TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TS / trusted-services / fe487b74f0a0ccd719ed948a0358ff68a2ea4644 / . / components / service / crypto / provider / crypto_context_pool.h
blob: e58d88b2e4a042beedd2d0aaa3f949df8daf3844 [file] [log] [blame]
Julian Hallf5728962021-06-24 09:40:23 +0100[diff] [blame]1/*
2 * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7#ifndef CRYPTO_CONTEXT_POOL_H
8#define CRYPTO_CONTEXT_POOL_H
9
10#include <stdint.h>
11#include <psa/crypto.h>
12
13/**
14 * Some crypto transactions require state to be held between separate
15 * service operations. A typical multi-call transaction such as a
16 * hash calculation comprises a setup, one or more updates and a finish
17 * operation. This pool is used for allocating state context for multi-call
18 * transactions. For a well behaved client, a fresh context is allocated
19 * on a setup and freed on the finish. To cope with badly behaved clients
20 * that may never finish a transaction, if no free contexts are available
21 * for a new transaction, the least recently used active context is
22 * recycled.
23 */
24
25#ifdef __cplusplus
26extern "C" {
27#endif
28
29/**
30 * Identifier for the operation type that a context is used for.
31 */
32enum crypto_context_op_id
33{
34 CRYPTO_CONTEXT_OP_ID_NONE,
35 CRYPTO_CONTEXT_OP_ID_HASH,
36 CRYPTO_CONTEXT_OP_ID_MAC,
Julian Hallfe487b72021-07-19 10:29:59 +0100[diff] [blame^]37 CRYPTO_CONTEXT_OP_ID_CIPHER,
38 CRYPTO_CONTEXT_OP_ID_KEY_DERIVATION
Julian Hallf5728962021-06-24 09:40:23 +0100[diff] [blame]39};
40
41/**
42 * A crypto context, used to hold state for a multi-step transaction.
43 */
44struct crypto_context
45{
46 enum crypto_context_op_id usage;
47 uint32_t client_id;
48 uint32_t op_handle;
49 struct crypto_context *next;
50 struct crypto_context *prev;
51
52 union context_variant
53 {
Julian Hallfe487b72021-07-19 10:29:59 +0100[diff] [blame^]54 psa_hash_operation_t hash;
55 psa_mac_operation_t mac;
56 psa_cipher_operation_t cipher;
57 psa_key_derivation_operation_t key_derivation;
Julian Hallf5728962021-06-24 09:40:23 +0100[diff] [blame]58 } op;
59};
60
61/**
62 * The default pool size. This may be overridden to meet the needs
63 * of a particular deployment.
64 */
65#ifndef CRYPTO_CONTEXT_POOL_SIZE
66#define CRYPTO_CONTEXT_POOL_SIZE (10)
67#endif
68
69/**
70 * The crypto context pool structure.
71 */
72struct crypto_context_pool
73{
74 struct crypto_context contexts[CRYPTO_CONTEXT_POOL_SIZE];
75 struct crypto_context *free;
76 struct crypto_context *active_head;
77 struct crypto_context *active_tail;
78 uint32_t most_recent_op_handle;
79};
80
81/*
82 * Initializes a crypto_context_pool, called once during setup.
83 */
84void crypto_context_pool_init(struct crypto_context_pool *pool);
85
86/*
87 * De-initializes a crypto_context_pool, called once during tear-down.
88 */
89void crypto_context_pool_deinit(struct crypto_context_pool *pool);
90
91/*
92 * Allocate a fresh context. On success, a pointer to a crypto_context object
93 * is returned and an op handle is provided for reacqiring the context during
94 * sunsequent operations.
95 */
96struct crypto_context *crypto_context_pool_alloc(struct crypto_context_pool *pool,
97 enum crypto_context_op_id usage,
98 uint32_t client_id,
99 uint32_t *op_handle);
100
101/*
102 * Frees a context after use.
103 */
104void crypto_context_pool_free(struct crypto_context_pool *pool,
105 struct crypto_context *context);
106
107/*
108 * Find an allocated context. Returns NULL is no qualifying context is held.
109 */
110struct crypto_context *crypto_context_pool_find(struct crypto_context_pool *pool,
111 enum crypto_context_op_id usage,
112 uint32_t client_id,
113 uint32_t op_handle);
114
115
116#ifdef __cplusplus
117} /* extern "C" */
118#endif
119
120#endif /* CRYPTO_CONTEXT_POOL_H */