xref: /third_party/mbedtls/library/psa_crypto.c

198 #define LOCAL_INPUT_ALLOC(input, length, input_copy) \
199     status = psa_crypto_local_input_alloc(input, length, \
240 #define LOCAL_OUTPUT_ALLOC(output, length, output_copy) \
241     status = psa_crypto_local_output_alloc(output, length, \
271 #define LOCAL_INPUT_ALLOC(input, length, input_copy) \
277 #define LOCAL_OUTPUT_ALLOC(output, length, output_copy) \
695              * the block length (larger than 1) for block ciphers. */
744     /* zero-length keys are never supported. */
834      * one of them is a minimum-tag-length wildcard. Calculate the most
835      * restrictive tag length. */
860      * of them is a minimum-MAC-length policy. Calculate the most
861      * restrictive tag length. */
873          * have an output length dependent on the actual key size, so setting it
876          * Note that for at-least-this-length wildcard algorithms, the output
877          * length is set to the shortest allowed length, which allows us to
878          * calculate the most restrictive tag length for the intersection. */
889         /* If only one is an at-least-this-length policy, the intersection would
890          * be the other (fixed-length) policy as long as said fixed length is
891          * equal to or larger than the shortest allowed length. */
900          * length. This is still possible here when one is default-length and
901          * the other specific-length. Ensure to always return the
902          * specific-length version for the intersection. */
928      * the requested algorithm, check the requested tag length to be
929      * equal-length or longer than the wildcard-specified length. */
950         /* Get both the requested output length for the algorithm which is to be
951          * verified, and the default output length for the base algorithm.
953          * length dependent on actual key size, so setting it to a bogus value
961         /* If the policy is default-length, only allow an algorithm with
962          * a declared exact-length matching the default. */
967         /* If the requested algorithm is default-length, allow it if the policy
968          * length exactly matches the default length. */
974         /* If policy_alg is an at-least-this-length wildcard MAC algorithm,
975          * check for the requested MAC length to be equal to or longer than the
976          * minimum allowed length. */
1485     /* Reject a zero-length output buffer now, since this can never be a
1601     /* Reject a zero-length output buffer now, since this can never be a
2053     /* Reject zero-length symmetric keys (including raw data key objects).
2335      * zero-length input, which may have an invalid pointer. */
2552     /* Get the output length for the algorithm and key combination */
2565         /* It's impossible to "truncate" to a larger length than the full length
2571         /* PSA_MAC_LENGTH returns the correct length even for a MAC algorithm
2669      * zero-length input, which may have an invalid pointer. */
2730      * In case of error, set the output length and content to a safe default,
2827      * In case of error, set the output length and content to a safe default,
2957     /* Immediately reject a zero-length signature buffer. This guarantees
3560     /* Immediately reject a zero-length signature buffer. This guarantees that
3851     /* We only need to store the same length of hash as the private key size
4093     /* We only need to store the same length of hash as the private key size
4671 /* Helper function to perform common nonce length checks. */
4682              * recommend the usage of nonces of greater length than
4882             /* We only support the default tag length. */
5051      * CCM encodes the plaintext length pLen in L octets, with L the smallest
5052      * integer >= 2 where pLen < 2^(8L). The nonce length is then 15 - L bytes.
5056      * plaintext length may or may not be known at this time. */
5151             /* No length restrictions for ChaChaPoly. */
5254         /* Additional data length was supplied, but not all the additional
5796     uint8_t offset, length;
5821             length = (uint8_t) output_length;
5823             length = tls12_prf->left_in_block;
5827         memcpy(output, tls12_prf->output_block + offset, length);
5828         output += length;
5829         output_length -= length;
5830         tls12_prf->left_in_block -= length;
6120  * 1. Draw a byte string of length ceiling(m/8) bytes.
6192         /* 1. Draw a byte string of length ceiling(m/8) bytes. */
6235 /* ECC keys on a Montgomery elliptic curve draws a byte string whose length
6435     /* Reject any attempt to create a zero-length key so that we don't
6971      * follows: concatenate a uint16 with the length of the other secret,
6972      * the other secret itself, uint16 with the length of PSK, and the
7927     /* Reject any attempt to create a zero-length key so that we don't
9086         /* Since we dealt with the zero-length case above, we know that
9092     local_input->length = input_len;
9095                                    local_input->buffer, local_input->length);
9105     local_input->length = 0;
9113     local_input->length = 0;
9126         /* Since we dealt with the zero-length case above, we know that
9130     local_output->length = output_len;
9141         local_output->length = 0;
9149     status = psa_crypto_copy_output(local_output->buffer, local_output->length,
9150                                     local_output->original, local_output->length);
9157     local_output->length = 0;

Indexes created Thu Nov 07 10:32:03 CST 2024