TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / cf85ba2fa5497d1272dd05aceaf53cc5997281bd / . / secure_fw / services / crypto / crypto_cipher.c
blob: ca78e8ad0f584b2751c29a04e3b23ac65c0a700f [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include <limits.h>
9
10#include "tfm_crypto_defs.h"
11
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]12#include "crypto_engine.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]13
14#include "psa_crypto.h"
15
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]16#include "tfm_crypto_struct.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]17
18#include "tfm_crypto_api.h"
19#include "crypto_utils.h"
20
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]21static enum tfm_crypto_err_t tfm_crypto_cipher_setup(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]22 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]23 psa_key_slot_t key,
24 psa_algorithm_t alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]25 enum engine_cipher_mode_t c_mode)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]26{
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]27 uint8_t key_data[TFM_CRYPTO_MAX_KEY_LENGTH];
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]28 size_t key_size;
29 psa_key_type_t key_type = PSA_KEY_TYPE_NONE;
30 psa_status_t status = PSA_SUCCESS;
31 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]32 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]33 struct cipher_engine_info engine_info;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]34
35 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]36 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]37 sizeof(psa_cipher_operation_t),
38 TFM_MEMORY_ACCESS_RW);
39 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
40 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
41 }
42
43 if (!PSA_ALG_IS_CIPHER(alg)) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]44 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]45 }
46
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]47 /* Access the key module to retrieve key related information */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]48 err = tfm_crypto_get_key_information(key, &key_type, &key_size);
49 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]50 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]51 }
52
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]53 /* Setup the algorithm on the crypto engine */
54 status = tfm_crypto_engine_cipher_setup(alg,
55 (const psa_key_type_t)key_type,
56 (const uint32_t)key_size,
57 c_mode,
58 &engine_info);
59 if (status != PSA_SUCCESS) {
60 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]61 }
62
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]63 /* Allocate the operation context in the secure world */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]64 err = tfm_crypto_operation_alloc(TFM_CRYPTO_CIPHER_OPERATION,
65 &(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]66 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
67 return err;
68 }
69
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]70 /* Look up the corresponding operation context */
71 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]72 operation->handle,
73 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]74 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]75 /* Release the operation context */
76 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]77 return err;
78 }
79
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]80 /* Set the proper cipher mode (encrypt/decrypt) in the operation context */
81 ctx->cipher_mode = (uint8_t) c_mode;
82
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]83 /* Bind the algorithm to the cipher operation */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]84 ctx->alg = alg;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]85
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]86 /* Start the crypto engine */
87 status = tfm_crypto_engine_cipher_start(&(ctx->engine_ctx), &engine_info);
88 if (status != PSA_SUCCESS) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]89 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]90 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]91 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]92 }
93
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]94 /* Access the crypto service key module to retrieve key data */
95 err = tfm_crypto_export_key(key,
96 &key_data[0],
97 TFM_CRYPTO_MAX_KEY_LENGTH,
98 &key_size);
99 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
100 /* Release the operation context */
101 tfm_crypto_operation_release(&(operation->handle));
102 return err;
103 }
104
105 /* Set the key on the engine */
106 status = tfm_crypto_engine_cipher_set_key(&(ctx->engine_ctx),
107 key_data,
108 key_size,
109 &engine_info);
110 if (status != PSA_SUCCESS) {
111 /* Release the operation context */
112 tfm_crypto_operation_release(&(operation->handle));
113 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
114 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]115
116 /* Bind the key to the cipher operation */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]117 ctx->key = key;
118 ctx->key_set = 1;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]119
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]120 /* Set padding mode on engine in case of CBC */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]121 if ((alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK) == PSA_ALG_CBC_BASE) {
122
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]123 status = tfm_crypto_engine_cipher_set_padding_mode(&(ctx->engine_ctx),
124 &engine_info);
125 if (status != PSA_SUCCESS) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]126 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]127 tfm_crypto_operation_release(&(operation->handle));
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]128 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]129 }
130 }
131
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]132 /* FIXME: Check based on the algorithm, if we need to have an IV */
133 ctx->iv_required = 1;
134 ctx->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
135
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]136 return TFM_CRYPTO_ERR_PSA_SUCCESS;
137}
138
139/*!
140 * \defgroup public_psa Public functions, PSA
141 *
142 */
143
144/*!@{*/
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]145enum tfm_crypto_err_t tfm_crypto_cipher_set_iv(
146 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]147 const unsigned char *iv,
148 size_t iv_length)
149{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]150 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]151 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]152 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]153
154 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]155 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]156 sizeof(psa_cipher_operation_t),
157 TFM_MEMORY_ACCESS_RW);
158 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
159 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
160 }
161 err = tfm_crypto_memory_check((void *)iv, iv_length, TFM_MEMORY_ACCESS_RO);
162 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
163 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
164 }
165
166 /* Look up the corresponding operation context */
167 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]168 operation->handle,
169 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]170 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
171 return err;
172 }
173
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]174 if ((iv_length != ctx->block_size) || (iv_length > TFM_CIPHER_IV_MAX_SIZE)){
175 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]176 }
177
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]178 if ((ctx->iv_set == 1) || (ctx->iv_required == 0)) {
179 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]180 }
181
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]182 /* Set the IV on the crypto engine */
183 status = tfm_crypto_engine_cipher_set_iv(&(ctx->engine_ctx),
184 iv,
185 iv_length);
186 if (status != PSA_SUCCESS) {
187 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]188 }
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]189
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]190 ctx->iv_set = 1;
191 ctx->iv_size = iv_length;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]192
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]193 return TFM_CRYPTO_ERR_PSA_SUCCESS;
194}
195
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]196enum tfm_crypto_err_t tfm_crypto_cipher_encrypt_setup(
197 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]198 psa_key_slot_t key,
199 psa_algorithm_t alg)
200{
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]201 return tfm_crypto_cipher_setup(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]202 key,
203 alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]204 ENGINE_CIPHER_MODE_ENCRYPT);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]205}
206
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]207enum tfm_crypto_err_t tfm_crypto_cipher_decrypt_setup(
208 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]209 psa_key_slot_t key,
210 psa_algorithm_t alg)
211{
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]212 return tfm_crypto_cipher_setup(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]213 key,
214 alg,
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]215 ENGINE_CIPHER_MODE_DECRYPT);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]216}
217
218enum tfm_crypto_err_t tfm_crypto_cipher_update(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]219 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]220 const uint8_t *input,
221 size_t input_length,
222 unsigned char *output,
223 size_t output_size,
224 size_t *output_length)
225{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]226 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]227 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]228 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]229
230 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]231 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]232 sizeof(psa_cipher_operation_t),
233 TFM_MEMORY_ACCESS_RW);
234 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
235 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
236 }
237 err = tfm_crypto_memory_check((void *)input,
238 input_length,
239 TFM_MEMORY_ACCESS_RO);
240 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
241 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
242 }
243 err = tfm_crypto_memory_check(output,
244 output_size,
245 TFM_MEMORY_ACCESS_RW);
246 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
247 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
248 }
249 err = tfm_crypto_memory_check(output_length,
250 sizeof(size_t),
251 TFM_MEMORY_ACCESS_RW);
252 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
253 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
254 }
255
256 /* Look up the corresponding operation context */
257 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]258 operation->handle,
259 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]260 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
261 return err;
262 }
263
264 /* If the IV is required and it's not been set yet */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]265 if ((ctx->iv_required == 1) && (ctx->iv_set == 0)) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]266
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]267 if (ctx->cipher_mode != ENGINE_CIPHER_MODE_DECRYPT) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]268 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
269 }
270
271 /* This call is used to set the IV on the object */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]272 err = tfm_crypto_cipher_set_iv(operation, input, input_length);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]273
274 *output_length = 0;
275
276 return err;
277 }
278
279 /* If the key is not set, setup phase has not been completed */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]280 if (ctx->key_set == 0) {
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]281 return TFM_CRYPTO_ERR_PSA_ERROR_BAD_STATE;
282 }
283
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]284 /* Update the cipher output with the input chunk on the engine */
285 status = tfm_crypto_engine_cipher_update(&(ctx->engine_ctx),
286 input,
287 input_length,
288 output,
289 (uint32_t *)output_length);
290 if (status != PSA_SUCCESS) {
291 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]292 }
293
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]294 return TFM_CRYPTO_ERR_PSA_SUCCESS;
295}
296
297enum tfm_crypto_err_t tfm_crypto_cipher_finish(
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]298 psa_cipher_operation_t *operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]299 uint8_t *output,
300 size_t output_size,
301 size_t *output_length)
302{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]303 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]304 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]305 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]306
307 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]308 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]309 sizeof(psa_cipher_operation_t),
310 TFM_MEMORY_ACCESS_RW);
311 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
312 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
313 }
314 err = tfm_crypto_memory_check(output,
315 output_size,
316 TFM_MEMORY_ACCESS_RW);
317 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
318 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
319 }
320 err = tfm_crypto_memory_check(output_length,
321 sizeof(size_t),
322 TFM_MEMORY_ACCESS_RW);
323 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
324 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
325 }
326
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]327 /* Look up the corresponding operation context */
328 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]329 operation->handle,
330 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]331 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
332 return err;
333 }
334
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]335 /* Finalise the operation on the crypto engine */
336 status = tfm_crypto_engine_cipher_finish(&(ctx->engine_ctx),
337 output,
338 (uint32_t *)output_length);
339 if (status != PSA_SUCCESS) {
340 *output_length = 0;
341 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]342 }
343
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]344 /* Release resources on the crypto engine */
345 status = tfm_crypto_engine_cipher_release(&(ctx->engine_ctx));
346 if (status != PSA_SUCCESS) {
347 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
348 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]349
350 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]351 err = tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]352 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
353 return err;
354 }
355
356 return TFM_CRYPTO_ERR_PSA_SUCCESS;
357}
358
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]359enum tfm_crypto_err_t tfm_crypto_cipher_abort(psa_cipher_operation_t *operation)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]360{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]361 psa_status_t status = PSA_SUCCESS;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]362 enum tfm_crypto_err_t err;
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]363 struct tfm_cipher_operation_s *ctx = NULL;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]364
365 /* Validate pointers */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]366 err = tfm_crypto_memory_check(operation,
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]367 sizeof(psa_cipher_operation_t),
368 TFM_MEMORY_ACCESS_RW);
369 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
370 return TFM_CRYPTO_ERR_PSA_ERROR_INVALID_ARGUMENT;
371 }
372
373 /* Look up the corresponding operation context */
374 err = tfm_crypto_operation_lookup(TFM_CRYPTO_CIPHER_OPERATION,
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]375 operation->handle,
376 (void **)&ctx);
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]377 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
378 return err;
379 }
380
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame^]381 /* Release resources on the engine */
382 status = tfm_crypto_engine_cipher_release(&(ctx->engine_ctx));
383 if (status != PSA_SUCCESS) {
384 return PSA_STATUS_TO_TFM_CRYPTO_ERR(status);
385 }
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]386
387 /* Release the operation context */
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]388 err = tfm_crypto_operation_release(&(operation->handle));
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]389 if (err != TFM_CRYPTO_ERR_PSA_SUCCESS) {
390 return err;
391 }
392
393 return TFM_CRYPTO_ERR_PSA_SUCCESS;
394}
395/*!@}*/