Kenji Arai
/
mbed-os_TYBLE16
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
Embed:
(wiki syntax)
Show/hide line numbers
psa_util.h
Go to the documentation of this file.
00001 /** 00002 * \file psa_util.h 00003 * 00004 * \brief Utility functions for the use of the PSA Crypto library. 00005 * 00006 * \warning This function is not part of the public API and may 00007 * change at any time. 00008 */ 00009 /* 00010 * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved 00011 * SPDX-License-Identifier: Apache-2.0 00012 * 00013 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00014 * not use this file except in compliance with the License. 00015 * You may obtain a copy of the License at 00016 * 00017 * http://www.apache.org/licenses/LICENSE-2.0 00018 * 00019 * Unless required by applicable law or agreed to in writing, software 00020 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00021 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00022 * See the License for the specific language governing permissions and 00023 * limitations under the License. 00024 * 00025 * This file is part of mbed TLS (https://tls.mbed.org) 00026 */ 00027 00028 #ifndef MBEDTLS_PSA_UTIL_H 00029 #define MBEDTLS_PSA_UTIL_H 00030 00031 #if !defined(MBEDTLS_CONFIG_FILE) 00032 #include "mbedtls/config.h" 00033 #else 00034 #include MBEDTLS_CONFIG_FILE 00035 #endif 00036 00037 #if defined(MBEDTLS_USE_PSA_CRYPTO) 00038 00039 #include "psa/crypto.h" 00040 00041 #include "mbedtls/ecp.h" 00042 #include "mbedtls/md.h" 00043 #include "mbedtls/pk.h" 00044 #include "mbedtls/oid.h" 00045 00046 #include <string.h> 00047 00048 /* Translations for symmetric crypto. */ 00049 00050 static inline psa_key_type_t mbedtls_psa_translate_cipher_type( 00051 mbedtls_cipher_type_t cipher ) 00052 { 00053 switch( cipher ) 00054 { 00055 case MBEDTLS_CIPHER_AES_128_CCM: 00056 case MBEDTLS_CIPHER_AES_192_CCM: 00057 case MBEDTLS_CIPHER_AES_256_CCM: 00058 case MBEDTLS_CIPHER_AES_128_GCM: 00059 case MBEDTLS_CIPHER_AES_192_GCM: 00060 case MBEDTLS_CIPHER_AES_256_GCM: 00061 case MBEDTLS_CIPHER_AES_128_CBC: 00062 case MBEDTLS_CIPHER_AES_192_CBC: 00063 case MBEDTLS_CIPHER_AES_256_CBC: 00064 return( PSA_KEY_TYPE_AES ); 00065 00066 /* ARIA not yet supported in PSA. */ 00067 /* case MBEDTLS_CIPHER_ARIA_128_CCM: 00068 case MBEDTLS_CIPHER_ARIA_192_CCM: 00069 case MBEDTLS_CIPHER_ARIA_256_CCM: 00070 case MBEDTLS_CIPHER_ARIA_128_GCM: 00071 case MBEDTLS_CIPHER_ARIA_192_GCM: 00072 case MBEDTLS_CIPHER_ARIA_256_GCM: 00073 case MBEDTLS_CIPHER_ARIA_128_CBC: 00074 case MBEDTLS_CIPHER_ARIA_192_CBC: 00075 case MBEDTLS_CIPHER_ARIA_256_CBC: 00076 return( PSA_KEY_TYPE_ARIA ); */ 00077 00078 default: 00079 return( 0 ); 00080 } 00081 } 00082 00083 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( 00084 mbedtls_cipher_mode_t mode, size_t taglen ) 00085 { 00086 switch( mode ) 00087 { 00088 case MBEDTLS_MODE_GCM: 00089 return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) ); 00090 case MBEDTLS_MODE_CCM: 00091 return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) ); 00092 case MBEDTLS_MODE_CBC: 00093 if( taglen == 0 ) 00094 return( PSA_ALG_CBC_NO_PADDING ); 00095 /* Intentional fallthrough for taglen != 0 */ 00096 /* fallthrough */ 00097 default: 00098 return( 0 ); 00099 } 00100 } 00101 00102 static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation( 00103 mbedtls_operation_t op ) 00104 { 00105 switch( op ) 00106 { 00107 case MBEDTLS_ENCRYPT: 00108 return( PSA_KEY_USAGE_ENCRYPT ); 00109 case MBEDTLS_DECRYPT: 00110 return( PSA_KEY_USAGE_DECRYPT ); 00111 default: 00112 return( 0 ); 00113 } 00114 } 00115 00116 /* Translations for hashing. */ 00117 00118 static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) 00119 { 00120 switch( md_alg ) 00121 { 00122 #if defined(MBEDTLS_MD2_C) 00123 case MBEDTLS_MD_MD2: 00124 return( PSA_ALG_MD2 ); 00125 #endif 00126 #if defined(MBEDTLS_MD4_C) 00127 case MBEDTLS_MD_MD4: 00128 return( PSA_ALG_MD4 ); 00129 #endif 00130 #if defined(MBEDTLS_MD5_C) 00131 case MBEDTLS_MD_MD5: 00132 return( PSA_ALG_MD5 ); 00133 #endif 00134 #if defined(MBEDTLS_SHA1_C) 00135 case MBEDTLS_MD_SHA1: 00136 return( PSA_ALG_SHA_1 ); 00137 #endif 00138 #if defined(MBEDTLS_SHA256_C) 00139 case MBEDTLS_MD_SHA224: 00140 return( PSA_ALG_SHA_224 ); 00141 case MBEDTLS_MD_SHA256: 00142 return( PSA_ALG_SHA_256 ); 00143 #endif 00144 #if defined(MBEDTLS_SHA512_C) 00145 case MBEDTLS_MD_SHA384: 00146 return( PSA_ALG_SHA_384 ); 00147 case MBEDTLS_MD_SHA512: 00148 return( PSA_ALG_SHA_512 ); 00149 #endif 00150 #if defined(MBEDTLS_RIPEMD160_C) 00151 case MBEDTLS_MD_RIPEMD160: 00152 return( PSA_ALG_RIPEMD160 ); 00153 #endif 00154 case MBEDTLS_MD_NONE: /* Intentional fallthrough */ 00155 default: 00156 return( 0 ); 00157 } 00158 } 00159 00160 /* Translations for ECC. */ 00161 00162 static inline int mbedtls_psa_get_ecc_oid_from_id( 00163 psa_ecc_curve_t curve, char const **oid, size_t *oid_len ) 00164 { 00165 switch( curve ) 00166 { 00167 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) 00168 case PSA_ECC_CURVE_SECP192R1: 00169 *oid = MBEDTLS_OID_EC_GRP_SECP192R1; 00170 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); 00171 return( 0 ); 00172 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ 00173 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) 00174 case PSA_ECC_CURVE_SECP224R1: 00175 *oid = MBEDTLS_OID_EC_GRP_SECP224R1; 00176 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); 00177 return( 0 ); 00178 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ 00179 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) 00180 case PSA_ECC_CURVE_SECP256R1: 00181 *oid = MBEDTLS_OID_EC_GRP_SECP256R1; 00182 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); 00183 return( 0 ); 00184 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ 00185 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) 00186 case PSA_ECC_CURVE_SECP384R1: 00187 *oid = MBEDTLS_OID_EC_GRP_SECP384R1; 00188 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); 00189 return( 0 ); 00190 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ 00191 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) 00192 case PSA_ECC_CURVE_SECP521R1: 00193 *oid = MBEDTLS_OID_EC_GRP_SECP521R1; 00194 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); 00195 return( 0 ); 00196 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ 00197 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) 00198 case PSA_ECC_CURVE_SECP192K1: 00199 *oid = MBEDTLS_OID_EC_GRP_SECP192K1; 00200 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); 00201 return( 0 ); 00202 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ 00203 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) 00204 case PSA_ECC_CURVE_SECP224K1: 00205 *oid = MBEDTLS_OID_EC_GRP_SECP224K1; 00206 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); 00207 return( 0 ); 00208 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ 00209 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) 00210 case PSA_ECC_CURVE_SECP256K1: 00211 *oid = MBEDTLS_OID_EC_GRP_SECP256K1; 00212 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); 00213 return( 0 ); 00214 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ 00215 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) 00216 case PSA_ECC_CURVE_BRAINPOOL_P256R1: 00217 *oid = MBEDTLS_OID_EC_GRP_BP256R1; 00218 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); 00219 return( 0 ); 00220 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ 00221 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) 00222 case PSA_ECC_CURVE_BRAINPOOL_P384R1: 00223 *oid = MBEDTLS_OID_EC_GRP_BP384R1; 00224 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); 00225 return( 0 ); 00226 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ 00227 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) 00228 case PSA_ECC_CURVE_BRAINPOOL_P512R1: 00229 *oid = MBEDTLS_OID_EC_GRP_BP512R1; 00230 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); 00231 return( 0 ); 00232 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ 00233 } 00234 00235 return( -1 ); 00236 } 00237 00238 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1 00239 00240 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) 00241 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) 00242 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00243 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) 00244 #endif 00245 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ 00246 00247 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) 00248 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) 00249 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00250 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) 00251 #endif 00252 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ 00253 00254 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) 00255 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) 00256 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00257 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) 00258 #endif 00259 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ 00260 00261 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) 00262 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) 00263 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00264 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) 00265 #endif 00266 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ 00267 00268 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) 00269 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 ) 00270 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00271 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 ) 00272 #endif 00273 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ 00274 00275 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) 00276 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) 00277 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00278 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) 00279 #endif 00280 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ 00281 00282 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) 00283 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) 00284 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00285 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) 00286 #endif 00287 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ 00288 00289 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) 00290 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) 00291 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00292 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) 00293 #endif 00294 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ 00295 00296 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) 00297 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) 00298 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00299 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) 00300 #endif 00301 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ 00302 00303 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) 00304 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) 00305 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00306 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) 00307 #endif 00308 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ 00309 00310 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) 00311 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 ) 00312 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 00313 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 ) 00314 #endif 00315 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ 00316 00317 00318 static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) 00319 { 00320 switch( grpid ) 00321 { 00322 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) 00323 case MBEDTLS_ECP_DP_SECP192R1: 00324 return( PSA_ECC_CURVE_SECP192R1 ); 00325 #endif 00326 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) 00327 case MBEDTLS_ECP_DP_SECP224R1: 00328 return( PSA_ECC_CURVE_SECP224R1 ); 00329 #endif 00330 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) 00331 case MBEDTLS_ECP_DP_SECP256R1: 00332 return( PSA_ECC_CURVE_SECP256R1 ); 00333 #endif 00334 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) 00335 case MBEDTLS_ECP_DP_SECP384R1: 00336 return( PSA_ECC_CURVE_SECP384R1 ); 00337 #endif 00338 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) 00339 case MBEDTLS_ECP_DP_SECP521R1: 00340 return( PSA_ECC_CURVE_SECP521R1 ); 00341 #endif 00342 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) 00343 case MBEDTLS_ECP_DP_BP256R1: 00344 return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); 00345 #endif 00346 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) 00347 case MBEDTLS_ECP_DP_BP384R1: 00348 return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); 00349 #endif 00350 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) 00351 case MBEDTLS_ECP_DP_BP512R1: 00352 return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); 00353 #endif 00354 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) 00355 case MBEDTLS_ECP_DP_CURVE25519: 00356 return( PSA_ECC_CURVE_CURVE25519 ); 00357 #endif 00358 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) 00359 case MBEDTLS_ECP_DP_SECP192K1: 00360 return( PSA_ECC_CURVE_SECP192K1 ); 00361 #endif 00362 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) 00363 case MBEDTLS_ECP_DP_SECP224K1: 00364 return( PSA_ECC_CURVE_SECP224K1 ); 00365 #endif 00366 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) 00367 case MBEDTLS_ECP_DP_SECP256K1: 00368 return( PSA_ECC_CURVE_SECP256K1 ); 00369 #endif 00370 #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) 00371 case MBEDTLS_ECP_DP_CURVE448: 00372 return( PSA_ECC_CURVE_CURVE448 ); 00373 #endif 00374 default: 00375 return( 0 ); 00376 } 00377 } 00378 00379 00380 #define MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) \ 00381 ( curve == PSA_ECC_CURVE_SECP192R1 ? 192 : \ 00382 curve == PSA_ECC_CURVE_SECP224R1 ? 224 : \ 00383 curve == PSA_ECC_CURVE_SECP256R1 ? 256 : \ 00384 curve == PSA_ECC_CURVE_SECP384R1 ? 384 : \ 00385 curve == PSA_ECC_CURVE_SECP521R1 ? 521 : \ 00386 curve == PSA_ECC_CURVE_SECP192K1 ? 192 : \ 00387 curve == PSA_ECC_CURVE_SECP224K1 ? 224 : \ 00388 curve == PSA_ECC_CURVE_SECP256K1 ? 256 : \ 00389 curve == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ 00390 curve == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ 00391 curve == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ 00392 0 ) 00393 00394 #define MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( curve ) \ 00395 ( ( MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) + 7 ) / 8 ) 00396 00397 /* Translations for PK layer */ 00398 00399 static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) 00400 { 00401 switch( status ) 00402 { 00403 case PSA_SUCCESS: 00404 return( 0 ); 00405 case PSA_ERROR_NOT_SUPPORTED: 00406 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); 00407 case PSA_ERROR_INSUFFICIENT_MEMORY: 00408 return( MBEDTLS_ERR_PK_ALLOC_FAILED ); 00409 case PSA_ERROR_INSUFFICIENT_ENTROPY: 00410 return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); 00411 case PSA_ERROR_BAD_STATE: 00412 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); 00413 /* All other failures */ 00414 case PSA_ERROR_COMMUNICATION_FAILURE: 00415 case PSA_ERROR_HARDWARE_FAILURE: 00416 case PSA_ERROR_CORRUPTION_DETECTED: 00417 return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); 00418 default: /* We return the same as for the 'other failures', 00419 * but list them separately nonetheless to indicate 00420 * which failure conditions we have considered. */ 00421 return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); 00422 } 00423 } 00424 00425 /* Translations for ECC */ 00426 00427 /* This function transforms an ECC group identifier from 00428 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 00429 * into a PSA ECC group identifier. */ 00430 static inline psa_ecc_curve_t mbedtls_psa_parse_tls_ecc_group( 00431 uint16_t tls_ecc_grp_reg_id ) 00432 { 00433 /* The PSA identifiers are currently aligned with those from 00434 * the TLS Supported Groups registry, so no conversion is necessary. */ 00435 return( (psa_ecc_curve_t) tls_ecc_grp_reg_id ); 00436 } 00437 00438 /* This function takes a buffer holding an EC public key 00439 * exported through psa_export_public_key(), and converts 00440 * it into an ECPoint structure to be put into a ClientKeyExchange 00441 * message in an ECDHE exchange. 00442 * 00443 * Both the present and the foreseeable future format of EC public keys 00444 * used by PSA have the ECPoint structure contained in the exported key 00445 * as a subbuffer, and the function merely selects this subbuffer instead 00446 * of making a copy. 00447 */ 00448 static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src, 00449 size_t srclen, 00450 unsigned char **dst, 00451 size_t *dstlen ) 00452 { 00453 *dst = src; 00454 *dstlen = srclen; 00455 return( 0 ); 00456 } 00457 00458 /* This function takes a buffer holding an ECPoint structure 00459 * (as contained in a TLS ServerKeyExchange message for ECDHE 00460 * exchanges) and converts it into a format that the PSA key 00461 * agreement API understands. 00462 */ 00463 static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( psa_ecc_curve_t curve, 00464 unsigned char const *src, 00465 size_t srclen, 00466 unsigned char *dst, 00467 size_t dstlen, 00468 size_t *olen ) 00469 { 00470 ((void) curve); 00471 00472 if( srclen > dstlen ) 00473 return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); 00474 00475 memcpy( dst, src, srclen ); 00476 *olen = srclen; 00477 return( 0 ); 00478 } 00479 00480 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 00481 00482 #endif /* MBEDTLS_PSA_UTIL_H */
Generated on Tue Jul 12 2022 13:54:46 by
1.7.2