aboutsummaryrefslogtreecommitdiff
path: root/components/service/secure_storage/client
diff options
context:
space:
mode:
Diffstat (limited to 'components/service/secure_storage/client')
-rw-r--r--components/service/secure_storage/client/psa/component.cmake19
-rw-r--r--components/service/secure_storage/client/psa/internal_trusted_storage.h88
-rw-r--r--components/service/secure_storage/client/psa/its/its_client.c215
-rw-r--r--components/service/secure_storage/client/psa/its/its_client.h31
-rw-r--r--components/service/secure_storage/client/psa/storage_common.h43
5 files changed, 396 insertions, 0 deletions
diff --git a/components/service/secure_storage/client/psa/component.cmake b/components/service/secure_storage/client/psa/component.cmake
new file mode 100644
index 000000000..ae2518b0a
--- /dev/null
+++ b/components/service/secure_storage/client/psa/component.cmake
@@ -0,0 +1,19 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+target_sources(${TGT} PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/its/its_client.c"
+ )
+
+
+target_include_directories(${TGT}
+ PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/.."
+ )
diff --git a/components/service/secure_storage/client/psa/internal_trusted_storage.h b/components/service/secure_storage/client/psa/internal_trusted_storage.h
new file mode 100644
index 000000000..da6905464
--- /dev/null
+++ b/components/service/secure_storage/client/psa/internal_trusted_storage.h
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PSA_INTERNAL_TRUSTED_STORAGE_H
+#define PSA_INTERNAL_TRUSTED_STORAGE_H
+
+#include <psa/error.h>
+#include <psa/storage_common.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * The major version number of the PSA ITS API. It will be incremented on
+ * significant updates that may include breaking changes.
+ */
+#define PSA_ITS_API_VERSION_MAJOR 1
+
+/**
+ * The minor version number of the PSA ITS API. It will be incremented in
+ * small updates that are unlikely to include breaking changes.
+ */
+#define PSA_ITS_API_VERSION_MINOR 0
+
+/**
+ * @brief Create a new, or modify an existing, uid /value pair.
+ *
+ * @param[in] uid The identifier for the data
+ * @param[in] data_length The size in bytes of the data in p_data
+ * @param[in] p_data A buffer containing the data
+ * @param[in] create_flags The flags that the data will be stored with
+ *
+ * @return A status indicating the success/failure of the operation
+ */
+psa_status_t psa_its_set(psa_storage_uid_t uid,
+ size_t data_length,
+ const void *p_data,
+ psa_storage_create_flags_t create_flags);
+
+/**
+ * @brief Retrieve data associated with a provided UID.
+ *
+ * @param[in] uid The identifier for the data
+ * @param[in] data_offset The starting offset of the data requested
+ * @param[in] data_size The amount of data requested
+ * @param p_data On success, the buffer where the data will be
+ * placed
+ * @param p_data_length On success, this will contain size of the data
+ * placed in p_data
+ *
+ * @return A status indicating the success/failure of the operation
+ */
+psa_status_t psa_its_get(psa_storage_uid_t uid,
+ size_t data_offset,
+ size_t data_size,
+ void *p_data,
+ size_t *p_data_length);
+
+/**
+ * @brief Retrieve the metadata about the provided uid.
+ *
+ * @param[in] uid The identifier for the data
+ * @param p_info A pointer to the psa_storage_info_t struct that will
+ * be populated with the metadata
+ *
+ * @return A status indicating the success/failure of the operation
+ */
+psa_status_t psa_its_get_info(psa_storage_uid_t uid,
+ struct psa_storage_info_t *p_info);
+
+/**
+ * @brief Remove the provided key and its associated data from the storage
+ *
+ * @param[in] uid The identifier for the data
+ *
+ * @return A status indicating the success/failure of the operation
+ */
+psa_status_t psa_its_remove(psa_storage_uid_t uid);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_INTERNAL_TRUSTED_STORAGE_H */
diff --git a/components/service/secure_storage/client/psa/its/its_client.c b/components/service/secure_storage/client/psa/its/its_client.c
new file mode 100644
index 000000000..54f3efbbe
--- /dev/null
+++ b/components/service/secure_storage/client/psa/its/its_client.c
@@ -0,0 +1,215 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include "its_client.h"
+#include <psa/internal_trusted_storage.h>
+#include <protocols/service/secure_storage/packed-c/secure_storage_proto.h>
+#include <protocols/rpc/common/packed-c/status.h>
+#include <assert.h>
+#include <string.h>
+
+/* Variables */
+static struct rpc_caller *rpc_caller;
+
+psa_status_t psa_its_client_init(struct rpc_caller *caller)
+{
+ rpc_caller = caller;
+
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_its_set(psa_storage_uid_t uid,
+ size_t data_length,
+ const void *p_data,
+ psa_storage_create_flags_t create_flags)
+{
+ uint8_t *request;
+ uint8_t *response;
+ size_t request_length = 0;
+ size_t response_length = 0;
+ struct secure_storage_request_set *request_desc;
+ rpc_call_handle handle;
+ rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED;
+ psa_status_t psa_status = PSA_SUCCESS;
+
+ /* Validating input parameters */
+ if (p_data == NULL)
+ return PSA_ERROR_INVALID_ARGUMENT;
+
+ request_length = sizeof(*request_desc) + data_length;
+ if (request_length < data_length) {
+ /* size_t overflow */
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ handle = rpc_caller_begin(rpc_caller, &request, request_length);
+
+ if (handle) {
+ /* Populating request descriptor */
+ request_desc = (struct secure_storage_request_set *)request;
+ request_desc->uid = uid;
+ request_desc->data_length = data_length;
+ request_desc->create_flags = create_flags;
+ memcpy(&request_desc->p_data, p_data, data_length);
+
+ rpc_status = rpc_caller_invoke(rpc_caller, handle, TS_SECURE_STORAGE_OPCODE_SET,
+ (uint32_t *)&psa_status, &response,
+ &response_length);
+
+ if (rpc_status != TS_RPC_CALL_ACCEPTED) {
+ /* RPC failure */
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ rpc_caller_end(rpc_caller, handle);
+ }
+ else {
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ return psa_status;
+}
+
+psa_status_t psa_its_get(psa_storage_uid_t uid,
+ size_t data_offset,
+ size_t data_size,
+ void *p_data,
+ size_t *p_data_length)
+{
+ uint8_t *request;
+ uint8_t *response;
+ size_t response_length = 0;
+ struct secure_storage_request_get *request_desc;
+ rpc_call_handle handle;
+ rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED;
+ psa_status_t psa_status = PSA_SUCCESS;
+
+ /* Validating input parameters */
+ if (p_data == NULL)
+ return PSA_ERROR_INVALID_ARGUMENT;
+
+ handle = rpc_caller_begin(rpc_caller, &request, sizeof(*request_desc));
+
+ if (handle) {
+ /* Populating request descriptor */
+ request_desc = (struct secure_storage_request_get *)request;
+ request_desc->uid = uid;
+ request_desc->data_offset = data_offset;
+ request_desc->data_size = data_size;
+
+ rpc_status = rpc_caller_invoke(rpc_caller, handle, TS_SECURE_STORAGE_OPCODE_GET,
+ (uint32_t *)&psa_status, &response,
+ &response_length);
+
+ if (rpc_status != TS_RPC_CALL_ACCEPTED ) {
+ /* RPC failure */
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ /* Filling output parameters */
+ if (psa_status == PSA_SUCCESS) {
+ *p_data_length = (response_length <= data_size) ? response_length : data_size;
+ memcpy(p_data, response, *p_data_length);
+ }
+
+ rpc_caller_end(rpc_caller, handle);
+ }
+ else {
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ return psa_status;
+}
+
+psa_status_t psa_its_get_info(psa_storage_uid_t uid,
+ struct psa_storage_info_t *p_info)
+{
+ uint8_t *request;
+ uint8_t *response;
+ size_t response_length = 0;
+ struct secure_storage_request_get_info *request_desc;
+ struct secure_storage_response_get_info *response_desc;
+ rpc_call_handle handle;
+ rpc_status_t rpc_status;
+ psa_status_t psa_status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Validating input parameters */
+ if (p_info == NULL)
+ return PSA_ERROR_INVALID_ARGUMENT;
+
+ handle = rpc_caller_begin(rpc_caller, &request, sizeof(*request_desc));
+
+ if (handle) {
+ /* Populating request descriptor */
+ request_desc = (struct secure_storage_request_get_info *)request;
+ request_desc->uid = uid;
+
+ rpc_status = rpc_caller_invoke(rpc_caller, handle,
+ TS_SECURE_STORAGE_OPCODE_GET_INFO,
+ (uint32_t *)&psa_status, &response,
+ &response_length);
+
+ if (rpc_status != TS_RPC_CALL_ACCEPTED) {
+ /* RPC failure */
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ } else if (response_length && response_length != sizeof(*response_desc)) {
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ if (psa_status == PSA_SUCCESS) {
+ response_desc = (struct secure_storage_response_get_info *)response;
+ p_info->capacity = response_desc->capacity;
+ p_info->size = response_desc->size;
+ p_info->flags = response_desc->flags;
+ } else {
+ p_info->capacity = 0;
+ p_info->size = 0;
+ p_info->flags = PSA_STORAGE_FLAG_NONE;
+ }
+
+ rpc_caller_end(rpc_caller, handle);
+ }
+ else {
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ return psa_status;
+}
+
+psa_status_t psa_its_remove(psa_storage_uid_t uid)
+{
+ uint8_t *request;
+ uint8_t *response;
+ size_t response_length = 0;
+ struct secure_storage_request_remove *request_desc;
+ rpc_call_handle handle;
+ rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED;
+ psa_status_t psa_status = PSA_SUCCESS;
+
+ handle = rpc_caller_begin(rpc_caller, &request, sizeof(*request_desc));
+
+ if (handle) {
+ /* Populating request descriptor */
+ request_desc = (struct secure_storage_request_remove *)request;
+ request_desc->uid = uid;
+
+ rpc_status = rpc_caller_invoke(rpc_caller, handle, TS_SECURE_STORAGE_OPCODE_REMOVE,
+ (uint32_t *)&psa_status, &response,
+ &response_length);
+
+ if (rpc_status != TS_RPC_CALL_ACCEPTED) {
+ /* RPC failure */
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ rpc_caller_end(rpc_caller, handle);
+ }
+ else {
+ psa_status = PSA_ERROR_GENERIC_ERROR;
+ }
+
+ return psa_status;
+}
diff --git a/components/service/secure_storage/client/psa/its/its_client.h b/components/service/secure_storage/client/psa/its/its_client.h
new file mode 100644
index 000000000..b8b72090d
--- /dev/null
+++ b/components/service/secure_storage/client/psa/its/its_client.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PSA_ITS_CLIENT_H
+#define PSA_ITS_CLIENT_H
+
+#include <psa/error.h>
+#include <rpc_caller.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Assignes a concrete rpc caller to the ITS library and initialises
+ * the library state.
+ *
+ * @param[in] rpc_caller RPC caller instance
+ *
+ * @return A status indicating the success/failure of the operation
+ */
+psa_status_t psa_its_client_init(struct rpc_caller *caller);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_ITS_CLIENT_H */
diff --git a/components/service/secure_storage/client/psa/storage_common.h b/components/service/secure_storage/client/psa/storage_common.h
new file mode 100644
index 000000000..4f6ba2a7d
--- /dev/null
+++ b/components/service/secure_storage/client/psa/storage_common.h
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PSA_STORAGE_COMMON_H
+#define PSA_STORAGE_COMMON_H
+
+#include <psa/error.h>
+#include <stddef.h>
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Types */
+typedef uint64_t psa_storage_uid_t;
+typedef uint32_t psa_storage_create_flags_t;
+
+struct psa_storage_info_t {
+ size_t capacity;
+ size_t size;
+ psa_storage_create_flags_t flags;
+};
+
+/* Storage flags */
+#define PSA_STORAGE_FLAG_NONE (0u)
+#define PSA_STORAGE_FLAG_WRITE_ONCE (1u << 0)
+#define PSA_STORAGE_FLAG_NO_CONFIDENTIALITY (1u << 1)
+#define PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION (1u << 2)
+#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1u << 0)
+
+/* Status codes */
+#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
+#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_STORAGE_COMMON_H */