TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 25e2b2dba5d7eb3ba0da14384a6c8240278f5c15 / . / secure_fw / services / crypto / crypto_hash.c
blob: 911227d763e77da891c5c177e77be90acc78f274 [file] [log] [blame]
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]8#include <stddef.h>
9#include <stdint.h>
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]10
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]11/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Jamie Fox0ff04ba2019-02-05 14:19:07 +0000[diff] [blame]20
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]21/*!
22 * \defgroup public_psa Public functions, PSA
23 *
24 */
25
26/*!@{*/
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]27psa_status_t tfm_crypto_hash_setup(psa_invec in_vec[],
28 size_t in_len,
29 psa_outvec out_vec[],
30 size_t out_len)
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]31{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]32 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]33 psa_hash_operation_t *operation = NULL;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]34
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]35 if ((in_len != 1) || (out_len != 1)) {
36 return PSA_CONNECTION_REFUSED;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]37 }
38
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]39 if ((out_vec[0].len != sizeof(uint32_t)) ||
40 (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]41 return PSA_CONNECTION_REFUSED;
42 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]43 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]44 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]45 uint32_t *handle_out = out_vec[0].base;
46 psa_algorithm_t alg = iov->alg;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]47
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]48 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]49 *handle_out = iov->op_handle;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]50
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]51 /* Allocate the operation context in the secure world */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]52 status = tfm_crypto_operation_alloc(TFM_CRYPTO_HASH_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]53 &handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]54 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]55 if (status != PSA_SUCCESS) {
56 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]57 }
58
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]59 *handle_out = handle;
60
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]61 status = psa_hash_setup(operation, alg);
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]62 if (status != PSA_SUCCESS) {
Hugues de Valon8b442442019-02-19 14:30:52 +0000[diff] [blame]63 /* Release the operation context, ignore if the operation fails. */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]64 (void)tfm_crypto_operation_release(handle_out);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]65 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]66 }
67
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]68 return PSA_SUCCESS;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]69}
70
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]71psa_status_t tfm_crypto_hash_update(psa_invec in_vec[],
72 size_t in_len,
73 psa_outvec out_vec[],
74 size_t out_len)
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]75{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]76 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]77 psa_hash_operation_t *operation = NULL;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]78
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]79 if ((in_len != 2) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]80 return PSA_CONNECTION_REFUSED;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]81 }
82
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]83 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
84 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]85 return PSA_CONNECTION_REFUSED;
86 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]87 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]88 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]89 uint32_t *handle_out = out_vec[0].base;
90 const uint8_t *input = in_vec[1].base;
91 size_t input_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]92
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]93 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]94 *handle_out = iov->op_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]95
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]96 /* Look up the corresponding operation context */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]97 status = tfm_crypto_operation_lookup(TFM_CRYPTO_HASH_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]98 handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]99 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]100 if (status != PSA_SUCCESS) {
101 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]102 }
103
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]104 status = psa_hash_update(operation, input, input_length);
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]105 if (status != PSA_SUCCESS) {
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]106 /* Release the operation context, ignore if the operation fails. */
107 (void)tfm_crypto_operation_release(handle_out);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]108 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]109 }
110
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]111 return PSA_SUCCESS;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]112}
113
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]114psa_status_t tfm_crypto_hash_finish(psa_invec in_vec[],
115 size_t in_len,
116 psa_outvec out_vec[],
117 size_t out_len)
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]118{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]119 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]120 psa_hash_operation_t *operation = NULL;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]121
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]122 if ((in_len != 1) || (out_len != 2)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]123 return PSA_CONNECTION_REFUSED;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]124 }
125
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]126 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
127 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]128 return PSA_CONNECTION_REFUSED;
129 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]130 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]131 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]132 uint32_t *handle_out = out_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]133 uint8_t *hash = out_vec[1].base;
134 size_t hash_size = out_vec[1].len;
135
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]136 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]137 *handle_out = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]138
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]139 /* Initialise hash_length to zero */
140 out_vec[1].len = 0;
141
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]142 /* Look up the corresponding operation context */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]143 status = tfm_crypto_operation_lookup(TFM_CRYPTO_HASH_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]144 handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]145 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]146 if (status != PSA_SUCCESS) {
147 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]148 }
149
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]150 status = psa_hash_finish(operation, hash, hash_size, &out_vec[1].len);
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]151 if (status != PSA_SUCCESS) {
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]152 /* Release the operation context, ignore if the operation fails. */
153 (void)tfm_crypto_operation_release(handle_out);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]154 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]155 }
156
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]157 status = tfm_crypto_operation_release(handle_out);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]158
159 return status;
160}
161
162psa_status_t tfm_crypto_hash_verify(psa_invec in_vec[],
163 size_t in_len,
164 psa_outvec out_vec[],
165 size_t out_len)
166{
167 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]168 psa_hash_operation_t *operation = NULL;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]169
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]170 if ((in_len != 2) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]171 return PSA_CONNECTION_REFUSED;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]172 }
173
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]174 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
175 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]176 return PSA_CONNECTION_REFUSED;
177 }
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]178 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
179 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]180 uint32_t *handle_out = out_vec[0].base;
181 const uint8_t *hash = in_vec[1].base;
182 size_t hash_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]183
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]184 /* Init the handle in the operation with the one passed from the iov */
185 *handle_out = iov->op_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]186
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]187 /* Look up the corresponding operation context */
188 status = tfm_crypto_operation_lookup(TFM_CRYPTO_HASH_OPERATION,
189 handle,
190 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]191 if (status != PSA_SUCCESS) {
192 return status;
193 }
194
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]195 status = psa_hash_verify(operation, hash, hash_length);
196 if (status != PSA_SUCCESS) {
197 /* Release the operation context, ignore if the operation fails. */
198 (void)tfm_crypto_operation_release(handle_out);
199 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]200 }
201
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]202 status = tfm_crypto_operation_release(handle_out);
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]203
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]204 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]205}
206
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]207psa_status_t tfm_crypto_hash_abort(psa_invec in_vec[],
208 size_t in_len,
209 psa_outvec out_vec[],
210 size_t out_len)
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]211{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]212 psa_status_t status = PSA_SUCCESS;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]213 psa_hash_operation_t *operation = NULL;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]214
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]215 if ((in_len != 1) || (out_len != 1)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]216 return PSA_CONNECTION_REFUSED;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]217 }
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]218
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]219 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
220 (out_vec[0].len != sizeof(uint32_t))) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]221 return PSA_CONNECTION_REFUSED;
222 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]223 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]224 uint32_t handle = iov->op_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]225 uint32_t *handle_out = out_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]226
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]227 /* Init the handle in the operation with the one passed from the iov */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]228 *handle_out = iov->op_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]229
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]230 /* Look up the corresponding operation context */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]231 status = tfm_crypto_operation_lookup(TFM_CRYPTO_HASH_OPERATION,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]232 handle,
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]233 (void **)&operation);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]234 if (status != PSA_SUCCESS) {
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame^]235 /* Operation does not exist, so abort has no effect */
236 return PSA_SUCCESS;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]237 }
238
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]239 status = psa_hash_abort(operation);
240 if (status != PSA_SUCCESS) {
241 /* Release the operation context, ignore if the operation fails. */
242 (void)tfm_crypto_operation_release(handle_out);
243 return status;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]244 }
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]245
246 status = tfm_crypto_operation_release(handle_out);
247
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]248 return status;
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]249}
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]250
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame^]251psa_status_t tfm_crypto_hash_clone(psa_invec in_vec[],
252 size_t in_len,
253 psa_outvec out_vec[],
254 size_t out_len)
255{
256 psa_status_t status = PSA_SUCCESS;
257 psa_hash_operation_t *source_operation = NULL;
258 psa_hash_operation_t *target_operation = NULL;
259
260 if ((in_len != 1) || (out_len != 1)) {
261 return PSA_CONNECTION_REFUSED;
262 }
263
264 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
265 (out_vec[0].len != sizeof(uint32_t))) {
266 return PSA_CONNECTION_REFUSED;
267 }
268 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
269 uint32_t source_handle = iov->op_handle;
270 uint32_t *target_handle = out_vec[0].base;
271
272 /* Look up the corresponding source operation context */
273 status = tfm_crypto_operation_lookup(TFM_CRYPTO_HASH_OPERATION,
274 source_handle,
275 (void **)&source_operation);
276 if (status != PSA_SUCCESS) {
277 return status;
278 }
279
280 /* Allocate the target operation context in the secure world */
281 status = tfm_crypto_operation_alloc(TFM_CRYPTO_HASH_OPERATION,
282 target_handle,
283 (void **)&target_operation);
284 if (status != PSA_SUCCESS) {
285 return status;
286 }
287
288 status = psa_hash_clone(source_operation, target_operation);
289 if (status != PSA_SUCCESS) {
290 /* Release the target operation context, ignore if it fails. */
291 (void)tfm_crypto_operation_release(target_handle);
292 return status;
293 }
294
295 return status;
296}
Antonio de Angelisa6f72162018-09-05 11:00:37 +0100[diff] [blame]297/*!@}*/