Mistake on this page?
Report an issue in GitHub or email us
TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_extra.h
1 /*
2  * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 /**
8  * \file psa/crypto_extra.h
9  *
10  * \brief PSA cryptography module: vendor extensions
11  *
12  * \note This file may not be included directly. Applications must
13  * include psa/crypto.h.
14  *
15  * This file is reserved for vendor-specific definitions.
16  */
17 
18 #ifndef PSA_CRYPTO_EXTRA_H
19 #define PSA_CRYPTO_EXTRA_H
20 
21 #include "psa/crypto_compat.h"
22 
23 #ifdef __cplusplus
24 extern "C" {
25 #endif
26 
27 /** \brief Declare the enrollment algorithm for a key.
28  *
29  * An operation on a key may indifferently use the algorithm set with
30  * psa_set_key_algorithm() or with this function.
31  *
32  * \param[out] attributes The attribute structure to write to.
33  * \param alg2 A second algorithm that the key may be used
34  * for, in addition to the algorithm set with
35  * psa_set_key_algorithm().
36  *
37  * \warning Setting an enrollment algorithm is not recommended, because
38  * using the same key with different algorithms can allow some
39  * attacks based on arithmetic relations between different
40  * computations made with the same key, or can escalate harmless
41  * side channels into exploitable ones. Use this function only
42  * if it is necessary to support a protocol for which it has been
43  * verified that the usage of the key with multiple algorithms
44  * is safe.
45  */
46 static inline void psa_set_key_enrollment_algorithm(
47  psa_key_attributes_t *attributes,
48  psa_algorithm_t alg2)
49 {
50  attributes->core.policy.alg2 = alg2;
51 }
52 
53 #if defined(MBEDTLS_ECP_C)
54 #include <mbedtls/ecp.h>
55 
56 /** Convert an ECC curve identifier from the Mbed TLS encoding to PSA.
57  *
58  * \note This function is provided solely for the convenience of
59  * Mbed TLS and may be removed at any time without notice.
60  *
61  * \param grpid An Mbed TLS elliptic curve identifier
62  * (`MBEDTLS_ECP_DP_xxx`).
63  * \param[out] bits On success, the bit size of the curve.
64  *
65  * \return The corresponding PSA elliptic curve identifier
66  * (`PSA_ECC_FAMILY_xxx`).
67  * \return \c 0 on failure (\p grpid is not recognized).
68  */
69 static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
70  size_t *bits )
71 {
72  switch( grpid )
73  {
74  case MBEDTLS_ECP_DP_SECP192R1:
75  *bits = 192;
76  return( PSA_ECC_FAMILY_SECP_R1 );
77  case MBEDTLS_ECP_DP_SECP224R1:
78  *bits = 224;
79  return( PSA_ECC_FAMILY_SECP_R1 );
80  case MBEDTLS_ECP_DP_SECP256R1:
81  *bits = 256;
82  return( PSA_ECC_FAMILY_SECP_R1 );
83  case MBEDTLS_ECP_DP_SECP384R1:
84  *bits = 384;
85  return( PSA_ECC_FAMILY_SECP_R1 );
86  case MBEDTLS_ECP_DP_SECP521R1:
87  *bits = 521;
88  return( PSA_ECC_FAMILY_SECP_R1 );
89  case MBEDTLS_ECP_DP_BP256R1:
90  *bits = 256;
92  case MBEDTLS_ECP_DP_BP384R1:
93  *bits = 384;
95  case MBEDTLS_ECP_DP_BP512R1:
96  *bits = 512;
98  case MBEDTLS_ECP_DP_CURVE25519:
99  *bits = 255;
100  return( PSA_ECC_FAMILY_MONTGOMERY );
101  case MBEDTLS_ECP_DP_SECP192K1:
102  *bits = 192;
103  return( PSA_ECC_FAMILY_SECP_K1 );
104  case MBEDTLS_ECP_DP_SECP224K1:
105  *bits = 224;
106  return( PSA_ECC_FAMILY_SECP_K1 );
107  case MBEDTLS_ECP_DP_SECP256K1:
108  *bits = 256;
109  return( PSA_ECC_FAMILY_SECP_K1 );
110  case MBEDTLS_ECP_DP_CURVE448:
111  *bits = 448;
112  return( PSA_ECC_FAMILY_MONTGOMERY );
113  default:
114  *bits = 0;
115  return( 0 );
116  }
117 }
118 
119 /** Convert an ECC curve identifier from the PSA encoding to Mbed TLS.
120  *
121  * \note This function is provided solely for the convenience of
122  * Mbed TLS and may be removed at any time without notice.
123  *
124  * \param curve A PSA elliptic curve identifier
125  * (`PSA_ECC_FAMILY_xxx`).
126  * \param byte_length The byte-length of a private key on \p curve.
127  *
128  * \return The corresponding Mbed TLS elliptic curve identifier
129  * (`MBEDTLS_ECP_DP_xxx`).
130  * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized.
131  * \return #MBEDTLS_ECP_DP_NONE if \p byte_length is not
132  * correct for \p curve.
133  */
134 //mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
135 // size_t byte_length );
136 #endif /* MBEDTLS_ECP_C */
137 
138 #ifdef __cplusplus
139 }
140 #endif
141 
142 #endif /* PSA_CRYPTO_EXTRA_H */
#define PSA_ECC_FAMILY_MONTGOMERY
Curve25519 and Curve448.
static void psa_set_key_enrollment_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg2)
Declare the enrollment algorithm for a key.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
Brainpool P random curves.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
#define PSA_ECC_FAMILY_SECP_R1
SEC random curves over prime fields.
#define PSA_ECC_FAMILY_SECP_K1
SEC Koblitz curves over prime fields.
uint8_t psa_ecc_family_t
The type of PSA elliptic curve family identifiers.
Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.