TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 99360e81af64abdd2e05fcb57ba9aa23d4d383ae / . / secure_fw / services / crypto / crypto_key.c
blob: c7405caecf49141f9956f47ee5aa22de235d9977 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]2 * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]8#include <stddef.h>
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]9#include <stdint.h>
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]10
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]11/* FixMe: Use PSA_ERROR_CONNECTION_REFUSED when performing parameter
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]20#include <stdbool.h>
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]21
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]22#ifndef TFM_CRYPTO_MAX_KEY_HANDLES
23#define TFM_CRYPTO_MAX_KEY_HANDLES (16)
24#endif
25struct tfm_crypto_handle_owner_s {
26 int32_t owner; /*!< Owner of the allocated handle */
27 psa_key_handle_t handle; /*!< Allocated handle */
28 uint8_t in_use; /*!< Flag to indicate if this in use */
29};
30
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]31#ifndef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]32static struct tfm_crypto_handle_owner_s
33 handle_owner[TFM_CRYPTO_MAX_KEY_HANDLES] = {0};
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]34#endif
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]35
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]36/*!
37 * \defgroup public Public functions
38 *
39 */
40
41/*!@{*/
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]42psa_status_t tfm_crypto_check_handle_owner(psa_key_handle_t handle,
43 uint32_t *index)
44{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]45#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]46 return PSA_ERROR_NOT_SUPPORTED;
47#else
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]48 int32_t partition_id = 0;
49 uint32_t i = 0;
50 psa_status_t status;
51
52 status = tfm_crypto_get_caller_id(&partition_id);
53 if (status != PSA_SUCCESS) {
54 return status;
55 }
56
57 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
58 if (handle_owner[i].in_use && handle_owner[i].handle == handle) {
59 if (handle_owner[i].owner == partition_id) {
60 if (index != NULL) {
61 *index = i;
62 }
63 return PSA_SUCCESS;
64 } else {
65 return PSA_ERROR_NOT_PERMITTED;
66 }
67 }
68 }
69
70 return PSA_ERROR_INVALID_HANDLE;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]71#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]72}
73
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame^]74psa_status_t tfm_crypto_check_key_storage(uint32_t *index)
75{
76#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
77 return PSA_ERROR_NOT_SUPPORTED;
78#else
79 uint32_t i;
80
81 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
82 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
83 *index = i;
84 return PSA_SUCCESS;
85 }
86 }
87
88 return PSA_ERROR_INSUFFICIENT_MEMORY;
89#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
90}
91
92psa_status_t tfm_crypto_set_key_storage(uint32_t index,
93 psa_key_handle_t key_handle)
94{
95#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
96 return PSA_ERROR_NOT_SUPPORTED;
97#else
98 psa_status_t status;
99 int32_t partition_id;
100
101 status = tfm_crypto_get_caller_id(&partition_id);
102 if (status != PSA_SUCCESS) {
103 return status;
104 }
105
106 handle_owner[index].owner = partition_id;
107 handle_owner[index].handle = key_handle;
108 handle_owner[index].in_use = TFM_CRYPTO_IN_USE;
109
110 return PSA_SUCCESS;
111#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
112}
113
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]114psa_status_t tfm_crypto_set_key_domain_parameters(psa_invec in_vec[],
115 size_t in_len,
116 psa_outvec out_vec[],
117 size_t out_len)
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]118{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]119#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]120 return PSA_ERROR_NOT_SUPPORTED;
121#else
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]122 /* FixMe: To be implemented */
123 return PSA_ERROR_NOT_SUPPORTED;
124#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
125}
126
127psa_status_t tfm_crypto_get_key_domain_parameters(psa_invec in_vec[],
128 size_t in_len,
129 psa_outvec out_vec[],
130 size_t out_len)
131{
132#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
133 return PSA_ERROR_NOT_SUPPORTED;
134#else
135 /* FixMe: To be implemented */
136 return PSA_ERROR_NOT_SUPPORTED;
137#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
138}
139
140psa_status_t tfm_crypto_import_key(psa_invec in_vec[],
141 size_t in_len,
142 psa_outvec out_vec[],
143 size_t out_len)
144{
145#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
146 return PSA_ERROR_NOT_SUPPORTED;
147#else
148
149 if ((in_len != 3) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]150 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]151 }
152
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]153 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]154 (in_vec[1].len != sizeof(psa_key_attributes_t)) ||
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]155 (out_vec[0].len != sizeof(psa_key_handle_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]156 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]157 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]158 const psa_key_attributes_t *key_attributes = in_vec[1].base;
159 const uint8_t *data = in_vec[2].base;
160 size_t data_length = in_vec[2].len;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]161 psa_key_handle_t *key_handle = out_vec[0].base;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]162 psa_status_t status;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]163 uint32_t i = 0;
164 int32_t partition_id = 0;
165 bool empty_found = false;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]166
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]167 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
168 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
169 empty_found = true;
170 break;
171 }
172 }
173
174 if (!empty_found) {
175 return PSA_ERROR_INSUFFICIENT_MEMORY;
176 }
177
178 status = tfm_crypto_get_caller_id(&partition_id);
179 if (status != PSA_SUCCESS) {
180 return status;
181 }
182
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]183 status = psa_import_key(key_attributes, data, data_length, key_handle);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]184
185 if (status == PSA_SUCCESS) {
186 handle_owner[i].owner = partition_id;
187 handle_owner[i].handle = *key_handle;
188 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
189 }
190
191 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]192#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]193}
194
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]195psa_status_t tfm_crypto_open_key(psa_invec in_vec[],
196 size_t in_len,
197 psa_outvec out_vec[],
198 size_t out_len)
199{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]200#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]201 return PSA_ERROR_NOT_SUPPORTED;
202#else
203 if ((in_len != 2) || (out_len != 1)) {
204 return PSA_ERROR_CONNECTION_REFUSED;
205 }
206
207 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
208 (in_vec[1].len != sizeof(psa_key_id_t)) ||
209 (out_vec[0].len != sizeof(psa_key_handle_t))) {
210 return PSA_ERROR_CONNECTION_REFUSED;
211 }
212
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]213 return PSA_ERROR_NOT_SUPPORTED;
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]214#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
215}
216
217psa_status_t tfm_crypto_close_key(psa_invec in_vec[],
218 size_t in_len,
219 psa_outvec out_vec[],
220 size_t out_len)
221{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]222#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]223 return PSA_ERROR_NOT_SUPPORTED;
224#else
225 (void)out_vec;
226
227 if ((in_len != 1) || (out_len != 0)) {
228 return PSA_ERROR_CONNECTION_REFUSED;
229 }
230
231 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
232 return PSA_ERROR_CONNECTION_REFUSED;
233 }
234 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
235
236 psa_key_handle_t key = iov->key_handle;
237 uint32_t index;
238 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
239
240 if (status != PSA_SUCCESS) {
241 return status;
242 }
243
244 status = psa_close_key(key);
245
246 if (status == PSA_SUCCESS) {
247 handle_owner[index].owner = 0;
248 handle_owner[index].handle = 0;
249 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
250 }
251
252 return status;
253#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
254}
255
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]256psa_status_t tfm_crypto_destroy_key(psa_invec in_vec[],
257 size_t in_len,
258 psa_outvec out_vec[],
259 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]260{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]261#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]262 return PSA_ERROR_NOT_SUPPORTED;
263#else
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]264 (void)out_vec;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]265
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]266 if ((in_len != 1) || (out_len != 0)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]267 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]268 }
269
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]270 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]271 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]272 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]273 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]274
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]275 psa_key_handle_t key = iov->key_handle;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]276 uint32_t index;
277 psa_status_t status = tfm_crypto_check_handle_owner(key, &index);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]278
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]279 if (status != PSA_SUCCESS) {
280 return status;
281 }
282
283 status = psa_destroy_key(key);
284
285 if (status == PSA_SUCCESS) {
286 handle_owner[index].owner = 0;
287 handle_owner[index].handle = 0;
288 handle_owner[index].in_use = TFM_CRYPTO_NOT_IN_USE;
289 }
290
291 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]292#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]293}
294
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]295psa_status_t tfm_crypto_get_key_attributes(psa_invec in_vec[],
296 size_t in_len,
297 psa_outvec out_vec[],
298 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]299{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]300#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]301 return PSA_ERROR_NOT_SUPPORTED;
302#else
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]303 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]304 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]305 }
306
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]307 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]308 (out_vec[0].len != sizeof(psa_key_attributes_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]309 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]310 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]311 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]312
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]313 psa_key_handle_t key = iov->key_handle;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]314 psa_key_attributes_t *key_attributes = out_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]315
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]316 return psa_get_key_attributes(key, key_attributes);
317#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
318}
319
320psa_status_t tfm_crypto_reset_key_attributes(psa_invec in_vec[],
321 size_t in_len,
322 psa_outvec out_vec[],
323 size_t out_len)
324{
325#if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
326 return PSA_ERROR_NOT_SUPPORTED;
327#else
328 if ((in_len != 1) || (out_len != 1)) {
329 return PSA_ERROR_CONNECTION_REFUSED;
330 }
331
332 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
333 (out_vec[0].len != sizeof(psa_key_attributes_t))) {
334 return PSA_ERROR_CONNECTION_REFUSED;
335 }
336
337 psa_key_attributes_t *key_attributes = out_vec[0].base;
338
339 psa_reset_key_attributes(key_attributes);
340
341 /* psa_reset_key_attributes() doesn't report any error */
342 return PSA_SUCCESS;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]343#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]344}
345
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]346psa_status_t tfm_crypto_export_key(psa_invec in_vec[],
347 size_t in_len,
348 psa_outvec out_vec[],
349 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]350{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]351#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]352 return PSA_ERROR_NOT_SUPPORTED;
353#else
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]354 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]355 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]356 }
357
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]358 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]359 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]360 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]361 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]362
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]363 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]364 uint8_t *data = out_vec[0].base;
365 size_t data_size = out_vec[0].len;
366
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]367 return psa_export_key(key, data, data_size, &(out_vec[0].len));
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]368#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]369}
370
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]371psa_status_t tfm_crypto_export_public_key(psa_invec in_vec[],
372 size_t in_len,
373 psa_outvec out_vec[],
374 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]375{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]376#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]377 return PSA_ERROR_NOT_SUPPORTED;
378#else
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]379 if ((in_len != 1) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]380 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]381 }
Hugues de Valon8b442442019-02-19 14:30:52 +0000[diff] [blame]382
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]383 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]384 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]385 }
386 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
387
388 psa_key_handle_t key = iov->key_handle;
389 uint8_t *data = out_vec[0].base;
390 size_t data_size = out_vec[0].len;
391
392 return psa_export_public_key(key, data, data_size, &(out_vec[0].len));
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]393#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]394}
395
396psa_status_t tfm_crypto_copy_key(psa_invec in_vec[],
397 size_t in_len,
398 psa_outvec out_vec[],
399 size_t out_len)
400{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]401#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]402 return PSA_ERROR_NOT_SUPPORTED;
403#else
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]404
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]405 if ((in_len != 2) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]406 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]407 }
408
409 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]410 (out_vec[0].len != sizeof(psa_key_handle_t)) ||
411 (in_vec[1].len != sizeof(psa_key_attributes_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]412 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]413 }
414 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
415
416 psa_key_handle_t source_handle = iov->key_handle;
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]417 psa_key_handle_t *target_handle = out_vec[0].base;
418 const psa_key_attributes_t *key_attributes = in_vec[1].base;
419 psa_status_t status;
420 uint32_t i = 0;
421 int32_t partition_id = 0;
422 bool empty_found = false;
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]423
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]424 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
425 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
426 empty_found = true;
427 break;
428 }
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]429 }
430
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]431 if (!empty_found) {
432 return PSA_ERROR_INSUFFICIENT_MEMORY;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]433 }
434
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]435 status = tfm_crypto_get_caller_id(&partition_id);
436 if (status != PSA_SUCCESS) {
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]437 return status;
438 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]439
440 status = psa_copy_key(source_handle, key_attributes, target_handle);
441
442 if (status == PSA_SUCCESS) {
443 handle_owner[i].owner = partition_id;
444 handle_owner[i].handle = *target_handle;
445 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
446 }
447
448 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]449#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]450 return PSA_ERROR_NOT_SUPPORTED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]451}
452
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]453psa_status_t tfm_crypto_generate_key(psa_invec in_vec[],
454 size_t in_len,
455 psa_outvec out_vec[],
456 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]457{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]458#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]459 return PSA_ERROR_NOT_SUPPORTED;
460#else
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]461 if ((in_len != 2) || (out_len != 1)) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]462 return PSA_ERROR_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]463 }
464
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]465 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]466 (in_vec[1].len != sizeof(psa_key_attributes_t)) ||
467 (out_vec[0].len != sizeof(psa_key_handle_t))) {
Summer Qin4b1d03b2019-07-02 14:56:08 +0800[diff] [blame]468 return PSA_ERROR_CONNECTION_REFUSED;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]469 }
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]470 psa_key_handle_t *key_handle = out_vec[0].base;
471 const psa_key_attributes_t *key_attributes = in_vec[1].base;
472 psa_status_t status;
473 uint32_t i = 0;
474 int32_t partition_id = 0;
475 bool empty_found = false;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]476
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]477 for (i = 0; i < TFM_CRYPTO_MAX_KEY_HANDLES; i++) {
478 if (handle_owner[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
479 empty_found = true;
480 break;
481 }
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]482 }
483
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]484 if (!empty_found) {
485 return PSA_ERROR_INSUFFICIENT_MEMORY;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]486 }
487
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]488 status = tfm_crypto_get_caller_id(&partition_id);
489 if (status != PSA_SUCCESS) {
490 return status;
491 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]492
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]493 status = psa_generate_key(key_attributes, key_handle);
494
495 if (status == PSA_SUCCESS) {
496 handle_owner[i].owner = partition_id;
497 handle_owner[i].handle = *key_handle;
498 handle_owner[i].in_use = TFM_CRYPTO_IN_USE;
499 }
500
501 return status;
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]502#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]503}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]504/*!@}*/