mbed TLS v2.26.0
crypto_extra.h
Go to the documentation of this file.
1 
11 /*
12  * Copyright The Mbed TLS Contributors
13  * SPDX-License-Identifier: Apache-2.0
14  *
15  * Licensed under the Apache License, Version 2.0 (the "License"); you may
16  * not use this file except in compliance with the License.
17  * You may obtain a copy of the License at
18  *
19  * http://www.apache.org/licenses/LICENSE-2.0
20  *
21  * Unless required by applicable law or agreed to in writing, software
22  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24  * See the License for the specific language governing permissions and
25  * limitations under the License.
26  */
27 
28 #ifndef PSA_CRYPTO_EXTRA_H
29 #define PSA_CRYPTO_EXTRA_H
30 
31 #include "mbedtls/platform_util.h"
32 
33 #include "crypto_compat.h"
34 
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38 
39 /* UID for secure storage seed */
40 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
41 
42 /* See config.h for definition */
43 #if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
44 #define MBEDTLS_PSA_KEY_SLOT_COUNT 32
45 #endif
46 
71  psa_key_attributes_t *attributes,
72  psa_algorithm_t alg2)
73 {
74  attributes->core.policy.alg2 = alg2;
75 }
76 
84  const psa_key_attributes_t *attributes)
85 {
86  return( attributes->core.policy.alg2 );
87 }
88 
89 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
90 
113 psa_status_t psa_get_key_slot_number(
114  const psa_key_attributes_t *attributes,
115  psa_key_slot_number_t *slot_number );
116 
140 static inline void psa_set_key_slot_number(
141  psa_key_attributes_t *attributes,
142  psa_key_slot_number_t slot_number )
143 {
145  attributes->slot_number = slot_number;
146 }
147 
154 static inline void psa_clear_key_slot_number(
155  psa_key_attributes_t *attributes )
156 {
158 }
159 
200 psa_status_t mbedtls_psa_register_se_key(
201  const psa_key_attributes_t *attributes);
202 
203 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
204 
215 void mbedtls_psa_crypto_free( void );
216 
223 typedef struct mbedtls_psa_stats_s
224 {
237  size_t cache_slots;
239  size_t empty_slots;
241  size_t locked_slots;
247 
256 
324 psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
325  size_t seed_size);
326 
338 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002)
339 
356 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
357 
359 #define PSA_KEY_TYPE_IS_DSA(type) \
360  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
361 
362 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400)
363 
377 #define PSA_ALG_DSA(hash_alg) \
378  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
379 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500)
380 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
381 
395 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
396  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
397 #define PSA_ALG_IS_DSA(alg) \
398  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
399  PSA_ALG_DSA_BASE)
400 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
401  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
402 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
403  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
404 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
405  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
406 
407 
408 /* We need to expand the sample definition of this macro from
409  * the API definition. */
410 #undef PSA_ALG_IS_HASH_AND_SIGN
411 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
412  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
413  PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
414 
427 #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
428 
429 
497  psa_key_type_t type,
498  const uint8_t *data,
499  size_t data_length);
500 
525  const psa_key_attributes_t *attributes,
526  uint8_t *data,
527  size_t data_size,
528  size_t *data_length);
529 
555 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
556  (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
557  PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
558  PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
559  0)
560 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
561  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
562 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
563  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
564 
571 #if defined(MBEDTLS_ECP_C)
572 #include <mbedtls/ecp.h>
573 
588  size_t *bits )
589 {
590  switch( grpid )
591  {
593  *bits = 192;
594  return( PSA_ECC_FAMILY_SECP_R1 );
596  *bits = 224;
597  return( PSA_ECC_FAMILY_SECP_R1 );
599  *bits = 256;
600  return( PSA_ECC_FAMILY_SECP_R1 );
602  *bits = 384;
603  return( PSA_ECC_FAMILY_SECP_R1 );
605  *bits = 521;
606  return( PSA_ECC_FAMILY_SECP_R1 );
608  *bits = 256;
611  *bits = 384;
614  *bits = 512;
617  *bits = 255;
618  return( PSA_ECC_FAMILY_MONTGOMERY );
620  *bits = 192;
621  return( PSA_ECC_FAMILY_SECP_K1 );
623  *bits = 224;
624  return( PSA_ECC_FAMILY_SECP_K1 );
626  *bits = 256;
627  return( PSA_ECC_FAMILY_SECP_K1 );
629  *bits = 448;
630  return( PSA_ECC_FAMILY_MONTGOMERY );
631  default:
632  *bits = 0;
633  return( 0 );
634  }
635 }
636 
657  size_t bits,
658  int bits_is_sloppy );
659 #endif /* MBEDTLS_ECP_C */
660 
667 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
668 
707 psa_status_t mbedtls_psa_external_get_random(
708  mbedtls_psa_external_random_context_t *context,
709  uint8_t *output, size_t output_size, size_t *output_length );
710 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
711 
714 #ifdef __cplusplus
715 }
716 #endif
717 
718 #endif /* PSA_CRYPTO_EXTRA_H */
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:587
void mbedtls_psa_crypto_free(void)
Library deinitialization.
#define PSA_ECC_FAMILY_MONTGOMERY
PSA cryptography module: Backward compatibility aliases.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
Definition: crypto_extra.h:70
This file provides an API for Elliptic Curves over GF(P) (ECP).
psa_algorithm_t alg2
psa_key_attributes_flag_t flags
uint32_t psa_key_id_t
Definition: crypto_types.h:224
psa_core_key_attributes_t core
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
Common and shared functions used by multiple modules in the Mbed TLS library.
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
uint64_t psa_key_slot_number_t
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
Definition: crypto_extra.h:83
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:105
#define PSA_ECC_FAMILY_SECP_R1
mbedtls_ecp_group_id
Definition: ecp.h:109
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:73
psa_key_id_t max_open_internal_key_id
Definition: crypto_extra.h:243
psa_key_policy_t policy
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
#define PSA_ECC_FAMILY_SECP_K1
psa_key_id_t max_open_external_key_id
Definition: crypto_extra.h:245
uint8_t psa_ecc_family_t
Definition: crypto_types.h:84
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:62
Statistics about resource consumption related to the PSA keystore.
Definition: crypto_extra.h:223