TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 025fccdc326d65820b2ec10c1421dc8434295c71^! / . / include / psa / crypto_values.h
commit025fccdc326d65820b2ec10c1421dc8434295c71[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Mon Dec 02 19:12:00 2019 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Fri Jan 31 10:15:32 2020 +0100
tree5b61986b89570417c7082d198beebd287f27ca19
parentd8197cb9029ce9ea697cb490130de156959af647 [diff] [blame]
Change the encoding of EC curves and DH groups to include the size

Change the representation of psa_ecc_curve_t and psa_dh_group_t from
the IETF 16-bit encoding to a custom 24-bit encoding where the upper 8
bits represent a curve family and the lower 16 bits are the key size
in bits. Families are based on naming and mathematical similarity,
with sufficiently precise families that no two curves in a family have
the same bit size (for example SECP-R1 and SECP-R2 are two different
families).

As a consequence, the lower 16 bits of a key type value are always
either the key size or 0.

diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index a86a323..87ad15f 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h

@@ -423,7 +423,7 @@
 
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x61000000)
 #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE           ((psa_key_type_t)0x71000000)
-#define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
+#define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x00ffffff)
 /** Elliptic curve key pair.
  *
  * \param curve     A value of type ::psa_ecc_curve_t that identifies the
@@ -458,70 +458,52 @@
                         ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
                         0))
 
-/* The encoding of curve identifiers is currently aligned with the
- * TLS Supported Groups Registry (formerly known as the
- * TLS EC Named Curve Registry)
- * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
- * The values are defined by RFC 8422 and RFC 7027. */
-#define PSA_ECC_CURVE_SECT163K1         ((psa_ecc_curve_t) 0x0001)
-#define PSA_ECC_CURVE_SECT163R1         ((psa_ecc_curve_t) 0x0002)
-#define PSA_ECC_CURVE_SECT163R2         ((psa_ecc_curve_t) 0x0003)
-#define PSA_ECC_CURVE_SECT193R1         ((psa_ecc_curve_t) 0x0004)
-#define PSA_ECC_CURVE_SECT193R2         ((psa_ecc_curve_t) 0x0005)
-#define PSA_ECC_CURVE_SECT233K1         ((psa_ecc_curve_t) 0x0006)
-#define PSA_ECC_CURVE_SECT233R1         ((psa_ecc_curve_t) 0x0007)
-#define PSA_ECC_CURVE_SECT239K1         ((psa_ecc_curve_t) 0x0008)
-#define PSA_ECC_CURVE_SECT283K1         ((psa_ecc_curve_t) 0x0009)
-#define PSA_ECC_CURVE_SECT283R1         ((psa_ecc_curve_t) 0x000a)
-#define PSA_ECC_CURVE_SECT409K1         ((psa_ecc_curve_t) 0x000b)
-#define PSA_ECC_CURVE_SECT409R1         ((psa_ecc_curve_t) 0x000c)
-#define PSA_ECC_CURVE_SECT571K1         ((psa_ecc_curve_t) 0x000d)
-#define PSA_ECC_CURVE_SECT571R1         ((psa_ecc_curve_t) 0x000e)
-#define PSA_ECC_CURVE_SECP160K1         ((psa_ecc_curve_t) 0x000f)
-#define PSA_ECC_CURVE_SECP160R1         ((psa_ecc_curve_t) 0x0010)
-#define PSA_ECC_CURVE_SECP160R2         ((psa_ecc_curve_t) 0x0011)
-#define PSA_ECC_CURVE_SECP192K1         ((psa_ecc_curve_t) 0x0012)
-#define PSA_ECC_CURVE_SECP192R1         ((psa_ecc_curve_t) 0x0013)
-#define PSA_ECC_CURVE_SECP224K1         ((psa_ecc_curve_t) 0x0014)
-#define PSA_ECC_CURVE_SECP224R1         ((psa_ecc_curve_t) 0x0015)
-#define PSA_ECC_CURVE_SECP256K1         ((psa_ecc_curve_t) 0x0016)
-#define PSA_ECC_CURVE_SECP256R1         ((psa_ecc_curve_t) 0x0017)
-#define PSA_ECC_CURVE_SECP384R1         ((psa_ecc_curve_t) 0x0018)
-#define PSA_ECC_CURVE_SECP521R1         ((psa_ecc_curve_t) 0x0019)
-#define PSA_ECC_CURVE_BRAINPOOL_P256R1  ((psa_ecc_curve_t) 0x001a)
-#define PSA_ECC_CURVE_BRAINPOOL_P384R1  ((psa_ecc_curve_t) 0x001b)
-#define PSA_ECC_CURVE_BRAINPOOL_P512R1  ((psa_ecc_curve_t) 0x001c)
+#define PSA_ECC_CURVE_SECP160K1         ((psa_ecc_curve_t) 0x1600a0)
+#define PSA_ECC_CURVE_SECP192K1         ((psa_ecc_curve_t) 0x1600c0)
+#define PSA_ECC_CURVE_SECP224K1         ((psa_ecc_curve_t) 0x1600e0)
+#define PSA_ECC_CURVE_SECP256K1         ((psa_ecc_curve_t) 0x160100)
+#define PSA_ECC_CURVE_SECP160R1         ((psa_ecc_curve_t) 0x1200a0)
+#define PSA_ECC_CURVE_SECP192R1         ((psa_ecc_curve_t) 0x1200c0)
+#define PSA_ECC_CURVE_SECP224R1         ((psa_ecc_curve_t) 0x1200e0)
+#define PSA_ECC_CURVE_SECP256R1         ((psa_ecc_curve_t) 0x120100)
+#define PSA_ECC_CURVE_SECP384R1         ((psa_ecc_curve_t) 0x120180)
+#define PSA_ECC_CURVE_SECP521R1         ((psa_ecc_curve_t) 0x120209)
+#define PSA_ECC_CURVE_SECP160R2         ((psa_ecc_curve_t) 0x1a00a0)
+#define PSA_ECC_CURVE_SECT163K1         ((psa_ecc_curve_t) 0x2600a3)
+#define PSA_ECC_CURVE_SECT233K1         ((psa_ecc_curve_t) 0x2600e9)
+#define PSA_ECC_CURVE_SECT239K1         ((psa_ecc_curve_t) 0x2600ef)
+#define PSA_ECC_CURVE_SECT283K1         ((psa_ecc_curve_t) 0x26011b)
+#define PSA_ECC_CURVE_SECT409K1         ((psa_ecc_curve_t) 0x260199)
+#define PSA_ECC_CURVE_SECT571K1         ((psa_ecc_curve_t) 0x26023b)
+#define PSA_ECC_CURVE_SECT163R1         ((psa_ecc_curve_t) 0x2200a3)
+#define PSA_ECC_CURVE_SECT193R1         ((psa_ecc_curve_t) 0x2200c1)
+#define PSA_ECC_CURVE_SECT233R1         ((psa_ecc_curve_t) 0x2200e9)
+#define PSA_ECC_CURVE_SECT283R1         ((psa_ecc_curve_t) 0x22011b)
+#define PSA_ECC_CURVE_SECT409R1         ((psa_ecc_curve_t) 0x220199)
+#define PSA_ECC_CURVE_SECT571R1         ((psa_ecc_curve_t) 0x22023b)
+#define PSA_ECC_CURVE_SECT163R2         ((psa_ecc_curve_t) 0x2a00a3)
+#define PSA_ECC_CURVE_SECT193R2         ((psa_ecc_curve_t) 0x2a00c1)
+#define PSA_ECC_CURVE_BRAINPOOL_P256R1  ((psa_ecc_curve_t) 0x300100)
+#define PSA_ECC_CURVE_BRAINPOOL_P384R1  ((psa_ecc_curve_t) 0x300180)
+#define PSA_ECC_CURVE_BRAINPOOL_P512R1  ((psa_ecc_curve_t) 0x300200)
 /** Curve25519.
  *
  * This is the curve defined in Bernstein et al.,
  * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006.
  * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve.
  */
-#define PSA_ECC_CURVE_CURVE25519        ((psa_ecc_curve_t) 0x001d)
+#define PSA_ECC_CURVE_CURVE25519        ((psa_ecc_curve_t) 0x0200ff)
 /** Curve448
  *
  * This is the curve defined in Hamburg,
  * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015.
  * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve.
  */
-#define PSA_ECC_CURVE_CURVE448          ((psa_ecc_curve_t) 0x001e)
-
-/** Minimum value for a vendor-defined ECC curve identifier
- *
- * The range for vendor-defined curve identifiers is a subset of the IANA
- * registry private use range, `0xfe00` - `0xfeff`.
- */
-#define PSA_ECC_CURVE_VENDOR_MIN        ((psa_ecc_curve_t) 0xfe00)
-/** Maximum value for a vendor-defined ECC curve identifier
- *
- * The range for vendor-defined curve identifiers is a subset of the IANA
- * registry private use range, `0xfe00` - `0xfeff`.
- */
-#define PSA_ECC_CURVE_VENDOR_MAX        ((psa_ecc_curve_t) 0xfe7f)
+#define PSA_ECC_CURVE_CURVE448          ((psa_ecc_curve_t) 0x0201c0)
 
 #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE         ((psa_key_type_t)0x62000000)
 #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE            ((psa_key_type_t)0x72000000)
-#define PSA_KEY_TYPE_DH_GROUP_MASK              ((psa_key_type_t)0x0000ffff)
+#define PSA_KEY_TYPE_DH_GROUP_MASK              ((psa_key_type_t)0x00ffffff)
 /** Diffie-Hellman key pair.
  *
  * \param group     A value of type ::psa_dh_group_t that identifies the
@@ -556,29 +538,11 @@
                        ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) :  \
                        0))
 
-/* The encoding of group identifiers is currently aligned with the
- * TLS Supported Groups Registry (formerly known as the
- * TLS EC Named Curve Registry)
- * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
- * The values are defined by RFC 7919. */
-#define PSA_DH_GROUP_FFDHE2048          ((psa_dh_group_t) 0x0100)
-#define PSA_DH_GROUP_FFDHE3072          ((psa_dh_group_t) 0x0101)
-#define PSA_DH_GROUP_FFDHE4096          ((psa_dh_group_t) 0x0102)
-#define PSA_DH_GROUP_FFDHE6144          ((psa_dh_group_t) 0x0103)
-#define PSA_DH_GROUP_FFDHE8192          ((psa_dh_group_t) 0x0104)
-
-/** Minimum value for a vendor-defined Diffie Hellman group identifier
- *
- * The range for vendor-defined group identifiers is a subset of the IANA
- * registry private use range, `0x01fc` - `0x01ff`.
- */
-#define PSA_DH_GROUP_VENDOR_MIN         ((psa_dh_group_t) 0x01fc)
-/** Maximum value for a vendor-defined Diffie Hellman group identifier
- *
- * The range for vendor-defined group identifiers is a subset of the IANA
- * registry private use range, `0x01fc` - `0x01ff`.
- */
-#define PSA_DH_GROUP_VENDOR_MAX         ((psa_dh_group_t) 0x01fd)
+#define PSA_DH_GROUP_FFDHE2048          ((psa_dh_group_t) 0x020800)
+#define PSA_DH_GROUP_FFDHE3072          ((psa_dh_group_t) 0x020c00)
+#define PSA_DH_GROUP_FFDHE4096          ((psa_dh_group_t) 0x021000)
+#define PSA_DH_GROUP_FFDHE6144          ((psa_dh_group_t) 0x021800)
+#define PSA_DH_GROUP_FFDHE8192          ((psa_dh_group_t) 0x022000)
 
 #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type)      \
     (((type) >> 24) & 7)