TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 0189e7512d9d3df9e7db84672a8b01f94da38f01 / . / include / psa / crypto.h
blob: 4a60e67f9ac3198db5b60264239f91a28f17b8d5 [file] [log] [blame]
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1/**
2 * \file psa/crypto.h
3 * \brief Platform Security Architecture cryptography module
4 */
5
6#ifndef PSA_CRYPTO_H
7#define PSA_CRYPTO_H
8
9#include "crypto_platform.h"
10
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]11#include <stddef.h>
12
Gilles Peskine62a7e7e2018-02-07 21:54:47 +0100[diff] [blame]13#ifdef __DOXYGEN_ONLY__
14/** \defgroup platform Implementation-specific definitions
15 * @{
16 */
17
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]18/** \brief Key slot number.
19 *
20 * This type represents key slots. It must be an unsigned integral
21 * type.* The choice of type is implementation-dependent.
22 * 0 is not a valid key slot number. The meaning of other values is
23 * implementation dependent.
24 *
25 * At any given point in time, each key slot either contains a
26 * cryptographic object, or is empty. Key slots are persistent:
27 * once set, the cryptographic object remains in the key slot until
28 * explicitly destroyed.
29 */
30typedef _unsigned_integral_type_ psa_key_slot_t;
31
Gilles Peskine62a7e7e2018-02-07 21:54:47 +0100[diff] [blame]32/**@}*/
33#endif
34
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]35#ifdef __cplusplus
36extern "C" {
37#endif
38
39/** \defgroup basic Basic definitions
40 * @{
41 */
42
43/**
44 * \brief Function return status.
45 *
46 * Zero indicates success, anything else indicates an error.
47 */
48typedef enum {
49 /** The action was completed successfully. */
50 PSA_SUCCESS = 0,
51 /** The requested operation or a parameter is not supported
52 by this implementation. */
53 PSA_ERROR_NOT_SUPPORTED,
54 /** The requested action is denied by a policy. */
55 PSA_ERROR_NOT_PERMITTED,
56 /** An output buffer is too small. */
57 PSA_ERROR_BUFFER_TOO_SMALL,
58 /** A slot is occupied, but must be empty to carry out the
59 requested action. */
60 PSA_ERROR_OCCUPIED_SLOT,
61 /** A slot is empty, but must be occupied to carry out the
62 requested action. */
63 PSA_ERROR_EMPTY_SLOT,
64 /** The requested action cannot be performed in the current state. */
65 PSA_ERROR_BAD_STATE,
66 /** The parameters passed to the function are invalid. */
67 PSA_ERROR_INVALID_ARGUMENT,
68 /** There is not enough runtime memory. */
69 PSA_ERROR_INSUFFICIENT_MEMORY,
70 /** There is not enough persistent storage. */
71 PSA_ERROR_INSUFFICIENT_STORAGE,
72 /** There was a communication failure inside the implementation. */
73 PSA_ERROR_COMMUNICATION_FAILURE,
74 /** A hardware failure was detected. */
75 PSA_ERROR_HARDWARE_FAILURE,
76 /** A tampering attempt was detected. */
77 PSA_ERROR_TAMPERING_DETECTED,
78 /** There is not enough entropy to generate random data needed
79 for the requested action. */
80 PSA_ERROR_INSUFFICIENT_ENTROPY,
81 /** The signature or MAC is incorrect. */
82 PSA_ERROR_INVALID_SIGNATURE,
83 /** An error occurred that does not correspond to any defined
84 failure cause. */
85 PSA_ERROR_UNKNOWN_ERROR,
86} psa_status_t;
87
88/**
89 * \brief Library initialization.
90 *
91 * Applications must call this function before calling any other
92 * function in this module.
93 *
94 * Applications may call this function more than once. Once a call
95 * succeeds, subsequent calls are guaranteed to succeed.
96 *
97 * \return * \c PSA_SUCCESS: success.
98 * * \c PSA_ERROR_INSUFFICIENT_MEMORY
99 * * \c PSA_ERROR_COMMUNICATION_FAILURE
100 * * \c PSA_ERROR_HARDWARE_FAILURE
101 * * \c PSA_ERROR_TAMPERING_DETECTED
102 * * \c PSA_ERROR_INSUFFICIENT_ENTROPY
103 */
104psa_status_t psa_crypto_init(void);
105
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame^]106#define BITS_TO_BYTES(bits) (((bits) + 7) / 8)
107#define BYTES_TO_BITS(bytes) ((bytes) * 8)
108
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]109/**@}*/
110
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]111/** \defgroup crypto_types Key and algorithm types
112 * @{
113 */
114
115typedef uint32_t psa_key_type_t;
116
117#define PSA_KEY_TYPE_NONE 0x00000000
118#define PSA_KEY_TYPE_RAW_DATA 0x00000001
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]119#define PSA_KEY_TYPE_RSA_PUBLIC_KEY 0x40000001
120#define PSA_KEY_TYPE_RSA_KEYPAIR 0x60000001
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]121#define PSA_KEY_TYPE_ECC_BASE 0x40010000
122
123#define PSA_KEY_TYPE_VENDOR_FLAG 0x80000000
124#define PSA_KEY_TYPE_ASYMMETRIC_FLAG 0x40000000
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]125#define PSA_KEY_TYPE_ASYMMETRIC_MASK 0x60000000
126#define PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC 0x40000000
127#define PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR 0x60000000
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame^]128#define PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK 0x5fff0000
129#define PSA_KEY_TYPE_RSA_TEST_VALUE 0x40000000
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]130#define PSA_KEY_TYPE_ECC_TEST_VALUE 0x40010000
131
132#define PSA_KEY_TYPE_IS_VENDOR(type) \
133 (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
134#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
135 (((type) & PSA_KEY_TYPE_ASYMMETRIC_FLAG) != 0)
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]136#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
137 (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC)
138#define PSA_KEY_TYPE_IS_KEYPAIR(type) \
139 (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR)
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame^]140#define PSA_KEY_TYPE_IS_RSA(type) \
141 (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_RSA_TEST_VALUE)
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]142#define PSA_KEY_TYPE_IS_ECC(type) \
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame^]143 (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE)
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]144
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]145typedef uint32_t psa_algorithm_t;
146
147#define PSA_ALG_HASH_BITS 0x01000000
148#define PSA_ALG_RSA_HASH_MASK 0x000000ff
149#define PSA_ALG_MD2 0x01000001
150#define PSA_ALG_MD4 0x01000002
151#define PSA_ALG_MD5 0x01000003
152#define PSA_ALG_SHA_256_128 0x01000004
153#define PSA_ALG_RIPEMD160 0x01000005
154#define PSA_ALG_SHA_1 0x01000006
155#define PSA_ALG_SHA_256_160 0x01000007
156#define PSA_ALG_SHA_224 0x01000008
157#define PSA_ALG_SHA_256 0x01000009
158#define PSA_ALG_SHA_384 0x0100000a
159#define PSA_ALG_SHA_512 0x0100000b
160#define PSA_ALG_SHA_512_224 0x0100000c
161#define PSA_ALG_SHA_512_256 0x0100000d
162#define PSA_ALG_SHA3_224 0x01000010
163#define PSA_ALG_SHA3_256 0x01000011
164#define PSA_ALG_SHA3_384 0x01000012
165#define PSA_ALG_SHA3_512 0x01000013
166
167#define PSA_ALG_RSA_PKCS1V15_RAW 0x40000100
168#define PSA_ALG_RSA_PSS_MGF1 0x40000200
169#define PSA_ALG_RSA_OAEP 0x40000300
170#define PSA_ALG_RSA_PKCS1V15(hash_alg) \
171 (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_RSA_HASH_MASK))
172#define PSA_ALG_IS_RSA_PKCS1V15(alg) \
173 (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_RAW)
174#define PSA_ALG_RSA_GET_HASH(alg) \
175 (((alg) & PSA_ALG_RSA_HASH_MASK) | PSA_ALG_HASH_BITS)
176
177#define PSA_ALG_VENDOR_FLAG 0x80000000
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]178
179/**@}*/
180
181/** \defgroup key_management Key management
182 * @{
183 */
184
185/**
186 * \brief Import a key in binary format.
187 *
188 * This function supports any output from psa_export_key().
189 *
190 * \return * \c PSA_SUCCESS: success.
191 * * \c PSA_ERROR_NOT_SUPPORTED
192 * * \c PSA_ERROR_INVALID_ARGUMENT
193 * * \c PSA_ERROR_INSUFFICIENT_MEMORY
194 * * \c PSA_ERROR_COMMUNICATION_FAILURE
195 * * \c PSA_ERROR_HARDWARE_FAILURE
196 * * \c PSA_ERROR_TAMPERING_DETECTED
197 */
198psa_status_t psa_import_key(psa_key_slot_t key,
199 psa_key_type_t type,
200 const uint8_t *data,
201 size_t data_length);
202
203/**
204 * \brief Destroy a key.
205 *
206 * \return * \c PSA_SUCCESS: success.
207 * * \c PSA_ERROR_EMPTY_SLOT
208 * * \c PSA_ERROR_COMMUNICATION_FAILURE
209 * * \c PSA_ERROR_HARDWARE_FAILURE
210 * * \c PSA_ERROR_TAMPERING_DETECTED
211 */
212psa_status_t psa_destroy_key(psa_key_slot_t key);
213
214/**
215 * \brief Get basic metadata about a key.
216 *
217 * \return * \c PSA_SUCCESS: success.
218 * * \c PSA_ERROR_EMPTY_SLOT
219 * * \c PSA_ERROR_COMMUNICATION_FAILURE
220 * * \c PSA_ERROR_HARDWARE_FAILURE
221 * * \c PSA_ERROR_TAMPERING_DETECTED
222 */
223psa_status_t psa_get_key_information(psa_key_slot_t key,
224 psa_key_type_t *type,
225 size_t *bits);
226
227/**
228 * \brief Export a key in binary format.
229 *
230 * The output of this function can be passed to psa_import_key() to
231 * create an equivalent object.
232 *
233 * If a key is created with psa_import_key() and then exported with
234 * this function, it is not guaranteed that the resulting data is
235 * identical: the implementation may choose a different representation
236 * of the same key.
237 *
238 * \return * \c PSA_SUCCESS: success.
239 * * \c PSA_ERROR_EMPTY_SLOT
240 * * \c PSA_ERROR_COMMUNICATION_FAILURE
241 * * \c PSA_ERROR_HARDWARE_FAILURE
242 * * \c PSA_ERROR_TAMPERING_DETECTED
243 */
244psa_status_t psa_export_key(psa_key_slot_t key,
245 uint8_t *data,
246 size_t data_size,
247 size_t *data_length);
248
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]249
250/**@}*/
251
252/** \defgroup asymmetric Asymmetric cryptography
253 * @{
254 */
255
256/**
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame^]257 * \brief Maximum ECDSA signature size for a given curve bit size
258 *
259 * \param curve_bits Curve size in bits
260 * \return Maximum signature size in bytes
261 *
262 * \note This macro returns a compile-time constant if its argument is one.
263 *
264 * \warning This macro may evaluate its argument multiple times.
265 */
266/*
267 * RFC 4492 page 20:
268 *
269 * Ecdsa-Sig-Value ::= SEQUENCE {
270 * r INTEGER,
271 * s INTEGER
272 * }
273 *
274 * Size is at most
275 * 1 (tag) + 1 (len) + 1 (initial 0) + curve_bytes for each of r and s,
276 * twice that + 1 (tag) + 2 (len) for the sequence
277 * (assuming curve_bytes is less than 126 for r and s,
278 * and less than 124 (total len <= 255) for the sequence)
279 */
280#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \
281 ( /*T,L of SEQUENCE*/ ((curve_bits) >= 61 * 8 ? 3 : 2) + \
282 /*T,L of r,s*/ 2 * (((curve_bits) >= 127 * 8 ? 3 : 2) + \
283 /*V of r,s*/ ((curve_bits) + 8) / 8))
284
285
286#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
287 (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, BITS_TO_BYTES(key_bits)) : \
288 PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
289 0)
290
291/**
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]292 * \brief Sign a hash or short message with a private key.
293 *
294 */
295psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
296 psa_algorithm_t alg,
297 const uint8_t *hash,
298 size_t hash_length,
299 const uint8_t *salt,
300 size_t salt_length,
301 uint8_t *signature,
302 size_t signature_size,
303 size_t *signature_length);
304
305/**
306 * \brief Verify the signature a hash or short message using a public key.
307 *
308 */
309psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
310 psa_algorithm_t alg,
311 const uint8_t *hash,
312 size_t hash_length,
313 const uint8_t *salt,
314 size_t salt_length,
315 uint8_t *signature,
316 size_t signature_size);
317
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]318/**@}*/
319
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]320#ifdef __cplusplus
321}
322#endif
323
324#include "crypto_extra.h"
325
326#endif /* PSA_CRYPTO_H */