1 /* Copyright (c) 2024 Nordic Semiconductor 2 * SPDX-License-Identifier: Apache-2.0 3 */ 4 #ifndef SECURE_STORAGE_ITS_TRANSFORM_AEAD_GET_H 5 #define SECURE_STORAGE_ITS_TRANSFORM_AEAD_GET_H 6 7 /** @file zephyr/secure_storage/its/transform/aead_get.h The AEAD ITS transform module API. 8 * 9 * The functions declared in this header allow customization 10 * of the AEAD implementation of the ITS transform module. 11 * They are not meant to be called directly other than by the AEAD ITS transform module. 12 * This header file may and must be included when providing a custom implementation of one 13 * or more of these functions (@kconfig{CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_*_CUSTOM}). 14 */ 15 #include <zephyr/secure_storage/its/common.h> 16 #include <psa/crypto_types.h> 17 18 /** @brief Returns the key type and algorithm to use for the AEAD operations. 19 * 20 * @param[out] key_type The key type to use. 21 * @param[out] alg The algorithm to use. 22 */ 23 void secure_storage_its_transform_aead_get_scheme(psa_key_type_t *key_type, psa_algorithm_t *alg); 24 25 /** @brief Returns the encryption key to use for an ITS entry's AEAD operations. 26 * 27 * @param[in] uid The UID of the ITS entry for which the key is used. 28 * @param[out] key The encryption key. 29 * 30 * @return `PSA_SUCCESS` on success, anything else on failure. 31 */ 32 psa_status_t secure_storage_its_transform_aead_get_key( 33 secure_storage_its_uid_t uid, 34 uint8_t key[static CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_SIZE]); 35 36 /** @brief Generates a nonce for an AEAD operation. 37 * 38 * @param[out] nonce The generated nonce. 39 * 40 * @return `PSA_SUCCESS` on success, anything else on failure. 41 */ 42 psa_status_t secure_storage_its_transform_aead_get_nonce( 43 uint8_t nonce[static CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_NONCE_SIZE]); 44 45 #endif 46