diff options
Diffstat (limited to 'components/service/secure_storage/client/psa')
5 files changed, 396 insertions, 0 deletions
diff --git a/components/service/secure_storage/client/psa/component.cmake b/components/service/secure_storage/client/psa/component.cmake new file mode 100644 index 000000000..ae2518b0a --- /dev/null +++ b/components/service/secure_storage/client/psa/component.cmake @@ -0,0 +1,19 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- +if (NOT DEFINED TGT) + message(FATAL_ERROR "mandatory parameter TGT is not defined.") +endif() + +target_sources(${TGT} PRIVATE + "${CMAKE_CURRENT_LIST_DIR}/its/its_client.c" + ) + + +target_include_directories(${TGT} + PRIVATE + "${CMAKE_CURRENT_LIST_DIR}/.." + ) diff --git a/components/service/secure_storage/client/psa/internal_trusted_storage.h b/components/service/secure_storage/client/psa/internal_trusted_storage.h new file mode 100644 index 000000000..da6905464 --- /dev/null +++ b/components/service/secure_storage/client/psa/internal_trusted_storage.h @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef PSA_INTERNAL_TRUSTED_STORAGE_H +#define PSA_INTERNAL_TRUSTED_STORAGE_H + +#include <psa/error.h> +#include <psa/storage_common.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * The major version number of the PSA ITS API. It will be incremented on + * significant updates that may include breaking changes. + */ +#define PSA_ITS_API_VERSION_MAJOR 1 + +/** + * The minor version number of the PSA ITS API. It will be incremented in + * small updates that are unlikely to include breaking changes. + */ +#define PSA_ITS_API_VERSION_MINOR 0 + +/** + * @brief Create a new, or modify an existing, uid /value pair. + * + * @param[in] uid The identifier for the data + * @param[in] data_length The size in bytes of the data in p_data + * @param[in] p_data A buffer containing the data + * @param[in] create_flags The flags that the data will be stored with + * + * @return A status indicating the success/failure of the operation + */ +psa_status_t psa_its_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * @brief Retrieve data associated with a provided UID. + * + * @param[in] uid The identifier for the data + * @param[in] data_offset The starting offset of the data requested + * @param[in] data_size The amount of data requested + * @param p_data On success, the buffer where the data will be + * placed + * @param p_data_length On success, this will contain size of the data + * placed in p_data + * + * @return A status indicating the success/failure of the operation + */ +psa_status_t psa_its_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length); + +/** + * @brief Retrieve the metadata about the provided uid. + * + * @param[in] uid The identifier for the data + * @param p_info A pointer to the psa_storage_info_t struct that will + * be populated with the metadata + * + * @return A status indicating the success/failure of the operation + */ +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * @brief Remove the provided key and its associated data from the storage + * + * @param[in] uid The identifier for the data + * + * @return A status indicating the success/failure of the operation + */ +psa_status_t psa_its_remove(psa_storage_uid_t uid); + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_INTERNAL_TRUSTED_STORAGE_H */ diff --git a/components/service/secure_storage/client/psa/its/its_client.c b/components/service/secure_storage/client/psa/its/its_client.c new file mode 100644 index 000000000..54f3efbbe --- /dev/null +++ b/components/service/secure_storage/client/psa/its/its_client.c @@ -0,0 +1,215 @@ +/* + * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include "its_client.h" +#include <psa/internal_trusted_storage.h> +#include <protocols/service/secure_storage/packed-c/secure_storage_proto.h> +#include <protocols/rpc/common/packed-c/status.h> +#include <assert.h> +#include <string.h> + +/* Variables */ +static struct rpc_caller *rpc_caller; + +psa_status_t psa_its_client_init(struct rpc_caller *caller) +{ + rpc_caller = caller; + + return PSA_SUCCESS; +} + +psa_status_t psa_its_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) +{ + uint8_t *request; + uint8_t *response; + size_t request_length = 0; + size_t response_length = 0; + struct secure_storage_request_set *request_desc; + rpc_call_handle handle; + rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED; + psa_status_t psa_status = PSA_SUCCESS; + + /* Validating input parameters */ + if (p_data == NULL) + return PSA_ERROR_INVALID_ARGUMENT; + + request_length = sizeof(*request_desc) + data_length; + if (request_length < data_length) { + /* size_t overflow */ + return PSA_ERROR_INVALID_ARGUMENT; + } + + handle = rpc_caller_begin(rpc_caller, &request, request_length); + + if (handle) { + /* Populating request descriptor */ + request_desc = (struct secure_storage_request_set *)request; + request_desc->uid = uid; + request_desc->data_length = data_length; + request_desc->create_flags = create_flags; + memcpy(&request_desc->p_data, p_data, data_length); + + rpc_status = rpc_caller_invoke(rpc_caller, handle, TS_SECURE_STORAGE_OPCODE_SET, + (uint32_t *)&psa_status, &response, + &response_length); + + if (rpc_status != TS_RPC_CALL_ACCEPTED) { + /* RPC failure */ + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + rpc_caller_end(rpc_caller, handle); + } + else { + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + return psa_status; +} + +psa_status_t psa_its_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length) +{ + uint8_t *request; + uint8_t *response; + size_t response_length = 0; + struct secure_storage_request_get *request_desc; + rpc_call_handle handle; + rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED; + psa_status_t psa_status = PSA_SUCCESS; + + /* Validating input parameters */ + if (p_data == NULL) + return PSA_ERROR_INVALID_ARGUMENT; + + handle = rpc_caller_begin(rpc_caller, &request, sizeof(*request_desc)); + + if (handle) { + /* Populating request descriptor */ + request_desc = (struct secure_storage_request_get *)request; + request_desc->uid = uid; + request_desc->data_offset = data_offset; + request_desc->data_size = data_size; + + rpc_status = rpc_caller_invoke(rpc_caller, handle, TS_SECURE_STORAGE_OPCODE_GET, + (uint32_t *)&psa_status, &response, + &response_length); + + if (rpc_status != TS_RPC_CALL_ACCEPTED ) { + /* RPC failure */ + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + /* Filling output parameters */ + if (psa_status == PSA_SUCCESS) { + *p_data_length = (response_length <= data_size) ? response_length : data_size; + memcpy(p_data, response, *p_data_length); + } + + rpc_caller_end(rpc_caller, handle); + } + else { + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + return psa_status; +} + +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info) +{ + uint8_t *request; + uint8_t *response; + size_t response_length = 0; + struct secure_storage_request_get_info *request_desc; + struct secure_storage_response_get_info *response_desc; + rpc_call_handle handle; + rpc_status_t rpc_status; + psa_status_t psa_status = PSA_ERROR_GENERIC_ERROR; + + /* Validating input parameters */ + if (p_info == NULL) + return PSA_ERROR_INVALID_ARGUMENT; + + handle = rpc_caller_begin(rpc_caller, &request, sizeof(*request_desc)); + + if (handle) { + /* Populating request descriptor */ + request_desc = (struct secure_storage_request_get_info *)request; + request_desc->uid = uid; + + rpc_status = rpc_caller_invoke(rpc_caller, handle, + TS_SECURE_STORAGE_OPCODE_GET_INFO, + (uint32_t *)&psa_status, &response, + &response_length); + + if (rpc_status != TS_RPC_CALL_ACCEPTED) { + /* RPC failure */ + psa_status = PSA_ERROR_GENERIC_ERROR; + } else if (response_length && response_length != sizeof(*response_desc)) { + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + if (psa_status == PSA_SUCCESS) { + response_desc = (struct secure_storage_response_get_info *)response; + p_info->capacity = response_desc->capacity; + p_info->size = response_desc->size; + p_info->flags = response_desc->flags; + } else { + p_info->capacity = 0; + p_info->size = 0; + p_info->flags = PSA_STORAGE_FLAG_NONE; + } + + rpc_caller_end(rpc_caller, handle); + } + else { + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + return psa_status; +} + +psa_status_t psa_its_remove(psa_storage_uid_t uid) +{ + uint8_t *request; + uint8_t *response; + size_t response_length = 0; + struct secure_storage_request_remove *request_desc; + rpc_call_handle handle; + rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED; + psa_status_t psa_status = PSA_SUCCESS; + + handle = rpc_caller_begin(rpc_caller, &request, sizeof(*request_desc)); + + if (handle) { + /* Populating request descriptor */ + request_desc = (struct secure_storage_request_remove *)request; + request_desc->uid = uid; + + rpc_status = rpc_caller_invoke(rpc_caller, handle, TS_SECURE_STORAGE_OPCODE_REMOVE, + (uint32_t *)&psa_status, &response, + &response_length); + + if (rpc_status != TS_RPC_CALL_ACCEPTED) { + /* RPC failure */ + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + rpc_caller_end(rpc_caller, handle); + } + else { + psa_status = PSA_ERROR_GENERIC_ERROR; + } + + return psa_status; +} diff --git a/components/service/secure_storage/client/psa/its/its_client.h b/components/service/secure_storage/client/psa/its/its_client.h new file mode 100644 index 000000000..b8b72090d --- /dev/null +++ b/components/service/secure_storage/client/psa/its/its_client.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef PSA_ITS_CLIENT_H +#define PSA_ITS_CLIENT_H + +#include <psa/error.h> +#include <rpc_caller.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Assignes a concrete rpc caller to the ITS library and initialises + * the library state. + * + * @param[in] rpc_caller RPC caller instance + * + * @return A status indicating the success/failure of the operation + */ +psa_status_t psa_its_client_init(struct rpc_caller *caller); + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_ITS_CLIENT_H */ diff --git a/components/service/secure_storage/client/psa/storage_common.h b/components/service/secure_storage/client/psa/storage_common.h new file mode 100644 index 000000000..4f6ba2a7d --- /dev/null +++ b/components/service/secure_storage/client/psa/storage_common.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef PSA_STORAGE_COMMON_H +#define PSA_STORAGE_COMMON_H + +#include <psa/error.h> +#include <stddef.h> +#include <stdint.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/* Types */ +typedef uint64_t psa_storage_uid_t; +typedef uint32_t psa_storage_create_flags_t; + +struct psa_storage_info_t { + size_t capacity; + size_t size; + psa_storage_create_flags_t flags; +}; + +/* Storage flags */ +#define PSA_STORAGE_FLAG_NONE (0u) +#define PSA_STORAGE_FLAG_WRITE_ONCE (1u << 0) +#define PSA_STORAGE_FLAG_NO_CONFIDENTIALITY (1u << 1) +#define PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION (1u << 2) +#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1u << 0) + +/* Status codes */ +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_STORAGE_COMMON_H */ |