Mbed TLS v2.28.5
psa_util.h
Go to the documentation of this file.
1 
9 /*
10  * Copyright The Mbed TLS Contributors
11  * SPDX-License-Identifier: Apache-2.0
12  *
13  * Licensed under the Apache License, Version 2.0 (the "License"); you may
14  * not use this file except in compliance with the License.
15  * You may obtain a copy of the License at
16  *
17  * http://www.apache.org/licenses/LICENSE-2.0
18  *
19  * Unless required by applicable law or agreed to in writing, software
20  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22  * See the License for the specific language governing permissions and
23  * limitations under the License.
24  */
25 
26 #ifndef MBEDTLS_PSA_UTIL_H
27 #define MBEDTLS_PSA_UTIL_H
28 
29 #if !defined(MBEDTLS_CONFIG_FILE)
30 #include "mbedtls/config.h"
31 #else
32 #include MBEDTLS_CONFIG_FILE
33 #endif
34 
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36 
37 #include "psa/crypto.h"
38 
39 #include "mbedtls/ecp.h"
40 #include "mbedtls/md.h"
41 #include "mbedtls/pk.h"
42 #include "mbedtls/oid.h"
43 
44 #include <string.h>
45 
46 /* Translations for symmetric crypto. */
47 
48 static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
49  mbedtls_cipher_type_t cipher)
50 {
51  switch (cipher) {
64  return PSA_KEY_TYPE_AES;
65 
66  /* ARIA not yet supported in PSA. */
67  /* case MBEDTLS_CIPHER_ARIA_128_CCM:
68  case MBEDTLS_CIPHER_ARIA_192_CCM:
69  case MBEDTLS_CIPHER_ARIA_256_CCM:
70  case MBEDTLS_CIPHER_ARIA_128_GCM:
71  case MBEDTLS_CIPHER_ARIA_192_GCM:
72  case MBEDTLS_CIPHER_ARIA_256_GCM:
73  case MBEDTLS_CIPHER_ARIA_128_CBC:
74  case MBEDTLS_CIPHER_ARIA_192_CBC:
75  case MBEDTLS_CIPHER_ARIA_256_CBC:
76  return( PSA_KEY_TYPE_ARIA ); */
77 
78  default:
79  return 0;
80  }
81 }
82 
83 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
84  mbedtls_cipher_mode_t mode, size_t taglen)
85 {
86  switch (mode) {
87  case MBEDTLS_MODE_ECB:
89  case MBEDTLS_MODE_GCM:
91  case MBEDTLS_MODE_CCM:
93  case MBEDTLS_MODE_CBC:
94  if (taglen == 0) {
96  } else {
97  return 0;
98  }
99  default:
100  return 0;
101  }
102 }
103 
104 static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
106 {
107  switch (op) {
108  case MBEDTLS_ENCRYPT:
109  return PSA_KEY_USAGE_ENCRYPT;
110  case MBEDTLS_DECRYPT:
111  return PSA_KEY_USAGE_DECRYPT;
112  default:
113  return 0;
114  }
115 }
116 
117 /* Translations for hashing. */
118 
119 static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
120 {
121  switch (md_alg) {
122 #if defined(MBEDTLS_MD2_C)
123  case MBEDTLS_MD_MD2:
124  return PSA_ALG_MD2;
125 #endif
126 #if defined(MBEDTLS_MD4_C)
127  case MBEDTLS_MD_MD4:
128  return PSA_ALG_MD4;
129 #endif
130 #if defined(MBEDTLS_MD5_C)
131  case MBEDTLS_MD_MD5:
132  return PSA_ALG_MD5;
133 #endif
134 #if defined(MBEDTLS_SHA1_C)
135  case MBEDTLS_MD_SHA1:
136  return PSA_ALG_SHA_1;
137 #endif
138 #if defined(MBEDTLS_SHA256_C)
139  case MBEDTLS_MD_SHA224:
140  return PSA_ALG_SHA_224;
141  case MBEDTLS_MD_SHA256:
142  return PSA_ALG_SHA_256;
143 #endif
144 #if defined(MBEDTLS_SHA512_C)
145  case MBEDTLS_MD_SHA384:
146  return PSA_ALG_SHA_384;
147  case MBEDTLS_MD_SHA512:
148  return PSA_ALG_SHA_512;
149 #endif
150 #if defined(MBEDTLS_RIPEMD160_C)
152  return PSA_ALG_RIPEMD160;
153 #endif
154  case MBEDTLS_MD_NONE:
155  return 0;
156  default:
157  return 0;
158  }
159 }
160 
161 /* Translations for ECC. */
162 
163 static inline int mbedtls_psa_get_ecc_oid_from_id(
164  psa_ecc_family_t curve, size_t bits,
165  char const **oid, size_t *oid_len)
166 {
167  switch (curve) {
169  switch (bits) {
170 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
171  case 192:
174  return 0;
175 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
176 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
177  case 224:
180  return 0;
181 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
182 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
183  case 256:
186  return 0;
187 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
188 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
189  case 384:
192  return 0;
193 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
194 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
195  case 521:
198  return 0;
199 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
200  }
201  break;
203  switch (bits) {
204 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
205  case 192:
208  return 0;
209 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
210 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
211  case 224:
214  return 0;
215 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
216 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
217  case 256:
220  return 0;
221 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
222  }
223  break;
225  switch (bits) {
226 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
227  case 256:
230  return 0;
231 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
232 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
233  case 384:
236  return 0;
237 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
238 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
239  case 512:
242  return 0;
243 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
244  }
245  break;
246  }
247  (void) oid;
248  (void) oid_len;
249  return -1;
250 }
251 
252 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
253 
254 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
255 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
256 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
257 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
258 #endif
259 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
260 
261 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
262 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
263 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
264 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
265 #endif
266 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
267 
268 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
269 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
270 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
271 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
272 #endif
273 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
274 
275 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
276 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
277 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
278 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
279 #endif
280 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
281 
282 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
283 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((521 + 7) / 8) + 1)
284 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
285 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((521 + 7) / 8) + 1)
286 #endif
287 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
288 
289 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
290 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
291 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
292 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
293 #endif
294 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
295 
296 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
297 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
298 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
299 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
300 #endif
301 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
302 
303 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
304 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
305 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
306 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
307 #endif
308 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
309 
310 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
311 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
312 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
313 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
314 #endif
315 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
316 
317 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
318 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
319 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
320 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
321 #endif
322 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
323 
324 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
325 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((512 + 7) / 8) + 1)
326 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
327 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((512 + 7) / 8) + 1)
328 #endif
329 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
330 
331 
332 /* Translations for PK layer */
333 
334 static inline int mbedtls_psa_err_translate_pk(psa_status_t status)
335 {
336  switch (status) {
337  case PSA_SUCCESS:
338  return 0;
345  case PSA_ERROR_BAD_STATE:
347  /* All other failures */
352  default: /* We return the same as for the 'other failures',
353  * but list them separately nonetheless to indicate
354  * which failure conditions we have considered. */
356  }
357 }
358 
359 /* Translations for ECC */
360 
361 /* This function transforms an ECC group identifier from
362  * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
363  * into a PSA ECC group identifier. */
364 #if defined(MBEDTLS_ECP_C)
365 static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
366  uint16_t tls_ecc_grp_reg_id, size_t *bits)
367 {
368  const mbedtls_ecp_curve_info *curve_info =
369  mbedtls_ecp_curve_info_from_tls_id(tls_ecc_grp_reg_id);
370  if (curve_info == NULL) {
371  return 0;
372  }
374  mbedtls_ecc_group_to_psa(curve_info->grp_id, bits));
375 }
376 #endif /* MBEDTLS_ECP_C */
377 
378 /* This function takes a buffer holding an EC public key
379  * exported through psa_export_public_key(), and converts
380  * it into an ECPoint structure to be put into a ClientKeyExchange
381  * message in an ECDHE exchange.
382  *
383  * Both the present and the foreseeable future format of EC public keys
384  * used by PSA have the ECPoint structure contained in the exported key
385  * as a subbuffer, and the function merely selects this subbuffer instead
386  * of making a copy.
387  */
388 static inline int mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char *src,
389  size_t srclen,
390  unsigned char **dst,
391  size_t *dstlen)
392 {
393  *dst = src;
394  *dstlen = srclen;
395  return 0;
396 }
397 
398 /* This function takes a buffer holding an ECPoint structure
399  * (as contained in a TLS ServerKeyExchange message for ECDHE
400  * exchanges) and converts it into a format that the PSA key
401  * agreement API understands.
402  */
403 static inline int mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const *src,
404  size_t srclen,
405  unsigned char *dst,
406  size_t dstlen,
407  size_t *olen)
408 {
409  if (srclen > dstlen) {
411  }
412 
413  memcpy(dst, src, srclen);
414  *olen = srclen;
415  return 0;
416 }
417 
418 #endif /* MBEDTLS_USE_PSA_CRYPTO */
419 
420 /* Expose whatever RNG the PSA subsystem uses to applications using the
421  * mbedtls_xxx API. The declarations and definitions here need to be
422  * consistent with the implementation in library/psa_crypto_random_impl.h.
423  * See that file for implementation documentation. */
424 #if defined(MBEDTLS_PSA_CRYPTO_C)
425 
426 /* The type of a `f_rng` random generator function that many library functions
427  * take.
428  *
429  * This type name is not part of the Mbed TLS stable API. It may be renamed
430  * or moved without warning.
431  */
432 typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size);
433 
434 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
435 
471 int mbedtls_psa_get_random(void *p_rng,
472  unsigned char *output,
473  size_t output_size);
474 
485 #define MBEDTLS_PSA_RANDOM_STATE NULL
486 
487 #else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
488 
489 #if defined(MBEDTLS_CTR_DRBG_C)
490 #include "mbedtls/ctr_drbg.h"
493 #elif defined(MBEDTLS_HMAC_DRBG_C)
494 #include "mbedtls/hmac_drbg.h"
497 #endif
499 
500 #define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
501 
502 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
503 
504 #endif /* MBEDTLS_PSA_CRYPTO_C */
505 
506 #endif /* MBEDTLS_PSA_UTIL_H */
static psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Definition: crypto_extra.h:586
The CTR_DRBG context structure.
Definition: ctr_drbg.h:173
mbedtls_operation_t
Definition: cipher.h:220
#define MBEDTLS_OID_EC_GRP_SECP192K1
Definition: oid.h:375
#define PSA_ERROR_COMMUNICATION_FAILURE
#define PSA_ALG_ECB_NO_PADDING
mbedtls_cipher_mode_t
Definition: cipher.h:194
#define PSA_SUCCESS
Definition: crypto_values.h:68
This file provides an API for Elliptic Curves over GF(P) (ECP).
Platform Security Architecture cryptography module.
#define MBEDTLS_OID_EC_GRP_SECP192R1
Definition: oid.h:355
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
Configuration options (set of defines)
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
#define PSA_ALG_GCM
#define MBEDTLS_OID_EC_GRP_SECP384R1
Definition: oid.h:367
#define PSA_ALG_MD4
#define PSA_ALG_SHA_256
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:110
Object Identifier (OID) database.
Public Key abstraction layer.
#define PSA_ALG_SHA_512
#define PSA_ERROR_INSUFFICIENT_MEMORY
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED
Definition: pk.h:86
#define MBEDTLS_OID_EC_GRP_SECP256R1
Definition: oid.h:363
#define PSA_ALG_SHA_224
#define PSA_ALG_RIPEMD160
#define MBEDTLS_OID_EC_GRP_BP256R1
Definition: oid.h:394
int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size)
Definition: psa_util.h:432
#define MBEDTLS_OID_EC_GRP_SECP224K1
Definition: oid.h:379
#define PSA_ALG_SHA_384
#define PSA_KEY_USAGE_DECRYPT
#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length)
#define PSA_ALG_CBC_NO_PADDING
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1
#define MBEDTLS_OID_EC_GRP_BP512R1
Definition: oid.h:400
#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve)
#define MBEDTLS_OID_EC_GRP_SECP521R1
Definition: oid.h:371
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:137
mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state
#define MBEDTLS_ERR_PK_ALLOC_FAILED
Definition: pk.h:56
#define PSA_ECC_FAMILY_SECP_R1
#define MBEDTLS_ERR_PK_BAD_INPUT_DATA
Definition: pk.h:60
#define PSA_ERROR_CORRUPTION_DETECTED
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:326
#define PSA_KEY_TYPE_AES
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:81
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
This function retrieves curve information from a TLS NamedCurve value.
#define MBEDTLS_OID_EC_GRP_SECP224R1
Definition: oid.h:359
#define PSA_ERROR_HARDWARE_FAILURE
mbedtls_ecp_group_id grp_id
Definition: ecp.h:162
This file contains the generic message-digest wrapper.
#define PSA_ERROR_NOT_SUPPORTED
Definition: crypto_values.h:84
#define MBEDTLS_OID_SIZE(x)
Definition: asn1.h:127
mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t
Definition: psa_util.h:491
static mbedtls_f_rng_t *const mbedtls_psa_get_random
Definition: psa_util.h:492
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
Definition: pk.h:80
#define PSA_ALG_CCM
#define PSA_ALG_MD2
#define MBEDTLS_OID_EC_GRP_BP384R1
Definition: oid.h:397
#define PSA_ECC_FAMILY_SECP_K1
#define MBEDTLS_OID_EC_GRP_SECP256K1
Definition: oid.h:383
#define PSA_ALG_SHA_1
#define PSA_ALG_MD5
#define PSA_ERROR_BAD_STATE
#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
Definition: ecp.h:56
uint8_t psa_ecc_family_t
Definition: crypto_types.h:100
#define MBEDTLS_ERR_ECP_RANDOM_FAILED
Definition: ecp.h:64
mbedtls_md_type_t
Supported message digests.
Definition: md.h:62
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:62
#define PSA_KEY_USAGE_ENCRYPT
#define PSA_ERROR_INSUFFICIENT_ENTROPY
This file contains definitions and functions for the CTR_DRBG pseudorandom generator.
The HMAC_DRBG pseudorandom generator.