New macro PSA_ALG_IS_HASH_AND_SIGN

Test for a subclass of public-key algorithm: those that perform
full-domain hashing, i.e. algorithms that can be broken down as
sign(key, hash(message)).
This commit is contained in:
Gilles Peskine 2019-01-14 16:02:15 +01:00
parent d40c1fbd50
commit b66c27b2c9
3 changed files with 32 additions and 14 deletions

View file

@ -1046,6 +1046,23 @@
#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
(PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
/** Whether the specified algorithm is a hash-and-sign algorithm.
*
* Hash-and-sign algorithms are public-key signature algorithms structured
* in two parts: first the calculation of a hash in a way that does not
* depend on the key, then the calculation of a signature from the
* hash value and the key.
*
* \param alg An algorithm identifier (value of type #psa_algorithm_t).
*
* \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise.
* This macro may return either 0 or 1 if \p alg is not a supported
* algorithm identifier.
*/
#define PSA_ALG_IS_HASH_AND_SIGN(alg) \
(PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
/** Get the hash used by a hash-and-sign signature algorithm.
*
* A hash-and-sign algorithm is a signature algorithm which is
@ -1065,8 +1082,7 @@
* if it is not supported by the implementation.
*/
#define PSA_ALG_SIGN_GET_HASH(alg) \
(PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \
(PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \
((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
0)

View file

@ -200,35 +200,35 @@ aead_algorithm:PSA_ALG_GCM:0:16
Asymmetric signature: RSA PKCS#1 v1.5 raw
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
Asymmetric signature: RSA PSS SHA-256
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS
asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_HASH_AND_SIGN
Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA | ALG_IS_HASH_AND_SIGN
Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
Asymmetric signature: randomized ECDSA (no hashing)
depends_on:MBEDTLS_ECDSA_C
asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
Asymmetric signature: SHA-256 + randomized ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
Asymmetric encryption: RSA PKCS#1 v1.5
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

View file

@ -29,10 +29,11 @@
#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 )
#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 )
#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 )
#define ALG_IS_RSA_OAEP ( 1u << 14 )
#define ALG_IS_HKDF ( 1u << 15 )
#define ALG_IS_FFDH ( 1u << 16 )
#define ALG_IS_ECDH ( 1u << 17 )
#define ALG_IS_HASH_AND_SIGN ( 1u << 14 )
#define ALG_IS_RSA_OAEP ( 1u << 15 )
#define ALG_IS_HKDF ( 1u << 16 )
#define ALG_IS_FFDH ( 1u << 17 )
#define ALG_IS_ECDH ( 1u << 18 )
/* Flags for key type classification macros. There is a flag for every
* key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
@ -67,6 +68,7 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags )
TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
exit: ;