Group psa_tls_helpers
- group psa_tls_helpers
Functions
-
psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)
Convert an ECC curve identifier from the Mbed TLS encoding to PSA.
- Parameters
grpid – An Mbed TLS elliptic curve identifier (
MBEDTLS_ECP_DP_xxx
).bits – [out] On success the bit size of the curve; 0 on failure.
- Returns
If the curve is supported in the PSA API, this function returns the proper PSA curve identifier (
PSA_ECC_FAMILY_xxx
). This holds even if the curve is not supported by the ECP module.- Returns
0
if the curve is not supported in the PSA API.
-
mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, size_t bits)
Convert an ECC curve identifier from the PSA encoding to Mbed TLS.
- Parameters
family – A PSA elliptic curve family identifier (
PSA_ECC_FAMILY_xxx
).bits – The bit-length of a private key on
curve
.
- Returns
If the curve is supported in the PSA API, this function returns the corresponding Mbed TLS elliptic curve identifier (
MBEDTLS_ECP_DP_xxx
).- Returns
MBEDTLS_ECP_DP_NONE if the combination of
curve
andbits
is not supported.
-
static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type)
This function returns the PSA algorithm identifier associated with the given digest type.
Warning
If
md_type
isMBEDTLS_MD_NONE
, this function will not returnPSA_ALG_NONE
, but an invalid algorithm.Warning
This function does not check if the algorithm is supported, it always returns the corresponding identifier.
- Parameters
md_type – The type of digest to search for. Must not be NONE.
- Returns
The PSA algorithm identifier associated with
md_type
, regardless of whether it is supported or not.
-
static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg)
This function returns the given digest type associated with the PSA algorithm identifier.
Warning
This function does not check if the algorithm is supported, it always returns the corresponding identifier.
- Parameters
psa_alg – The PSA algorithm identifier to search for.
- Returns
The MD type associated with
psa_alg
, regardless of whether it is supported or not.
-
int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_len, unsigned char *der, size_t der_size, size_t *der_len)
Convert an ECDSA signature from raw format to DER ASN.1 format.
- Parameters
bits – Size of each coordinate in bits.
raw – Buffer that contains the signature in raw format.
raw_len – Length of
raw
in bytes. This must be PSA_BITS_TO_BYTES(bits) bytes.der – [out] Buffer that will be filled with the converted DER output. It can overlap with raw buffer.
der_size – Size of
der
in bytes. It is enough ifder_size
is at least the size of the actual output. (The size of the output can vary depending on the presence of leading zeros in the data.) You can use MBEDTLS_ECDSA_MAX_SIG_LEN(bits
) to determine a size that is large enough for all signatures for a given value ofbits
.der_len – [out] On success it contains the amount of valid data (in bytes) written to
der
. It’s undefined in case of failure.
-
int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_len, unsigned char *raw, size_t raw_size, size_t *raw_len)
Convert an ECDSA signature from DER ASN.1 format to raw format.
- Parameters
bits – Size of each coordinate in bits.
der – Buffer that contains the signature in DER format.
der_len – Size of
der
in bytes.raw – [out] Buffer that will be filled with the converted raw signature. It can overlap with der buffer.
raw_size – Size of
raw
in bytes. Must be at least 2 * PSA_BITS_TO_BYTES(bits) bytes.raw_len – [out] On success it is updated with the amount of valid data (in bytes) written to
raw
. It’s undefined in case of failure.
-
psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits)