PSA PAKE: Add type for representing primitives

In most of the PAKEs the primitives are prime order groups, but some of them might need the ring structure or just are using completely different algebraic structures (eg. SRP or PQC schemes). Signed-off-by: Janos Follath <janos.follath@arm.com>
2021-03-21 07:01:53 +00:00 · 2021-03-21 07:01:53 +00:00 · 38a5d35646
commit 38a5d35646
parent b86273a6dc
2 changed files with 59 additions and 0 deletions
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@ -390,5 +390,27 @@ typedef uint16_t psa_pake_side_t;
 /** \brief Encoding of the type of input/output for PAKE */
 typedef uint16_t psa_pake_data_t;

+/** Encoding of the type of the PAKE's primitive.
+ *
+ * Values defined by this standard will never be in the range 0x80-0xff.
+ * Vendors who define additional types must use an encoding in this range.
+ */
+typedef uint8_t psa_pake_primitive_type_t;
+
+/** Encoding of the bitsize for the PAKE's primitive.
+ *
+ * The type and family is not enough to identify the primitive to use in the
+ * PAKE, the implementation needs to know the bitsize too.
+ */
+typedef uint16_t psa_pake_bits_t;
+
+/** Encoding of the PAKE's primitive.
+ *
+ * In most of the PAKEs the primitives are prime order groups, but some of
+ * them might need the ring structure or just are using completely different
+ * algebraic structures (eg. SRP or PQC schemes).
+ */
+typedef uint32_t psa_pake_primitive_t;
+
 /**@}*/
 #endif /* PSA_CRYPTO_TYPES_H */
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@ -2414,5 +2414,42 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
 * Augmented PAKE protocols need to differentiate between client and server.
 */
 #define PSA_PAKE_SIDE_SERVER                ((psa_pake_side_t)0x0102)
+
+/** The pake uses finite fields.
+ *
+ * The corresponding family type is ::psa_dh_family_t. In determining a
+ * specific curve in the family ::psa_pake_bits_t values are interpreted in the
+ * exact same way as ::psa_key_bits_t would.
+ */
+#define PSA_PAKE_PRIMITIVE_TYPE_FIELD       ((psa_pake_primitive_type_t)0x01)
+
+/** The pake uses elliptic curves.
+ *
+ * The corresponding family type is ::psa_ecc_family_t. in determining a
+ * specific curve in the family ::psa_pake_bits_t values are interpreted in the
+ * exact same way as ::psa_key_bits_t would.
+ */
+#define PSA_PAKE_PRIMITIVE_TYPE_CURVE       ((psa_pake_primitive_type_t)0x02)
+
+/** Construct a PAKE primitive from type, family and bitsize.
+ *
+ * \param type          The type of the primitive
+ *                      (value of type ::psa_pake_primitive_type_t).
+ * \param family        The family of the primitive
+ *                      (the type and interpretation of this parameter depends
+ *                      on \p type, for more information consult the
+ *                      documentation of individual ::psa_pake_primitive_type_t
+ *                      constants).
+ * \param bits          The bitwise of the primitive
+ *                      (Value of type ::psa_pake_bits_t. The interpretation
+ *                      of this parameter depends on \p family, for more
+ *                      information consult the documentation of individual
+ *                      ::psa_pake_primitive_type_t constants).
+ *
+ * \return The constructed primitive value.
+ */
+#define PSA_PAKE_PRIMITIVE(type, family, bits) \
+    ((psa_pake_primitive_t) (((type) << 24 | (persistence) << 16) | (bits)))
+
 /**@}*/
 #endif /* PSA_CRYPTO_VALUES_H */