TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 37941cb5e16da18dd6182100fa2a69b589341143 / . / library / psa_crypto_driver_wrappers.c
blob: 140c3d4b8925ba3d77d416ef1c5739113145e26c [file] [log] [blame]
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]1/*
2 * Functions to delegate cryptographic operations to an available
3 * and appropriate accelerator.
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]4 * Warning: This file will be auto-generated in the future.
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]5 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]6/* Copyright The Mbed TLS Contributors
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]20 */
21
22#include "psa_crypto_core.h"
23#include "psa_crypto_driver_wrappers.h"
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]24#include "mbedtls/platform.h"
25
26#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]27
28/* Include test driver definition when running tests */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]29#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]30#ifndef PSA_CRYPTO_DRIVER_PRESENT
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]31#define PSA_CRYPTO_DRIVER_PRESENT
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]32#endif
33#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]34#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]35#endif
Steven Cooreman0d7c64d2020-09-07 16:17:55 +0200[diff] [blame]36#include "test/drivers/test_driver.h"
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]37#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]38
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]39/* Repeat above block for each JSON-declared driver during autogeneration */
40
Steven Cooreman37941cb2020-07-28 18:49:51 +0200[diff] [blame^]41/* Auto-generated values depending on which drivers are registered */
42#if defined(PSA_CRYPTO_DRIVER_TEST)
43#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (1)
44#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (2)
45#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]46#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
47
48/* Support the 'old' SE interface when asked to */
Steven Cooreman7a250572020-07-17 16:43:05 +0200[diff] [blame]49#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]50/* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
51 * SE driver is present, to avoid unused argument errors at compile time. */
52#ifndef PSA_CRYPTO_DRIVER_PRESENT
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]53#define PSA_CRYPTO_DRIVER_PRESENT
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]54#endif
Steven Cooreman7a250572020-07-17 16:43:05 +0200[diff] [blame]55#include "psa_crypto_se.h"
56#endif
57
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]58/* Start delegation functions */
59psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
60 psa_algorithm_t alg,
61 const uint8_t *hash,
62 size_t hash_length,
63 uint8_t *signature,
64 size_t signature_size,
65 size_t *signature_length )
66{
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]67#if defined(PSA_CRYPTO_DRIVER_PRESENT)
Steven Cooreman7a250572020-07-17 16:43:05 +0200[diff] [blame]68 /* Try dynamically-registered SE interface first */
69#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
70 const psa_drv_se_t *drv;
71 psa_drv_se_context_t *drv_context;
72
73 if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
74 {
75 if( drv->asymmetric == NULL ||
76 drv->asymmetric->p_sign == NULL )
77 {
78 /* Key is defined in SE, but we have no way to exercise it */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]79 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman7a250572020-07-17 16:43:05 +0200[diff] [blame]80 }
81 return( drv->asymmetric->p_sign( drv_context,
82 slot->data.se.slot_number,
83 alg,
84 hash, hash_length,
85 signature, signature_size,
86 signature_length ) );
87 }
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]88#endif /* PSA_CRYPTO_SE_C */
Steven Cooreman7a250572020-07-17 16:43:05 +0200[diff] [blame]89
90 /* Then try accelerator API */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]91#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]92 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
93 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
94 psa_key_attributes_t attributes = {
95 .core = slot->attr
96 };
97
98 switch( location )
99 {
100 case PSA_KEY_LOCATION_LOCAL_STORAGE:
101 /* Key is stored in the slot in export representation, so
102 * cycle through all known transparent accelerators */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]103#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]104 status = test_transparent_signature_sign_hash( &attributes,
105 slot->data.key.data,
106 slot->data.key.bytes,
107 alg,
108 hash,
109 hash_length,
110 signature,
111 signature_size,
112 signature_length );
113 /* Declared with fallback == true */
114 if( status != PSA_ERROR_NOT_SUPPORTED )
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]115 return( status );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]116#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]117 /* Fell through, meaning no accelerator supports this operation */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]118 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]119 /* Add cases for opaque driver here */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]120#if defined(PSA_CRYPTO_DRIVER_TEST)
121 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]122 return( test_opaque_signature_sign_hash( &attributes,
123 slot->data.key.data,
124 slot->data.key.bytes,
125 alg,
126 hash,
127 hash_length,
128 signature,
129 signature_size,
130 signature_length ) );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]131#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]132 default:
133 /* Key is declared with a lifetime not known to us */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]134 return( status );
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]135 }
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]136#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]137 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]138#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
139#else /* PSA_CRYPTO_DRIVER_PRESENT */
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]140 (void)slot;
141 (void)alg;
142 (void)hash;
143 (void)hash_length;
144 (void)signature;
145 (void)signature_size;
146 (void)signature_length;
147
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]148 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]149#endif /* PSA_CRYPTO_DRIVER_PRESENT */
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]150}
151
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]152psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
153 psa_algorithm_t alg,
154 const uint8_t *hash,
155 size_t hash_length,
156 const uint8_t *signature,
157 size_t signature_length )
158{
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]159#if defined(PSA_CRYPTO_DRIVER_PRESENT)
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]160 /* Try dynamically-registered SE interface first */
161#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
162 const psa_drv_se_t *drv;
163 psa_drv_se_context_t *drv_context;
164
165 if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
166 {
167 if( drv->asymmetric == NULL ||
168 drv->asymmetric->p_verify == NULL )
169 {
170 /* Key is defined in SE, but we have no way to exercise it */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]171 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]172 }
173 return( drv->asymmetric->p_verify( drv_context,
174 slot->data.se.slot_number,
175 alg,
176 hash, hash_length,
177 signature, signature_length ) );
178 }
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]179#endif /* PSA_CRYPTO_SE_C */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]180
181 /* Then try accelerator API */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]182#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]183 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
184 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
185 psa_key_attributes_t attributes = {
186 .core = slot->attr
187 };
188
189 switch( location )
190 {
191 case PSA_KEY_LOCATION_LOCAL_STORAGE:
192 /* Key is stored in the slot in export representation, so
193 * cycle through all known transparent accelerators */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]194#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]195 status = test_transparent_signature_verify_hash( &attributes,
196 slot->data.key.data,
197 slot->data.key.bytes,
198 alg,
199 hash,
200 hash_length,
201 signature,
202 signature_length );
203 /* Declared with fallback == true */
204 if( status != PSA_ERROR_NOT_SUPPORTED )
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]205 return( status );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]206#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]207 /* Fell through, meaning no accelerator supports this operation */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]208 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]209 /* Add cases for opaque driver here */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]210#if defined(PSA_CRYPTO_DRIVER_TEST)
211 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]212 return( test_opaque_signature_verify_hash( &attributes,
213 slot->data.key.data,
214 slot->data.key.bytes,
215 alg,
216 hash,
217 hash_length,
218 signature,
219 signature_length ) );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]220#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]221 default:
222 /* Key is declared with a lifetime not known to us */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]223 return( status );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]224 }
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]225#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]226 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]227#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
228#else /* PSA_CRYPTO_DRIVER_PRESENT */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]229 (void)slot;
230 (void)alg;
231 (void)hash;
232 (void)hash_length;
233 (void)signature;
234 (void)signature_length;
235
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]236 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]237#endif /* PSA_CRYPTO_DRIVER_PRESENT */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]238}
239
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]240#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]241/** Calculate the size to allocate for buffering a key with given attributes.
242 *
243 * This function provides a way to get the expected size for storing a key with
244 * the given attributes. This will be the size of the export representation for
245 * cleartext keys, and a driver-defined size for keys stored by opaque drivers.
246 *
247 * \param[in] attributes The key attribute structure of the key to store.
248 * \param[out] expected_size On success, a byte size large enough to contain
249 * the declared key.
250 *
251 * \retval #PSA_SUCCESS
252 * \retval #PSA_ERROR_NOT_SUPPORTED
253 */
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]254static psa_status_t get_expected_key_size( const psa_key_attributes_t *attributes,
255 size_t *expected_size )
256{
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]257 size_t buffer_size = 0;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]258 if( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) == PSA_KEY_LOCATION_LOCAL_STORAGE )
259 {
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]260 buffer_size = PSA_KEY_EXPORT_MAX_SIZE( attributes->core.type,
261 attributes->core.bits );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]262
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]263 if( buffer_size == 0 )
264 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]265
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]266 *expected_size = buffer_size;
267 return( PSA_SUCCESS );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]268 }
269 else
270 {
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]271 /* TBD: opaque driver support: need to calculate size through a
272 * driver-defined size function, since the size of an opaque (wrapped)
273 * key will be different for each implementation. */
274 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]275 }
276}
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]277#endif /* PSA_CRYPTO_DRIVER_PRESENT */
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]278
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]279psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
280 psa_key_slot_t *slot )
281{
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]282#if defined(PSA_CRYPTO_DRIVER_PRESENT)
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]283 /* Try dynamically-registered SE interface first */
284#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
285 const psa_drv_se_t *drv;
286 psa_drv_se_context_t *drv_context;
287
288 if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
289 {
290 size_t pubkey_length = 0; /* We don't support this feature yet */
291 if( drv->key_management == NULL ||
292 drv->key_management->p_generate == NULL )
293 {
294 /* Key is defined as being in SE, but we have no way to generate it */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]295 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]296 }
297 return( drv->key_management->p_generate(
298 drv_context,
299 slot->data.se.slot_number, attributes,
300 NULL, 0, &pubkey_length ) );
301 }
302#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
303
304 /* Then try accelerator API */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]305#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]306 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
307 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
308 size_t export_size = 0;
309
310 status = get_expected_key_size( attributes, &export_size );
311 if( status != PSA_SUCCESS )
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]312 return( status );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]313
314 slot->data.key.data = mbedtls_calloc(1, export_size);
315 if( slot->data.key.data == NULL )
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]316 return( PSA_ERROR_INSUFFICIENT_MEMORY );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]317 slot->data.key.bytes = export_size;
318
319 switch( location )
320 {
321 case PSA_KEY_LOCATION_LOCAL_STORAGE:
322 /* Key is stored in the slot in export representation, so
323 * cycle through all known transparent accelerators */
324
325 /* Transparent drivers are limited to generating asymmetric keys */
326 if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
327 {
328 status = PSA_ERROR_NOT_SUPPORTED;
329 break;
330 }
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]331#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]332 status = test_transparent_generate_key( attributes,
333 slot->data.key.data,
334 slot->data.key.bytes,
335 &slot->data.key.bytes );
336 /* Declared with fallback == true */
337 if( status != PSA_ERROR_NOT_SUPPORTED )
338 break;
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]339#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]340 /* Fell through, meaning no accelerator supports this operation */
341 status = PSA_ERROR_NOT_SUPPORTED;
342 break;
343 /* Add cases for opaque driver here */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]344#if defined(PSA_CRYPTO_DRIVER_TEST)
345 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]346 status = test_opaque_generate_key( attributes,
347 slot->data.key.data,
348 slot->data.key.bytes,
349 &slot->data.key.bytes );
350 break;
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]351#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]352 default:
353 /* Key is declared with a lifetime not known to us */
354 status = PSA_ERROR_INVALID_ARGUMENT;
355 break;
356 }
357
358 if( status != PSA_SUCCESS )
359 {
360 /* free allocated buffer */
361 mbedtls_free( slot->data.key.data );
362 slot->data.key.data = NULL;
363 slot->data.key.bytes = 0;
364 }
365
366 return( status );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]367#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]368 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]369#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
370#else /* PSA_CRYPTO_DRIVER_PRESENT */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]371 (void) attributes;
372 (void) slot;
373
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]374 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]375#endif /* PSA_CRYPTO_DRIVER_PRESENT */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200[diff] [blame]376}
377
Steven Cooreman37941cb2020-07-28 18:49:51 +0200[diff] [blame^]378/*
379 * Cipher functions
380 */
381psa_status_t psa_driver_wrapper_cipher_encrypt(
382 psa_key_slot_t *slot,
383 psa_algorithm_t alg,
384 const uint8_t *input,
385 size_t input_length,
386 uint8_t *output,
387 size_t output_size,
388 size_t *output_length )
389{
390#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
391 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
392 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
393 psa_key_attributes_t attributes = {
394 .core = slot->attr
395 };
396
397 switch( location )
398 {
399 case PSA_KEY_LOCATION_LOCAL_STORAGE:
400 /* Key is stored in the slot in export representation, so
401 * cycle through all known transparent accelerators */
402#if defined(PSA_CRYPTO_DRIVER_TEST)
403 status = test_transparent_cipher_encrypt( &attributes,
404 slot->data.key.data,
405 slot->data.key.bytes,
406 alg,
407 input,
408 input_length,
409 output,
410 output_size,
411 output_length );
412 /* Declared with fallback == true */
413 if( status != PSA_ERROR_NOT_SUPPORTED )
414 return status;
415#endif /* PSA_CRYPTO_DRIVER_TEST */
416 /* Fell through, meaning no accelerator supports this operation */
417 return PSA_ERROR_NOT_SUPPORTED;
418 /* Add cases for opaque driver here */
419#if defined(PSA_CRYPTO_DRIVER_TEST)
420 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
421 return( test_opaque_cipher_encrypt( &attributes,
422 slot->data.key.data,
423 slot->data.key.bytes,
424 alg,
425 input,
426 input_length,
427 output,
428 output_size,
429 output_length ) );
430#endif /* PSA_CRYPTO_DRIVER_TEST */
431 default:
432 /* Key is declared with a lifetime not known to us */
433 return status;
434 }
435#else /* PSA_CRYPTO_DRIVER_PRESENT */
436 (void) slot;
437 (void) alg;
438 (void) input;
439 (void) input_length;
440 (void) output;
441 (void) output_size;
442 (void) output_length;
443
444 return PSA_ERROR_NOT_SUPPORTED;
445#endif /* PSA_CRYPTO_DRIVER_PRESENT */
446}
447
448psa_status_t psa_driver_wrapper_cipher_decrypt(
449 psa_key_slot_t *slot,
450 psa_algorithm_t alg,
451 const uint8_t *input,
452 size_t input_length,
453 uint8_t *output,
454 size_t output_size,
455 size_t *output_length )
456{
457#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
458 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
459 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
460 psa_key_attributes_t attributes = {
461 .core = slot->attr
462 };
463
464 switch( location )
465 {
466 case PSA_KEY_LOCATION_LOCAL_STORAGE:
467 /* Key is stored in the slot in export representation, so
468 * cycle through all known transparent accelerators */
469#if defined(PSA_CRYPTO_DRIVER_TEST)
470 status = test_transparent_cipher_decrypt( &attributes,
471 slot->data.key.data,
472 slot->data.key.bytes,
473 alg,
474 input,
475 input_length,
476 output,
477 output_size,
478 output_length );
479 /* Declared with fallback == true */
480 if( status != PSA_ERROR_NOT_SUPPORTED )
481 return status;
482#endif /* PSA_CRYPTO_DRIVER_TEST */
483 /* Fell through, meaning no accelerator supports this operation */
484 return PSA_ERROR_NOT_SUPPORTED;
485 /* Add cases for opaque driver here */
486#if defined(PSA_CRYPTO_DRIVER_TEST)
487 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
488 return( test_opaque_cipher_decrypt( &attributes,
489 slot->data.key.data,
490 slot->data.key.bytes,
491 alg,
492 input,
493 input_length,
494 output,
495 output_size,
496 output_length ) );
497#endif /* PSA_CRYPTO_DRIVER_TEST */
498 default:
499 /* Key is declared with a lifetime not known to us */
500 return status;
501 }
502#else /* PSA_CRYPTO_DRIVER_PRESENT */
503 (void) slot;
504 (void) alg;
505 (void) input;
506 (void) input_length;
507 (void) output;
508 (void) output_size;
509 (void) output_length;
510
511 return PSA_ERROR_NOT_SUPPORTED;
512#endif /* PSA_CRYPTO_DRIVER_PRESENT */
513}
514
515psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
516 psa_cipher_operation_t *operation,
517 psa_key_slot_t *slot,
518 psa_algorithm_t alg )
519{
520#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
521 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
522 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
523 psa_key_attributes_t attributes = {
524 .core = slot->attr
525 };
526
527 /* Check for operation already allocated */
528 if( operation->ctx.driver.ctx != NULL )
529 return PSA_ERROR_BAD_STATE;
530
531 switch( location )
532 {
533 case PSA_KEY_LOCATION_LOCAL_STORAGE:
534 /* Key is stored in the slot in export representation, so
535 * cycle through all known transparent accelerators */
536#if defined(PSA_CRYPTO_DRIVER_TEST)
537 operation->ctx.driver.ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
538 if( operation->ctx.driver.ctx == NULL )
539 return PSA_ERROR_INSUFFICIENT_MEMORY;
540
541 status = test_transparent_cipher_encrypt_setup( operation->ctx.driver.ctx,
542 &attributes,
543 slot->data.key.data,
544 slot->data.key.bytes,
545 alg );
546 /* Declared with fallback == true */
547 if( status != PSA_ERROR_NOT_SUPPORTED )
548 {
549 if( status == PSA_SUCCESS )
550 operation->ctx.driver.id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
551 else
552 {
553 mbedtls_free( operation->ctx.driver.ctx );
554 operation->ctx.driver.ctx = NULL;
555 }
556
557 return status;
558 }
559 else
560 {
561 mbedtls_free( operation->ctx.driver.ctx );
562 operation->ctx.driver.ctx = NULL;
563 }
564#endif /* PSA_CRYPTO_DRIVER_TEST */
565 /* Fell through, meaning no accelerator supports this operation */
566 return PSA_ERROR_NOT_SUPPORTED;
567 /* Add cases for opaque driver here */
568#if defined(PSA_CRYPTO_DRIVER_TEST)
569 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
570 operation->ctx.driver.ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
571 if( operation->ctx.driver.ctx == NULL )
572 return PSA_ERROR_INSUFFICIENT_MEMORY;
573
574 status = test_opaque_cipher_encrypt_setup( operation->ctx.driver.ctx,
575 &attributes,
576 slot->data.key.data,
577 slot->data.key.bytes,
578 alg );
579 if( status == PSA_SUCCESS )
580 operation->ctx.driver.id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
581 else
582 {
583 mbedtls_free( operation->ctx.driver.ctx );
584 operation->ctx.driver.ctx = NULL;
585 }
586
587 return status;
588#endif /* PSA_CRYPTO_DRIVER_TEST */
589 default:
590 /* Key is declared with a lifetime not known to us */
591 return PSA_ERROR_BAD_STATE;
592 }
593#else /* PSA_CRYPTO_DRIVER_PRESENT */
594 (void)slot;
595 (void)alg;
596 (void)operation;
597
598 return PSA_ERROR_NOT_SUPPORTED;
599#endif /* PSA_CRYPTO_DRIVER_PRESENT */
600}
601
602psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
603 psa_cipher_operation_t *operation,
604 psa_key_slot_t *slot,
605 psa_algorithm_t alg )
606{
607#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
608 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
609 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
610 psa_key_attributes_t attributes = {
611 .core = slot->attr
612 };
613
614 /* Check for operation already allocated */
615 if( operation->ctx.driver.ctx != NULL )
616 return PSA_ERROR_BAD_STATE;
617
618 switch( location )
619 {
620 case PSA_KEY_LOCATION_LOCAL_STORAGE:
621 /* Key is stored in the slot in export representation, so
622 * cycle through all known transparent accelerators */
623#if defined(PSA_CRYPTO_DRIVER_TEST)
624 operation->ctx.driver.ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
625 if( operation->ctx.driver.ctx == NULL )
626 return PSA_ERROR_INSUFFICIENT_MEMORY;
627
628 status = test_transparent_cipher_decrypt_setup( operation->ctx.driver.ctx,
629 &attributes,
630 slot->data.key.data,
631 slot->data.key.bytes,
632 alg );
633 /* Declared with fallback == true */
634 if( status != PSA_ERROR_NOT_SUPPORTED )
635 {
636 if( status == PSA_SUCCESS )
637 operation->ctx.driver.id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
638 else
639 {
640 mbedtls_free( operation->ctx.driver.ctx );
641 operation->ctx.driver.ctx = NULL;
642 }
643
644 return status;
645 }
646 else
647 {
648 mbedtls_free( operation->ctx.driver.ctx );
649 operation->ctx.driver.ctx = NULL;
650 }
651#endif /* PSA_CRYPTO_DRIVER_TEST */
652 /* Fell through, meaning no accelerator supports this operation */
653 return PSA_ERROR_NOT_SUPPORTED;
654 /* Add cases for opaque driver here */
655#if defined(PSA_CRYPTO_DRIVER_TEST)
656 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
657 operation->ctx.driver.ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
658 if( operation->ctx.driver.ctx == NULL )
659 return PSA_ERROR_INSUFFICIENT_MEMORY;
660
661 status = test_opaque_cipher_decrypt_setup( operation->ctx.driver.ctx,
662 &attributes,
663 slot->data.key.data,
664 slot->data.key.bytes,
665 alg );
666 if( status == PSA_SUCCESS )
667 operation->ctx.driver.id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
668 else
669 {
670 mbedtls_free( operation->ctx.driver.ctx );
671 operation->ctx.driver.ctx = NULL;
672 }
673
674 return status;
675#endif /* PSA_CRYPTO_DRIVER_TEST */
676 default:
677 /* Key is declared with a lifetime not known to us */
678 return PSA_ERROR_BAD_STATE;
679 }
680#else /* PSA_CRYPTO_DRIVER_PRESENT */
681 (void)slot;
682 (void)alg;
683 (void)operation;
684
685 return PSA_ERROR_NOT_SUPPORTED;
686#endif /* PSA_CRYPTO_DRIVER_PRESENT */
687}
688
689psa_status_t psa_driver_wrapper_cipher_generate_iv(
690 psa_cipher_operation_t *operation,
691 uint8_t *iv,
692 size_t iv_size,
693 size_t *iv_length )
694{
695#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
696 /* Check for operation already allocated */
697 if( operation->ctx.driver.ctx == NULL )
698 return PSA_ERROR_INVALID_ARGUMENT;
699
700 switch( operation->ctx.driver.id )
701 {
702#if defined(PSA_CRYPTO_DRIVER_TEST)
703 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
704 return( test_transparent_cipher_generate_iv( operation->ctx.driver.ctx,
705 iv,
706 iv_size,
707 iv_length ) );
708#endif /* PSA_CRYPTO_DRIVER_TEST */
709#if defined(PSA_CRYPTO_DRIVER_TEST)
710 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
711 return( test_opaque_cipher_generate_iv( operation->ctx.driver.ctx,
712 iv,
713 iv_size,
714 iv_length ) );
715#endif /* PSA_CRYPTO_DRIVER_TEST */
716 default:
717 /* Key is attached to a driver not known to us */
718 return PSA_ERROR_BAD_STATE;
719 }
720#else /* PSA_CRYPTO_DRIVER_PRESENT */
721 (void) operation;
722 (void) iv;
723 (void) iv_size;
724 (void) iv_length;
725
726 return PSA_ERROR_NOT_SUPPORTED;
727#endif /* PSA_CRYPTO_DRIVER_PRESENT */
728}
729
730psa_status_t psa_driver_wrapper_cipher_set_iv(
731 psa_cipher_operation_t *operation,
732 const uint8_t *iv,
733 size_t iv_length )
734{
735#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
736 /* Check for operation already allocated */
737 if( operation->ctx.driver.ctx == NULL )
738 return PSA_ERROR_INVALID_ARGUMENT;
739
740 switch( operation->ctx.driver.id )
741 {
742#if defined(PSA_CRYPTO_DRIVER_TEST)
743 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
744 return( test_transparent_cipher_set_iv( operation->ctx.driver.ctx,
745 iv,
746 iv_length ) );
747#endif /* PSA_CRYPTO_DRIVER_TEST */
748#if defined(PSA_CRYPTO_DRIVER_TEST)
749 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
750 return( test_opaque_cipher_set_iv( operation->ctx.driver.ctx,
751 iv,
752 iv_length ) );
753#endif /* PSA_CRYPTO_DRIVER_TEST */
754 default:
755 /* Key is attached to a driver not known to us */
756 return PSA_ERROR_BAD_STATE;
757 }
758#else /* PSA_CRYPTO_DRIVER_PRESENT */
759 (void) operation;
760 (void) iv;
761 (void) iv_length;
762
763 return PSA_ERROR_NOT_SUPPORTED;
764#endif /* PSA_CRYPTO_DRIVER_PRESENT */
765}
766
767psa_status_t psa_driver_wrapper_cipher_update(
768 psa_cipher_operation_t *operation,
769 const uint8_t *input,
770 size_t input_length,
771 uint8_t *output,
772 size_t output_size,
773 size_t *output_length )
774{
775#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
776 /* Check for operation already allocated */
777 if( operation->ctx.driver.ctx == NULL )
778 return PSA_ERROR_INVALID_ARGUMENT;
779
780 switch( operation->ctx.driver.id )
781 {
782#if defined(PSA_CRYPTO_DRIVER_TEST)
783 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
784 return( test_transparent_cipher_update( operation->ctx.driver.ctx,
785 input,
786 input_length,
787 output,
788 output_size,
789 output_length ) );
790#endif /* PSA_CRYPTO_DRIVER_TEST */
791#if defined(PSA_CRYPTO_DRIVER_TEST)
792 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
793 return( test_opaque_cipher_update( operation->ctx.driver.ctx,
794 input,
795 input_length,
796 output,
797 output_size,
798 output_length ) );
799#endif /* PSA_CRYPTO_DRIVER_TEST */
800 default:
801 /* Key is attached to a driver not known to us */
802 return PSA_ERROR_BAD_STATE;
803 }
804#else /* PSA_CRYPTO_DRIVER_PRESENT */
805 (void) operation;
806 (void) input;
807 (void) input_length;
808 (void) output;
809 (void) output_length;
810 (void) output_size;
811
812 return PSA_ERROR_NOT_SUPPORTED;
813#endif /* PSA_CRYPTO_DRIVER_PRESENT */
814}
815
816psa_status_t psa_driver_wrapper_cipher_finish(
817 psa_cipher_operation_t *operation,
818 uint8_t *output,
819 size_t output_size,
820 size_t *output_length )
821{
822#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
823 /* Check for operation already allocated */
824 if( operation->ctx.driver.ctx == NULL )
825 return PSA_ERROR_INVALID_ARGUMENT;
826
827 switch( operation->ctx.driver.id )
828 {
829#if defined(PSA_CRYPTO_DRIVER_TEST)
830 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
831 return( test_transparent_cipher_finish( operation->ctx.driver.ctx,
832 output,
833 output_size,
834 output_length ) );
835#endif /* PSA_CRYPTO_DRIVER_TEST */
836#if defined(PSA_CRYPTO_DRIVER_TEST)
837 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
838 return( test_opaque_cipher_finish( operation->ctx.driver.ctx,
839 output,
840 output_size,
841 output_length ) );
842#endif /* PSA_CRYPTO_DRIVER_TEST */
843 default:
844 /* Key is attached to a driver not known to us */
845 return PSA_ERROR_BAD_STATE;
846 }
847#else /* PSA_CRYPTO_DRIVER_PRESENT */
848 (void) operation;
849 (void) output;
850 (void) output_size;
851 (void) output_length;
852
853 return PSA_ERROR_NOT_SUPPORTED;
854#endif /* PSA_CRYPTO_DRIVER_PRESENT */
855}
856
857psa_status_t psa_driver_wrapper_cipher_abort(
858 psa_cipher_operation_t *operation )
859{
860#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
861 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
862 /* Check for operation already allocated */
863 if( operation->ctx.driver.ctx == NULL )
864 return PSA_ERROR_INVALID_ARGUMENT;
865
866 switch( operation->ctx.driver.id )
867 {
868#if defined(PSA_CRYPTO_DRIVER_TEST)
869 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
870 status = test_transparent_cipher_abort( operation->ctx.driver.ctx );
871
872 mbedtls_free( operation->ctx.driver.ctx );
873 operation->ctx.driver.ctx = NULL;
874 operation->ctx.driver.id = 0;
875
876 return status;
877#endif /* PSA_CRYPTO_DRIVER_TEST */
878#if defined(PSA_CRYPTO_DRIVER_TEST)
879 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
880 status = test_opaque_cipher_abort( operation->ctx.driver.ctx );
881 mbedtls_free( operation->ctx.driver.ctx );
882 operation->ctx.driver.ctx = NULL;
883
884 return status;
885#endif /* PSA_CRYPTO_DRIVER_TEST */
886 default:
887 /* Operation is attached to a driver not known to us */
888 return PSA_ERROR_BAD_STATE;
889 }
890#else /* PSA_CRYPTO_DRIVER_PRESENT */
891 (void)operation;
892
893 return PSA_ERROR_NOT_SUPPORTED;
894#endif /* PSA_CRYPTO_DRIVER_PRESENT */
895}
896
Steven Cooremancd84cb42020-07-16 20:28:36 +0200[diff] [blame]897/* End of automatically generated file. */