TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 82b87ca04b7dd5f52ed45f2c921891f5ee4df8b5 / . / secure_fw / services / crypto / crypto_cipher.c
blob: a88f4a832a3c37710b39350d70a74b75d097462f [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include <limits.h>
9
10#include "tfm_crypto_defs.h"
11
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]12#include "crypto_engine.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]13
14#include "psa_crypto.h"
15
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]16#include "tfm_crypto_struct.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]17
18#include "tfm_crypto_api.h"
19#include "crypto_utils.h"
20
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame^]21/**
22 * \def CRYPTO_CIPHER_MAX_KEY_LENGTH
23 *
24 * \brief Specifies the maximum key length supported by the
25 * Cipher operations in this implementation
26 */
27#ifndef CRYPTO_CIPHER_MAX_KEY_LENGTH
28#define CRYPTO_CIPHER_MAX_KEY_LENGTH (32)
29#endif
30
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]31static enum tfm_crypto_err_t tfm_crypto_cipher_setup(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]32 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]33 psa_key_slot_t key,
34 psa_algorithm_t alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]35 enum engine_cipher_mode_t c_mode)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]36{
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame^]37 uint8_t key_data[CRYPTO_CIPHER_MAX_KEY_LENGTH];
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]38 size_t key_size;
39 psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
40 psa_status_t status = PSA_SUCCESS;
41 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]42 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]43 struct cipher_engine_info engine_info;
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]44 psa_key_usage_t usage;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]45
46 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]47 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]48 sizeof(psa_cipher_operation_t),
49 TFM_MEMORY_ACCESS_RW);
50 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
51 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
52 }
53
54 if (!PSA_ALG_IS_CIPHER(alg)) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]55 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]56 }
57
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]58 /* Access the key module to retrieve key related information */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]59 err = tfm_crypto_get_key_information(key, &key_type, &key_size);
60 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame^]61 return err;
62 }
63
64 /* Check if it's a raw data key type */
65 if (key_type == PSA_KEY_TYPE_RAW_DATA) {
66 return TFM_CRYPTO_ERR_PSA_ERROR_NOT_PERMITTED;
67 }
68
69 /* Check compatibility between key and algorithm */
70 if ((key_type == PSA_KEY_TYPE_ARC4) && (alg != PSA_ALG_ARC4)) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]71 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]72 }
73
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]74 /* Setup the algorithm on the crypto engine */
75 status = tfm_crypto_engine_cipher_setup(alg,
76 (const psa_key_type_t)key_type,
77 (const uint32_t)key_size,
78 c_mode,
79 &engine_info);
80 if (status != PSA_SUCCESS) {
81 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]82 }
83
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]84 /* Allocate the operation context in the secure world */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]85 err = tfm_crypto_operation_alloc(TFM_CRYPTO_CIPHER_OPERATION,
86 &(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]87 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
88 return err;
89 }
90
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]91 /* Look up the corresponding operation context */
92 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]93 operation->handle,
94 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]95 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]96 /* Release the operation context */
97 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]98 return err;
99 }
100
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]101 /* Set the proper cipher mode (encrypt/decrypt) in the operation context */
102 ctx->cipher_mode = (uint8_t) c_mode;
103
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]104 /* Bind the algorithm to the cipher operation */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]105 ctx->alg = alg;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]106
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]107 /* Start the crypto engine */
108 status = tfm_crypto_engine_cipher_start(&(ctx->engine_ctx), &engine_info);
109 if (status != PSA_SUCCESS) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]110 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]111 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]112 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]113 }
114
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]115 /* Set the key usage based on the cipher mode */
116 usage = (c_mode == ENGINE_CIPHER_MODE_DECRYPT) ? PSA_KEY_USAGE_DECRYPT
117 : PSA_KEY_USAGE_ENCRYPT;
118
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]119 /* Access the crypto service key module to retrieve key data */
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]120 err = tfm_crypto_get_key(key,
121 usage,
122 alg,
123 key_data,
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame^]124 CRYPTO_CIPHER_MAX_KEY_LENGTH,
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]125 &key_size);
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]126 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
127 /* Release the operation context */
128 tfm_crypto_operation_release(&(operation->handle));
129 return err;
130 }
131
132 /* Set the key on the engine */
133 status = tfm_crypto_engine_cipher_set_key(&(ctx->engine_ctx),
134 key_data,
135 key_size,
136 &engine_info);
137 if (status != PSA_SUCCESS) {
138 /* Release the operation context */
139 tfm_crypto_operation_release(&(operation->handle));
140 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
141 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]142
143 /* Bind the key to the cipher operation */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]144 ctx->key = key;
145 ctx->key_set = 1;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]146
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]147 /* Set padding mode on engine in case of CBC */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]148 if ((alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK) == PSA_ALG_CBC_BASE) {
149
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]150 status = tfm_crypto_engine_cipher_set_padding_mode(&(ctx->engine_ctx),
151 &engine_info);
152 if (status != PSA_SUCCESS) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]153 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]154 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]155 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]156 }
157 }
158
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]159 /* FIXME: Check based on the algorithm, if we need to have an IV */
160 ctx->iv_required = 1;
161 ctx->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
162
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]163 return TFM_CRYPTO_ERR_PSA_SUCCESS;
164}
165
166/*!
167 * \defgroup public_psa Public functions, PSA
168 *
169 */
170
171/*!@{*/
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]172enum tfm_crypto_err_t tfm_crypto_cipher_set_iv(
173 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]174 const unsigned char *iv,
175 size_t iv_length)
176{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]177 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]178 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]179 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]180
181 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]182 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]183 sizeof(psa_cipher_operation_t),
184 TFM_MEMORY_ACCESS_RW);
185 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
186 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
187 }
188 err = tfm_crypto_memory_check((void *)iv, iv_length, TFM_MEMORY_ACCESS_RO);
189 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
190 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
191 }
192
193 /* Look up the corresponding operation context */
194 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]195 operation->handle,
196 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]197 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
198 return err;
199 }
200
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]201 if ((iv_length != ctx->block_size) || (iv_length > TFM_CIPHER_IV_MAX_SIZE)){
202 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]203 }
204
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]205 if ((ctx->iv_set == 1) || (ctx->iv_required == 0)) {
206 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]207 }
208
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]209 /* Set the IV on the crypto engine */
210 status = tfm_crypto_engine_cipher_set_iv(&(ctx->engine_ctx),
211 iv,
212 iv_length);
213 if (status != PSA_SUCCESS) {
214 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]215 }
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]216
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]217 ctx->iv_set = 1;
218 ctx->iv_size = iv_length;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]219
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]220 return TFM_CRYPTO_ERR_PSA_SUCCESS;
221}
222
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]223enum tfm_crypto_err_t tfm_crypto_cipher_encrypt_setup(
224 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]225 psa_key_slot_t key,
226 psa_algorithm_t alg)
227{
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]228 return tfm_crypto_cipher_setup(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]229 key,
230 alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]231 ENGINE_CIPHER_MODE_ENCRYPT);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]232}
233
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]234enum tfm_crypto_err_t tfm_crypto_cipher_decrypt_setup(
235 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]236 psa_key_slot_t key,
237 psa_algorithm_t alg)
238{
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]239 return tfm_crypto_cipher_setup(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]240 key,
241 alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]242 ENGINE_CIPHER_MODE_DECRYPT);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]243}
244
245enum tfm_crypto_err_t tfm_crypto_cipher_update(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]246 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]247 const uint8_t *input,
248 size_t input_length,
249 unsigned char *output,
250 size_t output_size,
251 size_t *output_length)
252{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]253 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]254 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]255 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]256
257 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]258 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]259 sizeof(psa_cipher_operation_t),
260 TFM_MEMORY_ACCESS_RW);
261 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
262 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
263 }
264 err = tfm_crypto_memory_check((void *)input,
265 input_length,
266 TFM_MEMORY_ACCESS_RO);
267 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
268 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
269 }
270 err = tfm_crypto_memory_check(output,
271 output_size,
272 TFM_MEMORY_ACCESS_RW);
273 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
274 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
275 }
276 err = tfm_crypto_memory_check(output_length,
277 sizeof(size_t),
278 TFM_MEMORY_ACCESS_RW);
279 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
280 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
281 }
282
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame^]283 /* Initialise the output length to zero */
284 *output_length = 0;
285
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]286 /* Look up the corresponding operation context */
287 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]288 operation->handle,
289 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]290 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
291 return err;
292 }
293
294 /* If the IV is required and it's not been set yet */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]295 if ((ctx->iv_required == 1) && (ctx->iv_set == 0)) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]296
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]297 if (ctx->cipher_mode != ENGINE_CIPHER_MODE_DECRYPT) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]298 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
299 }
300
301 /* This call is used to set the IV on the object */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]302 err = tfm_crypto_cipher_set_iv(operation, input, input_length);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]303
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]304 return err;
305 }
306
307 /* If the key is not set, setup phase has not been completed */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]308 if (ctx->key_set == 0) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]309 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
310 }
311
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame^]312 /* FIXME: The implementation currently expects to work only on blocks
313 * of input data whose length is equal to the block size
314 */
315 if (input_length > output_size) {
316 return TFM_CRYPTO_ERR_PSA_ERROR_BUFFER_TOO_SMALL;
317 }
318
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]319 /* Update the cipher output with the input chunk on the engine */
320 status = tfm_crypto_engine_cipher_update(&(ctx->engine_ctx),
321 input,
322 input_length,
323 output,
324 (uint32_t *)output_length);
325 if (status != PSA_SUCCESS) {
326 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]327 }
328
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]329 return TFM_CRYPTO_ERR_PSA_SUCCESS;
330}
331
332enum tfm_crypto_err_t tfm_crypto_cipher_finish(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]333 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]334 uint8_t *output,
335 size_t output_size,
336 size_t *output_length)
337{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]338 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]339 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]340 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]341
342 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]343 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]344 sizeof(psa_cipher_operation_t),
345 TFM_MEMORY_ACCESS_RW);
346 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
347 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
348 }
349 err = tfm_crypto_memory_check(output,
350 output_size,
351 TFM_MEMORY_ACCESS_RW);
352 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
353 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
354 }
355 err = tfm_crypto_memory_check(output_length,
356 sizeof(size_t),
357 TFM_MEMORY_ACCESS_RW);
358 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
359 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
360 }
361
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]362 /* Look up the corresponding operation context */
363 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]364 operation->handle,
365 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]366 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
367 return err;
368 }
369
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame^]370 /* Check that the output buffer is large enough for up to one block size of
371 * output data.
372 */
373 if (output_size < ctx->block_size) {
374 return TFM_CRYPTO_ERR_PSA_ERROR_BUFFER_TOO_SMALL;
375 }
376
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]377 /* Finalise the operation on the crypto engine */
378 status = tfm_crypto_engine_cipher_finish(&(ctx->engine_ctx),
379 output,
380 (uint32_t *)output_length);
381 if (status != PSA_SUCCESS) {
382 *output_length = 0;
383 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]384 }
385
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]386 /* Release resources on the crypto engine */
387 status = tfm_crypto_engine_cipher_release(&(ctx->engine_ctx));
388 if (status != PSA_SUCCESS) {
389 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
390 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]391
392 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]393 err = tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]394 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
395 return err;
396 }
397
398 return TFM_CRYPTO_ERR_PSA_SUCCESS;
399}
400
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]401enum tfm_crypto_err_t tfm_crypto_cipher_abort(psa_cipher_operation_t *operation)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]402{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]403 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]404 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]405 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]406
407 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]408 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]409 sizeof(psa_cipher_operation_t),
410 TFM_MEMORY_ACCESS_RW);
411 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
412 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
413 }
414
415 /* Look up the corresponding operation context */
416 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]417 operation->handle,
418 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]419 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
420 return err;
421 }
422
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]423 /* Release resources on the engine */
424 status = tfm_crypto_engine_cipher_release(&(ctx->engine_ctx));
425 if (status != PSA_SUCCESS) {
426 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
427 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]428
429 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]430 err = tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]431 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
432 return err;
433 }
434
435 return TFM_CRYPTO_ERR_PSA_SUCCESS;
436}
437/*!@}*/