Merge pull request #279 from athoelke/at-fix262
Include IANA reference in the definition of ECC curves and DH groups
This commit is contained in:
commit
cb5fa8b4bd
3 changed files with 123 additions and 8 deletions
|
@ -431,8 +431,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
|
|||
* #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM), the group data comes
|
||||
* from domain parameters set by psa_set_key_domain_parameters().
|
||||
*/
|
||||
/* This value is reserved for private use in the TLS named group registry. */
|
||||
#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x01fc)
|
||||
/* This value is a deprecated value meaning an explicit curve in the IANA
|
||||
* registry. */
|
||||
#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0xff01)
|
||||
|
||||
|
||||
/**
|
||||
|
|
|
@ -65,10 +65,82 @@ typedef int32_t psa_status_t;
|
|||
*/
|
||||
typedef uint32_t psa_key_type_t;
|
||||
|
||||
/** The type of PSA elliptic curve identifiers. */
|
||||
/** The type of PSA elliptic curve identifiers.
|
||||
*
|
||||
* The curve identifier is required to create an ECC key using the
|
||||
* PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY()
|
||||
* macros.
|
||||
*
|
||||
* The encoding of curve identifiers is taken from the
|
||||
* TLS Supported Groups Registry (formerly known as the
|
||||
* TLS EC Named Curve Registry)
|
||||
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
|
||||
*
|
||||
* This specification defines identifiers for some of the curves in the IANA
|
||||
* registry. Implementations that support other curves that are in the IANA
|
||||
* registry should use the IANA value and a implementation-specific identifier.
|
||||
* Implemenations that support non-IANA curves should use one of the following
|
||||
* approaches for allocating a key type:
|
||||
*
|
||||
* 1. Select a ::psa_ecc_curve_t value in the range #PSA_ECC_CURVE_VENDOR_MIN to
|
||||
* #PSA_ECC_CURVE_VENDOR_MAX, which is a subset of the IANA private use
|
||||
* range.
|
||||
* 2. Use a ::psa_key_type_t value that is vendor-defined.
|
||||
*
|
||||
* The first option is recommended.
|
||||
*/
|
||||
typedef uint16_t psa_ecc_curve_t;
|
||||
|
||||
/** The type of PSA Diffie-Hellman group identifiers. */
|
||||
/** The type of PSA Diffie-Hellman group identifiers.
|
||||
*
|
||||
* The group identifier is required to create an Diffie-Hellman key using the
|
||||
* PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY()
|
||||
* macros.
|
||||
*
|
||||
* The encoding of group identifiers is taken from the
|
||||
* TLS Supported Groups Registry (formerly known as the
|
||||
* TLS EC Named Curve Registry)
|
||||
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
|
||||
*
|
||||
* This specification defines identifiers for some of the groups in the IANA
|
||||
* registry. Implementations that support other groups that are in the IANA
|
||||
* registry should use the IANA value and a implementation-specific identifier.
|
||||
* Implemenations that support non-IANA groups should use one of the following
|
||||
* approaches for allocating a key type:
|
||||
*
|
||||
* 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to
|
||||
* #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use
|
||||
* range.
|
||||
* 2. Select a ::psa_dh_group_t value from the named groups allocated for
|
||||
* GREASE in the IETF draft specification. The GREASE specification and
|
||||
* values are listed below.
|
||||
* 3. Use a ::psa_key_type_t value that is vendor-defined.
|
||||
*
|
||||
* Option 1 or 2 are recommended.
|
||||
*
|
||||
* The current draft of the GREASE specification is
|
||||
* https://datatracker.ietf.org/doc/draft-ietf-tls-grease
|
||||
*
|
||||
* The following GREASE values are allocated for named groups:
|
||||
* \code
|
||||
* 0x0A0A
|
||||
* 0x1A1A
|
||||
* 0x2A2A
|
||||
* 0x3A3A
|
||||
* 0x4A4A
|
||||
* 0x5A5A
|
||||
* 0x6A6A
|
||||
* 0x7A7A
|
||||
* 0x8A8A
|
||||
* 0x9A9A
|
||||
* 0xAAAA
|
||||
* 0xBABA
|
||||
* 0xCACA
|
||||
* 0xDADA
|
||||
* 0xEAEA
|
||||
* 0xFAFA
|
||||
* \endcode
|
||||
*/
|
||||
typedef uint16_t psa_dh_group_t;
|
||||
|
||||
/** \brief Encoding of a cryptographic algorithm.
|
||||
|
|
|
@ -424,10 +424,18 @@
|
|||
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
|
||||
#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000)
|
||||
#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff)
|
||||
/** Elliptic curve key pair. */
|
||||
/** Elliptic curve key pair.
|
||||
*
|
||||
* \param curve A value of type ::psa_ecc_curve_t that identifies the
|
||||
* ECC curve to be used.
|
||||
*/
|
||||
#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \
|
||||
(PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
|
||||
/** Elliptic curve public key. */
|
||||
/** Elliptic curve public key.
|
||||
*
|
||||
* \param curve A value of type ::psa_ecc_curve_t that identifies the
|
||||
* ECC curve to be used.
|
||||
*/
|
||||
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
|
||||
(PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
|
||||
|
||||
|
@ -498,13 +506,34 @@
|
|||
*/
|
||||
#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
|
||||
|
||||
/** Minimum value for a vendor-defined ECC curve identifier
|
||||
*
|
||||
* The range for vendor-defined curve identifiers is a subset of the IANA
|
||||
* registry private use range, `0xfe00` - `0xfeff`.
|
||||
*/
|
||||
#define PSA_ECC_CURVE_VENDOR_MIN ((psa_ecc_curve_t) 0xfe00)
|
||||
/** Maximum value for a vendor-defined ECC curve identifier
|
||||
*
|
||||
* The range for vendor-defined curve identifiers is a subset of the IANA
|
||||
* registry private use range, `0xfe00` - `0xfeff`.
|
||||
*/
|
||||
#define PSA_ECC_CURVE_VENDOR_MAX ((psa_ecc_curve_t) 0xfe7f)
|
||||
|
||||
#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000)
|
||||
#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000)
|
||||
#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff)
|
||||
/** Diffie-Hellman key pair. */
|
||||
/** Diffie-Hellman key pair.
|
||||
*
|
||||
* \param group A value of type ::psa_dh_group_t that identifies the
|
||||
* Diffie-Hellman group to be used.
|
||||
*/
|
||||
#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \
|
||||
(PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
|
||||
/** Diffie-Hellman public key. */
|
||||
/** Diffie-Hellman public key.
|
||||
*
|
||||
* \param group A value of type ::psa_dh_group_t that identifies the
|
||||
* Diffie-Hellman group to be used.
|
||||
*/
|
||||
#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \
|
||||
(PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
|
||||
|
||||
|
@ -538,6 +567,19 @@
|
|||
#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103)
|
||||
#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104)
|
||||
|
||||
/** Minimum value for a vendor-defined Diffie Hellman group identifier
|
||||
*
|
||||
* The range for vendor-defined group identifiers is a subset of the IANA
|
||||
* registry private use range, `0x01fc` - `0x01ff`.
|
||||
*/
|
||||
#define PSA_DH_GROUP_VENDOR_MIN ((psa_dh_group_t) 0x01fc)
|
||||
/** Maximum value for a vendor-defined Diffie Hellman group identifier
|
||||
*
|
||||
* The range for vendor-defined group identifiers is a subset of the IANA
|
||||
* registry private use range, `0x01fc` - `0x01ff`.
|
||||
*/
|
||||
#define PSA_DH_GROUP_VENDOR_MAX ((psa_dh_group_t) 0x01fd)
|
||||
|
||||
/** The block size of a block cipher.
|
||||
*
|
||||
* \param type A cipher key type (value of type #psa_key_type_t).
|
||||
|
|
Loading…
Reference in a new issue