From 45336077f5009368dcb734acabe68324bf31a561 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 8 Jan 2020 22:28:10 +0000 Subject: [PATCH 01/39] Initial updates to support vendor defined keys --- include/psa/crypto.h | 33 ++++++++++++++++++-- include/psa/crypto_values.h | 14 +++++++-- library/psa_crypto.c | 61 +++++++++++++++++++++++++++++-------- library/psa_crypto_core.h | 34 +++++++++++++++++++-- 4 files changed, 123 insertions(+), 19 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d5e713e06..38deb03b3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3584,8 +3584,37 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_random(uint8_t *output, - size_t output_size); +psa_status_t psa_generate_random(uint8_t * output, size_t output_size); + +/** + * \brief Generate symmetric key of vendor defined format. + * + * \warning This function **can** fail! Callers MUST check the return status + * and MUST NOT use the content of the output buffer if the return + * status is not #PSA_SUCCESS. + * + * \note This function has to be defined by the vendor. + * A weakly liniked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directlyu; + * to generate a key, use psa_generate_key() instead. + * + * \param[in] type Type of symmetric key to be generated. + * \param[out] output Output buffer for the generated data. + * \param[out] output_size Number of bytes to generate and output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_generate_vendor_symmetric(psa_key_type_t type, uint8_t * output, size_t output_size); /** * \brief Generate a key or key pair. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index b53e1c769..f2c34f341 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -364,21 +364,29 @@ * HMAC keys should generally have the same size as the underlying hash. * This size can be calculated with #PSA_HASH_SIZE(\c alg) where * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) /** A secret for key derivation. * * The key policy determines which key derivation algorithm the key * can be used for. */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) + +/** Vendor defined Key format for a cipher, AEAD or MAC algorithm based + * on the AES block cipher. + * + * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or + * 32 bytes (AES-256). + */ +#define PSA_KEY_TYPE_VENDOR_AES ((psa_key_type_t)0xC0000001) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a80f13de3..42b3e0ab2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5402,6 +5402,30 @@ static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, } #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ +// The weakly linked function "prepare_vendor_raw_data_slot_weak" which just returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "prepare_vendor_raw_data_slot" +psa_status_t prepare_vendor_raw_data_slot( psa_key_type_t type, size_t bits, struct raw_data *raw) __attribute__ ((weak, alias("prepare_vendor_raw_data_slot_weak"))); +psa_status_t prepare_vendor_raw_data_slot_weak( psa_key_type_t type, size_t bits, struct raw_data *raw); +psa_status_t prepare_vendor_raw_data_slot_weak( psa_key_type_t type, size_t bits, struct raw_data *raw) +{ + (void)type; + (void)bits; + (void)raw; + return PSA_ERROR_NOT_SUPPORTED; +} + +// The weakly linked function "psa_generate_vendor_symmetric_weak" which just returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "psa_generate_vendor_symmetric" +psa_status_t psa_generate_vendor_symmetric( psa_key_type_t type, uint8_t * output, size_t output_size) __attribute__ ((weak, alias("psa_generate_vendor_symmetric_weak"))); +psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, uint8_t * output, size_t output_size); +psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, uint8_t * output, size_t output_size) +{ + (void)type; + (void)output; + (void)output_size; + return PSA_ERROR_NOT_SUPPORTED; +} + static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, size_t bits, const uint8_t *domain_parameters, size_t domain_parameters_size ) @@ -5414,18 +5438,31 @@ static psa_status_t psa_generate_key_internal( if( key_type_is_raw_bytes( type ) ) { psa_status_t status; - status = prepare_raw_data_slot( type, bits, &slot->data.raw ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_generate_random( slot->data.raw.data, - slot->data.raw.bytes ); - if( status != PSA_SUCCESS ) - return( status ); -#if defined(MBEDTLS_DES_C) - if( type == PSA_KEY_TYPE_DES ) - psa_des_set_key_parity( slot->data.raw.data, - slot->data.raw.bytes ); -#endif /* MBEDTLS_DES_C */ + if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(type)) + { + status = prepare_vendor_raw_data_slot( type, bits, &slot->data.raw ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_generate_vendor_symmetric( type, slot->data.raw.data, + slot->data.raw.bytes ); + if( status != PSA_SUCCESS ) + return( status ); + } + else + { + status = prepare_raw_data_slot( type, bits, &slot->data.raw ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_generate_random( slot->data.raw.data, + slot->data.raw.bytes ); + if( status != PSA_SUCCESS ) + return( status ); + #if defined(MBEDTLS_DES_C) + if( type == PSA_KEY_TYPE_DES ) + psa_des_set_key_parity( slot->data.raw.data, + slot->data.raw.bytes ); + #endif /* MBEDTLS_DES_C */ + } } else diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index edf3ab603..507cb014e 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -129,12 +129,42 @@ static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, * \param[in,out] slot The key slot to modify. * \param mask The mask of bits to clear. */ -static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, - uint16_t mask ) +static inline void psa_key_slot_clear_bits(psa_key_slot_t *slot, + uint16_t mask) { slot->attr.flags &= ~mask; } +/** + * \brief Prepare a slot for vendor defined key type. + * + * \warning This function **can** fail! Callers MUST check the return status + * and MUST NOT use the content of the output buffer if the return + * status is not #PSA_SUCCESS. + * + * \note This function has to be defined by the vendor. + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in] type Type of symmetric key to be generated. + * \param[out] output Output buffer for the generated data. + * \param[out] output_size Number of bytes to generate and output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t prepare_vendor_raw_data_slot(psa_key_type_t type, size_t bits, struct raw_data *raw); + /** Completely wipe a slot in memory, including its policy. * * Persistent storage is not affected. From 01d88e91e5669b2d17aa8e29e6ebbec0d8585632 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Thu, 9 Jan 2020 16:09:17 +0000 Subject: [PATCH 02/39] Updated aes gen signature --- library/psa_crypto.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 42b3e0ab2..53252ca26 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5402,7 +5402,7 @@ static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, } #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ -// The weakly linked function "prepare_vendor_raw_data_slot_weak" which just returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// The weakly linked function "prepare_vendor_raw_data_slot_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if // the vendor does not provide a definition for "prepare_vendor_raw_data_slot" psa_status_t prepare_vendor_raw_data_slot( psa_key_type_t type, size_t bits, struct raw_data *raw) __attribute__ ((weak, alias("prepare_vendor_raw_data_slot_weak"))); psa_status_t prepare_vendor_raw_data_slot_weak( psa_key_type_t type, size_t bits, struct raw_data *raw); @@ -5414,11 +5414,11 @@ psa_status_t prepare_vendor_raw_data_slot_weak( psa_key_type_t type, size_t bits return PSA_ERROR_NOT_SUPPORTED; } -// The weakly linked function "psa_generate_vendor_symmetric_weak" which just returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// The weakly linked function "psa_generate_vendor_symmetric_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if // the vendor does not provide a definition for "psa_generate_vendor_symmetric" -psa_status_t psa_generate_vendor_symmetric( psa_key_type_t type, uint8_t * output, size_t output_size) __attribute__ ((weak, alias("psa_generate_vendor_symmetric_weak"))); -psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, uint8_t * output, size_t output_size); -psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, uint8_t * output, size_t output_size) +psa_status_t psa_generate_vendor_symmetric( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) __attribute__ ((weak, alias("psa_generate_vendor_symmetric_weak"))); +psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); +psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) { (void)type; (void)output; @@ -5443,7 +5443,7 @@ static psa_status_t psa_generate_key_internal( status = prepare_vendor_raw_data_slot( type, bits, &slot->data.raw ); if( status != PSA_SUCCESS ) return( status ); - status = psa_generate_vendor_symmetric( type, slot->data.raw.data, + status = psa_generate_vendor_symmetric( type, bits, slot->data.raw.data, slot->data.raw.bytes ); if( status != PSA_SUCCESS ) return( status ); From c822cf9db3b65ca5fdcc1d50e65017cfef7a2ed3 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Fri, 10 Jan 2020 17:50:30 +0000 Subject: [PATCH 03/39] Updated argument --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 38deb03b3..febdd732e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3614,7 +3614,7 @@ psa_status_t psa_generate_random(uint8_t * output, size_t output_size); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_vendor_symmetric(psa_key_type_t type, uint8_t * output, size_t output_size); +psa_status_t psa_generate_vendor_symmetric(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); /** * \brief Generate a key or key pair. From 3e88b5c045bd951fc5ed84bad68db189d8956354 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Fri, 10 Jan 2020 17:59:01 +0000 Subject: [PATCH 04/39] Added vendor format key to aes context --- include/mbedtls/aes.h | 71 ++++++++++++++++++++++--------------------- library/psa_crypto.c | 3 +- 2 files changed, 38 insertions(+), 36 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 63c0f672b..71254b3c8 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -51,43 +51,44 @@ #include /* padlock.c and aesni.c rely on these values! */ -#define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */ -#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */ +#define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */ +#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */ /* Error codes in range 0x0020-0x0022 */ -#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ -#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ +#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ +#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ /* Error codes in range 0x0021-0x0025 */ -#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ +#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ /* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */ -#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */ +#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */ /* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */ -#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */ +#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */ -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif #ifdef __cplusplus -extern "C" { +extern "C" +{ #endif #if !defined(MBEDTLS_AES_ALT) -// Regular implementation -// + // Regular implementation + // -/** + /** * \brief The AES context-type definition. */ -typedef struct mbedtls_aes_context -{ - int nr; /*!< The number of rounds. */ - uint32_t *rk; /*!< AES round keys. */ - uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can + typedef struct mbedtls_aes_context + { + int nr; /*!< The number of rounds. */ + uint32_t *rk; /*!< AES round keys. */ + uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can hold 32 extra Bytes, which can be used for one of the following purposes:
  • Alignment if VIA padlock is @@ -95,27 +96,27 @@ typedef struct mbedtls_aes_context
  • Simplifying key expansion in the 256-bit case by generating an extra round key.
*/ -} -mbedtls_aes_context; + bool vendor_format; /*!< Is the key of a vendor defined type. */ + } mbedtls_aes_context; #if defined(MBEDTLS_CIPHER_MODE_XTS) -/** + /** * \brief The AES XTS context-type definition. */ -typedef struct mbedtls_aes_xts_context -{ - mbedtls_aes_context crypt; /*!< The AES context to use for AES block + typedef struct mbedtls_aes_xts_context + { + mbedtls_aes_context crypt; /*!< The AES context to use for AES block encryption or decryption. */ - mbedtls_aes_context tweak; /*!< The AES context used for tweak + mbedtls_aes_context tweak; /*!< The AES context used for tweak computation. */ -} mbedtls_aes_xts_context; + } mbedtls_aes_xts_context; #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#else /* MBEDTLS_AES_ALT */ +#else /* MBEDTLS_AES_ALT */ #include "aes_alt.h" #endif /* MBEDTLS_AES_ALT */ -/** + /** * \brief This function initializes the specified AES context. * * It must be the first API called before using @@ -123,19 +124,19 @@ typedef struct mbedtls_aes_xts_context * * \param ctx The AES context to initialize. This must not be \c NULL. */ -void mbedtls_aes_init( mbedtls_aes_context *ctx ); + void mbedtls_aes_init(mbedtls_aes_context *ctx); -/** + /** * \brief This function releases and clears the specified AES context. * * \param ctx The AES context to clear. * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ -void mbedtls_aes_free( mbedtls_aes_context *ctx ); + void mbedtls_aes_free(mbedtls_aes_context *ctx); #if defined(MBEDTLS_CIPHER_MODE_XTS) -/** + /** * \brief This function initializes the specified AES XTS context. * * It must be the first API called before using @@ -143,19 +144,19 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx ); * * \param ctx The AES XTS context to initialize. This must not be \c NULL. */ -void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); + void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx); -/** + /** * \brief This function releases and clears the specified AES XTS context. * * \param ctx The AES XTS context to clear. * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ -void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); + void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx); #endif /* MBEDTLS_CIPHER_MODE_XTS */ -/** + /** * \brief This function sets the encryption key. * * \param ctx The AES context to which the key should be bound. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 53252ca26..6affd8534 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2428,7 +2428,6 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, return( PSA_SUCCESS ); } - /****************************************************************/ /* MAC */ /****************************************************************/ @@ -2489,6 +2488,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( switch( key_type ) { case PSA_KEY_TYPE_AES: + case PSA_KEY_TYPE_VENDOR_AES: cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; break; case PSA_KEY_TYPE_DES: @@ -3789,6 +3789,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->iv_size = 12; #endif + exit: if( status == 0 ) status = mbedtls_to_psa_error( ret ); From 6ef5072c5a571150ba8d9a7f02b26376d7c5b0eb Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Fri, 10 Jan 2020 18:25:31 +0000 Subject: [PATCH 05/39] Renamed to keep naming consistent Added macro to check AES key --- include/psa/crypto.h | 36 +++++++++++++++++++++++++++++++----- include/psa/crypto_values.h | 3 +++ library/psa_crypto.c | 24 ++++++++++++------------ library/psa_crypto_core.h | 2 +- 4 files changed, 47 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index febdd732e..90c9397bc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3594,8 +3594,8 @@ psa_status_t psa_generate_random(uint8_t * output, size_t output_size); * status is not #PSA_SUCCESS. * * \note This function has to be defined by the vendor. - * A weakly liniked version is provided by default and returns - * PSA_ERROR_NOT_SUPPORTED. Do not use this function directlyu; + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; * to generate a key, use psa_generate_key() instead. * * \param[in] type Type of symmetric key to be generated. @@ -3614,7 +3614,34 @@ psa_status_t psa_generate_random(uint8_t * output, size_t output_size); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_vendor_symmetric(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); +psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); + +/** + * \brief Perform vendor specific setup for cipher operations. + * + * + * \note This function has to be defined by the vendor. + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in] type Type of symmetric key to be generated. + * \param[out] output Output buffer for the generated data. + * \param[out] output_size Number of bytes to generate and output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg); /** * \brief Generate a key or key pair. @@ -3654,8 +3681,7 @@ psa_status_t psa_generate_vendor_symmetric(psa_key_type_t type, size_t bits, uin * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, - psa_key_handle_t *handle); +psa_status_t psa_generate_key(const psa_key_attributes_t * attributes, psa_key_handle_t * handle); /**@}*/ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index f2c34f341..ad35fc81a 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -388,6 +388,9 @@ */ #define PSA_KEY_TYPE_VENDOR_AES ((psa_key_type_t)0xC0000001) +/** Whether a key type is AES. */ +#define PSA_KEY_TYPE_IS_AES(type) (((type)&PSA_KEY_TYPE_AES) != 0) + /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6affd8534..52191a619 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5403,11 +5403,11 @@ static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, } #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ -// The weakly linked function "prepare_vendor_raw_data_slot_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "prepare_vendor_raw_data_slot" -psa_status_t prepare_vendor_raw_data_slot( psa_key_type_t type, size_t bits, struct raw_data *raw) __attribute__ ((weak, alias("prepare_vendor_raw_data_slot_weak"))); -psa_status_t prepare_vendor_raw_data_slot_weak( psa_key_type_t type, size_t bits, struct raw_data *raw); -psa_status_t prepare_vendor_raw_data_slot_weak( psa_key_type_t type, size_t bits, struct raw_data *raw) +// The weakly linked function "prepare_raw_data_slot_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "prepare_raw_data_slot_vendor" +psa_status_t prepare_raw_data_slot_vendor( psa_key_type_t type, size_t bits, struct raw_data *raw) __attribute__ ((weak, alias("prepare_raw_data_slot_vendor_weak"))); +psa_status_t prepare_raw_data_slot_vendor_weak( psa_key_type_t type, size_t bits, struct raw_data *raw); +psa_status_t prepare_raw_data_slot_vendor_weak( psa_key_type_t type, size_t bits, struct raw_data *raw) { (void)type; (void)bits; @@ -5415,11 +5415,11 @@ psa_status_t prepare_vendor_raw_data_slot_weak( psa_key_type_t type, size_t bits return PSA_ERROR_NOT_SUPPORTED; } -// The weakly linked function "psa_generate_vendor_symmetric_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "psa_generate_vendor_symmetric" -psa_status_t psa_generate_vendor_symmetric( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) __attribute__ ((weak, alias("psa_generate_vendor_symmetric_weak"))); -psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); -psa_status_t psa_generate_vendor_symmetric_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) +// The weakly linked function "psa_generate_symmetric_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "psa_generate_symmetric_vendor" +psa_status_t psa_generate_symmetric_vendor( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) __attribute__ ((weak, alias("psa_generate_symmetric_vendor_weak"))); +psa_status_t psa_generate_symmetric_vendor_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); +psa_status_t psa_generate_symmetric_vendor_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) { (void)type; (void)output; @@ -5441,10 +5441,10 @@ static psa_status_t psa_generate_key_internal( psa_status_t status; if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(type)) { - status = prepare_vendor_raw_data_slot( type, bits, &slot->data.raw ); + status = prepare_raw_data_slot_vendor( type, bits, &slot->data.raw ); if( status != PSA_SUCCESS ) return( status ); - status = psa_generate_vendor_symmetric( type, bits, slot->data.raw.data, + status = psa_generate_symmetric_vendor( type, bits, slot->data.raw.data, slot->data.raw.bytes ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 507cb014e..f29ae4f9c 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -163,7 +163,7 @@ static inline void psa_key_slot_clear_bits(psa_key_slot_t *slot, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t prepare_vendor_raw_data_slot(psa_key_type_t type, size_t bits, struct raw_data *raw); +psa_status_t prepare_raw_data_slot_vendor(psa_key_type_t type, size_t bits, struct raw_data *raw); /** Completely wipe a slot in memory, including its policy. * From 2d73c209444deafb7d51408e23dc7283049f9960 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Fri, 10 Jan 2020 21:59:40 +0000 Subject: [PATCH 06/39] Context setup for vendor defeind AES key --- include/psa/crypto.h | 57 -------------------------------------- include/psa/crypto_extra.h | 56 +++++++++++++++++++++++++++++++++++++ library/psa_crypto.c | 16 +++++++++++ 3 files changed, 72 insertions(+), 57 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 90c9397bc..bdac6c8f5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3586,63 +3586,6 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, */ psa_status_t psa_generate_random(uint8_t * output, size_t output_size); -/** - * \brief Generate symmetric key of vendor defined format. - * - * \warning This function **can** fail! Callers MUST check the return status - * and MUST NOT use the content of the output buffer if the return - * status is not #PSA_SUCCESS. - * - * \note This function has to be defined by the vendor. - * A weakly linked version is provided by default and returns - * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; - * to generate a key, use psa_generate_key() instead. - * - * \param[in] type Type of symmetric key to be generated. - * \param[out] output Output buffer for the generated data. - * \param[out] output_size Number of bytes to generate and output. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); - -/** - * \brief Perform vendor specific setup for cipher operations. - * - * - * \note This function has to be defined by the vendor. - * A weakly linked version is provided by default and returns - * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; - * to generate a key, use psa_generate_key() instead. - * - * \param[in] type Type of symmetric key to be generated. - * \param[out] output Output buffer for the generated data. - * \param[out] output_size Number of bytes to generate and output. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg); - /** * \brief Generate a key or key pair. * diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 636c88110..64fa49447 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -66,6 +66,62 @@ extern "C" { * @{ */ +/** + * \brief Generate symmetric key of vendor defined format. + * + * \warning This function **can** fail! Callers MUST check the return status + * and MUST NOT use the content of the output buffer if the return + * status is not #PSA_SUCCESS. + * + * \note This function has to be defined by the vendor. + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in] type Type of symmetric key to be generated. + * \param[out] output Output buffer for the generated data. + * \param[out] output_size Number of bytes to generate and output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); + +/** + * \brief Perform vendor specific setup for cipher operations. + * + * + * \note This function has to be defined by the vendor. + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * . + */ +psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg); + /** \brief Declare the enrollment algorithm for a key. * * An operation on a key may indifferently use the algorithm set with diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 52191a619..61d43f683 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3694,6 +3694,17 @@ static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation, mbedtls_cipher_init( &operation->ctx.cipher ); return( PSA_SUCCESS ); } +// The weakly linked function "psa_cipher_setup_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "psa_cipher_setup_vendor" +psa_status_t psa_cipher_setup_vendor( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg) __attribute__ ((weak, alias("psa_cipher_setup_vendor_weak"))); +psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg); +psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg) +{ + (void)operation; + (void)handle; + (void)alg; + return PSA_ERROR_NOT_SUPPORTED; +} static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_key_handle_t handle, @@ -3789,6 +3800,11 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->iv_size = 12; #endif + if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + { + status = psa_cipher_setup_vendor(operation, handle, alg); + } + exit: if( status == 0 ) From 17547bc2b258beccaf8432cd6c2eeb6a38d5d2ed Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 14 Jan 2020 16:47:03 +0000 Subject: [PATCH 07/39] Wrapped key working now. --- library/psa_crypto.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 61d43f683..aa85f5edc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3745,6 +3745,11 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); if( ret != 0 ) goto exit; + + if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + { + status = psa_cipher_setup_vendor(operation, handle, alg); + } #if defined(MBEDTLS_DES_C) if( slot->attr.type == PSA_KEY_TYPE_DES && key_bits == 128 ) From 7de9ac5d20911ce64e0951069b4a1209e77e50bc Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 15 Jan 2020 18:08:15 +0000 Subject: [PATCH 08/39] Updates to make the AES Wrapped support generic --- include/mbedtls/aes.h | 45 +++++++++++++++++++------------------ include/psa/crypto_extra.h | 21 ++++++++++++++--- include/psa/crypto_values.h | 2 +- library/psa_crypto.c | 13 ++++++++++- 4 files changed, 54 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 71254b3c8..840c373e4 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -86,31 +86,32 @@ extern "C" */ typedef struct mbedtls_aes_context { - int nr; /*!< The number of rounds. */ - uint32_t *rk; /*!< AES round keys. */ - uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can - hold 32 extra Bytes, which can be used for - one of the following purposes: -
  • Alignment if VIA padlock is - used.
    • -
  • Simplifying key expansion in the 256-bit - case by generating an extra round key. -
*/ - bool vendor_format; /*!< Is the key of a vendor defined type. */ - } mbedtls_aes_context; + int nr; /*!< The number of rounds. */ + uint32_t * rk; /*!< AES round keys. */ + uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can + * hold 32 extra Bytes, which can be used for + * one of the following purposes: + *
  • Alignment if VIA padlock is + * used.
    • + *
  • Simplifying key expansion in the 256-bit + * case by generating an extra round key. + *
*/ + void * vendor_ctx; /*!< Vendor defined context. */ +} mbedtls_aes_context; + + #if defined(MBEDTLS_CIPHER_MODE_XTS) -#if defined(MBEDTLS_CIPHER_MODE_XTS) - /** +/** * \brief The AES XTS context-type definition. */ - typedef struct mbedtls_aes_xts_context - { - mbedtls_aes_context crypt; /*!< The AES context to use for AES block - encryption or decryption. */ - mbedtls_aes_context tweak; /*!< The AES context used for tweak - computation. */ - } mbedtls_aes_xts_context; -#endif /* MBEDTLS_CIPHER_MODE_XTS */ +typedef struct mbedtls_aes_xts_context +{ + mbedtls_aes_context crypt; /*!< The AES context to use for AES block + * encryption or decryption. */ + mbedtls_aes_context tweak; /*!< The AES context used for tweak + * computation. */ +} mbedtls_aes_xts_context; + #endif /* MBEDTLS_CIPHER_MODE_XTS */ #else /* MBEDTLS_AES_ALT */ #include "aes_alt.h" diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 64fa49447..ddd132bc5 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -141,9 +141,24 @@ psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key * verified that the usage of the key with multiple algorithms * is safe. */ -static inline void psa_set_key_enrollment_algorithm( - psa_key_attributes_t *attributes, - psa_algorithm_t alg2) + +/** Perform any vendor specific action when aborting a cipher operation. + * + * This function is called at the beginning of the psa_cipher_abort function. + * The vendor must provide an implementation of this function to perform any + * vendor specific abort operation. A weakly linked implementation of this + * function that does nothing is provided in the implementation. + * + * This function must not be called directly. + * + * \param[in,out] operation Initialized cipher operation. + * + * \retval #PSA_SUCCESS + * \retval Implementation dependent return values. + */ +psa_status_t psa_cipher_abort_vendor(psa_cipher_operation_t * operation); + +static inline void psa_set_key_enrollment_algorithm (psa_key_attributes_t * attributes, psa_algorithm_t alg2) { attributes->core.policy.alg2 = alg2; } diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ad35fc81a..826a31418 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -386,7 +386,7 @@ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_VENDOR_AES ((psa_key_type_t)0xC0000001) +#define PSA_KEY_TYPE_AES_VENDOR ((psa_key_type_t)0xC0000001) /** Whether a key type is AES. */ #define PSA_KEY_TYPE_IS_AES(type) (((type)&PSA_KEY_TYPE_AES) != 0) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index aa85f5edc..929f45741 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2488,7 +2488,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( switch( key_type ) { case PSA_KEY_TYPE_AES: - case PSA_KEY_TYPE_VENDOR_AES: + case PSA_KEY_TYPE_AES_VENDOR: cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; break; case PSA_KEY_TYPE_DES: @@ -3997,6 +3997,16 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, return( status ); } +// The weakly linked function "psa_cipher_abort_vendor_weak" which returns "PSA_SUCCESS" will be linked if +// the vendor does not provide a definition for "psa_cipher_abort_vendor" +psa_status_t psa_cipher_abort_vendor( psa_cipher_operation_t * operation) __attribute__ ((weak, alias("psa_cipher_abort_vendor_weak"))); +psa_status_t psa_cipher_abort_vendor_weak( psa_cipher_operation_t * operation); +psa_status_t psa_cipher_abort_vendor_weak( psa_cipher_operation_t * operation) +{ + (void)operation; + return PSA_SUCCESS; +} + psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) { if( operation->alg == 0 ) @@ -4012,6 +4022,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) return( PSA_ERROR_BAD_STATE ); + psa_cipher_abort_vendor(operation); mbedtls_cipher_free( &operation->ctx.cipher ); operation->alg = 0; From 1d573ec00e3485293f6fc169c200ad378bee5d23 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 21 Jan 2020 04:02:54 +0000 Subject: [PATCH 09/39] Added ECC vendor macros Made vendor support more generic --- include/psa/crypto_values.h | 33 +++++++++++---- library/psa_crypto.c | 81 ++++++++++++++----------------------- library/psa_crypto_core.h | 16 +++++--- 3 files changed, 67 insertions(+), 63 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 826a31418..5b4a3101e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -386,7 +386,7 @@ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES_VENDOR ((psa_key_type_t)0xC0000001) +#define PSA_KEY_TYPE_AES_VENDOR ((psa_key_type_t)(PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_AES)) /** Whether a key type is AES. */ #define PSA_KEY_TYPE_IS_AES(type) (((type)&PSA_KEY_TYPE_AES) != 0) @@ -436,8 +436,14 @@ #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) /** Elliptic curve public key. */ -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) +/** Elliptic curve key pair (Vendor defined format). */ +#define PSA_KEY_TYPE_ECC_KEY_PAIR_VENDOR(curve) \ + (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) +/** Elliptic curve public key (Vendor defined format). */ +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_VENDOR(curve) \ + (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) /** Whether a key type is an elliptic curve key (pair or public-only). */ #define PSA_KEY_TYPE_IS_ECC(type) \ @@ -449,14 +455,27 @@ PSA_KEY_TYPE_ECC_KEY_PAIR_BASE) /** Whether a key type is an elliptic curve public key. */ #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +/** Whether a key type is an elliptic curve key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_ECC_VENDOR(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ + ~PSA_KEY_TYPE_ECC_CURVE_MASK) == (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)) +/** Whether a key type is an elliptic curve key pair. */ +#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR_VENDOR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)) +/** Whether a key type is an elliptic curve public key. */ +#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY_VENDOR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)) +/** Extract the curve from an elliptic curve key type. */ +#define PSA_KEY_TYPE_GET_CURVE(type) \ + ((psa_ecc_curve_t)(PSA_KEY_TYPE_IS_ECC(type) ? ((type)&PSA_KEY_TYPE_ECC_CURVE_MASK) : 0)) /** Extract the curve from an elliptic curve key type. */ -#define PSA_KEY_TYPE_GET_CURVE(type) \ - ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ - ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ - 0)) +#define PSA_KEY_TYPE_GET_CURVE_VENDOR(type) \ + ((psa_ecc_curve_t)(PSA_KEY_TYPE_IS_ECC_VENDOR(type) ? ((type)&PSA_KEY_TYPE_ECC_CURVE_MASK) : 0)) /* The encoding of curve identifiers is currently aligned with the * TLS Supported Groups Registry (formerly known as the diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 929f45741..a7d018b50 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5435,30 +5435,6 @@ static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, } #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ -// The weakly linked function "prepare_raw_data_slot_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "prepare_raw_data_slot_vendor" -psa_status_t prepare_raw_data_slot_vendor( psa_key_type_t type, size_t bits, struct raw_data *raw) __attribute__ ((weak, alias("prepare_raw_data_slot_vendor_weak"))); -psa_status_t prepare_raw_data_slot_vendor_weak( psa_key_type_t type, size_t bits, struct raw_data *raw); -psa_status_t prepare_raw_data_slot_vendor_weak( psa_key_type_t type, size_t bits, struct raw_data *raw) -{ - (void)type; - (void)bits; - (void)raw; - return PSA_ERROR_NOT_SUPPORTED; -} - -// The weakly linked function "psa_generate_symmetric_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "psa_generate_symmetric_vendor" -psa_status_t psa_generate_symmetric_vendor( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) __attribute__ ((weak, alias("psa_generate_symmetric_vendor_weak"))); -psa_status_t psa_generate_symmetric_vendor_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); -psa_status_t psa_generate_symmetric_vendor_weak( psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size) -{ - (void)type; - (void)output; - (void)output_size; - return PSA_ERROR_NOT_SUPPORTED; -} - static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, size_t bits, const uint8_t *domain_parameters, size_t domain_parameters_size ) @@ -5471,31 +5447,18 @@ static psa_status_t psa_generate_key_internal( if( key_type_is_raw_bytes( type ) ) { psa_status_t status; - if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(type)) - { - status = prepare_raw_data_slot_vendor( type, bits, &slot->data.raw ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_generate_symmetric_vendor( type, bits, slot->data.raw.data, - slot->data.raw.bytes ); - if( status != PSA_SUCCESS ) - return( status ); - } - else - { - status = prepare_raw_data_slot( type, bits, &slot->data.raw ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_generate_random( slot->data.raw.data, - slot->data.raw.bytes ); - if( status != PSA_SUCCESS ) - return( status ); - #if defined(MBEDTLS_DES_C) - if( type == PSA_KEY_TYPE_DES ) - psa_des_set_key_parity( slot->data.raw.data, - slot->data.raw.bytes ); - #endif /* MBEDTLS_DES_C */ - } + status = prepare_raw_data_slot( type, bits, &slot->data.raw ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_generate_random( slot->data.raw.data, + slot->data.raw.bytes ); + if( status != PSA_SUCCESS ) + return( status ); + #if defined(MBEDTLS_DES_C) + if( type == PSA_KEY_TYPE_DES ) + psa_des_set_key_parity( slot->data.raw.data, + slot->data.raw.bytes ); + #endif /* MBEDTLS_DES_C */ } else @@ -5574,7 +5537,19 @@ static psa_status_t psa_generate_key_internal( return( PSA_SUCCESS ); } - +// The weakly linked function "psa_generate_key_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "psa_generate_key_vendor" +psa_status_t psa_generate_key_vendor( psa_key_slot_t *slot, size_t bits, + const uint8_t *domain_parameters, size_t domain_parameters_size ) __attribute__ ((weak, alias("psa_generate_key_vendor_weak"))); +psa_status_t psa_generate_key_vendor_weak( psa_key_slot_t *slot, size_t bits, + const uint8_t *domain_parameters, size_t domain_parameters_size ); +psa_status_t psa_generate_key_vendor_weak( psa_key_slot_t *slot, size_t bits, + const uint8_t *domain_parameters, size_t domain_parameters_size ) +{ + (void) slot; + + return PSA_ERROR_NOT_SUPPORTED; +} psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle ) { @@ -5605,6 +5580,12 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + { + status = psa_generate_key_vendor(slot, attributes->core.bits, + attributes->domain_parameters, attributes->domain_parameters_size); + } + else { status = psa_generate_key_internal( slot, attributes->core.bits, diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index f29ae4f9c..0525cf190 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -46,23 +46,27 @@ typedef struct struct raw_data { uint8_t *data; - size_t bytes; + size_t bytes; } raw; #if defined(MBEDTLS_RSA_C) + /* RSA public key or key pair */ - mbedtls_rsa_context *rsa; -#endif /* MBEDTLS_RSA_C */ + mbedtls_rsa_context * rsa; +#endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) + /* EC public key or key pair */ - mbedtls_ecp_keypair *ecp; -#endif /* MBEDTLS_ECP_C */ + mbedtls_ecp_keypair * ecp; +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* Any key type in a secure element */ struct se { psa_key_slot_number_t slot_number; } se; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + void * vendor_context; } data; } psa_key_slot_t; From ff0e8b947bfb7195d17b1bffe48aede1c2dd6a58 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 21 Jan 2020 15:01:10 +0000 Subject: [PATCH 10/39] Added ECDSA sign and verify weak functions --- include/psa/crypto_extra.h | 80 +++++++++++++++++++++++++++++++++----- library/psa_crypto.c | 80 ++++++++++++++++++++++++++++++++++++++ library/psa_crypto_core.h | 30 +++++++++++++- 3 files changed, 179 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index ddd132bc5..23d7c8a2f 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -8,6 +8,7 @@ * * This file is reserved for vendor-specific definitions. */ + /* * Copyright (C) 2018, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 @@ -66,6 +67,75 @@ extern "C" { * @{ */ +/** + * \brief Sign a hash or short message with a vendor defined private key. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param handle Handle to the key to use for the operation. + * It must be an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \p signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval Implementation dependent + */ +psa_status_t psa_asymmetric_sign_vendor(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t * hash, + size_t hash_length, + uint8_t * signature, + size_t signature_size, + size_t * signature_length); + +/** + * \brief Verify the signature a hash or short message using a vendor defined public key. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param handle Handle to the key to use for the operation. + * It must be a public key or an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message whose signature is to be + * verified. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The signature is valid. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * \retval Implementation dependent + */ +psa_status_t psa_asymmetric_verify_vendor(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t * hash, + size_t hash_length, + uint8_t * signature, + size_t * signature_length); + /** * \brief Generate symmetric key of vendor defined format. * @@ -84,15 +154,7 @@ extern "C" { * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. + * \retval Implementation dependent */ psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a7d018b50..a9c265cf1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3334,6 +3334,41 @@ static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, } #endif /* MBEDTLS_ECDSA_C */ +// The weakly linked function "psa_asymmetric_sign_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "psa_asymmetric_sign_vendor" +psa_status_t psa_asymmetric_sign_vendor( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_sign_vendor_weak"))); +psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ); +psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + (void) handle; + (void) alg; + (void)hash; + (void)hash_length; + (void)signature; + (void)signature_size; + (void)signature_length; + + + return PSA_ERROR_NOT_SUPPORTED; +} psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, @@ -3378,6 +3413,14 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + { + status = psa_asymmetric_sign_vendor(handle,alg, + hash, hash_length, + signature, signature_size, + signature_length ); + } + else #if defined(MBEDTLS_RSA_C) if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { @@ -3431,7 +3474,37 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, * memset because signature may be NULL in this case. */ return( status ); } +// The weakly linked function "psa_asymmetric_verify_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if +// the vendor does not provide a definition for "psa_asymmetric_verify_vendor" +psa_status_t psa_asymmetric_verify_vendor( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_verify_vendor_weak"))); +psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t *signature_length ); +psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t *signature_length ) +{ + (void) handle; + (void) alg; + (void)hash; + (void)hash_length; + (void)signature; + (void)signature_length; + + return PSA_ERROR_NOT_SUPPORTED; +} psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, @@ -3464,6 +3537,13 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + { + status = psa_asymmetric_verify_vendor(handle,alg, + hash, hash_length, + signature, signature_length ); + } + else #if defined(MBEDTLS_RSA_C) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 0525cf190..fd09ffb60 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -133,12 +133,38 @@ static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, * \param[in,out] slot The key slot to modify. * \param mask The mask of bits to clear. */ -static inline void psa_key_slot_clear_bits(psa_key_slot_t *slot, - uint16_t mask) +static inline void psa_key_slot_clear_bits (psa_key_slot_t * slot, uint16_t mask) { slot->attr.flags &= ~mask; } +/** + * \brief Generate a vendor defined key or key pair. + * + * \note This function has to be defined by the vendor. + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in] slot + * \param[in] bits + * \param[in] domain_parameters + * \param[in] domain_parameters_size + * + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval Implementation dependent. + */ +psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, + size_t bits, + const uint8_t * domain_parameters, + size_t domain_parameters_size); + /** * \brief Prepare a slot for vendor defined key type. * From 153cd2f7969f9c6dd868136a70f01ac9e454d18d Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 22 Jan 2020 16:54:38 +0000 Subject: [PATCH 11/39] removed unused weak functions Updated code to use lifetime value for vendor instead of vendor keytype --- include/psa/crypto_extra.h | 173 +++++----------- include/psa/crypto_struct.h | 400 ++++++++++++++++++------------------ include/psa/crypto_values.h | 20 -- library/psa_crypto.c | 44 ++-- library/psa_crypto_core.h | 100 ++++++--- 5 files changed, 344 insertions(+), 393 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 23d7c8a2f..a469959fa 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -29,113 +29,44 @@ */ #ifndef PSA_CRYPTO_EXTRA_H -#define PSA_CRYPTO_EXTRA_H + #define PSA_CRYPTO_EXTRA_H -#include "mbedtls/platform_util.h" + #include "mbedtls/platform_util.h" -#ifdef __cplusplus + #ifdef __cplusplus extern "C" { -#endif + #endif /* UID for secure storage seed */ -#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 + #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 /* * Deprecated PSA Crypto error code definitions */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define PSA_ERROR_UNKNOWN_ERROR \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR ) -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define PSA_ERROR_OCCUPIED_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS ) -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define PSA_ERROR_EMPTY_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST ) -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define PSA_ERROR_INSUFFICIENT_CAPACITY \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) -#endif + #if !defined(MBEDTLS_DEPRECATED_REMOVED) + #define PSA_ERROR_UNKNOWN_ERROR \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_GENERIC_ERROR) + #endif + + #if !defined(MBEDTLS_DEPRECATED_REMOVED) + #define PSA_ERROR_OCCUPIED_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_ALREADY_EXISTS) + #endif + + #if !defined(MBEDTLS_DEPRECATED_REMOVED) + #define PSA_ERROR_EMPTY_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_DOES_NOT_EXIST) + #endif + + #if !defined(MBEDTLS_DEPRECATED_REMOVED) + #define PSA_ERROR_INSUFFICIENT_CAPACITY \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_INSUFFICIENT_DATA) + #endif /** \addtogroup attributes * @{ */ -/** - * \brief Sign a hash or short message with a vendor defined private key. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param handle Handle to the key to use for the operation. - * It must be an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message to sign. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[out] signature Buffer where the signature is to be written. - * \param signature_size Size of the \p signature buffer in bytes. - * \param[out] signature_length On success, the number of bytes - * that make up the returned signature value. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p signature buffer is too small. You can - * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) - * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval Implementation dependent - */ -psa_status_t psa_asymmetric_sign_vendor(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t * hash, - size_t hash_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length); - -/** - * \brief Verify the signature a hash or short message using a vendor defined public key. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param handle Handle to the key to use for the operation. - * It must be a public key or an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message whose signature is to be - * verified. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] signature Buffer containing the signature to verify. - * \param signature_length Size of the \p signature buffer in bytes. - * - * \retval #PSA_SUCCESS - * The signature is valid. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * \retval Implementation dependent - */ -psa_status_t psa_asymmetric_verify_vendor(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t * hash, - size_t hash_length, - uint8_t * signature, - size_t * signature_length); - /** * \brief Generate symmetric key of vendor defined format. * @@ -237,7 +168,7 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm( return( attributes->core.policy.alg2 ); } -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /** Retrieve the slot number where a key is stored. * @@ -358,7 +289,7 @@ psa_status_t mbedtls_psa_register_se_key( * * This is an Mbed TLS extension. */ -void mbedtls_psa_crypto_free( void ); +void mbedtls_psa_crypto_free(void); /** \brief Statistics about * resource consumption related to the PSA keystore. @@ -396,7 +327,7 @@ typedef struct mbedtls_psa_stats_s * between the application and the keystore, the service may or * may not expose this function. */ -void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); +void mbedtls_psa_get_stats(mbedtls_psa_stats_t * stats); /** * \brief Inject an initial entropy seed for the random generator into @@ -479,7 +410,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * string. The length of the byte string is the length of the base prime `p` * in bytes. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) + #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x60020000) /** DSA key pair (private and public key). * @@ -497,10 +428,10 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * Add 1 to the resulting integer and use this as the private key *x*. * */ -#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70020000) + #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x70020000) /** Whether a key type is an DSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_DSA(type) \ + #define PSA_KEY_TYPE_IS_DSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) @@ -518,7 +449,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_DSA(hash_alg) \ + #define PSA_ALG_DSA(hash_alg) \ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) #define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) @@ -536,14 +467,14 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ + #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_DSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ + #define PSA_ALG_IS_DSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ PSA_ALG_DSA_BASE) -#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ + #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) -#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ + #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) @@ -551,9 +482,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, /* We need to expand the sample definition of this macro from * the API definition. */ -#undef PSA_ALG_IS_HASH_AND_SIGN -#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + #undef PSA_ALG_IS_HASH_AND_SIGN + #define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) /**@}*/ @@ -638,10 +569,10 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INSUFFICIENT_MEMORY */ -psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length); +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t * attributes, + psa_key_type_t type, + const uint8_t * data, + size_t data_length); /** * \brief Get domain parameters for a key. @@ -670,7 +601,7 @@ psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, - size_t *data_length); + size_t * data_length); /** Safe output buffer size for psa_get_key_domain_parameters(). * @@ -697,20 +628,20 @@ psa_status_t psa_get_key_domain_parameters( * If the parameters are not valid, the * return value is unspecified. */ -#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ - PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ + #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ + PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ 0) -#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ + #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/) -#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ + #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/) /**@}*/ -#ifdef __cplusplus + #ifdef __cplusplus } -#endif + #endif -#endif /* PSA_CRYPTO_EXTRA_H */ +#endif /* PSA_CRYPTO_EXTRA_H */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f177d5d91..48803a3f6 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -86,25 +86,25 @@ struct psa_hash_operation_s { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD2_C) - mbedtls_md2_context md2; + mbedtls_md2_context md2; #endif #if defined(MBEDTLS_MD4_C) - mbedtls_md4_context md4; + mbedtls_md4_context md4; #endif #if defined(MBEDTLS_MD5_C) - mbedtls_md5_context md5; + mbedtls_md5_context md5; #endif #if defined(MBEDTLS_RIPEMD160_C) - mbedtls_ripemd160_context ripemd160; + mbedtls_ripemd160_context ripemd160; #endif #if defined(MBEDTLS_SHA1_C) - mbedtls_sha1_context sha1; + mbedtls_sha1_context sha1; #endif #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context sha256; + mbedtls_sha256_context sha256; #endif #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context sha512; + mbedtls_sha512_context sha512; #endif } ctx; }; @@ -112,26 +112,26 @@ struct psa_hash_operation_s #define PSA_HASH_OPERATION_INIT {0, {0}} static inline struct psa_hash_operation_s psa_hash_operation_init( void ) { - const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; - return( v ); -} + const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; + return (v); + } #if defined(MBEDTLS_MD_C) -typedef struct -{ + typedef struct + { /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; -} psa_hmac_internal_data; + } psa_hmac_internal_data; #endif /* MBEDTLS_MD_C */ -struct psa_mac_operation_s -{ - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_required : 1; - unsigned int iv_set : 1; + struct psa_mac_operation_s + { + psa_algorithm_t alg; + unsigned int key_set : 1; + unsigned int iv_required : 1; + unsigned int iv_set : 1; unsigned int has_input : 1; unsigned int is_sign : 1; uint8_t mac_size; @@ -139,10 +139,10 @@ struct psa_mac_operation_s { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD_C) - psa_hmac_internal_data hmac; + psa_hmac_internal_data hmac; #endif #if defined(MBEDTLS_CMAC_C) - mbedtls_cipher_context_t cmac; + mbedtls_cipher_context_t cmac; #endif } ctx; }; @@ -150,15 +150,15 @@ struct psa_mac_operation_s #define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}} static inline struct psa_mac_operation_s psa_mac_operation_init( void ) { - const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; - return( v ); -} + const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; + return (v); + } -struct psa_cipher_operation_s -{ - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_required : 1; + struct psa_cipher_operation_s + { + psa_algorithm_t alg; + unsigned int key_set : 1; + unsigned int iv_required : 1; unsigned int iv_set : 1; uint8_t iv_size; uint8_t block_size; @@ -172,14 +172,14 @@ struct psa_cipher_operation_s #define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, {0}} static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) { - const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; - return( v ); -} + const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; + return (v); + } -struct psa_aead_operation_s -{ - psa_algorithm_t alg; - unsigned int key_set : 1; + struct psa_aead_operation_s + { + psa_algorithm_t alg; + unsigned int key_set : 1; unsigned int iv_set : 1; uint8_t iv_size; uint8_t block_size; @@ -193,66 +193,66 @@ struct psa_aead_operation_s #define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} static inline struct psa_aead_operation_s psa_aead_operation_init( void ) { - const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; - return( v ); -} + const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; + return (v); + } #if defined(MBEDTLS_MD_C) -typedef struct -{ - uint8_t *info; - size_t info_length; - psa_hmac_internal_data hmac; - uint8_t prk[PSA_HASH_MAX_SIZE]; - uint8_t output_block[PSA_HASH_MAX_SIZE]; + typedef struct + { + uint8_t *info; + size_t info_length; + psa_hmac_internal_data hmac; + uint8_t prk[PSA_HASH_MAX_SIZE]; + uint8_t output_block[PSA_HASH_MAX_SIZE]; #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif - uint8_t offset_in_block; - uint8_t block_number; - unsigned int state : 2; - unsigned int info_set : 1; -} psa_hkdf_key_derivation_t; + uint8_t offset_in_block; + uint8_t block_number; + unsigned int state : 2; + unsigned int info_set : 1; + } psa_hkdf_key_derivation_t; #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) -typedef enum -{ - TLS12_PRF_STATE_INIT, /* no input provided */ - TLS12_PRF_STATE_SEED_SET, /* seed has been set */ - TLS12_PRF_STATE_KEY_SET, /* key has been set */ - TLS12_PRF_STATE_LABEL_SET, /* label has been set */ - TLS12_PRF_STATE_OUTPUT /* output has been started */ -} psa_tls12_prf_key_derivation_state_t; - -typedef struct psa_tls12_prf_key_derivation_s -{ + typedef enum + { + TLS12_PRF_STATE_INIT, /* no input provided */ + TLS12_PRF_STATE_SEED_SET, /* seed has been set */ + TLS12_PRF_STATE_KEY_SET, /* key has been set */ + TLS12_PRF_STATE_LABEL_SET, /* label has been set */ + TLS12_PRF_STATE_OUTPUT /* output has been started */ + } psa_tls12_prf_key_derivation_state_t; + + typedef struct psa_tls12_prf_key_derivation_s + { #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif - /* Indicates how many bytes in the current HMAC block have + /* Indicates how many bytes in the current HMAC block have * not yet been read by the user. */ - uint8_t left_in_block; + uint8_t left_in_block; - /* The 1-based number of the block. */ - uint8_t block_number; + /* The 1-based number of the block. */ + uint8_t block_number; - psa_tls12_prf_key_derivation_state_t state; + psa_tls12_prf_key_derivation_state_t state; - uint8_t *seed; - size_t seed_length; - uint8_t *label; - size_t label_length; - psa_hmac_internal_data hmac; - uint8_t Ai[PSA_HASH_MAX_SIZE]; + uint8_t *seed; + size_t seed_length; + uint8_t *label; + size_t label_length; + psa_hmac_internal_data hmac; + uint8_t Ai[PSA_HASH_MAX_SIZE]; - /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ - uint8_t output_block[PSA_HASH_MAX_SIZE]; -} psa_tls12_prf_key_derivation_t; + /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ + uint8_t output_block[PSA_HASH_MAX_SIZE]; + } psa_tls12_prf_key_derivation_t; #endif /* MBEDTLS_MD_C */ -struct psa_key_derivation_s + struct psa_key_derivation_s { psa_algorithm_t alg; size_t capacity; @@ -261,41 +261,41 @@ struct psa_key_derivation_s /* Make the union non-empty even with no supported algorithms. */ uint8_t dummy; #if defined(MBEDTLS_MD_C) - psa_hkdf_key_derivation_t hkdf; - psa_tls12_prf_key_derivation_t tls12_prf; + psa_hkdf_key_derivation_t hkdf; + psa_tls12_prf_key_derivation_t tls12_prf; #endif - } ctx; + } ctx; }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ #define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {0}} static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) { - const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; - return( v ); -} + const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; + return (v); + } -struct psa_key_policy_s -{ - psa_key_usage_t usage; - psa_algorithm_t alg; - psa_algorithm_t alg2; + struct psa_key_policy_s + { + psa_key_usage_t usage; + psa_algorithm_t alg; + psa_algorithm_t alg2; }; typedef struct psa_key_policy_s psa_key_policy_t; #define PSA_KEY_POLICY_INIT {0, 0, 0} static inline struct psa_key_policy_s psa_key_policy_init( void ) { - const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; - return( v ); -} + const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; + return (v); + } -/* The type used internally for key sizes. + /* The type used internally for key sizes. * Public interfaces use size_t, but internally we use a smaller type. */ -typedef uint16_t psa_key_bits_t; + typedef uint16_t psa_key_bits_t; /* The maximum value of the type used to represent bit-sizes. * This is used to mark an invalid key size. */ -#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) +#define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t)(-1)) /* The maximum size of a key in bits. * Currently defined as the maximum that can be represented, rounded down * to a whole number of bytes. @@ -303,49 +303,49 @@ typedef uint16_t psa_key_bits_t; * conditionals. */ #define PSA_MAX_KEY_BITS 0xfff8 -/** A mask of flags that can be stored in key attributes. + /** A mask of flags that can be stored in key attributes. * * This type is also used internally to store flags in slots. Internal * flags are defined in library/psa_crypto_core.h. Internal flags may have * the same value as external flags if they are properly handled during * key creation and in psa_get_key_attributes. */ -typedef uint16_t psa_key_attributes_flag_t; + typedef uint16_t psa_key_attributes_flag_t; -#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ - ( (psa_key_attributes_flag_t) 0x0001 ) +#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ + ((psa_key_attributes_flag_t)0x0001) /* A mask of key attribute flags used externally only. * Only meant for internal checks inside the library. */ -#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ - MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ - 0 ) +#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ + MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ + 0) /* A mask of key attribute flags used both internally and externally. * Currently there aren't any. */ -#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ - 0 ) +#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ + 0) -typedef struct -{ - psa_key_type_t type; - psa_key_lifetime_t lifetime; - psa_key_id_t id; - psa_key_policy_t policy; - psa_key_bits_t bits; + typedef struct + { + psa_key_type_t type; + psa_key_lifetime_t lifetime; + psa_key_id_t id; + psa_key_policy_t policy; + psa_key_bits_t bits; psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; #define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0, 0} struct psa_key_attributes_s -{ - psa_core_key_attributes_t core; + { + psa_core_key_attributes_t core; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - psa_key_slot_number_t slot_number; + psa_key_slot_number_t slot_number; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - void *domain_parameters; - size_t domain_parameters_size; + void *domain_parameters; + size_t domain_parameters_size; }; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -354,116 +354,116 @@ struct psa_key_attributes_s #define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} #endif -static inline struct psa_key_attributes_s psa_key_attributes_init( void ) -{ - const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; - return( v ); -} + static inline struct psa_key_attributes_s psa_key_attributes_init(void) + { + const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; + return (v); + } -static inline void psa_set_key_id(psa_key_attributes_t *attributes, - psa_key_id_t id) -{ - attributes->core.id = id; - if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE ) - attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; -} + static inline void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id) + { + attributes->core.id = id; + if (attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE) + attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; + } -static inline psa_key_id_t psa_get_key_id( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.id ); -} + static inline psa_key_id_t psa_get_key_id( + const psa_key_attributes_t *attributes) + { + return (attributes->core.id); + } -static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, - psa_key_lifetime_t lifetime) -{ - attributes->core.lifetime = lifetime; - if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime) { + attributes->core.lifetime = lifetime; + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) + { #ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER - attributes->core.id.key_id = 0; - attributes->core.id.owner = 0; + attributes->core.id.key_id = 0; + attributes->core.id.owner = 0; #else attributes->core.id = 0; #endif + } } -} -static inline psa_key_lifetime_t psa_get_key_lifetime( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.lifetime ); -} + static inline psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes) + { + return (attributes->core.lifetime); + } -static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, - psa_key_usage_t usage_flags) -{ - attributes->core.policy.usage = usage_flags; -} + static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags) + { + attributes->core.policy.usage = usage_flags; + } -static inline psa_key_usage_t psa_get_key_usage_flags( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.policy.usage ); -} + static inline psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes) + { + return (attributes->core.policy.usage); + } -static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, - psa_algorithm_t alg) -{ - attributes->core.policy.alg = alg; -} + static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg) + { + attributes->core.policy.alg = alg; + } -static inline psa_algorithm_t psa_get_key_algorithm( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.policy.alg ); -} + static inline psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes) + { + return (attributes->core.policy.alg); + } -/* This function is declared in crypto_extra.h, which comes after this + /* This function is declared in crypto_extra.h, which comes after this * header file, but we need the function here, so repeat the declaration. */ -psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length); + psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); -static inline void psa_set_key_type(psa_key_attributes_t *attributes, - psa_key_type_t type) -{ - if( attributes->domain_parameters == NULL ) - { - /* Common case: quick path */ - attributes->core.type = type; - } - else + static inline void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type) { - /* Call the bigger function to free the old domain paramteres. + if (attributes->domain_parameters == NULL) + { + /* Common case: quick path */ + attributes->core.type = type; + } + else + { + /* Call the bigger function to free the old domain paramteres. * Ignore any errors which may arise due to type requiring * non-default domain parameters, since this function can't * report errors. */ - (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); + (void)psa_set_key_domain_parameters(attributes, type, NULL, 0); + } } -} -static inline psa_key_type_t psa_get_key_type( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.type ); -} + static inline psa_key_type_t psa_get_key_type( + const psa_key_attributes_t *attributes) + { + return (attributes->core.type); + } -static inline void psa_set_key_bits(psa_key_attributes_t *attributes, - size_t bits) -{ - if( bits > PSA_MAX_KEY_BITS ) - attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; - else - attributes->core.bits = (psa_key_bits_t) bits; -} + static inline void psa_set_key_bits(psa_key_attributes_t *attributes, + size_t bits) + { + if (bits > PSA_MAX_KEY_BITS) + attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; + else + attributes->core.bits = (psa_key_bits_t)bits; + } -static inline size_t psa_get_key_bits( - const psa_key_attributes_t *attributes) -{ - return( attributes->core.bits ); -} + static inline size_t psa_get_key_bits( + const psa_key_attributes_t *attributes) + { + return (attributes->core.bits); + } #ifdef __cplusplus } diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5b4a3101e..24b2277fe 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -438,12 +438,6 @@ /** Elliptic curve public key. */ #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) -/** Elliptic curve key pair (Vendor defined format). */ -#define PSA_KEY_TYPE_ECC_KEY_PAIR_VENDOR(curve) \ - (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) -/** Elliptic curve public key (Vendor defined format). */ -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_VENDOR(curve) \ - (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) /** Whether a key type is an elliptic curve key (pair or public-only). */ #define PSA_KEY_TYPE_IS_ECC(type) \ @@ -458,24 +452,10 @@ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) -/** Whether a key type is an elliptic curve key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_ECC_VENDOR(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ - ~PSA_KEY_TYPE_ECC_CURVE_MASK) == (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)) -/** Whether a key type is an elliptic curve key pair. */ -#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR_VENDOR(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ - (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)) -/** Whether a key type is an elliptic curve public key. */ -#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY_VENDOR(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ - (PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)) /** Extract the curve from an elliptic curve key type. */ #define PSA_KEY_TYPE_GET_CURVE(type) \ ((psa_ecc_curve_t)(PSA_KEY_TYPE_IS_ECC(type) ? ((type)&PSA_KEY_TYPE_ECC_CURVE_MASK) : 0)) /** Extract the curve from an elliptic curve key type. */ -#define PSA_KEY_TYPE_GET_CURVE_VENDOR(type) \ - ((psa_ecc_curve_t)(PSA_KEY_TYPE_IS_ECC_VENDOR(type) ? ((type)&PSA_KEY_TYPE_ECC_CURVE_MASK) : 0)) /* The encoding of curve identifiers is currently aligned with the * TLS Supported Groups Registry (formerly known as the diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a9c265cf1..aa4ab7325 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1493,7 +1493,7 @@ static psa_status_t psa_validate_key_attributes( { psa_status_t status; - if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( PSA_KEY_LIFETIME_IS_PERSISTENT (attributes->core.lifetime)) { status = psa_validate_persistent_key_parameters( attributes->core.lifetime, attributes->core.id, @@ -3336,21 +3336,21 @@ static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, // The weakly linked function "psa_asymmetric_sign_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if // the vendor does not provide a definition for "psa_asymmetric_sign_vendor" -psa_status_t psa_asymmetric_sign_vendor( psa_key_handle_t handle, +psa_status_t psa_asymmetric_sign_vendor( psa_key_slot_t * slot, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_sign_vendor_weak"))); -psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_handle_t handle, +psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_slot_t * slot, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_handle_t handle, +psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_slot_t * slot, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -3358,7 +3358,7 @@ psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_handle_t handle, size_t signature_size, size_t *signature_length ) { - (void) handle; + (void) slot ; (void) alg; (void)hash; (void)hash_length; @@ -3413,11 +3413,11 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { - status = psa_asymmetric_sign_vendor(handle,alg, - hash, hash_length, - signature, signature_size, + status = psa_asymmetric_sign_vendor(slot,alg, + hash, hash_length, + signature, signature_size, signature_length ); } else @@ -3476,26 +3476,26 @@ if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) } // The weakly linked function "psa_asymmetric_verify_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if // the vendor does not provide a definition for "psa_asymmetric_verify_vendor" -psa_status_t psa_asymmetric_verify_vendor( psa_key_handle_t handle, +psa_status_t psa_asymmetric_verify_vendor( psa_key_slot_t * slot, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, - size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_verify_vendor_weak"))); -psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_handle_t handle, + size_t signature_length ) __attribute__ ((weak, alias("psa_asymmetric_verify_vendor_weak"))); +psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_slot_t * slot, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, - size_t *signature_length ); -psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_handle_t handle, + size_t signature_length ); +psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_slot_t * slot, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, - size_t *signature_length ) + size_t signature_length ) { - (void) handle; + (void) slot; (void) alg; (void)hash; (void)hash_length; @@ -3537,11 +3537,11 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) +if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { - status = psa_asymmetric_verify_vendor(handle,alg, + return( psa_asymmetric_verify_vendor(slot,alg, hash, hash_length, - signature, signature_length ); + signature, signature_length ) ); } else #if defined(MBEDTLS_RSA_C) @@ -3826,7 +3826,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( ret != 0 ) goto exit; - if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_cipher_setup_vendor(operation, handle, alg); } @@ -3885,7 +3885,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->iv_size = 12; #endif - if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_cipher_setup_vendor(operation, handle, alg); } @@ -5660,7 +5660,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type)) + if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_generate_key_vendor(slot, attributes->core.bits, attributes->domain_parameters, attributes->domain_parameters_size); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index fd09ffb60..d5875493e 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -165,48 +165,88 @@ psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, const uint8_t * domain_parameters, size_t domain_parameters_size); -/** - * \brief Prepare a slot for vendor defined key type. +/** Completely wipe a slot in memory, including its policy. * - * \warning This function **can** fail! Callers MUST check the return status - * and MUST NOT use the content of the output buffer if the return - * status is not #PSA_SUCCESS. + * Persistent storage is not affected. * - * \note This function has to be defined by the vendor. - * A weakly linked version is provided by default and returns - * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; - * to generate a key, use psa_generate_key() instead. + * \param[in,out] slot The key slot to wipe. * - * \param[in] type Type of symmetric key to be generated. - * \param[out] output Output buffer for the generated data. - * \param[out] output_size Number of bytes to generate and output. + * \retval PSA_SUCCESS + * Success. This includes the case of a key slot that was + * already fully wiped. + * \retval PSA_ERROR_CORRUPTION_DETECTED + */ + +/** + * \brief Sign a hash or short message with a vendor defined private key. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param slot Key slot to use for the operation. + * It must be an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \p signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. + * \retval Implementation dependent */ -psa_status_t prepare_raw_data_slot_vendor(psa_key_type_t type, size_t bits, struct raw_data *raw); +psa_status_t psa_asymmetric_sign_vendor(psa_key_slot_t * slot, + psa_algorithm_t alg, + const uint8_t * hash, + size_t hash_length, + uint8_t * signature, + size_t signature_size, + size_t * signature_length); -/** Completely wipe a slot in memory, including its policy. +/** + * \brief Verify the signature a hash or short message using a vendor defined public key. * - * Persistent storage is not affected. + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. * - * \param[in,out] slot The key slot to wipe. + * \param handle Key slot to use for the operation. + * It must be a public key or an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message whose signature is to be + * verified. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param signature_length Size of the \p signature buffer in bytes. * - * \retval PSA_SUCCESS - * Success. This includes the case of a key slot that was - * already fully wiped. - * \retval PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS + * The signature is valid. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * \retval Implementation dependent */ -psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); +psa_status_t psa_asymmetric_verify_vendor(psa_key_slot_t * slot, + psa_algorithm_t alg, + const uint8_t * hash, + size_t hash_length, + uint8_t * signature, + size_t signature_length); + +psa_status_t psa_wipe_key_slot(psa_key_slot_t * slot); /** Import key data into a slot. * From aa259cf06550d6478d65f282ac9b0ccd7addf018 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 22 Jan 2020 17:00:51 +0000 Subject: [PATCH 12/39] Added macros to check lifetime --- include/psa/crypto_values.h | 520 ++++++++++++++++++------------------ 1 file changed, 266 insertions(+), 254 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 24b2277fe..ad6f8fae9 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -50,7 +50,7 @@ * * Implementations may use this error code if none of the other standard * error codes are applicable. */ -#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) /** The requested operation or a parameter is not supported * by this implementation. @@ -59,7 +59,7 @@ * parameter such as a key type, algorithm, etc. is not recognized. * If a combination of parameters is recognized and identified as * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) /** The requested action is denied by a policy. * @@ -72,7 +72,7 @@ * not valid or not supported, it is unspecified whether the function * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or * #PSA_ERROR_INVALID_ARGUMENT. */ -#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) /** An output buffer is too small. * @@ -84,19 +84,19 @@ * buffer would succeed. However implementations may return this * error if a function has invalid or unsupported parameters in addition * to the parameters that determine the necessary output buffer size. */ -#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) /** Asking for an item that already exists * * Implementations should return this error, when attempting * to write an item (like a key) that already exists. */ -#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) /** Asking for an item that doesn't exist * * Implementations should return this error, if a requested item (like * a key) does not exist. */ -#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) /** The requested action cannot be performed in the current state. * @@ -112,7 +112,7 @@ * Implementations shall not return this error code to indicate that a * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ -#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) /** The parameters passed to the function are invalid. * @@ -123,13 +123,13 @@ * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ -#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) /** There is not enough runtime memory. * * If the action is carried out across multiple security realms, this * error can refer to available memory in any of the security realms. */ -#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) /** There is not enough persistent storage. * @@ -138,7 +138,7 @@ * many functions that do not otherwise access storage may return this * error code if the implementation requires a mandatory log entry for * the requested action and the log storage space is full. */ -#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) /** There was a communication failure inside the implementation. * @@ -180,13 +180,13 @@ * permanent storage corruption. However application writers should * keep in mind that transient errors while reading the storage may be * reported using this error code. */ -#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) /** A hardware failure was detected. * * A hardware failure may be transient or permanent depending on the * cause. */ -#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) /** A tampering attempt was detected. * @@ -217,7 +217,7 @@ * This error indicates an attack against the application. Implementations * shall not return this error code as a consequence of the behavior of * the application itself. */ -#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) +#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) /** There is not enough entropy to generate random data needed * for the requested action. @@ -236,7 +236,7 @@ * secure pseudorandom generator (PRNG). However implementations may return * this error at any time if a policy requires the PRNG to be reseeded * during normal operation. */ -#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) /** The signature, MAC or hash is incorrect. * @@ -246,7 +246,7 @@ * * If the value to verify has an invalid size, implementations may return * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) /** The decrypted padding is incorrect. * @@ -262,15 +262,15 @@ * as close as possible to indistinguishable to an external observer. * In particular, the timing of a decryption operation should not * depend on the validity of the padding. */ -#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) /** Return this error when there's insufficient data when attempting * to read from a resource. */ -#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) /** The key handle is not valid. See also :ref:\`key-handles\`. */ -#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) /**@}*/ @@ -282,7 +282,7 @@ * * Zero is not the encoding of any key type. */ -#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) +#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) /** Vendor-defined flag * @@ -291,26 +291,26 @@ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should * respect the bitwise structure used by standard encodings whenever practical. */ -#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) -#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) /** Whether a key type is vendor-defined. */ #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ - (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) + (((type)&PSA_KEY_TYPE_VENDOR_FLAG) != 0) /** Whether a key type is an unstructured array of bytes. * * This encompasses both symmetric keys and non-key data. */ -#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ +#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ + (((type)&PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ PSA_KEY_TYPE_CATEGORY_SYMMETRIC) /** Whether a key type is asymmetric: either a key pair or a public key. */ @@ -319,12 +319,12 @@ & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) /** Whether a key type is the public part of a key pair. */ -#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type)&PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) /** Whether a key type is a key pair containing a private part and a public * part. */ -#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) +#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ + (((type)&PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) /** The key pair type corresponding to a public key type. * * You may also pass a key pair type as \p type, it will be left unchanged. @@ -335,7 +335,7 @@ * If \p type is not a public key or a key pair, * the return value is undefined. */ -#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ +#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** The public key type corresponding to a key pair type. * @@ -347,14 +347,14 @@ * If \p type is not a public key or a key pair, * the return value is undefined. */ -#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** Raw data. * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) /** HMAC key. * @@ -400,17 +400,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -419,36 +419,36 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) /** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) /** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) /** Whether a key type is an RSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_RSA(type) \ +#define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) -#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) /** Elliptic curve key pair. */ -#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ +#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) /** Elliptic curve public key. */ #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) /** Whether a key type is an elliptic curve key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_ECC(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ +#define PSA_KEY_TYPE_IS_ECC(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) /** Whether a key type is an elliptic curve key pair. */ -#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ +#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_KEY_PAIR_BASE) /** Whether a key type is an elliptic curve public key. */ -#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ +#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) @@ -462,70 +462,70 @@ * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * The values are defined by RFC 8422 and RFC 7027. */ -#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) -#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) -#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) -#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) -#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) -#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) -#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) -#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) -#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) -#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) -#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) -#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) -#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) -#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) -#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) -#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) -#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) -#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) -#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) -#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) -#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) -#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) -#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) -#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) -#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) -#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) -#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) -#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t)0x0001) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t)0x0002) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t)0x0003) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t)0x0004) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t)0x0005) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t)0x0006) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t)0x0007) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t)0x0008) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t)0x0009) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t)0x000a) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t)0x000b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t)0x000c) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t)0x000d) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t)0x000e) +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t)0x000f) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t)0x0010) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t)0x0011) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t)0x0012) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t)0x0013) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t)0x0014) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t)0x0015) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t)0x0016) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t)0x0017) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t)0x0018) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t)0x0019) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t)0x001a) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t)0x001b) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t)0x001c) /** Curve25519. * * This is the curve defined in Bernstein et al., * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. */ -#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t)0x001d) /** Curve448 * * This is the curve defined in Hamburg, * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. */ -#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t)0x001e) -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) -#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) -#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) /** Diffie-Hellman key pair. */ -#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ +#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) /** Diffie-Hellman public key. */ -#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ +#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) /** Whether a key type is a Diffie-Hellman key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_DH(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ +#define PSA_KEY_TYPE_IS_DH(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) /** Whether a key type is a Diffie-Hellman key pair. */ -#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ - (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ +#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ PSA_KEY_TYPE_DH_KEY_PAIR_BASE) /** Whether a key type is a Diffie-Hellman public key. */ -#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ - (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ +#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) /** Extract the group from a Diffie-Hellman key type. */ @@ -539,11 +539,11 @@ * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * The values are defined by RFC 7919. */ -#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x0100) -#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x0101) -#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x0102) -#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) -#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) +#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t)0x0100) +#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t)0x0101) +#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t)0x0102) +#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t)0x0103) +#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t)0x0104) /** The block size of a block cipher. * @@ -572,18 +572,18 @@ 0) #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) -#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) -#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) -#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) -#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) -#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) -#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) -#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) - -#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ - (((alg) & PSA_ALG_VENDOR_FLAG) != 0) +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) + +#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ + (((alg)&PSA_ALG_VENDOR_FLAG) != 0) /** Whether the specified algorithm is a hash algorithm. * @@ -593,8 +593,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_HASH(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) +#define PSA_ALG_IS_HASH(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) /** Whether the specified algorithm is a MAC algorithm. * @@ -604,8 +604,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_MAC(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) +#define PSA_ALG_IS_MAC(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) /** Whether the specified algorithm is a symmetric cipher algorithm. * @@ -615,8 +615,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_CIPHER(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) +#define PSA_ALG_IS_CIPHER(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) /** Whether the specified algorithm is an authenticated encryption * with associated data (AEAD) algorithm. @@ -627,8 +627,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_AEAD(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) +#define PSA_ALG_IS_AEAD(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) /** Whether the specified algorithm is a public-key signature algorithm. * @@ -638,8 +638,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_SIGN(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) +#define PSA_ALG_IS_SIGN(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) /** Whether the specified algorithm is a public-key encryption algorithm. * @@ -649,8 +649,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) +#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) /** Whether the specified algorithm is a key agreement algorithm. * @@ -660,8 +660,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) +#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) /** Whether the specified algorithm is a key derivation algorithm. * @@ -671,36 +671,36 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_KEY_DERIVATION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) +#define PSA_ALG_IS_KEY_DERIVATION(alg) \ + (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) -#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) -#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) -#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) -#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) +#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) /** SHA2-224 */ -#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) /** SHA2-256 */ -#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) /** SHA2-384 */ -#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) /** SHA2-512 */ -#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) /** SHA2-512/224 */ -#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) /** SHA2-512/256 */ -#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) /** SHA3-224 */ -#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) /** SHA3-256 */ -#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) /** SHA3-384 */ -#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) /** SHA3-512 */ -#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) +#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) /** In a hash-and-sign algorithm policy, allow any hash algorithm. * @@ -735,10 +735,10 @@ * This value may not be used to build an algorithm specification to * perform an operation. It is only valid to build policies. */ -#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) -#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) /** Macro to build an HMAC algorithm. * * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. @@ -750,11 +750,11 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_HMAC(hash_alg) \ - (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_HMAC(hash_alg) \ + (PSA_ALG_HMAC_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) -#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hmac_alg)&PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is an HMAC algorithm. * @@ -766,7 +766,7 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_HMAC(alg) \ +#define PSA_ALG_IS_HMAC(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_HMAC_BASE) @@ -777,7 +777,7 @@ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation * is correctly encoded as a value between 1 and 63. */ -#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) #define PSA_MAC_TRUNCATION_OFFSET 8 /** Macro to build a truncated MAC algorithm. @@ -813,8 +813,8 @@ * MAC algorithm or if \p mac_length is too small or * too large for the specified MAC algorithm. */ -#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ - (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ +#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ + (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) /** Macro to build the base MAC algorithm corresponding to a truncated @@ -829,7 +829,7 @@ * \return Unspecified if \p alg is not a supported * MAC algorithm. */ -#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ +#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) /** Length to which a MAC algorithm is truncated. @@ -843,18 +843,18 @@ * \return Unspecified if \p alg is not a supported * MAC algorithm. */ -#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ - (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) +#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ + (((mac_alg)&PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) -#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) /** The CBC-MAC construction over a block cipher * * \warning CBC-MAC is insecure in many cases. * A more secure mode, such as #PSA_ALG_CMAC, is recommended. */ -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) /** The CMAC construction over a block cipher */ -#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) +#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * @@ -864,12 +864,12 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ +#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_CIPHER_MAC_BASE) -#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) -#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) /** Whether the specified algorithm is a stream cipher. * @@ -883,13 +883,13 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier or if it is not a symmetric cipher algorithm. */ -#define PSA_ALG_IS_STREAM_CIPHER(alg) \ +#define PSA_ALG_IS_STREAM_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ - (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) /** The ARC4 stream cipher algorithm. */ -#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) +#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) /** The ChaCha20 stream cipher. * @@ -901,7 +901,7 @@ * The initial block counter is always 0. * */ -#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) +#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) /** The CTR stream cipher mode. * @@ -910,19 +910,19 @@ * For example, to use AES-128-CTR, use this algorithm with * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) +#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) /** The CFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) +#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) /** The OFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) +#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) /** The XTS cipher mode. * @@ -930,7 +930,7 @@ * least one full block of input, but beyond this minimum the input * does not need to be a whole number of blocks. */ -#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) +#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) /** The CBC block cipher chaining mode, with no padding. * @@ -939,7 +939,7 @@ * This symmetric cipher mode can only be used with messages whose lengths * are whole number of blocks for the chosen block cipher. */ -#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) /** The CBC block cipher chaining mode with PKCS#7 padding. * @@ -947,9 +947,9 @@ * * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. */ -#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) -#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) /** Whether the specified algorithm is an AEAD mode on a block cipher. * @@ -960,7 +960,7 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ +#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \ (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) @@ -968,13 +968,13 @@ * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) +#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) /** The GCM authenticated encryption algorithm. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) +#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) /** The Chacha20-Poly1305 AEAD algorithm. * @@ -985,13 +985,13 @@ * * Implementations must support 16-byte tags and should reject other sizes. */ -#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) /* In the encoding of a AEAD algorithm, the bits corresponding to * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * The constants for default lengths follow this encoding. */ -#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) #define PSA_AEAD_TAG_LENGTH_OFFSET 8 /** Macro to build a shortened AEAD algorithm. @@ -1012,9 +1012,9 @@ * AEAD algorithm or if \p tag_length is not valid * for the specified AEAD algorithm. */ -#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ - (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ - ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ + (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ + ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ PSA_ALG_AEAD_TAG_LENGTH_MASK)) /** Calculate the corresponding AEAD algorithm with the default tag length. @@ -1025,7 +1025,7 @@ * \return The corresponding AEAD algorithm with the default * tag length for that algorithm. */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ ( \ PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \ PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \ @@ -1052,8 +1052,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ - (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) /** Raw PKCS#1 v1.5 signature. * * The input to this algorithm is the DigestInfo structure used by @@ -1061,10 +1061,10 @@ * steps 3–6. */ #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE -#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ +#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) -#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) /** RSA PSS signature with hashing. * * This is the signature scheme defined by RFC 8017 @@ -1083,12 +1083,12 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_RSA_PSS(hash_alg) \ - (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_PSS(alg) \ +#define PSA_ALG_RSA_PSS(hash_alg) \ + (PSA_ALG_RSA_PSS_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PSS(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) -#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) /** ECDSA signature with hashing. * * This is the ECDSA signature scheme defined by ANSI X9.62, @@ -1109,8 +1109,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_ECDSA(hash_alg) \ - (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_ECDSA(hash_alg) \ + (PSA_ALG_ECDSA_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) /** ECDSA signature without hashing. * * This is the same signature scheme as #PSA_ALG_ECDSA(), but @@ -1121,7 +1121,7 @@ * the curve size. */ #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE -#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) /** Deterministic ECDSA signature with hashing. * * This is the deterministic ECDSA signature scheme defined by RFC 6979. @@ -1144,16 +1144,16 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ - (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_ECDSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ +#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_ECDSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ PSA_ALG_ECDSA_BASE) -#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ - (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) -#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ +#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ + (((alg)&PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) -#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ +#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) /** Whether the specified algorithm is a hash-and-sign algorithm. @@ -1169,8 +1169,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ PSA_ALG_IS_ECDSA(alg)) /** Get the hash used by a hash-and-sign signature algorithm. @@ -1199,9 +1199,9 @@ /** RSA PKCS#1 v1.5 encryption. */ -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) -#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) /** RSA OAEP encryption. * * This is the encryption scheme defined by RFC 8017 @@ -1216,8 +1216,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_RSA_OAEP(hash_alg) \ - (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_RSA_OAEP(hash_alg) \ + (PSA_ALG_RSA_OAEP_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_OAEP(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ @@ -1246,8 +1246,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_HKDF(hash_alg) \ - (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_HKDF(hash_alg) \ + (PSA_ALG_HKDF_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is an HKDF algorithm. * * HKDF is a family of key derivation algorithms that are based on a hash @@ -1259,12 +1259,12 @@ * This macro may return either 0 or 1 if \c alg is not a supported * key derivation algorithm identifier. */ -#define PSA_ALG_IS_HKDF(alg) \ +#define PSA_ALG_IS_HKDF(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) -#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg)&PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) /** Macro to build a TLS-1.2 PRF algorithm. * * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, @@ -1291,8 +1291,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_TLS12_PRF(hash_alg) \ - (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PRF(hash_alg) \ + (PSA_ALG_TLS12_PRF_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is a TLS-1.2 PRF algorithm. * @@ -1302,12 +1302,12 @@ * This macro may return either 0 or 1 if \c alg is not a supported * key derivation algorithm identifier. */ -#define PSA_ALG_IS_TLS12_PRF(alg) \ +#define PSA_ALG_IS_TLS12_PRF(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) -#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg)&PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. * * In a pure-PSK handshake in TLS 1.2, the master secret is derived @@ -1337,8 +1337,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ - (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ + (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. * @@ -1348,13 +1348,13 @@ * This macro may return either 0 or 1 if \c alg is not a supported * key derivation algorithm identifier. */ -#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ +#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) -#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg)&PSA_ALG_HASH_MASK)) -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) -#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) /** Macro to build a combined algorithm that chains a key agreement with * a key derivation. @@ -1370,14 +1370,14 @@ * key agreement algorithm or \p kdf_alg is not a * supported key derivation algorithm. */ -#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ +#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ ((ka_alg) | (kdf_alg)) -#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ - (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) +#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ + (((alg)&PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) -#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ - (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) +#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ + (((alg)&PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) /** Whether the specified algorithm is a raw key agreement algorithm. * @@ -1393,11 +1393,11 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ - (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ +#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ + (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) -#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ +#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg))) /** The finite-field Diffie-Hellman (DH) key agreement algorithm. @@ -1407,7 +1407,7 @@ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * in bits. */ -#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) +#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. * @@ -1449,7 +1449,7 @@ * in big-endian byte order. * The bit size is `m` for the field `F_{2^m}`. */ -#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) +#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) /** Whether the specified algorithm is an elliptic curve Diffie-Hellman * algorithm. @@ -1495,7 +1495,7 @@ /** A volatile key only exists as long as the handle to it is not closed. * The key material is guaranteed to be erased on a power reset. */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) /** The default storage area for persistent keys. * @@ -1509,20 +1509,32 @@ * application. Implementations may offer other storage areas designated * by other lifetime values as implementation-specific extensions. */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) + +#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \ + (((lifetime)&PSA_KEY_LIFETIME_VOLATILE) != 0) + +#define PSA_KEY_LIFETIME_IS_PERSISTENT(lifetime) \ + (((lifetime)&PSA_KEY_LIFETIME_PERSISTENT) != 0) + +#define PSA_KEY_LIFETIME_VENDOR_FLAG ((psa_key_lifetime_t)0x80000000) +#define PSA_KEY_LIFETIME_PERSISTENT_VENDOR (PSA_KEY_LIFETIME_VENDOR_FLAG | PSA_KEY_LIFETIME_PERSISTENT) +#define PSA_KEY_LIFETIME_VOLATILE_VENDOR (PSA_KEY_LIFETIME_VENDOR_FLAG | PSA_KEY_LIFETIME_VOLATILE) +#define PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(lifetime) \ + (((lifetime)&PSA_KEY_LIFETIME_VENDOR_FLAG) != 0) /** The minimum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) +#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) /** The maximum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) +#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) /** The minimum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) +#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) /** The maximum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) +#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) /**@}*/ @@ -1541,7 +1553,7 @@ * The key may however be exportable in a wrapped form, i.e. in a form * where it is encrypted by another key. */ -#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) /** Whether the key may be copied. * @@ -1557,7 +1569,7 @@ * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY * is sufficient to permit the copy. */ -#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) +#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) /** Whether the key may be used to encrypt a message. * @@ -1568,7 +1580,7 @@ * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) /** Whether the key may be used to decrypt a message. * @@ -1579,7 +1591,7 @@ * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) /** Whether the key may be used to sign a message. * @@ -1589,7 +1601,7 @@ * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) +#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) /** Whether the key may be used to verify a message signature. * @@ -1599,11 +1611,11 @@ * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) +#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) /** Whether the key may be used to derive other keys. */ -#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) /**@}*/ @@ -1615,31 +1627,31 @@ * * This must be a key of type #PSA_KEY_TYPE_DERIVE. */ -#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) /** A label for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) /** A salt for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) /** An information string for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) /** A seed for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) +#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) /**@}*/ From bbaaced382f22a51e3a79afd985d362085bff43a Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 22 Jan 2020 21:00:02 +0000 Subject: [PATCH 13/39] undid uncrustify changes --- include/mbedtls/aes.h | 87 +++++++++++++++++++++---------------------- 1 file changed, 43 insertions(+), 44 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 840c373e4..b7e154b74 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -51,73 +51,72 @@ #include /* padlock.c and aesni.c rely on these values! */ -#define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */ -#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */ +#define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */ +#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */ /* Error codes in range 0x0020-0x0022 */ -#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ -#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ +#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ +#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ /* Error codes in range 0x0021-0x0025 */ -#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ +#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ /* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */ -#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */ +#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */ /* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */ -#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */ +#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */ -#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif #ifdef __cplusplus -extern "C" -{ +extern "C" { #endif #if !defined(MBEDTLS_AES_ALT) - // Regular implementation - // +// Regular implementation +// - /** +/** * \brief The AES context-type definition. */ - typedef struct mbedtls_aes_context - { - int nr; /*!< The number of rounds. */ - uint32_t * rk; /*!< AES round keys. */ - uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can - * hold 32 extra Bytes, which can be used for - * one of the following purposes: - *
  • Alignment if VIA padlock is - * used.
    • - *
  • Simplifying key expansion in the 256-bit - * case by generating an extra round key. - *
*/ - void * vendor_ctx; /*!< Vendor defined context. */ -} mbedtls_aes_context; - - #if defined(MBEDTLS_CIPHER_MODE_XTS) +typedef struct mbedtls_aes_context +{ + int nr; /*!< The number of rounds. */ + uint32_t *rk; /*!< AES round keys. */ + uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can + hold 32 extra Bytes, which can be used for + one of the following purposes: +
  • Alignment if VIA padlock is + used.
    • +
  • Simplifying key expansion in the 256-bit + case by generating an extra round key. +
*/ + void *vendor_ctx; /*!< Vendor defined context. */ +} +mbedtls_aes_context; +#if defined(MBEDTLS_CIPHER_MODE_XTS) /** * \brief The AES XTS context-type definition. */ typedef struct mbedtls_aes_xts_context { - mbedtls_aes_context crypt; /*!< The AES context to use for AES block - * encryption or decryption. */ - mbedtls_aes_context tweak; /*!< The AES context used for tweak - * computation. */ + mbedtls_aes_context crypt; /*!< The AES context to use for AES block + encryption or decryption. */ + mbedtls_aes_context tweak; /*!< The AES context used for tweak + computation. */ } mbedtls_aes_xts_context; - #endif /* MBEDTLS_CIPHER_MODE_XTS */ +#endif /* MBEDTLS_CIPHER_MODE_XTS */ -#else /* MBEDTLS_AES_ALT */ +#else /* MBEDTLS_AES_ALT */ #include "aes_alt.h" #endif /* MBEDTLS_AES_ALT */ - /** +/** * \brief This function initializes the specified AES context. * * It must be the first API called before using @@ -125,19 +124,19 @@ typedef struct mbedtls_aes_xts_context * * \param ctx The AES context to initialize. This must not be \c NULL. */ - void mbedtls_aes_init(mbedtls_aes_context *ctx); +void mbedtls_aes_init( mbedtls_aes_context *ctx ); - /** +/** * \brief This function releases and clears the specified AES context. * * \param ctx The AES context to clear. * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ - void mbedtls_aes_free(mbedtls_aes_context *ctx); +void mbedtls_aes_free( mbedtls_aes_context *ctx ); #if defined(MBEDTLS_CIPHER_MODE_XTS) - /** +/** * \brief This function initializes the specified AES XTS context. * * It must be the first API called before using @@ -145,19 +144,19 @@ typedef struct mbedtls_aes_xts_context * * \param ctx The AES XTS context to initialize. This must not be \c NULL. */ - void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx); +void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); - /** +/** * \brief This function releases and clears the specified AES XTS context. * * \param ctx The AES XTS context to clear. * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ - void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx); +void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); #endif /* MBEDTLS_CIPHER_MODE_XTS */ - /** +/** * \brief This function sets the encryption key. * * \param ctx The AES context to which the key should be bound. From 6b632ef3c17f9c6d3adb5cc4dfd96bdc37b43238 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 22 Jan 2020 21:35:25 +0000 Subject: [PATCH 14/39] removed uncrustify changes --- include/psa/crypto_extra.h | 109 +++++++++++++++++++------------------ 1 file changed, 55 insertions(+), 54 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a469959fa..1d05e1926 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -8,7 +8,6 @@ * * This file is reserved for vendor-specific definitions. */ - /* * Copyright (C) 2018, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 @@ -29,39 +28,39 @@ */ #ifndef PSA_CRYPTO_EXTRA_H - #define PSA_CRYPTO_EXTRA_H +#define PSA_CRYPTO_EXTRA_H - #include "mbedtls/platform_util.h" +#include "mbedtls/platform_util.h" - #ifdef __cplusplus +#ifdef __cplusplus extern "C" { - #endif +#endif /* UID for secure storage seed */ - #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 +#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 /* * Deprecated PSA Crypto error code definitions */ - #if !defined(MBEDTLS_DEPRECATED_REMOVED) - #define PSA_ERROR_UNKNOWN_ERROR \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_GENERIC_ERROR) - #endif - - #if !defined(MBEDTLS_DEPRECATED_REMOVED) - #define PSA_ERROR_OCCUPIED_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_ALREADY_EXISTS) - #endif - - #if !defined(MBEDTLS_DEPRECATED_REMOVED) - #define PSA_ERROR_EMPTY_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_DOES_NOT_EXIST) - #endif - - #if !defined(MBEDTLS_DEPRECATED_REMOVED) - #define PSA_ERROR_INSUFFICIENT_CAPACITY \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(PSA_ERROR_INSUFFICIENT_DATA) - #endif +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_UNKNOWN_ERROR \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR ) +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_OCCUPIED_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS ) +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_EMPTY_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST ) +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_INSUFFICIENT_CAPACITY \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) +#endif /** \addtogroup attributes * @{ @@ -151,7 +150,9 @@ psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key */ psa_status_t psa_cipher_abort_vendor(psa_cipher_operation_t * operation); -static inline void psa_set_key_enrollment_algorithm (psa_key_attributes_t * attributes, psa_algorithm_t alg2) +static inline void psa_set_key_enrollment_algorithm( + psa_key_attributes_t *attributes, + psa_algorithm_t alg2) { attributes->core.policy.alg2 = alg2; } @@ -168,7 +169,7 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm( return( attributes->core.policy.alg2 ); } - #if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) /** Retrieve the slot number where a key is stored. * @@ -289,7 +290,7 @@ psa_status_t mbedtls_psa_register_se_key( * * This is an Mbed TLS extension. */ -void mbedtls_psa_crypto_free(void); +void mbedtls_psa_crypto_free( void ); /** \brief Statistics about * resource consumption related to the PSA keystore. @@ -327,7 +328,7 @@ typedef struct mbedtls_psa_stats_s * between the application and the keystore, the service may or * may not expose this function. */ -void mbedtls_psa_get_stats(mbedtls_psa_stats_t * stats); +void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); /** * \brief Inject an initial entropy seed for the random generator into @@ -410,7 +411,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * string. The length of the byte string is the length of the base prime `p` * in bytes. */ - #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x60020000) +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) /** DSA key pair (private and public key). * @@ -428,10 +429,10 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * Add 1 to the resulting integer and use this as the private key *x*. * */ - #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x70020000) +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70020000) /** Whether a key type is an DSA key (pair or public-only). */ - #define PSA_KEY_TYPE_IS_DSA(type) \ +#define PSA_KEY_TYPE_IS_DSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) @@ -449,7 +450,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ - #define PSA_ALG_DSA(hash_alg) \ +#define PSA_ALG_DSA(hash_alg) \ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) #define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) @@ -467,14 +468,14 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ - #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ +#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) - #define PSA_ALG_IS_DSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ +#define PSA_ALG_IS_DSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ PSA_ALG_DSA_BASE) - #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ +#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) - #define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ +#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) #define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) @@ -482,9 +483,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, /* We need to expand the sample definition of this macro from * the API definition. */ - #undef PSA_ALG_IS_HASH_AND_SIGN - #define PSA_ALG_IS_HASH_AND_SIGN(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ +#undef PSA_ALG_IS_HASH_AND_SIGN +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) /**@}*/ @@ -569,10 +570,10 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INSUFFICIENT_MEMORY */ -psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t * attributes, - psa_key_type_t type, - const uint8_t * data, - size_t data_length); +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); /** * \brief Get domain parameters for a key. @@ -601,7 +602,7 @@ psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, - size_t * data_length); + size_t *data_length); /** Safe output buffer size for psa_get_key_domain_parameters(). * @@ -628,20 +629,20 @@ psa_status_t psa_get_key_domain_parameters( * If the parameters are not valid, the * return value is unspecified. */ - #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ - PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ +#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ + PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ 0) - #define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ +#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/) - #define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ +#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/) /**@}*/ - #ifdef __cplusplus +#ifdef __cplusplus } - #endif +#endif -#endif /* PSA_CRYPTO_EXTRA_H */ +#endif /* PSA_CRYPTO_EXTRA_H */ From cc0d0a2beb6059e25725a52c7268284b74f66f47 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 22 Jan 2020 21:59:48 +0000 Subject: [PATCH 15/39] More uncrustify undo --- include/psa/crypto.h | 6 ++++-- include/psa/crypto_extra.h | 33 ++++++++++++++++----------------- library/psa_crypto_core.h | 23 ++++++++++------------- 3 files changed, 30 insertions(+), 32 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index bdac6c8f5..d5e713e06 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3584,7 +3584,8 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_random(uint8_t * output, size_t output_size); +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size); /** * \brief Generate a key or key pair. @@ -3624,7 +3625,8 @@ psa_status_t psa_generate_random(uint8_t * output, size_t output_size); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_key(const psa_key_attributes_t * attributes, psa_key_handle_t * handle); +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle); /**@}*/ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 1d05e1926..09a1b8708 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -114,6 +114,22 @@ psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uin */ psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg); +/** Perform any vendor specific action when aborting a cipher operation. + * + * This function is called at the beginning of the psa_cipher_abort function. + * The vendor must provide an implementation of this function to perform any + * vendor specific abort operation. A weakly linked implementation of this + * function that does nothing is provided in the implementation. + * + * This function must not be called directly. + * + * \param[in,out] operation Initialized cipher operation. + * + * \retval #PSA_SUCCESS + * \retval Implementation dependent return values. + */ +psa_status_t psa_cipher_abort_vendor(psa_cipher_operation_t * operation); + /** \brief Declare the enrollment algorithm for a key. * * An operation on a key may indifferently use the algorithm set with @@ -133,23 +149,6 @@ psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key * verified that the usage of the key with multiple algorithms * is safe. */ - -/** Perform any vendor specific action when aborting a cipher operation. - * - * This function is called at the beginning of the psa_cipher_abort function. - * The vendor must provide an implementation of this function to perform any - * vendor specific abort operation. A weakly linked implementation of this - * function that does nothing is provided in the implementation. - * - * This function must not be called directly. - * - * \param[in,out] operation Initialized cipher operation. - * - * \retval #PSA_SUCCESS - * \retval Implementation dependent return values. - */ -psa_status_t psa_cipher_abort_vendor(psa_cipher_operation_t * operation); - static inline void psa_set_key_enrollment_algorithm( psa_key_attributes_t *attributes, psa_algorithm_t alg2) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index d5875493e..63d1e8a23 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -39,33 +39,30 @@ */ typedef struct { - psa_core_key_attributes_t attr; + psa_core_key_attributes_t attr; union { /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */ struct raw_data { uint8_t *data; - size_t bytes; + size_t bytes; } raw; #if defined(MBEDTLS_RSA_C) - /* RSA public key or key pair */ - mbedtls_rsa_context * rsa; -#endif /* MBEDTLS_RSA_C */ + mbedtls_rsa_context *rsa; +#endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - /* EC public key or key pair */ - mbedtls_ecp_keypair * ecp; -#endif /* MBEDTLS_ECP_C */ + mbedtls_ecp_keypair *ecp; +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* Any key type in a secure element */ struct se { psa_key_slot_number_t slot_number; } se; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ void * vendor_context; } data; } psa_key_slot_t; @@ -133,7 +130,8 @@ static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, * \param[in,out] slot The key slot to modify. * \param mask The mask of bits to clear. */ -static inline void psa_key_slot_clear_bits (psa_key_slot_t * slot, uint16_t mask) +static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, + uint16_t mask ) { slot->attr.flags &= ~mask; } @@ -176,6 +174,7 @@ psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, * already fully wiped. * \retval PSA_ERROR_CORRUPTION_DETECTED */ +psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); /** * \brief Sign a hash or short message with a vendor defined private key. @@ -246,8 +245,6 @@ psa_status_t psa_asymmetric_verify_vendor(psa_key_slot_t * slot, uint8_t * signature, size_t signature_length); -psa_status_t psa_wipe_key_slot(psa_key_slot_t * slot); - /** Import key data into a slot. * * `slot->type` must have been set previously. From ecb7284ae81d109b9e88b2c6f81b517dda42525d Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 22 Jan 2020 23:24:41 +0000 Subject: [PATCH 16/39] Removed old vendor keytype usage --- include/psa/crypto_values.h | 8 -------- library/psa_crypto.c | 19 +++++++------------ library/psa_crypto_core.h | 2 +- 3 files changed, 8 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ad6f8fae9..122732636 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -380,14 +380,6 @@ */ #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) -/** Vendor defined Key format for a cipher, AEAD or MAC algorithm based - * on the AES block cipher. - * - * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or - * 32 bytes (AES-256). - */ -#define PSA_KEY_TYPE_AES_VENDOR ((psa_key_type_t)(PSA_KEY_TYPE_VENDOR_FLAG | PSA_KEY_TYPE_AES)) - /** Whether a key type is AES. */ #define PSA_KEY_TYPE_IS_AES(type) (((type)&PSA_KEY_TYPE_AES) != 0) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index aa4ab7325..b0b03a0a4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2488,7 +2488,6 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( switch( key_type ) { case PSA_KEY_TYPE_AES: - case PSA_KEY_TYPE_AES_VENDOR: cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; break; case PSA_KEY_TYPE_DES: @@ -3416,9 +3415,9 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_asymmetric_sign_vendor(slot,alg, - hash, hash_length, - signature, signature_size, - signature_length ); + hash, hash_length, + signature, signature_size, + signature_length ); } else #if defined(MBEDTLS_RSA_C) @@ -3540,8 +3539,8 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { return( psa_asymmetric_verify_vendor(slot,alg, - hash, hash_length, - signature, signature_length ) ); + hash, hash_length, + signature, signature_length ) ); } else #if defined(MBEDTLS_RSA_C) @@ -3829,6 +3828,8 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_cipher_setup_vendor(operation, handle, alg); + if( status != PSA_SUCCESS ) + goto exit; } #if defined(MBEDTLS_DES_C) @@ -3885,12 +3886,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->iv_size = 12; #endif - if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) - { - status = psa_cipher_setup_vendor(operation, handle, alg); - } - - exit: if( status == 0 ) status = mbedtls_to_psa_error( ret ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 63d1e8a23..4654405ba 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -39,7 +39,7 @@ */ typedef struct { - psa_core_key_attributes_t attr; + psa_core_key_attributes_t attr; union { /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */ From 0b57513515dae501a9c010c2e4c9ab310e9db1ba Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 22 Jan 2020 23:42:11 +0000 Subject: [PATCH 17/39] Undo uncrustify --- include/psa/crypto_struct.h | 78 ++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 48803a3f6..4a42372ee 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -295,7 +295,7 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) typedef uint16_t psa_key_bits_t; /* The maximum value of the type used to represent bit-sizes. * This is used to mark an invalid key size. */ -#define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t)(-1)) +#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) /* The maximum size of a key in bits. * Currently defined as the maximum that can be represented, rounded down * to a whole number of bytes. @@ -312,19 +312,19 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) */ typedef uint16_t psa_key_attributes_flag_t; -#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ - ((psa_key_attributes_flag_t)0x0001) +#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ + ( (psa_key_attributes_flag_t) 0x0001 ) /* A mask of key attribute flags used externally only. * Only meant for internal checks inside the library. */ -#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ - MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ - 0) +#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ + MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ + 0 ) /* A mask of key attribute flags used both internally and externally. * Currently there aren't any. */ -#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ - 0) +#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ + 0 ) typedef struct { @@ -354,24 +354,24 @@ struct psa_key_attributes_s #define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} #endif - static inline struct psa_key_attributes_s psa_key_attributes_init(void) - { - const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; - return (v); - } +static inline struct psa_key_attributes_s psa_key_attributes_init( void ) +{ + const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; + return( v ); +} - static inline void psa_set_key_id(psa_key_attributes_t *attributes, - psa_key_id_t id) - { - attributes->core.id = id; - if (attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE) - attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; - } +static inline void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id) +{ + attributes->core.id = id; + if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE ) + attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; +} static inline psa_key_id_t psa_get_key_id( const psa_key_attributes_t *attributes) { - return (attributes->core.id); + return( attributes->core.id ); } static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, @@ -392,7 +392,7 @@ struct psa_key_attributes_s static inline psa_key_lifetime_t psa_get_key_lifetime( const psa_key_attributes_t *attributes) { - return (attributes->core.lifetime); + return( attributes->core.lifetime ); } static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, @@ -404,7 +404,7 @@ struct psa_key_attributes_s static inline psa_key_usage_t psa_get_key_usage_flags( const psa_key_attributes_t *attributes) { - return (attributes->core.policy.usage); + return( attributes->core.policy.usage ); } static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, @@ -416,7 +416,7 @@ struct psa_key_attributes_s static inline psa_algorithm_t psa_get_key_algorithm( const psa_key_attributes_t *attributes) { - return (attributes->core.policy.alg); + return( attributes->core.policy.alg ); } /* This function is declared in crypto_extra.h, which comes after this @@ -429,7 +429,7 @@ struct psa_key_attributes_s static inline void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type) { - if (attributes->domain_parameters == NULL) + if( attributes->domain_parameters == NULL ) { /* Common case: quick path */ attributes->core.type = type; @@ -440,30 +440,30 @@ struct psa_key_attributes_s * Ignore any errors which may arise due to type requiring * non-default domain parameters, since this function can't * report errors. */ - (void)psa_set_key_domain_parameters(attributes, type, NULL, 0); + (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); } } static inline psa_key_type_t psa_get_key_type( const psa_key_attributes_t *attributes) { - return (attributes->core.type); + return( attributes->core.type ); } static inline void psa_set_key_bits(psa_key_attributes_t *attributes, - size_t bits) - { - if (bits > PSA_MAX_KEY_BITS) - attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; - else - attributes->core.bits = (psa_key_bits_t)bits; - } + size_t bits) +{ + if( bits > PSA_MAX_KEY_BITS ) + attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; + else + attributes->core.bits = (psa_key_bits_t) bits; +} - static inline size_t psa_get_key_bits( - const psa_key_attributes_t *attributes) - { - return (attributes->core.bits); - } +static inline size_t psa_get_key_bits( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.bits ); +} #ifdef __cplusplus } From 06705f9e1235bfffa0c11c1e3bbd5fe353cf4083 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Thu, 23 Jan 2020 01:28:39 +0000 Subject: [PATCH 18/39] uncrustify undo --- include/psa/crypto_struct.h | 324 ++++++++++++++++++------------------ 1 file changed, 162 insertions(+), 162 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 4a42372ee..ed262390e 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -86,25 +86,25 @@ struct psa_hash_operation_s { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD2_C) - mbedtls_md2_context md2; + mbedtls_md2_context md2; #endif #if defined(MBEDTLS_MD4_C) - mbedtls_md4_context md4; + mbedtls_md4_context md4; #endif #if defined(MBEDTLS_MD5_C) - mbedtls_md5_context md5; + mbedtls_md5_context md5; #endif #if defined(MBEDTLS_RIPEMD160_C) - mbedtls_ripemd160_context ripemd160; + mbedtls_ripemd160_context ripemd160; #endif #if defined(MBEDTLS_SHA1_C) - mbedtls_sha1_context sha1; + mbedtls_sha1_context sha1; #endif #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context sha256; + mbedtls_sha256_context sha256; #endif #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context sha512; + mbedtls_sha512_context sha512; #endif } ctx; }; @@ -112,26 +112,26 @@ struct psa_hash_operation_s #define PSA_HASH_OPERATION_INIT {0, {0}} static inline struct psa_hash_operation_s psa_hash_operation_init( void ) { - const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; - return (v); - } + const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; + return( v ); +} #if defined(MBEDTLS_MD_C) - typedef struct - { +typedef struct +{ /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; - } psa_hmac_internal_data; +} psa_hmac_internal_data; #endif /* MBEDTLS_MD_C */ - struct psa_mac_operation_s - { - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_required : 1; - unsigned int iv_set : 1; +struct psa_mac_operation_s +{ + psa_algorithm_t alg; + unsigned int key_set : 1; + unsigned int iv_required : 1; + unsigned int iv_set : 1; unsigned int has_input : 1; unsigned int is_sign : 1; uint8_t mac_size; @@ -139,10 +139,10 @@ static inline struct psa_hash_operation_s psa_hash_operation_init( void ) { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD_C) - psa_hmac_internal_data hmac; + psa_hmac_internal_data hmac; #endif #if defined(MBEDTLS_CMAC_C) - mbedtls_cipher_context_t cmac; + mbedtls_cipher_context_t cmac; #endif } ctx; }; @@ -150,15 +150,15 @@ static inline struct psa_hash_operation_s psa_hash_operation_init( void ) #define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}} static inline struct psa_mac_operation_s psa_mac_operation_init( void ) { - const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; - return (v); - } + const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; + return( v ); +} - struct psa_cipher_operation_s - { - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_required : 1; +struct psa_cipher_operation_s +{ + psa_algorithm_t alg; + unsigned int key_set : 1; + unsigned int iv_required : 1; unsigned int iv_set : 1; uint8_t iv_size; uint8_t block_size; @@ -172,14 +172,14 @@ static inline struct psa_mac_operation_s psa_mac_operation_init( void ) #define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, {0}} static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) { - const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; - return (v); - } + const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; + return( v ); +} - struct psa_aead_operation_s - { - psa_algorithm_t alg; - unsigned int key_set : 1; +struct psa_aead_operation_s +{ + psa_algorithm_t alg; + unsigned int key_set : 1; unsigned int iv_set : 1; uint8_t iv_size; uint8_t block_size; @@ -193,66 +193,66 @@ static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) #define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} static inline struct psa_aead_operation_s psa_aead_operation_init( void ) { - const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; - return (v); - } + const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; + return( v ); +} #if defined(MBEDTLS_MD_C) - typedef struct - { - uint8_t *info; - size_t info_length; - psa_hmac_internal_data hmac; - uint8_t prk[PSA_HASH_MAX_SIZE]; - uint8_t output_block[PSA_HASH_MAX_SIZE]; +typedef struct +{ + uint8_t *info; + size_t info_length; + psa_hmac_internal_data hmac; + uint8_t prk[PSA_HASH_MAX_SIZE]; + uint8_t output_block[PSA_HASH_MAX_SIZE]; #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif - uint8_t offset_in_block; - uint8_t block_number; - unsigned int state : 2; - unsigned int info_set : 1; - } psa_hkdf_key_derivation_t; + uint8_t offset_in_block; + uint8_t block_number; + unsigned int state : 2; + unsigned int info_set : 1; +} psa_hkdf_key_derivation_t; #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) - typedef enum - { - TLS12_PRF_STATE_INIT, /* no input provided */ - TLS12_PRF_STATE_SEED_SET, /* seed has been set */ - TLS12_PRF_STATE_KEY_SET, /* key has been set */ - TLS12_PRF_STATE_LABEL_SET, /* label has been set */ - TLS12_PRF_STATE_OUTPUT /* output has been started */ - } psa_tls12_prf_key_derivation_state_t; - - typedef struct psa_tls12_prf_key_derivation_s - { +typedef enum +{ + TLS12_PRF_STATE_INIT, /* no input provided */ + TLS12_PRF_STATE_SEED_SET, /* seed has been set */ + TLS12_PRF_STATE_KEY_SET, /* key has been set */ + TLS12_PRF_STATE_LABEL_SET, /* label has been set */ + TLS12_PRF_STATE_OUTPUT /* output has been started */ +} psa_tls12_prf_key_derivation_state_t; + +typedef struct psa_tls12_prf_key_derivation_s +{ #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif - /* Indicates how many bytes in the current HMAC block have + /* Indicates how many bytes in the current HMAC block have * not yet been read by the user. */ - uint8_t left_in_block; + uint8_t left_in_block; - /* The 1-based number of the block. */ - uint8_t block_number; + /* The 1-based number of the block. */ + uint8_t block_number; - psa_tls12_prf_key_derivation_state_t state; + psa_tls12_prf_key_derivation_state_t state; - uint8_t *seed; - size_t seed_length; - uint8_t *label; - size_t label_length; - psa_hmac_internal_data hmac; - uint8_t Ai[PSA_HASH_MAX_SIZE]; + uint8_t *seed; + size_t seed_length; + uint8_t *label; + size_t label_length; + psa_hmac_internal_data hmac; + uint8_t Ai[PSA_HASH_MAX_SIZE]; - /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ - uint8_t output_block[PSA_HASH_MAX_SIZE]; - } psa_tls12_prf_key_derivation_t; + /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ + uint8_t output_block[PSA_HASH_MAX_SIZE]; +} psa_tls12_prf_key_derivation_t; #endif /* MBEDTLS_MD_C */ - struct psa_key_derivation_s +struct psa_key_derivation_s { psa_algorithm_t alg; size_t capacity; @@ -261,38 +261,38 @@ static inline struct psa_aead_operation_s psa_aead_operation_init( void ) /* Make the union non-empty even with no supported algorithms. */ uint8_t dummy; #if defined(MBEDTLS_MD_C) - psa_hkdf_key_derivation_t hkdf; - psa_tls12_prf_key_derivation_t tls12_prf; + psa_hkdf_key_derivation_t hkdf; + psa_tls12_prf_key_derivation_t tls12_prf; #endif - } ctx; + } ctx; }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ #define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {0}} static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) { - const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; - return (v); - } + const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; + return( v ); +} - struct psa_key_policy_s - { - psa_key_usage_t usage; - psa_algorithm_t alg; - psa_algorithm_t alg2; +struct psa_key_policy_s +{ + psa_key_usage_t usage; + psa_algorithm_t alg; + psa_algorithm_t alg2; }; typedef struct psa_key_policy_s psa_key_policy_t; #define PSA_KEY_POLICY_INIT {0, 0, 0} static inline struct psa_key_policy_s psa_key_policy_init( void ) { - const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; - return (v); - } + const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; + return( v ); +} - /* The type used internally for key sizes. +/* The type used internally for key sizes. * Public interfaces use size_t, but internally we use a smaller type. */ - typedef uint16_t psa_key_bits_t; +typedef uint16_t psa_key_bits_t; /* The maximum value of the type used to represent bit-sizes. * This is used to mark an invalid key size. */ #define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) @@ -303,14 +303,14 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) * conditionals. */ #define PSA_MAX_KEY_BITS 0xfff8 - /** A mask of flags that can be stored in key attributes. +/** A mask of flags that can be stored in key attributes. * * This type is also used internally to store flags in slots. Internal * flags are defined in library/psa_crypto_core.h. Internal flags may have * the same value as external flags if they are properly handled during * key creation and in psa_get_key_attributes. */ - typedef uint16_t psa_key_attributes_flag_t; +typedef uint16_t psa_key_attributes_flag_t; #define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ ( (psa_key_attributes_flag_t) 0x0001 ) @@ -326,26 +326,26 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) #define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ 0 ) - typedef struct - { - psa_key_type_t type; - psa_key_lifetime_t lifetime; - psa_key_id_t id; - psa_key_policy_t policy; - psa_key_bits_t bits; +typedef struct +{ + psa_key_type_t type; + psa_key_lifetime_t lifetime; + psa_key_id_t id; + psa_key_policy_t policy; + psa_key_bits_t bits; psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; #define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0, 0} struct psa_key_attributes_s - { - psa_core_key_attributes_t core; +{ + psa_core_key_attributes_t core; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - psa_key_slot_number_t slot_number; + psa_key_slot_number_t slot_number; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - void *domain_parameters; - size_t domain_parameters_size; + void *domain_parameters; + size_t domain_parameters_size; }; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -368,89 +368,89 @@ static inline void psa_set_key_id(psa_key_attributes_t *attributes, attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; } - static inline psa_key_id_t psa_get_key_id( - const psa_key_attributes_t *attributes) - { - return( attributes->core.id ); - } +static inline psa_key_id_t psa_get_key_id( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.id ); +} - static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, - psa_key_lifetime_t lifetime) - { - attributes->core.lifetime = lifetime; +static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime) +{ + attributes->core.lifetime = lifetime; if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER - attributes->core.id.key_id = 0; - attributes->core.id.owner = 0; + attributes->core.id.key_id = 0; + attributes->core.id.owner = 0; #else attributes->core.id = 0; #endif - } } +} - static inline psa_key_lifetime_t psa_get_key_lifetime( - const psa_key_attributes_t *attributes) - { +static inline psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes) +{ return( attributes->core.lifetime ); - } +} - static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, - psa_key_usage_t usage_flags) - { - attributes->core.policy.usage = usage_flags; - } +static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags) +{ + attributes->core.policy.usage = usage_flags; +} - static inline psa_key_usage_t psa_get_key_usage_flags( - const psa_key_attributes_t *attributes) - { +static inline psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes) +{ return( attributes->core.policy.usage ); - } +} - static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, - psa_algorithm_t alg) - { - attributes->core.policy.alg = alg; - } +static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg) +{ + attributes->core.policy.alg = alg; +} - static inline psa_algorithm_t psa_get_key_algorithm( - const psa_key_attributes_t *attributes) - { +static inline psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes) +{ return( attributes->core.policy.alg ); - } +} - /* This function is declared in crypto_extra.h, which comes after this +/* This function is declared in crypto_extra.h, which comes after this * header file, but we need the function here, so repeat the declaration. */ - psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length); +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); - static inline void psa_set_key_type(psa_key_attributes_t *attributes, - psa_key_type_t type) - { +static inline void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type) +{ if( attributes->domain_parameters == NULL ) - { - /* Common case: quick path */ - attributes->core.type = type; - } - else - { - /* Call the bigger function to free the old domain paramteres. + { + /* Common case: quick path */ + attributes->core.type = type; + } + else + { + /* Call the bigger function to free the old domain paramteres. * Ignore any errors which may arise due to type requiring * non-default domain parameters, since this function can't * report errors. */ (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); - } } +} - static inline psa_key_type_t psa_get_key_type( - const psa_key_attributes_t *attributes) - { +static inline psa_key_type_t psa_get_key_type( + const psa_key_attributes_t *attributes) +{ return( attributes->core.type ); - } +} - static inline void psa_set_key_bits(psa_key_attributes_t *attributes, +static inline void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits) { if( bits > PSA_MAX_KEY_BITS ) From f4776ad89f929c262f31378e16b491d511e413b2 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Thu, 23 Jan 2020 02:49:25 +0000 Subject: [PATCH 19/39] Uncrustiry fixes --- include/psa/crypto_values.h | 525 ++++++++++++++++++------------------ 1 file changed, 263 insertions(+), 262 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 122732636..00ccd0b6a 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -50,7 +50,7 @@ * * Implementations may use this error code if none of the other standard * error codes are applicable. */ -#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) /** The requested operation or a parameter is not supported * by this implementation. @@ -59,7 +59,7 @@ * parameter such as a key type, algorithm, etc. is not recognized. * If a combination of parameters is recognized and identified as * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) /** The requested action is denied by a policy. * @@ -72,7 +72,7 @@ * not valid or not supported, it is unspecified whether the function * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or * #PSA_ERROR_INVALID_ARGUMENT. */ -#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) /** An output buffer is too small. * @@ -84,19 +84,19 @@ * buffer would succeed. However implementations may return this * error if a function has invalid or unsupported parameters in addition * to the parameters that determine the necessary output buffer size. */ -#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) /** Asking for an item that already exists * * Implementations should return this error, when attempting * to write an item (like a key) that already exists. */ -#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) /** Asking for an item that doesn't exist * * Implementations should return this error, if a requested item (like * a key) does not exist. */ -#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) /** The requested action cannot be performed in the current state. * @@ -112,7 +112,7 @@ * Implementations shall not return this error code to indicate that a * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ -#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) /** The parameters passed to the function are invalid. * @@ -123,13 +123,13 @@ * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ -#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) /** There is not enough runtime memory. * * If the action is carried out across multiple security realms, this * error can refer to available memory in any of the security realms. */ -#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) /** There is not enough persistent storage. * @@ -138,7 +138,7 @@ * many functions that do not otherwise access storage may return this * error code if the implementation requires a mandatory log entry for * the requested action and the log storage space is full. */ -#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) /** There was a communication failure inside the implementation. * @@ -180,13 +180,13 @@ * permanent storage corruption. However application writers should * keep in mind that transient errors while reading the storage may be * reported using this error code. */ -#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) /** A hardware failure was detected. * * A hardware failure may be transient or permanent depending on the * cause. */ -#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) /** A tampering attempt was detected. * @@ -217,7 +217,7 @@ * This error indicates an attack against the application. Implementations * shall not return this error code as a consequence of the behavior of * the application itself. */ -#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) +#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) /** There is not enough entropy to generate random data needed * for the requested action. @@ -236,7 +236,7 @@ * secure pseudorandom generator (PRNG). However implementations may return * this error at any time if a policy requires the PRNG to be reseeded * during normal operation. */ -#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) /** The signature, MAC or hash is incorrect. * @@ -246,7 +246,7 @@ * * If the value to verify has an invalid size, implementations may return * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) /** The decrypted padding is incorrect. * @@ -262,15 +262,15 @@ * as close as possible to indistinguishable to an external observer. * In particular, the timing of a decryption operation should not * depend on the validity of the padding. */ -#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) /** Return this error when there's insufficient data when attempting * to read from a resource. */ -#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) /** The key handle is not valid. See also :ref:\`key-handles\`. */ -#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) /**@}*/ @@ -282,7 +282,7 @@ * * Zero is not the encoding of any key type. */ -#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) +#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) /** Vendor-defined flag * @@ -291,26 +291,26 @@ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should * respect the bitwise structure used by standard encodings whenever practical. */ -#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) -#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) /** Whether a key type is vendor-defined. */ #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ - (((type)&PSA_KEY_TYPE_VENDOR_FLAG) != 0) + (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) /** Whether a key type is an unstructured array of bytes. * * This encompasses both symmetric keys and non-key data. */ -#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ - (((type)&PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ +#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ PSA_KEY_TYPE_CATEGORY_SYMMETRIC) /** Whether a key type is asymmetric: either a key pair or a public key. */ @@ -319,12 +319,12 @@ & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) /** Whether a key type is the public part of a key pair. */ -#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type)&PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) /** Whether a key type is a key pair containing a private part and a public * part. */ -#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ - (((type)&PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) +#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) /** The key pair type corresponding to a public key type. * * You may also pass a key pair type as \p type, it will be left unchanged. @@ -335,7 +335,7 @@ * If \p type is not a public key or a key pair, * the return value is undefined. */ -#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ +#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** The public key type corresponding to a key pair type. * @@ -347,14 +347,14 @@ * If \p type is not a public key or a key pair, * the return value is undefined. */ -#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** Raw data. * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) /** HMAC key. * @@ -364,21 +364,21 @@ * HMAC keys should generally have the same size as the underlying hash. * This size can be calculated with #PSA_HASH_SIZE(\c alg) where * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) /** A secret for key derivation. * * The key policy determines which key derivation algorithm the key * can be used for. */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) /** Whether a key type is AES. */ #define PSA_KEY_TYPE_IS_AES(type) (((type)&PSA_KEY_TYPE_AES) != 0) @@ -392,17 +392,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -411,113 +411,114 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) /** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) /** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) /** Whether a key type is an RSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_RSA(type) \ +#define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) -#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) /** Elliptic curve key pair. */ -#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ +#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) /** Elliptic curve public key. */ -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) /** Whether a key type is an elliptic curve key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_ECC(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ +#define PSA_KEY_TYPE_IS_ECC(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) /** Whether a key type is an elliptic curve key pair. */ -#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ +#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_KEY_PAIR_BASE) /** Whether a key type is an elliptic curve public key. */ -#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ +#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) /** Extract the curve from an elliptic curve key type. */ -#define PSA_KEY_TYPE_GET_CURVE(type) \ - ((psa_ecc_curve_t)(PSA_KEY_TYPE_IS_ECC(type) ? ((type)&PSA_KEY_TYPE_ECC_CURVE_MASK) : 0)) -/** Extract the curve from an elliptic curve key type. */ +#define PSA_KEY_TYPE_GET_CURVE(type) \ + ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ + ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ + 0)) /* The encoding of curve identifiers is currently aligned with the * TLS Supported Groups Registry (formerly known as the * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * The values are defined by RFC 8422 and RFC 7027. */ -#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t)0x0001) -#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t)0x0002) -#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t)0x0003) -#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t)0x0004) -#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t)0x0005) -#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t)0x0006) -#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t)0x0007) -#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t)0x0008) -#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t)0x0009) -#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t)0x000a) -#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t)0x000b) -#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t)0x000c) -#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t)0x000d) -#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t)0x000e) -#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t)0x000f) -#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t)0x0010) -#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t)0x0011) -#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t)0x0012) -#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t)0x0013) -#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t)0x0014) -#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t)0x0015) -#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t)0x0016) -#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t)0x0017) -#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t)0x0018) -#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t)0x0019) -#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t)0x001a) -#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t)0x001b) -#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t)0x001c) +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) /** Curve25519. * * This is the curve defined in Bernstein et al., * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. */ -#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t)0x001d) +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) /** Curve448 * * This is the curve defined in Hamburg, * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. */ -#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t)0x001e) +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) -#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) -#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) /** Diffie-Hellman key pair. */ -#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ +#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) /** Diffie-Hellman public key. */ -#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ +#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) /** Whether a key type is a Diffie-Hellman key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_DH(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ +#define PSA_KEY_TYPE_IS_DH(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) /** Whether a key type is a Diffie-Hellman key pair. */ -#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ - (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ +#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ PSA_KEY_TYPE_DH_KEY_PAIR_BASE) /** Whether a key type is a Diffie-Hellman public key. */ -#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ - (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ +#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) /** Extract the group from a Diffie-Hellman key type. */ @@ -531,11 +532,11 @@ * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * The values are defined by RFC 7919. */ -#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t)0x0100) -#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t)0x0101) -#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t)0x0102) -#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t)0x0103) -#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t)0x0104) +#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x0100) +#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x0101) +#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x0102) +#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) +#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) /** The block size of a block cipher. * @@ -564,18 +565,18 @@ 0) #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) -#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) -#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) -#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) -#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) -#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) -#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) -#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) - -#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ - (((alg)&PSA_ALG_VENDOR_FLAG) != 0) +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) + +#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ + (((alg) & PSA_ALG_VENDOR_FLAG) != 0) /** Whether the specified algorithm is a hash algorithm. * @@ -585,8 +586,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_HASH(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) +#define PSA_ALG_IS_HASH(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) /** Whether the specified algorithm is a MAC algorithm. * @@ -596,8 +597,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_MAC(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) +#define PSA_ALG_IS_MAC(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) /** Whether the specified algorithm is a symmetric cipher algorithm. * @@ -607,8 +608,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_CIPHER(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) +#define PSA_ALG_IS_CIPHER(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) /** Whether the specified algorithm is an authenticated encryption * with associated data (AEAD) algorithm. @@ -619,8 +620,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_AEAD(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) +#define PSA_ALG_IS_AEAD(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) /** Whether the specified algorithm is a public-key signature algorithm. * @@ -630,8 +631,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_SIGN(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) +#define PSA_ALG_IS_SIGN(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) /** Whether the specified algorithm is a public-key encryption algorithm. * @@ -641,8 +642,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) +#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) /** Whether the specified algorithm is a key agreement algorithm. * @@ -652,8 +653,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) +#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) /** Whether the specified algorithm is a key derivation algorithm. * @@ -663,36 +664,36 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_KEY_DERIVATION(alg) \ - (((alg)&PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) +#define PSA_ALG_IS_KEY_DERIVATION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) -#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) -#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) -#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) -#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) +#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) /** SHA2-224 */ -#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) /** SHA2-256 */ -#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) /** SHA2-384 */ -#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) /** SHA2-512 */ -#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) /** SHA2-512/224 */ -#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) /** SHA2-512/256 */ -#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) /** SHA3-224 */ -#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) /** SHA3-256 */ -#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) /** SHA3-384 */ -#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) /** SHA3-512 */ -#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) +#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) /** In a hash-and-sign algorithm policy, allow any hash algorithm. * @@ -727,10 +728,10 @@ * This value may not be used to build an algorithm specification to * perform an operation. It is only valid to build policies. */ -#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) -#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) /** Macro to build an HMAC algorithm. * * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. @@ -742,11 +743,11 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_HMAC(hash_alg) \ - (PSA_ALG_HMAC_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_HMAC(hash_alg) \ + (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hmac_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is an HMAC algorithm. * @@ -758,7 +759,7 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_HMAC(alg) \ +#define PSA_ALG_IS_HMAC(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_HMAC_BASE) @@ -769,7 +770,7 @@ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation * is correctly encoded as a value between 1 and 63. */ -#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) #define PSA_MAC_TRUNCATION_OFFSET 8 /** Macro to build a truncated MAC algorithm. @@ -805,8 +806,8 @@ * MAC algorithm or if \p mac_length is too small or * too large for the specified MAC algorithm. */ -#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ - (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ +#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ + (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) /** Macro to build the base MAC algorithm corresponding to a truncated @@ -821,7 +822,7 @@ * \return Unspecified if \p alg is not a supported * MAC algorithm. */ -#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ +#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) /** Length to which a MAC algorithm is truncated. @@ -835,18 +836,18 @@ * \return Unspecified if \p alg is not a supported * MAC algorithm. */ -#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ - (((mac_alg)&PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) +#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ + (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) -#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) /** The CBC-MAC construction over a block cipher * * \warning CBC-MAC is insecure in many cases. * A more secure mode, such as #PSA_ALG_CMAC, is recommended. */ -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) /** The CMAC construction over a block cipher */ -#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) +#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * @@ -856,12 +857,12 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ +#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_CIPHER_MAC_BASE) -#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) -#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) /** Whether the specified algorithm is a stream cipher. * @@ -875,13 +876,13 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier or if it is not a symmetric cipher algorithm. */ -#define PSA_ALG_IS_STREAM_CIPHER(alg) \ +#define PSA_ALG_IS_STREAM_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ - (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) /** The ARC4 stream cipher algorithm. */ -#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) +#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) /** The ChaCha20 stream cipher. * @@ -893,7 +894,7 @@ * The initial block counter is always 0. * */ -#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) +#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) /** The CTR stream cipher mode. * @@ -902,19 +903,19 @@ * For example, to use AES-128-CTR, use this algorithm with * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) +#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) /** The CFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) +#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) /** The OFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) +#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) /** The XTS cipher mode. * @@ -922,7 +923,7 @@ * least one full block of input, but beyond this minimum the input * does not need to be a whole number of blocks. */ -#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) +#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) /** The CBC block cipher chaining mode, with no padding. * @@ -931,7 +932,7 @@ * This symmetric cipher mode can only be used with messages whose lengths * are whole number of blocks for the chosen block cipher. */ -#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) /** The CBC block cipher chaining mode with PKCS#7 padding. * @@ -939,9 +940,9 @@ * * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. */ -#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) -#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) /** Whether the specified algorithm is an AEAD mode on a block cipher. * @@ -952,7 +953,7 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ +#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \ (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) @@ -960,13 +961,13 @@ * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) +#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) /** The GCM authenticated encryption algorithm. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) +#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) /** The Chacha20-Poly1305 AEAD algorithm. * @@ -977,13 +978,13 @@ * * Implementations must support 16-byte tags and should reject other sizes. */ -#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) /* In the encoding of a AEAD algorithm, the bits corresponding to * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * The constants for default lengths follow this encoding. */ -#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) #define PSA_AEAD_TAG_LENGTH_OFFSET 8 /** Macro to build a shortened AEAD algorithm. @@ -1004,9 +1005,9 @@ * AEAD algorithm or if \p tag_length is not valid * for the specified AEAD algorithm. */ -#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ - (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ - ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ + (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ + ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ PSA_ALG_AEAD_TAG_LENGTH_MASK)) /** Calculate the corresponding AEAD algorithm with the default tag length. @@ -1017,7 +1018,7 @@ * \return The corresponding AEAD algorithm with the default * tag length for that algorithm. */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ ( \ PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \ PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \ @@ -1044,8 +1045,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ - (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** Raw PKCS#1 v1.5 signature. * * The input to this algorithm is the DigestInfo structure used by @@ -1053,10 +1054,10 @@ * steps 3–6. */ #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE -#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ +#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) -#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) /** RSA PSS signature with hashing. * * This is the signature scheme defined by RFC 8017 @@ -1075,12 +1076,12 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_RSA_PSS(hash_alg) \ - (PSA_ALG_RSA_PSS_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_PSS(alg) \ +#define PSA_ALG_RSA_PSS(hash_alg) \ + (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PSS(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) -#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) /** ECDSA signature with hashing. * * This is the ECDSA signature scheme defined by ANSI X9.62, @@ -1101,8 +1102,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_ECDSA(hash_alg) \ - (PSA_ALG_ECDSA_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_ECDSA(hash_alg) \ + (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** ECDSA signature without hashing. * * This is the same signature scheme as #PSA_ALG_ECDSA(), but @@ -1113,7 +1114,7 @@ * the curve size. */ #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE -#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) /** Deterministic ECDSA signature with hashing. * * This is the deterministic ECDSA signature scheme defined by RFC 6979. @@ -1136,16 +1137,16 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ - (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_ECDSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ +#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_ECDSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ PSA_ALG_ECDSA_BASE) -#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ - (((alg)&PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) -#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ +#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) -#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ +#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) /** Whether the specified algorithm is a hash-and-sign algorithm. @@ -1161,8 +1162,8 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ PSA_ALG_IS_ECDSA(alg)) /** Get the hash used by a hash-and-sign signature algorithm. @@ -1191,9 +1192,9 @@ /** RSA PKCS#1 v1.5 encryption. */ -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) -#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) /** RSA OAEP encryption. * * This is the encryption scheme defined by RFC 8017 @@ -1208,8 +1209,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_RSA_OAEP(hash_alg) \ - (PSA_ALG_RSA_OAEP_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_RSA_OAEP(hash_alg) \ + (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_OAEP(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) #define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ @@ -1238,8 +1239,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_HKDF(hash_alg) \ - (PSA_ALG_HKDF_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_HKDF(hash_alg) \ + (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is an HKDF algorithm. * * HKDF is a family of key derivation algorithms that are based on a hash @@ -1251,12 +1252,12 @@ * This macro may return either 0 or 1 if \c alg is not a supported * key derivation algorithm identifier. */ -#define PSA_ALG_IS_HKDF(alg) \ +#define PSA_ALG_IS_HKDF(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) -#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) /** Macro to build a TLS-1.2 PRF algorithm. * * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, @@ -1283,8 +1284,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_TLS12_PRF(hash_alg) \ - (PSA_ALG_TLS12_PRF_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PRF(hash_alg) \ + (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is a TLS-1.2 PRF algorithm. * @@ -1294,12 +1295,12 @@ * This macro may return either 0 or 1 if \c alg is not a supported * key derivation algorithm identifier. */ -#define PSA_ALG_IS_TLS12_PRF(alg) \ +#define PSA_ALG_IS_TLS12_PRF(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) -#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. * * In a pure-PSK handshake in TLS 1.2, the master secret is derived @@ -1329,8 +1330,8 @@ * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ -#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ - (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ + (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. * @@ -1340,13 +1341,13 @@ * This macro may return either 0 or 1 if \c alg is not a supported * key derivation algorithm identifier. */ -#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ +#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) -#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg)&PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) -#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) /** Macro to build a combined algorithm that chains a key agreement with * a key derivation. @@ -1362,14 +1363,14 @@ * key agreement algorithm or \p kdf_alg is not a * supported key derivation algorithm. */ -#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ +#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ ((ka_alg) | (kdf_alg)) -#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ - (((alg)&PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) +#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ + (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) -#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ - (((alg)&PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) +#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ + (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) /** Whether the specified algorithm is a raw key agreement algorithm. * @@ -1385,11 +1386,11 @@ * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ - (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ +#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ + (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) -#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ +#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg))) /** The finite-field Diffie-Hellman (DH) key agreement algorithm. @@ -1399,7 +1400,7 @@ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * in bits. */ -#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) +#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. * @@ -1441,7 +1442,7 @@ * in big-endian byte order. * The bit size is `m` for the field `F_{2^m}`. */ -#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) +#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) /** Whether the specified algorithm is an elliptic curve Diffie-Hellman * algorithm. @@ -1487,7 +1488,7 @@ /** A volatile key only exists as long as the handle to it is not closed. * The key material is guaranteed to be erased on a power reset. */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) /** The default storage area for persistent keys. * @@ -1501,7 +1502,7 @@ * application. Implementations may offer other storage areas designated * by other lifetime values as implementation-specific extensions. */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \ (((lifetime)&PSA_KEY_LIFETIME_VOLATILE) != 0) @@ -1517,16 +1518,16 @@ (((lifetime)&PSA_KEY_LIFETIME_VENDOR_FLAG) != 0) /** The minimum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) +#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) /** The maximum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) +#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) /** The minimum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) +#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) /** The maximum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) +#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) /**@}*/ @@ -1545,7 +1546,7 @@ * The key may however be exportable in a wrapped form, i.e. in a form * where it is encrypted by another key. */ -#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) /** Whether the key may be copied. * @@ -1561,7 +1562,7 @@ * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY * is sufficient to permit the copy. */ -#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) +#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) /** Whether the key may be used to encrypt a message. * @@ -1572,7 +1573,7 @@ * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) /** Whether the key may be used to decrypt a message. * @@ -1583,7 +1584,7 @@ * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) /** Whether the key may be used to sign a message. * @@ -1593,7 +1594,7 @@ * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) +#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) /** Whether the key may be used to verify a message signature. * @@ -1603,11 +1604,11 @@ * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) +#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) /** Whether the key may be used to derive other keys. */ -#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) /**@}*/ @@ -1619,31 +1620,31 @@ * * This must be a key of type #PSA_KEY_TYPE_DERIVE. */ -#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) /** A label for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) /** A salt for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) /** An information string for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) /** A seed for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) +#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) /**@}*/ From a8ac0169dcc930e5de3e79329f1a1c22be90c8a6 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Thu, 23 Jan 2020 02:55:53 +0000 Subject: [PATCH 20/39] whitespace fix --- include/psa/crypto_struct.h | 4 ++-- library/psa_crypto.c | 7 +++---- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index ed262390e..1c72674fa 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -378,8 +378,8 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { attributes->core.lifetime = lifetime; - if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) + { #ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER attributes->core.id.key_id = 0; attributes->core.id.owner = 0; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b0b03a0a4..fa920cca4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2427,7 +2427,6 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, target_operation->alg = source_operation->alg; return( PSA_SUCCESS ); } - /****************************************************************/ /* MAC */ /****************************************************************/ @@ -5526,14 +5525,14 @@ static psa_status_t psa_generate_key_internal( if( status != PSA_SUCCESS ) return( status ); status = psa_generate_random( slot->data.raw.data, - slot->data.raw.bytes ); + slot->data.raw.bytes ); if( status != PSA_SUCCESS ) return( status ); - #if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_DES_C) if( type == PSA_KEY_TYPE_DES ) psa_des_set_key_parity( slot->data.raw.data, slot->data.raw.bytes ); - #endif /* MBEDTLS_DES_C */ +#endif /* MBEDTLS_DES_C */ } else From 4c53fc77d834720dee8e609c63468c687bbb0686 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Fri, 24 Jan 2020 03:45:51 +0000 Subject: [PATCH 21/39] Added new macro to enable crypto accelerator --- include/psa/crypto_extra.h | 12 ++-- library/psa_crypto.c | 112 ++++--------------------------------- library/psa_crypto_core.h | 9 ++- 3 files changed, 23 insertions(+), 110 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 09a1b8708..0426ef489 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -73,7 +73,8 @@ extern "C" { * and MUST NOT use the content of the output buffer if the return * status is not #PSA_SUCCESS. * - * \note This function has to be defined by the vendor. + * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. * A weakly linked version is provided by default and returns * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; * to generate a key, use psa_generate_key() instead. @@ -92,7 +93,8 @@ psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uin * \brief Perform vendor specific setup for cipher operations. * * - * \note This function has to be defined by the vendor. + * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. * A weakly linked version is provided by default and returns * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; * to generate a key, use psa_generate_key() instead. @@ -116,10 +118,8 @@ psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key /** Perform any vendor specific action when aborting a cipher operation. * - * This function is called at the beginning of the psa_cipher_abort function. - * The vendor must provide an implementation of this function to perform any - * vendor specific abort operation. A weakly linked implementation of this - * function that does nothing is provided in the implementation. + * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. This function is called at the beginning of the psa_cipher_abort function. * * This function must not be called directly. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fa920cca4..cdc6f5b5a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2427,6 +2427,8 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, target_operation->alg = source_operation->alg; return( PSA_SUCCESS ); } + + /****************************************************************/ /* MAC */ /****************************************************************/ @@ -3332,41 +3334,6 @@ static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, } #endif /* MBEDTLS_ECDSA_C */ -// The weakly linked function "psa_asymmetric_sign_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "psa_asymmetric_sign_vendor" -psa_status_t psa_asymmetric_sign_vendor( psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_sign_vendor_weak"))); -psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ); -psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) -{ - (void) slot ; - (void) alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - - - return PSA_ERROR_NOT_SUPPORTED; -} psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, @@ -3411,6 +3378,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_asymmetric_sign_vendor(slot,alg, @@ -3419,6 +3387,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, signature_length ); } else +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ #if defined(MBEDTLS_RSA_C) if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { @@ -3472,37 +3441,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, * memset because signature may be NULL in this case. */ return( status ); } -// The weakly linked function "psa_asymmetric_verify_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "psa_asymmetric_verify_vendor" -psa_status_t psa_asymmetric_verify_vendor( psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_length ) __attribute__ ((weak, alias("psa_asymmetric_verify_vendor_weak"))); -psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_length ); -psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_length ) -{ - (void) slot; - (void) alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - - return PSA_ERROR_NOT_SUPPORTED; -} psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, @@ -3535,6 +3474,7 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { return( psa_asymmetric_verify_vendor(slot,alg, @@ -3542,6 +3482,7 @@ if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) signature, signature_length ) ); } else +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ #if defined(MBEDTLS_RSA_C) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { @@ -3772,17 +3713,6 @@ static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation, mbedtls_cipher_init( &operation->ctx.cipher ); return( PSA_SUCCESS ); } -// The weakly linked function "psa_cipher_setup_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "psa_cipher_setup_vendor" -psa_status_t psa_cipher_setup_vendor( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg) __attribute__ ((weak, alias("psa_cipher_setup_vendor_weak"))); -psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg); -psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg) -{ - (void)operation; - (void)handle; - (void)alg; - return PSA_ERROR_NOT_SUPPORTED; -} static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_key_handle_t handle, @@ -3824,13 +3754,14 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( ret != 0 ) goto exit; +#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_cipher_setup_vendor(operation, handle, alg); if( status != PSA_SUCCESS ) goto exit; } - +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ #if defined(MBEDTLS_DES_C) if( slot->attr.type == PSA_KEY_TYPE_DES && key_bits == 128 ) { @@ -4071,16 +4002,6 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, return( status ); } -// The weakly linked function "psa_cipher_abort_vendor_weak" which returns "PSA_SUCCESS" will be linked if -// the vendor does not provide a definition for "psa_cipher_abort_vendor" -psa_status_t psa_cipher_abort_vendor( psa_cipher_operation_t * operation) __attribute__ ((weak, alias("psa_cipher_abort_vendor_weak"))); -psa_status_t psa_cipher_abort_vendor_weak( psa_cipher_operation_t * operation); -psa_status_t psa_cipher_abort_vendor_weak( psa_cipher_operation_t * operation) -{ - (void)operation; - return PSA_SUCCESS; -} - psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) { if( operation->alg == 0 ) @@ -5611,19 +5532,7 @@ static psa_status_t psa_generate_key_internal( return( PSA_SUCCESS ); } -// The weakly linked function "psa_generate_key_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if -// the vendor does not provide a definition for "psa_generate_key_vendor" -psa_status_t psa_generate_key_vendor( psa_key_slot_t *slot, size_t bits, - const uint8_t *domain_parameters, size_t domain_parameters_size ) __attribute__ ((weak, alias("psa_generate_key_vendor_weak"))); -psa_status_t psa_generate_key_vendor_weak( psa_key_slot_t *slot, size_t bits, - const uint8_t *domain_parameters, size_t domain_parameters_size ); -psa_status_t psa_generate_key_vendor_weak( psa_key_slot_t *slot, size_t bits, - const uint8_t *domain_parameters, size_t domain_parameters_size ) -{ - (void) slot; - - return PSA_ERROR_NOT_SUPPORTED; -} + psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle ) { @@ -5654,6 +5563,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) { status = psa_generate_key_vendor(slot, attributes->core.bits, @@ -5665,7 +5575,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, slot, attributes->core.bits, attributes->domain_parameters, attributes->domain_parameters_size ); } - +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ exit: if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot, driver ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 4654405ba..5ea68a64b 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -139,9 +139,8 @@ static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, /** * \brief Generate a vendor defined key or key pair. * - * \note This function has to be defined by the vendor. - * A weakly linked version is provided by default and returns - * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. Do not use this function directly; * to generate a key, use psa_generate_key() instead. * * \param[in] slot @@ -178,6 +177,8 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); /** * \brief Sign a hash or short message with a vendor defined private key. + * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + *is defined. * * Note that to perform a hash-and-sign signature algorithm, you must * first calculate the hash by calling psa_hash_setup(), psa_hash_update() @@ -216,6 +217,8 @@ psa_status_t psa_asymmetric_sign_vendor(psa_key_slot_t * slot, /** * \brief Verify the signature a hash or short message using a vendor defined public key. + * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. * * Note that to perform a hash-and-sign signature algorithm, you must * first calculate the hash by calling psa_hash_setup(), psa_hash_update() From 4d6f518e5fd912e39b4546e450bf27ed5734ef96 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 29 Jan 2020 16:54:15 +0000 Subject: [PATCH 22/39] Removed aes vendor ctx field --- include/mbedtls/aes.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index b7e154b74..63c0f672b 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -95,7 +95,6 @@ typedef struct mbedtls_aes_context
  • Simplifying key expansion in the 256-bit case by generating an extra round key.
    • */ - void *vendor_ctx; /*!< Vendor defined context. */ } mbedtls_aes_context; From e2e724a334ff090971a407a880f17f4fed1a3e79 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Thu, 30 Jan 2020 17:18:10 +0000 Subject: [PATCH 23/39] Prototype update --- library/psa_crypto_core.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 5ea68a64b..266b0cc22 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -245,7 +245,7 @@ psa_status_t psa_asymmetric_verify_vendor(psa_key_slot_t * slot, psa_algorithm_t alg, const uint8_t * hash, size_t hash_length, - uint8_t * signature, + const uint8_t * signature, size_t signature_length); /** Import key data into a slot. From 863b5d60ede69089ea7ac1f0fc3e5e484a080698 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Mon, 10 Feb 2020 19:41:16 +0000 Subject: [PATCH 24/39] made some static functions externally visible moved accel definitions from other header files to accel header file --- include/psa/crypto_accel_driver.h | 199 ++++++++++++++++++++++++++++++ include/psa/crypto_extra.h | 64 ---------- library/psa_crypto.c | 49 +++++--- library/psa_crypto_core.h | 100 ++------------- 4 files changed, 245 insertions(+), 167 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index 4a540f0fa..974519818 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -37,6 +37,205 @@ #ifdef __cplusplus extern "C" { #endif +/** Completely wipe vendor allocated items for a slot in memory. + * + * Persistent storage is not affected. + * + * \param[in,out] slot The key slot to wipe. + * + * \retval PSA_SUCCESS + * Success. This includes the case of a key slot that was + * already fully wiped. + * \retval PSA_ERROR_CORRUPTION_DETECTED + */ +psa_status_t psa_remove_key_data_from_memory_vendor(psa_key_slot_t * slot); + +/** Import vendor defined key data into a slot. + * + * `slot->type` must have been set previously. + * This function assumes that the slot does not contain any key material yet. + * On failure, the slot content is unchanged. + * + * Persistent storage is not affected. + * + * \param[in,out] slot The key slot to import data into. + * Its `type` field must have previously been set to + * the desired key type. + * It must not contain any key material yet. + * \param[in] data Buffer containing the key material to parse and import. + * \param data_length Size of \p data in bytes. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval Implementation dependent + */ +psa_status_t psa_import_key_into_slot_vendor( psa_key_slot_t *slot, + const uint8_t *data, + size_t data_length ); + +/** + * \brief Generate a vendor defined key or key pair. + * + * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in] slot + * \param[in] bits + * \param[in] domain_parameters + * \param[in] domain_parameters_size + * + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval Implementation dependent. + */ +psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, + size_t bits, + const uint8_t * domain_parameters, + size_t domain_parameters_size); + +/** + * \brief Sign a hash or short message with a vendor defined private key. + * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + *is defined. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param slot Key slot to use for the operation. + * It must be an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \p signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval Implementation dependent + */ +psa_status_t psa_asymmetric_sign_vendor(psa_key_slot_t * slot, + psa_algorithm_t alg, + const uint8_t * hash, + size_t hash_length, + uint8_t * signature, + size_t signature_size, + size_t * signature_length); + +/** + * \brief Verify the signature a hash or short message using a vendor defined public key. + * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param handle Key slot to use for the operation. + * It must be a public key or an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message whose signature is to be + * verified. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The signature is valid. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * \retval Implementation dependent + */ +psa_status_t psa_asymmetric_verify_vendor(psa_key_slot_t * slot, + psa_algorithm_t alg, + const uint8_t * hash, + size_t hash_length, + const uint8_t * signature, + size_t signature_length); +/** + * \brief Generate symmetric key of vendor defined format. + * + * \warning This function **can** fail! Callers MUST check the return status + * and MUST NOT use the content of the output buffer if the return + * status is not #PSA_SUCCESS. + * + * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in] type Type of symmetric key to be generated. + * \param[out] output Output buffer for the generated data. + * \param[out] output_size Number of bytes to generate and output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval Implementation dependent + */ +psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); + +/** + * \brief Perform vendor specific setup for cipher operations. + * + * + * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. + * A weakly linked version is provided by default and returns + * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; + * to generate a key, use psa_generate_key() instead. + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * . + */ +psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg, mbedtls_operation_t cipher_operation); + +/** Perform any vendor specific action when aborting a cipher operation. + * + * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C + * is defined. This function is called at the beginning of the psa_cipher_abort function. + * + * This function must not be called directly. + * + * \param[in,out] operation Initialized cipher operation. + * + * \retval #PSA_SUCCESS + * \retval Implementation dependent return values. + */ +psa_status_t psa_cipher_abort_vendor(psa_cipher_operation_t * operation); /** \defgroup driver_digest Hardware-Accelerated Message Digests * diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 0426ef489..636c88110 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -66,70 +66,6 @@ extern "C" { * @{ */ -/** - * \brief Generate symmetric key of vendor defined format. - * - * \warning This function **can** fail! Callers MUST check the return status - * and MUST NOT use the content of the output buffer if the return - * status is not #PSA_SUCCESS. - * - * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - * is defined. - * A weakly linked version is provided by default and returns - * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; - * to generate a key, use psa_generate_key() instead. - * - * \param[in] type Type of symmetric key to be generated. - * \param[out] output Output buffer for the generated data. - * \param[out] output_size Number of bytes to generate and output. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval Implementation dependent - */ -psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size); - -/** - * \brief Perform vendor specific setup for cipher operations. - * - * - * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - * is defined. - * A weakly linked version is provided by default and returns - * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly; - * to generate a key, use psa_generate_key() instead. - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_cipher_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The cipher algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_CIPHER(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_NOT_SUPPORTED - * . - */ -psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg); - -/** Perform any vendor specific action when aborting a cipher operation. - * - * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - * is defined. This function is called at the beginning of the psa_cipher_abort function. - * - * This function must not be called directly. - * - * \param[in,out] operation Initialized cipher operation. - * - * \retval #PSA_SUCCESS - * \retval Implementation dependent return values. - */ -psa_status_t psa_cipher_abort_vendor(psa_cipher_operation_t * operation); - /** \brief Declare the enrollment algorithm for a key. * * An operation on a key may indifferently use the algorithm set with diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cdc6f5b5a..f59a68d92 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -128,7 +128,7 @@ static psa_global_data_t global_data; if( global_data.initialized == 0 ) \ return( PSA_ERROR_BAD_STATE ); -static psa_status_t mbedtls_to_psa_error( int ret ) +psa_status_t mbedtls_to_psa_error( int ret ) { /* If there's both a high-level code and low-level code, dispatch on * the high-level code. */ @@ -407,7 +407,7 @@ static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) } } -static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve ) +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve ) { switch( curve ) { @@ -594,7 +594,7 @@ static psa_status_t psa_import_rsa_key( psa_key_type_t type, /* Import a public key given as the uncompressed representation defined by SEC1 * 2.3.3 as the content of an ECPoint. */ -static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve, +psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve, const uint8_t *data, size_t data_length, mbedtls_ecp_keypair **p_ecp ) @@ -953,6 +953,14 @@ static psa_status_t psa_get_transparent_key( psa_key_handle_t handle, /** Wipe key data from a slot. Preserve metadata such as the policy. */ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { + #if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) + if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) + { + psa_remove_key_data_from_memory_vendor(slot); + } + else +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( psa_key_slot_is_external( slot ) ) { @@ -1638,7 +1646,7 @@ static psa_status_t psa_start_key_creation( * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. */ -static psa_status_t psa_finish_key_creation( +psa_status_t psa_finish_key_creation( psa_key_slot_t *slot, psa_se_drv_table_entry_t *driver ) { @@ -1859,6 +1867,14 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) + if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) + { + status = psa_import_key_into_slot_vendor( slot, data, data_length); + goto exit; + } + else +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ { status = psa_import_key_into_slot( slot, data, data_length ); if( status != PSA_SUCCESS ) @@ -2433,7 +2449,7 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, /* MAC */ /****************************************************************/ -static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits, @@ -3743,6 +3759,14 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, goto exit; key_bits = psa_get_key_slot_bits( slot ); +#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) + if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) + { + status = psa_cipher_setup_vendor(operation, handle, alg, cipher_operation); + goto exit; + } +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ + cipher_info = mbedtls_cipher_info_from_psa( alg, slot->attr.type, key_bits, NULL ); if( cipher_info == NULL ) { @@ -3754,14 +3778,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( ret != 0 ) goto exit; -#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) - if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) - { - status = psa_cipher_setup_vendor(operation, handle, alg); - if( status != PSA_SUCCESS ) - goto exit; - } -#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ #if defined(MBEDTLS_DES_C) if( slot->attr.type == PSA_KEY_TYPE_DES && key_bits == 128 ) { @@ -4016,8 +4032,9 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) * always have been initialized to a valid value). */ if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) return( PSA_ERROR_BAD_STATE ); - +#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) psa_cipher_abort_vendor(operation); +#endif //MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C mbedtls_cipher_free( &operation->ctx.cipher ); operation->alg = 0; @@ -5403,7 +5420,7 @@ psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed, #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) -static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, +psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, size_t domain_parameters_size, int *exponent ) { @@ -5570,12 +5587,12 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, attributes->domain_parameters, attributes->domain_parameters_size); } else +#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ { status = psa_generate_key_internal( slot, attributes->core.bits, attributes->domain_parameters, attributes->domain_parameters_size ); } -#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ exit: if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot, driver ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 266b0cc22..460144061 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -23,9 +23,9 @@ #define PSA_CRYPTO_CORE_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" + #include "mbedtls/config.h" #else -#include MBEDTLS_CONFIG_FILE + #include MBEDTLS_CONFIG_FILE #endif #include "psa/crypto.h" @@ -45,32 +45,31 @@ typedef struct /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */ struct raw_data { - uint8_t *data; - size_t bytes; + uint8_t * data; + size_t bytes; } raw; #if defined(MBEDTLS_RSA_C) /* RSA public key or key pair */ - mbedtls_rsa_context *rsa; -#endif /* MBEDTLS_RSA_C */ + mbedtls_rsa_context * rsa; +#endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) /* EC public key or key pair */ - mbedtls_ecp_keypair *ecp; -#endif /* MBEDTLS_ECP_C */ + mbedtls_ecp_keypair * ecp; +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Any key type in a secure element */ struct se { psa_key_slot_number_t slot_number; } se; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - void * vendor_context; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ } data; } psa_key_slot_t; /* A mask of key attribute flags used only internally. * Currently there aren't any. */ -#define PSA_KA_MASK_INTERNAL_ONLY ( \ - 0 ) +#define PSA_KA_MASK_INTERNAL_ONLY ( \ + 0) /** Test whether a key slot is occupied. * @@ -111,7 +110,7 @@ static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, uint16_t value ) { slot->attr.flags = ( ( ~mask & slot->attr.flags ) | - ( mask & value ) ); + (mask & value)); } /** Turn on flags in psa_key_slot_t::attr::core::flags. @@ -173,80 +172,7 @@ psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, * already fully wiped. * \retval PSA_ERROR_CORRUPTION_DETECTED */ -psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); - -/** - * \brief Sign a hash or short message with a vendor defined private key. - * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - *is defined. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param slot Key slot to use for the operation. - * It must be an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message to sign. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[out] signature Buffer where the signature is to be written. - * \param signature_size Size of the \p signature buffer in bytes. - * \param[out] signature_length On success, the number of bytes - * that make up the returned signature value. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p signature buffer is too small. You can - * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) - * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval Implementation dependent - */ -psa_status_t psa_asymmetric_sign_vendor(psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t * hash, - size_t hash_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length); - -/** - * \brief Verify the signature a hash or short message using a vendor defined public key. - * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - * is defined. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param handle Key slot to use for the operation. - * It must be a public key or an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message whose signature is to be - * verified. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] signature Buffer containing the signature to verify. - * \param signature_length Size of the \p signature buffer in bytes. - * - * \retval #PSA_SUCCESS - * The signature is valid. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * \retval Implementation dependent - */ -psa_status_t psa_asymmetric_verify_vendor(psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t * hash, - size_t hash_length, - const uint8_t * signature, - size_t signature_length); +psa_status_t psa_wipe_key_slot(psa_key_slot_t * slot); /** Import key data into a slot. * From 7ab5174411266c7ba5419e0dc73ceba388b5b902 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 12 Feb 2020 03:48:56 +0000 Subject: [PATCH 25/39] made fns non-staic --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f59a68d92..020427214 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3136,7 +3136,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, return( PSA_SUCCESS ); } -static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, +psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -3195,7 +3195,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, +psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, From 46b8e0e6057591c15c9ec9a3d4e840a65f511d6e Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 12 Feb 2020 20:47:08 +0000 Subject: [PATCH 26/39] Undid changes --- include/psa/crypto_accel_driver.h | 1 + library/psa_crypto_core.h | 52 ++++++++----------------------- 2 files changed, 14 insertions(+), 39 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index 974519818..e1008dc9b 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -37,6 +37,7 @@ #ifdef __cplusplus extern "C" { #endif + /** Completely wipe vendor allocated items for a slot in memory. * * Persistent storage is not affected. diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 460144061..edf3ab603 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -23,9 +23,9 @@ #define PSA_CRYPTO_CORE_H #if !defined(MBEDTLS_CONFIG_FILE) - #include "mbedtls/config.h" +#include "mbedtls/config.h" #else - #include MBEDTLS_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include "psa/crypto.h" @@ -45,31 +45,31 @@ typedef struct /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */ struct raw_data { - uint8_t * data; - size_t bytes; + uint8_t *data; + size_t bytes; } raw; #if defined(MBEDTLS_RSA_C) /* RSA public key or key pair */ - mbedtls_rsa_context * rsa; -#endif /* MBEDTLS_RSA_C */ + mbedtls_rsa_context *rsa; +#endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) /* EC public key or key pair */ - mbedtls_ecp_keypair * ecp; -#endif /* MBEDTLS_ECP_C */ + mbedtls_ecp_keypair *ecp; +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Any key type in a secure element */ struct se { psa_key_slot_number_t slot_number; } se; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ } data; } psa_key_slot_t; /* A mask of key attribute flags used only internally. * Currently there aren't any. */ -#define PSA_KA_MASK_INTERNAL_ONLY ( \ - 0) +#define PSA_KA_MASK_INTERNAL_ONLY ( \ + 0 ) /** Test whether a key slot is occupied. * @@ -110,7 +110,7 @@ static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, uint16_t value ) { slot->attr.flags = ( ( ~mask & slot->attr.flags ) | - (mask & value)); + ( mask & value ) ); } /** Turn on flags in psa_key_slot_t::attr::core::flags. @@ -135,32 +135,6 @@ static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, slot->attr.flags &= ~mask; } -/** - * \brief Generate a vendor defined key or key pair. - * - * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - * is defined. Do not use this function directly; - * to generate a key, use psa_generate_key() instead. - * - * \param[in] slot - * \param[in] bits - * \param[in] domain_parameters - * \param[in] domain_parameters_size - * - * - * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, the key material and the key's metadata - * have been saved to persistent storage. - * - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval Implementation dependent. - */ -psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, - size_t bits, - const uint8_t * domain_parameters, - size_t domain_parameters_size); - /** Completely wipe a slot in memory, including its policy. * * Persistent storage is not affected. @@ -172,7 +146,7 @@ psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, * already fully wiped. * \retval PSA_ERROR_CORRUPTION_DETECTED */ -psa_status_t psa_wipe_key_slot(psa_key_slot_t * slot); +psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); /** Import key data into a slot. * From d10cd66e1ad03945327b932196c15da9e875e78a Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Mon, 17 Feb 2020 18:08:56 +0000 Subject: [PATCH 27/39] typecast to fix warning --- library/psa_crypto_core.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index edf3ab603..3a08cbb43 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -109,7 +109,7 @@ static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, uint16_t mask, uint16_t value ) { - slot->attr.flags = ( ( ~mask & slot->attr.flags ) | + slot->attr.flags = (psa_key_attributes_flag_t)( ( ~mask & slot->attr.flags ) | ( mask & value ) ); } @@ -132,7 +132,7 @@ static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, uint16_t mask ) { - slot->attr.flags &= ~mask; + slot->attr.flags &= (psa_key_attributes_flag_t)~mask; } /** Completely wipe a slot in memory, including its policy. From 1ed98bd14643d61cb1cf4ce4ca6ff6f60b3fafb9 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 18 Feb 2020 22:11:30 +0000 Subject: [PATCH 28/39] made rsa import fn non-static --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 020427214..2f57b2064 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -533,7 +533,7 @@ static psa_status_t psa_check_rsa_key_byte_aligned( return( status ); } -static psa_status_t psa_import_rsa_key( psa_key_type_t type, +psa_status_t psa_import_rsa_key( psa_key_type_t type, const uint8_t *data, size_t data_length, mbedtls_rsa_context **p_rsa ) From 257d3be43d32197b4016873fa1e649af8c5ec4a9 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Mon, 24 Feb 2020 17:16:42 +0000 Subject: [PATCH 29/39] made ecdsa sign and verify fns non-static --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2f57b2064..220675d65 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3261,7 +3261,7 @@ psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, /* `ecp` cannot be const because `ecp->grp` needs to be non-const * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det() * (even though these functions don't modify it). */ -static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, +psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -3318,7 +3318,7 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, +psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, const uint8_t *hash, size_t hash_length, const uint8_t *signature, From 420afc4e15576532fdec7f5ecab63cf03a83251a Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Mon, 24 Feb 2020 17:38:38 +0000 Subject: [PATCH 30/39] Removed unnecessary fns --- include/psa/crypto_accel_driver.h | 99 ------------------------------- library/psa_crypto.c | 30 ---------- 2 files changed, 129 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index e1008dc9b..f60c2ec40 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -38,19 +38,6 @@ extern "C" { #endif -/** Completely wipe vendor allocated items for a slot in memory. - * - * Persistent storage is not affected. - * - * \param[in,out] slot The key slot to wipe. - * - * \retval PSA_SUCCESS - * Success. This includes the case of a key slot that was - * already fully wiped. - * \retval PSA_ERROR_CORRUPTION_DETECTED - */ -psa_status_t psa_remove_key_data_from_memory_vendor(psa_key_slot_t * slot); - /** Import vendor defined key data into a slot. * * `slot->type` must have been set previously. @@ -102,78 +89,6 @@ psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot, const uint8_t * domain_parameters, size_t domain_parameters_size); -/** - * \brief Sign a hash or short message with a vendor defined private key. - * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - *is defined. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param slot Key slot to use for the operation. - * It must be an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message to sign. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[out] signature Buffer where the signature is to be written. - * \param signature_size Size of the \p signature buffer in bytes. - * \param[out] signature_length On success, the number of bytes - * that make up the returned signature value. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p signature buffer is too small. You can - * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) - * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval Implementation dependent - */ -psa_status_t psa_asymmetric_sign_vendor(psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t * hash, - size_t hash_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length); - -/** - * \brief Verify the signature a hash or short message using a vendor defined public key. - * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - * is defined. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param handle Key slot to use for the operation. - * It must be a public key or an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message whose signature is to be - * verified. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] signature Buffer containing the signature to verify. - * \param signature_length Size of the \p signature buffer in bytes. - * - * \retval #PSA_SUCCESS - * The signature is valid. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * \retval Implementation dependent - */ -psa_status_t psa_asymmetric_verify_vendor(psa_key_slot_t * slot, - psa_algorithm_t alg, - const uint8_t * hash, - size_t hash_length, - const uint8_t * signature, - size_t signature_length); /** * \brief Generate symmetric key of vendor defined format. * @@ -224,20 +139,6 @@ psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uin */ psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg, mbedtls_operation_t cipher_operation); -/** Perform any vendor specific action when aborting a cipher operation. - * - * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C - * is defined. This function is called at the beginning of the psa_cipher_abort function. - * - * This function must not be called directly. - * - * \param[in,out] operation Initialized cipher operation. - * - * \retval #PSA_SUCCESS - * \retval Implementation dependent return values. - */ -psa_status_t psa_cipher_abort_vendor(psa_cipher_operation_t * operation); - /** \defgroup driver_digest Hardware-Accelerated Message Digests * * Generation and authentication of Message Digests (aka hashes) must be done diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 220675d65..57bdb6e25 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -953,14 +953,6 @@ static psa_status_t psa_get_transparent_key( psa_key_handle_t handle, /** Wipe key data from a slot. Preserve metadata such as the policy. */ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { - #if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) - if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) - { - psa_remove_key_data_from_memory_vendor(slot); - } - else -#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ - #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( psa_key_slot_is_external( slot ) ) { @@ -3394,16 +3386,6 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) - if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) - { - status = psa_asymmetric_sign_vendor(slot,alg, - hash, hash_length, - signature, signature_size, - signature_length ); - } - else -#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ #if defined(MBEDTLS_RSA_C) if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { @@ -3490,15 +3472,6 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) -if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime)) - { - return( psa_asymmetric_verify_vendor(slot,alg, - hash, hash_length, - signature, signature_length ) ); - } - else -#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ #if defined(MBEDTLS_RSA_C) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { @@ -4032,9 +4005,6 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) * always have been initialized to a valid value). */ if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) return( PSA_ERROR_BAD_STATE ); -#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C) - psa_cipher_abort_vendor(operation); -#endif //MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C mbedtls_cipher_free( &operation->ctx.cipher ); operation->alg = 0; From efcf4cfeb5ca329dee5074f1f9211cc48d7065a5 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Mon, 24 Feb 2020 17:46:31 +0000 Subject: [PATCH 31/39] Made exit uniform --- library/psa_crypto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 57bdb6e25..bb046ef13 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5555,6 +5555,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, { status = psa_generate_key_vendor(slot, attributes->core.bits, attributes->domain_parameters, attributes->domain_parameters_size); + goto exit; } else #endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */ From 58de7842110e376171e7e133b889b5259e852272 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 26 Feb 2020 17:30:52 +0000 Subject: [PATCH 32/39] Changed volatile check --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bb046ef13..0853c149b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1647,7 +1647,7 @@ psa_status_t psa_finish_key_creation( (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if (!PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) From bb039ba5a80139507afdbdcaba60631af51b649f Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 26 Feb 2020 17:38:59 +0000 Subject: [PATCH 33/39] Changed volatile check --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0853c149b..12285d3c8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1647,7 +1647,7 @@ psa_status_t psa_finish_key_creation( (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if (!PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) + if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime )) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) From 6a632df01d5296f91617b22e4e53f27faabd383b Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Wed, 26 Feb 2020 17:52:07 +0000 Subject: [PATCH 34/39] Updated persistent check --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 12285d3c8..5f5b43c1d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1647,7 +1647,7 @@ psa_status_t psa_finish_key_creation( (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime )) + if (PSA_KEY_LIFETIME_IS_PERSISTENT(slot->attr.lifetime )) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) From 40ae76c2a92051245025cad2177a7ec466afdbc2 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Fri, 28 Feb 2020 02:31:15 +0000 Subject: [PATCH 35/39] MR update --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 00ccd0b6a..54a459b05 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -381,7 +381,7 @@ #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) /** Whether a key type is AES. */ -#define PSA_KEY_TYPE_IS_AES(type) (((type)&PSA_KEY_TYPE_AES) != 0) +#define PSA_KEY_TYPE_IS_AES(type) (((type) == PSA_KEY_TYPE_AES) != 0) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * From 82fd27c29bf3a41185d93af64a1290f9916c79b8 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 3 Mar 2020 05:58:23 +0000 Subject: [PATCH 36/39] Updated Volatile check macro --- include/psa/crypto_values.h | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 54a459b05..bd7d14597 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1503,19 +1503,18 @@ * by other lifetime values as implementation-specific extensions. */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) - -#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \ - (((lifetime)&PSA_KEY_LIFETIME_VOLATILE) != 0) +#define PSA_KEY_LIFETIME_PERSISTENT_FLAG ((psa_key_lifetime_t)PSA_KEY_LIFETIME_PERSISTENT) +#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) (((lifetime) & PSA_KEY_LIFETIME_PERSISTENT_FLAG) == 0) #define PSA_KEY_LIFETIME_IS_PERSISTENT(lifetime) \ - (((lifetime)&PSA_KEY_LIFETIME_PERSISTENT) != 0) + (((lifetime) & PSA_KEY_LIFETIME_PERSISTENT) != 0) #define PSA_KEY_LIFETIME_VENDOR_FLAG ((psa_key_lifetime_t)0x80000000) #define PSA_KEY_LIFETIME_PERSISTENT_VENDOR (PSA_KEY_LIFETIME_VENDOR_FLAG | PSA_KEY_LIFETIME_PERSISTENT) #define PSA_KEY_LIFETIME_VOLATILE_VENDOR (PSA_KEY_LIFETIME_VENDOR_FLAG | PSA_KEY_LIFETIME_VOLATILE) #define PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(lifetime) \ - (((lifetime)&PSA_KEY_LIFETIME_VENDOR_FLAG) != 0) + (((lifetime) & PSA_KEY_LIFETIME_VENDOR_FLAG) != 0) /** The minimum value for a key identifier chosen by the application. */ #define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) From a9ba5bbefe1de77774bb435cab9e79cd7b895b80 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 3 Mar 2020 13:01:32 +0000 Subject: [PATCH 37/39] Whitespace fix --- include/psa/crypto_struct.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 1c72674fa..802d6ba97 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -378,7 +378,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { attributes->core.lifetime = lifetime; - if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) + if (PSA_KEY_LIFETIME_IS_VOLATILE( lifetime) ) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER attributes->core.id.key_id = 0; From 3f0fc77516acbb28b46169de15b7284995a737f0 Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 3 Mar 2020 13:02:40 +0000 Subject: [PATCH 38/39] Revert "Whitespace fix" This reverts commit a9ba5bbefe1de77774bb435cab9e79cd7b895b80. --- include/psa/crypto_struct.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 802d6ba97..1c72674fa 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -378,7 +378,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { attributes->core.lifetime = lifetime; - if (PSA_KEY_LIFETIME_IS_VOLATILE( lifetime) ) + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER attributes->core.id.key_id = 0; From 5a3f32b1f51e96c048ad0f70bf717fca6a3e118f Mon Sep 17 00:00:00 2001 From: Michael Thomas Date: Tue, 3 Mar 2020 13:03:17 +0000 Subject: [PATCH 39/39] MR Whitespace fix --- include/psa/crypto_struct.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 1c72674fa..802d6ba97 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -378,7 +378,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { attributes->core.lifetime = lifetime; - if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) + if (PSA_KEY_LIFETIME_IS_VOLATILE( lifetime) ) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER attributes->core.id.key_id = 0;