34 #ifndef PSA_CRYPTO_VALUES_H
35 #define PSA_CRYPTO_VALUES_H
44 #define PSA_SUCCESS ((psa_status_t)0)
51 #define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
60 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
73 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
85 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
91 #define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
97 #define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
113 #define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
124 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
130 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
139 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
156 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
181 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
187 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
218 #define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
237 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
247 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
263 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
267 #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
271 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
295 #define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
311 #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
323 #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000)
332 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000)
334 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000)
335 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000)
336 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000)
337 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000)
338 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000)
340 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000)
346 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
347 (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
353 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
354 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
355 ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
358 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
359 (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
360 & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
361 PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
363 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
364 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
367 #define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
368 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
379 #define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
380 ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
391 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
392 ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
398 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001)
408 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
415 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200)
422 #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400)
426 #define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406)
437 #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301)
441 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
447 #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002)
456 #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)
462 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001)
467 #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001)
469 #define PSA_KEY_TYPE_IS_RSA(type) \
470 (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
472 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100)
473 #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100)
474 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff)
484 #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
485 (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
495 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
496 (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
499 #define PSA_KEY_TYPE_IS_ECC(type) \
500 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
501 ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
503 #define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
504 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
505 PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
507 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
508 (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
509 PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
512 #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
513 ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
514 ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
525 #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
535 #define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
537 #define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
547 #define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
557 #define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
567 #define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
576 #define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
588 #define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
604 #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
606 #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200)
607 #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200)
608 #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff)
614 #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
615 (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
621 #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
622 (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
625 #define PSA_KEY_TYPE_IS_DH(type) \
626 ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
627 ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
629 #define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
630 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
631 PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
633 #define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
634 (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
635 PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
638 #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
639 ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
640 ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
649 #define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
651 #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
671 #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
672 (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
673 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
683 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
685 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
686 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000)
687 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000)
688 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
689 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000)
690 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000)
691 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000)
692 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000)
693 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000)
699 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
700 (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
710 #define PSA_ALG_IS_HASH(alg) \
711 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
721 #define PSA_ALG_IS_MAC(alg) \
722 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
732 #define PSA_ALG_IS_CIPHER(alg) \
733 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
744 #define PSA_ALG_IS_AEAD(alg) \
745 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
756 #define PSA_ALG_IS_SIGN(alg) \
757 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
768 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
769 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
779 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
780 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
790 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
791 (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
794 #define PSA_ALG_NONE ((psa_algorithm_t)0)
796 #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
798 #define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001)
800 #define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002)
802 #define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
804 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004)
806 #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005)
808 #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008)
810 #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009)
812 #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a)
814 #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b)
816 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c)
818 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d)
820 #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010)
822 #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011)
824 #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012)
826 #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013)
833 #define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015)
868 #define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff)
870 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
871 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000)
883 #define PSA_ALG_HMAC(hash_alg) \
884 (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
886 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
887 (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
899 #define PSA_ALG_IS_HMAC(alg) \
900 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
910 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000)
911 #define PSA_MAC_TRUNCATION_OFFSET 16
919 #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
954 #define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
955 (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
956 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
957 ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
971 #define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
972 ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
973 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
986 #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
987 (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
1013 #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
1014 ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
1015 PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG )
1017 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000)
1023 #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
1025 #define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
1035 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
1036 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1037 PSA_ALG_CIPHER_MAC_BASE)
1039 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
1040 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
1054 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
1055 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1056 (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1064 #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
1073 #define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000)
1079 #define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100)
1085 #define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200)
1093 #define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00)
1113 #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400)
1122 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000)
1130 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100)
1132 #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
1143 #define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1144 (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1145 (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1151 #define PSA_ALG_CCM ((psa_algorithm_t)0x05500100)
1157 #define PSA_ALG_GCM ((psa_algorithm_t)0x05500200)
1168 #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
1174 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000)
1175 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
1183 #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
1203 #define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1204 (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1205 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1206 ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1207 PSA_ALG_AEAD_TAG_LENGTH_MASK))
1219 #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1220 (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1221 PSA_AEAD_TAG_LENGTH_OFFSET )
1231 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1233 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1234 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1235 PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1237 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1238 PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1239 PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1266 #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1267 ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1268 PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG )
1270 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200)
1286 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1287 (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1294 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1295 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1296 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1298 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300)
1299 #define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t)0x06001300)
1318 #define PSA_ALG_RSA_PSS(hash_alg) \
1319 (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1336 #define PSA_ALG_RSA_PSS_ANY_SALT(hash_alg) \
1337 (PSA_ALG_RSA_PSS_ANY_SALT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1350 #define PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) \
1351 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1364 #define PSA_ALG_IS_RSA_PSS_ANY_SALT(alg) \
1365 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_ANY_SALT_BASE)
1382 #define PSA_ALG_IS_RSA_PSS(alg) \
1383 (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
1384 PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
1386 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600)
1407 #define PSA_ALG_ECDSA(hash_alg) \
1408 (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1418 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1419 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700)
1442 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1443 (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1444 #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100)
1445 #define PSA_ALG_IS_ECDSA(alg) \
1446 (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1448 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1449 (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1450 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1451 (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1452 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1453 (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1483 #define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800)
1485 #define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900)
1486 #define PSA_ALG_IS_HASH_EDDSA(alg) \
1487 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
1510 #define PSA_ALG_ED25519PH \
1511 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
1535 #define PSA_ALG_ED448PH \
1536 (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
1541 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
1560 #define PSA_ALG_IS_SIGN_HASH(alg) \
1561 (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1562 PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \
1563 PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
1576 #define PSA_ALG_IS_SIGN_MESSAGE(alg) \
1577 (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA )
1605 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1606 (PSA_ALG_IS_SIGN_HASH(alg) && \
1607 ((alg) & PSA_ALG_HASH_MASK) != 0)
1627 #define PSA_ALG_SIGN_GET_HASH(alg) \
1628 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1629 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1634 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200)
1636 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300)
1651 #define PSA_ALG_RSA_OAEP(hash_alg) \
1652 (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1653 #define PSA_ALG_IS_RSA_OAEP(alg) \
1654 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1655 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1656 (PSA_ALG_IS_RSA_OAEP(alg) ? \
1657 ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1660 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100)
1681 #define PSA_ALG_HKDF(hash_alg) \
1682 (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1694 #define PSA_ALG_IS_HKDF(alg) \
1695 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1696 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1697 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1699 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200)
1726 #define PSA_ALG_TLS12_PRF(hash_alg) \
1727 (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1737 #define PSA_ALG_IS_TLS12_PRF(alg) \
1738 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
1739 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
1740 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1742 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300)
1772 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
1773 (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1783 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
1784 (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
1785 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
1786 (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1788 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff)
1789 #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)
1805 #define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
1806 ((ka_alg) | (kdf_alg))
1808 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
1809 (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
1811 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
1812 (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
1828 #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
1829 (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
1830 PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
1832 #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
1833 ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
1842 #define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000)
1856 #define PSA_ALG_IS_FFDH(alg) \
1857 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
1884 #define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000)
1900 #define PSA_ALG_IS_ECDH(alg) \
1901 (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
1916 #define PSA_ALG_IS_WILDCARD(alg) \
1917 (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1918 PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
1919 PSA_ALG_IS_MAC(alg) ? \
1920 (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1921 PSA_ALG_IS_AEAD(alg) ? \
1922 (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
1923 (alg) == PSA_ALG_ANY_HASH)
1942 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
1956 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
1962 #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00)
1968 #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01)
1974 #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff)
1976 #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
1977 ((psa_key_persistence_t)((lifetime) & 0x000000ff))
1979 #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
1980 ((psa_key_location_t)((lifetime) >> 8))
1998 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
1999 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2000 PSA_KEY_PERSISTENCE_VOLATILE)
2019 #define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
2020 (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2021 PSA_KEY_PERSISTENCE_READ_ONLY)
2032 #define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
2033 ((location) << 8 | (persistence))
2042 #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000)
2044 #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000)
2048 #define PSA_KEY_ID_NULL ((psa_key_id_t)0)
2051 #define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001)
2054 #define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff)
2057 #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000)
2060 #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff)
2063 #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
2065 #define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 )
2066 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id )
2067 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 )
2092 return( id1 == id2 );
2108 #define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } )
2109 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).key_id )
2110 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).owner )
2121 .owner = owner_id } );
2146 return( key.
key_id == 0 );
2168 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
2184 #define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002)
2195 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
2206 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
2216 #define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400)
2226 #define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800)
2236 #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000)
2246 #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000)
2250 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000)
2270 #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
2277 #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
2284 #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
2291 #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
2298 #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204)
2319 #define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
2320 (!(((aead_alg_1) ^ (aead_alg_2)) & \
2321 ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
static mbedtls_svc_key_id_t mbedtls_svc_key_id_make(unsigned int unused, psa_key_id_t key_id)
static int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2)
mbedtls_key_owner_id_t owner
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)