mbed TLS v2.24.0
crypto_extra.h
Go to the documentation of this file.
1 
11 /*
12  * Copyright The Mbed TLS Contributors
13  * SPDX-License-Identifier: Apache-2.0
14  *
15  * Licensed under the Apache License, Version 2.0 (the "License"); you may
16  * not use this file except in compliance with the License.
17  * You may obtain a copy of the License at
18  *
19  * http://www.apache.org/licenses/LICENSE-2.0
20  *
21  * Unless required by applicable law or agreed to in writing, software
22  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24  * See the License for the specific language governing permissions and
25  * limitations under the License.
26  */
27 
28 #ifndef PSA_CRYPTO_EXTRA_H
29 #define PSA_CRYPTO_EXTRA_H
30 
31 #include "mbedtls/platform_util.h"
32 
33 #include "crypto_compat.h"
34 
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38 
39 /* UID for secure storage seed */
40 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
41 
42 
67  psa_key_attributes_t *attributes,
68  psa_algorithm_t alg2)
69 {
70  attributes->core.policy.alg2 = alg2;
71 }
72 
80  const psa_key_attributes_t *attributes)
81 {
82  return( attributes->core.policy.alg2 );
83 }
84 
85 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
86 
110  const psa_key_attributes_t *attributes,
111  psa_key_slot_number_t *slot_number );
112 
136 static inline void psa_set_key_slot_number(
137  psa_key_attributes_t *attributes,
138  psa_key_slot_number_t slot_number )
139 {
141  attributes->slot_number = slot_number;
142 }
143 
150 static inline void psa_clear_key_slot_number(
151  psa_key_attributes_t *attributes )
152 {
154 }
155 
195  const psa_key_attributes_t *attributes);
196 
197 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
198 
209 void mbedtls_psa_crypto_free( void );
210 
217 typedef struct mbedtls_psa_stats_s
218 {
231  size_t cache_slots;
233  size_t empty_slots;
239 
248 
316 psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
317  size_t seed_size);
318 
330 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002)
331 
348 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
349 
351 #define PSA_KEY_TYPE_IS_DSA(type) \
352  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
353 
354 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000)
355 
369 #define PSA_ALG_DSA(hash_alg) \
370  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
371 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000)
372 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
373 
387 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
388  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
389 #define PSA_ALG_IS_DSA(alg) \
390  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
391  PSA_ALG_DSA_BASE)
392 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
393  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
394 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
395  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
396 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
397  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
398 
399 
400 /* We need to expand the sample definition of this macro from
401  * the API definition. */
402 #undef PSA_ALG_IS_HASH_AND_SIGN
403 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
404  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
405  PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
406 
419 #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
420 
421 
489  psa_key_type_t type,
490  const uint8_t *data,
491  size_t data_length);
492 
517  const psa_key_attributes_t *attributes,
518  uint8_t *data,
519  size_t data_size,
520  size_t *data_length);
521 
547 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
548  (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
549  PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
550  PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
551  0)
552 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
553  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
554 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
555  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
556 
563 #if defined(MBEDTLS_ECP_C)
564 #include <mbedtls/ecp.h>
565 
580  size_t *bits )
581 {
582  switch( grpid )
583  {
585  *bits = 192;
586  return( PSA_ECC_FAMILY_SECP_R1 );
588  *bits = 224;
589  return( PSA_ECC_FAMILY_SECP_R1 );
591  *bits = 256;
592  return( PSA_ECC_FAMILY_SECP_R1 );
594  *bits = 384;
595  return( PSA_ECC_FAMILY_SECP_R1 );
597  *bits = 521;
598  return( PSA_ECC_FAMILY_SECP_R1 );
600  *bits = 256;
603  *bits = 384;
606  *bits = 512;
609  *bits = 255;
610  return( PSA_ECC_FAMILY_MONTGOMERY );
612  *bits = 192;
613  return( PSA_ECC_FAMILY_SECP_K1 );
615  *bits = 224;
616  return( PSA_ECC_FAMILY_SECP_K1 );
618  *bits = 256;
619  return( PSA_ECC_FAMILY_SECP_K1 );
621  *bits = 448;
622  return( PSA_ECC_FAMILY_MONTGOMERY );
623  default:
624  *bits = 0;
625  return( 0 );
626  }
627 }
628 
645  size_t byte_length );
646 #endif /* MBEDTLS_ECP_C */
647 
650 #ifdef __cplusplus
651 }
652 #endif
653 
654 #endif /* PSA_CRYPTO_EXTRA_H */
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:579
void mbedtls_psa_crypto_free(void)
Library deinitialization.
#define PSA_ECC_FAMILY_MONTGOMERY
PSA cryptography module: Backward compatibility aliases.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
Definition: crypto_extra.h:66
This file provides an API for Elliptic Curves over GF(P) (ECP).
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t byte_length)
psa_algorithm_t alg2
psa_key_attributes_flag_t flags
static void psa_clear_key_slot_number(psa_key_attributes_t *attributes)
Definition: crypto_extra.h:150
psa_core_key_attributes_t core
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
psa_status_t psa_get_key_slot_number(const psa_key_attributes_t *attributes, psa_key_slot_number_t *slot_number)
Common and shared functions used by multiple modules in the Mbed TLS library.
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
psa_key_slot_number_t slot_number
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
uint64_t psa_key_slot_number_t
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
Definition: crypto_extra.h:79
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:96
#define PSA_ECC_FAMILY_SECP_R1
psa_status_t mbedtls_psa_register_se_key(const psa_key_attributes_t *attributes)
static void psa_set_key_slot_number(psa_key_attributes_t *attributes, psa_key_slot_number_t slot_number)
Definition: crypto_extra.h:136
mbedtls_ecp_group_id
Definition: ecp.h:109
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:64
psa_app_key_id_t max_open_internal_key_id
Definition: crypto_extra.h:235
psa_key_policy_t policy
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
psa_app_key_id_t max_open_external_key_id
Definition: crypto_extra.h:237
uint32_t psa_app_key_id_t
#define PSA_ECC_FAMILY_SECP_K1
uint8_t psa_ecc_family_t
Definition: crypto_types.h:75
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:53
Statistics about resource consumption related to the PSA keystore.
Definition: crypto_extra.h:217