Platform Security Architecture — cryptography and keystore interface  Working draft
crypto.h
Go to the documentation of this file.
1 
5 /*
6  * Copyright (C) 2018, ARM Limited, All Rights Reserved
7  * SPDX-License-Identifier: Apache-2.0
8  *
9  * Licensed under the Apache License, Version 2.0 (the "License"); you may
10  * not use this file except in compliance with the License.
11  * You may obtain a copy of the License at
12  *
13  * http://www.apache.org/licenses/LICENSE-2.0
14  *
15  * Unless required by applicable law or agreed to in writing, software
16  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18  * See the License for the specific language governing permissions and
19  * limitations under the License.
20  */
21 
22 #ifndef PSA_CRYPTO_H
23 #define PSA_CRYPTO_H
24 
25 #include "crypto_platform.h"
26 
27 #include <stddef.h>
28 
29 #ifdef __DOXYGEN_ONLY__
30 /* This __DOXYGEN_ONLY__ block contains mock definitions for things that
31  * must be defined in the crypto_platform.h header. These mock definitions
32  * are present in this file as a convenience to generate pretty-printed
33  * documentation that includes those definitions. */
34 
51 typedef _unsigned_integral_type_ psa_key_slot_t;
52 
54 #endif /* __DOXYGEN_ONLY__ */
55 
56 #ifdef __cplusplus
57 extern "C" {
58 #endif
59 
64 #if defined(PSA_SUCCESS)
65 /* If PSA_SUCCESS is defined, assume that PSA crypto is being used
66  * together with PSA IPC, which also defines the identifier
67  * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
68  * the other error code names don't clash. Also define psa_status_t as
69  * an alias for the type used by PSA IPC. This is a temporary hack
70  * until we unify error reporting in PSA IPC and PSA crypto.
71  *
72  * Note that psa_defs.h must be included before this header!
73  */
74 typedef psa_error_t psa_status_t;
75 
76 #else /* defined(PSA_SUCCESS) */
77 
85 typedef int32_t psa_status_t;
86 
88 #define PSA_SUCCESS ((psa_status_t)0)
89 
90 #endif /* !defined(PSA_SUCCESS) */
91 
97 #define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1)
98 
106 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2)
107 
119 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3)
120 
131 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4)
132 
139 #define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5)
140 
147 #define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6)
148 
159 #define PSA_ERROR_BAD_STATE ((psa_status_t)7)
160 
170 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8)
171 
176 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9)
177 
185 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10)
186 
202 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
203 
227 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12)
228 
233 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13)
234 
264 #define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14)
265 
283 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15)
284 
293 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16)
294 
309 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)17)
310 
315 #define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
316 
333 psa_status_t psa_crypto_init(void);
334 
335 #define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
336 #define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
337 
346 typedef uint32_t psa_key_type_t;
347 
352 #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000)
353 
361 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000)
362 
363 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000)
364 
369 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000)
370 
371 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000)
372 #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000)
373 #define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000)
374 
383 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001)
384 
390 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x02000101)
391 
397 #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x04000001)
398 
408 #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x04000002)
409 
412 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x04000003)
413 
418 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x04000004)
419 
421 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x06010000)
422 
423 #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x07010000)
424 
426 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x06020000)
427 
428 #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x07020000)
429 
430 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x06030000)
431 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x07030000)
432 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff)
433 
434 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \
435  (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
436 
437 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
438  (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
439 
441 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
442  (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
443 
445 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
446  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
447 
448 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
449  (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
450  PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
451 
453 #define PSA_KEY_TYPE_IS_KEYPAIR(type) \
454  (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
455  (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG))
456 
457 #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \
458  ((type) | PSA_KEY_TYPE_PAIR_FLAG)
459 
460 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
461  ((type) & ~PSA_KEY_TYPE_PAIR_FLAG)
462 
463 #define PSA_KEY_TYPE_IS_RSA(type) \
464  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
465 
467 #define PSA_KEY_TYPE_IS_ECC(type) \
468  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \
469  ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
470 #define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \
471  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
472  PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
473 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
474  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
475  PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
476 
478 typedef uint16_t psa_ecc_curve_t;
480 #define PSA_KEY_TYPE_GET_CURVE(type) \
481  ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
482  ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
483  0))
484 
485 /* The encoding of curve identifiers is currently aligned with the
486  * TLS Supported Groups Registry (formerly known as the
487  * TLS EC Named Curve Registry)
488  * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
489  * The values are defined by RFC 4492, RFC 7027 and RFC 7919. */
490 #define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
491 #define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
492 #define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
493 #define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004)
494 #define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005)
495 #define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006)
496 #define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007)
497 #define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008)
498 #define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009)
499 #define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a)
500 #define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b)
501 #define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c)
502 #define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d)
503 #define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e)
504 #define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f)
505 #define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010)
506 #define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011)
507 #define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012)
508 #define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013)
509 #define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014)
510 #define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015)
511 #define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016)
512 #define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017)
513 #define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018)
514 #define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019)
515 #define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a)
516 #define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b)
517 #define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
518 #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
519 #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
520 #define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100)
521 #define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101)
522 #define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102)
523 #define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103)
524 #define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104)
525 
544 #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
545  ( \
546  (type) == PSA_KEY_TYPE_AES ? 16 : \
547  (type) == PSA_KEY_TYPE_DES ? 8 : \
548  (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \
549  (type) == PSA_KEY_TYPE_ARC4 ? 1 : \
550  0)
551 
560 typedef uint32_t psa_algorithm_t;
561 
562 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
563 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
564 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000)
565 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000)
566 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
567 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000)
568 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000)
569 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000)
570 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000)
571 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000)
572 
573 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
574  (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
575 
584 #define PSA_ALG_IS_HASH(alg) \
585  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
586 
595 #define PSA_ALG_IS_MAC(alg) \
596  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
597 
606 #define PSA_ALG_IS_CIPHER(alg) \
607  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
608 
618 #define PSA_ALG_IS_AEAD(alg) \
619  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
620 
629 #define PSA_ALG_IS_SIGN(alg) \
630  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
631 
640 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
641  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
642 
651 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
652  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
653 
662 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
663  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
664 
665 #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
666 #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
667 #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
668 #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
669 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004)
670 #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005)
671 
672 #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008)
673 
674 #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009)
675 
676 #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a)
677 
678 #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b)
679 
680 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c)
681 
682 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d)
683 
684 #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010)
685 
686 #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011)
687 
688 #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012)
689 
690 #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
691 
692 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
693 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000)
694 
705 #define PSA_ALG_HMAC(hash_alg) \
706  (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
707 
708 #define PSA_ALG_HMAC_HASH(hmac_alg) \
709  (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
710 
721 #define PSA_ALG_IS_HMAC(alg) \
722  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
723  PSA_ALG_HMAC_BASE)
724 
725 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
726 #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
727 #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002)
728 #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003)
729 
738 #define PSA_ALG_IS_CIPHER_MAC(alg) \
739  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
740  PSA_ALG_CIPHER_MAC_BASE)
741 
742 #define PSA_ALG_CIPHER_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
743 #define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000000)
744 #define PSA_ALG_BLOCK_CIPHER_MODE_MASK ((psa_algorithm_t)0x000000ff)
745 #define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x003f0000)
746 
752 #define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000)
753 
754 #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000)
755 
776 #define PSA_ALG_IS_BLOCK_CIPHER(alg) \
777  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
778  PSA_ALG_BLOCK_CIPHER_BASE)
779 
782 #define PSA_ALG_CBC_BASE ((psa_algorithm_t)0x04000001)
783 #define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002)
784 #define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003)
785 #define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004)
786 
787 #define PSA_ALG_STREAM_CIPHER_BASE ((psa_algorithm_t)0x04800000)
788 
796 #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001)
797 
800 #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002)
801 
814 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
815  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
816  PSA_ALG_STREAM_CIPHER_BASE)
817 
818 #define PSA_ALG_CCM ((psa_algorithm_t)0x06000001)
819 #define PSA_ALG_GCM ((psa_algorithm_t)0x06000002)
820 
821 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000)
822 
835 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
836  (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
837 
843 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
844 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
845  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
846 
847 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000)
848 
864 #define PSA_ALG_RSA_PSS(hash_alg) \
865  (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
866 #define PSA_ALG_IS_RSA_PSS(alg) \
867  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
868 
869 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000)
870 
882 #define PSA_ALG_DSA(hash_alg) \
883  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
884 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000)
885 #define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000)
886 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
887  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
888 #define PSA_ALG_IS_DSA(alg) \
889  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
890  PSA_ALG_DSA_BASE)
891 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
892  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
893 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
894  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
895 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
896  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
897 
898 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000)
899 
917 #define PSA_ALG_ECDSA(hash_alg) \
918  (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
919 
928 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
929 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000)
930 
950 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
951  (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
952 #define PSA_ALG_IS_ECDSA(alg) \
953  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
954  PSA_ALG_ECDSA_BASE)
955 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
956  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
957 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
958  (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
959 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
960  (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
961 
980 #define PSA_ALG_SIGN_GET_HASH(alg) \
981  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
982  PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \
983  ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \
984  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
985  0)
986 
989 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000)
990 
991 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000)
992 
1006 #define PSA_ALG_RSA_OAEP(hash_alg) \
1007  (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1008 #define PSA_ALG_IS_RSA_OAEP(alg) \
1009  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1010 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1011  (PSA_ALG_IS_RSA_OAEP(alg) ? \
1012  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1013  0)
1014 
1015 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100)
1016 
1027 #define PSA_ALG_HKDF(hash_alg) \
1028  (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1029 
1040 #define PSA_ALG_IS_HKDF(alg) \
1041  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1042 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1043  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1044 
1080 psa_status_t psa_import_key(psa_key_slot_t key,
1081  psa_key_type_t type,
1082  const uint8_t *data,
1083  size_t data_length);
1084 
1118 psa_status_t psa_destroy_key(psa_key_slot_t key);
1119 
1138 psa_status_t psa_get_key_information(psa_key_slot_t key,
1139  psa_key_type_t *type,
1140  size_t *bits);
1141 
1182 psa_status_t psa_export_key(psa_key_slot_t key,
1183  uint8_t *data,
1184  size_t data_size,
1185  size_t *data_length);
1186 
1213 psa_status_t psa_export_public_key(psa_key_slot_t key,
1214  uint8_t *data,
1215  size_t data_size,
1216  size_t *data_length);
1217 
1225 typedef uint32_t psa_key_usage_t;
1226 
1238 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
1239 
1249 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
1250 
1260 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
1261 
1270 #define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400)
1271 
1280 #define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800)
1281 
1284 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000)
1285 
1291 typedef struct psa_key_policy_s psa_key_policy_t;
1292 
1299 
1311  psa_key_usage_t usage,
1312  psa_algorithm_t alg);
1313 
1320 psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy);
1321 
1328 psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
1329 
1350 psa_status_t psa_set_key_policy(psa_key_slot_t key,
1351  const psa_key_policy_t *policy);
1352 
1363 psa_status_t psa_get_key_policy(psa_key_slot_t key,
1364  psa_key_policy_t *policy);
1365 
1374 typedef uint32_t psa_key_lifetime_t;
1375 
1379 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
1380 
1384 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
1385 
1389 #define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff)
1390 
1406 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
1407  psa_key_lifetime_t *lifetime);
1408 
1433 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
1434  psa_key_lifetime_t lifetime);
1435 
1447 typedef struct psa_hash_operation_s psa_hash_operation_t;
1448 
1463 #define PSA_HASH_SIZE(alg) \
1464  ( \
1465  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \
1466  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \
1467  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \
1468  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
1469  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
1470  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
1471  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
1472  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
1473  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
1474  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
1475  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
1476  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
1477  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
1478  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
1479  PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
1480  0)
1481 
1517 psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
1518  psa_algorithm_t alg);
1519 
1539 psa_status_t psa_hash_update(psa_hash_operation_t *operation,
1540  const uint8_t *input,
1541  size_t input_length);
1542 
1580 psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
1581  uint8_t *hash,
1582  size_t hash_size,
1583  size_t *hash_length);
1584 
1616 psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
1617  const uint8_t *hash,
1618  size_t hash_length);
1619 
1647 psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
1648 
1660 typedef struct psa_mac_operation_s psa_mac_operation_t;
1661 
1707 psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
1708  psa_key_slot_t key,
1709  psa_algorithm_t alg);
1710 
1755 psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
1756  psa_key_slot_t key,
1757  psa_algorithm_t alg);
1758 
1780 psa_status_t psa_mac_update(psa_mac_operation_t *operation,
1781  const uint8_t *input,
1782  size_t input_length);
1783 
1822 psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
1823  uint8_t *mac,
1824  size_t mac_size,
1825  size_t *mac_length);
1826 
1858 psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
1859  const uint8_t *mac,
1860  size_t mac_length);
1861 
1890 psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
1891 
1903 typedef struct psa_cipher_operation_s psa_cipher_operation_t;
1904 
1951 psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
1952  psa_key_slot_t key,
1953  psa_algorithm_t alg);
1954 
2000 psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
2001  psa_key_slot_t key,
2002  psa_algorithm_t alg);
2003 
2032 psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
2033  unsigned char *iv,
2034  size_t iv_size,
2035  size_t *iv_length);
2036 
2067 psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
2068  const unsigned char *iv,
2069  size_t iv_length);
2070 
2103 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
2104  const uint8_t *input,
2105  size_t input_length,
2106  unsigned char *output,
2107  size_t output_size,
2108  size_t *output_length);
2109 
2141 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
2142  uint8_t *output,
2143  size_t output_size,
2144  size_t *output_length);
2145 
2174 psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
2175 
2197 #define PSA_AEAD_TAG_SIZE(alg) \
2198  ((alg) == PSA_ALG_GCM ? 16 : \
2199  (alg) == PSA_ALG_CCM ? 16 : \
2200  0)
2201 
2243 psa_status_t psa_aead_encrypt(psa_key_slot_t key,
2244  psa_algorithm_t alg,
2245  const uint8_t *nonce,
2246  size_t nonce_length,
2247  const uint8_t *additional_data,
2248  size_t additional_data_length,
2249  const uint8_t *plaintext,
2250  size_t plaintext_length,
2251  uint8_t *ciphertext,
2252  size_t ciphertext_size,
2253  size_t *ciphertext_length);
2254 
2296 psa_status_t psa_aead_decrypt(psa_key_slot_t key,
2297  psa_algorithm_t alg,
2298  const uint8_t *nonce,
2299  size_t nonce_length,
2300  const uint8_t *additional_data,
2301  size_t additional_data_length,
2302  const uint8_t *ciphertext,
2303  size_t ciphertext_length,
2304  uint8_t *plaintext,
2305  size_t plaintext_size,
2306  size_t *plaintext_length);
2307 
2322 #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \
2323  (PSA_BITS_TO_BYTES(curve_bits) * 2)
2324 
2359 psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
2360  psa_algorithm_t alg,
2361  const uint8_t *hash,
2362  size_t hash_length,
2363  uint8_t *signature,
2364  size_t signature_size,
2365  size_t *signature_length);
2366 
2398 psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
2399  psa_algorithm_t alg,
2400  const uint8_t *hash,
2401  size_t hash_length,
2402  const uint8_t *signature,
2403  size_t signature_length);
2404 
2405 #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \
2406  (PSA_ALG_IS_RSA_OAEP(alg) ? \
2407  2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \
2408  11 /*PKCS#1v1.5*/)
2409 
2452 psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
2453  psa_algorithm_t alg,
2454  const uint8_t *input,
2455  size_t input_length,
2456  const uint8_t *salt,
2457  size_t salt_length,
2458  uint8_t *output,
2459  size_t output_size,
2460  size_t *output_length);
2461 
2504 psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
2505  psa_algorithm_t alg,
2506  const uint8_t *input,
2507  size_t input_length,
2508  const uint8_t *salt,
2509  size_t salt_length,
2510  uint8_t *output,
2511  size_t output_size,
2512  size_t *output_length);
2513 
2549 typedef struct psa_crypto_generator_s psa_crypto_generator_t;
2550 
2556 #ifdef __DOXYGEN_ONLY__
2557 /* This is an example definition for documentation purposes.
2558  * Implementations should define a suitable value in `crypto_struct.h`.
2559  */
2560 #define PSA_CRYPTO_GENERATOR_INIT {0}
2561 #endif
2562 
2565 static psa_crypto_generator_t psa_crypto_generator_init(void);
2566 
2579 psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
2580  size_t *capacity);
2581 
2607 psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
2608  uint8_t *output,
2609  size_t output_length);
2610 
2654 psa_status_t psa_generator_import_key(psa_key_slot_t key,
2655  psa_key_type_t type,
2656  size_t bits,
2657  psa_crypto_generator_t *generator);
2658 
2681 psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
2682 
2727 psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
2728  psa_key_slot_t key,
2729  psa_algorithm_t alg,
2730  const uint8_t *salt,
2731  size_t salt_length,
2732  const uint8_t *label,
2733  size_t label_length,
2734  size_t capacity);
2735 
2761 psa_status_t psa_generate_random(uint8_t *output,
2762  size_t output_size);
2763 
2769 typedef struct {
2770  uint32_t e;
2772 
2815 psa_status_t psa_generate_key(psa_key_slot_t key,
2816  psa_key_type_t type,
2817  size_t bits,
2818  const void *extra,
2819  size_t extra_size);
2820 
2823 #ifdef __cplusplus
2824 }
2825 #endif
2826 
2827 /* The file "crypto_sizes.h" contains definitions for size calculation
2828  * macros whose definitions are implementation-specific. */
2829 #include "crypto_sizes.h"
2830 
2831 /* The file "crypto_struct.h" contains definitions for
2832  * implementation-specific structs that are declared above. */
2833 #include "crypto_struct.h"
2834 
2835 /* The file "crypto_extra.h" contains vendor-specific definitions. This
2836  * can include vendor-defined algorithms, extra functions, etc. */
2837 #include "crypto_extra.h"
2838 
2839 #endif /* PSA_CRYPTO_H */
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
psa_status_t psa_generate_random(uint8_t *output, size_t output_size)
Generate random bytes.
psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a short message with a public key.
psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy)
Get the usage policy for a key slot.
psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy)
Retrieve the usage field of a policy structure.
psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, const uint8_t *label, size_t label_length, size_t capacity)
uint16_t psa_ecc_curve_t
Definition: crypto.h:478
psa_status_t psa_generator_abort(psa_crypto_generator_t *generator)
psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy)
Set the usage policy on a key slot.
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, unsigned char *output, size_t output_size, size_t *output_length)
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const unsigned char *iv, size_t iv_length)
psa_status_t psa_generator_read(psa_crypto_generator_t *generator, uint8_t *output, size_t output_length)
psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime)
Change the lifetime of a key slot.
psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_destroy_key(psa_key_slot_t key)
Destroy a key and restore the slot to its default state.
psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, size_t *bits)
Get basic metadata about a key.
psa_status_t psa_crypto_init(void)
Library initialization.
psa_status_t psa_generator_import_key(psa_key_slot_t key, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator)
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, unsigned char *iv, size_t iv_size, size_t *iv_length)
psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length)
psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a hash or short message with a private key.
void psa_key_policy_init(psa_key_policy_t *policy)
Initialize a key policy structure to a default that forbids all usage of the key. ...
uint32_t e
Definition: crypto.h:2770
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto.h:560
struct psa_hash_operation_s psa_hash_operation_t
Definition: crypto.h:1447
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg)
psa_status_t psa_aead_decrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, size_t data_length)
Import a key in binary format.
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto.h:1225
psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime)
Retrieve the lifetime of a key slot.
struct psa_key_policy_s psa_key_policy_t
Definition: crypto.h:1291
psa_status_t psa_aead_encrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
Verify the signature a hash or short message using a public key.
void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage, psa_algorithm_t alg)
Set the standard fields of a policy structure.
psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, size_t bits, const void *extra, size_t extra_size)
Generate a key or key pair.
psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a key in binary format.
PSA cryptography module: Mbed TLS buffer size macros.
psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
struct psa_cipher_operation_s psa_cipher_operation_t
Definition: crypto.h:1903
uint32_t psa_key_type_t
Encoding of a key type.
Definition: crypto.h:346
psa_status_t psa_export_public_key(psa_key_slot_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a public key or the public part of a key pair in binary format.
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a short message with a private key.
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg)
_unsigned_integral_type_ psa_key_slot_t
Key slot number.
Definition: crypto.h:51
struct psa_mac_operation_s psa_mac_operation_t
Definition: crypto.h:1660
uint32_t psa_key_lifetime_t
Definition: crypto.h:1374
psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy)
Retrieve the algorithm field of a policy structure.
psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, size_t *capacity)
int32_t psa_status_t
Function return status.
Definition: crypto.h:85
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
struct psa_crypto_generator_s psa_crypto_generator_t
Definition: crypto.h:2549
psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)
Definition: crypto.h:2769