1 /**
2 * \file psa_util.h
3 *
4 * \brief Utility functions for the use of the PSA Crypto library.
5 *
6 * \warning This function is not part of the public API and may
7 * change at any time.
8 */
9 /*
10 * Copyright The Mbed TLS Contributors
11 * SPDX-License-Identifier: Apache-2.0
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 */
25
26 #ifndef MBEDTLS_PSA_UTIL_H
27 #define MBEDTLS_PSA_UTIL_H
28
29 #if !defined(MBEDTLS_CONFIG_FILE)
30 #include "mbedtls/config.h"
31 #else
32 #include MBEDTLS_CONFIG_FILE
33 #endif
34
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36
37 #include "psa/crypto.h"
38
39 #include "mbedtls/ecp.h"
40 #include "mbedtls/md.h"
41 #include "mbedtls/pk.h"
42 #include "mbedtls/oid.h"
43
44 #include <string.h>
45
46 /* Translations for symmetric crypto. */
47
mbedtls_psa_translate_cipher_type(mbedtls_cipher_type_t cipher)48 static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
49 mbedtls_cipher_type_t cipher )
50 {
51 switch( cipher )
52 {
53 case MBEDTLS_CIPHER_AES_128_CCM:
54 case MBEDTLS_CIPHER_AES_192_CCM:
55 case MBEDTLS_CIPHER_AES_256_CCM:
56 case MBEDTLS_CIPHER_AES_128_GCM:
57 case MBEDTLS_CIPHER_AES_192_GCM:
58 case MBEDTLS_CIPHER_AES_256_GCM:
59 case MBEDTLS_CIPHER_AES_128_CBC:
60 case MBEDTLS_CIPHER_AES_192_CBC:
61 case MBEDTLS_CIPHER_AES_256_CBC:
62 case MBEDTLS_CIPHER_AES_128_ECB:
63 case MBEDTLS_CIPHER_AES_192_ECB:
64 case MBEDTLS_CIPHER_AES_256_ECB:
65 return( PSA_KEY_TYPE_AES );
66
67 /* ARIA not yet supported in PSA. */
68 /* case MBEDTLS_CIPHER_ARIA_128_CCM:
69 case MBEDTLS_CIPHER_ARIA_192_CCM:
70 case MBEDTLS_CIPHER_ARIA_256_CCM:
71 case MBEDTLS_CIPHER_ARIA_128_GCM:
72 case MBEDTLS_CIPHER_ARIA_192_GCM:
73 case MBEDTLS_CIPHER_ARIA_256_GCM:
74 case MBEDTLS_CIPHER_ARIA_128_CBC:
75 case MBEDTLS_CIPHER_ARIA_192_CBC:
76 case MBEDTLS_CIPHER_ARIA_256_CBC:
77 return( PSA_KEY_TYPE_ARIA ); */
78
79 default:
80 return( 0 );
81 }
82 }
83
mbedtls_psa_translate_cipher_mode(mbedtls_cipher_mode_t mode,size_t taglen)84 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
85 mbedtls_cipher_mode_t mode, size_t taglen )
86 {
87 switch( mode )
88 {
89 case MBEDTLS_MODE_ECB:
90 return( PSA_ALG_ECB_NO_PADDING );
91 case MBEDTLS_MODE_GCM:
92 return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) );
93 case MBEDTLS_MODE_CCM:
94 return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) );
95 case MBEDTLS_MODE_CBC:
96 if( taglen == 0 )
97 return( PSA_ALG_CBC_NO_PADDING );
98 else
99 return( 0 );
100 default:
101 return( 0 );
102 }
103 }
104
mbedtls_psa_translate_cipher_operation(mbedtls_operation_t op)105 static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
106 mbedtls_operation_t op )
107 {
108 switch( op )
109 {
110 case MBEDTLS_ENCRYPT:
111 return( PSA_KEY_USAGE_ENCRYPT );
112 case MBEDTLS_DECRYPT:
113 return( PSA_KEY_USAGE_DECRYPT );
114 default:
115 return( 0 );
116 }
117 }
118
119 /* Translations for hashing. */
120
mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)121 static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
122 {
123 switch( md_alg )
124 {
125 #if defined(MBEDTLS_MD2_C)
126 case MBEDTLS_MD_MD2:
127 return( PSA_ALG_MD2 );
128 #endif
129 #if defined(MBEDTLS_MD4_C)
130 case MBEDTLS_MD_MD4:
131 return( PSA_ALG_MD4 );
132 #endif
133 #if defined(MBEDTLS_MD5_C)
134 case MBEDTLS_MD_MD5:
135 return( PSA_ALG_MD5 );
136 #endif
137 #if defined(MBEDTLS_SHA1_C)
138 case MBEDTLS_MD_SHA1:
139 return( PSA_ALG_SHA_1 );
140 #endif
141 #if defined(MBEDTLS_SHA256_C)
142 case MBEDTLS_MD_SHA224:
143 return( PSA_ALG_SHA_224 );
144 case MBEDTLS_MD_SHA256:
145 return( PSA_ALG_SHA_256 );
146 #endif
147 #if defined(MBEDTLS_SHA512_C)
148 case MBEDTLS_MD_SHA384:
149 return( PSA_ALG_SHA_384 );
150 case MBEDTLS_MD_SHA512:
151 return( PSA_ALG_SHA_512 );
152 #endif
153 #if defined(MBEDTLS_RIPEMD160_C)
154 case MBEDTLS_MD_RIPEMD160:
155 return( PSA_ALG_RIPEMD160 );
156 #endif
157 case MBEDTLS_MD_NONE:
158 return( 0 );
159 default:
160 return( 0 );
161 }
162 }
163
164 /* Translations for ECC. */
165
mbedtls_psa_get_ecc_oid_from_id(psa_ecc_family_t curve,size_t bits,char const ** oid,size_t * oid_len)166 static inline int mbedtls_psa_get_ecc_oid_from_id(
167 psa_ecc_family_t curve, size_t bits,
168 char const **oid, size_t *oid_len )
169 {
170 switch( curve )
171 {
172 case PSA_ECC_FAMILY_SECP_R1:
173 switch( bits )
174 {
175 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
176 case 192:
177 *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
178 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 );
179 return( 0 );
180 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
181 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
182 case 224:
183 *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
184 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 );
185 return( 0 );
186 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
187 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
188 case 256:
189 *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
190 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 );
191 return( 0 );
192 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
193 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
194 case 384:
195 *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
196 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 );
197 return( 0 );
198 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
199 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
200 case 521:
201 *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
202 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 );
203 return( 0 );
204 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
205 }
206 break;
207 case PSA_ECC_FAMILY_SECP_K1:
208 switch( bits )
209 {
210 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
211 case 192:
212 *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
213 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 );
214 return( 0 );
215 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
216 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
217 case 224:
218 *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
219 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 );
220 return( 0 );
221 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
222 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
223 case 256:
224 *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
225 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 );
226 return( 0 );
227 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
228 }
229 break;
230 case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
231 switch( bits )
232 {
233 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
234 case 256:
235 *oid = MBEDTLS_OID_EC_GRP_BP256R1;
236 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 );
237 return( 0 );
238 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
239 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
240 case 384:
241 *oid = MBEDTLS_OID_EC_GRP_BP384R1;
242 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 );
243 return( 0 );
244 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
245 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
246 case 512:
247 *oid = MBEDTLS_OID_EC_GRP_BP512R1;
248 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 );
249 return( 0 );
250 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
251 }
252 break;
253 }
254 (void) oid;
255 (void) oid_len;
256 return( -1 );
257 }
258
259 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
260
261 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
262 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
263 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
264 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
265 #endif
266 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
267
268 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
269 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
270 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
271 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
272 #endif
273 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
274
275 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
276 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
277 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
278 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
279 #endif
280 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
281
282 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
283 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
284 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
285 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
286 #endif
287 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
288
289 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
290 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
291 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
292 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
293 #endif
294 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
295
296 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
297 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
298 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
299 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
300 #endif
301 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
302
303 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
304 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
305 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
306 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
307 #endif
308 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
309
310 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
311 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
312 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
313 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
314 #endif
315 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
316
317 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
318 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
319 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
320 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
321 #endif
322 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
323
324 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
325 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
326 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
327 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
328 #endif
329 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
330
331 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
332 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
333 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
334 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
335 #endif
336 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
337
338
339 /* Translations for PK layer */
340
mbedtls_psa_err_translate_pk(psa_status_t status)341 static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
342 {
343 switch( status )
344 {
345 case PSA_SUCCESS:
346 return( 0 );
347 case PSA_ERROR_NOT_SUPPORTED:
348 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
349 case PSA_ERROR_INSUFFICIENT_MEMORY:
350 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
351 case PSA_ERROR_INSUFFICIENT_ENTROPY:
352 return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
353 case PSA_ERROR_BAD_STATE:
354 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
355 /* All other failures */
356 case PSA_ERROR_COMMUNICATION_FAILURE:
357 case PSA_ERROR_HARDWARE_FAILURE:
358 case PSA_ERROR_CORRUPTION_DETECTED:
359 return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
360 default: /* We return the same as for the 'other failures',
361 * but list them separately nonetheless to indicate
362 * which failure conditions we have considered. */
363 return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
364 }
365 }
366
367 /* Translations for ECC */
368
369 /* This function transforms an ECC group identifier from
370 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
371 * into a PSA ECC group identifier. */
372 #if defined(MBEDTLS_ECP_C)
mbedtls_psa_parse_tls_ecc_group(uint16_t tls_ecc_grp_reg_id,size_t * bits)373 static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
374 uint16_t tls_ecc_grp_reg_id, size_t *bits )
375 {
376 const mbedtls_ecp_curve_info *curve_info =
377 mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );
378 if( curve_info == NULL )
379 return( 0 );
380 return( PSA_KEY_TYPE_ECC_KEY_PAIR(
381 mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) );
382 }
383 #endif /* MBEDTLS_ECP_C */
384
385 /* This function takes a buffer holding an EC public key
386 * exported through psa_export_public_key(), and converts
387 * it into an ECPoint structure to be put into a ClientKeyExchange
388 * message in an ECDHE exchange.
389 *
390 * Both the present and the foreseeable future format of EC public keys
391 * used by PSA have the ECPoint structure contained in the exported key
392 * as a subbuffer, and the function merely selects this subbuffer instead
393 * of making a copy.
394 */
mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char * src,size_t srclen,unsigned char ** dst,size_t * dstlen)395 static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src,
396 size_t srclen,
397 unsigned char **dst,
398 size_t *dstlen )
399 {
400 *dst = src;
401 *dstlen = srclen;
402 return( 0 );
403 }
404
405 /* This function takes a buffer holding an ECPoint structure
406 * (as contained in a TLS ServerKeyExchange message for ECDHE
407 * exchanges) and converts it into a format that the PSA key
408 * agreement API understands.
409 */
mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const * src,size_t srclen,unsigned char * dst,size_t dstlen,size_t * olen)410 static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src,
411 size_t srclen,
412 unsigned char *dst,
413 size_t dstlen,
414 size_t *olen )
415 {
416 if( srclen > dstlen )
417 return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
418
419 memcpy( dst, src, srclen );
420 *olen = srclen;
421 return( 0 );
422 }
423
424 #endif /* MBEDTLS_USE_PSA_CRYPTO */
425
426 /* Expose whatever RNG the PSA subsystem uses to applications using the
427 * mbedtls_xxx API. The declarations and definitions here need to be
428 * consistent with the implementation in library/psa_crypto_random_impl.h.
429 * See that file for implementation documentation. */
430 #if defined(MBEDTLS_PSA_CRYPTO_C)
431
432 /* The type of a `f_rng` random generator function that many library functions
433 * take.
434 *
435 * This type name is not part of the Mbed TLS stable API. It may be renamed
436 * or moved without warning.
437 */
438 typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size );
439
440 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
441
442 /** The random generator function for the PSA subsystem.
443 *
444 * This function is suitable as the `f_rng` random generator function
445 * parameter of many `mbedtls_xxx` functions. Use #MBEDTLS_PSA_RANDOM_STATE
446 * to obtain the \p p_rng parameter.
447 *
448 * The implementation of this function depends on the configuration of the
449 * library.
450 *
451 * \note Depending on the configuration, this may be a function or
452 * a pointer to a function.
453 *
454 * \note This function may only be used if the PSA crypto subsystem is active.
455 * This means that you must call psa_crypto_init() before any call to
456 * this function, and you must not call this function after calling
457 * mbedtls_psa_crypto_free().
458 *
459 * \param p_rng The random generator context. This must be
460 * #MBEDTLS_PSA_RANDOM_STATE. No other state is
461 * supported.
462 * \param output The buffer to fill. It must have room for
463 * \c output_size bytes.
464 * \param output_size The number of bytes to write to \p output.
465 * This function may fail if \p output_size is too
466 * large. It is guaranteed to accept any output size
467 * requested by Mbed TLS library functions. The
468 * maximum request size depends on the library
469 * configuration.
470 *
471 * \return \c 0 on success.
472 * \return An `MBEDTLS_ERR_ENTROPY_xxx`,
473 * `MBEDTLS_ERR_PLATFORM_xxx,
474 * `MBEDTLS_ERR_CTR_DRBG_xxx` or
475 * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
476 */
477 int mbedtls_psa_get_random( void *p_rng,
478 unsigned char *output,
479 size_t output_size );
480
481 /** The random generator state for the PSA subsystem.
482 *
483 * This macro expands to an expression which is suitable as the `p_rng`
484 * random generator state parameter of many `mbedtls_xxx` functions.
485 * It must be used in combination with the random generator function
486 * mbedtls_psa_get_random().
487 *
488 * The implementation of this macro depends on the configuration of the
489 * library. Do not make any assumption on its nature.
490 */
491 #define MBEDTLS_PSA_RANDOM_STATE NULL
492
493 #else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
494
495 #if defined(MBEDTLS_CTR_DRBG_C)
496 #include "mbedtls/ctr_drbg.h"
497 typedef mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t;
498 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_ctr_drbg_random;
499 #elif defined(MBEDTLS_HMAC_DRBG_C)
500 #include "mbedtls/hmac_drbg.h"
501 typedef mbedtls_hmac_drbg_context mbedtls_psa_drbg_context_t;
502 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
503 #endif
504 extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
505
506 #define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
507
508 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
509
510 #endif /* MBEDTLS_PSA_CRYPTO_C */
511
512 #endif /* MBEDTLS_PSA_UTIL_H */
513
