Hi Christian,
We don't provide such a function. Even in the TLS module, the
conversion is done indirectly, from TLS::SignatureScheme to
Mbed_TLS::mbedtls_{md,pk}_type_t and from those to psa_algorithm_t.
The signature scheme mostly breaks down into a signature algorithm
octet and a hash algorithm octet. You can get away with breaking it
down as
switch (sigalg & 0xff) { case 0x01: alg = PSA_ALG_RSA_PKCS1_V15_SIGN_BASE; /* etc */ }
switch (sigalg & 0xff00) { case 0x0200: hash_alg = PSA_ALG_SHA1; /* etc */ }
alg |= hash_alg & PSA_ALG_HASH_MASK;
Although do note that the _BASE and _MASK constants are not part of
the public API (but they're very unlikely to be removed from 3.6
LTS). Considering that such bit-twiddling comes up quite often, I
wonder if we should be less wary of making them official.
Best regards,
--
Gilles Peskine
Mbed TLS developer and PSA Crypto API architect
On 11/05/2024 01:00, Christian Huitema
via mbed-tls wrote:
The
specification of the "psa_verify_message" function is simple
enough: pass a key ID, an algorithm ID, the data that were signed,
the signature received from the peer, and receive a status. There
is just one tiny problem: in the application, the algorithm ID is
specified as a 16 bit TLS SignatureScheme
(https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme),
which is not quite the same as "psa_algorithm_t". Is there a
simple way to covert from TLS SignatureScheme to PSA ALgorithm
identifier? Maybe a two columns table?
-- Christian Huitema