mbed TLS v2.23.0
crypto_extra.h
Go to the documentation of this file.
1 
11 /*
12  * Copyright (C) 2018, ARM Limited, All Rights Reserved
13  * SPDX-License-Identifier: Apache-2.0
14  *
15  * Licensed under the Apache License, Version 2.0 (the "License"); you may
16  * not use this file except in compliance with the License.
17  * You may obtain a copy of the License at
18  *
19  * http://www.apache.org/licenses/LICENSE-2.0
20  *
21  * Unless required by applicable law or agreed to in writing, software
22  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24  * See the License for the specific language governing permissions and
25  * limitations under the License.
26  *
27  * This file is part of mbed TLS (https://tls.mbed.org)
28  */
29 
30 #ifndef PSA_CRYPTO_EXTRA_H
31 #define PSA_CRYPTO_EXTRA_H
32 
33 #include "mbedtls/platform_util.h"
34 
35 #include "crypto_compat.h"
36 
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40 
41 /* UID for secure storage seed */
42 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
43 
44 
69  psa_key_attributes_t *attributes,
70  psa_algorithm_t alg2)
71 {
72  attributes->core.policy.alg2 = alg2;
73 }
74 
82  const psa_key_attributes_t *attributes)
83 {
84  return( attributes->core.policy.alg2 );
85 }
86 
87 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
88 
111 psa_status_t psa_get_key_slot_number(
112  const psa_key_attributes_t *attributes,
113  psa_key_slot_number_t *slot_number );
114 
138 static inline void psa_set_key_slot_number(
139  psa_key_attributes_t *attributes,
140  psa_key_slot_number_t slot_number )
141 {
143  attributes->slot_number = slot_number;
144 }
145 
152 static inline void psa_clear_key_slot_number(
153  psa_key_attributes_t *attributes )
154 {
156 }
157 
196 psa_status_t mbedtls_psa_register_se_key(
197  const psa_key_attributes_t *attributes);
198 
199 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
200 
212 
219 typedef struct mbedtls_psa_stats_s
220 {
233  size_t cache_slots;
235  size_t empty_slots;
241 
250 
319  size_t seed_size);
320 
332 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002)
333 
350 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
351 
353 #define PSA_KEY_TYPE_IS_DSA(type) \
354  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
355 
356 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000)
357 
371 #define PSA_ALG_DSA(hash_alg) \
372  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
373 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000)
374 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
375 
389 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
390  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
391 #define PSA_ALG_IS_DSA(alg) \
392  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
393  PSA_ALG_DSA_BASE)
394 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
395  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
396 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
397  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
398 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
399  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
400 
401 
402 /* We need to expand the sample definition of this macro from
403  * the API definition. */
404 #undef PSA_ALG_IS_HASH_AND_SIGN
405 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
406  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
407  PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
408 
421 #define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x7e)
422 
423 
491  psa_key_type_t type,
492  const uint8_t *data,
493  size_t data_length);
494 
519  const psa_key_attributes_t *attributes,
520  uint8_t *data,
521  size_t data_size,
522  size_t *data_length);
523 
549 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
550  (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
551  PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
552  PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
553  0)
554 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
555  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
556 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
557  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
558 
565 #if defined(MBEDTLS_ECP_C)
566 #include <mbedtls/ecp.h>
567 
582  size_t *bits )
583 {
584  switch( grpid )
585  {
587  *bits = 192;
588  return( PSA_ECC_CURVE_SECP_R1 );
590  *bits = 224;
591  return( PSA_ECC_CURVE_SECP_R1 );
593  *bits = 256;
594  return( PSA_ECC_CURVE_SECP_R1 );
596  *bits = 384;
597  return( PSA_ECC_CURVE_SECP_R1 );
599  *bits = 521;
600  return( PSA_ECC_CURVE_SECP_R1 );
602  *bits = 256;
605  *bits = 384;
608  *bits = 512;
611  *bits = 255;
612  return( PSA_ECC_CURVE_MONTGOMERY );
614  *bits = 192;
615  return( PSA_ECC_CURVE_SECP_K1 );
617  *bits = 224;
618  return( PSA_ECC_CURVE_SECP_K1 );
620  *bits = 256;
621  return( PSA_ECC_CURVE_SECP_K1 );
623  *bits = 448;
624  return( PSA_ECC_CURVE_MONTGOMERY );
625  default:
626  *bits = 0;
627  return( 0 );
628  }
629 }
630 
647  size_t byte_length );
648 #endif /* MBEDTLS_ECP_C */
649 
652 #ifdef __cplusplus
653 }
654 #endif
655 
656 #endif /* PSA_CRYPTO_EXTRA_H */
mbedtls_psa_crypto_free
void mbedtls_psa_crypto_free(void)
Library deinitialization.
psa_status_t
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:55
PSA_ECC_CURVE_MONTGOMERY
#define PSA_ECC_CURVE_MONTGOMERY
Definition: crypto_values.h:532
psa_key_policy_s::alg2
psa_algorithm_t alg2
Definition: crypto_struct.h:283
ecp.h
This file provides an API for Elliptic Curves over GF(P) (ECP).
psa_core_key_attributes_t::policy
psa_key_policy_t policy
Definition: crypto_struct.h:336
MBEDTLS_ECP_DP_SECP224K1
@ MBEDTLS_ECP_DP_SECP224K1
Definition: ecp.h:90
psa_key_attributes_s
Definition: crypto_struct.h:343
psa_ecc_curve_t
uint8_t psa_ecc_curve_t
Definition: crypto_types.h:77
MBEDTLS_ECP_DP_SECP224R1
@ MBEDTLS_ECP_DP_SECP224R1
Definition: ecp.h:81
mbedtls_psa_inject_entropy
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
PSA_ECC_CURVE_SECP_R1
#define PSA_ECC_CURVE_SECP_R1
Definition: crypto_values.h:479
mbedtls_psa_stats_s::half_filled_slots
size_t half_filled_slots
Definition: crypto_extra.h:231
MBEDTLS_ECP_DP_SECP384R1
@ MBEDTLS_ECP_DP_SECP384R1
Definition: ecp.h:83
MBEDTLS_ECP_DP_SECP256R1
@ MBEDTLS_ECP_DP_SECP256R1
Definition: ecp.h:82
psa_set_key_enrollment_algorithm
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
Definition: crypto_extra.h:68
PSA_ECC_CURVE_SECP_K1
#define PSA_ECC_CURVE_SECP_K1
Definition: crypto_values.h:469
mbedtls_psa_get_stats
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
psa_key_attributes_s::core
psa_core_key_attributes_t core
Definition: crypto_struct.h:344
mbedtls_psa_stats_s::external_slots
size_t external_slots
Definition: crypto_extra.h:228
psa_set_key_domain_parameters
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
psa_core_key_attributes_t::flags
psa_key_attributes_flag_t flags
Definition: crypto_struct.h:337
PSA_ECC_CURVE_BRAINPOOL_P_R1
#define PSA_ECC_CURVE_BRAINPOOL_P_R1
Definition: crypto_values.h:520
MBEDTLS_ECP_DP_CURVE448
@ MBEDTLS_ECP_DP_CURVE448
Definition: ecp.h:92
MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
Definition: crypto_struct.h:316
MBEDTLS_ECP_DP_BP384R1
@ MBEDTLS_ECP_DP_BP384R1
Definition: ecp.h:86
mbedtls_ecp_group_id
mbedtls_ecp_group_id
Definition: ecp.h:78
MBEDTLS_ECP_DP_BP256R1
@ MBEDTLS_ECP_DP_BP256R1
Definition: ecp.h:85
psa_app_key_id_t
uint32_t psa_app_key_id_t
Definition: crypto_platform.h:69
MBEDTLS_ECP_DP_CURVE25519
@ MBEDTLS_ECP_DP_CURVE25519
Definition: ecp.h:88
mbedtls_psa_stats_s::volatile_slots
size_t volatile_slots
Definition: crypto_extra.h:222
crypto_compat.h
PSA cryptography module: Backward compatibility aliases.
psa_key_slot_number_t
uint64_t psa_key_slot_number_t
Definition: crypto_se_driver.h:148
MBEDTLS_ECP_DP_SECP256K1
@ MBEDTLS_ECP_DP_SECP256K1
Definition: ecp.h:91
psa_algorithm_t
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:98
mbedtls_psa_stats_t
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
psa_get_key_enrollment_algorithm
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
Definition: crypto_extra.h:81
MBEDTLS_ECP_DP_SECP192K1
@ MBEDTLS_ECP_DP_SECP192K1
Definition: ecp.h:89
MBEDTLS_ECP_DP_SECP521R1
@ MBEDTLS_ECP_DP_SECP521R1
Definition: ecp.h:84
psa_key_type_t
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:66
mbedtls_ecc_group_to_psa
static psa_ecc_curve_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:581
MBEDTLS_ECP_DP_SECP192R1
@ MBEDTLS_ECP_DP_SECP192R1
Definition: ecp.h:80
mbedtls_psa_stats_s::persistent_slots
size_t persistent_slots
Definition: crypto_extra.h:225
mbedtls_ecc_group_of_psa
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_curve_t curve, size_t byte_length)
mbedtls_psa_stats_s::max_open_internal_key_id
psa_app_key_id_t max_open_internal_key_id
Definition: crypto_extra.h:237
mbedtls_psa_stats_s::max_open_external_key_id
psa_app_key_id_t max_open_external_key_id
Definition: crypto_extra.h:239
platform_util.h
Common and shared functions used by multiple modules in the Mbed TLS library.
mbedtls_psa_stats_s
Statistics about resource consumption related to the PSA keystore.
Definition: crypto_extra.h:220
mbedtls_psa_stats_s::cache_slots
size_t cache_slots
Definition: crypto_extra.h:233
psa_get_key_domain_parameters
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
mbedtls_psa_stats_s::empty_slots
size_t empty_slots
Definition: crypto_extra.h:235
MBEDTLS_ECP_DP_BP512R1
@ MBEDTLS_ECP_DP_BP512R1
Definition: ecp.h:87