Mbed TLS v2.28.8
psa_util.h
Go to the documentation of this file.
1 
9 /*
10  * Copyright The Mbed TLS Contributors
11  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
12  */
13 
14 #ifndef MBEDTLS_PSA_UTIL_H
15 #define MBEDTLS_PSA_UTIL_H
16 
17 #if !defined(MBEDTLS_CONFIG_FILE)
18 #include "mbedtls/config.h"
19 #else
20 #include MBEDTLS_CONFIG_FILE
21 #endif
22 
23 #if defined(MBEDTLS_USE_PSA_CRYPTO)
24 
25 #include "psa/crypto.h"
26 
27 #include "mbedtls/ecp.h"
28 #include "mbedtls/md.h"
29 #include "mbedtls/pk.h"
30 #include "mbedtls/oid.h"
31 
32 #include <string.h>
33 
34 /* Translations for symmetric crypto. */
35 
36 static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
37  mbedtls_cipher_type_t cipher)
38 {
39  switch (cipher) {
52  return PSA_KEY_TYPE_AES;
53 
54  /* ARIA not yet supported in PSA. */
55  /* case MBEDTLS_CIPHER_ARIA_128_CCM:
56  case MBEDTLS_CIPHER_ARIA_192_CCM:
57  case MBEDTLS_CIPHER_ARIA_256_CCM:
58  case MBEDTLS_CIPHER_ARIA_128_GCM:
59  case MBEDTLS_CIPHER_ARIA_192_GCM:
60  case MBEDTLS_CIPHER_ARIA_256_GCM:
61  case MBEDTLS_CIPHER_ARIA_128_CBC:
62  case MBEDTLS_CIPHER_ARIA_192_CBC:
63  case MBEDTLS_CIPHER_ARIA_256_CBC:
64  return( PSA_KEY_TYPE_ARIA ); */
65 
66  default:
67  return 0;
68  }
69 }
70 
71 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
72  mbedtls_cipher_mode_t mode, size_t taglen)
73 {
74  switch (mode) {
75  case MBEDTLS_MODE_ECB:
77  case MBEDTLS_MODE_GCM:
79  case MBEDTLS_MODE_CCM:
81  case MBEDTLS_MODE_CBC:
82  if (taglen == 0) {
84  } else {
85  return 0;
86  }
87  default:
88  return 0;
89  }
90 }
91 
92 static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
94 {
95  switch (op) {
96  case MBEDTLS_ENCRYPT:
97  return PSA_KEY_USAGE_ENCRYPT;
98  case MBEDTLS_DECRYPT:
99  return PSA_KEY_USAGE_DECRYPT;
100  default:
101  return 0;
102  }
103 }
104 
105 /* Translations for hashing. */
106 
107 static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
108 {
109  switch (md_alg) {
110 #if defined(MBEDTLS_MD2_C)
111  case MBEDTLS_MD_MD2:
112  return PSA_ALG_MD2;
113 #endif
114 #if defined(MBEDTLS_MD4_C)
115  case MBEDTLS_MD_MD4:
116  return PSA_ALG_MD4;
117 #endif
118 #if defined(MBEDTLS_MD5_C)
119  case MBEDTLS_MD_MD5:
120  return PSA_ALG_MD5;
121 #endif
122 #if defined(MBEDTLS_SHA1_C)
123  case MBEDTLS_MD_SHA1:
124  return PSA_ALG_SHA_1;
125 #endif
126 #if defined(MBEDTLS_SHA256_C)
127  case MBEDTLS_MD_SHA224:
128  return PSA_ALG_SHA_224;
129  case MBEDTLS_MD_SHA256:
130  return PSA_ALG_SHA_256;
131 #endif
132 #if defined(MBEDTLS_SHA512_C)
133  case MBEDTLS_MD_SHA384:
134  return PSA_ALG_SHA_384;
135  case MBEDTLS_MD_SHA512:
136  return PSA_ALG_SHA_512;
137 #endif
138 #if defined(MBEDTLS_RIPEMD160_C)
140  return PSA_ALG_RIPEMD160;
141 #endif
142  case MBEDTLS_MD_NONE:
143  return 0;
144  default:
145  return 0;
146  }
147 }
148 
149 /* Translations for ECC. */
150 
151 static inline int mbedtls_psa_get_ecc_oid_from_id(
152  psa_ecc_family_t curve, size_t bits,
153  char const **oid, size_t *oid_len)
154 {
155  switch (curve) {
157  switch (bits) {
158 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
159  case 192:
162  return 0;
163 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
164 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
165  case 224:
168  return 0;
169 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
170 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
171  case 256:
174  return 0;
175 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
176 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
177  case 384:
180  return 0;
181 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
182 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
183  case 521:
186  return 0;
187 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
188  }
189  break;
191  switch (bits) {
192 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
193  case 192:
196  return 0;
197 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
198 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
199  case 224:
202  return 0;
203 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
204 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
205  case 256:
208  return 0;
209 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
210  }
211  break;
213  switch (bits) {
214 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
215  case 256:
218  return 0;
219 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
220 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
221  case 384:
224  return 0;
225 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
226 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
227  case 512:
230  return 0;
231 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
232  }
233  break;
234  }
235  (void) oid;
236  (void) oid_len;
237  return -1;
238 }
239 
240 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
241 
242 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
243 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
244 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
245 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
246 #endif
247 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
248 
249 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
250 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
251 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
252 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
253 #endif
254 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
255 
256 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
257 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
258 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
259 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
260 #endif
261 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
262 
263 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
264 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
265 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
266 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
267 #endif
268 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
269 
270 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
271 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((521 + 7) / 8) + 1)
272 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
273 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((521 + 7) / 8) + 1)
274 #endif
275 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
276 
277 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
278 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
279 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
280 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
281 #endif
282 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
283 
284 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
285 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
286 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
287 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
288 #endif
289 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
290 
291 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
292 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
293 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
294 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
295 #endif
296 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
297 
298 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
299 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
300 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
301 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
302 #endif
303 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
304 
305 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
306 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
307 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
308 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
309 #endif
310 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
311 
312 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
313 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((512 + 7) / 8) + 1)
314 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
315 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((512 + 7) / 8) + 1)
316 #endif
317 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
318 
319 
320 /* Translations for PK layer */
321 
322 static inline int mbedtls_psa_err_translate_pk(psa_status_t status)
323 {
324  switch (status) {
325  case PSA_SUCCESS:
326  return 0;
333  case PSA_ERROR_BAD_STATE:
335  /* All other failures */
340  default: /* We return the same as for the 'other failures',
341  * but list them separately nonetheless to indicate
342  * which failure conditions we have considered. */
344  }
345 }
346 
347 /* Translations for ECC */
348 
349 /* This function transforms an ECC group identifier from
350  * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
351  * into a PSA ECC group identifier. */
352 #if defined(MBEDTLS_ECP_C)
353 static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
354  uint16_t tls_ecc_grp_reg_id, size_t *bits)
355 {
356  const mbedtls_ecp_curve_info *curve_info =
357  mbedtls_ecp_curve_info_from_tls_id(tls_ecc_grp_reg_id);
358  if (curve_info == NULL) {
359  return 0;
360  }
362  mbedtls_ecc_group_to_psa(curve_info->grp_id, bits));
363 }
364 #endif /* MBEDTLS_ECP_C */
365 
366 /* This function takes a buffer holding an EC public key
367  * exported through psa_export_public_key(), and converts
368  * it into an ECPoint structure to be put into a ClientKeyExchange
369  * message in an ECDHE exchange.
370  *
371  * Both the present and the foreseeable future format of EC public keys
372  * used by PSA have the ECPoint structure contained in the exported key
373  * as a subbuffer, and the function merely selects this subbuffer instead
374  * of making a copy.
375  */
376 static inline int mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char *src,
377  size_t srclen,
378  unsigned char **dst,
379  size_t *dstlen)
380 {
381  *dst = src;
382  *dstlen = srclen;
383  return 0;
384 }
385 
386 /* This function takes a buffer holding an ECPoint structure
387  * (as contained in a TLS ServerKeyExchange message for ECDHE
388  * exchanges) and converts it into a format that the PSA key
389  * agreement API understands.
390  */
391 static inline int mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const *src,
392  size_t srclen,
393  unsigned char *dst,
394  size_t dstlen,
395  size_t *olen)
396 {
397  if (srclen > dstlen) {
399  }
400 
401  memcpy(dst, src, srclen);
402  *olen = srclen;
403  return 0;
404 }
405 
406 #endif /* MBEDTLS_USE_PSA_CRYPTO */
407 
408 /* Expose whatever RNG the PSA subsystem uses to applications using the
409  * mbedtls_xxx API. The declarations and definitions here need to be
410  * consistent with the implementation in library/psa_crypto_random_impl.h.
411  * See that file for implementation documentation. */
412 #if defined(MBEDTLS_PSA_CRYPTO_C)
413 
414 /* The type of a `f_rng` random generator function that many library functions
415  * take.
416  *
417  * This type name is not part of the Mbed TLS stable API. It may be renamed
418  * or moved without warning.
419  */
420 typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size);
421 
422 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
423 
459 int mbedtls_psa_get_random(void *p_rng,
460  unsigned char *output,
461  size_t output_size);
462 
473 #define MBEDTLS_PSA_RANDOM_STATE NULL
474 
475 #else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
476 
477 #if defined(MBEDTLS_CTR_DRBG_C)
478 #include "mbedtls/ctr_drbg.h"
481 #elif defined(MBEDTLS_HMAC_DRBG_C)
482 #include "mbedtls/hmac_drbg.h"
485 #endif
487 
488 #define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
489 
490 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
491 
492 #endif /* MBEDTLS_PSA_CRYPTO_C */
493 
494 #endif /* MBEDTLS_PSA_UTIL_H */
MBEDTLS_OID_EC_GRP_SECP224K1
#define MBEDTLS_OID_EC_GRP_SECP224K1
Definition: oid.h:367
psa_status_t
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:50
MBEDTLS_ERR_PK_ALLOC_FAILED
#define MBEDTLS_ERR_PK_ALLOC_FAILED
Definition: pk.h:44
mbedtls_md_type_t
mbedtls_md_type_t
Supported message digests.
Definition: md.h:50
MBEDTLS_OID_EC_GRP_SECP256R1
#define MBEDTLS_OID_EC_GRP_SECP256R1
Definition: oid.h:351
PSA_ALG_GCM
#define PSA_ALG_GCM
Definition: crypto_values.h:1199
ecp.h
This file provides an API for Elliptic Curves over GF(P) (ECP).
oid.h
Object Identifier (OID) database.
MBEDTLS_MD_NONE
@ MBEDTLS_MD_NONE
Definition: md.h:51
MBEDTLS_OID_EC_GRP_SECP192K1
#define MBEDTLS_OID_EC_GRP_SECP192K1
Definition: oid.h:363
mbedtls_ecp_curve_info_from_tls_id
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
This function retrieves curve information from a TLS NamedCurve value.
MBEDTLS_OID_EC_GRP_BP256R1
#define MBEDTLS_OID_EC_GRP_BP256R1
Definition: oid.h:382
MBEDTLS_OID_EC_GRP_BP384R1
#define MBEDTLS_OID_EC_GRP_BP384R1
Definition: oid.h:385
MBEDTLS_OID_EC_GRP_SECP192R1
#define MBEDTLS_OID_EC_GRP_SECP192R1
Definition: oid.h:343
md.h
This file contains the generic message-digest wrapper.
MBEDTLS_CIPHER_AES_192_CBC
@ MBEDTLS_CIPHER_AES_192_CBC
Definition: cipher.h:105
PSA_SUCCESS
#define PSA_SUCCESS
Definition: crypto_values.h:56
MBEDTLS_OID_EC_GRP_BP512R1
#define MBEDTLS_OID_EC_GRP_BP512R1
Definition: oid.h:388
MBEDTLS_CIPHER_AES_256_ECB
@ MBEDTLS_CIPHER_AES_256_ECB
Definition: cipher.h:103
MBEDTLS_DECRYPT
@ MBEDTLS_DECRYPT
Definition: cipher.h:210
MBEDTLS_MD_MD4
@ MBEDTLS_MD_MD4
Definition: md.h:53
mbedtls_hmac_drbg_context
Definition: hmac_drbg.h:77
MBEDTLS_CIPHER_AES_192_ECB
@ MBEDTLS_CIPHER_AES_192_ECB
Definition: cipher.h:102
PSA_ALG_ECB_NO_PADDING
#define PSA_ALG_ECB_NO_PADDING
Definition: crypto_values.h:1155
mbedtls_ecp_curve_info::grp_id
mbedtls_ecp_group_id grp_id
Definition: ecp.h:150
PSA_ERROR_INSUFFICIENT_MEMORY
#define PSA_ERROR_INSUFFICIENT_MEMORY
Definition: crypto_values.h:142
MBEDTLS_MD_SHA224
@ MBEDTLS_MD_SHA224
Definition: md.h:56
MBEDTLS_CIPHER_AES_128_CBC
@ MBEDTLS_CIPHER_AES_128_CBC
Definition: cipher.h:104
PSA_ALG_SHA_224
#define PSA_ALG_SHA_224
Definition: crypto_values.h:850
mbedtls_psa_drbg_context_t
mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t
Definition: psa_util.h:479
MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
Definition: pk.h:68
PSA_ERROR_COMMUNICATION_FAILURE
#define PSA_ERROR_COMMUNICATION_FAILURE
Definition: crypto_values.h:168
PSA_ALG_SHA_384
#define PSA_ALG_SHA_384
Definition: crypto_values.h:854
PSA_ALG_RIPEMD160
#define PSA_ALG_RIPEMD160
Definition: crypto_values.h:846
MBEDTLS_MODE_GCM
@ MBEDTLS_MODE_GCM
Definition: cipher.h:189
mbedtls_operation_t
mbedtls_operation_t
Definition: cipher.h:208
MBEDTLS_MD_RIPEMD160
@ MBEDTLS_MD_RIPEMD160
Definition: md.h:60
MBEDTLS_CIPHER_AES_128_GCM
@ MBEDTLS_CIPHER_AES_128_GCM
Definition: cipher.h:113
MBEDTLS_ERR_PK_BAD_INPUT_DATA
#define MBEDTLS_ERR_PK_BAD_INPUT_DATA
Definition: pk.h:48
MBEDTLS_MD_SHA1
@ MBEDTLS_MD_SHA1
Definition: md.h:55
mbedtls_cipher_mode_t
mbedtls_cipher_mode_t
Definition: cipher.h:182
PSA_ALG_SHA_512
#define PSA_ALG_SHA_512
Definition: crypto_values.h:856
PSA_ECC_FAMILY_BRAINPOOL_P_R1
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
Definition: crypto_values.h:609
mbedtls_ctr_drbg_context
The CTR_DRBG context structure.
Definition: ctr_drbg.h:161
mbedtls_f_rng_t
int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size)
Definition: psa_util.h:420
hmac_drbg.h
The HMAC_DRBG pseudorandom generator.
mbedtls_hmac_drbg_random
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
PSA_KEY_TYPE_ECC_KEY_PAIR
#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve)
Definition: crypto_values.h:504
PSA_ALG_MD4
#define PSA_ALG_MD4
Definition: crypto_values.h:842
MBEDTLS_ERR_PK_HW_ACCEL_FAILED
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED
Definition: pk.h:74
PSA_ALG_SHA_256
#define PSA_ALG_SHA_256
Definition: crypto_values.h:852
crypto.h
Platform Security Architecture cryptography module.
MBEDTLS_CIPHER_AES_256_GCM
@ MBEDTLS_CIPHER_AES_256_GCM
Definition: cipher.h:115
MBEDTLS_CIPHER_AES_256_CBC
@ MBEDTLS_CIPHER_AES_256_CBC
Definition: cipher.h:106
PSA_ALG_CBC_NO_PADDING
#define PSA_ALG_CBC_NO_PADDING
Definition: crypto_values.h:1164
mbedtls_ctr_drbg_random
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
PSA_KEY_USAGE_ENCRYPT
#define PSA_KEY_USAGE_ENCRYPT
Definition: crypto_values.h:2263
MBEDTLS_OID_EC_GRP_SECP521R1
#define MBEDTLS_OID_EC_GRP_SECP521R1
Definition: oid.h:359
PSA_ERROR_HARDWARE_FAILURE
#define PSA_ERROR_HARDWARE_FAILURE
Definition: crypto_values.h:199
psa_key_usage_t
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:314
MBEDTLS_MODE_CBC
@ MBEDTLS_MODE_CBC
Definition: cipher.h:185
psa_algorithm_t
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:125
MBEDTLS_MODE_CCM
@ MBEDTLS_MODE_CCM
Definition: cipher.h:191
PSA_ERROR_CORRUPTION_DETECTED
#define PSA_ERROR_CORRUPTION_DETECTED
Definition: crypto_values.h:230
PSA_ALG_AEAD_WITH_SHORTENED_TAG
#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length)
Definition: crypto_values.h:1245
MBEDTLS_MODE_ECB
@ MBEDTLS_MODE_ECB
Definition: cipher.h:184
MBEDTLS_OID_EC_GRP_SECP256K1
#define MBEDTLS_OID_EC_GRP_SECP256K1
Definition: oid.h:371
MBEDTLS_OID_EC_GRP_SECP224R1
#define MBEDTLS_OID_EC_GRP_SECP224R1
Definition: oid.h:347
MBEDTLS_ERR_ECP_RANDOM_FAILED
#define MBEDTLS_ERR_ECP_RANDOM_FAILED
Definition: ecp.h:52
MBEDTLS_CIPHER_AES_256_CCM
@ MBEDTLS_CIPHER_AES_256_CCM
Definition: cipher.h:144
mbedtls_ecp_curve_info
Definition: ecp.h:149
MBEDTLS_MD_SHA512
@ MBEDTLS_MD_SHA512
Definition: md.h:59
MBEDTLS_ENCRYPT
@ MBEDTLS_ENCRYPT
Definition: cipher.h:211
PSA_KEY_TYPE_AES
#define PSA_KEY_TYPE_AES
Definition: crypto_values.h:442
psa_key_type_t
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:69
PSA_ECC_FAMILY_SECP_R1
#define PSA_ECC_FAMILY_SECP_R1
Definition: crypto_values.h:559
MBEDTLS_OID_EC_GRP_SECP384R1
#define MBEDTLS_OID_EC_GRP_SECP384R1
Definition: oid.h:355
MBEDTLS_CIPHER_AES_192_GCM
@ MBEDTLS_CIPHER_AES_192_GCM
Definition: cipher.h:114
PSA_ERROR_BAD_STATE
#define PSA_ERROR_BAD_STATE
Definition: crypto_values.h:125
PSA_ERROR_INSUFFICIENT_ENTROPY
#define PSA_ERROR_INSUFFICIENT_ENTROPY
Definition: crypto_values.h:249
pk.h
Public Key abstraction layer.
mbedtls_psa_get_random
static mbedtls_f_rng_t *const mbedtls_psa_get_random
Definition: psa_util.h:480
config.h
Configuration options (set of defines)
PSA_KEY_USAGE_DECRYPT
#define PSA_KEY_USAGE_DECRYPT
Definition: crypto_values.h:2274
MBEDTLS_CIPHER_AES_192_CCM
@ MBEDTLS_CIPHER_AES_192_CCM
Definition: cipher.h:143
MBEDTLS_OID_SIZE
#define MBEDTLS_OID_SIZE(x)
Definition: asn1.h:115
PSA_ERROR_NOT_SUPPORTED
#define PSA_ERROR_NOT_SUPPORTED
Definition: crypto_values.h:72
MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
Definition: ecp.h:44
PSA_ALG_CCM
#define PSA_ALG_CCM
Definition: crypto_values.h:1193
MBEDTLS_CIPHER_AES_128_ECB
@ MBEDTLS_CIPHER_AES_128_ECB
Definition: cipher.h:101
ctr_drbg.h
This file contains definitions and functions for the CTR_DRBG pseudorandom generator.
MBEDTLS_MD_SHA384
@ MBEDTLS_MD_SHA384
Definition: md.h:58
PSA_ALG_MD2
#define PSA_ALG_MD2
Definition: crypto_values.h:840
mbedtls_ecc_group_to_psa
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:574
MBEDTLS_MD_MD2
@ MBEDTLS_MD_MD2
Definition: md.h:52
mbedtls_psa_random_state
mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state
PSA_ALG_SHA_1
#define PSA_ALG_SHA_1
Definition: crypto_values.h:848
PSA_ALG_MD5
#define PSA_ALG_MD5
Definition: crypto_values.h:844
psa_ecc_family_t
uint8_t psa_ecc_family_t
Definition: crypto_types.h:88
MBEDTLS_MD_SHA256
@ MBEDTLS_MD_SHA256
Definition: md.h:57
MBEDTLS_MD_MD5
@ MBEDTLS_MD_MD5
Definition: md.h:54
mbedtls_cipher_type_t
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:98
MBEDTLS_CIPHER_AES_128_CCM
@ MBEDTLS_CIPHER_AES_128_CCM
Definition: cipher.h:142
PSA_ECC_FAMILY_SECP_K1
#define PSA_ECC_FAMILY_SECP_K1
Definition: crypto_values.h:549