TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / dad6ca656729478d199434a090b55bb3d36d4e86 / . / secure_fw / services / crypto / crypto_aead.c
blob: be85c929f6a68d0728bd3150f9771b1953aae8fa [file] [log] [blame]
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]1/*
2 * Copyright (c) 2019, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]8#include <stddef.h>
9#include <stdint.h>
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]10
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]11/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]20
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]21/*!
22 * \defgroup public_psa Public functions, PSA
23 *
24 */
25
26/*!@{*/
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]27psa_status_t tfm_crypto_aead_encrypt(psa_invec in_vec[],
28 size_t in_len,
29 psa_outvec out_vec[],
30 size_t out_len)
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]31{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]32#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]33 return PSA_ERROR_NOT_SUPPORTED;
34#else
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]35 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]36
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]37 if ( !((in_len == 2) || (in_len == 3)) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]38 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]39 }
40
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]41 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]42 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]43 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]44 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
45 const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]46 psa_key_handle_t key_handle = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]47 psa_algorithm_t alg = iov->alg;
48 const uint8_t *nonce = aead_pack_input->nonce;
49 size_t nonce_length = aead_pack_input->nonce_length;
50 const uint8_t *plaintext = in_vec[1].base;
51 size_t plaintext_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]52 uint8_t *ciphertext = out_vec[0].base;
53 size_t ciphertext_size = out_vec[0].len;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]54 const uint8_t *additional_data = NULL;
55 size_t additional_data_length = 0;
56
57 /* Check if additional data has been passed and initialise it */
58 if (in_len == 3) {
59 additional_data = in_vec[2].base;
60 additional_data_length = in_vec[2].len;
61 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]62
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]63 /* Initialise ciphertext_length to zero */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]64 out_vec[0].len = 0;
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]65
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]66 status = tfm_crypto_check_handle_owner(key_handle, NULL);
67 if (status == PSA_SUCCESS) {
68
69 status = psa_aead_encrypt(key_handle, alg, nonce, nonce_length,
70 additional_data, additional_data_length,
71 plaintext, plaintext_length,
72 ciphertext, ciphertext_size, &out_vec[0].len);
73 }
74
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]75 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]76#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]77}
78
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]79psa_status_t tfm_crypto_aead_decrypt(psa_invec in_vec[],
80 size_t in_len,
81 psa_outvec out_vec[],
82 size_t out_len)
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]83{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]84#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]85 return PSA_ERROR_NOT_SUPPORTED;
86#else
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]87 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]88
Jamie Fox9a234e22019-04-30 11:12:05 +0100[diff] [blame]89 if ( !((in_len == 2) || (in_len == 3)) || (out_len > 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]90 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]91 }
92
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]93 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]94 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]95 }
96 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
97 const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]98 psa_key_handle_t key_handle = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]99 psa_algorithm_t alg = iov->alg;
100 const uint8_t *nonce = aead_pack_input->nonce;
101 size_t nonce_length = aead_pack_input->nonce_length;
102 const uint8_t *ciphertext = in_vec[1].base;
103 size_t ciphertext_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]104 uint8_t *plaintext = out_vec[0].base;
105 size_t plaintext_size = out_vec[0].len;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]106 const uint8_t *additional_data = NULL;
107 size_t additional_data_length = 0;
108
109 /* Check if additional data has been passed and initialise it */
110 if (in_len == 3) {
111 additional_data = in_vec[2].base;
112 additional_data_length = in_vec[2].len;
113 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]114
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]115 /* Initialise plaintext_length to zero */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]116 out_vec[0].len = 0;
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]117
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]118 status = tfm_crypto_check_handle_owner(key_handle, NULL);
119 if (status == PSA_SUCCESS) {
120
121 status = psa_aead_decrypt(key_handle, alg, nonce, nonce_length,
122 additional_data, additional_data_length,
123 ciphertext, ciphertext_length,
124 plaintext, plaintext_size, &out_vec[0].len);
125 }
126
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]127 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]128#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]129}
130/*!@}*/