TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 8bb9851e01e72a7cba87251b1944f7cf7b180dc7 / . / interface / include / psa / crypto_se_driver.h
blob: 9ce14bba621c80470c2e61e3046f0919722853a4 [file] [log] [blame]
Antonio de Angelis8bb98512024-01-16 14:13:36 +0000[diff] [blame^]1/**
2 * \file psa/crypto_se_driver.h
3 * \brief PSA external cryptoprocessor driver module
4 *
5 * This header declares types and function signatures for cryptography
6 * drivers that access key material via opaque references.
7 * This is meant for cryptoprocessors that have a separate key storage from the
8 * space in which the PSA Crypto implementation runs, typically secure
9 * elements (SEs).
10 *
11 * This file is part of the PSA Crypto Driver HAL (hardware abstraction layer),
12 * containing functions for driver developers to implement to enable hardware
13 * to be called in a standardized way by a PSA Cryptography API
14 * implementation. The functions comprising the driver HAL, which driver
15 * authors implement, are not intended to be called by application developers.
16 */
17
18/*
19 * Copyright The Mbed TLS Contributors
20 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
21 */
22#ifndef PSA_CRYPTO_SE_DRIVER_H
23#define PSA_CRYPTO_SE_DRIVER_H
24#include "mbedtls/private_access.h"
25
26#include "crypto_driver_common.h"
27
28#ifdef __cplusplus
29extern "C" {
30#endif
31
32/** \defgroup se_init Secure element driver initialization
33 */
34/**@{*/
35
36/** \brief Driver context structure
37 *
38 * Driver functions receive a pointer to this structure.
39 * Each registered driver has one instance of this structure.
40 *
41 * Implementations must include the fields specified here and
42 * may include other fields.
43 */
44typedef struct {
45 /** A read-only pointer to the driver's persistent data.
46 *
47 * Drivers typically use this persistent data to keep track of
48 * which slot numbers are available. This is only a guideline:
49 * drivers may use the persistent data for any purpose, keeping
50 * in mind the restrictions on when the persistent data is saved
51 * to storage: the persistent data is only saved after calling
52 * certain functions that receive a writable pointer to the
53 * persistent data.
54 *
55 * The core allocates a memory buffer for the persistent data.
56 * The pointer is guaranteed to be suitably aligned for any data type,
57 * like a pointer returned by `malloc` (but the core can use any
58 * method to allocate the buffer, not necessarily `malloc`).
59 *
60 * The size of this buffer is in the \c persistent_data_size field of
61 * this structure.
62 *
63 * Before the driver is initialized for the first time, the content of
64 * the persistent data is all-bits-zero. After a driver upgrade, if the
65 * size of the persistent data has increased, the original data is padded
66 * on the right with zeros; if the size has decreased, the original data
67 * is truncated to the new size.
68 *
69 * This pointer is to read-only data. Only a few driver functions are
70 * allowed to modify the persistent data. These functions receive a
71 * writable pointer. These functions are:
72 * - psa_drv_se_t::p_init
73 * - psa_drv_se_key_management_t::p_allocate
74 * - psa_drv_se_key_management_t::p_destroy
75 *
76 * The PSA Cryptography core saves the persistent data from one
77 * session to the next. It does this before returning from API functions
78 * that call a driver method that is allowed to modify the persistent
79 * data, specifically:
80 * - psa_crypto_init() causes a call to psa_drv_se_t::p_init, and may call
81 * psa_drv_se_key_management_t::p_destroy to complete an action
82 * that was interrupted by a power failure.
83 * - Key creation functions cause a call to
84 * psa_drv_se_key_management_t::p_allocate, and may cause a call to
85 * psa_drv_se_key_management_t::p_destroy in case an error occurs.
86 * - psa_destroy_key() causes a call to
87 * psa_drv_se_key_management_t::p_destroy.
88 */
89 const void *const MBEDTLS_PRIVATE(persistent_data);
90
91 /** The size of \c persistent_data in bytes.
92 *
93 * This is always equal to the value of the `persistent_data_size` field
94 * of the ::psa_drv_se_t structure when the driver is registered.
95 */
96 const size_t MBEDTLS_PRIVATE(persistent_data_size);
97
98 /** Driver transient data.
99 *
100 * The core initializes this value to 0 and does not read or modify it
101 * afterwards. The driver may store whatever it wants in this field.
102 */
103 uintptr_t MBEDTLS_PRIVATE(transient_data);
104} psa_drv_se_context_t;
105
106/** \brief A driver initialization function.
107 *
108 * \param[in,out] drv_context The driver context structure.
109 * \param[in,out] persistent_data A pointer to the persistent data
110 * that allows writing.
111 * \param location The location value for which this driver
112 * is registered. The driver will be invoked
113 * for all keys whose lifetime is in this
114 * location.
115 *
116 * \retval #PSA_SUCCESS
117 * The driver is operational.
118 * The core will update the persistent data in storage.
119 * \return
120 * Any other return value prevents the driver from being used in
121 * this session.
122 * The core will NOT update the persistent data in storage.
123 */
124typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context,
125 void *persistent_data,
126 psa_key_location_t location);
127
128#if defined(__DOXYGEN_ONLY__) || !defined(MBEDTLS_PSA_CRYPTO_SE_C)
129/* Mbed TLS with secure element support enabled defines this type in
130 * crypto_types.h because it is also visible to applications through an
131 * implementation-specific extension.
132 * For the PSA Cryptography specification, this type is only visible
133 * via crypto_se_driver.h. */
134/** An internal designation of a key slot between the core part of the
135 * PSA Crypto implementation and the driver. The meaning of this value
136 * is driver-dependent. */
137typedef uint64_t psa_key_slot_number_t;
138#endif /* __DOXYGEN_ONLY__ || !MBEDTLS_PSA_CRYPTO_SE_C */
139
140/**@}*/
141
142/** \defgroup se_mac Secure Element Message Authentication Codes
143 * Generation and authentication of Message Authentication Codes (MACs) using
144 * a secure element can be done either as a single function call (via the
145 * `psa_drv_se_mac_generate_t` or `psa_drv_se_mac_verify_t` functions), or in
146 * parts using the following sequence:
147 * - `psa_drv_se_mac_setup_t`
148 * - `psa_drv_se_mac_update_t`
149 * - `psa_drv_se_mac_update_t`
150 * - ...
151 * - `psa_drv_se_mac_finish_t` or `psa_drv_se_mac_finish_verify_t`
152 *
153 * If a previously started secure element MAC operation needs to be terminated,
154 * it should be done so by the `psa_drv_se_mac_abort_t`. Failure to do so may
155 * result in allocated resources not being freed or in other undefined
156 * behavior.
157 */
158/**@{*/
159/** \brief A function that starts a secure element MAC operation for a PSA
160 * Crypto Driver implementation
161 *
162 * \param[in,out] drv_context The driver context structure.
163 * \param[in,out] op_context A structure that will contain the
164 * hardware-specific MAC context
165 * \param[in] key_slot The slot of the key to be used for the
166 * operation
167 * \param[in] algorithm The algorithm to be used to underly the MAC
168 * operation
169 *
170 * \retval #PSA_SUCCESS
171 * Success.
172 */
173typedef psa_status_t (*psa_drv_se_mac_setup_t)(psa_drv_se_context_t *drv_context,
174 void *op_context,
175 psa_key_slot_number_t key_slot,
176 psa_algorithm_t algorithm);
177
178/** \brief A function that continues a previously started secure element MAC
179 * operation
180 *
181 * \param[in,out] op_context A hardware-specific structure for the
182 * previously-established MAC operation to be
183 * updated
184 * \param[in] p_input A buffer containing the message to be appended
185 * to the MAC operation
186 * \param[in] input_length The size in bytes of the input message buffer
187 */
188typedef psa_status_t (*psa_drv_se_mac_update_t)(void *op_context,
189 const uint8_t *p_input,
190 size_t input_length);
191
192/** \brief a function that completes a previously started secure element MAC
193 * operation by returning the resulting MAC.
194 *
195 * \param[in,out] op_context A hardware-specific structure for the
196 * previously started MAC operation to be
197 * finished
198 * \param[out] p_mac A buffer where the generated MAC will be
199 * placed
200 * \param[in] mac_size The size in bytes of the buffer that has been
201 * allocated for the `output` buffer
202 * \param[out] p_mac_length After completion, will contain the number of
203 * bytes placed in the `p_mac` buffer
204 *
205 * \retval #PSA_SUCCESS
206 * Success.
207 */
208typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context,
209 uint8_t *p_mac,
210 size_t mac_size,
211 size_t *p_mac_length);
212
213/** \brief A function that completes a previously started secure element MAC
214 * operation by comparing the resulting MAC against a provided value
215 *
216 * \param[in,out] op_context A hardware-specific structure for the previously
217 * started MAC operation to be finished
218 * \param[in] p_mac The MAC value against which the resulting MAC
219 * will be compared against
220 * \param[in] mac_length The size in bytes of the value stored in `p_mac`
221 *
222 * \retval #PSA_SUCCESS
223 * The operation completed successfully and the MACs matched each
224 * other
225 * \retval #PSA_ERROR_INVALID_SIGNATURE
226 * The operation completed successfully, but the calculated MAC did
227 * not match the provided MAC
228 */
229typedef psa_status_t (*psa_drv_se_mac_finish_verify_t)(void *op_context,
230 const uint8_t *p_mac,
231 size_t mac_length);
232
233/** \brief A function that aborts a previous started secure element MAC
234 * operation
235 *
236 * \param[in,out] op_context A hardware-specific structure for the previously
237 * started MAC operation to be aborted
238 */
239typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *op_context);
240
241/** \brief A function that performs a secure element MAC operation in one
242 * command and returns the calculated MAC
243 *
244 * \param[in,out] drv_context The driver context structure.
245 * \param[in] p_input A buffer containing the message to be MACed
246 * \param[in] input_length The size in bytes of `p_input`
247 * \param[in] key_slot The slot of the key to be used
248 * \param[in] alg The algorithm to be used to underlie the MAC
249 * operation
250 * \param[out] p_mac A buffer where the generated MAC will be
251 * placed
252 * \param[in] mac_size The size in bytes of the `p_mac` buffer
253 * \param[out] p_mac_length After completion, will contain the number of
254 * bytes placed in the `output` buffer
255 *
256 * \retval #PSA_SUCCESS
257 * Success.
258 */
259typedef psa_status_t (*psa_drv_se_mac_generate_t)(psa_drv_se_context_t *drv_context,
260 const uint8_t *p_input,
261 size_t input_length,
262 psa_key_slot_number_t key_slot,
263 psa_algorithm_t alg,
264 uint8_t *p_mac,
265 size_t mac_size,
266 size_t *p_mac_length);
267
268/** \brief A function that performs a secure element MAC operation in one
269 * command and compares the resulting MAC against a provided value
270 *
271 * \param[in,out] drv_context The driver context structure.
272 * \param[in] p_input A buffer containing the message to be MACed
273 * \param[in] input_length The size in bytes of `input`
274 * \param[in] key_slot The slot of the key to be used
275 * \param[in] alg The algorithm to be used to underlie the MAC
276 * operation
277 * \param[in] p_mac The MAC value against which the resulting MAC will
278 * be compared against
279 * \param[in] mac_length The size in bytes of `mac`
280 *
281 * \retval #PSA_SUCCESS
282 * The operation completed successfully and the MACs matched each
283 * other
284 * \retval #PSA_ERROR_INVALID_SIGNATURE
285 * The operation completed successfully, but the calculated MAC did
286 * not match the provided MAC
287 */
288typedef psa_status_t (*psa_drv_se_mac_verify_t)(psa_drv_se_context_t *drv_context,
289 const uint8_t *p_input,
290 size_t input_length,
291 psa_key_slot_number_t key_slot,
292 psa_algorithm_t alg,
293 const uint8_t *p_mac,
294 size_t mac_length);
295
296/** \brief A struct containing all of the function pointers needed to
297 * perform secure element MAC operations
298 *
299 * PSA Crypto API implementations should populate the table as appropriate
300 * upon startup.
301 *
302 * If one of the functions is not implemented (such as
303 * `psa_drv_se_mac_generate_t`), it should be set to NULL.
304 *
305 * Driver implementers should ensure that they implement all of the functions
306 * that make sense for their hardware, and that they provide a full solution
307 * (for example, if they support `p_setup`, they should also support
308 * `p_update` and at least one of `p_finish` or `p_finish_verify`).
309 *
310 */
311typedef struct {
312 /**The size in bytes of the hardware-specific secure element MAC context
313 * structure
314 */
315 size_t MBEDTLS_PRIVATE(context_size);
316 /** Function that performs a MAC setup operation
317 */
318 psa_drv_se_mac_setup_t MBEDTLS_PRIVATE(p_setup);
319 /** Function that performs a MAC update operation
320 */
321 psa_drv_se_mac_update_t MBEDTLS_PRIVATE(p_update);
322 /** Function that completes a MAC operation
323 */
324 psa_drv_se_mac_finish_t MBEDTLS_PRIVATE(p_finish);
325 /** Function that completes a MAC operation with a verify check
326 */
327 psa_drv_se_mac_finish_verify_t MBEDTLS_PRIVATE(p_finish_verify);
328 /** Function that aborts a previously started MAC operation
329 */
330 psa_drv_se_mac_abort_t MBEDTLS_PRIVATE(p_abort);
331 /** Function that performs a MAC operation in one call
332 */
333 psa_drv_se_mac_generate_t MBEDTLS_PRIVATE(p_mac);
334 /** Function that performs a MAC and verify operation in one call
335 */
336 psa_drv_se_mac_verify_t MBEDTLS_PRIVATE(p_mac_verify);
337} psa_drv_se_mac_t;
338/**@}*/
339
340/** \defgroup se_cipher Secure Element Symmetric Ciphers
341 *
342 * Encryption and Decryption using secure element keys in block modes other
343 * than ECB must be done in multiple parts, using the following flow:
344 * - `psa_drv_se_cipher_setup_t`
345 * - `psa_drv_se_cipher_set_iv_t` (optional depending upon block mode)
346 * - `psa_drv_se_cipher_update_t`
347 * - `psa_drv_se_cipher_update_t`
348 * - ...
349 * - `psa_drv_se_cipher_finish_t`
350 *
351 * If a previously started secure element Cipher operation needs to be
352 * terminated, it should be done so by the `psa_drv_se_cipher_abort_t`. Failure
353 * to do so may result in allocated resources not being freed or in other
354 * undefined behavior.
355 *
356 * In situations where a PSA Cryptographic API implementation is using a block
357 * mode not-supported by the underlying hardware or driver, it can construct
358 * the block mode itself, while calling the `psa_drv_se_cipher_ecb_t` function
359 * for the cipher operations.
360 */
361/**@{*/
362
363/** \brief A function that provides the cipher setup function for a
364 * secure element driver
365 *
366 * \param[in,out] drv_context The driver context structure.
367 * \param[in,out] op_context A structure that will contain the
368 * hardware-specific cipher context.
369 * \param[in] key_slot The slot of the key to be used for the
370 * operation
371 * \param[in] algorithm The algorithm to be used in the cipher
372 * operation
373 * \param[in] direction Indicates whether the operation is an encrypt
374 * or decrypt
375 *
376 * \retval #PSA_SUCCESS \emptydescription
377 * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
378 */
379typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context,
380 void *op_context,
381 psa_key_slot_number_t key_slot,
382 psa_algorithm_t algorithm,
383 psa_encrypt_or_decrypt_t direction);
384
385/** \brief A function that sets the initialization vector (if
386 * necessary) for a secure element cipher operation
387 *
388 * Rationale: The `psa_se_cipher_*` operation in the PSA Cryptographic API has
389 * two IV functions: one to set the IV, and one to generate it internally. The
390 * generate function is not necessary for the drivers to implement as the PSA
391 * Crypto implementation can do the generation using its RNG features.
392 *
393 * \param[in,out] op_context A structure that contains the previously set up
394 * hardware-specific cipher context
395 * \param[in] p_iv A buffer containing the initialization vector
396 * \param[in] iv_length The size (in bytes) of the `p_iv` buffer
397 *
398 * \retval #PSA_SUCCESS \emptydescription
399 */
400typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context,
401 const uint8_t *p_iv,
402 size_t iv_length);
403
404/** \brief A function that continues a previously started secure element cipher
405 * operation
406 *
407 * \param[in,out] op_context A hardware-specific structure for the
408 * previously started cipher operation
409 * \param[in] p_input A buffer containing the data to be
410 * encrypted/decrypted
411 * \param[in] input_size The size in bytes of the buffer pointed to
412 * by `p_input`
413 * \param[out] p_output The caller-allocated buffer where the
414 * output will be placed
415 * \param[in] output_size The allocated size in bytes of the
416 * `p_output` buffer
417 * \param[out] p_output_length After completion, will contain the number
418 * of bytes placed in the `p_output` buffer
419 *
420 * \retval #PSA_SUCCESS \emptydescription
421 */
422typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context,
423 const uint8_t *p_input,
424 size_t input_size,
425 uint8_t *p_output,
426 size_t output_size,
427 size_t *p_output_length);
428
429/** \brief A function that completes a previously started secure element cipher
430 * operation
431 *
432 * \param[in,out] op_context A hardware-specific structure for the
433 * previously started cipher operation
434 * \param[out] p_output The caller-allocated buffer where the output
435 * will be placed
436 * \param[in] output_size The allocated size in bytes of the `p_output`
437 * buffer
438 * \param[out] p_output_length After completion, will contain the number of
439 * bytes placed in the `p_output` buffer
440 *
441 * \retval #PSA_SUCCESS \emptydescription
442 */
443typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *op_context,
444 uint8_t *p_output,
445 size_t output_size,
446 size_t *p_output_length);
447
448/** \brief A function that aborts a previously started secure element cipher
449 * operation
450 *
451 * \param[in,out] op_context A hardware-specific structure for the
452 * previously started cipher operation
453 */
454typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *op_context);
455
456/** \brief A function that performs the ECB block mode for secure element
457 * cipher operations
458 *
459 * Note: this function should only be used with implementations that do not
460 * provide a needed higher-level operation.
461 *
462 * \param[in,out] drv_context The driver context structure.
463 * \param[in] key_slot The slot of the key to be used for the operation
464 * \param[in] algorithm The algorithm to be used in the cipher operation
465 * \param[in] direction Indicates whether the operation is an encrypt or
466 * decrypt
467 * \param[in] p_input A buffer containing the data to be
468 * encrypted/decrypted
469 * \param[in] input_size The size in bytes of the buffer pointed to by
470 * `p_input`
471 * \param[out] p_output The caller-allocated buffer where the output
472 * will be placed
473 * \param[in] output_size The allocated size in bytes of the `p_output`
474 * buffer
475 *
476 * \retval #PSA_SUCCESS \emptydescription
477 * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
478 */
479typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context,
480 psa_key_slot_number_t key_slot,
481 psa_algorithm_t algorithm,
482 psa_encrypt_or_decrypt_t direction,
483 const uint8_t *p_input,
484 size_t input_size,
485 uint8_t *p_output,
486 size_t output_size);
487
488/**
489 * \brief A struct containing all of the function pointers needed to implement
490 * cipher operations using secure elements.
491 *
492 * PSA Crypto API implementations should populate instances of the table as
493 * appropriate upon startup or at build time.
494 *
495 * If one of the functions is not implemented (such as
496 * `psa_drv_se_cipher_ecb_t`), it should be set to NULL.
497 */
498typedef struct {
499 /** The size in bytes of the hardware-specific secure element cipher
500 * context structure
501 */
502 size_t MBEDTLS_PRIVATE(context_size);
503 /** Function that performs a cipher setup operation */
504 psa_drv_se_cipher_setup_t MBEDTLS_PRIVATE(p_setup);
505 /** Function that sets a cipher IV (if necessary) */
506 psa_drv_se_cipher_set_iv_t MBEDTLS_PRIVATE(p_set_iv);
507 /** Function that performs a cipher update operation */
508 psa_drv_se_cipher_update_t MBEDTLS_PRIVATE(p_update);
509 /** Function that completes a cipher operation */
510 psa_drv_se_cipher_finish_t MBEDTLS_PRIVATE(p_finish);
511 /** Function that aborts a cipher operation */
512 psa_drv_se_cipher_abort_t MBEDTLS_PRIVATE(p_abort);
513 /** Function that performs ECB mode for a cipher operation
514 * (Danger: ECB mode should not be used directly by clients of the PSA
515 * Crypto Client API)
516 */
517 psa_drv_se_cipher_ecb_t MBEDTLS_PRIVATE(p_ecb);
518} psa_drv_se_cipher_t;
519
520/**@}*/
521
522/** \defgroup se_asymmetric Secure Element Asymmetric Cryptography
523 *
524 * Since the amount of data that can (or should) be encrypted or signed using
525 * asymmetric keys is limited by the key size, asymmetric key operations using
526 * keys in a secure element must be done in single function calls.
527 */
528/**@{*/
529
530/**
531 * \brief A function that signs a hash or short message with a private key in
532 * a secure element
533 *
534 * \param[in,out] drv_context The driver context structure.
535 * \param[in] key_slot Key slot of an asymmetric key pair
536 * \param[in] alg A signature algorithm that is compatible
537 * with the type of `key`
538 * \param[in] p_hash The hash to sign
539 * \param[in] hash_length Size of the `p_hash` buffer in bytes
540 * \param[out] p_signature Buffer where the signature is to be written
541 * \param[in] signature_size Size of the `p_signature` buffer in bytes
542 * \param[out] p_signature_length On success, the number of bytes
543 * that make up the returned signature value
544 *
545 * \retval #PSA_SUCCESS \emptydescription
546 */
547typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context,
548 psa_key_slot_number_t key_slot,
549 psa_algorithm_t alg,
550 const uint8_t *p_hash,
551 size_t hash_length,
552 uint8_t *p_signature,
553 size_t signature_size,
554 size_t *p_signature_length);
555
556/**
557 * \brief A function that verifies the signature a hash or short message using
558 * an asymmetric public key in a secure element
559 *
560 * \param[in,out] drv_context The driver context structure.
561 * \param[in] key_slot Key slot of a public key or an asymmetric key
562 * pair
563 * \param[in] alg A signature algorithm that is compatible with
564 * the type of `key`
565 * \param[in] p_hash The hash whose signature is to be verified
566 * \param[in] hash_length Size of the `p_hash` buffer in bytes
567 * \param[in] p_signature Buffer containing the signature to verify
568 * \param[in] signature_length Size of the `p_signature` buffer in bytes
569 *
570 * \retval #PSA_SUCCESS
571 * The signature is valid.
572 */
573typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv_context,
574 psa_key_slot_number_t key_slot,
575 psa_algorithm_t alg,
576 const uint8_t *p_hash,
577 size_t hash_length,
578 const uint8_t *p_signature,
579 size_t signature_length);
580
581/**
582 * \brief A function that encrypts a short message with an asymmetric public
583 * key in a secure element
584 *
585 * \param[in,out] drv_context The driver context structure.
586 * \param[in] key_slot Key slot of a public key or an asymmetric key
587 * pair
588 * \param[in] alg An asymmetric encryption algorithm that is
589 * compatible with the type of `key`
590 * \param[in] p_input The message to encrypt
591 * \param[in] input_length Size of the `p_input` buffer in bytes
592 * \param[in] p_salt A salt or label, if supported by the
593 * encryption algorithm
594 * If the algorithm does not support a
595 * salt, pass `NULL`.
596 * If the algorithm supports an optional
597 * salt and you do not want to pass a salt,
598 * pass `NULL`.
599 * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
600 * supported.
601 * \param[in] salt_length Size of the `p_salt` buffer in bytes
602 * If `p_salt` is `NULL`, pass 0.
603 * \param[out] p_output Buffer where the encrypted message is to
604 * be written
605 * \param[in] output_size Size of the `p_output` buffer in bytes
606 * \param[out] p_output_length On success, the number of bytes that make up
607 * the returned output
608 *
609 * \retval #PSA_SUCCESS \emptydescription
610 */
611typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context,
612 psa_key_slot_number_t key_slot,
613 psa_algorithm_t alg,
614 const uint8_t *p_input,
615 size_t input_length,
616 const uint8_t *p_salt,
617 size_t salt_length,
618 uint8_t *p_output,
619 size_t output_size,
620 size_t *p_output_length);
621
622/**
623 * \brief A function that decrypts a short message with an asymmetric private
624 * key in a secure element.
625 *
626 * \param[in,out] drv_context The driver context structure.
627 * \param[in] key_slot Key slot of an asymmetric key pair
628 * \param[in] alg An asymmetric encryption algorithm that is
629 * compatible with the type of `key`
630 * \param[in] p_input The message to decrypt
631 * \param[in] input_length Size of the `p_input` buffer in bytes
632 * \param[in] p_salt A salt or label, if supported by the
633 * encryption algorithm
634 * If the algorithm does not support a
635 * salt, pass `NULL`.
636 * If the algorithm supports an optional
637 * salt and you do not want to pass a salt,
638 * pass `NULL`.
639 * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
640 * supported.
641 * \param[in] salt_length Size of the `p_salt` buffer in bytes
642 * If `p_salt` is `NULL`, pass 0.
643 * \param[out] p_output Buffer where the decrypted message is to
644 * be written
645 * \param[in] output_size Size of the `p_output` buffer in bytes
646 * \param[out] p_output_length On success, the number of bytes
647 * that make up the returned output
648 *
649 * \retval #PSA_SUCCESS \emptydescription
650 */
651typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context,
652 psa_key_slot_number_t key_slot,
653 psa_algorithm_t alg,
654 const uint8_t *p_input,
655 size_t input_length,
656 const uint8_t *p_salt,
657 size_t salt_length,
658 uint8_t *p_output,
659 size_t output_size,
660 size_t *p_output_length);
661
662/**
663 * \brief A struct containing all of the function pointers needed to implement
664 * asymmetric cryptographic operations using secure elements.
665 *
666 * PSA Crypto API implementations should populate instances of the table as
667 * appropriate upon startup or at build time.
668 *
669 * If one of the functions is not implemented, it should be set to NULL.
670 */
671typedef struct {
672 /** Function that performs an asymmetric sign operation */
673 psa_drv_se_asymmetric_sign_t MBEDTLS_PRIVATE(p_sign);
674 /** Function that performs an asymmetric verify operation */
675 psa_drv_se_asymmetric_verify_t MBEDTLS_PRIVATE(p_verify);
676 /** Function that performs an asymmetric encrypt operation */
677 psa_drv_se_asymmetric_encrypt_t MBEDTLS_PRIVATE(p_encrypt);
678 /** Function that performs an asymmetric decrypt operation */
679 psa_drv_se_asymmetric_decrypt_t MBEDTLS_PRIVATE(p_decrypt);
680} psa_drv_se_asymmetric_t;
681
682/**@}*/
683
684/** \defgroup se_aead Secure Element Authenticated Encryption with Additional Data
685 * Authenticated Encryption with Additional Data (AEAD) operations with secure
686 * elements must be done in one function call. While this creates a burden for
687 * implementers as there must be sufficient space in memory for the entire
688 * message, it prevents decrypted data from being made available before the
689 * authentication operation is complete and the data is known to be authentic.
690 */
691/**@{*/
692
693/** \brief A function that performs a secure element authenticated encryption
694 * operation
695 *
696 * \param[in,out] drv_context The driver context structure.
697 * \param[in] key_slot Slot containing the key to use.
698 * \param[in] algorithm The AEAD algorithm to compute
699 * (\c PSA_ALG_XXX value such that
700 * #PSA_ALG_IS_AEAD(`alg`) is true)
701 * \param[in] p_nonce Nonce or IV to use
702 * \param[in] nonce_length Size of the `p_nonce` buffer in bytes
703 * \param[in] p_additional_data Additional data that will be
704 * authenticated but not encrypted
705 * \param[in] additional_data_length Size of `p_additional_data` in bytes
706 * \param[in] p_plaintext Data that will be authenticated and
707 * encrypted
708 * \param[in] plaintext_length Size of `p_plaintext` in bytes
709 * \param[out] p_ciphertext Output buffer for the authenticated and
710 * encrypted data. The additional data is
711 * not part of this output. For algorithms
712 * where the encrypted data and the
713 * authentication tag are defined as
714 * separate outputs, the authentication
715 * tag is appended to the encrypted data.
716 * \param[in] ciphertext_size Size of the `p_ciphertext` buffer in
717 * bytes
718 * \param[out] p_ciphertext_length On success, the size of the output in
719 * the `p_ciphertext` buffer
720 *
721 * \retval #PSA_SUCCESS
722 * Success.
723 */
724typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_context,
725 psa_key_slot_number_t key_slot,
726 psa_algorithm_t algorithm,
727 const uint8_t *p_nonce,
728 size_t nonce_length,
729 const uint8_t *p_additional_data,
730 size_t additional_data_length,
731 const uint8_t *p_plaintext,
732 size_t plaintext_length,
733 uint8_t *p_ciphertext,
734 size_t ciphertext_size,
735 size_t *p_ciphertext_length);
736
737/** A function that performs a secure element authenticated decryption operation
738 *
739 * \param[in,out] drv_context The driver context structure.
740 * \param[in] key_slot Slot containing the key to use
741 * \param[in] algorithm The AEAD algorithm to compute
742 * (\c PSA_ALG_XXX value such that
743 * #PSA_ALG_IS_AEAD(`alg`) is true)
744 * \param[in] p_nonce Nonce or IV to use
745 * \param[in] nonce_length Size of the `p_nonce` buffer in bytes
746 * \param[in] p_additional_data Additional data that has been
747 * authenticated but not encrypted
748 * \param[in] additional_data_length Size of `p_additional_data` in bytes
749 * \param[in] p_ciphertext Data that has been authenticated and
750 * encrypted.
751 * For algorithms where the encrypted data
752 * and the authentication tag are defined
753 * as separate inputs, the buffer must
754 * contain the encrypted data followed by
755 * the authentication tag.
756 * \param[in] ciphertext_length Size of `p_ciphertext` in bytes
757 * \param[out] p_plaintext Output buffer for the decrypted data
758 * \param[in] plaintext_size Size of the `p_plaintext` buffer in
759 * bytes
760 * \param[out] p_plaintext_length On success, the size of the output in
761 * the `p_plaintext` buffer
762 *
763 * \retval #PSA_SUCCESS
764 * Success.
765 */
766typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_drv_se_context_t *drv_context,
767 psa_key_slot_number_t key_slot,
768 psa_algorithm_t algorithm,
769 const uint8_t *p_nonce,
770 size_t nonce_length,
771 const uint8_t *p_additional_data,
772 size_t additional_data_length,
773 const uint8_t *p_ciphertext,
774 size_t ciphertext_length,
775 uint8_t *p_plaintext,
776 size_t plaintext_size,
777 size_t *p_plaintext_length);
778
779/**
780 * \brief A struct containing all of the function pointers needed to implement
781 * secure element Authenticated Encryption with Additional Data operations
782 *
783 * PSA Crypto API implementations should populate instances of the table as
784 * appropriate upon startup.
785 *
786 * If one of the functions is not implemented, it should be set to NULL.
787 */
788typedef struct {
789 /** Function that performs the AEAD encrypt operation */
790 psa_drv_se_aead_encrypt_t MBEDTLS_PRIVATE(p_encrypt);
791 /** Function that performs the AEAD decrypt operation */
792 psa_drv_se_aead_decrypt_t MBEDTLS_PRIVATE(p_decrypt);
793} psa_drv_se_aead_t;
794/**@}*/
795
796/** \defgroup se_key_management Secure Element Key Management
797 * Currently, key management is limited to importing keys in the clear,
798 * destroying keys, and exporting keys in the clear.
799 * Whether a key may be exported is determined by the key policies in place
800 * on the key slot.
801 */
802/**@{*/
803
804/** An enumeration indicating how a key is created.
805 */
806typedef enum {
807 PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */
808 PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */
809 PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */
810 PSA_KEY_CREATION_COPY, /**< During psa_copy_key() */
811
812#ifndef __DOXYGEN_ONLY__
813 /** A key is being registered with mbedtls_psa_register_se_key().
814 *
815 * The core only passes this value to
816 * psa_drv_se_key_management_t::p_validate_slot_number, not to
817 * psa_drv_se_key_management_t::p_allocate. The call to
818 * `p_validate_slot_number` is not followed by any other call to the
819 * driver: the key is considered successfully registered if the call to
820 * `p_validate_slot_number` succeeds, or if `p_validate_slot_number` is
821 * null.
822 *
823 * With this creation method, the driver must return #PSA_SUCCESS if
824 * the given attributes are compatible with the existing key in the slot,
825 * and #PSA_ERROR_DOES_NOT_EXIST if the driver can determine that there
826 * is no key with the specified slot number.
827 *
828 * This is an Mbed TLS extension.
829 */
830 PSA_KEY_CREATION_REGISTER,
831#endif
832} psa_key_creation_method_t;
833
834/** \brief A function that allocates a slot for a key.
835 *
836 * To create a key in a specific slot in a secure element, the core
837 * first calls this function to determine a valid slot number,
838 * then calls a function to create the key material in that slot.
839 * In nominal conditions (that is, if no error occurs),
840 * the effect of a call to a key creation function in the PSA Cryptography
841 * API with a lifetime that places the key in a secure element is the
842 * following:
843 * -# The core calls psa_drv_se_key_management_t::p_allocate
844 * (or in some implementations
845 * psa_drv_se_key_management_t::p_validate_slot_number). The driver
846 * selects (or validates) a suitable slot number given the key attributes
847 * and the state of the secure element.
848 * -# The core calls a key creation function in the driver.
849 *
850 * The key creation functions in the PSA Cryptography API are:
851 * - psa_import_key(), which causes
852 * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_IMPORT
853 * then a call to psa_drv_se_key_management_t::p_import.
854 * - psa_generate_key(), which causes
855 * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_GENERATE
856 * then a call to psa_drv_se_key_management_t::p_import.
857 * - psa_key_derivation_output_key(), which causes
858 * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_DERIVE
859 * then a call to psa_drv_se_key_derivation_t::p_derive.
860 * - psa_copy_key(), which causes
861 * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_COPY
862 * then a call to psa_drv_se_key_management_t::p_export.
863 *
864 * In case of errors, other behaviors are possible.
865 * - If the PSA Cryptography subsystem dies after the first step,
866 * for example because the device has lost power abruptly,
867 * the second step may never happen, or may happen after a reset
868 * and re-initialization. Alternatively, after a reset and
869 * re-initialization, the core may call
870 * psa_drv_se_key_management_t::p_destroy on the slot number that
871 * was allocated (or validated) instead of calling a key creation function.
872 * - If an error occurs, the core may call
873 * psa_drv_se_key_management_t::p_destroy on the slot number that
874 * was allocated (or validated) instead of calling a key creation function.
875 *
876 * Errors and system resets also have an impact on the driver's persistent
877 * data. If a reset happens before the overall key creation process is
878 * completed (before or after the second step above), it is unspecified
879 * whether the persistent data after the reset is identical to what it
880 * was before or after the call to `p_allocate` (or `p_validate_slot_number`).
881 *
882 * \param[in,out] drv_context The driver context structure.
883 * \param[in,out] persistent_data A pointer to the persistent data
884 * that allows writing.
885 * \param[in] attributes Attributes of the key.
886 * \param method The way in which the key is being created.
887 * \param[out] key_slot Slot where the key will be stored.
888 * This must be a valid slot for a key of the
889 * chosen type. It must be unoccupied.
890 *
891 * \retval #PSA_SUCCESS
892 * Success.
893 * The core will record \c *key_slot as the key slot where the key
894 * is stored and will update the persistent data in storage.
895 * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
896 * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
897 */
898typedef psa_status_t (*psa_drv_se_allocate_key_t)(
899 psa_drv_se_context_t *drv_context,
900 void *persistent_data,
901 const psa_key_attributes_t *attributes,
902 psa_key_creation_method_t method,
903 psa_key_slot_number_t *key_slot);
904
905/** \brief A function that determines whether a slot number is valid
906 * for a key.
907 *
908 * To create a key in a specific slot in a secure element, the core
909 * first calls this function to validate the choice of slot number,
910 * then calls a function to create the key material in that slot.
911 * See the documentation of #psa_drv_se_allocate_key_t for more details.
912 *
913 * As of the PSA Cryptography API specification version 1.0, there is no way
914 * for applications to trigger a call to this function. However some
915 * implementations offer the capability to create or declare a key in
916 * a specific slot via implementation-specific means, generally for the
917 * sake of initial device provisioning or onboarding. Such a mechanism may
918 * be added to a future version of the PSA Cryptography API specification.
919 *
920 * This function may update the driver's persistent data through
921 * \p persistent_data. The core will save the updated persistent data at the
922 * end of the key creation process. See the description of
923 * ::psa_drv_se_allocate_key_t for more information.
924 *
925 * \param[in,out] drv_context The driver context structure.
926 * \param[in,out] persistent_data A pointer to the persistent data
927 * that allows writing.
928 * \param[in] attributes Attributes of the key.
929 * \param method The way in which the key is being created.
930 * \param[in] key_slot Slot where the key is to be stored.
931 *
932 * \retval #PSA_SUCCESS
933 * The given slot number is valid for a key with the given
934 * attributes.
935 * \retval #PSA_ERROR_INVALID_ARGUMENT
936 * The given slot number is not valid for a key with the
937 * given attributes. This includes the case where the slot
938 * number is not valid at all.
939 * \retval #PSA_ERROR_ALREADY_EXISTS
940 * There is already a key with the specified slot number.
941 * Drivers may choose to return this error from the key
942 * creation function instead.
943 */
944typedef psa_status_t (*psa_drv_se_validate_slot_number_t)(
945 psa_drv_se_context_t *drv_context,
946 void *persistent_data,
947 const psa_key_attributes_t *attributes,
948 psa_key_creation_method_t method,
949 psa_key_slot_number_t key_slot);
950
951/** \brief A function that imports a key into a secure element in binary format
952 *
953 * This function can support any output from psa_export_key(). Refer to the
954 * documentation of psa_export_key() for the format for each key type.
955 *
956 * \param[in,out] drv_context The driver context structure.
957 * \param key_slot Slot where the key will be stored.
958 * This must be a valid slot for a key of the
959 * chosen type. It must be unoccupied.
960 * \param[in] attributes The key attributes, including the lifetime,
961 * the key type and the usage policy.
962 * Drivers should not access the key size stored
963 * in the attributes: it may not match the
964 * data passed in \p data.
965 * Drivers can call psa_get_key_lifetime(),
966 * psa_get_key_type(),
967 * psa_get_key_usage_flags() and
968 * psa_get_key_algorithm() to access this
969 * information.
970 * \param[in] data Buffer containing the key data.
971 * \param[in] data_length Size of the \p data buffer in bytes.
972 * \param[out] bits On success, the key size in bits. The driver
973 * must determine this value after parsing the
974 * key according to the key type.
975 * This value is not used if the function fails.
976 *
977 * \retval #PSA_SUCCESS
978 * Success.
979 */
980typedef psa_status_t (*psa_drv_se_import_key_t)(
981 psa_drv_se_context_t *drv_context,
982 psa_key_slot_number_t key_slot,
983 const psa_key_attributes_t *attributes,
984 const uint8_t *data,
985 size_t data_length,
986 size_t *bits);
987
988/**
989 * \brief A function that destroys a secure element key and restore the slot to
990 * its default state
991 *
992 * This function destroys the content of the key from a secure element.
993 * Implementations shall make a best effort to ensure that any previous content
994 * of the slot is unrecoverable.
995 *
996 * This function returns the specified slot to its default state.
997 *
998 * \param[in,out] drv_context The driver context structure.
999 * \param[in,out] persistent_data A pointer to the persistent data
1000 * that allows writing.
1001 * \param key_slot The key slot to erase.
1002 *
1003 * \retval #PSA_SUCCESS
1004 * The slot's content, if any, has been erased.
1005 */
1006typedef psa_status_t (*psa_drv_se_destroy_key_t)(
1007 psa_drv_se_context_t *drv_context,
1008 void *persistent_data,
1009 psa_key_slot_number_t key_slot);
1010
1011/**
1012 * \brief A function that exports a secure element key in binary format
1013 *
1014 * The output of this function can be passed to psa_import_key() to
1015 * create an equivalent object.
1016 *
1017 * If a key is created with `psa_import_key()` and then exported with
1018 * this function, it is not guaranteed that the resulting data is
1019 * identical: the implementation may choose a different representation
1020 * of the same key if the format permits it.
1021 *
1022 * This function should generate output in the same format that
1023 * `psa_export_key()` does. Refer to the
1024 * documentation of `psa_export_key()` for the format for each key type.
1025 *
1026 * \param[in,out] drv_context The driver context structure.
1027 * \param[in] key Slot whose content is to be exported. This must
1028 * be an occupied key slot.
1029 * \param[out] p_data Buffer where the key data is to be written.
1030 * \param[in] data_size Size of the `p_data` buffer in bytes.
1031 * \param[out] p_data_length On success, the number of bytes
1032 * that make up the key data.
1033 *
1034 * \retval #PSA_SUCCESS \emptydescription
1035 * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription
1036 * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
1037 * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
1038 * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
1039 * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
1040 * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
1041 */
1042typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_context,
1043 psa_key_slot_number_t key,
1044 uint8_t *p_data,
1045 size_t data_size,
1046 size_t *p_data_length);
1047
1048/**
1049 * \brief A function that generates a symmetric or asymmetric key on a secure
1050 * element
1051 *
1052 * If the key type \c type recorded in \p attributes
1053 * is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\c type) = 1),
1054 * the driver may export the public key at the time of generation,
1055 * in the format documented for psa_export_public_key() by writing it
1056 * to the \p pubkey buffer.
1057 * This is optional, intended for secure elements that output the
1058 * public key at generation time and that cannot export the public key
1059 * later. Drivers that do not need this feature should leave
1060 * \p *pubkey_length set to 0 and should
1061 * implement the psa_drv_key_management_t::p_export_public function.
1062 * Some implementations do not support this feature, in which case
1063 * \p pubkey is \c NULL and \p pubkey_size is 0.
1064 *
1065 * \param[in,out] drv_context The driver context structure.
1066 * \param key_slot Slot where the key will be stored.
1067 * This must be a valid slot for a key of the
1068 * chosen type. It must be unoccupied.
1069 * \param[in] attributes The key attributes, including the lifetime,
1070 * the key type and size, and the usage policy.
1071 * Drivers can call psa_get_key_lifetime(),
1072 * psa_get_key_type(), psa_get_key_bits(),
1073 * psa_get_key_usage_flags() and
1074 * psa_get_key_algorithm() to access this
1075 * information.
1076 * \param[out] pubkey A buffer where the driver can write the
1077 * public key, when generating an asymmetric
1078 * key pair.
1079 * This is \c NULL when generating a symmetric
1080 * key or if the core does not support
1081 * exporting the public key at generation time.
1082 * \param pubkey_size The size of the `pubkey` buffer in bytes.
1083 * This is 0 when generating a symmetric
1084 * key or if the core does not support
1085 * exporting the public key at generation time.
1086 * \param[out] pubkey_length On entry, this is always 0.
1087 * On success, the number of bytes written to
1088 * \p pubkey. If this is 0 or unchanged on return,
1089 * the core will not read the \p pubkey buffer,
1090 * and will instead call the driver's
1091 * psa_drv_key_management_t::p_export_public
1092 * function to export the public key when needed.
1093 */
1094typedef psa_status_t (*psa_drv_se_generate_key_t)(
1095 psa_drv_se_context_t *drv_context,
1096 psa_key_slot_number_t key_slot,
1097 const psa_key_attributes_t *attributes,
1098 uint8_t *pubkey, size_t pubkey_size, size_t *pubkey_length);
1099
1100/**
1101 * \brief A struct containing all of the function pointers needed to for secure
1102 * element key management
1103 *
1104 * PSA Crypto API implementations should populate instances of the table as
1105 * appropriate upon startup or at build time.
1106 *
1107 * If one of the functions is not implemented, it should be set to NULL.
1108 */
1109typedef struct {
1110 /** Function that allocates a slot for a key. */
1111 psa_drv_se_allocate_key_t MBEDTLS_PRIVATE(p_allocate);
1112 /** Function that checks the validity of a slot for a key. */
1113 psa_drv_se_validate_slot_number_t MBEDTLS_PRIVATE(p_validate_slot_number);
1114 /** Function that performs a key import operation */
1115 psa_drv_se_import_key_t MBEDTLS_PRIVATE(p_import);
1116 /** Function that performs a generation */
1117 psa_drv_se_generate_key_t MBEDTLS_PRIVATE(p_generate);
1118 /** Function that performs a key destroy operation */
1119 psa_drv_se_destroy_key_t MBEDTLS_PRIVATE(p_destroy);
1120 /** Function that performs a key export operation */
1121 psa_drv_se_export_key_t MBEDTLS_PRIVATE(p_export);
1122 /** Function that performs a public key export operation */
1123 psa_drv_se_export_key_t MBEDTLS_PRIVATE(p_export_public);
1124} psa_drv_se_key_management_t;
1125
1126/**@}*/
1127
1128/** \defgroup driver_derivation Secure Element Key Derivation and Agreement
1129 * Key derivation is the process of generating new key material using an
1130 * existing key and additional parameters, iterating through a basic
1131 * cryptographic function, such as a hash.
1132 * Key agreement is a part of cryptographic protocols that allows two parties
1133 * to agree on the same key value, but starting from different original key
1134 * material.
1135 * The flows are similar, and the PSA Crypto Driver Model uses the same functions
1136 * for both of the flows.
1137 *
1138 * There are two different final functions for the flows,
1139 * `psa_drv_se_key_derivation_derive` and `psa_drv_se_key_derivation_export`.
1140 * `psa_drv_se_key_derivation_derive` is used when the key material should be
1141 * placed in a slot on the hardware and not exposed to the caller.
1142 * `psa_drv_se_key_derivation_export` is used when the key material should be
1143 * returned to the PSA Cryptographic API implementation.
1144 *
1145 * Different key derivation algorithms require a different number of inputs.
1146 * Instead of having an API that takes as input variable length arrays, which
1147 * can be problematic to manage on embedded platforms, the inputs are passed
1148 * to the driver via a function, `psa_drv_se_key_derivation_collateral`, that
1149 * is called multiple times with different `collateral_id`s. Thus, for a key
1150 * derivation algorithm that required 3 parameter inputs, the flow would look
1151 * something like:
1152 * ~~~~~~~~~~~~~{.c}
1153 * psa_drv_se_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
1154 * psa_drv_se_key_derivation_collateral(kdf_algorithm_collateral_id_0,
1155 * p_collateral_0,
1156 * collateral_0_size);
1157 * psa_drv_se_key_derivation_collateral(kdf_algorithm_collateral_id_1,
1158 * p_collateral_1,
1159 * collateral_1_size);
1160 * psa_drv_se_key_derivation_collateral(kdf_algorithm_collateral_id_2,
1161 * p_collateral_2,
1162 * collateral_2_size);
1163 * psa_drv_se_key_derivation_derive();
1164 * ~~~~~~~~~~~~~
1165 *
1166 * key agreement example:
1167 * ~~~~~~~~~~~~~{.c}
1168 * psa_drv_se_key_derivation_setup(alg, source_key. dest_key_size_bytes);
1169 * psa_drv_se_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
1170 * psa_drv_se_key_derivation_export(p_session_key,
1171 * session_key_size,
1172 * &session_key_length);
1173 * ~~~~~~~~~~~~~
1174 */
1175/**@{*/
1176
1177/** \brief A function that Sets up a secure element key derivation operation by
1178 * specifying the algorithm and the source key sot
1179 *
1180 * \param[in,out] drv_context The driver context structure.
1181 * \param[in,out] op_context A hardware-specific structure containing any
1182 * context information for the implementation
1183 * \param[in] kdf_alg The algorithm to be used for the key derivation
1184 * \param[in] source_key The key to be used as the source material for
1185 * the key derivation
1186 *
1187 * \retval #PSA_SUCCESS \emptydescription
1188 */
1189typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context,
1190 void *op_context,
1191 psa_algorithm_t kdf_alg,
1192 psa_key_slot_number_t source_key);
1193
1194/** \brief A function that provides collateral (parameters) needed for a secure
1195 * element key derivation or key agreement operation
1196 *
1197 * Since many key derivation algorithms require multiple parameters, it is
1198 * expected that this function may be called multiple times for the same
1199 * operation, each with a different algorithm-specific `collateral_id`
1200 *
1201 * \param[in,out] op_context A hardware-specific structure containing any
1202 * context information for the implementation
1203 * \param[in] collateral_id An ID for the collateral being provided
1204 * \param[in] p_collateral A buffer containing the collateral data
1205 * \param[in] collateral_size The size in bytes of the collateral
1206 *
1207 * \retval #PSA_SUCCESS \emptydescription
1208 */
1209typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context,
1210 uint32_t collateral_id,
1211 const uint8_t *p_collateral,
1212 size_t collateral_size);
1213
1214/** \brief A function that performs the final secure element key derivation
1215 * step and place the generated key material in a slot
1216 *
1217 * \param[in,out] op_context A hardware-specific structure containing any
1218 * context information for the implementation
1219 * \param[in] dest_key The slot where the generated key material
1220 * should be placed
1221 *
1222 * \retval #PSA_SUCCESS \emptydescription
1223 */
1224typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context,
1225 psa_key_slot_number_t dest_key);
1226
1227/** \brief A function that performs the final step of a secure element key
1228 * agreement and place the generated key material in a buffer
1229 *
1230 * \param[out] p_output Buffer in which to place the generated key
1231 * material
1232 * \param[in] output_size The size in bytes of `p_output`
1233 * \param[out] p_output_length Upon success, contains the number of bytes of
1234 * key material placed in `p_output`
1235 *
1236 * \retval #PSA_SUCCESS \emptydescription
1237 */
1238typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context,
1239 uint8_t *p_output,
1240 size_t output_size,
1241 size_t *p_output_length);
1242
1243/**
1244 * \brief A struct containing all of the function pointers needed to for secure
1245 * element key derivation and agreement
1246 *
1247 * PSA Crypto API implementations should populate instances of the table as
1248 * appropriate upon startup.
1249 *
1250 * If one of the functions is not implemented, it should be set to NULL.
1251 */
1252typedef struct {
1253 /** The driver-specific size of the key derivation context */
1254 size_t MBEDTLS_PRIVATE(context_size);
1255 /** Function that performs a key derivation setup */
1256 psa_drv_se_key_derivation_setup_t MBEDTLS_PRIVATE(p_setup);
1257 /** Function that sets key derivation collateral */
1258 psa_drv_se_key_derivation_collateral_t MBEDTLS_PRIVATE(p_collateral);
1259 /** Function that performs a final key derivation step */
1260 psa_drv_se_key_derivation_derive_t MBEDTLS_PRIVATE(p_derive);
1261 /** Function that performs a final key derivation or agreement and
1262 * exports the key */
1263 psa_drv_se_key_derivation_export_t MBEDTLS_PRIVATE(p_export);
1264} psa_drv_se_key_derivation_t;
1265
1266/**@}*/
1267
1268/** \defgroup se_registration Secure element driver registration
1269 */
1270/**@{*/
1271
1272/** A structure containing pointers to all the entry points of a
1273 * secure element driver.
1274 *
1275 * Future versions of this specification may add extra substructures at
1276 * the end of this structure.
1277 */
1278typedef struct {
1279 /** The version of the driver HAL that this driver implements.
1280 * This is a protection against loading driver binaries built against
1281 * a different version of this specification.
1282 * Use #PSA_DRV_SE_HAL_VERSION.
1283 */
1284 uint32_t MBEDTLS_PRIVATE(hal_version);
1285
1286 /** The size of the driver's persistent data in bytes.
1287 *
1288 * This can be 0 if the driver does not need persistent data.
1289 *
1290 * See the documentation of psa_drv_se_context_t::persistent_data
1291 * for more information about why and how a driver can use
1292 * persistent data.
1293 */
1294 size_t MBEDTLS_PRIVATE(persistent_data_size);
1295
1296 /** The driver initialization function.
1297 *
1298 * This function is called once during the initialization of the
1299 * PSA Cryptography subsystem, before any other function of the
1300 * driver is called. If this function returns a failure status,
1301 * the driver will be unusable, at least until the next system reset.
1302 *
1303 * If this field is \c NULL, it is equivalent to a function that does
1304 * nothing and returns #PSA_SUCCESS.
1305 */
1306 psa_drv_se_init_t MBEDTLS_PRIVATE(p_init);
1307
1308 const psa_drv_se_key_management_t *MBEDTLS_PRIVATE(key_management);
1309 const psa_drv_se_mac_t *MBEDTLS_PRIVATE(mac);
1310 const psa_drv_se_cipher_t *MBEDTLS_PRIVATE(cipher);
1311 const psa_drv_se_aead_t *MBEDTLS_PRIVATE(aead);
1312 const psa_drv_se_asymmetric_t *MBEDTLS_PRIVATE(asymmetric);
1313 const psa_drv_se_key_derivation_t *MBEDTLS_PRIVATE(derivation);
1314} psa_drv_se_t;
1315
1316/** The current version of the secure element driver HAL.
1317 */
1318/* 0.0.0 patchlevel 5 */
1319#define PSA_DRV_SE_HAL_VERSION 0x00000005
1320
1321/** Register an external cryptoprocessor (secure element) driver.
1322 *
1323 * This function is only intended to be used by driver code, not by
1324 * application code. In implementations with separation between the
1325 * PSA cryptography module and applications, this function should
1326 * only be available to callers that run in the same memory space as
1327 * the cryptography module, and should not be exposed to applications
1328 * running in a different memory space.
1329 *
1330 * This function may be called before psa_crypto_init(). It is
1331 * implementation-defined whether this function may be called
1332 * after psa_crypto_init().
1333 *
1334 * \note Implementations store metadata about keys including the lifetime
1335 * value, which contains the driver's location indicator. Therefore,
1336 * from one instantiation of the PSA Cryptography
1337 * library to the next one, if there is a key in storage with a certain
1338 * lifetime value, you must always register the same driver (or an
1339 * updated version that communicates with the same secure element)
1340 * with the same location value.
1341 *
1342 * \param location The location value through which this driver will
1343 * be exposed to applications.
1344 * This driver will be used for all keys such that
1345 * `location == #PSA_KEY_LIFETIME_GET_LOCATION( lifetime )`.
1346 * The value #PSA_KEY_LOCATION_LOCAL_STORAGE is reserved
1347 * and may not be used for drivers. Implementations
1348 * may reserve other values.
1349 * \param[in] methods The method table of the driver. This structure must
1350 * remain valid for as long as the cryptography
1351 * module keeps running. It is typically a global
1352 * constant.
1353 *
1354 * \return #PSA_SUCCESS
1355 * The driver was successfully registered. Applications can now
1356 * use \p location to access keys through the methods passed to
1357 * this function.
1358 * \return #PSA_ERROR_BAD_STATE
1359 * This function was called after the initialization of the
1360 * cryptography module, and this implementation does not support
1361 * driver registration at this stage.
1362 * \return #PSA_ERROR_ALREADY_EXISTS
1363 * There is already a registered driver for this value of \p location.
1364 * \return #PSA_ERROR_INVALID_ARGUMENT
1365 * \p location is a reserved value.
1366 * \return #PSA_ERROR_NOT_SUPPORTED
1367 * `methods->hal_version` is not supported by this implementation.
1368 * \return #PSA_ERROR_INSUFFICIENT_MEMORY
1369 * \return #PSA_ERROR_NOT_PERMITTED
1370 * \return #PSA_ERROR_STORAGE_FAILURE
1371 * \return #PSA_ERROR_DATA_CORRUPT
1372 */
1373psa_status_t psa_register_se_driver(
1374 psa_key_location_t location,
1375 const psa_drv_se_t *methods);
1376
1377/**@}*/
1378
1379#ifdef __cplusplus
1380}
1381#endif
1382
1383#endif /* PSA_CRYPTO_SE_DRIVER_H */