Mbed TLS v3.6.0
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
crypto_struct.h
Go to the documentation of this file.
1 
44 /*
45  * Copyright The Mbed TLS Contributors
46  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
47  */
48 
49 #ifndef PSA_CRYPTO_STRUCT_H
50 #define PSA_CRYPTO_STRUCT_H
51 #include "mbedtls/private_access.h"
52 
53 #ifdef __cplusplus
54 extern "C" {
55 #endif
56 
57 /*
58  * Include the build-time configuration information header. Here, we do not
59  * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
60  * is basically just an alias to it. This is to ease the maintenance of the
61  * TF-PSA-Crypto repository which has a different build system and
62  * configuration.
63  */
64 #include "build_info.h"
65 
66 /* Include the context definition for the compiled-in drivers for the primitive
67  * algorithms. */
69 
71 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
72  mbedtls_psa_client_handle_t handle;
73 #else
74 
80  unsigned int MBEDTLS_PRIVATE(id);
82 #endif
83 };
84 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
85 #define PSA_HASH_OPERATION_INIT { 0 }
86 #else
87 #define PSA_HASH_OPERATION_INIT { 0, { 0 } }
88 #endif
90 {
92  return v;
93 }
94 
96 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
97  mbedtls_psa_client_handle_t handle;
98 #else
99 
105  unsigned int MBEDTLS_PRIVATE(id);
106 
107  unsigned int MBEDTLS_PRIVATE(iv_required) : 1;
108  unsigned int MBEDTLS_PRIVATE(iv_set) : 1;
109 
110  uint8_t MBEDTLS_PRIVATE(default_iv_length);
111 
113 #endif
114 };
115 
116 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
117 #define PSA_CIPHER_OPERATION_INIT { 0 }
118 #else
119 #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
120 #endif
122 {
124  return v;
125 }
126 
127 /* Include the context definition for the compiled-in drivers for the composite
128  * algorithms. */
130 
132 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
133  mbedtls_psa_client_handle_t handle;
134 #else
135 
141  unsigned int MBEDTLS_PRIVATE(id);
142  uint8_t MBEDTLS_PRIVATE(mac_size);
143  unsigned int MBEDTLS_PRIVATE(is_sign) : 1;
145 #endif
146 };
147 
148 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
149 #define PSA_MAC_OPERATION_INIT { 0 }
150 #else
151 #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
152 #endif
153 static inline struct psa_mac_operation_s psa_mac_operation_init(void)
154 {
156  return v;
157 }
158 
160 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
161  mbedtls_psa_client_handle_t handle;
162 #else
163 
169  unsigned int MBEDTLS_PRIVATE(id);
170 
173 
174  size_t MBEDTLS_PRIVATE(ad_remaining);
175  size_t MBEDTLS_PRIVATE(body_remaining);
176 
177  unsigned int MBEDTLS_PRIVATE(nonce_set) : 1;
178  unsigned int MBEDTLS_PRIVATE(lengths_set) : 1;
179  unsigned int MBEDTLS_PRIVATE(ad_started) : 1;
180  unsigned int MBEDTLS_PRIVATE(body_started) : 1;
181  unsigned int MBEDTLS_PRIVATE(is_encrypt) : 1;
182 
184 #endif
185 };
186 
187 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
188 #define PSA_AEAD_OPERATION_INIT { 0 }
189 #else
190 #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
191 #endif
193 {
195  return v;
196 }
197 
198 /* Include the context definition for the compiled-in drivers for the key
199  * derivation algorithms. */
201 
203 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
204  mbedtls_psa_client_handle_t handle;
205 #else
207  unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
208  size_t MBEDTLS_PRIVATE(capacity);
210 #endif
211 };
212 
213 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
214 #define PSA_KEY_DERIVATION_OPERATION_INIT { 0 }
215 #else
216 /* This only zeroes out the first byte in the union, the rest is unspecified. */
217 #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
218 #endif
220  void)
221 {
223  return v;
224 }
225 
227  /* Future versions may add other fields in this structure. */
228  uint32_t flags;
229  uint8_t data[];
230 };
231 
240 #define PSA_KEY_PRODUCTION_PARAMETERS_INIT { 0 }
241 
246 };
248 
249 #define PSA_KEY_POLICY_INIT { 0, 0, 0 }
250 static inline struct psa_key_policy_s psa_key_policy_init(void)
251 {
252  const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
253  return v;
254 }
255 
256 /* The type used internally for key sizes.
257  * Public interfaces use size_t, but internally we use a smaller type. */
258 typedef uint16_t psa_key_bits_t;
259 /* The maximum value of the type used to represent bit-sizes.
260  * This is used to mark an invalid key size. */
261 #define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) -1)
262 /* The maximum size of a key in bits.
263  * Currently defined as the maximum that can be represented, rounded down
264  * to a whole number of bytes.
265  * This is an uncast value so that it can be used in preprocessor
266  * conditionals. */
267 #define PSA_MAX_KEY_BITS 0xfff8
268 
270 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
272  int MBEDTLS_PRIVATE(has_slot_number);
273 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
275  psa_key_bits_t MBEDTLS_PRIVATE(bits);
278  /* This type has a different layout in the client view wrt the
279  * service view of the key id, i.e. in service view usually is
280  * expected to have MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined
281  * thus adding an owner field to the standard psa_key_id_t. For
282  * implementations with client/service separation, this means the
283  * object will be marshalled through a transport channel and
284  * interpreted differently at each side of the transport. Placing
285  * it at the end of structures allows to interpret the structure
286  * at the client without reorganizing the memory layout of the
287  * struct
288  */
290 };
291 
292 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
293 #define PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER 0, 0,
294 #else
295 #define PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER
296 #endif
297 #define PSA_KEY_ATTRIBUTES_INIT { PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER \
298  PSA_KEY_TYPE_NONE, 0, \
299  PSA_KEY_LIFETIME_VOLATILE, \
300  PSA_KEY_POLICY_INIT, \
301  MBEDTLS_SVC_KEY_ID_INIT }
302 
304 {
306  return v;
307 }
308 
309 static inline void psa_set_key_id(psa_key_attributes_t *attributes,
311 {
312  psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(lifetime);
313 
314  attributes->MBEDTLS_PRIVATE(id) = key;
315 
316  if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
317  attributes->MBEDTLS_PRIVATE(lifetime) =
321  }
322 }
323 
325  const psa_key_attributes_t *attributes)
326 {
327  return attributes->MBEDTLS_PRIVATE(id);
328 }
329 
330 #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
331 static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
333 {
334  attributes->MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner;
335 }
336 #endif
337 
338 static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
339  psa_key_lifetime_t lifetime)
340 {
341  attributes->MBEDTLS_PRIVATE(lifetime) = lifetime;
342  if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
343 #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
344  attributes->MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0;
345 #else
346  attributes->MBEDTLS_PRIVATE(id) = 0;
347 #endif
348  }
349 }
350 
352  const psa_key_attributes_t *attributes)
353 {
354  return attributes->MBEDTLS_PRIVATE(lifetime);
355 }
356 
357 static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
358 {
359  if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
360  *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
361  }
362 
363  if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
364  *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
365  }
366 }
367 
368 static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
369  psa_key_usage_t usage_flags)
370 {
371  psa_extend_key_usage_flags(&usage_flags);
372  attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
373 }
374 
376  const psa_key_attributes_t *attributes)
377 {
378  return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage);
379 }
380 
381 static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
382  psa_algorithm_t alg)
383 {
384  attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg;
385 }
386 
388  const psa_key_attributes_t *attributes)
389 {
390  return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
391 }
392 
393 static inline void psa_set_key_type(psa_key_attributes_t *attributes,
394  psa_key_type_t type)
395 {
396  attributes->MBEDTLS_PRIVATE(type) = type;
397 }
398 
400  const psa_key_attributes_t *attributes)
401 {
402  return attributes->MBEDTLS_PRIVATE(type);
403 }
404 
405 static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
406  size_t bits)
407 {
408  if (bits > PSA_MAX_KEY_BITS) {
409  attributes->MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE;
410  } else {
411  attributes->MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits;
412  }
413 }
414 
415 static inline size_t psa_get_key_bits(
416  const psa_key_attributes_t *attributes)
417 {
418  return attributes->MBEDTLS_PRIVATE(bits);
419 }
420 
425 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
426  mbedtls_psa_client_handle_t handle;
427 #else
428 
434  unsigned int MBEDTLS_PRIVATE(id);
435 
437 
438  unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
439 
440  uint32_t MBEDTLS_PRIVATE(num_ops);
441 #endif
442 };
443 
444 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
445 #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
446 #else
447 #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
448 #endif
449 
450 static inline struct psa_sign_hash_interruptible_operation_s
452 {
455 
456  return v;
457 }
458 
463 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
464  mbedtls_psa_client_handle_t handle;
465 #else
466 
472  unsigned int MBEDTLS_PRIVATE(id);
473 
475 
476  unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
477 
478  uint32_t MBEDTLS_PRIVATE(num_ops);
479 #endif
480 };
481 
482 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
483 #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
484 #else
485 #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
486 #endif
487 
490 {
493 
494  return v;
495 }
496 
497 #ifdef __cplusplus
498 }
499 #endif
500 
501 #endif /* PSA_CRYPTO_STRUCT_H */
static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags)
#define PSA_MAX_KEY_BITS
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
#define PSA_MAC_OPERATION_INIT
static struct psa_aead_operation_s psa_aead_operation_init(void)
uint16_t psa_key_bits_t
#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT
static void psa_set_key_id(psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key)
#define MBEDTLS_PRIVATE(member)
static struct psa_sign_hash_interruptible_operation_s psa_sign_hash_interruptible_operation_init(void)
int32_t mbedtls_key_owner_id_t
#define PSA_CIPHER_OPERATION_INIT
#define PSA_KEY_ATTRIBUTES_INIT
#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)
#define PSA_KEY_USAGE_VERIFY_MESSAGE
static struct psa_key_derivation_s psa_key_derivation_operation_init(void)
#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location)
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)
#define PSA_KEY_USAGE_SIGN_MESSAGE
static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes, mbedtls_key_owner_id_t owner)
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:134
Macro wrapper for struct's members.
#define PSA_KEY_LIFETIME_PERSISTENT
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:323
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:78
#define PSA_KEY_POLICY_INIT
#define PSA_KEY_DERIVATION_OPERATION_INIT
#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT
static psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
#define PSA_AEAD_OPERATION_INIT
#define PSA_KEY_BITS_TOO_LARGE
static mbedtls_svc_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
static psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
static struct psa_verify_hash_interruptible_operation_s psa_verify_hash_interruptible_operation_init(void)
#define PSA_HASH_OPERATION_INIT
Definition: crypto_struct.h:87
static struct psa_mac_operation_s psa_mac_operation_init(void)
The context for PSA interruptible hash signing.
static struct psa_key_attributes_s psa_key_attributes_init(void)
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
static struct psa_cipher_operation_s psa_cipher_operation_init(void)
The context for PSA interruptible hash verification.
static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits)
static void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime)
uint32_t psa_key_lifetime_t
Definition: crypto_types.h:183
Build-time PSA configuration info.
static void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg)
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type)
#define PSA_KEY_USAGE_VERIFY_HASH
static struct psa_key_policy_s psa_key_policy_init(void)
uint64_t psa_key_slot_number_t
Definition: crypto_types.h:441
#define PSA_KEY_USAGE_SIGN_HASH
static struct psa_hash_operation_s psa_hash_operation_init(void)
Definition: crypto_struct.h:89