mbed TLS v2.26.0
crypto_values.h
Go to the documentation of this file.
1 
17 /*
18  * Copyright The Mbed TLS Contributors
19  * SPDX-License-Identifier: Apache-2.0
20  *
21  * Licensed under the Apache License, Version 2.0 (the "License"); you may
22  * not use this file except in compliance with the License.
23  * You may obtain a copy of the License at
24  *
25  * http://www.apache.org/licenses/LICENSE-2.0
26  *
27  * Unless required by applicable law or agreed to in writing, software
28  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
29  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
30  * See the License for the specific language governing permissions and
31  * limitations under the License.
32  */
33 
34 #ifndef PSA_CRYPTO_VALUES_H
35 #define PSA_CRYPTO_VALUES_H
36 
41 /* PSA error codes */
42 
44 #define PSA_SUCCESS ((psa_status_t)0)
45 
51 #define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
52 
60 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
61 
73 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
74 
85 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
86 
91 #define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
92 
97 #define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
98 
113 #define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
114 
124 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
125 
130 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
131 
139 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
140 
156 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
157 
181 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
182 
187 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
188 
218 #define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
219 
237 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
238 
247 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
248 
263 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
264 
267 #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
268 
271 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
272 
295 #define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
296 
311 #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
312 
323 #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000)
324 
332 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000)
333 
334 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000)
335 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000)
336 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000)
337 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000)
338 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000)
339 
340 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000)
341 
346 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
347  (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
348 
353 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
354  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
355  ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
356 
358 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
359  (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
360  & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
361  PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
362 
363 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
364  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
365 
367 #define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
368  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
369 
379 #define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
380  ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
381 
391 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
392  ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
393 
398 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001)
399 
408 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
409 
415 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200)
416 
422 #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400)
423 
433 #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301)
434 
437 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
438 
443 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002)
444 
452 #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)
453 
455 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001)
456 
457 #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001)
458 
459 #define PSA_KEY_TYPE_IS_RSA(type) \
460  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
461 
462 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100)
463 #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100)
464 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff)
465 
470 #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
471  (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
472 
477 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
478  (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
479 
481 #define PSA_KEY_TYPE_IS_ECC(type) \
482  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
483  ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
484 
485 #define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
486  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
487  PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
488 
489 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
490  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
491  PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
492 
494 #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
495  ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
496  ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
497  0))
498 
507 #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
508 
517 #define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
518 /* SECP160R2 (SEC2 v1, obsolete) */
519 #define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
520 
529 #define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
530 
539 #define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
540 
549 #define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
550 
558 #define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
559 
570 #define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
571 
572 #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200)
573 #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200)
574 #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff)
575 
580 #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
581  (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
582 
587 #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
588  (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
589 
591 #define PSA_KEY_TYPE_IS_DH(type) \
592  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
593  ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
594 
595 #define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
596  (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
597  PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
598 
599 #define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
600  (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
601  PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
602 
604 #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
605  ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
606  ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
607  0))
608 
615 #define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
616 
617 #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
618  (((type) >> 8) & 7)
619 
637 #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
638  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
639  1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
640  0u)
641 
649 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
650 
651 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
652 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000)
653 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000)
654 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
655 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000)
656 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000)
657 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000)
658 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000)
659 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000)
660 
665 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
666  (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
667 
676 #define PSA_ALG_IS_HASH(alg) \
677  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
678 
687 #define PSA_ALG_IS_MAC(alg) \
688  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
689 
698 #define PSA_ALG_IS_CIPHER(alg) \
699  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
700 
710 #define PSA_ALG_IS_AEAD(alg) \
711  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
712 
722 #define PSA_ALG_IS_SIGN(alg) \
723  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
724 
734 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
735  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
736 
745 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
746  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
747 
756 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
757  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
758 
759 #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
760 
761 #define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001)
762 
763 #define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002)
764 
765 #define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
766 
767 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004)
768 
769 #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005)
770 
771 #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008)
772 
773 #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009)
774 
775 #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a)
776 
777 #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b)
778 
779 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c)
780 
781 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d)
782 
783 #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010)
784 
785 #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011)
786 
787 #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012)
788 
789 #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013)
790 
824 #define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff)
825 
826 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
827 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000)
828 
839 #define PSA_ALG_HMAC(hash_alg) \
840  (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
841 
842 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
843  (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
844 
855 #define PSA_ALG_IS_HMAC(alg) \
856  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
857  PSA_ALG_HMAC_BASE)
858 
859 /* In the encoding of a MAC algorithm, the bits corresponding to
860  * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
861  * truncated. As an exception, the value 0 means the untruncated algorithm,
862  * whatever its length is. The length is encoded in 6 bits, so it can
863  * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
864  * to full length is correctly encoded as 0 and any non-trivial truncation
865  * is correctly encoded as a value between 1 and 63. */
866 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000)
867 #define PSA_MAC_TRUNCATION_OFFSET 16
868 
869 /* In the encoding of a MAC algorithm, the bit corresponding to
870  * #PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
871  * is a wildcard algorithm. A key with such wildcard algorithm as permitted
872  * algorithm policy can be used with any algorithm corresponding to the
873  * same base class and having a (potentially truncated) MAC length greater or
874  * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
875 #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
876 
910 #define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
911  (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
912  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
913  ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
914 
927 #define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
928  ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
929  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
930 
942 #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
943  (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
944 
969 #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
970  ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
971  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG )
972 
973 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000)
974 
979 #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
980 
981 #define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
982 
991 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
992  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
993  PSA_ALG_CIPHER_MAC_BASE)
994 
995 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
996 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
997 
1010 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
1011  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1012  (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1013 
1020 #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
1021 
1029 #define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000)
1030 
1035 #define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100)
1036 
1041 #define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200)
1042 
1049 #define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00)
1050 
1069 #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400)
1070 
1078 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000)
1079 
1086 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100)
1087 
1088 #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
1089 
1099 #define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1100  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1101  (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1102 
1107 #define PSA_ALG_CCM ((psa_algorithm_t)0x05500100)
1108 
1113 #define PSA_ALG_GCM ((psa_algorithm_t)0x05500200)
1114 
1124 #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
1125 
1126 /* In the encoding of a AEAD algorithm, the bits corresponding to
1127  * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
1128  * The constants for default lengths follow this encoding.
1129  */
1130 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000)
1131 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
1132 
1133 /* In the encoding of an AEAD algorithm, the bit corresponding to
1134  * #PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
1135  * is a wildcard algorithm. A key with such wildcard algorithm as permitted
1136  * algorithm policy can be used with any algorithm corresponding to the
1137  * same base class and having a tag length greater than or equal to the one
1138  * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
1139 #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
1140 
1159 #define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1160  (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1161  PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1162  ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1163  PSA_ALG_AEAD_TAG_LENGTH_MASK))
1164 
1176 #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1177  (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1178  PSA_AEAD_TAG_LENGTH_OFFSET )
1179 
1188 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1189  ( \
1190  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1191  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1192  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1193  0)
1194 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1195  PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1196  PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1197  ref :
1198 
1223 #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1224  ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1225  PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG )
1226 
1227 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200)
1228 
1243 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1244  (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1245 
1251 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1252 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1253  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1254 
1255 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300)
1256 
1274 #define PSA_ALG_RSA_PSS(hash_alg) \
1275  (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1276 #define PSA_ALG_IS_RSA_PSS(alg) \
1277  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1278 
1279 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600)
1280 
1300 #define PSA_ALG_ECDSA(hash_alg) \
1301  (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1302 
1311 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1312 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700)
1313 
1335 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1336  (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1337 #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100)
1338 #define PSA_ALG_IS_ECDSA(alg) \
1339  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1340  PSA_ALG_ECDSA_BASE)
1341 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1342  (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1343 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1344  (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1345 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1346  (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1347 
1361 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1362  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1363  PSA_ALG_IS_ECDSA(alg))
1364 
1383 #define PSA_ALG_SIGN_GET_HASH(alg) \
1384  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1385  ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \
1386  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1387  0)
1388 
1391 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200)
1392 
1393 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300)
1394 
1408 #define PSA_ALG_RSA_OAEP(hash_alg) \
1409  (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1410 #define PSA_ALG_IS_RSA_OAEP(alg) \
1411  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1412 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1413  (PSA_ALG_IS_RSA_OAEP(alg) ? \
1414  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1415  0)
1416 
1417 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100)
1418 
1438 #define PSA_ALG_HKDF(hash_alg) \
1439  (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1440 
1451 #define PSA_ALG_IS_HKDF(alg) \
1452  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1453 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1454  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1455 
1456 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200)
1457 
1483 #define PSA_ALG_TLS12_PRF(hash_alg) \
1484  (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1485 
1494 #define PSA_ALG_IS_TLS12_PRF(alg) \
1495  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1496 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1497  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1498 
1499 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300)
1500 
1529 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
1530  (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1531 
1540 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
1541  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
1542 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
1543  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1544 
1545 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff)
1546 #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)
1547 
1562 #define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
1563  ((ka_alg) | (kdf_alg))
1564 
1565 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
1566  (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
1567 
1568 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
1569  (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
1570 
1585 #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
1586  (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
1587  PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
1588 
1589 #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
1590  ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
1591 
1599 #define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000)
1600 
1613 #define PSA_ALG_IS_FFDH(alg) \
1614  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
1615 
1641 #define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000)
1642 
1657 #define PSA_ALG_IS_ECDH(alg) \
1658  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
1659 
1673 #define PSA_ALG_IS_WILDCARD(alg) \
1674  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1675  PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
1676  PSA_ALG_IS_MAC(alg) ? \
1677  (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1678  PSA_ALG_IS_AEAD(alg) ? \
1679  (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1680  (alg) == PSA_ALG_ANY_HASH)
1681 
1699 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
1700 
1713 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
1714 
1719 #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00)
1720 
1725 #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01)
1726 
1731 #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff)
1732 
1733 #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
1734  ((psa_key_persistence_t)((lifetime) & 0x000000ff))
1735 
1736 #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
1737  ((psa_key_location_t)((lifetime) >> 8))
1738 
1755 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
1756  (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
1757  PSA_KEY_PERSISTENCE_VOLATILE)
1758 
1768 #define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
1769  ((location) << 8 | (persistence))
1770 
1778 #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000)
1779 
1780 #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000)
1781 
1784 #define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001)
1785 
1787 #define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff)
1788 
1790 #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000)
1791 
1793 #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff)
1794 
1795 
1796 #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
1797 
1798 #define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 )
1799 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id )
1800 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 )
1801 
1808  unsigned int unused, psa_key_id_t key_id )
1809 {
1810  (void)unused;
1811 
1812  return( key_id );
1813 }
1814 
1823  mbedtls_svc_key_id_t id2 )
1824 {
1825  return( id1 == id2 );
1826 }
1827 
1835 {
1836  return( key == 0 );
1837 }
1838 
1839 #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
1840 
1841 #define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } )
1842 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).key_id )
1843 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).owner )
1844 
1851  mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id )
1852 {
1853  return( (mbedtls_svc_key_id_t){ .key_id = key_id,
1854  .owner = owner_id } );
1855 }
1856 
1864 static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
1865  mbedtls_svc_key_id_t id2 )
1866 {
1867  return( ( id1.key_id == id2.key_id ) &&
1868  mbedtls_key_owner_id_equal( id1.owner, id2.owner ) );
1869 }
1870 
1877 static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
1878 {
1879  return( ( key.key_id == 0 ) && ( key.owner == 0 ) );
1880 }
1881 
1882 #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
1883 
1901 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
1902 
1917 #define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002)
1918 
1928 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
1929 
1939 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
1940 
1949 #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000)
1950 
1959 #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000)
1960 
1963 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000)
1964 
1983 #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
1984 
1990 #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
1991 
1997 #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
1998 
2004 #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
2005 
2011 #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204)
2012 
2015 #endif /* PSA_CRYPTO_VALUES_H */
uint32_t psa_key_id_t
Definition: crypto_types.h:224
static mbedtls_svc_key_id_t mbedtls_svc_key_id_make(unsigned int unused, psa_key_id_t key_id)
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:227
static int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2)
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)