28 #ifndef PSA_CRYPTO_EXTRA_H 29 #define PSA_CRYPTO_EXTRA_H 31 #include "mbedtls/platform_util.h" 33 #include "crypto_compat.h" 35 #include "platform/mbed_toolchain.h" 42 #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 69 MBED_DEPRECATED(
"Setting enrollment algorithm is for backward compatibility and not recommended.")
74 attributes->core.policy.alg2 = alg2;
85 MBED_DEPRECATED(
"Getting enrollment algorithm is for backward compatibility and not recommended.")
89 return( attributes->core.policy.alg2 );
92 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 143 static inline void psa_set_key_slot_number(
147 attributes->core.flags |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
148 attributes->slot_number = slot_number;
157 static inline void psa_clear_key_slot_number(
160 attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
216 void mbedtls_psa_crypto_free(
void );
323 psa_status_t mbedtls_psa_inject_entropy(
const uint8_t *seed,
337 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002) 355 #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002) 358 #define PSA_KEY_TYPE_IS_DSA(type) \ 359 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) 361 #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) 376 #define PSA_ALG_DSA(hash_alg) \ 377 (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 378 #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) 379 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG 394 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ 395 (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) 396 #define PSA_ALG_IS_DSA(alg) \ 397 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ 399 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ 400 (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) 401 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ 402 (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) 403 #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ 404 (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) 409 #undef PSA_ALG_IS_HASH_AND_SIGN 410 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \ 411 (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ 412 PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) 426 #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e) 527 size_t *data_length);
554 #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ 555 (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ 556 PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ 557 PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ 559 #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ 560 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 ) 561 #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ 562 (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 + 34 ) 570 #if defined(MBEDTLS_ECP_C) 571 #include <mbedtls/ecp.h> 586 static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
591 case MBEDTLS_ECP_DP_SECP192R1:
594 case MBEDTLS_ECP_DP_SECP224R1:
597 case MBEDTLS_ECP_DP_SECP256R1:
600 case MBEDTLS_ECP_DP_SECP384R1:
603 case MBEDTLS_ECP_DP_SECP521R1:
606 case MBEDTLS_ECP_DP_BP256R1:
609 case MBEDTLS_ECP_DP_BP384R1:
612 case MBEDTLS_ECP_DP_BP512R1:
615 case MBEDTLS_ECP_DP_CURVE25519:
618 case MBEDTLS_ECP_DP_SECP192K1:
621 case MBEDTLS_ECP_DP_SECP224K1:
624 case MBEDTLS_ECP_DP_SECP256K1:
627 case MBEDTLS_ECP_DP_CURVE448:
652 size_t byte_length );
size_t empty_slots
Number of slots that are not used for anything.
psa_app_key_id_t max_open_internal_key_id
Largest key id value among open keys in internal persistent storage.
#define PSA_ECC_FAMILY_MONTGOMERY
Curve25519 and Curve448.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
size_t cache_slots
Number of slots that contain cache data.
psa_app_key_id_t max_open_external_key_id
Largest key id value among open keys in secure elements.
size_t half_filled_slots
Number of slots which are occupied, but do not contain key material yet.
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
Set domain parameters for a key.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
Brainpool P random curves.
uint64_t psa_key_slot_number_t
An internal designation of a key slot between the core part of the PSA Crypto implementation and the ...
static psa_algorithm_t psa_get_key_enrollment_algorithm(const psa_key_attributes_t *attributes)
Retrieve the enrollment algorithm policy from key attributes.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
size_t external_slots
Number of slots containing a reference to a key in a secure element.
#define PSA_ECC_FAMILY_SECP_R1
SEC random curves over prime fields.
size_t persistent_slots
Number of slots containing key material for a key which is in internal persistent storage...
uint16_t psa_key_type_t
Encoding of a key type.
size_t volatile_slots
Number of slots containing key material for a volatile key.
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
Get domain parameters for a key.
#define PSA_ECC_FAMILY_SECP_K1
SEC Koblitz curves over prime fields.
uint8_t psa_ecc_family_t
The type of PSA elliptic curve family identifiers.
int32_t psa_status_t
Function return status.
Statistics about resource consumption related to the PSA keystore.