Key and algorithm types#
Typedefs#
Encoding of a key type.
The type of PSA elliptic curve family identifiers.
The type of PSA Diffie-Hellman group family identifiers.
Encoding of a cryptographic algorithm.
Encoding of a key type.
The type of PSA elliptic curve family identifiers.
The type of PSA Diffie-Hellman group family identifiers.
Encoding of a cryptographic algorithm.
Macros#
An invalid key type value.
Vendor-defined key type flag.
Whether a key type is vendor-defined.
Whether a key type is an unstructured array of bytes.
Whether a key type is asymmetric: either a key pair or a public key.
Whether a key type is the public part of a key pair.
Whether a key type is a key pair containing a private part and a public part.
The key pair type corresponding to a public key type.
The public key type corresponding to a key pair type.
Raw data.
HMAC key.
A secret for key derivation.
A low-entropy secret for password hashing or key derivation.
A secret value that can be used to verify a password hash.
A secret value that can be used in when computing a password hash.
Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
Key for a cipher, AEAD or MAC algorithm based on the ARIA block cipher.
Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
Key for a cipher, AEAD or MAC algorithm based on the Camellia block cipher.
Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
RSA public key.
RSA key pair (private and public key).
Whether a key type is an RSA key (pair or public-only).
Elliptic curve key pair.
Elliptic curve public key.
Whether a key type is an elliptic curve key (pair or public-only).
Whether a key type is an elliptic curve key pair.
Whether a key type is an elliptic curve public key.
Extract the curve from an elliptic curve key type.
Check if the curve of given family is Weierstrass elliptic curve.
SEC Koblitz curves over prime fields.
SEC random curves over prime fields.
SEC Koblitz curves over binary fields.
SEC random curves over binary fields.
SEC additional random curves over binary fields.
Brainpool P random curves.
Curve25519 and Curve448.
The twisted Edwards curves Ed25519 and Ed448.
Diffie-Hellman key pair.
Diffie-Hellman public key.
Whether a key type is a Diffie-Hellman key (pair or public-only).
Whether a key type is a Diffie-Hellman key pair.
Whether a key type is a Diffie-Hellman public key.
Extract the group from a Diffie-Hellman key type.
Diffie-Hellman groups defined in RFC 7919 Appendix A.
The block size of a block cipher.
Vendor-defined algorithm flag.
Whether an algorithm is vendor-defined.
Whether the specified algorithm is a hash algorithm.
Whether the specified algorithm is a MAC algorithm.
Whether the specified algorithm is a symmetric cipher algorithm.
Whether the specified algorithm is an authenticated encryption with associated data (AEAD) algorithm.
Whether the specified algorithm is an asymmetric signature algorithm, also known as public-key signature algorithm.
Whether the specified algorithm is an asymmetric encryption algorithm, also known as public-key encryption algorithm.
Whether the specified algorithm is a key agreement algorithm.
Whether the specified algorithm is a key derivation algorithm.
Whether the specified algorithm is a key stretching / password hashing algorithm.
An invalid algorithm identifier value.
MD5.
PSA_ALG_RIPEMD160.
SHA1.
SHA2-224.
SHA2-256.
SHA2-384.
SHA2-512.
SHA2-512/224.
SHA2-512/256.
SHA3-224.
SHA3-256.
SHA3-384.
SHA3-512.
The first 512 bits (64 bytes) of the SHAKE256 output.
In a hash-and-sign algorithm policy, allow any hash algorithm.
Macro to build an HMAC algorithm.
Whether the specified algorithm is an HMAC algorithm.
Macro to build a truncated MAC algorithm.
Macro to build the base MAC algorithm corresponding to a truncated MAC algorithm.
Length to which a MAC algorithm is truncated.
Macro to build a MAC minimum-MAC-length wildcard algorithm.
The CBC-MAC construction over a block cipher.
The CMAC construction over a block cipher.
Whether the specified algorithm is a MAC algorithm based on a block cipher.
Whether the specified algorithm is a stream cipher.
The stream cipher mode of a stream cipher algorithm.
The CTR stream cipher mode.
The CFB stream cipher mode.
The OFB stream cipher mode.
The XTS cipher mode.
The Electronic Code Book (ECB) mode of a block cipher, with no padding.
The CBC block cipher chaining mode, with no padding.
The CBC block cipher chaining mode with PKCS#7 padding.
Whether the specified algorithm is an AEAD mode on a block cipher.
The CCM authenticated encryption algorithm.
The CCM* cipher mode without authentication.
The GCM authenticated encryption algorithm.
The Chacha20-Poly1305 AEAD algorithm.
Macro to build a shortened AEAD algorithm.
Retrieve the tag length of a specified AEAD algorithm.
Calculate the corresponding AEAD algorithm with the default tag length.
Macro to build an AEAD minimum-tag-length wildcard algorithm.
RSA PKCS#1 v1.5 signature with hashing.
Raw PKCS#1 v1.5 signature.
RSA PSS signature with hashing.
RSA PSS signature with hashing with relaxed verification.
Whether the specified algorithm is RSA PSS with standard salt.
Whether the specified algorithm is RSA PSS with any salt.
Whether the specified algorithm is RSA PSS.
ECDSA signature with hashing.
ECDSA signature without hashing.
Deterministic ECDSA signature with hashing.
Edwards-curve digital signature algorithm without prehashing (PureEdDSA), using standard parameters.
Edwards-curve digital signature algorithm with prehashing (HashEdDSA), using SHA-512 and the Edwards25519 curve.
Edwards-curve digital signature algorithm with prehashing (HashEdDSA), using SHAKE256 and the Edwards448 curve.
Whether the specified algorithm is a signature algorithm that can be used with psa_sign_hash() and psa_verify_hash().
Whether the specified algorithm is a signature algorithm that can be used with psa_sign_message() and psa_verify_message().
Whether the specified algorithm is a hash-and-sign algorithm.
Get the hash used by a hash-and-sign signature algorithm.
RSA PKCS#1 v1.5 encryption.
RSA OAEP encryption.
Macro to build an HKDF algorithm.
Whether the specified algorithm is an HKDF algorithm.
Macro to build an HKDF-Extract algorithm.
Whether the specified algorithm is an HKDF-Extract algorithm.
Macro to build an HKDF-Expand algorithm.
Whether the specified algorithm is an HKDF-Expand algorithm.
Whether the specified algorithm is an HKDF or HKDF-Extract or HKDF-Expand algorithm.
Macro to build a TLS-1.2 PRF algorithm.
Whether the specified algorithm is a TLS-1.2 PRF algorithm.
Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm.
Whether the specified algorithm is a PBKDF2-HMAC algorithm.
The PBKDF2-AES-CMAC-PRF-128 password hashing / key stretching algorithm.
Macro to build a combined algorithm that chains a key agreement with a key derivation.
Whether the specified algorithm is a raw key agreement algorithm.
The finite-field Diffie-Hellman (DH) key agreement algorithm.
Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
Whether the specified algorithm is an elliptic curve Diffie-Hellman algorithm.
Whether the specified algorithm encoding is a wildcard.
Get the hash used by a composite algorithm.
An invalid key type value.
Vendor-defined key type flag.
Whether a key type is vendor-defined.
Whether a key type is an unstructured array of bytes.
Whether a key type is asymmetric: either a key pair or a public key.
Whether a key type is the public part of a key pair.
Whether a key type is a key pair containing a private part and a public part.
The key pair type corresponding to a public key type.
The public key type corresponding to a key pair type.
Raw data.
HMAC key.
A secret for key derivation.
A low-entropy secret for password hashing or key derivation.
A secret value that can be used to verify a password hash.
A secret value that can be used in when computing a password hash.
Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
Key for a cipher, AEAD or MAC algorithm based on the ARIA block cipher.
Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
Key for a cipher, AEAD or MAC algorithm based on the Camellia block cipher.
Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
RSA public key.
RSA key pair (private and public key).
Whether a key type is an RSA key (pair or public-only).
Elliptic curve key pair.
Elliptic curve public key.
Whether a key type is an elliptic curve key (pair or public-only).
Whether a key type is an elliptic curve key pair.
Whether a key type is an elliptic curve public key.
Extract the curve from an elliptic curve key type.
Check if the curve of given family is Weierstrass elliptic curve.
SEC Koblitz curves over prime fields.
SEC random curves over prime fields.
SEC Koblitz curves over binary fields.
SEC random curves over binary fields.
SEC additional random curves over binary fields.
Brainpool P random curves.
Curve25519 and Curve448.
The twisted Edwards curves Ed25519 and Ed448.
Diffie-Hellman key pair.
Diffie-Hellman public key.
Whether a key type is a Diffie-Hellman key (pair or public-only).
Whether a key type is a Diffie-Hellman key pair.
Whether a key type is a Diffie-Hellman public key.
Extract the group from a Diffie-Hellman key type.
Diffie-Hellman groups defined in RFC 7919 Appendix A.
The block size of a block cipher.
Vendor-defined algorithm flag.
Whether an algorithm is vendor-defined.
Whether the specified algorithm is a hash algorithm.
Whether the specified algorithm is a MAC algorithm.
Whether the specified algorithm is a symmetric cipher algorithm.
Whether the specified algorithm is an authenticated encryption with associated data (AEAD) algorithm.
Whether the specified algorithm is an asymmetric signature algorithm, also known as public-key signature algorithm.
Whether the specified algorithm is an asymmetric encryption algorithm, also known as public-key encryption algorithm.
Whether the specified algorithm is a key agreement algorithm.
Whether the specified algorithm is a key derivation algorithm.
Whether the specified algorithm is a key stretching / password hashing algorithm.
An invalid algorithm identifier value.
MD5.
PSA_ALG_RIPEMD160.
SHA1.
SHA2-224.
SHA2-256.
SHA2-384.
SHA2-512.
SHA2-512/224.
SHA2-512/256.
SHA3-224.
SHA3-256.
SHA3-384.
SHA3-512.
The first 512 bits (64 bytes) of the SHAKE256 output.
In a hash-and-sign algorithm policy, allow any hash algorithm.
Macro to build an HMAC algorithm.
Whether the specified algorithm is an HMAC algorithm.
Macro to build a truncated MAC algorithm.
Macro to build the base MAC algorithm corresponding to a truncated MAC algorithm.
Length to which a MAC algorithm is truncated.
Macro to build a MAC minimum-MAC-length wildcard algorithm.
The CBC-MAC construction over a block cipher.
The CMAC construction over a block cipher.
Whether the specified algorithm is a MAC algorithm based on a block cipher.
Whether the specified algorithm is a stream cipher.
The stream cipher mode of a stream cipher algorithm.
The CTR stream cipher mode.
The CFB stream cipher mode.
The OFB stream cipher mode.
The XTS cipher mode.
The Electronic Code Book (ECB) mode of a block cipher, with no padding.
The CBC block cipher chaining mode, with no padding.
The CBC block cipher chaining mode with PKCS#7 padding.
Whether the specified algorithm is an AEAD mode on a block cipher.
The CCM authenticated encryption algorithm.
The CCM* cipher mode without authentication.
The GCM authenticated encryption algorithm.
The Chacha20-Poly1305 AEAD algorithm.
Macro to build a shortened AEAD algorithm.
Retrieve the tag length of a specified AEAD algorithm.
Calculate the corresponding AEAD algorithm with the default tag length.
Macro to build an AEAD minimum-tag-length wildcard algorithm.
RSA PKCS#1 v1.5 signature with hashing.
Raw PKCS#1 v1.5 signature.
RSA PSS signature with hashing.
RSA PSS signature with hashing with relaxed verification.
Whether the specified algorithm is RSA PSS with standard salt.
Whether the specified algorithm is RSA PSS with any salt.
Whether the specified algorithm is RSA PSS.
ECDSA signature with hashing.
ECDSA signature without hashing.
Deterministic ECDSA signature with hashing.
Edwards-curve digital signature algorithm without prehashing (PureEdDSA), using standard parameters.
Edwards-curve digital signature algorithm with prehashing (HashEdDSA), using SHA-512 and the Edwards25519 curve.
Edwards-curve digital signature algorithm with prehashing (HashEdDSA), using SHAKE256 and the Edwards448 curve.
Whether the specified algorithm is a signature algorithm that can be used with psa_sign_hash() and psa_verify_hash().
Whether the specified algorithm is a signature algorithm that can be used with psa_sign_message() and psa_verify_message().
Whether the specified algorithm is a hash-and-sign algorithm.
Get the hash used by a hash-and-sign signature algorithm.
RSA PKCS#1 v1.5 encryption.
RSA OAEP encryption.
Macro to build an HKDF algorithm.
Whether the specified algorithm is an HKDF algorithm.
Macro to build an HKDF-Extract algorithm.
Whether the specified algorithm is an HKDF-Extract algorithm.
Macro to build an HKDF-Expand algorithm.
Whether the specified algorithm is an HKDF-Expand algorithm.
Whether the specified algorithm is an HKDF or HKDF-Extract or HKDF-Expand algorithm.
Macro to build a TLS-1.2 PRF algorithm.
Whether the specified algorithm is a TLS-1.2 PRF algorithm.
Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm.
Whether the specified algorithm is a PBKDF2-HMAC algorithm.
The PBKDF2-AES-CMAC-PRF-128 password hashing / key stretching algorithm.
Macro to build a combined algorithm that chains a key agreement with a key derivation.
Whether the specified algorithm is a raw key agreement algorithm.
The finite-field Diffie-Hellman (DH) key agreement algorithm.
Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
Whether the specified algorithm is an elliptic curve Diffie-Hellman algorithm.
Whether the specified algorithm encoding is a wildcard.
Get the hash used by a composite algorithm.
DSA public key.
DSA key pair (private and public key).
Whether a key type is an DSA key (pair or public-only).
DSA signature with hashing.
Deterministic DSA signature with hashing.
Whether the specified algorithm is a password-authenticated key exchange.
The Password-authenticated key exchange by juggling (J-PAKE) algorithm.
DSA public key.
DSA key pair (private and public key).
Whether a key type is a DSA key (pair or public-only).
DSA signature with hashing.
Deterministic DSA signature with hashing.
Whether the specified algorithm is a password-authenticated key exchange.
The Password-authenticated key exchange by juggling (J-PAKE) algorithm.
Typedef Documentation#
psa_key_type_t#
typedef uint16_t psa_key_type_t
Encoding of a key type.
Values of this type are generally constructed by macros called PSA_KEY_TYPE_xxx.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.
psa_ecc_family_t#
typedef uint8_t psa_ecc_family_t
The type of PSA elliptic curve family identifiers.
Values of this type are generally constructed by macros called PSA_ECC_FAMILY_xxx.
The curve identifier is required to create an ECC key using the PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() macros.
Values defined by this standard will never be in the range 0x80-0xff. Vendors who define additional families must use an encoding in this range.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.
psa_dh_family_t#
typedef uint8_t psa_dh_family_t
The type of PSA Diffie-Hellman group family identifiers.
Values of this type are generally constructed by macros called PSA_DH_FAMILY_xxx.
The group identifier is required to create a Diffie-Hellman key using the PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() macros.
Values defined by this standard will never be in the range 0x80-0xff. Vendors who define additional families must use an encoding in this range.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.
psa_algorithm_t#
typedef uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Values of this type are generally constructed by macros called PSA_ALG_xxx.
For algorithms that can be applied to multiple key types, this type does not encode the key type. For example, for symmetric ciphers based on a block cipher, psa_algorithm_t encodes the block cipher mode and the padding mode while the block cipher itself is encoded via psa_key_type_t.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.
psa_key_type_t#
typedef uint16_t psa_key_type_t
Encoding of a key type.
Values of this type are generally constructed by macros called PSA_KEY_TYPE_xxx.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.
psa_ecc_family_t#
typedef uint8_t psa_ecc_family_t
The type of PSA elliptic curve family identifiers.
Values of this type are generally constructed by macros called PSA_ECC_FAMILY_xxx.
The curve identifier is required to create an ECC key using the PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() macros.
Values defined by this standard will never be in the range 0x80-0xff. Vendors who define additional families must use an encoding in this range.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.
psa_dh_family_t#
typedef uint8_t psa_dh_family_t
The type of PSA Diffie-Hellman group family identifiers.
Values of this type are generally constructed by macros called PSA_DH_FAMILY_xxx.
The group identifier is required to create a Diffie-Hellman key using the PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() macros.
Values defined by this standard will never be in the range 0x80-0xff. Vendors who define additional families must use an encoding in this range.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.
psa_algorithm_t#
typedef uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Values of this type are generally constructed by macros called PSA_ALG_xxx.
For algorithms that can be applied to multiple key types, this type does not encode the key type. For example, for symmetric ciphers based on a block cipher, psa_algorithm_t encodes the block cipher mode and the padding mode while the block cipher itself is encoded via psa_key_type_t.
Note
Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.