TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / dc1075c036d7c6a641366882590ae7515a0835b6 / . / secure_fw / partitions / crypto / crypto_aead.c
blob: 85ec46b78daaafba5cca150256194c839ca4b8ac [file] [log] [blame]
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]1/*
Antonio de Angelis902fdd02022-01-07 13:37:12 +0000[diff] [blame]2 * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]8#include <stddef.h>
9#include <stdint.h>
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]10
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]11#include "tfm_mbedcrypto_include.h"
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]12
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]13#include "tfm_crypto_api.h"
14#include "tfm_crypto_defs.h"
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]15#include "tfm_crypto_private.h"
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]16
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]17/*!
18 * \defgroup public_psa Public functions, PSA
19 *
20 */
21
22/*!@{*/
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]23psa_status_t tfm_crypto_aead_encrypt(psa_invec in_vec[],
24 size_t in_len,
25 psa_outvec out_vec[],
26 size_t out_len)
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]27{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]28#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]29 return PSA_ERROR_NOT_SUPPORTED;
30#else
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]31 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]32
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]33 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 3, out_len, 0, 1);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]34
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]35 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]36 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]37 }
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]38
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]39 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
40 const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]41 psa_key_id_t key_id = iov->key_id;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]42 psa_algorithm_t alg = iov->alg;
43 const uint8_t *nonce = aead_pack_input->nonce;
44 size_t nonce_length = aead_pack_input->nonce_length;
45 const uint8_t *plaintext = in_vec[1].base;
46 size_t plaintext_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]47 uint8_t *ciphertext = out_vec[0].base;
48 size_t ciphertext_size = out_vec[0].len;
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]49 const uint8_t *additional_data = in_vec[2].base;
50 size_t additional_data_length = in_vec[2].len;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]51 mbedtls_svc_key_id_t encoded_key;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]52
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]53 /* Initialise ciphertext_length to zero. */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]54 out_vec[0].len = 0;
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]55
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]56 status = tfm_crypto_encode_id_and_owner(key_id, &encoded_key);
57 if (status != PSA_SUCCESS) {
58 return status;
59 }
60
61 return psa_aead_encrypt(encoded_key, alg, nonce, nonce_length,
62 additional_data, additional_data_length,
63 plaintext, plaintext_length,
64 ciphertext, ciphertext_size, &out_vec[0].len);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]65#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]66}
67
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]68psa_status_t tfm_crypto_aead_decrypt(psa_invec in_vec[],
69 size_t in_len,
70 psa_outvec out_vec[],
71 size_t out_len)
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]72{
Kevin Peng96f802e2019-12-26 16:10:25 +0800[diff] [blame]73#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]74 return PSA_ERROR_NOT_SUPPORTED;
75#else
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]76 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]77
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]78 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 3, out_len, 0, 1);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]79
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]80 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
Soby Mathewc6e89362020-10-19 16:55:16 +0100[diff] [blame]81 return PSA_ERROR_PROGRAMMER_ERROR;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]82 }
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]83
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]84 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
85 const struct tfm_crypto_aead_pack_input *aead_pack_input = &iov->aead_in;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]86 psa_key_id_t key_id = iov->key_id;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]87 psa_algorithm_t alg = iov->alg;
88 const uint8_t *nonce = aead_pack_input->nonce;
89 size_t nonce_length = aead_pack_input->nonce_length;
90 const uint8_t *ciphertext = in_vec[1].base;
91 size_t ciphertext_length = in_vec[1].len;
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]92 uint8_t *plaintext = out_vec[0].base;
93 size_t plaintext_size = out_vec[0].len;
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]94 const uint8_t *additional_data = in_vec[2].base;
95 size_t additional_data_length = in_vec[2].len;
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]96 mbedtls_svc_key_id_t encoded_key;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]97
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]98 /* Initialise plaintext_length to zero. */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]99 out_vec[0].len = 0;
Jamie Fox82b87ca2018-12-11 16:41:11 +0000[diff] [blame]100
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]101 status = tfm_crypto_encode_id_and_owner(key_id, &encoded_key);
102 if (status != PSA_SUCCESS) {
103 return status;
104 }
105
106 return psa_aead_decrypt(encoded_key, alg, nonce, nonce_length,
107 additional_data, additional_data_length,
108 ciphertext, ciphertext_length,
109 plaintext, plaintext_size, &out_vec[0].len);
Antonio de Angelis7740b382019-07-16 10:59:25 +0100[diff] [blame]110#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]111}
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]112
113psa_status_t tfm_crypto_aead_encrypt_setup(psa_invec in_vec[],
114 size_t in_len,
115 psa_outvec out_vec[],
116 size_t out_len)
117{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]118#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]119 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]120#else
121 psa_status_t status = PSA_SUCCESS;
122 psa_aead_operation_t *operation = NULL;
123
124 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
125
126 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
127 return PSA_ERROR_PROGRAMMER_ERROR;
128 }
129 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
130 uint32_t handle = iov->op_handle;
131 uint32_t *handle_out = out_vec[0].base;
132 psa_key_id_t key_id = iov->key_id;
133 psa_algorithm_t alg = iov->alg;
134 mbedtls_svc_key_id_t encoded_key;
135
136 /* Init the handle in the operation with the one passed from the iov */
137 *handle_out = iov->op_handle;
138
139 /* Allocate the operation context in the secure world */
140 status = tfm_crypto_operation_alloc(TFM_CRYPTO_AEAD_OPERATION,
141 &handle,
142 (void **)&operation);
143 if (status != PSA_SUCCESS) {
144 return status;
145 }
146
147 *handle_out = handle;
148
149 status = tfm_crypto_encode_id_and_owner(key_id, &encoded_key);
150 if (status != PSA_SUCCESS) {
151 goto exit;
152 }
153
154 status = psa_aead_encrypt_setup(operation, encoded_key, alg);
155 if (status != PSA_SUCCESS) {
156 goto exit;
157 }
158
159 return status;
160
161exit:
162 /* Release the operation context, ignore if the operation fails. */
163 (void)tfm_crypto_operation_release(handle_out);
164 return status;
165#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]166}
167
168psa_status_t tfm_crypto_aead_decrypt_setup(psa_invec in_vec[],
169 size_t in_len,
170 psa_outvec out_vec[],
171 size_t out_len)
172{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]173#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]174 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]175#else
176 psa_status_t status = PSA_SUCCESS;
177 psa_aead_operation_t *operation = NULL;
178
179 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
180
181 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
182 return PSA_ERROR_PROGRAMMER_ERROR;
183 }
184 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
185 uint32_t handle = iov->op_handle;
186 uint32_t *handle_out = out_vec[0].base;
187 psa_key_id_t key_id = iov->key_id;
188 psa_algorithm_t alg = iov->alg;
189 mbedtls_svc_key_id_t encoded_key;
190
191 /* Init the handle in the operation with the one passed from the iov */
192 *handle_out = iov->op_handle;
193
194 /* Allocate the operation context in the secure world */
195 status = tfm_crypto_operation_alloc(TFM_CRYPTO_AEAD_OPERATION,
196 &handle,
197 (void **)&operation);
198 if (status != PSA_SUCCESS) {
199 return status;
200 }
201
202 *handle_out = handle;
203
204 status = tfm_crypto_encode_id_and_owner(key_id, &encoded_key);
205 if (status != PSA_SUCCESS) {
206 goto exit;
207 }
208
209 status = psa_aead_decrypt_setup(operation, encoded_key, alg);
210 if (status != PSA_SUCCESS) {
211 goto exit;
212 }
213
214 return status;
215
216exit:
217 /* Release the operation context, ignore if the operation fails. */
218 (void)tfm_crypto_operation_release(handle_out);
219 return status;
220#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]221}
222
223psa_status_t tfm_crypto_aead_abort(psa_invec in_vec[],
224 size_t in_len,
225 psa_outvec out_vec[],
226 size_t out_len)
227{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]228#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]229 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]230#else
231 psa_status_t status = PSA_SUCCESS;
232 psa_aead_operation_t *operation = NULL;
233
234 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
235
236 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
237 (out_vec[0].len != sizeof(uint32_t))) {
238 return PSA_ERROR_PROGRAMMER_ERROR;
239 }
240 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
241 uint32_t handle = iov->op_handle;
242 uint32_t *handle_out = out_vec[0].base;
243
244 /* Init the handle in the operation with the one passed from the iov */
245 *handle_out = iov->op_handle;
246
247 /* Look up the corresponding operation context */
248 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
249 handle,
250 (void **)&operation);
251 if (status != PSA_SUCCESS) {
252 /* Operation does not exist, so abort has no effect */
253 return PSA_SUCCESS;
254 }
255
256 status = psa_aead_abort(operation);
257
258 if (status != PSA_SUCCESS) {
259 /* Release the operation context, ignore if the operation fails. */
260 (void)tfm_crypto_operation_release(handle_out);
261 return status;
262 }
263
264 return tfm_crypto_operation_release(handle_out);
265#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]266}
267
268psa_status_t tfm_crypto_aead_finish(psa_invec in_vec[],
269 size_t in_len,
270 psa_outvec out_vec[],
271 size_t out_len)
272{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]273#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]274 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]275#else
276 psa_status_t status = PSA_SUCCESS;
277 psa_aead_operation_t *operation = NULL;
278
Antonio de Angelis902fdd02022-01-07 13:37:12 +0000[diff] [blame]279 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 2, 3);
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]280
281 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
282 (out_vec[0].len != sizeof(uint32_t))) {
283 return PSA_ERROR_PROGRAMMER_ERROR;
284 }
285 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
286 uint32_t handle = iov->op_handle;
287 uint32_t *handle_out = out_vec[0].base;
Antonio de Angelis902fdd02022-01-07 13:37:12 +0000[diff] [blame]288 uint8_t *ciphertext = out_vec[2].base;
289 size_t ciphertext_size = out_vec[2].len;
290 uint8_t *tag = out_vec[1].base;
291 size_t tag_size = out_vec[1].len;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]292
293 /* Init the handle in the operation with the one passed from the iov */
294 *handle_out = iov->op_handle;
295
296 /* Initialise tag and ciphertext lengths to zero */
297 out_vec[1].len = 0;
298 out_vec[2].len = 0;
299
300 /* Look up the corresponding operation context */
301 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
302 handle,
303 (void **)&operation);
304 if (status != PSA_SUCCESS) {
305 return status;
306 }
307
308 status = psa_aead_finish(operation,
Antonio de Angelis902fdd02022-01-07 13:37:12 +0000[diff] [blame]309 ciphertext, ciphertext_size, &out_vec[2].len,
310 tag, tag_size, &out_vec[1].len);
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]311 if (status == PSA_SUCCESS) {
312 /* Release the operation context, ignore if the operation fails. */
313 (void)tfm_crypto_operation_release(handle_out);
314 }
315
316 return status;
317#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]318}
319
320psa_status_t tfm_crypto_aead_generate_nonce(psa_invec in_vec[],
321 size_t in_len,
322 psa_outvec out_vec[],
323 size_t out_len)
324{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]325#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]326 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]327#else
328 psa_status_t status = PSA_SUCCESS;
329 psa_aead_operation_t *operation = NULL;
330
331 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 2, 2);
332
333 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
334 (out_vec[0].len != sizeof(uint32_t))) {
335 return PSA_ERROR_PROGRAMMER_ERROR;
336 }
337 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
338 uint32_t handle = iov->op_handle;
339 uint32_t *handle_out = out_vec[0].base;
340 uint8_t *nonce = out_vec[1].base;
341 size_t nonce_size = out_vec[1].len;
342
343 /* Init the handle in the operation with the one passed from the iov */
344 *handle_out = iov->op_handle;
345
346 /* Initialise nonce length to zero */
347 out_vec[1].len = 0;
348
349 /* Look up the corresponding operation context */
350 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
351 handle,
352 (void **)&operation);
353 if (status != PSA_SUCCESS) {
354 return status;
355 }
356
357 status = psa_aead_generate_nonce(operation,
358 nonce, nonce_size, &out_vec[1].len);
359
360 if (status != PSA_SUCCESS) {
361 /* Release the operation context, ignore if the operation fails. */
362 (void)tfm_crypto_operation_release(handle_out);
363 }
364
365 return status;
366#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]367}
368
369psa_status_t tfm_crypto_aead_set_nonce(psa_invec in_vec[],
370 size_t in_len,
371 psa_outvec out_vec[],
372 size_t out_len)
373{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]374#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]375 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]376#else
377 psa_status_t status = PSA_SUCCESS;
378 psa_aead_operation_t *operation = NULL;
379
380 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
381
382 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
383 (out_vec[0].len != sizeof(uint32_t))) {
384 return PSA_ERROR_PROGRAMMER_ERROR;
385 }
386 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
387 uint32_t handle = iov->op_handle;
388 uint32_t *handle_out = out_vec[0].base;
389 const uint8_t *nonce = in_vec[1].base;
390 size_t nonce_size = in_vec[1].len;
391
392 /* Init the handle in the operation with the one passed from the iov */
393 *handle_out = iov->op_handle;
394
395 /* Look up the corresponding operation context */
396 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
397 handle,
398 (void **)&operation);
399 if (status != PSA_SUCCESS) {
400 return status;
401 }
402
403 status = psa_aead_set_nonce(operation, nonce, nonce_size);
404
405 if (status != PSA_SUCCESS) {
406 /* Release the operation context, ignore if the operation fails. */
407 (void)tfm_crypto_operation_release(handle_out);
408 }
409
410 return status;
411#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]412}
413
414psa_status_t tfm_crypto_aead_set_lengths(psa_invec in_vec[],
415 size_t in_len,
416 psa_outvec out_vec[],
417 size_t out_len)
418{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]419#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]420 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]421#else
422 psa_status_t status = PSA_SUCCESS;
423 psa_aead_operation_t *operation = NULL;
424
425 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
426
427 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
428 (out_vec[0].len != sizeof(uint32_t))) {
429 return PSA_ERROR_PROGRAMMER_ERROR;
430 }
431 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
432 uint32_t handle = iov->op_handle;
433 uint32_t *handle_out = out_vec[0].base;
434 size_t ad_length = iov->ad_length;
435 size_t plaintext_length = iov->plaintext_length;
436
437 /* Init the handle in the operation with the one passed from the iov */
438 *handle_out = iov->op_handle;
439
440 /* Look up the corresponding operation context */
441 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
442 handle,
443 (void **)&operation);
444 if (status != PSA_SUCCESS) {
445 return status;
446 }
447 status = psa_aead_set_lengths(operation,
448 ad_length,
449 plaintext_length);
450
451 if (status != PSA_SUCCESS) {
452 /* Release the operation context, ignore if the operation fails. */
453 (void)tfm_crypto_operation_release(handle_out);
454 }
455
456 return status;
457#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]458}
459
460psa_status_t tfm_crypto_aead_update(psa_invec in_vec[],
461 size_t in_len,
462 psa_outvec out_vec[],
463 size_t out_len)
464{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]465#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]466 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]467#else
468 psa_status_t status = PSA_SUCCESS;
469 psa_aead_operation_t *operation = NULL;
470
471 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 2, 2);
472
473 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
474 (out_vec[0].len != sizeof(uint32_t))) {
475 return PSA_ERROR_PROGRAMMER_ERROR;
476 }
477 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
478 uint32_t handle = iov->op_handle;
479 uint32_t *handle_out = out_vec[0].base;
480 const uint8_t *input = in_vec[1].base;
481 size_t input_length = in_vec[1].len;
482 uint8_t *output = out_vec[1].base;
483 size_t output_size = out_vec[1].len;
484
485 /* Init the handle in the operation with the one passed from the iov */
486 *handle_out = iov->op_handle;
487
488 /* Look up the corresponding operation context */
489 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
490 handle,
491 (void **)&operation);
492 if (status != PSA_SUCCESS) {
493 return status;
494 }
495
496 status = psa_aead_update(operation,
497 input, input_length,
498 output, output_size, &out_vec[1].len);
499
500 if (status != PSA_SUCCESS) {
501 /* Release the operation context, ignore if the operation fails. */
502 (void)tfm_crypto_operation_release(handle_out);
503 }
504
505 return status;
506#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]507}
508
509psa_status_t tfm_crypto_aead_update_ad(psa_invec in_vec[],
510 size_t in_len,
511 psa_outvec out_vec[],
512 size_t out_len)
513{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]514#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]515 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]516#else
517 psa_status_t status = PSA_SUCCESS;
518 psa_aead_operation_t *operation = NULL;
519
520 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
521
522 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
523 (out_vec[0].len != sizeof(uint32_t))) {
524 return PSA_ERROR_PROGRAMMER_ERROR;
525 }
526 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
527 uint32_t handle = iov->op_handle;
528 uint32_t *handle_out = out_vec[0].base;
529 const uint8_t *input = in_vec[1].base;
530 size_t input_length = in_vec[1].len;
531
532 /* Init the handle in the operation with the one passed from the iov */
533 *handle_out = iov->op_handle;
534
535 /* Look up the corresponding operation context */
536 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
537 handle,
538 (void **)&operation);
539 if (status != PSA_SUCCESS) {
540 return status;
541 }
542
543 status = psa_aead_update_ad(operation, input, input_length);
544
545 if (status != PSA_SUCCESS) {
546 /* Release the operation context, ignore if the operation fails. */
547 (void)tfm_crypto_operation_release(handle_out);
548 }
549
550 return status;
551#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]552}
553
554psa_status_t tfm_crypto_aead_verify(psa_invec in_vec[],
555 size_t in_len,
556 psa_outvec out_vec[],
557 size_t out_len)
558{
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]559#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]560 return PSA_ERROR_NOT_SUPPORTED;
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]561#else
562 psa_status_t status = PSA_SUCCESS;
563 psa_aead_operation_t *operation = NULL;
564
Antonio de Angelis902fdd02022-01-07 13:37:12 +0000[diff] [blame]565 CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 2);
Antonio de Angelis8d282482021-10-07 15:04:12 +0100[diff] [blame]566
567 if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
568 (out_vec[0].len != sizeof(uint32_t))) {
569 return PSA_ERROR_PROGRAMMER_ERROR;
570 }
571 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
572 uint32_t handle = iov->op_handle;
573 uint32_t *handle_out = out_vec[0].base;
574 const uint8_t *tag = in_vec[1].base;
575 size_t tag_length = in_vec[1].len;
576 uint8_t *plaintext = out_vec[1].base;
577 size_t plaintext_size = out_vec[1].len;
578
579 /* Init the handle in the operation with the one passed from the iov */
580 *handle_out = iov->op_handle;
581
582 /* Look up the corresponding operation context */
583 status = tfm_crypto_operation_lookup(TFM_CRYPTO_AEAD_OPERATION,
584 handle,
585 (void **)&operation);
586 if (status != PSA_SUCCESS) {
587 return status;
588 }
589
590 status = psa_aead_verify(operation,
591 plaintext, plaintext_size, &out_vec[1].len,
592 tag, tag_length);
593
594 if (status == PSA_SUCCESS) {
595 /* Release the operation context, ignore if the operation fails. */
596 (void)tfm_crypto_operation_release(handle_out);
597 }
598
599 return status;
600#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]601}
Antonio de Angelis3a480992018-11-07 11:53:28 +0000[diff] [blame]602/*!@}*/