TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TS / trusted-services / 3c52ce6203c82f53d1f636a5345a949317e73348 / . / components / service / crypto / provider / mbedcrypto / crypto_provider.c
blob: 389e8bcd4c81dd1fb7243af20427e12d53b916b1 [file] [log] [blame]
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]1/*
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]2 * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6#include <stdint.h>
7#include <stdlib.h>
8#include <protocols/service/crypto/packed-c/opcodes.h>
9#include <service/crypto/provider/mbedcrypto/crypto_provider.h>
julhal012c18fbf2021-02-01 08:29:28 +0000[diff] [blame]10#include <service/crypto/provider/mbedcrypto/trng_adapter/trng_adapter.h>
julhal011260f102021-02-15 17:34:08 +0000[diff] [blame]11#include <service/secure_storage/frontend/psa/its/its_frontend.h>
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]12#include <protocols/rpc/common/packed-c/status.h>
13#include <psa/crypto.h>
14
15/* Service request handlers */
16static rpc_status_t nop_handler(void *context, struct call_req* req);
17static rpc_status_t generate_key_handler(void *context, struct call_req* req);
18static rpc_status_t destroy_key_handler(void *context, struct call_req* req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]19static rpc_status_t export_key_handler(void *context, struct call_req* req);
20static rpc_status_t export_public_key_handler(void *context, struct call_req* req);
21static rpc_status_t import_key_handler(void *context, struct call_req* req);
22static rpc_status_t sign_hash_handler(void *context, struct call_req* req);
23static rpc_status_t verify_hash_handler(void *context, struct call_req* req);
24static rpc_status_t asymmetric_decrypt_handler(void *context, struct call_req* req);
25static rpc_status_t asymmetric_encrypt_handler(void *context, struct call_req* req);
26static rpc_status_t generate_random_handler(void *context, struct call_req* req);
27
28/* Handler mapping table for service */
29static const struct service_handler handler_table[] = {
30 {TS_CRYPTO_OPCODE_NOP, nop_handler},
31 {TS_CRYPTO_OPCODE_GENERATE_KEY, generate_key_handler},
32 {TS_CRYPTO_OPCODE_DESTROY_KEY, destroy_key_handler},
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]33 {TS_CRYPTO_OPCODE_EXPORT_KEY, export_key_handler},
34 {TS_CRYPTO_OPCODE_EXPORT_PUBLIC_KEY, export_public_key_handler},
35 {TS_CRYPTO_OPCODE_IMPORT_KEY, import_key_handler},
36 {TS_CRYPTO_OPCODE_SIGN_HASH, sign_hash_handler},
37 {TS_CRYPTO_OPCODE_VERIFY_HASH, verify_hash_handler},
38 {TS_CRYPTO_OPCODE_ASYMMETRIC_DECRYPT, asymmetric_decrypt_handler},
39 {TS_CRYPTO_OPCODE_ASYMMETRIC_ENCRYPT, asymmetric_encrypt_handler},
40 {TS_CRYPTO_OPCODE_GENERATE_RANDOM, generate_random_handler}
41};
42
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]43struct rpc_interface *mbed_crypto_provider_init(struct mbed_crypto_provider *context,
julhal013a4207d2021-03-08 13:32:08 +0000[diff] [blame]44 struct storage_backend *storage_backend,
julhal012c18fbf2021-02-01 08:29:28 +0000[diff] [blame]45 int trng_instance)
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]46{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]47 struct rpc_interface *rpc_interface = NULL;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]48
julhal012c18fbf2021-02-01 08:29:28 +0000[diff] [blame]49 trng_adapter_init(trng_instance);
julhal01ffa98d82021-01-20 13:51:58 +0000[diff] [blame]50
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]51 /*
52 * A storage provider is required for persistent key storage. As this
53 * is a mandatory feature of the crypto service, insist on a storage
54 * provider being available.
55 */
julhal013a4207d2021-03-08 13:32:08 +0000[diff] [blame]56 if (context && storage_backend) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]57
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]58 for (size_t encoding = 0; encoding < TS_RPC_ENCODING_LIMIT; ++encoding)
59 context->serializers[encoding] = NULL;
60
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]61 service_provider_init(&context->base_provider, context,
62 handler_table, sizeof(handler_table)/sizeof(struct service_handler));
63
julhal013a4207d2021-03-08 13:32:08 +0000[diff] [blame]64 if ((psa_its_frontend_init(storage_backend) == PSA_SUCCESS) &&
julhal011260f102021-02-15 17:34:08 +0000[diff] [blame]65 (psa_crypto_init() == PSA_SUCCESS)) {
66
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]67 rpc_interface = service_provider_get_rpc_interface(&context->base_provider);
julhal011260f102021-02-15 17:34:08 +0000[diff] [blame]68 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]69 }
70
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]71 return rpc_interface;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]72}
73
74void mbed_crypto_provider_deinit(struct mbed_crypto_provider *context)
75{
76 (void)context;
julhal012c18fbf2021-02-01 08:29:28 +0000[diff] [blame]77 trng_adapter_deinit();
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]78}
79
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]80void mbed_crypto_provider_register_serializer(struct mbed_crypto_provider *context,
81 unsigned int encoding, const struct crypto_provider_serializer *serializer)
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]82{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]83 if (encoding < TS_RPC_ENCODING_LIMIT)
84 context->serializers[encoding] = serializer;
85}
86
87static const struct crypto_provider_serializer* get_crypto_serializer(void *context,
88 const struct call_req *req)
89{
90 struct mbed_crypto_provider *this_instance = (struct mbed_crypto_provider*)context;
91 const struct crypto_provider_serializer* serializer = NULL;
92 unsigned int encoding = call_req_get_encoding(req);
93
94 if (encoding < TS_RPC_ENCODING_LIMIT) serializer = this_instance->serializers[encoding];
95
96 return serializer;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]97}
98
99static rpc_status_t nop_handler(void *context, struct call_req* req)
100{
101 /* Responds to a request by returning success */
102 rpc_status_t rpc_status = TS_RPC_CALL_ACCEPTED;
103 psa_status_t psa_status = PSA_SUCCESS;
104
105 (void)context;
106 call_req_set_opstatus(req, psa_status);
107
108 return rpc_status;
109}
110
111static rpc_status_t generate_key_handler(void *context, struct call_req* req)
112{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]113 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]114 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]115 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]116
117 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
118
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]119 if (serializer)
120 rpc_status = serializer->deserialize_generate_key_req(req_buf, &attributes);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]121
122 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
123
124 psa_status_t psa_status;
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]125 psa_key_id_t id;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]126
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]127 psa_status = psa_generate_key(&attributes, &id);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]128
129 if (psa_status == PSA_SUCCESS) {
130
131 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]132 rpc_status = serializer->serialize_generate_key_resp(resp_buf, id);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]133 }
134
135 call_req_set_opstatus(req, psa_status);
136 }
137
138 psa_reset_key_attributes(&attributes);
139
140 return rpc_status;
141}
142
143static rpc_status_t destroy_key_handler(void *context, struct call_req* req)
144{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]145 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]146 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]147 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]148
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]149 psa_key_id_t id;
150
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]151 if (serializer)
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]152 rpc_status = serializer->deserialize_destroy_key_req(req_buf, &id);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]153
154 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
155
156 psa_status_t psa_status;
157
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]158 psa_status = psa_destroy_key(id);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]159 call_req_set_opstatus(req, psa_status);
160 }
161
162 return rpc_status;
163}
164
165static rpc_status_t export_key_handler(void *context, struct call_req* req)
166{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]167 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]168 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]169 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]170
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]171 psa_key_id_t id;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]172
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]173 if (serializer)
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]174 rpc_status = serializer->deserialize_export_key_req(req_buf, &id);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]175
176 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
177
178 psa_status_t psa_status;
179 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
180
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]181 psa_status = psa_get_key_attributes(id, &attributes);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]182
183 if (psa_status == PSA_SUCCESS) {
184
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]185 size_t max_export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]186 psa_get_key_type(&attributes),
187 psa_get_key_bits(&attributes));
188
189 uint8_t *key_buffer = malloc(max_export_size);
190
191 if (key_buffer) {
192
193 size_t export_size;
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]194 psa_status = psa_export_key(id, key_buffer, max_export_size, &export_size);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]195
196 if (psa_status == PSA_SUCCESS) {
197
198 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
199 rpc_status = serializer->serialize_export_key_resp(resp_buf, key_buffer, export_size);
200 }
201
202 free(key_buffer);
203 }
204 else {
205 /* Failed to allocate key buffer */
206 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
207 }
208 }
209
210 call_req_set_opstatus(req, psa_status);
211 psa_reset_key_attributes(&attributes);
212 }
213
214 return rpc_status;
215}
216
217static rpc_status_t export_public_key_handler(void *context, struct call_req* req)
218{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]219 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]220 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]221 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]222
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]223 psa_key_id_t id;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]224
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]225 if (serializer)
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]226 rpc_status = serializer->deserialize_export_public_key_req(req_buf, &id);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]227
228 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
229
230 psa_status_t psa_status;
231 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
232
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]233 psa_status = psa_get_key_attributes(id, &attributes);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]234
235 if (psa_status == PSA_SUCCESS) {
236
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]237 size_t max_export_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]238 PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(psa_get_key_type(&attributes)),
239 psa_get_key_bits(&attributes));
240
241 uint8_t *key_buffer = malloc(max_export_size);
242
243 if (key_buffer) {
244
245 size_t export_size;
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]246 psa_status = psa_export_public_key(id, key_buffer, max_export_size, &export_size);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]247
248 if (psa_status == PSA_SUCCESS) {
249
250 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
251 rpc_status = serializer->serialize_export_public_key_resp(resp_buf, key_buffer, export_size);
252 }
253
254 free(key_buffer);
255 }
256 else {
257 /* Failed to allocate key buffer */
258 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
259 }
260 }
261
262 call_req_set_opstatus(req, psa_status);
263 psa_reset_key_attributes(&attributes);
264 }
265
266 return rpc_status;
267}
268
269static rpc_status_t import_key_handler(void *context, struct call_req* req)
270{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]271 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]272 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]273 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]274
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]275 if (serializer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]276
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]277 size_t key_data_len = serializer->max_deserialised_parameter_size(req_buf);
278 uint8_t *key_buffer = malloc(key_data_len);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]279
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]280 if (key_buffer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]281
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]282 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
283 rpc_status = serializer->deserialize_import_key_req(req_buf, &attributes, key_buffer, &key_data_len);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]284
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]285 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]286
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]287 psa_status_t psa_status;
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]288 psa_key_id_t id;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]289
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]290 psa_status = psa_import_key(&attributes, key_buffer, key_data_len, &id);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]291
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]292 if (psa_status == PSA_SUCCESS) {
293
294 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]295 rpc_status = serializer->serialize_import_key_resp(resp_buf, id);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]296 }
297
298 call_req_set_opstatus(req, psa_status);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]299 }
300
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]301 psa_reset_key_attributes(&attributes);
302 free(key_buffer);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]303 }
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]304 else {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]305
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]306 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
307 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]308 }
309
310 return rpc_status;
311}
312
313static rpc_status_t sign_hash_handler(void *context, struct call_req* req)
314{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]315 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]316 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]317 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]318
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]319 psa_key_id_t id;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]320 psa_algorithm_t alg;
321 size_t hash_len = PSA_HASH_MAX_SIZE;
322 uint8_t hash_buffer[PSA_HASH_MAX_SIZE];
323
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]324 if (serializer)
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]325 rpc_status = serializer->deserialize_sign_hash_req(req_buf, &id, &alg, hash_buffer, &hash_len);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]326
327 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
328
329 psa_status_t psa_status;
330 size_t sig_len;
331 uint8_t sig_buffer[PSA_SIGNATURE_MAX_SIZE];
332
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]333 psa_status = psa_sign_hash(id, alg,
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]334 hash_buffer, hash_len,
335 sig_buffer, sizeof(sig_buffer), &sig_len);
336
337 if (psa_status == PSA_SUCCESS) {
338
339 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
340 rpc_status = serializer->serialize_sign_hash_resp(resp_buf, sig_buffer, sig_len);
341 }
342
343 call_req_set_opstatus(req, psa_status);
344 }
345
346 return rpc_status;
347}
348
349static rpc_status_t verify_hash_handler(void *context, struct call_req* req)
350{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]351 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]352 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]353 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]354
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]355 psa_key_id_t id;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]356 psa_algorithm_t alg;
357 size_t hash_len = PSA_HASH_MAX_SIZE;
358 uint8_t hash_buffer[PSA_HASH_MAX_SIZE];
359 size_t sig_len = PSA_SIGNATURE_MAX_SIZE;
360 uint8_t sig_buffer[PSA_SIGNATURE_MAX_SIZE];
361
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]362 if (serializer)
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]363 rpc_status = serializer->deserialize_verify_hash_req(req_buf, &id, &alg,
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]364 hash_buffer, &hash_len,
365 sig_buffer, &sig_len);
366
367 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
368
369 psa_status_t psa_status;
370
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]371 psa_status = psa_verify_hash(id, alg,
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]372 hash_buffer, hash_len,
373 sig_buffer, sig_len);
374
375 call_req_set_opstatus(req, psa_status);
376 }
377
378 return rpc_status;
379}
380
381static rpc_status_t asymmetric_decrypt_handler(void *context, struct call_req* req)
382{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]383 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]384 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]385 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]386
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]387 if (serializer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]388
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]389 size_t max_param_size = serializer->max_deserialised_parameter_size(req_buf);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]390
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]391 psa_key_id_t id;
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]392 psa_algorithm_t alg;
393 size_t ciphertext_len = max_param_size;
394 uint8_t *ciphertext_buffer = malloc(ciphertext_len);
395 size_t salt_len = max_param_size;
396 uint8_t *salt_buffer = malloc(salt_len);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]397
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]398 if (ciphertext_buffer && salt_buffer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]399
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]400 rpc_status = serializer->deserialize_asymmetric_decrypt_req(req_buf,
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]401 &id, &alg,
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]402 ciphertext_buffer, &ciphertext_len,
403 salt_buffer, &salt_len);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]404
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]405 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]406
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]407 psa_status_t psa_status;
408 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]409
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]410 psa_status = psa_get_key_attributes(id, &attributes);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]411
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]412 if (psa_status == PSA_SUCCESS) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]413
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]414 size_t max_decrypt_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(
415 psa_get_key_type(&attributes),
416 psa_get_key_bits(&attributes),
417 alg);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]418
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]419 size_t plaintext_len;
420 uint8_t *plaintext_buffer = malloc(max_decrypt_size);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]421
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]422 if (plaintext_buffer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]423
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]424 psa_status = psa_asymmetric_decrypt(id, alg,
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]425 ciphertext_buffer, ciphertext_len,
426 salt_buffer, salt_len,
427 plaintext_buffer, max_decrypt_size, &plaintext_len);
428
429 if (psa_status == PSA_SUCCESS) {
430
431 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
432 rpc_status = serializer->serialize_asymmetric_decrypt_resp(resp_buf,
433 plaintext_buffer, plaintext_len);
434 }
435
436 free(plaintext_buffer);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]437 }
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]438 else {
439 /* Failed to allocate ouptput buffer */
440 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
441 }
442 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]443
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]444 call_req_set_opstatus(req, psa_status);
445 psa_reset_key_attributes(&attributes);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]446 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]447 }
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]448 else {
449 /* Failed to allocate buffers */
450 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
451 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]452
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]453 free(ciphertext_buffer);
454 free(salt_buffer);
455 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]456
457 return rpc_status;
458}
459
460static rpc_status_t asymmetric_encrypt_handler(void *context, struct call_req* req)
461{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]462 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]463 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]464 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]465
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]466 if (serializer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]467
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]468 size_t max_param_size = serializer->max_deserialised_parameter_size(req_buf);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]469
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]470 psa_key_id_t id;
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]471 psa_algorithm_t alg;
472 size_t plaintext_len = max_param_size;
473 uint8_t *plaintext_buffer = malloc(plaintext_len);
474 size_t salt_len = max_param_size;
475 uint8_t *salt_buffer = malloc(salt_len);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]476
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]477 if (plaintext_buffer && salt_buffer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]478
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]479 rpc_status = serializer->deserialize_asymmetric_encrypt_req(req_buf,
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]480 &id, &alg,
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]481 plaintext_buffer, &plaintext_len,
482 salt_buffer, &salt_len);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]483
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]484 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]485
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]486 psa_status_t psa_status;
487 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]488
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]489 psa_status = psa_get_key_attributes(id, &attributes);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]490
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]491 if (psa_status == PSA_SUCCESS) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]492
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]493 size_t max_encrypt_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(
494 psa_get_key_type(&attributes),
495 psa_get_key_bits(&attributes),
496 alg);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]497
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]498 size_t ciphertext_len;
499 uint8_t *ciphertext_buffer = malloc(max_encrypt_size);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]500
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]501 if (ciphertext_buffer) {
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]502
Balint Dobszay3c52ce62021-05-10 16:27:18 +0200[diff] [blame^]503 psa_status = psa_asymmetric_encrypt(id, alg,
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]504 plaintext_buffer, plaintext_len,
505 salt_buffer, salt_len,
506 ciphertext_buffer, max_encrypt_size, &ciphertext_len);
507
508 if (psa_status == PSA_SUCCESS) {
509
510 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
511 rpc_status = serializer->serialize_asymmetric_encrypt_resp(resp_buf,
512 ciphertext_buffer, ciphertext_len);
513 }
514
515 free(ciphertext_buffer);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]516 }
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]517 else {
518 /* Failed to allocate ouptput buffer */
519 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
520 }
521 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]522
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]523 call_req_set_opstatus(req, psa_status);
524 psa_reset_key_attributes(&attributes);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]525 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]526 }
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]527 else {
528 /* Failed to allocate buffers */
529 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
530 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]531
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]532 free(plaintext_buffer);
533 free(salt_buffer);
534 }
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]535
536 return rpc_status;
537}
538
539static rpc_status_t generate_random_handler(void *context, struct call_req* req)
540{
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]541 rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]542 struct call_param_buf *req_buf = call_req_get_req_buf(req);
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]543 const struct crypto_provider_serializer *serializer = get_crypto_serializer(context, req);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]544
545 size_t output_size;
546
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]547 if (serializer)
548 rpc_status = serializer->deserialize_generate_random_req(req_buf, &output_size);
Julian Hallc02fffb2020-11-23 18:22:06 +0100[diff] [blame]549
550 if (rpc_status == TS_RPC_CALL_ACCEPTED) {
551
552 psa_status_t psa_status;
553 uint8_t *output_buffer = malloc(output_size);
554
555 if (output_buffer) {
556
557 psa_status = psa_generate_random(output_buffer, output_size);
558
559 if (psa_status == PSA_SUCCESS) {
560
561 struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
562 rpc_status = serializer->serialize_generate_random_resp(resp_buf,
563 output_buffer, output_size);
564 }
565
566 call_req_set_opstatus(req, psa_status);
567 free(output_buffer);
568 }
569 else {
570 /* Failed to allocate output buffer */
571 rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
572 }
573 }
574
575 return rpc_status;
julhal01c3f4e9a2020-12-15 13:39:01 +0000[diff] [blame]576}