yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-21 19:57:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix size macros and its documentation

Browse source 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2021-01-07 14:26:12 +01:00
parent fbd9f1e683
commit e86bdcaa11
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD
1 changed files with 75 additions and 73 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

122
include/psa/crypto_sizes.h
View file

@ -145,8 +145,7 @@
* *
* See also #PSA_AEAD_TAG_LENGTH(\p alg). * See also #PSA_AEAD_TAG_LENGTH(\p alg).
*/ */
#define PSA_AEAD_TAG_MAX_SIZE \ #define PSA_AEAD_TAG_MAX_SIZE 16
(PSA_ALG_AEAD_TAG_LENGTH_MASK >> PSA_AEAD_TAG_LENGTH_OFFSET)
/* The maximum size of an RSA key on this implementation, in bits. /* The maximum size of an RSA key on this implementation, in bits.
* This is a vendor-specific macro. * This is a vendor-specific macro.
@ -249,6 +248,10 @@
* insufficient buffer size. Depending on the algorithm, the actual size of * insufficient buffer size. Depending on the algorithm, the actual size of
* the ciphertext may be smaller. * the ciphertext may be smaller.
* *
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param alg An AEAD algorithm * \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that * (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true). * #PSA_ALG_IS_AEAD(\p alg) is true).
@ -272,6 +275,9 @@
* If the size of the ciphertext buffer is at least this large, it is guaranteed * If the size of the ciphertext buffer is at least this large, it is guaranteed
* that psa_aead_encrypt() will not fail due to an insufficient buffer size. * that psa_aead_encrypt() will not fail due to an insufficient buffer size.
* *
* \note This macro returns a compile-time constant if its arguments are
* compile-time constants.
*
* See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, \p plaintext_length). * See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, \p plaintext_length).
* *
* \param plaintext_length Size of the plaintext in bytes. * \param plaintext_length Size of the plaintext in bytes.
@ -291,6 +297,10 @@
* insufficient buffer size. Depending on the algorithm, the actual size of * insufficient buffer size. Depending on the algorithm, the actual size of
* the plaintext may be smaller. * the plaintext may be smaller.
* *
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param alg An AEAD algorithm * \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that * (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true). * #PSA_ALG_IS_AEAD(\p alg) is true).
@ -380,6 +390,10 @@
* insufficient buffer size. The actual size of the output may be smaller * insufficient buffer size. The actual size of the output may be smaller
* in any given call. * in any given call.
* *
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param alg An AEAD algorithm * \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that * (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true). * #PSA_ALG_IS_AEAD(\p alg) is true).
@ -397,11 +411,9 @@
* capable of this. So for modes based on a block cipher, allow the * capable of this. So for modes based on a block cipher, allow the
* implementation to delay the output until it has a full block. */ * implementation to delay the output until it has a full block. */
#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ #define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \
(PSA_AEAD_TAG_LENGTH(alg) != 0 ? \
(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \
(input_length)) : \ (input_length)) : \
0)
/** A sufficient output buffer size for psa_aead_update(), for any of the /** A sufficient output buffer size for psa_aead_update(), for any of the
* supported key types and AEAD algorithms. * supported key types and AEAD algorithms.
@ -573,10 +585,12 @@
/** A sufficient output buffer size for psa_asymmetric_encrypt(), for any /** A sufficient output buffer size for psa_asymmetric_encrypt(), for any
* supported asymmetric encryption. * supported asymmetric encryption.
* *
* This macro assumes that RSA is the only supported asymmetric encryption.
*
* See also #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg). * See also #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg).
*/ */
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE \ #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE \
(PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS)) (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
/** Sufficient output buffer size for psa_asymmetric_decrypt(). /** Sufficient output buffer size for psa_asymmetric_decrypt().
* *
@ -612,10 +626,12 @@
/** A sufficient output buffer size for psa_asymmetric_decrypt(), for any /** A sufficient output buffer size for psa_asymmetric_decrypt(), for any
* supported asymmetric decryption. * supported asymmetric decryption.
* *
* This macro assumes that RSA is the only supported asymmetric encryption.
*
* See also #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg). * See also #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg).
*/ */
#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE \ #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE \
(PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS)) (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
/* Maximum size of the ASN.1 encoding of an INTEGER with the specified /* Maximum size of the ASN.1 encoding of an INTEGER with the specified
* number of bits. * number of bits.
@ -783,9 +799,9 @@
* This macro returns a compile-time constant if its arguments are * This macro returns a compile-time constant if its arguments are
* compile-time constants. * compile-time constants.
* *
* \warning This function can evaluate its arguments multiple times or * \warning This macro may evaluate its arguments multiple times or
* zero times. Providing arguments that have side effects will * zero times, so you should not pass arguments that contain
* result in implementation-specific behavior, and is non-portable. * side effects.
* *
* The following code illustrates how to allocate enough memory to export * The following code illustrates how to allocate enough memory to export
* a public key by querying the key type and size at runtime. * a public key by querying the key type and size at runtime.
@ -793,19 +809,16 @@
* psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
* psa_status_t status; * psa_status_t status;
* status = psa_get_key_attributes(key, &attributes); * status = psa_get_key_attributes(key, &attributes);
* if (status != PSA_SUCCESS) * if (status != PSA_SUCCESS) handle_error(...);
* handle_error(...);
* psa_key_type_t key_type = psa_get_key_type(&attributes); * psa_key_type_t key_type = psa_get_key_type(&attributes);
* size_t key_bits = psa_get_key_bits(&attributes); * size_t key_bits = psa_get_key_bits(&attributes);
* size_t buffer_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits); * size_t buffer_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits);
* psa_reset_key_attributes(&attributes); * psa_reset_key_attributes(&attributes);
* uint8_t *buffer = malloc(buffer_size); * uint8_t *buffer = malloc(buffer_size);
* if (buffer == NULL) * if (buffer == NULL) handle_error(...);
* handle_error(...);
* size_t buffer_length; * size_t buffer_length;
* status = psa_export_public_key(key, buffer, buffer_size, &buffer_length); * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
* if (status != PSA_SUCCESS) * if (status != PSA_SUCCESS) handle_error(...);
* handle_error(...);
* \endcode * \endcode
* *
* \param key_type A public key or key pair key type. * \param key_type A public key or key pair key type.
@ -828,9 +841,8 @@
* \p key_bits). * \p key_bits).
*/ */
#define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits) \ #define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits) \
((key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ (PSA_KEY_TYPE_IS_RSA(key_type) ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
(key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
0) 0)
/** Sufficient buffer size for exporting any asymmetric key pair. /** Sufficient buffer size for exporting any asymmetric key pair.
@ -843,16 +855,10 @@
* See also #PSA_EXPORT_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). * See also #PSA_EXPORT_KEY_OUTPUT_SIZE(\p key_type, \p key_bits).
*/ */
#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ #define PSA_EXPORT_KEY_PAIR_MAX_SIZE \
(PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) > \ (PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \
PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) ? \ PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ? \
(PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) > \ PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) : \
PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) ? \ PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS))
PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) : \
PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS)) : \
(PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) > \
PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) ? \
PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS) : \
PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_MAX_KEY_BITS)))
/** Sufficient buffer size for exporting any asymmetric public key. /** Sufficient buffer size for exporting any asymmetric public key.
* *
@ -865,25 +871,19 @@
* See also #PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). * See also #PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(\p key_type, \p key_bits).
*/ */
#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ #define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \
(PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) > \ (PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \
PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) ? \ PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ? \
(PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) > \ PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) : \
PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) ? \ PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS))
PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) : \
PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS)) : \
(PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) > \
PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) ? \
PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS) : \
PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_MAX_KEY_BITS)))
/** Sufficient output buffer size for psa_raw_key_agreement(). /** Sufficient output buffer size for psa_raw_key_agreement().
* *
* This macro returns a compile-time constant if its arguments are * This macro returns a compile-time constant if its arguments are
* compile-time constants. * compile-time constants.
* *
* \warning This function can evaluate its arguments multiple times or * \warning This macro may evaluate its arguments multiple times or
* zero times. Providing arguments that have side effects will * zero times, so you should not pass arguments that contain
* result in implementation-specific behavior, and is non-portable. * side effects.
* *
* See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE. * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE.
* *
@ -899,9 +899,10 @@
* a sensible size or 0. If the parameters are not valid, * a sensible size or 0. If the parameters are not valid,
* the return value is unspecified. * the return value is unspecified.
*/ */
/* FFDH is not yet supported in PSA. */
#define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits) \ #define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits) \
(PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? \ (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? \
2 * PSA_BITS_TO_BYTES(key_bits) : \ PSA_BITS_TO_BYTES(key_bits) : \
0) 0)
/** Maximum size of the output from psa_raw_key_agreement(). /** Maximum size of the output from psa_raw_key_agreement().
@ -914,7 +915,7 @@
* See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(\p key_type, \p key_bits). * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(\p key_type, \p key_bits).
*/ */
#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE \ #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE \
(2 * PSA_BITS_TO_BYTES(key_bits)) (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS))
/** The default IV size for a cipher algorithm, in bytes. /** The default IV size for a cipher algorithm, in bytes.
* *
@ -968,9 +969,9 @@
* *
* See also #PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(\p input_length). * See also #PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(\p input_length).
* *
* \warning This function can evaluate its arguments multiple times or * \warning This macro may evaluate its arguments multiple times or
* zero times. Providing arguments that have side effects will * zero times, so you should not pass arguments that contain
* result in implementation-specific behavior, and is non-portable. * side effects.
* *
* \param key_type A symmetric key type that is compatible with algorithm * \param key_type A symmetric key type that is compatible with algorithm
* alg. * alg.
@ -981,18 +982,16 @@
* \return A sufficient output size for the specified key type and * \return A sufficient output size for the specified key type and
* algorithm. If the key type or cipher algorithm is not * algorithm. If the key type or cipher algorithm is not
* recognized, or the parameters are incompatible, * recognized, or the parameters are incompatible,
* return 0. An implementation can return either 0 or * return 0.
* a correct size for a key type and cipher algorithm
* that it recognizes, but does not support.
*/ */
#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ #define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \
(PSA_ALG_IS_CIPHER(alg) && \
((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
(alg == PSA_ALG_CBC_PKCS7 ? \ (alg == PSA_ALG_CBC_PKCS7 ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
(input_length) + PSA_CIPHER_IV_LENGTH(key_type, alg)) : \ (input_length) + PSA_CIPHER_IV_LENGTH((key_type), \
(input_length) + PSA_CIPHER_IV_LENGTH(key_type, alg) ) : \ (alg))) : \
0) (PSA_ALG_IS_CIPHER(alg) ? \
(input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \
0))
/** A sufficient output buffer size for psa_cipher_encrypt(), for any of the /** A sufficient output buffer size for psa_cipher_encrypt(), for any of the
* supported key types and cipher algorithms. * supported key types and cipher algorithms.
@ -1071,9 +1070,13 @@
* but does not support. * but does not support.
*/ */
#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ #define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
(PSA_ALG_IS_CIPHER(alg) && \ (PSA_ALG_IS_CIPHER(alg) ? \
((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ (((alg) == PSA_ALG_CBC_PKCS7 || \
(input_length) + PSA_CIPHER_IV_LENGTH(key_type, alg) : \ (alg) == PSA_ALG_CBC_NO_PADDING || \
(alg) == PSA_ALG_ECB_NO_PADDING) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
input_length) : \
(input_length)) : \
0) 0)
/** A sufficient output buffer size for psa_cipher_update(), for any of the /** A sufficient output buffer size for psa_cipher_update(), for any of the
@ -1110,10 +1113,9 @@
* but does not support. * but does not support.
*/ */
#define PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg) \ #define PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg) \
(PSA_ALG_IS_CIPHER(alg) && \ (PSA_ALG_IS_CIPHER(alg) ? \
((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
(alg == PSA_ALG_CBC_PKCS7 ? \ (alg == PSA_ALG_CBC_PKCS7 ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0) : \ 0) : \
0) 0)