TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 377a1550a5c335f5b9ee2185825b19ea2c34b7d4 / . / secure_fw / services / crypto / crypto_key.c
blob: a6769d4a818413c9bcde4072aae03b7eaae2a5d0 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame^]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include <limits.h>
9
10#include "tfm_crypto_defs.h"
11
12/* Pre include Mbed TLS headers */
13#define LIB_PREFIX_NAME __tfm_crypto__
14#include "mbedtls_global_symbols.h"
15
16/* Include the Mbed TLS configuration file, the way Mbed TLS does it
17 * in each of its header files.
18 */
19#if !defined(MBEDTLS_CONFIG_FILE)
20#include "platform/ext/common/tfm_mbedtls_config.h"
21#else
22#include MBEDTLS_CONFIG_FILE
23#endif
24
25#include "psa_crypto.h"
26
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame^]27#include "tfm_crypto_struct.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]28
29/**
30 * \brief This value defines the maximum number of simultaneous key stores
31 * supported by this implementation.
32 */
33#define TFM_CRYPTO_KEY_STORAGE_NUM (4)
34
35struct tfm_crypto_key_storage_s {
36 uint8_t in_use; /*!< Indicates if the key store is in use */
37 psa_key_type_t type; /*!< Type of the key stored */
38 size_t data_length; /*!< Length of the key stored */
39 uint8_t data[TFM_CRYPTO_MAX_KEY_LENGTH]; /*!< Buffer containining the key */
40};
41
42static struct tfm_crypto_key_storage_s
43 key_storage[TFM_CRYPTO_KEY_STORAGE_NUM] = {{0}};
44/*!
45 * \defgroup public Public functions
46 *
47 */
48
49/*!@{*/
50enum tfm_crypto_err_t tfm_crypto_import_key(psa_key_slot_t key,
51 psa_key_type_t type,
52 const uint8_t *data,
53 size_t data_length)
54{
55 size_t i;
56
57 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
58 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
59 }
60
61 if (key_storage[key].in_use != TFM_CRYPTO_NOT_IN_USE) {
62 return TFM_CRYPTO_ERR_PSA_ERROR_OCCUPIED_SLOT;
63 }
64
65 if (data_length > TFM_CRYPTO_MAX_KEY_LENGTH) {
66 return TFM_CRYPTO_ERR_PSA_ERROR_NOT_SUPPORTED;
67 }
68
69 key_storage[key].in_use = TFM_CRYPTO_IN_USE;
70 key_storage[key].type = type;
71
72 for (i=0; i<data_length; i++) {
73 key_storage[key].data[i] = data[i];
74 }
75
76 key_storage[key].data_length = data_length;
77
78
79 return TFM_CRYPTO_ERR_PSA_SUCCESS;
80}
81
82enum tfm_crypto_err_t tfm_crypto_destroy_key(psa_key_slot_t key)
83{
84 uint32_t i;
85
86 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
87 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
88 }
89
90 volatile uint8_t *p_mem = (uint8_t *) &(key_storage[key]);
91 uint32_t size_mem = sizeof(struct tfm_crypto_key_storage_s);
92
93 /* memset the key_storage */
94 for (i=0; i<size_mem; i++) {
95 p_mem[i] = 0;
96 }
97
98 /* Set default values */
99 key_storage[key].in_use = TFM_CRYPTO_NOT_IN_USE;
100
101 return TFM_CRYPTO_ERR_PSA_SUCCESS;
102}
103
104enum tfm_crypto_err_t tfm_crypto_get_key_information(psa_key_slot_t key,
105 psa_key_type_t *type,
106 size_t *bits)
107{
108 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
109 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
110 }
111
112 if (key_storage[key].in_use == TFM_CRYPTO_NOT_IN_USE) {
113 return TFM_CRYPTO_ERR_PSA_ERROR_EMPTY_SLOT;
114 }
115
116 /* Get basic metadata */
117 *type = key_storage[key].type;
118 *bits = PSA_BYTES_TO_BITS(key_storage[key].data_length);
119
120 return TFM_CRYPTO_ERR_PSA_SUCCESS;
121}
122
123enum tfm_crypto_err_t tfm_crypto_export_key(psa_key_slot_t key,
124 uint8_t *data,
125 size_t data_size,
126 size_t *data_length)
127{
128 size_t i;
129
130 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
131 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
132 }
133
134 if (key_storage[key].in_use == TFM_CRYPTO_NOT_IN_USE) {
135 return TFM_CRYPTO_ERR_PSA_ERROR_EMPTY_SLOT;
136 }
137
138 if (key_storage[key].data_length > data_size) {
139 return TFM_CRYPTO_ERR_PSA_ERROR_NOT_SUPPORTED;
140 }
141
142 for (i=0; i<key_storage[key].data_length; i++) {
143 data[i] = key_storage[key].data[i];
144 }
145
146 *data_length = key_storage[key].data_length;
147
148 return TFM_CRYPTO_ERR_PSA_SUCCESS;
149}
150
151enum tfm_crypto_err_t tfm_crypto_export_public_key(psa_key_slot_t key,
152 uint8_t *data,
153 size_t data_size,
154 size_t *data_length)
155{
156 /* FIXME: This API is not supported yet */
157 return TFM_CRYPTO_ERR_PSA_ERROR_NOT_SUPPORTED;
158}
159/*!@}*/