Mbed TLS v3.5.0
crypto_extra.h
Go to the documentation of this file.
1 
11 /*
12  * Copyright The Mbed TLS Contributors
13  * SPDX-License-Identifier: Apache-2.0
14  *
15  * Licensed under the Apache License, Version 2.0 (the "License"); you may
16  * not use this file except in compliance with the License.
17  * You may obtain a copy of the License at
18  *
19  * http://www.apache.org/licenses/LICENSE-2.0
20  *
21  * Unless required by applicable law or agreed to in writing, software
22  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24  * See the License for the specific language governing permissions and
25  * limitations under the License.
26  */
27 
28 #ifndef PSA_CRYPTO_EXTRA_H
29 #define PSA_CRYPTO_EXTRA_H
30 #include "mbedtls/private_access.h"
31 
32 #include "crypto_types.h"
33 #include "crypto_compat.h"
34 
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38 
39 /* UID for secure storage seed */
40 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
41 
42 /* See mbedtls_config.h for definition */
43 #if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
44 #define MBEDTLS_PSA_KEY_SLOT_COUNT 32
45 #endif
46 
71  psa_key_attributes_t *attributes,
72  psa_algorithm_t alg2)
73 {
74  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2;
75 }
76 
84  const psa_key_attributes_t *attributes)
85 {
86  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2);
87 }
88 
89 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
90 
113 psa_status_t psa_get_key_slot_number(
114  const psa_key_attributes_t *attributes,
115  psa_key_slot_number_t *slot_number);
116 
140 static inline void psa_set_key_slot_number(
141  psa_key_attributes_t *attributes,
142  psa_key_slot_number_t slot_number)
143 {
144  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
145  attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
146 }
147 
154 static inline void psa_clear_key_slot_number(
155  psa_key_attributes_t *attributes)
156 {
157  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &=
159 }
160 
201 psa_status_t mbedtls_psa_register_se_key(
202  const psa_key_attributes_t *attributes);
203 
204 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
205 
217 
224 typedef struct mbedtls_psa_stats_s {
226  size_t MBEDTLS_PRIVATE(volatile_slots);
229  size_t MBEDTLS_PRIVATE(persistent_slots);
232  size_t MBEDTLS_PRIVATE(external_slots);
235  size_t MBEDTLS_PRIVATE(half_filled_slots);
237  size_t MBEDTLS_PRIVATE(cache_slots);
239  size_t MBEDTLS_PRIVATE(empty_slots);
241  size_t MBEDTLS_PRIVATE(locked_slots);
243  psa_key_id_t MBEDTLS_PRIVATE(max_open_internal_key_id);
245  psa_key_id_t MBEDTLS_PRIVATE(max_open_external_key_id);
247 
256 
327  size_t seed_size);
328 
340 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
341 
358 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
359 
361 #define PSA_KEY_TYPE_IS_DSA(type) \
362  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
363 
364 #define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
379 #define PSA_ALG_DSA(hash_alg) \
380  (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
381 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
382 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
397 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
398  (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
399 #define PSA_ALG_IS_DSA(alg) \
400  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
401  PSA_ALG_DSA_BASE)
402 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
403  (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
404 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
405  (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
406 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
407  (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
408 
409 
410 /* We need to expand the sample definition of this macro from
411  * the API definition. */
412 #undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
413 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
414  PSA_ALG_IS_DSA(alg)
415 
428 #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
429 
431 #define PSA_PAKE_OPERATION_STAGE_SETUP 0
432 #define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 1
433 #define PSA_PAKE_OPERATION_STAGE_COMPUTATION 2
434 
502  psa_key_type_t type,
503  const uint8_t *data,
504  size_t data_length);
505 
530  const psa_key_attributes_t *attributes,
531  uint8_t *data,
532  size_t data_size,
533  size_t *data_length);
534 
560 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
561  (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
562  PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
563  PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
564  0)
565 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
566  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
567 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
568  (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
569 
575 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
576 #include <mbedtls/ecp.h>
577 
592  size_t *bits);
593 
614  size_t bits,
615  int bits_is_sloppy);
616 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
617 
624 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
664 psa_status_t mbedtls_psa_external_get_random(
665  mbedtls_psa_external_random_context_t *context,
666  uint8_t *output, size_t output_size, size_t *output_length);
667 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
668 
686 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
687 
693 #define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
694 
699 typedef uint64_t psa_drv_slot_number_t;
700 
701 #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
711 static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
712 {
713  return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
714  (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX);
715 }
716 
761 psa_status_t mbedtls_psa_platform_get_builtin_key(
762  mbedtls_svc_key_id_t key_id,
763  psa_key_lifetime_t *lifetime,
764  psa_drv_slot_number_t *slot_number);
765 #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
766 
773 #define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t) 0x0a000000)
774 
784 #define PSA_ALG_IS_PAKE(alg) \
785  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE)
786 
902 #define PSA_ALG_JPAKE ((psa_algorithm_t) 0x0a000100)
903 
924 typedef uint8_t psa_pake_role_t;
925 
932 typedef uint8_t psa_pake_step_t;
933 
943 
949 typedef uint8_t psa_pake_family_t;
950 
955 typedef uint32_t psa_pake_primitive_t;
956 
961 #define PSA_PAKE_ROLE_NONE ((psa_pake_role_t) 0x00)
962 
970 #define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t) 0x01)
971 
979 #define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t) 0x02)
980 
985 #define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t) 0x11)
986 
991 #define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t) 0x12)
992 
1011 #define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t) 0x01)
1012 
1031 #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t) 0x02)
1032 
1052 #define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \
1053  ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \
1054  ((psa_pake_primitive_t) (((pake_type) << 24 | \
1055  (pake_family) << 16) | (pake_bits)))
1056 
1069 #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t) 0x01)
1070 
1086 #define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t) 0x02)
1087 
1107 #define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t) 0x03)
1108 
1116 
1120 
1128  const psa_pake_cipher_suite_t *cipher_suite);
1129 
1142 static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite,
1144 
1152  const psa_pake_cipher_suite_t *cipher_suite);
1153 
1163 static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite,
1164  psa_pake_primitive_t primitive);
1165 
1173  const psa_pake_cipher_suite_t *cipher_suite);
1174 
1181 static uint16_t psa_pake_cs_get_bits(
1182  const psa_pake_cipher_suite_t *cipher_suite);
1183 
1193  const psa_pake_cipher_suite_t *cipher_suite);
1194 
1213 
1243 
1246 
1249 
1253 
1265  const psa_crypto_driver_pake_inputs_t *inputs,
1266  size_t *password_len);
1267 
1281  const psa_crypto_driver_pake_inputs_t *inputs,
1282  uint8_t *buffer, size_t buffer_size, size_t *buffer_length);
1283 
1295  const psa_crypto_driver_pake_inputs_t *inputs,
1296  size_t *user_len);
1297 
1309  const psa_crypto_driver_pake_inputs_t *inputs,
1310  size_t *peer_len);
1311 
1327  const psa_crypto_driver_pake_inputs_t *inputs,
1328  uint8_t *user_id, size_t user_id_size, size_t *user_id_len);
1329 
1345  const psa_crypto_driver_pake_inputs_t *inputs,
1346  uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length);
1347 
1359  const psa_crypto_driver_pake_inputs_t *inputs,
1360  psa_pake_cipher_suite_t *cipher_suite);
1361 
1433  const psa_pake_cipher_suite_t *cipher_suite);
1434 
1481  mbedtls_svc_key_id_t password);
1482 
1521  const uint8_t *user_id,
1522  size_t user_id_len);
1523 
1563  const uint8_t *peer_id,
1564  size_t peer_id_len);
1565 
1605  psa_pake_role_t role);
1606 
1663  psa_pake_step_t step,
1664  uint8_t *output,
1665  size_t output_size,
1666  size_t *output_length);
1667 
1718  psa_pake_step_t step,
1719  const uint8_t *input,
1720  size_t input_length);
1721 
1782 
1808 
1831 #define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \
1832  (alg == PSA_ALG_JPAKE && \
1833  primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
1834  PSA_ECC_FAMILY_SECP_R1, 256) ? \
1835  ( \
1836  output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
1837  output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
1838  32 \
1839  ) : \
1840  0)
1841 
1861 #define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \
1862  (alg == PSA_ALG_JPAKE && \
1863  primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
1864  PSA_ECC_FAMILY_SECP_R1, 256) ? \
1865  ( \
1866  input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
1867  input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
1868  32 \
1869  ) : \
1870  0)
1871 
1882 #define PSA_PAKE_OUTPUT_MAX_SIZE 65
1883 
1894 #define PSA_PAKE_INPUT_MAX_SIZE 65
1895 
1899 #define PSA_PAKE_CIPHER_SUITE_INIT { PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE }
1900 
1904 #define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, 0, PSA_PAKE_OPERATION_STAGE_SETUP, \
1905  { 0 }, { { 0 } } }
1906 
1911  uint16_t bits;
1913 };
1914 
1916  const psa_pake_cipher_suite_t *cipher_suite)
1917 {
1918  return cipher_suite->algorithm;
1919 }
1920 
1921 static inline void psa_pake_cs_set_algorithm(
1922  psa_pake_cipher_suite_t *cipher_suite,
1923  psa_algorithm_t algorithm)
1924 {
1925  if (!PSA_ALG_IS_PAKE(algorithm)) {
1926  cipher_suite->algorithm = 0;
1927  } else {
1928  cipher_suite->algorithm = algorithm;
1929  }
1930 }
1931 
1933  const psa_pake_cipher_suite_t *cipher_suite)
1934 {
1935  return PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family,
1936  cipher_suite->bits);
1937 }
1938 
1939 static inline void psa_pake_cs_set_primitive(
1940  psa_pake_cipher_suite_t *cipher_suite,
1941  psa_pake_primitive_t primitive)
1942 {
1943  cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24);
1944  cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16));
1945  cipher_suite->bits = (uint16_t) (0xFFFF & primitive);
1946 }
1947 
1949  const psa_pake_cipher_suite_t *cipher_suite)
1950 {
1951  return cipher_suite->family;
1952 }
1953 
1954 static inline uint16_t psa_pake_cs_get_bits(
1955  const psa_pake_cipher_suite_t *cipher_suite)
1956 {
1957  return cipher_suite->bits;
1958 }
1959 
1961  const psa_pake_cipher_suite_t *cipher_suite)
1962 {
1963  return cipher_suite->hash;
1964 }
1965 
1966 static inline void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
1967  psa_algorithm_t hash)
1968 {
1969  if (!PSA_ALG_IS_HASH(hash)) {
1970  cipher_suite->hash = 0;
1971  } else {
1972  cipher_suite->hash = hash;
1973  }
1974 }
1975 
1977  uint8_t *MBEDTLS_PRIVATE(password);
1978  size_t MBEDTLS_PRIVATE(password_len);
1979  uint8_t *MBEDTLS_PRIVATE(user);
1980  size_t MBEDTLS_PRIVATE(user_len);
1981  uint8_t *MBEDTLS_PRIVATE(peer);
1982  size_t MBEDTLS_PRIVATE(peer_len);
1985 };
1986 
1988  PSA_JPAKE_STEP_INVALID = 0, /* Invalid step */
1989  PSA_JPAKE_X1_STEP_KEY_SHARE = 1, /* Round 1: input/output key share (for ephemeral private key X1).*/
1990  PSA_JPAKE_X1_STEP_ZK_PUBLIC = 2, /* Round 1: input/output Schnorr NIZKP public key for the X1 key */
1991  PSA_JPAKE_X1_STEP_ZK_PROOF = 3, /* Round 1: input/output Schnorr NIZKP proof for the X1 key */
1992  PSA_JPAKE_X2_STEP_KEY_SHARE = 4, /* Round 1: input/output key share (for ephemeral private key X2).*/
1993  PSA_JPAKE_X2_STEP_ZK_PUBLIC = 5, /* Round 1: input/output Schnorr NIZKP public key for the X2 key */
1994  PSA_JPAKE_X2_STEP_ZK_PROOF = 6, /* Round 1: input/output Schnorr NIZKP proof for the X2 key */
1995  PSA_JPAKE_X2S_STEP_KEY_SHARE = 7, /* Round 2: output X2S key (our key) */
1996  PSA_JPAKE_X2S_STEP_ZK_PUBLIC = 8, /* Round 2: output Schnorr NIZKP public key for the X2S key (our key) */
1997  PSA_JPAKE_X2S_STEP_ZK_PROOF = 9, /* Round 2: output Schnorr NIZKP proof for the X2S key (our key) */
1998  PSA_JPAKE_X4S_STEP_KEY_SHARE = 10, /* Round 2: input X4S key (from peer) */
1999  PSA_JPAKE_X4S_STEP_ZK_PUBLIC = 11, /* Round 2: input Schnorr NIZKP public key for the X4S key (from peer) */
2000  PSA_JPAKE_X4S_STEP_ZK_PROOF = 12 /* Round 2: input Schnorr NIZKP proof for the X4S key (from peer) */
2002 
2003 typedef enum psa_jpake_round {
2006  PSA_JPAKE_FINISHED = 2
2008 
2009 typedef enum psa_jpake_io_mode {
2011  PSA_JPAKE_OUTPUT = 1
2013 
2015  /* The J-PAKE round we are currently on */
2017  /* The 'mode' we are currently in (inputting or outputting) */
2019  /* The number of completed inputs so far this round */
2020  uint8_t MBEDTLS_PRIVATE(inputs);
2021  /* The number of completed outputs so far this round */
2022  uint8_t MBEDTLS_PRIVATE(outputs);
2023  /* The next expected step (KEY_SHARE, ZK_PUBLIC or ZK_PROOF) */
2025 };
2026 
2027 #define PSA_JPAKE_EXPECTED_INPUTS(round) ((round) == PSA_JPAKE_FINISHED ? 0 : \
2028  ((round) == PSA_JPAKE_FIRST ? 2 : 1))
2029 #define PSA_JPAKE_EXPECTED_OUTPUTS(round) ((round) == PSA_JPAKE_FINISHED ? 0 : \
2030  ((round) == PSA_JPAKE_FIRST ? 2 : 1))
2031 
2039  unsigned int MBEDTLS_PRIVATE(id);
2040  /* Algorithm of the PAKE operation */
2042  /* A primitive of type compatible with algorithm */
2044  /* Stage of the PAKE operation: waiting for the setup, collecting inputs
2045  * or computing. */
2046  uint8_t MBEDTLS_PRIVATE(stage);
2047  /* Holds computation stage of the PAKE algorithms. */
2048  union {
2049  uint8_t MBEDTLS_PRIVATE(dummy);
2050 #if defined(PSA_WANT_ALG_JPAKE)
2052 #endif
2053  } MBEDTLS_PRIVATE(computation_stage);
2054  union {
2058 };
2059 
2060 static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void)
2061 {
2063  return v;
2064 }
2065 
2066 static inline struct psa_pake_operation_s psa_pake_operation_init(void)
2067 {
2069  return v;
2070 }
2071 
2072 #ifdef __cplusplus
2073 }
2074 #endif
2075 
2076 #endif /* PSA_CRYPTO_EXTRA_H */
PSA cryptography module: Backward compatibility aliases.
void mbedtls_psa_crypto_free(void)
Library deinitialization.
#define PSA_PAKE_OPERATION_INIT
psa_crypto_driver_pake_step
@ PSA_JPAKE_X2_STEP_KEY_SHARE
@ PSA_JPAKE_X2S_STEP_KEY_SHARE
@ PSA_JPAKE_X1_STEP_ZK_PUBLIC
@ PSA_JPAKE_STEP_INVALID
@ PSA_JPAKE_X4S_STEP_KEY_SHARE
@ PSA_JPAKE_X2S_STEP_ZK_PROOF
@ PSA_JPAKE_X2_STEP_ZK_PUBLIC
@ PSA_JPAKE_X4S_STEP_ZK_PROOF
@ PSA_JPAKE_X2_STEP_ZK_PROOF
@ PSA_JPAKE_X4S_STEP_ZK_PUBLIC
@ PSA_JPAKE_X1_STEP_KEY_SHARE
@ PSA_JPAKE_X2S_STEP_ZK_PUBLIC
@ PSA_JPAKE_X1_STEP_ZK_PROOF
psa_jpake_io_mode
@ PSA_JPAKE_OUTPUT
@ PSA_JPAKE_INPUT
enum psa_crypto_driver_pake_step psa_crypto_driver_pake_step_t
psa_jpake_round
@ PSA_JPAKE_FINISHED
@ PSA_JPAKE_FIRST
@ PSA_JPAKE_SECOND
#define PSA_PAKE_CIPHER_SUITE_INIT
enum psa_jpake_io_mode psa_jpake_io_mode_t
enum psa_jpake_round psa_jpake_round_t
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
PSA cryptography module: type aliases.
This file provides an API for Elliptic Curves over GF(P) (ECP).
mbedtls_ecp_group_id
Definition: ecp.h:113
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
Definition: crypto_extra.h:83
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
Definition: crypto_extra.h:70
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:83
#define PSA_ALG_IS_PAKE(alg)
Definition: crypto_extra.h:784
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:139
#define PSA_ALG_IS_HASH(alg)
uint8_t psa_ecc_family_t
Definition: crypto_types.h:102
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:64
uint32_t psa_key_id_t
Definition: crypto_types.h:280
uint32_t psa_key_lifetime_t
Definition: crypto_types.h:188
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:297
static uint16_t psa_pake_cs_get_bits(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password)
static psa_pake_primitive_t psa_pake_cs_get_primitive(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_abort(psa_pake_operation_t *operation)
psa_status_t psa_crypto_driver_pake_get_password(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *buffer, size_t buffer_size, size_t *buffer_length)
psa_status_t psa_pake_input(psa_pake_operation_t *operation, psa_pake_step_t step, const uint8_t *input, size_t input_length)
uint32_t psa_pake_primitive_t
Encoding of the primitive associated with the PAKE.
Definition: crypto_extra.h:955
static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t hash)
psa_status_t psa_pake_setup(psa_pake_operation_t *operation, const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_output(psa_pake_operation_t *operation, psa_pake_step_t step, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, const uint8_t *user_id, size_t user_id_len)
static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite, psa_pake_primitive_t primitive)
static psa_pake_cipher_suite_t psa_pake_cipher_suite_init(void)
psa_status_t psa_crypto_driver_pake_get_password_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *password_len)
static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t algorithm)
uint8_t psa_pake_role_t
Encoding of the application role of PAKE.
Definition: crypto_extra.h:924
static psa_pake_family_t psa_pake_cs_get_family(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, const uint8_t *peer_id, size_t peer_id_len)
static psa_pake_operation_t psa_pake_operation_init(void)
uint8_t psa_pake_step_t
Definition: crypto_extra.h:932
psa_status_t psa_crypto_driver_pake_get_peer(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length)
uint8_t psa_pake_primitive_type_t
Definition: crypto_extra.h:942
psa_status_t psa_crypto_driver_pake_get_peer_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *peer_len)
psa_status_t psa_crypto_driver_pake_get_user_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *user_len)
psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, psa_key_derivation_operation_t *output)
uint8_t psa_pake_family_t
Encoding of the family of the primitive associated with the PAKE.
Definition: crypto_extra.h:949
psa_status_t psa_crypto_driver_pake_get_user(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *user_id, size_t user_id_size, size_t *user_id_len)
static psa_algorithm_t psa_pake_cs_get_algorithm(const psa_pake_cipher_suite_t *cipher_suite)
#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits)
psa_status_t psa_pake_set_role(psa_pake_operation_t *operation, psa_pake_role_t role)
psa_status_t psa_crypto_driver_pake_get_cipher_suite(const psa_crypto_driver_pake_inputs_t *inputs, psa_pake_cipher_suite_t *cipher_suite)
static psa_algorithm_t psa_pake_cs_get_hash(const psa_pake_cipher_suite_t *cipher_suite)
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
Definition: crypto_extra.h:693
uint64_t psa_drv_slot_number_t
Definition: crypto_extra.h:699
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
Definition: crypto_extra.h:686
psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
uint64_t psa_key_slot_number_t
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
Statistics about resource consumption related to the PSA keystore.
Definition: crypto_extra.h:224
psa_algorithm_t hash
psa_algorithm_t algorithm
psa_pake_primitive_type_t type
psa_pake_family_t family