TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / e94111772946d34d48882c78b3293e0d8485bbad / . / interface / include / tfm_crypto_defs.h
blob: ae858558f7f37dcd10b89e4367f966de036bbef1 [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelisc26af632021-10-07 15:04:12 +0100[diff] [blame]2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#ifndef __TFM_CRYPTO_DEFS_H__
9#define __TFM_CRYPTO_DEFS_H__
10
11#ifdef __cplusplus
12extern "C" {
13#endif
14
15#include <stdint.h>
Jamie Foxcc31d402019-01-28 17:13:52 +0000[diff] [blame]16#include "psa/crypto.h"
Raef Coles79809c72022-03-02 13:48:20 +0000[diff] [blame]17#ifdef PLATFORM_DEFAULT_CRYPTO_KEYS
18#include "crypto_keys/tfm_builtin_key_ids.h"
19#else
20#include "tfm_builtin_key_ids.h"
21#endif /* PLATFORM_DEFAULT_CRYPTO_KEYS */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]22
23/**
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]24 * \brief The maximum supported length of a nonce through the TF-M
25 * interfaces
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]26 */
27#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u)
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]28
29/**
30 * \brief This type is used to overcome a limitation in the number of maximum
31 * IOVECs that can be used especially in psa_aead_encrypt and
32 * psa_aead_decrypt. By using this type we pack the nonce and the actual
33 * nonce_length at part of the same structure
34 */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]35struct tfm_crypto_aead_pack_input {
36 uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH];
37 uint32_t nonce_length;
38};
39
40/**
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]41 * \brief Structure used to pack non-pointer types in a call to PSA Crypto APIs
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]42 *
43 */
44struct tfm_crypto_pack_iovec {
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]45 psa_key_id_t key_id; /*!< Key id */
46 psa_algorithm_t alg; /*!< Algorithm */
47 uint32_t op_handle; /*!< Frontend context handle associated to a
48 * multipart operation
49 */
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]50 size_t ad_length; /*!< Additional Data length for multipart AEAD */
51 size_t plaintext_length; /*!< Plaintext length for multipart AEAD */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]52
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]53 struct tfm_crypto_aead_pack_input aead_in; /*!< Packs AEAD-related inputs */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]54
55 uint16_t function_id; /*!< Used to identify the function in the
56 * API dispatcher to the service backend
57 * See tfm_crypto_func_sid for detail
58 */
59 uint16_t step; /*!< Key derivation step */
Summer Qincec79b02023-11-29 11:01:55 +0800[diff] [blame]60 union {
61 size_t capacity; /*!< Key derivation capacity */
62 uint64_t value; /*!< Key derivation integer for update*/
63 };
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]64};
65
66/**
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]67 * \brief Type associated to the group of a function encoding. There can be
68 * nine groups (Random, Key management, Hash, MAC, Cipher, AEAD,
69 * Asym sign, Asym encrypt, Key derivation).
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]70 */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]71enum tfm_crypto_group_id {
72 TFM_CRYPTO_GROUP_ID_RANDOM = 0x0,
73 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT,
74 TFM_CRYPTO_GROUP_ID_HASH,
75 TFM_CRYPTO_GROUP_ID_MAC,
76 TFM_CRYPTO_GROUP_ID_CIPHER,
77 TFM_CRYPTO_GROUP_ID_AEAD,
78 TFM_CRYPTO_GROUP_ID_ASYM_SIGN,
79 TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT,
80 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION,
81};
82
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]83/* Set of X macros describing each of the available PSA Crypto APIs */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]84#define KEY_MANAGEMENT_FUNCS \
85 X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \
86 X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES) \
87 X(TFM_CRYPTO_OPEN_KEY) \
88 X(TFM_CRYPTO_CLOSE_KEY) \
89 X(TFM_CRYPTO_IMPORT_KEY) \
90 X(TFM_CRYPTO_DESTROY_KEY) \
91 X(TFM_CRYPTO_EXPORT_KEY) \
92 X(TFM_CRYPTO_EXPORT_PUBLIC_KEY) \
93 X(TFM_CRYPTO_PURGE_KEY) \
94 X(TFM_CRYPTO_COPY_KEY) \
95 X(TFM_CRYPTO_GENERATE_KEY)
96
97#define HASH_FUNCS \
98 X(TFM_CRYPTO_HASH_COMPUTE) \
99 X(TFM_CRYPTO_HASH_COMPARE) \
100 X(TFM_CRYPTO_HASH_SETUP) \
101 X(TFM_CRYPTO_HASH_UPDATE) \
102 X(TFM_CRYPTO_HASH_CLONE) \
103 X(TFM_CRYPTO_HASH_FINISH) \
104 X(TFM_CRYPTO_HASH_VERIFY) \
105 X(TFM_CRYPTO_HASH_ABORT)
106
107#define MAC_FUNCS \
108 X(TFM_CRYPTO_MAC_COMPUTE) \
109 X(TFM_CRYPTO_MAC_VERIFY) \
110 X(TFM_CRYPTO_MAC_SIGN_SETUP) \
111 X(TFM_CRYPTO_MAC_VERIFY_SETUP) \
112 X(TFM_CRYPTO_MAC_UPDATE) \
113 X(TFM_CRYPTO_MAC_SIGN_FINISH) \
114 X(TFM_CRYPTO_MAC_VERIFY_FINISH) \
115 X(TFM_CRYPTO_MAC_ABORT)
116
117#define CIPHER_FUNCS \
118 X(TFM_CRYPTO_CIPHER_ENCRYPT) \
119 X(TFM_CRYPTO_CIPHER_DECRYPT) \
120 X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP) \
121 X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP) \
122 X(TFM_CRYPTO_CIPHER_GENERATE_IV) \
123 X(TFM_CRYPTO_CIPHER_SET_IV) \
124 X(TFM_CRYPTO_CIPHER_UPDATE) \
125 X(TFM_CRYPTO_CIPHER_FINISH) \
126 X(TFM_CRYPTO_CIPHER_ABORT)
127
128#define AEAD_FUNCS \
129 X(TFM_CRYPTO_AEAD_ENCRYPT) \
130 X(TFM_CRYPTO_AEAD_DECRYPT) \
131 X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP) \
132 X(TFM_CRYPTO_AEAD_DECRYPT_SETUP) \
133 X(TFM_CRYPTO_AEAD_GENERATE_NONCE) \
134 X(TFM_CRYPTO_AEAD_SET_NONCE) \
135 X(TFM_CRYPTO_AEAD_SET_LENGTHS) \
136 X(TFM_CRYPTO_AEAD_UPDATE_AD) \
137 X(TFM_CRYPTO_AEAD_UPDATE) \
138 X(TFM_CRYPTO_AEAD_FINISH) \
139 X(TFM_CRYPTO_AEAD_VERIFY) \
140 X(TFM_CRYPTO_AEAD_ABORT)
141
142#define ASYMMETRIC_SIGN_FUNCS \
143 X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \
144 X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \
145 X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \
146 X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH)
147
Jiamei Xieadd8bb72023-11-22 09:47:25 +0800[diff] [blame]148#define ASYMMETRIC_ENCRYPT_FUNCS \
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]149 X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \
150 X(TFM_CRYPTO_ASYMMETRIC_DECRYPT)
151
152#define KEY_DERIVATION_FUNCS \
153 X(TFM_CRYPTO_RAW_KEY_AGREEMENT) \
154 X(TFM_CRYPTO_KEY_DERIVATION_SETUP) \
155 X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY) \
156 X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \
157 X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \
158 X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \
Summer Qincec79b02023-11-29 11:01:55 +0800[diff] [blame]159 X(TFM_CRYPTO_KEY_DERIVATION_INPUT_INTEGER) \
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]160 X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \
161 X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \
162 X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \
163 X(TFM_CRYPTO_KEY_DERIVATION_ABORT)
164
165#define RANDOM_FUNCS \
166 X(TFM_CRYPTO_GENERATE_RANDOM)
167
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]168/**
169 * \brief Define function IDs in each group. The function ID will be encoded into
170 * tfm_crypto_func_sid below. Each group is defined as a dedicated enum
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]171 */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]172#define X(func_id) func_id,
173enum tfm_crypto_key_management_func_id {
174 KEY_MANAGEMENT_FUNCS
175};
176enum tfm_crypto_hash_func_id {
177 HASH_FUNCS
178};
179enum tfm_crypto_mac_func_id {
180 MAC_FUNCS
181};
182enum tfm_crypto_cipher_func_id {
183 CIPHER_FUNCS
184};
185enum tfm_crypto_aead_func_id {
186 AEAD_FUNCS
187};
188enum tfm_crypto_asym_sign_func_id {
189 ASYMMETRIC_SIGN_FUNCS
190};
191enum tfm_crypto_asym_encrypt_func_id {
Jiamei Xieadd8bb72023-11-22 09:47:25 +0800[diff] [blame]192 ASYMMETRIC_ENCRYPT_FUNCS
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]193};
194enum tfm_crypto_key_derivation_func_id {
195 KEY_DERIVATION_FUNCS
196};
197enum tfm_crypto_random_func_id {
198 RANDOM_FUNCS
199};
200#undef X
201
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]202/**
203 * \brief This macro is used to encode a function ID in a 16-bit value as the
204 * top 8 bits towards the MSB
205 */
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]206#define FUNC_ID(func_id) (((func_id) & 0xFF) << 8)
207
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]208/**
209 * \brief This macro is used to extract the group_id from an encoded function_id
210 * by accessing the low 8 bits towards the LSB
211 */
212#define TFM_CRYPTO_GET_GROUP_ID(_function_id) \
213 ((enum tfm_crypto_group_id)((_function_id) & 0xFF))
214/**
215 * \brief This type defines numerical progressive values identifying a function API
216 * exposed through the interfaces (S or NS). It's used to dispatch the requests
217 * from S/NS to the corresponding API implementation in the Crypto service backend.
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]218 *
Antonio de Angelis844e9402022-12-06 13:36:49 +0000[diff] [blame]219 * \note Each function SID is encoded as uint16_t.
220 * +-----------+-----------+
221 * | Func ID | Group ID |
222 * +-----------+-----------+
223 * (MSB)15 8 7 0(LSB)
224 *
225 * where Func ID is defined in each group tfm_crypto_*_func_id enum above and Group ID
226 * is defined in \ref tfm_crypto_group_id.
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]227 */
228enum tfm_crypto_func_sid {
229
230#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
231 (TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT & 0xFF)),
232
233 KEY_MANAGEMENT_FUNCS
234
235#undef X
236#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
237 (TFM_CRYPTO_GROUP_ID_HASH & 0xFF)),
238 HASH_FUNCS
239
240#undef X
241#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
242 (TFM_CRYPTO_GROUP_ID_MAC & 0xFF)),
243 MAC_FUNCS
244
245#undef X
246#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
247 (TFM_CRYPTO_GROUP_ID_CIPHER & 0xFF)),
248 CIPHER_FUNCS
249
250#undef X
251#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
252 (TFM_CRYPTO_GROUP_ID_AEAD & 0xFF)),
253 AEAD_FUNCS
254
255#undef X
256#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
257 (TFM_CRYPTO_GROUP_ID_ASYM_SIGN & 0xFF)),
258 ASYMMETRIC_SIGN_FUNCS
259
260#undef X
261#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
262 (TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT & 0xFF)),
Jiamei Xieadd8bb72023-11-22 09:47:25 +0800[diff] [blame]263 ASYMMETRIC_ENCRYPT_FUNCS
David Huc9679cc2022-06-21 13:09:34 +0800[diff] [blame]264
265#undef X
266#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
267 (TFM_CRYPTO_GROUP_ID_KEY_DERIVATION & 0xFF)),
268 KEY_DERIVATION_FUNCS
269
270#undef X
271#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
272 (TFM_CRYPTO_GROUP_ID_RANDOM & 0xFF)),
273 RANDOM_FUNCS
274
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]275};
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]276#undef X
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]277
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]278#ifdef __cplusplus
279}
280#endif
281
282#endif /* __TFM_CRYPTO_DEFS_H__ */