1 /**
2 * \file psa_util.h
3 *
4 * \brief Utility functions for the use of the PSA Crypto library.
5 *
6 * \warning This function is not part of the public API and may
7 * change at any time.
8 */
9 /*
10 * Copyright The Mbed TLS Contributors
11 * SPDX-License-Identifier: Apache-2.0
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 */
25
26 #ifndef MBEDTLS_PSA_UTIL_H
27 #define MBEDTLS_PSA_UTIL_H
28 #include "mbedtls/private_access.h"
29
30 #include "mbedtls/build_info.h"
31
32 #if defined(MBEDTLS_USE_PSA_CRYPTO)
33
34 #include "psa/crypto.h"
35
36 #include "mbedtls/ecp.h"
37 #include "mbedtls/md.h"
38 #include "mbedtls/pk.h"
39 #include "mbedtls/oid.h"
40 #include "mbedtls/error.h"
41
42 #include <string.h>
43
44 /* Translations for symmetric crypto. */
45
mbedtls_psa_translate_cipher_type(mbedtls_cipher_type_t cipher)46 static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
47 mbedtls_cipher_type_t cipher )
48 {
49 switch( cipher )
50 {
51 case MBEDTLS_CIPHER_AES_128_CCM:
52 case MBEDTLS_CIPHER_AES_192_CCM:
53 case MBEDTLS_CIPHER_AES_256_CCM:
54 case MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG:
55 case MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:
56 case MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:
57 case MBEDTLS_CIPHER_AES_128_GCM:
58 case MBEDTLS_CIPHER_AES_192_GCM:
59 case MBEDTLS_CIPHER_AES_256_GCM:
60 case MBEDTLS_CIPHER_AES_128_CBC:
61 case MBEDTLS_CIPHER_AES_192_CBC:
62 case MBEDTLS_CIPHER_AES_256_CBC:
63 case MBEDTLS_CIPHER_AES_128_ECB:
64 case MBEDTLS_CIPHER_AES_192_ECB:
65 case MBEDTLS_CIPHER_AES_256_ECB:
66 return( PSA_KEY_TYPE_AES );
67
68 /* ARIA not yet supported in PSA. */
69 /* case MBEDTLS_CIPHER_ARIA_128_CCM:
70 case MBEDTLS_CIPHER_ARIA_192_CCM:
71 case MBEDTLS_CIPHER_ARIA_256_CCM:
72 case MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG:
73 case MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG:
74 case MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG:
75 case MBEDTLS_CIPHER_ARIA_128_GCM:
76 case MBEDTLS_CIPHER_ARIA_192_GCM:
77 case MBEDTLS_CIPHER_ARIA_256_GCM:
78 case MBEDTLS_CIPHER_ARIA_128_CBC:
79 case MBEDTLS_CIPHER_ARIA_192_CBC:
80 case MBEDTLS_CIPHER_ARIA_256_CBC:
81 return( PSA_KEY_TYPE_ARIA ); */
82
83 default:
84 return( 0 );
85 }
86 }
87
mbedtls_psa_translate_cipher_mode(mbedtls_cipher_mode_t mode,size_t taglen)88 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
89 mbedtls_cipher_mode_t mode, size_t taglen )
90 {
91 switch( mode )
92 {
93 case MBEDTLS_MODE_ECB:
94 return( PSA_ALG_ECB_NO_PADDING );
95 case MBEDTLS_MODE_GCM:
96 return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) );
97 case MBEDTLS_MODE_CCM:
98 return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) );
99 case MBEDTLS_MODE_CCM_STAR_NO_TAG:
100 return PSA_ALG_CCM_STAR_NO_TAG;
101 case MBEDTLS_MODE_CBC:
102 if( taglen == 0 )
103 return( PSA_ALG_CBC_NO_PADDING );
104 else
105 return( 0 );
106 default:
107 return( 0 );
108 }
109 }
110
mbedtls_psa_translate_cipher_operation(mbedtls_operation_t op)111 static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
112 mbedtls_operation_t op )
113 {
114 switch( op )
115 {
116 case MBEDTLS_ENCRYPT:
117 return( PSA_KEY_USAGE_ENCRYPT );
118 case MBEDTLS_DECRYPT:
119 return( PSA_KEY_USAGE_DECRYPT );
120 default:
121 return( 0 );
122 }
123 }
124
125 /* Translations for hashing. */
126
mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)127 static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
128 {
129 switch( md_alg )
130 {
131 #if defined(MBEDTLS_MD5_C)
132 case MBEDTLS_MD_MD5:
133 return( PSA_ALG_MD5 );
134 #endif
135 #if defined(MBEDTLS_SHA1_C)
136 case MBEDTLS_MD_SHA1:
137 return( PSA_ALG_SHA_1 );
138 #endif
139 #if defined(MBEDTLS_SHA224_C)
140 case MBEDTLS_MD_SHA224:
141 return( PSA_ALG_SHA_224 );
142 #endif
143 #if defined(MBEDTLS_SHA256_C)
144 case MBEDTLS_MD_SHA256:
145 return( PSA_ALG_SHA_256 );
146 #endif
147 #if defined(MBEDTLS_SHA384_C)
148 case MBEDTLS_MD_SHA384:
149 return( PSA_ALG_SHA_384 );
150 #endif
151 #if defined(MBEDTLS_SHA512_C)
152 case MBEDTLS_MD_SHA512:
153 return( PSA_ALG_SHA_512 );
154 #endif
155 #if defined(MBEDTLS_RIPEMD160_C)
156 case MBEDTLS_MD_RIPEMD160:
157 return( PSA_ALG_RIPEMD160 );
158 #endif
159 case MBEDTLS_MD_NONE:
160 return( 0 );
161 default:
162 return( 0 );
163 }
164 }
165
166 /* Translations for ECC. */
167
mbedtls_psa_get_ecc_oid_from_id(psa_ecc_family_t curve,size_t bits,char const ** oid,size_t * oid_len)168 static inline int mbedtls_psa_get_ecc_oid_from_id(
169 psa_ecc_family_t curve, size_t bits,
170 char const **oid, size_t *oid_len )
171 {
172 switch( curve )
173 {
174 case PSA_ECC_FAMILY_SECP_R1:
175 switch( bits )
176 {
177 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
178 case 192:
179 *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
180 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 );
181 return( 0 );
182 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
183 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
184 case 224:
185 *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
186 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 );
187 return( 0 );
188 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
189 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
190 case 256:
191 *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
192 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 );
193 return( 0 );
194 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
195 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
196 case 384:
197 *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
198 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 );
199 return( 0 );
200 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
201 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
202 case 521:
203 *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
204 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 );
205 return( 0 );
206 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
207 }
208 break;
209 case PSA_ECC_FAMILY_SECP_K1:
210 switch( bits )
211 {
212 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
213 case 192:
214 *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
215 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 );
216 return( 0 );
217 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
218 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
219 case 224:
220 *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
221 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 );
222 return( 0 );
223 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
224 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
225 case 256:
226 *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
227 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 );
228 return( 0 );
229 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
230 }
231 break;
232 case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
233 switch( bits )
234 {
235 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
236 case 256:
237 *oid = MBEDTLS_OID_EC_GRP_BP256R1;
238 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 );
239 return( 0 );
240 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
241 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
242 case 384:
243 *oid = MBEDTLS_OID_EC_GRP_BP384R1;
244 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 );
245 return( 0 );
246 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
247 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
248 case 512:
249 *oid = MBEDTLS_OID_EC_GRP_BP512R1;
250 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 );
251 return( 0 );
252 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
253 }
254 break;
255 }
256 (void) oid;
257 (void) oid_len;
258 return( -1 );
259 }
260
261 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
262
263 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
264 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
265 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
266 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
267 #endif
268 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
269
270 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
271 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
272 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
273 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
274 #endif
275 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
276
277 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
278 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
279 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
280 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
281 #endif
282 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
283
284 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
285 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
286 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
287 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
288 #endif
289 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
290
291 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
292 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
293 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
294 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
295 #endif
296 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
297
298 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
299 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
300 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
301 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
302 #endif
303 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
304
305 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
306 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
307 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
308 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
309 #endif
310 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
311
312 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
313 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
314 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
315 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
316 #endif
317 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
318
319 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
320 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
321 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
322 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
323 #endif
324 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
325
326 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
327 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
328 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
329 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
330 #endif
331 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
332
333 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
334 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
335 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
336 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
337 #endif
338 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
339
340
341 /* Translations for PK layer */
342
mbedtls_psa_err_translate_pk(psa_status_t status)343 static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
344 {
345 switch( status )
346 {
347 case PSA_SUCCESS:
348 return( 0 );
349 case PSA_ERROR_NOT_SUPPORTED:
350 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
351 case PSA_ERROR_INSUFFICIENT_MEMORY:
352 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
353 case PSA_ERROR_INSUFFICIENT_ENTROPY:
354 return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
355 case PSA_ERROR_BAD_STATE:
356 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
357 /* All other failures */
358 case PSA_ERROR_COMMUNICATION_FAILURE:
359 case PSA_ERROR_HARDWARE_FAILURE:
360 case PSA_ERROR_CORRUPTION_DETECTED:
361 return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
362 default: /* We return the same as for the 'other failures',
363 * but list them separately nonetheless to indicate
364 * which failure conditions we have considered. */
365 return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
366 }
367 }
368
369 /* Translations for ECC */
370
371 /* This function transforms an ECC group identifier from
372 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
373 * into a PSA ECC group identifier. */
374 #if defined(MBEDTLS_ECP_C)
mbedtls_psa_parse_tls_ecc_group(uint16_t tls_ecc_grp_reg_id,size_t * bits)375 static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
376 uint16_t tls_ecc_grp_reg_id, size_t *bits )
377 {
378 const mbedtls_ecp_curve_info *curve_info =
379 mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );
380 if( curve_info == NULL )
381 return( 0 );
382 return( PSA_KEY_TYPE_ECC_KEY_PAIR(
383 mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) );
384 }
385 #endif /* MBEDTLS_ECP_C */
386
387 /* This function takes a buffer holding an EC public key
388 * exported through psa_export_public_key(), and converts
389 * it into an ECPoint structure to be put into a ClientKeyExchange
390 * message in an ECDHE exchange.
391 *
392 * Both the present and the foreseeable future format of EC public keys
393 * used by PSA have the ECPoint structure contained in the exported key
394 * as a subbuffer, and the function merely selects this subbuffer instead
395 * of making a copy.
396 */
mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char * src,size_t srclen,unsigned char ** dst,size_t * dstlen)397 static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src,
398 size_t srclen,
399 unsigned char **dst,
400 size_t *dstlen )
401 {
402 *dst = src;
403 *dstlen = srclen;
404 return( 0 );
405 }
406
407 /* This function takes a buffer holding an ECPoint structure
408 * (as contained in a TLS ServerKeyExchange message for ECDHE
409 * exchanges) and converts it into a format that the PSA key
410 * agreement API understands.
411 */
mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const * src,size_t srclen,unsigned char * dst,size_t dstlen,size_t * olen)412 static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src,
413 size_t srclen,
414 unsigned char *dst,
415 size_t dstlen,
416 size_t *olen )
417 {
418 if( srclen > dstlen )
419 return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
420
421 memcpy( dst, src, srclen );
422 *olen = srclen;
423 return( 0 );
424 }
425
426 #endif /* MBEDTLS_USE_PSA_CRYPTO */
427
428 /* Expose whatever RNG the PSA subsystem uses to applications using the
429 * mbedtls_xxx API. The declarations and definitions here need to be
430 * consistent with the implementation in library/psa_crypto_random_impl.h.
431 * See that file for implementation documentation. */
432 #if defined(MBEDTLS_PSA_CRYPTO_C)
433
434 /* The type of a `f_rng` random generator function that many library functions
435 * take.
436 *
437 * This type name is not part of the Mbed TLS stable API. It may be renamed
438 * or moved without warning.
439 */
440 typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size );
441
442 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
443
444 /** The random generator function for the PSA subsystem.
445 *
446 * This function is suitable as the `f_rng` random generator function
447 * parameter of many `mbedtls_xxx` functions. Use #MBEDTLS_PSA_RANDOM_STATE
448 * to obtain the \p p_rng parameter.
449 *
450 * The implementation of this function depends on the configuration of the
451 * library.
452 *
453 * \note Depending on the configuration, this may be a function or
454 * a pointer to a function.
455 *
456 * \note This function may only be used if the PSA crypto subsystem is active.
457 * This means that you must call psa_crypto_init() before any call to
458 * this function, and you must not call this function after calling
459 * mbedtls_psa_crypto_free().
460 *
461 * \param p_rng The random generator context. This must be
462 * #MBEDTLS_PSA_RANDOM_STATE. No other state is
463 * supported.
464 * \param output The buffer to fill. It must have room for
465 * \c output_size bytes.
466 * \param output_size The number of bytes to write to \p output.
467 * This function may fail if \p output_size is too
468 * large. It is guaranteed to accept any output size
469 * requested by Mbed TLS library functions. The
470 * maximum request size depends on the library
471 * configuration.
472 *
473 * \return \c 0 on success.
474 * \return An `MBEDTLS_ERR_ENTROPY_xxx`,
475 * `MBEDTLS_ERR_PLATFORM_xxx,
476 * `MBEDTLS_ERR_CTR_DRBG_xxx` or
477 * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
478 */
479 int mbedtls_psa_get_random( void *p_rng,
480 unsigned char *output,
481 size_t output_size );
482
483 /** The random generator state for the PSA subsystem.
484 *
485 * This macro expands to an expression which is suitable as the `p_rng`
486 * random generator state parameter of many `mbedtls_xxx` functions.
487 * It must be used in combination with the random generator function
488 * mbedtls_psa_get_random().
489 *
490 * The implementation of this macro depends on the configuration of the
491 * library. Do not make any assumption on its nature.
492 */
493 #define MBEDTLS_PSA_RANDOM_STATE NULL
494
495 #else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
496
497 #if defined(MBEDTLS_CTR_DRBG_C)
498 #include "mbedtls/ctr_drbg.h"
499 typedef mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t;
500 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_ctr_drbg_random;
501 #elif defined(MBEDTLS_HMAC_DRBG_C)
502 #include "mbedtls/hmac_drbg.h"
503 typedef mbedtls_hmac_drbg_context mbedtls_psa_drbg_context_t;
504 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
505 #endif
506 extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
507
508 #define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
509
510 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
511
512 #endif /* MBEDTLS_PSA_CRYPTO_C */
513
514 #endif /* MBEDTLS_PSA_UTIL_H */
515