mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-30 22:43:08 +03:00
Define algorithms for EdDSA
Define algorithms for PureEdDSA and for HashEdDSA, the EdDSA variants defined by RFC 8032. The encoding for HashEdDSA needs to encode the hash algorithm so that the hash can be calculated by passing PSA_ALG_SIGN_GET_HASH(sig_alg) to psa_hash_compute() or psa_hash_setup(). As a consequence, Ed25519ph (using SHA-512) and Ed448ph (using SHAKE256) need to have different algorithm encodings (the key is enough to tell them apart, but it is not known while hashing). Another consequence is that the API needs to recognize the Ed448 prehash (64 bytes of SHAKE256 output) as a hash algorithm. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
@ -170,6 +170,18 @@ Asymmetric signature: SHA-256 + deterministic ECDSA using SHA-256
|
||||
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256
|
||||
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
|
||||
|
||||
Asymmetric signature: pure EdDSA
|
||||
#depends_on:PSA_WANT_ALG_EDDSA
|
||||
asymmetric_signature_algorithm:PSA_ALG_PURE_EDDSA:0
|
||||
|
||||
Asymmetric signature: Ed25519ph
|
||||
#depends_on:PSA_WANT_ALG_EDDSA
|
||||
asymmetric_signature_algorithm:PSA_ALG_ED25519PH:ALG_IS_HASH_EDDSA | ALG_IS_HASH_AND_SIGN
|
||||
|
||||
Asymmetric signature: Ed448ph
|
||||
#depends_on:PSA_WANT_ALG_EDDSA
|
||||
asymmetric_signature_algorithm:PSA_ALG_ED448PH:ALG_IS_HASH_EDDSA | ALG_IS_HASH_AND_SIGN
|
||||
|
||||
Asymmetric signature: RSA PKCS#1 v1.5 with wildcard hash
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
|
||||
asymmetric_signature_wildcard:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PKCS1V15_SIGN
|
||||
|
@ -30,16 +30,17 @@
|
||||
#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 )
|
||||
#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 )
|
||||
#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 )
|
||||
#define ALG_IS_HASH_AND_SIGN ( 1u << 14 )
|
||||
#define ALG_IS_RSA_OAEP ( 1u << 15 )
|
||||
#define ALG_IS_HKDF ( 1u << 16 )
|
||||
#define ALG_IS_FFDH ( 1u << 17 )
|
||||
#define ALG_IS_ECDH ( 1u << 18 )
|
||||
#define ALG_IS_WILDCARD ( 1u << 19 )
|
||||
#define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 20 )
|
||||
#define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 21 )
|
||||
#define ALG_IS_TLS12_PRF ( 1u << 22 )
|
||||
#define ALG_IS_TLS12_PSK_TO_MS ( 1u << 23 )
|
||||
#define ALG_IS_HASH_EDDSA ( 1u << 14 )
|
||||
#define ALG_IS_HASH_AND_SIGN ( 1u << 15 )
|
||||
#define ALG_IS_RSA_OAEP ( 1u << 16 )
|
||||
#define ALG_IS_HKDF ( 1u << 17 )
|
||||
#define ALG_IS_FFDH ( 1u << 18 )
|
||||
#define ALG_IS_ECDH ( 1u << 19 )
|
||||
#define ALG_IS_WILDCARD ( 1u << 20 )
|
||||
#define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 21 )
|
||||
#define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 22 )
|
||||
#define ALG_IS_TLS12_PRF ( 1u << 23 )
|
||||
#define ALG_IS_TLS12_PSK_TO_MS ( 1u << 24 )
|
||||
|
||||
/* Flags for key type classification macros. There is a flag for every
|
||||
* key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
|
||||
@ -97,6 +98,7 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags )
|
||||
TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_EDDSA, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
|
||||
|
Reference in New Issue
Block a user