TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 28659c498c3bdbbc610959e7518bece5aaf72a19 / . / secure_fw / partitions / crypto / crypto_key.c
blob: d07eef3c1db6d632d24957aa8be7e4fda71a4f70 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]2 * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]8#include <stddef.h>
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]9#include <stdint.h>
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]10
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]11#include "tfm_mbedcrypto_include.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]12
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]13#include "tfm_crypto_api.h"
14#include "tfm_crypto_defs.h"
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]15#include "tfm_crypto_private.h"
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]16#include <stdbool.h>
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]17
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]18#ifndef TFM_CRYPTO_MAX_KEY_HANDLES
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]19#define TFM_CRYPTO_MAX_KEY_HANDLES (32)
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]20#endif
21struct tfm_crypto_handle_owner_s {
22 int32_t owner; /*!< Owner of the allocated handle */
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]23 psa_key_id_t key; /*!< Allocated key */
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]24 uint8_t in_use; /*!< Flag to indicate if this in use */
25};
26
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]27#ifndef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]28static struct tfm_crypto_handle_owner_s
29 handle_owner[TFM_CRYPTO_MAX_KEY_HANDLES] = {0};
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]30#endif
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]31
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]32/*!
33 * \defgroup public Public functions
34 *
35 */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]36/*!@{*/
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]37psa_status_t tfm_crypto_key_attributes_from_client(
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]38 const struct psa_client_key_attributes_s *client_key_attr,
39 int32_t client_id,
40 psa_key_attributes_t *key_attributes)
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]41{
42 if (client_key_attr == NULL || key_attributes == NULL) {
43 return PSA_ERROR_PROGRAMMER_ERROR;
44 }
45
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]46 *key_attributes = psa_key_attributes_init();
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]47
48 /* Copy core key attributes from the client core key attributes */
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]49 key_attributes->core.type = client_key_attr->type;
50 key_attributes->core.lifetime = client_key_attr->lifetime;
51 key_attributes->core.policy.usage = client_key_attr->usage;
52 key_attributes->core.policy.alg = client_key_attr->alg;
53 key_attributes->core.bits = client_key_attr->bits;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]54
55 /* Use the client key id as the key_id and its partition id as the owner */
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]56 key_attributes->core.id.key_id = client_key_attr->id;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]57 key_attributes->core.id.owner = client_id;
58
59 return PSA_SUCCESS;
60}
61
62psa_status_t tfm_crypto_key_attributes_to_client(
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]63 const psa_key_attributes_t *key_attributes,
64 struct psa_client_key_attributes_s *client_key_attr)
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]65{
66 if (client_key_attr == NULL || key_attributes == NULL) {
67 return PSA_ERROR_PROGRAMMER_ERROR;
68 }
69
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]70 struct psa_client_key_attributes_s v = PSA_CLIENT_KEY_ATTRIBUTES_INIT;
71 *client_key_attr = v;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]72
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]73 /* Copy core key attributes from the client core key attributes */
74 client_key_attr->type = key_attributes->core.type;
75 client_key_attr->lifetime = key_attributes->core.lifetime;
76 client_key_attr->usage = key_attributes->core.policy.usage;
77 client_key_attr->alg = key_attributes->core.policy.alg;
78 client_key_attr->bits = key_attributes->core.bits;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]79
80 /* Return the key_id as the client key id, do not return the owner */
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]81 client_key_attr->id = key_attributes->core.id.key_id;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]82
83 return PSA_SUCCESS;
84}
85
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]86psa_status_t tfm_crypto_check_handle_owner(psa_key_id_t key,
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]87 uint32_t *index)
88{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]89#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]90 return PSA_ERROR_NOT_SUPPORTED;
91#else
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]92 int32_t partition_id = 0;
93 uint32_t i = 0;
94 psa_status_t status;
95
96 status = tfm_crypto_get_caller_id(&partition_id);
97 if (status != PSA_SUCCESS) {
98 return status;
99 }
100
101 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]102 if (handle_owner[i].in_use && handle_owner[i].key == key) {
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]103 if (handle_owner[i].owner == partition_id) {
104 if (index != NULL) {
105 *index = i;
106 }
107 return PSA_SUCCESS;
108 } else {
109 return PSA_ERROR_NOT_PERMITTED;
110 }
111 }
112 }
113
114 return PSA_ERROR_INVALID_HANDLE;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]115#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]116}
117
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]118psa_status_t tfm_crypto_encode_id_and_owner(psa_key_id_t key_id,
119 mbedtls_svc_key_id_t *enc_key_ptr)
120{
121 int32_t partition_id = 0;
122 psa_status_t status = tfm_crypto_get_caller_id(&partition_id);
123
124 if (status != PSA_SUCCESS) {
125 return status;
126 }
127
128 /* If Null Pointer, return PSA_ERROR_PROGRAMMER_ERROR */
129 if (enc_key_ptr == NULL) {
130 return PSA_ERROR_PROGRAMMER_ERROR;
131 }
132
133 /* Use the client key id as the key_id and its partition id as the owner */
134 *enc_key_ptr = mbedtls_svc_key_id_make(partition_id, key_id);
135
136 return PSA_SUCCESS;
137}
138
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]139psa_status_t tfm_crypto_check_key_storage(uint32_t *index)
140{
141#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
142 return PSA_ERROR_NOT_SUPPORTED;
143#else
144 uint32_t i;
145
146 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
147 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
148 *index = i;
149 return PSA_SUCCESS;
150 }
151 }
152
153 return PSA_ERROR_INSUFFICIENT_MEMORY;
154#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
155}
156
157psa_status_t tfm_crypto_set_key_storage(uint32_t index,
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]158 psa_key_id_t key_handle)
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]159{
160#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
161 return PSA_ERROR_NOT_SUPPORTED;
162#else
163 psa_status_t status;
164 int32_t partition_id;
165
166 status = tfm_crypto_get_caller_id(&partition_id);
167 if (status != PSA_SUCCESS) {
168 return status;
169 }
170
171 handle_owner[index].owner = partition_id;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]172 handle_owner[index].key = key_handle;
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]173 handle_owner[index].in_use = TFM_CRYPTO_IN_USE;
174
175 return PSA_SUCCESS;
176#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
177}
178
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]179psa_status_t tfm_crypto_set_key_domain_parameters(psa_invec in_vec[],
180 size_t in_len,
181 psa_outvec out_vec[],
182 size_t out_len)
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]183{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]184#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]185 return PSA_ERROR_NOT_SUPPORTED;
186#else
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]187 /* FixMe: To be implemented */
188 return PSA_ERROR_NOT_SUPPORTED;
189#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
190}
191
192psa_status_t tfm_crypto_get_key_domain_parameters(psa_invec in_vec[],
193 size_t in_len,
194 psa_outvec out_vec[],
195 size_t out_len)
196{
197#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
198 return PSA_ERROR_NOT_SUPPORTED;
199#else
200 /* FixMe: To be implemented */
201 return PSA_ERROR_NOT_SUPPORTED;
202#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
203}
204
205psa_status_t tfm_crypto_import_key(psa_invec in_vec[],
206 size_t in_len,
207 psa_outvec out_vec[],
208 size_t out_len)
209{
210#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
211 return PSA_ERROR_NOT_SUPPORTED;
212#else
213
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]214 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 3, out_len, 1, 1);
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]215
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]216 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]217 (in_vec[1].len != sizeof(struct psa_client_key_attributes_s)) ||
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]218 (out_vec[0].len != sizeof(psa_key_id_t))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]219 return PSA_ERROR_PROGRAMMER_ERROR;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]220 }
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]221 const struct psa_client_key_attributes_s *client_key_attr = in_vec[1].base;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]222 const uint8_t *data = in_vec[2].base;
223 size_t data_length = in_vec[2].len;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]224 psa_key_id_t *psa_key = out_vec[0].base;
225
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]226 psa_status_t status;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]227 psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]228 uint32_t i = 0;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]229 mbedtls_svc_key_id_t encoded_key;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]230 int32_t partition_id = 0;
231 bool empty_found = false;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]232
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]233 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
234 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
235 empty_found = true;
236 break;
237 }
238 }
239
240 if (!empty_found) {
241 return PSA_ERROR_INSUFFICIENT_MEMORY;
242 }
243
244 status = tfm_crypto_get_caller_id(&partition_id);
245 if (status != PSA_SUCCESS) {
246 return status;
247 }
248
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]249 status = tfm_crypto_key_attributes_from_client(client_key_attr,
250 partition_id,
251 &key_attributes);
252 if (status != PSA_SUCCESS) {
253 return status;
254 }
255
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]256 status = psa_import_key(&key_attributes, data, data_length, &encoded_key);
257 /* Update the imported key id */
258 *psa_key = encoded_key.key_id;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]259
260 if (status == PSA_SUCCESS) {
261 handle_owner[i].owner = partition_id;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]262 handle_owner[i].key = *psa_key;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]263 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
264 }
265
266 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]267#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]268}
269
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]270psa_status_t tfm_crypto_open_key(psa_invec in_vec[],
271 size_t in_len,
272 psa_outvec out_vec[],
273 size_t out_len)
274{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]275#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]276 return PSA_ERROR_NOT_SUPPORTED;
277#else
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]278
279 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]280
281 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]282 (in_vec[1].len != sizeof(psa_key_id_t)) ||
283 (out_vec[0].len != sizeof(psa_key_id_t))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]284 return PSA_ERROR_PROGRAMMER_ERROR;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]285 }
286
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]287 psa_key_id_t client_key_id = *((psa_key_id_t *)in_vec[1].base);
288 psa_key_id_t *key = out_vec[0].base;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]289 psa_status_t status;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]290 mbedtls_svc_key_id_t encoded_key;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]291 int32_t partition_id;
292 uint32_t i;
293
294 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
295 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
296 break;
297 }
298 }
299
300 if (i == TFM_CRYPTO_MAX_KEY_HANDLES) {
301 return PSA_ERROR_INSUFFICIENT_MEMORY;
302 }
303
304 status = tfm_crypto_get_caller_id(&partition_id);
305 if (status != PSA_SUCCESS) {
306 return status;
307 }
308
309 /* Use the client key id as the key_id and its partition id as the owner */
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]310 encoded_key = mbedtls_svc_key_id_make(partition_id, client_key_id);
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]311
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]312 status = psa_open_key(encoded_key, &encoded_key);
313 *key = encoded_key.key_id;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]314
315 if (status == PSA_SUCCESS) {
316 handle_owner[i].owner = partition_id;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]317 handle_owner[i].key = *key;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]318 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
319 }
320
321 return status;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]322#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
323}
324
325psa_status_t tfm_crypto_close_key(psa_invec in_vec[],
326 size_t in_len,
327 psa_outvec out_vec[],
328 size_t out_len)
329{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]330#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]331 return PSA_ERROR_NOT_SUPPORTED;
332#else
333 (void)out_vec;
334
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]335 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]336
337 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]338 return PSA_ERROR_PROGRAMMER_ERROR;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]339 }
340 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
341
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]342 psa_key_id_t key = iov->key_id;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]343 uint32_t index;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]344 mbedtls_svc_key_id_t encoded_key;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]345
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]346 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]347 if (status != PSA_SUCCESS) {
348 return status;
349 }
350
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]351 encoded_key = mbedtls_svc_key_id_make(handle_owner[index].owner, key);
352 status = psa_close_key(encoded_key);
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]353
354 if (status == PSA_SUCCESS) {
355 handle_owner[index].owner = 0;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]356 handle_owner[index].key = 0;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]357 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
358 }
359
360 return status;
361#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
362}
363
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]364psa_status_t tfm_crypto_destroy_key(psa_invec in_vec[],
365 size_t in_len,
366 psa_outvec out_vec[],
367 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]368{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]369#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]370 return PSA_ERROR_NOT_SUPPORTED;
371#else
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]372 (void)out_vec;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]373
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]374 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]375
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]376 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]377 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]378 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]379 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]380 psa_key_id_t key = iov->key_id;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]381 uint32_t index;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]382 mbedtls_svc_key_id_t encoded_key;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]383
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]384 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]385 if (status != PSA_SUCCESS) {
386 return status;
387 }
388
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]389 encoded_key = mbedtls_svc_key_id_make(handle_owner[index].owner, key);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]390
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]391 status = psa_destroy_key(encoded_key);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]392 if (status == PSA_SUCCESS) {
393 handle_owner[index].owner = 0;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]394 handle_owner[index].key = 0;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]395 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
396 }
397
398 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]399#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]400}
401
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]402psa_status_t tfm_crypto_get_key_attributes(psa_invec in_vec[],
403 size_t in_len,
404 psa_outvec out_vec[],
405 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]406{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]407#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]408 return PSA_ERROR_NOT_SUPPORTED;
409#else
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]410
411 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]412
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]413 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]414 (out_vec[0].len != sizeof(struct psa_client_key_attributes_s))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]415 return PSA_ERROR_PROGRAMMER_ERROR;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]416 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]417 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]418
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]419 psa_key_id_t key = iov->key_id;
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]420 struct psa_client_key_attributes_s *client_key_attr = out_vec[0].base;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]421 psa_status_t status;
422 psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]423 mbedtls_svc_key_id_t encoded_key;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]424
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]425 status = tfm_crypto_check_handle_owner(key, NULL);
426 if (status != PSA_SUCCESS) {
427 return status;
428 }
429
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]430 status = tfm_crypto_encode_id_and_owner(key, &encoded_key);
431 if (status != PSA_SUCCESS) {
432 return status;
433 }
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]434
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]435 status = psa_get_key_attributes(encoded_key, &key_attributes);
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]436 if (status == PSA_SUCCESS) {
437 status = tfm_crypto_key_attributes_to_client(&key_attributes,
438 client_key_attr);
439 }
440
441 return status;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]442#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
443}
444
445psa_status_t tfm_crypto_reset_key_attributes(psa_invec in_vec[],
446 size_t in_len,
447 psa_outvec out_vec[],
448 size_t out_len)
449{
450#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
451 return PSA_ERROR_NOT_SUPPORTED;
452#else
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]453
454 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]455
456 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]457 (out_vec[0].len != sizeof(struct psa_client_key_attributes_s))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]458 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]459 }
460
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]461 struct psa_client_key_attributes_s *client_key_attr = out_vec[0].base;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]462 psa_status_t status;
463 psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
464 int32_t partition_id;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]465
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]466 status = tfm_crypto_get_caller_id(&partition_id);
467 if (status != PSA_SUCCESS) {
468 return status;
469 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]470
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]471 status = tfm_crypto_key_attributes_from_client(client_key_attr,
472 partition_id,
473 &key_attributes);
474 if (status != PSA_SUCCESS) {
475 return status;
476 }
477
478 psa_reset_key_attributes(&key_attributes);
479
480 return tfm_crypto_key_attributes_to_client(&key_attributes,
481 client_key_attr);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]482#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]483}
484
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]485psa_status_t tfm_crypto_export_key(psa_invec in_vec[],
486 size_t in_len,
487 psa_outvec out_vec[],
488 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]489{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]490#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]491 return PSA_ERROR_NOT_SUPPORTED;
492#else
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]493
494 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]495
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]496 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]497 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]498 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]499 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]500
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]501 psa_key_id_t key = iov->key_id;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]502 uint8_t *data = out_vec[0].base;
503 size_t data_size = out_vec[0].len;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]504 mbedtls_svc_key_id_t encoded_key;
505 uint32_t index;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]506
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]507 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
508
509 if (status != PSA_SUCCESS) {
510 return status;
511 }
512
513 encoded_key = mbedtls_svc_key_id_make(handle_owner[index].owner, key);
514 return psa_export_key(encoded_key, data, data_size,
515 &(out_vec[0].len));
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]516#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]517}
518
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]519psa_status_t tfm_crypto_export_public_key(psa_invec in_vec[],
520 size_t in_len,
521 psa_outvec out_vec[],
522 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]523{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]524#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]525 return PSA_ERROR_NOT_SUPPORTED;
526#else
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]527
528 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
Hugues de Valon8b442442019-02-19 14:30:52 +0000[diff] [blame]529
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]530 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]531 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]532 }
533 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]534 psa_key_id_t key = iov->key_id;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]535 uint8_t *data = out_vec[0].base;
536 size_t data_size = out_vec[0].len;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]537 mbedtls_svc_key_id_t encoded_key;
538 uint32_t index;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]539
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]540 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
541
542 if (status != PSA_SUCCESS) {
543 return status;
544 }
545
546 encoded_key = mbedtls_svc_key_id_make(handle_owner[index].owner, key);
547
548 return psa_export_public_key(encoded_key, data, data_size,
549 &(out_vec[0].len));
550#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
551}
552
553psa_status_t tfm_crypto_purge_key(psa_invec in_vec[],
554 size_t in_len,
555 psa_outvec out_vec[],
556 size_t out_len)
557{
558#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
559 return PSA_ERROR_NOT_SUPPORTED;
560#else
561 (void)out_vec;
562
563 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
564
565 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
566 return PSA_ERROR_PROGRAMMER_ERROR;
567 }
568 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
569 psa_key_id_t key = iov->key_id;
570 uint32_t index;
571 mbedtls_svc_key_id_t encoded_key;
572
573 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
574
575 if (status != PSA_SUCCESS) {
576 return status;
577 }
578
579 encoded_key = mbedtls_svc_key_id_make(handle_owner[index].owner, key);
580
581 status = psa_purge_key(encoded_key);
582 if (status == PSA_SUCCESS) {
583 handle_owner[index].owner = 0;
584 handle_owner[index].key = 0;
585 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
586 }
587
588 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]589#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]590}
591
592psa_status_t tfm_crypto_copy_key(psa_invec in_vec[],
593 size_t in_len,
594 psa_outvec out_vec[],
595 size_t out_len)
596{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]597#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]598 return PSA_ERROR_NOT_SUPPORTED;
599#else
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]600
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]601 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]602
603 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]604 (out_vec[0].len != sizeof(psa_key_id_t)) ||
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]605 (in_vec[1].len != sizeof(struct psa_client_key_attributes_s))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]606 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]607 }
608 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
609
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]610 psa_key_id_t source_key_id = iov->key_id;
611 psa_key_id_t *target_key_id = out_vec[0].base;
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]612 const struct psa_client_key_attributes_s *client_key_attr = in_vec[1].base;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]613 psa_status_t status;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]614 psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]615 uint32_t i = 0;
616 int32_t partition_id = 0;
617 bool empty_found = false;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]618 mbedtls_svc_key_id_t target_key;
619 mbedtls_svc_key_id_t encoded_key;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]620
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]621 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
622 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
623 empty_found = true;
624 break;
625 }
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]626 }
627
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]628 if (!empty_found) {
629 return PSA_ERROR_INSUFFICIENT_MEMORY;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]630 }
631
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]632 status = tfm_crypto_get_caller_id(&partition_id);
633 if (status != PSA_SUCCESS) {
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]634 return status;
635 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]636
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]637 status = tfm_crypto_key_attributes_from_client(client_key_attr,
638 partition_id,
639 &key_attributes);
640 if (status != PSA_SUCCESS) {
641 return status;
642 }
643
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]644 status = tfm_crypto_check_handle_owner(source_key_id, NULL);
645 if (status != PSA_SUCCESS) {
646 return status;
647 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]648
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]649 status = tfm_crypto_encode_id_and_owner(source_key_id, &encoded_key);
650 if (status != PSA_SUCCESS) {
651 return status;
652 }
653
654 status = psa_copy_key(encoded_key, &key_attributes, &target_key);
655 *target_key_id = target_key.key_id;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]656 if (status == PSA_SUCCESS) {
657 handle_owner[i].owner = partition_id;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]658 handle_owner[i].key = *target_key_id;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]659 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
660 }
661
662 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]663#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]664}
665
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]666psa_status_t tfm_crypto_generate_key(psa_invec in_vec[],
667 size_t in_len,
668 psa_outvec out_vec[],
669 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]670{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]671#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]672 return PSA_ERROR_NOT_SUPPORTED;
673#else
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]674
675 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]676
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]677 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]678 (in_vec[1].len != sizeof(struct psa_client_key_attributes_s)) ||
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]679 (out_vec[0].len != sizeof(psa_key_id_t))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]680 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]681 }
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]682 psa_key_id_t *key_handle = out_vec[0].base;
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]683 const struct psa_client_key_attributes_s *client_key_attr = in_vec[1].base;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]684 psa_status_t status;
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]685 psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]686 uint32_t i = 0;
687 int32_t partition_id = 0;
688 bool empty_found = false;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]689 mbedtls_svc_key_id_t encoded_key;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]690
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]691 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
692 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
693 empty_found = true;
694 break;
695 }
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]696 }
697
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]698 if (!empty_found) {
699 return PSA_ERROR_INSUFFICIENT_MEMORY;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]700 }
701
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]702 status = tfm_crypto_get_caller_id(&partition_id);
703 if (status != PSA_SUCCESS) {
704 return status;
705 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]706
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]707 status = tfm_crypto_key_attributes_from_client(client_key_attr,
708 partition_id,
709 &key_attributes);
710 if (status != PSA_SUCCESS) {
711 return status;
712 }
713
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]714 status = psa_generate_key(&key_attributes, &encoded_key);
715 *key_handle = encoded_key.key_id;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]716
717 if (status == PSA_SUCCESS) {
718 handle_owner[i].owner = partition_id;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame^]719 handle_owner[i].key = *key_handle;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]720 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
721 }
722
723 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]724#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]725}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]726/*!@}*/