Partitions: Combine tfm_xxx_secure_api.c and tfm_xxx_ipc.c
After Library Model is deprecated, tfm_xxx_secure_api.c are mostly same
with tfm_xxx_ipc.c. Combine them and rename the file name to
tfm_xxx_api.c.
Signed-off-by: Summer Qin <summer.qin@arm.com>
Change-Id: If4fc72563dd2459a6918188a68d8303412702667
diff --git a/cmake/install.cmake b/cmake/install.cmake
index 558ace8..5d9cf4b 100644
--- a/cmake/install.cmake
+++ b/cmake/install.cmake
@@ -134,27 +134,27 @@
endif()
if (TFM_PARTITION_PROTECTED_STORAGE)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_ps_ipc_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_ps_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
if (TFM_PARTITION_INTERNAL_TRUSTED_STORAGE)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_its_ipc_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_its_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
if (TFM_PARTITION_CRYPTO)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_crypto_ipc_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_crypto_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
if (TFM_PARTITION_INITIAL_ATTESTATION)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_initial_attestation_ipc_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_attest_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
if(TFM_PARTITION_PLATFORM)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_platform_ipc_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_platform_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
@@ -188,7 +188,7 @@
endif()
if(TFM_PARTITION_FIRMWARE_UPDATE)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_firmware_update_ipc_api.c
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_fwu_api.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
diff --git a/docs/integration_guide/services/tfm_attestation_integration_guide.rst b/docs/integration_guide/services/tfm_attestation_integration_guide.rst
index f48cec9..ef94dae 100644
--- a/docs/integration_guide/services/tfm_attestation_integration_guide.rst
+++ b/docs/integration_guide/services/tfm_attestation_integration_guide.rst
@@ -180,9 +180,6 @@
asymmetric initial attestation key.
- ``tfm_attest.c``: Implements the SPM abstraction layer, and bind the
attestation service to the SPM implementation in TF-M project.
- - ``tfm_attest_secure_api.c``: Implements the secure API layer to allow
- other services in the secure domain to request functionalities
- from the attestation service using the PSA API interface.
- ``tfm_attest_req_mngr.c``: Includes the initialization entry of
attestation service and handles attestation service requests in IPC
model.
@@ -242,10 +239,7 @@
partition manager implementation (SPM). Implementations in TF-M project can be
found here:
-- ``interface/src/tfm_initial_attestation_ipc_api.c``: non-secure interface
- implementation for IPC model
-- ``secure_fw/partitions/initial_attestation/tfm_attestation_secure_api.c``:
- secure interface implementation
+- ``interface/src/tfm_attest_api.c``: interface implementation.
Secure Partition Manager (SPM) interface
========================================
diff --git a/docs/integration_guide/services/tfm_crypto_integration_guide.rst b/docs/integration_guide/services/tfm_crypto_integration_guide.rst
index 00d7b36..dbafe6a 100644
--- a/docs/integration_guide/services/tfm_crypto_integration_guide.rst
+++ b/docs/integration_guide/services/tfm_crypto_integration_guide.rst
@@ -57,8 +57,8 @@
cipher/hash/MAC/generator operations, a context is associated to the handle
provided during the setup phase, and is explicitly cleared only following a
termination or an abort
-- ``tfm_crypto_secure_api.c`` : This module implements the PSA Crypto API
- client interface exposed to the Secure Processing Environment
+- ``tfm_crypto_api.c`` : This module implements the PSA Crypto API
+ client interface exposed to users.
- ``tfm_crypto_api.c`` : This module is contained in ``interface/src`` and
implements the PSA Crypto API client interface exposed to the Non-Secure
Processing Environment.
diff --git a/docs/integration_guide/services/tfm_platform_integration_guide.rst b/docs/integration_guide/services/tfm_platform_integration_guide.rst
index afe8b2f..680382a 100644
--- a/docs/integration_guide/services/tfm_platform_integration_guide.rst
+++ b/docs/integration_guide/services/tfm_platform_integration_guide.rst
@@ -32,7 +32,7 @@
- ``platform_sp.h/c`` : These files define and implement functionalities related
to the platform service
-- ``tfm_platform_secure_api.c`` : This file implements ``tfm_platform_api.h``
+- ``tfm_platform_api.c`` : This file implements ``tfm_platform_api.h``
functions to be called from the secure partitions. This is the entry point
when the secure partitions request an action to the Platform service
(e.g system reset).
diff --git a/docs/technical_references/design_docs/tfm_crypto_design.rst b/docs/technical_references/design_docs/tfm_crypto_design.rst
index 5932234d..cf2cbe0 100644
--- a/docs/technical_references/design_docs/tfm_crypto_design.rst
+++ b/docs/technical_references/design_docs/tfm_crypto_design.rst
@@ -38,11 +38,7 @@
+-----------------------------+---------------------------------------------------------------+----------------------------------------------------------------------+
| **Component name** | **Description** | **Location** |
+=============================+===============================================================+======================================================================+
- | SPE client API interface | This module exports the client API of PSA Crypto to the other | ``./secure_fw/partitions/crypto/tfm_crypto_secure_api.c`` |
- | | services available in TF-M. | |
- +-----------------------------+---------------------------------------------------------------+----------------------------------------------------------------------+
- | NSPE client API interface | This module exports the client API of PSA Crypto to the NSPE | ``./interface/src/tfm_crypto_api.c`` |
- | | (i.e. to the applications). | |
+ | Client API interface | This module exports the client API of PSA Crypto to the users.| ``./interface/src/tfm_crypto_api.c`` |
+-----------------------------+---------------------------------------------------------------+----------------------------------------------------------------------+
| Mbed Crypto | The Mbed Crypto library is used in the service as a | Needed as dependency at the same level of the TF-M folder, |
| | cryptographic library exposing the PSA Crypto API interface. | i.e. ``../mbed-crypto`` |
diff --git a/interface/CMakeLists.txt b/interface/CMakeLists.txt
index 6558b3d..16aacc2 100644
--- a/interface/CMakeLists.txt
+++ b/interface/CMakeLists.txt
@@ -57,6 +57,12 @@
target_sources(tfm_sprt
PRIVATE
+ $<$<BOOL:${TFM_PARTITION_INITIAL_ATTESTATION}>:${CMAKE_CURRENT_SOURCE_DIR}/src/tfm_attest_api.c>
+ $<$<BOOL:${TFM_PARTITION_CRYPTO}>:${CMAKE_CURRENT_SOURCE_DIR}/src/tfm_crypto_api.c>
+ $<$<BOOL:${TFM_PARTITION_FIRMWARE_UPDATE}>:${CMAKE_CURRENT_SOURCE_DIR}/src/tfm_fwu_api.c>
+ $<$<BOOL:${TFM_PARTITION_INTERNAL_TRUSTED_STORAGE}>:${CMAKE_CURRENT_SOURCE_DIR}/src/tfm_its_api.c>
+ $<$<BOOL:${TFM_PARTITION_PLATFORM}>:${CMAKE_CURRENT_SOURCE_DIR}/src/tfm_platform_api.c>
+ $<$<BOOL:${TFM_PARTITION_PROTECTED_STORAGE}>:${CMAKE_CURRENT_SOURCE_DIR}/src/tfm_ps_api.c>
${CMAKE_CURRENT_SOURCE_DIR}/src/tfm_psa_call_pack.c
)
diff --git a/interface/src/tfm_initial_attestation_ipc_api.c b/interface/src/tfm_attest_api.c
similarity index 93%
rename from interface/src/tfm_initial_attestation_ipc_api.c
rename to interface/src/tfm_attest_api.c
index 44e18da..b4334f0 100644
--- a/interface/src/tfm_initial_attestation_ipc_api.c
+++ b/interface/src/tfm_attest_api.c
@@ -1,12 +1,11 @@
/*
- * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
#include "psa/initial_attestation.h"
-#include "tfm_ns_interface.h"
#include "psa/client.h"
#include "psa/crypto_types.h"
#include "psa_manifest/sid.h"
diff --git a/interface/src/tfm_crypto_ipc_api.c b/interface/src/tfm_crypto_api.c
similarity index 99%
rename from interface/src/tfm_crypto_ipc_api.c
rename to interface/src/tfm_crypto_api.c
index 833e948..5cb22f8 100644
--- a/interface/src/tfm_crypto_ipc_api.c
+++ b/interface/src/tfm_crypto_api.c
@@ -9,7 +9,6 @@
#include "psa/crypto.h"
#include "psa/client.h"
#include "psa_manifest/sid.h"
-#include "tfm_ns_interface.h"
#define API_DISPATCH(in_vec, out_vec) \
psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, \
diff --git a/interface/src/tfm_firmware_update_ipc_api.c b/interface/src/tfm_fwu_api.c
similarity index 100%
rename from interface/src/tfm_firmware_update_ipc_api.c
rename to interface/src/tfm_fwu_api.c
diff --git a/interface/src/tfm_its_ipc_api.c b/interface/src/tfm_its_api.c
similarity index 100%
rename from interface/src/tfm_its_ipc_api.c
rename to interface/src/tfm_its_api.c
diff --git a/interface/src/tfm_platform_ipc_api.c b/interface/src/tfm_platform_api.c
similarity index 100%
rename from interface/src/tfm_platform_ipc_api.c
rename to interface/src/tfm_platform_api.c
diff --git a/interface/src/tfm_ps_ipc_api.c b/interface/src/tfm_ps_api.c
similarity index 97%
rename from interface/src/tfm_ps_ipc_api.c
rename to interface/src/tfm_ps_api.c
index c74c425..047f4d1 100644
--- a/interface/src/tfm_ps_ipc_api.c
+++ b/interface/src/tfm_ps_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -8,7 +8,6 @@
#include "psa/client.h"
#include "psa/protected_storage.h"
#include "psa_manifest/sid.h"
-#include "tfm_ns_interface.h"
#include "tfm_ps_defs.h"
psa_status_t psa_ps_set(psa_storage_uid_t uid,
diff --git a/secure_fw/partitions/crypto/CMakeLists.txt b/secure_fw/partitions/crypto/CMakeLists.txt
index 1a51235..89c7e1e 100644
--- a/secure_fw/partitions/crypto/CMakeLists.txt
+++ b/secure_fw/partitions/crypto/CMakeLists.txt
@@ -107,29 +107,6 @@
"
)
-############################ Secure API ########################################
-
-target_sources(tfm_sprt
- PRIVATE
- ${CMAKE_CURRENT_SOURCE_DIR}/tfm_crypto_secure_api.c
-)
-
-# tfm_crypto_secure_api.c requires Crypto configs
-target_link_libraries(tfm_sprt
- PRIVATE
- crypto_module_flags
-)
-
-# The veneers give warnings about not being properly declared so they get hidden
-# to not overshadow _real_ warnings.
-set_source_files_properties(tfm_crypto_secure_api.c
- PROPERTIES
- COMPILE_FLAGS
- $<$<C_COMPILER_ID:ARMClang>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:GNU>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:IAR>:>
-)
-
############################ Partition Defs ####################################
target_link_libraries(tfm_partitions
diff --git a/secure_fw/partitions/crypto/tfm_crypto_secure_api.c b/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
deleted file mode 100644
index e14a838..0000000
--- a/secure_fw/partitions/crypto/tfm_crypto_secure_api.c
+++ /dev/null
@@ -1,1889 +0,0 @@
-/*
- * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_crypto_defs.h"
-#include "psa/crypto.h"
-#include "psa/client.h"
-#include "psa_manifest/sid.h"
-
-#define API_DISPATCH(in_vec, out_vec) \
- psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, \
- in_vec, IOVEC_LEN(in_vec), \
- out_vec, IOVEC_LEN(out_vec))
-#define API_DISPATCH_NO_OUTVEC(in_vec) \
- psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, \
- in_vec, IOVEC_LEN(in_vec), \
- (psa_outvec *)NULL, 0)
-
-psa_status_t psa_crypto_init(void)
-{
- /* Service init is performed during TFM boot up,
- * so application level initialisation is empty
- */
- return PSA_SUCCESS;
-}
-
-psa_status_t psa_open_key(psa_key_id_t id,
- psa_key_id_t *key)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- const struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_OPEN_KEY_SID,
- .key_id = id,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = key, .len = sizeof(psa_key_id_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_close_key(psa_key_id_t key)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- const struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CLOSE_KEY_SID,
- .key_id = key,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
- const uint8_t *data,
- size_t data_length,
- psa_key_id_t *key)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_IMPORT_KEY_SID,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = attributes, .len = sizeof(psa_key_attributes_t)},
- {.base = data, .len = data_length}
- };
- psa_outvec out_vec[] = {
- {.base = key, .len = sizeof(psa_key_id_t)}
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_destroy_key(psa_key_id_t key)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_DESTROY_KEY_SID,
- .key_id = key,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_get_key_attributes(psa_key_id_t key,
- psa_key_attributes_t *attributes)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
- .key_id = key,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = attributes, .len = sizeof(psa_key_attributes_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-void psa_reset_key_attributes(psa_key_attributes_t *attributes)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = attributes, .len = sizeof(psa_key_attributes_t)},
- };
-
- (void)API_DISPATCH(in_vec, out_vec);
- return;
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_export_key(psa_key_id_t key,
- uint8_t *data,
- size_t data_size,
- size_t *data_length)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_EXPORT_KEY_SID,
- .key_id = key,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = data, .len = data_size}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *data_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_export_public_key(psa_key_id_t key,
- uint8_t *data,
- size_t data_size,
- size_t *data_length)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
- .key_id = key,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = data, .len = data_size}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *data_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_purge_key(psa_key_id_t key)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_PURGE_KEY_SID,
- .key_id = key,
- };
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_copy_key(psa_key_id_t source_key,
- const psa_key_attributes_t *attributes,
- psa_key_id_t *target_key)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_COPY_KEY_SID,
- .key_id = source_key,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = attributes, .len = sizeof(psa_key_attributes_t)},
- };
-
- psa_outvec out_vec[] = {
- {.base = target_key, .len = sizeof(psa_key_id_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
- unsigned char *iv,
- size_t iv_size,
- size_t *iv_length)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = iv, .len = iv_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *iv_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
- const unsigned char *iv,
- size_t iv_length)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = iv, .len = iv_length},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- unsigned char *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *output_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_ABORT_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_FINISH_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- {.base = output, .len = output_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *output_length = out_vec[1].len;
-
- return status;
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_SETUP_SID,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_update(psa_hash_operation_t *operation,
- const uint8_t *input,
- size_t input_length)
-{
-#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_UPDATE_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length)
-{
-#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_FINISH_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- {.base = hash, .len = hash_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *hash_length = out_vec[1].len;
-
- return status;
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
- const uint8_t *hash,
- size_t hash_length)
-{
-#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_VERIFY_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = hash, .len = hash_length},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
-{
-#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_ABORT_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
- psa_hash_operation_t *target_operation)
-{
-#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_CLONE_SID,
- .op_handle = source_operation->handle,
- };
-
- if (target_operation && (target_operation->handle != 0)) {
- return PSA_ERROR_BAD_STATE;
- }
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = &(target_operation->handle),
- .len = sizeof(target_operation->handle)},
- };
- psa_outvec out_vec[] = {
- {.base = &(target_operation->handle),
- .len = sizeof(target_operation->handle)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_compute(psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length)
-{
-#if (TFM_CRYPTO_HASH_MODULE_DISABLED != 0)
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_COMPUTE_SID,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
-
- psa_outvec out_vec[] = {
- {.base = hash, .len = hash_size}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *hash_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_hash_compare(psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *hash,
- size_t hash_length)
-{
-#if (TFM_CRYPTO_HASH_MODULE_DISABLED != 0)
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_HASH_COMPARE_SID,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- {.base = hash, .len = hash_length},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_update(psa_mac_operation_t *operation,
- const uint8_t *input,
- size_t input_length)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_UPDATE_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- {.base = mac, .len = mac_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *mac_length = out_vec[1].len;
-
- return status;
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
- const uint8_t *mac,
- size_t mac_length)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = mac, .len = mac_length},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_ABORT_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_encrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *nonce,
- size_t nonce_length,
- const uint8_t *additional_data,
- size_t additional_data_length,
- const uint8_t *plaintext,
- size_t plaintext_length,
- uint8_t *ciphertext,
- size_t ciphertext_size,
- size_t *ciphertext_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
- .key_id = key,
- .alg = alg,
- .aead_in = {.nonce = {0}, .nonce_length = 0}
- };
-
- /* Sanitize the optional input */
- if ((additional_data == NULL) && (additional_data_length != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = NULL, .len = 0},
- {.base = plaintext, .len = plaintext_length},
- {.base = additional_data, .len = additional_data_length},
- };
- psa_outvec out_vec[] = {
- {.base = ciphertext, .len = ciphertext_size},
- };
-
- if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- if (nonce != NULL) {
- for (size_t idx = 0; idx < nonce_length; idx++) {
- iov.aead_in.nonce[idx] = nonce[idx];
- }
- iov.aead_in.nonce_length = nonce_length;
- }
-
- in_vec[0].base = &iov;
- in_vec[0].len = sizeof(struct tfm_crypto_pack_iovec);
-
- size_t in_len = IOVEC_LEN(in_vec);
-
- if (additional_data == NULL) {
- in_len--;
- }
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, in_len,
- out_vec, IOVEC_LEN(out_vec));
-
- *ciphertext_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_decrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *nonce,
- size_t nonce_length,
- const uint8_t *additional_data,
- size_t additional_data_length,
- const uint8_t *ciphertext,
- size_t ciphertext_length,
- uint8_t *plaintext,
- size_t plaintext_size,
- size_t *plaintext_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
- .key_id = key,
- .alg = alg,
- .aead_in = {.nonce = {0}, .nonce_length = 0}
- };
-
- /* Sanitize the optional input */
- if ((additional_data == NULL) && (additional_data_length != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = NULL, .len = 0},
- {.base = ciphertext, .len = ciphertext_length},
- {.base = additional_data, .len = additional_data_length},
- };
- psa_outvec out_vec[] = {
- {.base = plaintext, .len = plaintext_size},
- };
-
- if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- if (nonce != NULL) {
- for (size_t idx = 0; idx < nonce_length; idx++) {
- iov.aead_in.nonce[idx] = nonce[idx];
- }
- iov.aead_in.nonce_length = nonce_length;
- }
-
- in_vec[0].base = &iov;
- in_vec[0].len = sizeof(struct tfm_crypto_pack_iovec);
-
- size_t in_len = IOVEC_LEN(in_vec);
-
- if (additional_data == NULL) {
- in_len--;
- }
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, in_len,
- out_vec, IOVEC_LEN(out_vec));
-
- *plaintext_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
- .key_id = key,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
- uint8_t *nonce,
- size_t nonce_size,
- size_t *nonce_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- {.base = nonce, .len = nonce_size}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *nonce_length = out_vec[1].len;
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
- const uint8_t *nonce,
- size_t nonce_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = nonce, .len = nonce_length}
- };
-
- status = API_DISPATCH_NO_OUTVEC(in_vec);
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
- size_t ad_length,
- size_t plaintext_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
- .ad_length = ad_length,
- .plaintext_length = plaintext_length,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- status = API_DISPATCH_NO_OUTVEC(in_vec);
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
- const uint8_t *input,
- size_t input_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
- .op_handle = operation->handle,
- };
-
- /* Sanitize the optional input */
- if ((input == NULL) && (input_length != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length}
- };
-
- size_t in_len = IOVEC_LEN(in_vec);
-
- if (input == NULL) {
- in_len--;
- }
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, in_len,
- NULL, 0);
-
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_update(psa_aead_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_UPDATE_SID,
- .op_handle = operation->handle,
- };
-
- /* Sanitize the optional input */
- if ((input == NULL) && (input_length != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length}
- };
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size},
- };
-
- size_t in_len = IOVEC_LEN(in_vec);
-
- if (input == NULL) {
- in_len--;
- }
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, in_len,
- out_vec, IOVEC_LEN(out_vec));
-
- *output_length = out_vec[0].len;
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
- uint8_t *ciphertext,
- size_t ciphertext_size,
- size_t *ciphertext_length,
- uint8_t *tag,
- size_t tag_size,
- size_t *tag_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_FINISH_SID,
- .op_handle = operation->handle,
- };
-
- /* Sanitize the optional output */
- if ((ciphertext == NULL) && (ciphertext_size != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- {.base = tag, .len = tag_size},
- {.base = ciphertext, .len = ciphertext_size}
- };
-
- size_t out_len = IOVEC_LEN(out_vec);
-
- if (ciphertext == NULL || ciphertext_size == 0) {
- out_len--;
- }
- if ((out_len == 3) && (ciphertext_length == NULL)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL,
- in_vec, IOVEC_LEN(in_vec),
- out_vec, out_len);
-
- if (out_len == 3) {
- *ciphertext_length = out_vec[2].len;
- } else {
- *ciphertext_length = 0;
- }
-
- *tag_length = out_vec[1].len;
-
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
- uint8_t *plaintext,
- size_t plaintext_size,
- size_t *plaintext_length,
- const uint8_t *tag,
- size_t tag_length)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_VERIFY_SID,
- .op_handle = operation->handle,
- };
-
- /* Sanitize the optional output */
- if ((plaintext == NULL) && (plaintext_size != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = tag, .len = tag_length}
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- {.base = plaintext, .len = plaintext_size}
- };
-
- size_t out_len = IOVEC_LEN(out_vec);
-
- if (plaintext == NULL || plaintext_size == 0) {
- out_len--;
- }
- if ((out_len == 2) && (plaintext_length == NULL)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL,
- in_vec, IOVEC_LEN(in_vec),
- out_vec, out_len);
-
- if (out_len == 2) {
- *plaintext_length = out_vec[1].len;
- } else {
- *plaintext_length = 0;
- }
-
- return status;
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
-{
-#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_AEAD_ABORT_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
-}
-
-psa_status_t psa_sign_message(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length)
-{
-#ifdef TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
- .key_id = key,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
- psa_outvec out_vec[] = {
- {.base = signature, .len = signature_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *signature_length = out_vec[0].len;
- return status;
-#endif /* TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED */
-}
-
-psa_status_t psa_verify_message(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *signature,
- size_t signature_length)
-{
-#ifdef TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE_SID,
- .key_id = key,
- .alg = alg
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- {.base = signature, .len = signature_length}
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED */
-}
-
-psa_status_t psa_sign_hash(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length)
-{
-#ifdef TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
- .key_id = key,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = hash, .len = hash_length},
- };
- psa_outvec out_vec[] = {
- {.base = signature, .len = signature_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *signature_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED */
-}
-
-psa_status_t psa_verify_hash(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- const uint8_t *signature,
- size_t signature_length)
-{
-#ifdef TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH_SID,
- .key_id = key,
- .alg = alg
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = hash, .len = hash_length},
- {.base = signature, .len = signature_length}
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_ASYM_SIGN_MODULE_DISABLED */
-}
-
-psa_status_t psa_asymmetric_encrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *salt,
- size_t salt_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
- .key_id = key,
- .alg = alg
- };
-
- /* Sanitize the optional input */
- if ((salt == NULL) && (salt_length != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- {.base = salt, .len = salt_length}
- };
-
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size},
- };
-
- size_t in_len = IOVEC_LEN(in_vec);
-
- if (salt == NULL) {
- in_len--;
- }
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, in_len,
- out_vec, IOVEC_LEN(out_vec));
-
- *output_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED */
-}
-
-psa_status_t psa_asymmetric_decrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *salt,
- size_t salt_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
- .key_id = key,
- .alg = alg
- };
-
- /* Sanitize the optional input */
- if ((salt == NULL) && (salt_length != 0)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- {.base = salt, .len = salt_length}
- };
-
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size},
- };
-
- size_t in_len = IOVEC_LEN(in_vec);
-
- if (salt == NULL) {
- in_len--;
- }
- status = psa_call(TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, in_len,
- out_vec, IOVEC_LEN(out_vec));
-
- *output_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_get_capacity(
- const psa_key_derivation_operation_t *operation,
- size_t *capacity)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- psa_outvec out_vec[] = {
- {.base = capacity, .len = sizeof(size_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_output_bytes(
- psa_key_derivation_operation_t *operation,
- uint8_t *output,
- size_t output_length)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- psa_outvec out_vec[] = {
- {.base = output, .len = output_length},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_input_key(
- psa_key_derivation_operation_t *operation,
- psa_key_derivation_step_t step,
- psa_key_id_t key)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
- .key_id = key,
- .step = step,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_key_agreement(
- psa_key_derivation_operation_t *operation,
- psa_key_derivation_step_t step,
- psa_key_id_t private_key,
- const uint8_t *peer_key,
- size_t peer_key_length)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
- .key_id = private_key,
- .step = step,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = peer_key, .len = peer_key_length},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_generate_random(uint8_t *output,
- size_t output_size)
-{
-#ifdef TFM_CRYPTO_RNG_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size},
- };
-
- if (output_size == 0) {
- return PSA_SUCCESS;
- }
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_RNG_MODULE_DISABLED */
-}
-
-psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
- psa_key_id_t *key)
-{
-#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_GENERATE_KEY_SID,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = attributes, .len = sizeof(psa_key_attributes_t)},
- };
-
- psa_outvec out_vec[] = {
- {.base = key, .len = sizeof(psa_key_id_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_compute(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_COMPUTE_SID,
- .key_id = key,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
- psa_outvec out_vec[] = {
- {.base = mac, .len = mac_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *mac_length = out_vec[0].len;
- return status;
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_mac_verify(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *mac,
- const size_t mac_length)
-{
-#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_MAC_VERIFY_SID,
- .key_id = key,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- {.base = mac, .len = mac_length},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_encrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_ENCRYPT_SID,
- .key_id = key,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *output_length = out_vec[0].len;
- return status;
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_cipher_decrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_CIPHER_DECRYPT_SID,
- .key_id = key,
- .alg = alg,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = input, .len = input_length},
- };
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size}
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *output_length = out_vec[0].len;
- return status;
-#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
-}
-
-psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
- psa_key_id_t private_key,
- const uint8_t *peer_key,
- size_t peer_key_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- psa_status_t status;
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
- .alg = alg,
- .key_id = private_key
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = peer_key, .len = peer_key_length},
- };
-
- psa_outvec out_vec[] = {
- {.base = output, .len = output_size},
- };
-
- status = API_DISPATCH(in_vec, out_vec);
-
- *output_length = out_vec[0].len;
-
- return status;
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation,
- psa_algorithm_t alg)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
- .alg = alg,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
- psa_outvec out_vec[] = {
- {.base = &(operation->handle), .len = sizeof(uint32_t)},
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_set_capacity(
- psa_key_derivation_operation_t *operation,
- size_t capacity)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
- .capacity = capacity,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_input_bytes(
- psa_key_derivation_operation_t *operation,
- psa_key_derivation_step_t step,
- const uint8_t *data,
- size_t data_length)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
- .step = step,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = data, .len = data_length},
- };
-
- return API_DISPATCH_NO_OUTVEC(in_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
-
-psa_status_t psa_key_derivation_output_key(
- const psa_key_attributes_t *attributes,
- psa_key_derivation_operation_t *operation,
- psa_key_id_t *key)
-{
-#ifdef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED
- return PSA_ERROR_NOT_SUPPORTED;
-#else
- struct tfm_crypto_pack_iovec iov = {
- .function_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
- .op_handle = operation->handle,
- };
-
- psa_invec in_vec[] = {
- {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
- {.base = attributes, .len = sizeof(psa_key_attributes_t)},
- };
-
- psa_outvec out_vec[] = {
- {.base = key, .len = sizeof(psa_key_id_t)}
- };
-
- return API_DISPATCH(in_vec, out_vec);
-#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */
-}
diff --git a/secure_fw/partitions/firmware_update/CMakeLists.txt b/secure_fw/partitions/firmware_update/CMakeLists.txt
index 4869c87..79a1a0e 100644
--- a/secure_fw/partitions/firmware_update/CMakeLists.txt
+++ b/secure_fw/partitions/firmware_update/CMakeLists.txt
@@ -55,23 +55,6 @@
$<$<BOOL:${TFM_FWU_BUF_SIZE}>:TFM_FWU_BUF_SIZE=${TFM_FWU_BUF_SIZE}>
)
-############################ Secure API ########################################
-
-target_sources(tfm_sprt
- INTERFACE
- ${CMAKE_CURRENT_SOURCE_DIR}/tfm_fwu_secure_api.c
-)
-
-# The veneers give warnings about not being properly declared so they get hidden
-# to not overshadow _real_ warnings.
-set_source_files_properties(tfm_fwu_secure_api.c
- PROPERTIES
- COMPILE_FLAGS
- $<$<C_COMPILER_ID:ARMClang>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:GNU>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:IAR>:>
-)
-
############################ Partition Defs ####################################
target_link_libraries(tfm_partitions
diff --git a/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c b/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
deleted file mode 100644
index c76714d..0000000
--- a/secure_fw/partitions/firmware_update/tfm_fwu_secure_api.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "array.h"
-#include "psa/update.h"
-#include "tfm_api.h"
-
-#include "psa/client.h"
-#include "psa_manifest/sid.h"
-
-psa_status_t psa_fwu_write(uint32_t image_id,
- size_t block_offset,
- const void *block,
- size_t block_size)
-{
- psa_status_t status;
- psa_invec in_vec[] = {
- { .base = &image_id, .len = sizeof(image_id) },
- { .base = &block_offset, .len = sizeof(block_offset) },
- { .base = block, .len = block_size }
- };
-
- status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_WRITE,
- in_vec, IOVEC_LEN(in_vec), NULL, 0);
- return status;
-}
-
-psa_status_t psa_fwu_install(psa_image_id_t image_id,
- psa_image_id_t *dependency_uuid,
- psa_image_version_t *dependency_version)
-{
- psa_status_t status;
- psa_invec in_vec[] = {
- { .base = &image_id, .len = sizeof(image_id) }
- };
-
- psa_outvec out_vec[] = {
- { .base = dependency_uuid, .len = sizeof(*dependency_uuid) },
- { .base = dependency_version, .len = sizeof(*dependency_version)}
- };
-
- if ((dependency_uuid == NULL) || (dependency_version == NULL)) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_INSTALL,
- in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-
- return status;
-}
-
-psa_status_t psa_fwu_abort(psa_image_id_t image_id)
-{
- psa_status_t status;
- psa_invec in_vec[] = {
- { .base = &image_id, .len = sizeof(image_id) }
- };
-
- status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_ABORT,
- in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- return status;
-}
-
-psa_status_t psa_fwu_query(psa_image_id_t image_id, psa_image_info_t *info)
-{
- psa_status_t status;
- psa_invec in_vec[] = {
- { .base = &image_id, .len = sizeof(image_id) }
- };
- psa_outvec out_vec[] = {
- { .base = info, .len = sizeof(*info)}
- };
-
- status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_QUERY,
- in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-
- return status;
-}
-
-psa_status_t psa_fwu_request_reboot(void)
-{
- psa_status_t status;
-
- status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_REQUEST_REBOOT,
- NULL, 0, NULL, 0);
-
- return status;
-}
-
-psa_status_t psa_fwu_accept(psa_image_id_t image_id)
-{
- psa_status_t status;
- psa_invec in_vec[] = {
- { .base = &image_id, .len = sizeof(image_id) }
- };
-
- status = psa_call(TFM_FIRMWARE_UPDATE_SERVICE_HANDLE, TFM_FWU_ACCEPT,
- in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- return status;
-}
-
-psa_status_t psa_fwu_set_manifest(psa_image_id_t image_id,
- const void *manifest,
- size_t manifest_size,
- psa_hash_t *manifest_dependency)
-{
- psa_status_t status;
-
- status = PSA_ERROR_NOT_SUPPORTED;
-
- return status;
-}
diff --git a/secure_fw/partitions/initial_attestation/CMakeLists.txt b/secure_fw/partitions/initial_attestation/CMakeLists.txt
index 94af497..7e6149a 100644
--- a/secure_fw/partitions/initial_attestation/CMakeLists.txt
+++ b/secure_fw/partitions/initial_attestation/CMakeLists.txt
@@ -80,23 +80,6 @@
ATTEST_TOKEN_PROFILE_${ATTEST_TOKEN_PROFILE}
)
-############################ Secure API ########################################
-
-target_sources(tfm_sprt
- PRIVATE
- ${CMAKE_CURRENT_SOURCE_DIR}/tfm_attest_secure_api.c
-)
-
-# The veneers give warnings about not being properly declared so they get hidden
-# to not overshadow _real_ warnings.
-set_source_files_properties(tfm_attest_secure_api.c
- PROPERTIES
- COMPILE_FLAGS
- $<$<C_COMPILER_ID:ARMClang>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:GNU>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:IAR>:>
-)
-
############################ Partition Defs ####################################
target_link_libraries(tfm_partitions
diff --git a/secure_fw/partitions/initial_attestation/tfm_attest_secure_api.c b/secure_fw/partitions/initial_attestation/tfm_attest_secure_api.c
deleted file mode 100644
index 0348ec7..0000000
--- a/secure_fw/partitions/initial_attestation/tfm_attest_secure_api.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-
-#include "array.h"
-#include "psa/initial_attestation.h"
-#include "psa/client.h"
-#include "psa_manifest/sid.h"
-#include "tfm_attest_defs.h"
-#include <string.h>
-
-psa_status_t
-psa_initial_attest_get_token(const uint8_t *auth_challenge,
- size_t challenge_size,
- uint8_t *token_buf,
- size_t token_buf_size,
- size_t *token_size)
-{
- psa_status_t status;
- psa_invec in_vec[] = {
- {auth_challenge, challenge_size}
- };
- psa_outvec out_vec[] = {
- {token_buf, token_buf_size}
- };
-
- status = psa_call(TFM_ATTESTATION_SERVICE_HANDLE, TFM_ATTEST_GET_TOKEN,
- in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
- if (status == PSA_SUCCESS) {
- *token_size = out_vec[0].len;
- }
-
- return status;
-}
-
-psa_status_t
-psa_initial_attest_get_token_size(size_t challenge_size,
- size_t *token_size)
-{
- psa_status_t status;
- psa_invec in_vec[] = {
- {&challenge_size, sizeof(challenge_size) }
- };
- psa_outvec out_vec[] = {
- {token_size, sizeof(size_t)}
- };
-
- status = psa_call(TFM_ATTESTATION_SERVICE_HANDLE, TFM_ATTEST_GET_TOKEN_SIZE,
- in_vec, IOVEC_LEN(in_vec),
- out_vec, IOVEC_LEN(out_vec));
-
- return status;
-}
diff --git a/secure_fw/partitions/internal_trusted_storage/CMakeLists.txt b/secure_fw/partitions/internal_trusted_storage/CMakeLists.txt
index d00ef48..a93c641 100644
--- a/secure_fw/partitions/internal_trusted_storage/CMakeLists.txt
+++ b/secure_fw/partitions/internal_trusted_storage/CMakeLists.txt
@@ -101,23 +101,6 @@
"
)
-############################ Secure API ########################################
-
-target_sources(tfm_sprt
- PRIVATE
- ${CMAKE_CURRENT_SOURCE_DIR}/tfm_its_secure_api.c
-)
-
-# The veneers give warnings about not being properly declared so they get hidden
-# to not overshadow _real_ warnings.
-set_source_files_properties(tfm_its_secure_api.c
- PROPERTIES
- COMPILE_FLAGS
- $<$<C_COMPILER_ID:ARMClang>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:GNU>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:IAR>:>
-)
-
############################ Partition Defs ####################################
target_link_libraries(tfm_partitions
diff --git a/secure_fw/partitions/internal_trusted_storage/tfm_its_secure_api.c b/secure_fw/partitions/internal_trusted_storage/tfm_its_secure_api.c
deleted file mode 100644
index 0b7c172..0000000
--- a/secure_fw/partitions/internal_trusted_storage/tfm_its_secure_api.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "array.h"
-#include "psa/internal_trusted_storage.h"
-#include "tfm_api.h"
-
-#include "psa/client.h"
-#include "psa_manifest/sid.h"
-#include "tfm_its_defs.h"
-
-psa_status_t psa_its_set(psa_storage_uid_t uid,
- size_t data_length,
- const void *p_data,
- psa_storage_create_flags_t create_flags)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) },
- { .base = p_data, .len = data_length },
- { .base = &create_flags, .len = sizeof(create_flags) }
- };
-
- status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE, TFM_ITS_SET,
- in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- return status;
-}
-
-psa_status_t psa_its_get(psa_storage_uid_t uid,
- size_t data_offset,
- size_t data_size,
- void *p_data,
- size_t *p_data_length)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) },
- { .base = &data_offset, .len = sizeof(data_offset) }
- };
-
- psa_outvec out_vec[] = {
- { .base = p_data, .len = data_size }
- };
-
- if (p_data_length == NULL) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
-
- status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE, TFM_ITS_GET,
- in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-
- *p_data_length = out_vec[0].len;
-
- return status;
-}
-
-psa_status_t psa_its_get_info(psa_storage_uid_t uid,
- struct psa_storage_info_t *p_info)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) }
- };
-
- psa_outvec out_vec[] = {
- { .base = p_info, .len = sizeof(*p_info) }
- };
-
- status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE,
- TFM_ITS_GET_INFO, in_vec, IOVEC_LEN(in_vec), out_vec,
- IOVEC_LEN(out_vec));
-
- return status;
-}
-
-psa_status_t psa_its_remove(psa_storage_uid_t uid)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) }
- };
-
-
- status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE,
- TFM_ITS_REMOVE, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- return status;
-}
diff --git a/secure_fw/partitions/platform/CMakeLists.txt b/secure_fw/partitions/platform/CMakeLists.txt
index 9b15571..48977f3 100644
--- a/secure_fw/partitions/platform/CMakeLists.txt
+++ b/secure_fw/partitions/platform/CMakeLists.txt
@@ -49,23 +49,6 @@
OUTPUT_BUFFER_SIZE=${PLATFORM_SERVICE_OUTPUT_BUFFER_SIZE}
)
-############################ Secure API ########################################
-
-target_sources(tfm_sprt
- PRIVATE
- ${CMAKE_CURRENT_SOURCE_DIR}/tfm_platform_secure_api.c
-)
-
-# The veneers give warnings about not being properly declared so they get hidden
-# to not overshadow _real_ warnings.
-set_source_files_properties(tfm_platform_secure_api.c
- PROPERTIES
- COMPILE_FLAGS
- $<$<C_COMPILER_ID:ARMClang>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:GNU>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:IAR>:>
-)
-
############################ Partition Defs ####################################
target_link_libraries(tfm_partitions
diff --git a/secure_fw/partitions/platform/tfm_platform_secure_api.c b/secure_fw/partitions/platform/tfm_platform_secure_api.c
deleted file mode 100644
index 8d51683..0000000
--- a/secure_fw/partitions/platform/tfm_platform_secure_api.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "tfm_platform_api.h"
-#include "psa_manifest/sid.h"
-
-enum tfm_platform_err_t tfm_platform_system_reset(void)
-{
- psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
-
- status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
- TFM_PLATFORM_API_ID_SYSTEM_RESET,
- NULL, 0, NULL, 0);
-
- if (status < PSA_SUCCESS) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- } else {
- return (enum tfm_platform_err_t) status;
- }
-}
-
-enum tfm_platform_err_t
-tfm_platform_ioctl(tfm_platform_ioctl_req_t request,
- psa_invec *input, psa_outvec *output)
-{
- tfm_platform_ioctl_req_t req = request;
- struct psa_invec in_vec[2];
- size_t inlen, outlen;
- psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
-
- in_vec[0].base = &req;
- in_vec[0].len = sizeof(req);
- if (input != NULL) {
- in_vec[1].base = input->base;
- in_vec[1].len = input->len;
- inlen = 2;
- } else {
- inlen = 1;
- }
-
- if (output != NULL) {
- outlen = 1;
- } else {
- outlen = 0;
- }
- status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
- TFM_PLATFORM_API_ID_IOCTL,
- in_vec, inlen,
- output, outlen);
-
- if (status < PSA_SUCCESS) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- } else {
- return (enum tfm_platform_err_t) status;
- }
-}
-
-enum tfm_platform_err_t
-tfm_platform_nv_counter_increment(uint32_t counter_id)
-{
- psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
- struct psa_invec in_vec[1];
-
- in_vec[0].base = &counter_id;
- in_vec[0].len = sizeof(counter_id);
-
- status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
- TFM_PLATFORM_API_ID_NV_INCREMENT,
- in_vec, 1, (psa_outvec *)NULL, 0);
-
- if (status < PSA_SUCCESS) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- } else {
- return (enum tfm_platform_err_t) status;
- }
-}
-
-enum tfm_platform_err_t
-tfm_platform_nv_counter_read(uint32_t counter_id,
- uint32_t size, uint8_t *val)
-{
- psa_status_t status = PSA_ERROR_CONNECTION_REFUSED;
- struct psa_invec in_vec[1];
- struct psa_outvec out_vec[1];
-
- in_vec[0].base = &counter_id;
- in_vec[0].len = sizeof(counter_id);
-
- out_vec[0].base = val;
- out_vec[0].len = size;
-
- status = psa_call(TFM_PLATFORM_SERVICE_HANDLE,
- TFM_PLATFORM_API_ID_NV_READ,
- in_vec, 1, out_vec, 1);
-
- if (status < PSA_SUCCESS) {
- return TFM_PLATFORM_ERR_SYSTEM_ERROR;
- } else {
- return (enum tfm_platform_err_t) status;
- }
-}
diff --git a/secure_fw/partitions/protected_storage/CMakeLists.txt b/secure_fw/partitions/protected_storage/CMakeLists.txt
index e83f10c..7d3ed3b 100644
--- a/secure_fw/partitions/protected_storage/CMakeLists.txt
+++ b/secure_fw/partitions/protected_storage/CMakeLists.txt
@@ -56,23 +56,6 @@
tfm_sprt
)
-############################ Secure API ########################################
-
-target_sources(tfm_sprt
- PRIVATE
- ${CMAKE_CURRENT_SOURCE_DIR}/tfm_ps_secure_api.c
-)
-
-# The veneers give warnings about not being properly declared so they get hidden
-# to not overshadow _real_ warnings.
-set_source_files_properties(tfm_ps_secure_api.c
- PROPERTIES
- COMPILE_FLAGS
- $<$<C_COMPILER_ID:ARMClang>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:GNU>:-Wno-implicit-function-declaration>
- $<$<C_COMPILER_ID:IAR>:>
-)
-
############################ Partition Defs ####################################
target_link_libraries(tfm_partitions
diff --git a/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c b/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
deleted file mode 100644
index 0aab5c6..0000000
--- a/secure_fw/partitions/protected_storage/tfm_ps_secure_api.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "array.h"
-#include "psa/protected_storage.h"
-#include "psa/client.h"
-#include "psa_manifest/sid.h"
-#include "tfm_ps_defs.h"
-
-psa_status_t psa_ps_set(psa_storage_uid_t uid,
- size_t data_length,
- const void *p_data,
- psa_storage_create_flags_t create_flags)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) },
- { .base = p_data, .len = data_length },
- { .base = &create_flags, .len = sizeof(create_flags) }
- };
-
- status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_SET, in_vec,
- IOVEC_LEN(in_vec), NULL, 0);
-
- return status;
-}
-
-psa_status_t psa_ps_get(psa_storage_uid_t uid,
- size_t data_offset,
- size_t data_size,
- void *p_data,
- size_t *p_data_length)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) },
- { .base = &data_offset, .len = sizeof(data_offset) }
- };
-
- psa_outvec out_vec[] = {
- { .base = p_data, .len = data_size }
- };
-
- if (p_data_length == NULL) {
- return PSA_ERROR_INVALID_ARGUMENT;
- }
- status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_GET, in_vec,
- IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-
- *p_data_length = out_vec[0].len;
-
- return status;
-}
-
-psa_status_t psa_ps_get_info(psa_storage_uid_t uid,
- struct psa_storage_info_t *p_info)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) }
- };
-
- psa_outvec out_vec[] = {
- { .base = p_info, .len = sizeof(*p_info) }
- };
-
- status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_GET_INFO,
- in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
-
- return status;
-}
-
-psa_status_t psa_ps_remove(psa_storage_uid_t uid)
-{
- psa_status_t status;
-
- psa_invec in_vec[] = {
- { .base = &uid, .len = sizeof(uid) }
- };
-
- status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_REMOVE,
- in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
- return status;
-}
-
-psa_status_t psa_ps_create(psa_storage_uid_t uid, size_t size,
- psa_storage_create_flags_t create_flags)
-{
- (void)uid;
- (void)size;
- (void)create_flags;
-
- return PSA_ERROR_NOT_SUPPORTED;
-}
-
-psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, size_t data_offset,
- size_t data_length, const void *p_data)
-{
- (void)uid;
- (void)data_offset;
- (void)data_length;
- (void)p_data;
-
- return PSA_ERROR_NOT_SUPPORTED;
-}
-
-uint32_t psa_ps_get_support(void)
-{
- /* Initialise support_flags to a sensible default, to avoid returning an
- * uninitialised value in case the secure function fails.
- */
- uint32_t support_flags = 0;
-
- psa_outvec out_vec[] = {
- { .base = &support_flags, .len = sizeof(support_flags) }
- };
-
- /* The PSA API does not return an error, so any error from TF-M is
- * ignored.
- */
- (void)psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_GET_SUPPORT,
- NULL, 0, out_vec, IOVEC_LEN(out_vec));
-
- return support_flags;
-}