1 /**
2 * \file psa_util.h
3 *
4 * \brief Utility functions for the use of the PSA Crypto library.
5 *
6 * \warning This function is not part of the public API and may
7 * change at any time.
8 */
9 /*
10 * Copyright The Mbed TLS Contributors
11 * SPDX-License-Identifier: Apache-2.0
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 */
25
26 #ifndef MBEDTLS_PSA_UTIL_H
27 #define MBEDTLS_PSA_UTIL_H
28
29 #if !defined(MBEDTLS_CONFIG_FILE)
30 #include "mbedtls/config.h"
31 #else
32 #include MBEDTLS_CONFIG_FILE
33 #endif
34
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36
37 #include "psa/crypto.h"
38
39 #include "mbedtls/ecp.h"
40 #include "mbedtls/md.h"
41 #include "mbedtls/pk.h"
42 #include "mbedtls/oid.h"
43
44 #include <string.h>
45
46 /* Translations for symmetric crypto. */
47
mbedtls_psa_translate_cipher_type(mbedtls_cipher_type_t cipher)48 static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
49 mbedtls_cipher_type_t cipher )
50 {
51 switch( cipher )
52 {
53 case MBEDTLS_CIPHER_AES_128_CCM:
54 case MBEDTLS_CIPHER_AES_192_CCM:
55 case MBEDTLS_CIPHER_AES_256_CCM:
56 case MBEDTLS_CIPHER_AES_128_GCM:
57 case MBEDTLS_CIPHER_AES_192_GCM:
58 case MBEDTLS_CIPHER_AES_256_GCM:
59 case MBEDTLS_CIPHER_AES_128_CBC:
60 case MBEDTLS_CIPHER_AES_192_CBC:
61 case MBEDTLS_CIPHER_AES_256_CBC:
62 return( PSA_KEY_TYPE_AES );
63
64 /* ARIA not yet supported in PSA. */
65 /* case MBEDTLS_CIPHER_ARIA_128_CCM:
66 case MBEDTLS_CIPHER_ARIA_192_CCM:
67 case MBEDTLS_CIPHER_ARIA_256_CCM:
68 case MBEDTLS_CIPHER_ARIA_128_GCM:
69 case MBEDTLS_CIPHER_ARIA_192_GCM:
70 case MBEDTLS_CIPHER_ARIA_256_GCM:
71 case MBEDTLS_CIPHER_ARIA_128_CBC:
72 case MBEDTLS_CIPHER_ARIA_192_CBC:
73 case MBEDTLS_CIPHER_ARIA_256_CBC:
74 return( PSA_KEY_TYPE_ARIA ); */
75
76 default:
77 return( 0 );
78 }
79 }
80
mbedtls_psa_translate_cipher_mode(mbedtls_cipher_mode_t mode,size_t taglen)81 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
82 mbedtls_cipher_mode_t mode, size_t taglen )
83 {
84 switch( mode )
85 {
86 case MBEDTLS_MODE_ECB:
87 return( PSA_ALG_ECB_NO_PADDING );
88 case MBEDTLS_MODE_GCM:
89 return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) );
90 case MBEDTLS_MODE_CCM:
91 return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) );
92 case MBEDTLS_MODE_CBC:
93 if( taglen == 0 )
94 return( PSA_ALG_CBC_NO_PADDING );
95 else
96 return( 0 );
97 default:
98 return( 0 );
99 }
100 }
101
mbedtls_psa_translate_cipher_operation(mbedtls_operation_t op)102 static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
103 mbedtls_operation_t op )
104 {
105 switch( op )
106 {
107 case MBEDTLS_ENCRYPT:
108 return( PSA_KEY_USAGE_ENCRYPT );
109 case MBEDTLS_DECRYPT:
110 return( PSA_KEY_USAGE_DECRYPT );
111 default:
112 return( 0 );
113 }
114 }
115
116 /* Translations for hashing. */
117
mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)118 static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
119 {
120 switch( md_alg )
121 {
122 #if defined(MBEDTLS_MD2_C)
123 case MBEDTLS_MD_MD2:
124 return( PSA_ALG_MD2 );
125 #endif
126 #if defined(MBEDTLS_MD4_C)
127 case MBEDTLS_MD_MD4:
128 return( PSA_ALG_MD4 );
129 #endif
130 #if defined(MBEDTLS_MD5_C)
131 case MBEDTLS_MD_MD5:
132 return( PSA_ALG_MD5 );
133 #endif
134 #if defined(MBEDTLS_SHA1_C)
135 case MBEDTLS_MD_SHA1:
136 return( PSA_ALG_SHA_1 );
137 #endif
138 #if defined(MBEDTLS_SHA256_C)
139 case MBEDTLS_MD_SHA224:
140 return( PSA_ALG_SHA_224 );
141 case MBEDTLS_MD_SHA256:
142 return( PSA_ALG_SHA_256 );
143 #endif
144 #if defined(MBEDTLS_SHA512_C)
145 case MBEDTLS_MD_SHA384:
146 return( PSA_ALG_SHA_384 );
147 case MBEDTLS_MD_SHA512:
148 return( PSA_ALG_SHA_512 );
149 #endif
150 #if defined(MBEDTLS_RIPEMD160_C)
151 case MBEDTLS_MD_RIPEMD160:
152 return( PSA_ALG_RIPEMD160 );
153 #endif
154 case MBEDTLS_MD_NONE:
155 return( 0 );
156 default:
157 return( 0 );
158 }
159 }
160
161 /* Translations for ECC. */
162
mbedtls_psa_get_ecc_oid_from_id(psa_ecc_family_t curve,size_t bits,char const ** oid,size_t * oid_len)163 static inline int mbedtls_psa_get_ecc_oid_from_id(
164 psa_ecc_family_t curve, size_t bits,
165 char const **oid, size_t *oid_len )
166 {
167 switch( curve )
168 {
169 case PSA_ECC_FAMILY_SECP_R1:
170 switch( bits )
171 {
172 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
173 case 192:
174 *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
175 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 );
176 return( 0 );
177 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
178 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
179 case 224:
180 *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
181 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 );
182 return( 0 );
183 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
184 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
185 case 256:
186 *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
187 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 );
188 return( 0 );
189 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
190 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
191 case 384:
192 *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
193 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 );
194 return( 0 );
195 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
196 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
197 case 521:
198 *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
199 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 );
200 return( 0 );
201 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
202 }
203 break;
204 case PSA_ECC_FAMILY_SECP_K1:
205 switch( bits )
206 {
207 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
208 case 192:
209 *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
210 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 );
211 return( 0 );
212 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
213 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
214 case 224:
215 *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
216 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 );
217 return( 0 );
218 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
219 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
220 case 256:
221 *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
222 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 );
223 return( 0 );
224 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
225 }
226 break;
227 case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
228 switch( bits )
229 {
230 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
231 case 256:
232 *oid = MBEDTLS_OID_EC_GRP_BP256R1;
233 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 );
234 return( 0 );
235 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
236 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
237 case 384:
238 *oid = MBEDTLS_OID_EC_GRP_BP384R1;
239 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 );
240 return( 0 );
241 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
242 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
243 case 512:
244 *oid = MBEDTLS_OID_EC_GRP_BP512R1;
245 *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 );
246 return( 0 );
247 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
248 }
249 break;
250 }
251 (void) oid;
252 (void) oid_len;
253 return( -1 );
254 }
255
256 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
257
258 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
259 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
260 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
261 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
262 #endif
263 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
264
265 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
266 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
267 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
268 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
269 #endif
270 #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
271
272 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
273 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
274 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
275 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
276 #endif
277 #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
278
279 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
280 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
281 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
282 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
283 #endif
284 #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
285
286 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
287 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
288 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
289 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
290 #endif
291 #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
292
293 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
294 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
295 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
296 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
297 #endif
298 #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
299
300 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
301 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
302 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
303 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
304 #endif
305 #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
306
307 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
308 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
309 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
310 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
311 #endif
312 #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
313
314 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
315 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
316 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
317 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
318 #endif
319 #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
320
321 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
322 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
323 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
324 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
325 #endif
326 #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
327
328 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
329 #if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
330 #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
331 #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
332 #endif
333 #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
334
335
336 /* Translations for PK layer */
337
mbedtls_psa_err_translate_pk(psa_status_t status)338 static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
339 {
340 switch( status )
341 {
342 case PSA_SUCCESS:
343 return( 0 );
344 case PSA_ERROR_NOT_SUPPORTED:
345 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
346 case PSA_ERROR_INSUFFICIENT_MEMORY:
347 return( MBEDTLS_ERR_PK_ALLOC_FAILED );
348 case PSA_ERROR_INSUFFICIENT_ENTROPY:
349 return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
350 case PSA_ERROR_BAD_STATE:
351 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
352 /* All other failures */
353 case PSA_ERROR_COMMUNICATION_FAILURE:
354 case PSA_ERROR_HARDWARE_FAILURE:
355 case PSA_ERROR_CORRUPTION_DETECTED:
356 return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
357 default: /* We return the same as for the 'other failures',
358 * but list them separately nonetheless to indicate
359 * which failure conditions we have considered. */
360 return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
361 }
362 }
363
364 /* Translations for ECC */
365
366 /* This function transforms an ECC group identifier from
367 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
368 * into a PSA ECC group identifier. */
369 #if defined(MBEDTLS_ECP_C)
mbedtls_psa_parse_tls_ecc_group(uint16_t tls_ecc_grp_reg_id,size_t * bits)370 static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
371 uint16_t tls_ecc_grp_reg_id, size_t *bits )
372 {
373 const mbedtls_ecp_curve_info *curve_info =
374 mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );
375 if( curve_info == NULL )
376 return( 0 );
377 return( PSA_KEY_TYPE_ECC_KEY_PAIR(
378 mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) );
379 }
380 #endif /* MBEDTLS_ECP_C */
381
382 /* This function takes a buffer holding an EC public key
383 * exported through psa_export_public_key(), and converts
384 * it into an ECPoint structure to be put into a ClientKeyExchange
385 * message in an ECDHE exchange.
386 *
387 * Both the present and the foreseeable future format of EC public keys
388 * used by PSA have the ECPoint structure contained in the exported key
389 * as a subbuffer, and the function merely selects this subbuffer instead
390 * of making a copy.
391 */
mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char * src,size_t srclen,unsigned char ** dst,size_t * dstlen)392 static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src,
393 size_t srclen,
394 unsigned char **dst,
395 size_t *dstlen )
396 {
397 *dst = src;
398 *dstlen = srclen;
399 return( 0 );
400 }
401
402 /* This function takes a buffer holding an ECPoint structure
403 * (as contained in a TLS ServerKeyExchange message for ECDHE
404 * exchanges) and converts it into a format that the PSA key
405 * agreement API understands.
406 */
mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const * src,size_t srclen,unsigned char * dst,size_t dstlen,size_t * olen)407 static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src,
408 size_t srclen,
409 unsigned char *dst,
410 size_t dstlen,
411 size_t *olen )
412 {
413 if( srclen > dstlen )
414 return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
415
416 memcpy( dst, src, srclen );
417 *olen = srclen;
418 return( 0 );
419 }
420
421 #endif /* MBEDTLS_USE_PSA_CRYPTO */
422
423 /* Expose whatever RNG the PSA subsystem uses to applications using the
424 * mbedtls_xxx API. The declarations and definitions here need to be
425 * consistent with the implementation in library/psa_crypto_random_impl.h.
426 * See that file for implementation documentation. */
427 #if defined(MBEDTLS_PSA_CRYPTO_C)
428
429 /* The type of a `f_rng` random generator function that many library functions
430 * take.
431 *
432 * This type name is not part of the Mbed TLS stable API. It may be renamed
433 * or moved without warning.
434 */
435 typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size );
436
437 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
438
439 /** The random generator function for the PSA subsystem.
440 *
441 * This function is suitable as the `f_rng` random generator function
442 * parameter of many `mbedtls_xxx` functions. Use #MBEDTLS_PSA_RANDOM_STATE
443 * to obtain the \p p_rng parameter.
444 *
445 * The implementation of this function depends on the configuration of the
446 * library.
447 *
448 * \note Depending on the configuration, this may be a function or
449 * a pointer to a function.
450 *
451 * \note This function may only be used if the PSA crypto subsystem is active.
452 * This means that you must call psa_crypto_init() before any call to
453 * this function, and you must not call this function after calling
454 * mbedtls_psa_crypto_free().
455 *
456 * \param p_rng The random generator context. This must be
457 * #MBEDTLS_PSA_RANDOM_STATE. No other state is
458 * supported.
459 * \param output The buffer to fill. It must have room for
460 * \c output_size bytes.
461 * \param output_size The number of bytes to write to \p output.
462 * This function may fail if \p output_size is too
463 * large. It is guaranteed to accept any output size
464 * requested by Mbed TLS library functions. The
465 * maximum request size depends on the library
466 * configuration.
467 *
468 * \return \c 0 on success.
469 * \return An `MBEDTLS_ERR_ENTROPY_xxx`,
470 * `MBEDTLS_ERR_PLATFORM_xxx,
471 * `MBEDTLS_ERR_CTR_DRBG_xxx` or
472 * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
473 */
474 int mbedtls_psa_get_random( void *p_rng,
475 unsigned char *output,
476 size_t output_size );
477
478 /** The random generator state for the PSA subsystem.
479 *
480 * This macro expands to an expression which is suitable as the `p_rng`
481 * random generator state parameter of many `mbedtls_xxx` functions.
482 * It must be used in combination with the random generator function
483 * mbedtls_psa_get_random().
484 *
485 * The implementation of this macro depends on the configuration of the
486 * library. Do not make any assumption on its nature.
487 */
488 #define MBEDTLS_PSA_RANDOM_STATE NULL
489
490 #else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
491
492 #if defined(MBEDTLS_CTR_DRBG_C)
493 #include "mbedtls/ctr_drbg.h"
494 typedef mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t;
495 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_ctr_drbg_random;
496 #elif defined(MBEDTLS_HMAC_DRBG_C)
497 #include "mbedtls/hmac_drbg.h"
498 typedef mbedtls_hmac_drbg_context mbedtls_psa_drbg_context_t;
499 static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
500 #endif
501 extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
502
503 #define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
504
505 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
506
507 #endif /* MBEDTLS_PSA_CRYPTO_C */
508
509 #endif /* MBEDTLS_PSA_UTIL_H */
510