| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 1 | /* |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 2 | * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved. |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | */ |
| 6 | #include <stdint.h> |
| 7 | #include <stdlib.h> |
| 8 | #include <protocols/service/crypto/packed-c/opcodes.h> |
| 9 | #include <service/crypto/provider/mbedcrypto/crypto_provider.h> |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 10 | #include <service/secure_storage/client/psa/its/its_client.h> |
| 11 | #include <protocols/rpc/common/packed-c/status.h> |
| 12 | #include <psa/crypto.h> |
| 13 | |
| 14 | /* Service request handlers */ |
| 15 | static rpc_status_t nop_handler(void *context, struct call_req* req); |
| 16 | static rpc_status_t generate_key_handler(void *context, struct call_req* req); |
| 17 | static rpc_status_t destroy_key_handler(void *context, struct call_req* req); |
| 18 | static rpc_status_t open_key_handler(void *context, struct call_req* req); |
| 19 | static rpc_status_t close_key_handler(void *context, struct call_req* req); |
| 20 | static rpc_status_t export_key_handler(void *context, struct call_req* req); |
| 21 | static rpc_status_t export_public_key_handler(void *context, struct call_req* req); |
| 22 | static rpc_status_t import_key_handler(void *context, struct call_req* req); |
| 23 | static rpc_status_t sign_hash_handler(void *context, struct call_req* req); |
| 24 | static rpc_status_t verify_hash_handler(void *context, struct call_req* req); |
| 25 | static rpc_status_t asymmetric_decrypt_handler(void *context, struct call_req* req); |
| 26 | static rpc_status_t asymmetric_encrypt_handler(void *context, struct call_req* req); |
| 27 | static rpc_status_t generate_random_handler(void *context, struct call_req* req); |
| 28 | |
| 29 | /* Handler mapping table for service */ |
| 30 | static const struct service_handler handler_table[] = { |
| 31 | {TS_CRYPTO_OPCODE_NOP, nop_handler}, |
| 32 | {TS_CRYPTO_OPCODE_GENERATE_KEY, generate_key_handler}, |
| 33 | {TS_CRYPTO_OPCODE_DESTROY_KEY, destroy_key_handler}, |
| 34 | {TS_CRYPTO_OPCODE_OPEN_KEY, open_key_handler}, |
| 35 | {TS_CRYPTO_OPCODE_CLOSE_KEY, close_key_handler}, |
| 36 | {TS_CRYPTO_OPCODE_EXPORT_KEY, export_key_handler}, |
| 37 | {TS_CRYPTO_OPCODE_EXPORT_PUBLIC_KEY, export_public_key_handler}, |
| 38 | {TS_CRYPTO_OPCODE_IMPORT_KEY, import_key_handler}, |
| 39 | {TS_CRYPTO_OPCODE_SIGN_HASH, sign_hash_handler}, |
| 40 | {TS_CRYPTO_OPCODE_VERIFY_HASH, verify_hash_handler}, |
| 41 | {TS_CRYPTO_OPCODE_ASYMMETRIC_DECRYPT, asymmetric_decrypt_handler}, |
| 42 | {TS_CRYPTO_OPCODE_ASYMMETRIC_ENCRYPT, asymmetric_encrypt_handler}, |
| 43 | {TS_CRYPTO_OPCODE_GENERATE_RANDOM, generate_random_handler} |
| 44 | }; |
| 45 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 46 | struct rpc_interface *mbed_crypto_provider_init(struct mbed_crypto_provider *context, |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 47 | struct rpc_caller *storage_provider) |
| 48 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 49 | struct rpc_interface *rpc_interface = NULL; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 50 | |
| 51 | /* |
| 52 | * A storage provider is required for persistent key storage. As this |
| 53 | * is a mandatory feature of the crypto service, insist on a storage |
| 54 | * provider being available. |
| 55 | */ |
| 56 | if (context && storage_provider) { |
| 57 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 58 | for (size_t encoding = 0; encoding < TS_RPC_ENCODING_LIMIT; ++encoding) |
| 59 | context->serializers[encoding] = NULL; |
| 60 | |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 61 | service_provider_init(&context->base_provider, context, |
| 62 | handler_table, sizeof(handler_table)/sizeof(struct service_handler)); |
| 63 | |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 64 | if ((psa_its_client_init(storage_provider) == PSA_SUCCESS) && |
| 65 | (psa_crypto_init() == PSA_SUCCESS)) |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 66 | rpc_interface = service_provider_get_rpc_interface(&context->base_provider); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 67 | } |
| 68 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 69 | return rpc_interface; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 70 | } |
| 71 | |
| 72 | void mbed_crypto_provider_deinit(struct mbed_crypto_provider *context) |
| 73 | { |
| 74 | (void)context; |
| 75 | } |
| 76 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 77 | void mbed_crypto_provider_register_serializer(struct mbed_crypto_provider *context, |
| 78 | unsigned int encoding, const struct crypto_provider_serializer *serializer) |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 79 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 80 | if (encoding < TS_RPC_ENCODING_LIMIT) |
| 81 | context->serializers[encoding] = serializer; |
| 82 | } |
| 83 | |
| 84 | static const struct crypto_provider_serializer* get_crypto_serializer(void *context, |
| 85 | const struct call_req *req) |
| 86 | { |
| 87 | struct mbed_crypto_provider *this_instance = (struct mbed_crypto_provider*)context; |
| 88 | const struct crypto_provider_serializer* serializer = NULL; |
| 89 | unsigned int encoding = call_req_get_encoding(req); |
| 90 | |
| 91 | if (encoding < TS_RPC_ENCODING_LIMIT) serializer = this_instance->serializers[encoding]; |
| 92 | |
| 93 | return serializer; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 94 | } |
| 95 | |
| 96 | static rpc_status_t nop_handler(void *context, struct call_req* req) |
| 97 | { |
| 98 | /* Responds to a request by returning success */ |
| 99 | rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED; |
| 100 | psa_status_t psa_status = PSA_SUCCESS; |
| 101 | |
| 102 | (void)context; |
| 103 | call_req_set_opstatus(req, psa_status); |
| 104 | |
| 105 | return rpc_status; |
| 106 | } |
| 107 | |
| 108 | static rpc_status_t generate_key_handler(void *context, struct call_req* req) |
| 109 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 110 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 111 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 112 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 113 | |
| 114 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 115 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 116 | if (serializer) |
| 117 | rpc_status = serializer->deserialize_generate_key_req(req_buf, &attributes); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 118 | |
| 119 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 120 | |
| 121 | psa_status_t psa_status; |
| 122 | psa_key_handle_t handle; |
| 123 | |
| 124 | psa_status = psa_generate_key(&attributes, &handle); |
| 125 | |
| 126 | if (psa_status == PSA_SUCCESS) { |
| 127 | |
| 128 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 129 | rpc_status = serializer->serialize_generate_key_resp(resp_buf, handle); |
| 130 | } |
| 131 | |
| 132 | call_req_set_opstatus(req, psa_status); |
| 133 | } |
| 134 | |
| 135 | psa_reset_key_attributes(&attributes); |
| 136 | |
| 137 | return rpc_status; |
| 138 | } |
| 139 | |
| 140 | static rpc_status_t destroy_key_handler(void *context, struct call_req* req) |
| 141 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 142 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 143 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 144 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 145 | |
| 146 | psa_key_handle_t handle; |
| 147 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 148 | if (serializer) |
| 149 | rpc_status = serializer->deserialize_destroy_key_req(req_buf, &handle); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 150 | |
| 151 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 152 | |
| 153 | psa_status_t psa_status; |
| 154 | |
| 155 | psa_status = psa_destroy_key(handle); |
| 156 | call_req_set_opstatus(req, psa_status); |
| 157 | } |
| 158 | |
| 159 | return rpc_status; |
| 160 | } |
| 161 | |
| 162 | static rpc_status_t open_key_handler(void *context, struct call_req* req) |
| 163 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 164 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 165 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 166 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 167 | |
| 168 | psa_key_id_t id; |
| 169 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 170 | if (serializer) |
| 171 | rpc_status = serializer->deserialize_open_key_req(req_buf, &id); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 172 | |
| 173 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 174 | |
| 175 | psa_status_t psa_status; |
| 176 | psa_key_handle_t handle; |
| 177 | |
| 178 | psa_status = psa_open_key(id, &handle); |
| 179 | |
| 180 | if (psa_status == PSA_SUCCESS) { |
| 181 | |
| 182 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 183 | rpc_status = serializer->serialize_open_key_resp(resp_buf, handle); |
| 184 | } |
| 185 | |
| 186 | call_req_set_opstatus(req, psa_status); |
| 187 | } |
| 188 | |
| 189 | return rpc_status; |
| 190 | } |
| 191 | |
| 192 | static rpc_status_t close_key_handler(void *context, struct call_req* req) |
| 193 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 194 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 195 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 196 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 197 | |
| 198 | psa_key_handle_t handle; |
| 199 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 200 | if (serializer) |
| 201 | rpc_status = serializer->deserialize_close_key_req(req_buf, &handle); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 202 | |
| 203 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 204 | |
| 205 | psa_status_t psa_status; |
| 206 | |
| 207 | psa_status = psa_close_key(handle); |
| 208 | call_req_set_opstatus(req, psa_status); |
| 209 | } |
| 210 | |
| 211 | return rpc_status; |
| 212 | } |
| 213 | |
| 214 | static rpc_status_t export_key_handler(void *context, struct call_req* req) |
| 215 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 216 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 217 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 218 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 219 | |
| 220 | psa_key_handle_t handle; |
| 221 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 222 | if (serializer) |
| 223 | rpc_status = serializer->deserialize_export_key_req(req_buf, &handle); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 224 | |
| 225 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 226 | |
| 227 | psa_status_t psa_status; |
| 228 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 229 | |
| 230 | psa_status = psa_get_key_attributes(handle, &attributes); |
| 231 | |
| 232 | if (psa_status == PSA_SUCCESS) { |
| 233 | |
| 234 | size_t max_export_size = PSA_KEY_EXPORT_MAX_SIZE( |
| 235 | psa_get_key_type(&attributes), |
| 236 | psa_get_key_bits(&attributes)); |
| 237 | |
| 238 | uint8_t *key_buffer = malloc(max_export_size); |
| 239 | |
| 240 | if (key_buffer) { |
| 241 | |
| 242 | size_t export_size; |
| 243 | psa_status = psa_export_key(handle, key_buffer, max_export_size, &export_size); |
| 244 | |
| 245 | if (psa_status == PSA_SUCCESS) { |
| 246 | |
| 247 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 248 | rpc_status = serializer->serialize_export_key_resp(resp_buf, key_buffer, export_size); |
| 249 | } |
| 250 | |
| 251 | free(key_buffer); |
| 252 | } |
| 253 | else { |
| 254 | /* Failed to allocate key buffer */ |
| 255 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 256 | } |
| 257 | } |
| 258 | |
| 259 | call_req_set_opstatus(req, psa_status); |
| 260 | psa_reset_key_attributes(&attributes); |
| 261 | } |
| 262 | |
| 263 | return rpc_status; |
| 264 | } |
| 265 | |
| 266 | static rpc_status_t export_public_key_handler(void *context, struct call_req* req) |
| 267 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 268 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 269 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 270 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 271 | |
| 272 | psa_key_handle_t handle; |
| 273 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 274 | if (serializer) |
| 275 | rpc_status = serializer->deserialize_export_public_key_req(req_buf, &handle); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 276 | |
| 277 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 278 | |
| 279 | psa_status_t psa_status; |
| 280 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 281 | |
| 282 | psa_status = psa_get_key_attributes(handle, &attributes); |
| 283 | |
| 284 | if (psa_status == PSA_SUCCESS) { |
| 285 | |
| 286 | size_t max_export_size = PSA_KEY_EXPORT_MAX_SIZE( |
| 287 | PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(psa_get_key_type(&attributes)), |
| 288 | psa_get_key_bits(&attributes)); |
| 289 | |
| 290 | uint8_t *key_buffer = malloc(max_export_size); |
| 291 | |
| 292 | if (key_buffer) { |
| 293 | |
| 294 | size_t export_size; |
| 295 | psa_status = psa_export_public_key(handle, key_buffer, max_export_size, &export_size); |
| 296 | |
| 297 | if (psa_status == PSA_SUCCESS) { |
| 298 | |
| 299 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 300 | rpc_status = serializer->serialize_export_public_key_resp(resp_buf, key_buffer, export_size); |
| 301 | } |
| 302 | |
| 303 | free(key_buffer); |
| 304 | } |
| 305 | else { |
| 306 | /* Failed to allocate key buffer */ |
| 307 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 308 | } |
| 309 | } |
| 310 | |
| 311 | call_req_set_opstatus(req, psa_status); |
| 312 | psa_reset_key_attributes(&attributes); |
| 313 | } |
| 314 | |
| 315 | return rpc_status; |
| 316 | } |
| 317 | |
| 318 | static rpc_status_t import_key_handler(void *context, struct call_req* req) |
| 319 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 320 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 321 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 322 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 323 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 324 | if (serializer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 325 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 326 | size_t key_data_len = serializer->max_deserialised_parameter_size(req_buf); |
| 327 | uint8_t *key_buffer = malloc(key_data_len); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 328 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 329 | if (key_buffer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 330 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 331 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 332 | rpc_status = serializer->deserialize_import_key_req(req_buf, &attributes, key_buffer, &key_data_len); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 333 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 334 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 335 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 336 | psa_status_t psa_status; |
| 337 | psa_key_handle_t handle; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 338 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 339 | psa_status = psa_import_key(&attributes, key_buffer, key_data_len, &handle); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 340 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 341 | if (psa_status == PSA_SUCCESS) { |
| 342 | |
| 343 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 344 | rpc_status = serializer->serialize_import_key_resp(resp_buf, handle); |
| 345 | } |
| 346 | |
| 347 | call_req_set_opstatus(req, psa_status); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 348 | } |
| 349 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 350 | psa_reset_key_attributes(&attributes); |
| 351 | free(key_buffer); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 352 | } |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 353 | else { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 354 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 355 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 356 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 357 | } |
| 358 | |
| 359 | return rpc_status; |
| 360 | } |
| 361 | |
| 362 | static rpc_status_t sign_hash_handler(void *context, struct call_req* req) |
| 363 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 364 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 365 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 366 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 367 | |
| 368 | psa_key_handle_t handle; |
| 369 | psa_algorithm_t alg; |
| 370 | size_t hash_len = PSA_HASH_MAX_SIZE; |
| 371 | uint8_t hash_buffer[PSA_HASH_MAX_SIZE]; |
| 372 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 373 | if (serializer) |
| 374 | rpc_status = serializer->deserialize_sign_hash_req(req_buf, &handle, &alg, hash_buffer, &hash_len); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 375 | |
| 376 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 377 | |
| 378 | psa_status_t psa_status; |
| 379 | size_t sig_len; |
| 380 | uint8_t sig_buffer[PSA_SIGNATURE_MAX_SIZE]; |
| 381 | |
| 382 | psa_status = psa_sign_hash(handle, alg, |
| 383 | hash_buffer, hash_len, |
| 384 | sig_buffer, sizeof(sig_buffer), &sig_len); |
| 385 | |
| 386 | if (psa_status == PSA_SUCCESS) { |
| 387 | |
| 388 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 389 | rpc_status = serializer->serialize_sign_hash_resp(resp_buf, sig_buffer, sig_len); |
| 390 | } |
| 391 | |
| 392 | call_req_set_opstatus(req, psa_status); |
| 393 | } |
| 394 | |
| 395 | return rpc_status; |
| 396 | } |
| 397 | |
| 398 | static rpc_status_t verify_hash_handler(void *context, struct call_req* req) |
| 399 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 400 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 401 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 402 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 403 | |
| 404 | psa_key_handle_t handle; |
| 405 | psa_algorithm_t alg; |
| 406 | size_t hash_len = PSA_HASH_MAX_SIZE; |
| 407 | uint8_t hash_buffer[PSA_HASH_MAX_SIZE]; |
| 408 | size_t sig_len = PSA_SIGNATURE_MAX_SIZE; |
| 409 | uint8_t sig_buffer[PSA_SIGNATURE_MAX_SIZE]; |
| 410 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 411 | if (serializer) |
| 412 | rpc_status = serializer->deserialize_verify_hash_req(req_buf, &handle, &alg, |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 413 | hash_buffer, &hash_len, |
| 414 | sig_buffer, &sig_len); |
| 415 | |
| 416 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 417 | |
| 418 | psa_status_t psa_status; |
| 419 | |
| 420 | psa_status = psa_verify_hash(handle, alg, |
| 421 | hash_buffer, hash_len, |
| 422 | sig_buffer, sig_len); |
| 423 | |
| 424 | call_req_set_opstatus(req, psa_status); |
| 425 | } |
| 426 | |
| 427 | return rpc_status; |
| 428 | } |
| 429 | |
| 430 | static rpc_status_t asymmetric_decrypt_handler(void *context, struct call_req* req) |
| 431 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 432 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 433 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 434 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 435 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 436 | if (serializer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 437 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 438 | size_t max_param_size = serializer->max_deserialised_parameter_size(req_buf); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 439 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 440 | psa_key_handle_t handle; |
| 441 | psa_algorithm_t alg; |
| 442 | size_t ciphertext_len = max_param_size; |
| 443 | uint8_t *ciphertext_buffer = malloc(ciphertext_len); |
| 444 | size_t salt_len = max_param_size; |
| 445 | uint8_t *salt_buffer = malloc(salt_len); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 446 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 447 | if (ciphertext_buffer && salt_buffer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 448 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 449 | rpc_status = serializer->deserialize_asymmetric_decrypt_req(req_buf, |
| 450 | &handle, &alg, |
| 451 | ciphertext_buffer, &ciphertext_len, |
| 452 | salt_buffer, &salt_len); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 453 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 454 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 455 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 456 | psa_status_t psa_status; |
| 457 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 458 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 459 | psa_status = psa_get_key_attributes(handle, &attributes); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 460 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 461 | if (psa_status == PSA_SUCCESS) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 462 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 463 | size_t max_decrypt_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( |
| 464 | psa_get_key_type(&attributes), |
| 465 | psa_get_key_bits(&attributes), |
| 466 | alg); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 467 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 468 | size_t plaintext_len; |
| 469 | uint8_t *plaintext_buffer = malloc(max_decrypt_size); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 470 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 471 | if (plaintext_buffer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 472 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 473 | psa_status = psa_asymmetric_decrypt(handle, alg, |
| 474 | ciphertext_buffer, ciphertext_len, |
| 475 | salt_buffer, salt_len, |
| 476 | plaintext_buffer, max_decrypt_size, &plaintext_len); |
| 477 | |
| 478 | if (psa_status == PSA_SUCCESS) { |
| 479 | |
| 480 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 481 | rpc_status = serializer->serialize_asymmetric_decrypt_resp(resp_buf, |
| 482 | plaintext_buffer, plaintext_len); |
| 483 | } |
| 484 | |
| 485 | free(plaintext_buffer); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 486 | } |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 487 | else { |
| 488 | /* Failed to allocate ouptput buffer */ |
| 489 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 490 | } |
| 491 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 492 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 493 | call_req_set_opstatus(req, psa_status); |
| 494 | psa_reset_key_attributes(&attributes); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 495 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 496 | } |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 497 | else { |
| 498 | /* Failed to allocate buffers */ |
| 499 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 500 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 501 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 502 | free(ciphertext_buffer); |
| 503 | free(salt_buffer); |
| 504 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 505 | |
| 506 | return rpc_status; |
| 507 | } |
| 508 | |
| 509 | static rpc_status_t asymmetric_encrypt_handler(void *context, struct call_req* req) |
| 510 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 511 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 512 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 513 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 514 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 515 | if (serializer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 516 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 517 | size_t max_param_size = serializer->max_deserialised_parameter_size(req_buf); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 518 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 519 | psa_key_handle_t handle; |
| 520 | psa_algorithm_t alg; |
| 521 | size_t plaintext_len = max_param_size; |
| 522 | uint8_t *plaintext_buffer = malloc(plaintext_len); |
| 523 | size_t salt_len = max_param_size; |
| 524 | uint8_t *salt_buffer = malloc(salt_len); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 525 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 526 | if (plaintext_buffer && salt_buffer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 527 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 528 | rpc_status = serializer->deserialize_asymmetric_encrypt_req(req_buf, |
| 529 | &handle, &alg, |
| 530 | plaintext_buffer, &plaintext_len, |
| 531 | salt_buffer, &salt_len); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 532 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 533 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 534 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 535 | psa_status_t psa_status; |
| 536 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 537 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 538 | psa_status = psa_get_key_attributes(handle, &attributes); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 539 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 540 | if (psa_status == PSA_SUCCESS) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 541 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 542 | size_t max_encrypt_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( |
| 543 | psa_get_key_type(&attributes), |
| 544 | psa_get_key_bits(&attributes), |
| 545 | alg); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 546 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 547 | size_t ciphertext_len; |
| 548 | uint8_t *ciphertext_buffer = malloc(max_encrypt_size); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 549 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 550 | if (ciphertext_buffer) { |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 551 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 552 | psa_status = psa_asymmetric_encrypt(handle, alg, |
| 553 | plaintext_buffer, plaintext_len, |
| 554 | salt_buffer, salt_len, |
| 555 | ciphertext_buffer, max_encrypt_size, &ciphertext_len); |
| 556 | |
| 557 | if (psa_status == PSA_SUCCESS) { |
| 558 | |
| 559 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 560 | rpc_status = serializer->serialize_asymmetric_encrypt_resp(resp_buf, |
| 561 | ciphertext_buffer, ciphertext_len); |
| 562 | } |
| 563 | |
| 564 | free(ciphertext_buffer); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 565 | } |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 566 | else { |
| 567 | /* Failed to allocate ouptput buffer */ |
| 568 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 569 | } |
| 570 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 571 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 572 | call_req_set_opstatus(req, psa_status); |
| 573 | psa_reset_key_attributes(&attributes); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 574 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 575 | } |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 576 | else { |
| 577 | /* Failed to allocate buffers */ |
| 578 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 579 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 580 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 581 | free(plaintext_buffer); |
| 582 | free(salt_buffer); |
| 583 | } |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 584 | |
| 585 | return rpc_status; |
| 586 | } |
| 587 | |
| 588 | static rpc_status_t generate_random_handler(void *context, struct call_req* req) |
| 589 | { |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 590 | rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED; |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 591 | struct call_param_buf *req_buf = call_req_get_req_buf(req); |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 592 | const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 593 | |
| 594 | size_t output_size; |
| 595 | |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 596 | if (serializer) |
| 597 | rpc_status = serializer->deserialize_generate_random_req(req_buf, &output_size); |
| Julian Hall | c02fffb | 2020-11-23 18:22:06 +0100 | [diff] [blame] | 598 | |
| 599 | if (rpc_status == TS_RPC_CALL_ACCEPTED) { |
| 600 | |
| 601 | psa_status_t psa_status; |
| 602 | uint8_t *output_buffer = malloc(output_size); |
| 603 | |
| 604 | if (output_buffer) { |
| 605 | |
| 606 | psa_status = psa_generate_random(output_buffer, output_size); |
| 607 | |
| 608 | if (psa_status == PSA_SUCCESS) { |
| 609 | |
| 610 | struct call_param_buf *resp_buf = call_req_get_resp_buf(req); |
| 611 | rpc_status = serializer->serialize_generate_random_resp(resp_buf, |
| 612 | output_buffer, output_size); |
| 613 | } |
| 614 | |
| 615 | call_req_set_opstatus(req, psa_status); |
| 616 | free(output_buffer); |
| 617 | } |
| 618 | else { |
| 619 | /* Failed to allocate output buffer */ |
| 620 | rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE; |
| 621 | } |
| 622 | } |
| 623 | |
| 624 | return rpc_status; |
| julhal01 | c3f4e9a | 2020-12-15 13:39:01 +0000 | [diff] [blame^] | 625 | } |