TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / b9492d295c10a1ccabdaccad773c334631328273 / . / secure_fw / partitions / crypto / tfm_crypto_api.h
blob: ff1d17b56061eaded7bbd8e44147a5d9b741c1c2 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]2 * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#ifndef __TFM_CRYPTO_API_H__
9#define __TFM_CRYPTO_API_H__
10
11#ifdef __cplusplus
12extern "C" {
13#endif
14
15#include <stdint.h>
16#include "tfm_crypto_defs.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]17#ifdef TFM_PSA_API
Jamie Foxcc31d402019-01-28 17:13:52 +0000[diff] [blame]18#include "psa/service.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]19
20/**
21 * \brief This define is a function pointer type to the Uniform Signature API
22 * prototype.
23 */
24typedef psa_status_t (*tfm_crypto_us_t)(psa_invec[],size_t,psa_outvec[],size_t);
25#endif
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]26
Soby Mathewd7b79f22020-05-21 15:06:54 +0100[diff] [blame]27#include "psa/crypto_client_struct.h"
28
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]29#define UNIFORM_SIGNATURE_API(api_name) \
30 psa_status_t api_name(psa_invec[], size_t, psa_outvec[], size_t)
31
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]32/**
33 * \brief List of possible operation types supported by the TFM based
34 * implementation. This type is needed by the operation allocation,
35 * lookup and release functions.
36 *
37 */
38enum tfm_crypto_operation_type {
39 TFM_CRYPTO_OPERATION_NONE = 0,
40 TFM_CRYPTO_CIPHER_OPERATION = 1,
41 TFM_CRYPTO_MAC_OPERATION = 2,
42 TFM_CRYPTO_HASH_OPERATION = 3,
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]43 TFM_CRYPTO_KEY_DERIVATION_OPERATION = 4,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]44
45 /* Used to force the enum size */
46 TFM_CRYPTO_OPERATION_TYPE_MAX = INT_MAX
47};
48
49/**
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]50 * \brief Initialise the service
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]51 *
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]52 * \return Return values as described in \ref psa_status_t
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]53 */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]54psa_status_t tfm_crypto_init(void);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]55
56/**
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]57 * \brief Initialise the Alloc module
58 *
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]59 * \return Return values as described in \ref psa_status_t
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]60 */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]61psa_status_t tfm_crypto_init_alloc(void);
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]62
63/**
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]64 * \brief Returns the ID of the caller
65 *
66 * \param[out] id Pointer to hold the ID of the caller
67 *
68 * \return Return values as described in \ref psa_status_t
69 */
70psa_status_t tfm_crypto_get_caller_id(int32_t *id);
71
72/**
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]73 * \brief Gets key attributes from client key attributes.
74 *
75 * \param[in] client_key_attr Client key attributes
76 * \param[in] client_id Partition ID of the calling client
77 * \param[out] key_attributes Key attributes
78 *
79 * \return Return values as described in \ref psa_status_t
80 */
81psa_status_t tfm_crypto_key_attributes_from_client(
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]82 const struct psa_client_key_attributes_s *client_key_attr,
83 int32_t client_id,
84 psa_key_attributes_t *key_attributes);
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]85
86/**
87 * \brief Converts key attributes to client key attributes.
88 *
89 * \param[in] key_attributes Key attributes
90 * \param[out] client_key_attr Client key attributes
91 *
92 * \return Return values as described in \ref psa_status_t
93 */
94psa_status_t tfm_crypto_key_attributes_to_client(
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]95 const psa_key_attributes_t *key_attributes,
96 struct psa_client_key_attributes_s *client_key_attr);
Jamie Fox98ab4412020-01-17 17:12:30 +0000[diff] [blame]97
98/**
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]99 * \brief Checks that the requested handle belongs to the requesting
100 * partition
101 *
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]102 * \param[in] key key given as input
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]103 *
104 * \return Return values as described in \ref psa_status_t
105 */
David Hu105b4872021-05-19 16:43:19 +0800[diff] [blame]106psa_status_t tfm_crypto_check_handle_owner(psa_key_id_t key);
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]107
108/**
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]109 * \brief Checks that there is enough local storage in RAM to keep another key,
110 * and returns the index of the storage to use.
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]111 *
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]112 * \param[out] index Index of the local storage to use
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]113 *
114 * \return Return values as described in \ref psa_status_t
115 */
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]116psa_status_t tfm_crypto_check_key_storage(uint32_t *index);
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]117
118/**
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]119 * \brief Sets the index of the local storage in use with a key requested by the
120 * calling partition, and stores the corresponding key_handle.
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]121 *
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]122 * \param[in] index Index of the local storage to use
123 * \param[in] key_handle Corresponding key handle to associate
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]124 *
125 * \return Return values as described in \ref psa_status_t
126 */
Jamie Fox99360e82020-02-20 16:00:09 +0000[diff] [blame]127psa_status_t tfm_crypto_set_key_storage(uint32_t index,
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]128 psa_key_id_t key_handle);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]129/**
Antonio de Angelis819c2f32019-02-06 14:32:02 +0000[diff] [blame]130 * \brief Allocate an operation context in the backend
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]131 *
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]132 * \param[in] type Type of the operation context to allocate
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]133 * \param[out] handle Pointer to hold the allocated handle
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]134 * \param[out ctx Double pointer to the corresponding context
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]135 *
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]136 * \return Return values as described in \ref psa_status_t
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]137 */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]138psa_status_t tfm_crypto_operation_alloc(enum tfm_crypto_operation_type type,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]139 uint32_t *handle,
Antonio de Angelis819c2f32019-02-06 14:32:02 +0000[diff] [blame]140 void **ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]141/**
Antonio de Angelis819c2f32019-02-06 14:32:02 +0000[diff] [blame]142 * \brief Release an operation context in the backend
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]143 *
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]144 * \param[in] handle Pointer to the handle of the context to release
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]145 *
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]146 * \return Return values as described in \ref psa_status_t
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]147 */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]148psa_status_t tfm_crypto_operation_release(uint32_t *handle);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]149/**
Antonio de Angelis819c2f32019-02-06 14:32:02 +0000[diff] [blame]150 * \brief Look up an operation context in the backend for the corresponding
151 * frontend operation
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]152 *
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]153 * \param[in] type Type of the operation context to look up
154 * \param[in] handle Handle of the context to lookup
155 * \param[out] ctx Double pointer to the corresponding context
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]156 *
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]157 * \return Return values as described in \ref psa_status_t
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]158 */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]159psa_status_t tfm_crypto_operation_lookup(enum tfm_crypto_operation_type type,
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]160 uint32_t handle,
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]161 void **ctx);
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]162/**
163 * \brief Encodes the input key id and owner to output key
164 *
165 * \param[in] key_id Id of the key to encode
166 * \param[out] enc_key_ptr Pointer to encoded key with id and owner
167 *
168 * \return Return values as described in \ref psa_status_t
169 */
170psa_status_t tfm_crypto_encode_id_and_owner(psa_key_id_t key_id,
171 mbedtls_svc_key_id_t *enc_key_ptr);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]172
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]173#define LIST_TFM_CRYPTO_UNIFORM_SIGNATURE_API \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]174 X(tfm_crypto_get_key_attributes) \
175 X(tfm_crypto_reset_key_attributes) \
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]176 X(tfm_crypto_open_key) \
177 X(tfm_crypto_close_key) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]178 X(tfm_crypto_import_key) \
179 X(tfm_crypto_destroy_key) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]180 X(tfm_crypto_export_key) \
181 X(tfm_crypto_export_public_key) \
Maulik Patel28659c42021-01-06 14:09:22 +0000[diff] [blame]182 X(tfm_crypto_purge_key) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]183 X(tfm_crypto_copy_key) \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]184 X(tfm_crypto_hash_compute) \
185 X(tfm_crypto_hash_compare) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]186 X(tfm_crypto_hash_setup) \
187 X(tfm_crypto_hash_update) \
188 X(tfm_crypto_hash_finish) \
189 X(tfm_crypto_hash_verify) \
190 X(tfm_crypto_hash_abort) \
191 X(tfm_crypto_hash_clone) \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]192 X(tfm_crypto_mac_compute) \
193 X(tfm_crypto_mac_verify) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]194 X(tfm_crypto_mac_sign_setup) \
195 X(tfm_crypto_mac_verify_setup) \
196 X(tfm_crypto_mac_update) \
197 X(tfm_crypto_mac_sign_finish) \
198 X(tfm_crypto_mac_verify_finish) \
199 X(tfm_crypto_mac_abort) \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]200 X(tfm_crypto_cipher_encrypt) \
201 X(tfm_crypto_cipher_decrypt) \
202 X(tfm_crypto_cipher_encrypt_setup) \
203 X(tfm_crypto_cipher_decrypt_setup) \
204 X(tfm_crypto_cipher_generate_iv) \
205 X(tfm_crypto_cipher_set_iv) \
206 X(tfm_crypto_cipher_update) \
207 X(tfm_crypto_cipher_finish) \
208 X(tfm_crypto_cipher_abort) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]209 X(tfm_crypto_aead_encrypt) \
210 X(tfm_crypto_aead_decrypt) \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]211 X(tfm_crypto_aead_encrypt_setup) \
212 X(tfm_crypto_aead_decrypt_setup) \
213 X(tfm_crypto_aead_generate_nonce) \
214 X(tfm_crypto_aead_set_nonce) \
215 X(tfm_crypto_aead_set_lengths) \
216 X(tfm_crypto_aead_update_ad) \
217 X(tfm_crypto_aead_update) \
218 X(tfm_crypto_aead_finish) \
219 X(tfm_crypto_aead_verify) \
220 X(tfm_crypto_aead_abort) \
Summer Qinb9492d22021-06-22 18:00:54 +0800[diff] [blame^]221 X(tfm_crypto_sign_message) \
222 X(tfm_crypto_verify_message) \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]223 X(tfm_crypto_sign_hash) \
224 X(tfm_crypto_verify_hash) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]225 X(tfm_crypto_asymmetric_encrypt) \
226 X(tfm_crypto_asymmetric_decrypt) \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]227 X(tfm_crypto_key_derivation_setup) \
228 X(tfm_crypto_key_derivation_get_capacity) \
229 X(tfm_crypto_key_derivation_set_capacity) \
230 X(tfm_crypto_key_derivation_input_bytes) \
231 X(tfm_crypto_key_derivation_input_key) \
232 X(tfm_crypto_key_derivation_key_agreement)\
233 X(tfm_crypto_key_derivation_output_bytes) \
234 X(tfm_crypto_key_derivation_output_key) \
235 X(tfm_crypto_key_derivation_abort) \
236 X(tfm_crypto_raw_key_agreement) \
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]237 X(tfm_crypto_generate_random) \
238 X(tfm_crypto_generate_key) \
Antonio de Angelis04debbd2019-10-14 12:12:52 +0100[diff] [blame]239 X(tfm_crypto_set_key_domain_parameters) \
240 X(tfm_crypto_get_key_domain_parameters) \
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]241
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]242#define X(api_name) UNIFORM_SIGNATURE_API(api_name);
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]243LIST_TFM_CRYPTO_UNIFORM_SIGNATURE_API
244#undef X
Jamie Foxefd82732018-11-26 10:34:32 +0000[diff] [blame]245
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]246#ifdef __cplusplus
247}
248#endif
249
250#endif /* __TFM_CRYPTO_API_H__ */