Data size definitions

General Description

Macros
#define	CY_P64_PSA_HASH_SIZE(alg)
	The size of the output of psa_hash_finish(), in bytes. More...
#define	CY_P64_PSA_HASH_MAX_SIZE   (32)
	The maximum size of a hash. More...
#define	CY_P64_PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)   (2 * CY_P64_PSA_BITS_TO_BYTES(key_bits) + 1)
	Maximum size of the export encoding of an ECC public key. More...
#define	CY_P64_PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits)   (CY_P64_PSA_BITS_TO_BYTES(key_bits))
	The maximum size of the export encoding of an ECC key pair. More...
#define	CY_P64_PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits)
	The sufficient output buffer size for psa_export_key() or psa_export_public_key(). More...

Macro Definition Documentation

CY_P64_PSA_HASH_SIZE

#define CY_P64_PSA_HASH_SIZE

(

alg

)

Value:

(                                                           \
        CY_P64_ALG_HMAC_GET_HASH(alg) == CY_P64_ALG_SHA_224 ? 28 :        \
        CY_P64_ALG_HMAC_GET_HASH(alg) == CY_P64_ALG_SHA_256 ? 32 :        \
        0)

The size of the output of psa_hash_finish(), in bytes.

This is also the hash size that cy_p64_psa_hash_verify() expects.

Parameters

alg	A hash algorithm (CY_P64_ALG_XXX value such that CY_P64_PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm (CY_P64_PSA_ALG_HMAC(hash_alg) where hash_alg is a hash algorithm).

Returns

The hash size for the specified hash algorithm. If the hash algorithm is not recognized, return 0. An implementation may return either 0 or the correct size for a hash algorithm that it recognizes, but does not support.

CY_P64_PSA_HASH_MAX_SIZE

#define CY_P64_PSA_HASH_MAX_SIZE   (32)

The maximum size of a hash.

This macro must expand to a compile-time constant integer. This value should be the maximum size of a hash supported by the implementation, in bytes, and must be no smaller than this maximum.

CY_P64_PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE

#define CY_P64_PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE

(

key_bits

)

(2 * CY_P64_PSA_BITS_TO_BYTES(key_bits) + 1)

Maximum size of the export encoding of an ECC public key.

The representation of an ECC public key is:

• The byte 0x04;
• x_P as a ceiling(m/8)-byte string, big-endian;
• y_P as a ceiling(m/8)-byte string, big-endian; where m is the bit size associated with the curve. 1 byte + 2 * point size.

CY_P64_PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE

#define CY_P64_PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE

(

key_bits

)

(CY_P64_PSA_BITS_TO_BYTES(key_bits))

The maximum size of the export encoding of an ECC key pair.

The ECC key pair is represented by the secret value.

CY_P64_PSA_KEY_EXPORT_MAX_SIZE

#define CY_P64_PSA_KEY_EXPORT_MAX_SIZE	(		key_type,
			key_bits
	)

Value:

(CY_P64_PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? CY_P64_PSA_BITS_TO_BYTES(key_bits) : \
     CY_P64_PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? CY_P64_PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \
     CY_P64_PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? CY_P64_PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
     0)

The sufficient output buffer size for psa_export_key() or psa_export_public_key().

This macro returns a compile-time constant if its arguments are compile-time constants.

Warning

This function may call its arguments multiple times or zero times, so you should not pass arguments that contain side effects.

The following code illustrates how to allocate enough memory to export a key by querying the key type and size at runtime.

psa_key_attributes_t attributes = CY_P64_PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status;
status = psa_get_key_attributes(key, &attributes);
if (status != CY_P64_PSA_SUCCESS) handle_error(...);
psa_key_type_t key_type = psa_get_key_type(&attributes);
size_t key_bits = psa_get_key_bits(&attributes);
size_t buffer_size = CY_P64_PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits);
psa_reset_key_attributes(&attributes);
uint8_t *buffer = malloc(buffer_size);
if (buffer == NULL) handle_error(...);
size_t buffer_length;
status = psa_export_key(key, buffer, buffer_size, &buffer_length);
if (status != CY_P64_PSA_SUCCESS) handle_error(...);

For psa_export_public_key(), calculate the buffer size from the public key type. You can use the macro CY_P64_PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR to convert a key pair type to the corresponding public key type.

psa_key_attributes_t attributes = CY_P64_PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status;
status = psa_get_key_attributes(key, &attributes);
if (status != CY_P64_PSA_SUCCESS) handle_error(...);
psa_key_type_t key_type = psa_get_key_type(&attributes);
psa_key_type_t public_key_type = CY_P64_PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type);
size_t key_bits = psa_get_key_bits(&attributes);
size_t buffer_size = CY_P64_PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits);
psa_reset_key_attributes(&attributes);
uint8_t *buffer = malloc(buffer_size);
if (buffer == NULL) handle_error(...);
size_t buffer_length;
status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
if (status != CY_P64_PSA_SUCCESS) handle_error(...);

Parameters

key_type	A supported key type.
key_bits	The size of the key in bits.

Returns

If the parameters are valid and supported, return a buffer size in bytes that guarantees that psa_sign_hash() will not fail with CY_P64_PSA_ERROR_BUFFER_TOO_SMALL. If the parameters are a valid combination that is not supported by the implementation, this macro shall return either a sensible size or 0. If the parameters are not valid, the return value is unspecified.