Mbed TLS v3.6.2
|
Macros | |
#define | PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101) |
#define | PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102) |
#define | PSA_KEY_DERIVATION_INPUT_OTHER_SECRET ((psa_key_derivation_step_t) 0x0103) |
#define | PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201) |
#define | PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202) |
#define | PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203) |
#define | PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204) |
#define | PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205) |
Typedefs | |
typedef uint16_t | psa_key_derivation_step_t |
Encoding of the step of a key derivation. | |
typedef struct psa_custom_key_parameters_s | psa_custom_key_parameters_t |
Custom parameters for key generation or key derivation. | |
typedef struct psa_key_production_parameters_s | psa_key_production_parameters_t |
Custom parameters for key generation or key derivation. | |
#define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205) |
A cost parameter for password hashing / key stretching.
This must be a direct input, passed to psa_key_derivation_input_integer().
Definition at line 2742 of file crypto_values.h.
#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203) |
An information string for key derivation.
This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.
Definition at line 2729 of file crypto_values.h.
#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201) |
A label for key derivation.
This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.
Definition at line 2714 of file crypto_values.h.
#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET ((psa_key_derivation_step_t) 0x0103) |
A high-entropy additional secret input for key derivation.
This is typically the shared secret resulting from a key agreement obtained via psa_key_derivation_key_agreement()
. It may alternatively be a key of type PSA_KEY_TYPE_DERIVE
passed to psa_key_derivation_input_key()
, or a direct input passed to psa_key_derivation_input_bytes()
.
Definition at line 2706 of file crypto_values.h.
#define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102) |
A low-entropy secret input for password hashing / key stretching.
This is usually a key of type PSA_KEY_TYPE_PASSWORD (passed to psa_key_derivation_input_key()) or a direct input (passed to psa_key_derivation_input_bytes()) that is a password or passphrase. It can also be high-entropy secret such as a key of type PSA_KEY_TYPE_DERIVE or the shared secret resulting from a key agreement.
The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().
Definition at line 2697 of file crypto_values.h.
#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202) |
A salt for key derivation.
This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA or PSA_KEY_TYPE_PEPPER.
Definition at line 2722 of file crypto_values.h.
#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101) |
A secret input for key derivation.
This should be a key of type PSA_KEY_TYPE_DERIVE (passed to psa_key_derivation_input_key()) or the shared secret resulting from a key agreement (obtained via psa_key_derivation_key_agreement()).
The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().
Definition at line 2679 of file crypto_values.h.
#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204) |
A seed for key derivation.
This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.
Definition at line 2736 of file crypto_values.h.
typedef struct psa_custom_key_parameters_s psa_custom_key_parameters_t |
Custom parameters for key generation or key derivation.
This is a structure type with at least the following field:
flags:
an unsigned integer type. 0 for the default production parameters.Functions that take such a structure as input also take an associated input buffer custom_data
of length custom_data_length
.
The interpretation of this structure and the associated custom_data
parameter depend on the type of the created key.
flags:
must be 0.custom_data:
the public exponent, in little-endian order. This must be an odd integer and must not be 1. Implementations must support 65537, should support 3 and may support other values. When not using a driver, Mbed TLS supports values up to INT_MAX
. If this is empty, the default value 65537 is used.flags
must be 0. Definition at line 480 of file crypto_types.h.
typedef uint16_t psa_key_derivation_step_t |
Encoding of the step of a key derivation.
Values of this type are generally constructed by macros called PSA_KEY_DERIVATION_INPUT_xxx
.
Definition at line 456 of file crypto_types.h.
typedef struct psa_key_production_parameters_s psa_key_production_parameters_t |
Custom parameters for key generation or key derivation.
This is a structure type with at least the following fields:
flags:
an unsigned integer type. 0 for the default production parameters.data:
a flexible array of bytes.The interpretation of this structure depend on the type of the created key.
flags:
must be 0.data:
the public exponent, in little-endian order. This must be an odd integer and must not be 1. Implementations must support 65537, should support 3 and may support other values. When not using a driver, Mbed TLS supports values up to INT_MAX
. If this is empty or if the custom production parameters are omitted altogether, the default value 65537 is used.flags
must be 0. Definition at line 504 of file crypto_types.h.