TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 04debbd6e157d8ab9f80525e296303e830838c50 / . / secure_fw / services / crypto / crypto_key.c
blob: f3fd277ee6ead4b26b532147e08f02c4178749ae [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]2 * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]8#include <stddef.h>
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]9#include <stdint.h>
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]10
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]11/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]20#include <stdbool.h>
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]21
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]22#ifndef TFM_CRYPTO_MAX_KEY_HANDLES
23#define TFM_CRYPTO_MAX_KEY_HANDLES (16)
24#endif
25struct tfm_crypto_handle_owner_s {
26 int32_t owner; /*!< Owner of the allocated handle */
27 psa_key_handle_t handle; /*!< Allocated handle */
28 uint8_t in_use; /*!< Flag to indicate if this in use */
29};
30
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]31#ifndef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]32static struct tfm_crypto_handle_owner_s
33 handle_owner[TFM_CRYPTO_MAX_KEY_HANDLES] = {0};
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]34#endif
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]35
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]36/*!
37 * \defgroup public Public functions
38 *
39 */
40
41/*!@{*/
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]42psa_status_t tfm_crypto_check_handle_owner(psa_key_handle_t handle,
43 uint32_t *index)
44{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]45#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]46 return PSA_ERROR_NOT_SUPPORTED;
47#else
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]48 int32_t partition_id = 0;
49 uint32_t i = 0;
50 psa_status_t status;
51
52 status = tfm_crypto_get_caller_id(&partition_id);
53 if (status != PSA_SUCCESS) {
54 return status;
55 }
56
57 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
58 if (handle_owner[i].in_use && handle_owner[i].handle == handle) {
59 if (handle_owner[i].owner == partition_id) {
60 if (index != NULL) {
61 *index = i;
62 }
63 return PSA_SUCCESS;
64 } else {
65 return PSA_ERROR_NOT_PERMITTED;
66 }
67 }
68 }
69
70 return PSA_ERROR_INVALID_HANDLE;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]71#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]72}
73
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]74psa_status_t tfm_crypto_set_key_domain_parameters(psa_invec in_vec[],
75 size_t in_len,
76 psa_outvec out_vec[],
77 size_t out_len)
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]78{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]79#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]80 return PSA_ERROR_NOT_SUPPORTED;
81#else
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]82 /* FixMe: To be implemented */
83 return PSA_ERROR_NOT_SUPPORTED;
84#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
85}
86
87psa_status_t tfm_crypto_get_key_domain_parameters(psa_invec in_vec[],
88 size_t in_len,
89 psa_outvec out_vec[],
90 size_t out_len)
91{
92#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
93 return PSA_ERROR_NOT_SUPPORTED;
94#else
95 /* FixMe: To be implemented */
96 return PSA_ERROR_NOT_SUPPORTED;
97#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
98}
99
100psa_status_t tfm_crypto_import_key(psa_invec in_vec[],
101 size_t in_len,
102 psa_outvec out_vec[],
103 size_t out_len)
104{
105#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
106 return PSA_ERROR_NOT_SUPPORTED;
107#else
108
109 if ((in_len != 3) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]110 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]111 }
112
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]113 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]114 (in_vec[1].len != sizeof(psa_key_attributes_t)) ||
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]115 (out_vec[0].len != sizeof(psa_key_handle_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]116 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]117 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]118 const psa_key_attributes_t *key_attributes = in_vec[1].base;
119 const uint8_t *data = in_vec[2].base;
120 size_t data_length = in_vec[2].len;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]121 psa_key_handle_t *key_handle = out_vec[0].base;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]122 psa_status_t status;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]123 uint32_t i = 0;
124 int32_t partition_id = 0;
125 bool empty_found = false;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]126
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]127 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
128 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
129 empty_found = true;
130 break;
131 }
132 }
133
134 if (!empty_found) {
135 return PSA_ERROR_INSUFFICIENT_MEMORY;
136 }
137
138 status = tfm_crypto_get_caller_id(&partition_id);
139 if (status != PSA_SUCCESS) {
140 return status;
141 }
142
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]143 status = psa_import_key(key_attributes, data, data_length, key_handle);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]144
145 if (status == PSA_SUCCESS) {
146 handle_owner[i].owner = partition_id;
147 handle_owner[i].handle = *key_handle;
148 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
149 }
150
151 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]152#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]153}
154
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]155psa_status_t tfm_crypto_open_key(psa_invec in_vec[],
156 size_t in_len,
157 psa_outvec out_vec[],
158 size_t out_len)
159{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]160#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]161 return PSA_ERROR_NOT_SUPPORTED;
162#else
163 if ((in_len != 2) || (out_len != 1)) {
164 return PSA_ERROR_CONNECTION_REFUSED;
165 }
166
167 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
168 (in_vec[1].len != sizeof(psa_key_id_t)) ||
169 (out_vec[0].len != sizeof(psa_key_handle_t))) {
170 return PSA_ERROR_CONNECTION_REFUSED;
171 }
172
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]173 return PSA_ERROR_NOT_SUPPORTED;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]174#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
175}
176
177psa_status_t tfm_crypto_close_key(psa_invec in_vec[],
178 size_t in_len,
179 psa_outvec out_vec[],
180 size_t out_len)
181{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]182#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]183 return PSA_ERROR_NOT_SUPPORTED;
184#else
185 (void)out_vec;
186
187 if ((in_len != 1) || (out_len != 0)) {
188 return PSA_ERROR_CONNECTION_REFUSED;
189 }
190
191 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
192 return PSA_ERROR_CONNECTION_REFUSED;
193 }
194 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
195
196 psa_key_handle_t key = iov->key_handle;
197 uint32_t index;
198 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
199
200 if (status != PSA_SUCCESS) {
201 return status;
202 }
203
204 status = psa_close_key(key);
205
206 if (status == PSA_SUCCESS) {
207 handle_owner[index].owner = 0;
208 handle_owner[index].handle = 0;
209 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
210 }
211
212 return status;
213#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
214}
215
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]216psa_status_t tfm_crypto_destroy_key(psa_invec in_vec[],
217 size_t in_len,
218 psa_outvec out_vec[],
219 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]220{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]221#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]222 return PSA_ERROR_NOT_SUPPORTED;
223#else
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]224 (void)out_vec;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]225
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]226 if ((in_len != 1) || (out_len != 0)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]227 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]228 }
229
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]230 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]231 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]232 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]233 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]234
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]235 psa_key_handle_t key = iov->key_handle;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]236 uint32_t index;
237 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]238
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]239 if (status != PSA_SUCCESS) {
240 return status;
241 }
242
243 status = psa_destroy_key(key);
244
245 if (status == PSA_SUCCESS) {
246 handle_owner[index].owner = 0;
247 handle_owner[index].handle = 0;
248 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
249 }
250
251 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]252#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]253}
254
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]255psa_status_t tfm_crypto_get_key_attributes(psa_invec in_vec[],
256 size_t in_len,
257 psa_outvec out_vec[],
258 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]259{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]260#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]261 return PSA_ERROR_NOT_SUPPORTED;
262#else
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]263 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]264 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]265 }
266
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]267 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]268 (out_vec[0].len != sizeof(psa_key_attributes_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]269 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]270 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]271 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]272
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]273 psa_key_handle_t key = iov->key_handle;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]274 psa_key_attributes_t *key_attributes = out_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]275
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]276 return psa_get_key_attributes(key, key_attributes);
277#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
278}
279
280psa_status_t tfm_crypto_reset_key_attributes(psa_invec in_vec[],
281 size_t in_len,
282 psa_outvec out_vec[],
283 size_t out_len)
284{
285#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
286 return PSA_ERROR_NOT_SUPPORTED;
287#else
288 if ((in_len != 1) || (out_len != 1)) {
289 return PSA_ERROR_CONNECTION_REFUSED;
290 }
291
292 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
293 (out_vec[0].len != sizeof(psa_key_attributes_t))) {
294 return PSA_ERROR_CONNECTION_REFUSED;
295 }
296
297 psa_key_attributes_t *key_attributes = out_vec[0].base;
298
299 psa_reset_key_attributes(key_attributes);
300
301 /* psa_reset_key_attributes() doesn't report any error */
302 return PSA_SUCCESS;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]303#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]304}
305
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]306psa_status_t tfm_crypto_export_key(psa_invec in_vec[],
307 size_t in_len,
308 psa_outvec out_vec[],
309 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]310{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]311#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]312 return PSA_ERROR_NOT_SUPPORTED;
313#else
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]314 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]315 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]316 }
317
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]318 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]319 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]320 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]321 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]322
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]323 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]324 uint8_t *data = out_vec[0].base;
325 size_t data_size = out_vec[0].len;
326
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]327 return psa_export_key(key, data, data_size, &(out_vec[0].len));
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]328#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]329}
330
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]331psa_status_t tfm_crypto_export_public_key(psa_invec in_vec[],
332 size_t in_len,
333 psa_outvec out_vec[],
334 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]335{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]336#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]337 return PSA_ERROR_NOT_SUPPORTED;
338#else
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]339 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]340 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]341 }
Hugues de Valon8b442442019-02-19 14:30:52 +0000[diff] [blame]342
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]343 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]344 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]345 }
346 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
347
348 psa_key_handle_t key = iov->key_handle;
349 uint8_t *data = out_vec[0].base;
350 size_t data_size = out_vec[0].len;
351
352 return psa_export_public_key(key, data, data_size, &(out_vec[0].len));
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]353#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]354}
355
356psa_status_t tfm_crypto_copy_key(psa_invec in_vec[],
357 size_t in_len,
358 psa_outvec out_vec[],
359 size_t out_len)
360{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]361#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]362 return PSA_ERROR_NOT_SUPPORTED;
363#else
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]364
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]365 if ((in_len != 2) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]366 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]367 }
368
369 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]370 (out_vec[0].len != sizeof(psa_key_handle_t)) ||
371 (in_vec[1].len != sizeof(psa_key_attributes_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]372 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]373 }
374 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
375
376 psa_key_handle_t source_handle = iov->key_handle;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]377 psa_key_handle_t *target_handle = out_vec[0].base;
378 const psa_key_attributes_t *key_attributes = in_vec[1].base;
379 psa_status_t status;
380 uint32_t i = 0;
381 int32_t partition_id = 0;
382 bool empty_found = false;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]383
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]384 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
385 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
386 empty_found = true;
387 break;
388 }
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]389 }
390
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]391 if (!empty_found) {
392 return PSA_ERROR_INSUFFICIENT_MEMORY;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]393 }
394
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]395 status = tfm_crypto_get_caller_id(&partition_id);
396 if (status != PSA_SUCCESS) {
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]397 return status;
398 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]399
400 status = psa_copy_key(source_handle, key_attributes, target_handle);
401
402 if (status == PSA_SUCCESS) {
403 handle_owner[i].owner = partition_id;
404 handle_owner[i].handle = *target_handle;
405 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
406 }
407
408 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]409#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]410 return PSA_ERROR_NOT_SUPPORTED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]411}
412
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]413psa_status_t tfm_crypto_generate_key(psa_invec in_vec[],
414 size_t in_len,
415 psa_outvec out_vec[],
416 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]417{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]418#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]419 return PSA_ERROR_NOT_SUPPORTED;
420#else
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]421 if ((in_len != 2) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]422 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]423 }
424
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]425 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]426 (in_vec[1].len != sizeof(psa_key_attributes_t)) ||
427 (out_vec[0].len != sizeof(psa_key_handle_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]428 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]429 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]430 psa_key_handle_t *key_handle = out_vec[0].base;
431 const psa_key_attributes_t *key_attributes = in_vec[1].base;
432 psa_status_t status;
433 uint32_t i = 0;
434 int32_t partition_id = 0;
435 bool empty_found = false;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]436
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]437 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
438 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
439 empty_found = true;
440 break;
441 }
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]442 }
443
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]444 if (!empty_found) {
445 return PSA_ERROR_INSUFFICIENT_MEMORY;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]446 }
447
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]448 status = tfm_crypto_get_caller_id(&partition_id);
449 if (status != PSA_SUCCESS) {
450 return status;
451 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]452
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame^]453 status = psa_generate_key(key_attributes, key_handle);
454
455 if (status == PSA_SUCCESS) {
456 handle_owner[i].owner = partition_id;
457 handle_owner[i].handle = *key_handle;
458 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
459 }
460
461 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]462#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]463}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]464/*!@}*/