New functions: asymmetric encrypt/decrypt
This commit is contained in:
parent
8484565f85
commit
6944f9a831
1 changed files with 110 additions and 1 deletions
|
@ -326,7 +326,8 @@ typedef uint32_t psa_algorithm_t;
|
|||
|
||||
#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW ((psa_algorithm_t)0x10010000)
|
||||
#define PSA_ALG_RSA_PSS_MGF1 ((psa_algorithm_t)0x10020000)
|
||||
#define PSA_ALG_RSA_OAEP ((psa_algorithm_t)0x12020000)
|
||||
#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12010000)
|
||||
#define PSA_ALG_RSA_OAEP_MGF1_BASE ((psa_algorithm_t)0x12020000)
|
||||
#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
|
||||
(PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
|
||||
#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
|
||||
|
@ -1329,6 +1330,114 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
|
|||
uint8_t *signature,
|
||||
size_t signature_size);
|
||||
|
||||
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
|
||||
(PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
|
||||
((void)alg, 0))
|
||||
#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
|
||||
PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
|
||||
|
||||
/**
|
||||
* \brief Encrypt a short message with a public key.
|
||||
*
|
||||
* \param key Key slot containing a public key or an asymmetric
|
||||
* key pair.
|
||||
* \param alg An asymmetric encryption algorithm that is
|
||||
* compatible with the type of \c key.
|
||||
* \param input The message to encrypt.
|
||||
* \param input_length Size of the \c input buffer in bytes.
|
||||
* \param salt A salt or label, if supported by the encryption
|
||||
* algorithm.
|
||||
* If the algorithm does not support a
|
||||
* salt, pass \c NULL.
|
||||
* If the algorithm supports an optional
|
||||
* salt and you do not want to pass a salt,
|
||||
* pass \c NULL.
|
||||
*
|
||||
* - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
|
||||
* supported.
|
||||
* \param salt_length Size of the \c salt buffer in bytes.
|
||||
* If \c salt is \c NULL, pass 0.
|
||||
* \param output Buffer where the encrypted message is to be written.
|
||||
* \param output_size Size of the \c output buffer in bytes.
|
||||
* \param output_length On success, the number of bytes
|
||||
* that make up the returned output.
|
||||
*
|
||||
* \retval PSA_SUCCESS
|
||||
* \retval PSA_ERROR_BUFFER_TOO_SMALL
|
||||
* The size of the \c output buffer is too small. You can
|
||||
* determine a sufficient buffer size by calling
|
||||
* #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
|
||||
* where \c key_type and \c key_bits are the type and bit-size
|
||||
* respectively of \c key.
|
||||
* \retval PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval PSA_ERROR_COMMUNICATION_FAILURE
|
||||
* \retval PSA_ERROR_HARDWARE_FAILURE
|
||||
* \retval PSA_ERROR_TAMPERING_DETECTED
|
||||
* \retval PSA_ERROR_INSUFFICIENT_ENTROPY
|
||||
*/
|
||||
psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *input,
|
||||
size_t input_length,
|
||||
const uint8_t *salt,
|
||||
size_t salt_length,
|
||||
uint8_t *output,
|
||||
size_t output_size,
|
||||
size_t *output_length);
|
||||
|
||||
/**
|
||||
* \brief Decrypt a short message with a private key.
|
||||
*
|
||||
* \param key Key slot containing an asymmetric key pair.
|
||||
* \param alg An asymmetric encryption algorithm that is
|
||||
* compatible with the type of \c key.
|
||||
* \param input The message to decrypt.
|
||||
* \param input_length Size of the \c input buffer in bytes.
|
||||
* \param salt A salt or label, if supported by the encryption
|
||||
* algorithm.
|
||||
* If the algorithm does not support a
|
||||
* salt, pass \c NULL.
|
||||
* If the algorithm supports an optional
|
||||
* salt and you do not want to pass a salt,
|
||||
* pass \c NULL.
|
||||
*
|
||||
* - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
|
||||
* supported.
|
||||
* \param salt_length Size of the \c salt buffer in bytes.
|
||||
* If \c salt is \c NULL, pass 0.
|
||||
* \param output Buffer where the encrypted message is to be written.
|
||||
* \param output_size Size of the \c output buffer in bytes.
|
||||
* \param output_length On success, the number of bytes
|
||||
* that make up the returned output.
|
||||
*
|
||||
* \retval PSA_SUCCESS
|
||||
* \retval PSA_ERROR_BUFFER_TOO_SMALL
|
||||
* The size of the \c output buffer is too small. You can
|
||||
* determine a sufficient buffer size by calling
|
||||
* #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
|
||||
* where \c key_type and \c key_bits are the type and bit-size
|
||||
* respectively of \c key.
|
||||
* \retval PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval PSA_ERROR_COMMUNICATION_FAILURE
|
||||
* \retval PSA_ERROR_HARDWARE_FAILURE
|
||||
* \retval PSA_ERROR_TAMPERING_DETECTED
|
||||
* \retval PSA_ERROR_INSUFFICIENT_ENTROPY
|
||||
* \retval PSA_ERROR_INVALID_PADDING
|
||||
*/
|
||||
psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *input,
|
||||
size_t input_length,
|
||||
const uint8_t *salt,
|
||||
size_t salt_length,
|
||||
uint8_t *output,
|
||||
size_t output_size,
|
||||
size_t *output_length);
|
||||
|
||||
/**@}*/
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
Loading…
Reference in a new issue