_key_usage_t usage,
1312 psa_algorithm_t alg);
1379 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) 1384 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) 1389 #define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) 1407 psa_key_lifetime_t *lifetime);
1434 psa_key_lifetime_t lifetime);
1463 #define PSA_HASH_SIZE(alg) \ 1465 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \ 1466 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \ 1467 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \ 1468 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ 1469 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ 1470 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ 1471 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ 1472 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ 1473 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ 1474 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ 1475 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ 1476 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ 1477 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ 1478 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ 1479 PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ 1518 psa_algorithm_t alg);
1540 const uint8_t *input,
1541 size_t input_length);
1583 size_t *hash_length);
1617 const uint8_t *hash,
1618 size_t hash_length);
1709 psa_algorithm_t alg);
1757 psa_algorithm_t alg);
1781 const uint8_t *input,
1782 size_t input_length);
1825 size_t *mac_length);
1953 psa_algorithm_t alg);
2002 psa_algorithm_t alg);
2068 const unsigned char *iv,
2104 const uint8_t *input,
2105 size_t input_length,
2106 unsigned char *output,
2108 size_t *output_length);
2144 size_t *output_length);
2197 #define PSA_AEAD_TAG_SIZE(alg) \ 2198 ((alg) == PSA_ALG_GCM ? 16 : \ 2199 (alg) == PSA_ALG_CCM ? 16 : \ 2244 psa_algorithm_t alg,
2245 const uint8_t *nonce,
2246 size_t nonce_length,
2247 const uint8_t *additional_data,
2248 size_t additional_data_length,
2249 const uint8_t *plaintext,
2250 size_t plaintext_length,
2251 uint8_t *ciphertext,
2252 size_t ciphertext_size,
2253 size_t *ciphertext_length);
2297 psa_algorithm_t alg,
2298 const uint8_t *nonce,
2299 size_t nonce_length,
2300 const uint8_t *additional_data,
2301 size_t additional_data_length,
2302 const uint8_t *ciphertext,
2303 size_t ciphertext_length,
2305 size_t plaintext_size,
2306 size_t *plaintext_length);
2322 #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ 2323 (PSA_BITS_TO_BYTES(curve_bits) * 2) 2360 psa_algorithm_t alg,
2361 const uint8_t *hash,
2364 size_t signature_size,
2365 size_t *signature_length);
2399 psa_algorithm_t alg,
2400 const uint8_t *hash,
2402 const uint8_t *signature,
2403 size_t signature_length);
2405 #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ 2406 (PSA_ALG_IS_RSA_OAEP(alg) ? \ 2407 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ 2453 psa_algorithm_t alg,
2454 const uint8_t *input,
2455 size_t input_length,
2456 const uint8_t *salt,
2460 size_t *output_length);
2505 psa_algorithm_t alg,
2506 const uint8_t *input,
2507 size_t input_length,
2508 const uint8_t *salt,
2512 size_t *output_length);
2556 #ifdef __DOXYGEN_ONLY__ 2560 #define PSA_CRYPTO_GENERATOR_INIT {0} 2609 size_t output_length);
2655 psa_key_type_t type,
2729 psa_algorithm_t alg,
2730 const uint8_t *salt,
2732 const uint8_t *label,
2733 size_t label_length,
2762 size_t output_size);
2816 psa_key_type_t type,
2833 #include "crypto_struct.h" 2837 #include "crypto_extra.h" psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
psa_status_t psa_generate_random(uint8_t *output, size_t output_size)
Generate random bytes.
psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a short message with a public key.
psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy)
Get the usage policy for a key slot.
psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy)
Retrieve the usage field of a policy structure.
psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, const uint8_t *label, size_t label_length, size_t capacity)
uint16_t psa_ecc_curve_t
Definition: crypto.h:478
psa_status_t psa_generator_abort(psa_crypto_generator_t *generator)
psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy)
Set the usage policy on a key slot.
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, unsigned char *output, size_t output_size, size_t *output_length)
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const unsigned char *iv, size_t iv_length)
psa_status_t psa_generator_read(psa_crypto_generator_t *generator, uint8_t *output, size_t output_length)
psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime)
Change the lifetime of a key slot.
psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_destroy_key(psa_key_slot_t key)
Destroy a key and restore the slot to its default state.
psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, size_t *bits)
Get basic metadata about a key.
psa_status_t psa_crypto_init(void)
Library initialization.
psa_status_t psa_generator_import_key(psa_key_slot_t key, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator)
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, unsigned char *iv, size_t iv_size, size_t *iv_length)
psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length)
psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a hash or short message with a private key.
void psa_key_policy_init(psa_key_policy_t *policy)
Initialize a key policy structure to a default that forbids all usage of the key. ...
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto.h:560
struct psa_hash_operation_s psa_hash_operation_t
Definition: crypto.h:1447
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg)
psa_status_t psa_aead_decrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, size_t data_length)
Import a key in binary format.
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto.h:1225
psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime)
Retrieve the lifetime of a key slot.
struct psa_key_policy_s psa_key_policy_t
Definition: crypto.h:1291
psa_status_t psa_aead_encrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
Verify the signature a hash or short message using a public key.
void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage, psa_algorithm_t alg)
Set the standard fields of a policy structure.
psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, size_t bits, const void *extra, size_t extra_size)
Generate a key or key pair.
psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a key in binary format.
PSA cryptography module: Mbed TLS buffer size macros.
psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
struct psa_cipher_operation_s psa_cipher_operation_t
Definition: crypto.h:1903
uint32_t psa_key_type_t
Encoding of a key type.
Definition: crypto.h:346
psa_status_t psa_export_public_key(psa_key_slot_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a public key or the public part of a key pair in binary format.
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a short message with a private key.
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
struct psa_mac_operation_s psa_mac_operation_t
Definition: crypto.h:1660
uint32_t psa_key_lifetime_t
Definition: crypto.h:1374
psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy)
Retrieve the algorithm field of a policy structure.
psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, size_t *capacity)
int32_t psa_status_t
Function return status.
Definition: crypto.h:85
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
struct psa_crypto_generator_s psa_crypto_generator_t
Definition: crypto.h:2549
psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)