From 38a5d3564633f1e74aff0124f05d1f8e9895f74b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Sun, 21 Mar 2021 07:01:53 +0000 Subject: [PATCH] PSA PAKE: Add type for representing primitives In most of the PAKEs the primitives are prime order groups, but some of them might need the ring structure or just are using completely different algebraic structures (eg. SRP or PQC schemes). Signed-off-by: Janos Follath --- include/psa/crypto_types.h | 22 ++++++++++++++++++++++ include/psa/crypto_values.h | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index cd8ac4b1c..1c40f5bf7 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -390,5 +390,27 @@ typedef uint16_t psa_pake_side_t; /** \brief Encoding of the type of input/output for PAKE */ typedef uint16_t psa_pake_data_t; +/** Encoding of the type of the PAKE's primitive. + * + * Values defined by this standard will never be in the range 0x80-0xff. + * Vendors who define additional types must use an encoding in this range. + */ +typedef uint8_t psa_pake_primitive_type_t; + +/** Encoding of the bitsize for the PAKE's primitive. + * + * The type and family is not enough to identify the primitive to use in the + * PAKE, the implementation needs to know the bitsize too. + */ +typedef uint16_t psa_pake_bits_t; + +/** Encoding of the PAKE's primitive. + * + * In most of the PAKEs the primitives are prime order groups, but some of + * them might need the ring structure or just are using completely different + * algebraic structures (eg. SRP or PQC schemes). + */ +typedef uint32_t psa_pake_primitive_t; + /**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 3c2b7bec2..afdcaa9f6 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2414,5 +2414,42 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * Augmented PAKE protocols need to differentiate between client and server. */ #define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x0102) + +/** The pake uses finite fields. + * + * The corresponding family type is ::psa_dh_family_t. In determining a + * specific curve in the family ::psa_pake_bits_t values are interpreted in the + * exact same way as ::psa_key_bits_t would. + */ +#define PSA_PAKE_PRIMITIVE_TYPE_FIELD ((psa_pake_primitive_type_t)0x01) + +/** The pake uses elliptic curves. + * + * The corresponding family type is ::psa_ecc_family_t. in determining a + * specific curve in the family ::psa_pake_bits_t values are interpreted in the + * exact same way as ::psa_key_bits_t would. + */ +#define PSA_PAKE_PRIMITIVE_TYPE_CURVE ((psa_pake_primitive_type_t)0x02) + +/** Construct a PAKE primitive from type, family and bitsize. + * + * \param type The type of the primitive + * (value of type ::psa_pake_primitive_type_t). + * \param family The family of the primitive + * (the type and interpretation of this parameter depends + * on \p type, for more information consult the + * documentation of individual ::psa_pake_primitive_type_t + * constants). + * \param bits The bitwise of the primitive + * (Value of type ::psa_pake_bits_t. The interpretation + * of this parameter depends on \p family, for more + * information consult the documentation of individual + * ::psa_pake_primitive_type_t constants). + * + * \return The constructed primitive value. + */ +#define PSA_PAKE_PRIMITIVE(type, family, bits) \ + ((psa_pake_primitive_t) (((type) << 24 | (persistence) << 16) | (bits))) + /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */