xref: /aosp_15_r20/external/mbedtls/library/pkwrite.h (revision 62c56f9862f102b96d72393aff6076c951fb8148) 
1*62c56f98SSadaf Ebrahimi /**
2*62c56f98SSadaf Ebrahimi  * \file pkwrite.h
3*62c56f98SSadaf Ebrahimi  *
4*62c56f98SSadaf Ebrahimi  * \brief Internal defines shared by the PK write module
5*62c56f98SSadaf Ebrahimi  */
6*62c56f98SSadaf Ebrahimi /*
7*62c56f98SSadaf Ebrahimi  *  Copyright The Mbed TLS Contributors
8*62c56f98SSadaf Ebrahimi  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9*62c56f98SSadaf Ebrahimi  */
10*62c56f98SSadaf Ebrahimi 
11*62c56f98SSadaf Ebrahimi #ifndef MBEDTLS_PK_WRITE_H
12*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_WRITE_H
13*62c56f98SSadaf Ebrahimi 
14*62c56f98SSadaf Ebrahimi #include "mbedtls/build_info.h"
15*62c56f98SSadaf Ebrahimi 
16*62c56f98SSadaf Ebrahimi #include "mbedtls/pk.h"
17*62c56f98SSadaf Ebrahimi 
18*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO)
19*62c56f98SSadaf Ebrahimi #include "psa/crypto.h"
20*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_USE_PSA_CRYPTO */
21*62c56f98SSadaf Ebrahimi 
22*62c56f98SSadaf Ebrahimi /*
23*62c56f98SSadaf Ebrahimi  * Max sizes of key per types. Shown as tag + len (+ content).
24*62c56f98SSadaf Ebrahimi  */
25*62c56f98SSadaf Ebrahimi 
26*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_RSA_C)
27*62c56f98SSadaf Ebrahimi /*
28*62c56f98SSadaf Ebrahimi  * RSA public keys:
29*62c56f98SSadaf Ebrahimi  *  SubjectPublicKeyInfo  ::=  SEQUENCE  {          1 + 3
30*62c56f98SSadaf Ebrahimi  *       algorithm            AlgorithmIdentifier,  1 + 1 (sequence)
31*62c56f98SSadaf Ebrahimi  *                                                + 1 + 1 + 9 (rsa oid)
32*62c56f98SSadaf Ebrahimi  *                                                + 1 + 1 (params null)
33*62c56f98SSadaf Ebrahimi  *       subjectPublicKey     BIT STRING }          1 + 3 + (1 + below)
34*62c56f98SSadaf Ebrahimi  *  RSAPublicKey ::= SEQUENCE {                     1 + 3
35*62c56f98SSadaf Ebrahimi  *      modulus           INTEGER,  -- n            1 + 3 + MPI_MAX + 1
36*62c56f98SSadaf Ebrahimi  *      publicExponent    INTEGER   -- e            1 + 3 + MPI_MAX + 1
37*62c56f98SSadaf Ebrahimi  *  }
38*62c56f98SSadaf Ebrahimi  */
39*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES    (38 + 2 * MBEDTLS_MPI_MAX_SIZE)
40*62c56f98SSadaf Ebrahimi 
41*62c56f98SSadaf Ebrahimi /*
42*62c56f98SSadaf Ebrahimi  * RSA private keys:
43*62c56f98SSadaf Ebrahimi  *  RSAPrivateKey ::= SEQUENCE {                    1 + 3
44*62c56f98SSadaf Ebrahimi  *      version           Version,                  1 + 1 + 1
45*62c56f98SSadaf Ebrahimi  *      modulus           INTEGER,                  1 + 3 + MPI_MAX + 1
46*62c56f98SSadaf Ebrahimi  *      publicExponent    INTEGER,                  1 + 3 + MPI_MAX + 1
47*62c56f98SSadaf Ebrahimi  *      privateExponent   INTEGER,                  1 + 3 + MPI_MAX + 1
48*62c56f98SSadaf Ebrahimi  *      prime1            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
49*62c56f98SSadaf Ebrahimi  *      prime2            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
50*62c56f98SSadaf Ebrahimi  *      exponent1         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
51*62c56f98SSadaf Ebrahimi  *      exponent2         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
52*62c56f98SSadaf Ebrahimi  *      coefficient       INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
53*62c56f98SSadaf Ebrahimi  *      otherPrimeInfos   OtherPrimeInfos OPTIONAL  0 (not supported)
54*62c56f98SSadaf Ebrahimi  *  }
55*62c56f98SSadaf Ebrahimi  */
56*62c56f98SSadaf Ebrahimi #define MBEDTLS_MPI_MAX_SIZE_2  (MBEDTLS_MPI_MAX_SIZE / 2 + \
57*62c56f98SSadaf Ebrahimi                                  MBEDTLS_MPI_MAX_SIZE % 2)
58*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES    (47 + 3 * MBEDTLS_MPI_MAX_SIZE \
59*62c56f98SSadaf Ebrahimi                                              + 5 * MBEDTLS_MPI_MAX_SIZE_2)
60*62c56f98SSadaf Ebrahimi 
61*62c56f98SSadaf Ebrahimi #else /* MBEDTLS_RSA_C */
62*62c56f98SSadaf Ebrahimi 
63*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES   0
64*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES   0
65*62c56f98SSadaf Ebrahimi 
66*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_RSA_C */
67*62c56f98SSadaf Ebrahimi 
68*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
69*62c56f98SSadaf Ebrahimi 
70*62c56f98SSadaf Ebrahimi /* Find the maximum number of bytes necessary to store an EC point. When USE_PSA
71*62c56f98SSadaf Ebrahimi  * is defined this means looking for the maximum between PSA and built-in
72*62c56f98SSadaf Ebrahimi  * supported curves. */
73*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO)
74*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_MAX_ECC_BYTES   (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \
75*62c56f98SSadaf Ebrahimi                                     MBEDTLS_ECP_MAX_BYTES ? \
76*62c56f98SSadaf Ebrahimi                                     PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) : \
77*62c56f98SSadaf Ebrahimi                                     MBEDTLS_ECP_MAX_BYTES)
78*62c56f98SSadaf Ebrahimi #else /* MBEDTLS_USE_PSA_CRYPTO */
79*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_MAX_ECC_BYTES   MBEDTLS_ECP_MAX_BYTES
80*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_USE_PSA_CRYPTO */
81*62c56f98SSadaf Ebrahimi 
82*62c56f98SSadaf Ebrahimi /*
83*62c56f98SSadaf Ebrahimi  * EC public keys:
84*62c56f98SSadaf Ebrahimi  *  SubjectPublicKeyInfo  ::=  SEQUENCE  {      1 + 2
85*62c56f98SSadaf Ebrahimi  *    algorithm         AlgorithmIdentifier,    1 + 1 (sequence)
86*62c56f98SSadaf Ebrahimi  *                                            + 1 + 1 + 7 (ec oid)
87*62c56f98SSadaf Ebrahimi  *                                            + 1 + 1 + 9 (namedCurve oid)
88*62c56f98SSadaf Ebrahimi  *    subjectPublicKey  BIT STRING              1 + 2 + 1               [1]
89*62c56f98SSadaf Ebrahimi  *                                            + 1 (point format)        [1]
90*62c56f98SSadaf Ebrahimi  *                                            + 2 * ECP_MAX (coords)    [1]
91*62c56f98SSadaf Ebrahimi  *  }
92*62c56f98SSadaf Ebrahimi  */
93*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES    (30 + 2 * MBEDTLS_PK_MAX_ECC_BYTES)
94*62c56f98SSadaf Ebrahimi 
95*62c56f98SSadaf Ebrahimi /*
96*62c56f98SSadaf Ebrahimi  * EC private keys:
97*62c56f98SSadaf Ebrahimi  * ECPrivateKey ::= SEQUENCE {                  1 + 2
98*62c56f98SSadaf Ebrahimi  *      version        INTEGER ,                1 + 1 + 1
99*62c56f98SSadaf Ebrahimi  *      privateKey     OCTET STRING,            1 + 1 + ECP_MAX
100*62c56f98SSadaf Ebrahimi  *      parameters [0] ECParameters OPTIONAL,   1 + 1 + (1 + 1 + 9)
101*62c56f98SSadaf Ebrahimi  *      publicKey  [1] BIT STRING OPTIONAL      1 + 2 + [1] above
102*62c56f98SSadaf Ebrahimi  *    }
103*62c56f98SSadaf Ebrahimi  */
104*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES    (29 + 3 * MBEDTLS_PK_MAX_ECC_BYTES)
105*62c56f98SSadaf Ebrahimi 
106*62c56f98SSadaf Ebrahimi #else /* MBEDTLS_PK_HAVE_ECC_KEYS */
107*62c56f98SSadaf Ebrahimi 
108*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES   0
109*62c56f98SSadaf Ebrahimi #define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES   0
110*62c56f98SSadaf Ebrahimi 
111*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
112*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PK_WRITE_H */
113