Update PSA Crypto macro values to version 1.0.0

This should be everything that's needed for the stable storage format.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
This commit is contained in:
Bence Szépkúti 2020-12-03 21:40:17 +01:00
parent 1de907d4a4
commit a294551446
3 changed files with 61 additions and 61 deletions

View file

@ -353,7 +353,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
#define PSA_KEY_TYPE_IS_DSA(type) \ #define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400)
/** DSA signature with hashing. /** DSA signature with hashing.
* *
* This is the signature scheme defined by FIPS 186-4, * This is the signature scheme defined by FIPS 186-4,
@ -370,7 +370,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
*/ */
#define PSA_ALG_DSA(hash_alg) \ #define PSA_ALG_DSA(hash_alg) \
(PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500)
#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
/** Deterministic DSA signature with hashing. /** Deterministic DSA signature with hashing.
* *

View file

@ -609,14 +609,14 @@
#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000)
#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000)
#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000)
#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000)
#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000)
#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000)
#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000)
/** Whether an algorithm is vendor-defined. /** Whether an algorithm is vendor-defined.
* *
@ -718,35 +718,35 @@
#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
/** MD2 */ /** MD2 */
#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) #define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001)
/** MD4 */ /** MD4 */
#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) #define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002)
/** MD5 */ /** MD5 */
#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) #define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
/** PSA_ALG_RIPEMD160 */ /** PSA_ALG_RIPEMD160 */
#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004)
/** SHA1 */ /** SHA1 */
#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005)
/** SHA2-224 */ /** SHA2-224 */
#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008)
/** SHA2-256 */ /** SHA2-256 */
#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009)
/** SHA2-384 */ /** SHA2-384 */
#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a)
/** SHA2-512 */ /** SHA2-512 */
#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b)
/** SHA2-512/224 */ /** SHA2-512/224 */
#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c)
/** SHA2-512/256 */ /** SHA2-512/256 */
#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d)
/** SHA3-224 */ /** SHA3-224 */
#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010)
/** SHA3-256 */ /** SHA3-256 */
#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011)
/** SHA3-384 */ /** SHA3-384 */
#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012)
/** SHA3-512 */ /** SHA3-512 */
#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013)
/** In a hash-and-sign algorithm policy, allow any hash algorithm. /** In a hash-and-sign algorithm policy, allow any hash algorithm.
* *
@ -781,10 +781,10 @@
* This value may not be used to build an algorithm specification to * This value may not be used to build an algorithm specification to
* perform an operation. It is only valid to build policies. * perform an operation. It is only valid to build policies.
*/ */
#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) #define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff)
#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000)
/** Macro to build an HMAC algorithm. /** Macro to build an HMAC algorithm.
* *
* For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
@ -823,8 +823,8 @@
* reach up to 63; the largest MAC is 64 bytes so its trivial truncation * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
* to full length is correctly encoded as 0 and any non-trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation
* is correctly encoded as a value between 1 and 63. */ * is correctly encoded as a value between 1 and 63. */
#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000)
#define PSA_MAC_TRUNCATION_OFFSET 8 #define PSA_MAC_TRUNCATION_OFFSET 16
/** Macro to build a truncated MAC algorithm. /** Macro to build a truncated MAC algorithm.
* *
@ -892,15 +892,15 @@
#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
(((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000)
/** The CBC-MAC construction over a block cipher /** The CBC-MAC construction over a block cipher
* *
* \warning CBC-MAC is insecure in many cases. * \warning CBC-MAC is insecure in many cases.
* A more secure mode, such as #PSA_ALG_CMAC, is recommended. * A more secure mode, such as #PSA_ALG_CMAC, is recommended.
*/ */
#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
/** The CMAC construction over a block cipher */ /** The CMAC construction over a block cipher */
#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) #define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
/** Whether the specified algorithm is a MAC algorithm based on a block cipher. /** Whether the specified algorithm is a MAC algorithm based on a block cipher.
* *
@ -950,19 +950,19 @@
* For example, to use AES-128-CTR, use this algorithm with * For example, to use AES-128-CTR, use this algorithm with
* a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
*/ */
#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) #define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000)
/** The CFB stream cipher mode. /** The CFB stream cipher mode.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) #define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100)
/** The OFB stream cipher mode. /** The OFB stream cipher mode.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) #define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200)
/** The XTS cipher mode. /** The XTS cipher mode.
* *
@ -970,7 +970,7 @@
* least one full block of input, but beyond this minimum the input * least one full block of input, but beyond this minimum the input
* does not need to be a whole number of blocks. * does not need to be a whole number of blocks.
*/ */
#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) #define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00)
/** The Electronic Code Book (ECB) mode of a block cipher, with no padding. /** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
* *
@ -999,7 +999,7 @@
* This symmetric cipher mode can only be used with messages whose lengths * This symmetric cipher mode can only be used with messages whose lengths
* are whole number of blocks for the chosen block cipher. * are whole number of blocks for the chosen block cipher.
*/ */
#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000)
/** The CBC block cipher chaining mode with PKCS#7 padding. /** The CBC block cipher chaining mode with PKCS#7 padding.
* *
@ -1007,7 +1007,7 @@
* *
* This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3. * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
*/ */
#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100)
#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
@ -1028,13 +1028,13 @@
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) #define PSA_ALG_CCM ((psa_algorithm_t)0x05500100)
/** The GCM authenticated encryption algorithm. /** The GCM authenticated encryption algorithm.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) #define PSA_ALG_GCM ((psa_algorithm_t)0x05500200)
/** The Chacha20-Poly1305 AEAD algorithm. /** The Chacha20-Poly1305 AEAD algorithm.
* *
@ -1045,14 +1045,14 @@
* *
* Implementations must support 16-byte tags and should reject other sizes. * Implementations must support 16-byte tags and should reject other sizes.
*/ */
#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
/* In the encoding of a AEAD algorithm, the bits corresponding to /* In the encoding of a AEAD algorithm, the bits corresponding to
* PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
* The constants for default lengths follow this encoding. * The constants for default lengths follow this encoding.
*/ */
#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000)
#define PSA_AEAD_TAG_LENGTH_OFFSET 8 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
/** Macro to build a shortened AEAD algorithm. /** Macro to build a shortened AEAD algorithm.
* *
@ -1096,7 +1096,7 @@
PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \
ref : ref :
#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200)
/** RSA PKCS#1 v1.5 signature with hashing. /** RSA PKCS#1 v1.5 signature with hashing.
* *
* This is the signature scheme defined by RFC 8017 * This is the signature scheme defined by RFC 8017
@ -1124,7 +1124,7 @@
#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300)
/** RSA PSS signature with hashing. /** RSA PSS signature with hashing.
* *
* This is the signature scheme defined by RFC 8017 * This is the signature scheme defined by RFC 8017
@ -1148,7 +1148,7 @@
#define PSA_ALG_IS_RSA_PSS(alg) \ #define PSA_ALG_IS_RSA_PSS(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600)
/** ECDSA signature with hashing. /** ECDSA signature with hashing.
* *
* This is the ECDSA signature scheme defined by ANSI X9.62, * This is the ECDSA signature scheme defined by ANSI X9.62,
@ -1181,7 +1181,7 @@
* the curve size. * the curve size.
*/ */
#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700)
/** Deterministic ECDSA signature with hashing. /** Deterministic ECDSA signature with hashing.
* *
* This is the deterministic ECDSA signature scheme defined by RFC 6979. * This is the deterministic ECDSA signature scheme defined by RFC 6979.
@ -1206,7 +1206,7 @@
*/ */
#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
(PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100)
#define PSA_ALG_IS_ECDSA(alg) \ #define PSA_ALG_IS_ECDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
PSA_ALG_ECDSA_BASE) PSA_ALG_ECDSA_BASE)
@ -1260,9 +1260,9 @@
/** RSA PKCS#1 v1.5 encryption. /** RSA PKCS#1 v1.5 encryption.
*/ */
#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200)
#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300)
/** RSA OAEP encryption. /** RSA OAEP encryption.
* *
* This is the encryption scheme defined by RFC 8017 * This is the encryption scheme defined by RFC 8017
@ -1286,7 +1286,7 @@
((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
0) 0)
#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100) #define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100)
/** Macro to build an HKDF algorithm. /** Macro to build an HKDF algorithm.
* *
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
@ -1325,7 +1325,7 @@
#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200)
/** Macro to build a TLS-1.2 PRF algorithm. /** Macro to build a TLS-1.2 PRF algorithm.
* *
* TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
@ -1368,7 +1368,7 @@
#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300)
/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
* *
* In a pure-PSK handshake in TLS 1.2, the master secret is derived * In a pure-PSK handshake in TLS 1.2, the master secret is derived
@ -1414,8 +1414,8 @@
#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff)
#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)
/** Macro to build a combined algorithm that chains a key agreement with /** Macro to build a combined algorithm that chains a key agreement with
* a key derivation. * a key derivation.
@ -1468,7 +1468,7 @@
* It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
* in bits. * in bits.
*/ */
#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) #define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000)
/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
* *
@ -1510,7 +1510,7 @@
* in big-endian byte order. * in big-endian byte order.
* The bit size is `m` for the field `F_{2^m}`. * The bit size is `m` for the field `F_{2^m}`.
*/ */
#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) #define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000)
/** Whether the specified algorithm is an elliptic curve Diffie-Hellman /** Whether the specified algorithm is an elliptic curve Diffie-Hellman
* algorithm. * algorithm.
@ -1815,7 +1815,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the private key. * For a key pair, this concerns the private key.
*/ */
#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00000400) #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000)
/** Whether the key may be used to verify a message signature. /** Whether the key may be used to verify a message signature.
* *
@ -1825,11 +1825,11 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the public key. * For a key pair, this concerns the public key.
*/ */
#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00000800) #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000)
/** Whether the key may be used to derive other keys. /** Whether the key may be used to derive other keys.
*/ */
#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000)
/**@}*/ /**@}*/

View file

@ -273,10 +273,10 @@ class MacroCollector:
return return
self.algorithms.add(name) self.algorithms.add(name)
# Ad hoc detection of hash algorithms # Ad hoc detection of hash algorithms
if re.search(r'0x010000[0-9A-Fa-f]{2}', expansion): if re.search(r'0x020000[0-9A-Fa-f]{2}', expansion):
self.hash_algorithms.add(name) self.hash_algorithms.add(name)
# Ad hoc detection of key agreement algorithms # Ad hoc detection of key agreement algorithms
if re.search(r'0x30[0-9A-Fa-f]{2}0000', expansion): if re.search(r'0x09[0-9A-Fa-f]{2}0000', expansion):
self.ka_algorithms.add(name) self.ka_algorithms.add(name)
elif name.startswith('PSA_ALG_') and parameter == 'hash_alg': elif name.startswith('PSA_ALG_') and parameter == 'hash_alg':
if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']: if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']: