27 #ifndef PSA_CRYPTO_VALUES_H
28 #define PSA_CRYPTO_VALUES_H
57 #define PSA_SUCCESS ((psa_status_t)0)
64 #define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
73 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
86 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
98 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
104 #define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
110 #define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
126 #define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
137 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
143 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
152 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
169 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
194 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
200 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
231 #define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
250 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
260 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
276 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
280 #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
285 #define PSA_ERROR_SERVICE_FAILURE ((psa_status_t)-144)
289 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
313 #define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
329 #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
336 #define PSA_OPERATION_INCOMPLETE ((psa_status_t)-248)
356 #define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000)
365 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000)
367 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000)
368 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000)
369 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000)
370 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000)
371 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000)
373 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000)
379 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
380 (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
386 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
387 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
388 ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
391 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
392 (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
393 & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
394 PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
396 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
397 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
400 #define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
401 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
412 #define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
413 ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
424 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
425 ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
431 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001)
441 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100)
454 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200)
477 #define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t) 0x1203)
485 #define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t) 0x1205)
492 #define PSA_KEY_TYPE_PEPPER ((psa_key_type_t) 0x1206)
499 #define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400)
503 #define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406)
514 #define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301)
518 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403)
531 #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004)
537 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001)
542 #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001)
544 #define PSA_KEY_TYPE_IS_RSA(type) \
545 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
547 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100)
548 #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100)
549 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff)
559 #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
560 (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
570 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
571 (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
574 #define PSA_KEY_TYPE_IS_ECC(type) \
575 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
576 ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
578 #define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
579 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
580 PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
582 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
583 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
584 PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
587 #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
588 ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
589 ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
593 #define PSA_ECC_FAMILY_IS_WEIERSTRASS(family) ((family & 0xc0) == 0)
607 #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
617 #define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
619 #define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
631 #define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
643 #define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
655 #define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
667 #define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
679 #define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
697 #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
699 #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200)
700 #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200)
701 #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff)
707 #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
708 (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
714 #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
715 (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
718 #define PSA_KEY_TYPE_IS_DH(type) \
719 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
720 ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
722 #define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
723 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
724 PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
726 #define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
727 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
728 PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
731 #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
732 ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
733 ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
742 #define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
744 #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
764 #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
765 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
766 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
781 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000)
783 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000)
784 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000)
785 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000)
786 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000)
787 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000)
788 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000)
789 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000)
790 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000)
791 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000)
797 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
798 (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
808 #define PSA_ALG_IS_HASH(alg) \
809 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
819 #define PSA_ALG_IS_MAC(alg) \
820 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
830 #define PSA_ALG_IS_CIPHER(alg) \
831 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
842 #define PSA_ALG_IS_AEAD(alg) \
843 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
854 #define PSA_ALG_IS_SIGN(alg) \
855 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
866 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
867 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
877 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
878 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
888 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
889 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
905 #define PSA_ALG_IS_KEY_DERIVATION_STRETCHING(alg) \
906 (PSA_ALG_IS_KEY_DERIVATION(alg) && \
907 (alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG)
911 #define PSA_ALG_NONE ((psa_algorithm_t)0)
914 #define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff)
916 #define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003)
918 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004)
920 #define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005)
922 #define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008)
924 #define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009)
926 #define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a)
928 #define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b)
930 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c)
932 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d)
934 #define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010)
936 #define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011)
938 #define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012)
940 #define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013)
947 #define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015)
982 #define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff)
984 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000)
985 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000)
997 #define PSA_ALG_HMAC(hash_alg) \
998 (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1000 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
1001 (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
1013 #define PSA_ALG_IS_HMAC(alg) \
1014 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1024 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000)
1025 #define PSA_MAC_TRUNCATION_OFFSET 16
1033 #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
1068 #define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
1069 (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1070 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
1071 ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
1085 #define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
1086 ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1087 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
1100 #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
1101 (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
1127 #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
1128 (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
1129 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
1131 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000)
1137 #define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100)
1139 #define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200)
1149 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
1150 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1151 PSA_ALG_CIPHER_MAC_BASE)
1153 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000)
1154 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1168 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
1169 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1170 (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1177 #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100)
1186 #define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000)
1192 #define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100)
1198 #define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200)
1206 #define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00)
1226 #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400)
1235 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000)
1243 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100)
1245 #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1256 #define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1257 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1258 (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1264 #define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100)
1275 #define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t) 0x04c01300)
1281 #define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200)
1292 #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500)
1298 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000)
1299 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
1307 #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
1327 #define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1328 (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1329 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1330 ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1331 PSA_ALG_AEAD_TAG_LENGTH_MASK))
1343 #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1344 (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1345 PSA_AEAD_TAG_LENGTH_OFFSET)
1355 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1357 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1358 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1359 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1361 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1362 PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1363 PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1390 #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1391 (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1392 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
1394 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200)
1410 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1411 (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1418 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1419 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1420 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1422 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300)
1423 #define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300)
1444 #define PSA_ALG_RSA_PSS(hash_alg) \
1445 (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1462 #define PSA_ALG_RSA_PSS_ANY_SALT(hash_alg) \
1463 (PSA_ALG_RSA_PSS_ANY_SALT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1476 #define PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) \
1477 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1490 #define PSA_ALG_IS_RSA_PSS_ANY_SALT(alg) \
1491 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_ANY_SALT_BASE)
1508 #define PSA_ALG_IS_RSA_PSS(alg) \
1509 (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
1510 PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
1512 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600)
1533 #define PSA_ALG_ECDSA(hash_alg) \
1534 (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1544 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1545 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700)
1568 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1569 (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1570 #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100)
1571 #define PSA_ALG_IS_ECDSA(alg) \
1572 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1574 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1575 (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1576 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1577 (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1578 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1579 (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1609 #define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800)
1611 #define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900)
1612 #define PSA_ALG_IS_HASH_EDDSA(alg) \
1613 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
1636 #define PSA_ALG_ED25519PH \
1637 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
1661 #define PSA_ALG_ED448PH \
1662 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
1667 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
1686 #define PSA_ALG_IS_SIGN_HASH(alg) \
1687 (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1688 PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \
1689 PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
1702 #define PSA_ALG_IS_SIGN_MESSAGE(alg) \
1703 (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
1731 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1732 (PSA_ALG_IS_SIGN_HASH(alg) && \
1733 ((alg) & PSA_ALG_HASH_MASK) != 0)
1753 #define PSA_ALG_SIGN_GET_HASH(alg) \
1754 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1755 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1767 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200)
1769 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300)
1784 #define PSA_ALG_RSA_OAEP(hash_alg) \
1785 (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1786 #define PSA_ALG_IS_RSA_OAEP(alg) \
1787 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1788 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1789 (PSA_ALG_IS_RSA_OAEP(alg) ? \
1790 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1793 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100)
1820 #define PSA_ALG_HKDF(hash_alg) \
1821 (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1833 #define PSA_ALG_IS_HKDF(alg) \
1834 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1835 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1836 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1838 #define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t) 0x08000400)
1871 #define PSA_ALG_HKDF_EXTRACT(hash_alg) \
1872 (PSA_ALG_HKDF_EXTRACT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1884 #define PSA_ALG_IS_HKDF_EXTRACT(alg) \
1885 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE)
1887 #define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t) 0x08000500)
1913 #define PSA_ALG_HKDF_EXPAND(hash_alg) \
1914 (PSA_ALG_HKDF_EXPAND_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1926 #define PSA_ALG_IS_HKDF_EXPAND(alg) \
1927 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
1939 #define PSA_ALG_IS_ANY_HKDF(alg) \
1940 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE || \
1941 ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \
1942 ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
1944 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200)
1971 #define PSA_ALG_TLS12_PRF(hash_alg) \
1972 (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1982 #define PSA_ALG_IS_TLS12_PRF(alg) \
1983 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1984 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1985 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1987 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300)
2041 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
2042 (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2052 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
2053 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
2054 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
2055 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
2069 #define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t) 0x08000609)
2078 #define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t) 0x00800000)
2080 #define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t) 0x08800100)
2107 #define PSA_ALG_PBKDF2_HMAC(hash_alg) \
2108 (PSA_ALG_PBKDF2_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2118 #define PSA_ALG_IS_PBKDF2_HMAC(alg) \
2119 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_PBKDF2_HMAC_BASE)
2120 #define PSA_ALG_PBKDF2_HMAC_GET_HASH(pbkdf2_alg) \
2121 (PSA_ALG_CATEGORY_HASH | ((pbkdf2_alg) & PSA_ALG_HASH_MASK))
2131 #define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t) 0x08800200)
2133 #define PSA_ALG_IS_PBKDF2(kdf_alg) \
2134 (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) || \
2135 ((kdf_alg) == PSA_ALG_PBKDF2_AES_CMAC_PRF_128))
2137 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff)
2138 #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000)
2154 #define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
2155 ((ka_alg) | (kdf_alg))
2157 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
2158 (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
2160 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
2161 (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
2177 #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
2178 (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
2179 PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
2181 #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
2182 ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
2191 #define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000)
2205 #define PSA_ALG_IS_FFDH(alg) \
2206 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
2233 #define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000)
2249 #define PSA_ALG_IS_ECDH(alg) \
2250 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
2265 #define PSA_ALG_IS_WILDCARD(alg) \
2266 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
2267 PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
2268 PSA_ALG_IS_MAC(alg) ? \
2269 (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2270 PSA_ALG_IS_AEAD(alg) ? \
2271 (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2272 (alg) == PSA_ALG_ANY_HASH)
2283 #define PSA_ALG_GET_HASH(alg) \
2284 (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t) 0) : 0x02000000 | ((alg) & 0x000000ff))
2308 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000)
2322 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001)
2328 #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00)
2334 #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01)
2340 #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff)
2342 #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
2343 ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
2345 #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
2346 ((psa_key_location_t) ((lifetime) >> 8))
2364 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
2365 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2366 PSA_KEY_PERSISTENCE_VOLATILE)
2385 #define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
2386 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2387 PSA_KEY_PERSISTENCE_READ_ONLY)
2398 #define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
2399 ((location) << 8 | (persistence))
2408 #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000)
2410 #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000)
2420 #define PSA_KEY_ID_NULL ((psa_key_id_t)0)
2424 #define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001)
2427 #define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff)
2430 #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000)
2433 #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff)
2436 #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
2438 #define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
2439 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
2440 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
2481 #define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
2482 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).MBEDTLS_PRIVATE(key_id))
2483 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).MBEDTLS_PRIVATE(owner))
2494 .MBEDTLS_PRIVATE(owner) = owner_id };
2507 return (id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id)) &&
2508 mbedtls_key_owner_id_equal(id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner));
2519 return key.MBEDTLS_PRIVATE(key_id) == 0;
2546 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001)
2562 #define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002)
2573 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100)
2584 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200)
2594 #define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400)
2604 #define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800)
2614 #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000)
2624 #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000)
2638 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000)
2653 #define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t) 0x00008000)
2679 #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)
2697 #define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)
2706 #define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \
2707 ((psa_key_derivation_step_t) 0x0103)
2714 #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)
2722 #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)
2729 #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)
2736 #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)
2742 #define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)
2763 #define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
2764 (!(((aead_alg_1) ^ (aead_alg_2)) & \
2765 ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
2779 #define PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED UINT32_MAX
static mbedtls_svc_key_id_t mbedtls_svc_key_id_make(unsigned int unused, psa_key_id_t key_id)
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
psa_key_id_t mbedtls_svc_key_id_t
static int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2)
Macro wrapper for struct's members.