28 #ifndef PSA_CRYPTO_SIZES_H
29 #define PSA_CRYPTO_SIZES_H
40 #define PSA_BITS_TO_BYTES(bits) (((bits) + 7u) / 8u)
41 #define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8u)
42 #define PSA_MAX_OF_THREE(a, b, c) ((a) <= (b) ? (b) <= (c) ? \
43 (c) : (b) : (a) <= (c) ? (c) : (a))
45 #define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \
46 (((length) + (block_size) - 1) / (block_size) * (block_size))
60 #define PSA_HASH_LENGTH(alg) \
62 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16u : \
63 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20u : \
64 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20u : \
65 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28u : \
66 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32u : \
67 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48u : \
68 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64u : \
69 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28u : \
70 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32u : \
71 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28u : \
72 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32u : \
73 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48u : \
74 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64u : \
92 #define PSA_HASH_BLOCK_LENGTH(alg) \
94 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 64u : \
95 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 64u : \
96 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 64u : \
97 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 64u : \
98 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 64u : \
99 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 128u : \
100 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 128u : \
101 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 128u : \
102 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 128u : \
103 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 144u : \
104 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 136u : \
105 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 104u : \
106 PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 72u : \
121 #if defined(PSA_WANT_ALG_SHA3_224)
122 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 144u
123 #elif defined(PSA_WANT_ALG_SHA3_256)
124 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 136u
125 #elif defined(PSA_WANT_ALG_SHA_512)
126 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128u
127 #elif defined(PSA_WANT_ALG_SHA_384)
128 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128u
129 #elif defined(PSA_WANT_ALG_SHA3_384)
130 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 104u
131 #elif defined(PSA_WANT_ALG_SHA3_512)
132 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 72u
133 #elif defined(PSA_WANT_ALG_SHA_256)
134 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64u
135 #elif defined(PSA_WANT_ALG_SHA_224)
136 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64u
138 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64u
141 #if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA3_512)
142 #define PSA_HASH_MAX_SIZE 64u
143 #elif defined(PSA_WANT_ALG_SHA_384) || defined(PSA_WANT_ALG_SHA3_384)
144 #define PSA_HASH_MAX_SIZE 48u
145 #elif defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA3_256)
146 #define PSA_HASH_MAX_SIZE 32u
147 #elif defined(PSA_WANT_ALG_SHA_224) || defined(PSA_WANT_ALG_SHA3_224)
148 #define PSA_HASH_MAX_SIZE 28u
150 #define PSA_HASH_MAX_SIZE 20u
165 #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
188 #define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \
189 (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
190 PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
191 ((void) (key_bits), 0u))
197 #define PSA_AEAD_TAG_MAX_SIZE 16u
212 #define PSA_VENDOR_RSA_MAX_KEY_BITS 4096u
220 #if defined(MBEDTLS_RSA_GEN_KEY_MIN_BITS)
221 #define PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS MBEDTLS_RSA_GEN_KEY_MIN_BITS
223 #define PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS 1024
228 #if defined(PSA_WANT_DH_RFC7919_8192)
229 #define PSA_VENDOR_FFDH_MAX_KEY_BITS 8192u
230 #elif defined(PSA_WANT_DH_RFC7919_6144)
231 #define PSA_VENDOR_FFDH_MAX_KEY_BITS 6144u
232 #elif defined(PSA_WANT_DH_RFC7919_4096)
233 #define PSA_VENDOR_FFDH_MAX_KEY_BITS 4096u
234 #elif defined(PSA_WANT_DH_RFC7919_3072)
235 #define PSA_VENDOR_FFDH_MAX_KEY_BITS 3072u
236 #elif defined(PSA_WANT_DH_RFC7919_2048)
237 #define PSA_VENDOR_FFDH_MAX_KEY_BITS 2048u
239 #define PSA_VENDOR_FFDH_MAX_KEY_BITS 0u
244 #if defined(PSA_WANT_ECC_SECP_R1_521)
245 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 521u
246 #elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
247 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 512u
248 #elif defined(PSA_WANT_ECC_MONTGOMERY_448)
249 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 448u
250 #elif defined(PSA_WANT_ECC_SECP_R1_384)
251 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 384u
252 #elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
253 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 384u
254 #elif defined(PSA_WANT_ECC_SECP_R1_256)
255 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 256u
256 #elif defined(PSA_WANT_ECC_SECP_K1_256)
257 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 256u
258 #elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
259 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 256u
260 #elif defined(PSA_WANT_ECC_MONTGOMERY_255)
261 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 255u
262 #elif defined(PSA_WANT_ECC_SECP_R1_224)
263 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 224u
264 #elif defined(PSA_WANT_ECC_SECP_K1_224)
265 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 224u
266 #elif defined(PSA_WANT_ECC_SECP_R1_192)
267 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 192u
268 #elif defined(PSA_WANT_ECC_SECP_K1_192)
269 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 192u
271 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 0u
289 #define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE 128u
293 #define PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE 65u
298 #define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE 32u
302 #define PSA_VENDOR_PBKDF2_MAX_ITERATIONS 0xffffffffU
305 #define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16u
328 #define PSA_MAC_LENGTH(key_type, key_bits, alg) \
329 ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
330 PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \
331 PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
332 ((void) (key_type), (void) (key_bits), 0u))
360 #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \
361 (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
362 (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
383 #define PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(plaintext_length) \
384 ((plaintext_length) + PSA_AEAD_TAG_MAX_SIZE)
413 #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \
414 (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
415 (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
416 (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
437 #define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length) \
465 #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
466 (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
467 MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13u : \
468 MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12u : \
470 (key_type) == PSA_KEY_TYPE_CHACHA20 && \
471 MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12u : \
485 #define PSA_AEAD_NONCE_MAX_SIZE 13u
517 #define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
518 (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
519 PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
520 PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
534 #define PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(input_length) \
535 (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)))
558 #define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \
559 (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
560 PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
561 PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
569 #define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
592 #define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \
593 (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
594 PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
595 PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
603 #define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
605 #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \
606 (PSA_ALG_IS_RSA_OAEP(alg) ? \
607 2u * PSA_HASH_LENGTH(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1u : \
618 #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \
619 (PSA_BITS_TO_BYTES(curve_bits) * 2u)
646 #define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
647 (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
648 PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
651 #define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \
652 PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
661 #define PSA_SIGNATURE_MAX_SIZE 1
663 #if (defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)) && \
664 (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE > PSA_SIGNATURE_MAX_SIZE)
665 #undef PSA_SIGNATURE_MAX_SIZE
666 #define PSA_SIGNATURE_MAX_SIZE PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE
668 #if (defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) || defined(PSA_WANT_ALG_RSA_PSS)) && \
669 (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_SIGNATURE_MAX_SIZE)
670 #undef PSA_SIGNATURE_MAX_SIZE
671 #define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS)
699 #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
700 (PSA_KEY_TYPE_IS_RSA(key_type) ? \
701 ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
710 #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE \
711 (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
738 #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
739 (PSA_KEY_TYPE_IS_RSA(key_type) ? \
740 PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \
750 #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE \
751 (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
763 #define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits) \
777 #define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \
778 (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11u)
802 #define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) \
803 (9u * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2u + 1u) + 14u)
821 #define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) \
822 (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 59u)
840 #define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) \
841 (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 75u)
853 #define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \
854 (2u * PSA_BITS_TO_BYTES(key_bits) + 1u)
860 #define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \
861 (PSA_BITS_TO_BYTES(key_bits))
867 #define PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(key_bits) \
868 (PSA_BITS_TO_BYTES(key_bits))
872 #define PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(key_bits) \
873 (PSA_BITS_TO_BYTES(key_bits))
914 #define PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) \
915 (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
916 PSA_KEY_TYPE_IS_DH(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
917 (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \
918 (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
919 (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \
920 (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
921 PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \
922 PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
970 #define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits) \
971 (PSA_KEY_TYPE_IS_RSA(key_type) ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
972 PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
973 PSA_KEY_TYPE_IS_DH(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
984 #define PSA_EXPORT_KEY_PAIR_MAX_SIZE 1
986 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
987 (PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \
988 PSA_EXPORT_KEY_PAIR_MAX_SIZE)
989 #undef PSA_EXPORT_KEY_PAIR_MAX_SIZE
990 #define PSA_EXPORT_KEY_PAIR_MAX_SIZE \
991 PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
993 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) && \
994 (PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \
995 PSA_EXPORT_KEY_PAIR_MAX_SIZE)
996 #undef PSA_EXPORT_KEY_PAIR_MAX_SIZE
997 #define PSA_EXPORT_KEY_PAIR_MAX_SIZE \
998 PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS)
1000 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \
1001 (PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) > \
1002 PSA_EXPORT_KEY_PAIR_MAX_SIZE)
1003 #undef PSA_EXPORT_KEY_PAIR_MAX_SIZE
1004 #define PSA_EXPORT_KEY_PAIR_MAX_SIZE \
1005 PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS)
1017 #define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE 1
1019 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
1020 (PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \
1021 PSA_EXPORT_PUBLIC_KEY_MAX_SIZE)
1022 #undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
1023 #define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \
1024 PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
1026 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) && \
1027 (PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \
1028 PSA_EXPORT_PUBLIC_KEY_MAX_SIZE)
1029 #undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
1030 #define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \
1031 PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS)
1033 #if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \
1034 (PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) > \
1035 PSA_EXPORT_PUBLIC_KEY_MAX_SIZE)
1036 #undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
1037 #define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \
1038 PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS)
1041 #define PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE \
1042 ((PSA_EXPORT_KEY_PAIR_MAX_SIZE > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) ? \
1043 PSA_EXPORT_KEY_PAIR_MAX_SIZE : PSA_EXPORT_PUBLIC_KEY_MAX_SIZE)
1068 #define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits) \
1069 ((PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) || \
1070 PSA_KEY_TYPE_IS_DH_KEY_PAIR(key_type)) ? PSA_BITS_TO_BYTES(key_bits) : 0u)
1079 #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE 1
1081 #if defined(PSA_WANT_ALG_ECDH) && \
1082 (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE)
1083 #undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
1084 #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)
1086 #if defined(PSA_WANT_ALG_FFDH) && \
1087 (PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE)
1088 #undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
1089 #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS)
1104 #if (defined(PSA_WANT_KEY_TYPE_AES) || defined(PSA_WANT_KEY_TYPE_ARIA) || \
1105 defined(PSA_WANT_KEY_TYPE_CAMELLIA) || defined(PSA_WANT_KEY_TYPE_CHACHA20))
1106 #define PSA_CIPHER_MAX_KEY_LENGTH 32u
1107 #elif defined(PSA_WANT_KEY_TYPE_DES)
1108 #define PSA_CIPHER_MAX_KEY_LENGTH 24u
1110 #define PSA_CIPHER_MAX_KEY_LENGTH 0u
1137 #define PSA_CIPHER_IV_LENGTH(key_type, alg) \
1138 (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \
1139 ((alg) == PSA_ALG_CTR || \
1140 (alg) == PSA_ALG_CFB || \
1141 (alg) == PSA_ALG_OFB || \
1142 (alg) == PSA_ALG_XTS || \
1143 (alg) == PSA_ALG_CBC_NO_PADDING || \
1144 (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
1145 (key_type) == PSA_KEY_TYPE_CHACHA20 && \
1146 (alg) == PSA_ALG_STREAM_CIPHER ? 12u : \
1147 (alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13u : \
1154 #define PSA_CIPHER_IV_MAX_SIZE 16u
1179 #define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \
1180 (alg == PSA_ALG_CBC_PKCS7 ? \
1181 (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
1182 PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
1183 (input_length) + 1u) + \
1184 PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0u) : \
1185 (PSA_ALG_IS_CIPHER(alg) ? \
1186 (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \
1200 #define PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input_length) \
1201 (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \
1202 (input_length) + 1u) + \
1203 PSA_CIPHER_IV_MAX_SIZE)
1224 #define PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_length) \
1225 (PSA_ALG_IS_CIPHER(alg) && \
1226 ((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
1240 #define PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_length) \
1261 #define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
1262 (PSA_ALG_IS_CIPHER(alg) ? \
1263 (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
1264 (((alg) == PSA_ALG_CBC_PKCS7 || \
1265 (alg) == PSA_ALG_CBC_NO_PADDING || \
1266 (alg) == PSA_ALG_ECB_NO_PADDING) ? \
1267 PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
1269 (input_length)) : 0u) : \
1282 #define PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input_length) \
1283 (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, input_length))
1302 #define PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg) \
1303 (PSA_ALG_IS_CIPHER(alg) ? \
1304 (alg == PSA_ALG_CBC_PKCS7 ? \
1305 PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
1314 #define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE \
1315 (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
Build-time PSA configuration info.