1 /**
2 * \file psa_util.h
3 *
4 * \brief Utility functions for the use of the PSA Crypto library.
5 *
6 * \warning This function is not part of the public API and may
7 * change at any time.
8 */
9 /*
10 * Copyright The Mbed TLS Contributors
11 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
12 */
13
14 #ifndef MBEDTLS_PSA_UTIL_H
15 #define MBEDTLS_PSA_UTIL_H
16
17 #if !defined(MBEDTLS_CONFIG_FILE)
18 #include "mbedtls/config.h"
19 #else
20 #include MBEDTLS_CONFIG_FILE
21 #endif
22
23 #if defined(MBEDTLS_USE_PSA_CRYPTO)
24
25 #include "psa/crypto.h"
26
27 #include "mbedtls/ecp.h"
28 #include "mbedtls/md.h"
29 #include "mbedtls/pk.h"
30 #include "mbedtls/oid.h"
31
32 #include <string.h>
33
34 /* Translations for symmetric crypto. */
35
mbedtls_psa_translate_cipher_type(mbedtls_cipher_type_t cipher)36 static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
37 mbedtls_cipher_type_t cipher)
38 {
39 switch (cipher) {
40 case MBEDTLS_CIPHER_AES_128_CCM:
41 case MBEDTLS_CIPHER_AES_192_CCM:
42 case MBEDTLS_CIPHER_AES_256_CCM:
43 case MBEDTLS_CIPHER_AES_128_GCM:
44 case MBEDTLS_CIPHER_AES_192_GCM:
45 case MBEDTLS_CIPHER_AES_256_GCM:
46 case MBEDTLS_CIPHER_AES_128_CBC:
47 case MBEDTLS_CIPHER_AES_192_CBC:
48 case MBEDTLS_CIPHER_AES_256_CBC:
49 case MBEDTLS_CIPHER_AES_128_ECB:
50 case MBEDTLS_CIPHER_AES_192_ECB:
51 case MBEDTLS_CIPHER_AES_256_ECB:
52 return PSA_KEY_TYPE_AES;
53
54 /* ARIA not yet supported in PSA. */
55 /* case MBEDTLS_CIPHER_ARIA_128_CCM:
56 case MBEDTLS_CIPHER_ARIA_192_CCM:
57 case MBEDTLS_CIPHER_ARIA_256_CCM:
58 case MBEDTLS_CIPHER_ARIA_128_GCM:
59 case MBEDTLS_CIPHER_ARIA_192_GCM:
60 case MBEDTLS_CIPHER_ARIA_256_GCM:
61 case MBEDTLS_CIPHER_ARIA_128_CBC:
62 case MBEDTLS_CIPHER_ARIA_192_CBC:
63 case MBEDTLS_CIPHER_ARIA_256_CBC:
64 return( PSA_KEY_TYPE_ARIA ); */
65
66 default:
67 return 0;
68 }
69 }
70
mbedtls_psa_translate_cipher_mode(mbedtls_cipher_mode_t mode,size_t taglen)71 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
72 mbedtls_cipher_mode_t mode, size_t taglen)
73 {
74 switch (mode) {
75 case MBEDTLS_MODE_ECB:
76 return PSA_ALG_ECB_NO_PADDING;
77 case MBEDTLS_MODE_GCM:
78 return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen);
79 case MBEDTLS_MODE_CCM:
80 return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen);
81 case MBEDTLS_MODE_CBC:
82 if (taglen == 0) {
83 return PSA_ALG_CBC_NO_PADDING;
84 } else {
85 return 0;
86 }
87 default:
88 return 0;
89 }
90 }
91
mbedtls_psa_translate_cipher_operation(mbedtls_operation_t op)92 static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
93 mbedtls_operation_t op)
94 {
95 switch (op) {
96 case MBEDTLS_ENCRYPT:
97 return PSA_KEY_USAGE_ENCRYPT;
98 case MBEDTLS_DECRYPT:
99 return PSA_KEY_USAGE_DECRYPT;
100 default:
101 return 0;
102 }
103 }
104
105 /* Translations for hashing. */
106
mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)107 static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
108 {
109 switch (md_alg) {
110 #if defined(MBEDTLS_MD2_C)
111 case MBEDTLS_MD_MD2:
112 return PSA_ALG_MD2;
113 #endif
114 #if defined(MBEDTLS_MD4_C)
115 case MBEDTLS_MD_MD4:
116 return PSA_ALG_MD4;
117 #endif
118 #if defined(MBEDTLS_MD5_C)
119 case MBEDTLS_MD_MD5:
120 return PSA_ALG_MD5;
121 #endif
122 #if defined(MBEDTLS_SHA1_C)
123 case MBEDTLS_MD_SHA1:
124 return PSA_ALG_SHA_1;
125 #endif
126 #if defined(MBEDTLS_SHA256_C)
127 case MBEDTLS_MD_SHA224:
128 return PSA_ALG_SHA_224;
129 case MBEDTLS_MD_SHA256:
130 return PSA_ALG_SHA_256;
131 #endif
132 #if defined(MBEDTLS_SHA512_C)
133 case MBEDTLS_MD_SHA384:
134 return PSA_ALG_SHA_384;
135 case MBEDTLS_MD_SHA512:
136 return PSA_ALG_SHA_512;
137 #endif
138 #if defined(MBEDTLS_RIPEMD160_C)
139 case MBEDTLS_MD_RIPEMD160:
140 return PSA_ALG_RIPEMD160;
141 #endif
142 case MBEDTLS_MD_NONE:
143 return 0;
144 default:
145 return 0;
146 }
147 }
148
149 /* Translations for ECC. */
150
mbedtls_psa_get_ecc_oid_from_id(psa_ecc_family_t curve,size_t bits,char const ** oid,size_t * oid_len)151 static inline int mbedtls_psa_get_ecc_oid_from_id(
152 psa_ecc_family_t curve, size_t bits,
153 char const **oid, size_t *oid_len)
154 {
155 switch (curve) {
156 case PSA_ECC_FAMILY_SECP_R1:
157 switch (bits) {
158 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
159 case 192:
160 *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
161 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1);
162 return 0;
163 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
164 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
165 case 224:
166 *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
167 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1);
168 return 0;
169 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
170 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
171 case 256:
172 *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
173 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1);
174 return 0;
175 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
176 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
177 case 384:
178 *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
179 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1);
180 return 0;
181 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
182 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
183 case 521:
184 *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
185 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1);
186 return 0;
187 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
188 }
189 break;
190 case PSA_ECC_FAMILY_SECP_K1:
191 switch (bits) {
192 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
193 case 192:
194 *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
195 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1);
196 return 0;
197 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
198 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
199 case 224:
200 *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
201 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1);
202 return 0;
203 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
204 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
205 case 256:
206 *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
207 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1);
208 return 0;
209 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
210 }
211 break;
212 case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
213 switch (bits) {
214 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
215 case 256:
216 *oid = MBEDTLS_OID_EC_GRP_BP256R1;
217 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1);
218 return 0;
219 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
220 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
221 case 384:
222 *oid = MBEDTLS_OID_EC_GRP_BP384R1;
223 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1);
224 return 0;
225 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
226 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
227 case 512:
228 *oid = MBEDTLS_OID_EC_GRP_BP512R1;
229 *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1);
230 return 0;
231 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
232 }
233 break;
234 }
235 (void) oid;
236 (void) oid_len;
237 return -1;
238 }
239
240 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
241
242 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
243 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
244 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
245 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
246 #endif
247 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
248
249 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
250 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
251 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
252 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
253 #endif
254 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
255
256 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
257 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
258 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
259 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
260 #endif
261 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
262
263 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
264 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
265 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
266 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
267 #endif
268 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
269
270 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
271 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((521 + 7) / 8) + 1)
272 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
273 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((521 + 7) / 8) + 1)
274 #endif
275 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
276
277 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
278 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
279 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
280 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
281 #endif
282 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
283
284 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
285 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
286 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
287 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
288 #endif
289 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
290
291 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
292 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
293 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
294 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
295 #endif
296 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
297
298 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
299 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
300 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
301 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
302 #endif
303 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
304
305 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
306 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
307 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
308 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
309 #endif
310 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
311
312 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
313 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((512 + 7) / 8) + 1)
314 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
315 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((512 + 7) / 8) + 1)
316 #endif
317 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
318
319
320 /* Translations for PK layer */
321
mbedtls_psa_err_translate_pk(psa_status_t status)322 static inline int mbedtls_psa_err_translate_pk(psa_status_t status)
323 {
324 switch (status) {
325 case PSA_SUCCESS:
326 return 0;
327 case PSA_ERROR_NOT_SUPPORTED:
328 return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
329 case PSA_ERROR_INSUFFICIENT_MEMORY:
330 return MBEDTLS_ERR_PK_ALLOC_FAILED;
331 case PSA_ERROR_INSUFFICIENT_ENTROPY:
332 return MBEDTLS_ERR_ECP_RANDOM_FAILED;
333 case PSA_ERROR_BAD_STATE:
334 return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
335 /* All other failures */
336 case PSA_ERROR_COMMUNICATION_FAILURE:
337 case PSA_ERROR_HARDWARE_FAILURE:
338 case PSA_ERROR_CORRUPTION_DETECTED:
339 return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
340 default: /* We return the same as for the 'other failures',
341 * but list them separately nonetheless to indicate
342 * which failure conditions we have considered. */
343 return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
344 }
345 }
346
347 /* Translations for ECC */
348
349 /* This function transforms an ECC group identifier from
350 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
351 * into a PSA ECC group identifier. */
352 #if defined(MBEDTLS_ECP_C)
mbedtls_psa_parse_tls_ecc_group(uint16_t tls_ecc_grp_reg_id,size_t * bits)353 static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
354 uint16_t tls_ecc_grp_reg_id, size_t *bits)
355 {
356 const mbedtls_ecp_curve_info *curve_info =
357 mbedtls_ecp_curve_info_from_tls_id(tls_ecc_grp_reg_id);
358 if (curve_info == NULL) {
359 return 0;
360 }
361 return PSA_KEY_TYPE_ECC_KEY_PAIR(
362 mbedtls_ecc_group_to_psa(curve_info->grp_id, bits));
363 }
364 #endif /* MBEDTLS_ECP_C */
365
366 /* This function takes a buffer holding an EC public key
367 * exported through psa_export_public_key(), and converts
368 * it into an ECPoint structure to be put into a ClientKeyExchange
369 * message in an ECDHE exchange.
370 *
371 * Both the present and the foreseeable future format of EC public keys
372 * used by PSA have the ECPoint structure contained in the exported key
373 * as a subbuffer, and the function merely selects this subbuffer instead
374 * of making a copy.
375 */
mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char * src,size_t srclen,unsigned char ** dst,size_t * dstlen)376 static inline int mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char *src,
377 size_t srclen,
378 unsigned char **dst,
379 size_t *dstlen)
380 {
381 *dst = src;
382 *dstlen = srclen;
383 return 0;
384 }
385
386 /* This function takes a buffer holding an ECPoint structure
387 * (as contained in a TLS ServerKeyExchange message for ECDHE
388 * exchanges) and converts it into a format that the PSA key
389 * agreement API understands.
390 */
mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const * src,size_t srclen,unsigned char * dst,size_t dstlen,size_t * olen)391 static inline int mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const *src,
392 size_t srclen,
393 unsigned char *dst,
394 size_t dstlen,
395 size_t *olen)
396 {
397 if (srclen > dstlen) {
398 return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
399 }
400
401 memcpy(dst, src, srclen);
402 *olen = srclen;
403 return 0;
404 }
405
406 #endif /* MBEDTLS_USE_PSA_CRYPTO */
407
408 /* Expose whatever RNG the PSA subsystem uses to applications using the
409 * mbedtls_xxx API. The declarations and definitions here need to be
410 * consistent with the implementation in library/psa_crypto_random_impl.h.
411 * See that file for implementation documentation. */
412 #if defined(MBEDTLS_PSA_CRYPTO_C)
413
414 /* The type of a `f_rng` random generator function that many library functions
415 * take.
416 *
417 * This type name is not part of the Mbed TLS stable API. It may be renamed
418 * or moved without warning.
419 */
420 typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size);
421
422 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
423
424 /** The random generator function for the PSA subsystem.
425 *
426 * This function is suitable as the `f_rng` random generator function
427 * parameter of many `mbedtls_xxx` functions. Use #MBEDTLS_PSA_RANDOM_STATE
428 * to obtain the \p p_rng parameter.
429 *
430 * The implementation of this function depends on the configuration of the
431 * library.
432 *
433 * \note Depending on the configuration, this may be a function or
434 * a pointer to a function.
435 *
436 * \note This function may only be used if the PSA crypto subsystem is active.
437 * This means that you must call psa_crypto_init() before any call to
438 * this function, and you must not call this function after calling
439 * mbedtls_psa_crypto_free().
440 *
441 * \param p_rng The random generator context. This must be
442 * #MBEDTLS_PSA_RANDOM_STATE. No other state is
443 * supported.
444 * \param output The buffer to fill. It must have room for
445 * \c output_size bytes.
446 * \param output_size The number of bytes to write to \p output.
447 * This function may fail if \p output_size is too
448 * large. It is guaranteed to accept any output size
449 * requested by Mbed TLS library functions. The
450 * maximum request size depends on the library
451 * configuration.
452 *
453 * \return \c 0 on success.
454 * \return An `MBEDTLS_ERR_ENTROPY_xxx`,
455 * `MBEDTLS_ERR_PLATFORM_xxx,
456 * `MBEDTLS_ERR_CTR_DRBG_xxx` or
457 * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
458 */
459 int mbedtls_psa_get_random(void *p_rng,
460 unsigned char *output,
461 size_t output_size);
462
463 /** The random generator state for the PSA subsystem.
464 *
465 * This macro expands to an expression which is suitable as the `p_rng`
466 * random generator state parameter of many `mbedtls_xxx` functions.
467 * It must be used in combination with the random generator function
468 * mbedtls_psa_get_random().
469 *
470 * The implementation of this macro depends on the configuration of the
471 * library. Do not make any assumption on its nature.
472 */
473 #define MBEDTLS_PSA_RANDOM_STATE NULL
474
475 #else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
476
477 #if defined(MBEDTLS_CTR_DRBG_C)
478 #include "mbedtls/ctr_drbg.h"
479 typedef mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t;
480 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_ctr_drbg_random;
481 #elif defined(MBEDTLS_HMAC_DRBG_C)
482 #include "mbedtls/hmac_drbg.h"
483 typedef mbedtls_hmac_drbg_context mbedtls_psa_drbg_context_t;
484 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
485 #endif
486 extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
487
488 #define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
489
490 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
491
492 #endif /* MBEDTLS_PSA_CRYPTO_C */
493
494 #endif /* MBEDTLS_PSA_UTIL_H */
495