Mbed TLS v3.5.0
crypto_builtin_key_derivation.h
Go to the documentation of this file.
1/*
2 * Context structure declaration of the Mbed TLS software-based PSA drivers
3 * called through the PSA Crypto driver dispatch layer.
4 * This file contains the context structures of key derivation algorithms
5 * which need to rely on other algorithms.
6 *
7 * \note This file may not be included directly. Applications must
8 * include psa/crypto.h.
9 *
10 * \note This header and its content are not part of the Mbed TLS API and
11 * applications must not depend on it. Its main purpose is to define the
12 * multi-part state objects of the Mbed TLS software-based PSA drivers. The
13 * definitions of these objects are then used by crypto_struct.h to define the
14 * implementation-defined types of PSA multi-part state objects.
15 */
16/*
17 * Copyright The Mbed TLS Contributors
18 * SPDX-License-Identifier: Apache-2.0
19 *
20 * Licensed under the Apache License, Version 2.0 (the "License"); you may
21 * not use this file except in compliance with the License.
22 * You may obtain a copy of the License at
23 *
24 * http://www.apache.org/licenses/LICENSE-2.0
25 *
26 * Unless required by applicable law or agreed to in writing, software
27 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
28 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29 * See the License for the specific language governing permissions and
30 * limitations under the License.
31 */
32
33#ifndef PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H
34#define PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H
36
38
39#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
40 defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
41 defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
42typedef struct {
43 uint8_t *MBEDTLS_PRIVATE(info);
44 size_t MBEDTLS_PRIVATE(info_length);
45#if PSA_HASH_MAX_SIZE > 0xff
46#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
47#endif
48 uint8_t MBEDTLS_PRIVATE(offset_in_block);
49 uint8_t MBEDTLS_PRIVATE(block_number);
50 unsigned int MBEDTLS_PRIVATE(state) : 2;
51 unsigned int MBEDTLS_PRIVATE(info_set) : 1;
52 uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
56#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF ||
57 MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
58 MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
59#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
60typedef struct {
63#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
64
65#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
66 defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
67typedef enum {
68 PSA_TLS12_PRF_STATE_INIT, /* no input provided */
69 PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
70 PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
71 PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */
72 PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */
73 PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
75
77#if PSA_HASH_MAX_SIZE > 0xff
78#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
79#endif
80
81 /* Indicates how many bytes in the current HMAC block have
82 * not yet been read by the user. */
83 uint8_t MBEDTLS_PRIVATE(left_in_block);
84
85 /* The 1-based number of the block. */
86 uint8_t MBEDTLS_PRIVATE(block_number);
87
89
90 uint8_t *MBEDTLS_PRIVATE(secret);
91 size_t MBEDTLS_PRIVATE(secret_length);
92 uint8_t *MBEDTLS_PRIVATE(seed);
93 size_t MBEDTLS_PRIVATE(seed_length);
94 uint8_t *MBEDTLS_PRIVATE(label);
95 size_t MBEDTLS_PRIVATE(label_length);
96#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
97 uint8_t *MBEDTLS_PRIVATE(other_secret);
98 size_t MBEDTLS_PRIVATE(other_secret_length);
99#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
100
102
103 /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */
104 uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
106#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
107 * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
108#if defined(PSA_HAVE_SOFT_PBKDF2)
109typedef enum {
110 PSA_PBKDF2_STATE_INIT, /* no input provided */
111 PSA_PBKDF2_STATE_INPUT_COST_SET, /* input cost has been set */
112 PSA_PBKDF2_STATE_SALT_SET, /* salt has been set */
113 PSA_PBKDF2_STATE_PASSWORD_SET, /* password has been set */
114 PSA_PBKDF2_STATE_OUTPUT /* output has been started */
115} psa_pbkdf2_key_derivation_state_t;
116
117typedef struct {
118 psa_pbkdf2_key_derivation_state_t MBEDTLS_PRIVATE(state);
119 uint64_t MBEDTLS_PRIVATE(input_cost);
120 uint8_t *MBEDTLS_PRIVATE(salt);
121 size_t MBEDTLS_PRIVATE(salt_length);
123 size_t MBEDTLS_PRIVATE(password_length);
124 uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
125 uint8_t MBEDTLS_PRIVATE(bytes_used);
126 uint32_t MBEDTLS_PRIVATE(block_number);
127} psa_pbkdf2_key_derivation_t;
128#endif /* PSA_HAVE_SOFT_PBKDF2 */
129
130#endif /* PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H */
struct psa_tls12_prf_key_derivation_s psa_tls12_prf_key_derivation_t
psa_tls12_prf_key_derivation_state_t
@ PSA_TLS12_PRF_STATE_SEED_SET
@ PSA_TLS12_PRF_STATE_LABEL_SET
@ PSA_TLS12_PRF_STATE_OUTPUT
@ PSA_TLS12_PRF_STATE_KEY_SET
@ PSA_TLS12_PRF_STATE_OTHER_KEY_SET
Definitions for all PSA crypto drivers.
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE
Definition: crypto_sizes.h:134
#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE
Definition: crypto_sizes.h:300
#define PSA_HASH_MAX_SIZE
Definition: crypto_sizes.h:154
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)