From a29455144616e34dd51973061d186317b0cfa5a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 3 Dec 2020 21:40:17 +0100 Subject: [PATCH] Update PSA Crypto macro values to version 1.0.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This should be everything that's needed for the stable storage format. Signed-off-by: Bence Szépkúti --- include/psa/crypto_extra.h | 4 +- include/psa/crypto_values.h | 114 +++++++++++++++--------------- scripts/generate_psa_constants.py | 4 +- 3 files changed, 61 insertions(+), 61 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b25addc85..f793a6cac 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -353,7 +353,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, #define PSA_KEY_TYPE_IS_DSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) -#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) +#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400) /** DSA signature with hashing. * * This is the signature scheme defined by FIPS 186-4, @@ -370,7 +370,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, */ #define PSA_ALG_DSA(hash_alg) \ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) +#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500) #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG /** Deterministic DSA signature with hashing. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 6a6cdf745..a260e4c84 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -609,14 +609,14 @@ #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) -#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) -#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000) #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) -#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) -#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) -#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000) /** Whether an algorithm is vendor-defined. * @@ -718,35 +718,35 @@ #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) /** MD2 */ -#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +#define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001) /** MD4 */ -#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +#define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002) /** MD5 */ -#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003) /** PSA_ALG_RIPEMD160 */ -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004) /** SHA1 */ -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005) /** SHA2-224 */ -#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008) /** SHA2-256 */ -#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009) /** SHA2-384 */ -#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a) /** SHA2-512 */ -#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b) /** SHA2-512/224 */ -#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c) /** SHA2-512/256 */ -#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d) /** SHA3-224 */ -#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010) /** SHA3-256 */ -#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011) /** SHA3-384 */ -#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012) /** SHA3-512 */ -#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) +#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013) /** In a hash-and-sign algorithm policy, allow any hash algorithm. * @@ -781,10 +781,10 @@ * This value may not be used to build an algorithm specification to * perform an operation. It is only valid to build policies. */ -#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff) #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000) /** Macro to build an HMAC algorithm. * * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. @@ -823,8 +823,8 @@ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation * is correctly encoded as a value between 1 and 63. */ -#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) -#define PSA_MAC_TRUNCATION_OFFSET 8 +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000) +#define PSA_MAC_TRUNCATION_OFFSET 16 /** Macro to build a truncated MAC algorithm. * @@ -892,15 +892,15 @@ #define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) -#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000) /** The CBC-MAC construction over a block cipher * * \warning CBC-MAC is insecure in many cases. * A more secure mode, such as #PSA_ALG_CMAC, is recommended. */ -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100) /** The CMAC construction over a block cipher */ -#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) +#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * @@ -950,19 +950,19 @@ * For example, to use AES-128-CTR, use this algorithm with * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) +#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000) /** The CFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) +#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100) /** The OFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) +#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200) /** The XTS cipher mode. * @@ -970,7 +970,7 @@ * least one full block of input, but beyond this minimum the input * does not need to be a whole number of blocks. */ -#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) +#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00) /** The Electronic Code Book (ECB) mode of a block cipher, with no padding. * @@ -999,7 +999,7 @@ * This symmetric cipher mode can only be used with messages whose lengths * are whole number of blocks for the chosen block cipher. */ -#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000) /** The CBC block cipher chaining mode with PKCS#7 padding. * @@ -1007,7 +1007,7 @@ * * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. */ -#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100) #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) @@ -1028,13 +1028,13 @@ * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) +#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100) /** The GCM authenticated encryption algorithm. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) +#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200) /** The Chacha20-Poly1305 AEAD algorithm. * @@ -1045,14 +1045,14 @@ * * Implementations must support 16-byte tags and should reject other sizes. */ -#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500) /* In the encoding of a AEAD algorithm, the bits corresponding to * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * The constants for default lengths follow this encoding. */ -#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) -#define PSA_AEAD_TAG_LENGTH_OFFSET 8 +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000) +#define PSA_AEAD_TAG_LENGTH_OFFSET 16 /** Macro to build a shortened AEAD algorithm. * @@ -1096,7 +1096,7 @@ PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ ref : -#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) +#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200) /** RSA PKCS#1 v1.5 signature with hashing. * * This is the signature scheme defined by RFC 8017 @@ -1124,7 +1124,7 @@ #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) -#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300) /** RSA PSS signature with hashing. * * This is the signature scheme defined by RFC 8017 @@ -1148,7 +1148,7 @@ #define PSA_ALG_IS_RSA_PSS(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) -#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600) /** ECDSA signature with hashing. * * This is the ECDSA signature scheme defined by ANSI X9.62, @@ -1181,7 +1181,7 @@ * the curve size. */ #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE -#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700) /** Deterministic ECDSA signature with hashing. * * This is the deterministic ECDSA signature scheme defined by RFC 6979. @@ -1206,7 +1206,7 @@ */ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100) #define PSA_ALG_IS_ECDSA(alg) \ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ PSA_ALG_ECDSA_BASE) @@ -1260,9 +1260,9 @@ /** RSA PKCS#1 v1.5 encryption. */ -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200) -#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300) /** RSA OAEP encryption. * * This is the encryption scheme defined by RFC 8017 @@ -1286,7 +1286,7 @@ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) -#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100) +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100) /** Macro to build an HKDF algorithm. * * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. @@ -1325,7 +1325,7 @@ #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200) /** Macro to build a TLS-1.2 PRF algorithm. * * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, @@ -1368,7 +1368,7 @@ #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300) /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. * * In a pure-PSK handshake in TLS 1.2, the master secret is derived @@ -1414,8 +1414,8 @@ #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) -#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000) /** Macro to build a combined algorithm that chains a key agreement with * a key derivation. @@ -1468,7 +1468,7 @@ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * in bits. */ -#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) +#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000) /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. * @@ -1510,7 +1510,7 @@ * in big-endian byte order. * The bit size is `m` for the field `F_{2^m}`. */ -#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) +#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000) /** Whether the specified algorithm is an elliptic curve Diffie-Hellman * algorithm. @@ -1815,7 +1815,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00000400) +#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000) /** Whether the key may be used to verify a message signature. * @@ -1825,11 +1825,11 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00000800) +#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000) /** Whether the key may be used to derive other keys. */ -#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000) /**@}*/ diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 401c2fc12..01d3e3a93 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -273,10 +273,10 @@ class MacroCollector: return self.algorithms.add(name) # Ad hoc detection of hash algorithms - if re.search(r'0x010000[0-9A-Fa-f]{2}', expansion): + if re.search(r'0x020000[0-9A-Fa-f]{2}', expansion): self.hash_algorithms.add(name) # Ad hoc detection of key agreement algorithms - if re.search(r'0x30[0-9A-Fa-f]{2}0000', expansion): + if re.search(r'0x09[0-9A-Fa-f]{2}0000', expansion): self.ka_algorithms.add(name) elif name.startswith('PSA_ALG_') and parameter == 'hash_alg': if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']: