TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 7740b38b6d7392af3a007f40fa6996144c7c74e6 / . / secure_fw / services / crypto / crypto_key.c
blob: 19f11c477dddff6a213575ef71a72545cdc99240 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]8#include <stddef.h>
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]9#include <stdint.h>
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]10
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]11/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]20#include <stdbool.h>
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]21
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]22#ifndef TFM_CRYPTO_MAX_KEY_HANDLES
23#define TFM_CRYPTO_MAX_KEY_HANDLES (16)
24#endif
25struct tfm_crypto_handle_owner_s {
26 int32_t owner; /*!< Owner of the allocated handle */
27 psa_key_handle_t handle; /*!< Allocated handle */
28 uint8_t in_use; /*!< Flag to indicate if this in use */
29};
30
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]31#if (TFM_CRYPTO_KEY_MODULE_DISABLED == 0)
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]32static struct tfm_crypto_handle_owner_s
33 handle_owner[TFM_CRYPTO_MAX_KEY_HANDLES] = {0};
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]34#endif
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]35/*!
36 * \defgroup public Public functions
37 *
38 */
39
40/*!@{*/
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]41psa_status_t tfm_crypto_check_handle_owner(psa_key_handle_t handle,
42 uint32_t *index)
43{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]44#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
45 return PSA_ERROR_NOT_SUPPORTED;
46#else
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]47 int32_t partition_id = 0;
48 uint32_t i = 0;
49 psa_status_t status;
50
51 status = tfm_crypto_get_caller_id(&partition_id);
52 if (status != PSA_SUCCESS) {
53 return status;
54 }
55
56 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
57 if (handle_owner[i].in_use && handle_owner[i].handle == handle) {
58 if (handle_owner[i].owner == partition_id) {
59 if (index != NULL) {
60 *index = i;
61 }
62 return PSA_SUCCESS;
63 } else {
64 return PSA_ERROR_NOT_PERMITTED;
65 }
66 }
67 }
68
69 return PSA_ERROR_INVALID_HANDLE;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]70#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]71}
72
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]73psa_status_t tfm_crypto_allocate_key(psa_invec in_vec[],
74 size_t in_len,
75 psa_outvec out_vec[],
76 size_t out_len)
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]77{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]78#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
79 return PSA_ERROR_NOT_SUPPORTED;
80#else
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]81 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]82 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]83 }
84
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]85 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
86 (out_vec[0].len != sizeof(psa_key_handle_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]87 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]88 }
89
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]90 psa_key_handle_t *key_handle = out_vec[0].base;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]91 uint32_t i = 0;
92 int32_t partition_id = 0;
93 bool empty_found = false;
94 psa_status_t status;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]95
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]96 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
97 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
98 empty_found = true;
99 break;
100 }
101 }
102
103 if (!empty_found) {
104 return PSA_ERROR_INSUFFICIENT_MEMORY;
105 }
106
107 status = tfm_crypto_get_caller_id(&partition_id);
108 if (status != PSA_SUCCESS) {
109 return status;
110 }
111
112 status = psa_allocate_key(key_handle);
113
114 if (status == PSA_SUCCESS) {
115 handle_owner[i].owner = partition_id;
116 handle_owner[i].handle = *key_handle;
117 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
118 }
119
120 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]121#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]122}
123
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]124psa_status_t tfm_crypto_import_key(psa_invec in_vec[],
125 size_t in_len,
126 psa_outvec out_vec[],
127 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]128{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]129#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
130 return PSA_ERROR_NOT_SUPPORTED;
131#else
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]132 (void)out_vec;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]133
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]134 if ((in_len != 2) || (out_len != 0)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]135 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]136 }
137
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]138 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]139 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]140 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]141 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]142
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]143 psa_key_handle_t key = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]144 psa_key_type_t type = iov->type;
145 const uint8_t *data = in_vec[1].base;
146 size_t data_length = in_vec[1].len;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]147 psa_status_t status = tfm_crypto_check_handle_owner(key, NULL);
148
149 if (status != PSA_SUCCESS) {
150 return status;
151 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]152
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]153 return psa_import_key(key, type, data, data_length);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]154#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]155}
156
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]157psa_status_t tfm_crypto_destroy_key(psa_invec in_vec[],
158 size_t in_len,
159 psa_outvec out_vec[],
160 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]161{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]162#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
163 return PSA_ERROR_NOT_SUPPORTED;
164#else
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]165 (void)out_vec;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]166
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]167 if ((in_len != 1) || (out_len != 0)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]168 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]169 }
170
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]171 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]172 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]173 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]174 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]175
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]176 psa_key_handle_t key = iov->key_handle;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]177 uint32_t index;
178 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]179
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]180 if (status != PSA_SUCCESS) {
181 return status;
182 }
183
184 status = psa_destroy_key(key);
185
186 if (status == PSA_SUCCESS) {
187 handle_owner[index].owner = 0;
188 handle_owner[index].handle = 0;
189 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
190 }
191
192 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]193#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]194}
195
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]196psa_status_t tfm_crypto_get_key_information(psa_invec in_vec[],
197 size_t in_len,
198 psa_outvec out_vec[],
199 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]200{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]201#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
202 return PSA_ERROR_NOT_SUPPORTED;
203#else
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]204 if ((in_len != 1) || (out_len != 2)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]205 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]206 }
207
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]208 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]209 (out_vec[0].len != sizeof(psa_key_type_t)) ||
210 (out_vec[1].len != sizeof(size_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]211 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]212 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]213 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]214
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]215 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]216 psa_key_type_t *type = out_vec[0].base;
217 size_t *bits = out_vec[1].base;
218
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]219 return psa_get_key_information(key, type, bits);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]220#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]221}
222
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]223psa_status_t tfm_crypto_export_key(psa_invec in_vec[],
224 size_t in_len,
225 psa_outvec out_vec[],
226 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]227{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]228#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
229 return PSA_ERROR_NOT_SUPPORTED;
230#else
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]231 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]232 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]233 }
234
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]235 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]236 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]237 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]238 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]239
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]240 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]241 uint8_t *data = out_vec[0].base;
242 size_t data_size = out_vec[0].len;
243
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]244 return psa_export_key(key, data, data_size, &(out_vec[0].len));
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]245#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]246}
247
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]248psa_status_t tfm_crypto_export_public_key(psa_invec in_vec[],
249 size_t in_len,
250 psa_outvec out_vec[],
251 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]252{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]253#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
254 return PSA_ERROR_NOT_SUPPORTED;
255#else
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]256 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]257 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]258 }
Hugues de Valon8b442442019-02-19 14:30:52 +0000[diff] [blame]259
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]260 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]261 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]262 }
263 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
264
265 psa_key_handle_t key = iov->key_handle;
266 uint8_t *data = out_vec[0].base;
267 size_t data_size = out_vec[0].len;
268
269 return psa_export_public_key(key, data, data_size, &(out_vec[0].len));
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]270#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]271}
272
273psa_status_t tfm_crypto_copy_key(psa_invec in_vec[],
274 size_t in_len,
275 psa_outvec out_vec[],
276 size_t out_len)
277{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]278#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
279 return PSA_ERROR_NOT_SUPPORTED;
280#else
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]281 (void)out_vec;
282
283 if ((in_len != 3) || (out_len != 0)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]284 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]285 }
286
287 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
288 (in_vec[1].len != sizeof(psa_key_handle_t)) ||
289 (in_vec[2].len != sizeof(psa_key_policy_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]290 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]291 }
292 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
293
294 psa_key_handle_t source_handle = iov->key_handle;
295 psa_key_handle_t target_handle = *((psa_key_handle_t *)in_vec[1].base);
296 const psa_key_policy_t *policy = in_vec[2].base;
297
298 return psa_copy_key(source_handle, target_handle, policy);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]299#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]300}
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]301
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]302psa_status_t tfm_crypto_set_key_policy(psa_invec in_vec[],
303 size_t in_len,
304 psa_outvec out_vec[],
305 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]306{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]307#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
308 return PSA_ERROR_NOT_SUPPORTED;
309#else
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]310 (void)out_vec;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]311
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]312 if ((in_len != 2) || (out_len != 0)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]313 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]314 }
315
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]316 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]317 (in_vec[1].len != sizeof(psa_key_policy_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]318 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]319 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]320 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]321
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]322 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]323 const psa_key_policy_t *policy = in_vec[1].base;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]324 psa_status_t status = tfm_crypto_check_handle_owner(key, NULL);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]325
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]326 if (status == PSA_SUCCESS) {
327 return psa_set_key_policy(key, policy);
328 } else {
329 return status;
330 }
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]331#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]332}
333
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]334psa_status_t tfm_crypto_get_key_policy(psa_invec in_vec[],
335 size_t in_len,
336 psa_outvec out_vec[],
337 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]338{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]339#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
340 return PSA_ERROR_NOT_SUPPORTED;
341#else
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]342 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]343 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]344 }
345
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]346 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]347 (out_vec[0].len != sizeof(psa_key_policy_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]348 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]349 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]350 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]351
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]352 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]353 psa_key_policy_t *policy = out_vec[0].base;
354
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]355 return psa_get_key_policy(key, policy);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]356#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]357}
358
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]359psa_status_t tfm_crypto_get_key_lifetime(psa_invec in_vec[],
360 size_t in_len,
361 psa_outvec out_vec[],
362 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]363{
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]364#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
365 return PSA_ERROR_NOT_SUPPORTED;
366#else
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]367 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]368 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]369 }
370
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]371 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]372 (out_vec[0].len != sizeof(psa_key_lifetime_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]373 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]374 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]375 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]376
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]377 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]378 psa_key_lifetime_t *lifetime = out_vec[0].base;
379
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]380 return psa_get_key_lifetime(key, lifetime);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame^]381#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]382}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]383/*!@}*/