Mbed TLS v3.5.2
Loading...
Searching...
No Matches
crypto_extra.h
Go to the documentation of this file.
1
11/*
12 * Copyright The Mbed TLS Contributors
13 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
14 */
15
16#ifndef PSA_CRYPTO_EXTRA_H
17#define PSA_CRYPTO_EXTRA_H
19
20#include "crypto_types.h"
21#include "crypto_compat.h"
22
23#ifdef __cplusplus
24extern "C" {
25#endif
26
27/* UID for secure storage seed */
28#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
29
30/* See mbedtls_config.h for definition */
31#if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
32#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
33#endif
34
59 psa_key_attributes_t *attributes,
60 psa_algorithm_t alg2)
61{
62 attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2;
63}
64
72 const psa_key_attributes_t *attributes)
73{
74 return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2);
75}
76
77#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
78
101psa_status_t psa_get_key_slot_number(
102 const psa_key_attributes_t *attributes,
103 psa_key_slot_number_t *slot_number);
104
128static inline void psa_set_key_slot_number(
129 psa_key_attributes_t *attributes,
130 psa_key_slot_number_t slot_number)
131{
132 attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
133 attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
134}
135
142static inline void psa_clear_key_slot_number(
143 psa_key_attributes_t *attributes)
144{
145 attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &=
146 ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
147}
148
189psa_status_t mbedtls_psa_register_se_key(
190 const psa_key_attributes_t *attributes);
191
192#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
193
205
212typedef struct mbedtls_psa_stats_s {
214 size_t MBEDTLS_PRIVATE(volatile_slots);
217 size_t MBEDTLS_PRIVATE(persistent_slots);
220 size_t MBEDTLS_PRIVATE(external_slots);
223 size_t MBEDTLS_PRIVATE(half_filled_slots);
225 size_t MBEDTLS_PRIVATE(cache_slots);
227 size_t MBEDTLS_PRIVATE(empty_slots);
229 size_t MBEDTLS_PRIVATE(locked_slots);
231 psa_key_id_t MBEDTLS_PRIVATE(max_open_internal_key_id);
233 psa_key_id_t MBEDTLS_PRIVATE(max_open_external_key_id);
235
244
315 size_t seed_size);
316
328#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
329
346#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
347
349#define PSA_KEY_TYPE_IS_DSA(type) \
350 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
351
352#define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
367#define PSA_ALG_DSA(hash_alg) \
368 (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
369#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
370#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
385#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
386 (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
387#define PSA_ALG_IS_DSA(alg) \
388 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
389 PSA_ALG_DSA_BASE)
390#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
391 (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
392#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
393 (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
394#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
395 (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
396
397
398/* We need to expand the sample definition of this macro from
399 * the API definition. */
400#undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
401#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
402 PSA_ALG_IS_DSA(alg)
403
416#define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
417
419#define PSA_PAKE_OPERATION_STAGE_SETUP 0
420#define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 1
421#define PSA_PAKE_OPERATION_STAGE_COMPUTATION 2
422
490 psa_key_type_t type,
491 const uint8_t *data,
492 size_t data_length);
493
518 const psa_key_attributes_t *attributes,
519 uint8_t *data,
520 size_t data_size,
521 size_t *data_length);
522
548#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
549 (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
550 PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
551 PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
552 0)
553#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
554 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
555#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
556 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
557
563#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
564#include <mbedtls/ecp.h>
565
580 size_t *bits);
581
602 size_t bits,
603 int bits_is_sloppy);
604#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
605
612#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
652psa_status_t mbedtls_psa_external_get_random(
653 mbedtls_psa_external_random_context_t *context,
654 uint8_t *output, size_t output_size, size_t *output_length);
655#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
656
674#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
675
681#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
682
687typedef uint64_t psa_drv_slot_number_t;
688
689#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
699static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
700{
701 return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
703}
704
749psa_status_t mbedtls_psa_platform_get_builtin_key(
751 psa_key_lifetime_t *lifetime,
752 psa_drv_slot_number_t *slot_number);
753#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
754
761#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t) 0x0a000000)
762
772#define PSA_ALG_IS_PAKE(alg) \
773 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE)
774
890#define PSA_ALG_JPAKE ((psa_algorithm_t) 0x0a000100)
891
912typedef uint8_t psa_pake_role_t;
913
920typedef uint8_t psa_pake_step_t;
921
931
937typedef uint8_t psa_pake_family_t;
938
943typedef uint32_t psa_pake_primitive_t;
944
949#define PSA_PAKE_ROLE_NONE ((psa_pake_role_t) 0x00)
950
958#define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t) 0x01)
959
967#define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t) 0x02)
968
973#define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t) 0x11)
974
979#define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t) 0x12)
980
999#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t) 0x01)
1000
1019#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t) 0x02)
1020
1040#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \
1041 ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \
1042 ((psa_pake_primitive_t) (((pake_type) << 24 | \
1043 (pake_family) << 16) | (pake_bits)))
1044
1057#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t) 0x01)
1058
1074#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t) 0x02)
1075
1095#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t) 0x03)
1096
1104
1108
1116 const psa_pake_cipher_suite_t *cipher_suite);
1117
1130static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite,
1132
1140 const psa_pake_cipher_suite_t *cipher_suite);
1141
1151static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite,
1152 psa_pake_primitive_t primitive);
1153
1161 const psa_pake_cipher_suite_t *cipher_suite);
1162
1169static uint16_t psa_pake_cs_get_bits(
1170 const psa_pake_cipher_suite_t *cipher_suite);
1171
1181 const psa_pake_cipher_suite_t *cipher_suite);
1182
1199static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
1201
1231
1234
1237
1241
1253 const psa_crypto_driver_pake_inputs_t *inputs,
1254 size_t *password_len);
1255
1269 const psa_crypto_driver_pake_inputs_t *inputs,
1270 uint8_t *buffer, size_t buffer_size, size_t *buffer_length);
1271
1283 const psa_crypto_driver_pake_inputs_t *inputs,
1284 size_t *user_len);
1285
1297 const psa_crypto_driver_pake_inputs_t *inputs,
1298 size_t *peer_len);
1299
1315 const psa_crypto_driver_pake_inputs_t *inputs,
1316 uint8_t *user_id, size_t user_id_size, size_t *user_id_len);
1317
1333 const psa_crypto_driver_pake_inputs_t *inputs,
1334 uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length);
1335
1347 const psa_crypto_driver_pake_inputs_t *inputs,
1348 psa_pake_cipher_suite_t *cipher_suite);
1349
1421 const psa_pake_cipher_suite_t *cipher_suite);
1422
1469 mbedtls_svc_key_id_t password);
1470
1509 const uint8_t *user_id,
1510 size_t user_id_len);
1511
1551 const uint8_t *peer_id,
1552 size_t peer_id_len);
1553
1593 psa_pake_role_t role);
1594
1651 psa_pake_step_t step,
1652 uint8_t *output,
1653 size_t output_size,
1654 size_t *output_length);
1655
1706 psa_pake_step_t step,
1707 const uint8_t *input,
1708 size_t input_length);
1709
1770
1796
1819#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \
1820 (alg == PSA_ALG_JPAKE && \
1821 primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
1822 PSA_ECC_FAMILY_SECP_R1, 256) ? \
1823 ( \
1824 output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
1825 output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
1826 32 \
1827 ) : \
1828 0)
1829
1849#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \
1850 (alg == PSA_ALG_JPAKE && \
1851 primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
1852 PSA_ECC_FAMILY_SECP_R1, 256) ? \
1853 ( \
1854 input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
1855 input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
1856 32 \
1857 ) : \
1858 0)
1859
1870#define PSA_PAKE_OUTPUT_MAX_SIZE 65
1871
1882#define PSA_PAKE_INPUT_MAX_SIZE 65
1883
1887#define PSA_PAKE_CIPHER_SUITE_INIT { PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE }
1888
1892#define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, 0, PSA_PAKE_OPERATION_STAGE_SETUP, \
1893 { 0 }, { { 0 } } }
1894
1902
1904 const psa_pake_cipher_suite_t *cipher_suite)
1905{
1906 return cipher_suite->algorithm;
1907}
1908
1909static inline void psa_pake_cs_set_algorithm(
1910 psa_pake_cipher_suite_t *cipher_suite,
1911 psa_algorithm_t algorithm)
1912{
1913 if (!PSA_ALG_IS_PAKE(algorithm)) {
1914 cipher_suite->algorithm = 0;
1915 } else {
1916 cipher_suite->algorithm = algorithm;
1917 }
1918}
1919
1921 const psa_pake_cipher_suite_t *cipher_suite)
1922{
1923 return PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family,
1924 cipher_suite->bits);
1925}
1926
1927static inline void psa_pake_cs_set_primitive(
1928 psa_pake_cipher_suite_t *cipher_suite,
1929 psa_pake_primitive_t primitive)
1930{
1931 cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24);
1932 cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16));
1933 cipher_suite->bits = (uint16_t) (0xFFFF & primitive);
1934}
1935
1937 const psa_pake_cipher_suite_t *cipher_suite)
1938{
1939 return cipher_suite->family;
1940}
1941
1942static inline uint16_t psa_pake_cs_get_bits(
1943 const psa_pake_cipher_suite_t *cipher_suite)
1944{
1945 return cipher_suite->bits;
1946}
1947
1949 const psa_pake_cipher_suite_t *cipher_suite)
1950{
1951 return cipher_suite->hash;
1952}
1953
1954static inline void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
1955 psa_algorithm_t hash)
1956{
1957 if (!PSA_ALG_IS_HASH(hash)) {
1958 cipher_suite->hash = 0;
1959 } else {
1960 cipher_suite->hash = hash;
1961 }
1962}
1963
1965 uint8_t *MBEDTLS_PRIVATE(password);
1966 size_t MBEDTLS_PRIVATE(password_len);
1967 uint8_t *MBEDTLS_PRIVATE(user);
1968 size_t MBEDTLS_PRIVATE(user_len);
1969 uint8_t *MBEDTLS_PRIVATE(peer);
1970 size_t MBEDTLS_PRIVATE(peer_len);
1973};
1974
1976 PSA_JPAKE_STEP_INVALID = 0, /* Invalid step */
1977 PSA_JPAKE_X1_STEP_KEY_SHARE = 1, /* Round 1: input/output key share (for ephemeral private key X1).*/
1978 PSA_JPAKE_X1_STEP_ZK_PUBLIC = 2, /* Round 1: input/output Schnorr NIZKP public key for the X1 key */
1979 PSA_JPAKE_X1_STEP_ZK_PROOF = 3, /* Round 1: input/output Schnorr NIZKP proof for the X1 key */
1980 PSA_JPAKE_X2_STEP_KEY_SHARE = 4, /* Round 1: input/output key share (for ephemeral private key X2).*/
1981 PSA_JPAKE_X2_STEP_ZK_PUBLIC = 5, /* Round 1: input/output Schnorr NIZKP public key for the X2 key */
1982 PSA_JPAKE_X2_STEP_ZK_PROOF = 6, /* Round 1: input/output Schnorr NIZKP proof for the X2 key */
1983 PSA_JPAKE_X2S_STEP_KEY_SHARE = 7, /* Round 2: output X2S key (our key) */
1984 PSA_JPAKE_X2S_STEP_ZK_PUBLIC = 8, /* Round 2: output Schnorr NIZKP public key for the X2S key (our key) */
1985 PSA_JPAKE_X2S_STEP_ZK_PROOF = 9, /* Round 2: output Schnorr NIZKP proof for the X2S key (our key) */
1986 PSA_JPAKE_X4S_STEP_KEY_SHARE = 10, /* Round 2: input X4S key (from peer) */
1987 PSA_JPAKE_X4S_STEP_ZK_PUBLIC = 11, /* Round 2: input Schnorr NIZKP public key for the X4S key (from peer) */
1988 PSA_JPAKE_X4S_STEP_ZK_PROOF = 12 /* Round 2: input Schnorr NIZKP proof for the X4S key (from peer) */
1990
1996
2001
2003 /* The J-PAKE round we are currently on */
2005 /* The 'mode' we are currently in (inputting or outputting) */
2007 /* The number of completed inputs so far this round */
2008 uint8_t MBEDTLS_PRIVATE(inputs);
2009 /* The number of completed outputs so far this round */
2010 uint8_t MBEDTLS_PRIVATE(outputs);
2011 /* The next expected step (KEY_SHARE, ZK_PUBLIC or ZK_PROOF) */
2013};
2014
2015#define PSA_JPAKE_EXPECTED_INPUTS(round) ((round) == PSA_JPAKE_FINISHED ? 0 : \
2016 ((round) == PSA_JPAKE_FIRST ? 2 : 1))
2017#define PSA_JPAKE_EXPECTED_OUTPUTS(round) ((round) == PSA_JPAKE_FINISHED ? 0 : \
2018 ((round) == PSA_JPAKE_FIRST ? 2 : 1))
2019
2027 unsigned int MBEDTLS_PRIVATE(id);
2028 /* Algorithm of the PAKE operation */
2030 /* A primitive of type compatible with algorithm */
2032 /* Stage of the PAKE operation: waiting for the setup, collecting inputs
2033 * or computing. */
2034 uint8_t MBEDTLS_PRIVATE(stage);
2035 /* Holds computation stage of the PAKE algorithms. */
2036 union {
2037 uint8_t MBEDTLS_PRIVATE(dummy);
2038#if defined(PSA_WANT_ALG_JPAKE)
2040#endif
2041 } MBEDTLS_PRIVATE(computation_stage);
2042 union {
2046};
2047
2049{
2051 return v;
2052}
2053
2055{
2057 return v;
2058}
2059
2060#ifdef __cplusplus
2061}
2062#endif
2063
2064#endif /* PSA_CRYPTO_EXTRA_H */
PSA cryptography module: Backward compatibility aliases.
void mbedtls_psa_crypto_free(void)
Library deinitialization.
#define PSA_PAKE_OPERATION_INIT
psa_crypto_driver_pake_step
@ PSA_JPAKE_X2_STEP_KEY_SHARE
@ PSA_JPAKE_X2S_STEP_KEY_SHARE
@ PSA_JPAKE_X1_STEP_ZK_PUBLIC
@ PSA_JPAKE_STEP_INVALID
@ PSA_JPAKE_X4S_STEP_KEY_SHARE
@ PSA_JPAKE_X2S_STEP_ZK_PROOF
@ PSA_JPAKE_X2_STEP_ZK_PUBLIC
@ PSA_JPAKE_X4S_STEP_ZK_PROOF
@ PSA_JPAKE_X2_STEP_ZK_PROOF
@ PSA_JPAKE_X4S_STEP_ZK_PUBLIC
@ PSA_JPAKE_X1_STEP_KEY_SHARE
@ PSA_JPAKE_X2S_STEP_ZK_PUBLIC
@ PSA_JPAKE_X1_STEP_ZK_PROOF
psa_jpake_io_mode
@ PSA_JPAKE_OUTPUT
@ PSA_JPAKE_INPUT
enum psa_crypto_driver_pake_step psa_crypto_driver_pake_step_t
psa_jpake_round
@ PSA_JPAKE_FINISHED
@ PSA_JPAKE_FIRST
@ PSA_JPAKE_SECOND
#define PSA_PAKE_CIPHER_SUITE_INIT
enum psa_jpake_io_mode psa_jpake_io_mode_t
enum psa_jpake_round psa_jpake_round_t
void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
Get statistics about resource consumption related to the PSA keystore.
struct mbedtls_psa_stats_s mbedtls_psa_stats_t
Statistics about resource consumption related to the PSA keystore.
psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size)
Inject an initial entropy seed for the random generator into secure storage.
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER
PSA cryptography module: type aliases.
This file provides an API for Elliptic Curves over GF(P) (ECP).
mbedtls_ecp_group_id
Definition ecp.h:101
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
uint16_t psa_key_type_t
Encoding of a key type.
#define PSA_ALG_IS_PAKE(alg)
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
#define PSA_ALG_IS_HASH(alg)
uint8_t psa_ecc_family_t
int32_t psa_status_t
Function return status.
uint32_t psa_key_id_t
uint32_t psa_key_lifetime_t
psa_key_id_t mbedtls_svc_key_id_t
static uint16_t psa_pake_cs_get_bits(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password)
static psa_pake_primitive_t psa_pake_cs_get_primitive(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_abort(psa_pake_operation_t *operation)
psa_status_t psa_crypto_driver_pake_get_password(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *buffer, size_t buffer_size, size_t *buffer_length)
psa_status_t psa_pake_input(psa_pake_operation_t *operation, psa_pake_step_t step, const uint8_t *input, size_t input_length)
uint32_t psa_pake_primitive_t
Encoding of the primitive associated with the PAKE.
static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t hash)
psa_status_t psa_pake_setup(psa_pake_operation_t *operation, const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_output(psa_pake_operation_t *operation, psa_pake_step_t step, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, const uint8_t *user_id, size_t user_id_len)
static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite, psa_pake_primitive_t primitive)
static psa_pake_cipher_suite_t psa_pake_cipher_suite_init(void)
psa_status_t psa_crypto_driver_pake_get_password_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *password_len)
static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t algorithm)
uint8_t psa_pake_role_t
Encoding of the application role of PAKE.
static psa_pake_family_t psa_pake_cs_get_family(const psa_pake_cipher_suite_t *cipher_suite)
psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, const uint8_t *peer_id, size_t peer_id_len)
static psa_pake_operation_t psa_pake_operation_init(void)
uint8_t psa_pake_step_t
psa_status_t psa_crypto_driver_pake_get_peer(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length)
uint8_t psa_pake_primitive_type_t
psa_status_t psa_crypto_driver_pake_get_peer_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *peer_len)
psa_status_t psa_crypto_driver_pake_get_user_len(const psa_crypto_driver_pake_inputs_t *inputs, size_t *user_len)
psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, psa_key_derivation_operation_t *output)
uint8_t psa_pake_family_t
Encoding of the family of the primitive associated with the PAKE.
psa_status_t psa_crypto_driver_pake_get_user(const psa_crypto_driver_pake_inputs_t *inputs, uint8_t *user_id, size_t user_id_size, size_t *user_id_len)
static psa_algorithm_t psa_pake_cs_get_algorithm(const psa_pake_cipher_suite_t *cipher_suite)
#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits)
psa_status_t psa_pake_set_role(psa_pake_operation_t *operation, psa_pake_role_t role)
psa_status_t psa_crypto_driver_pake_get_cipher_suite(const psa_crypto_driver_pake_inputs_t *inputs, psa_pake_cipher_suite_t *cipher_suite)
static psa_algorithm_t psa_pake_cs_get_hash(const psa_pake_cipher_suite_t *cipher_suite)
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
uint64_t psa_drv_slot_number_t
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy)
uint64_t psa_key_slot_number_t
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
Statistics about resource consumption related to the PSA keystore.
psa_algorithm_t algorithm
psa_pake_primitive_type_t type
psa_pake_family_t family