Mbed TLS v3.6.1
Loading...
Searching...
No Matches
Macros
crypto_sizes.h File Reference

PSA cryptography module: Mbed TLS buffer size macros. More...

#include "psa/build_info.h"
Include dependency graph for crypto_sizes.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define PSA_BITS_TO_BYTES(bits)   (((bits) + 7u) / 8u)
 
#define PSA_BYTES_TO_BITS(bytes)   ((bytes) * 8u)
 
#define PSA_MAX_OF_THREE(a, b, c)
 
#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length)    (((length) + (block_size) - 1) / (block_size) * (block_size))
 
#define PSA_HASH_LENGTH(alg)
 
#define PSA_HASH_BLOCK_LENGTH(alg)
 
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE   144u
 
#define PSA_HASH_MAX_SIZE   64u
 
#define PSA_MAC_MAX_SIZE   PSA_HASH_MAX_SIZE
 
#define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg)
 
#define PSA_AEAD_TAG_MAX_SIZE   16u
 
#define PSA_VENDOR_RSA_MAX_KEY_BITS   4096u
 
#define PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS   1024
 
#define PSA_VENDOR_FFDH_MAX_KEY_BITS   8192u
 
#define PSA_VENDOR_ECC_MAX_CURVE_BITS   521u
 
#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE   128u
 
#define PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE   65u
 
#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE   32u
 
#define PSA_VENDOR_PBKDF2_MAX_ITERATIONS   0xffffffffU
 
#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE   16u
 
#define PSA_MAC_LENGTH(key_type, key_bits, alg)
 
#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length)
 
#define PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(plaintext_length)    ((plaintext_length) + PSA_AEAD_TAG_MAX_SIZE)
 
#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length)
 
#define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length)    (ciphertext_length)
 
#define PSA_AEAD_NONCE_LENGTH(key_type, alg)
 
#define PSA_AEAD_NONCE_MAX_SIZE   13u
 
#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length)
 
#define PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(input_length)    (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)))
 
#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg)
 
#define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE   (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
 
#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg)
 
#define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE   (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
 
#define PSA_RSA_MINIMUM_PADDING_SIZE(alg)
 
#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)    (PSA_BITS_TO_BYTES(curve_bits) * 2u)
 ECDSA signature size for a given curve bit size.
 
#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)
 
#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE    PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
 
#define PSA_SIGNATURE_MAX_SIZE   1
 
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
 
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
 
#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
 
#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
 
#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits)    ((bits) / 8u + 5u)
 
#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits)    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11u)
 
#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits)    (9u * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2u + 1u) + 14u)
 
#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits)    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 59u)
 
#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits)    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 75u)
 
#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)    (2u * PSA_BITS_TO_BYTES(key_bits) + 1u)
 
#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits)    (PSA_BITS_TO_BYTES(key_bits))
 
#define PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(key_bits)    (PSA_BITS_TO_BYTES(key_bits))
 
#define PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(key_bits)    (PSA_BITS_TO_BYTES(key_bits))
 
#define PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits)
 
#define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits)
 
#define PSA_EXPORT_KEY_PAIR_MAX_SIZE   1
 
#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE   1
 
#define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits)
 
#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE   1
 
#define PSA_CIPHER_IV_LENGTH(key_type, alg)
 
#define PSA_CIPHER_IV_MAX_SIZE   16u
 
#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length)
 
#define PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input_length)
 
#define PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_length)
 
#define PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_length)    (input_length)
 
#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length)
 
#define PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input_length)    (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, input_length))
 
#define PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)
 
#define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE    (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
 

Detailed Description

PSA cryptography module: Mbed TLS buffer size macros.

Note
This file may not be included directly. Applications must include psa/crypto.h.

This file contains the definitions of macros that are useful to compute buffer sizes. The signatures and semantics of these macros are standardized, but the definitions are not, because they depend on the available algorithms and, in some cases, on permitted tolerances on buffer sizes.

In implementations with isolation between the application and the cryptography module, implementers should take care to ensure that the definitions that are exposed to applications match what the module implements.

Macros that compute sizes whose values do not depend on the implementation are in crypto.h.

Definition in file crypto_sizes.h.

Macro Definition Documentation

◆ PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE

#define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE (   ciphertext_length)     (ciphertext_length)

A sufficient output buffer size for psa_aead_decrypt(), for any of the supported key types and AEAD algorithms.

If the size of the plaintext buffer is at least this large, it is guaranteed that psa_aead_decrypt() will not fail due to an insufficient buffer size.

Note
This macro returns a compile-time constant if its arguments are compile-time constants.

See also PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length).

Parameters
ciphertext_lengthSize of the ciphertext in bytes.
Returns
A sufficient output buffer size for any of the supported key types and AEAD algorithms.

Definition at line 437 of file crypto_sizes.h.

◆ PSA_AEAD_DECRYPT_OUTPUT_SIZE

#define PSA_AEAD_DECRYPT_OUTPUT_SIZE (   key_type,
  alg,
  ciphertext_length 
)
Value:
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
(ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
(ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0u)
#define PSA_AEAD_NONCE_LENGTH(key_type, alg)
Definition: crypto_sizes.h:465
#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg)

The maximum size of the output of psa_aead_decrypt(), in bytes.

If the size of the plaintext buffer is at least this large, it is guaranteed that psa_aead_decrypt() will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the plaintext may be smaller.

See also PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length).

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algAn AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true).
ciphertext_lengthSize of the plaintext in bytes.
Returns
The AEAD ciphertext size for the specified algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 413 of file crypto_sizes.h.

◆ PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE

#define PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE (   plaintext_length)     ((plaintext_length) + PSA_AEAD_TAG_MAX_SIZE)

A sufficient output buffer size for psa_aead_encrypt(), for any of the supported key types and AEAD algorithms.

If the size of the ciphertext buffer is at least this large, it is guaranteed that psa_aead_encrypt() will not fail due to an insufficient buffer size.

Note
This macro returns a compile-time constant if its arguments are compile-time constants.

See also PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length).

Parameters
plaintext_lengthSize of the plaintext in bytes.
Returns
A sufficient output buffer size for any of the supported key types and AEAD algorithms.

Definition at line 383 of file crypto_sizes.h.

◆ PSA_AEAD_ENCRYPT_OUTPUT_SIZE

#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE (   key_type,
  alg,
  plaintext_length 
)
Value:
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
(plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0u)

The maximum size of the output of psa_aead_encrypt(), in bytes.

If the size of the ciphertext buffer is at least this large, it is guaranteed that psa_aead_encrypt() will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the ciphertext may be smaller.

See also PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(plaintext_length).

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algAn AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true).
plaintext_lengthSize of the plaintext in bytes.
Returns
The AEAD ciphertext size for the specified algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 360 of file crypto_sizes.h.

◆ PSA_AEAD_FINISH_OUTPUT_MAX_SIZE

#define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE   (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)

A sufficient ciphertext buffer size for psa_aead_finish(), for any of the supported key types and AEAD algorithms.

See also PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg).

Definition at line 569 of file crypto_sizes.h.

◆ PSA_AEAD_FINISH_OUTPUT_SIZE

#define PSA_AEAD_FINISH_OUTPUT_SIZE (   key_type,
  alg 
)
Value:
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0u)

A sufficient ciphertext buffer size for psa_aead_finish().

If the size of the ciphertext buffer is at least this large, it is guaranteed that psa_aead_finish() will not fail due to an insufficient ciphertext buffer size. The actual size of the output may be smaller in any given call.

See also PSA_AEAD_FINISH_OUTPUT_MAX_SIZE.

Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algAn AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true).
Returns
A sufficient ciphertext buffer size for the specified algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 558 of file crypto_sizes.h.

◆ PSA_AEAD_NONCE_LENGTH

#define PSA_AEAD_NONCE_LENGTH (   key_type,
  alg 
)
Value:
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13u : \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12u : \
0u : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
0u)
#define PSA_ALG_GCM
#define PSA_ALG_CHACHA20_POLY1305
#define PSA_KEY_TYPE_CHACHA20
#define PSA_ALG_CCM
#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type)
#define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2)

The default nonce size for an AEAD algorithm, in bytes.

This macro can be used to allocate a buffer of sufficient size to store the nonce output from psa_aead_generate_nonce().

See also PSA_AEAD_NONCE_MAX_SIZE.

Note
This is not the maximum size of nonce supported as input to psa_aead_set_nonce(), psa_aead_encrypt() or psa_aead_decrypt(), just the default size that is generated by psa_aead_generate_nonce().
Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algAn AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true).
Returns
The default nonce size for the specified key type and algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 465 of file crypto_sizes.h.

◆ PSA_AEAD_NONCE_MAX_SIZE

#define PSA_AEAD_NONCE_MAX_SIZE   13u

The maximum default nonce size among all supported pairs of key types and AEAD algorithms, in bytes.

This is equal to or greater than any value that PSA_AEAD_NONCE_LENGTH() may return.

Note
This is not the maximum size of nonce supported as input to psa_aead_set_nonce(), psa_aead_encrypt() or psa_aead_decrypt(), just the largest size that may be generated by psa_aead_generate_nonce().

Definition at line 485 of file crypto_sizes.h.

◆ PSA_AEAD_TAG_LENGTH

#define PSA_AEAD_TAG_LENGTH (   key_type,
  key_bits,
  alg 
)
Value:
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
((void) (key_bits), 0u))

The length of a tag for an AEAD algorithm, in bytes.

This macro can be used to allocate a buffer of sufficient size to store the tag output from psa_aead_finish().

See also PSA_AEAD_TAG_MAX_SIZE.

Parameters
key_typeThe type of the AEAD key.
key_bitsThe size of the AEAD key in bits.
algAn AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true).
Returns
The tag length for the specified algorithm and key. If the AEAD algorithm does not have an identified tag that can be distinguished from the rest of the ciphertext, return 0. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 188 of file crypto_sizes.h.

◆ PSA_AEAD_TAG_MAX_SIZE

#define PSA_AEAD_TAG_MAX_SIZE   16u

The maximum tag size for all supported AEAD algorithms, in bytes.

See also PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg).

Definition at line 197 of file crypto_sizes.h.

◆ PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE

#define PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE (   input_length)     (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)))

A sufficient output buffer size for psa_aead_update(), for any of the supported key types and AEAD algorithms.

If the size of the output buffer is at least this large, it is guaranteed that psa_aead_update() will not fail due to an insufficient buffer size.

See also PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length).

Parameters
input_lengthSize of the input in bytes.

Definition at line 534 of file crypto_sizes.h.

◆ PSA_AEAD_UPDATE_OUTPUT_SIZE

#define PSA_AEAD_UPDATE_OUTPUT_SIZE (   key_type,
  alg,
  input_length 
)
Value:
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
(input_length) : \
0u)

A sufficient output buffer size for psa_aead_update().

If the size of the output buffer is at least this large, it is guaranteed that psa_aead_update() will not fail due to an insufficient buffer size. The actual size of the output may be smaller in any given call.

See also PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(input_length).

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algAn AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true).
input_lengthSize of the input in bytes.
Returns
A sufficient output buffer size for the specified algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 517 of file crypto_sizes.h.

◆ PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE

#define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE   (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)

A sufficient plaintext buffer size for psa_aead_verify(), for any of the supported key types and AEAD algorithms.

See also PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg).

Definition at line 603 of file crypto_sizes.h.

◆ PSA_AEAD_VERIFY_OUTPUT_SIZE

#define PSA_AEAD_VERIFY_OUTPUT_SIZE (   key_type,
  alg 
)
Value:
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0u)

A sufficient plaintext buffer size for psa_aead_verify().

If the size of the plaintext buffer is at least this large, it is guaranteed that psa_aead_verify() will not fail due to an insufficient plaintext buffer size. The actual size of the output may be smaller in any given call.

See also PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE.

Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algAn AEAD algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_AEAD(alg) is true).
Returns
A sufficient plaintext buffer size for the specified algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 592 of file crypto_sizes.h.

◆ PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE

#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))

A sufficient output buffer size for psa_asymmetric_decrypt(), for any supported asymmetric decryption.

This macro assumes that RSA is the only supported asymmetric encryption.

See also PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg).

Definition at line 750 of file crypto_sizes.h.

◆ PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE

#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE (   key_type,
  key_bits,
  alg 
)
Value:
(PSA_KEY_TYPE_IS_RSA(key_type) ? \
PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \
0u)
#define PSA_RSA_MINIMUM_PADDING_SIZE(alg)
Definition: crypto_sizes.h:605
#define PSA_KEY_TYPE_IS_RSA(type)

Sufficient output buffer size for psa_asymmetric_decrypt().

This macro returns a sufficient buffer size for a plaintext produced using a key of the specified type and size, with the specified algorithm. Note that the actual size of the plaintext may be smaller, depending on the algorithm.

Warning
This function may call its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeAn asymmetric key type (this may indifferently be a key pair type or a public key type).
key_bitsThe size of the key in bits.
algThe asymmetric encryption algorithm.
Returns
If the parameters are valid and supported, return a buffer size in bytes that guarantees that psa_asymmetric_decrypt() will not fail with PSA_ERROR_BUFFER_TOO_SMALL. If the parameters are a valid combination that is not supported, return either a sensible size or 0. If the parameters are not valid, the return value is unspecified.

Definition at line 738 of file crypto_sizes.h.

◆ PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE

#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))

A sufficient output buffer size for psa_asymmetric_encrypt(), for any supported asymmetric encryption.

See also PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg).

Definition at line 710 of file crypto_sizes.h.

◆ PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE

#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE (   key_type,
  key_bits,
  alg 
)
Value:
(PSA_KEY_TYPE_IS_RSA(key_type) ? \
((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
0u)
#define PSA_BITS_TO_BYTES(bits)
Definition: crypto_sizes.h:40

Sufficient output buffer size for psa_asymmetric_encrypt().

This macro returns a sufficient buffer size for a ciphertext produced using a key of the specified type and size, with the specified algorithm. Note that the actual size of the ciphertext may be smaller, depending on the algorithm.

Warning
This function may call its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeAn asymmetric key type (this may indifferently be a key pair type or a public key type).
key_bitsThe size of the key in bits.
algThe asymmetric encryption algorithm.
Returns
If the parameters are valid and supported, return a buffer size in bytes that guarantees that psa_asymmetric_encrypt() will not fail with PSA_ERROR_BUFFER_TOO_SMALL. If the parameters are a valid combination that is not supported, return either a sensible size or 0. If the parameters are not valid, the return value is unspecified.

Definition at line 699 of file crypto_sizes.h.

◆ PSA_BITS_TO_BYTES

#define PSA_BITS_TO_BYTES (   bits)    (((bits) + 7u) / 8u)

Definition at line 40 of file crypto_sizes.h.

◆ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE

#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE   16u

The maximum size of a block cipher.

Definition at line 305 of file crypto_sizes.h.

◆ PSA_BYTES_TO_BITS

#define PSA_BYTES_TO_BITS (   bytes)    ((bytes) * 8u)

Definition at line 41 of file crypto_sizes.h.

◆ PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE

#define PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE (   input_length)     (input_length)

A sufficient output buffer size for psa_cipher_decrypt(), for any of the supported key types and cipher algorithms.

If the size of the output buffer is at least this large, it is guaranteed that psa_cipher_decrypt() will not fail due to an insufficient buffer size.

See also PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_length).

Parameters
input_lengthSize of the input in bytes.

Definition at line 1215 of file crypto_sizes.h.

◆ PSA_CIPHER_DECRYPT_OUTPUT_SIZE

#define PSA_CIPHER_DECRYPT_OUTPUT_SIZE (   key_type,
  alg,
  input_length 
)
Value:
(PSA_ALG_IS_CIPHER(alg) && \
(input_length) : \
0u)
#define PSA_ALG_IS_CIPHER(alg)
#define PSA_KEY_TYPE_CATEGORY_MASK
#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC

The maximum size of the output of psa_cipher_decrypt(), in bytes.

If the size of the output buffer is at least this large, it is guaranteed that psa_cipher_decrypt() will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the output might be smaller.

See also PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_length).

Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algA cipher algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_CIPHER(alg) is true).
input_lengthSize of the input in bytes.
Returns
A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 1199 of file crypto_sizes.h.

◆ PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE

#define PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE (   input_length)
Value:
(input_length) + 1u) + \
#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length)
Definition: crypto_sizes.h:45
#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE
Definition: crypto_sizes.h:305
#define PSA_CIPHER_IV_MAX_SIZE

A sufficient output buffer size for psa_cipher_encrypt(), for any of the supported key types and cipher algorithms.

If the size of the output buffer is at least this large, it is guaranteed that psa_cipher_encrypt() will not fail due to an insufficient buffer size.

See also PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length).

Parameters
input_lengthSize of the input in bytes.

Definition at line 1175 of file crypto_sizes.h.

◆ PSA_CIPHER_ENCRYPT_OUTPUT_SIZE

#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE (   key_type,
  alg,
  input_length 
)
Value:
(alg == PSA_ALG_CBC_PKCS7 ? \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
(input_length) + 1u) + \
PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0u) : \
(input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \
0u))
#define PSA_CIPHER_IV_LENGTH(key_type, alg)
#define PSA_ALG_CBC_PKCS7

The maximum size of the output of psa_cipher_encrypt(), in bytes.

If the size of the output buffer is at least this large, it is guaranteed that psa_cipher_encrypt() will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the output might be smaller.

See also PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input_length).

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algA cipher algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_CIPHER(alg) is true).
input_lengthSize of the input in bytes.
Returns
A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 1154 of file crypto_sizes.h.

◆ PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE

#define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE    (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)

A sufficient ciphertext buffer size for psa_cipher_finish(), for any of the supported key types and cipher algorithms.

See also PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg).

Definition at line 1289 of file crypto_sizes.h.

◆ PSA_CIPHER_FINISH_OUTPUT_SIZE

#define PSA_CIPHER_FINISH_OUTPUT_SIZE (   key_type,
  alg 
)
Value:
(alg == PSA_ALG_CBC_PKCS7 ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0u) : \
0u)

A sufficient ciphertext buffer size for psa_cipher_finish().

If the size of the ciphertext buffer is at least this large, it is guaranteed that psa_cipher_finish() will not fail due to an insufficient ciphertext buffer size. The actual size of the output might be smaller in any given call.

See also PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE().

Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algA cipher algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_CIPHER(alg) is true).
Returns
A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 1277 of file crypto_sizes.h.

◆ PSA_CIPHER_IV_LENGTH

#define PSA_CIPHER_IV_LENGTH (   key_type,
  alg 
)
Value:
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \
((alg) == PSA_ALG_CTR || \
(alg) == PSA_ALG_CFB || \
(alg) == PSA_ALG_OFB || \
(alg) == PSA_ALG_XTS || \
(alg) == PSA_ALG_CBC_NO_PADDING || \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
(alg) == PSA_ALG_STREAM_CIPHER ? 12u : \
(alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13u : \
0u)
#define PSA_ALG_CFB
#define PSA_ALG_CCM_STAR_NO_TAG
#define PSA_ALG_XTS
#define PSA_ALG_CBC_NO_PADDING
#define PSA_ALG_CTR
#define PSA_ALG_STREAM_CIPHER
#define PSA_ALG_OFB

The default IV size for a cipher algorithm, in bytes.

The IV that is generated as part of a call to psa_cipher_encrypt() is always the default IV length for the algorithm.

This macro can be used to allocate a buffer of sufficient size to store the IV output from psa_cipher_generate_iv() when using a multi-part cipher operation.

See also PSA_CIPHER_IV_MAX_SIZE.

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algA cipher algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_CIPHER(alg) is true).
Returns
The default IV size for the specified key type and algorithm. If the algorithm does not use an IV, return 0. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 1112 of file crypto_sizes.h.

◆ PSA_CIPHER_IV_MAX_SIZE

#define PSA_CIPHER_IV_MAX_SIZE   16u

The maximum IV size for all supported cipher algorithms, in bytes.

See also PSA_CIPHER_IV_LENGTH().

Definition at line 1129 of file crypto_sizes.h.

◆ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE

#define PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE (   input_length)     (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, input_length))

A sufficient output buffer size for psa_cipher_update(), for any of the supported key types and cipher algorithms.

If the size of the output buffer is at least this large, it is guaranteed that psa_cipher_update() will not fail due to an insufficient buffer size.

See also PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length).

Parameters
input_lengthSize of the input in bytes.

Definition at line 1257 of file crypto_sizes.h.

◆ PSA_CIPHER_UPDATE_OUTPUT_SIZE

#define PSA_CIPHER_UPDATE_OUTPUT_SIZE (   key_type,
  alg,
  input_length 
)
Value:
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
(((alg) == PSA_ALG_CBC_PKCS7 || \
(alg) == PSA_ALG_CBC_NO_PADDING || \
(alg) == PSA_ALG_ECB_NO_PADDING) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
input_length) : \
(input_length)) : 0u) : \
0u)
#define PSA_ALG_ECB_NO_PADDING

A sufficient output buffer size for psa_cipher_update().

If the size of the output buffer is at least this large, it is guaranteed that psa_cipher_update() will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.

See also PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input_length).

Parameters
key_typeA symmetric key type that is compatible with algorithm alg.
algA cipher algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_CIPHER(alg) is true).
input_lengthSize of the input in bytes.
Returns
A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return 0.

Definition at line 1236 of file crypto_sizes.h.

◆ PSA_ECDSA_SIGNATURE_SIZE

#define PSA_ECDSA_SIGNATURE_SIZE (   curve_bits)     (PSA_BITS_TO_BYTES(curve_bits) * 2u)

ECDSA signature size for a given curve bit size.

Parameters
curve_bitsCurve size in bits.
Returns
Signature size in bytes.
Note
This macro returns a compile-time constant if its argument is one.

Definition at line 618 of file crypto_sizes.h.

◆ PSA_EXPORT_KEY_OUTPUT_SIZE

#define PSA_EXPORT_KEY_OUTPUT_SIZE (   key_type,
  key_bits 
)
Value:
PSA_KEY_TYPE_IS_DH(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
0u)
#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits)
Definition: crypto_sizes.h:777
#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)
Definition: crypto_sizes.h:853
#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits)
Definition: crypto_sizes.h:840
#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits)
Definition: crypto_sizes.h:821
#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits)
Definition: crypto_sizes.h:860
#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits)
Definition: crypto_sizes.h:802
#define PSA_KEY_TYPE_RSA_KEY_PAIR
#define PSA_KEY_TYPE_IS_DH(type)
#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)
#define PSA_KEY_TYPE_DSA_PUBLIC_KEY
Definition: crypto_extra.h:337
#define PSA_KEY_TYPE_DSA_KEY_PAIR
Definition: crypto_extra.h:355
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY
#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)
#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type)

Sufficient output buffer size for psa_export_key() or psa_export_public_key().

This macro returns a compile-time constant if its arguments are compile-time constants.

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.

The following code illustrates how to allocate enough memory to export a key by querying the key type and size at runtime.

psa_status_t status;
status = psa_get_key_attributes(key, &attributes);
if (status != PSA_SUCCESS) handle_error(...);
psa_key_type_t key_type = psa_get_key_type(&attributes);
size_t key_bits = psa_get_key_bits(&attributes);
size_t buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits);
uint8_t *buffer = malloc(buffer_size);
if (buffer == NULL) handle_error(...);
size_t buffer_length;
status = psa_export_key(key, buffer, buffer_size, &buffer_length);
if (status != PSA_SUCCESS) handle_error(...);
#define PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits)
Definition: crypto_sizes.h:914
void psa_reset_key_attributes(psa_key_attributes_t *attributes)
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
#define PSA_KEY_ATTRIBUTES_INIT
psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, psa_key_attributes_t *attributes)
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:78
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:59
#define PSA_SUCCESS
Definition: crypto_values.h:57
psa_status_t psa_export_key(mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a key in binary format.
Parameters
key_typeA supported key type.
key_bitsThe size of the key in bits.
Returns
If the parameters are valid and supported, return a buffer size in bytes that guarantees that psa_export_key() or psa_export_public_key() will not fail with PSA_ERROR_BUFFER_TOO_SMALL. If the parameters are a valid combination that is not supported, return either a sensible size or 0. If the parameters are not valid, the return value is unspecified.

Definition at line 914 of file crypto_sizes.h.

◆ PSA_EXPORT_KEY_PAIR_MAX_SIZE

#define PSA_EXPORT_KEY_PAIR_MAX_SIZE   1

Sufficient buffer size for exporting any asymmetric key pair.

This macro expands to a compile-time constant integer. This value is a sufficient buffer size when calling psa_export_key() to export any asymmetric key pair, regardless of the exact key type and key size.

See also PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits).

Definition at line 984 of file crypto_sizes.h.

◆ PSA_EXPORT_PUBLIC_KEY_MAX_SIZE

#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE   1

Sufficient buffer size for exporting any asymmetric public key.

This macro expands to a compile-time constant integer. This value is a sufficient buffer size when calling psa_export_key() or psa_export_public_key() to export any asymmetric public key, regardless of the exact key type and key size.

See also PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits).

Definition at line 1017 of file crypto_sizes.h.

◆ PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE

#define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE (   key_type,
  key_bits 
)
Value:
PSA_KEY_TYPE_IS_DH(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
0u)
#define PSA_KEY_TYPE_IS_ECC(type)

Sufficient output buffer size for psa_export_public_key().

This macro returns a compile-time constant if its arguments are compile-time constants.

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.

The following code illustrates how to allocate enough memory to export a public key by querying the key type and size at runtime.

psa_status_t status;
status = psa_get_key_attributes(key, &attributes);
if (status != PSA_SUCCESS) handle_error(...);
psa_key_type_t key_type = psa_get_key_type(&attributes);
size_t key_bits = psa_get_key_bits(&attributes);
size_t buffer_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits);
uint8_t *buffer = malloc(buffer_size);
if (buffer == NULL) handle_error(...);
size_t buffer_length;
status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
if (status != PSA_SUCCESS) handle_error(...);
#define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits)
Definition: crypto_sizes.h:970
psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a public key or the public part of a key pair in binary format.
Parameters
key_typeA public key or key pair key type.
key_bitsThe size of the key in bits.
Returns
If the parameters are valid and supported, return a buffer size in bytes that guarantees that psa_export_public_key() will not fail with PSA_ERROR_BUFFER_TOO_SMALL. If the parameters are a valid combination that is not supported, return either a sensible size or 0. If the parameters are not valid, the return value is unspecified.

If the parameters are valid and supported, return the same result as PSA_EXPORT_KEY_OUTPUT_SIZE( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type), key_bits).

Definition at line 970 of file crypto_sizes.h.

◆ PSA_HASH_BLOCK_LENGTH

#define PSA_HASH_BLOCK_LENGTH (   alg)
Value:
( \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 64u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 64u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 64u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 64u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 64u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 128u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 128u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 128u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 128u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 144u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 136u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 104u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 72u : \
0u)
#define PSA_ALG_SHA3_224
#define PSA_ALG_SHA_224
#define PSA_ALG_SHA3_512
#define PSA_ALG_SHA_1
#define PSA_ALG_SHA_512_224
#define PSA_ALG_SHA_384
#define PSA_ALG_SHA_512_256
#define PSA_ALG_SHA_256
#define PSA_ALG_RIPEMD160
#define PSA_ALG_SHA3_256
#define PSA_ALG_SHA3_384
#define PSA_ALG_MD5
#define PSA_ALG_SHA_512

The input block size of a hash algorithm, in bytes.

Hash algorithms process their input data in blocks. Hash operations will retain any partial blocks until they have enough input to fill the block or until the operation is finished. This affects the output from psa_hash_suspend().

Parameters
algA hash algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_HASH(alg) is true).
Returns
The block size in bytes for the specified hash algorithm. If the hash algorithm is not recognized, return 0. An implementation can return either 0 or the correct size for a hash algorithm that it recognizes, but does not support.

Definition at line 92 of file crypto_sizes.h.

◆ PSA_HASH_LENGTH

#define PSA_HASH_LENGTH (   alg)
Value:
( \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48u : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64u : \
0u)

The size of the output of psa_hash_finish(), in bytes.

This is also the hash size that psa_hash_verify() expects.

Parameters
algA hash algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm (PSA_ALG_HMAC(hash_alg) where hash_alg is a hash algorithm).
Returns
The hash size for the specified hash algorithm. If the hash algorithm is not recognized, return 0.

Definition at line 60 of file crypto_sizes.h.

◆ PSA_HASH_MAX_SIZE

#define PSA_HASH_MAX_SIZE   64u

Maximum size of a hash.

This macro expands to a compile-time constant integer. This value is the maximum size of a hash in bytes.

Definition at line 142 of file crypto_sizes.h.

◆ PSA_HMAC_MAX_HASH_BLOCK_SIZE

#define PSA_HMAC_MAX_HASH_BLOCK_SIZE   144u

Definition at line 122 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE

#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE (   bits)     ((bits) / 8u + 5u)

Definition at line 763 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE

#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE (   key_bits)     (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 75u)

Definition at line 840 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE

#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE (   key_bits)     (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 59u)

Definition at line 821 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE

#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE (   key_bits)     (PSA_BITS_TO_BYTES(key_bits))

Definition at line 860 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE

#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE (   key_bits)     (2u * PSA_BITS_TO_BYTES(key_bits) + 1u)

Definition at line 853 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE

#define PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE (   key_bits)     (PSA_BITS_TO_BYTES(key_bits))

Definition at line 867 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE

#define PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE (   key_bits)     (PSA_BITS_TO_BYTES(key_bits))

Definition at line 872 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE

#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE (   key_bits)     (9u * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2u + 1u) + 14u)

Definition at line 802 of file crypto_sizes.h.

◆ PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE

#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE (   key_bits)     (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11u)

Definition at line 777 of file crypto_sizes.h.

◆ PSA_MAC_LENGTH

#define PSA_MAC_LENGTH (   key_type,
  key_bits,
  alg 
)
Value:
PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \
((void) (key_type), (void) (key_bits), 0u))
#define PSA_HASH_LENGTH(alg)
Definition: crypto_sizes.h:60
#define PSA_ALG_MAC_TRUNCATION_MASK
#define PSA_MAC_TRUNCATED_LENGTH(mac_alg)
#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg)
#define PSA_ALG_HMAC_GET_HASH(hmac_alg)

The size of the output of psa_mac_sign_finish(), in bytes.

This is also the MAC size that psa_mac_verify_finish() expects.

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeThe type of the MAC key.
key_bitsThe size of the MAC key in bits.
algA MAC algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_MAC(alg) is true).
Returns
The MAC size for the specified algorithm with the specified key parameters.
0 if the MAC algorithm is not recognized.
Either 0 or the correct size for a MAC algorithm that the implementation recognizes, but does not support.
Unspecified if the key parameters are not consistent with the algorithm.

Definition at line 328 of file crypto_sizes.h.

◆ PSA_MAC_MAX_SIZE

#define PSA_MAC_MAX_SIZE   PSA_HASH_MAX_SIZE

Maximum size of a MAC.

This macro expands to a compile-time constant integer. This value is the maximum size of a MAC in bytes.

Definition at line 165 of file crypto_sizes.h.

◆ PSA_MAX_OF_THREE

#define PSA_MAX_OF_THREE (   a,
  b,
 
)
Value:
((a) <= (b) ? (b) <= (c) ? \
(c) : (b) : (a) <= (c) ? (c) : (a))

Definition at line 42 of file crypto_sizes.h.

◆ PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE

#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE   1

Maximum size of the output from psa_raw_key_agreement().

This macro expands to a compile-time constant integer. This value is the maximum size of the output any raw key agreement algorithm, in bytes.

See also PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits).

Definition at line 1075 of file crypto_sizes.h.

◆ PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE

#define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE (   key_type,
  key_bits 
)
Value:
PSA_KEY_TYPE_IS_DH_KEY_PAIR(key_type)) ? PSA_BITS_TO_BYTES(key_bits) : 0u)

Sufficient output buffer size for psa_raw_key_agreement().

This macro returns a compile-time constant if its arguments are compile-time constants.

Warning
This macro may evaluate its arguments multiple times or zero times, so you should not pass arguments that contain side effects.

See also PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE.

Parameters
key_typeA supported key type.
key_bitsThe size of the key in bits.
Returns
If the parameters are valid and supported, return a buffer size in bytes that guarantees that psa_raw_key_agreement() will not fail with PSA_ERROR_BUFFER_TOO_SMALL. If the parameters are a valid combination that is not supported, return either a sensible size or 0. If the parameters are not valid, the return value is unspecified.

Definition at line 1064 of file crypto_sizes.h.

◆ PSA_ROUND_UP_TO_MULTIPLE

#define PSA_ROUND_UP_TO_MULTIPLE (   block_size,
  length 
)     (((length) + (block_size) - 1) / (block_size) * (block_size))

Definition at line 45 of file crypto_sizes.h.

◆ PSA_RSA_MINIMUM_PADDING_SIZE

#define PSA_RSA_MINIMUM_PADDING_SIZE (   alg)
Value:
11u /*PKCS#1v1.5*/)
#define PSA_ALG_IS_RSA_OAEP(alg)
#define PSA_ALG_RSA_OAEP_GET_HASH(alg)

Definition at line 605 of file crypto_sizes.h.

◆ PSA_SIGN_OUTPUT_SIZE

#define PSA_SIGN_OUTPUT_SIZE (   key_type,
  key_bits,
  alg 
)
Value:
(PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
((void) alg, 0u))
#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)
ECDSA signature size for a given curve bit size.
Definition: crypto_sizes.h:618

Sufficient signature buffer size for psa_sign_hash().

This macro returns a sufficient buffer size for a signature using a key of the specified type and size, with the specified algorithm. Note that the actual size of the signature may be smaller (some algorithms produce a variable-size signature).

Warning
This function may call its arguments multiple times or zero times, so you should not pass arguments that contain side effects.
Parameters
key_typeAn asymmetric key type (this may indifferently be a key pair type or a public key type).
key_bitsThe size of the key in bits.
algThe signature algorithm.
Returns
If the parameters are valid and supported, return a buffer size in bytes that guarantees that psa_sign_hash() will not fail with PSA_ERROR_BUFFER_TOO_SMALL. If the parameters are a valid combination that is not supported, return either a sensible size or 0. If the parameters are not valid, the return value is unspecified.

Definition at line 646 of file crypto_sizes.h.

◆ PSA_SIGNATURE_MAX_SIZE

#define PSA_SIGNATURE_MAX_SIZE   1

Maximum size of an asymmetric signature.

This macro expands to a compile-time constant integer. This value is the maximum size of a signature in bytes.

Definition at line 661 of file crypto_sizes.h.

◆ PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE

#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE   32u

Definition at line 298 of file crypto_sizes.h.

◆ PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE

#define PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE   65u

Definition at line 293 of file crypto_sizes.h.

◆ PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE

#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE   128u

This macro returns the maximum supported length of the PSK for the TLS-1.2 PSK-to-MS key derivation (PSA_ALG_TLS12_PSK_TO_MS(hash_alg)).

The maximum supported length does not depend on the chosen hash algorithm.

Quoting RFC 4279, Sect 5.3: TLS implementations supporting these ciphersuites MUST support arbitrary PSK identities up to 128 octets in length, and arbitrary PSKs up to 64 octets in length. Supporting longer identities and keys is RECOMMENDED.

Therefore, no implementation should define a value smaller than 64 for PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE.

Definition at line 289 of file crypto_sizes.h.

◆ PSA_VENDOR_ECC_MAX_CURVE_BITS

#define PSA_VENDOR_ECC_MAX_CURVE_BITS   521u

Definition at line 245 of file crypto_sizes.h.

◆ PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE

#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE    PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)

Definition at line 651 of file crypto_sizes.h.

◆ PSA_VENDOR_FFDH_MAX_KEY_BITS

#define PSA_VENDOR_FFDH_MAX_KEY_BITS   8192u

Definition at line 229 of file crypto_sizes.h.

◆ PSA_VENDOR_PBKDF2_MAX_ITERATIONS

#define PSA_VENDOR_PBKDF2_MAX_ITERATIONS   0xffffffffU

Definition at line 302 of file crypto_sizes.h.

◆ PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS

#define PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS   1024

Definition at line 223 of file crypto_sizes.h.

◆ PSA_VENDOR_RSA_MAX_KEY_BITS

#define PSA_VENDOR_RSA_MAX_KEY_BITS   4096u

Definition at line 212 of file crypto_sizes.h.