1a8e1175bSopenharmony_ci/**
2a8e1175bSopenharmony_ci * \file pkwrite.h
3a8e1175bSopenharmony_ci *
4a8e1175bSopenharmony_ci * \brief Internal defines shared by the PK write module
5a8e1175bSopenharmony_ci */
6a8e1175bSopenharmony_ci/*
7a8e1175bSopenharmony_ci *  Copyright The Mbed TLS Contributors
8a8e1175bSopenharmony_ci *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9a8e1175bSopenharmony_ci */
10a8e1175bSopenharmony_ci
11a8e1175bSopenharmony_ci#ifndef MBEDTLS_PK_WRITE_H
12a8e1175bSopenharmony_ci#define MBEDTLS_PK_WRITE_H
13a8e1175bSopenharmony_ci
14a8e1175bSopenharmony_ci#include "mbedtls/build_info.h"
15a8e1175bSopenharmony_ci
16a8e1175bSopenharmony_ci#include "mbedtls/pk.h"
17a8e1175bSopenharmony_ci
18a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO)
19a8e1175bSopenharmony_ci#include "psa/crypto.h"
20a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */
21a8e1175bSopenharmony_ci
22a8e1175bSopenharmony_ci/*
23a8e1175bSopenharmony_ci * Max sizes of key per types. Shown as tag + len (+ content).
24a8e1175bSopenharmony_ci */
25a8e1175bSopenharmony_ci
26a8e1175bSopenharmony_ci#if defined(MBEDTLS_RSA_C)
27a8e1175bSopenharmony_ci/*
28a8e1175bSopenharmony_ci * RSA public keys:
29a8e1175bSopenharmony_ci *  SubjectPublicKeyInfo  ::=  SEQUENCE  {          1 + 3
30a8e1175bSopenharmony_ci *       algorithm            AlgorithmIdentifier,  1 + 1 (sequence)
31a8e1175bSopenharmony_ci *                                                + 1 + 1 + 9 (rsa oid)
32a8e1175bSopenharmony_ci *                                                + 1 + 1 (params null)
33a8e1175bSopenharmony_ci *       subjectPublicKey     BIT STRING }          1 + 3 + (1 + below)
34a8e1175bSopenharmony_ci *  RSAPublicKey ::= SEQUENCE {                     1 + 3
35a8e1175bSopenharmony_ci *      modulus           INTEGER,  -- n            1 + 3 + MPI_MAX + 1
36a8e1175bSopenharmony_ci *      publicExponent    INTEGER   -- e            1 + 3 + MPI_MAX + 1
37a8e1175bSopenharmony_ci *  }
38a8e1175bSopenharmony_ci */
39a8e1175bSopenharmony_ci#define MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES    (38 + 2 * MBEDTLS_MPI_MAX_SIZE)
40a8e1175bSopenharmony_ci
41a8e1175bSopenharmony_ci/*
42a8e1175bSopenharmony_ci * RSA private keys:
43a8e1175bSopenharmony_ci *  RSAPrivateKey ::= SEQUENCE {                    1 + 3
44a8e1175bSopenharmony_ci *      version           Version,                  1 + 1 + 1
45a8e1175bSopenharmony_ci *      modulus           INTEGER,                  1 + 3 + MPI_MAX + 1
46a8e1175bSopenharmony_ci *      publicExponent    INTEGER,                  1 + 3 + MPI_MAX + 1
47a8e1175bSopenharmony_ci *      privateExponent   INTEGER,                  1 + 3 + MPI_MAX + 1
48a8e1175bSopenharmony_ci *      prime1            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
49a8e1175bSopenharmony_ci *      prime2            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
50a8e1175bSopenharmony_ci *      exponent1         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
51a8e1175bSopenharmony_ci *      exponent2         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
52a8e1175bSopenharmony_ci *      coefficient       INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
53a8e1175bSopenharmony_ci *      otherPrimeInfos   OtherPrimeInfos OPTIONAL  0 (not supported)
54a8e1175bSopenharmony_ci *  }
55a8e1175bSopenharmony_ci */
56a8e1175bSopenharmony_ci#define MBEDTLS_MPI_MAX_SIZE_2  (MBEDTLS_MPI_MAX_SIZE / 2 + \
57a8e1175bSopenharmony_ci                                 MBEDTLS_MPI_MAX_SIZE % 2)
58a8e1175bSopenharmony_ci#define MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES    (47 + 3 * MBEDTLS_MPI_MAX_SIZE \
59a8e1175bSopenharmony_ci                                             + 5 * MBEDTLS_MPI_MAX_SIZE_2)
60a8e1175bSopenharmony_ci
61a8e1175bSopenharmony_ci#else /* MBEDTLS_RSA_C */
62a8e1175bSopenharmony_ci
63a8e1175bSopenharmony_ci#define MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES   0
64a8e1175bSopenharmony_ci#define MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES   0
65a8e1175bSopenharmony_ci
66a8e1175bSopenharmony_ci#endif /* MBEDTLS_RSA_C */
67a8e1175bSopenharmony_ci
68a8e1175bSopenharmony_ci#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
69a8e1175bSopenharmony_ci
70a8e1175bSopenharmony_ci/* Find the maximum number of bytes necessary to store an EC point. When USE_PSA
71a8e1175bSopenharmony_ci * is defined this means looking for the maximum between PSA and built-in
72a8e1175bSopenharmony_ci * supported curves. */
73a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO)
74a8e1175bSopenharmony_ci#define MBEDTLS_PK_MAX_ECC_BYTES   (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \
75a8e1175bSopenharmony_ci                                    MBEDTLS_ECP_MAX_BYTES ? \
76a8e1175bSopenharmony_ci                                    PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) : \
77a8e1175bSopenharmony_ci                                    MBEDTLS_ECP_MAX_BYTES)
78a8e1175bSopenharmony_ci#else /* MBEDTLS_USE_PSA_CRYPTO */
79a8e1175bSopenharmony_ci#define MBEDTLS_PK_MAX_ECC_BYTES   MBEDTLS_ECP_MAX_BYTES
80a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */
81a8e1175bSopenharmony_ci
82a8e1175bSopenharmony_ci/*
83a8e1175bSopenharmony_ci * EC public keys:
84a8e1175bSopenharmony_ci *  SubjectPublicKeyInfo  ::=  SEQUENCE  {      1 + 2
85a8e1175bSopenharmony_ci *    algorithm         AlgorithmIdentifier,    1 + 1 (sequence)
86a8e1175bSopenharmony_ci *                                            + 1 + 1 + 7 (ec oid)
87a8e1175bSopenharmony_ci *                                            + 1 + 1 + 9 (namedCurve oid)
88a8e1175bSopenharmony_ci *    subjectPublicKey  BIT STRING              1 + 2 + 1               [1]
89a8e1175bSopenharmony_ci *                                            + 1 (point format)        [1]
90a8e1175bSopenharmony_ci *                                            + 2 * ECP_MAX (coords)    [1]
91a8e1175bSopenharmony_ci *  }
92a8e1175bSopenharmony_ci */
93a8e1175bSopenharmony_ci#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES    (30 + 2 * MBEDTLS_PK_MAX_ECC_BYTES)
94a8e1175bSopenharmony_ci
95a8e1175bSopenharmony_ci/*
96a8e1175bSopenharmony_ci * EC private keys:
97a8e1175bSopenharmony_ci * ECPrivateKey ::= SEQUENCE {                  1 + 2
98a8e1175bSopenharmony_ci *      version        INTEGER ,                1 + 1 + 1
99a8e1175bSopenharmony_ci *      privateKey     OCTET STRING,            1 + 1 + ECP_MAX
100a8e1175bSopenharmony_ci *      parameters [0] ECParameters OPTIONAL,   1 + 1 + (1 + 1 + 9)
101a8e1175bSopenharmony_ci *      publicKey  [1] BIT STRING OPTIONAL      1 + 2 + [1] above
102a8e1175bSopenharmony_ci *    }
103a8e1175bSopenharmony_ci */
104a8e1175bSopenharmony_ci#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES    (29 + 3 * MBEDTLS_PK_MAX_ECC_BYTES)
105a8e1175bSopenharmony_ci
106a8e1175bSopenharmony_ci#else /* MBEDTLS_PK_HAVE_ECC_KEYS */
107a8e1175bSopenharmony_ci
108a8e1175bSopenharmony_ci#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES   0
109a8e1175bSopenharmony_ci#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES   0
110a8e1175bSopenharmony_ci
111a8e1175bSopenharmony_ci#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
112a8e1175bSopenharmony_ci
113a8e1175bSopenharmony_ci/* Define the maximum available public key DER length based on the supported
114a8e1175bSopenharmony_ci * key types (EC and/or RSA). */
115a8e1175bSopenharmony_ci#if (MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES > MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES)
116a8e1175bSopenharmony_ci#define MBEDTLS_PK_WRITE_PUBKEY_MAX_SIZE    MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES
117a8e1175bSopenharmony_ci#else
118a8e1175bSopenharmony_ci#define MBEDTLS_PK_WRITE_PUBKEY_MAX_SIZE    MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES
119a8e1175bSopenharmony_ci#endif
120a8e1175bSopenharmony_ci
121a8e1175bSopenharmony_ci#endif /* MBEDTLS_PK_WRITE_H */
122