Key derivation#

Typedefs#

typedef uint16_t

Encoding of the step of a key derivation.

typedef uint16_t

Encoding of the step of a key derivation.

Macros#

#define
PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)

A secret input for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)

A low-entropy secret input for password hashing / key stretching.

#define
PSA_KEY_DERIVATION_INPUT_OTHER_SECRET ((psa_key_derivation_step_t) 0x0103)

A high-entropy additional secret input for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)

A label for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)

A salt for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)

An information string for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)

A seed for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)

A cost parameter for password hashing / key stretching.

#define
PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)

A secret input for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)

A low-entropy secret input for password hashing / key stretching.

#define
PSA_KEY_DERIVATION_INPUT_OTHER_SECRET ((psa_key_derivation_step_t) 0x0103)

A high-entropy additional secret input for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)

A label for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)

A salt for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)

An information string for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)

A seed for key derivation.

#define
PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)

A cost parameter for password hashing / key stretching.

Typedef Documentation#

psa_key_derivation_step_t#

typedef uint16_t psa_key_derivation_step_t

Encoding of the step of a key derivation.

Values of this type are generally constructed by macros called PSA_KEY_DERIVATION_INPUT_xxx.


Definition at line 467 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_types.h

psa_key_derivation_step_t#

typedef uint16_t psa_key_derivation_step_t

Encoding of the step of a key derivation.

Values of this type are generally constructed by macros called PSA_KEY_DERIVATION_INPUT_xxx.


Definition at line 473 of file util/third_party/mbedtls/include/psa/crypto_types.h

Macro Definition Documentation#

PSA_KEY_DERIVATION_INPUT_SECRET#

#define PSA_KEY_DERIVATION_INPUT_SECRET
Value:
((psa_key_derivation_step_t) 0x0101)

A secret input for key derivation.

This should be a key of type PSA_KEY_TYPE_DERIVE (passed to psa_key_derivation_input_key()) or the shared secret resulting from a key agreement (obtained via psa_key_derivation_key_agreement()).

The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().


Definition at line 2661 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_PASSWORD#

#define PSA_KEY_DERIVATION_INPUT_PASSWORD
Value:
((psa_key_derivation_step_t) 0x0102)

A low-entropy secret input for password hashing / key stretching.

This is usually a key of type PSA_KEY_TYPE_PASSWORD (passed to psa_key_derivation_input_key()) or a direct input (passed to psa_key_derivation_input_bytes()) that is a password or passphrase. It can also be high-entropy secret such as a key of type PSA_KEY_TYPE_DERIVE or the shared secret resulting from a key agreement.

The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().


Definition at line 2679 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_OTHER_SECRET#

#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET
Value:
    ((psa_key_derivation_step_t) 0x0103)

A high-entropy additional secret input for key derivation.

This is typically the shared secret resulting from a key agreement obtained via psa_key_derivation_key_agreement(). It may alternatively be a key of type PSA_KEY_TYPE_DERIVE passed to psa_key_derivation_input_key(), or a direct input passed to psa_key_derivation_input_bytes().


Definition at line 2688 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_LABEL#

#define PSA_KEY_DERIVATION_INPUT_LABEL
Value:
((psa_key_derivation_step_t) 0x0201)

A label for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.


Definition at line 2696 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_SALT#

#define PSA_KEY_DERIVATION_INPUT_SALT
Value:
((psa_key_derivation_step_t) 0x0202)

A salt for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA or PSA_KEY_TYPE_PEPPER.


Definition at line 2704 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_INFO#

#define PSA_KEY_DERIVATION_INPUT_INFO
Value:
((psa_key_derivation_step_t) 0x0203)

An information string for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.


Definition at line 2711 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_SEED#

#define PSA_KEY_DERIVATION_INPUT_SEED
Value:
((psa_key_derivation_step_t) 0x0204)

A seed for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.


Definition at line 2718 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_COST#

#define PSA_KEY_DERIVATION_INPUT_COST
Value:
((psa_key_derivation_step_t) 0x0205)

A cost parameter for password hashing / key stretching.

This must be a direct input, passed to psa_key_derivation_input_integer().


Definition at line 2724 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_SECRET#

#define PSA_KEY_DERIVATION_INPUT_SECRET
Value:
((psa_key_derivation_step_t) 0x0101)

A secret input for key derivation.

This should be a key of type PSA_KEY_TYPE_DERIVE (passed to psa_key_derivation_input_key()) or the shared secret resulting from a key agreement (obtained via psa_key_derivation_key_agreement()).

The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().


Definition at line 2679 of file util/third_party/mbedtls/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_PASSWORD#

#define PSA_KEY_DERIVATION_INPUT_PASSWORD
Value:
((psa_key_derivation_step_t) 0x0102)

A low-entropy secret input for password hashing / key stretching.

This is usually a key of type PSA_KEY_TYPE_PASSWORD (passed to psa_key_derivation_input_key()) or a direct input (passed to psa_key_derivation_input_bytes()) that is a password or passphrase. It can also be high-entropy secret such as a key of type PSA_KEY_TYPE_DERIVE or the shared secret resulting from a key agreement.

The secret can also be a direct input (passed to key_derivation_input_bytes()). In this case, the derivation operation may not be used to derive keys: the operation will only allow psa_key_derivation_output_bytes(), psa_key_derivation_verify_bytes(), or psa_key_derivation_verify_key(), but not psa_key_derivation_output_key().


Definition at line 2697 of file util/third_party/mbedtls/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_OTHER_SECRET#

#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET
Value:
    ((psa_key_derivation_step_t) 0x0103)

A high-entropy additional secret input for key derivation.

This is typically the shared secret resulting from a key agreement obtained via psa_key_derivation_key_agreement(). It may alternatively be a key of type PSA_KEY_TYPE_DERIVE passed to psa_key_derivation_input_key(), or a direct input passed to psa_key_derivation_input_bytes().


Definition at line 2706 of file util/third_party/mbedtls/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_LABEL#

#define PSA_KEY_DERIVATION_INPUT_LABEL
Value:
((psa_key_derivation_step_t) 0x0201)

A label for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.


Definition at line 2714 of file util/third_party/mbedtls/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_SALT#

#define PSA_KEY_DERIVATION_INPUT_SALT
Value:
((psa_key_derivation_step_t) 0x0202)

A salt for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA or PSA_KEY_TYPE_PEPPER.


Definition at line 2722 of file util/third_party/mbedtls/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_INFO#

#define PSA_KEY_DERIVATION_INPUT_INFO
Value:
((psa_key_derivation_step_t) 0x0203)

An information string for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.


Definition at line 2729 of file util/third_party/mbedtls/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_SEED#

#define PSA_KEY_DERIVATION_INPUT_SEED
Value:
((psa_key_derivation_step_t) 0x0204)

A seed for key derivation.

This should be a direct input. It can also be a key of type PSA_KEY_TYPE_RAW_DATA.


Definition at line 2736 of file util/third_party/mbedtls/include/psa/crypto_values.h

PSA_KEY_DERIVATION_INPUT_COST#

#define PSA_KEY_DERIVATION_INPUT_COST
Value:
((psa_key_derivation_step_t) 0x0205)

A cost parameter for password hashing / key stretching.

This must be a direct input, passed to psa_key_derivation_input_integer().


Definition at line 2742 of file util/third_party/mbedtls/include/psa/crypto_values.h