crypto_values.h
Go to the documentation of this file.
1 
22 /*
23  * Copyright The Mbed TLS Contributors
24  * Copyright 2022-2024, Texas Instruments Incorporated
25  * SPDX-License-Identifier: Apache-2.0
26  *
27  * Licensed under the Apache License, Version 2.0 (the "License"); you may
28  * not use this file except in compliance with the License.
29  * You may obtain a copy of the License at
30  *
31  * http://www.apache.org/licenses/LICENSE-2.0
32  *
33  * Unless required by applicable law or agreed to in writing, software
34  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
35  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
36  * See the License for the specific language governing permissions and
37  * limitations under the License.
38  *
39  * Modified by Texas Instruments to:
40  * - Remove MBEDTLS_PRIVATE() usage
41  * - Comment out 'mbedtls/private_access.h' include
42  * - Add HSM Asset Store key persistence and location
43  * - Add MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER define
44  * - Add PSA_ERROR_KEY_IN_USE, PSA_ERROR_HUK_NOT_PROVISIONED, and
45  * PSA_ERROR_ASSET_STORE_FULL status codes.
46  */
47 
48 #ifndef PSA_CRYPTO_VALUES_H
49 #define PSA_CRYPTO_VALUES_H
50 
51 /* clang-format off */
52 
53 /* Enable key identifiers that encode a key owner identifiers */
54 #if (TFM_ENABLED == 0) || defined(TFM_BUILD)
55 #ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
56 #define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
57 #endif
58 #endif
59 
60 //#include "mbedtls/private_access.h"
61 
66 /* PSA error codes */
67 
68 /* Error codes are standardized across PSA domains (framework, crypto, storage,
69  * etc.). Do not change the values in this section or even the expansions
70  * of each macro: it must be possible to `#include` both this header
71  * and some other PSA component's headers in the same C source,
72  * which will lead to duplicate definitions of the `PSA_SUCCESS` and
73  * `PSA_ERROR_xxx` macros, which is ok if and only if the macros expand
74  * to the same sequence of tokens.
75  *
76  * If you must add a new
77  * value, check with the Arm PSA framework group to pick one that other
78  * domains aren't already using. */
79 
80 /* Tell uncrustify not to touch the constant definitions, otherwise
81  * it might change the spacing to something that is not PSA-compliant
82  * (e.g. adding a space after casts).
83  *
84  * *INDENT-OFF*
85  */
86 
88 #define PSA_SUCCESS ((psa_status_t)0)
89 
92 #define PSA_OPERATION_COMPLETE ((psa_status_t)1)
93 
99 #define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
100 
108 #define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
109 
121 #define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
122 
133 #define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
134 
139 #define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
140 
145 #define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
146 
161 #define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
162 
172 #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
173 
178 #define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
179 
187 #define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
188 
204 #define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
205 
229 #define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
230 
235 #define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
236 
266 #define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
267 
285 #define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
286 
295 #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
296 
311 #define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
312 
315 #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
316 
319 #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
320 
343 #define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
344 
359 #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
360 
370 #define PSA_ERROR_KEY_IN_USE ((psa_status_t)-154)
371 
381 #define PSA_ERROR_HUK_NOT_PROVISIONED ((psa_status_t)-155)
382 
389 #define PSA_ERROR_ASSET_STORE_FULL ((psa_status_t)-158)
390 
396 #define PSA_OPERATION_INCOMPLETE ((psa_status_t)-248)
397 
398 /* *INDENT-ON* */
399 
406 /* Note that key type values, including ECC family and DH group values, are
407  * embedded in the persistent key store, as part of key metadata. As a
408  * consequence, they must not be changed (unless the storage format version
409  * changes).
410  */
411 
416 #define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000)
417 
425 #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000)
426 
427 #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000)
428 #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000)
429 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000)
430 #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000)
431 #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000)
432 
433 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000)
434 
439 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
440  (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
441 
446 #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
447  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
448  ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
449 
451 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
452  (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
453  & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
454  PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
455 
456 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
457  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
458 
460 #define PSA_KEY_TYPE_IS_KEY_PAIR(type) \
461  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
462 
472 #define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \
473  ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
474 
484 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \
485  ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
486 
491 #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001)
492 
501 #define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100)
502 
514 #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200)
515 
537 #define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t) 0x1203)
538 
545 #define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t) 0x1205)
546 
552 #define PSA_KEY_TYPE_PEPPER ((psa_key_type_t) 0x1206)
553 
559 #define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400)
560 
563 #define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406)
564 
574 #define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301)
575 
578 #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403)
579 
591 #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004)
592 
597 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001)
598 
602 #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001)
603 
604 #define PSA_KEY_TYPE_IS_RSA(type) \
605  (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
606 
607 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100)
608 #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100)
609 #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff)
610 
619 #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
620  (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
621 
630 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
631  (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
632 
634 #define PSA_KEY_TYPE_IS_ECC(type) \
635  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
636  ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
637 
638 #define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \
639  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
640  PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
641 
642 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
643  (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
644  PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
645 
647 #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
648  ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
649  ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
650  0))
651 
653 #define PSA_ECC_FAMILY_IS_WEIERSTRASS(family) ((family & 0xc0) == 0)
654 
663 #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
664 
673 #define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
674 /* SECP160R2 (SEC2 v1, obsolete) */
675 #define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
676 
685 #define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
686 
695 #define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
696 
705 #define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
706 
714 #define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
715 
726 #define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
727 
742 #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
743 
744 #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200)
745 #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200)
746 #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff)
747 
752 #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
753  (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
754 
759 #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
760  (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
761 
763 #define PSA_KEY_TYPE_IS_DH(type) \
764  ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \
765  ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
766 
767 #define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \
768  (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
769  PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
770 
771 #define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \
772  (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \
773  PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
774 
776 #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
777  ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
778  ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
779  0))
780 
787 #define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
788 
789 #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \
790  (((type) >> 8) & 7)
791 
809 #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
810  (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
811  1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
812  0u)
813 
814 /* Note that algorithm values are embedded in the persistent key store,
815  * as part of key metadata. As a consequence, they must not be changed
816  * (unless the storage format version changes).
817  */
818 
826 #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000)
827 
828 #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000)
829 #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000)
830 #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000)
831 #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000)
832 #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000)
833 #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000)
834 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000)
835 #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000)
836 #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000)
837 
842 #define PSA_ALG_IS_VENDOR_DEFINED(alg) \
843  (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
844 
853 #define PSA_ALG_IS_HASH(alg) \
854  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
855 
864 #define PSA_ALG_IS_MAC(alg) \
865  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
866 
875 #define PSA_ALG_IS_CIPHER(alg) \
876  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
877 
887 #define PSA_ALG_IS_AEAD(alg) \
888  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
889 
899 #define PSA_ALG_IS_SIGN(alg) \
900  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
901 
911 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
912  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
913 
922 #define PSA_ALG_IS_KEY_AGREEMENT(alg) \
923  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
924 
933 #define PSA_ALG_IS_KEY_DERIVATION(alg) \
934  (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
935 
950 #define PSA_ALG_IS_KEY_DERIVATION_STRETCHING(alg) \
951  (PSA_ALG_IS_KEY_DERIVATION(alg) && \
952  (alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG)
953 
955 /* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
956 #define PSA_ALG_NONE ((psa_algorithm_t)0)
957 /* *INDENT-ON* */
958 
959 #define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff)
960 
961 #define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003)
962 
963 #define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004)
964 
965 #define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005)
966 
967 #define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008)
968 
969 #define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009)
970 
971 #define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a)
972 
973 #define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b)
974 
975 #define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c)
976 
977 #define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d)
978 
979 #define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010)
980 
981 #define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011)
982 
983 #define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012)
984 
985 #define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013)
986 
992 #define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015)
993 
1027 #define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff)
1028 
1029 #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000)
1030 #define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000)
1031 
1042 #define PSA_ALG_HMAC(hash_alg) \
1043  (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1044 
1045 #define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
1046  (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
1047 
1058 #define PSA_ALG_IS_HMAC(alg) \
1059  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1060  PSA_ALG_HMAC_BASE)
1061 
1062 /* In the encoding of a MAC algorithm, the bits corresponding to
1063  * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
1064  * truncated. As an exception, the value 0 means the untruncated algorithm,
1065  * whatever its length is. The length is encoded in 6 bits, so it can
1066  * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
1067  * to full length is correctly encoded as 0 and any non-trivial truncation
1068  * is correctly encoded as a value between 1 and 63. */
1069 #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000)
1070 #define PSA_MAC_TRUNCATION_OFFSET 16
1071 
1072 /* In the encoding of a MAC algorithm, the bit corresponding to
1073  * #PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
1074  * is a wildcard algorithm. A key with such wildcard algorithm as permitted
1075  * algorithm policy can be used with any algorithm corresponding to the
1076  * same base class and having a (potentially truncated) MAC length greater or
1077  * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
1078 #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
1079 
1113 #define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
1114  (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1115  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) | \
1116  ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
1117 
1130 #define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
1131  ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK | \
1132  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
1133 
1145 #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
1146  (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
1147 
1172 #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
1173  (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
1174  PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
1175 
1176 #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000)
1177 
1182 #define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100)
1183 
1184 #define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200)
1185 
1194 #define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
1195  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
1196  PSA_ALG_CIPHER_MAC_BASE)
1197 
1198 #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000)
1199 #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1200 
1213 #define PSA_ALG_IS_STREAM_CIPHER(alg) \
1214  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
1215  (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
1216 
1222 #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100)
1223 
1231 #define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000)
1232 
1237 #define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100)
1238 
1243 #define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200)
1244 
1251 #define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00)
1252 
1271 #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400)
1272 
1280 #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000)
1281 
1288 #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100)
1289 
1290 #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
1291 
1301 #define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \
1302  (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
1303  (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
1304 
1309 #define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100)
1310 
1320 #define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t) 0x04c01300)
1321 
1326 #define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200)
1327 
1337 #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500)
1338 
1339 /* In the encoding of an AEAD algorithm, the bits corresponding to
1340  * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
1341  * The constants for default lengths follow this encoding.
1342  */
1343 #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000)
1344 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
1345 
1346 /* In the encoding of an AEAD algorithm, the bit corresponding to
1347  * #PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
1348  * is a wildcard algorithm. A key with such wildcard algorithm as permitted
1349  * algorithm policy can be used with any algorithm corresponding to the
1350  * same base class and having a tag length greater than or equal to the one
1351  * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
1352 #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
1353 
1372 #define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
1373  (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
1374  PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
1375  ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
1376  PSA_ALG_AEAD_TAG_LENGTH_MASK))
1377 
1388 #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
1389  (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
1390  PSA_AEAD_TAG_LENGTH_OFFSET)
1391 
1400 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
1401  ( \
1402  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
1403  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
1404  PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
1405  0)
1406 #define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref) \
1407  PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) == \
1408  PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ? \
1409  ref :
1410 
1435 #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
1436  (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
1437  PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
1438 
1439 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200)
1440 
1455 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
1456  (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1457 
1463 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
1464 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
1465  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
1466 
1467 #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300)
1468 #define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300)
1469 
1489 #define PSA_ALG_RSA_PSS(hash_alg) \
1490  (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1491 
1507 #define PSA_ALG_RSA_PSS_ANY_SALT(hash_alg) \
1508  (PSA_ALG_RSA_PSS_ANY_SALT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1509 
1521 #define PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) \
1522  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
1523 
1535 #define PSA_ALG_IS_RSA_PSS_ANY_SALT(alg) \
1536  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_ANY_SALT_BASE)
1537 
1553 #define PSA_ALG_IS_RSA_PSS(alg) \
1554  (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
1555  PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
1556 
1557 #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600)
1558 
1578 #define PSA_ALG_ECDSA(hash_alg) \
1579  (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1580 
1589 #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
1590 #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700)
1591 
1613 #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
1614  (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1615 #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100)
1616 #define PSA_ALG_IS_ECDSA(alg) \
1617  (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
1618  PSA_ALG_ECDSA_BASE)
1619 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
1620  (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
1621 #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
1622  (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1623 #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
1624  (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
1625 
1654 #define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800)
1655 
1656 #define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900)
1657 #define PSA_ALG_IS_HASH_EDDSA(alg) \
1658  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
1659 
1681 #define PSA_ALG_ED25519PH \
1682  (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
1683 
1706 #define PSA_ALG_ED448PH \
1707  (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
1708 
1709 /* Default definition, to be overridden if the library is extended with
1710  * more hash-and-sign algorithms that we want to keep out of this header
1711  * file. */
1712 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
1713 
1731 #define PSA_ALG_IS_SIGN_HASH(alg) \
1732  (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
1733  PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \
1734  PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
1735 
1747 #define PSA_ALG_IS_SIGN_MESSAGE(alg) \
1748  (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
1749 
1776 #define PSA_ALG_IS_HASH_AND_SIGN(alg) \
1777  (PSA_ALG_IS_SIGN_HASH(alg) && \
1778  ((alg) & PSA_ALG_HASH_MASK) != 0)
1779 
1798 #define PSA_ALG_SIGN_GET_HASH(alg) \
1799  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
1800  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1801  0)
1802 
1805 #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200)
1806 
1807 #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300)
1808 
1822 #define PSA_ALG_RSA_OAEP(hash_alg) \
1823  (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1824 #define PSA_ALG_IS_RSA_OAEP(alg) \
1825  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
1826 #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
1827  (PSA_ALG_IS_RSA_OAEP(alg) ? \
1828  ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
1829  0)
1830 
1831 #define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100)
1832 
1858 #define PSA_ALG_HKDF(hash_alg) \
1859  (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1860 
1871 #define PSA_ALG_IS_HKDF(alg) \
1872  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
1873 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
1874  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
1875 
1876 #define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t) 0x08000400)
1877 
1909 #define PSA_ALG_HKDF_EXTRACT(hash_alg) \
1910  (PSA_ALG_HKDF_EXTRACT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1911 
1922 #define PSA_ALG_IS_HKDF_EXTRACT(alg) \
1923  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE)
1924 
1925 #define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t) 0x08000500)
1926 
1951 #define PSA_ALG_HKDF_EXPAND(hash_alg) \
1952  (PSA_ALG_HKDF_EXPAND_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
1953 
1964 #define PSA_ALG_IS_HKDF_EXPAND(alg) \
1965  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
1966 
1977 #define PSA_ALG_IS_ANY_HKDF(alg) \
1978  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE || \
1979  ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \
1980  ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
1981 
1982 #define PSA_ALG_SP800_108_COUNTER_MAC_BASE ((psa_algorithm_t)0x08000400U)
1983 
2004 #define PSA_ALG_SP800_108_COUNTER_CMAC \
2005  (PSA_ALG_SP800_108_COUNTER_MAC_BASE | (0x01))
2006 
2021 #define PSA_ALG_SP800_108_COUNTER_HMAC(hash_alg) \
2022  (PSA_ALG_SP800_108_COUNTER_MAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2023 
2032 #define PSA_ALG_IS_SP800_108_COUNTER_MAC(alg) \
2033  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_SP800_108_COUNTER_MAC_BASE)
2034 
2035 #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200)
2036 
2062 #define PSA_ALG_TLS12_PRF(hash_alg) \
2063  (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2064 
2073 #define PSA_ALG_IS_TLS12_PRF(alg) \
2074  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
2075 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
2076  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
2077 
2078 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300)
2079 
2132 #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
2133  (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2134 
2143 #define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
2144  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
2145 #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
2146  (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
2147 
2148 /* The TLS 1.2 ECJPAKE-to-PMS KDF. It takes the shared secret K (an EC point
2149  * in case of EC J-PAKE) and calculates SHA256(K.X) that the rest of TLS 1.2
2150  * will use to derive the session secret, as defined by step 2 of
2151  * https://datatracker.ietf.org/doc/html/draft-cragie-tls-ecjpake-01#section-8.7.
2152  * Uses PSA_ALG_SHA_256.
2153  * This function takes a single input:
2154  * #PSA_KEY_DERIVATION_INPUT_SECRET is the shared secret K from EC J-PAKE.
2155  * The only supported curve is secp256r1 (the 256-bit curve in
2156  * #PSA_ECC_FAMILY_SECP_R1), so the input must be exactly 65 bytes.
2157  * The output has to be read as a single chunk of 32 bytes, defined as
2158  * PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE.
2159  */
2160 #define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t) 0x08000609)
2161 
2162 /* This flag indicates whether the key derivation algorithm is suitable for
2163  * use on low-entropy secrets such as password - these algorithms are also
2164  * known as key stretching or password hashing schemes. These are also the
2165  * algorithms that accepts inputs of type #PSA_KEY_DERIVATION_INPUT_PASSWORD.
2166  *
2167  * Those algorithms cannot be combined with a key agreement algorithm.
2168  */
2169 #define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t) 0x00800000)
2170 
2171 #define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t) 0x08800100)
2172 
2198 #define PSA_ALG_PBKDF2_HMAC(hash_alg) \
2199  (PSA_ALG_PBKDF2_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
2200 
2209 #define PSA_ALG_IS_PBKDF2_HMAC(alg) \
2210  (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_PBKDF2_HMAC_BASE)
2211 #define PSA_ALG_PBKDF2_HMAC_GET_HASH(pbkdf2_alg) \
2212  (PSA_ALG_CATEGORY_HASH | ((pbkdf2_alg) & PSA_ALG_HASH_MASK))
2213 
2222 #define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t) 0x08800200)
2223 
2224 #define PSA_ALG_IS_PBKDF2(kdf_alg) \
2225  (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) || \
2226  ((kdf_alg) == PSA_ALG_PBKDF2_AES_CMAC_PRF_128))
2227 
2228 #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff)
2229 #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000)
2230 
2245 #define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \
2246  ((ka_alg) | (kdf_alg))
2247 
2248 #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
2249  (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
2250 
2251 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
2252  (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
2253 
2268 #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \
2269  (PSA_ALG_IS_KEY_AGREEMENT(alg) && \
2270  PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
2271 
2272 #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \
2273  ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
2274 
2282 #define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000)
2283 
2296 #define PSA_ALG_IS_FFDH(alg) \
2297  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
2298 
2324 #define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000)
2325 
2340 #define PSA_ALG_IS_ECDH(alg) \
2341  (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
2342 
2356 #define PSA_ALG_IS_WILDCARD(alg) \
2357  (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
2358  PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
2359  PSA_ALG_IS_MAC(alg) ? \
2360  (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2361  PSA_ALG_IS_AEAD(alg) ? \
2362  (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 : \
2363  (alg) == PSA_ALG_ANY_HASH)
2364 
2374 #define PSA_ALG_GET_HASH(alg) \
2375  (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t) 0) : 0x02000000 | ((alg) & 0x000000ff))
2376 
2383 /* Note that location and persistence level values are embedded in the
2384  * persistent key store, as part of key metadata. As a consequence, they
2385  * must not be changed (unless the storage format version changes).
2386  */
2387 
2399 #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000)
2400 
2413 #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001)
2414 
2419 #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00)
2420 
2425 #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01)
2426 
2435 #define PSA_KEY_PERSISTENCE_HSM_ASSET_STORE ((psa_key_persistence_t) 0x80)
2436 
2441 #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff)
2442 
2443 #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
2444  ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
2445 
2446 #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
2447  ((psa_key_location_t) ((lifetime) >> 8))
2448 
2465 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
2466  (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2467  PSA_KEY_PERSISTENCE_VOLATILE)
2468 
2486 #define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
2487  (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
2488  PSA_KEY_PERSISTENCE_READ_ONLY)
2489 
2499 #define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
2500  ((location) << 8 | (persistence))
2501 
2509 #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000)
2510 
2521 #define PSA_KEY_LOCATION_HSM_ASSET_STORE ((psa_key_location_t) 0x000001)
2522 
2523 #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000)
2524 
2525 /* Note that key identifier values are embedded in the
2526  * persistent key store, as part of key metadata. As a consequence, they
2527  * must not be changed (unless the storage format version changes).
2528  */
2529 
2532 /* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
2533 #define PSA_KEY_ID_NULL ((psa_key_id_t)0)
2534 /* *INDENT-ON* */
2537 #define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001)
2538 
2540 #define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff)
2541 
2543 #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000)
2544 
2546 #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff)
2547 
2549 #define PSA_KEY_ID_HSM_HUK ((psa_key_id_t)(PSA_KEY_ID_USER_MAX))
2550 
2552 #define PSA_KEY_ID_HSM_TKDK ((psa_key_id_t)(PSA_KEY_ID_USER_MAX - 1))
2553 
2556 #define PSA_KEY_ID_IAK ((psa_key_id_t) 0x7fff815d)
2557 
2558 #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
2559 
2560 #define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
2561 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
2562 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
2563 
2569 static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
2570  unsigned int unused, psa_key_id_t key_id)
2571 {
2572  (void) unused;
2573 
2574  return key_id;
2575 }
2576 
2584 static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
2585  mbedtls_svc_key_id_t id2)
2586 {
2587  return id1 == id2;
2588 }
2589 
2596 static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
2597 {
2598  return key == 0;
2599 }
2600 
2601 #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2602 
2603 #define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
2604 #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id.key_id)
2605 #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (id.owner)
2606 
2612 static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
2613  mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
2614 {
2615  return (mbedtls_svc_key_id_t){ .key_id = key_id,
2616  .owner = owner_id };
2617 }
2618 
2626 static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
2627  mbedtls_svc_key_id_t id2)
2628 {
2629  return (id1.key_id == id2.key_id) &&
2630  mbedtls_key_owner_id_equal(id1.owner, id2.owner);
2631 }
2632 
2639 static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
2640 {
2641  return key.key_id == 0;
2642 }
2643 
2644 #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
2645 
2652 /* Note that key usage flags are embedded in the
2653  * persistent key store, as part of key metadata. As a consequence, they
2654  * must not be changed (unless the storage format version changes).
2655  */
2656 
2668 #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001)
2669 
2684 #define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002)
2685 
2695 #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100)
2696 
2706 #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200)
2707 
2716 #define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400)
2717 
2726 #define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800)
2727 
2736 #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000)
2737 
2746 #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000)
2747 
2760 #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000)
2761 
2775 #define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t) 0x00008000)
2776 
2783 /* Key input steps are not embedded in the persistent storage, so you can
2784  * change them if needed: it's only an ABI change. */
2785 
2801 #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)
2802 
2819 #define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)
2820 
2828 #define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \
2829  ((psa_key_derivation_step_t) 0x0103)
2830 
2836 #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)
2837 
2844 #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)
2845 
2851 #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)
2852 
2858 #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)
2859 
2864 #define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)
2865 
2871 #define PSA_KEY_DERIVATION_INPUT_CONTEXT ((psa_key_derivation_step_t)0x0206U)
2872 
2879 /* Helper macros */
2880 
2892 #define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
2893  (!(((aead_alg_1) ^ (aead_alg_2)) & \
2894  ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
2895 
2908 #define PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED UINT32_MAX
2909 
2912 #endif /* PSA_CRYPTO_VALUES_H */
mbedtls_svc_key_id_t::key_id
psa_key_id_t key_id
Definition: crypto_types.h:355
psa_key_id_t
uint32_t psa_key_id_t
Definition: crypto_types.h:298
mbedtls_key_owner_id_equal
static int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1, mbedtls_key_owner_id_t id2)
Definition: crypto_types.h:342
mbedtls_svc_key_id_t
Definition: crypto_types.h:353
mbedtls_svc_key_id_make
static mbedtls_svc_key_id_t mbedtls_svc_key_id_make(mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
Definition: crypto_values.h:2612
mbedtls_svc_key_id_equal
static int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2)
Definition: crypto_values.h:2626
mbedtls_svc_key_id_t::owner
mbedtls_key_owner_id_t owner
Definition: crypto_types.h:356
mbedtls_svc_key_id_is_null
static int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
Definition: crypto_values.h:2639
mbedtls_key_owner_id_t
int32_t mbedtls_key_owner_id_t
Definition: crypto_types.h:333
© Copyright 1995-2026, Texas Instruments Incorporated. All rights reserved.
Trademarks | Privacy policy | Terms of use | Terms of sale