mbed TLS v3.3.0
Loading...
Searching...
No Matches
psa_util.h
Go to the documentation of this file.
1
9/*
10 * Copyright The Mbed TLS Contributors
11 * SPDX-License-Identifier: Apache-2.0
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 */
25
26#ifndef MBEDTLS_PSA_UTIL_H
27#define MBEDTLS_PSA_UTIL_H
29
30#include "mbedtls/build_info.h"
31
32#if defined(MBEDTLS_PSA_CRYPTO_C)
33
34#include "psa/crypto.h"
35
36#include "mbedtls/ecp.h"
37#include "mbedtls/md.h"
38#include "mbedtls/pk.h"
39#include "mbedtls/oid.h"
40#include "mbedtls/error.h"
41
42#include <string.h>
43
44/* Translations for symmetric crypto. */
45
48{
49 switch( cipher )
50 {
66 return( PSA_KEY_TYPE_AES );
67
68 /* ARIA not yet supported in PSA. */
69 /* case MBEDTLS_CIPHER_ARIA_128_CCM:
70 case MBEDTLS_CIPHER_ARIA_192_CCM:
71 case MBEDTLS_CIPHER_ARIA_256_CCM:
72 case MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG:
73 case MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG:
74 case MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG:
75 case MBEDTLS_CIPHER_ARIA_128_GCM:
76 case MBEDTLS_CIPHER_ARIA_192_GCM:
77 case MBEDTLS_CIPHER_ARIA_256_GCM:
78 case MBEDTLS_CIPHER_ARIA_128_CBC:
79 case MBEDTLS_CIPHER_ARIA_192_CBC:
80 case MBEDTLS_CIPHER_ARIA_256_CBC:
81 return( PSA_KEY_TYPE_ARIA ); */
82
83 default:
84 return( 0 );
85 }
86}
87
89 mbedtls_cipher_mode_t mode, size_t taglen )
90{
91 switch( mode )
92 {
94 return( PSA_ALG_ECB_NO_PADDING );
101 case MBEDTLS_MODE_CBC:
102 if( taglen == 0 )
103 return( PSA_ALG_CBC_NO_PADDING );
104 else
105 return( 0 );
106 default:
107 return( 0 );
108 }
109}
110
113{
114 switch( op )
115 {
116 case MBEDTLS_ENCRYPT:
117 return( PSA_KEY_USAGE_ENCRYPT );
118 case MBEDTLS_DECRYPT:
119 return( PSA_KEY_USAGE_DECRYPT );
120 default:
121 return( 0 );
122 }
123}
124
125/* Translations for hashing. */
126
127/* Note: this function should not be used from inside the library, use
128 * mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead.
129 * It is kept only for compatibility in case applications were using it. */
131{
132 switch( md_alg )
133 {
134#if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5)
135 case MBEDTLS_MD_MD5:
136 return( PSA_ALG_MD5 );
137#endif
138#if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1)
139 case MBEDTLS_MD_SHA1:
140 return( PSA_ALG_SHA_1 );
141#endif
142#if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224)
144 return( PSA_ALG_SHA_224 );
145#endif
146#if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256)
148 return( PSA_ALG_SHA_256 );
149#endif
150#if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384)
152 return( PSA_ALG_SHA_384 );
153#endif
154#if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512)
156 return( PSA_ALG_SHA_512 );
157#endif
158#if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160)
160 return( PSA_ALG_RIPEMD160 );
161#endif
162 case MBEDTLS_MD_NONE:
163 return( 0 );
164 default:
165 return( 0 );
166 }
167}
168
169/* Translations for ECC. */
170
172 psa_ecc_family_t curve, size_t bits,
173 char const **oid, size_t *oid_len )
174{
175 switch( curve )
176 {
178 switch( bits )
179 {
180#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
181 case 192:
184 return( 0 );
185#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
186#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
187 case 224:
190 return( 0 );
191#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
192#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
193 case 256:
196 return( 0 );
197#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
198#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
199 case 384:
202 return( 0 );
203#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
204#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
205 case 521:
208 return( 0 );
209#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
210 }
211 break;
213 switch( bits )
214 {
215#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
216 case 192:
219 return( 0 );
220#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
221#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
222 case 224:
225 return( 0 );
226#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
227#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
228 case 256:
231 return( 0 );
232#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
233 }
234 break;
236 switch( bits )
237 {
238#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
239 case 256:
242 return( 0 );
243#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
244#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
245 case 384:
248 return( 0 );
249#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
250#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
251 case 512:
254 return( 0 );
255#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
256 }
257 break;
258 }
259 (void) oid;
260 (void) oid_len;
261 return( -1 );
262}
263
264#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \
265 PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )
266
267/* This function transforms an ECC group identifier from
268 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
269 * into a PSA ECC group identifier. */
270#if defined(MBEDTLS_ECP_C)
272 uint16_t tls_ecc_grp_reg_id, size_t *bits )
273{
274 const mbedtls_ecp_curve_info *curve_info =
275 mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );
276 if( curve_info == NULL )
277 return( 0 );
279 mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) );
280}
281#endif /* MBEDTLS_ECP_C */
282
283/* Expose whatever RNG the PSA subsystem uses to applications using the
284 * mbedtls_xxx API. The declarations and definitions here need to be
285 * consistent with the implementation in library/psa_crypto_random_impl.h.
286 * See that file for implementation documentation. */
287
288
289/* The type of a `f_rng` random generator function that many library functions
290 * take.
291 *
292 * This type name is not part of the Mbed TLS stable API. It may be renamed
293 * or moved without warning.
294 */
295typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size );
296
297#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
298
334int mbedtls_psa_get_random( void *p_rng,
335 unsigned char *output,
336 size_t output_size );
337
348#define MBEDTLS_PSA_RANDOM_STATE NULL
349
350#else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
351
352#if defined(MBEDTLS_CTR_DRBG_C)
353#include "mbedtls/ctr_drbg.h"
356#elif defined(MBEDTLS_HMAC_DRBG_C)
357#include "mbedtls/hmac_drbg.h"
360#endif
362
363#define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
364
365#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
366
367#endif /* MBEDTLS_PSA_CRYPTO_C */
368
369#endif /* MBEDTLS_PSA_UTIL_H */
Build-time configuration info.
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:96
@ MBEDTLS_CIPHER_AES_128_ECB
Definition: cipher.h:99
@ MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG
Definition: cipher.h:138
@ MBEDTLS_CIPHER_AES_128_CBC
Definition: cipher.h:102
@ MBEDTLS_CIPHER_AES_192_GCM
Definition: cipher.h:112
@ MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG
Definition: cipher.h:139
@ MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG
Definition: cipher.h:140
@ MBEDTLS_CIPHER_AES_256_ECB
Definition: cipher.h:101
@ MBEDTLS_CIPHER_AES_192_CCM
Definition: cipher.h:136
@ MBEDTLS_CIPHER_AES_256_GCM
Definition: cipher.h:113
@ MBEDTLS_CIPHER_AES_256_CCM
Definition: cipher.h:137
@ MBEDTLS_CIPHER_AES_128_GCM
Definition: cipher.h:111
@ MBEDTLS_CIPHER_AES_192_CBC
Definition: cipher.h:103
@ MBEDTLS_CIPHER_AES_128_CCM
Definition: cipher.h:135
@ MBEDTLS_CIPHER_AES_256_CBC
Definition: cipher.h:104
@ MBEDTLS_CIPHER_AES_192_ECB
Definition: cipher.h:100
mbedtls_operation_t
Definition: cipher.h:211
@ MBEDTLS_DECRYPT
Definition: cipher.h:213
@ MBEDTLS_ENCRYPT
Definition: cipher.h:214
mbedtls_cipher_mode_t
Definition: cipher.h:184
@ MBEDTLS_MODE_ECB
Definition: cipher.h:186
@ MBEDTLS_MODE_CCM
Definition: cipher.h:193
@ MBEDTLS_MODE_GCM
Definition: cipher.h:191
@ MBEDTLS_MODE_CCM_STAR_NO_TAG
Definition: cipher.h:194
@ MBEDTLS_MODE_CBC
Definition: cipher.h:187
Platform Security Architecture cryptography module.
This file contains definitions and functions for the CTR_DRBG pseudorandom generator.
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
This file provides an API for Elliptic Curves over GF(P) (ECP).
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
This function retrieves curve information from a TLS NamedCurve value.
Error to string translation.
#define MBEDTLS_OID_SIZE(x)
Definition: asn1.h:126
#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve)
#define PSA_ALG_GCM
#define PSA_ALG_SHA_224
#define PSA_ALG_SHA_1
#define PSA_ECC_FAMILY_SECP_R1
#define PSA_ALG_SHA_384
#define PSA_ECC_FAMILY_SECP_K1
#define PSA_ALG_SHA_256
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:82
#define PSA_ALG_RIPEMD160
#define PSA_KEY_TYPE_AES
#define PSA_ALG_CCM_STAR_NO_TAG
#define PSA_ALG_ECB_NO_PADDING
#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length)
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
#define PSA_ALG_CCM
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:138
#define PSA_ALG_CBC_NO_PADDING
#define PSA_ALG_MD5
uint8_t psa_ecc_family_t
Definition: crypto_types.h:101
#define PSA_ALG_SHA_512
#define PSA_KEY_USAGE_ENCRYPT
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:328
#define PSA_KEY_USAGE_DECRYPT
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:590
The HMAC_DRBG pseudorandom generator.
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
This file contains the generic message-digest wrapper.
mbedtls_md_type_t
Supported message digests.
Definition: md.h:55
@ MBEDTLS_MD_SHA512
Definition: md.h:62
@ MBEDTLS_MD_MD5
Definition: md.h:57
@ MBEDTLS_MD_RIPEMD160
Definition: md.h:63
@ MBEDTLS_MD_SHA384
Definition: md.h:61
@ MBEDTLS_MD_NONE
Definition: md.h:56
@ MBEDTLS_MD_SHA256
Definition: md.h:60
@ MBEDTLS_MD_SHA224
Definition: md.h:59
@ MBEDTLS_MD_SHA1
Definition: md.h:58
Object Identifier (OID) database.
#define MBEDTLS_OID_EC_GRP_SECP521R1
Definition: oid.h:364
#define MBEDTLS_OID_EC_GRP_SECP224R1
Definition: oid.h:352
#define MBEDTLS_OID_EC_GRP_SECP256K1
Definition: oid.h:376
#define MBEDTLS_OID_EC_GRP_SECP384R1
Definition: oid.h:360
#define MBEDTLS_OID_EC_GRP_SECP192K1
Definition: oid.h:368
#define MBEDTLS_OID_EC_GRP_BP384R1
Definition: oid.h:390
#define MBEDTLS_OID_EC_GRP_SECP224K1
Definition: oid.h:372
#define MBEDTLS_OID_EC_GRP_BP512R1
Definition: oid.h:393
#define MBEDTLS_OID_EC_GRP_SECP256R1
Definition: oid.h:356
#define MBEDTLS_OID_EC_GRP_SECP192R1
Definition: oid.h:348
#define MBEDTLS_OID_EC_GRP_BP256R1
Definition: oid.h:387
Public Key abstraction layer.
Macro wrapper for struct's members.
static psa_key_type_t mbedtls_psa_parse_tls_ecc_group(uint16_t tls_ecc_grp_reg_id, size_t *bits)
Definition: psa_util.h:271
mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t
Definition: psa_util.h:354
static mbedtls_f_rng_t *const mbedtls_psa_get_random
Definition: psa_util.h:355
static psa_algorithm_t mbedtls_psa_translate_cipher_mode(mbedtls_cipher_mode_t mode, size_t taglen)
Definition: psa_util.h:88
mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state
static int mbedtls_psa_get_ecc_oid_from_id(psa_ecc_family_t curve, size_t bits, char const **oid, size_t *oid_len)
Definition: psa_util.h:171
static psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
Definition: psa_util.h:130
int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size)
Definition: psa_util.h:295
static psa_key_type_t mbedtls_psa_translate_cipher_type(mbedtls_cipher_type_t cipher)
Definition: psa_util.h:46
static psa_key_usage_t mbedtls_psa_translate_cipher_operation(mbedtls_operation_t op)
Definition: psa_util.h:111
The CTR_DRBG context structure.
Definition: ctr_drbg.h:171
mbedtls_ecp_group_id grp_id
Definition: ecp.h:155