TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / efd8273ca347d4cfbc3cf3f88f28f3e1610bf3d8^! / . / secure_fw / ns_callable / tfm_crypto_veneers.c
commitefd8273ca347d4cfbc3cf3f88f28f3e1610bf3d8[log] [tgz]
authorJamie Fox <jamie.fox@arm.com>Mon Nov 26 10:34:32 2018 +0000
committerAntonio de Angelis <antonio.deangelis@arm.com>Fri Feb 01 19:57:28 2019 +0000
tree91700ad622e0e035da62a44691acd5992fccc40a
parent3a48099152f80e7e9e75610b2de06190ab1ff932 [diff] [blame]
Crypto: Implement PSA key policy APIs

Extends the Crypto service key module to add support for
the PSA Crypto key policy and lifetime APIs. Adds new test
cases for the key policy interface and modifies existing
tests to use key policies.

Change-Id: Ic820fcc395d591dbb5f8fe09446049ff460dfe02
Signed-off-by: Jamie Fox <jamie.fox@arm.com>

diff --git a/secure_fw/ns_callable/tfm_crypto_veneers.c b/secure_fw/ns_callable/tfm_crypto_veneers.c
index a3ecc8d..314603a 100644
--- a/secure_fw/ns_callable/tfm_crypto_veneers.c
+++ b/secure_fw/ns_callable/tfm_crypto_veneers.c

@@ -52,6 +52,76 @@
                          key, data, data_size, data_length);
 }
 
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_key_policy_init(
+                                                       psa_key_policy_t *policy)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_key_policy_init,
+                         policy, 0, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_key_policy_set_usage(
+                                                       psa_key_policy_t *policy,
+                                                       psa_key_usage_t usage,
+                                                       psa_algorithm_t alg)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_key_policy_set_usage,
+                         policy, usage, alg, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_key_policy_get_usage(
+                                                 const psa_key_policy_t *policy,
+                                                 psa_key_usage_t *usage)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_key_policy_get_usage,
+                         policy, usage, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_key_policy_get_algorithm(
+                                                 const psa_key_policy_t *policy,
+                                                 psa_algorithm_t *alg)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_key_policy_get_algorithm,
+                         policy, alg, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_set_key_policy(
+                                                 psa_key_slot_t key,
+                                                 const psa_key_policy_t *policy)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_set_key_policy,
+                         key, policy, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_get_key_policy(psa_key_slot_t key,
+                                                       psa_key_policy_t *policy)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_get_key_policy,
+                         key, policy, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_set_key_lifetime(
+                                                    psa_key_slot_t key,
+                                                    psa_key_lifetime_t lifetime)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_set_key_lifetime,
+                         key, lifetime, 0, 0);
+}
+
+__tfm_secure_gateway_attributes__
+enum tfm_crypto_err_t tfm_crypto_veneer_get_key_lifetime(
+                                                   psa_key_slot_t key,
+                                                   psa_key_lifetime_t *lifetime)
+{
+    TFM_CORE_SFN_REQUEST(TFM_SP_CRYPTO_ID, tfm_crypto_get_key_lifetime,
+                         key, lifetime, 0, 0);
+}
 
 __tfm_secure_gateway_attributes__
 enum tfm_crypto_err_t tfm_crypto_veneer_cipher_set_iv(