TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b1f53976eede92802153e8a6e858d670dbd839fb / . / library / ssl_tls13_invasive.h
blob: 5a9d536b9e94998d635870df5a9ca642eba296c5 [file] [log] [blame]
Gabor Mezeia3eecd22022-02-09 16:57:26 +0100[diff] [blame]1/*
2 * Copyright The Mbed TLS Contributors
3 * SPDX-License-Identifier: Apache-2.0
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License"); you may
6 * not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18#ifndef MBEDTLS_SSL_TLS13_INVASIVE_H
19#define MBEDTLS_SSL_TLS13_INVASIVE_H
20
21#include "common.h"
22
23#if defined(MBEDTLS_PSA_CRYPTO_C)
24#include "psa/crypto.h"
25#endif
26
27#if defined(MBEDTLS_TEST_HOOKS)
28
29#if defined(MBEDTLS_PSA_CRYPTO_C)
30
Gabor Mezeib1f53972022-02-07 18:18:16 +0100[diff] [blame^]31/**
32 * \brief Take the input keying material \p ikm and extract from it a
33 * fixed-length pseudorandom key \p prk.
34 *
35 * \param alg A hash function.
36 * \param salt An optional salt value (a non-secret random value);
37 * if the salt is not provided, a string of all zeros
38 * of the length of the hash provided by \p alg is used
39 * as the salt.
40 * \param salt_len The length in bytes of the optional \p salt.
41 * \param ikm The input keying material.
42 * \param ikm_len The length in bytes of \p ikm.
43 * \param[out] prk A pseudorandom key of \p prk_len bytes.
44 * \param prk_size Size of the \p prk buffer in bytes.
45 * \param[out] prk_len On success, the length in bytes of the
46 * pseudorandom key in \p prk.
47 *
48 * \return 0 on success.
49 * \return #MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
50 * \return An PSA_ERROR_* error for errors returned from the underlying
51 * PSA layer.
52 */
Gabor Mezei62bf0242022-02-07 18:12:07 +0100[diff] [blame]53psa_status_t mbedtls_psa_hkdf_extract( psa_algorithm_t alg,
54 const unsigned char *salt, size_t salt_len,
55 const unsigned char *ikm, size_t ikm_len,
56 unsigned char *prk, size_t prk_size,
57 size_t *prk_len );
Gabor Mezei9f4bb312022-01-31 16:33:47 +0100[diff] [blame]58
Gabor Mezeia3eecd22022-02-09 16:57:26 +0100[diff] [blame]59/**
60 * \brief Expand the supplied \p prk into several additional pseudorandom
61 * keys, which is the output of the HKDF.
62 *
63 * \param alg The HMAC algorithm to use (\c #PSA_ALG_HMAC( PSA_ALG_XXX )
64 * value such that PSA_ALG_XXX is a hash algorithm and
65 * #PSA_ALG_IS_HMAC(\p alg) is true).
66 * \param prk A pseudorandom key of \p prk_len bytes. \p prk is
67 * usually the output from the HKDF extract step.
68 * \param prk_len The length in bytes of \p prk.
69 * \param info An optional context and application specific information
70 * string. This can be a zero-length string.
71 * \param info_len The length of \p info in bytes.
72 * \param okm The output keying material of \p okm_len bytes.
73 * \param okm_len The length of the output keying material in bytes. This
74 * must be less than or equal to
75 * 255 * #PSA_HASH_LENGTH( \p alg ) bytes.
76 *
77 * \return 0 on success.
78 * \return #PSA_ERROR_INVALID_ARGUMENT when the parameters are invalid.
79 * \return An PSA_ERROR_* error for errors returned from the underlying
80 * PSA layer.
81 */
82psa_status_t mbedtls_psa_hkdf_expand( psa_algorithm_t alg,
83 const unsigned char *prk, size_t prk_len,
84 const unsigned char *info, size_t info_len,
85 unsigned char *okm, size_t okm_len );
86
87#endif /* MBEDTLS_PSA_CRYPTO_C */
88
89#endif /* MBEDTLS_TEST_HOOKS */
90
91#endif /* MBEDTLS_SSL_TLS13_INVASIVE_H */