TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / 3a48099152f80e7e9e75610b2de06190ab1ff932 / . / secure_fw / services / crypto / crypto_key.c
blob: d6b99c765cf51742f132df6a11a7ac6a173cea2c [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include <limits.h>
9
10#include "tfm_crypto_defs.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]11#include "psa_crypto.h"
12
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]13#include "tfm_crypto_struct.h"
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]14#include "secure_fw/core/secure_utilities.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]15
16/**
17 * \brief This value defines the maximum number of simultaneous key stores
18 * supported by this implementation.
19 */
20#define TFM_CRYPTO_KEY_STORAGE_NUM (4)
21
22struct tfm_crypto_key_storage_s {
23 uint8_t in_use; /*!< Indicates if the key store is in use */
24 psa_key_type_t type; /*!< Type of the key stored */
25 size_t data_length; /*!< Length of the key stored */
26 uint8_t data[TFM_CRYPTO_MAX_KEY_LENGTH]; /*!< Buffer containining the key */
27};
28
29static struct tfm_crypto_key_storage_s
30 key_storage[TFM_CRYPTO_KEY_STORAGE_NUM] = {{0}};
31/*!
32 * \defgroup public Public functions
33 *
34 */
35
36/*!@{*/
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]37enum tfm_crypto_err_t tfm_crypto_init_key(void)
38{
39 /* Clear the contents of the local key_storage */
40 tfm_memset(key_storage, 0, sizeof(key_storage));
41 return TFM_CRYPTO_ERR_PSA_SUCCESS;
42}
43
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]44enum tfm_crypto_err_t tfm_crypto_import_key(psa_key_slot_t key,
45 psa_key_type_t type,
46 const uint8_t *data,
47 size_t data_length)
48{
49 size_t i;
50
51 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
52 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
53 }
54
55 if (key_storage[key].in_use != TFM_CRYPTO_NOT_IN_USE) {
56 return TFM_CRYPTO_ERR_PSA_ERROR_OCCUPIED_SLOT;
57 }
58
59 if (data_length > TFM_CRYPTO_MAX_KEY_LENGTH) {
60 return TFM_CRYPTO_ERR_PSA_ERROR_NOT_SUPPORTED;
61 }
62
63 key_storage[key].in_use = TFM_CRYPTO_IN_USE;
64 key_storage[key].type = type;
65
66 for (i=0; i<data_length; i++) {
67 key_storage[key].data[i] = data[i];
68 }
69
70 key_storage[key].data_length = data_length;
71
72
73 return TFM_CRYPTO_ERR_PSA_SUCCESS;
74}
75
76enum tfm_crypto_err_t tfm_crypto_destroy_key(psa_key_slot_t key)
77{
78 uint32_t i;
79
80 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
81 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
82 }
83
84 volatile uint8_t *p_mem = (uint8_t *) &(key_storage[key]);
85 uint32_t size_mem = sizeof(struct tfm_crypto_key_storage_s);
86
87 /* memset the key_storage */
88 for (i=0; i<size_mem; i++) {
89 p_mem[i] = 0;
90 }
91
92 /* Set default values */
93 key_storage[key].in_use = TFM_CRYPTO_NOT_IN_USE;
94
95 return TFM_CRYPTO_ERR_PSA_SUCCESS;
96}
97
98enum tfm_crypto_err_t tfm_crypto_get_key_information(psa_key_slot_t key,
99 psa_key_type_t *type,
100 size_t *bits)
101{
102 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
103 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
104 }
105
106 if (key_storage[key].in_use == TFM_CRYPTO_NOT_IN_USE) {
107 return TFM_CRYPTO_ERR_PSA_ERROR_EMPTY_SLOT;
108 }
109
110 /* Get basic metadata */
111 *type = key_storage[key].type;
112 *bits = PSA_BYTES_TO_BITS(key_storage[key].data_length);
113
114 return TFM_CRYPTO_ERR_PSA_SUCCESS;
115}
116
117enum tfm_crypto_err_t tfm_crypto_export_key(psa_key_slot_t key,
118 uint8_t *data,
119 size_t data_size,
120 size_t *data_length)
121{
122 size_t i;
123
124 if (key >= TFM_CRYPTO_KEY_STORAGE_NUM) {
125 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
126 }
127
128 if (key_storage[key].in_use == TFM_CRYPTO_NOT_IN_USE) {
129 return TFM_CRYPTO_ERR_PSA_ERROR_EMPTY_SLOT;
130 }
131
132 if (key_storage[key].data_length > data_size) {
133 return TFM_CRYPTO_ERR_PSA_ERROR_NOT_SUPPORTED;
134 }
135
136 for (i=0; i<key_storage[key].data_length; i++) {
137 data[i] = key_storage[key].data[i];
138 }
139
140 *data_length = key_storage[key].data_length;
141
142 return TFM_CRYPTO_ERR_PSA_SUCCESS;
143}
144
145enum tfm_crypto_err_t tfm_crypto_export_public_key(psa_key_slot_t key,
146 uint8_t *data,
147 size_t data_size,
148 size_t *data_length)
149{
150 /* FIXME: This API is not supported yet */
151 return TFM_CRYPTO_ERR_PSA_ERROR_NOT_SUPPORTED;
152}
153/*!@}*/