1*b0563631STom Van Eyck /* 2*b0563631STom Van Eyck * PSA FFDH layer on top of Mbed TLS crypto 3*b0563631STom Van Eyck */ 4*b0563631STom Van Eyck /* 5*b0563631STom Van Eyck * Copyright The Mbed TLS Contributors 6*b0563631STom Van Eyck * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7*b0563631STom Van Eyck */ 8*b0563631STom Van Eyck 9*b0563631STom Van Eyck #ifndef PSA_CRYPTO_FFDH_H 10*b0563631STom Van Eyck #define PSA_CRYPTO_FFDH_H 11*b0563631STom Van Eyck 12*b0563631STom Van Eyck #include <psa/crypto.h> 13*b0563631STom Van Eyck 14*b0563631STom Van Eyck /** Perform a key agreement and return the FFDH shared secret. 15*b0563631STom Van Eyck * 16*b0563631STom Van Eyck * \param[in] attributes The attributes of the key to use for the 17*b0563631STom Van Eyck * operation. 18*b0563631STom Van Eyck * \param[in] peer_key The buffer containing the key context 19*b0563631STom Van Eyck * of the peer's public key. 20*b0563631STom Van Eyck * \param[in] peer_key_length Size of the \p peer_key buffer in 21*b0563631STom Van Eyck * bytes. 22*b0563631STom Van Eyck * \param[in] key_buffer The buffer containing the private key 23*b0563631STom Van Eyck * context. 24*b0563631STom Van Eyck * \param[in] key_buffer_size Size of the \p key_buffer buffer in 25*b0563631STom Van Eyck * bytes. 26*b0563631STom Van Eyck * \param[out] shared_secret The buffer to which the shared secret 27*b0563631STom Van Eyck * is to be written. 28*b0563631STom Van Eyck * \param[in] shared_secret_size Size of the \p shared_secret buffer in 29*b0563631STom Van Eyck * bytes. 30*b0563631STom Van Eyck * \param[out] shared_secret_length On success, the number of bytes that make 31*b0563631STom Van Eyck * up the returned shared secret. 32*b0563631STom Van Eyck * \retval #PSA_SUCCESS 33*b0563631STom Van Eyck * Success. Shared secret successfully calculated. 34*b0563631STom Van Eyck * \retval #PSA_ERROR_INVALID_ARGUMENT 35*b0563631STom Van Eyck * \p key_buffer_size, \p peer_key_length, \p shared_secret_size 36*b0563631STom Van Eyck * do not match 37*b0563631STom Van Eyck * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription 38*b0563631STom Van Eyck * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription 39*b0563631STom Van Eyck */ 40*b0563631STom Van Eyck psa_status_t mbedtls_psa_ffdh_key_agreement( 41*b0563631STom Van Eyck const psa_key_attributes_t *attributes, 42*b0563631STom Van Eyck const uint8_t *peer_key, 43*b0563631STom Van Eyck size_t peer_key_length, 44*b0563631STom Van Eyck const uint8_t *key_buffer, 45*b0563631STom Van Eyck size_t key_buffer_size, 46*b0563631STom Van Eyck uint8_t *shared_secret, 47*b0563631STom Van Eyck size_t shared_secret_size, 48*b0563631STom Van Eyck size_t *shared_secret_length); 49*b0563631STom Van Eyck 50*b0563631STom Van Eyck /** Export a public key or the public part of a DH key pair in binary format. 51*b0563631STom Van Eyck * 52*b0563631STom Van Eyck * \param[in] attributes The attributes for the key to export. 53*b0563631STom Van Eyck * \param[in] key_buffer Material or context of the key to export. 54*b0563631STom Van Eyck * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. 55*b0563631STom Van Eyck * \param[out] data Buffer where the key data is to be written. 56*b0563631STom Van Eyck * \param[in] data_size Size of the \p data buffer in bytes. 57*b0563631STom Van Eyck * \param[out] data_length On success, the number of bytes written in 58*b0563631STom Van Eyck * \p data 59*b0563631STom Van Eyck * 60*b0563631STom Van Eyck * \retval #PSA_SUCCESS The public key was exported successfully. 61*b0563631STom Van Eyck * \retval #PSA_ERROR_BUFFER_TOO_SMALL 62*b0563631STom Van Eyck * The size of \p key_buffer is too small. 63*b0563631STom Van Eyck * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription 64*b0563631STom Van Eyck * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription 65*b0563631STom Van Eyck * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription 66*b0563631STom Van Eyck */ 67*b0563631STom Van Eyck psa_status_t mbedtls_psa_ffdh_export_public_key( 68*b0563631STom Van Eyck const psa_key_attributes_t *attributes, 69*b0563631STom Van Eyck const uint8_t *key_buffer, 70*b0563631STom Van Eyck size_t key_buffer_size, 71*b0563631STom Van Eyck uint8_t *data, 72*b0563631STom Van Eyck size_t data_size, 73*b0563631STom Van Eyck size_t *data_length); 74*b0563631STom Van Eyck 75*b0563631STom Van Eyck /** 76*b0563631STom Van Eyck * \brief Generate DH key. 77*b0563631STom Van Eyck * 78*b0563631STom Van Eyck * \note The signature of the function is that of a PSA driver generate_key 79*b0563631STom Van Eyck * entry point. 80*b0563631STom Van Eyck * 81*b0563631STom Van Eyck * \param[in] attributes The attributes for the key to generate. 82*b0563631STom Van Eyck * \param[out] key_buffer Buffer where the key data is to be written. 83*b0563631STom Van Eyck * \param[in] key_buffer_size Size of \p key_buffer in bytes. 84*b0563631STom Van Eyck * \param[out] key_buffer_length On success, the number of bytes written in 85*b0563631STom Van Eyck * \p key_buffer. 86*b0563631STom Van Eyck * 87*b0563631STom Van Eyck * \retval #PSA_SUCCESS 88*b0563631STom Van Eyck * The key was generated successfully. 89*b0563631STom Van Eyck * \retval #PSA_ERROR_NOT_SUPPORTED 90*b0563631STom Van Eyck * Key size in bits is invalid. 91*b0563631STom Van Eyck * \retval #PSA_ERROR_BUFFER_TOO_SMALL 92*b0563631STom Van Eyck * The size of \p key_buffer is too small. 93*b0563631STom Van Eyck * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription 94*b0563631STom Van Eyck * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription 95*b0563631STom Van Eyck */ 96*b0563631STom Van Eyck psa_status_t mbedtls_psa_ffdh_generate_key( 97*b0563631STom Van Eyck const psa_key_attributes_t *attributes, 98*b0563631STom Van Eyck uint8_t *key_buffer, 99*b0563631STom Van Eyck size_t key_buffer_size, 100*b0563631STom Van Eyck size_t *key_buffer_length); 101*b0563631STom Van Eyck 102*b0563631STom Van Eyck /** 103*b0563631STom Van Eyck * \brief Import DH key. 104*b0563631STom Van Eyck * 105*b0563631STom Van Eyck * \note The signature of the function is that of a PSA driver import_key 106*b0563631STom Van Eyck * entry point. 107*b0563631STom Van Eyck * 108*b0563631STom Van Eyck * \param[in] attributes The attributes for the key to import. 109*b0563631STom Van Eyck * \param[in] data The buffer containing the key data in import 110*b0563631STom Van Eyck * format. 111*b0563631STom Van Eyck * \param[in] data_length Size of the \p data buffer in bytes. 112*b0563631STom Van Eyck * \param[out] key_buffer The buffer containing the key data in output 113*b0563631STom Van Eyck * format. 114*b0563631STom Van Eyck * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. This 115*b0563631STom Van Eyck * size is greater or equal to \p data_length. 116*b0563631STom Van Eyck * \param[out] key_buffer_length The length of the data written in \p 117*b0563631STom Van Eyck * key_buffer in bytes. 118*b0563631STom Van Eyck * \param[out] bits The key size in number of bits. 119*b0563631STom Van Eyck * 120*b0563631STom Van Eyck * \retval #PSA_SUCCESS 121*b0563631STom Van Eyck * The key was generated successfully. 122*b0563631STom Van Eyck * \retval #PSA_ERROR_BUFFER_TOO_SMALL 123*b0563631STom Van Eyck * The size of \p key_buffer is too small. 124*b0563631STom Van Eyck */ 125*b0563631STom Van Eyck psa_status_t mbedtls_psa_ffdh_import_key( 126*b0563631STom Van Eyck const psa_key_attributes_t *attributes, 127*b0563631STom Van Eyck const uint8_t *data, size_t data_length, 128*b0563631STom Van Eyck uint8_t *key_buffer, size_t key_buffer_size, 129*b0563631STom Van Eyck size_t *key_buffer_length, size_t *bits); 130*b0563631STom Van Eyck 131*b0563631STom Van Eyck #endif /* PSA_CRYPTO_FFDH_H */ 132