Crypto: Add support for single-shot MAC APIs
This patch introduces support for single-shot MAC
APIs in the TF-M Crypto service. It needs to be
aligned with a version of MbedTLS which is new
enough to have support in the backend for these APIs.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I8aa69b251a701a652f1b8d77b886431bd38681e8
diff --git a/interface/src/tfm_crypto_ipc_api.c b/interface/src/tfm_crypto_ipc_api.c
index e925c36..953dd11 100644
--- a/interface/src/tfm_crypto_ipc_api.c
+++ b/interface/src/tfm_crypto_ipc_api.c
@@ -1273,9 +1273,25 @@
size_t *mac_length)
{
psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_COMPUTE_SID,
+ .alg = alg,
+ .key_id = key,
+ };
- status = PSA_ERROR_NOT_SUPPORTED;
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = input, .len = input_length}
+ };
+ psa_outvec out_vec[] = {
+ {.base = mac, .len = mac_size}
+ };
+
+ status = API_DISPATCH(tfm_crypto_mac_compute,
+ TFM_CRYPTO_MAC_COMPUTE);
+
+ *mac_length = out_vec[0].len;
return status;
}
@@ -1287,8 +1303,20 @@
const size_t mac_length)
{
psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_VERIFY_SID,
+ .alg = alg,
+ .key_id = key,
+ };
- status = PSA_ERROR_NOT_SUPPORTED;
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = input, .len = input_length},
+ {.base = mac, .len = mac_length}
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_mac_verify,
+ TFM_CRYPTO_MAC_VERIFY);
return status;
}