diff options
Diffstat (limited to 'lib/mbedtls-2.27.0/programs/psa')
| -rw-r--r-- | lib/mbedtls-2.27.0/programs/psa/CMakeLists.txt | 21 | ||||
| -rw-r--r-- | lib/mbedtls-2.27.0/programs/psa/crypto_examples.c | 331 | ||||
| -rw-r--r-- | lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.c | 707 | ||||
| -rwxr-xr-x | lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.sh | 65 | ||||
| -rw-r--r-- | lib/mbedtls-2.27.0/programs/psa/psa_constant_names.c | 327 | ||||
| -rw-r--r-- | lib/mbedtls-2.27.0/programs/psa/psa_constant_names_generated.c | 430 |
6 files changed, 1881 insertions, 0 deletions
diff --git a/lib/mbedtls-2.27.0/programs/psa/CMakeLists.txt b/lib/mbedtls-2.27.0/programs/psa/CMakeLists.txt new file mode 100644 index 0000000..23e85fe --- /dev/null +++ b/lib/mbedtls-2.27.0/programs/psa/CMakeLists.txt @@ -0,0 +1,21 @@ +set(executables + crypto_examples + key_ladder_demo + psa_constant_names +) + +foreach(exe IN LISTS executables) + add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>) + target_link_libraries(${exe} ${mbedcrypto_target}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) +endforeach() + +target_include_directories(psa_constant_names PRIVATE ${CMAKE_CURRENT_BINARY_DIR}) + +install(TARGETS ${executables} + DESTINATION "bin" + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + +install(PROGRAMS + key_ladder_demo.sh + DESTINATION "bin") diff --git a/lib/mbedtls-2.27.0/programs/psa/crypto_examples.c b/lib/mbedtls-2.27.0/programs/psa/crypto_examples.c new file mode 100644 index 0000000..935d657 --- /dev/null +++ b/lib/mbedtls-2.27.0/programs/psa/crypto_examples.c @@ -0,0 +1,331 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "psa/crypto.h" +#include <string.h> +#include <stdio.h> +#include <stdlib.h> + +#define ASSERT( predicate ) \ + do \ + { \ + if( ! ( predicate ) ) \ + { \ + printf( "\tassertion failed at %s:%d - '%s'\r\n", \ + __FILE__, __LINE__, #predicate); \ + goto exit; \ + } \ + } while ( 0 ) + +#define ASSERT_STATUS( actual, expected ) \ + do \ + { \ + if( ( actual ) != ( expected ) ) \ + { \ + printf( "\tassertion failed at %s:%d - " \ + "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ + (psa_status_t) actual, (psa_status_t) expected ); \ + goto exit; \ + } \ + } while ( 0 ) + +#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \ + !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \ + !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) || \ + defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) +int main( void ) +{ + printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " + "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " + "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER" + " defined.\r\n" ); + return( 0 ); +} +#else + +static psa_status_t cipher_operation( psa_cipher_operation_t *operation, + const uint8_t * input, + size_t input_size, + size_t part_size, + uint8_t * output, + size_t output_size, + size_t *output_len ) +{ + psa_status_t status; + size_t bytes_to_write = 0, bytes_written = 0, len = 0; + + *output_len = 0; + while( bytes_written != input_size ) + { + bytes_to_write = ( input_size - bytes_written > part_size ? + part_size : + input_size - bytes_written ); + + status = psa_cipher_update( operation, input + bytes_written, + bytes_to_write, output + *output_len, + output_size - *output_len, &len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + bytes_written += bytes_to_write; + *output_len += len; + } + + status = psa_cipher_finish( operation, output + *output_len, + output_size - *output_len, &len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + *output_len += len; + +exit: + return( status ); +} + +static psa_status_t cipher_encrypt( psa_key_id_t key, + psa_algorithm_t alg, + uint8_t * iv, + size_t iv_size, + const uint8_t * input, + size_t input_size, + size_t part_size, + uint8_t * output, + size_t output_size, + size_t *output_len ) +{ + psa_status_t status; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + size_t iv_len = 0; + + memset( &operation, 0, sizeof( operation ) ); + status = psa_cipher_encrypt_setup( &operation, key, alg ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_operation( &operation, input, input_size, part_size, + output, output_size, output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_cipher_abort( &operation ); + return( status ); +} + +static psa_status_t cipher_decrypt( psa_key_id_t key, + psa_algorithm_t alg, + const uint8_t * iv, + size_t iv_size, + const uint8_t * input, + size_t input_size, + size_t part_size, + uint8_t * output, + size_t output_size, + size_t *output_len ) +{ + psa_status_t status; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + + memset( &operation, 0, sizeof( operation ) ); + status = psa_cipher_decrypt_setup( &operation, key, alg ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = psa_cipher_set_iv( &operation, iv, iv_size ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_operation( &operation, input, input_size, part_size, + output, output_size, output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_cipher_abort( &operation ); + return( status ); +} + +static psa_status_t +cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) +{ + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + key_bits = 256, + part_size = block_size, + }; + const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; + + psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_id_t key = 0; + size_t output_len = 0; + uint8_t iv[block_size]; + uint8_t input[block_size]; + uint8_t encrypt[block_size]; + uint8_t decrypt[block_size]; + + status = psa_generate_random( input, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, key_bits ); + + status = psa_generate_key( &attributes, &key ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_encrypt( key, alg, iv, sizeof( iv ), + input, sizeof( input ), part_size, + encrypt, sizeof( encrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_decrypt( key, alg, iv, sizeof( iv ), + encrypt, output_len, part_size, + decrypt, sizeof( decrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = memcmp( input, decrypt, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_destroy_key( key ); + return( status ); +} + +static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) +{ + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + key_bits = 256, + input_size = 100, + part_size = 10, + }; + + const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; + + psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_id_t key = 0; + size_t output_len = 0; + uint8_t iv[block_size], input[input_size], + encrypt[input_size + block_size], decrypt[input_size + block_size]; + + status = psa_generate_random( input, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, key_bits ); + + status = psa_generate_key( &attributes, &key ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_encrypt( key, alg, iv, sizeof( iv ), + input, sizeof( input ), part_size, + encrypt, sizeof( encrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_decrypt( key, alg, iv, sizeof( iv ), + encrypt, output_len, part_size, + decrypt, sizeof( decrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = memcmp( input, decrypt, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_destroy_key( key ); + return( status ); +} + +static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) +{ + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + key_bits = 256, + input_size = 100, + part_size = 10, + }; + const psa_algorithm_t alg = PSA_ALG_CTR; + + psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_id_t key = 0; + size_t output_len = 0; + uint8_t iv[block_size], input[input_size], encrypt[input_size], + decrypt[input_size]; + + status = psa_generate_random( input, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, key_bits ); + + status = psa_generate_key( &attributes, &key ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_encrypt( key, alg, iv, sizeof( iv ), + input, sizeof( input ), part_size, + encrypt, sizeof( encrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_decrypt( key, alg, iv, sizeof( iv ), + encrypt, output_len, part_size, + decrypt, sizeof( decrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = memcmp( input, decrypt, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_destroy_key( key ); + return( status ); +} + +static void cipher_examples( void ) +{ + psa_status_t status; + + printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" ); + status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( ); + if( status == PSA_SUCCESS ) + printf( "\tsuccess!\r\n" ); + + printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" ); + status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( ); + if( status == PSA_SUCCESS ) + printf( "\tsuccess!\r\n" ); + + printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" ); + status = cipher_example_encrypt_decrypt_aes_ctr_multi( ); + if( status == PSA_SUCCESS ) + printf( "\tsuccess!\r\n" ); +} + +int main( void ) +{ + ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + cipher_examples( ); +exit: + mbedtls_psa_crypto_free( ); + return( 0 ); +} +#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC && + MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */ diff --git a/lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.c b/lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.c new file mode 100644 index 0000000..5d64349 --- /dev/null +++ b/lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.c @@ -0,0 +1,707 @@ +/** + * PSA API key derivation demonstration + * + * This program calculates a key ladder: a chain of secret material, each + * derived from the previous one in a deterministic way based on a label. + * Two keys are identical if and only if they are derived from the same key + * using the same label. + * + * The initial key is called the master key. The master key is normally + * randomly generated, but it could itself be derived from another key. + * + * This program derives a series of keys called intermediate keys. + * The first intermediate key is derived from the master key using the + * first label passed on the command line. Each subsequent intermediate + * key is derived from the previous one using the next label passed + * on the command line. + * + * This program has four modes of operation: + * + * - "generate": generate a random master key. + * - "wrap": derive a wrapping key from the last intermediate key, + * and use that key to encrypt-and-authenticate some data. + * - "unwrap": derive a wrapping key from the last intermediate key, + * and use that key to decrypt-and-authenticate some + * ciphertext created by wrap mode. + * - "save": save the last intermediate key so that it can be reused as + * the master key in another run of the program. + * + * See the usage() output for the command line usage. See the file + * `key_ladder_demo.sh` for an example run. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* First include Mbed TLS headers to get the Mbed TLS configuration and + * platform definitions that we'll use in this program. Also include + * standard C headers for functions we'll use here. */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize + +#include <psa/crypto.h> + +/* If the build options we need are not enabled, compile a placeholder. */ +#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ + !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \ + defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) +int main( void ) +{ + printf( "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " + "defined.\n" ); + return( 0 ); +} +#else + +/* The real program starts here. */ + +/* Run a system function and bail out if it fails. */ +#define SYS_CHECK( expr ) \ + do \ + { \ + if( ! ( expr ) ) \ + { \ + perror( #expr ); \ + status = DEMO_ERROR; \ + goto exit; \ + } \ + } \ + while( 0 ) + +/* Run a PSA function and bail out if it fails. */ +#define PSA_CHECK( expr ) \ + do \ + { \ + status = ( expr ); \ + if( status != PSA_SUCCESS ) \ + { \ + printf( "Error %d at line %d: %s\n", \ + (int) status, \ + __LINE__, \ + #expr ); \ + goto exit; \ + } \ + } \ + while( 0 ) + +/* To report operational errors in this program, use an error code that is + * different from every PSA error code. */ +#define DEMO_ERROR 120 + +/* The maximum supported key ladder depth. */ +#define MAX_LADDER_DEPTH 10 + +/* Salt to use when deriving an intermediate key. */ +#define DERIVE_KEY_SALT ( (uint8_t *) "key_ladder_demo.derive" ) +#define DERIVE_KEY_SALT_LENGTH ( strlen( (const char*) DERIVE_KEY_SALT ) ) + +/* Salt to use when deriving a wrapping key. */ +#define WRAPPING_KEY_SALT ( (uint8_t *) "key_ladder_demo.wrap" ) +#define WRAPPING_KEY_SALT_LENGTH ( strlen( (const char*) WRAPPING_KEY_SALT ) ) + +/* Size of the key derivation keys (applies both to the master key and + * to intermediate keys). */ +#define KEY_SIZE_BYTES 40 + +/* Algorithm for key derivation. */ +#define KDF_ALG PSA_ALG_HKDF( PSA_ALG_SHA_256 ) + +/* Type and size of the key used to wrap data. */ +#define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES +#define WRAPPING_KEY_BITS 128 + +/* Cipher mode used to wrap data. */ +#define WRAPPING_ALG PSA_ALG_CCM + +/* Nonce size used to wrap data. */ +#define WRAPPING_IV_SIZE 13 + +/* Header used in files containing wrapped data. We'll save this header + * directly without worrying about data representation issues such as + * integer sizes and endianness, because the data is meant to be read + * back by the same program on the same machine. */ +#define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte +#define WRAPPED_DATA_MAGIC_LENGTH ( sizeof( WRAPPED_DATA_MAGIC ) ) +typedef struct +{ + char magic[WRAPPED_DATA_MAGIC_LENGTH]; + size_t ad_size; /* Size of the additional data, which is this header. */ + size_t payload_size; /* Size of the encrypted data. */ + /* Store the IV inside the additional data. It's convenient. */ + uint8_t iv[WRAPPING_IV_SIZE]; +} wrapped_data_header_t; + +/* The modes that this program can operate in (see usage). */ +enum program_mode +{ + MODE_GENERATE, + MODE_SAVE, + MODE_UNWRAP, + MODE_WRAP +}; + +/* Save a key to a file. In the real world, you may want to export a derived + * key sometimes, to share it with another party. */ +static psa_status_t save_key( psa_key_id_t key, + const char *output_file_name ) +{ + psa_status_t status = PSA_SUCCESS; + uint8_t key_data[KEY_SIZE_BYTES]; + size_t key_size; + FILE *key_file = NULL; + + PSA_CHECK( psa_export_key( key, + key_data, sizeof( key_data ), + &key_size ) ); + SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL ); + SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size ); + SYS_CHECK( fclose( key_file ) == 0 ); + key_file = NULL; + +exit: + if( key_file != NULL) + fclose( key_file ); + return( status ); +} + +/* Generate a master key for use in this demo. + * + * Normally a master key would be non-exportable. For the purpose of this + * demo, we want to save it to a file, to avoid relying on the keystore + * capability of the PSA crypto library. */ +static psa_status_t generate( const char *key_file_name ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_id_t key = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, KDF_ALG ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); + + PSA_CHECK( psa_generate_key( &attributes, &key ) ); + + PSA_CHECK( save_key( key, key_file_name ) ); + +exit: + (void) psa_destroy_key( key ); + return( status ); +} + +/* Load the master key from a file. + * + * In the real world, this master key would be stored in an internal memory + * and the storage would be managed by the keystore capability of the PSA + * crypto library. */ +static psa_status_t import_key_from_file( psa_key_usage_t usage, + psa_algorithm_t alg, + const char *key_file_name, + psa_key_id_t *master_key ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t key_data[KEY_SIZE_BYTES]; + size_t key_size; + FILE *key_file = NULL; + unsigned char extra_byte; + + SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL ); + SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ), + key_file ) ) != 0 ); + if( fread( &extra_byte, 1, 1, key_file ) != 0 ) + { + printf( "Key file too large (max: %u).\n", + (unsigned) sizeof( key_data ) ); + status = DEMO_ERROR; + goto exit; + } + SYS_CHECK( fclose( key_file ) == 0 ); + key_file = NULL; + + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + PSA_CHECK( psa_import_key( &attributes, key_data, key_size, master_key ) ); +exit: + if( key_file != NULL ) + fclose( key_file ); + mbedtls_platform_zeroize( key_data, sizeof( key_data ) ); + if( status != PSA_SUCCESS ) + { + /* If the key creation hasn't happened yet or has failed, + * *master_key is null. psa_destroy_key( 0 ) is + * guaranteed to do nothing and return PSA_SUCCESS. */ + (void) psa_destroy_key( *master_key ); + *master_key = 0; + } + return( status ); +} + +/* Derive the intermediate keys, using the list of labels provided on + * the command line. On input, *key is the master key identifier. + * This function destroys the master key. On successful output, *key + * is the identifier of the final derived key. + */ +static psa_status_t derive_key_ladder( const char *ladder[], + size_t ladder_depth, + psa_key_id_t *key ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + size_t i; + + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, KDF_ALG ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); + + /* For each label in turn, ... */ + for( i = 0; i < ladder_depth; i++ ) + { + /* Start deriving material from the master key (if i=0) or from + * the current intermediate key (if i>0). */ + PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH ) ); + PSA_CHECK( psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + *key ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + (uint8_t*) ladder[i], strlen( ladder[i] ) ) ); + /* When the parent key is not the master key, destroy it, + * since it is no longer needed. */ + PSA_CHECK( psa_destroy_key( *key ) ); + *key = 0; + /* Derive the next intermediate key from the parent key. */ + PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, + key ) ); + PSA_CHECK( psa_key_derivation_abort( &operation ) ); + } + +exit: + psa_key_derivation_abort( &operation ); + if( status != PSA_SUCCESS ) + { + psa_destroy_key( *key ); + *key = 0; + } + return( status ); +} + +/* Derive a wrapping key from the last intermediate key. */ +static psa_status_t derive_wrapping_key( psa_key_usage_t usage, + psa_key_id_t derived_key, + psa_key_id_t *wrapping_key ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + + *wrapping_key = 0; + + /* Set up a key derivation operation from the key derived from + * the master key. */ + PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH ) ); + PSA_CHECK( psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + derived_key ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0 ) ); + + /* Create the wrapping key. */ + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, WRAPPING_ALG ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); + PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, + wrapping_key ) ); + +exit: + psa_key_derivation_abort( &operation ); + return( status ); +} + +static psa_status_t wrap_data( const char *input_file_name, + const char *output_file_name, + psa_key_id_t wrapping_key ) +{ + psa_status_t status; + FILE *input_file = NULL; + FILE *output_file = NULL; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; + long input_position; + size_t input_size; + size_t buffer_size = 0; + unsigned char *buffer = NULL; + size_t ciphertext_size; + wrapped_data_header_t header; + + /* Find the size of the data to wrap. */ + SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); + SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 ); + SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 ); +#if LONG_MAX > SIZE_MAX + if( input_position > SIZE_MAX ) + { + printf( "Input file too large.\n" ); + status = DEMO_ERROR; + goto exit; + } +#endif + input_size = input_position; + PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes ) ); + key_type = psa_get_key_type( &attributes ); + buffer_size = + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, input_size ); + /* Check for integer overflow. */ + if( buffer_size < input_size ) + { + printf( "Input file too large.\n" ); + status = DEMO_ERROR; + goto exit; + } + + /* Load the data to wrap. */ + SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 ); + SYS_CHECK( ( buffer = calloc( 1, buffer_size ) ) != NULL ); + SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size ); + SYS_CHECK( fclose( input_file ) == 0 ); + input_file = NULL; + + /* Construct a header. */ + memcpy( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH ); + header.ad_size = sizeof( header ); + header.payload_size = input_size; + + /* Wrap the data. */ + PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) ); + PSA_CHECK( psa_aead_encrypt( wrapping_key, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof( header ), + buffer, input_size, + buffer, buffer_size, + &ciphertext_size ) ); + + /* Write the output. */ + SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); + SYS_CHECK( fwrite( &header, 1, sizeof( header ), + output_file ) == sizeof( header ) ); + SYS_CHECK( fwrite( buffer, 1, ciphertext_size, + output_file ) == ciphertext_size ); + SYS_CHECK( fclose( output_file ) == 0 ); + output_file = NULL; + +exit: + if( input_file != NULL ) + fclose( input_file ); + if( output_file != NULL ) + fclose( output_file ); + if( buffer != NULL ) + mbedtls_platform_zeroize( buffer, buffer_size ); + free( buffer ); + return( status ); +} + +static psa_status_t unwrap_data( const char *input_file_name, + const char *output_file_name, + psa_key_id_t wrapping_key ) +{ + psa_status_t status; + FILE *input_file = NULL; + FILE *output_file = NULL; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; + unsigned char *buffer = NULL; + size_t ciphertext_size = 0; + size_t plaintext_size; + wrapped_data_header_t header; + unsigned char extra_byte; + + /* Load and validate the header. */ + SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); + SYS_CHECK( fread( &header, 1, sizeof( header ), + input_file ) == sizeof( header ) ); + if( memcmp( &header.magic, WRAPPED_DATA_MAGIC, + WRAPPED_DATA_MAGIC_LENGTH ) != 0 ) + { + printf( "The input does not start with a valid magic header.\n" ); + status = DEMO_ERROR; + goto exit; + } + if( header.ad_size != sizeof( header ) ) + { + printf( "The header size is not correct.\n" ); + status = DEMO_ERROR; + goto exit; + } + PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes) ); + key_type = psa_get_key_type( &attributes); + ciphertext_size = + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, header.payload_size ); + /* Check for integer overflow. */ + if( ciphertext_size < header.payload_size ) + { + printf( "Input file too large.\n" ); + status = DEMO_ERROR; + goto exit; + } + + /* Load the payload data. */ + SYS_CHECK( ( buffer = calloc( 1, ciphertext_size ) ) != NULL ); + SYS_CHECK( fread( buffer, 1, ciphertext_size, + input_file ) == ciphertext_size ); + if( fread( &extra_byte, 1, 1, input_file ) != 0 ) + { + printf( "Extra garbage after ciphertext\n" ); + status = DEMO_ERROR; + goto exit; + } + SYS_CHECK( fclose( input_file ) == 0 ); + input_file = NULL; + + /* Unwrap the data. */ + PSA_CHECK( psa_aead_decrypt( wrapping_key, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof( header ), + buffer, ciphertext_size, + buffer, ciphertext_size, + &plaintext_size ) ); + if( plaintext_size != header.payload_size ) + { + printf( "Incorrect payload size in the header.\n" ); + status = DEMO_ERROR; + goto exit; + } + + /* Write the output. */ + SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); + SYS_CHECK( fwrite( buffer, 1, plaintext_size, + output_file ) == plaintext_size ); + SYS_CHECK( fclose( output_file ) == 0 ); + output_file = NULL; + +exit: + if( input_file != NULL ) + fclose( input_file ); + if( output_file != NULL ) + fclose( output_file ); + if( buffer != NULL ) + mbedtls_platform_zeroize( buffer, ciphertext_size ); + free( buffer ); + return( status ); +} + +static psa_status_t run( enum program_mode mode, + const char *key_file_name, + const char *ladder[], size_t ladder_depth, + const char *input_file_name, + const char *output_file_name ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_id_t derivation_key = 0; + psa_key_id_t wrapping_key = 0; + + /* Initialize the PSA crypto library. */ + PSA_CHECK( psa_crypto_init( ) ); + + /* Generate mode is unlike the others. Generate the master key and exit. */ + if( mode == MODE_GENERATE ) + return( generate( key_file_name ) ); + + /* Read the master key. */ + PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, + KDF_ALG, + key_file_name, + &derivation_key ) ); + + /* Calculate the derived key for this session. */ + PSA_CHECK( derive_key_ladder( ladder, ladder_depth, + &derivation_key ) ); + + switch( mode ) + { + case MODE_SAVE: + PSA_CHECK( save_key( derivation_key, output_file_name ) ); + break; + case MODE_UNWRAP: + PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT, + derivation_key, + &wrapping_key ) ); + PSA_CHECK( unwrap_data( input_file_name, output_file_name, + wrapping_key ) ); + break; + case MODE_WRAP: + PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT, + derivation_key, + &wrapping_key ) ); + PSA_CHECK( wrap_data( input_file_name, output_file_name, + wrapping_key ) ); + break; + default: + /* Unreachable but some compilers don't realize it. */ + break; + } + +exit: + /* Destroy any remaining key. Deinitializing the crypto library would do + * this anyway since they are volatile keys, but explicitly destroying + * keys makes the code easier to reuse. */ + (void) psa_destroy_key( derivation_key ); + (void) psa_destroy_key( wrapping_key ); + /* Deinitialize the PSA crypto library. */ + mbedtls_psa_crypto_free( ); + return( status ); +} + +static void usage( void ) +{ + printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" ); + printf( "Demonstrate the usage of a key derivation ladder.\n" ); + printf( "\n" ); + printf( "Modes:\n" ); + printf( " generate Generate the master key\n" ); + printf( " save Save the derived key\n" ); + printf( " unwrap Unwrap (decrypt) input with the derived key\n" ); + printf( " wrap Wrap (encrypt) input with the derived key\n" ); + printf( "\n" ); + printf( "Options:\n" ); + printf( " input=FILENAME Input file (required for wrap/unwrap)\n" ); + printf( " master=FILENAME File containing the master key (default: master.key)\n" ); + printf( " output=FILENAME Output file (required for save/wrap/unwrap)\n" ); + printf( " label=TEXT Label for the key derivation.\n" ); + printf( " This may be repeated multiple times.\n" ); + printf( " To get the same key, you must use the same master key\n" ); + printf( " and the same sequence of labels.\n" ); +} + +int main( int argc, char *argv[] ) +{ + const char *key_file_name = "master.key"; + const char *input_file_name = NULL; + const char *output_file_name = NULL; + const char *ladder[MAX_LADDER_DEPTH]; + size_t ladder_depth = 0; + int i; + enum program_mode mode; + psa_status_t status; + + if( argc <= 1 || + strcmp( argv[1], "help" ) == 0 || + strcmp( argv[1], "-help" ) == 0 || + strcmp( argv[1], "--help" ) == 0 ) + { + usage( ); + return( EXIT_SUCCESS ); + } + + for( i = 2; i < argc; i++ ) + { + char *q = strchr( argv[i], '=' ); + if( q == NULL ) + { + printf( "Missing argument to option %s\n", argv[i] ); + goto usage_failure; + } + *q = 0; + ++q; + if( strcmp( argv[i], "input" ) == 0 ) + input_file_name = q; + else if( strcmp( argv[i], "label" ) == 0 ) + { + if( ladder_depth == MAX_LADDER_DEPTH ) + { + printf( "Maximum ladder depth %u exceeded.\n", + (unsigned) MAX_LADDER_DEPTH ); + return( EXIT_FAILURE ); + } + ladder[ladder_depth] = q; + ++ladder_depth; + } + else if( strcmp( argv[i], "master" ) == 0 ) + key_file_name = q; + else if( strcmp( argv[i], "output" ) == 0 ) + output_file_name = q; + else + { + printf( "Unknown option: %s\n", argv[i] ); + goto usage_failure; + } + } + + if( strcmp( argv[1], "generate" ) == 0 ) + mode = MODE_GENERATE; + else if( strcmp( argv[1], "save" ) == 0 ) + mode = MODE_SAVE; + else if( strcmp( argv[1], "unwrap" ) == 0 ) + mode = MODE_UNWRAP; + else if( strcmp( argv[1], "wrap" ) == 0 ) + mode = MODE_WRAP; + else + { + printf( "Unknown action: %s\n", argv[1] ); + goto usage_failure; + } + + if( input_file_name == NULL && + ( mode == MODE_WRAP || mode == MODE_UNWRAP ) ) + { + printf( "Required argument missing: input\n" ); + return( DEMO_ERROR ); + } + if( output_file_name == NULL && + ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) ) + { + printf( "Required argument missing: output\n" ); + return( DEMO_ERROR ); + } + + status = run( mode, key_file_name, + ladder, ladder_depth, + input_file_name, output_file_name ); + return( status == PSA_SUCCESS ? + EXIT_SUCCESS : + EXIT_FAILURE ); + +usage_failure: + usage( ); + return( EXIT_FAILURE ); +} +#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */ diff --git a/lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.sh b/lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.sh new file mode 100755 index 0000000..67de085 --- /dev/null +++ b/lib/mbedtls-2.27.0/programs/psa/key_ladder_demo.sh @@ -0,0 +1,65 @@ +#!/bin/sh +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e -u + +program="${0%/*}"/key_ladder_demo +files_to_clean= + +run () { + echo + echo "# $1" + shift + echo "+ $*" + "$@" +} + +if [ -e master.key ]; then + echo "# Reusing the existing master.key file." +else + files_to_clean="$files_to_clean master.key" + run "Generate a master key." \ + "$program" generate master=master.key +fi + +files_to_clean="$files_to_clean input.txt hello_world.wrap" +echo "Here is some input. See it wrapped." >input.txt +run "Derive a key and wrap some data with it." \ + "$program" wrap master=master.key label=hello label=world \ + input=input.txt output=hello_world.wrap + +files_to_clean="$files_to_clean hello_world.txt" +run "Derive the same key again and unwrap the data." \ + "$program" unwrap master=master.key label=hello label=world \ + input=hello_world.wrap output=hello_world.txt +run "Compare the unwrapped data with the original input." \ + cmp input.txt hello_world.txt + +files_to_clean="$files_to_clean hellow_orld.txt" +! run "Derive a different key and attempt to unwrap the data. This must fail." \ + "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld + +files_to_clean="$files_to_clean hello.key" +run "Save the first step of the key ladder, then load it as a master key and construct the rest of the ladder." \ + "$program" save master=master.key label=hello \ + input=hello_world.wrap output=hello.key +run "Check that we get the same key by unwrapping data made by the other key." \ + "$program" unwrap master=hello.key label=world \ + input=hello_world.wrap output=hello_world.txt + +# Cleanup +rm -f $files_to_clean diff --git a/lib/mbedtls-2.27.0/programs/psa/psa_constant_names.c b/lib/mbedtls-2.27.0/programs/psa/psa_constant_names.c new file mode 100644 index 0000000..14d4494 --- /dev/null +++ b/lib/mbedtls-2.27.0/programs/psa/psa_constant_names.c @@ -0,0 +1,327 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <errno.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "psa/crypto.h" + +/* This block is present to support Visual Studio builds prior to 2015 */ +#if defined(_MSC_VER) && _MSC_VER < 1900 +#include <stdarg.h> +int snprintf( char *s, size_t n, const char *fmt, ... ) +{ + int ret; + va_list argp; + + /* Avoid calling the invalid parameter handler by checking ourselves */ + if( s == NULL || n == 0 || fmt == NULL ) + return( -1 ); + + va_start( argp, fmt ); +#if defined(_TRUNCATE) && !defined(__MINGW32__) + ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp ); +#else + ret = _vsnprintf( s, n, fmt, argp ); + if( ret < 0 || (size_t) ret == n ) + { + s[n-1] = '\0'; + ret = -1; + } +#endif + va_end( argp ); + + return( ret ); +} +#endif + +/* There are different GET_HASH macros for different kinds of algorithms + * built from hashes, but the values are all constructed on the + * same model. */ +#define PSA_ALG_GET_HASH(alg) \ + (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) + +static void append(char **buffer, size_t buffer_size, + size_t *required_size, + const char *string, size_t length) +{ + *required_size += length; + if (*required_size < buffer_size) { + memcpy(*buffer, string, length); + *buffer += length; + } +} + +static void append_integer(char **buffer, size_t buffer_size, + size_t *required_size, + const char *format /*printf format for value*/, + unsigned long value) +{ + size_t n = snprintf(*buffer, buffer_size - *required_size, format, value); + if (n < buffer_size - *required_size) *buffer += n; + *required_size += n; +} + +/* The code of these function is automatically generated and included below. */ +static const char *psa_ecc_family_name(psa_ecc_family_t curve); +static const char *psa_dh_family_name(psa_dh_family_t group); +static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg); + +static void append_with_curve(char **buffer, size_t buffer_size, + size_t *required_size, + const char *string, size_t length, + psa_ecc_family_t curve) +{ + const char *family_name = psa_ecc_family_name(curve); + append(buffer, buffer_size, required_size, string, length); + append(buffer, buffer_size, required_size, "(", 1); + if (family_name != NULL) { + append(buffer, buffer_size, required_size, + family_name, strlen(family_name)); + } else { + append_integer(buffer, buffer_size, required_size, + "0x%02x", curve); + } + append(buffer, buffer_size, required_size, ")", 1); +} + +static void append_with_group(char **buffer, size_t buffer_size, + size_t *required_size, + const char *string, size_t length, + psa_dh_family_t group) +{ + const char *group_name = psa_dh_family_name(group); + append(buffer, buffer_size, required_size, string, length); + append(buffer, buffer_size, required_size, "(", 1); + if (group_name != NULL) { + append(buffer, buffer_size, required_size, + group_name, strlen(group_name)); + } else { + append_integer(buffer, buffer_size, required_size, + "0x%02x", group); + } + append(buffer, buffer_size, required_size, ")", 1); +} + +typedef const char *(*psa_get_algorithm_name_func_ptr)(psa_algorithm_t alg); + +static void append_with_alg(char **buffer, size_t buffer_size, + size_t *required_size, + psa_get_algorithm_name_func_ptr get_name, + psa_algorithm_t alg) +{ + const char *name = get_name(alg); + if (name != NULL) { + append(buffer, buffer_size, required_size, + name, strlen(name)); + } else { + append_integer(buffer, buffer_size, required_size, + "0x%08lx", alg); + } +} + +#include "psa_constant_names_generated.c" + +static int psa_snprint_status(char *buffer, size_t buffer_size, + psa_status_t status) +{ + const char *name = psa_strerror(status); + if (name == NULL) { + return snprintf(buffer, buffer_size, "%ld", (long) status); + } else { + size_t length = strlen(name); + if (length < buffer_size) { + memcpy(buffer, name, length + 1); + return (int) length; + } else { + return (int) buffer_size; + } + } +} + +static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size, + psa_ecc_family_t curve) +{ + const char *name = psa_ecc_family_name(curve); + if (name == NULL) { + return snprintf(buffer, buffer_size, "0x%02x", (unsigned) curve); + } else { + size_t length = strlen(name); + if (length < buffer_size) { + memcpy(buffer, name, length + 1); + return (int) length; + } else { + return (int) buffer_size; + } + } +} + +static int psa_snprint_dh_group(char *buffer, size_t buffer_size, + psa_dh_family_t group) +{ + const char *name = psa_dh_family_name(group); + if (name == NULL) { + return snprintf(buffer, buffer_size, "0x%02x", (unsigned) group); + } else { + size_t length = strlen(name); + if (length < buffer_size) { + memcpy(buffer, name, length + 1); + return (int) length; + } else { + return (int) buffer_size; + } + } +} + +static void usage(const char *program_name) +{ + printf("Usage: %s TYPE VALUE [VALUE...]\n", + program_name == NULL ? "psa_constant_names" : program_name); + printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n"); + printf("Supported types (with = between aliases):\n"); + printf(" alg=algorithm Algorithm (psa_algorithm_t)\n"); + printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_family_t)\n"); + printf(" group=dh_group Diffie-Hellman group identifier (psa_dh_family_t)\n"); + printf(" type=key_type Key type (psa_key_type_t)\n"); + printf(" usage=key_usage Key usage (psa_key_usage_t)\n"); + printf(" error=status Status code (psa_status_t)\n"); +} + +typedef enum { + TYPE_STATUS, +} signed_value_type; + +int process_signed(signed_value_type type, long min, long max, char **argp) +{ + for (; *argp != NULL; argp++) { + char buffer[200]; + char *end; + long value = strtol(*argp, &end, 0); + if (*end) { + printf("Non-numeric value: %s\n", *argp); + return EXIT_FAILURE; + } + if (value < min || (errno == ERANGE && value < 0)) { + printf("Value too small: %s\n", *argp); + return EXIT_FAILURE; + } + if (value > max || (errno == ERANGE && value > 0)) { + printf("Value too large: %s\n", *argp); + return EXIT_FAILURE; + } + + switch (type) { + case TYPE_STATUS: + psa_snprint_status(buffer, sizeof(buffer), + (psa_status_t) value); + break; + } + puts(buffer); + } + + return EXIT_SUCCESS; +} + +typedef enum { + TYPE_ALGORITHM, + TYPE_ECC_CURVE, + TYPE_DH_GROUP, + TYPE_KEY_TYPE, + TYPE_KEY_USAGE, +} unsigned_value_type; + +int process_unsigned(unsigned_value_type type, unsigned long max, char **argp) +{ + for (; *argp != NULL; argp++) { + char buffer[200]; + char *end; + unsigned long value = strtoul(*argp, &end, 0); + if (*end) { + printf("Non-numeric value: %s\n", *argp); + return EXIT_FAILURE; + } + if (value > max || errno == ERANGE) { + printf("Value out of range: %s\n", *argp); + return EXIT_FAILURE; + } + + switch (type) { + case TYPE_ALGORITHM: + psa_snprint_algorithm(buffer, sizeof(buffer), + (psa_algorithm_t) value); + break; + case TYPE_ECC_CURVE: + psa_snprint_ecc_curve(buffer, sizeof(buffer), + (psa_ecc_family_t) value); + break; + case TYPE_DH_GROUP: + psa_snprint_dh_group(buffer, sizeof(buffer), + (psa_dh_family_t) value); + break; + case TYPE_KEY_TYPE: + psa_snprint_key_type(buffer, sizeof(buffer), + (psa_key_type_t) value); + break; + case TYPE_KEY_USAGE: + psa_snprint_key_usage(buffer, sizeof(buffer), + (psa_key_usage_t) value); + break; + } + puts(buffer); + } + + return EXIT_SUCCESS; +} + +int main(int argc, char *argv[]) +{ + if (argc <= 1 || + !strcmp(argv[1], "help") || + !strcmp(argv[1], "--help")) + { + usage(argv[0]); + return EXIT_FAILURE; + } + + if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) { + /* There's no way to obtain the actual range of a signed type, + * so hard-code it here: psa_status_t is int32_t. */ + return process_signed(TYPE_STATUS, INT32_MIN, INT32_MAX, + argv + 2); + } else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) { + return process_unsigned(TYPE_ALGORITHM, (psa_algorithm_t) (-1), + argv + 2); + } else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) { + return process_unsigned(TYPE_ECC_CURVE, (psa_ecc_family_t) (-1), + argv + 2); + } else if (!strcmp(argv[1], "group") || !strcmp(argv[1], "dh_group")) { + return process_unsigned(TYPE_DH_GROUP, (psa_dh_family_t) (-1), + argv + 2); + } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) { + return process_unsigned(TYPE_KEY_TYPE, (psa_key_type_t) (-1), + argv + 2); + } else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) { + return process_unsigned(TYPE_KEY_USAGE, (psa_key_usage_t) (-1), + argv + 2); + } else { + printf("Unknown type: %s\n", argv[1]); + return EXIT_FAILURE; + } +} diff --git a/lib/mbedtls-2.27.0/programs/psa/psa_constant_names_generated.c b/lib/mbedtls-2.27.0/programs/psa/psa_constant_names_generated.c new file mode 100644 index 0000000..bebb97c --- /dev/null +++ b/lib/mbedtls-2.27.0/programs/psa/psa_constant_names_generated.c @@ -0,0 +1,430 @@ +/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */ + +static const char *psa_strerror(psa_status_t status) +{ + switch (status) { + case PSA_ERROR_ALREADY_EXISTS: return "PSA_ERROR_ALREADY_EXISTS"; + case PSA_ERROR_BAD_STATE: return "PSA_ERROR_BAD_STATE"; + case PSA_ERROR_BUFFER_TOO_SMALL: return "PSA_ERROR_BUFFER_TOO_SMALL"; + case PSA_ERROR_COMMUNICATION_FAILURE: return "PSA_ERROR_COMMUNICATION_FAILURE"; + case PSA_ERROR_CORRUPTION_DETECTED: return "PSA_ERROR_CORRUPTION_DETECTED"; + case PSA_ERROR_DATA_CORRUPT: return "PSA_ERROR_DATA_CORRUPT"; + case PSA_ERROR_DATA_INVALID: return "PSA_ERROR_DATA_INVALID"; + case PSA_ERROR_DOES_NOT_EXIST: return "PSA_ERROR_DOES_NOT_EXIST"; + case PSA_ERROR_GENERIC_ERROR: return "PSA_ERROR_GENERIC_ERROR"; + case PSA_ERROR_HARDWARE_FAILURE: return "PSA_ERROR_HARDWARE_FAILURE"; + case PSA_ERROR_INSUFFICIENT_DATA: return "PSA_ERROR_INSUFFICIENT_DATA"; + case PSA_ERROR_INSUFFICIENT_ENTROPY: return "PSA_ERROR_INSUFFICIENT_ENTROPY"; + case PSA_ERROR_INSUFFICIENT_MEMORY: return "PSA_ERROR_INSUFFICIENT_MEMORY"; + case PSA_ERROR_INSUFFICIENT_STORAGE: return "PSA_ERROR_INSUFFICIENT_STORAGE"; + case PSA_ERROR_INVALID_ARGUMENT: return "PSA_ERROR_INVALID_ARGUMENT"; + case PSA_ERROR_INVALID_HANDLE: return "PSA_ERROR_INVALID_HANDLE"; + case PSA_ERROR_INVALID_PADDING: return "PSA_ERROR_INVALID_PADDING"; + case PSA_ERROR_INVALID_SIGNATURE: return "PSA_ERROR_INVALID_SIGNATURE"; + case PSA_ERROR_NOT_PERMITTED: return "PSA_ERROR_NOT_PERMITTED"; + case PSA_ERROR_NOT_SUPPORTED: return "PSA_ERROR_NOT_SUPPORTED"; + case PSA_ERROR_STORAGE_FAILURE: return "PSA_ERROR_STORAGE_FAILURE"; + case PSA_SUCCESS: return "PSA_SUCCESS"; + default: return NULL; + } +} + +static const char *psa_ecc_family_name(psa_ecc_family_t curve) +{ + switch (curve) { + case PSA_ECC_FAMILY_BRAINPOOL_P_R1: return "PSA_ECC_FAMILY_BRAINPOOL_P_R1"; + case PSA_ECC_FAMILY_MONTGOMERY: return "PSA_ECC_FAMILY_MONTGOMERY"; + case PSA_ECC_FAMILY_SECP_K1: return "PSA_ECC_FAMILY_SECP_K1"; + case PSA_ECC_FAMILY_SECP_R1: return "PSA_ECC_FAMILY_SECP_R1"; + case PSA_ECC_FAMILY_SECP_R2: return "PSA_ECC_FAMILY_SECP_R2"; + case PSA_ECC_FAMILY_SECT_K1: return "PSA_ECC_FAMILY_SECT_K1"; + case PSA_ECC_FAMILY_SECT_R1: return "PSA_ECC_FAMILY_SECT_R1"; + case PSA_ECC_FAMILY_SECT_R2: return "PSA_ECC_FAMILY_SECT_R2"; + case PSA_ECC_FAMILY_TWISTED_EDWARDS: return "PSA_ECC_FAMILY_TWISTED_EDWARDS"; + default: return NULL; + } +} + +static const char *psa_dh_family_name(psa_dh_family_t group) +{ + switch (group) { + case PSA_DH_FAMILY_CUSTOM: return "PSA_DH_FAMILY_CUSTOM"; + case PSA_DH_FAMILY_RFC7919: return "PSA_DH_FAMILY_RFC7919"; + default: return NULL; + } +} + +static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg) +{ + switch (hash_alg) { + case PSA_ALG_ANY_HASH: return "PSA_ALG_ANY_HASH"; + case PSA_ALG_CATEGORY_HASH: return "PSA_ALG_CATEGORY_HASH"; + case PSA_ALG_MD2: return "PSA_ALG_MD2"; + case PSA_ALG_MD4: return "PSA_ALG_MD4"; + case PSA_ALG_MD5: return "PSA_ALG_MD5"; + case PSA_ALG_RIPEMD160: return "PSA_ALG_RIPEMD160"; + case PSA_ALG_SHA3_224: return "PSA_ALG_SHA3_224"; + case PSA_ALG_SHA3_256: return "PSA_ALG_SHA3_256"; + case PSA_ALG_SHA3_384: return "PSA_ALG_SHA3_384"; + case PSA_ALG_SHA3_512: return "PSA_ALG_SHA3_512"; + case PSA_ALG_SHAKE256_512: return "PSA_ALG_SHAKE256_512"; + case PSA_ALG_SHA_1: return "PSA_ALG_SHA_1"; + case PSA_ALG_SHA_224: return "PSA_ALG_SHA_224"; + case PSA_ALG_SHA_256: return "PSA_ALG_SHA_256"; + case PSA_ALG_SHA_384: return "PSA_ALG_SHA_384"; + case PSA_ALG_SHA_512: return "PSA_ALG_SHA_512"; + case PSA_ALG_SHA_512_224: return "PSA_ALG_SHA_512_224"; + case PSA_ALG_SHA_512_256: return "PSA_ALG_SHA_512_256"; + default: return NULL; + } +} + +static const char *psa_ka_algorithm_name(psa_algorithm_t ka_alg) +{ + switch (ka_alg) { + case PSA_ALG_CATEGORY_KEY_AGREEMENT: return "PSA_ALG_CATEGORY_KEY_AGREEMENT"; + case PSA_ALG_ECDH: return "PSA_ALG_ECDH"; + case PSA_ALG_FFDH: return "PSA_ALG_FFDH"; + default: return NULL; + } +} + +static int psa_snprint_key_type(char *buffer, size_t buffer_size, + psa_key_type_t type) +{ + size_t required_size = 0; + switch (type) { + case PSA_KEY_TYPE_AES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_AES", 16); break; + case PSA_KEY_TYPE_ARC4: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ARC4", 17); break; + case PSA_KEY_TYPE_CAMELLIA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CAMELLIA", 21); break; + case PSA_KEY_TYPE_CATEGORY_FLAG_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_FLAG_PAIR", 31); break; + case PSA_KEY_TYPE_CATEGORY_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_KEY_PAIR", 30); break; + case PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY", 32); break; + case PSA_KEY_TYPE_CATEGORY_RAW: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_RAW", 25); break; + case PSA_KEY_TYPE_CATEGORY_SYMMETRIC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_SYMMETRIC", 31); break; + case PSA_KEY_TYPE_CHACHA20: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CHACHA20", 21); break; + case PSA_KEY_TYPE_DERIVE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DERIVE", 19); break; + case PSA_KEY_TYPE_DES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DES", 16); break; + case PSA_KEY_TYPE_DH_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_KEY_PAIR_BASE", 29); break; + case PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE", 31); break; + case PSA_KEY_TYPE_DSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_KEY_PAIR", 25); break; + case PSA_KEY_TYPE_DSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_PUBLIC_KEY", 27); break; + case PSA_KEY_TYPE_ECC_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_KEY_PAIR_BASE", 30); break; + case PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE", 32); break; + case PSA_KEY_TYPE_HMAC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_HMAC", 17); break; + case PSA_KEY_TYPE_NONE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_NONE", 17); break; + case PSA_KEY_TYPE_RAW_DATA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RAW_DATA", 21); break; + case PSA_KEY_TYPE_RSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_KEY_PAIR", 25); break; + case PSA_KEY_TYPE_RSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_PUBLIC_KEY", 27); break; + default: + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { + append_with_curve(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_ECC_KEY_PAIR", 25, + PSA_KEY_TYPE_ECC_GET_FAMILY(type)); + } else if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { + append_with_curve(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_ECC_PUBLIC_KEY", 27, + PSA_KEY_TYPE_ECC_GET_FAMILY(type)); + } else if (PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)) { + append_with_group(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_DH_KEY_PAIR", 24, + PSA_KEY_TYPE_DH_GET_FAMILY(type)); + } else if (PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type)) { + append_with_group(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_DH_PUBLIC_KEY", 26, + PSA_KEY_TYPE_DH_GET_FAMILY(type)); + } else { + return snprintf(buffer, buffer_size, + "0x%04x", (unsigned) type); + } + break; + } + buffer[0] = 0; + return (int) required_size; +} + +#define NO_LENGTH_MODIFIER 0xfffffffflu +static int psa_snprint_algorithm(char *buffer, size_t buffer_size, + psa_algorithm_t alg) +{ + size_t required_size = 0; + psa_algorithm_t core_alg = alg; + unsigned long length_modifier = NO_LENGTH_MODIFIER; + if (PSA_ALG_IS_MAC(alg)) { + core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0); + if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33); + length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); + } else if (core_alg != alg) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_TRUNCATED_MAC(", 22); + length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); + } + } else if (PSA_ALG_IS_AEAD(alg)) { + core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg); + if (core_alg == 0) { + /* For unknown AEAD algorithms, there is no "default tag length". */ + core_alg = alg; + } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); + } else if (core_alg != alg) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); + } + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && + !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + core_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); + append(&buffer, buffer_size, &required_size, + "PSA_ALG_KEY_AGREEMENT(", 22); + append_with_alg(&buffer, buffer_size, &required_size, + psa_ka_algorithm_name, + PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)); + append(&buffer, buffer_size, &required_size, ", ", 2); + } + switch (core_alg) { + case PSA_ALG_ANY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ANY_HASH", 16); break; + case PSA_ALG_CATEGORY_AEAD: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_AEAD", 21); break; + case PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION", 38); break; + case PSA_ALG_CATEGORY_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_CIPHER", 23); break; + case PSA_ALG_CATEGORY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_HASH", 21); break; + case PSA_ALG_CATEGORY_KEY_AGREEMENT: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_AGREEMENT", 30); break; + case PSA_ALG_CATEGORY_KEY_DERIVATION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_DERIVATION", 31); break; + case PSA_ALG_CATEGORY_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_MAC", 20); break; + case PSA_ALG_CATEGORY_SIGN: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_SIGN", 21); break; + case PSA_ALG_CBC_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_MAC", 15); break; + case PSA_ALG_CBC_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_NO_PADDING", 22); break; + case PSA_ALG_CBC_PKCS7: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_PKCS7", 17); break; + case PSA_ALG_CCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_CCM", 11); break; + case PSA_ALG_CFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_CFB", 11); break; + case PSA_ALG_CHACHA20_POLY1305: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20_POLY1305", 25); break; + case PSA_ALG_CIPHER_MAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CIPHER_MAC_BASE", 23); break; + case PSA_ALG_CMAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CMAC", 12); break; + case PSA_ALG_CTR: append(&buffer, buffer_size, &required_size, "PSA_ALG_CTR", 11); break; + case PSA_ALG_DETERMINISTIC_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_DSA_BASE", 30); break; + case PSA_ALG_DETERMINISTIC_ECDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_ECDSA_BASE", 32); break; + case PSA_ALG_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DSA_BASE", 16); break; + case PSA_ALG_ECB_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECB_NO_PADDING", 22); break; + case PSA_ALG_ECDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDH", 12); break; + case PSA_ALG_ECDSA_ANY: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDSA_ANY", 17); break; + case PSA_ALG_ED25519PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED25519PH", 17); break; + case PSA_ALG_ED448PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED448PH", 15); break; + case PSA_ALG_FFDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_FFDH", 12); break; + case PSA_ALG_GCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_GCM", 11); break; + case PSA_ALG_HASH_EDDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HASH_EDDSA_BASE", 23); break; + case PSA_ALG_HKDF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HKDF_BASE", 17); break; + case PSA_ALG_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HMAC_BASE", 17); break; + case PSA_ALG_MD2: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD2", 11); break; + case PSA_ALG_MD4: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD4", 11); break; + case PSA_ALG_MD5: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD5", 11); break; + case PSA_ALG_OFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_OFB", 11); break; + case PSA_ALG_PURE_EDDSA: append(&buffer, buffer_size, &required_size, "PSA_ALG_PURE_EDDSA", 18); break; + case PSA_ALG_RIPEMD160: append(&buffer, buffer_size, &required_size, "PSA_ALG_RIPEMD160", 17); break; + case PSA_ALG_RSA_OAEP_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_OAEP_BASE", 21); break; + case PSA_ALG_RSA_PKCS1V15_CRYPT: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_CRYPT", 26); break; + case PSA_ALG_RSA_PKCS1V15_SIGN_RAW: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_SIGN_RAW", 29); break; + case PSA_ALG_RSA_PSS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PSS_BASE", 20); break; + case PSA_ALG_SHA3_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_224", 16); break; + case PSA_ALG_SHA3_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_256", 16); break; + case PSA_ALG_SHA3_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_384", 16); break; + case PSA_ALG_SHA3_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_512", 16); break; + case PSA_ALG_SHAKE256_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHAKE256_512", 20); break; + case PSA_ALG_SHA_1: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_1", 13); break; + case PSA_ALG_SHA_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_224", 15); break; + case PSA_ALG_SHA_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_256", 15); break; + case PSA_ALG_SHA_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_384", 15); break; + case PSA_ALG_SHA_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512", 15); break; + case PSA_ALG_SHA_512_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_224", 19); break; + case PSA_ALG_SHA_512_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_256", 19); break; + case PSA_ALG_STREAM_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_STREAM_CIPHER", 21); break; + case PSA_ALG_TLS12_PRF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PRF_BASE", 22); break; + case PSA_ALG_TLS12_PSK_TO_MS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PSK_TO_MS_BASE", 28); break; + case PSA_ALG_XTS: append(&buffer, buffer_size, &required_size, "PSA_ALG_XTS", 11); break; + default: + if (PSA_ALG_IS_DETERMINISTIC_DSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_DETERMINISTIC_DSA(", 25 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_DETERMINISTIC_ECDSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_DETERMINISTIC_ECDSA(", 27 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RANDOMIZED_DSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_DSA(", 11 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RANDOMIZED_ECDSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_ECDSA(", 13 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_HKDF(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_HKDF(", 12 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_HMAC(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_HMAC(", 12 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RSA_OAEP(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_RSA_OAEP(", 16 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_RSA_PKCS1V15_SIGN(", 25 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RSA_PSS(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_RSA_PSS(", 15 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_TLS12_PRF(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_TLS12_PRF(", 17 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_TLS12_PSK_TO_MS(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_TLS12_PSK_TO_MS(", 23 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else { + append_integer(&buffer, buffer_size, &required_size, + "0x%08lx", (unsigned long) core_alg); + } + break; + } + if (core_alg != alg) { + if (length_modifier != NO_LENGTH_MODIFIER) { + append(&buffer, buffer_size, &required_size, ", ", 2); + append_integer(&buffer, buffer_size, &required_size, + "%lu", length_modifier); + } + append(&buffer, buffer_size, &required_size, ")", 1); + } + buffer[0] = 0; + return (int) required_size; +} + +static int psa_snprint_key_usage(char *buffer, size_t buffer_size, + psa_key_usage_t usage) +{ + size_t required_size = 0; + if (usage == 0) { + if (buffer_size > 1) { + buffer[0] = '0'; + buffer[1] = 0; + } else if (buffer_size == 1) { + buffer[0] = 0; + } + return 1; + } + if (usage & PSA_KEY_USAGE_COPY) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_COPY", 18); + usage ^= PSA_KEY_USAGE_COPY; + } + if (usage & PSA_KEY_USAGE_DECRYPT) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DECRYPT", 21); + usage ^= PSA_KEY_USAGE_DECRYPT; + } + if (usage & PSA_KEY_USAGE_DERIVE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DERIVE", 20); + usage ^= PSA_KEY_USAGE_DERIVE; + } + if (usage & PSA_KEY_USAGE_ENCRYPT) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_ENCRYPT", 21); + usage ^= PSA_KEY_USAGE_ENCRYPT; + } + if (usage & PSA_KEY_USAGE_EXPORT) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_EXPORT", 20); + usage ^= PSA_KEY_USAGE_EXPORT; + } + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_HASH", 23); + usage ^= PSA_KEY_USAGE_SIGN_HASH; + } + if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_MESSAGE", 26); + usage ^= PSA_KEY_USAGE_SIGN_MESSAGE; + } + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_HASH", 25); + usage ^= PSA_KEY_USAGE_VERIFY_HASH; + } + if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_MESSAGE", 28); + usage ^= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + if (usage != 0) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append_integer(&buffer, buffer_size, &required_size, + "0x%08lx", (unsigned long) usage); + } else { + buffer[0] = 0; + } + return (int) required_size; +} + +/* End of automatically generated file. */ |