| Julian Hall | f572896 | 2021-06-24 09:40:23 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved. |
| 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | */ |
| 6 | |
| 7 | #ifndef CRYPTO_CONTEXT_POOL_H |
| 8 | #define CRYPTO_CONTEXT_POOL_H |
| 9 | |
| 10 | #include <stdint.h> |
| 11 | #include <psa/crypto.h> |
| 12 | |
| 13 | /** |
| 14 | * Some crypto transactions require state to be held between separate |
| 15 | * service operations. A typical multi-call transaction such as a |
| 16 | * hash calculation comprises a setup, one or more updates and a finish |
| 17 | * operation. This pool is used for allocating state context for multi-call |
| 18 | * transactions. For a well behaved client, a fresh context is allocated |
| 19 | * on a setup and freed on the finish. To cope with badly behaved clients |
| 20 | * that may never finish a transaction, if no free contexts are available |
| 21 | * for a new transaction, the least recently used active context is |
| 22 | * recycled. |
| 23 | */ |
| 24 | |
| 25 | #ifdef __cplusplus |
| 26 | extern "C" { |
| 27 | #endif |
| 28 | |
| 29 | /** |
| 30 | * Identifier for the operation type that a context is used for. |
| 31 | */ |
| 32 | enum crypto_context_op_id |
| 33 | { |
| 34 | CRYPTO_CONTEXT_OP_ID_NONE, |
| 35 | CRYPTO_CONTEXT_OP_ID_HASH, |
| 36 | CRYPTO_CONTEXT_OP_ID_MAC, |
| 37 | CRYPTO_CONTEXT_OP_ID_CIPHER |
| 38 | }; |
| 39 | |
| 40 | /** |
| 41 | * A crypto context, used to hold state for a multi-step transaction. |
| 42 | */ |
| 43 | struct crypto_context |
| 44 | { |
| 45 | enum crypto_context_op_id usage; |
| 46 | uint32_t client_id; |
| 47 | uint32_t op_handle; |
| 48 | struct crypto_context *next; |
| 49 | struct crypto_context *prev; |
| 50 | |
| 51 | union context_variant |
| 52 | { |
| 53 | struct psa_hash_operation_s hash; |
| 54 | struct psa_mac_operation_s mac; |
| 55 | struct psa_cipher_operation_s cipher; |
| 56 | } op; |
| 57 | }; |
| 58 | |
| 59 | /** |
| 60 | * The default pool size. This may be overridden to meet the needs |
| 61 | * of a particular deployment. |
| 62 | */ |
| 63 | #ifndef CRYPTO_CONTEXT_POOL_SIZE |
| 64 | #define CRYPTO_CONTEXT_POOL_SIZE (10) |
| 65 | #endif |
| 66 | |
| 67 | /** |
| 68 | * The crypto context pool structure. |
| 69 | */ |
| 70 | struct crypto_context_pool |
| 71 | { |
| 72 | struct crypto_context contexts[CRYPTO_CONTEXT_POOL_SIZE]; |
| 73 | struct crypto_context *free; |
| 74 | struct crypto_context *active_head; |
| 75 | struct crypto_context *active_tail; |
| 76 | uint32_t most_recent_op_handle; |
| 77 | }; |
| 78 | |
| 79 | /* |
| 80 | * Initializes a crypto_context_pool, called once during setup. |
| 81 | */ |
| 82 | void crypto_context_pool_init(struct crypto_context_pool *pool); |
| 83 | |
| 84 | /* |
| 85 | * De-initializes a crypto_context_pool, called once during tear-down. |
| 86 | */ |
| 87 | void crypto_context_pool_deinit(struct crypto_context_pool *pool); |
| 88 | |
| 89 | /* |
| 90 | * Allocate a fresh context. On success, a pointer to a crypto_context object |
| 91 | * is returned and an op handle is provided for reacqiring the context during |
| 92 | * sunsequent operations. |
| 93 | */ |
| 94 | struct crypto_context *crypto_context_pool_alloc(struct crypto_context_pool *pool, |
| 95 | enum crypto_context_op_id usage, |
| 96 | uint32_t client_id, |
| 97 | uint32_t *op_handle); |
| 98 | |
| 99 | /* |
| 100 | * Frees a context after use. |
| 101 | */ |
| 102 | void crypto_context_pool_free(struct crypto_context_pool *pool, |
| 103 | struct crypto_context *context); |
| 104 | |
| 105 | /* |
| 106 | * Find an allocated context. Returns NULL is no qualifying context is held. |
| 107 | */ |
| 108 | struct crypto_context *crypto_context_pool_find(struct crypto_context_pool *pool, |
| 109 | enum crypto_context_op_id usage, |
| 110 | uint32_t client_id, |
| 111 | uint32_t op_handle); |
| 112 | |
| 113 | |
| 114 | #ifdef __cplusplus |
| 115 | } /* extern "C" */ |
| 116 | #endif |
| 117 | |
| 118 | #endif /* CRYPTO_CONTEXT_POOL_H */ |