TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / e26ccadad2903200a70e2bda85902c009246a59a / . / docs / html / api / ops / sign.html
blob: 00439ff6110226823310ccbe1205367aa8139463 [file] [log] [blame]
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]1
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]2<!DOCTYPE html>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]3
4<html xmlns="http://www.w3.org/1999/xhtml">
5 <head>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]6 <meta charset="utf-8" />
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]7 <title>10.7. Asymmetric signature &#8212; PSA Crypto API 1.0.1 documentation</title>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]8 <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
9 <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]10 <script type="text/javascript" id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]11 <script type="text/javascript" src="../../_static/jquery.js"></script>
12 <script type="text/javascript" src="../../_static/underscore.js"></script>
13 <script type="text/javascript" src="../../_static/doctools.js"></script>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]14 <script type="text/javascript" src="../../_static/language_data.js"></script>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]15 <link rel="author" title="About these documents" href="../../about.html" />
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]16 <link rel="index" title="Index" href="../../genindex.html" />
17 <link rel="search" title="Search" href="../../search.html" />
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]18 <link rel="next" title="10.8. Asymmetric encryption" href="pke.html" />
19 <link rel="prev" title="10.6. Key derivation" href="kdf.html" />
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]20
21 <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
22
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]23
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]24 <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
25
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]26 </head><body>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]27
28
29 <div class="document">
30 <div class="documentwrapper">
31 <div class="bodywrapper">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]32
33
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]34 <div class="body" role="main">
35
36 <div class="section" id="asymmetric-signature">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]37<span id="sign"></span><h1>10.7. Asymmetric signature</h1>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]38<div class="section" id="asymmetric-signature-algorithms">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]39<span id="sign-algorithms"></span><h2>10.7.1. Asymmetric signature algorithms</h2>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]40<div class="section" id="PSA_ALG_RSA_PKCS1V15_SIGN">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]41<span id="c.PSA_ALG_RSA_PKCS1V15_SIGN"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]42<p>The RSA PKCS#1 v1.5 message signature scheme, with hashing.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]43<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN">PSA_ALG_RSA_PKCS1V15_SIGN</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]44<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]45<dl class="simple">
46<dt> <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code></dt><dd><p>A hash algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">hash_alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true). This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</p>
47</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]48</dl>
49<p class="rubric">Returns</p>
50<p>The corresponding RSA PKCS#1 v1.5 signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]51<p>Unspecified if <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]52<p class="rubric">Description</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]53<p>This algorithm can be used with both the message and hash signature functions.</p>
54<p>This signature scheme is defined by <span><em>PKCS #1: RSA Cryptography Specifications Version 2.2</em> <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-8.2">§8.2</a> under the name RSASSA-PKCS1-v1_5.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]55<p>When used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_hash()</span></code></a>, the provided <code class="docutils literal notranslate"><span class="pre">hash</span></code> parameter is used as <em>H</em> from step 2 onwards in the message encoding algorithm <code class="docutils literal notranslate"><span class="pre">EMSA-PKCS1-V1_5-ENCODE()</span></code> in <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-9.2">§9.2</a>. <em>H</em> is usually the message digest, using the <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code> hash algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]56</div>
57<div class="section" id="PSA_ALG_RSA_PKCS1V15_SIGN_RAW">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]58<span id="c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]59<p>The raw RSA PKCS#1 v1.5 signature algorithm, without hashing.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]60<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000200)</pre>
61<p>This algorithm can be only used with the <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_hash()</span></code></a> functions.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]62<p>This signature scheme is defined by <span><em>PKCS #1: RSA Cryptography Specifications Version 2.2</em> <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-8.2">§8.2</a> under the name RSASSA-PKCS1-v1_5.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]63<p>The <code class="docutils literal notranslate"><span class="pre">hash</span></code> parameter to <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_hash()</span></code></a> is used as <em>T</em> from step 3 onwards in the message encoding algorithm <code class="docutils literal notranslate"><span class="pre">EMSA-PKCS1-V1_5-ENCODE()</span></code> in <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-9.2">§9.2</a>. <em>T</em> is the DER encoding of the <em>DigestInfo</em> structure normally produced by step 2 in the message encoding algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]64</div>
65<div class="section" id="PSA_ALG_RSA_PSS">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]66<span id="c.PSA_ALG_RSA_PSS"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PSS</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]67<p>The RSA PSS message signature scheme, with hashing.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]68<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS">PSA_ALG_RSA_PSS</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]69<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]70<dl class="simple">
71<dt> <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code></dt><dd><p>A hash algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">hash_alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true). This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</p>
72</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]73</dl>
74<p class="rubric">Returns</p>
75<p>The corresponding RSA PSS signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]76<p>Unspecified if <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]77<p class="rubric">Description</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]78<p>This algorithm can be used with both the message and hash signature functions.</p>
79<p>This algorithm is randomized: each invocation returns a different, equally valid signature.</p>
80<p>This is the signature scheme defined by <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-8.1">§8.1</a> under the name RSASSA-PSS, with the following options:</p>
81<ul class="simple">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]82<li><p>The mask generation function is <em>MGF1</em> defined by <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#appendix-B">Appendix B</a>.</p></li>
83<li><p>The salt length is equal to the length of the hash.</p></li>
84<li><p>The specified hash algorithm is used to hash the input message, to create the salted hash, and for the mask generation.</p></li>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]85</ul>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]86</div>
87<div class="section" id="PSA_ALG_ECDSA">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]88<span id="c.PSA_ALG_ECDSA"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]89<p>The randomized ECDSA signature scheme, with hashing.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]90<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA">PSA_ALG_ECDSA</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]91<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]92<dl class="simple">
93<dt> <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code></dt><dd><p>A hash algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">hash_alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true). This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</p>
94</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]95</dl>
96<p class="rubric">Returns</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]97<p>The corresponding randomized ECDSA signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]98<p>Unspecified if <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]99<p class="rubric">Description</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]100<p>This algorithm can be used with both the message and hash signature functions.</p>
101<p>This algorithm is randomized: each invocation returns a different, equally valid signature.</p>
102<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]103<p class="admonition-title">Note</p>
104<p>When based on the same hash algorithm, the verification operations for <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> are identical. A signature created using <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>. Similarly, a signature created using <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>.</p>
105<p>In particular, it is impossible to determine whether a signature was produced with deterministic ECDSA or with randomized ECDSA: it is only possible to verify that a signature was made with ECDSA with the private key corresponding to the public key used for the verification.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]106</div>
107<p>This signature scheme is defined by <span><em>SEC 1: Elliptic Curve Cryptography</em> <a class="reference internal" href="../../about.html#citation-sec1"><span class="cite">[SEC1]</span></a></span>, and also by <span><em>Public Key Cryptography For The Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)</em> <a class="reference internal" href="../../about.html#citation-x9-62"><span class="cite">[X9-62]</span></a></span>, with a random per-message secret number <em>k</em>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]108<p>The representation of the signature as a byte string consists of the concatenation of the signature values <em>r</em> and <em>s</em>. Each of <em>r</em> and <em>s</em> is encoded as an <em>N</em>-octet string, where <em>N</em> is the length of the base point of the curve in octets. Each value is represented in big-endian order, with the most significant octet first.</p>
109</div>
110<div class="section" id="PSA_ALG_ECDSA_ANY">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]111<span id="c.PSA_ALG_ECDSA_ANY"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA_ANY</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]112<p>The randomized ECDSA signature scheme, without hashing.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]113<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY">PSA_ALG_ECDSA_ANY</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000600)</pre>
114<p>This algorithm can be only used with the <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_hash()</span></code></a> functions.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]115<p>This algorithm is randomized: each invocation returns a different, equally valid signature.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]116<p>This is the same signature scheme as <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA()</span></code></a>, but without specifying a hash algorithm, and skipping the message hashing operation.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]117<p>This algorithm is only recommended to sign or verify a sequence of bytes that are an already-calculated hash. Note that the input is padded with zeros on the left or truncated on the right as required to fit the curve size.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]118</div>
119<div class="section" id="PSA_ALG_DETERMINISTIC_ECDSA">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]120<span id="c.PSA_ALG_DETERMINISTIC_ECDSA"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]121<p>Deterministic ECDSA signature scheme, with hashing.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]122<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA">PSA_ALG_DETERMINISTIC_ECDSA</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]123<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]124<dl class="simple">
125<dt> <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code></dt><dd><p>A hash algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">hash_alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true). This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</p>
126</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]127</dl>
128<p class="rubric">Returns</p>
129<p>The corresponding deterministic ECDSA signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]130<p>Unspecified if <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]131<p class="rubric">Description</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]132<p>This algorithm can be used with both the message and hash signature functions.</p>
133<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]134<p class="admonition-title">Note</p>
135<p>When based on the same hash algorithm, the verification operations for <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> are identical. A signature created using <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>. Similarly, a signature created using <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>.</p>
136<p>In particular, it is impossible to determine whether a signature was produced with deterministic ECDSA or with randomized ECDSA: it is only possible to verify that a signature was made with ECDSA with the private key corresponding to the public key used for the verification.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]137</div>
138<p>This is the deterministic ECDSA signature scheme defined by <span><em>Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)</em> <a class="reference internal" href="../../about.html#citation-rfc6979"><span class="cite">[RFC6979]</span></a></span>.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]139<p>The representation of a signature is the same as with <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]140</div>
141</div>
142<div class="section" id="asymmetric-signature-functions">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]143<h2>10.7.2. Asymmetric signature functions</h2>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]144<div class="section" id="psa_sign_message">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]145<span id="c.psa_sign_message"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_sign_message</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]146<p>Sign a message with a private key. For hash-and-sign algorithms, this includes the hashing step.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]147<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]148 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]149 const uint8_t * input,
150 size_t input_length,
151 uint8_t * signature,
152 size_t signature_size,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]153 size_t * signature_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]154<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]155<dl class="simple">
156<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation. It must be an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>.</p>
157</dd>
158<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An asymmetric signature algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true), that is compatible with the type of <code class="docutils literal notranslate"><span class="pre">key</span></code>.</p>
159</dd>
160<dt> <code class="docutils literal notranslate"><span class="pre">input</span></code></dt><dd><p>The input message to sign.</p>
161</dd>
162<dt> <code class="docutils literal notranslate"><span class="pre">input_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">input</span></code> buffer in bytes.</p>
163</dd>
164<dt> <code class="docutils literal notranslate"><span class="pre">signature</span></code></dt><dd><p>Buffer where the signature is to be written.</p>
165</dd>
166<dt> <code class="docutils literal notranslate"><span class="pre">signature_size</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">signature</span></code> buffer in bytes.
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]167This must be appropriate for the selected algorithm and key:</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]168<ul class="simple">
169<li><p>The required signature size is <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="docutils literal notranslate"><span class="pre">PSA_SIGN_OUTPUT_SIZE</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">key_type</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">key_bits</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> where <code class="docutils literal notranslate"><span class="pre">key_type</span></code> and <code class="docutils literal notranslate"><span class="pre">key_bits</span></code> are the type and bit-size respectively of <code class="docutils literal notranslate"><span class="pre">key</span></code>.</p></li>
170<li><p><a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> evaluates to the maximum signature size of any supported signature algorithm.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]171</ul>
172</dd>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]173<dt> <code class="docutils literal notranslate"><span class="pre">signature_length</span></code></dt><dd><p>On success, the number of bytes that make up the returned signature value.</p>
174</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]175</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]176<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
177<dl class="simple">
178<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd></dd>
179<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
180<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</p>
181</dd>
182<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt><dd><p>The size of the <code class="docutils literal notranslate"><span class="pre">signature</span></code> buffer is too small.
183<a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGN_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> can be used to determine the required buffer size.</p>
184</dd>
185<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd></dd>
186<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd></dd>
187<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
188<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
189<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
190<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
191<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd></dd>
192<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd></dd>
193<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd></dd>
194<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt><dd></dd>
195<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
196</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]197</dl>
198<p class="rubric">Description</p>
199<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]200<p class="admonition-title">Note</p>
201<p>To perform a multi-part hash-and-sign signature algorithm, first use a <a class="reference internal" href="hashes.html#hash-mp"><span class="std std-ref">multi-part hash operation</span></a> and then pass the resulting hash to <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a>. <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_GET_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> can be used to determine the hash algorithm to use.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]202</div>
203</div>
204<div class="section" id="psa_verify_message">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]205<span id="c.psa_verify_message"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_verify_message</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]206<p>Verify the signature of a message with a public key, using a hash-and-sign verification algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]207<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message">psa_verify_message</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]208 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]209 const uint8_t * input,
210 size_t input_length,
211 const uint8_t * signature,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]212 size_t signature_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]213<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]214<dl class="simple">
215<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation. It must be a public key or an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>.</p>
216</dd>
217<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An asymmetric signature algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true), that is compatible with the type of <code class="docutils literal notranslate"><span class="pre">key</span></code>.</p>
218</dd>
219<dt> <code class="docutils literal notranslate"><span class="pre">input</span></code></dt><dd><p>The message whose signature is to be verified.</p>
220</dd>
221<dt> <code class="docutils literal notranslate"><span class="pre">input_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">input</span></code> buffer in bytes.</p>
222</dd>
223<dt> <code class="docutils literal notranslate"><span class="pre">signature</span></code></dt><dd><p>Buffer containing the signature to verify.</p>
224</dd>
225<dt> <code class="docutils literal notranslate"><span class="pre">signature_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">signature</span></code> buffer in bytes.</p>
226</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]227</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]228<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
229<dl class="simple">
230<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>The signature is valid.</p>
231</dd>
232<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
233<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</p>
234</dd>
235<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt><dd><p>The calculation was performed successfully, but the passed signature is not a valid signature.</p>
236</dd>
237<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd></dd>
238<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd></dd>
239<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
240<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
241<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
242<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
243<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd></dd>
244<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd></dd>
245<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd></dd>
246<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
247</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]248</dl>
249<p class="rubric">Description</p>
250<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]251<p class="admonition-title">Note</p>
252<p>To perform a multi-part hash-and-sign signature verification algorithm, first use a <a class="reference internal" href="hashes.html#hash-mp"><span class="std std-ref">multi-part hash operation</span></a> to hash the message and then pass the resulting hash to <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_hash()</span></code></a>. <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_GET_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> can be used to determine the hash algorithm to use.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]253</div>
254</div>
255<div class="section" id="psa_sign_hash">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]256<span id="c.psa_sign_hash"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_sign_hash</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]257<p>Sign an already-calculated hash with a private key.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]258<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash">psa_sign_hash</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]259 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]260 const uint8_t * hash,
261 size_t hash_length,
262 uint8_t * signature,
263 size_t signature_size,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]264 size_t * signature_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]265<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]266<dl class="simple">
267<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation. It must be an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code></a>.</p>
268</dd>
269<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An asymmetric signature algorithm that separates the hash and sign operations (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_SIGN_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true), that is compatible with the type of <code class="docutils literal notranslate"><span class="pre">key</span></code>.</p>
270</dd>
271<dt> <code class="docutils literal notranslate"><span class="pre">hash</span></code></dt><dd><p>The input to sign. This is usually the hash of a message. See the detailed description of this function and the description of individual signature algorithms for a detailed description of acceptable inputs.</p>
272</dd>
273<dt> <code class="docutils literal notranslate"><span class="pre">hash_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">hash</span></code> buffer in bytes.</p>
274</dd>
275<dt> <code class="docutils literal notranslate"><span class="pre">signature</span></code></dt><dd><p>Buffer where the signature is to be written.</p>
276</dd>
277<dt> <code class="docutils literal notranslate"><span class="pre">signature_size</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">signature</span></code> buffer in bytes.
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]278This must be appropriate for the selected algorithm and key:</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]279<ul class="simple">
280<li><p>The required signature size is <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="docutils literal notranslate"><span class="pre">PSA_SIGN_OUTPUT_SIZE</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">key_type</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">key_bits</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> where <code class="docutils literal notranslate"><span class="pre">key_type</span></code> and <code class="docutils literal notranslate"><span class="pre">key_bits</span></code> are the type and bit-size respectively of <code class="docutils literal notranslate"><span class="pre">key</span></code>.</p></li>
281<li><p><a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> evaluates to the maximum signature size of any supported signature algorithm.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]282</ul>
283</dd>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]284<dt> <code class="docutils literal notranslate"><span class="pre">signature_length</span></code></dt><dd><p>On success, the number of bytes that make up the returned signature value.</p>
285</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]286</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]287<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
288<dl class="simple">
289<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd></dd>
290<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
291<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code></a> flag, or it does not permit the requested algorithm.</p>
292</dd>
293<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt><dd><p>The size of the <code class="docutils literal notranslate"><span class="pre">signature</span></code> buffer is too small.
294<a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGN_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> can be used to determine the required buffer size.</p>
295</dd>
296<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd></dd>
297<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd></dd>
298<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
299<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
300<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
301<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
302<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd></dd>
303<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd></dd>
304<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd></dd>
305<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt><dd></dd>
306<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
307</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]308</dl>
309<p class="rubric">Description</p>
310<p>With most signature mechanisms that follow the hash-and-sign paradigm, the hash input to this function is the hash of the message to sign. The hash algorithm is encoded in the signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]311<p>Some hash-and-sign mechanisms apply a padding or encoding to the hash. In such cases, the encoded hash must be passed to this function. The current version of this specification defines one such signature algorithm: <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]312<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]313<p class="admonition-title">Note</p>
314<p>To perform a hash-and-sign algorithm, the hash must be calculated before passing it to this function. This can be done by calling <a class="reference internal" href="hashes.html#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_hash_compute()</span></code></a> or with a multi-part hash operation. Alternatively, to hash and sign a message in a single call, use <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_message()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]315</div>
316</div>
317<div class="section" id="psa_verify_hash">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]318<span id="c.psa_verify_hash"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_verify_hash</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]319<p>Verify the signature of a hash or short message using a public key.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]320<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash">psa_verify_hash</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]321 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]322 const uint8_t * hash,
323 size_t hash_length,
324 const uint8_t * signature,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]325 size_t signature_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]326<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]327<dl class="simple">
328<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation. It must be a public key or an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code></a>.</p>
329</dd>
330<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An asymmetric signature algorithm that separates the hash and sign operations (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_SIGN_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true), that is compatible with the type of <code class="docutils literal notranslate"><span class="pre">key</span></code>.</p>
331</dd>
332<dt> <code class="docutils literal notranslate"><span class="pre">hash</span></code></dt><dd><p>The input whose signature is to be verified. This is usually the hash of a message. See the detailed description of this function and the description of individual signature algorithms for a detailed description of acceptable inputs.</p>
333</dd>
334<dt> <code class="docutils literal notranslate"><span class="pre">hash_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">hash</span></code> buffer in bytes.</p>
335</dd>
336<dt> <code class="docutils literal notranslate"><span class="pre">signature</span></code></dt><dd><p>Buffer containing the signature to verify.</p>
337</dd>
338<dt> <code class="docutils literal notranslate"><span class="pre">signature_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">signature</span></code> buffer in bytes.</p>
339</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]340</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]341<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
342<dl class="simple">
343<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>The signature is valid.</p>
344</dd>
345<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
346<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code></a> flag, or it does not permit the requested algorithm.</p>
347</dd>
348<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt><dd><p>The calculation was performed successfully, but the passed signature is not a valid signature.</p>
349</dd>
350<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd></dd>
351<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd></dd>
352<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
353<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
354<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
355<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
356<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd></dd>
357<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd></dd>
358<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd></dd>
359<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
360</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]361</dl>
362<p class="rubric">Description</p>
363<p>With most signature mechanisms that follow the hash-and-sign paradigm, the hash input to this function is the hash of the message to sign. The hash algorithm is encoded in the signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]364<p>Some hash-and-sign mechanisms apply a padding or encoding to the hash. In such cases, the encoded hash must be passed to this function. The current version of this specification defines one such signature algorithm: <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]365<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]366<p class="admonition-title">Note</p>
367<p>To perform a hash-and-sign verification algorithm, the hash must be calculated before passing it to this function. This can be done by calling <a class="reference internal" href="hashes.html#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_hash_compute()</span></code></a> or with a multi-part hash operation. Alternatively, to hash and verify a message signature in a single call, use <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_message()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]368</div>
369</div>
370</div>
371<div class="section" id="support-macros">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]372<h2>10.7.3. Support macros</h2>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]373<div class="section" id="PSA_ALG_IS_SIGN_MESSAGE">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]374<span id="c.PSA_ALG_IS_SIGN_MESSAGE"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE</span></code> (macro)</h3>
375<p>Whether the specified algorithm is a signature algorithm that can be used with <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_message()</span></code></a>.</p>
376<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE">PSA_ALG_IS_SIGN_MESSAGE</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]377<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]378<dl class="simple">
379<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
380</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]381</dl>
382<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]383<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a signature algorithm that can be used to sign a message. <code class="docutils literal notranslate"><span class="pre">0</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a signature algorithm that can only be used to sign an already-calculated hash. <code class="docutils literal notranslate"><span class="pre">0</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a signature algorithm. This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]384</div>
385<div class="section" id="PSA_ALG_IS_SIGN_HASH">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]386<span id="c.PSA_ALG_IS_SIGN_HASH"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_SIGN_HASH</span></code> (macro)</h3>
387<p>Whether the specified algorithm is a signature algorithm that can be used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_hash()</span></code></a>.</p>
388<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH">PSA_ALG_IS_SIGN_HASH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]389<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]390<dl class="simple">
391<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
392</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]393</dl>
394<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]395<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a signature algorithm that can be used to sign a hash. <code class="docutils literal notranslate"><span class="pre">0</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a signature algorithm that can only be used to sign a message. <code class="docutils literal notranslate"><span class="pre">0</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a signature algorithm. This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]396</div>
397<div class="section" id="PSA_ALG_IS_RSA_PKCS1V15_SIGN">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]398<span id="c.PSA_ALG_IS_RSA_PKCS1V15_SIGN"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_RSA_PKCS1V15_SIGN</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]399<p>Whether the specified algorithm is an RSA PKCS#1 v1.5 signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]400<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN">PSA_ALG_IS_RSA_PKCS1V15_SIGN</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]401<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]402<dl class="simple">
403<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
404</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]405</dl>
406<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]407<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is an RSA PKCS#1 v1.5 signature algorithm, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise.</p>
408<p>This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]409</div>
410<div class="section" id="PSA_ALG_IS_RSA_PSS">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]411<span id="c.PSA_ALG_IS_RSA_PSS"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_RSA_PSS</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]412<p>Whether the specified algorithm is an RSA PSS signature algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]413<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS">PSA_ALG_IS_RSA_PSS</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]414<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]415<dl class="simple">
416<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
417</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]418</dl>
419<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]420<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is an RSA PSS signature algorithm, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise.</p>
421<p>This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]422</div>
423<div class="section" id="PSA_ALG_IS_ECDSA">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]424<span id="c.PSA_ALG_IS_ECDSA"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_ECDSA</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]425<p>Whether the specified algorithm is ECDSA.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]426<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA">PSA_ALG_IS_ECDSA</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]427<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]428<dl class="simple">
429<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
430</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]431</dl>
432<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]433<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is an ECDSA algorithm, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise.</p>
434<p>This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]435</div>
436<div class="section" id="PSA_ALG_IS_DETERMINISTIC_ECDSA">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]437<span id="c.PSA_ALG_IS_DETERMINISTIC_ECDSA"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_DETERMINISTIC_ECDSA</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]438<p>Whether the specified algorithm is deterministic ECDSA.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]439<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_DETERMINISTIC_ECDSA" title="PSA_ALG_IS_DETERMINISTIC_ECDSA">PSA_ALG_IS_DETERMINISTIC_ECDSA</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]440<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]441<dl class="simple">
442<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
443</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]444</dl>
445<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]446<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a deterministic ECDSA algorithm, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise.</p>
447<p>This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]448<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]449<p>See also <a class="reference internal" href="#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_IS_ECDSA()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_IS_RANDOMIZED_ECDSA" title="PSA_ALG_IS_RANDOMIZED_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_IS_RANDOMIZED_ECDSA()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]450</div>
451<div class="section" id="PSA_ALG_IS_RANDOMIZED_ECDSA">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]452<span id="c.PSA_ALG_IS_RANDOMIZED_ECDSA"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_RANDOMIZED_ECDSA</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]453<p>Whether the specified algorithm is randomized ECDSA.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]454<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_RANDOMIZED_ECDSA" title="PSA_ALG_IS_RANDOMIZED_ECDSA">PSA_ALG_IS_RANDOMIZED_ECDSA</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]455<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]456<dl class="simple">
457<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
458</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]459</dl>
460<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]461<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a randomized ECDSA algorithm, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise.</p>
462<p>This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]463<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]464<p>See also <a class="reference internal" href="#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_IS_ECDSA()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_IS_DETERMINISTIC_ECDSA" title="PSA_ALG_IS_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_IS_DETERMINISTIC_ECDSA()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]465</div>
466<div class="section" id="PSA_ALG_IS_HASH_AND_SIGN">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]467<span id="c.PSA_ALG_IS_HASH_AND_SIGN"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]468<p>Whether the specified algorithm is a hash-and-sign algorithm that signs exactly the hash value.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]469<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN">PSA_ALG_IS_HASH_AND_SIGN</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]470<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]471<dl class="simple">
472<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
473</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]474</dl>
475<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]476<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a hash-and-sign algorithm that signs exactly the hash value, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]477<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]478<p>This macro identifies algorithms that can be used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a> that use the exact message hash value as an input the signature operation. This excludes hash-and-sign algorithms that require a encoded or modified hash for the signature step in the algorithm, such as <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]479</div>
480<div class="section" id="PSA_ALG_ANY_HASH">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]481<span id="c.PSA_ALG_ANY_HASH"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_ANY_HASH</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]482<p>When setting a hash-and-sign algorithm in a key policy, permit any hash algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]483<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH">PSA_ALG_ANY_HASH</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x020000ff)</pre>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]484<p>This value can be used to form the permitted algorithm attribute of a key policy for a signature algorithm that is parametrized by a hash. A key with this policy can then be used to perform operations using the same signature algorithm parametrized with any supported hash.
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]485A signature algorithm created using this macro is a wildcard algorithm, and <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_WILDCARD" title="PSA_ALG_IS_WILDCARD"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_IS_WILDCARD()</span></code></a> will return true.</p>
486<p>This value must not be used to build other algorithms that are parametrized over a hash. For any valid use of this macro to build an algorithm <code class="docutils literal notranslate"><span class="pre">alg</span></code>, <a class="reference internal" href="#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]487<p>This value must not be used to build an algorithm specification to perform an operation. It is only valid for setting the permitted algorithm in a key policy.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]488<p class="rubric">Usage</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]489<p>For example, suppose that <code class="docutils literal notranslate"><span class="pre">PSA_xxx_SIGNATURE</span></code> is one of the following macros:</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]490<ul class="simple">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]491<li><p><a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a></p></li>
492<li><p><a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_RSA_PSS</span></code></a></p></li>
493<li><p><a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ECDSA</span></code></a></p></li>
494<li><p><a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]495</ul>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]496<p>The following sequence of operations shows how <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> can be used in a key policy:</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]497<ol class="arabic">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]498<li><p>Set the key usage flags using <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_ANY_HASH</span></code></a>, for example:</p>
499<pre class="literal-block"><a class="reference internal" href="../keys/policy.html#c.psa_set_key_usage_flags" title="psa_set_key_usage_flags">psa_set_key_usage_flags</a>(&amp;attributes, <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE">PSA_KEY_USAGE_SIGN_MESSAGE</a>); // or VERIFY_MESSAGE
500<a class="reference internal" href="../keys/policy.html#c.psa_set_key_algorithm" title="psa_set_key_algorithm">psa_set_key_algorithm</a>(&amp;attributes, PSA_xxx_SIGNATURE(<a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH">PSA_ALG_ANY_HASH</a>));</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]501</li>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]502<li><p>Import or generate key material.</p></li>
503<li><p>Call <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_message()</span></code></a> or <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_verify_message()</span></code></a>, passing an algorithm built from <code class="docutils literal notranslate"><span class="pre">PSA_xxx_SIGNATURE</span></code> and a specific hash. Each call to sign or verify a message can use a different hash algorithm.</p>
504<pre class="literal-block"><a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(key, PSA_xxx_SIGNATURE(<a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256">PSA_ALG_SHA_256</a>), ...);
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]505<a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(key, PSA_xxx_SIGNATURE(<a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512">PSA_ALG_SHA_512</a>), ...);
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]506<a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(key, PSA_xxx_SIGNATURE(<a class="reference internal" href="hashes.html#c.PSA_ALG_SHA3_256" title="PSA_ALG_SHA3_256">PSA_ALG_SHA3_256</a>), ...);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]507</li>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]508</ol>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]509</div>
510<div class="section" id="PSA_SIGN_OUTPUT_SIZE">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]511<span id="c.PSA_SIGN_OUTPUT_SIZE"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_SIGN_OUTPUT_SIZE</span></code> (macro)</h3>
512<p>Sufficient signature buffer size for <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a>.</p>
513<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE">PSA_SIGN_OUTPUT_SIZE</a>(key_type, key_bits, alg) \
514 <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]515<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]516<dl class="simple">
517<dt> <code class="docutils literal notranslate"><span class="pre">key_type</span></code></dt><dd><p>An asymmetric key type. This can be a key pair type or a public key type.</p>
518</dd>
519<dt> <code class="docutils literal notranslate"><span class="pre">key_bits</span></code></dt><dd><p>The size of the key in bits.</p>
520</dd>
521<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>The signature algorithm.</p>
522</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]523</dl>
524<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]525<p>If the parameters are valid and supported, return a buffer size in bytes that guarantees that <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_sign_hash()</span></code></a> will not fail with <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a>. If the parameters are a valid combination that is not supported by the implementation, this macro must return either a sensible size or <code class="docutils literal notranslate"><span class="pre">0</span></code>. If the parameters are not valid, the return value is unspecified.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]526<p class="rubric">Description</p>
527<p>This macro returns a sufficient buffer size for a signature using a key of the specified type and size, with the specified algorithm. Note that the actual size of the signature might be smaller, as some algorithms produce a variable-size signature.</p>
528<div class="admonition warning">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]529<p class="admonition-title">Warning</p>
530<p>This function might evaluate its arguments multiple times or zero times. Providing arguments that have side effects will result in implementation-specific behavior, and is non-portable.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]531</div>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]532<p>See also <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]533</div>
534<div class="section" id="PSA_SIGNATURE_MAX_SIZE">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]535<span id="c.PSA_SIGNATURE_MAX_SIZE"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]536<p>Maximum size of an asymmetric signature.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]537<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE">PSA_SIGNATURE_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]538<p>This macro must expand to a compile-time constant integer.
539It is recommended that this value is the maximum size of an asymmetric signature supported by the implementation, in bytes. The value must not be smaller than this maximum.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]540<p>See also <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_SIGN_OUTPUT_SIZE()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]541</div>
542</div>
543</div>
544
545
546 </div>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]547
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]548 </div>
549 </div>
550 <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]551 <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
552IHI 0086<br/>
553Non-confidential<br/>
554Version 1.0.1
555<span style="color: red; font-weight: bold;"></span>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]556<ul>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]557<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]558</ul>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]559<ul class="current">
560<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
561<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
562<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
563<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
564<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
565<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
566<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
567<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
568<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
569<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
570<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
571<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests</a></li>
572<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
573<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
574<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
575<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
576<li class="toctree-l2 current"><a class="current reference internal" href="#">10.7. Asymmetric signature</a><ul>
577<li class="toctree-l3"><a class="reference internal" href="#asymmetric-signature-algorithms">10.7.1. Asymmetric signature algorithms</a></li>
578<li class="toctree-l3"><a class="reference internal" href="#asymmetric-signature-functions">10.7.2. Asymmetric signature functions</a></li>
579<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.7.3. Support macros</a></li>
580</ul>
581</li>
582<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
583<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
584<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
585</ul>
586</li>
587</ul>
588<ul>
589<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
590<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
591<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
592</ul>
593<ul>
594<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
595</ul>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]596<div id="searchbox" style="display: none" role="search">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]597 <h3 id="searchlabel">Quick search</h3>
598 <div class="searchformwrapper">
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]599 <form class="search" action="../../search.html" method="get">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]600 <input type="text" name="q" aria-labelledby="searchlabel" />
601 <input type="submit" value="Go" />
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]602 </form>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]603 </div>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]604</div>
605<script type="text/javascript">$('#searchbox').show(0);</script>
606 </div>
607 </div>
608 <div class="clearer"></div>
609 </div>
610 <div class="footer">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]611 &copy; 2018-2020, Arm Limited or its affiliates. All rights reserved.
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]612
613 |
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame^]614 Powered by <a href="http://sphinx-doc.org/">Sphinx 2.1.2</a>
615 &amp; <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.12</a>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]616
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]617 </div>
618
619
620
621
622 </body>
623</html>