TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 9a234e2a76a940a884e27cd2c9f00feb77b2341b / . / secure_fw / services / crypto / crypto_aead.c
blob: a1c14a79a96b8b13e0a3128ba2efded8bc798448 [file] [log] [blame]
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]1/*
2 * Copyright (c) 2019, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]8#include <stddef.h>
9#include <stdint.h>
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]10
11/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]20
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]21/*!
22 * \defgroup public_psa Public functions, PSA
23 *
24 */
25
26/*!@{*/
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]27psa_status_t tfm_crypto_aead_encrypt(psa_invec in_vec[],
28 size_t in_len,
29 psa_outvec out_vec[],
30 size_t out_len)
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]31{
32 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]33
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]34 if ( !((in_len == 2) || (in_len == 3)) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]35 return PSA_CONNECTION_REFUSED;
36 }
37
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]38 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]39 return PSA_CONNECTION_REFUSED;
40 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]41 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
42 const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]43 psa_key_handle_t key_handle = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]44 psa_algorithm_t alg = iov->alg;
45 const uint8_t *nonce = aead_pack_input->nonce;
46 size_t nonce_length = aead_pack_input->nonce_length;
47 const uint8_t *plaintext = in_vec[1].base;
48 size_t plaintext_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]49 uint8_t *ciphertext = out_vec[0].base;
50 size_t ciphertext_size = out_vec[0].len;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]51 const uint8_t *additional_data = NULL;
52 size_t additional_data_length = 0;
53
54 /* Check if additional data has been passed and initialise it */
55 if (in_len == 3) {
56 additional_data = in_vec[2].base;
57 additional_data_length = in_vec[2].len;
58 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]59
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]60 /* Initialise ciphertext_length to zero */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]61 out_vec[0].len = 0;
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]62
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]63 status = psa_aead_encrypt(key_handle, alg, nonce, nonce_length,
64 additional_data, additional_data_length,
65 plaintext, plaintext_length,
66 ciphertext, ciphertext_size, &out_vec[0].len);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]67 return status;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]68}
69
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]70psa_status_t tfm_crypto_aead_decrypt(psa_invec in_vec[],
71 size_t in_len,
72 psa_outvec out_vec[],
73 size_t out_len)
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]74{
75 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]76
Jamie Fox9a234e22019-04-30 11:12:05 +0100[diff] [blame^]77 if ( !((in_len == 2) || (in_len == 3)) || (out_len > 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]78 return PSA_CONNECTION_REFUSED;
79 }
80
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]81 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
82 return PSA_CONNECTION_REFUSED;
83 }
84 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
85 const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]86 psa_key_handle_t key_handle = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]87 psa_algorithm_t alg = iov->alg;
88 const uint8_t *nonce = aead_pack_input->nonce;
89 size_t nonce_length = aead_pack_input->nonce_length;
90 const uint8_t *ciphertext = in_vec[1].base;
91 size_t ciphertext_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]92 uint8_t *plaintext = out_vec[0].base;
93 size_t plaintext_size = out_vec[0].len;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]94 const uint8_t *additional_data = NULL;
95 size_t additional_data_length = 0;
96
97 /* Check if additional data has been passed and initialise it */
98 if (in_len == 3) {
99 additional_data = in_vec[2].base;
100 additional_data_length = in_vec[2].len;
101 }
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]102
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]103 /* Initialise plaintext_length to zero */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]104 out_vec[0].len = 0;
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]105
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]106 status = psa_aead_decrypt(key_handle, alg, nonce, nonce_length,
107 additional_data, additional_data_length,
108 ciphertext, ciphertext_length,
109 plaintext, plaintext_size, &out_vec[0].len);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]110 return status;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]111}
112/*!@}*/