TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 04debbd6e157d8ab9f80525e296303e830838c50^! / . / interface / include / tfm_crypto_defs.h
commit04debbd6e157d8ab9f80525e296303e830838c50[log] [tgz]
authorAntonio de Angelis <antonio.deangelis@arm.com>Mon Oct 14 12:12:52 2019 +0100
committerSoby Mathew <soby.mathew@arm.com>Mon Feb 24 11:53:56 2020 +0000
treef9f6f70898661ee377943ea65c23d8560bca7e00
parentdad6ca656729478d199434a090b55bb3d36d4e86 [diff] [blame]
Crypto: Align to Mbed Crypto 3.0.1

This patch upgrades the Crypto service to be able
to use Mbed Crypto 3.0.1:

- Updates the PSA crypto headers to latest available in mbed-crypto
- Updates the service implementation
- Updates the test suites where needed
- Updates the SST and Attestation interfaces
  towards cryptographic functionalities
- Updates documentation to reflect updated
  requirements, and changes in the integration guide

This patch migrates the use of psa_asymmetric_sign() and
psa_asymmetric_verify() to the non-deprecated versions of
the API psa_sign_hash() and psa_verify_hash().

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I7d8275def2336c1b5cfb8847b2842c305cfab116

diff --git a/interface/include/tfm_crypto_defs.h b/interface/include/tfm_crypto_defs.h
index 5a380c6..53c03ce 100644
--- a/interface/include/tfm_crypto_defs.h
+++ b/interface/include/tfm_crypto_defs.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  *
@@ -37,15 +37,13 @@
     uint32_t sfn_id;             /*!< Secure function ID used to dispatch the
                                   *   request
                                   */
+    uint16_t step;               /*!< Key derivation step */
     psa_key_handle_t key_handle; /*!< Key handle */
-    psa_key_type_t type;         /*!< Key type */
-    psa_key_usage_t usage;       /*!< Usage policy for a key */
     psa_algorithm_t alg;         /*!< Algorithm */
-    psa_key_lifetime_t lifetime; /*!< Lifetime policy for a key */
     uint32_t op_handle;          /*!< Frontend context handle associated to a
                                   *   multipart operation
                                   */
-    size_t capacity;             /*!< Generator capacity */
+    size_t capacity;             /*!< Key derivation capacity */
 
     struct tfm_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for
                                                 *   AEAD until the API is
@@ -58,51 +56,70 @@
  *        when dispatching the requests to the service
  */
 enum {
-    TFM_CRYPTO_ALLOCATE_KEY_SID = (0u),
+    TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u),
+    TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
     TFM_CRYPTO_OPEN_KEY_SID,
     TFM_CRYPTO_CLOSE_KEY_SID,
     TFM_CRYPTO_IMPORT_KEY_SID,
     TFM_CRYPTO_DESTROY_KEY_SID,
-    TFM_CRYPTO_GET_KEY_INFORMATION_SID,
     TFM_CRYPTO_EXPORT_KEY_SID,
     TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
     TFM_CRYPTO_COPY_KEY_SID,
-    TFM_CRYPTO_SET_KEY_POLICY_SID,
-    TFM_CRYPTO_GET_KEY_POLICY_SID,
-    TFM_CRYPTO_GET_KEY_LIFETIME_SID,
-    TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
-    TFM_CRYPTO_CIPHER_SET_IV_SID,
-    TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
-    TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
-    TFM_CRYPTO_CIPHER_UPDATE_SID,
-    TFM_CRYPTO_CIPHER_ABORT_SID,
-    TFM_CRYPTO_CIPHER_FINISH_SID,
+    TFM_CRYPTO_HASH_COMPUTE_SID,
+    TFM_CRYPTO_HASH_COMPARE_SID,
     TFM_CRYPTO_HASH_SETUP_SID,
     TFM_CRYPTO_HASH_UPDATE_SID,
     TFM_CRYPTO_HASH_FINISH_SID,
     TFM_CRYPTO_HASH_VERIFY_SID,
     TFM_CRYPTO_HASH_ABORT_SID,
     TFM_CRYPTO_HASH_CLONE_SID,
+    TFM_CRYPTO_MAC_COMPUTE_SID,
+    TFM_CRYPTO_MAC_VERIFY_SID,
     TFM_CRYPTO_MAC_SIGN_SETUP_SID,
     TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
     TFM_CRYPTO_MAC_UPDATE_SID,
     TFM_CRYPTO_MAC_SIGN_FINISH_SID,
     TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
     TFM_CRYPTO_MAC_ABORT_SID,
+    TFM_CRYPTO_CIPHER_ENCRYPT_SID,
+    TFM_CRYPTO_CIPHER_DECRYPT_SID,
+    TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
+    TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
+    TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
+    TFM_CRYPTO_CIPHER_SET_IV_SID,
+    TFM_CRYPTO_CIPHER_UPDATE_SID,
+    TFM_CRYPTO_CIPHER_FINISH_SID,
+    TFM_CRYPTO_CIPHER_ABORT_SID,
     TFM_CRYPTO_AEAD_ENCRYPT_SID,
     TFM_CRYPTO_AEAD_DECRYPT_SID,
-    TFM_CRYPTO_ASYMMETRIC_SIGN_SID,
-    TFM_CRYPTO_ASYMMETRIC_VERIFY_SID,
+    TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
+    TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
+    TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
+    TFM_CRYPTO_AEAD_SET_NONCE_SID,
+    TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
+    TFM_CRYPTO_AEAD_UPDATE_AD_SID,
+    TFM_CRYPTO_AEAD_UPDATE_SID,
+    TFM_CRYPTO_AEAD_FINISH_SID,
+    TFM_CRYPTO_AEAD_VERIFY_SID,
+    TFM_CRYPTO_AEAD_ABORT_SID,
+    TFM_CRYPTO_SIGN_HASH_SID,
+    TFM_CRYPTO_VERIFY_HASH_SID,
     TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
     TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
-    TFM_CRYPTO_GET_GENERATOR_CAPACITY_SID,
-    TFM_CRYPTO_GENERATOR_READ_SID,
-    TFM_CRYPTO_GENERATOR_IMPORT_KEY_SID,
-    TFM_CRYPTO_GENERATOR_ABORT_SID,
-    TFM_CRYPTO_KEY_DERIVATION_SID,
-    TFM_CRYPTO_KEY_AGREEMENT_SID,
+    TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
+    TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
+    TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
+    TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
+    TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
+    TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
+    TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
+    TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
+    TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
+    TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
     TFM_CRYPTO_GENERATE_RANDOM_SID,
     TFM_CRYPTO_GENERATE_KEY_SID,
+    TFM_CRYPTO_SET_KEY_DOMAIN_PARAMETERS_SID,
+    TFM_CRYPTO_GET_KEY_DOMAIN_PARAMETERS_SID,
     TFM_CRYPTO_SID_MAX,
 };