TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / c9679cc4d8ef279be6a1a5bb0d6bff2b0f0709a5 / . / secure_fw / partitions / crypto / crypto_init.c
blob: 898418ed511cd2b1e97365f69ce49abedb543e89 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Kevin Peng6aa48952022-01-28 15:40:46 +0800[diff] [blame]2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]7#include <stdbool.h>
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]8
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]9#include "tfm_mbedcrypto_include.h"
10
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]11#include "tfm_crypto_api.h"
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]12#include "tfm_crypto_defs.h"
Summer Qinc737ece2020-08-28 10:47:26 +0800[diff] [blame]13#include "tfm_sp_log.h"
Summer Qinca6c1522022-06-17 14:25:55 +0800[diff] [blame]14#include "crypto_check_config.h"
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]15
16/*
17 * \brief This Mbed TLS include is needed to initialise the memory allocator
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]18 * of the library used for internal allocations
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]19 */
20#include "mbedtls/memory_buffer_alloc.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]21
Sherry Zhange1524982022-06-08 16:57:59 +0800[diff] [blame]22#include "mbedtls/platform.h"
23
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]24#ifdef CRYPTO_NV_SEED
25#include "tfm_plat_crypto_nv_seed.h"
26#endif /* CRYPTO_NV_SEED */
Summer Qina5448d62020-12-07 14:03:37 +0800[diff] [blame]27
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]28#ifndef TFM_PSA_API
29#include "tfm_secure_api.h"
30#endif
31
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]32#ifdef CRYPTO_HW_ACCELERATOR
33#include "crypto_hw.h"
Michel Jaouenf41c6422021-10-07 14:38:08 +0200[diff] [blame]34#endif /* CRYPTO_HW_ACCELERATOR */
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]35
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]36#ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
37#error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be selected in Mbed TLS config file"
38#endif
39
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]40#ifdef TFM_PSA_API
Ken Liub671d682022-05-12 20:39:29 +0800[diff] [blame]41#include <string.h>
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]42#include "psa/framework_feature.h"
Jamie Foxcc31d402019-01-28 17:13:52 +0000[diff] [blame]43#include "psa/service.h"
Edison Aicc4c6162019-06-21 13:52:49 +0800[diff] [blame]44#include "psa_manifest/tfm_crypto.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]45
46/**
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]47 * \brief Aligns a value x up to an alignment a.
48 */
49#define ALIGN(x, a) (((x) + ((a) - 1)) & ~((a) - 1))
50
51/**
52 * \brief Maximum alignment required by any iovec parameters to the TF-M Crypto
53 * partition.
54 */
55#define TFM_CRYPTO_IOVEC_ALIGNMENT (4u)
56
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]57#if PSA_FRAMEWORK_HAS_MM_IOVEC == 1
58static int32_t g_client_id;
59
60static void tfm_crypto_set_caller_id(int32_t id)
61{
62 g_client_id = id;
63}
64
65psa_status_t tfm_crypto_get_caller_id(int32_t *id)
66{
67 *id = g_client_id;
68 return PSA_SUCCESS;
69}
70
71static psa_status_t tfm_crypto_init_iovecs(const psa_msg_t *msg,
72 psa_invec in_vec[],
73 size_t in_len,
74 psa_outvec out_vec[],
75 size_t out_len)
76{
77 uint32_t i;
78
79 /* Map from the second element as the first is read when parsing */
80 for (i = 1; i < in_len; i++) {
81 in_vec[i].len = msg->in_size[i];
82 if (in_vec[i].len != 0) {
83 in_vec[i].base = psa_map_invec(msg->handle, i);
84 } else {
85 in_vec[i].base = NULL;
86 }
87 }
88
89 for (i = 0; i < out_len; i++) {
90 out_vec[i].len = msg->out_size[i];
91 if (out_vec[i].len != 0) {
92 out_vec[i].base = psa_map_outvec(msg->handle, i);
93 } else {
94 out_vec[i].base = NULL;
95 }
96 }
97
98 return PSA_SUCCESS;
99}
100#else /* PSA_FRAMEWORK_HAS_MM_IOVEC == 1 */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]101/**
102 * \brief Default size of the internal scratch buffer used for IOVec allocations
103 * in bytes
104 */
105#ifndef TFM_CRYPTO_IOVEC_BUFFER_SIZE
Soby Mathew7740b602020-10-07 12:08:28 +0100[diff] [blame]106#error TFM_CRYPTO_IOVEC_BUFFER_SIZE is not defined
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]107#endif
108
109/**
110 * \brief Internal scratch used for IOVec allocations
111 *
112 */
113static struct tfm_crypto_scratch {
114 __attribute__((__aligned__(TFM_CRYPTO_IOVEC_ALIGNMENT)))
115 uint8_t buf[TFM_CRYPTO_IOVEC_BUFFER_SIZE];
116 uint32_t alloc_index;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]117 int32_t owner;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]118} scratch = {.buf = {0}, .alloc_index = 0};
119
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]120static psa_status_t tfm_crypto_set_scratch_owner(int32_t id)
121{
122 scratch.owner = id;
123 return PSA_SUCCESS;
124}
125
126static psa_status_t tfm_crypto_get_scratch_owner(int32_t *id)
127{
128 *id = scratch.owner;
129 return PSA_SUCCESS;
130}
131
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]132static psa_status_t tfm_crypto_alloc_scratch(size_t requested_size, void **buf)
133{
134 /* Ensure alloc_index remains aligned to the required iovec alignment */
135 requested_size = ALIGN(requested_size, TFM_CRYPTO_IOVEC_ALIGNMENT);
136
137 if (requested_size > (sizeof(scratch.buf) - scratch.alloc_index)) {
138 return PSA_ERROR_INSUFFICIENT_MEMORY;
139 }
140
141 /* Compute the pointer to the allocated space */
142 *buf = (void *)&scratch.buf[scratch.alloc_index];
143
144 /* Increase the allocated size */
145 scratch.alloc_index += requested_size;
146
147 return PSA_SUCCESS;
148}
149
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]150static void tfm_crypto_clear_scratch(void)
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]151{
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]152 scratch.owner = 0;
Ken Liub671d682022-05-12 20:39:29 +0800[diff] [blame]153 (void)memset(scratch.buf, 0, scratch.alloc_index);
Summer Qin0a9e5372020-11-27 16:04:05 +0800[diff] [blame]154 scratch.alloc_index = 0;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]155}
156
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]157static void tfm_crypto_set_caller_id(int32_t id)
158{
159 /* Set the owner of the data in the scratch */
160 (void)tfm_crypto_set_scratch_owner(id);
161}
162
163psa_status_t tfm_crypto_get_caller_id(int32_t *id)
164{
165 return tfm_crypto_get_scratch_owner(id);
166}
167
168static psa_status_t tfm_crypto_init_iovecs(const psa_msg_t *msg,
169 psa_invec in_vec[],
170 size_t in_len,
171 psa_outvec out_vec[],
172 size_t out_len)
173{
174 uint32_t i;
175 void *alloc_buf_ptr = NULL;
176 psa_status_t status;
177
178 /* Alloc/read from the second element as the first is read when parsing */
179 for (i = 1; i < in_len; i++) {
180 /* Allocate necessary space in the internal scratch */
181 status = tfm_crypto_alloc_scratch(msg->in_size[i], &alloc_buf_ptr);
182 if (status != PSA_SUCCESS) {
183 tfm_crypto_clear_scratch();
184 return status;
185 }
186 /* Read from the IPC framework inputs into the scratch */
187 in_vec[i].len =
188 psa_read(msg->handle, i, alloc_buf_ptr, msg->in_size[i]);
189 /* Populate the fields of the input to the secure function */
190 in_vec[i].base = alloc_buf_ptr;
191 }
192
193 for (i = 0; i < out_len; i++) {
194 /* Allocate necessary space for the output in the internal scratch */
195 status = tfm_crypto_alloc_scratch(msg->out_size[i], &alloc_buf_ptr);
196 if (status != PSA_SUCCESS) {
197 tfm_crypto_clear_scratch();
198 return status;
199 }
200 /* Populate the fields of the output to the secure function */
201 out_vec[i].base = alloc_buf_ptr;
202 out_vec[i].len = msg->out_size[i];
203 }
204
205 return PSA_SUCCESS;
206}
207#endif /* PSA_FRAMEWORK_HAS_MM_IOVEC == 1 */
208
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]209static psa_status_t tfm_crypto_call_srv(const psa_msg_t *msg)
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]210{
211 psa_status_t status = PSA_SUCCESS;
TTornblomfaf74f52020-03-04 17:56:27 +0100[diff] [blame]212 size_t in_len = PSA_MAX_IOVEC, out_len = PSA_MAX_IOVEC, i;
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]213 psa_invec in_vec[PSA_MAX_IOVEC] = { {NULL, 0} };
214 psa_outvec out_vec[PSA_MAX_IOVEC] = { {NULL, 0} };
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]215 struct tfm_crypto_pack_iovec iov = {0};
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]216
217 /* Check the number of in_vec filled */
Jamie Fox9a234e22019-04-30 11:12:05 +0100[diff] [blame]218 while ((in_len > 0) && (msg->in_size[in_len - 1] == 0)) {
219 in_len--;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]220 }
221
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]222 /* Check the number of out_vec filled */
223 while ((out_len > 0) && (msg->out_size[out_len - 1] == 0)) {
224 out_len--;
225 }
226
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]227 /* There will always be a tfm_crypto_pack_iovec in the first iovec */
228 if (in_len < 1) {
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]229 return PSA_ERROR_GENERIC_ERROR;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]230 }
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]231
232 if (psa_read(msg->handle, 0, &iov, sizeof(iov)) != sizeof(iov)) {
233 return PSA_ERROR_GENERIC_ERROR;
234 }
235
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]236 /* Initialise the first iovec with the IOV read when parsing */
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]237 in_vec[0].base = &iov;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]238 in_vec[0].len = sizeof(struct tfm_crypto_pack_iovec);
239
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]240 status = tfm_crypto_init_iovecs(msg, in_vec, in_len, out_vec, out_len);
241 if (status != PSA_SUCCESS) {
242 return status;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]243 }
244
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]245 tfm_crypto_set_caller_id(msg->client_id);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]246
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]247 /* Call the dispatcher to the functions that implement the PSA Crypto API */
248 status = tfm_crypto_api_dispatcher(in_vec, in_len, out_vec, out_len);
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]249
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]250#if PSA_FRAMEWORK_HAS_MM_IOVEC == 1
251 for (i = 0; i < out_len; i++) {
252 if (out_vec[i].base != NULL) {
253 psa_unmap_outvec(msg->handle, i, out_vec[i].len);
254 }
255 }
256#else
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]257 /* Write into the IPC framework outputs from the scratch */
258 for (i = 0; i < out_len; i++) {
259 psa_write(msg->handle, i, out_vec[i].base, out_vec[i].len);
260 }
261
262 /* Clear the allocated internal scratch before returning */
Summer Qin0a9e5372020-11-27 16:04:05 +0800[diff] [blame]263 tfm_crypto_clear_scratch();
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]264#endif
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]265
266 return status;
267}
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]268#else /* TFM_PSA_API */
269psa_status_t tfm_crypto_get_caller_id(int32_t *id)
270{
271 int32_t res;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]272
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]273 res = tfm_core_get_caller_client_id(id);
274 if (res != TFM_SUCCESS) {
275 return PSA_ERROR_NOT_PERMITTED;
276 } else {
277 return PSA_SUCCESS;
278 }
279}
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]280#endif /* TFM_PSA_API */
281
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]282/**
283 * \brief Default value for the size of the static buffer used by Mbed
284 * Crypto for its dynamic allocations
285 */
286#ifndef TFM_CRYPTO_ENGINE_BUF_SIZE
Soby Mathew7740b602020-10-07 12:08:28 +0100[diff] [blame]287#error TFM_CRYPTO_ENGINE_BUF_SIZE is not defined
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]288#endif
289
290/**
291 * \brief Static buffer to be used by Mbed Crypto for memory allocations
292 *
293 */
294static uint8_t mbedtls_mem_buf[TFM_CRYPTO_ENGINE_BUF_SIZE] = {0};
295
296static psa_status_t tfm_crypto_engine_init(void)
297{
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]298#ifdef CRYPTO_NV_SEED
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]299 LOG_INFFMT("[INF][Crypto] ");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]300#ifdef TFM_PSA_API
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]301 LOG_INFFMT("Provisioning entropy seed... ");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]302 if (tfm_plat_crypto_provision_entropy_seed() != TFM_CRYPTO_NV_SEED_SUCCESS) {
Summer Qina5448d62020-12-07 14:03:37 +0800[diff] [blame]303 return PSA_ERROR_GENERIC_ERROR;
304 }
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]305 LOG_INFFMT("\033[0;32mcomplete.\033[0m\r\n");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]306#else
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]307 LOG_INFFMT("TF-M in library mode uses a dummy NV seed. ");
308 LOG_INFFMT("This is not suitable for production! ");
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]309 LOG_INFFMT("This device is \033[1;31mNOT SECURE\033[0m\r\n");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]310#endif /* TFM_PSA_API */
311#endif /* CRYPTO_NV_SEED */
Summer Qina5448d62020-12-07 14:03:37 +0800[diff] [blame]312
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]313 /* Initialise the Mbed Crypto memory allocator to use static memory
314 * allocation from the provided buffer instead of using the heap
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]315 */
316 mbedtls_memory_buffer_alloc_init(mbedtls_mem_buf,
317 TFM_CRYPTO_ENGINE_BUF_SIZE);
318
Sherry Zhange1524982022-06-08 16:57:59 +0800[diff] [blame]319 /* mbedtls_printf is used to print messages including error information. */
320#if (TFM_PARTITION_LOG_LEVEL >= TFM_PARTITION_LOG_LEVEL_ERROR)
321 mbedtls_platform_set_printf(tfm_sp_log_printf);
322#endif
323
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]324 /* Initialise the crypto accelerator if one is enabled */
325#ifdef CRYPTO_HW_ACCELERATOR
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]326 LOG_INFFMT("[INF][Crypto] Initialising HW accelerator... ");
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]327 if (crypto_hw_accelerator_init() != 0) {
328 return PSA_ERROR_HARDWARE_FAILURE;
329 }
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]330 LOG_INFFMT("\033[0;32mcomplete.\033[0m\r\n");
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]331#endif /* CRYPTO_HW_ACCELERATOR */
332
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]333 /* Previous function does not return any value, so just call the
334 * initialisation function of the Mbed Crypto layer
335 */
336 return psa_crypto_init();
337}
338
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]339static psa_status_t tfm_crypto_module_init(void)
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]340{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]341 /* Init the Alloc module */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]342 return tfm_crypto_init_alloc();
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]343}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]344
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]345psa_status_t tfm_crypto_init(void)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]346{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]347 psa_status_t status;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]348
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]349 /* Initialise other modules of the service */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]350 status = tfm_crypto_module_init();
351 if (status != PSA_SUCCESS) {
352 return status;
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]353 }
354
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]355 /* Initialise the engine layer */
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]356 return tfm_crypto_engine_init();
357}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]358
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]359#ifdef TFM_PSA_API
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]360psa_status_t tfm_crypto_sfn(const psa_msg_t *msg)
361{
362 /* Process the message type */
363 switch (msg->type) {
364 case PSA_IPC_CALL:
365 return tfm_crypto_call_srv(msg);
366 default:
367 return PSA_ERROR_NOT_SUPPORTED;
368 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]369
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]370 return PSA_ERROR_GENERIC_ERROR;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]371}
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]372#endif
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]373
374psa_status_t tfm_crypto_api_dispatcher(psa_invec in_vec[],
375 size_t in_len,
376 psa_outvec out_vec[],
377 size_t out_len)
378{
379 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
380 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
381 int32_t caller_id = 0;
382 mbedtls_svc_key_id_t encoded_key = MBEDTLS_SVC_KEY_ID_INIT;
383 bool is_key_required = false;
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame^]384 enum tfm_crypto_group_id group_id;
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]385
386 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
387 return PSA_ERROR_PROGRAMMER_ERROR;
388 }
389
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame^]390 group_id = TFM_CRYPTO_GET_GROUP_ID(iov->function_id);
391
392 is_key_required = !((group_id == TFM_CRYPTO_GROUP_ID_HASH) ||
393 (group_id == TFM_CRYPTO_GROUP_ID_RANDOM));
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]394
395 if (is_key_required) {
396 status = tfm_crypto_get_caller_id(&caller_id);
397 if (status != PSA_SUCCESS) {
398 return status;
399 }
400 /* The caller_id being set in the owner field is the partition ID
401 * of the calling partition
402 */
403 encoded_key = mbedtls_svc_key_id_make(caller_id, iov->key_id);
404 }
405
406 /* Dispatch to each sub-module based on the Group ID */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame^]407 switch (group_id) {
408 case TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT:
409 return tfm_crypto_key_management_interface(in_vec, out_vec,
410 &encoded_key);
411 case TFM_CRYPTO_GROUP_ID_HASH:
412 return tfm_crypto_hash_interface(in_vec, out_vec);
413 case TFM_CRYPTO_GROUP_ID_MAC:
414 return tfm_crypto_mac_interface(in_vec, out_vec, &encoded_key);
415 case TFM_CRYPTO_GROUP_ID_CIPHER:
416 return tfm_crypto_cipher_interface(in_vec, out_vec, &encoded_key);
417 case TFM_CRYPTO_GROUP_ID_AEAD:
418 return tfm_crypto_aead_interface(in_vec, out_vec, &encoded_key);
419 case TFM_CRYPTO_GROUP_ID_ASYM_SIGN:
420 return tfm_crypto_asymmetric_sign_interface(in_vec, out_vec,
421 &encoded_key);
422 case TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT:
423 return tfm_crypto_asymmetric_encrypt_interface(in_vec, out_vec,
424 &encoded_key);
425 case TFM_CRYPTO_GROUP_ID_KEY_DERIVATION:
426 return tfm_crypto_key_derivation_interface(in_vec, out_vec,
427 &encoded_key);
428 case TFM_CRYPTO_GROUP_ID_RANDOM:
429 return tfm_crypto_random_interface(in_vec, out_vec);
430 default:
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]431 LOG_ERRFMT("[ERR][Crypto] Unsupported request!\r\n");
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame^]432 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]433 }
434
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame^]435 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]436}