Blame - secure_fw/services/crypto/tfm_crypto_api.h - TF-M/trusted-firmware-m

blob: d596ed95caa7ef24bfbbee32236145e2e24c9bd6 [file] [log] [blame]

Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	1	/*
Antonio de Angelis	377a155	2018-11-22 17:02:40 +0000	[diff] [blame^]	2	* Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	3	*
				4	* SPDX-License-Identifier: BSD-3-Clause
				5	*
				6	*/
				7
				8	#ifndef __TFM_CRYPTO_API_H__
				9	#define __TFM_CRYPTO_API_H__
				10
				11	#ifdef __cplusplus
				12	extern "C" {
				13	#endif
				14
				15	#include <stdint.h>
				16	#include "tfm_crypto_defs.h"
				17	#include "psa_crypto.h"
				18
				19	/**
				20	* \brief List of possible operation types supported by the TFM based
				21	* implementation. This type is needed by the operation allocation,
				22	* lookup and release functions.
				23	*
				24	*/
				25	enum tfm_crypto_operation_type {
				26	TFM_CRYPTO_OPERATION_NONE = 0,
				27	TFM_CRYPTO_CIPHER_OPERATION = 1,
				28	TFM_CRYPTO_MAC_OPERATION = 2,
				29	TFM_CRYPTO_HASH_OPERATION = 3,
				30	TFM_CRYPTO_KEY_POLICY = 4,
				31
				32	/* Used to force the enum size */
				33	TFM_CRYPTO_OPERATION_TYPE_MAX = INT_MAX
				34	};
				35
				36	/**
				37	* \brief Initialises the service
				38	*
				39	* \return Returns values as described in \ref tfm_crypto_err_t
				40	*/
				41	enum tfm_crypto_err_t tfm_crypto_init(void);
				42
				43	/**
				44	* \brief Allocates an operation object
				45	*
				46	* \param[in] type Type of the operation object to allocate
				47	* \param[out] handle Pointer to the corresponding handle assigned
				48	*
				49	* \return Returns values as described in \ref tfm_crypto_err_t
				50	*/
				51	enum tfm_crypto_err_t tfm_crypto_operation_alloc(
				52	enum tfm_crypto_operation_type type,
				53	uint32_t *handle);
				54	/**
				55	* \brief Releases an operation object
				56	*
				57	* \param[in] handle Pointer to the handle for the release of the
				58	* corresponding object
				59	*
				60	* \return Returns values as described in \ref tfm_crypto_err_t
				61	*/
				62	enum tfm_crypto_err_t tfm_crypto_operation_release(uint32_t *handle);
				63
				64	/**
				65	* \brief Looks up an operation object pointer from the corresponding handle
				66	*
				67	* \param[in] type Type of the operation object to look up
				68	* \param[in] handle Handle to the operation object to look up
				69	* \param[out] oper Double pointer to the corresponding object
				70	*
				71	* \return Returns values as described in \ref tfm_crypto_err_t
				72	*/
				73	enum tfm_crypto_err_t tfm_crypto_operation_lookup(
				74	enum tfm_crypto_operation_type type,
Antonio de Angelis	377a155	2018-11-22 17:02:40 +0000	[diff] [blame^]	75	uint32_t handle,
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	76	void **oper);
				77	/**
				78	* \brief Import the key data in the provided key slot
				79	*
				80	* \param[in] key Key slot
				81	* \param[in] type Key type
				82	* \param[in] data Key data to import
				83	* \param[in] data_length Length in bytes of the data field
				84	*
				85	* \return Returns values as described in \ref tfm_crypto_err_t
				86	*/
				87	enum tfm_crypto_err_t tfm_crypto_import_key(psa_key_slot_t key,
				88	psa_key_type_t type,
				89	const uint8_t *data,
				90	size_t data_length);
				91	/**
				92	* \brief Destroy the key on the provided key slot
				93	*
				94	* \param[in] key Key slot
				95	*
				96	* \return Returns values as described in \ref tfm_crypto_err_t
				97	*/
				98	enum tfm_crypto_err_t tfm_crypto_destroy_key(psa_key_slot_t key);
				99
				100	/**
				101	* \brief Retrieve key information for the provided key slot
				102	*
				103	* \param[in] key Key slot
				104	* \param[out] type Key type associated to the key slot requested
				105	* \param[out] bits Length in bits of the key in the requested slot
				106	*
				107	* \return Returns values as described in \ref tfm_crypto_err_t
				108	*/
				109	enum tfm_crypto_err_t tfm_crypto_get_key_information(psa_key_slot_t key,
				110	psa_key_type_t *type,
				111	size_t *bits);
				112	/**
				113	* \brief Export the key contained in the provided key slot
				114	*
				115	* \param[in] key Key slot
				116	* \param[out] data Buffer to hold the exported key
				117	* \param[in] data_size Length of the buffer pointed to by data
				118	* \param[out] data_length Length of the exported key
				119	*
				120	* \return Returns values as described in \ref tfm_crypto_err_t
				121	*/
				122	enum tfm_crypto_err_t tfm_crypto_export_key(psa_key_slot_t key,
				123	uint8_t *data,
				124	size_t data_size,
				125	size_t *data_length);
				126	/**
				127	* \brief Export the public key contained in the provided key slot
				128	* for an asymmetric key pair.
				129	*
				130	* \param[in] key Key slot
				131	* \param[out] data Buffer to hold the exported key
				132	* \param[in] data_size Length of the buffer pointed to by data
				133	* \param[out] data_length Length of the exported key
				134	*
				135	* \return Returns values as described in \ref tfm_crypto_err_t
				136	*/
				137	enum tfm_crypto_err_t tfm_crypto_export_public_key(psa_key_slot_t key,
				138	uint8_t *data,
				139	size_t data_size,
				140	size_t *data_length);
				141
				142	/**
				143	* \brief Set the initialisation vector on the provided cipher operation
				144	*
				145	* \param[in] operation Cipher operation context
				146	* \param[in] iv Buffer that contains the IV
				147	* \param[in] iv_length Length of the provided IV
				148	*
				149	* \return Returns values as described in \ref tfm_crypto_err_t
				150	*/
Antonio de Angelis	377a155	2018-11-22 17:02:40 +0000	[diff] [blame^]	151	enum tfm_crypto_err_t tfm_crypto_cipher_set_iv(
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	152	psa_cipher_operation_t *operation,
				153	const unsigned char *iv,
				154	size_t iv_length);
				155	/**
				156	* \brief Set the cipher operation using the provided algorithm and key slot,
				157	* for encryption context.
				158	*
				159	* \param[in] operation Cipher operation context
				160	* \param[in] key Key slot to bind to the cipher context
				161	* \param[in] alg Algorithm to use for the cipher operation
				162	*
				163	* \return Returns values as described in \ref tfm_crypto_err_t
				164	*/
Antonio de Angelis	377a155	2018-11-22 17:02:40 +0000	[diff] [blame^]	165	enum tfm_crypto_err_t tfm_crypto_cipher_encrypt_setup(
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	166	psa_cipher_operation_t *operation,
				167	psa_key_slot_t key,
				168	psa_algorithm_t alg);
				169	/**
				170	* \brief Set the cipher operation using the provided algorithm and key slot,
				171	* for decryption context.
				172	*
				173	* \param[in] operation Cipher operation context
				174	* \param[in] key Key slot to bind to the cipher context
				175	* \param[in] alg Algorithm to use for the cipher operation
				176	*
				177	* \return Returns values as described in \ref tfm_crypto_err_t
				178	*/
Antonio de Angelis	377a155	2018-11-22 17:02:40 +0000	[diff] [blame^]	179	enum tfm_crypto_err_t tfm_crypto_cipher_decrypt_setup(
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	180	psa_cipher_operation_t *operation,
				181	psa_key_slot_t key,
				182	psa_algorithm_t alg);
				183	/**
				184	* \brief Update the cipher context with a chunk of input data to create a
				185	* chunk of encrypted output data (for encryption contexts), or to
				186	* decrypt a chunk of encrypted input data to obtain decrypted data
				187	* (for decryption contexts).
				188	*
				189	* \param[in] operation Cipher operation context
				190	* \param[in] input Buffer containing input data
				191	* \param[in] input_length Input length
				192	* \param[out] output Buffer containing output data
				193	* \param[in] output_size Size of the output buffer
				194	* \param[out] output_length Size of the produced output
				195	*
				196	* \return Returns values as described in \ref tfm_crypto_err_t
				197	*/
				198	enum tfm_crypto_err_t tfm_crypto_cipher_update(
				199	psa_cipher_operation_t *operation,
				200	const uint8_t *input,
				201	size_t input_length,
				202	unsigned char *output,
				203	size_t output_size,
				204	size_t *output_length);
				205	/**
				206	* \brief Finalises a cipher context flushing out any remaining block of
				207	* output data
				208	*
				209	* \param[in] operation Cipher operation context
				210	* \param[out] output Buffer containing output data
				211	* \param[in] output_size Size of the output buffer
				212	* \param[out] output_length Size of the produced output
				213	*
				214	* \return Returns values as described in \ref tfm_crypto_err_t
				215	*/
				216	enum tfm_crypto_err_t tfm_crypto_cipher_finish(
				217	psa_cipher_operation_t *operation,
				218	uint8_t *output,
				219	size_t output_size,
				220	size_t *output_length);
				221	/**
				222	* \brief Aborts a cipher operation, clears the operation context provided
				223	*
Antonio de Angelis	a6f7216	2018-09-05 11:00:37 +0100	[diff] [blame]	224	* \param[in] operation Cipher operation context
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	225	*
				226	* \return Returns values as described in \ref tfm_crypto_err_t
				227	*/
				228	enum tfm_crypto_err_t tfm_crypto_cipher_abort(
				229	psa_cipher_operation_t *operation);
Antonio de Angelis	a6f7216	2018-09-05 11:00:37 +0100	[diff] [blame]	230	/**
				231	* \brief Starts a hash operation with the provided algorithm
				232	*
				233	* \param[in] operation Hash operation context
				234	* \param[in] alg Algorithm chosen as hash
				235	*
				236	* \return Returns values as described in \ref tfm_crypto_err_t
				237	*/
Antonio de Angelis	377a155	2018-11-22 17:02:40 +0000	[diff] [blame^]	238	enum tfm_crypto_err_t tfm_crypto_hash_setup(psa_hash_operation_t *operation,
Antonio de Angelis	a6f7216	2018-09-05 11:00:37 +0100	[diff] [blame]	239	psa_algorithm_t alg);
				240	/**
				241	* \brief Adds a new input chunk to the data for which the final hash value
				242	* will be computed
				243	*
				244	* \param[in] operation Hash operation context
				245	* \param[in] input Buffer containing the input data
				246	* \param[in] input_length Size of the provided input data
				247	*
				248	* \return Returns values as described in \ref tfm_crypto_err_t
				249	*/
				250	enum tfm_crypto_err_t tfm_crypto_hash_update(psa_hash_operation_t *operation,
				251	const uint8_t *input,
				252	size_t input_length);
				253	/**
				254	* \brief Finalises a hash context operation producing the final hash value
				255	*
				256	* \param[in] operation Hash operation context
				257	* \param[out] hash Buffer containing hash data
				258	* \param[in] hash_size Size of the hash buffer
				259	* \param[out] hash_length Size of the produced hash
				260	*
				261	* \return Returns values as described in \ref tfm_crypto_err_t
				262	*/
				263	enum tfm_crypto_err_t tfm_crypto_hash_finish(psa_hash_operation_t *operation,
				264	uint8_t *hash,
				265	size_t hash_size,
				266	size_t *hash_length);
				267	/**
				268	* \brief Finalises a hash context operation, verifying that the final hash
				269	* value matches the one provided as input
				270	*
				271	* \param[in] operation Hash operation context
				272	* \param[in] hash Buffer containing the provided hash value
				273	* \param[in] hash_length Size of the provided hash value
				274	*
				275	* \return Returns values as described in \ref tfm_crypto_err_t
				276	*/
				277	enum tfm_crypto_err_t tfm_crypto_hash_verify(psa_hash_operation_t *operation,
				278	const uint8_t *hash,
				279	size_t hash_length);
				280	/**
				281	* \brief Aborts a hash operation, clears the operation context provided
				282	*
				283	* \param[in] operation Hash operation context
				284	*
				285	* \return Returns values as described in \ref tfm_crypto_err_t
				286	*/
				287	enum tfm_crypto_err_t tfm_crypto_hash_abort(psa_hash_operation_t *operation);
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	288
				289	#ifdef __cplusplus
				290	}
				291	#endif
				292
				293	#endif /* __TFM_CRYPTO_API_H__ */