TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 0e54ebc19440ccccc5b6f81f63868c0bcd99ce23 / . / secure_fw / services / crypto / crypto_mac.c
blob: c9218fee337d6eff683b6ea3b444453c37aa18ec [file] [log] [blame]
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]1/*
2 * Copyright (c) 2019, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]8#include <stddef.h>
9#include <stdint.h>
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]10
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]11/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]20
21/*!
22 * \defgroup public_psa Public functions, PSA
23 *
24 */
25
26/*!@{*/
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]27psa_status_t tfm_crypto_mac_sign_setup(psa_invec in_vec[],
28 size_t in_len,
29 psa_outvec out_vec[],
30 size_t out_len)
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]31{
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]32 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]33 psa_mac_operation_t *operation = NULL;
34
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]35 if ((in_len != 1) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]36 return PSA_CONNECTION_REFUSED;
37 }
38
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]39 if ((out_vec[0].len != sizeof(uint32_t)) ||
40 (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]41 return PSA_CONNECTION_REFUSED;
42 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]43 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]44 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]45 uint32_t *handle_out = out_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]46 psa_key_handle_t key_handle = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]47 psa_algorithm_t alg = iov->alg;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]48
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]49 /* Init the handle in the operation with the one passed from the iov */
50 *handle_out = iov->op_handle;
51
52 /* Allocate the operation context in the secure world */
53 status = tfm_crypto_operation_alloc(TFM_CRYPTO_MAC_OPERATION,
54 &handle,
55 (void **)&operation);
56 if (status != PSA_SUCCESS) {
57 return status;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]58 }
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]59
60 *handle_out = handle;
61
62 status = psa_mac_sign_setup(operation, key_handle, alg);
63 if (status != PSA_SUCCESS) {
64 /* Release the operation context, ignore if the operation fails. */
65 (void)tfm_crypto_operation_release(handle_out);
66 return status;
67 }
68
69 return PSA_SUCCESS;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]70}
71
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]72psa_status_t tfm_crypto_mac_verify_setup(psa_invec in_vec[],
73 size_t in_len,
74 psa_outvec out_vec[],
75 size_t out_len)
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]76{
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]77 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]78 psa_mac_operation_t *operation = NULL;
79
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]80 if ((in_len != 1) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]81 return PSA_CONNECTION_REFUSED;
82 }
83
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]84 if ((out_vec[0].len != sizeof(uint32_t)) ||
85 (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]86 return PSA_CONNECTION_REFUSED;
87 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]88 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]89 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]90 uint32_t *handle_out = out_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]91 psa_key_handle_t key_handle = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]92 psa_algorithm_t alg = iov->alg;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]93
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]94 /* Init the handle in the operation with the one passed from the iov */
95 *handle_out = iov->op_handle;
96
97 /* Allocate the operation context in the secure world */
98 status = tfm_crypto_operation_alloc(TFM_CRYPTO_MAC_OPERATION,
99 &handle,
100 (void **)&operation);
101 if (status != PSA_SUCCESS) {
102 return status;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]103 }
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]104
105 *handle_out = handle;
106
107 status = psa_mac_verify_setup(operation, key_handle, alg);
108 if (status != PSA_SUCCESS) {
109 /* Release the operation context, ignore if the operation fails. */
110 (void)tfm_crypto_operation_release(handle_out);
111 return status;
112 }
113
114 return PSA_SUCCESS;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]115}
116
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]117psa_status_t tfm_crypto_mac_update(psa_invec in_vec[],
118 size_t in_len,
119 psa_outvec out_vec[],
120 size_t out_len)
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]121{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]122 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]123 psa_mac_operation_t *operation = NULL;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]124
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]125 if ((in_len != 2) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]126 return PSA_CONNECTION_REFUSED;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]127 }
128
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]129 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
130 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]131 return PSA_CONNECTION_REFUSED;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]132 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]133 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]134 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]135 uint32_t *handle_out = out_vec[0].base;
136 const uint8_t *input = in_vec[1].base;
137 size_t input_length = in_vec[1].len;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]138
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]139 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]140 *handle_out = iov->op_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]141
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]142 /* Look up the corresponding operation context */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]143 status = tfm_crypto_operation_lookup(TFM_CRYPTO_MAC_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]144 handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]145 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]146 if (status != PSA_SUCCESS) {
147 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]148 }
149
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]150 status = psa_mac_update(operation, input, input_length);
151 if (status != PSA_SUCCESS) {
152 /* Release the operation context, ignore if the operation fails. */
153 (void)tfm_crypto_operation_release(handle_out);
154 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]155 }
156
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]157 return PSA_SUCCESS;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]158}
159
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]160psa_status_t tfm_crypto_mac_sign_finish(psa_invec in_vec[],
161 size_t in_len,
162 psa_outvec out_vec[],
163 size_t out_len)
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]164{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]165 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]166 psa_mac_operation_t *operation = NULL;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]167
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]168 if ((in_len != 1) || (out_len != 2)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]169 return PSA_CONNECTION_REFUSED;
170 }
171
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]172 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
173 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]174 return PSA_CONNECTION_REFUSED;
175 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]176 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]177 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]178 uint32_t *handle_out = out_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]179 uint8_t *mac = out_vec[1].base;
180 size_t mac_size = out_vec[1].len;
181
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]182 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]183 *handle_out = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]184
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]185 /* Initialise mac_length to zero */
186 out_vec[1].len = 0;
187
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]188 /* Look up the corresponding operation context */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]189 status = tfm_crypto_operation_lookup(TFM_CRYPTO_MAC_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]190 handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]191 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]192 if (status != PSA_SUCCESS) {
193 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]194 }
195
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]196 status = psa_mac_sign_finish(operation, mac, mac_size, &out_vec[1].len);
197 if (status != PSA_SUCCESS) {
198 /* Release the operation context, ignore if the operation fails. */
199 (void)tfm_crypto_operation_release(handle_out);
200 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]201 }
202
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]203 status = tfm_crypto_operation_release(handle_out);
204
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]205 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]206}
207
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]208psa_status_t tfm_crypto_mac_verify_finish(psa_invec in_vec[],
209 size_t in_len,
210 psa_outvec out_vec[],
211 size_t out_len)
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]212{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]213 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]214 psa_mac_operation_t *operation = NULL;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]215
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]216 if ((in_len != 2) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]217 return PSA_CONNECTION_REFUSED;
218 }
219
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]220 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
221 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]222 return PSA_CONNECTION_REFUSED;
223 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]224 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]225 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]226 uint32_t *handle_out = out_vec[0].base;
227 const uint8_t *mac = in_vec[1].base;
228 size_t mac_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]229
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]230 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]231 *handle_out = iov->op_handle;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]232
233 /* Look up the corresponding operation context */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]234 status = tfm_crypto_operation_lookup(TFM_CRYPTO_MAC_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]235 handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]236 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]237 if (status != PSA_SUCCESS) {
238 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]239 }
240
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]241 status = psa_mac_verify_finish(operation, mac, mac_length);
242 if (status != PSA_SUCCESS) {
243 /* Release the operation context, ignore if the operation fails. */
244 (void)tfm_crypto_operation_release(handle_out);
245 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]246 }
247
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]248 status = tfm_crypto_operation_release(handle_out);
249
250 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]251}
252
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]253psa_status_t tfm_crypto_mac_abort(psa_invec in_vec[],
254 size_t in_len,
255 psa_outvec out_vec[],
256 size_t out_len)
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]257{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]258 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]259 psa_mac_operation_t *operation = NULL;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]260
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]261 if ((in_len != 1) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]262 return PSA_CONNECTION_REFUSED;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]263 }
264
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]265 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
266 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]267 return PSA_CONNECTION_REFUSED;
268 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]269 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]270 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]271 uint32_t *handle_out = out_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]272
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]273 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]274 *handle_out = iov->op_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]275
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]276 /* Look up the corresponding operation context */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]277 status = tfm_crypto_operation_lookup(TFM_CRYPTO_MAC_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]278 handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]279 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]280 if (status != PSA_SUCCESS) {
281 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]282 }
283
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]284 status = psa_mac_abort(operation);
285
286 if (status != PSA_SUCCESS) {
287 /* Release the operation context, ignore if the operation fails. */
288 (void)tfm_crypto_operation_release(handle_out);
289 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]290 }
291
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame^]292 status = tfm_crypto_operation_release(handle_out);
293
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]294 return status;
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]295}
296/*!@}*/