Merge remote-tracking branch 'origin/master' into feature-cc-psa-crypto-drivers Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com> Change-Id: I60c51e7da4ed81437c5dec8ce1a4a4e3f6e74df6

commit: f83a208da4a1ac9acb0da2ab75927b71edfc582a [log] [tgz]
author: Antonio de Angelis <Antonio.deAngelis@arm.com> Fri Aug 20 22:13:53 2021 +0100
committer: Antonio de Angelis <Antonio.deAngelis@arm.com> Mon Aug 23 15:12:42 2021 +0100
tree: 21ae59411fb7f451222744ed0e9ac6c8e53f60cc
parent: f11f0067542ef3bced789d61a73e9e540bd24023 [diff]
parent: aeb5a79b2167444ab50bb9660045dfa3b810b25d [diff]
diff --git a/interface/src/tfm_crypto_func_api.c b/interface/src/tfm_crypto_func_api.c
index f22887b..5d7826b 100644
--- a/interface/src/tfm_crypto_func_api.c
+++ b/interface/src/tfm_crypto_func_api.c

@@ -861,16 +861,60 @@
     return status;
 }
 
-psa_status_t psa_asymmetric_sign(psa_key_id_t key,
-                                 psa_algorithm_t alg,
-                                 const uint8_t *hash,
-                                 size_t hash_length,
-                                 uint8_t *signature,
-                                 size_t signature_size,
-                                 size_t *signature_length)
+psa_status_t psa_sign_message(psa_key_id_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *input,
+                              size_t input_length,
+                              uint8_t *signature,
+                              size_t signature_size,
+                              size_t *signature_length)
 {
-    return psa_sign_hash(key, alg, hash, hash_length, signature,
-                         signature_size, signature_length);
+    psa_status_t status;
+    struct tfm_crypto_pack_iovec iov = {
+        .sfn_id = TFM_CRYPTO_SIGN_MESSAGE_SID,
+        .key_id = key,
+        .alg = alg,
+    };
+
+    psa_invec in_vec[] = {
+        {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+        {.base = input, .len = input_length},
+    };
+    psa_outvec out_vec[] = {
+        {.base = signature, .len = signature_size},
+    };
+
+    status = API_DISPATCH(tfm_crypto_sign_message,
+                          TFM_CRYPTO_SIGN_MESSAGE);
+
+    *signature_length = out_vec[0].len;
+    return status;
+}
+
+psa_status_t psa_verify_message(psa_key_id_t key,
+                                psa_algorithm_t alg,
+                                const uint8_t *input,
+                                size_t input_length,
+                                const uint8_t *signature,
+                                size_t signature_length)
+{
+    psa_status_t status;
+    struct tfm_crypto_pack_iovec iov = {
+        .sfn_id = TFM_CRYPTO_VERIFY_MESSAGE_SID,
+        .key_id = key,
+        .alg = alg
+    };
+
+    psa_invec in_vec[] = {
+        {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+        {.base = input, .len = input_length},
+        {.base = signature, .len = signature_length}
+    };
+
+    status = API_DISPATCH_NO_OUTVEC(tfm_crypto_verify_message,
+                                    TFM_CRYPTO_VERIFY_MESSAGE);
+
+    return status;
 }
 
 psa_status_t psa_sign_hash(psa_key_id_t key,
@@ -904,17 +948,6 @@
     return status;
 }
 
-psa_status_t psa_asymmetric_verify(psa_key_id_t key,
-                                   psa_algorithm_t alg,
-                                   const uint8_t *hash,
-                                   size_t hash_length,
-                                   const uint8_t *signature,
-                                   size_t signature_length)
-{
-    return psa_verify_hash(key, alg, hash, hash_length,
-                           signature, signature_length);
-}
-
 psa_status_t psa_verify_hash(psa_key_id_t key,
                              psa_algorithm_t alg,
                              const uint8_t *hash,
@@ -1250,17 +1283,16 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_MAC_COMPUTE_SID,
-        .alg = alg,
         .key_id = key,
+        .alg = alg,
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
-        {.base = input, .len = input_length}
+        {.base = input, .len = input_length},
     };
-
     psa_outvec out_vec[] = {
-        {.base = mac, .len = mac_size}
+        {.base = mac, .len = mac_size},
     };
 
     status = API_DISPATCH(tfm_crypto_mac_compute,
@@ -1280,14 +1312,14 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_MAC_VERIFY_SID,
-        .alg = alg,
         .key_id = key,
+        .alg = alg,
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
         {.base = input, .len = input_length},
-        {.base = mac, .len = mac_length}
+        {.base = mac, .len = mac_length},
     };
 
     status = API_DISPATCH_NO_OUTVEC(tfm_crypto_mac_verify,
@@ -1296,7 +1328,7 @@
     return status;
 }
 
-psa_status_t psa_cipher_encrypt(psa_key_id_t key_id,
+psa_status_t psa_cipher_encrypt(psa_key_id_t key,
                                 psa_algorithm_t alg,
                                 const uint8_t *input,
                                 size_t input_length,
@@ -1310,15 +1342,14 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SID,
+        .key_id = key,
         .alg = alg,
-        .key_id = key_id
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
         {.base = input, .len = input_length},
     };
-
     psa_outvec out_vec[] = {
         {.base = output, .len = output_size},
     };
@@ -1327,12 +1358,11 @@
                           TFM_CRYPTO_CIPHER_ENCRYPT);
 
     *output_length = out_vec[0].len;
-
     return status;
 #endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
 }
 
-psa_status_t psa_cipher_decrypt(psa_key_id_t key_id,
+psa_status_t psa_cipher_decrypt(psa_key_id_t key,
                                 psa_algorithm_t alg,
                                 const uint8_t *input,
                                 size_t input_length,
@@ -1346,15 +1376,14 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SID,
+        .key_id = key,
         .alg = alg,
-        .key_id = key_id
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
         {.base = input, .len = input_length},
     };
-
     psa_outvec out_vec[] = {
         {.base = output, .len = output_size},
     };
@@ -1363,7 +1392,6 @@
                           TFM_CRYPTO_CIPHER_DECRYPT);
 
     *output_length = out_vec[0].len;
-
     return status;
 #endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
 }

diff --git a/interface/src/tfm_crypto_ipc_api.c b/interface/src/tfm_crypto_ipc_api.c
index 3250a7c..a396a27 100644
--- a/interface/src/tfm_crypto_ipc_api.c
+++ b/interface/src/tfm_crypto_ipc_api.c

@@ -879,15 +879,60 @@
     return status;
 }
 
-psa_status_t psa_asymmetric_sign(psa_key_id_t key,
-                                 psa_algorithm_t alg,
-                                 const uint8_t *hash,
-                                 size_t hash_length,
-                                 uint8_t *signature,
-                                 size_t signature_size,
-                                 size_t *signature_length)
+psa_status_t psa_sign_message(psa_key_id_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *input,
+                              size_t input_length,
+                              uint8_t *signature,
+                              size_t signature_size,
+                              size_t *signature_length)
 {
-    return psa_sign_hash(key, alg, hash, hash_length, signature, signature_size, signature_length);
+    psa_status_t status;
+    struct tfm_crypto_pack_iovec iov = {
+        .sfn_id = TFM_CRYPTO_SIGN_MESSAGE_SID,
+        .key_id = key,
+        .alg = alg,
+    };
+
+    psa_invec in_vec[] = {
+        {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+        {.base = input, .len = input_length},
+    };
+    psa_outvec out_vec[] = {
+        {.base = signature, .len = signature_size},
+    };
+
+    status = API_DISPATCH(tfm_crypto_sign_message,
+                          TFM_CRYPTO_SIGN_MESSAGE);
+
+    *signature_length = out_vec[0].len;
+    return status;
+}
+
+psa_status_t psa_verify_message(psa_key_id_t key,
+                                psa_algorithm_t alg,
+                                const uint8_t *input,
+                                size_t input_length,
+                                const uint8_t *signature,
+                                size_t signature_length)
+{
+    psa_status_t status;
+    struct tfm_crypto_pack_iovec iov = {
+        .sfn_id = TFM_CRYPTO_VERIFY_MESSAGE_SID,
+        .key_id = key,
+        .alg = alg
+    };
+
+    psa_invec in_vec[] = {
+        {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+        {.base = input, .len = input_length},
+        {.base = signature, .len = signature_length}
+    };
+
+    status = API_DISPATCH_NO_OUTVEC(tfm_crypto_verify_message,
+                                    TFM_CRYPTO_VERIFY_MESSAGE);
+
+    return status;
 }
 
 psa_status_t psa_sign_hash(psa_key_id_t key,
@@ -921,16 +966,6 @@
     return status;
 }
 
-psa_status_t psa_asymmetric_verify(psa_key_id_t key,
-                                   psa_algorithm_t alg,
-                                   const uint8_t *hash,
-                                   size_t hash_length,
-                                   const uint8_t *signature,
-                                   size_t signature_length)
-{
-    return psa_verify_hash(key, alg, hash, hash_length, signature, signature_length);
-}
-
 psa_status_t psa_verify_hash(psa_key_id_t key,
                              psa_algorithm_t alg,
                              const uint8_t *hash,
@@ -1275,17 +1310,16 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_MAC_COMPUTE_SID,
-        .alg = alg,
         .key_id = key,
+        .alg = alg,
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
-        {.base = input, .len = input_length}
+        {.base = input, .len = input_length},
     };
-
     psa_outvec out_vec[] = {
-        {.base = mac, .len = mac_size}
+        {.base = mac, .len = mac_size},
     };
 
     status = API_DISPATCH(tfm_crypto_mac_compute,
@@ -1305,14 +1339,14 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_MAC_VERIFY_SID,
-        .alg = alg,
         .key_id = key,
+        .alg = alg,
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
         {.base = input, .len = input_length},
-        {.base = mac, .len = mac_length}
+        {.base = mac, .len = mac_length},
     };
 
     status = API_DISPATCH_NO_OUTVEC(tfm_crypto_mac_verify,
@@ -1335,24 +1369,22 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SID,
+        .key_id = key,
         .alg = alg,
-        .key_id = key
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
         {.base = input, .len = input_length},
     };
-
     psa_outvec out_vec[] = {
-        {.base = output, .len = output_size},
+        {.base = output, .len = output_size}
     };
 
     status = API_DISPATCH(tfm_crypto_cipher_encrypt,
                           TFM_CRYPTO_CIPHER_ENCRYPT);
 
     *output_length = out_vec[0].len;
-
     return status;
 #endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
 }
@@ -1371,24 +1403,22 @@
     psa_status_t status;
     struct tfm_crypto_pack_iovec iov = {
         .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SID,
+        .key_id = key,
         .alg = alg,
-        .key_id = key
     };
 
     psa_invec in_vec[] = {
         {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
         {.base = input, .len = input_length},
     };
-
     psa_outvec out_vec[] = {
-        {.base = output, .len = output_size},
+        {.base = output, .len = output_size}
     };
 
     status = API_DISPATCH(tfm_crypto_cipher_decrypt,
                           TFM_CRYPTO_CIPHER_DECRYPT);
 
     *output_length = out_vec[0].len;
-
     return status;
 #endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
 }

diff --git a/interface/src/tfm_initial_attestation_ipc_api.c b/interface/src/tfm_initial_attestation_ipc_api.c
index 43c9b0e..44e18da 100644
--- a/interface/src/tfm_initial_attestation_ipc_api.c
+++ b/interface/src/tfm_initial_attestation_ipc_api.c

@@ -10,6 +10,7 @@
 #include "psa/client.h"
 #include "psa/crypto_types.h"
 #include "psa_manifest/sid.h"
+#include "tfm_attest_defs.h"
 
 psa_status_t
 psa_initial_attest_get_token(const uint8_t *auth_challenge,
@@ -18,7 +19,6 @@
                              size_t         token_buf_size,
                              size_t        *token_size)
 {
-    psa_handle_t handle = PSA_NULL_HANDLE;
     psa_status_t status;
 
     psa_invec in_vec[] = {
@@ -28,16 +28,9 @@
         {token_buf, token_buf_size}
     };
 
-    handle = psa_connect(TFM_ATTEST_GET_TOKEN_SID,
-                         TFM_ATTEST_GET_TOKEN_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_HANDLE_TO_ERROR(handle);
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL,
+    status = psa_call(TFM_ATTESTATION_SERVICE_HANDLE, TFM_ATTEST_GET_TOKEN,
                       in_vec, IOVEC_LEN(in_vec),
                       out_vec, IOVEC_LEN(out_vec));
-    psa_close(handle);
 
     if (status == PSA_SUCCESS) {
         *token_size = out_vec[0].len;
@@ -50,7 +43,6 @@
 psa_initial_attest_get_token_size(size_t  challenge_size,
                                   size_t *token_size)
 {
-    psa_handle_t handle = PSA_NULL_HANDLE;
     psa_status_t status;
     psa_invec in_vec[] = {
         {&challenge_size, sizeof(challenge_size)}
@@ -59,16 +51,9 @@
         {token_size, sizeof(size_t)}
     };
 
-    handle = psa_connect(TFM_ATTEST_GET_TOKEN_SIZE_SID,
-                         TFM_ATTEST_GET_TOKEN_SIZE_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_HANDLE_TO_ERROR(handle);
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL,
+    status = psa_call(TFM_ATTESTATION_SERVICE_HANDLE, TFM_ATTEST_GET_TOKEN_SIZE,
                       in_vec, IOVEC_LEN(in_vec),
                       out_vec, IOVEC_LEN(out_vec));
-    psa_close(handle);
 
     return status;
 }

diff --git a/interface/src/tfm_its_ipc_api.c b/interface/src/tfm_its_ipc_api.c
index 543b88f..a52197b 100644
--- a/interface/src/tfm_its_ipc_api.c
+++ b/interface/src/tfm_its_ipc_api.c

@@ -9,6 +9,7 @@
 #include "psa/internal_trusted_storage.h"
 #include "psa_manifest/sid.h"
 #include "tfm_api.h"
+#include "tfm_its_defs.h"
 
 psa_status_t psa_its_set(psa_storage_uid_t uid,
                          size_t data_length,
@@ -16,7 +17,6 @@
                          psa_storage_create_flags_t create_flags)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid, .len = sizeof(uid) },
@@ -24,14 +24,8 @@
         { .base = &create_flags, .len = sizeof(create_flags) }
     };
 
-    handle = psa_connect(TFM_ITS_SET_SID, TFM_ITS_SET_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
-    psa_close(handle);
+    status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE, TFM_ITS_SET,
+                      in_vec, IOVEC_LEN(in_vec), NULL, 0);
 
     return status;
 }
@@ -43,7 +37,6 @@
                          size_t *p_data_length)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid, .len = sizeof(uid) },
@@ -58,15 +51,8 @@
         return PSA_ERROR_INVALID_ARGUMENT;
     }
 
-    handle = psa_connect(TFM_ITS_GET_SID, TFM_ITS_GET_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
-                      IOVEC_LEN(out_vec));
-
-    psa_close(handle);
+    status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE, TFM_ITS_GET,
+                      in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
 
     *p_data_length = out_vec[0].len;
 
@@ -77,7 +63,6 @@
                               struct psa_storage_info_t *p_info)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid, .len = sizeof(uid) }
@@ -87,36 +72,23 @@
         { .base = p_info, .len = sizeof(*p_info) }
     };
 
-    handle = psa_connect(TFM_ITS_GET_INFO_SID, TFM_ITS_GET_INFO_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
+    status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE,
+                      TFM_ITS_GET_INFO, in_vec, IOVEC_LEN(in_vec), out_vec,
                       IOVEC_LEN(out_vec));
 
-    psa_close(handle);
-
     return status;
 }
 
 psa_status_t psa_its_remove(psa_storage_uid_t uid)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid, .len = sizeof(uid) }
     };
 
-    handle = psa_connect(TFM_ITS_REMOVE_SID, TFM_ITS_REMOVE_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0);
-
-    psa_close(handle);
+    status = psa_call(TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE,
+                      TFM_ITS_REMOVE, in_vec, IOVEC_LEN(in_vec), NULL, 0);
 
     return status;
 }

diff --git a/interface/src/tfm_ps_ipc_api.c b/interface/src/tfm_ps_ipc_api.c
index 106917e..c74c425 100644
--- a/interface/src/tfm_ps_ipc_api.c
+++ b/interface/src/tfm_ps_ipc_api.c

@@ -9,6 +9,7 @@
 #include "psa/protected_storage.h"
 #include "psa_manifest/sid.h"
 #include "tfm_ns_interface.h"
+#include "tfm_ps_defs.h"
 
 psa_status_t psa_ps_set(psa_storage_uid_t uid,
                         size_t data_length,
@@ -16,7 +17,6 @@
                         psa_storage_create_flags_t create_flags)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid,   .len = sizeof(uid) },
@@ -24,15 +24,8 @@
         { .base = &create_flags, .len = sizeof(create_flags) }
     };
 
-    handle = psa_connect(TFM_PS_SET_SID, TFM_PS_SET_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec),
-                      NULL, 0);
-
-    psa_close(handle);
+    status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_SET, in_vec,
+                      IOVEC_LEN(in_vec), NULL, 0);
 
     return status;
 }
@@ -44,7 +37,6 @@
                         size_t *p_data_length)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid, .len = sizeof(uid) },
@@ -59,15 +51,8 @@
         return PSA_ERROR_INVALID_ARGUMENT;
     }
 
-    handle = psa_connect(TFM_PS_GET_SID, TFM_PS_GET_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
-                      IOVEC_LEN(out_vec));
-
-    psa_close(handle);
+    status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_GET, in_vec,
+                      IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
 
     *p_data_length = out_vec[0].len;
 
@@ -78,7 +63,6 @@
                              struct psa_storage_info_t *p_info)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid, .len = sizeof(uid) }
@@ -88,15 +72,8 @@
         { .base = p_info, .len = sizeof(*p_info) }
     };
 
-    handle = psa_connect(TFM_PS_GET_INFO_SID, TFM_PS_GET_INFO_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec,
-                      IOVEC_LEN(out_vec));
-
-    psa_close(handle);
+    status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_GET_INFO,
+                      in_vec, IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
 
     return status;
 }
@@ -104,22 +81,13 @@
 psa_status_t psa_ps_remove(psa_storage_uid_t uid)
 {
     psa_status_t status;
-    psa_handle_t handle;
 
     psa_invec in_vec[] = {
         { .base = &uid, .len = sizeof(uid) }
     };
 
-
-    handle = psa_connect(TFM_PS_REMOVE_SID, TFM_PS_REMOVE_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return PSA_ERROR_GENERIC_ERROR;
-    }
-
-    status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec),
-                      NULL, 0);
-
-    psa_close(handle);
+    status = psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_REMOVE,
+                      in_vec, IOVEC_LEN(in_vec), NULL, 0);
 
     return status;
 }
@@ -151,7 +119,6 @@
      * uninitialised value in case the secure function fails.
      */
     uint32_t support_flags = 0;
-    psa_handle_t handle;
 
     psa_outvec out_vec[] = {
         { .base = &support_flags, .len = sizeof(support_flags) }
@@ -160,14 +127,8 @@
     /* The PSA API does not return an error, so any error from TF-M is
      * ignored.
      */
-    handle = psa_connect(TFM_PS_GET_SUPPORT_SID, TFM_PS_GET_SUPPORT_VERSION);
-    if (!PSA_HANDLE_IS_VALID(handle)) {
-        return support_flags;
-    }
-
-    (void)psa_call(handle, PSA_IPC_CALL, NULL, 0, out_vec, IOVEC_LEN(out_vec));
-
-    psa_close(handle);
+    (void)psa_call(TFM_PROTECTED_STORAGE_SERVICE_HANDLE, TFM_PS_GET_SUPPORT,
+                   NULL, 0, out_vec, IOVEC_LEN(out_vec));
 
     return support_flags;
 }
commit	f83a208da4a1ac9acb0da2ab75927b71edfc582a	[log] [tgz]
author	Antonio de Angelis <Antonio.deAngelis@arm.com>	Fri Aug 20 22:13:53 2021 +0100
committer	Antonio de Angelis <Antonio.deAngelis@arm.com>	Mon Aug 23 15:12:42 2021 +0100
tree	21ae59411fb7f451222744ed0e9ac6c8e53f60cc
parent	f11f0067542ef3bced789d61a73e9e540bd24023 [diff]
parent	aeb5a79b2167444ab50bb9660045dfa3b810b25d [diff]