Mbed TLS v3.6.0
Loading...
Searching...
No Matches
crypto_struct.h
Go to the documentation of this file.
1
44/*
45 * Copyright The Mbed TLS Contributors
46 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
47 */
48
49#ifndef PSA_CRYPTO_STRUCT_H
50#define PSA_CRYPTO_STRUCT_H
52
53#ifdef __cplusplus
54extern "C" {
55#endif
56
57/*
58 * Include the build-time configuration information header. Here, we do not
59 * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
60 * is basically just an alias to it. This is to ease the maintenance of the
61 * TF-PSA-Crypto repository which has a different build system and
62 * configuration.
63 */
64#include "psa/build_info.h"
65
66/* Include the context definition for the compiled-in drivers for the primitive
67 * algorithms. */
69
71#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
72 mbedtls_psa_client_handle_t handle;
73#else
80 unsigned int MBEDTLS_PRIVATE(id);
82#endif
83};
84#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
85#define PSA_HASH_OPERATION_INIT { 0 }
86#else
87#define PSA_HASH_OPERATION_INIT { 0, { 0 } }
88#endif
90{
92 return v;
93}
94
96#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
97 mbedtls_psa_client_handle_t handle;
98#else
105 unsigned int MBEDTLS_PRIVATE(id);
106
107 unsigned int MBEDTLS_PRIVATE(iv_required) : 1;
108 unsigned int MBEDTLS_PRIVATE(iv_set) : 1;
109
110 uint8_t MBEDTLS_PRIVATE(default_iv_length);
111
113#endif
114};
115
116#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
117#define PSA_CIPHER_OPERATION_INIT { 0 }
118#else
119#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
120#endif
122{
124 return v;
125}
126
127/* Include the context definition for the compiled-in drivers for the composite
128 * algorithms. */
130
132#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
133 mbedtls_psa_client_handle_t handle;
134#else
141 unsigned int MBEDTLS_PRIVATE(id);
142 uint8_t MBEDTLS_PRIVATE(mac_size);
143 unsigned int MBEDTLS_PRIVATE(is_sign) : 1;
145#endif
146};
147
148#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
149#define PSA_MAC_OPERATION_INIT { 0 }
150#else
151#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
152#endif
154{
156 return v;
157}
158
160#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
161 mbedtls_psa_client_handle_t handle;
162#else
169 unsigned int MBEDTLS_PRIVATE(id);
170
173
174 size_t MBEDTLS_PRIVATE(ad_remaining);
175 size_t MBEDTLS_PRIVATE(body_remaining);
176
177 unsigned int MBEDTLS_PRIVATE(nonce_set) : 1;
178 unsigned int MBEDTLS_PRIVATE(lengths_set) : 1;
179 unsigned int MBEDTLS_PRIVATE(ad_started) : 1;
180 unsigned int MBEDTLS_PRIVATE(body_started) : 1;
181 unsigned int MBEDTLS_PRIVATE(is_encrypt) : 1;
182
184#endif
185};
186
187#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
188#define PSA_AEAD_OPERATION_INIT { 0 }
189#else
190#define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
191#endif
193{
195 return v;
196}
197
198/* Include the context definition for the compiled-in drivers for the key
199 * derivation algorithms. */
201
203#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
204 mbedtls_psa_client_handle_t handle;
205#else
207 unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
208 size_t MBEDTLS_PRIVATE(capacity);
210#endif
211};
212
213#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
214#define PSA_KEY_DERIVATION_OPERATION_INIT { 0 }
215#else
216/* This only zeroes out the first byte in the union, the rest is unspecified. */
217#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
218#endif
220 void)
221{
223 return v;
224}
225
227 /* Future versions may add other fields in this structure. */
228 uint32_t flags;
229 uint8_t data[];
230};
231
240#define PSA_KEY_PRODUCTION_PARAMETERS_INIT { 0 }
241
246};
248
249#define PSA_KEY_POLICY_INIT { 0, 0, 0 }
250static inline struct psa_key_policy_s psa_key_policy_init(void)
251{
252 const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
253 return v;
254}
255
256/* The type used internally for key sizes.
257 * Public interfaces use size_t, but internally we use a smaller type. */
258typedef uint16_t psa_key_bits_t;
259/* The maximum value of the type used to represent bit-sizes.
260 * This is used to mark an invalid key size. */
261#define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) -1)
262/* The maximum size of a key in bits.
263 * Currently defined as the maximum that can be represented, rounded down
264 * to a whole number of bytes.
265 * This is an uncast value so that it can be used in preprocessor
266 * conditionals. */
267#define PSA_MAX_KEY_BITS 0xfff8
268
270#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
272 int MBEDTLS_PRIVATE(has_slot_number);
273#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
278 /* This type has a different layout in the client view wrt the
279 * service view of the key id, i.e. in service view usually is
280 * expected to have MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined
281 * thus adding an owner field to the standard psa_key_id_t. For
282 * implementations with client/service separation, this means the
283 * object will be marshalled through a transport channel and
284 * interpreted differently at each side of the transport. Placing
285 * it at the end of structures allows to interpret the structure
286 * at the client without reorganizing the memory layout of the
287 * struct
288 */
290};
291
292#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
293#define PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER 0, 0,
294#else
295#define PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER
296#endif
297#define PSA_KEY_ATTRIBUTES_INIT { PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER \
298 PSA_KEY_TYPE_NONE, 0, \
299 PSA_KEY_LIFETIME_VOLATILE, \
300 PSA_KEY_POLICY_INIT, \
301 MBEDTLS_SVC_KEY_ID_INIT }
302
304{
306 return v;
307}
308
309static inline void psa_set_key_id(psa_key_attributes_t *attributes,
311{
312 psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(lifetime);
313
314 attributes->MBEDTLS_PRIVATE(id) = key;
315
316 if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
317 attributes->MBEDTLS_PRIVATE(lifetime) =
321 }
322}
323
325 const psa_key_attributes_t *attributes)
326{
327 return attributes->MBEDTLS_PRIVATE(id);
328}
329
330#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
331static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
332 mbedtls_key_owner_id_t owner)
333{
334 attributes->MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner;
335}
336#endif
337
338static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
339 psa_key_lifetime_t lifetime)
340{
341 attributes->MBEDTLS_PRIVATE(lifetime) = lifetime;
342 if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
343#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
344 attributes->MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0;
345#else
346 attributes->MBEDTLS_PRIVATE(id) = 0;
347#endif
348 }
349}
350
352 const psa_key_attributes_t *attributes)
353{
354 return attributes->MBEDTLS_PRIVATE(lifetime);
355}
356
357static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
358{
359 if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
360 *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
361 }
362
363 if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
364 *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
365 }
366}
367
368static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
369 psa_key_usage_t usage_flags)
370{
371 psa_extend_key_usage_flags(&usage_flags);
372 attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
373}
374
376 const psa_key_attributes_t *attributes)
377{
378 return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage);
379}
380
381static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
382 psa_algorithm_t alg)
383{
384 attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg;
385}
386
388 const psa_key_attributes_t *attributes)
389{
390 return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
391}
392
393static inline void psa_set_key_type(psa_key_attributes_t *attributes,
394 psa_key_type_t type)
395{
396 attributes->MBEDTLS_PRIVATE(type) = type;
397}
398
400 const psa_key_attributes_t *attributes)
401{
402 return attributes->MBEDTLS_PRIVATE(type);
403}
404
405static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
406 size_t bits)
407{
408 if (bits > PSA_MAX_KEY_BITS) {
409 attributes->MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE;
410 } else {
411 attributes->MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits;
412 }
413}
414
415static inline size_t psa_get_key_bits(
416 const psa_key_attributes_t *attributes)
417{
418 return attributes->MBEDTLS_PRIVATE(bits);
419}
420
425#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
426 mbedtls_psa_client_handle_t handle;
427#else
434 unsigned int MBEDTLS_PRIVATE(id);
435
437
438 unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
439
440 uint32_t MBEDTLS_PRIVATE(num_ops);
441#endif
442};
443
444#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
445#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
446#else
447#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
448#endif
449
452{
455
456 return v;
457}
458
463#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
464 mbedtls_psa_client_handle_t handle;
465#else
472 unsigned int MBEDTLS_PRIVATE(id);
473
475
476 unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
477
478 uint32_t MBEDTLS_PRIVATE(num_ops);
479#endif
480};
481
482#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
483#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
484#else
485#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
486#endif
487
490{
493
494 return v;
495}
496
497#ifdef __cplusplus
498}
499#endif
500
501#endif /* PSA_CRYPTO_STRUCT_H */
#define PSA_KEY_BITS_TOO_LARGE
static struct psa_sign_hash_interruptible_operation_s psa_sign_hash_interruptible_operation_init(void)
static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags)
static struct psa_aead_operation_s psa_aead_operation_init(void)
static struct psa_verify_hash_interruptible_operation_s psa_verify_hash_interruptible_operation_init(void)
uint16_t psa_key_bits_t
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
#define PSA_KEY_POLICY_INIT
static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type)
static struct psa_key_attributes_s psa_key_attributes_init(void)
static struct psa_cipher_operation_s psa_cipher_operation_init(void)
static struct psa_key_derivation_s psa_key_derivation_operation_init(void)
#define PSA_MAX_KEY_BITS
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
static psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
static void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
static struct psa_mac_operation_s psa_mac_operation_init(void)
static void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime)
static psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
static struct psa_hash_operation_s psa_hash_operation_init(void)
static void psa_set_key_id(psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key)
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT
static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg)
#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT
static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits)
static mbedtls_svc_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
static struct psa_key_policy_s psa_key_policy_init(void)
#define PSA_MAC_OPERATION_INIT
#define PSA_AEAD_OPERATION_INIT
#define PSA_KEY_ATTRIBUTES_INIT
#define PSA_CIPHER_OPERATION_INIT
uint16_t psa_key_type_t
Encoding of a key type.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
#define PSA_HASH_OPERATION_INIT
#define PSA_KEY_DERIVATION_OPERATION_INIT
#define PSA_KEY_LIFETIME_PERSISTENT
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)
#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)
uint32_t psa_key_lifetime_t
psa_key_id_t mbedtls_svc_key_id_t
#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location)
#define PSA_KEY_USAGE_SIGN_HASH
#define PSA_KEY_USAGE_SIGN_MESSAGE
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
#define PSA_KEY_USAGE_VERIFY_MESSAGE
#define PSA_KEY_USAGE_VERIFY_HASH
uint64_t psa_key_slot_number_t
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
Build-time PSA configuration info.
The context for PSA interruptible hash signing.
The context for PSA interruptible hash verification.