Loading...
Searching...
No Matches
crypto.h
Go to the documentation of this file.
1/*
2 * Copyright (C) 2021 HAW Hamburg
3 *
4 * This file is subject to the terms and conditions of the GNU Lesser
5 * General Public License v2.1. See the file LICENSE in the top level
6 * directory for more details.
7 */
8
9#pragma once
10
23
24#ifdef __cplusplus
25extern "C" {
26#endif
27
28#include <stdlib.h>
29#include <string.h>
30
31#include "kernel_defines.h"
32
33#if IS_USED(MODULE_PSA_SECURE_ELEMENT_CONFIG)
34#include "psa/crypto_se_config.h"
35#endif
36
37#include "crypto_sizes.h"
38#include "crypto_struct.h"
39#include "crypto_values.h"
40#include "crypto_types.h"
41
45#define PSA_CRYPTO_API_VERSION_MAJOR 1
46
50#define PSA_CRYPTO_API_VERSION_MINOR 1
51
58const char *psa_status_to_humanly_readable(psa_status_t status);
59
83psa_status_t psa_crypto_init(void);
84
85#if IS_USED(MODULE_PSA_AEAD) || defined(DOXYGEN)
141psa_status_t psa_aead_encrypt(psa_key_id_t key,
142 psa_algorithm_t alg,
143 const uint8_t *nonce,
144 size_t nonce_length,
145 const uint8_t *additional_data,
146 size_t additional_data_length,
147 const uint8_t *plaintext,
148 size_t plaintext_length,
149 uint8_t *ciphertext,
150 size_t ciphertext_size,
151 size_t *ciphertext_length);
152
208psa_status_t psa_aead_decrypt(psa_key_id_t key,
209 psa_algorithm_t alg,
210 const uint8_t *nonce,
211 size_t nonce_length,
212 const uint8_t *additional_data,
213 size_t additional_data_length,
214 const uint8_t *ciphertext,
215 size_t ciphertext_length,
216 uint8_t *plaintext,
217 size_t plaintext_size,
218 size_t *plaintext_length);
219
277psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
278 psa_key_id_t key,
279 psa_algorithm_t alg);
280
338psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
339 psa_key_id_t key,
340 psa_algorithm_t alg);
341
377psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
378 size_t ad_length,
379 size_t plaintext_length);
380
426psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
427 uint8_t *nonce,
428 size_t nonce_size,
429 size_t *nonce_length);
430
474psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
475 const uint8_t *nonce,
476 size_t nonce_length);
477
520psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
521 const uint8_t *input,
522 size_t input_length);
523
589psa_status_t psa_aead_update(psa_aead_operation_t *operation,
590 const uint8_t *input,
591 size_t input_length,
592 uint8_t *output,
593 size_t output_size,
594 size_t *output_length);
595
663psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
664 uint8_t *ciphertext,
665 size_t ciphertext_size,
666 size_t *ciphertext_length,
667 uint8_t *tag,
668 size_t tag_size,
669 size_t *tag_length);
670
737psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
738 uint8_t *plaintext,
739 size_t plaintext_size,
740 size_t *plaintext_length,
741 const uint8_t *tag,
742 size_t tag_length);
743
769psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
770#endif /* MODULE_PSA_AEAD */
771
772#if IS_USED(MODULE_PSA_ASYMMETRIC) || defined(DOXYGEN)
824psa_status_t psa_asymmetric_encrypt(psa_key_id_t key,
825 psa_algorithm_t alg,
826 const uint8_t *input,
827 size_t input_length,
828 const uint8_t *salt,
829 size_t salt_length,
830 uint8_t *output,
831 size_t output_size,
832 size_t *output_length);
833
886psa_status_t psa_asymmetric_decrypt(psa_key_id_t key,
887 psa_algorithm_t alg,
888 const uint8_t *input,
889 size_t input_length,
890 const uint8_t *salt,
891 size_t salt_length,
892 uint8_t *output,
893 size_t output_size,
894 size_t *output_length);
895#endif /* MODULE_PSA_ASYMMETRIC */
896
897#if IS_USED(MODULE_PSA_CIPHER) || defined(DOXYGEN)
921psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
922
986psa_status_t psa_cipher_decrypt(psa_key_id_t key,
987 psa_algorithm_t alg,
988 const uint8_t *input,
989 size_t input_length,
990 uint8_t *output,
991 size_t output_size,
992 size_t *output_length);
993
1049psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
1050 psa_key_id_t key,
1051 psa_algorithm_t alg);
1052
1110psa_status_t psa_cipher_encrypt(psa_key_id_t key,
1111 psa_algorithm_t alg,
1112 const uint8_t *input,
1113 size_t input_length,
1114 uint8_t *output,
1115 size_t output_size,
1116 size_t *output_length);
1117
1175psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
1176 psa_key_id_t key,
1177 psa_algorithm_t alg);
1178
1231psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
1232 uint8_t *output,
1233 size_t output_size,
1234 size_t *output_length);
1235
1285psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
1286 uint8_t *iv,
1287 size_t iv_size,
1288 size_t *iv_length);
1289
1332psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
1333 const uint8_t *iv,
1334 size_t iv_length);
1335
1386psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
1387 const uint8_t *input,
1388 size_t input_length,
1389 uint8_t *output,
1390 size_t output_size,
1391 size_t *output_length);
1392#endif /* MODULE_PSA_CIPHER */
1393
1394#if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
1486psa_status_t psa_copy_key(psa_key_id_t source_key,
1487 const psa_key_attributes_t *attributes,
1488 psa_key_id_t *target_key);
1489
1541psa_status_t psa_destroy_key(psa_key_id_t key);
1542
1650psa_status_t psa_export_key(psa_key_id_t key,
1651 uint8_t *data,
1652 size_t data_size,
1653 size_t *data_length);
1654
1735psa_status_t psa_export_public_key(psa_key_id_t key,
1736 uint8_t *data,
1737 size_t data_size,
1738 size_t *data_length);
1739
1746psa_status_t psa_builtin_generate_key(const psa_key_attributes_t *attributes, uint8_t *key_buffer,
1747 size_t key_buffer_size, size_t *key_buffer_length);
1748
1804psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
1805 psa_key_id_t *key);
1806#endif /* MODULE_PSA_KEY_MANAGEMENT */
1807
1820psa_status_t psa_builtin_generate_random( uint8_t *output,
1821 size_t output_size);
1822
1845psa_status_t psa_generate_random(uint8_t *output,
1846 size_t output_size);
1847
1848#if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
1859static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
1860 psa_algorithm_t alg)
1861{
1862 attributes->policy.alg = alg;
1863}
1864
1872static inline psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
1873{
1874 return attributes->policy.alg;
1875}
1876
1887static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
1888 size_t bits)
1889{
1890 attributes->bits = bits;
1891}
1892
1900static inline size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
1901{
1902 return attributes->bits;
1903}
1904
1921static inline void psa_set_key_id(psa_key_attributes_t *attributes, psa_key_id_t id)
1922{
1923 attributes->id = id;
1924}
1925
1935static inline psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
1936{
1937 return attributes->id;
1938}
1939
1958static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
1959 psa_key_lifetime_t lifetime)
1960{
1961 attributes->lifetime = lifetime;
1962}
1963
1971static inline psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
1972{
1973 return attributes->lifetime;
1974}
1975
1985static inline void psa_set_key_type(psa_key_attributes_t *attributes,
1986 psa_key_type_t type)
1987{
1988 attributes->type = type;
1989}
1990
1998static inline psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
1999{
2000 return attributes->type;
2001}
2002
2014static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
2015 psa_key_usage_t usage_flags)
2016{
2017 attributes->policy.usage = usage_flags;
2018}
2019
2027static inline psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
2028{
2029 return attributes->policy.usage;
2030}
2031
2043static inline void psa_reset_key_attributes(psa_key_attributes_t *attributes)
2044{
2045 *attributes = psa_key_attributes_init();
2046}
2047
2077psa_status_t psa_get_key_attributes(psa_key_id_t key,
2078 psa_key_attributes_t *attributes);
2079#endif /* MODULE_PSA_KEY_MANAGEMENT */
2080
2081#if IS_USED(MODULE_PSA_HASH) || defined(DOXYGEN)
2107psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
2108
2137psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
2138 psa_hash_operation_t *target_operation);
2139
2168psa_status_t psa_hash_compare(psa_algorithm_t alg,
2169 const uint8_t *input,
2170 size_t input_length,
2171 const uint8_t *hash,
2172 size_t hash_length);
2173
2207psa_status_t psa_hash_compute(psa_algorithm_t alg,
2208 const uint8_t *input,
2209 size_t input_length,
2210 uint8_t *hash,
2211 size_t hash_size,
2212 size_t *hash_length);
2213
2255psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
2256 uint8_t *hash,
2257 size_t hash_size,
2258 size_t *hash_length);
2259
2296psa_status_t psa_hash_resume(psa_hash_operation_t *operation,
2297 const uint8_t *hash_state,
2298 size_t hash_state_length);
2299
2341psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
2342 psa_algorithm_t alg);
2343
2419psa_status_t psa_hash_suspend(psa_hash_operation_t *operation,
2420 uint8_t *hash_state,
2421 size_t hash_state_size,
2422 size_t *hash_state_length);
2423
2448psa_status_t psa_hash_update(psa_hash_operation_t *operation,
2449 const uint8_t *input,
2450 size_t input_length);
2451
2484psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
2485 const uint8_t *hash,
2486 size_t hash_length);
2487#endif /* MODULE_PSA_HASH */
2488
2489#if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
2537psa_status_t psa_builtin_import_key(const psa_key_attributes_t *attributes,
2538 const uint8_t *data, size_t data_length,
2539 uint8_t *key_buffer, size_t key_buffer_size,
2540 size_t *key_buffer_length, size_t *bits);
2541
2628psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
2629 const uint8_t *data,
2630 size_t data_length,
2631 psa_key_id_t *key);
2632#endif /* MODULE_PSA_KEY_MANAGEMENT */
2633
2634#if IS_USED(MODULE_PSA_KEY_DERIVATION) || defined(DOXYGEN)
2657psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation);
2658
2684psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation,
2685 size_t *capacity);
2686
2733psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation,
2734 psa_key_derivation_step_t step,
2735 const uint8_t *data,
2736 size_t data_length);
2737
2781psa_status_t psa_key_derivation_input_integer( psa_key_derivation_operation_t *operation,
2782 psa_key_derivation_step_t step,
2783 uint64_t value);
2784
2850psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation,
2851 psa_key_derivation_step_t step,
2852 psa_key_id_t key);
2853
2913psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation,
2914 psa_key_derivation_step_t step,
2915 psa_key_id_t private_key,
2916 const uint8_t *peer_key,
2917 size_t peer_key_length);
2918
2958psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation,
2959 uint8_t *output,
2960 size_t output_length);
2961
3116psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes,
3117 psa_key_derivation_operation_t *operation,
3118 psa_key_id_t *key);
3119
3140psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation,
3141 size_t capacity);
3142
3200psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation,
3201 psa_algorithm_t alg);
3202
3259psa_status_t psa_key_derivation_verify_bytes(psa_key_derivation_operation_t *operation,
3260 const uint8_t *expected_output,
3261 size_t output_length);
3262
3322psa_status_t psa_key_derivation_verify_key(psa_key_derivation_operation_t *operation,
3323 psa_key_id_t expected);
3324#endif /* PSA_CRYPTO_KEY_DERIVATION */
3325
3326#if IS_USED(MODULE_PSA_MAC) || defined(DOXYGEN)
3349psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
3350
3402psa_status_t psa_mac_compute(psa_key_id_t key,
3403 psa_algorithm_t alg,
3404 const uint8_t *input,
3405 size_t input_length,
3406 uint8_t *mac,
3407 size_t mac_size,
3408 size_t *mac_length);
3409
3458psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
3459 uint8_t *mac,
3460 size_t mac_size,
3461 size_t *mac_length);
3462
3519psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
3520 psa_key_id_t key,
3521 psa_algorithm_t alg);
3522
3551psa_status_t psa_mac_update(psa_mac_operation_t *operation,
3552 const uint8_t *input,
3553 size_t input_length);
3554
3592psa_status_t psa_mac_verify(psa_key_id_t key,
3593 psa_algorithm_t alg,
3594 const uint8_t *input,
3595 size_t input_length,
3596 const uint8_t *mac,
3597 size_t mac_length);
3598
3634psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
3635 const uint8_t *mac,
3636 size_t mac_length);
3637
3693psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
3694 psa_key_id_t key,
3695 psa_algorithm_t alg);
3696#endif /* MODULE_PSA_MAC */
3697
3698#if IS_USED(MODULE_PSA_KEY_MANAGEMENT) || defined(DOXYGEN)
3725psa_status_t psa_purge_key(psa_key_id_t key);
3726#endif /* MODULE_PSA_KEY_MANAGEMENT */
3727
3728#if IS_USED(MODULE_PSA_KEY_AGREEMENT) || defined(DOXYGEN)
3792psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
3793 psa_key_id_t private_key,
3794 const uint8_t *peer_key,
3795 size_t peer_key_length,
3796 uint8_t *output,
3797 size_t output_size,
3798 size_t *output_length);
3799#endif /* MODULE_PSA_KEY_AGREEMENT */
3800
3801#if IS_USED(MODULE_PSA_ASYMMETRIC) || defined(DOXYGEN)
3870psa_status_t psa_sign_hash(psa_key_id_t key,
3871 psa_algorithm_t alg,
3872 const uint8_t *hash,
3873 size_t hash_length,
3874 uint8_t *signature,
3875 size_t signature_size,
3876 size_t *signature_length);
3877
3935psa_status_t psa_sign_message(psa_key_id_t key,
3936 psa_algorithm_t alg,
3937 const uint8_t *input,
3938 size_t input_length,
3939 uint8_t *signature,
3940 size_t signature_size,
3941 size_t *signature_length);
3942
4005psa_status_t psa_verify_hash(psa_key_id_t key,
4006 psa_algorithm_t alg,
4007 const uint8_t *hash,
4008 size_t hash_length,
4009 const uint8_t *signature,
4010 size_t signature_length);
4011
4061psa_status_t psa_verify_message(psa_key_id_t key,
4062 psa_algorithm_t alg,
4063 const uint8_t *input,
4064 size_t input_length,
4065 const uint8_t *signature,
4066 size_t signature_length);
4067#endif /* MODULE_PSA_ASYMMETRIC */
4068
4069#ifdef __cplusplus
4070}
4071#endif
4072
psa_algorithm_t
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition algorithm.h:38
psa_key_attributes_init
static psa_key_attributes_t psa_key_attributes_init(void)
Return an initial value for a key attribute object.
Definition attributes.h:173
psa_key_attributes_t
struct psa_key_attributes_s psa_key_attributes_t
The type of an object containing key attributes.
Definition attributes.h:160
psa_verify_hash
psa_status_t psa_verify_hash(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
Verify the signature of a hash or short message using a public key.
psa_key_derivation_output_bytes
psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation, uint8_t *output, size_t output_length)
Read some data from a key derivation operation.
psa_purge_key
psa_status_t psa_purge_key(psa_key_id_t key)
Remove non-essential copies of key material from memory.
psa_cipher_encrypt
psa_status_t psa_cipher_encrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a message using a symmetric cipher.
psa_hash_compare
psa_status_t psa_hash_compare(psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, size_t hash_length)
Calculate the hash (digest) of a message and compare it with a reference value.
psa_raw_key_agreement
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, psa_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length, uint8_t *output, size_t output_size, size_t *output_length)
Perform a key agreement and return the raw shared secret.
psa_aead_encrypt
psa_status_t psa_aead_encrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
Process an authenticated encryption operation.
psa_generate_random
psa_status_t psa_generate_random(uint8_t *output, size_t output_size)
Generate random bytes.
psa_asymmetric_decrypt
psa_status_t psa_asymmetric_decrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a short message with a private key.
psa_cipher_finish
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
Finish encrypting or decrypting a message in a cipher operation.
psa_sign_message
psa_status_t psa_sign_message(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a message with a private key.
psa_asymmetric_encrypt
psa_status_t psa_asymmetric_encrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a short message with a public key.
psa_cipher_generate_iv
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, uint8_t *iv, size_t iv_size, size_t *iv_length)
Generate an initialization vector (IV) for a symmetric encryption operation.
psa_crypto_init
psa_status_t psa_crypto_init(void)
Library initialization.
psa_aead_decrypt_setup
psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part authenticated decryption operation.
psa_cipher_decrypt
psa_status_t psa_cipher_decrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a message using a symmetric cipher.
psa_hash_suspend
psa_status_t psa_hash_suspend(psa_hash_operation_t *operation, uint8_t *hash_state, size_t hash_state_size, size_t *hash_state_length)
Halt the hash operation and extract the intermediate state of the hash computation.
psa_hash_clone
psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation)
Clone a hash operation.
psa_sign_hash
psa_status_t psa_sign_hash(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign an already-calculated hash with a private key.
psa_set_key_usage_flags
static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags)
Declare usage flags for a key.
Definition crypto.h:2014
psa_hash_finish
psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)
Finish the calculation of the hash of a message.
psa_key_derivation_key_agreement
psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length)
Perform a key agreement and use the shared secret as input to a key derivation.
psa_aead_encrypt_setup
psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part authenticated encryption operation.
psa_mac_update
psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
Add a message fragment to a multi-part MAC operation.
psa_aead_generate_nonce
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, uint8_t *nonce, size_t nonce_size, size_t *nonce_length)
Generate a random nonce for an authenticated encryption operation.
psa_aead_set_nonce
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, const uint8_t *nonce, size_t nonce_length)
Set the nonce for an authenticated encryption or decryption operation.
psa_builtin_generate_key
psa_status_t psa_builtin_generate_key(const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
Built-in key generation function.
psa_get_key_bits
static size_t psa_get_key_bits(const psa_key_attributes_t *attributes)
Retrieve the key size from key attributes.
Definition crypto.h:1900
psa_export_key
psa_status_t psa_export_key(psa_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a key in binary format.
psa_mac_sign_setup
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set up a multi-part MAC calculation operation.
psa_hash_update
psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
Add a message fragment to a multi-part hash operation.
psa_set_key_type
static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type)
Declare the type of a key.
Definition crypto.h:1985
psa_aead_update_ad
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length)
Pass additional data to an active AEAD operation.
psa_hash_resume
psa_status_t psa_hash_resume(psa_hash_operation_t *operation, const uint8_t *hash_state, size_t hash_state_length)
Set up a multi-part hash operation using the hash suspend state from a previously suspended hash oper...
psa_mac_verify_setup
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set up a multi-part MAC verification operation.
psa_aead_finish
psa_status_t psa_aead_finish(psa_aead_operation_t *operation, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length, uint8_t *tag, size_t tag_size, size_t *tag_length)
Finish encrypting a message in an AEAD operation.
psa_export_public_key
psa_status_t psa_export_public_key(psa_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length)
Export a public key or the public part of a key pair in binary format.
psa_copy_key
psa_status_t psa_copy_key(psa_key_id_t source_key, const psa_key_attributes_t *attributes, psa_key_id_t *target_key)
Make a copy of a key.
psa_hash_verify
psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length)
Finish the calculation of the hash of a message and compare it with an expected value.
psa_verify_message
psa_status_t psa_verify_message(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *signature, size_t signature_length)
Verify the signature of a message with a public key.
psa_key_derivation_set_capacity
psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, size_t capacity)
Set the maximum capacity of a key derivation operation.
psa_hash_setup
psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg)
Set up a multipart hash operation.
psa_get_key_attributes
psa_status_t psa_get_key_attributes(psa_key_id_t key, psa_key_attributes_t *attributes)
Retrieve the attributes of a key.
psa_builtin_generate_random
psa_status_t psa_builtin_generate_random(uint8_t *output, size_t output_size)
Built-in function for random number generation.
psa_key_derivation_input_bytes
psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length)
Provide an input for key derivation or key agreement.
psa_key_derivation_abort
psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
Abort a key derivation operation.
psa_generate_key
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, psa_key_id_t *key)
Generate a key or key pair.
psa_key_derivation_get_capacity
psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, size_t *capacity)
Retrieve the current capacity of a key derivation operation.
psa_cipher_set_iv
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length)
Set the initialization vector (IV) for a symmetric encryption or decryption operation.
psa_cipher_decrypt_setup
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part symmetric decryption operation.
psa_get_key_lifetime
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
Retrieve the lifetime from key attributes.
Definition crypto.h:1971
psa_get_key_usage_flags
static psa_key_usage_t psa_get_key_usage_flags(const psa_key_attributes_t *attributes)
Retrieve the usage flags from key attributes.
Definition crypto.h:2027
psa_mac_verify
psa_status_t psa_mac_verify(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *mac, size_t mac_length)
Calculate the MAC of a message and compare it with a reference value.
psa_key_derivation_input_key
psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_id_t key)
Provide an input for key derivation in the form of a key.
psa_cipher_abort
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
Abort a cipher operation.
psa_hash_abort
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
Abort a hash operation.
psa_aead_decrypt
psa_status_t psa_aead_decrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
Process an authenticated decryption operation.
psa_set_key_lifetime
static void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime)
Set the location of a persistent key.
Definition crypto.h:1958
psa_key_derivation_verify_key
psa_status_t psa_key_derivation_verify_key(psa_key_derivation_operation_t *operation, psa_key_id_t expected)
Compare output data from a key derivation operation to an expected value stored in a key.
psa_key_derivation_setup
psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, psa_algorithm_t alg)
Set up a key derivation operation.
psa_builtin_import_key
psa_status_t psa_builtin_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits)
Built-in key import function.
psa_key_derivation_input_integer
psa_status_t psa_key_derivation_input_integer(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, uint64_t value)
Provide a numeric input for key derivation or key agreement.
psa_mac_sign_finish
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
Finish the calculation of the MAC of a message.
psa_get_key_algorithm
static psa_algorithm_t psa_get_key_algorithm(const psa_key_attributes_t *attributes)
Retrieve the permitted algorithm policy from key attributes.
Definition crypto.h:1872
psa_cipher_update
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt or decrypt a message fragment in an active cipher operation.
psa_status_to_humanly_readable
const char * psa_status_to_humanly_readable(psa_status_t status)
Helper function to convert PSA status values humanly readable.
psa_cipher_encrypt_setup
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_id_t key, psa_algorithm_t alg)
Set the key for a multi-part symmetric encryption operation.
psa_hash_compute
psa_status_t psa_hash_compute(psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length)
Calculate the hash (digest) of a message.
psa_mac_verify_finish
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
Finish the calculation of the MAC of a message and compare it with an expected value.
psa_mac_abort
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
Abort a MAC operation.
psa_import_key
psa_status_t psa_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, psa_key_id_t *key)
Import a key in binary format.
psa_key_derivation_output_key
psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, psa_key_derivation_operation_t *operation, psa_key_id_t *key)
Derive a key from an ongoing key derivation operation.
psa_aead_set_lengths
psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, size_t ad_length, size_t plaintext_length)
Declare the lengths of the message and additional data for AEAD.
psa_set_key_id
static void psa_set_key_id(psa_key_attributes_t *attributes, psa_key_id_t id)
Declare a key as persistent and set its key identifier.
Definition crypto.h:1921
psa_get_key_id
static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
Retrieve the key identifier from key attributes.
Definition crypto.h:1935
psa_aead_verify
psa_status_t psa_aead_verify(psa_aead_operation_t *operation, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length, const uint8_t *tag, size_t tag_length)
Finish authenticating and decrypting a message in an AEAD operation.
psa_get_key_type
static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes)
Retrieve the key type from key attributes.
Definition crypto.h:1998
psa_aead_abort
psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
Abort an AEAD operation.
psa_set_key_algorithm
static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg)
Declare the permitted algorithm policy for a key.
Definition crypto.h:1859
psa_key_derivation_verify_bytes
psa_status_t psa_key_derivation_verify_bytes(psa_key_derivation_operation_t *operation, const uint8_t *expected_output, size_t output_length)
Compare output data from a key derivation operation to an expected value.
psa_destroy_key
psa_status_t psa_destroy_key(psa_key_id_t key)
Destroy a key.
psa_set_key_bits
static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits)
Declare the size of a key.
Definition crypto.h:1887
psa_aead_update
psa_status_t psa_aead_update(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt or decrypt a message fragment in an active AEAD operation.
psa_reset_key_attributes
static void psa_reset_key_attributes(psa_key_attributes_t *attributes)
Reset a key attribute object to a freshly initialized state.
Definition crypto.h:2043
psa_mac_compute
psa_status_t psa_mac_compute(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *mac, size_t mac_size, size_t *mac_length)
Calculate the message authentication code (MAC) of a message.
crypto_se_config.h
Define structures für SE slot configurations.
crypto_sizes.h
Size definitions for PSA Crypto.
crypto_struct.h
Structure definitions for PSA Crypto.
crypto_types.h
Type definitions for PSA Crypto.
crypto_values.h
Value definitions for PSA Crypto.
psa_key_id_t
uint32_t psa_key_id_t
Key identifier.
Definition id.h:36
kernel_defines.h
Common macros and compiler attributes/pragmas configuration.
psa_key_lifetime_t
uint32_t psa_key_lifetime_t
Encoding of key lifetimes.
Definition lifetime.h:66
psa_status_t
int32_t psa_status_t
Status code type used for all PSA Certified APIs.
Definition error.h:40
psa_key_type_t
uint16_t psa_key_type_t
Encoding of a key type.
Definition type.h:44
psa_key_attributes_s::id
psa_key_id_t id
Key identifier.
Definition attributes.h:55
psa_key_attributes_s::bits
psa_key_bits_t bits
Size of key in bits.
Definition attributes.h:53
psa_key_attributes_s::policy
psa_key_policy_t policy
Key usage policy.
Definition attributes.h:56
psa_key_attributes_s::type
psa_key_type_t type
Type of key.
Definition attributes.h:52
psa_key_attributes_s::lifetime
psa_key_lifetime_t lifetime
Lifetime of key.
Definition attributes.h:54
psa_key_policy_s::usage
psa_key_usage_t usage
Key usage policy.
Definition attributes.h:39
psa_key_policy_s::alg
psa_algorithm_t alg
Algorithm for key usage.
Definition attributes.h:40
psa_aead_operation_t
struct psa_aead_operation_s psa_aead_operation_t
The type of the state object for multi-part AEAD operations.
Definition types.h:68
psa_cipher_operation_t
struct psa_cipher_operation_s psa_cipher_operation_t
The type of the state object for multi-part cipher operations.
Definition types.h:128
psa_hash_operation_t
struct psa_hash_operation_s psa_hash_operation_t
The type of the state data structure for multipart hash operations.
Definition types.h:122
psa_key_derivation_operation_t
struct psa_key_derivation_operation_s psa_key_derivation_operation_t
The type of the state object for key derivation operations.
Definition types.h:73
psa_key_derivation_step_t
uint16_t psa_key_derivation_step_t
Encoding of the step of a key derivation.
Definition types.h:31
psa_mac_operation_t
struct psa_mac_operation_s psa_mac_operation_t
The type of the state object for multi-part MAC operations.
Definition types.h:66
psa_key_usage_t
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition usage.h:33