xref: /third_party/mbedtls/library/psa_crypto.c

665 /** Check whether a given key type is valid for use with a given MAC algorithm
668  * when called with the validated \p algorithm and \p key_type is well-defined.
670  * \param[in] algorithm     The specific MAC algorithm (can be wildcard).
672  *                          \p algorithm.
675  *         The \p key_type is valid for use with the \p algorithm
677  *         The \p key_type is not valid for use with the \p algorithm
680     psa_algorithm_t algorithm,
683     if (PSA_ALG_IS_HMAC(algorithm)) {
689     if (PSA_ALG_IS_BLOCK_CIPHER_MAC(algorithm)) {
808 /** Calculate the intersection of two algorithm usage policies.
822      * if one is a wildcard. If so the other has the specific algorithm. */
849         /* If only one is a wildcard, return specific algorithm if compatible. */
865         /* Validate the combination of key type and algorithm. Since the base
866          * algorithm of alg1 and alg2 are the same, we only need this once. */
927     /* If policy_alg is a wildcard AEAD algorithm of the same base as
928      * the requested algorithm, check the requested tag length to be
938     /* If policy_alg is a MAC algorithm of the same base as the requested
939      * algorithm, check whether their MAC lengths are compatible. */
944         /* Validate the combination of key type and algorithm. Since the policy
950         /* Get both the requested output length for the algorithm which is to be
951          * verified, and the default output length for the base algorithm.
961         /* If the policy is default-length, only allow an algorithm with
967         /* If the requested algorithm is default-length, allow it if the policy
974         /* If policy_alg is an at-least-this-length wildcard MAC algorithm,
994 /** Test whether a policy permits an algorithm.
999  *       being validated, since some algorithm policy definitions (e.g. MAC)
1003  * \retval PSA_SUCCESS                  When \p alg is a specific algorithm
1005  * \retval PSA_ERROR_INVALID_ARGUMENT   When \p alg is not a specific algorithm
1006  * \retval PSA_ERROR_NOT_PERMITTED      When \p alg is a specific algorithm, but
1013     /* '0' is not a valid algorithm */
1018     /* A requested algorithm cannot be a wildcard. */
1034  *       being restricted, since some algorithm policy definitions (e.g. MAC)
1076  * nonzero, the key must allow operations with this algorithm. If \p alg is
1077  * zero, the algorithm is not checked.
1119     /* Enforce that the usage policy permits the requested algorithm. */
2546     /* Validate the combination of key type and algorithm */
2552     /* Get the output length for the algorithm and key combination */
2566          * of the algorithm. */
2571         /* PSA_MAC_LENGTH returns the correct length even for a MAC algorithm
2577          * PSA_ERROR_BUFFER_TOO_SMALL for an unsupported algorithm whose MAC size
4665 /* Helper function to get the base algorithm from its variants. */
6079         /* Preserve the algorithm upon errors, but clear all sensitive state.
6577     /* Make sure that hash_alg is a supported hash algorithm. Otherwise
6638     /* Make sure that kdf_alg is a supported key derivation algorithm. */
7541     /* Step 1: run the secret agreement algorithm to generate the shared
8385     if (inputs->cipher_suite.algorithm == PSA_ALG_NONE) {
8405     if (PSA_ALG_IS_PAKE(cipher_suite->algorithm) == 0 ||
8413     operation->alg = cipher_suite->algorithm;

Indexes created Thu Nov 07 10:32:03 CST 2024