132b31808SJens Wiklander /** 232b31808SJens Wiklander * \file pkwrite.h 332b31808SJens Wiklander * 432b31808SJens Wiklander * \brief Internal defines shared by the PK write module 532b31808SJens Wiklander */ 632b31808SJens Wiklander /* 732b31808SJens Wiklander * Copyright The Mbed TLS Contributors 8*b0563631STom Van Eyck * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 932b31808SJens Wiklander */ 1032b31808SJens Wiklander 1132b31808SJens Wiklander #ifndef MBEDTLS_PK_WRITE_H 1232b31808SJens Wiklander #define MBEDTLS_PK_WRITE_H 1332b31808SJens Wiklander 1432b31808SJens Wiklander #include "mbedtls/build_info.h" 1532b31808SJens Wiklander 1632b31808SJens Wiklander #include "mbedtls/pk.h" 1732b31808SJens Wiklander 18*b0563631STom Van Eyck #if defined(MBEDTLS_USE_PSA_CRYPTO) 19*b0563631STom Van Eyck #include "psa/crypto.h" 20*b0563631STom Van Eyck #endif /* MBEDTLS_USE_PSA_CRYPTO */ 21*b0563631STom Van Eyck 2232b31808SJens Wiklander /* 2332b31808SJens Wiklander * Max sizes of key per types. Shown as tag + len (+ content). 2432b31808SJens Wiklander */ 2532b31808SJens Wiklander 2632b31808SJens Wiklander #if defined(MBEDTLS_RSA_C) 2732b31808SJens Wiklander /* 2832b31808SJens Wiklander * RSA public keys: 2932b31808SJens Wiklander * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 3 3032b31808SJens Wiklander * algorithm AlgorithmIdentifier, 1 + 1 (sequence) 3132b31808SJens Wiklander * + 1 + 1 + 9 (rsa oid) 3232b31808SJens Wiklander * + 1 + 1 (params null) 3332b31808SJens Wiklander * subjectPublicKey BIT STRING } 1 + 3 + (1 + below) 3432b31808SJens Wiklander * RSAPublicKey ::= SEQUENCE { 1 + 3 3532b31808SJens Wiklander * modulus INTEGER, -- n 1 + 3 + MPI_MAX + 1 3632b31808SJens Wiklander * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1 3732b31808SJens Wiklander * } 3832b31808SJens Wiklander */ 3932b31808SJens Wiklander #define MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES (38 + 2 * MBEDTLS_MPI_MAX_SIZE) 4032b31808SJens Wiklander 4132b31808SJens Wiklander /* 4232b31808SJens Wiklander * RSA private keys: 4332b31808SJens Wiklander * RSAPrivateKey ::= SEQUENCE { 1 + 3 4432b31808SJens Wiklander * version Version, 1 + 1 + 1 4532b31808SJens Wiklander * modulus INTEGER, 1 + 3 + MPI_MAX + 1 4632b31808SJens Wiklander * publicExponent INTEGER, 1 + 3 + MPI_MAX + 1 4732b31808SJens Wiklander * privateExponent INTEGER, 1 + 3 + MPI_MAX + 1 4832b31808SJens Wiklander * prime1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1 4932b31808SJens Wiklander * prime2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1 5032b31808SJens Wiklander * exponent1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1 5132b31808SJens Wiklander * exponent2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1 5232b31808SJens Wiklander * coefficient INTEGER, 1 + 3 + MPI_MAX / 2 + 1 5332b31808SJens Wiklander * otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported) 5432b31808SJens Wiklander * } 5532b31808SJens Wiklander */ 5632b31808SJens Wiklander #define MBEDTLS_MPI_MAX_SIZE_2 (MBEDTLS_MPI_MAX_SIZE / 2 + \ 5732b31808SJens Wiklander MBEDTLS_MPI_MAX_SIZE % 2) 5832b31808SJens Wiklander #define MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES (47 + 3 * MBEDTLS_MPI_MAX_SIZE \ 5932b31808SJens Wiklander + 5 * MBEDTLS_MPI_MAX_SIZE_2) 6032b31808SJens Wiklander 6132b31808SJens Wiklander #else /* MBEDTLS_RSA_C */ 6232b31808SJens Wiklander 6332b31808SJens Wiklander #define MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES 0 6432b31808SJens Wiklander #define MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES 0 6532b31808SJens Wiklander 6632b31808SJens Wiklander #endif /* MBEDTLS_RSA_C */ 6732b31808SJens Wiklander 68*b0563631STom Van Eyck #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) 69*b0563631STom Van Eyck 70*b0563631STom Van Eyck /* Find the maximum number of bytes necessary to store an EC point. When USE_PSA 71*b0563631STom Van Eyck * is defined this means looking for the maximum between PSA and built-in 72*b0563631STom Van Eyck * supported curves. */ 73*b0563631STom Van Eyck #if defined(MBEDTLS_USE_PSA_CRYPTO) 74*b0563631STom Van Eyck #define MBEDTLS_PK_MAX_ECC_BYTES (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ 75*b0563631STom Van Eyck MBEDTLS_ECP_MAX_BYTES ? \ 76*b0563631STom Van Eyck PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) : \ 77*b0563631STom Van Eyck MBEDTLS_ECP_MAX_BYTES) 78*b0563631STom Van Eyck #else /* MBEDTLS_USE_PSA_CRYPTO */ 79*b0563631STom Van Eyck #define MBEDTLS_PK_MAX_ECC_BYTES MBEDTLS_ECP_MAX_BYTES 80*b0563631STom Van Eyck #endif /* MBEDTLS_USE_PSA_CRYPTO */ 81*b0563631STom Van Eyck 8232b31808SJens Wiklander /* 8332b31808SJens Wiklander * EC public keys: 8432b31808SJens Wiklander * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2 8532b31808SJens Wiklander * algorithm AlgorithmIdentifier, 1 + 1 (sequence) 8632b31808SJens Wiklander * + 1 + 1 + 7 (ec oid) 8732b31808SJens Wiklander * + 1 + 1 + 9 (namedCurve oid) 8832b31808SJens Wiklander * subjectPublicKey BIT STRING 1 + 2 + 1 [1] 8932b31808SJens Wiklander * + 1 (point format) [1] 9032b31808SJens Wiklander * + 2 * ECP_MAX (coords) [1] 9132b31808SJens Wiklander * } 9232b31808SJens Wiklander */ 93*b0563631STom Van Eyck #define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_PK_MAX_ECC_BYTES) 9432b31808SJens Wiklander 9532b31808SJens Wiklander /* 9632b31808SJens Wiklander * EC private keys: 9732b31808SJens Wiklander * ECPrivateKey ::= SEQUENCE { 1 + 2 9832b31808SJens Wiklander * version INTEGER , 1 + 1 + 1 9932b31808SJens Wiklander * privateKey OCTET STRING, 1 + 1 + ECP_MAX 10032b31808SJens Wiklander * parameters [0] ECParameters OPTIONAL, 1 + 1 + (1 + 1 + 9) 10132b31808SJens Wiklander * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above 10232b31808SJens Wiklander * } 10332b31808SJens Wiklander */ 104*b0563631STom Van Eyck #define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_PK_MAX_ECC_BYTES) 10532b31808SJens Wiklander 106*b0563631STom Van Eyck #else /* MBEDTLS_PK_HAVE_ECC_KEYS */ 10732b31808SJens Wiklander 10832b31808SJens Wiklander #define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES 0 10932b31808SJens Wiklander #define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES 0 11032b31808SJens Wiklander 111*b0563631STom Van Eyck #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ 112*b0563631STom Van Eyck 113*b0563631STom Van Eyck /* Define the maximum available public key DER length based on the supported 114*b0563631STom Van Eyck * key types (EC and/or RSA). */ 115*b0563631STom Van Eyck #if (MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES > MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES) 116*b0563631STom Van Eyck #define MBEDTLS_PK_WRITE_PUBKEY_MAX_SIZE MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES 117*b0563631STom Van Eyck #else 118*b0563631STom Van Eyck #define MBEDTLS_PK_WRITE_PUBKEY_MAX_SIZE MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES 119*b0563631STom Van Eyck #endif 12032b31808SJens Wiklander 12132b31808SJens Wiklander #endif /* MBEDTLS_PK_WRITE_H */ 122