mbed TLS v3.4.0
crypto_struct.h
Go to the documentation of this file.
1 
44 /*
45  * Copyright The Mbed TLS Contributors
46  * SPDX-License-Identifier: Apache-2.0
47  *
48  * Licensed under the Apache License, Version 2.0 (the "License"); you may
49  * not use this file except in compliance with the License.
50  * You may obtain a copy of the License at
51  *
52  * http://www.apache.org/licenses/LICENSE-2.0
53  *
54  * Unless required by applicable law or agreed to in writing, software
55  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
56  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
57  * See the License for the specific language governing permissions and
58  * limitations under the License.
59  */
60 
61 #ifndef PSA_CRYPTO_STRUCT_H
62 #define PSA_CRYPTO_STRUCT_H
63 #include "mbedtls/private_access.h"
64 
65 #ifdef __cplusplus
66 extern "C" {
67 #endif
68 
69 /* Include the Mbed TLS configuration file, the way Mbed TLS does it
70  * in each of its header files. */
71 #include "mbedtls/build_info.h"
72 
73 #include "mbedtls/cmac.h"
74 #include "mbedtls/gcm.h"
75 #include "mbedtls/ccm.h"
76 #include "mbedtls/chachapoly.h"
77 
78 /* Include the context definition for the compiled-in drivers for the primitive
79  * algorithms. */
81 
89  unsigned int MBEDTLS_PRIVATE(id);
91 };
92 
93 #define PSA_HASH_OPERATION_INIT { 0, { 0 } }
95 {
97  return v;
98 }
99 
107  unsigned int MBEDTLS_PRIVATE(id);
108 
109  unsigned int MBEDTLS_PRIVATE(iv_required) : 1;
110  unsigned int MBEDTLS_PRIVATE(iv_set) : 1;
111 
112  uint8_t MBEDTLS_PRIVATE(default_iv_length);
113 
115 };
116 
117 #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
119 {
121  return v;
122 }
123 
124 /* Include the context definition for the compiled-in drivers for the composite
125  * algorithms. */
127 
135  unsigned int MBEDTLS_PRIVATE(id);
136  uint8_t MBEDTLS_PRIVATE(mac_size);
137  unsigned int MBEDTLS_PRIVATE(is_sign) : 1;
139 };
140 
141 #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
142 static inline struct psa_mac_operation_s psa_mac_operation_init(void)
143 {
145  return v;
146 }
147 
149 
156  unsigned int MBEDTLS_PRIVATE(id);
157 
160 
161  size_t MBEDTLS_PRIVATE(ad_remaining);
162  size_t MBEDTLS_PRIVATE(body_remaining);
163 
164  unsigned int MBEDTLS_PRIVATE(nonce_set) : 1;
165  unsigned int MBEDTLS_PRIVATE(lengths_set) : 1;
166  unsigned int MBEDTLS_PRIVATE(ad_started) : 1;
167  unsigned int MBEDTLS_PRIVATE(body_started) : 1;
168  unsigned int MBEDTLS_PRIVATE(is_encrypt) : 1;
169 
171 };
172 
173 #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
175 {
177  return v;
178 }
179 
180 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
181  defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
182  defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
183 typedef struct {
184  uint8_t *MBEDTLS_PRIVATE(info);
185  size_t MBEDTLS_PRIVATE(info_length);
186 #if PSA_HASH_MAX_SIZE > 0xff
187 #error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
188 #endif
189  uint8_t MBEDTLS_PRIVATE(offset_in_block);
190  uint8_t MBEDTLS_PRIVATE(block_number);
191  unsigned int MBEDTLS_PRIVATE(state) : 2;
192  unsigned int MBEDTLS_PRIVATE(info_set) : 1;
193  uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
195  struct psa_mac_operation_s MBEDTLS_PRIVATE(hmac);
197 #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF ||
198  MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
199  MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
200 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
201 typedef struct {
204 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
205 
206 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
207  defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
208 typedef enum {
209  PSA_TLS12_PRF_STATE_INIT, /* no input provided */
210  PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
211  PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
212  PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */
213  PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */
214  PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
216 
218 #if PSA_HASH_MAX_SIZE > 0xff
219 #error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
220 #endif
221 
222  /* Indicates how many bytes in the current HMAC block have
223  * not yet been read by the user. */
224  uint8_t MBEDTLS_PRIVATE(left_in_block);
225 
226  /* The 1-based number of the block. */
227  uint8_t MBEDTLS_PRIVATE(block_number);
228 
230 
231  uint8_t *MBEDTLS_PRIVATE(secret);
232  size_t MBEDTLS_PRIVATE(secret_length);
233  uint8_t *MBEDTLS_PRIVATE(seed);
234  size_t MBEDTLS_PRIVATE(seed_length);
235  uint8_t *MBEDTLS_PRIVATE(label);
236  size_t MBEDTLS_PRIVATE(label_length);
237 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
238  uint8_t *MBEDTLS_PRIVATE(other_secret);
239  size_t MBEDTLS_PRIVATE(other_secret_length);
240 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
241 
243 
244  /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */
245  uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
247 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
248  * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
249 
252  unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
253  size_t MBEDTLS_PRIVATE(capacity);
254  union {
255  /* Make the union non-empty even with no supported algorithms. */
256  uint8_t MBEDTLS_PRIVATE(dummy);
257 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
258  defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
259  defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
261 #endif
262 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
263  defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
265 #endif
266 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
268 #endif
269  } MBEDTLS_PRIVATE(ctx);
270 };
271 
272 /* This only zeroes out the first byte in the union, the rest is unspecified. */
273 #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
275  void)
276 {
278  return v;
279 }
280 
285 };
287 
288 #define PSA_KEY_POLICY_INIT { 0, 0, 0 }
289 static inline struct psa_key_policy_s psa_key_policy_init(void)
290 {
291  const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
292  return v;
293 }
294 
295 /* The type used internally for key sizes.
296  * Public interfaces use size_t, but internally we use a smaller type. */
297 typedef uint16_t psa_key_bits_t;
298 /* The maximum value of the type used to represent bit-sizes.
299  * This is used to mark an invalid key size. */
300 #define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) -1)
301 /* The maximum size of a key in bits.
302  * Currently defined as the maximum that can be represented, rounded down
303  * to a whole number of bytes.
304  * This is an uncast value so that it can be used in preprocessor
305  * conditionals. */
306 #define PSA_MAX_KEY_BITS 0xfff8
307 
315 typedef uint16_t psa_key_attributes_flag_t;
316 
317 #define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \
318  ((psa_key_attributes_flag_t) 0x0001)
319 
320 /* A mask of key attribute flags used externally only.
321  * Only meant for internal checks inside the library. */
322 #define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \
323  MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \
324  0)
325 
326 /* A mask of key attribute flags used both internally and externally.
327  * Currently there aren't any. */
328 #define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \
329  0)
330 
331 typedef struct {
333  psa_key_bits_t MBEDTLS_PRIVATE(bits);
337  psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags);
339 
340 #define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, \
341  PSA_KEY_LIFETIME_VOLATILE, \
342  MBEDTLS_SVC_KEY_ID_INIT, \
343  PSA_KEY_POLICY_INIT, 0 }
344 
347 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
349 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
350  void *MBEDTLS_PRIVATE(domain_parameters);
351  size_t MBEDTLS_PRIVATE(domain_parameters_size);
352 };
353 
354 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
355 #define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0 }
356 #else
357 #define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 }
358 #endif
359 
361 {
363  return v;
364 }
365 
366 static inline void psa_set_key_id(psa_key_attributes_t *attributes,
368 {
369  psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
370 
371  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key;
372 
373  if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
374  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) =
378  }
379 }
380 
382  const psa_key_attributes_t *attributes)
383 {
384  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id);
385 }
386 
387 #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
388 static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
389  mbedtls_key_owner_id_t owner)
390 {
391  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner;
392 }
393 #endif
394 
395 static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
396  psa_key_lifetime_t lifetime)
397 {
398  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = lifetime;
399  if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
400 #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
401  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0;
402 #else
403  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = 0;
404 #endif
405  }
406 }
407 
409  const psa_key_attributes_t *attributes)
410 {
411  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
412 }
413 
414 static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
415 {
416  if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
417  *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
418  }
419 
420  if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
421  *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
422  }
423 }
424 
425 static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
426  psa_key_usage_t usage_flags)
427 {
428  psa_extend_key_usage_flags(&usage_flags);
429  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
430 }
431 
433  const psa_key_attributes_t *attributes)
434 {
435  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage);
436 }
437 
438 static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
439  psa_algorithm_t alg)
440 {
441  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg;
442 }
443 
445  const psa_key_attributes_t *attributes)
446 {
447  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
448 }
449 
450 /* This function is declared in crypto_extra.h, which comes after this
451  * header file, but we need the function here, so repeat the declaration. */
453  psa_key_type_t type,
454  const uint8_t *data,
455  size_t data_length);
456 
457 static inline void psa_set_key_type(psa_key_attributes_t *attributes,
458  psa_key_type_t type)
459 {
460  if (attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL) {
461  /* Common case: quick path */
462  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type;
463  } else {
464  /* Call the bigger function to free the old domain parameters.
465  * Ignore any errors which may arise due to type requiring
466  * non-default domain parameters, since this function can't
467  * report errors. */
468  (void) psa_set_key_domain_parameters(attributes, type, NULL, 0);
469  }
470 }
471 
473  const psa_key_attributes_t *attributes)
474 {
475  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type);
476 }
477 
478 static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
479  size_t bits)
480 {
481  if (bits > PSA_MAX_KEY_BITS) {
482  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE;
483  } else {
484  attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits;
485  }
486 }
487 
488 static inline size_t psa_get_key_bits(
489  const psa_key_attributes_t *attributes)
490 {
491  return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits);
492 }
493 
504  unsigned int MBEDTLS_PRIVATE(id);
505 
507 
508  unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
509 
510  uint32_t MBEDTLS_PRIVATE(num_ops);
511 };
512 
513 #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
514 
515 static inline struct psa_sign_hash_interruptible_operation_s
517 {
520 
521  return v;
522 }
523 
534  unsigned int MBEDTLS_PRIVATE(id);
535 
537 
538  unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
539 
540  uint32_t MBEDTLS_PRIVATE(num_ops);
541 };
542 
543 #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
544 
547 {
550 
551  return v;
552 }
553 
554 #ifdef __cplusplus
555 }
556 #endif
557 
558 #endif /* PSA_CRYPTO_STRUCT_H */
static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags)
#define PSA_MAX_KEY_BITS
This file contains the AEAD-ChaCha20-Poly1305 definitions and functions.
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
#define PSA_MAC_OPERATION_INIT
static struct psa_aead_operation_s psa_aead_operation_init(void)
uint16_t psa_key_bits_t
#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT
psa_tls12_prf_key_derivation_state_t
static void psa_set_key_id(psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key)
#define MBEDTLS_PRIVATE(member)
static struct psa_sign_hash_interruptible_operation_s psa_sign_hash_interruptible_operation_init(void)
#define PSA_CIPHER_OPERATION_INIT
This file contains CMAC definitions and functions.
#define PSA_KEY_ATTRIBUTES_INIT
#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)
#define PSA_KEY_USAGE_VERIFY_MESSAGE
static struct psa_key_derivation_s psa_key_derivation_operation_init(void)
#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location)
#define PSA_KEY_USAGE_SIGN_MESSAGE
uint64_t psa_key_slot_number_t
uint16_t psa_key_attributes_flag_t
#define PSA_HASH_MAX_SIZE
Definition: crypto_sizes.h:125
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:139
Macro wrapper for struct's members.
#define PSA_KEY_LIFETIME_PERSISTENT
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:328
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:83
#define PSA_KEY_POLICY_INIT
#define PSA_KEY_DERIVATION_OPERATION_INIT
Build-time configuration info.
#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT
static psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
#define PSA_AEAD_OPERATION_INIT
#define PSA_KEY_BITS_TOO_LARGE
static mbedtls_svc_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
static psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
static struct psa_verify_hash_interruptible_operation_s psa_verify_hash_interruptible_operation_init(void)
#define PSA_HASH_OPERATION_INIT
Definition: crypto_struct.h:93
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:297
static struct psa_mac_operation_s psa_mac_operation_init(void)
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
The context for PSA interruptible hash signing.
This file contains GCM definitions and functions.
static struct psa_key_attributes_s psa_key_attributes_init(void)
struct psa_tls12_prf_key_derivation_s psa_tls12_prf_key_derivation_t
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
static struct psa_cipher_operation_s psa_cipher_operation_init(void)
The context for PSA interruptible hash verification.
static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits)
static void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime)
uint32_t psa_key_lifetime_t
Definition: crypto_types.h:188
static void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:64
static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg)
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type)
#define PSA_KEY_USAGE_VERIFY_HASH
static struct psa_key_policy_s psa_key_policy_init(void)
#define PSA_KEY_USAGE_SIGN_HASH
This file provides an API for the CCM authenticated encryption mode for block ciphers.
static struct psa_hash_operation_s psa_hash_operation_init(void)
Definition: crypto_struct.h:94
#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE
Definition: crypto_sizes.h:249