Add support for key derivation cipher operations
Adds a crypto sub-provider for key derivation operations.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: I16db22df273151c72d618724331b8cf22e770580
diff --git a/protocols/service/crypto/packed-c/cipher.h b/protocols/service/crypto/packed-c/cipher.h
index 72cd427..48fb470 100644
--- a/protocols/service/crypto/packed-c/cipher.h
+++ b/protocols/service/crypto/packed-c/cipher.h
@@ -9,13 +9,10 @@
#include <stdint.h>
/**
- * Cipher operations on arbitrary sized data involve three operations,
- * a setup, called once, an update called 1..* times and a finish
- * to finalise theh hash operation. Operations may be aborted
- * using the abort operation.
+ * Protocol definitions for symmetric cipher operations
+ * using the packed-c serialization.
*/
-
/****************************************
* cipher_setup operation definition (encrypt or decrypt)
*/
diff --git a/protocols/service/crypto/packed-c/hash.h b/protocols/service/crypto/packed-c/hash.h
index 36ed3f6..41abfe1 100644
--- a/protocols/service/crypto/packed-c/hash.h
+++ b/protocols/service/crypto/packed-c/hash.h
@@ -9,12 +9,10 @@
#include <stdint.h>
/**
- * Hash operations on arbitrary sized data involve three operations,
- * a setup, called once, an update called 1..* times and a finish
- * to finalise theh hash operation.
+ * Protocol definitions for hash operations
+ * using the packed-c serialization.
*/
-
/****************************************
* hash_setup operation definition
*/
diff --git a/protocols/service/crypto/packed-c/key_derivation.h b/protocols/service/crypto/packed-c/key_derivation.h
new file mode 100644
index 0000000..c778ebc
--- /dev/null
+++ b/protocols/service/crypto/packed-c/key_derivation.h
@@ -0,0 +1,175 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef TS_CRYPTO_KEY_DERIVATION_H
+#define TS_CRYPTO_KEY_DERIVATION_H
+
+#include <stdint.h>
+#include "key_attributes.h"
+
+/**
+ * Protocol definitions for key derivation operations
+ * using the packed-c serialization.
+ */
+
+
+/****************************************
+ * key_derivation_setup operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_setup_in
+{
+ uint32_t alg;
+};
+
+/* Mandatory fixed sized output parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_setup_out
+{
+ uint32_t op_handle;
+};
+
+/****************************************
+ * key_derivation_get_capacity operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_get_capacity_in
+{
+ uint32_t op_handle;
+};
+
+/* Mandatory fixed sized output parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_get_capacity_out
+{
+ uint32_t capacity;
+};
+
+/****************************************
+ * key_derivation_set_capacity operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_set_capacity_in
+{
+ uint32_t op_handle;
+ uint32_t capacity;
+};
+
+/****************************************
+ * key_derivation_input_bytes operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_input_bytes_in
+{
+ uint32_t op_handle;
+ uint32_t step;
+};
+
+/* Mandatory variable length input parameter tags */
+enum
+{
+ TS_CRYPTO_KEY_DERIVATION_INPUT_BYTES_IN_TAG_DATA = 1
+};
+
+/****************************************
+ * key_derivation_input_key operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_input_key_in
+{
+ uint32_t op_handle;
+ uint32_t step;
+ uint32_t key_id;
+};
+
+/****************************************
+ * key_derivation_output_bytes operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_output_bytes_in
+{
+ uint32_t op_handle;
+ uint32_t output_len;
+};
+
+/* Mandatory variable length output parameter tags */
+enum
+{
+ TS_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_OUT_TAG_DATA = 1
+};
+
+/****************************************
+ * key_derivation_output_key operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_output_key_in
+{
+ uint32_t op_handle;
+ struct ts_crypto_key_attributes attributes;
+};
+
+/* Mandatory fixed sized output parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_output_key_out
+{
+ uint32_t key_id;
+};
+
+/****************************************
+ * key_derivation_abort operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_abort_in
+{
+ uint32_t op_handle;
+};
+
+/****************************************
+ * key_derivation_key_agreement operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_key_derivation_key_agreement_in
+{
+ uint32_t op_handle;
+ uint32_t step;
+ uint32_t private_key_id;
+};
+
+/* Mandatory variable length input parameter tags */
+enum
+{
+ TS_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_IN_TAG_PEER_KEY = 1
+};
+
+/****************************************
+ * raw_key_agreement operation definition
+ */
+
+/* Mandatory fixed sized input parameters */
+struct __attribute__ ((__packed__)) ts_crypto_raw_key_agreement_in
+{
+ uint32_t alg;
+ uint32_t private_key_id;
+};
+
+/* Mandatory variable length input parameter tags */
+enum
+{
+ TS_CRYPTO_RAW_KEY_AGREEMENT_IN_TAG_PEER_KEY = 1
+};
+
+/* Mandatory variable length output parameter tags */
+enum
+{
+ TS_CRYPTO_RAW_KEY_AGREEMENT_OUT_TAG_OUTPUT = 1
+};
+
+#endif /* TS_CRYPTO_KEY_DERIVATION_H */
diff --git a/protocols/service/crypto/packed-c/opcodes.h b/protocols/service/crypto/packed-c/opcodes.h
index e06ab68..7ef5905 100644
--- a/protocols/service/crypto/packed-c/opcodes.h
+++ b/protocols/service/crypto/packed-c/opcodes.h
@@ -46,4 +46,17 @@
#define TS_CRYPTO_OPCODE_CIPHER_FINISH (TS_CRYPTO_OPCODE_CIPHER_BASE + 6)
#define TS_CRYPTO_OPCODE_CIPHER_ABORT (TS_CRYPTO_OPCODE_CIPHER_BASE + 7)
+/* Key derivation operations */
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE (0x0400)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_SETUP (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 1)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_GET_CAPACITY (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 2)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_SET_CAPACITY (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 3)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_INPUT_BYTES (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 4)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_INPUT_KEY (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 5)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_OUTPUT_BYTES (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 6)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_OUTPUT_KEY (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 7)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_ABORT (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 8)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_KEY_AGREEMENT (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 9)
+#define TS_CRYPTO_OPCODE_KEY_DERIVATION_RAW_KEY_AGREEMENT (TS_CRYPTO_OPCODE_KEY_DERIVATION_BASE + 10)
+
#endif /* TS_CRYPTO_OPCODES_H */