mbed TLS v3.4.0
crypto_extra.h
Go to the documentation of this file.
1 
11 /*
12  * Copyright The Mbed TLS Contributors
13  * SPDX-License-Identifier: Apache-2.0
14  *
15  * Licensed under the Apache License, Version 2.0 (the "License"); you may
16  * not use this file except in compliance with the License.
17  * You may obtain a copy of the License at
18  *
19  * http://www.apache.org/licenses/LICENSE-2.0
20  *
21  * Unless required by applicable law or agreed to in writing, software
22  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24  * See the License for the specific language governing permissions and
25  * limitations under the License.
26  */
27 
28 #ifndef PSA_CRYPTO_EXTRA_H
29 #define PSA_CRYPTO_EXTRA_H
30 #include "mbedtls/private_access.h"
31 
32 #include "mbedtls/platform_util.h"
33 
34 #include "crypto_types.h"
35 #include "crypto_compat.h"
36 
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40 
41 /* UID for secure storage seed */
42 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
43 
44 /* See mbedtls_config.h for definition */
45 #if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
46 #define MBEDTLS_PSA_KEY_SLOT_COUNT 32
47 #endif
48 
73  psa_key_attributes_t *attributes,
74  psa_algorithm_t alg2)
75 {
76  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2;
77 }
78 
86  const psa_key_attributes_t *attributes)
87 {
88  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2);
89 }
90 
91 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
92 
115 psa_status_t psa_get_key_slot_number(
116  const psa_key_attributes_t *attributes,
117  psa_key_slot_number_t *slot_number);
118 
142 static inline void psa_set_key_slot_number(
143  psa_key_attributes_t *attributes,
144  psa_key_slot_number_t slot_number)
145 {
146  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
147  attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
148 }
149 
156 static inline void psa_clear_key_slot_number(
157  psa_key_attributes_t *attributes)
158 {
159  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &=
161 }
162 
203 psa_status_t mbedtls_psa_register_se_key(
204  const psa_key_attributes_t *attributes);
205 
206 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
207 
218 void mbedtls_psa_crypto_free(void);
219 
226 typedef struct mbedtls_psa_stats_s {
228  size_t MBEDTLS_PRIVATE(volatile_slots);
231  size_t MBEDTLS_PRIVATE(persistent_slots);
234  size_t MBEDTLS_PRIVATE(external_slots);
237  size_t MBEDTLS_PRIVATE(half_filled_slots);
239  size_t MBEDTLS_PRIVATE(cache_slots);
241  size_t MBEDTLS_PRIVATE(empty_slots);
243  size_t MBEDTLS_PRIVATE(locked_slots);
245  psa_key_id_t MBEDTLS_PRIVATE(max_open_internal_key_id);
247  psa_key_id_t MBEDTLS_PRIVATE(max_open_external_key_id);
249 
258 
328 psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
329  size_t seed_size);
330 
342 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
343 
360 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
361 
363 #define PSA_KEY_TYPE_IS_DSA(type) \
364  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
365 
366 #define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
367 
381 #define PSA_ALG_DSA(hash_alg) \
382  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
383 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
384 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
385 
399 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
400  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
401 #define PSA_ALG_IS_DSA(alg) \
402  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
403  PSA_ALG_DSA_BASE)
404 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
405  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
406 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
407  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
408 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
409  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
410 
411 
412 /* We need to expand the sample definition of this macro from
413  * the API definition. */
414 #undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
415 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
416  PSA_ALG_IS_DSA(alg)
417 
430 #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
431 
433 #define PSA_PAKE_OPERATION_STAGE_SETUP 0
434 #define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 1
435 #define PSA_PAKE_OPERATION_STAGE_COMPUTATION 2
436 
504  psa_key_type_t type,
505  const uint8_t *data,
506  size_t data_length);
507 
532  const psa_key_attributes_t *attributes,
533  uint8_t *data,
534  size_t data_size,
535  size_t *data_length);
536 
562 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
563  (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
564  PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
565  PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
566  0)
567 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
568  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
569 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
570  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
571 
578 #if defined(MBEDTLS_ECP_C)
579 #include <mbedtls/ecp.h>
580 
595  size_t *bits)
596 {
597  switch (grpid) {
599  *bits = 192;
600  return PSA_ECC_FAMILY_SECP_R1;
602  *bits = 224;
603  return PSA_ECC_FAMILY_SECP_R1;
605  *bits = 256;
606  return PSA_ECC_FAMILY_SECP_R1;
608  *bits = 384;
609  return PSA_ECC_FAMILY_SECP_R1;
611  *bits = 521;
612  return PSA_ECC_FAMILY_SECP_R1;
614  *bits = 256;
617  *bits = 384;
620  *bits = 512;
623  *bits = 255;
626  *bits = 192;
627  return PSA_ECC_FAMILY_SECP_K1;
629  *bits = 224;
630  return PSA_ECC_FAMILY_SECP_K1;
632  *bits = 256;
633  return PSA_ECC_FAMILY_SECP_K1;
635  *bits = 448;
637  default:
638  *bits = 0;
639  return 0;
640  }
641 }
642 
663  size_t bits,
664  int bits_is_sloppy);
665 #endif /* MBEDTLS_ECP_C */
666 
673 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
674 
713 psa_status_t mbedtls_psa_external_get_random(
714  mbedtls_psa_external_random_context_t *context,
715  uint8_t *output, size_t output_size, size_t *output_length);
716 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
717 
735 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
736 
742 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
743 
748 typedef uint64_t psa_drv_slot_number_t;
749 
750 #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
751 
760 static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
761 {
762  return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
763  (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX);
764 }
765 
810 psa_status_t mbedtls_psa_platform_get_builtin_key(
811  mbedtls_svc_key_id_t key_id,
812  psa_key_lifetime_t *lifetime,
813  psa_drv_slot_number_t *slot_number);
814 #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
815 
822 #define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t) 0x0a000000)
823 
833 #define PSA_ALG_IS_PAKE(alg) \
834  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE)
835 
951 #define PSA_ALG_JPAKE ((psa_algorithm_t) 0x0a000100)
952 
973 typedef uint8_t psa_pake_role_t;
974 
981 typedef uint8_t psa_pake_step_t;
982 
992 
998 typedef uint8_t psa_pake_family_t;
999 
1004 typedef uint32_t psa_pake_primitive_t;
1005 
1010 #define PSA_PAKE_ROLE_NONE ((psa_pake_role_t) 0x00)
1011 
1019 #define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t) 0x01)
1020 
1028 #define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t) 0x02)
1029 
1034 #define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t) 0x11)
1035 
1040 #define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t) 0x12)
1041 
1060 #define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t) 0x01)
1061 
1080 #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t) 0x02)
1081 
1101 #define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \
1102  ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \
1103  ((psa_pake_primitive_t) (((pake_type) << 24 | \
1104  (pake_family) << 16) | (pake_bits)))
1105 
1118 #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t) 0x01)
1119 
1135 #define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t) 0x02)
1136 
1156 #define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t) 0x03)
1157 
1165 
1169 
1177  const psa_pake_cipher_suite_t *cipher_suite);
1178 
1191 static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite,
1193 
1200 static psa_pake_primitive_t psa_pake_cs_get_primitive(
1201  const psa_pake_cipher_suite_t *cipher_suite);
1202 
1212 static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite,
1213  psa_pake_primitive_t primitive);
1214 
1221 static psa_pake_family_t psa_pake_cs_get_family(
1222  const psa_pake_cipher_suite_t *cipher_suite);
1223 
1230 static uint16_t psa_pake_cs_get_bits(
1231  const psa_pake_cipher_suite_t *cipher_suite);
1232 
1242  const psa_pake_cipher_suite_t *cipher_suite);
1243 
1260 static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
1262 
1292 
1295 
1298 
1302 
1314  const psa_crypto_driver_pake_inputs_t *inputs,
1315  size_t *password_len);
1316 
1330  const psa_crypto_driver_pake_inputs_t *inputs,
1331  uint8_t *buffer, size_t buffer_size, size_t *buffer_length);
1332 
1344  const psa_crypto_driver_pake_inputs_t *inputs,
1345  psa_pake_role_t *role);
1346 
1358  const psa_crypto_driver_pake_inputs_t *inputs,
1359  size_t *user_len);
1360 
1372  const psa_crypto_driver_pake_inputs_t *inputs,
1373  size_t *peer_len);
1374 
1390  const psa_crypto_driver_pake_inputs_t *inputs,
1391  uint8_t *user_id, size_t user_id_size, size_t *user_id_len);
1392 
1408  const psa_crypto_driver_pake_inputs_t *inputs,
1409  uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length);
1410 
1422  const psa_crypto_driver_pake_inputs_t *inputs,
1423  psa_pake_cipher_suite_t *cipher_suite);
1424 
1496  const psa_pake_cipher_suite_t *cipher_suite);
1497 
1544  mbedtls_svc_key_id_t password);
1545 
1585  const uint8_t *user_id,
1586  size_t user_id_len);
1587 
1628  const uint8_t *peer_id,
1629  size_t peer_id_len);
1630 
1670  psa_pake_role_t role);
1671 
1728  psa_pake_step_t step,
1729  uint8_t *output,
1730  size_t output_size,
1731  size_t *output_length);
1732 
1783  psa_pake_step_t step,
1784  const uint8_t *input,
1785  size_t input_length);
1786 
1847 
1873 
1896 #define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \
1897  (alg == PSA_ALG_JPAKE && \
1898  primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
1899  PSA_ECC_FAMILY_SECP_R1, 256) ? \
1900  ( \
1901  output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
1902  output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
1903  32 \
1904  ) : \
1905  0)
1906 
1926 #define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \
1927  (alg == PSA_ALG_JPAKE && \
1928  primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
1929  PSA_ECC_FAMILY_SECP_R1, 256) ? \
1930  ( \
1931  input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
1932  input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
1933  32 \
1934  ) : \
1935  0)
1936 
1944 #define PSA_PAKE_OUTPUT_MAX_SIZE 65
1945 
1953 #define PSA_PAKE_INPUT_MAX_SIZE 65
1954 
1958 #define PSA_PAKE_CIPHER_SUITE_INIT { PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE }
1959 
1963 #define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, PSA_PAKE_OPERATION_STAGE_SETUP, \
1964  { 0 }, { { 0 } } }
1965 
1968  psa_pake_primitive_type_t type;
1969  psa_pake_family_t family;
1970  uint16_t bits;
1972 };
1973 
1975  const psa_pake_cipher_suite_t *cipher_suite)
1976 {
1977  return cipher_suite->algorithm;
1978 }
1979 
1980 static inline void psa_pake_cs_set_algorithm(
1981  psa_pake_cipher_suite_t *cipher_suite,
1982  psa_algorithm_t algorithm)
1983 {
1984  if (!PSA_ALG_IS_PAKE(algorithm)) {
1985  cipher_suite->algorithm = 0;
1986  } else {
1987  cipher_suite->algorithm = algorithm;
1988  }
1989 }
1990 
1991 static inline psa_pake_primitive_t psa_pake_cs_get_primitive(
1992  const psa_pake_cipher_suite_t *cipher_suite)
1993 {
1994  return PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family,
1995  cipher_suite->bits);
1996 }
1997 
1998 static inline void psa_pake_cs_set_primitive(
1999  psa_pake_cipher_suite_t *cipher_suite,
2000  psa_pake_primitive_t primitive)
2001 {
2002  cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24);
2003  cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16));
2004  cipher_suite->bits = (uint16_t) (0xFFFF & primitive);
2005 }
2006 
2007 static inline psa_pake_family_t psa_pake_cs_get_family(
2008  const psa_pake_cipher_suite_t *cipher_suite)
2009 {
2010  return cipher_suite->family;
2011 }
2012 
2013 static inline uint16_t psa_pake_cs_get_bits(
2014  const psa_pake_cipher_suite_t *cipher_suite)
2015 {
2016  return cipher_suite->bits;
2017 }
2018 
2020  const psa_pake_cipher_suite_t *cipher_suite)
2021 {
2022  return cipher_suite->hash;
2023 }
2024 
2025 static inline void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
2026  psa_algorithm_t hash)
2027 {
2028  if (!PSA_ALG_IS_HASH(hash)) {
2029  cipher_suite->hash = 0;
2030  } else {
2031  cipher_suite->hash = hash;
2032  }
2033 }
2034 
2036  uint8_t *MBEDTLS_PRIVATE(password);
2037  size_t MBEDTLS_PRIVATE(password_len);
2038  psa_pake_role_t MBEDTLS_PRIVATE(role);
2039  uint8_t *MBEDTLS_PRIVATE(user);
2040  size_t MBEDTLS_PRIVATE(user_len);
2041  uint8_t *MBEDTLS_PRIVATE(peer);
2042  size_t MBEDTLS_PRIVATE(peer_len);
2045 };
2046 
2047 typedef enum psa_jpake_step {
2053 
2054 typedef enum psa_jpake_state {
2063 
2064 typedef enum psa_jpake_sequence {
2066  PSA_PAKE_X1_STEP_KEY_SHARE = 1, /* also X2S & X4S KEY_SHARE */
2067  PSA_PAKE_X1_STEP_ZK_PUBLIC = 2, /* also X2S & X4S ZK_PUBLIC */
2068  PSA_PAKE_X1_STEP_ZK_PROOF = 3, /* also X2S & X4S ZK_PROOF */
2074 
2076  PSA_JPAKE_STEP_INVALID = 0, /* Invalid step */
2077  PSA_JPAKE_X1_STEP_KEY_SHARE = 1, /* Round 1: input/output key share (for ephemeral private key X1).*/
2078  PSA_JPAKE_X1_STEP_ZK_PUBLIC = 2, /* Round 1: input/output Schnorr NIZKP public key for the X1 key */
2079  PSA_JPAKE_X1_STEP_ZK_PROOF = 3, /* Round 1: input/output Schnorr NIZKP proof for the X1 key */
2080  PSA_JPAKE_X2_STEP_KEY_SHARE = 4, /* Round 1: input/output key share (for ephemeral private key X2).*/
2081  PSA_JPAKE_X2_STEP_ZK_PUBLIC = 5, /* Round 1: input/output Schnorr NIZKP public key for the X2 key */
2082  PSA_JPAKE_X2_STEP_ZK_PROOF = 6, /* Round 1: input/output Schnorr NIZKP proof for the X2 key */
2083  PSA_JPAKE_X2S_STEP_KEY_SHARE = 7, /* Round 2: output X2S key (our key) */
2084  PSA_JPAKE_X2S_STEP_ZK_PUBLIC = 8, /* Round 2: output Schnorr NIZKP public key for the X2S key (our key) */
2085  PSA_JPAKE_X2S_STEP_ZK_PROOF = 9, /* Round 2: output Schnorr NIZKP proof for the X2S key (our key) */
2086  PSA_JPAKE_X4S_STEP_KEY_SHARE = 10, /* Round 2: input X4S key (from peer) */
2087  PSA_JPAKE_X4S_STEP_ZK_PUBLIC = 11, /* Round 2: input Schnorr NIZKP public key for the X4S key (from peer) */
2088  PSA_JPAKE_X4S_STEP_ZK_PROOF = 12 /* Round 2: input Schnorr NIZKP proof for the X4S key (from peer) */
2090 
2091 
2097 };
2098 
2106  unsigned int MBEDTLS_PRIVATE(id);
2107  /* Algorithm of the PAKE operation */
2109  /* Stage of the PAKE operation: waiting for the setup, collecting inputs
2110  * or computing. */
2111  uint8_t MBEDTLS_PRIVATE(stage);
2112  /* Holds computation stage of the PAKE algorithms. */
2113  union {
2114  uint8_t MBEDTLS_PRIVATE(dummy);
2115 #if defined(PSA_WANT_ALG_JPAKE)
2117 #endif
2118  } MBEDTLS_PRIVATE(computation_stage);
2119  union {
2122  } MBEDTLS_PRIVATE(data);
2123 };
2124 
2126 {
2128  return v;
2129 }
2130 
2132 {
2134  return v;
2135 }
2136 
2137 #ifdef __cplusplus
2138 }
2139 #endif
2140 
2141 #endif /* PSA_CRYPTO_EXTRA_H */
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:594
uint32_t psa_pake_primitive_t
Encoding of the primitive associated with the PAKE.
static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t hash)
uint8_t psa_pake_step_t
Definition: crypto_extra.h:981
static psa_pake_cipher_suite_t psa_pake_cipher_suite_init(void)
psa_status_t psa_pake_output(psa_pake_operation_t *operation, psa_pake_step_t step, uint8_t *output, size_t output_size, size_t *output_length)
void mbedtls_psa_crypto_free(void)
Library deinitialization.
psa_status_t psa_pake_set_role(psa_pake_operation_t *operation, psa_pake_role_t role)
#define PSA_ECC_FAMILY_MONTGOMERY
psa_status_t psa_pake_abort(psa_pake_operation_t *operation)
PSA cryptography module: Backward compatibility aliases.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
Definition: crypto_extra.h:72
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
Definition: crypto_extra.h:735
static psa_algorithm_t psa_pake_cs_get_algorithm(const psa_pake_cipher_suite_t *cipher_suite)
This file provides an API for Elliptic Curves over GF(P) (ECP).
psa_pake_primitive_type_t type
#define PSA_PAKE_OPERATION_INIT
PSA cryptography module: type aliases.
#define MBEDTLS_PRIVATE(member)
static uint16_t psa_pake_cs_get_bits(const psa_pake_cipher_suite_t *cipher_suite)
uint32_t psa_key_id_t
Definition: crypto_types.h:280
psa_jpake_state
psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, psa_key_derivation_operation_t *output)
psa_status_t psa_crypto_driver_pake_get_user(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *user_id, size_t user_id_size, size_t *user_id_len)
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
enum psa_jpake_step psa_jpake_step_t
static psa_algorithm_t psa_pake_cs_get_hash(const psa_pake_cipher_suite_t *cipher_suite)
Common and shared functions used by multiple modules in the Mbed TLS library.
psa_status_t psa_crypto_driver_pake_get_peer_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *peer_len)
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite, psa_pake_primitive_t primitive)
#define PSA_PAKE_CIPHER_SUITE_INIT
uint8_t psa_pake_family_t
Encoding of the family of the primitive associated with the PAKE.
Definition: crypto_extra.h:998
psa_status_t psa_crypto_driver_pake_get_role(const psa_crypto_driver_pake_inputs_t *inputs, psa_pake_role_t *role)
uint64_t psa_drv_slot_number_t
Definition: crypto_extra.h:748
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
uint64_t psa_key_slot_number_t
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
Definition: crypto_extra.h:85
psa_status_t psa_crypto_driver_pake_get_password_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *password_len)
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:139
static psa_pake_family_t psa_pake_cs_get_family(const psa_pake_cipher_suite_t *cipher_suite)
enum psa_jpake_sequence psa_jpake_sequence_t
#define PSA_ECC_FAMILY_SECP_R1
Macro wrapper for struct's members.
#define PSA_ALG_IS_HASH(alg)
psa_jpake_step
uint8_t psa_pake_primitive_type_t
Definition: crypto_extra.h:991
psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password)
mbedtls_ecp_group_id
Definition: ecp.h:113
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:83
psa_status_t psa_crypto_driver_pake_get_password(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *buffer, size_t buffer_size, size_t *buffer_length)
psa_crypto_driver_pake_step
psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, const uint8_t *user_id, size_t user_id_len)
#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits)
static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t algorithm)
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
Definition: crypto_extra.h:742
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:297
#define PSA_ALG_IS_PAKE(alg)
Definition: crypto_extra.h:833
static psa_pake_primitive_t psa_pake_cs_get_primitive(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
static psa_pake_operation_t psa_pake_operation_init(void)
psa_status_t psa_pake_input(psa_pake_operation_t *operation, psa_pake_step_t step, const uint8_t *input, size_t input_length)
psa_status_t psa_crypto_driver_pake_get_user_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *user_len)
psa_pake_family_t family
uint8_t psa_pake_role_t
Encoding of the application role of PAKE.
Definition: crypto_extra.h:973
#define PSA_ECC_FAMILY_SECP_K1
psa_status_t psa_crypto_driver_pake_get_cipher_suite(const psa_crypto_driver_pake_inputs_t *inputs, psa_pake_cipher_suite_t *cipher_suite)
uint32_t psa_key_lifetime_t
Definition: crypto_types.h:188
psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, const uint8_t *peer_id, size_t peer_id_len)
psa_status_t psa_pake_setup(psa_pake_operation_t *operation, const psa_pake_cipher_suite_t *cipher_suite)
uint8_t psa_ecc_family_t
Definition: crypto_types.h:102
enum psa_jpake_state psa_jpake_state_t
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:64
enum psa_crypto_driver_pake_step psa_crypto_driver_pake_step_t
psa_algorithm_t algorithm
psa_status_t psa_crypto_driver_pake_get_peer(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length)
psa_jpake_sequence
psa_algorithm_t hash
Statistics about resource consumption related to the PSA keystore.
Definition: crypto_extra.h:226