mbed-os/psa__util_8h_source.html

/**

 * \file psa_util.h

 *

 * \brief Utility functions for the use of the PSA Crypto library.

 *

 * \warning This function is not part of the public API and may

 *          change at any time.

 */

/*

 *  Copyright The Mbed TLS Contributors

 *  SPDX-License-Identifier: Apache-2.0

 *

 *  Licensed under the Apache License, Version 2.0 (the "License"); you may

 *  not use this file except in compliance with the License.

 *  You may obtain a copy of the License at

 *

 *  http://www.apache.org/licenses/LICENSE-2.0

 *

 *  Unless required by applicable law or agreed to in writing, software

 *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

 *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 *  See the License for the specific language governing permissions and

 *  limitations under the License.

 */


#ifndef MBEDTLS_PSA_UTIL_H

#define MBEDTLS_PSA_UTIL_H


#if !defined(MBEDTLS_CONFIG_FILE)

#include "mbedtls/config.h"

#else

#include MBEDTLS_CONFIG_FILE

#endif


#if defined(MBEDTLS_USE_PSA_CRYPTO)


#include "psa/crypto.h"


#include "mbedtls/ecp.h"

#include "mbedtls/md.h"

#include "mbedtls/pk.h"

#include "mbedtls/oid.h"


#include <string.h>


/* Translations for symmetric crypto. */


static inline psa_key_type_t mbedtls_psa_translate_cipher_type(

    mbedtls_cipher_type_t cipher )

{

    switch( cipher )

    {

        case MBEDTLS_CIPHER_AES_128_CCM:

        case MBEDTLS_CIPHER_AES_192_CCM:

        case MBEDTLS_CIPHER_AES_256_CCM:

        case MBEDTLS_CIPHER_AES_128_GCM:

        case MBEDTLS_CIPHER_AES_192_GCM:

        case MBEDTLS_CIPHER_AES_256_GCM:

        case MBEDTLS_CIPHER_AES_128_CBC:

        case MBEDTLS_CIPHER_AES_192_CBC:

        case MBEDTLS_CIPHER_AES_256_CBC:

            return( PSA_KEY_TYPE_AES );


        /* ARIA not yet supported in PSA. */

        /* case MBEDTLS_CIPHER_ARIA_128_CCM:

           case MBEDTLS_CIPHER_ARIA_192_CCM:

           case MBEDTLS_CIPHER_ARIA_256_CCM:

           case MBEDTLS_CIPHER_ARIA_128_GCM:

           case MBEDTLS_CIPHER_ARIA_192_GCM:

           case MBEDTLS_CIPHER_ARIA_256_GCM:

           case MBEDTLS_CIPHER_ARIA_128_CBC:

           case MBEDTLS_CIPHER_ARIA_192_CBC:

           case MBEDTLS_CIPHER_ARIA_256_CBC:

               return( PSA_KEY_TYPE_ARIA ); */


        default:

            return( 0 );

    }

}


static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(

    mbedtls_cipher_mode_t mode, size_t taglen )

{

    switch( mode )

    {

        case MBEDTLS_MODE_ECB:

            return( PSA_ALG_ECB_NO_PADDING );

        case MBEDTLS_MODE_GCM:

            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) );

        case MBEDTLS_MODE_CCM:

            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) );

        case MBEDTLS_MODE_CBC:

            if( taglen == 0 )

                return( PSA_ALG_CBC_NO_PADDING );

            /* Intentional fallthrough for taglen != 0 */

            /* fallthrough */

        default:

            return( 0 );

    }

}


static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(

    mbedtls_operation_t op )

{

    switch( op )

    {

        case MBEDTLS_ENCRYPT:

            return( PSA_KEY_USAGE_ENCRYPT );

        case MBEDTLS_DECRYPT:

            return( PSA_KEY_USAGE_DECRYPT );

        default:

            return( 0 );

    }

}


/* Translations for hashing. */


static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )

{

    switch( md_alg )

    {

#if defined(MBEDTLS_MD2_C)

    case MBEDTLS_MD_MD2:

        return( PSA_ALG_MD2 );

#endif

#if defined(MBEDTLS_MD4_C)

    case MBEDTLS_MD_MD4:

        return( PSA_ALG_MD4 );

#endif

#if defined(MBEDTLS_MD5_C)

    case MBEDTLS_MD_MD5:

        return( PSA_ALG_MD5 );

#endif

#if defined(MBEDTLS_SHA1_C)

    case MBEDTLS_MD_SHA1:

        return( PSA_ALG_SHA_1 );

#endif

#if defined(MBEDTLS_SHA256_C)

    case MBEDTLS_MD_SHA224:

        return( PSA_ALG_SHA_224 );

    case MBEDTLS_MD_SHA256:

        return( PSA_ALG_SHA_256 );

#endif

#if defined(MBEDTLS_SHA512_C)

    case MBEDTLS_MD_SHA384:

        return( PSA_ALG_SHA_384 );

    case MBEDTLS_MD_SHA512:

        return( PSA_ALG_SHA_512 );

#endif

#if defined(MBEDTLS_RIPEMD160_C)

    case MBEDTLS_MD_RIPEMD160:

        return( PSA_ALG_RIPEMD160 );

#endif

    case MBEDTLS_MD_NONE:  /* Intentional fallthrough */

    default:

        return( 0 );

    }

}


/* Translations for ECC. */


static inline int mbedtls_psa_get_ecc_oid_from_id(

    psa_ecc_family_t curve, size_t bits,

    char const **oid, size_t *oid_len )

{

    switch( curve )

    {

        case PSA_ECC_FAMILY_SECP_R1:

            switch( bits )

            {

#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)

                case 192:

                    *oid = MBEDTLS_OID_EC_GRP_SECP192R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */

#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)

                case 224:

                    *oid = MBEDTLS_OID_EC_GRP_SECP224R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */

#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)

                case 256:

                    *oid = MBEDTLS_OID_EC_GRP_SECP256R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */

#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)

                case 384:

                    *oid = MBEDTLS_OID_EC_GRP_SECP384R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */

#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)

                case 521:

                    *oid = MBEDTLS_OID_EC_GRP_SECP521R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */

            }

            break;

        case PSA_ECC_FAMILY_SECP_K1:

            switch( bits )

            {

#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)

                case 192:

                    *oid = MBEDTLS_OID_EC_GRP_SECP192K1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */

#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)

                case 224:

                    *oid = MBEDTLS_OID_EC_GRP_SECP224K1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */

#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)

                case 256:

                    *oid = MBEDTLS_OID_EC_GRP_SECP256K1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */

            }

            break;

        case PSA_ECC_FAMILY_BRAINPOOL_P_R1:

            switch( bits )

            {

#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)

                case 256:

                    *oid = MBEDTLS_OID_EC_GRP_BP256R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */

#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)

                case 384:

                    *oid = MBEDTLS_OID_EC_GRP_BP384R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */

#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)

                case 512:

                    *oid = MBEDTLS_OID_EC_GRP_BP512R1;

                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 );

                    return( 0 );

#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */

            }

            break;

    }

    (void) oid;

    (void) oid_len;

    return( -1 );

}


#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1


#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */


#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */


#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */


#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */


#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */


#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */


#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */


#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */


#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */


#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */


#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)

#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )

#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH

#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )

#endif

#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */


/* Translations for PK layer */


static inline int mbedtls_psa_err_translate_pk( psa_status_t status )

{

    switch( status )

    {

        case PSA_SUCCESS:

            return( 0 );

        case PSA_ERROR_NOT_SUPPORTED:

            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );

        case PSA_ERROR_INSUFFICIENT_MEMORY:

            return( MBEDTLS_ERR_PK_ALLOC_FAILED );

        case PSA_ERROR_INSUFFICIENT_ENTROPY:

            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );

        case PSA_ERROR_BAD_STATE:

            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );

        /* All other failures */

        case PSA_ERROR_COMMUNICATION_FAILURE:

        case PSA_ERROR_HARDWARE_FAILURE:

        case PSA_ERROR_CORRUPTION_DETECTED:

            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );

        default: /* We return the same as for the 'other failures',

                  * but list them separately nonetheless to indicate

                  * which failure conditions we have considered. */

            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );

    }

}


/* Translations for ECC */


/* This function transforms an ECC group identifier from

 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8

 * into a PSA ECC group identifier. */

#if defined(MBEDTLS_ECP_C)

static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(

    uint16_t tls_ecc_grp_reg_id, size_t *bits )

{

    const mbedtls_ecp_curve_info *curve_info =

        mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );

    if( curve_info == NULL )

        return( 0 );

    return( PSA_KEY_TYPE_ECC_KEY_PAIR(

                mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) );

}

#endif /* MBEDTLS_ECP_C */


/* This function takes a buffer holding an EC public key

 * exported through psa_export_public_key(), and converts

 * it into an ECPoint structure to be put into a ClientKeyExchange

 * message in an ECDHE exchange.

 *

 * Both the present and the foreseeable future format of EC public keys

 * used by PSA have the ECPoint structure contained in the exported key

 * as a subbuffer, and the function merely selects this subbuffer instead

 * of making a copy.

 */

static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src,

                                                     size_t srclen,

                                                     unsigned char **dst,

                                                     size_t *dstlen )

{

    *dst = src;

    *dstlen = srclen;

    return( 0 );

}


/* This function takes a buffer holding an ECPoint structure

 * (as contained in a TLS ServerKeyExchange message for ECDHE

 * exchanges) and converts it into a format that the PSA key

 * agreement API understands.

 */

static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src,

                                                     size_t srclen,

                                                     unsigned char *dst,

                                                     size_t dstlen,

                                                     size_t *olen )

{

    if( srclen > dstlen )

        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );


    memcpy( dst, src, srclen );

    *olen = srclen;

    return( 0 );

}


#endif /* MBEDTLS_USE_PSA_CRYPTO */


#endif /* MBEDTLS_PSA_UTIL_H */

config.h
Configuration options (set of defines)

crypto.h
Platform Security Architecture cryptography module.

PSA_KEY_TYPE_ECC_KEY_PAIR
#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve)
Elliptic curve key pair.
Definition: crypto_values.h:432

PSA_ALG_GCM
#define PSA_ALG_GCM
The GCM authenticated encryption algorithm.
Definition: crypto_values.h:1037

PSA_ALG_SHA_224
#define PSA_ALG_SHA_224
SHA2-224.
Definition: crypto_values.h:733

PSA_ALG_SHA_1
#define PSA_ALG_SHA_1
SHA1.
Definition: crypto_values.h:731

PSA_ECC_FAMILY_SECP_R1
#define PSA_ECC_FAMILY_SECP_R1
SEC random curves over prime fields.
Definition: crypto_values.h:479

PSA_ALG_SHA_384
#define PSA_ALG_SHA_384
SHA2-384.
Definition: crypto_values.h:737

PSA_ECC_FAMILY_SECP_K1
#define PSA_ECC_FAMILY_SECP_K1
SEC Koblitz curves over prime fields.
Definition: crypto_values.h:469

PSA_ALG_AEAD_WITH_TAG_LENGTH
#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length)
Macro to build a shortened AEAD algorithm.
Definition: crypto_values.h:1075

PSA_ALG_SHA_256
#define PSA_ALG_SHA_256
SHA2-256.
Definition: crypto_values.h:735

psa_key_type_t
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:66

PSA_ALG_RIPEMD160
#define PSA_ALG_RIPEMD160
PSA_ALG_RIPEMD160.
Definition: crypto_values.h:729

PSA_KEY_TYPE_AES
#define PSA_KEY_TYPE_AES
Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
Definition: crypto_values.h:384

PSA_ALG_MD4
#define PSA_ALG_MD4
MD4.
Definition: crypto_values.h:725

PSA_ALG_MD2
#define PSA_ALG_MD2
MD2.
Definition: crypto_values.h:723

PSA_ALG_ECB_NO_PADDING
#define PSA_ALG_ECB_NO_PADDING
The Electronic Code Book (ECB) mode of a block cipher, with no padding.
Definition: crypto_values.h:993

PSA_ECC_FAMILY_BRAINPOOL_P_R1
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
Brainpool P random curves.
Definition: crypto_values.h:520

PSA_ALG_CCM
#define PSA_ALG_CCM
The CCM authenticated encryption algorithm.
Definition: crypto_values.h:1031

psa_algorithm_t
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:98

PSA_ALG_CBC_NO_PADDING
#define PSA_ALG_CBC_NO_PADDING
The CBC block cipher chaining mode, with no padding.
Definition: crypto_values.h:1002

PSA_ALG_MD5
#define PSA_ALG_MD5
MD5.
Definition: crypto_values.h:727

psa_ecc_family_t
uint8_t psa_ecc_family_t
The type of PSA elliptic curve family identifiers.
Definition: crypto_types.h:77

PSA_ALG_SHA_512
#define PSA_ALG_SHA_512
SHA2-512.
Definition: crypto_values.h:739

psa_status_t
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:55

PSA_ERROR_HARDWARE_FAILURE
#define PSA_ERROR_HARDWARE_FAILURE
A hardware failure was detected.
Definition: crypto_values.h:188

PSA_ERROR_CORRUPTION_DETECTED
#define PSA_ERROR_CORRUPTION_DETECTED
A tampering attempt was detected.
Definition: crypto_values.h:219

PSA_ERROR_NOT_SUPPORTED
#define PSA_ERROR_NOT_SUPPORTED
The requested operation or a parameter is not supported by this implementation.
Definition: crypto_values.h:61

PSA_SUCCESS
#define PSA_SUCCESS
The action was completed successfully.
Definition: crypto_values.h:45

PSA_ERROR_INSUFFICIENT_ENTROPY
#define PSA_ERROR_INSUFFICIENT_ENTROPY
There is not enough entropy to generate random data needed for the requested action.
Definition: crypto_values.h:238

PSA_ERROR_COMMUNICATION_FAILURE
#define PSA_ERROR_COMMUNICATION_FAILURE
There was a communication failure inside the implementation.
Definition: crypto_values.h:157

PSA_ERROR_INSUFFICIENT_MEMORY
#define PSA_ERROR_INSUFFICIENT_MEMORY
There is not enough runtime memory.
Definition: crypto_values.h:131

PSA_ERROR_BAD_STATE
#define PSA_ERROR_BAD_STATE
The requested action cannot be performed in the current state.
Definition: crypto_values.h:114

MBEDTLS_OID_SIZE
#define MBEDTLS_OID_SIZE(x)
Returns the size of the binary string, without the trailing \0.
Definition: asn1.h:122

mbedtls_cipher_type_t
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:109

mbedtls_operation_t
mbedtls_operation_t
Type of operation.
Definition: cipher.h:219

mbedtls_cipher_mode_t
mbedtls_cipher_mode_t
Supported cipher modes.
Definition: cipher.h:193

MBEDTLS_CIPHER_AES_128_CBC
@ MBEDTLS_CIPHER_AES_128_CBC
AES cipher with 128-bit CBC mode.
Definition: cipher.h:115

MBEDTLS_CIPHER_AES_192_GCM
@ MBEDTLS_CIPHER_AES_192_GCM
AES cipher with 192-bit GCM mode.
Definition: cipher.h:125

MBEDTLS_CIPHER_AES_192_CCM
@ MBEDTLS_CIPHER_AES_192_CCM
AES cipher with 192-bit CCM mode.
Definition: cipher.h:154

MBEDTLS_CIPHER_AES_256_GCM
@ MBEDTLS_CIPHER_AES_256_GCM
AES cipher with 256-bit GCM mode.
Definition: cipher.h:126

MBEDTLS_CIPHER_AES_256_CCM
@ MBEDTLS_CIPHER_AES_256_CCM
AES cipher with 256-bit CCM mode.
Definition: cipher.h:155

MBEDTLS_CIPHER_AES_128_GCM
@ MBEDTLS_CIPHER_AES_128_GCM
AES cipher with 128-bit GCM mode.
Definition: cipher.h:124

MBEDTLS_CIPHER_AES_192_CBC
@ MBEDTLS_CIPHER_AES_192_CBC
AES cipher with 192-bit CBC mode.
Definition: cipher.h:116

MBEDTLS_CIPHER_AES_128_CCM
@ MBEDTLS_CIPHER_AES_128_CCM
AES cipher with 128-bit CCM mode.
Definition: cipher.h:153

MBEDTLS_CIPHER_AES_256_CBC
@ MBEDTLS_CIPHER_AES_256_CBC
AES cipher with 256-bit CBC mode.
Definition: cipher.h:117

MBEDTLS_DECRYPT
@ MBEDTLS_DECRYPT
Operation type for decryption.
Definition: cipher.h:221

MBEDTLS_ENCRYPT
@ MBEDTLS_ENCRYPT
Operation type for encryption.
Definition: cipher.h:222

MBEDTLS_MODE_ECB
@ MBEDTLS_MODE_ECB
The ECB cipher mode.
Definition: cipher.h:195

MBEDTLS_MODE_CCM
@ MBEDTLS_MODE_CCM
The CCM cipher mode.
Definition: cipher.h:202

MBEDTLS_MODE_GCM
@ MBEDTLS_MODE_GCM
The GCM cipher mode.
Definition: cipher.h:200

MBEDTLS_MODE_CBC
@ MBEDTLS_MODE_CBC
The CBC cipher mode.
Definition: cipher.h:196

MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
The buffer is too small to write to.
Definition: mbedtls/include/mbedtls/ecp.h:56

MBEDTLS_ERR_ECP_RANDOM_FAILED
#define MBEDTLS_ERR_ECP_RANDOM_FAILED
Generation of random value, such as ephemeral key, failed.
Definition: mbedtls/include/mbedtls/ecp.h:60

mbedtls_ecp_curve_info_from_tls_id
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
This function retrieves curve information from a TLS NamedCurve value.

mbedtls_md_type_t
mbedtls_md_type_t
Supported message digests.
Definition: md.h:64

MBEDTLS_MD_SHA512
@ MBEDTLS_MD_SHA512
The SHA-512 message digest.
Definition: md.h:73

MBEDTLS_MD_MD5
@ MBEDTLS_MD_MD5
The MD5 message digest.
Definition: md.h:68

MBEDTLS_MD_RIPEMD160
@ MBEDTLS_MD_RIPEMD160
The RIPEMD-160 message digest.
Definition: md.h:74

MBEDTLS_MD_SHA384
@ MBEDTLS_MD_SHA384
The SHA-384 message digest.
Definition: md.h:72

MBEDTLS_MD_NONE
@ MBEDTLS_MD_NONE
None.
Definition: md.h:65

MBEDTLS_MD_SHA256
@ MBEDTLS_MD_SHA256
The SHA-256 message digest.
Definition: md.h:71

MBEDTLS_MD_SHA224
@ MBEDTLS_MD_SHA224
The SHA-224 message digest.
Definition: md.h:70

MBEDTLS_MD_SHA1
@ MBEDTLS_MD_SHA1
The SHA-1 message digest.
Definition: md.h:69

MBEDTLS_MD_MD4
@ MBEDTLS_MD_MD4
The MD4 message digest.
Definition: md.h:67

MBEDTLS_MD_MD2
@ MBEDTLS_MD_MD2
The MD2 message digest.
Definition: md.h:66

PSA_KEY_USAGE_ENCRYPT
#define PSA_KEY_USAGE_ENCRYPT
Whether the key may be used to encrypt a message.
Definition: crypto_values.h:1805

psa_key_usage_t
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:260

PSA_KEY_USAGE_DECRYPT
#define PSA_KEY_USAGE_DECRYPT
Whether the key may be used to decrypt a message.
Definition: crypto_values.h:1816

ecp.h
This file provides an API for Elliptic Curves over GF(P) (ECP).

md.h
This file contains the generic message-digest wrapper.

oid.h
Object Identifier (OID) database.

pk.h
Public Key abstraction layer.

MBEDTLS_ERR_PK_HW_ACCEL_FAILED
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED
PK hardware accelerator failed.
Definition: pk.h:71

MBEDTLS_ERR_PK_BAD_INPUT_DATA
#define MBEDTLS_ERR_PK_BAD_INPUT_DATA
Bad input parameters to function.
Definition: pk.h:57

MBEDTLS_ERR_PK_ALLOC_FAILED
#define MBEDTLS_ERR_PK_ALLOC_FAILED
Memory allocation failed.
Definition: pk.h:55

MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
Unavailable feature, e.g.
Definition: pk.h:67

mbedtls_ecp_curve_info
Curve information, for use by other modules.
Definition: mbedtls/include/mbedtls/ecp.h:155

mbedtls_ecp_curve_info::grp_id
mbedtls_ecp_group_id grp_id
Definition: mbedtls/include/mbedtls/ecp.h:156