mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-05 05:03:44 +01:00
15f0d92a48
It makes sense to do the length checking in the core rather than expect each driver to deal with it themselves. This puts the onus on the core to dictate which algorithm/key combinations are valid before calling a driver. Additionally, this commit also updates the psa_mac_sign_finish function to better deal with output buffer sanitation, as per the review comments on #4247. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
93 lines
3.2 KiB
C
93 lines
3.2 KiB
C
/*
|
|
* Context structure declaration of the Mbed TLS software-based PSA drivers
|
|
* called through the PSA Crypto driver dispatch layer.
|
|
* This file contains the context structures of those algorithms which need to
|
|
* rely on other algorithms, i.e. are 'composite' algorithms.
|
|
*
|
|
* \note This file may not be included directly. Applications must
|
|
* include psa/crypto.h.
|
|
*
|
|
* \note This header and its content is not part of the Mbed TLS API and
|
|
* applications must not depend on it. Its main purpose is to define the
|
|
* multi-part state objects of the Mbed TLS software-based PSA drivers. The
|
|
* definition of these objects are then used by crypto_struct.h to define the
|
|
* implementation-defined types of PSA multi-part state objects.
|
|
*/
|
|
/*
|
|
* Copyright The Mbed TLS Contributors
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H
|
|
#define PSA_CRYPTO_BUILTIN_COMPOSITES_H
|
|
|
|
#include <psa/crypto_driver_common.h>
|
|
|
|
/*
|
|
* MAC multi-part operation definitions.
|
|
*/
|
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
|
|
defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
|
|
#define MBEDTLS_PSA_BUILTIN_MAC
|
|
#endif
|
|
|
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
|
|
typedef struct
|
|
{
|
|
/** The HMAC algorithm in use */
|
|
psa_algorithm_t alg;
|
|
/** The hash context. */
|
|
struct psa_hash_operation_s hash_ctx;
|
|
/** The HMAC part of the context. */
|
|
uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
|
|
} mbedtls_psa_hmac_operation_t;
|
|
|
|
#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}}
|
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
|
|
|
|
#include "mbedtls/cmac.h"
|
|
|
|
typedef struct
|
|
{
|
|
psa_algorithm_t alg;
|
|
union
|
|
{
|
|
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
|
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
|
|
mbedtls_psa_hmac_operation_t hmac;
|
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
|
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
|
|
mbedtls_cipher_context_t cmac;
|
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
|
|
} ctx;
|
|
} mbedtls_psa_mac_operation_t;
|
|
|
|
#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}}
|
|
|
|
/*
|
|
* BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
|
|
*/
|
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
|
|
|
typedef mbedtls_psa_mac_operation_t mbedtls_transparent_test_driver_mac_operation_t;
|
|
typedef mbedtls_psa_mac_operation_t mbedtls_opaque_test_driver_mac_operation_t;
|
|
|
|
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
|
|
#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
|
|
|
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
|
|
|
#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */
|