mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-27 07:54:18 +01:00
More documentation
This commit is contained in:
parent
d393e18f90
commit
7e19853722
@ -201,11 +201,24 @@ typedef uint32_t psa_key_type_t;
|
||||
((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \
|
||||
~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
|
||||
|
||||
/** The block size of a block cipher.
|
||||
*
|
||||
* \param type A cipher key type (value of type #psa_key_type_t).
|
||||
*
|
||||
* \return The block size for a block cipher, or 1 for a stream cipher.
|
||||
* The return value is undefined if \c type does not identify
|
||||
* a cipher algorithm.
|
||||
*
|
||||
* \note This macro returns a compile-time constant if its argument is one.
|
||||
*
|
||||
* \warning This macro may evaluate its argument multiple times.
|
||||
*/
|
||||
#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
|
||||
( \
|
||||
(type) == PSA_KEY_TYPE_AES ? 16 : \
|
||||
(type) == PSA_KEY_TYPE_DES ? 8 : \
|
||||
(type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \
|
||||
(type) == PSA_KEY_TYPE_ARC4 ? 1 : \
|
||||
0)
|
||||
|
||||
/** \brief Encoding of a cryptographic algorithm.
|
||||
@ -233,11 +246,12 @@ typedef uint32_t psa_algorithm_t;
|
||||
(((alg) & PSA_ALG_VENDOR_FLAG) != 0)
|
||||
/** Whether the specified algorithm is a hash algorithm.
|
||||
*
|
||||
* \param alg An algorithm identifier (\c PSA_ALG_XXX value)
|
||||
* \param alg An algorithm identifier (value of type #psa_algorithm_t).
|
||||
*
|
||||
* \return 1 if \c alg is a hash algorithm, 0 otherwise.
|
||||
* This macro may return either 0 or 1 if \c alg is not a valid
|
||||
* algorithm identifier. */
|
||||
* algorithm identifier.
|
||||
*/
|
||||
#define PSA_ALG_IS_HASH(alg) \
|
||||
(((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
|
||||
#define PSA_ALG_IS_MAC(alg) \
|
||||
@ -474,11 +488,41 @@ psa_status_t psa_export_public_key(psa_key_slot_t key,
|
||||
/** \brief Encoding of permitted usage on a key. */
|
||||
typedef uint32_t psa_key_usage_t;
|
||||
|
||||
/** Whether the key may be exported.
|
||||
*
|
||||
* A public key or the public part of a key pair may always be exported
|
||||
* regardless of the value of this permission flag.
|
||||
*
|
||||
* If a key does not have export permission, implementations shall not
|
||||
* allow the key to be exported in plain form from the cryptoprocessor,
|
||||
* whether through psa_export_key() or through a proprietary interface.
|
||||
* The key may however be exportable in a wrapped form, i.e. in a form
|
||||
* where it is encrypted by another key.
|
||||
*/
|
||||
#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
|
||||
|
||||
/** Whether the key may be used to encrypt a message.
|
||||
*
|
||||
* For a key pair, this concerns the public key.
|
||||
*/
|
||||
#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
|
||||
|
||||
/** Whether the key may be used to decrypt a message.
|
||||
*
|
||||
* For a key pair, this concerns the private key.
|
||||
*/
|
||||
#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
|
||||
|
||||
/** Whether the key may be used to sign a message.
|
||||
*
|
||||
* For a key pair, this concerns the private key.
|
||||
*/
|
||||
#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400)
|
||||
|
||||
/** Whether the key may be used to verify a message signature.
|
||||
*
|
||||
* For a key pair, this concerns the public key.
|
||||
*/
|
||||
#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800)
|
||||
|
||||
/** The type of the key policy data structure.
|
||||
@ -492,6 +536,12 @@ typedef struct psa_key_policy_s psa_key_policy_t;
|
||||
* usage of the key. */
|
||||
void psa_key_policy_init(psa_key_policy_t *policy);
|
||||
|
||||
/** \brief Set the standard fields of a policy structure.
|
||||
*
|
||||
* Note that this function does not make any consistency check of the
|
||||
* parameters. The values are only checked when applying the policy to
|
||||
* a key slot with psa_set_key_policy().
|
||||
*/
|
||||
void psa_key_policy_set_usage(psa_key_policy_t *policy,
|
||||
psa_key_usage_t usage,
|
||||
psa_algorithm_t alg);
|
||||
@ -505,10 +555,15 @@ psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy);
|
||||
* This function must be called on an empty key slot, before importing,
|
||||
* generating or creating a key in the slot. Changing the policy of an
|
||||
* existing key is not permitted.
|
||||
*
|
||||
* Implementations may set restrictions on supported key policies
|
||||
* depending on the key type and the key slot.
|
||||
*/
|
||||
psa_status_t psa_set_key_policy(psa_key_slot_t key,
|
||||
const psa_key_policy_t *policy);
|
||||
|
||||
/** \brief Get the usage policy for a key slot.
|
||||
*/
|
||||
psa_status_t psa_get_key_policy(psa_key_slot_t key,
|
||||
psa_key_policy_t *policy);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user