TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 25e2b2dba5d7eb3ba0da14384a6c8240278f5c15 / . / secure_fw / services / crypto / crypto_key.c
blob: dc2d340868e973ed77a4ddff58db108d4494b726 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]8#include <stddef.h>
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]9#include <stdint.h>
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]10
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]11/* FixMe: Use PSA_CONNECTION_REFUSED when performing parameter
12 * integrity checks but this will have to be revised
13 * when the full set of error codes mandated by PSA FF
14 * is available.
15 */
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]16#include "tfm_mbedcrypto_include.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]17
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18#include "tfm_crypto_api.h"
19#include "tfm_crypto_defs.h"
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]20
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]21/*!
22 * \defgroup public Public functions
23 *
24 */
25
26/*!@{*/
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]27psa_status_t tfm_crypto_allocate_key(psa_invec in_vec[],
28 size_t in_len,
29 psa_outvec out_vec[],
30 size_t out_len)
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]31{
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]32 if ((in_len != 1) || (out_len != 1)) {
33 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]34 }
35
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]36 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
37 (out_vec[0].len != sizeof(psa_key_handle_t))) {
38 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]39 }
40
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]41 psa_key_handle_t *key_handle = out_vec[0].base;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]42
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]43 return psa_allocate_key(key_handle);
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]44}
45
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]46psa_status_t tfm_crypto_import_key(psa_invec in_vec[],
47 size_t in_len,
48 psa_outvec out_vec[],
49 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]50{
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]51 (void)out_vec;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]52
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]53 if ((in_len != 2) || (out_len != 0)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]54 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]55 }
56
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]57 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]58 return PSA_CONNECTION_REFUSED;
59 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]60 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]61
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]62 psa_key_handle_t key = iov->key_handle;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]63 psa_key_type_t type = iov->type;
64 const uint8_t *data = in_vec[1].base;
65 size_t data_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]66
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]67 return psa_import_key(key, type, data, data_length);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]68}
69
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]70psa_status_t tfm_crypto_destroy_key(psa_invec in_vec[],
71 size_t in_len,
72 psa_outvec out_vec[],
73 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]74{
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]75 (void)out_vec;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]76
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]77 if ((in_len != 1) || (out_len != 0)) {
78 return PSA_CONNECTION_REFUSED;
79 }
80
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]81 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]82 return PSA_CONNECTION_REFUSED;
83 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]84 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]85
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]86 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]87
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]88 return psa_destroy_key(key);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]89}
90
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]91psa_status_t tfm_crypto_get_key_information(psa_invec in_vec[],
92 size_t in_len,
93 psa_outvec out_vec[],
94 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]95{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]96 if ((in_len != 1) || (out_len != 2)) {
97 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]98 }
99
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]100 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]101 (out_vec[0].len != sizeof(psa_key_type_t)) ||
102 (out_vec[1].len != sizeof(size_t))) {
103 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]104 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]105 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]106
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]107 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]108 psa_key_type_t *type = out_vec[0].base;
109 size_t *bits = out_vec[1].base;
110
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]111 return psa_get_key_information(key, type, bits);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]112}
113
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]114psa_status_t tfm_crypto_export_key(psa_invec in_vec[],
115 size_t in_len,
116 psa_outvec out_vec[],
117 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]118{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]119 if ((in_len != 1) || (out_len != 1)) {
120 return PSA_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]121 }
122
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]123 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]124 return PSA_CONNECTION_REFUSED;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]125 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]126 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]127
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]128 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]129 uint8_t *data = out_vec[0].base;
130 size_t data_size = out_vec[0].len;
131
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame^]132 return psa_export_key(key, data, data_size, &(out_vec[0].len));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]133}
134
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]135psa_status_t tfm_crypto_export_public_key(psa_invec in_vec[],
136 size_t in_len,
137 psa_outvec out_vec[],
138 size_t out_len)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]139{
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame^]140 if ((in_len != 1) || (out_len != 1)) {
141 return PSA_CONNECTION_REFUSED;
142 }
Hugues de Valon8b442442019-02-19 14:30:52 +0000[diff] [blame]143
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame^]144 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
145 return PSA_CONNECTION_REFUSED;
146 }
147 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
148
149 psa_key_handle_t key = iov->key_handle;
150 uint8_t *data = out_vec[0].base;
151 size_t data_size = out_vec[0].len;
152
153 return psa_export_public_key(key, data, data_size, &(out_vec[0].len));
154}
155
156psa_status_t tfm_crypto_copy_key(psa_invec in_vec[],
157 size_t in_len,
158 psa_outvec out_vec[],
159 size_t out_len)
160{
161 (void)out_vec;
162
163 if ((in_len != 3) || (out_len != 0)) {
164 return PSA_CONNECTION_REFUSED;
165 }
166
167 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
168 (in_vec[1].len != sizeof(psa_key_handle_t)) ||
169 (in_vec[2].len != sizeof(psa_key_policy_t))) {
170 return PSA_CONNECTION_REFUSED;
171 }
172 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
173
174 psa_key_handle_t source_handle = iov->key_handle;
175 psa_key_handle_t target_handle = *((psa_key_handle_t *)in_vec[1].base);
176 const psa_key_policy_t *policy = in_vec[2].base;
177
178 return psa_copy_key(source_handle, target_handle, policy);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]179}
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]180
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]181psa_status_t tfm_crypto_set_key_policy(psa_invec in_vec[],
182 size_t in_len,
183 psa_outvec out_vec[],
184 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]185{
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]186 (void)out_vec;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]187
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]188 if ((in_len != 2) || (out_len != 0)) {
189 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]190 }
191
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]192 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]193 (in_vec[1].len != sizeof(psa_key_policy_t))) {
194 return PSA_CONNECTION_REFUSED;
195 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]196 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]197
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]198 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]199 const psa_key_policy_t *policy = in_vec[1].base;
200
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]201 return psa_set_key_policy(key, policy);
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]202}
203
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]204psa_status_t tfm_crypto_get_key_policy(psa_invec in_vec[],
205 size_t in_len,
206 psa_outvec out_vec[],
207 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]208{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]209 if ((in_len != 1) || (out_len != 1)) {
210 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]211 }
212
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]213 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]214 (out_vec[0].len != sizeof(psa_key_policy_t))) {
215 return PSA_CONNECTION_REFUSED;
216 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]217 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]218
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]219 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]220 psa_key_policy_t *policy = out_vec[0].base;
221
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]222 return psa_get_key_policy(key, policy);
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]223}
224
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]225psa_status_t tfm_crypto_get_key_lifetime(psa_invec in_vec[],
226 size_t in_len,
227 psa_outvec out_vec[],
228 size_t out_len)
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]229{
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]230 if ((in_len != 1) || (out_len != 1)) {
231 return PSA_CONNECTION_REFUSED;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]232 }
233
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]234 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]235 (out_vec[0].len != sizeof(psa_key_lifetime_t))) {
236 return PSA_CONNECTION_REFUSED;
237 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]238 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]239
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]240 psa_key_handle_t key = iov->key_handle;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]241 psa_key_lifetime_t *lifetime = out_vec[0].base;
242
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]243 return psa_get_key_lifetime(key, lifetime);
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]244}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]245/*!@}*/