Mbed TLS v3.5.0
crypto_values.h
Go to the documentation of this file.
1
22/*
23 * Copyright The Mbed TLS Contributors
24 * SPDX-License-Identifier: Apache-2.0
25 *
26 * Licensed under the Apache License, Version 2.0 (the "License"); you may
27 * not use this file except in compliance with the License.
28 * You may obtain a copy of the License at
29 *
30 * http://www.apache.org/licenses/LICENSE-2.0
31 *
32 * Unless required by applicable law or agreed to in writing, software
33 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
34 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
35 * See the License for the specific language governing permissions and
36 * limitations under the License.
37 */
38
39#ifndef PSA_CRYPTO_VALUES_H
40#define PSA_CRYPTO_VALUES_H
42
47/* PSA error codes */
48
49/* Error codes are standardized across PSA domains (framework, crypto, storage,
50 * etc.). Do not change the values in this section or even the expansions
51 * of each macro: it must be possible to `#include` both this header
52 * and some other PSA component's headers in the same C source,
53 * which will lead to duplicate definitions of the `PSA_SUCCESS` and
54 * `PSA_ERROR_xxx` macros, which is ok if and only if the macros expand
55 * to the same sequence of tokens.
56 *
57 * If you must add a new
58 * value, check with the Arm PSA framework group to pick one that other
59 * domains aren't already using. */
60
61/* Tell uncrustify not to touch the constant definitions, otherwise
62 * it might change the spacing to something that is not PSA-compliant
63 * (e.g. adding a space after casts).
64 *
65 * *INDENT-OFF*
66 */
67
69#define PSA_SUCCESS ((psa_status_t)0)
70
76#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
77
85#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
86
98#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
99
110#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
111
116#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
117
122#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
123
138#define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
139
149#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
150
155#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
156
164#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
165
181#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
182
206#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
207
212#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
213
243#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
244
262#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
263
272#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
273
288#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
289
292#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
293
296#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
297
320#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
321
336#define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
337
343#define PSA_OPERATION_INCOMPLETE ((psa_status_t)-248)
344
345/* *INDENT-ON* */
346
353/* Note that key type values, including ECC family and DH group values, are
354 * embedded in the persistent key store, as part of key metadata. As a
355 * consequence, they must not be changed (unless the storage format version
356 * changes).
357 */
358
363#define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000)
364
372#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000)
373
374#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000)
375#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000)
376#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000)
377#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000)
378#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000)
379
380#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000)
381
386#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
387 (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
388
393#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
394 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
395 ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
396
398#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
399 (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
400 & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
401 PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
403#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
404 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
407#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
408 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
419#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
420 ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
431#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
432 ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
433
438#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001)
439
448#define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100)
449
461#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200)
462
484#define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t) 0x1203)
485
492#define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t) 0x1205)
493
499#define PSA_KEY_TYPE_PEPPER ((psa_key_type_t) 0x1206)
500
506#define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400)
507
510#define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406)
511
521#define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301)
522
525#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403)
526
538#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004)
539
544#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001)
549#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001)
551#define PSA_KEY_TYPE_IS_RSA(type) \
552 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
553
554#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100)
555#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100)
556#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff)
566#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
567 (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
577#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
578 (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
579
581#define PSA_KEY_TYPE_IS_ECC(type) \
582 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
583 ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
585#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
586 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
587 PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
589#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
590 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
591 PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
592
594#define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
595 ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
596 ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
597 0))
598
600#define PSA_ECC_FAMILY_IS_WEIERSTRASS(family) ((family & 0xc0) == 0)
601
610#define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
611
620#define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
621/* SECP160R2 (SEC2 v1, obsolete) */
622#define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
623
632#define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
633
642#define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
643
652#define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
653
661#define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
662
673#define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
674
689#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
690
691#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200)
692#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200)
693#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff)
699#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
700 (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
706#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
707 (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
708
710#define PSA_KEY_TYPE_IS_DH(type) \
711 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
712 ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
714#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
715 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
716 PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
718#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
719 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
720 PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
721
723#define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
724 ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
725 ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
726 0))
727
734#define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
735
736#define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
737 (((type) >> 8) & 7)
756#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
757 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
758 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
759 0u)
760
761/* Note that algorithm values are embedded in the persistent key store,
762 * as part of key metadata. As a consequence, they must not be changed
763 * (unless the storage format version changes).
764 */
765
773#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000)
774
775#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000)
776#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000)
777#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000)
778#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000)
779#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000)
780#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000)
781#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000)
782#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000)
783#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000)
784
789#define PSA_ALG_IS_VENDOR_DEFINED(alg) \
790 (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
791
800#define PSA_ALG_IS_HASH(alg) \
801 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
802
811#define PSA_ALG_IS_MAC(alg) \
812 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
813
822#define PSA_ALG_IS_CIPHER(alg) \
823 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
824
834#define PSA_ALG_IS_AEAD(alg) \
835 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
836
846#define PSA_ALG_IS_SIGN(alg) \
847 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
848
858#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
859 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
860
869#define PSA_ALG_IS_KEY_AGREEMENT(alg) \
870 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
871
880#define PSA_ALG_IS_KEY_DERIVATION(alg) \
881 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
882
897#define PSA_ALG_IS_KEY_DERIVATION_STRETCHING(alg) \
898 (PSA_ALG_IS_KEY_DERIVATION(alg) && \
899 (alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG)
900
902/* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
903#define PSA_ALG_NONE ((psa_algorithm_t)0)
904/* *INDENT-ON* */
905
906#define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff)
908#define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003)
910#define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004)
912#define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005)
914#define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008)
916#define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009)
918#define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a)
920#define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b)
922#define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c)
924#define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d)
926#define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010)
928#define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011)
930#define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012)
932#define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013)
939#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015)
940
974#define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff)
975
976#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000)
977#define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000)
989#define PSA_ALG_HMAC(hash_alg) \
990 (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
991
992#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
993 (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
994
1005#define PSA_ALG_IS_HMAC(alg) \
1006 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1007 PSA_ALG_HMAC_BASE)
1008
1009/* In the encoding of a MAC algorithm, the bits corresponding to
1010 * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
1011 * truncated. As an exception, the value 0 means the untruncated algorithm,
1012 * whatever its length is. The length is encoded in 6 bits, so it can
1013 * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
1014 * to full length is correctly encoded as 0 and any non-trivial truncation
1015 * is correctly encoded as a value between 1 and 63. */
1016#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000)
1017#define PSA_MAC_TRUNCATION_OFFSET 16
1018
1019/* In the encoding of a MAC algorithm, the bit corresponding to
1020 * #PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
1021 * is a wildcard algorithm. A key with such wildcard algorithm as permitted
1022 * algorithm policy can be used with any algorithm corresponding to the
1023 * same base class and having a (potentially truncated) MAC length greater or
1024 * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
1025#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
1026
1060#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
1061 (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1062 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
1063 ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
1064
1077#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
1078 ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1079 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
1080
1092#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
1093 (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
1094
1119#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
1120 (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
1121 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
1122
1123#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000)
1129#define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100)
1131#define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200)
1132
1141#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
1142 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1143 PSA_ALG_CIPHER_MAC_BASE)
1144
1145#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000)
1146#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1147
1160#define PSA_ALG_IS_STREAM_CIPHER(alg) \
1161 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1162 (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1163
1169#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100)
1170
1178#define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000)
1179
1184#define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100)
1185
1190#define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200)
1191
1198#define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00)
1199
1218#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400)
1219
1227#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000)
1228
1235#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100)
1236
1237#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1238
1248#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1249 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1250 (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1251
1256#define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100)
1257
1267#define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t) 0x04c01300)
1268
1273#define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200)
1274
1284#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500)
1285
1286/* In the encoding of an AEAD algorithm, the bits corresponding to
1287 * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
1288 * The constants for default lengths follow this encoding.
1289 */
1290#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000)
1291#define PSA_AEAD_TAG_LENGTH_OFFSET 16
1292
1293/* In the encoding of an AEAD algorithm, the bit corresponding to
1294 * #PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
1295 * is a wildcard algorithm. A key with such wildcard algorithm as permitted
1296 * algorithm policy can be used with any algorithm corresponding to the
1297 * same base class and having a tag length greater than or equal to the one
1298 * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
1299#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
1300
1319#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1320 (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1321 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1322 ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1323 PSA_ALG_AEAD_TAG_LENGTH_MASK))
1324
1335#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1336 (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1337 PSA_AEAD_TAG_LENGTH_OFFSET)
1338
1347#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1348 ( \
1349 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1350 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1351 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1352 0)
1353#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1354 PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1355 PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1356 ref :
1357
1382#define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1383 (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1384 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
1385
1386#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200)
1402#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1403 (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1410#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1411#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1412 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1413
1414#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300)
1415#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300)
1436#define PSA_ALG_RSA_PSS(hash_alg) \
1437 (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1438
1454#define PSA_ALG_RSA_PSS_ANY_SALT(hash_alg) \
1455 (PSA_ALG_RSA_PSS_ANY_SALT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1456
1468#define PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) \
1469 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1470
1482#define PSA_ALG_IS_RSA_PSS_ANY_SALT(alg) \
1483 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_ANY_SALT_BASE)
1484
1500#define PSA_ALG_IS_RSA_PSS(alg) \
1501 (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
1502 PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
1503
1504#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600)
1525#define PSA_ALG_ECDSA(hash_alg) \
1526 (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1536#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1537#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700)
1560#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1561 (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1562#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100)
1563#define PSA_ALG_IS_ECDSA(alg) \
1564 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1565 PSA_ALG_ECDSA_BASE)
1566#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1567 (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1568#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1569 (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1570#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1571 (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1572
1601#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800)
1602
1603#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900)
1604#define PSA_ALG_IS_HASH_EDDSA(alg) \
1605 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
1606
1628#define PSA_ALG_ED25519PH \
1629 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
1630
1653#define PSA_ALG_ED448PH \
1654 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
1655
1656/* Default definition, to be overridden if the library is extended with
1657 * more hash-and-sign algorithms that we want to keep out of this header
1658 * file. */
1659#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
1660
1678#define PSA_ALG_IS_SIGN_HASH(alg) \
1679 (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1680 PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \
1681 PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
1682
1694#define PSA_ALG_IS_SIGN_MESSAGE(alg) \
1695 (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
1696
1723#define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1724 (PSA_ALG_IS_SIGN_HASH(alg) && \
1725 ((alg) & PSA_ALG_HASH_MASK) != 0)
1726
1745#define PSA_ALG_SIGN_GET_HASH(alg) \
1746 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1747 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1748 0)
1749
1752#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200)
1753
1754#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300)
1769#define PSA_ALG_RSA_OAEP(hash_alg) \
1770 (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1771#define PSA_ALG_IS_RSA_OAEP(alg) \
1772 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1773#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1774 (PSA_ALG_IS_RSA_OAEP(alg) ? \
1775 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1776 0)
1777
1778#define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100)
1805#define PSA_ALG_HKDF(hash_alg) \
1806 (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1818#define PSA_ALG_IS_HKDF(alg) \
1819 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1820#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1821 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1822
1823#define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t) 0x08000400)
1856#define PSA_ALG_HKDF_EXTRACT(hash_alg) \
1857 (PSA_ALG_HKDF_EXTRACT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1869#define PSA_ALG_IS_HKDF_EXTRACT(alg) \
1870 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE)
1871
1872#define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t) 0x08000500)
1898#define PSA_ALG_HKDF_EXPAND(hash_alg) \
1899 (PSA_ALG_HKDF_EXPAND_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1911#define PSA_ALG_IS_HKDF_EXPAND(alg) \
1912 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
1913
1924#define PSA_ALG_IS_ANY_HKDF(alg) \
1925 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE || \
1926 ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \
1927 ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
1928
1929#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200)
1956#define PSA_ALG_TLS12_PRF(hash_alg) \
1957 (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1958
1967#define PSA_ALG_IS_TLS12_PRF(alg) \
1968 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1969#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1970 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1971
1972#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300)
2026#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
2027 (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2028
2037#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
2038 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
2039#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
2040 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
2041
2042/* The TLS 1.2 ECJPAKE-to-PMS KDF. It takes the shared secret K (an EC point
2043 * in case of EC J-PAKE) and calculates SHA256(K.X) that the rest of TLS 1.2
2044 * will use to derive the session secret, as defined by step 2 of
2045 * https://datatracker.ietf.org/doc/html/draft-cragie-tls-ecjpake-01#section-8.7.
2046 * Uses PSA_ALG_SHA_256.
2047 * This function takes a single input:
2048 * #PSA_KEY_DERIVATION_INPUT_SECRET is the shared secret K from EC J-PAKE.
2049 * The only supported curve is secp256r1 (the 256-bit curve in
2050 * #PSA_ECC_FAMILY_SECP_R1), so the input must be exactly 65 bytes.
2051 * The output has to be read as a single chunk of 32 bytes, defined as
2052 * PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE.
2053 */
2054#define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t) 0x08000609)
2055
2056/* This flag indicates whether the key derivation algorithm is suitable for
2057 * use on low-entropy secrets such as password - these algorithms are also
2058 * known as key stretching or password hashing schemes. These are also the
2059 * algorithms that accepts inputs of type #PSA_KEY_DERIVATION_INPUT_PASSWORD.
2060 *
2061 * Those algorithms cannot be combined with a key agreement algorithm.
2062 */
2063#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t) 0x00800000)
2064
2065#define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t) 0x08800100)
2092#define PSA_ALG_PBKDF2_HMAC(hash_alg) \
2093 (PSA_ALG_PBKDF2_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2094
2103#define PSA_ALG_IS_PBKDF2_HMAC(alg) \
2104 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_PBKDF2_HMAC_BASE)
2105#define PSA_ALG_PBKDF2_HMAC_GET_HASH(pbkdf2_alg) \
2106 (PSA_ALG_CATEGORY_HASH | ((pbkdf2_alg) & PSA_ALG_HASH_MASK))
2116#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t) 0x08800200)
2117
2118#define PSA_ALG_IS_PBKDF2(kdf_alg) \
2119 (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) || \
2120 ((kdf_alg) == PSA_ALG_PBKDF2_AES_CMAC_PRF_128))
2121
2122#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff)
2123#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000)
2124
2139#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
2140 ((ka_alg) | (kdf_alg))
2141
2142#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
2143 (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
2144
2145#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
2146 (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
2147
2162#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
2163 (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
2164 PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
2165
2166#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
2167 ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
2168
2176#define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000)
2177
2190#define PSA_ALG_IS_FFDH(alg) \
2191 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
2192
2218#define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000)
2219
2234#define PSA_ALG_IS_ECDH(alg) \
2235 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
2236
2250#define PSA_ALG_IS_WILDCARD(alg) \
2251 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
2252 PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
2253 PSA_ALG_IS_MAC(alg) ? \
2254 (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2255 PSA_ALG_IS_AEAD(alg) ? \
2256 (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2257 (alg) == PSA_ALG_ANY_HASH)
2258
2268#define PSA_ALG_GET_HASH(alg) \
2269 (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t) 0) : 0x02000000 | ((alg) & 0x000000ff))
2270
2277/* Note that location and persistence level values are embedded in the
2278 * persistent key store, as part of key metadata. As a consequence, they
2279 * must not be changed (unless the storage format version changes).
2280 */
2281
2293#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000)
2294
2307#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001)
2308
2313#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00)
2314
2319#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01)
2320
2325#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff)
2326
2327#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
2328 ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
2329
2330#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
2331 ((psa_key_location_t) ((lifetime) >> 8))
2332
2349#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
2350 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2351 PSA_KEY_PERSISTENCE_VOLATILE)
2352
2370#define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
2371 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2372 PSA_KEY_PERSISTENCE_READ_ONLY)
2373
2383#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
2384 ((location) << 8 | (persistence))
2385
2393#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000)
2394
2395#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000)
2396
2397/* Note that key identifier values are embedded in the
2398 * persistent key store, as part of key metadata. As a consequence, they
2399 * must not be changed (unless the storage format version changes).
2400 */
2401
2404/* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
2405#define PSA_KEY_ID_NULL ((psa_key_id_t)0)
2406/* *INDENT-ON* */
2409#define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001)
2412#define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff)
2415#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000)
2418#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff)
2419
2420
2421#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
2422
2423#define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
2424#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
2425#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
2426
2433 unsigned int unused, psa_key_id_t key_id)
2434{
2435 (void) unused;
2436
2437 return key_id;
2438}
2439
2449{
2450 return id1 == id2;
2451}
2452
2460{
2461 return key == 0;
2462}
2463
2464#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2465
2466#define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
2467#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).MBEDTLS_PRIVATE(key_id))
2468#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).MBEDTLS_PRIVATE(owner))
2469
2476 mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
2477{
2478 return (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id,
2479 .MBEDTLS_PRIVATE(owner) = owner_id };
2480}
2481
2491{
2492 return (id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id)) &&
2493 mbedtls_key_owner_id_equal(id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner));
2494}
2495
2503{
2504 return key.MBEDTLS_PRIVATE(key_id) == 0;
2505}
2506
2507#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2508
2515/* Note that key usage flags are embedded in the
2516 * persistent key store, as part of key metadata. As a consequence, they
2517 * must not be changed (unless the storage format version changes).
2518 */
2519
2531#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001)
2532
2547#define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002)
2548
2558#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100)
2559
2569#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200)
2570
2579#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400)
2580
2589#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800)
2590
2599#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000)
2600
2609#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000)
2610
2623#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000)
2624
2638#define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t) 0x00008000)
2639
2646/* Key input steps are not embedded in the persistent storage, so you can
2647 * change them if needed: it's only an ABI change. */
2648
2664#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)
2665
2682#define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)
2683
2691#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \
2692 ((psa_key_derivation_step_t) 0x0103)
2693
2699#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)
2700
2707#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)
2708
2714#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)
2715
2721#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)
2722
2727#define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)
2728
2735/* Helper macros */
2736
2748#define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
2749 (!(((aead_alg_1) ^ (aead_alg_2)) & \
2750 ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
2751
2764#define PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED UINT32_MAX
2765
2768#endif /* PSA_CRYPTO_VALUES_H */
static mbedtls_svc_key_id_t mbedtls_svc_key_id_make(unsigned int unused, psa_key_id_t key_id)
uint32_t psa_key_id_t
Definition: crypto_types.h:280
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:297
static int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2)
Macro wrapper for struct's members.