Mbed TLS v2.28.9
crypto_values.h
Go to the documentation of this file.
1 
22 /*
23  * Copyright The Mbed TLS Contributors
24  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
25  */
26 
27 #ifndef PSA_CRYPTO_VALUES_H
28 #define PSA_CRYPTO_VALUES_H
29 
34 /* PSA error codes */
35 
36 /* Error codes are standardized across PSA domains (framework, crypto, storage,
37  * etc.). Do not change the values in this section or even the expansions
38  * of each macro: it must be possible to `#include` both this header
39  * and some other PSA component's headers in the same C source,
40  * which will lead to duplicate definitions of the `PSA_SUCCESS` and
41  * `PSA_ERROR_xxx` macros, which is ok if and only if the macros expand
42  * to the same sequence of tokens.
43  *
44  * If you must add a new
45  * value, check with the Arm PSA framework group to pick one that other
46  * domains aren't already using. */
47 
48 /* Tell uncrustify not to touch the constant definitions, otherwise
49  * it might change the spacing to something that is not PSA-compliant
50  * (e.g. adding a space after casts).
51  *
52  * *INDENT-OFF*
53  */
54 
56 #define PSA_SUCCESS ((psa_status_t)0)
57 
63 #define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
64 
72 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
73 
85 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
86 
97 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
98 
103 #define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
104 
109 #define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
110 
125 #define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
126 
136 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
137 
142 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
143 
151 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
152 
168 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
169 
193 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
194 
199 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
200 
230 #define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
231 
249 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
250 
259 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
260 
275 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
276 
279 #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
280 
283 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
284 
307 #define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
308 
323 #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
324 
325 /* *INDENT-ON* */
326 
333 /* Note that key type values, including ECC family and DH group values, are
334  * embedded in the persistent key store, as part of key metadata. As a
335  * consequence, they must not be changed (unless the storage format version
336  * changes).
337  */
338 
343 #define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000)
344 
352 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000)
353 
354 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000)
355 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000)
356 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000)
357 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000)
358 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000)
359 
360 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000)
361 
366 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
367  (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
368 
373 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
374  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
375  ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
376 
378 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
379  (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
380  & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
381  PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
382 
383 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
384  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
385 
387 #define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
388  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
389 
399 #define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
400  ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
401 
411 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
412  ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
413 
418 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001)
419 
428 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100)
429 
435 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200)
436 
442 #define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400)
443 
446 #define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406)
447 
457 #define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301)
458 
461 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403)
462 
467 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t) 0x2002)
468 
476 #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004)
477 
482 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001)
483 
487 #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001)
488 
489 #define PSA_KEY_TYPE_IS_RSA(type) \
490  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
491 
492 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100)
493 #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100)
494 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff)
495 
504 #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
505  (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
506 
515 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
516  (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
517 
519 #define PSA_KEY_TYPE_IS_ECC(type) \
520  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
521  ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
522 
523 #define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
524  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
525  PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
526 
527 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
528  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
529  PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
530 
532 #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
533  ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
534  ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
535  0))
536 
549 #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
550 
559 #define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
560 /* SECP160R2 (SEC2 v1, obsolete, not supported in Mbed TLS) */
561 #define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
562 
573 #define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
574 
585 #define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
586 
597 #define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
598 
609 #define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
610 
621 #define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
622 
639 #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
640 
641 #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200)
642 #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200)
643 #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff)
644 
649 #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
650  (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
651 
656 #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
657  (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
658 
660 #define PSA_KEY_TYPE_IS_DH(type) \
661  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
662  ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
663 
664 #define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
665  (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
666  PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
667 
668 #define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
669  (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
670  PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
671 
673 #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
674  ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
675  ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
676  0))
677 
684 #define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
685 
686 #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
687  (((type) >> 8) & 7)
688 
706 #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
707  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
708  1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
709  0u)
710 
711 /* Note that algorithm values are embedded in the persistent key store,
712  * as part of key metadata. As a consequence, they must not be changed
713  * (unless the storage format version changes).
714  */
715 
723 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000)
724 
725 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000)
726 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000)
727 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000)
728 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000)
729 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000)
730 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000)
731 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000)
732 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000)
733 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000)
734 
739 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
740  (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
741 
750 #define PSA_ALG_IS_HASH(alg) \
751  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
752 
761 #define PSA_ALG_IS_MAC(alg) \
762  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
763 
772 #define PSA_ALG_IS_CIPHER(alg) \
773  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
774 
784 #define PSA_ALG_IS_AEAD(alg) \
785  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
786 
796 #define PSA_ALG_IS_SIGN(alg) \
797  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
798 
808 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
809  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
810 
819 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
820  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
821 
830 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
831  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
832 
834 /* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
835 #define PSA_ALG_NONE ((psa_algorithm_t)0)
836 /* *INDENT-ON* */
837 
838 #define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff)
839 
840 #define PSA_ALG_MD2 ((psa_algorithm_t) 0x02000001)
841 
842 #define PSA_ALG_MD4 ((psa_algorithm_t) 0x02000002)
843 
844 #define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003)
845 
846 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004)
847 
848 #define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005)
849 
850 #define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008)
851 
852 #define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009)
853 
854 #define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a)
855 
856 #define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b)
857 
858 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c)
859 
860 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d)
861 
862 #define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010)
863 
864 #define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011)
865 
866 #define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012)
867 
868 #define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013)
869 
875 #define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015)
876 
910 #define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff)
911 
912 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000)
913 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000)
914 
925 #define PSA_ALG_HMAC(hash_alg) \
926  (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
927 
928 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
929  (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
930 
941 #define PSA_ALG_IS_HMAC(alg) \
942  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
943  PSA_ALG_HMAC_BASE)
944 
945 /* In the encoding of a MAC algorithm, the bits corresponding to
946  * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
947  * truncated. As an exception, the value 0 means the untruncated algorithm,
948  * whatever its length is. The length is encoded in 6 bits, so it can
949  * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
950  * to full length is correctly encoded as 0 and any non-trivial truncation
951  * is correctly encoded as a value between 1 and 63. */
952 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000)
953 #define PSA_MAC_TRUNCATION_OFFSET 16
954 
955 /* In the encoding of a MAC algorithm, the bit corresponding to
956  * #PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
957  * is a wildcard algorithm. A key with such wildcard algorithm as permitted
958  * algorithm policy can be used with any algorithm corresponding to the
959  * same base class and having a (potentially truncated) MAC length greater or
960  * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
961 #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
962 
996 #define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
997  (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
998  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
999  ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
1000 
1013 #define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
1014  ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1015  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
1016 
1028 #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
1029  (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
1030 
1055 #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
1056  (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
1057  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
1058 
1059 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000)
1060 
1065 #define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100)
1066 
1067 #define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200)
1068 
1077 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
1078  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1079  PSA_ALG_CIPHER_MAC_BASE)
1080 
1081 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000)
1082 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1083 
1096 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
1097  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1098  (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1099 
1106 #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100)
1107 
1115 #define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000)
1116 
1121 #define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100)
1122 
1127 #define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200)
1128 
1135 #define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00)
1136 
1155 #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400)
1156 
1164 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000)
1165 
1172 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100)
1173 
1174 #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1175 
1185 #define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1186  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1187  (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1188 
1193 #define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100)
1194 
1199 #define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200)
1200 
1210 #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500)
1211 
1212 /* In the encoding of an AEAD algorithm, the bits corresponding to
1213  * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
1214  * The constants for default lengths follow this encoding.
1215  */
1216 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000)
1217 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
1218 
1219 /* In the encoding of an AEAD algorithm, the bit corresponding to
1220  * #PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
1221  * is a wildcard algorithm. A key with such wildcard algorithm as permitted
1222  * algorithm policy can be used with any algorithm corresponding to the
1223  * same base class and having a tag length greater than or equal to the one
1224  * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
1225 #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
1226 
1245 #define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1246  (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1247  PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1248  ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1249  PSA_ALG_AEAD_TAG_LENGTH_MASK))
1250 
1261 #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1262  (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1263  PSA_AEAD_TAG_LENGTH_OFFSET)
1264 
1273 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1274  ( \
1275  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1276  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1277  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1278  0)
1279 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1280  PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1281  PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1282  ref :
1283 
1308 #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1309  (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1310  PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
1311 
1312 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200)
1313 
1328 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1329  (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1330 
1336 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1337 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1338  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1339 
1340 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300)
1341 #define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300)
1342 
1362 #define PSA_ALG_RSA_PSS(hash_alg) \
1363  (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1364 
1380 #define PSA_ALG_RSA_PSS_ANY_SALT(hash_alg) \
1381  (PSA_ALG_RSA_PSS_ANY_SALT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1382 
1394 #define PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) \
1395  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1396 
1408 #define PSA_ALG_IS_RSA_PSS_ANY_SALT(alg) \
1409  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_ANY_SALT_BASE)
1410 
1426 #define PSA_ALG_IS_RSA_PSS(alg) \
1427  (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
1428  PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
1429 
1430 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600)
1431 
1451 #define PSA_ALG_ECDSA(hash_alg) \
1452  (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1453 
1462 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1463 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700)
1464 
1486 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1487  (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1488 #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100)
1489 #define PSA_ALG_IS_ECDSA(alg) \
1490  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1491  PSA_ALG_ECDSA_BASE)
1492 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1493  (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1494 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1495  (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1496 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1497  (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1498 
1527 #define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800)
1528 
1529 #define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900)
1530 #define PSA_ALG_IS_HASH_EDDSA(alg) \
1531  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
1532 
1554 #define PSA_ALG_ED25519PH \
1555  (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
1556 
1579 #define PSA_ALG_ED448PH \
1580  (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
1581 
1582 /* Default definition, to be overridden if the library is extended with
1583  * more hash-and-sign algorithms that we want to keep out of this header
1584  * file. */
1585 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
1586 
1604 #define PSA_ALG_IS_SIGN_HASH(alg) \
1605  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1606  PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \
1607  PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
1608 
1620 #define PSA_ALG_IS_SIGN_MESSAGE(alg) \
1621  (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
1622 
1649 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1650  (PSA_ALG_IS_SIGN_HASH(alg) && \
1651  ((alg) & PSA_ALG_HASH_MASK) != 0)
1652 
1671 #define PSA_ALG_SIGN_GET_HASH(alg) \
1672  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1673  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1674  0)
1675 
1685 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200)
1686 
1687 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300)
1688 
1702 #define PSA_ALG_RSA_OAEP(hash_alg) \
1703  (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1704 #define PSA_ALG_IS_RSA_OAEP(alg) \
1705  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1706 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1707  (PSA_ALG_IS_RSA_OAEP(alg) ? \
1708  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1709  0)
1710 
1711 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100)
1712 
1732 #define PSA_ALG_HKDF(hash_alg) \
1733  (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1734 
1745 #define PSA_ALG_IS_HKDF(alg) \
1746  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1747 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1748  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1749 
1750 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200)
1751 
1777 #define PSA_ALG_TLS12_PRF(hash_alg) \
1778  (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1779 
1788 #define PSA_ALG_IS_TLS12_PRF(alg) \
1789  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1790 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1791  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1792 
1793 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300)
1794 
1823 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
1824  (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1825 
1834 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
1835  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
1836 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
1837  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1838 
1839 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff)
1840 #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000)
1841 
1856 #define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
1857  ((ka_alg) | (kdf_alg))
1858 
1859 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
1860  (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
1861 
1862 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
1863  (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
1864 
1879 #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
1880  (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
1881  PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
1882 
1883 #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
1884  ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
1885 
1893 #define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000)
1894 
1907 #define PSA_ALG_IS_FFDH(alg) \
1908  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
1909 
1935 #define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000)
1936 
1951 #define PSA_ALG_IS_ECDH(alg) \
1952  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
1953 
1967 #define PSA_ALG_IS_WILDCARD(alg) \
1968  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1969  PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
1970  PSA_ALG_IS_MAC(alg) ? \
1971  (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1972  PSA_ALG_IS_AEAD(alg) ? \
1973  (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1974  (alg) == PSA_ALG_ANY_HASH)
1975 
1982 /* Note that location and persistence level values are embedded in the
1983  * persistent key store, as part of key metadata. As a consequence, they
1984  * must not be changed (unless the storage format version changes).
1985  */
1986 
1998 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000)
1999 
2012 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001)
2013 
2018 #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00)
2019 
2024 #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01)
2025 
2030 #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff)
2031 
2032 #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
2033  ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
2034 
2035 #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
2036  ((psa_key_location_t) ((lifetime) >> 8))
2037 
2054 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
2055  (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2056  PSA_KEY_PERSISTENCE_VOLATILE)
2057 
2075 #define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
2076  (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2077  PSA_KEY_PERSISTENCE_READ_ONLY)
2078 
2088 #define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
2089  ((location) << 8 | (persistence))
2090 
2098 #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000)
2099 
2100 #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000)
2101 
2102 /* Note that key identifier values are embedded in the
2103  * persistent key store, as part of key metadata. As a consequence, they
2104  * must not be changed (unless the storage format version changes).
2105  */
2106 
2109 /* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
2110 #define PSA_KEY_ID_NULL ((psa_key_id_t)0)
2111 /* *INDENT-ON* */
2114 #define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001)
2115 
2117 #define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff)
2118 
2120 #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000)
2121 
2123 #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff)
2124 
2125 
2126 #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
2127 
2128 #define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
2129 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
2130 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
2131 
2138  unsigned int unused, psa_key_id_t key_id)
2139 {
2140  (void) unused;
2141 
2142  return key_id;
2143 }
2144 
2154 {
2155  return id1 == id2;
2156 }
2157 
2165 {
2166  return key == 0;
2167 }
2168 
2169 #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2170 
2171 #define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
2172 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).key_id)
2173 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).owner)
2174 
2181  mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
2182 {
2183  return (mbedtls_svc_key_id_t){ .key_id = key_id,
2184  .owner = owner_id };
2185 }
2186 
2194 static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
2196 {
2197  return (id1.key_id == id2.key_id) &&
2198  mbedtls_key_owner_id_equal(id1.owner, id2.owner);
2199 }
2200 
2207 static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
2208 {
2209  return key.key_id == 0;
2210 }
2211 
2212 #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2213 
2220 /* Note that key usage flags are embedded in the
2221  * persistent key store, as part of key metadata. As a consequence, they
2222  * must not be changed (unless the storage format version changes).
2223  */
2224 
2236 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001)
2237 
2252 #define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002)
2253 
2263 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100)
2264 
2274 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200)
2275 
2284 #define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400)
2285 
2294 #define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800)
2295 
2304 #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000)
2305 
2314 #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000)
2315 
2318 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000)
2319 
2326 /* Key input steps are not embedded in the persistent storage, so you can
2327  * change them if needed: it's only an ABI change. */
2328 
2341 #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)
2342 
2348 #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)
2349 
2355 #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)
2356 
2362 #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)
2363 
2369 #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)
2370 
2377 /* Helper macros */
2378 
2390 #define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
2391  (!(((aead_alg_1) ^ (aead_alg_2)) & \
2392  ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
2393 
2396 #endif /* PSA_CRYPTO_VALUES_H */
uint32_t psa_key_id_t
Definition: crypto_types.h:266
static mbedtls_svc_key_id_t mbedtls_svc_key_id_make(unsigned int unused, psa_key_id_t key_id)
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:283
static int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2)
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)