TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / efd8273ca347d4cfbc3cf3f88f28f3e1610bf3d8 / . / secure_fw / services / crypto / crypto_cipher.c
blob: 84b5b7828c993a362d840ae22e1c9e107f466ba7 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include <limits.h>
9
10#include "tfm_crypto_defs.h"
11
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]12#include "crypto_engine.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]13
14#include "psa_crypto.h"
15
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]16#include "tfm_crypto_struct.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]17
18#include "tfm_crypto_api.h"
19#include "crypto_utils.h"
20
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]21static enum tfm_crypto_err_t tfm_crypto_cipher_setup(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]22 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]23 psa_key_slot_t key,
24 psa_algorithm_t alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]25 enum engine_cipher_mode_t c_mode)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]26{
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]27 uint8_t key_data[TFM_CRYPTO_MAX_KEY_LENGTH];
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]28 size_t key_size;
29 psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
30 psa_status_t status = PSA_SUCCESS;
31 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]32 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]33 struct cipher_engine_info engine_info;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame^]34 psa_key_usage_t usage;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]35
36 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]37 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]38 sizeof(psa_cipher_operation_t),
39 TFM_MEMORY_ACCESS_RW);
40 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
41 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
42 }
43
44 if (!PSA_ALG_IS_CIPHER(alg)) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]45 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]46 }
47
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]48 /* Access the key module to retrieve key related information */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]49 err = tfm_crypto_get_key_information(key, &key_type, &key_size);
50 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]51 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]52 }
53
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]54 /* Setup the algorithm on the crypto engine */
55 status = tfm_crypto_engine_cipher_setup(alg,
56 (const psa_key_type_t)key_type,
57 (const uint32_t)key_size,
58 c_mode,
59 &engine_info);
60 if (status != PSA_SUCCESS) {
61 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]62 }
63
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]64 /* Allocate the operation context in the secure world */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]65 err = tfm_crypto_operation_alloc(TFM_CRYPTO_CIPHER_OPERATION,
66 &(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]67 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
68 return err;
69 }
70
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]71 /* Look up the corresponding operation context */
72 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]73 operation->handle,
74 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]75 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]76 /* Release the operation context */
77 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]78 return err;
79 }
80
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]81 /* Set the proper cipher mode (encrypt/decrypt) in the operation context */
82 ctx->cipher_mode = (uint8_t) c_mode;
83
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]84 /* Bind the algorithm to the cipher operation */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]85 ctx->alg = alg;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]86
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]87 /* Start the crypto engine */
88 status = tfm_crypto_engine_cipher_start(&(ctx->engine_ctx), &engine_info);
89 if (status != PSA_SUCCESS) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]90 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]91 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]92 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]93 }
94
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame^]95 /* Set the key usage based on the cipher mode */
96 usage = (c_mode == ENGINE_CIPHER_MODE_DECRYPT) ? PSA_KEY_USAGE_DECRYPT
97 : PSA_KEY_USAGE_ENCRYPT;
98
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]99 /* Access the crypto service key module to retrieve key data */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame^]100 err = tfm_crypto_get_key(key,
101 usage,
102 alg,
103 key_data,
104 TFM_CRYPTO_MAX_KEY_LENGTH,
105 &key_size);
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]106 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
107 /* Release the operation context */
108 tfm_crypto_operation_release(&(operation->handle));
109 return err;
110 }
111
112 /* Set the key on the engine */
113 status = tfm_crypto_engine_cipher_set_key(&(ctx->engine_ctx),
114 key_data,
115 key_size,
116 &engine_info);
117 if (status != PSA_SUCCESS) {
118 /* Release the operation context */
119 tfm_crypto_operation_release(&(operation->handle));
120 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
121 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]122
123 /* Bind the key to the cipher operation */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]124 ctx->key = key;
125 ctx->key_set = 1;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]126
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]127 /* Set padding mode on engine in case of CBC */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]128 if ((alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK) == PSA_ALG_CBC_BASE) {
129
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]130 status = tfm_crypto_engine_cipher_set_padding_mode(&(ctx->engine_ctx),
131 &engine_info);
132 if (status != PSA_SUCCESS) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]133 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]134 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]135 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]136 }
137 }
138
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]139 /* FIXME: Check based on the algorithm, if we need to have an IV */
140 ctx->iv_required = 1;
141 ctx->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
142
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]143 return TFM_CRYPTO_ERR_PSA_SUCCESS;
144}
145
146/*!
147 * \defgroup public_psa Public functions, PSA
148 *
149 */
150
151/*!@{*/
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]152enum tfm_crypto_err_t tfm_crypto_cipher_set_iv(
153 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]154 const unsigned char *iv,
155 size_t iv_length)
156{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]157 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]158 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]159 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]160
161 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]162 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]163 sizeof(psa_cipher_operation_t),
164 TFM_MEMORY_ACCESS_RW);
165 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
166 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
167 }
168 err = tfm_crypto_memory_check((void *)iv, iv_length, TFM_MEMORY_ACCESS_RO);
169 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
170 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
171 }
172
173 /* Look up the corresponding operation context */
174 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]175 operation->handle,
176 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]177 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
178 return err;
179 }
180
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]181 if ((iv_length != ctx->block_size) || (iv_length > TFM_CIPHER_IV_MAX_SIZE)){
182 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]183 }
184
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]185 if ((ctx->iv_set == 1) || (ctx->iv_required == 0)) {
186 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]187 }
188
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]189 /* Set the IV on the crypto engine */
190 status = tfm_crypto_engine_cipher_set_iv(&(ctx->engine_ctx),
191 iv,
192 iv_length);
193 if (status != PSA_SUCCESS) {
194 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]195 }
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]196
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]197 ctx->iv_set = 1;
198 ctx->iv_size = iv_length;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]199
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]200 return TFM_CRYPTO_ERR_PSA_SUCCESS;
201}
202
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]203enum tfm_crypto_err_t tfm_crypto_cipher_encrypt_setup(
204 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]205 psa_key_slot_t key,
206 psa_algorithm_t alg)
207{
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]208 return tfm_crypto_cipher_setup(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]209 key,
210 alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]211 ENGINE_CIPHER_MODE_ENCRYPT);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]212}
213
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]214enum tfm_crypto_err_t tfm_crypto_cipher_decrypt_setup(
215 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]216 psa_key_slot_t key,
217 psa_algorithm_t alg)
218{
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]219 return tfm_crypto_cipher_setup(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]220 key,
221 alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]222 ENGINE_CIPHER_MODE_DECRYPT);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]223}
224
225enum tfm_crypto_err_t tfm_crypto_cipher_update(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]226 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]227 const uint8_t *input,
228 size_t input_length,
229 unsigned char *output,
230 size_t output_size,
231 size_t *output_length)
232{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]233 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]234 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]235 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]236
237 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]238 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]239 sizeof(psa_cipher_operation_t),
240 TFM_MEMORY_ACCESS_RW);
241 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
242 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
243 }
244 err = tfm_crypto_memory_check((void *)input,
245 input_length,
246 TFM_MEMORY_ACCESS_RO);
247 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
248 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
249 }
250 err = tfm_crypto_memory_check(output,
251 output_size,
252 TFM_MEMORY_ACCESS_RW);
253 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
254 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
255 }
256 err = tfm_crypto_memory_check(output_length,
257 sizeof(size_t),
258 TFM_MEMORY_ACCESS_RW);
259 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
260 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
261 }
262
263 /* Look up the corresponding operation context */
264 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]265 operation->handle,
266 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]267 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
268 return err;
269 }
270
271 /* If the IV is required and it's not been set yet */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]272 if ((ctx->iv_required == 1) && (ctx->iv_set == 0)) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]273
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]274 if (ctx->cipher_mode != ENGINE_CIPHER_MODE_DECRYPT) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]275 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
276 }
277
278 /* This call is used to set the IV on the object */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]279 err = tfm_crypto_cipher_set_iv(operation, input, input_length);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]280
281 *output_length = 0;
282
283 return err;
284 }
285
286 /* If the key is not set, setup phase has not been completed */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]287 if (ctx->key_set == 0) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]288 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
289 }
290
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]291 /* Update the cipher output with the input chunk on the engine */
292 status = tfm_crypto_engine_cipher_update(&(ctx->engine_ctx),
293 input,
294 input_length,
295 output,
296 (uint32_t *)output_length);
297 if (status != PSA_SUCCESS) {
298 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]299 }
300
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]301 return TFM_CRYPTO_ERR_PSA_SUCCESS;
302}
303
304enum tfm_crypto_err_t tfm_crypto_cipher_finish(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]305 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]306 uint8_t *output,
307 size_t output_size,
308 size_t *output_length)
309{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]310 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]311 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]312 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]313
314 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]315 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]316 sizeof(psa_cipher_operation_t),
317 TFM_MEMORY_ACCESS_RW);
318 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
319 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
320 }
321 err = tfm_crypto_memory_check(output,
322 output_size,
323 TFM_MEMORY_ACCESS_RW);
324 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
325 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
326 }
327 err = tfm_crypto_memory_check(output_length,
328 sizeof(size_t),
329 TFM_MEMORY_ACCESS_RW);
330 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
331 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
332 }
333
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]334 /* Look up the corresponding operation context */
335 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]336 operation->handle,
337 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]338 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
339 return err;
340 }
341
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]342 /* Finalise the operation on the crypto engine */
343 status = tfm_crypto_engine_cipher_finish(&(ctx->engine_ctx),
344 output,
345 (uint32_t *)output_length);
346 if (status != PSA_SUCCESS) {
347 *output_length = 0;
348 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]349 }
350
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]351 /* Release resources on the crypto engine */
352 status = tfm_crypto_engine_cipher_release(&(ctx->engine_ctx));
353 if (status != PSA_SUCCESS) {
354 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
355 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]356
357 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]358 err = tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]359 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
360 return err;
361 }
362
363 return TFM_CRYPTO_ERR_PSA_SUCCESS;
364}
365
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]366enum tfm_crypto_err_t tfm_crypto_cipher_abort(psa_cipher_operation_t *operation)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]367{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]368 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]369 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]370 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]371
372 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]373 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]374 sizeof(psa_cipher_operation_t),
375 TFM_MEMORY_ACCESS_RW);
376 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
377 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
378 }
379
380 /* Look up the corresponding operation context */
381 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]382 operation->handle,
383 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]384 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
385 return err;
386 }
387
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]388 /* Release resources on the engine */
389 status = tfm_crypto_engine_cipher_release(&(ctx->engine_ctx));
390 if (status != PSA_SUCCESS) {
391 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
392 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]393
394 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]395 err = tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]396 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
397 return err;
398 }
399
400 return TFM_CRYPTO_ERR_PSA_SUCCESS;
401}
402/*!@}*/