Mbed TLS v3.6.3
crypto_builtin_key_derivation.h
Go to the documentation of this file.
1 /*
2  * Context structure declaration of the Mbed TLS software-based PSA drivers
3  * called through the PSA Crypto driver dispatch layer.
4  * This file contains the context structures of key derivation algorithms
5  * which need to rely on other algorithms.
6  *
7  * \note This file may not be included directly. Applications must
8  * include psa/crypto.h.
9  *
10  * \note This header and its content are not part of the Mbed TLS API and
11  * applications must not depend on it. Its main purpose is to define the
12  * multi-part state objects of the Mbed TLS software-based PSA drivers. The
13  * definitions of these objects are then used by crypto_struct.h to define the
14  * implementation-defined types of PSA multi-part state objects.
15  */
16 /*
17  * Copyright The Mbed TLS Contributors
18  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
19  */
20 
21 #ifndef PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H
22 #define PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H
23 #include "mbedtls/private_access.h"
24 
26 
27 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
28  defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
29  defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
30 typedef struct {
31  uint8_t *MBEDTLS_PRIVATE(info);
32  size_t MBEDTLS_PRIVATE(info_length);
33 #if PSA_HASH_MAX_SIZE > 0xff
34 #error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
35 #endif
36  uint8_t MBEDTLS_PRIVATE(offset_in_block);
37  uint8_t MBEDTLS_PRIVATE(block_number);
38  unsigned int MBEDTLS_PRIVATE(state) : 2;
39  unsigned int MBEDTLS_PRIVATE(info_set) : 1;
40  uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
42  struct psa_mac_operation_s MBEDTLS_PRIVATE(hmac);
44 #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF ||
45  MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
46  MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
47 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
48 typedef struct {
51 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
52 
53 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
54  defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
55 typedef enum {
56  PSA_TLS12_PRF_STATE_INIT, /* no input provided */
57  PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
58  PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
59  PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */
60  PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */
61  PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
63 
65 #if PSA_HASH_MAX_SIZE > 0xff
66 #error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
67 #endif
68 
69  /* Indicates how many bytes in the current HMAC block have
70  * not yet been read by the user. */
71  uint8_t MBEDTLS_PRIVATE(left_in_block);
72 
73  /* The 1-based number of the block. */
74  uint8_t MBEDTLS_PRIVATE(block_number);
75 
77 
78  uint8_t *MBEDTLS_PRIVATE(secret);
79  size_t MBEDTLS_PRIVATE(secret_length);
80  uint8_t *MBEDTLS_PRIVATE(seed);
81  size_t MBEDTLS_PRIVATE(seed_length);
82  uint8_t *MBEDTLS_PRIVATE(label);
83  size_t MBEDTLS_PRIVATE(label_length);
84 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
85  uint8_t *MBEDTLS_PRIVATE(other_secret);
86  size_t MBEDTLS_PRIVATE(other_secret_length);
87 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
88 
90 
91  /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */
92  uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
94 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
95  * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
96 #if defined(PSA_HAVE_SOFT_PBKDF2)
97 typedef enum {
98  PSA_PBKDF2_STATE_INIT, /* no input provided */
99  PSA_PBKDF2_STATE_INPUT_COST_SET, /* input cost has been set */
100  PSA_PBKDF2_STATE_SALT_SET, /* salt has been set */
101  PSA_PBKDF2_STATE_PASSWORD_SET, /* password has been set */
102  PSA_PBKDF2_STATE_OUTPUT /* output has been started */
103 } psa_pbkdf2_key_derivation_state_t;
104 
105 typedef struct {
106  psa_pbkdf2_key_derivation_state_t MBEDTLS_PRIVATE(state);
107  uint64_t MBEDTLS_PRIVATE(input_cost);
108  uint8_t *MBEDTLS_PRIVATE(salt);
109  size_t MBEDTLS_PRIVATE(salt_length);
111  size_t MBEDTLS_PRIVATE(password_length);
112  uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
113  uint8_t MBEDTLS_PRIVATE(bytes_used);
114  uint32_t MBEDTLS_PRIVATE(block_number);
115 } psa_pbkdf2_key_derivation_t;
116 #endif /* PSA_HAVE_SOFT_PBKDF2 */
117 
118 #endif /* PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H */
struct psa_tls12_prf_key_derivation_s psa_tls12_prf_key_derivation_t
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE
Definition: crypto_sizes.h:122
#define MBEDTLS_PRIVATE(member)
#define PSA_HASH_MAX_SIZE
Definition: crypto_sizes.h:142
Macro wrapper for struct's members.
psa_tls12_prf_key_derivation_state_t
Definitions for all PSA crypto drivers.
#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE
Definition: crypto_sizes.h:298