34 #ifndef PSA_CRYPTO_VALUES_H
35 #define PSA_CRYPTO_VALUES_H
44 #define PSA_SUCCESS ((psa_status_t)0)
51 #define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
60 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
73 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
85 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
91 #define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
97 #define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
113 #define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
124 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
130 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
139 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
156 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
181 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
187 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
218 #define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
237 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
247 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
263 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
267 #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
271 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
295 #define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
311 #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
323 #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000)
332 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000)
334 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000)
335 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000)
336 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000)
337 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000)
338 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000)
340 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000)
346 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
347 (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
353 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
354 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
355 ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
358 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
359 (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
360 & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
361 PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
363 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
364 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
367 #define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
368 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
379 #define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
380 ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
391 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
392 ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
398 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001)
408 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
415 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200)
422 #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400)
433 #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301)
437 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
443 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002)
452 #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)
455 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001)
457 #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001)
459 #define PSA_KEY_TYPE_IS_RSA(type) \
460 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
462 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100)
463 #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100)
464 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff)
470 #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
471 (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
477 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
478 (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
481 #define PSA_KEY_TYPE_IS_ECC(type) \
482 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
483 ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
485 #define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
486 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
487 PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
489 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
490 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
491 PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
494 #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
495 ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
496 ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
507 #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
517 #define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
519 #define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
529 #define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
539 #define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
549 #define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
558 #define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
570 #define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
572 #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200)
573 #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200)
574 #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff)
580 #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
581 (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
587 #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
588 (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
591 #define PSA_KEY_TYPE_IS_DH(type) \
592 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
593 ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
595 #define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
596 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
597 PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
599 #define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
600 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
601 PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
604 #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
605 ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
606 ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
615 #define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
617 #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
637 #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
638 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
639 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
649 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
651 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
652 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000)
653 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000)
654 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
655 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000)
656 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000)
657 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000)
658 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000)
659 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000)
665 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
666 (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
676 #define PSA_ALG_IS_HASH(alg) \
677 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
687 #define PSA_ALG_IS_MAC(alg) \
688 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
698 #define PSA_ALG_IS_CIPHER(alg) \
699 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
710 #define PSA_ALG_IS_AEAD(alg) \
711 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
722 #define PSA_ALG_IS_SIGN(alg) \
723 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
734 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
735 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
745 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
746 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
756 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
757 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
759 #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
761 #define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001)
763 #define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002)
765 #define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
767 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004)
769 #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005)
771 #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008)
773 #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009)
775 #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a)
777 #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b)
779 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c)
781 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d)
783 #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010)
785 #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011)
787 #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012)
789 #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013)
824 #define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff)
826 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
827 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000)
839 #define PSA_ALG_HMAC(hash_alg) \
840 (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
842 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
843 (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
855 #define PSA_ALG_IS_HMAC(alg) \
856 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
866 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000)
867 #define PSA_MAC_TRUNCATION_OFFSET 16
875 #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
910 #define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
911 (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
912 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
913 ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
927 #define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
928 ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
929 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
942 #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
943 (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
969 #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
970 ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
971 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG )
973 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000)
979 #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
981 #define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
991 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
992 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
993 PSA_ALG_CIPHER_MAC_BASE)
995 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
996 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
1010 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
1011 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1012 (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1020 #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
1029 #define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000)
1035 #define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100)
1041 #define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200)
1049 #define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00)
1069 #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400)
1078 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000)
1086 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100)
1088 #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
1099 #define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1100 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1101 (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1107 #define PSA_ALG_CCM ((psa_algorithm_t)0x05500100)
1113 #define PSA_ALG_GCM ((psa_algorithm_t)0x05500200)
1124 #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
1130 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000)
1131 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
1139 #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
1159 #define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1160 (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1161 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1162 ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1163 PSA_ALG_AEAD_TAG_LENGTH_MASK))
1176 #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1177 (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1178 PSA_AEAD_TAG_LENGTH_OFFSET )
1188 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1190 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1191 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1192 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1194 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1195 PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1196 PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1223 #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1224 ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1225 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG )
1227 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200)
1243 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1244 (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1251 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1252 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1253 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1255 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300)
1274 #define PSA_ALG_RSA_PSS(hash_alg) \
1275 (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1276 #define PSA_ALG_IS_RSA_PSS(alg) \
1277 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1279 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600)
1300 #define PSA_ALG_ECDSA(hash_alg) \
1301 (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1311 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1312 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700)
1335 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1336 (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1337 #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100)
1338 #define PSA_ALG_IS_ECDSA(alg) \
1339 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1341 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1342 (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1343 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1344 (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1345 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1346 (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1361 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1362 (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1363 PSA_ALG_IS_ECDSA(alg))
1383 #define PSA_ALG_SIGN_GET_HASH(alg) \
1384 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1385 ((alg) & PSA_ALG_HASH_MASK) == 0 ? 0 : \
1386 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1391 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200)
1393 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300)
1408 #define PSA_ALG_RSA_OAEP(hash_alg) \
1409 (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1410 #define PSA_ALG_IS_RSA_OAEP(alg) \
1411 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1412 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1413 (PSA_ALG_IS_RSA_OAEP(alg) ? \
1414 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1417 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100)
1438 #define PSA_ALG_HKDF(hash_alg) \
1439 (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1451 #define PSA_ALG_IS_HKDF(alg) \
1452 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1453 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1454 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1456 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200)
1483 #define PSA_ALG_TLS12_PRF(hash_alg) \
1484 (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1494 #define PSA_ALG_IS_TLS12_PRF(alg) \
1495 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1496 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1497 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1499 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300)
1529 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
1530 (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1540 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
1541 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
1542 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
1543 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1545 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff)
1546 #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)
1562 #define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
1563 ((ka_alg) | (kdf_alg))
1565 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
1566 (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
1568 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
1569 (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
1585 #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
1586 (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
1587 PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
1589 #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
1590 ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
1599 #define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000)
1613 #define PSA_ALG_IS_FFDH(alg) \
1614 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
1641 #define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000)
1657 #define PSA_ALG_IS_ECDH(alg) \
1658 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
1673 #define PSA_ALG_IS_WILDCARD(alg) \
1674 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1675 PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
1676 PSA_ALG_IS_MAC(alg) ? \
1677 (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1678 PSA_ALG_IS_AEAD(alg) ? \
1679 (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1680 (alg) == PSA_ALG_ANY_HASH)
1699 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
1713 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
1719 #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00)
1725 #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01)
1731 #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff)
1733 #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
1734 ((psa_key_persistence_t)((lifetime) & 0x000000ff))
1736 #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
1737 ((psa_key_location_t)((lifetime) >> 8))
1755 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
1756 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
1757 PSA_KEY_PERSISTENCE_VOLATILE)
1768 #define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
1769 ((location) << 8 | (persistence))
1778 #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000)
1780 #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000)
1784 #define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001)
1787 #define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff)
1790 #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000)
1793 #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff)
1796 #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
1798 #define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 )
1799 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id )
1800 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 )
1825 return( id1 == id2 );
1841 #define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } )
1842 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).key_id )
1843 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).owner )
1854 .owner = owner_id } );
1867 return( ( id1.key_id == id2.key_id ) &&
1868 mbedtls_key_owner_id_equal( id1.owner, id2.owner ) );
1879 return( ( key.key_id == 0 ) && ( key.owner == 0 ) );
1901 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
1917 #define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002)
1928 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
1939 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
1949 #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000)
1959 #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000)
1963 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000)
1983 #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
1990 #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
1997 #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
2004 #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
2011 #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204)
static mbedtls_svc_key_id_t mbedtls_svc_key_id_make(unsigned int unused, psa_key_id_t key_id)
psa_key_id_t mbedtls_svc_key_id_t
static int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2)
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)