TuyaOS
crypto_values.h
浏览该文件的文档.
1
17/*
18 * Copyright The Mbed TLS Contributors
19 * SPDX-License-Identifier: Apache-2.0
20 *
21 * Licensed under the Apache License, Version 2.0 (the "License"); you may
22 * not use this file except in compliance with the License.
23 * You may obtain a copy of the License at
24 *
25 * http://www.apache.org/licenses/LICENSE-2.0
26 *
27 * Unless required by applicable law or agreed to in writing, software
28 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
29 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
30 * See the License for the specific language governing permissions and
31 * limitations under the License.
32 */
33
34#ifndef PSA_CRYPTO_VALUES_H
35#define PSA_CRYPTO_VALUES_H
36#include "mbedtls/private_access.h"
37
42/* PSA error codes */
43
45#define PSA_SUCCESS ((psa_status_t)0)
46
52#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
53
61#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
62
74#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
75
86#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
87
92#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
93
98#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
99
114#define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
115
125#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
126
131#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
132
140#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
141
157#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
158
182#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
183
188#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
189
219#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
220
238#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
239
248#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
249
264#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
265
268#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
269
272#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
273
296#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
297
312#define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
313
324#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000)
325
333#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000)
334
335#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000)
336#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000)
337#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000)
338#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000)
339#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000)
340
341#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000)
342
347#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
348 (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
349
354#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
355 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
356 ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
357
359#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
360 (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
361 & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
362 PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
364#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
365 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
368#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
369 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
380#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
381 ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
392#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
393 ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
394
399#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001)
400
409#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
410
422#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200)
423
445#define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t)0x1203)
446
453#define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t)0x1205)
454
460#define PSA_KEY_TYPE_PEPPER ((psa_key_type_t)0x1206)
461
467#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400)
468
471#define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406)
472
482#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301)
483
486#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
487
495#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)
496
501#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001)
506#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001)
508#define PSA_KEY_TYPE_IS_RSA(type) \
509 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
510
511#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100)
512#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100)
513#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff)
523#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
524 (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
534#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
535 (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
536
538#define PSA_KEY_TYPE_IS_ECC(type) \
539 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
540 ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
542#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
543 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
544 PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
546#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
547 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
548 PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
549
551#define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
552 ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
553 ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
554 0))
555
564#define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
565
574#define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
575/* SECP160R2 (SEC2 v1, obsolete) */
576#define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
577
586#define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
587
596#define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
597
606#define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
607
615#define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
616
627#define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
628
643#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
644
645#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200)
646#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200)
647#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff)
653#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
654 (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
660#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
661 (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
662
664#define PSA_KEY_TYPE_IS_DH(type) \
665 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
666 ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
668#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
669 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
670 PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
672#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
673 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
674 PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
675
677#define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
678 ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
679 ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
680 0))
681
688#define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
689
690#define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
691 (((type) >> 8) & 7)
710#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
711 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
712 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
713 0u)
714
722#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
723
724#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
725#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000)
726#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000)
727#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
728#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000)
729#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000)
730#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000)
731#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000)
732#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000)
733
738#define PSA_ALG_IS_VENDOR_DEFINED(alg) \
739 (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
740
749#define PSA_ALG_IS_HASH(alg) \
750 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
751
760#define PSA_ALG_IS_MAC(alg) \
761 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
762
771#define PSA_ALG_IS_CIPHER(alg) \
772 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
773
783#define PSA_ALG_IS_AEAD(alg) \
784 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
785
795#define PSA_ALG_IS_SIGN(alg) \
796 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
797
807#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
808 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
809
818#define PSA_ALG_IS_KEY_AGREEMENT(alg) \
819 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
820
829#define PSA_ALG_IS_KEY_DERIVATION(alg) \
830 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
831
846#define PSA_ALG_IS_KEY_DERIVATION_STRETCHING(alg) \
847 (PSA_ALG_IS_KEY_DERIVATION(alg) && \
848 (alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG)
849
851#define PSA_ALG_NONE ((psa_algorithm_t)0)
852
853#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
855#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
857#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004)
859#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005)
861#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008)
863#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009)
865#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a)
867#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b)
869#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c)
871#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d)
873#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010)
875#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011)
877#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012)
879#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013)
886#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015)
887
921#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff)
922
923#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
924#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000)
936#define PSA_ALG_HMAC(hash_alg) \
937 (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
938
939#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
940 (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
941
952#define PSA_ALG_IS_HMAC(alg) \
953 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
954 PSA_ALG_HMAC_BASE)
955
956/* In the encoding of a MAC algorithm, the bits corresponding to
957 * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
958 * truncated. As an exception, the value 0 means the untruncated algorithm,
959 * whatever its length is. The length is encoded in 6 bits, so it can
960 * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
961 * to full length is correctly encoded as 0 and any non-trivial truncation
962 * is correctly encoded as a value between 1 and 63. */
963#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000)
964#define PSA_MAC_TRUNCATION_OFFSET 16
965
966/* In the encoding of a MAC algorithm, the bit corresponding to
967 * #PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
968 * is a wildcard algorithm. A key with such wildcard algorithm as permitted
969 * algorithm policy can be used with any algorithm corresponding to the
970 * same base class and having a (potentially truncated) MAC length greater or
971 * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
972#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
973
1007#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
1008 (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1009 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
1010 ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
1011
1024#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
1025 ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1026 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
1027
1039#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
1040 (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
1041
1066#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
1067 ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
1068 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG )
1069
1070#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000)
1076#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
1078#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
1079
1088#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
1089 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1090 PSA_ALG_CIPHER_MAC_BASE)
1091
1092#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
1093#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
1094
1107#define PSA_ALG_IS_STREAM_CIPHER(alg) \
1108 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1109 (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1110
1116#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
1117
1125#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000)
1126
1131#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100)
1132
1137#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200)
1138
1145#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00)
1146
1165#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400)
1166
1174#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000)
1175
1182#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100)
1183
1184#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
1185
1195#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1196 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1197 (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1198
1203#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100)
1204
1214#define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t)0x04c01300)
1215
1220#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200)
1221
1231#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
1232
1233/* In the encoding of a AEAD algorithm, the bits corresponding to
1234 * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
1235 * The constants for default lengths follow this encoding.
1236 */
1237#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000)
1238#define PSA_AEAD_TAG_LENGTH_OFFSET 16
1239
1240/* In the encoding of an AEAD algorithm, the bit corresponding to
1241 * #PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
1242 * is a wildcard algorithm. A key with such wildcard algorithm as permitted
1243 * algorithm policy can be used with any algorithm corresponding to the
1244 * same base class and having a tag length greater than or equal to the one
1245 * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
1246#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
1247
1266#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1267 (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1268 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1269 ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1270 PSA_ALG_AEAD_TAG_LENGTH_MASK))
1271
1282#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1283 (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1284 PSA_AEAD_TAG_LENGTH_OFFSET )
1285
1294#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1295 ( \
1296 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1297 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1298 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1299 0)
1300#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1301 PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1302 PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1303 ref :
1304
1329#define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1330 ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1331 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG )
1332
1333#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200)
1349#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1350 (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1357#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1358#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1359 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1360
1361#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300)
1362#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t)0x06001300)
1381#define PSA_ALG_RSA_PSS(hash_alg) \
1382 (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1383
1399#define PSA_ALG_RSA_PSS_ANY_SALT(hash_alg) \
1400 (PSA_ALG_RSA_PSS_ANY_SALT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1401
1413#define PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) \
1414 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1415
1427#define PSA_ALG_IS_RSA_PSS_ANY_SALT(alg) \
1428 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_ANY_SALT_BASE)
1429
1445#define PSA_ALG_IS_RSA_PSS(alg) \
1446 (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
1447 PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
1448
1449#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600)
1470#define PSA_ALG_ECDSA(hash_alg) \
1471 (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1481#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1482#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700)
1505#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1506 (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1507#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100)
1508#define PSA_ALG_IS_ECDSA(alg) \
1509 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1510 PSA_ALG_ECDSA_BASE)
1511#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1512 (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1513#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1514 (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1515#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1516 (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1517
1546#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800)
1547
1548#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900)
1549#define PSA_ALG_IS_HASH_EDDSA(alg) \
1550 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
1551
1573#define PSA_ALG_ED25519PH \
1574 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
1575
1598#define PSA_ALG_ED448PH \
1599 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
1600
1601/* Default definition, to be overridden if the library is extended with
1602 * more hash-and-sign algorithms that we want to keep out of this header
1603 * file. */
1604#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
1605
1623#define PSA_ALG_IS_SIGN_HASH(alg) \
1624 (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1625 PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \
1626 PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
1627
1639#define PSA_ALG_IS_SIGN_MESSAGE(alg) \
1640 (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA )
1641
1668#define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1669 (PSA_ALG_IS_SIGN_HASH(alg) && \
1670 ((alg) & PSA_ALG_HASH_MASK) != 0)
1671
1690#define PSA_ALG_SIGN_GET_HASH(alg) \
1691 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1692 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1693 0)
1694
1697#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200)
1698
1699#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300)
1714#define PSA_ALG_RSA_OAEP(hash_alg) \
1715 (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1716#define PSA_ALG_IS_RSA_OAEP(alg) \
1717 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1718#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1719 (PSA_ALG_IS_RSA_OAEP(alg) ? \
1720 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1721 0)
1722
1723#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100)
1744#define PSA_ALG_HKDF(hash_alg) \
1745 (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1757#define PSA_ALG_IS_HKDF(alg) \
1758 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1759#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1760 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1761
1762#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200)
1789#define PSA_ALG_TLS12_PRF(hash_alg) \
1790 (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1791
1800#define PSA_ALG_IS_TLS12_PRF(alg) \
1801 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1802#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1803 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1804
1805#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300)
1835#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
1836 (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1837
1846#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
1847 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
1848#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
1849 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1850
1851/* This flag indicates whether the key derivation algorithm is suitable for
1852 * use on low-entropy secrets such as password - these algorithms are also
1853 * known as key stretching or password hashing schemes. These are also the
1854 * algorithms that accepts inputs of type #PSA_KEY_DERIVATION_INPUT_PASSWORD.
1855 *
1856 * Those algorithms cannot be combined with a key agreement algorithm.
1857 */
1858#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t)0x00800000)
1859
1860#define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t)0x08800100)
1887#define PSA_ALG_PBKDF2_HMAC(hash_alg) \
1888 (PSA_ALG_PBKDF2_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1889
1898#define PSA_ALG_IS_PBKDF2_HMAC(alg) \
1899 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_PBKDF2_HMAC_BASE)
1900
1910#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t)0x08800200)
1911
1912#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff)
1913#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)
1914
1929#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
1930 ((ka_alg) | (kdf_alg))
1931
1932#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
1933 (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
1934
1935#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
1936 (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
1937
1952#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
1953 (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
1954 PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
1955
1956#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
1957 ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
1958
1966#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000)
1967
1980#define PSA_ALG_IS_FFDH(alg) \
1981 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
1982
2008#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000)
2009
2024#define PSA_ALG_IS_ECDH(alg) \
2025 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
2026
2040#define PSA_ALG_IS_WILDCARD(alg) \
2041 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
2042 PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
2043 PSA_ALG_IS_MAC(alg) ? \
2044 (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2045 PSA_ALG_IS_AEAD(alg) ? \
2046 (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2047 (alg) == PSA_ALG_ANY_HASH)
2048
2058#define PSA_ALG_GET_HASH(alg) \
2059 (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t)0) : 0x02000000 | ((alg) & 0x000000ff))
2060
2078#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
2079
2092#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
2093
2098#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00)
2099
2104#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01)
2105
2110#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff)
2111
2112#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
2113 ((psa_key_persistence_t)((lifetime) & 0x000000ff))
2114
2115#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
2116 ((psa_key_location_t)((lifetime) >> 8))
2117
2134#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
2135 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2136 PSA_KEY_PERSISTENCE_VOLATILE)
2137
2155#define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
2156 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2157 PSA_KEY_PERSISTENCE_READ_ONLY)
2158
2168#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
2169 ((location) << 8 | (persistence))
2170
2178#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000)
2179
2180#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000)
2181
2184#define PSA_KEY_ID_NULL ((psa_key_id_t)0)
2187#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001)
2190#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff)
2193#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000)
2196#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff)
2197
2198
2199#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
2200
2201#define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 )
2202#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id )
2203#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 )
2204
2210static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
2211 unsigned int unused, psa_key_id_t key_id )
2212{
2213 (void)unused;
2214
2215 return( key_id );
2216}
2217
2225static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
2226 mbedtls_svc_key_id_t id2 )
2227{
2228 return( id1 == id2 );
2229}
2230
2237static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
2238{
2239 return( key == 0 );
2240}
2241
2242#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2243
2244#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } )
2245#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).key_id )
2246#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).owner )
2247
2253static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
2254 mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id )
2255{
2256 return( (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id,
2257 .MBEDTLS_PRIVATE(owner) = owner_id } );
2258}
2259
2267static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
2268 mbedtls_svc_key_id_t id2 )
2269{
2270 return( ( id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id) ) &&
2271 mbedtls_key_owner_id_equal( id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner) ) );
2272}
2273
2280static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
2281{
2282 return( key.MBEDTLS_PRIVATE(key_id) == 0 );
2283}
2284
2285#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2286
2304#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
2305
2320#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002)
2321
2331#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
2332
2342#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
2343
2352#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400)
2353
2362#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800)
2363
2372#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000)
2373
2382#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000)
2383
2396#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000)
2397
2411#define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t)0x00008000)
2412
2434#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
2435
2452#define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t)0x0102)
2453
2459#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
2460
2467#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
2468
2474#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
2475
2481#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204)
2482
2487#define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t)0x0205)
2488
2495/* Helper macros */
2496
2508#define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
2509 (!(((aead_alg_1) ^ (aead_alg_2)) & \
2510 ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
2511
2514#endif /* PSA_CRYPTO_VALUES_H */
uint32_t psa_key_id_t
Definition: crypto_types.h:225