1 /*
2  * Copyright (c) 2018-2023, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 /**
8  * \file psa/crypto_extra.h
9  *
10  * \brief PSA cryptography module: vendor extensions
11  *
12  * \note This file may not be included directly. Applications must
13  * include psa/crypto.h.
14  *
15  * This file is reserved for vendor-specific definitions.
16  */
17 
18 #ifndef PSA_CRYPTO_EXTRA_H
19 #define PSA_CRYPTO_EXTRA_H
20 
21 #include "crypto_types.h"
22 #include "crypto_compat.h"
23 
24 #ifdef __cplusplus
25 extern "C" {
26 #endif
27 
28 /** \addtogroup crypto_types
29  * @{
30  */
31 
32 /** DSA public key.
33  *
34  * The import and export format is the
35  * representation of the public key `y = g^x mod p` as a big-endian byte
36  * string. The length of the byte string is the length of the base prime `p`
37  * in bytes.
38  */
39 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY                 ((psa_key_type_t)0x4002)
40 
41 /** DSA key pair (private and public key).
42  *
43  * The import and export format is the
44  * representation of the private key `x` as a big-endian byte string. The
45  * length of the byte string is the private key size in bytes (leading zeroes
46  * are not stripped).
47  *
48  * Deterministic DSA key derivation with psa_generate_derived_key follows
49  * FIPS 186-4 §B.1.2: interpret the byte string as integer
50  * in big-endian order. Discard it if it is not in the range
51  * [0, *N* - 2] where *N* is the boundary of the private key domain
52  * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA,
53  * or the order of the curve's base point for ECC).
54  * Add 1 to the resulting integer and use this as the private key *x*.
55  *
56  */
57 #define PSA_KEY_TYPE_DSA_KEY_PAIR                    ((psa_key_type_t)0x7002)
58 
59 /** Whether a key type is a DSA key (pair or public-only). */
60 #define PSA_KEY_TYPE_IS_DSA(type)                                       \
61     (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
62 
63 #define PSA_ALG_DSA_BASE                        ((psa_algorithm_t)0x06000400)
64 /** DSA signature with hashing.
65  *
66  * This is the signature scheme defined by FIPS 186-4,
67  * with a random per-message secret number (*k*).
68  *
69  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
70  *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
71  *                      This includes #PSA_ALG_ANY_HASH
72  *                      when specifying the algorithm in a usage policy.
73  *
74  * \return              The corresponding DSA signature algorithm.
75  * \return              Unspecified if \p hash_alg is not a supported
76  *                      hash algorithm.
77  */
78 #define PSA_ALG_DSA(hash_alg)                             \
79     (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
80 #define PSA_ALG_DETERMINISTIC_DSA_BASE          ((psa_algorithm_t)0x06000500)
81 #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
82 /** Deterministic DSA signature with hashing.
83  *
84  * This is the deterministic variant defined by RFC 6979 of
85  * the signature scheme defined by FIPS 186-4.
86  *
87  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
88  *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
89  *                      This includes #PSA_ALG_ANY_HASH
90  *                      when specifying the algorithm in a usage policy.
91  *
92  * \return              The corresponding DSA signature algorithm.
93  * \return              Unspecified if \p hash_alg is not a supported
94  *                      hash algorithm.
95  */
96 #define PSA_ALG_DETERMINISTIC_DSA(hash_alg)                             \
97     (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
98 #define PSA_ALG_IS_DSA(alg)                                             \
99     (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
100      PSA_ALG_DSA_BASE)
101 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg)               \
102     (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
103 #define PSA_ALG_IS_DETERMINISTIC_DSA(alg)                       \
104     (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
105 #define PSA_ALG_IS_RANDOMIZED_DSA(alg)                          \
106     (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
107 
108 
109 /* We need to expand the sample definition of this macro from
110  * the API definition. */
111 #undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
112 #define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg)    \
113     PSA_ALG_IS_DSA(alg)
114 
115 /**@}*/
116 
117 #ifdef __cplusplus
118 }
119 #endif
120 
121 #endif /* PSA_CRYPTO_EXTRA_H */
122