crypto.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2021 HAW Hamburg
3  *
4  * This file is subject to the terms and conditions of the GNU Lesser
5  * General Public License v2.1. See the file LICENSE in the top level
6  * directory for more details.
7  */
8 
22 #ifndef PSA_CRYPTO_PSA_CRYPTO_H
23 #define PSA_CRYPTO_PSA_CRYPTO_H
24 
25 #ifdef __cplusplus
26 extern "C" {
27 #endif
28 
29 #include <stdlib.h>
30 #include <string.h>
31 
32 #include "kernel_defines.h"
33 
34 #if IS_USED(MODULE_PSA_SECURE_ELEMENT_CONFIG)
35 #include "psa/crypto_se_config.h"
36 #endif
37 
38 #include "crypto_sizes.h"
39 #include "crypto_struct.h"
40 #include "crypto_values.h"
41 #include "crypto_types.h"
42 
46 #define PSA_CRYPTO_API_VERSION_MAJOR 1
47 
51 #define PSA_CRYPTO_API_VERSION_MINOR 1
52 
59 const char *psa_status_to_humanly_readable(psa_status_t status);
60 
84 psa_status_t psa_crypto_init(void);
85 
86 #if IS_USED(MODULE_PSA_AEAD) || defined(DOXYGEN)
142 psa_status_t psa_aead_encrypt(psa_key_id_t key,
143  psa_algorithm_t alg,
144  const uint8_t *nonce,
145  size_t nonce_length,
146  const uint8_t *additional_data,
147  size_t additional_data_length,
148  const uint8_t *plaintext,
149  size_t plaintext_length,
150  uint8_t *ciphertext,
151  size_t ciphertext_size,
152  size_t *ciphertext_length);
153 
209 psa_status_t psa_aead_decrypt(psa_key_id_t key,
210  psa_algorithm_t alg,
211  const uint8_t *nonce,
212  size_t nonce_length,
213  const uint8_t *additional_data,
214  size_t additional_data_length,
215  const uint8_t *ciphertext,
216  size_t ciphertext_length,
217  uint8_t *plaintext,
218  size_t plaintext_size,
219  size_t *plaintext_length);
220 
278 psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
279  psa_key_id_t key,
280  psa_algorithm_t alg);
281 
339 psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
340  psa_key_id_t key,
341  psa_algorithm_t alg);
342 
378 psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
379  size_t ad_length,
380  size_t plaintext_length);
381 
427 psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
428  uint8_t *nonce,
429  size_t nonce_size,
430  size_t *nonce_length);
431 
475 psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
476  const uint8_t *nonce,
477  size_t nonce_length);
478 
521 psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
522  const uint8_t *input,
523  size_t input_length);
524 
590 psa_status_t psa_aead_update(psa_aead_operation_t *operation,
591  const uint8_t *input,
592  size_t input_length,
593  uint8_t *output,
594  size_t output_size,
595  size_t *output_length);
596 
664 psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
665  uint8_t *ciphertext,
666  size_t ciphertext_size,
667  size_t *ciphertext_length,
668  uint8_t *tag,
669  size_t tag_size,
670  size_t *tag_length);
671 
738 psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
739  uint8_t *plaintext,
740  size_t plaintext_size,
741  size_t *plaintext_length,
742  const uint8_t *tag,
743  size_t tag_length);
744 
770 psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
771 #endif /* MODULE_PSA_AEAD */
772 
773 #if IS_USED(MODULE_PSA_ASYMMETRIC) || defined(DOXYGEN)
825 psa_status_t psa_asymmetric_encrypt(psa_key_id_t key,
826  psa_algorithm_t alg,
827  const uint8_t *input,
828  size_t input_length,
829  const uint8_t *salt,
830  size_t salt_length,
831  uint8_t *output,
832  size_t output_size,
833  size_t *output_length);
834 
887 psa_status_t psa_asymmetric_decrypt(psa_key_id_t key,
888  psa_algorithm_t alg,
889  const uint8_t *input,
890  size_t input_length,
891  const uint8_t *salt,
892  size_t salt_length,
893  uint8_t *output,
894  size_t output_size,
895  size_t *output_length);
896 #endif /* MODULE_PSA_ASYMMETRIC */
897 
898 
899 #if IS_USED(MODULE_PSA_CIPHER) || defined(DOXYGEN)
923 psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
924 
988 psa_status_t psa_cipher_decrypt(psa_key_id_t key,
989  psa_algorithm_t alg,
990  const uint8_t *input,
991  size_t input_length,
992  uint8_t *output,
993  size_t output_size,
994  size_t *output_length);
995 
1051 psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
1052  psa_key_id_t key,
1053  psa_algorithm_t alg);
1054 
1112 psa_status_t psa_cipher_encrypt(psa_key_id_t key,
1113  psa_algorithm_t alg,
1114  const uint8_t *input,
1115  size_t input_length,
1116  uint8_t *output,
1117  size_t output_size,
1118  size_t *output_length);
1119 
1177 psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
1178  psa_key_id_t key,
1179  psa_algorithm_t alg);
1180 
1233 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
1234  uint8_t *output,
1235  size_t output_size,
1236  size_t *output_length);
1237 
1287 psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
1288  uint8_t *iv,
1289  size_t iv_size,
1290  size_t *iv_length);
1291 
1334 psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
1335  const uint8_t *iv,
1336  size_t iv_length);
1337 
1388 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
1389  const uint8_t *input,
1390  size_t input_length,
1391  uint8_t *output,
1392  size_t output_size,
1393  size_t *output_length);
1394 #endif /* MODULE_PSA_CIPHER */
1395 
1396 #if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
1488 psa_status_t psa_copy_key(psa_key_id_t source_key,
1489  const psa_key_attributes_t *attributes,
1490  psa_key_id_t *target_key);
1491 
1543 psa_status_t psa_destroy_key(psa_key_id_t key);
1544 
1652 psa_status_t psa_export_key(psa_key_id_t key,
1653  uint8_t *data,
1654  size_t data_size,
1655  size_t *data_length);
1656 
1737 psa_status_t psa_export_public_key(psa_key_id_t key,
1738  uint8_t *data,
1739  size_t data_size,
1740  size_t *data_length);
1741 
1748 psa_status_t psa_builtin_generate_key(const psa_key_attributes_t *attributes, uint8_t *key_buffer,
1749  size_t key_buffer_size, size_t *key_buffer_length);
1750 
1806 psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
1807  psa_key_id_t *key);
1808 #endif /* MODULE_PSA_KEY_MANAGEMENT */
1809 
1822 psa_status_t psa_builtin_generate_random( uint8_t *output,
1823  size_t output_size);
1824 
1847 psa_status_t psa_generate_random(uint8_t *output,
1848  size_t output_size);
1849 
1850 #if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
1861 static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
1862  psa_algorithm_t alg)
1863 {
1864  attributes->policy.alg = alg;
1865 }
1866 
1874 static inline psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
1875 {
1876  return attributes->policy.alg;
1877 }
1878 
1889 static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
1890  size_t bits)
1891 {
1892  attributes->bits = bits;
1893 }
1894 
1902 static inline size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
1903 {
1904  return attributes->bits;
1905 }
1906 
1923 static inline void psa_set_key_id(psa_key_attributes_t *attributes, psa_key_id_t id)
1924 {
1925  attributes->id = id;
1926 }
1927 
1937 static inline psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
1938 {
1939  return attributes->id;
1940 }
1941 
1960 static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
1961  psa_key_lifetime_t lifetime)
1962 {
1963  attributes->lifetime = lifetime;
1964 }
1965 
1973 static inline psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
1974 {
1975  return attributes->lifetime;
1976 }
1977 
1987 static inline void psa_set_key_type(psa_key_attributes_t *attributes,
1988  psa_key_type_t type)
1989 {
1990  attributes->type = type;
1991 }
1992 
2000 static inline psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
2001 {
2002  return attributes->type;
2003 }
2004 
2016 static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
2017  psa_key_usage_t usage_flags)
2018 {
2019  attributes->policy.usage = usage_flags;
2020 }
2021 
2029 static inline psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
2030 {
2031  return attributes->policy.usage;
2032 }
2033 
2045 static inline void psa_reset_key_attributes(psa_key_attributes_t *attributes)
2046 {
2047  *attributes = psa_key_attributes_init();
2048 }
2049 
2079 psa_status_t psa_get_key_attributes(psa_key_id_t key,
2080  psa_key_attributes_t *attributes);
2081 #endif /* MODULE_PSA_KEY_MANAGEMENT */
2082 
2083 #if IS_USED(MODULE_PSA_HASH) || defined(DOXYGEN)
2109 psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
2110 
2139 psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
2140  psa_hash_operation_t *target_operation);
2141 
2170 psa_status_t psa_hash_compare(psa_algorithm_t alg,
2171  const uint8_t *input,
2172  size_t input_length,
2173  const uint8_t *hash,
2174  size_t hash_length);
2175 
2209 psa_status_t psa_hash_compute(psa_algorithm_t alg,
2210  const uint8_t *input,
2211  size_t input_length,
2212  uint8_t *hash,
2213  size_t hash_size,
2214  size_t *hash_length);
2215 
2257 psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
2258  uint8_t *hash,
2259  size_t hash_size,
2260  size_t *hash_length);
2261 
2298 psa_status_t psa_hash_resume(psa_hash_operation_t *operation,
2299  const uint8_t *hash_state,
2300  size_t hash_state_length);
2301 
2343 psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
2344  psa_algorithm_t alg);
2345 
2421 psa_status_t psa_hash_suspend(psa_hash_operation_t *operation,
2422  uint8_t *hash_state,
2423  size_t hash_state_size,
2424  size_t *hash_state_length);
2425 
2450 psa_status_t psa_hash_update(psa_hash_operation_t *operation,
2451  const uint8_t *input,
2452  size_t input_length);
2453 
2486 psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
2487  const uint8_t *hash,
2488  size_t hash_length);
2489 #endif /* MODULE_PSA_HASH */
2490 
2491 #if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
2539 psa_status_t psa_builtin_import_key(const psa_key_attributes_t *attributes,
2540  const uint8_t *data, size_t data_length,
2541  uint8_t *key_buffer, size_t key_buffer_size,
2542  size_t *key_buffer_length, size_t *bits);
2543 
2630 psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
2631  const uint8_t *data,
2632  size_t data_length,
2633  psa_key_id_t *key);
2634 #endif /* MODULE_PSA_KEY_MANAGEMENT */
2635 
2636 #if IS_USED(MODULE_PSA_KEY_DERIVATION) || defined(DOXYGEN)
2659 psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation);
2660 
2686 psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation,
2687  size_t *capacity);
2688 
2735 psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation,
2736  psa_key_derivation_step_t step,
2737  const uint8_t *data,
2738  size_t data_length);
2739 
2783 psa_status_t psa_key_derivation_input_integer( psa_key_derivation_operation_t *operation,
2784  psa_key_derivation_step_t step,
2785  uint64_t value);
2786 
2852 psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation,
2853  psa_key_derivation_step_t step,
2854  psa_key_id_t key);
2855 
2915 psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation,
2916  psa_key_derivation_step_t step,
2917  psa_key_id_t private_key,
2918  const uint8_t *peer_key,
2919  size_t peer_key_length);
2920 
2960 psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation,
2961  uint8_t *output,
2962  size_t output_length);
2963 
3118 psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes,
3119  psa_key_derivation_operation_t *operation,
3120  psa_key_id_t *key);
3121 
3142 psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation,
3143  size_t capacity);
3144 
3202 psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation,
3203  psa_algorithm_t alg);
3204 
3261 psa_status_t psa_key_derivation_verify_bytes(psa_key_derivation_operation_t *operation,
3262  const uint8_t *expected_output,
3263  size_t output_length);
3264 
3324 psa_status_t psa_key_derivation_verify_key(psa_key_derivation_operation_t *operation,
3325  psa_key_id_t expected);
3326 #endif /* PSA_CRYPTO_KEY_DERIVATION */
3327 
3328 #if IS_USED(MODULE_PSA_MAC) || defined(DOXYGEN)
3351 psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
3352 
3404 psa_status_t psa_mac_compute(psa_key_id_t key,
3405  psa_algorithm_t alg,
3406  const uint8_t *input,
3407  size_t input_length,
3408  uint8_t *mac,
3409  size_t mac_size,
3410  size_t *mac_length);
3411 
3460 psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
3461  uint8_t *mac,
3462  size_t mac_size,
3463  size_t *mac_length);
3464 
3521 psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
3522  psa_key_id_t key,
3523  psa_algorithm_t alg);
3524 
3553 psa_status_t psa_mac_update(psa_mac_operation_t *operation,
3554  const uint8_t *input,
3555  size_t input_length);
3556 
3594 psa_status_t psa_mac_verify(psa_key_id_t key,
3595  psa_algorithm_t alg,
3596  const uint8_t *input,
3597  size_t input_length,
3598  const uint8_t *mac,
3599  size_t mac_length);
3600 
3636 psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
3637  const uint8_t *mac,
3638  size_t mac_length);
3639 
3695 psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
3696  psa_key_id_t key,
3697  psa_algorithm_t alg);
3698 #endif /* MODULE_PSA_MAC */
3699 
3700 #if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
3727 psa_status_t psa_purge_key(psa_key_id_t key);
3728 #endif /* MODULE_PSA_KEY_MANAGEMENT */
3729 
3730 #if IS_USED(MODULE_PSA_KEY_AGREEMENT) || defined(DOXYGEN)
3794 psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
3795  psa_key_id_t private_key,
3796  const uint8_t *peer_key,
3797  size_t peer_key_length,
3798  uint8_t *output,
3799  size_t output_size,
3800  size_t *output_length);
3801 #endif /* MODULE_PSA_KEY_AGREEMENT */
3802 
3803 #if IS_USED(MODULE_PSA_ASYMMETRIC) || defined(DOXYGEN)
3872 psa_status_t psa_sign_hash(psa_key_id_t key,
3873  psa_algorithm_t alg,
3874  const uint8_t *hash,
3875  size_t hash_length,
3876  uint8_t *signature,
3877  size_t signature_size,
3878  size_t *signature_length);
3879 
3937 psa_status_t psa_sign_message(psa_key_id_t key,
3938  psa_algorithm_t alg,
3939  const uint8_t *input,
3940  size_t input_length,
3941  uint8_t *signature,
3942  size_t signature_size,
3943  size_t *signature_length);
3944 
4007 psa_status_t psa_verify_hash(psa_key_id_t key,
4008  psa_algorithm_t alg,
4009  const uint8_t *hash,
4010  size_t hash_length,
4011  const uint8_t *signature,
4012  size_t signature_length);
4013 
4063 psa_status_t psa_verify_message(psa_key_id_t key,
4064  psa_algorithm_t alg,
4065  const uint8_t *input,
4066  size_t input_length,
4067  const uint8_t *signature,
4068  size_t signature_length);
4069 #endif /* MODULE_PSA_ASYMMETRIC */
4070 
4071 #ifdef __cplusplus
4072 }
4073 #endif
4074 
4075 #endif /* PSA_CRYPTO_PSA_CRYPTO_H */
psa_algorithm_t
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: algorithm.h:39
psa_key_attributes_init
static psa_key_attributes_t psa_key_attributes_init(void)
Return an initial value for a key attribute object.
Definition: attributes.h:174
psa_verify_hash
psa_status_t psa_verify_hash(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
Verify the signature of a hash or short message using a public key.
psa_key_derivation_output_bytes
psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation, uint8_t *output, size_t output_length)
Read some data from a key derivation operation.
psa_purge_key
psa_status_t psa_purge_key(psa_key_id_t key)
Remove non-essential copies of key material from memory.
psa_cipher_encrypt
psa_status_t psa_cipher_encrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a message using a symmetric cipher.
psa_hash_compare
psa_status_t psa_hash_compare(psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, size_t hash_length)
Calculate the hash (digest) of a message and compare it with a reference value.
psa_raw_key_agreement
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, psa_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length, uint8_t *output, size_t output_size, size_t *output_length)
Perform a key agreement and return the raw shared secret.
psa_aead_encrypt
psa_status_t psa_aead_encrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
Process an authenticated encryption operation.
psa_generate_random
psa_status_t psa_generate_random(uint8_t *output, size_t output_size)
Generate random bytes.
psa_asymmetric_decrypt
psa_status_t psa_asymmetric_decrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a short message with a private key.
psa_cipher_finish
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
Finish encrypting or decrypting a message in a cipher operation.
psa_sign_message
psa_status_t psa_sign_message(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a message with a private key.
psa_asymmetric_encrypt
psa_status_t psa_asymmetric_encrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a short message with a public key.
psa_cipher_generate_iv
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, uint8_t *iv, size_t iv_size, size_t *iv_length)
Generate an initialization vector (IV) for a symmetric encryption operation.
psa_crypto_init
psa_status_t psa_crypto_init(void)
Library initialization.
psa_aead_decrypt_setup
psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part authenticated decryption operation.
psa_cipher_decrypt
psa_status_t psa_cipher_decrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a message using a symmetric cipher.
psa_hash_suspend
psa_status_t psa_hash_suspend(psa_hash_operation_t *operation, uint8_t *hash_state, size_t hash_state_size, size_t *hash_state_length)
Halt the hash operation and extract the intermediate state of the hash computation.
psa_hash_clone
psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation)
Clone a hash operation.
psa_sign_hash
psa_status_t psa_sign_hash(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign an already-calculated hash with a private key.
psa_set_key_usage_flags
static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags)
Declare usage flags for a key.
Definition: crypto.h:2016
psa_hash_finish
psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)
Finish the calculation of the hash of a message.
psa_key_derivation_key_agreement
psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length)
Perform a key agreement and use the shared secret as input to a key derivation.
psa_status_to_humanly_readable
const char * psa_status_to_humanly_readable(psa_status_t status)
Helper function to convert PSA status values humanly readable.
psa_aead_encrypt_setup
psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part authenticated encryption operation.
psa_mac_update
psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
Add a message fragment to a multi-part MAC operation.
psa_aead_generate_nonce
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, uint8_t *nonce, size_t nonce_size, size_t *nonce_length)
Generate a random nonce for an authenticated encryption operation.
psa_aead_set_nonce
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, const uint8_t *nonce, size_t nonce_length)
Set the nonce for an authenticated encryption or decryption operation.
psa_builtin_generate_key
psa_status_t psa_builtin_generate_key(const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
Built-in key generation function.
psa_get_key_bits
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
Retrieve the key size from key attributes.
Definition: crypto.h:1902
psa_export_key
psa_status_t psa_export_key(psa_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a key in binary format.
psa_mac_sign_setup
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set up a multi-part MAC calculation operation.
psa_hash_update
psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
Add a message fragment to a multi-part hash operation.
psa_set_key_type
static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type)
Declare the type of a key.
Definition: crypto.h:1987
psa_aead_update_ad
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length)
Pass additional data to an active AEAD operation.
psa_hash_resume
psa_status_t psa_hash_resume(psa_hash_operation_t *operation, const uint8_t *hash_state, size_t hash_state_length)
Set up a multi-part hash operation using the hash suspend state from a previously suspended hash oper...
psa_mac_verify_setup
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set up a multi-part MAC verification operation.
psa_aead_finish
psa_status_t psa_aead_finish(psa_aead_operation_t *operation, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length, uint8_t *tag, size_t tag_size, size_t *tag_length)
Finish encrypting a message in an AEAD operation.
psa_export_public_key
psa_status_t psa_export_public_key(psa_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a public key or the public part of a key pair in binary format.
psa_copy_key
psa_status_t psa_copy_key(psa_key_id_t source_key, const psa_key_attributes_t *attributes, psa_key_id_t *target_key)
Make a copy of a key.
psa_hash_verify
psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length)
Finish the calculation of the hash of a message and compare it with an expected value.
psa_verify_message
psa_status_t psa_verify_message(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *signature, size_t signature_length)
Verify the signature of a message with a public key.
psa_key_derivation_set_capacity
psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, size_t capacity)
Set the maximum capacity of a key derivation operation.
psa_hash_setup
psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg)
Set up a multipart hash operation.
psa_get_key_attributes
psa_status_t psa_get_key_attributes(psa_key_id_t key, psa_key_attributes_t *attributes)
Retrieve the attributes of a key.
psa_builtin_generate_random
psa_status_t psa_builtin_generate_random(uint8_t *output, size_t output_size)
Built-in function for random number generation.
psa_key_derivation_input_bytes
psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length)
Provide an input for key derivation or key agreement.
psa_key_derivation_abort
psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
Abort a key derivation operation.
psa_generate_key
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, psa_key_id_t *key)
Generate a key or key pair.
psa_key_derivation_get_capacity
psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, size_t *capacity)
Retrieve the current capacity of a key derivation operation.
psa_cipher_set_iv
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length)
Set the initialization vector (IV) for a symmetric encryption or decryption operation.
psa_cipher_decrypt_setup
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part symmetric decryption operation.
psa_get_key_lifetime
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
Retrieve the lifetime from key attributes.
Definition: crypto.h:1973
psa_get_key_usage_flags
static psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
Retrieve the usage flags from key attributes.
Definition: crypto.h:2029
psa_mac_verify
psa_status_t psa_mac_verify(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *mac, size_t mac_length)
Calculate the MAC of a message and compare it with a reference value.
psa_key_derivation_input_key
psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_id_t key)
Provide an input for key derivation in the form of a key.
psa_cipher_abort
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
Abort a cipher operation.
psa_hash_abort
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
Abort a hash operation.
psa_aead_decrypt
psa_status_t psa_aead_decrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
Process an authenticated decryption operation.
psa_set_key_lifetime
static void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime)
Set the location of a persistent key.
Definition: crypto.h:1960
psa_key_derivation_verify_key
psa_status_t psa_key_derivation_verify_key(psa_key_derivation_operation_t *operation, psa_key_id_t expected)
Compare output data from a key derivation operation to an expected value stored in a key.
psa_key_derivation_setup
psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, psa_algorithm_t alg)
Set up a key derivation operation.
psa_builtin_import_key
psa_status_t psa_builtin_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits)
Built-in key import function.
psa_key_derivation_input_integer
psa_status_t psa_key_derivation_input_integer(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, uint64_t value)
Provide a numeric input for key derivation or key agreement.
psa_mac_sign_finish
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
Finish the calculation of the MAC of a message.
psa_get_key_algorithm
static psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
Retrieve the permitted algorithm policy from key attributes.
Definition: crypto.h:1874
psa_cipher_update
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt or decrypt a message fragment in an active cipher operation.
psa_cipher_encrypt_setup
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part symmetric encryption operation.
psa_hash_compute
psa_status_t psa_hash_compute(psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length)
Calculate the hash (digest) of a message.
psa_mac_verify_finish
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
Finish the calculation of the MAC of a message and compare it with an expected value.
psa_mac_abort
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
Abort a MAC operation.
psa_import_key
psa_status_t psa_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, psa_key_id_t *key)
Import a key in binary format.
psa_key_derivation_output_key
psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, psa_key_derivation_operation_t *operation, psa_key_id_t *key)
Derive a key from an ongoing key derivation operation.
psa_aead_set_lengths
psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, size_t ad_length, size_t plaintext_length)
Declare the lengths of the message and additional data for AEAD.
psa_set_key_id
static void psa_set_key_id(psa_key_attributes_t *attributes, psa_key_id_t id)
Declare a key as persistent and set its key identifier.
Definition: crypto.h:1923
psa_get_key_id
static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
Retrieve the key identifier from key attributes.
Definition: crypto.h:1937
psa_aead_verify
psa_status_t psa_aead_verify(psa_aead_operation_t *operation, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length, const uint8_t *tag, size_t tag_length)
Finish authenticating and decrypting a message in an AEAD operation.
psa_get_key_type
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
Retrieve the key type from key attributes.
Definition: crypto.h:2000
psa_aead_abort
psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
Abort an AEAD operation.
psa_set_key_algorithm
static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg)
Declare the permitted algorithm policy for a key.
Definition: crypto.h:1861
psa_key_derivation_verify_bytes
psa_status_t psa_key_derivation_verify_bytes(psa_key_derivation_operation_t *operation, const uint8_t *expected_output, size_t output_length)
Compare output data from a key derivation operation to an expected value.
psa_destroy_key
psa_status_t psa_destroy_key(psa_key_id_t key)
Destroy a key.
psa_set_key_bits
static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits)
Declare the size of a key.
Definition: crypto.h:1889
psa_aead_update
psa_status_t psa_aead_update(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt or decrypt a message fragment in an active AEAD operation.
psa_reset_key_attributes
static void psa_reset_key_attributes(psa_key_attributes_t *attributes)
Reset a key attribute object to a freshly initialized state.
Definition: crypto.h:2045
psa_mac_compute
psa_status_t psa_mac_compute(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *mac, size_t mac_size, size_t *mac_length)
Calculate the message authentication code (MAC) of a message.
crypto_se_config.h
Define structures für SE slot configurations.
crypto_sizes.h
Size definitions for PSA Crypto.
crypto_struct.h
Structure definitions for PSA Crypto.
crypto_types.h
Type definitions for PSA Crypto.
psa_key_derivation_step_t
uint16_t psa_key_derivation_step_t
Encoding of the step of a key derivation.
Definition: crypto_types.h:78
crypto_values.h
Value definitions for PSA Crypto.
psa_key_id_t
uint32_t psa_key_id_t
Key identifier.
Definition: id.h:37
kernel_defines.h
Common macros and compiler attributes/pragmas configuration.
psa_key_lifetime_t
uint32_t psa_key_lifetime_t
Encoding of key lifetimes.
Definition: lifetime.h:67
psa_status_t
int32_t psa_status_t
Status code type used for all PSA Certified APIs.
Definition: error.h:41
psa_key_type_t
uint16_t psa_key_type_t
Encoding of a key type.
Definition: type.h:45
psa_aead_operation_s
Structure storing an AEAD operation context.
Definition: crypto_struct.h:37
psa_cipher_operation_s
Structure storing a cipher operation context.
Definition: crypto_struct.h:64
psa_hash_operation_s
Structure containing a hash context and algorithm.
Definition: crypto_struct.h:130
psa_key_attributes_s
Structure storing key attributes.
Definition: attributes.h:52
psa_key_attributes_s::id
psa_key_id_t id
Key identifier.
Definition: attributes.h:56
psa_key_attributes_s::bits
psa_key_bits_t bits
Size of key in bits.
Definition: attributes.h:54
psa_key_attributes_s::policy
psa_key_policy_t policy
Key usage policy.
Definition: attributes.h:57
psa_key_attributes_s::type
psa_key_type_t type
Type of key.
Definition: attributes.h:53
psa_key_attributes_s::lifetime
psa_key_lifetime_t lifetime
Lifetime of key.
Definition: attributes.h:55
psa_key_derivation_operation_s
Structure storing a key derivation context.
Definition: crypto_struct.h:109
psa_key_policy_s::usage
psa_key_usage_t usage
Key usage policy.
Definition: attributes.h:40
psa_key_policy_s::alg
psa_algorithm_t alg
Algorithm for key usage.
Definition: attributes.h:41
psa_mac_operation_s
Structure storing a MAC operation context.
Definition: crypto_struct.h:168
psa_key_usage_t
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: usage.h:34