Keil Studio Cloud
Mistake on this page?
Report an issue in GitHub or email us
crypto_struct_ipc.h
1 /**
2  * \file psa/crypto_struct.h
3  *
4  * \brief PSA cryptography module: Mbed TLS structured type implementations
5  *
6  * \note This file may not be included directly. Applications must
7  * include psa/crypto.h.
8  *
9  * This file contains the definitions of some data structures with
10  * implementation-specific definitions.
11  *
12  * In implementations with isolation between the application and the
13  * cryptography module, it is expected that the front-end and the back-end
14  * would have different versions of this file.
15  *
16  * <h3>Design notes about multipart operation structures</h3>
17  *
18  * Each multipart operation structure contains a `psa_algorithm_t alg`
19  * field which indicates which specific algorithm the structure is for.
20  * When the structure is not in use, `alg` is 0. Most of the structure
21  * consists of a union which is discriminated by `alg`.
22  *
23  * Note that when `alg` is 0, the content of other fields is undefined.
24  * In particular, it is not guaranteed that a freshly-initialized structure
25  * is all-zero: we initialize structures to something like `{0, 0}`, which
26  * is only guaranteed to initializes the first member of the union;
27  * GCC and Clang initialize the whole structure to 0 (at the time of writing),
28  * but MSVC and CompCert don't.
29  *
30  * In Mbed Crypto, multipart operation structures live independently from
31  * the key. This allows Mbed Crypto to free the key objects when destroying
32  * a key slot. If a multipart operation needs to remember the key after
33  * the setup function returns, the operation structure needs to contain a
34  * copy of the key.
35  */
36 /*
37  * Copyright (C) 2018, ARM Limited, All Rights Reserved
38  * SPDX-License-Identifier: Apache-2.0
39  *
40  * Licensed under the Apache License, Version 2.0 (the "License"); you may
41  * not use this file except in compliance with the License.
42  * You may obtain a copy of the License at
43  *
44  * http://www.apache.org/licenses/LICENSE-2.0
45  *
46  * Unless required by applicable law or agreed to in writing, software
47  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
48  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
49  * See the License for the specific language governing permissions and
50  * limitations under the License.
51  *
52  * This file is part of mbed TLS (https://tls.mbed.org)
53  */
54 
55 #ifndef PSA_CRYPTO_STRUCT_H
56 #define PSA_CRYPTO_STRUCT_H
57 
58 #include "psa/client.h"
59 
60 #ifdef __cplusplus
61 extern "C" {
62 #endif
63 
64 struct psa_hash_operation_s {
65  psa_handle_t handle;
66 };
67 
68 #define PSA_HASH_OPERATION_INIT { PSA_NULL_HANDLE }
69 static inline struct psa_hash_operation_s psa_hash_operation_init( void )
70 {
71  const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
72  return( v );
73 }
74 
75 struct psa_mac_operation_s
76 {
77  psa_handle_t handle;
78 };
79 
80 #define PSA_MAC_OPERATION_INIT { PSA_NULL_HANDLE }
81 static inline struct psa_mac_operation_s psa_mac_operation_init( void )
82 {
83  const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
84  return( v );
85 }
86 
87 struct psa_cipher_operation_s
88 {
89  psa_handle_t handle;
90 };
91 
92 #define PSA_CIPHER_OPERATION_INIT { PSA_NULL_HANDLE }
93 static inline struct psa_cipher_operation_s psa_cipher_operation_init( void )
94 {
95  const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
96  return( v );
97 }
98 
99 struct psa_aead_operation_s
100 {
101  psa_handle_t handle;
102 };
103 
104 #define PSA_AEAD_OPERATION_INIT { PSA_NULL_HANDLE }
105 static inline struct psa_aead_operation_s psa_aead_operation_init( void )
106 {
107  const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;
108  return( v );
109 }
110 
111 struct psa_key_derivation_s
112 {
113  psa_handle_t handle;
114 };
115 
116 /* This only zeroes out the first byte in the union, the rest is unspecified. */
117 #define PSA_KEY_DERIVATION_OPERATION_INIT { PSA_NULL_HANDLE }
118 static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void )
119 {
120  const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
121  return( v );
122 }
123 
124 struct psa_key_policy_s
125 {
126  psa_key_usage_t usage;
127  psa_algorithm_t alg;
128  psa_algorithm_t alg2;
129 };
130 typedef struct psa_key_policy_s psa_key_policy_t;
131 
132 #define PSA_KEY_POLICY_INIT {0, 0, 0}
133 static inline struct psa_key_policy_s psa_key_policy_init( void )
134 {
135  const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
136  return( v );
137 }
138 
139 /* The type used internally for key sizes.
140  * Public interfaces use size_t, but internally we use a smaller type. */
141 typedef uint16_t psa_key_bits_t;
142 /* The maximum value of the type used to represent bit-sizes.
143  * This is used to mark an invalid key size. */
144 #define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) )
145 /* The maximum size of a key in bits.
146  * Currently defined as the maximum that can be represented, rounded down
147  * to a whole number of bytes.
148  * This is an uncast value so that it can be used in preprocessor
149  * conditionals. */
150 #define PSA_MAX_KEY_BITS 0xfff8
151 
152 /** A mask of flags that can be stored in key attributes.
153  *
154  * This type is also used internally to store flags in slots. Internal
155  * flags are defined in library/psa_crypto_core.h. Internal flags may have
156  * the same value as external flags if they are properly handled during
157  * key creation and in psa_get_key_attributes.
158  */
159 typedef uint16_t psa_key_attributes_flag_t;
160 
161 #define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \
162  ( (psa_key_attributes_flag_t) 0x0001 )
163 
164 /* A mask of key attribute flags used externally only.
165  * Only meant for internal checks inside the library. */
166 #define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \
167  MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \
168  0 )
169 
170 /* A mask of key attribute flags used both internally and externally.
171  * Currently there aren't any. */
172 #define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \
173  0 )
174 
175 typedef struct
176 {
177  psa_key_type_t type;
178  psa_key_lifetime_t lifetime;
179  psa_key_id_t id;
180  psa_key_policy_t policy;
181  psa_key_bits_t bits;
182  psa_key_attributes_flag_t flags;
183 } psa_core_key_attributes_t;
184 
185 #define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0, 0}
186 
187 struct psa_key_attributes_s
188 {
189  psa_core_key_attributes_t core;
190 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
191  psa_key_slot_number_t slot_number;
192 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
193  void *domain_parameters;
194  size_t domain_parameters_size;
195 };
196 
197 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
198 #define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0}
199 #else
200 #define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0}
201 #endif
202 
203 static inline struct psa_key_attributes_s psa_key_attributes_init( void )
204 {
205  const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
206  return( v );
207 }
208 
209 static inline void psa_set_key_id(psa_key_attributes_t *attributes,
210  psa_key_id_t id)
211 {
212  attributes->core.id = id;
213  if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE )
214  attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
215 }
216 
217 static inline psa_key_id_t psa_get_key_id(
218  const psa_key_attributes_t *attributes)
219 {
220  return( attributes->core.id );
221 }
222 
223 static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
224  psa_key_lifetime_t lifetime)
225 {
226  attributes->core.lifetime = lifetime;
227  if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
228  {
229 #ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
230  attributes->core.id.key_id = 0;
231  attributes->core.id.owner = 0;
232 #else
233  attributes->core.id = 0;
234 #endif
235  }
236 }
237 
238 static inline psa_key_lifetime_t psa_get_key_lifetime(
239  const psa_key_attributes_t *attributes)
240 {
241  return( attributes->core.lifetime );
242 }
243 
244 static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
245  psa_key_usage_t usage_flags)
246 {
247  attributes->core.policy.usage = usage_flags;
248 }
249 
250 static inline psa_key_usage_t psa_get_key_usage_flags(
251  const psa_key_attributes_t *attributes)
252 {
253  return( attributes->core.policy.usage );
254 }
255 
256 static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
257  psa_algorithm_t alg)
258 {
259  attributes->core.policy.alg = alg;
260 }
261 
262 static inline psa_algorithm_t psa_get_key_algorithm(
263  const psa_key_attributes_t *attributes)
264 {
265  return( attributes->core.policy.alg );
266 }
267 
268 /* This function is declared in crypto_extra.h, which comes after this
269  * header file, but we need the function here, so repeat the declaration. */
270 psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
271  psa_key_type_t type,
272  const uint8_t *data,
273  size_t data_length);
274 
275 static inline void psa_set_key_type(psa_key_attributes_t *attributes,
276  psa_key_type_t type)
277 {
278  if( attributes->domain_parameters == NULL )
279  {
280  /* Common case: quick path */
281  attributes->core.type = type;
282  }
283  else
284  {
285  /* Call the bigger function to free the old domain paramteres.
286  * Ignore any errors which may arise due to type requiring
287  * non-default domain parameters, since this function can't
288  * report errors. */
289  (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 );
290  }
291 }
292 
293 static inline psa_key_type_t psa_get_key_type(
294  const psa_key_attributes_t *attributes)
295 {
296  return( attributes->core.type );
297 }
298 
299 static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
300  size_t bits)
301 {
302  if( bits > PSA_MAX_KEY_BITS )
303  attributes->core.bits = PSA_KEY_BITS_TOO_LARGE;
304  else
305  attributes->core.bits = (psa_key_bits_t) bits;
306 }
307 
308 static inline size_t psa_get_key_bits(
309  const psa_key_attributes_t *attributes)
310 {
311  return( attributes->core.bits );
312 }
313 
314 #ifdef __cplusplus
315 }
316 #endif
317 
318 #endif /* PSA_CRYPTO_STRUCT_H */
psa_key_attributes_s
Definition: crypto_struct_ipc.h:187
psa_aead_operation_s
Definition: crypto_struct_ipc.h:99
psa_mac_operation_s
Definition: crypto_struct_ipc.h:75
psa_key_policy_s
Definition: crypto_struct_ipc.h:124
psa_cipher_operation_s
Definition: crypto_struct_ipc.h:87
psa_key_derivation_s
Definition: crypto_struct_ipc.h:111
psa_hash_operation_s
Definition: crypto_struct_ipc.h:64
psa_core_key_attributes_t
Definition: crypto_struct_ipc.h:175
Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.