Value definitions for PSA Crypto. More...
Detailed Description
Value definitions for PSA Crypto.
- Note
- Some of the macros in this file have already been copied here from the PSA API specification, but are not implemented, yet. They are marked by comments that either say "specification-defined" or "implementation-defined". These macros will be implemented successively in the future.
Definition in file crypto_values.h.
#include "crypto_types.h"#include "psa/hash/algorithm.h"#include "psa/mac/algorithm.h"#include "psa/cipher/algorithm.h"#include "psa/aead/algorithm.h"#include "psa/key_agreement/algorithm.h"#include "psa/key_derivation/algorithm.h"#include "psa/asymmetric_encryption/algorithm.h"#include "psa/asymmetric_signature/algorithm.h"
Include dependency graph for crypto_values.h: This graph shows which files directly or indirectly include this file:Go to the source code of this file.
| #define | PSA_KEY_DERIVATION_INPUT_CONTEXT /* implementation-defined value */ |
| A context for key derivation. | |
| #define | PSA_KEY_DERIVATION_INPUT_COST /* implementation-defined value */ |
| A cost parameter for password hashing or key stretching. | |
| #define | PSA_KEY_DERIVATION_INPUT_INFO /* implementation-defined value */ |
| An information string for key derivation. | |
| #define | PSA_KEY_DERIVATION_INPUT_LABEL /* implementation-defined value */ |
| A label for key derivation. | |
| #define | PSA_KEY_DERIVATION_INPUT_PASSWORD /* implementation-defined value */ |
| A low-entropy secret input for password hashing or key stretching. | |
| #define | PSA_KEY_DERIVATION_INPUT_SALT /* implementation-defined value */ |
| A salt for key derivation. | |
| #define | PSA_KEY_DERIVATION_INPUT_SECRET /* implementation-defined value */ |
| A high-entropy secret input for key derivation. | |
| #define | PSA_KEY_DERIVATION_INPUT_SEED /* implementation-defined value */ |
| A seed for key derivation. | |
| #define | PSA_KEY_DERIVATION_UNLIMITED_CAPACITY /* implementation-defined value */ |
| Use the maximum possible capacity for a key derivation operation. | |
| #define | PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE /* implementation-defined value */ |
| Sufficient output buffer size for psa_raw_key_agreement(), for any of the supported key types and key agreement algorithms. | |
| #define | PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits) /* implementation-defined value */ |
| Sufficient output buffer size for psa_raw_key_agreement(). | |
| #define | PSA_SIGNATURE_MAX_SIZE /* implementation-defined value */ |
| A sufficient signature buffer size for psa_sign_message() and psa_sign_hash(), for any of the supported key types and asymmetric signature algorithms. | |
| #define | PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE /* implementation-defined value */ |
| This macro returns the maximum supported length of the PSK for the TLS-1.2 PSK-to-MS key derivation. | |
Macro Definition Documentation
◆ PSA_KEY_DERIVATION_INPUT_CONTEXT
| #define PSA_KEY_DERIVATION_INPUT_CONTEXT /* implementation-defined value */ |
A context for key derivation.
This is typically a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.
Definition at line 48 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_INPUT_COST
| #define PSA_KEY_DERIVATION_INPUT_COST /* implementation-defined value */ |
A cost parameter for password hashing or key stretching.
This must be a direct input, passed to psa_key_derivation_input_integer().
Definition at line 55 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_INPUT_INFO
| #define PSA_KEY_DERIVATION_INPUT_INFO /* implementation-defined value */ |
An information string for key derivation.
This is typically a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.
Definition at line 63 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_INPUT_LABEL
| #define PSA_KEY_DERIVATION_INPUT_LABEL /* implementation-defined value */ |
A label for key derivation.
This is typically a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.
Definition at line 71 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_INPUT_PASSWORD
| #define PSA_KEY_DERIVATION_INPUT_PASSWORD /* implementation-defined value */ |
A low-entropy secret input for password hashing or key stretching.
This is usually a key of type PSA_KEY_TYPE_PASSWORD passed to psa_key_derivation_input_key() or a direct input passed to psa_key_derivation_input_bytes() that is a password or passphrase. It can also be high-entropy secret, for example, a key of type PSA_KEY_TYPE_DERIVE, or the shared secret resulting from a key agreement.
If the secret is a direct input, the derivation operation cannot be used to derive keys: the operation will not allow a call to psa_key_derivation_output_key().
Definition at line 85 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_INPUT_SALT
| #define PSA_KEY_DERIVATION_INPUT_SALT /* implementation-defined value */ |
A salt for key derivation.
This is typically a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA or PSA_KEY_TYPE_PEPPER.
Definition at line 93 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_INPUT_SECRET
| #define PSA_KEY_DERIVATION_INPUT_SECRET /* implementation-defined value */ |
A high-entropy secret input for key derivation.
This is typically a key of type PSA_KEY_TYPE_DERIVE passed to psa_key_derivation_input_key(), or the shared secret resulting from a key agreement obtained via psa_key_derivation_key_agreement().
The secret can also be a direct input passed to psa_key_derivation_input_bytes(). In this case, the derivation operation cannot be used to derive keys: the operation will not allow a call to psa_key_derivation_output_key().
Definition at line 106 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_INPUT_SEED
| #define PSA_KEY_DERIVATION_INPUT_SEED /* implementation-defined value */ |
A seed for key derivation.
This is typically a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.
Definition at line 114 of file crypto_values.h.
◆ PSA_KEY_DERIVATION_UNLIMITED_CAPACITY
| #define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY /* implementation-defined value */ |
Use the maximum possible capacity for a key derivation operation.
Use this value as the capacity argument when setting up a key derivation to specify that the operation will use the maximum possible capacity. The value of the maximum possible capacity depends on the key derivation algorithm.
Definition at line 123 of file crypto_values.h.
◆ PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
| #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE /* implementation-defined value */ |
Sufficient output buffer size for psa_raw_key_agreement(), for any of the supported key types and key agreement algorithms.
If the size of the output buffer is at least this large, it is guaranteed that psa_raw_key_agreement() will not fail due to an insufficient buffer size.
See also PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE().
Definition at line 135 of file crypto_values.h.
◆ PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE
| #define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE | ( | key_type, | |
| key_bits | |||
| ) | /* implementation-defined value */ |
Sufficient output buffer size for psa_raw_key_agreement().
If the size of the output buffer is at least this large, it is guaranteed that psa_raw_key_agreement() will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.
See also PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE.
- Parameters
-
key_type A supported key type. key_bits The size of the key in bits.
- Returns
- A sufficient output buffer size for the specified key type and size. 0 if key type is not supported. If the parameters are not valid, the return value is unspecified.
Definition at line 154 of file crypto_values.h.
◆ PSA_SIGNATURE_MAX_SIZE
| #define PSA_SIGNATURE_MAX_SIZE /* implementation-defined value */ |
A sufficient signature buffer size for psa_sign_message() and psa_sign_hash(), for any of the supported key types and asymmetric signature algorithms.
If the size of the signature buffer is at least this large, it is guaranteed that psa_sign_message() and psa_sign_hash() will not fail due to an insufficient buffer size.
See also PSA_SIGN_OUTPUT_SIZE().
Definition at line 168 of file crypto_values.h.
◆ PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE
| #define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE /* implementation-defined value */ |
This macro returns the maximum supported length of the PSK for the TLS-1.2 PSK-to-MS key derivation.
This implementation-defined value specifies the maximum length for the PSK input used with a PSA_ALG_TLS12_PSK_TO_MS() key agreement algorithm.
Quoting Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) RFC4279 ยง5.3: TLS implementations supporting these cipher suites MUST support arbitrary PSK identities up to 128 octets in length, and arbitrary PSKs up to 64 octets in length. Supporting longer identities and keys is RECOMMENDED.
Therefore, it is recommended that implementations define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE with a value greater than or equal to 64.
Definition at line 186 of file crypto_values.h.
