blob: 96797159aea42fcd8f428a6d3b016d095e4155fc [file] [log] [blame]
Steven Cooremancd84cb42020-07-16 20:28:36 +02001/*
2 * Functions to delegate cryptographic operations to an available
3 * and appropriate accelerator.
Steven Cooreman56250fd2020-09-04 13:07:15 +02004 * Warning: This file will be auto-generated in the future.
Steven Cooremancd84cb42020-07-16 20:28:36 +02005 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +02006/* Copyright The Mbed TLS Contributors
Steven Cooremancd84cb42020-07-16 20:28:36 +02007 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Steven Cooremancd84cb42020-07-16 20:28:36 +020020 */
21
Mateusz Starzyk2c09c9b2021-05-14 22:20:10 +020022#include "common.h"
Ronald Cronde822812021-03-17 16:08:20 +010023#include "psa_crypto_aead.h"
Ronald Cron0b805592020-12-14 18:08:20 +010024#include "psa_crypto_cipher.h"
Steven Cooremancd84cb42020-07-16 20:28:36 +020025#include "psa_crypto_core.h"
26#include "psa_crypto_driver_wrappers.h"
Steven Cooreman830aff22021-03-09 09:50:44 +010027#include "psa_crypto_hash.h"
Steven Cooremand13a70f2021-03-19 15:24:23 +010028#include "psa_crypto_mac.h"
Steven Cooreman830aff22021-03-09 09:50:44 +010029
Steven Cooreman2a1664c2020-07-20 15:33:08 +020030#include "mbedtls/platform.h"
31
Gilles Peskine1905a242021-04-24 13:19:45 +020032#if defined(MBEDTLS_PSA_CRYPTO_C)
33
Steven Cooreman2a1664c2020-07-20 15:33:08 +020034#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
Steven Cooremancd84cb42020-07-16 20:28:36 +020035
36/* Include test driver definition when running tests */
Steven Cooremanf1720ea2020-07-24 18:41:58 +020037#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooreman56250fd2020-09-04 13:07:15 +020038#ifndef PSA_CRYPTO_DRIVER_PRESENT
Steven Cooremanf1720ea2020-07-24 18:41:58 +020039#define PSA_CRYPTO_DRIVER_PRESENT
Steven Cooreman56250fd2020-09-04 13:07:15 +020040#endif
41#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
Steven Cooremanf1720ea2020-07-24 18:41:58 +020042#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
Steven Cooreman56250fd2020-09-04 13:07:15 +020043#endif
Ronald Cronce1d8d22021-04-30 17:00:34 +020044#include "test/drivers/test_driver.h"
Steven Cooremanf1720ea2020-07-24 18:41:58 +020045#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooremancd84cb42020-07-16 20:28:36 +020046
Steven Cooreman56250fd2020-09-04 13:07:15 +020047/* Repeat above block for each JSON-declared driver during autogeneration */
Steven Cooremanaa87fd02021-03-15 18:54:03 +010048#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
Steven Cooreman56250fd2020-09-04 13:07:15 +020049
Steven Cooreman1e582352021-02-18 17:24:37 +010050/* Auto-generated values depending on which drivers are registered.
51 * ID 0 is reserved for unallocated operations.
52 * ID 1 is reserved for the Mbed TLS software driver. */
Steven Cooreman830aff22021-03-09 09:50:44 +010053#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1)
54
Steven Cooreman37941cb2020-07-28 18:49:51 +020055#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooreman1e582352021-02-18 17:24:37 +010056#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2)
57#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3)
Steven Cooreman37941cb2020-07-28 18:49:51 +020058#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooreman2a1664c2020-07-20 15:33:08 +020059
60/* Support the 'old' SE interface when asked to */
Steven Cooreman7a250572020-07-17 16:43:05 +020061#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
Steven Cooreman56250fd2020-09-04 13:07:15 +020062/* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
63 * SE driver is present, to avoid unused argument errors at compile time. */
64#ifndef PSA_CRYPTO_DRIVER_PRESENT
Steven Cooremanf1720ea2020-07-24 18:41:58 +020065#define PSA_CRYPTO_DRIVER_PRESENT
Steven Cooreman56250fd2020-09-04 13:07:15 +020066#endif
Steven Cooreman7a250572020-07-17 16:43:05 +020067#include "psa_crypto_se.h"
68#endif
69
Ronald Cron9ba76912021-04-10 16:57:30 +020070psa_status_t psa_driver_wrapper_init( void )
71{
72 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
73
74#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
75 status = psa_init_all_se_drivers( );
76 if( status != PSA_SUCCESS )
77 return( status );
78#endif
79
80#if defined(PSA_CRYPTO_DRIVER_TEST)
81 status = mbedtls_test_transparent_init( );
82 if( status != PSA_SUCCESS )
83 return( status );
84
85 status = mbedtls_test_opaque_init( );
86 if( status != PSA_SUCCESS )
87 return( status );
88#endif
89
90 (void) status;
91 return( PSA_SUCCESS );
92}
93
94void psa_driver_wrapper_free( void )
95{
96#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
97 /* Unregister all secure element drivers, so that we restart from
98 * a pristine state. */
99 psa_unregister_all_se_drivers( );
100#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
101
102#if defined(PSA_CRYPTO_DRIVER_TEST)
103 mbedtls_test_transparent_free( );
104 mbedtls_test_opaque_free( );
105#endif
106}
107
Steven Cooremancd84cb42020-07-16 20:28:36 +0200108/* Start delegation functions */
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200109psa_status_t psa_driver_wrapper_sign_message(
110 const psa_key_attributes_t *attributes,
111 const uint8_t *key_buffer,
112 size_t key_buffer_size,
113 psa_algorithm_t alg,
114 const uint8_t *input,
115 size_t input_length,
116 uint8_t *signature,
117 size_t signature_size,
118 size_t *signature_length )
119{
120 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200121 psa_key_location_t location =
122 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
123
124 switch( location )
125 {
126 case PSA_KEY_LOCATION_LOCAL_STORAGE:
127 /* Key is stored in the slot in export representation, so
128 * cycle through all known transparent accelerators */
129#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
130#if defined(PSA_CRYPTO_DRIVER_TEST)
131 status = mbedtls_test_transparent_signature_sign_message(
132 attributes,
133 key_buffer,
134 key_buffer_size,
135 alg,
136 input,
137 input_length,
138 signature,
139 signature_size,
140 signature_length );
141 /* Declared with fallback == true */
142 if( status != PSA_ERROR_NOT_SUPPORTED )
143 return( status );
144#endif /* PSA_CRYPTO_DRIVER_TEST */
145#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
gabor-mezei-arm256443e2021-05-07 15:16:34 +0200146 break;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200147
148 /* Add cases for opaque driver here */
149#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
150#if defined(PSA_CRYPTO_DRIVER_TEST)
gabor-mezei-arm2522c0b2021-04-27 18:52:51 +0200151 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
gabor-mezei-arm256443e2021-05-07 15:16:34 +0200152 status = mbedtls_test_opaque_signature_sign_message(
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200153 attributes,
154 key_buffer,
155 key_buffer_size,
156 alg,
157 input,
158 input_length,
159 signature,
160 signature_size,
gabor-mezei-arm256443e2021-05-07 15:16:34 +0200161 signature_length );
162 if( status != PSA_ERROR_NOT_SUPPORTED )
163 return( status );
164 break;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200165#endif /* PSA_CRYPTO_DRIVER_TEST */
166#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
167 default:
168 /* Key is declared with a lifetime not known to us */
169 (void)status;
gabor-mezei-armd5218df2021-05-12 11:12:25 +0200170 break;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200171 }
gabor-mezei-arm256443e2021-05-07 15:16:34 +0200172
173 return( psa_sign_message_builtin( attributes,
174 key_buffer,
175 key_buffer_size,
176 alg,
177 input,
178 input_length,
179 signature,
180 signature_size,
181 signature_length ) );
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200182}
183
184psa_status_t psa_driver_wrapper_verify_message(
185 const psa_key_attributes_t *attributes,
186 const uint8_t *key_buffer,
187 size_t key_buffer_size,
188 psa_algorithm_t alg,
189 const uint8_t *input,
190 size_t input_length,
191 const uint8_t *signature,
192 size_t signature_length )
193{
194 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200195 psa_key_location_t location =
196 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
197
198 switch( location )
199 {
200 case PSA_KEY_LOCATION_LOCAL_STORAGE:
201 /* Key is stored in the slot in export representation, so
202 * cycle through all known transparent accelerators */
203#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
204#if defined(PSA_CRYPTO_DRIVER_TEST)
205 status = mbedtls_test_transparent_signature_verify_message(
206 attributes,
207 key_buffer,
208 key_buffer_size,
209 alg,
210 input,
211 input_length,
212 signature,
213 signature_length );
214 /* Declared with fallback == true */
215 if( status != PSA_ERROR_NOT_SUPPORTED )
216 return( status );
217#endif /* PSA_CRYPTO_DRIVER_TEST */
218#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
gabor-mezei-arm256443e2021-05-07 15:16:34 +0200219 break;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200220
221 /* Add cases for opaque driver here */
222#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
223#if defined(PSA_CRYPTO_DRIVER_TEST)
gabor-mezei-arm2522c0b2021-04-27 18:52:51 +0200224 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200225 return( mbedtls_test_opaque_signature_verify_message(
226 attributes,
227 key_buffer,
228 key_buffer_size,
229 alg,
230 input,
231 input_length,
232 signature,
233 signature_length ) );
gabor-mezei-arm256443e2021-05-07 15:16:34 +0200234 if( status != PSA_ERROR_NOT_SUPPORTED )
235 return( status );
236 break;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200237#endif /* PSA_CRYPTO_DRIVER_TEST */
238#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
239 default:
240 /* Key is declared with a lifetime not known to us */
241 (void)status;
gabor-mezei-armd5218df2021-05-12 11:12:25 +0200242 break;
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200243 }
gabor-mezei-arm256443e2021-05-07 15:16:34 +0200244
245 return( psa_verify_message_builtin( attributes,
246 key_buffer,
247 key_buffer_size,
248 alg,
249 input,
250 input_length,
251 signature,
252 signature_length ) );
gabor-mezei-arm50eac352021-04-22 11:32:19 +0200253}
254
Ronald Cron9f17aa42020-12-08 17:07:25 +0100255psa_status_t psa_driver_wrapper_sign_hash(
256 const psa_key_attributes_t *attributes,
257 const uint8_t *key_buffer, size_t key_buffer_size,
258 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
259 uint8_t *signature, size_t signature_size, size_t *signature_length )
Steven Cooremancd84cb42020-07-16 20:28:36 +0200260{
Steven Cooreman7a250572020-07-17 16:43:05 +0200261 /* Try dynamically-registered SE interface first */
262#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
263 const psa_drv_se_t *drv;
264 psa_drv_se_context_t *drv_context;
265
Ronald Cron9f17aa42020-12-08 17:07:25 +0100266 if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
Steven Cooreman7a250572020-07-17 16:43:05 +0200267 {
268 if( drv->asymmetric == NULL ||
269 drv->asymmetric->p_sign == NULL )
270 {
271 /* Key is defined in SE, but we have no way to exercise it */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200272 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman7a250572020-07-17 16:43:05 +0200273 }
Ronald Cron9f17aa42020-12-08 17:07:25 +0100274 return( drv->asymmetric->p_sign(
275 drv_context, *( (psa_key_slot_number_t *)key_buffer ),
276 alg, hash, hash_length,
277 signature, signature_size, signature_length ) );
Steven Cooreman7a250572020-07-17 16:43:05 +0200278 }
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200279#endif /* PSA_CRYPTO_SE_C */
Steven Cooreman7a250572020-07-17 16:43:05 +0200280
Ronald Cronfce9df22020-12-08 18:06:03 +0100281 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
Ronald Cron9f17aa42020-12-08 17:07:25 +0100282 psa_key_location_t location =
283 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Steven Cooremancd84cb42020-07-16 20:28:36 +0200284
285 switch( location )
286 {
287 case PSA_KEY_LOCATION_LOCAL_STORAGE:
288 /* Key is stored in the slot in export representation, so
289 * cycle through all known transparent accelerators */
Ronald Cronfce9df22020-12-08 18:06:03 +0100290#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200291#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +0200292 status = mbedtls_test_transparent_signature_sign_hash( attributes,
Ronald Cron9f17aa42020-12-08 17:07:25 +0100293 key_buffer,
294 key_buffer_size,
Steven Cooremancd84cb42020-07-16 20:28:36 +0200295 alg,
296 hash,
297 hash_length,
298 signature,
299 signature_size,
300 signature_length );
301 /* Declared with fallback == true */
302 if( status != PSA_ERROR_NOT_SUPPORTED )
Steven Cooreman56250fd2020-09-04 13:07:15 +0200303 return( status );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200304#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cronfce9df22020-12-08 18:06:03 +0100305#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooremancd84cb42020-07-16 20:28:36 +0200306 /* Fell through, meaning no accelerator supports this operation */
gabor-mezei-arm6883fd22021-05-05 14:18:36 +0200307 return( psa_sign_hash_builtin( attributes,
308 key_buffer,
309 key_buffer_size,
310 alg,
311 hash,
312 hash_length,
313 signature,
314 signature_size,
315 signature_length ) );
Ronald Cronfce9df22020-12-08 18:06:03 +0100316
Steven Cooremancd84cb42020-07-16 20:28:36 +0200317 /* Add cases for opaque driver here */
Ronald Cronfce9df22020-12-08 18:06:03 +0100318#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200319#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100320 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +0200321 return( mbedtls_test_opaque_signature_sign_hash( attributes,
322 key_buffer,
323 key_buffer_size,
324 alg,
325 hash,
326 hash_length,
327 signature,
328 signature_size,
329 signature_length ) );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200330#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cronfce9df22020-12-08 18:06:03 +0100331#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooremancd84cb42020-07-16 20:28:36 +0200332 default:
333 /* Key is declared with a lifetime not known to us */
Ronald Cronfce9df22020-12-08 18:06:03 +0100334 (void)status;
335 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooremancd84cb42020-07-16 20:28:36 +0200336 }
Steven Cooremancd84cb42020-07-16 20:28:36 +0200337}
338
Ronald Cron9f17aa42020-12-08 17:07:25 +0100339psa_status_t psa_driver_wrapper_verify_hash(
340 const psa_key_attributes_t *attributes,
341 const uint8_t *key_buffer, size_t key_buffer_size,
342 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
343 const uint8_t *signature, size_t signature_length )
Steven Cooreman55ae2172020-07-17 19:46:15 +0200344{
Steven Cooreman55ae2172020-07-17 19:46:15 +0200345 /* Try dynamically-registered SE interface first */
346#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
347 const psa_drv_se_t *drv;
348 psa_drv_se_context_t *drv_context;
349
Ronald Cron9f17aa42020-12-08 17:07:25 +0100350 if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
Steven Cooreman55ae2172020-07-17 19:46:15 +0200351 {
352 if( drv->asymmetric == NULL ||
353 drv->asymmetric->p_verify == NULL )
354 {
355 /* Key is defined in SE, but we have no way to exercise it */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200356 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200357 }
Ronald Cron9f17aa42020-12-08 17:07:25 +0100358 return( drv->asymmetric->p_verify(
359 drv_context, *( (psa_key_slot_number_t *)key_buffer ),
360 alg, hash, hash_length,
361 signature, signature_length ) );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200362 }
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200363#endif /* PSA_CRYPTO_SE_C */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200364
Ronald Cronfce9df22020-12-08 18:06:03 +0100365 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
Ronald Cron9f17aa42020-12-08 17:07:25 +0100366 psa_key_location_t location =
367 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200368
369 switch( location )
370 {
371 case PSA_KEY_LOCATION_LOCAL_STORAGE:
372 /* Key is stored in the slot in export representation, so
373 * cycle through all known transparent accelerators */
Ronald Cronfce9df22020-12-08 18:06:03 +0100374#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200375#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +0200376 status = mbedtls_test_transparent_signature_verify_hash(
377 attributes,
378 key_buffer,
379 key_buffer_size,
380 alg,
381 hash,
382 hash_length,
383 signature,
384 signature_length );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200385 /* Declared with fallback == true */
386 if( status != PSA_ERROR_NOT_SUPPORTED )
Steven Cooreman56250fd2020-09-04 13:07:15 +0200387 return( status );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200388#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cronfce9df22020-12-08 18:06:03 +0100389#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
390
gabor-mezei-arm6883fd22021-05-05 14:18:36 +0200391 return( psa_verify_hash_builtin( attributes,
392 key_buffer,
393 key_buffer_size,
394 alg,
395 hash,
396 hash_length,
397 signature,
398 signature_length ) );
Ronald Cronfce9df22020-12-08 18:06:03 +0100399
Steven Cooreman55ae2172020-07-17 19:46:15 +0200400 /* Add cases for opaque driver here */
Ronald Cronfce9df22020-12-08 18:06:03 +0100401#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200402#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100403 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +0200404 return( mbedtls_test_opaque_signature_verify_hash( attributes,
405 key_buffer,
406 key_buffer_size,
407 alg,
408 hash,
409 hash_length,
410 signature,
411 signature_length ) );
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200412#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cronfce9df22020-12-08 18:06:03 +0100413#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooreman55ae2172020-07-17 19:46:15 +0200414 default:
415 /* Key is declared with a lifetime not known to us */
Ronald Cronfce9df22020-12-08 18:06:03 +0100416 (void)status;
417 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200418 }
Steven Cooreman55ae2172020-07-17 19:46:15 +0200419}
420
Archana449608b2021-09-08 15:36:05 +0530421/** Calculate the key buffer size required to store the key material of a key
Archanad8a83dc2021-06-14 10:04:16 +0530422 * associated with an opaque driver from input key data.
423 *
Archanad8a83dc2021-06-14 10:04:16 +0530424 * \param[in] attributes The key attributes
425 * \param[in] data The input key data.
426 * \param[in] data_length The input data length.
427 * \param[out] key_buffer_size Minimum buffer size to contain the key material.
428 *
429 * \retval #PSA_SUCCESS
430 * \retval #PSA_ERROR_INVALID_ARGUMENT
431 * \retval #PSA_ERROR_NOT_SUPPORTED
432 */
433psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data(
434 const psa_key_attributes_t *attributes,
435 const uint8_t *data,
436 size_t data_length,
437 size_t *key_buffer_size )
438{
Archana449608b2021-09-08 15:36:05 +0530439 psa_key_location_t location =
440 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Archanad8a83dc2021-06-14 10:04:16 +0530441 psa_key_type_t key_type = attributes->core.type;
442
443 *key_buffer_size = 0;
444 switch( location )
445 {
446#if defined(PSA_CRYPTO_DRIVER_TEST)
447 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
448 *key_buffer_size = mbedtls_test_opaque_size_function( key_type,
449 PSA_BYTES_TO_BITS( data_length ) );
450 return( ( *key_buffer_size != 0 ) ?
451 PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED );
452#endif /* PSA_CRYPTO_DRIVER_TEST */
453
454 default:
455 (void)key_type;
456 (void)data;
457 (void)data_length;
458 return( PSA_ERROR_INVALID_ARGUMENT );
459 }
460}
461
Steven Cooremanb938b0b2021-04-06 13:08:42 +0200462/** Get the key buffer size required to store the key material of a key
Archanad8a83dc2021-06-14 10:04:16 +0530463 * associated with an opaque driver.
Steven Cooreman56250fd2020-09-04 13:07:15 +0200464 *
Ronald Cron31216282020-12-05 18:47:56 +0100465 * \param[in] attributes The key attributes.
466 * \param[out] key_buffer_size Minimum buffer size to contain the key material
Steven Cooreman56250fd2020-09-04 13:07:15 +0200467 *
468 * \retval #PSA_SUCCESS
Ronald Cron31216282020-12-05 18:47:56 +0100469 * The minimum size for a buffer to contain the key material has been
470 * returned successfully.
Steven Cooreman56250fd2020-09-04 13:07:15 +0200471 * \retval #PSA_ERROR_NOT_SUPPORTED
Ronald Cron31216282020-12-05 18:47:56 +0100472 * The type and/or the size in bits of the key or the combination of
473 * the two is not supported.
Archanad8a83dc2021-06-14 10:04:16 +0530474 * \retval #PSA_ERROR_INVALID_ARGUMENT
475 * The key is declared with a lifetime not known to us.
Steven Cooreman56250fd2020-09-04 13:07:15 +0200476 */
Ronald Cron9df74be2020-12-05 19:15:23 +0100477psa_status_t psa_driver_wrapper_get_key_buffer_size(
Ronald Cron31216282020-12-05 18:47:56 +0100478 const psa_key_attributes_t *attributes,
479 size_t *key_buffer_size )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200480{
John Durkop2c618352020-09-22 06:54:01 -0700481 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
482 psa_key_type_t key_type = attributes->core.type;
483 size_t key_bits = attributes->core.bits;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200484
Ronald Cron31216282020-12-05 18:47:56 +0100485 *key_buffer_size = 0;
John Durkop2c618352020-09-22 06:54:01 -0700486 switch( location )
487 {
John Durkop2c618352020-09-22 06:54:01 -0700488#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100489 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100490#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
491 /* Emulate property 'builtin_key_size' */
492 if( psa_key_id_is_builtin(
493 MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
494 psa_get_key_id( attributes ) ) ) )
495 {
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100496 *key_buffer_size = sizeof( psa_drv_slot_number_t );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100497 return( PSA_SUCCESS );
498 }
499#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
Archana449608b2021-09-08 15:36:05 +0530500 *key_buffer_size = mbedtls_test_opaque_size_function( key_type,
501 key_bits );
Ronald Cron4607c822021-04-14 10:55:34 +0200502 return( ( *key_buffer_size != 0 ) ?
503 PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED );
John Durkop2c618352020-09-22 06:54:01 -0700504#endif /* PSA_CRYPTO_DRIVER_TEST */
505
506 default:
Ronald Cron9df74be2020-12-05 19:15:23 +0100507 (void)key_type;
508 (void)key_bits;
Archanad8a83dc2021-06-14 10:04:16 +0530509 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200510 }
511}
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200512
Ronald Cron977c2472020-10-13 08:32:21 +0200513psa_status_t psa_driver_wrapper_generate_key(
514 const psa_key_attributes_t *attributes,
515 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
Steven Cooreman55ae2172020-07-17 19:46:15 +0200516{
Ronald Cron977c2472020-10-13 08:32:21 +0200517 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
518 psa_key_location_t location =
519 PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
520
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200521 /* Try dynamically-registered SE interface first */
522#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
523 const psa_drv_se_t *drv;
524 psa_drv_se_context_t *drv_context;
525
Ronald Cron977c2472020-10-13 08:32:21 +0200526 if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200527 {
528 size_t pubkey_length = 0; /* We don't support this feature yet */
529 if( drv->key_management == NULL ||
530 drv->key_management->p_generate == NULL )
531 {
532 /* Key is defined as being in SE, but we have no way to generate it */
Steven Cooreman56250fd2020-09-04 13:07:15 +0200533 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200534 }
535 return( drv->key_management->p_generate(
Ronald Cron977c2472020-10-13 08:32:21 +0200536 drv_context,
537 *( (psa_key_slot_number_t *)key_buffer ),
Ronald Cronea0f8a62020-11-25 17:52:23 +0100538 attributes, NULL, 0, &pubkey_length ) );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200539 }
540#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
541
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200542 switch( location )
543 {
544 case PSA_KEY_LOCATION_LOCAL_STORAGE:
Ronald Cron977c2472020-10-13 08:32:21 +0200545#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200546 /* Transparent drivers are limited to generating asymmetric keys */
Ronald Cron977c2472020-10-13 08:32:21 +0200547 if( PSA_KEY_TYPE_IS_ASYMMETRIC( attributes->core.type ) )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200548 {
Ronald Cron977c2472020-10-13 08:32:21 +0200549 /* Cycle through all known transparent accelerators */
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200550#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +0200551 status = mbedtls_test_transparent_generate_key(
Ronald Cron977c2472020-10-13 08:32:21 +0200552 attributes, key_buffer, key_buffer_size,
553 key_buffer_length );
554 /* Declared with fallback == true */
555 if( status != PSA_ERROR_NOT_SUPPORTED )
556 break;
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200557#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron977c2472020-10-13 08:32:21 +0200558 }
559#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
560
561 /* Software fallback */
562 status = psa_generate_key_internal(
563 attributes, key_buffer, key_buffer_size, key_buffer_length );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200564 break;
Ronald Cron977c2472020-10-13 08:32:21 +0200565
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200566 /* Add cases for opaque driver here */
Ronald Cron977c2472020-10-13 08:32:21 +0200567#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200568#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100569 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +0200570 status = mbedtls_test_opaque_generate_key(
Ronald Cron977c2472020-10-13 08:32:21 +0200571 attributes, key_buffer, key_buffer_size, key_buffer_length );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200572 break;
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200573#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron977c2472020-10-13 08:32:21 +0200574#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
575
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200576 default:
577 /* Key is declared with a lifetime not known to us */
578 status = PSA_ERROR_INVALID_ARGUMENT;
579 break;
580 }
581
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200582 return( status );
Steven Cooreman55ae2172020-07-17 19:46:15 +0200583}
584
Ronald Cron83282872020-11-22 14:02:39 +0100585psa_status_t psa_driver_wrapper_import_key(
586 const psa_key_attributes_t *attributes,
587 const uint8_t *data,
588 size_t data_length,
589 uint8_t *key_buffer,
590 size_t key_buffer_size,
591 size_t *key_buffer_length,
592 size_t *bits )
Steven Cooreman04524762020-10-13 17:43:44 +0200593{
Steven Cooreman04524762020-10-13 17:43:44 +0200594 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
Ronald Cronbf33c932020-11-28 18:06:53 +0100595 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
596 psa_get_key_lifetime( attributes ) );
Steven Cooreman04524762020-10-13 17:43:44 +0200597
Ronald Cronfb2ed5b2020-11-30 12:11:01 +0100598 /* Try dynamically-registered SE interface first */
599#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
600 const psa_drv_se_t *drv;
601 psa_drv_se_context_t *drv_context;
602
603 if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
604 {
605 if( drv->key_management == NULL ||
606 drv->key_management->p_import == NULL )
607 return( PSA_ERROR_NOT_SUPPORTED );
608
609 /* The driver should set the number of key bits, however in
610 * case it doesn't, we initialize bits to an invalid value. */
611 *bits = PSA_MAX_KEY_BITS + 1;
612 status = drv->key_management->p_import(
613 drv_context,
614 *( (psa_key_slot_number_t *)key_buffer ),
615 attributes, data, data_length, bits );
616
617 if( status != PSA_SUCCESS )
618 return( status );
619
620 if( (*bits) > PSA_MAX_KEY_BITS )
621 return( PSA_ERROR_NOT_SUPPORTED );
622
623 return( PSA_SUCCESS );
624 }
625#endif /* PSA_CRYPTO_SE_C */
626
Ronald Cronbf33c932020-11-28 18:06:53 +0100627 switch( location )
628 {
629 case PSA_KEY_LOCATION_LOCAL_STORAGE:
630 /* Key is stored in the slot in export representation, so
631 * cycle through all known transparent accelerators */
632#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
633#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +0200634 status = mbedtls_test_transparent_import_key(
635 attributes,
636 data, data_length,
637 key_buffer, key_buffer_size,
638 key_buffer_length, bits );
Ronald Cronbf33c932020-11-28 18:06:53 +0100639 /* Declared with fallback == true */
640 if( status != PSA_ERROR_NOT_SUPPORTED )
641 return( status );
642#endif /* PSA_CRYPTO_DRIVER_TEST */
643#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
644 /* Fell through, meaning no accelerator supports this operation */
645 return( psa_import_key_into_slot( attributes,
646 data, data_length,
647 key_buffer, key_buffer_size,
648 key_buffer_length, bits ) );
Archana4d7ae1d2021-07-07 02:50:22 +0530649 /* Add cases for opaque driver here */
650#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
651#if defined(PSA_CRYPTO_DRIVER_TEST)
652 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
653 return( mbedtls_test_opaque_import_key(
654 attributes,
655 data, data_length,
656 key_buffer, key_buffer_size,
657 key_buffer_length, bits ) );
658#endif /* PSA_CRYPTO_DRIVER_TEST */
659#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Ronald Cronbf33c932020-11-28 18:06:53 +0100660 default:
Ronald Cronbf33c932020-11-28 18:06:53 +0100661 (void)status;
Ronald Cronfb2ed5b2020-11-30 12:11:01 +0100662 return( PSA_ERROR_INVALID_ARGUMENT );
Ronald Cronbf33c932020-11-28 18:06:53 +0100663 }
664
Steven Cooreman04524762020-10-13 17:43:44 +0200665}
666
Ronald Cron67227982020-11-26 15:16:05 +0100667psa_status_t psa_driver_wrapper_export_key(
668 const psa_key_attributes_t *attributes,
669 const uint8_t *key_buffer, size_t key_buffer_size,
670 uint8_t *data, size_t data_size, size_t *data_length )
671
672{
673 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
674 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
675 psa_get_key_lifetime( attributes ) );
676
Ronald Cron152e3f82020-11-26 16:06:41 +0100677 /* Try dynamically-registered SE interface first */
678#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
679 const psa_drv_se_t *drv;
680 psa_drv_se_context_t *drv_context;
681
682 if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
683 {
684 if( ( drv->key_management == NULL ) ||
685 ( drv->key_management->p_export == NULL ) )
Ronald Cron9cfdf6e2021-01-18 11:58:39 +0100686 {
Ronald Cron152e3f82020-11-26 16:06:41 +0100687 return( PSA_ERROR_NOT_SUPPORTED );
Ronald Cron9cfdf6e2021-01-18 11:58:39 +0100688 }
Ronald Cron152e3f82020-11-26 16:06:41 +0100689
690 return( drv->key_management->p_export(
691 drv_context,
692 *( (psa_key_slot_number_t *)key_buffer ),
693 data, data_size, data_length ) );
694 }
695#endif /* PSA_CRYPTO_SE_C */
696
Ronald Cron67227982020-11-26 15:16:05 +0100697 switch( location )
698 {
699 case PSA_KEY_LOCATION_LOCAL_STORAGE:
700 return( psa_export_key_internal( attributes,
701 key_buffer,
702 key_buffer_size,
703 data,
704 data_size,
705 data_length ) );
706
707 /* Add cases for opaque driver here */
708#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
709#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100710 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +0200711 return( mbedtls_test_opaque_export_key( attributes,
712 key_buffer,
713 key_buffer_size,
714 data,
715 data_size,
716 data_length ) );
Ronald Cron67227982020-11-26 15:16:05 +0100717#endif /* PSA_CRYPTO_DRIVER_TEST */
718#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
719 default:
720 /* Key is declared with a lifetime not known to us */
721 return( status );
722 }
723}
724
Ronald Cron84cc9942020-11-25 14:30:05 +0100725psa_status_t psa_driver_wrapper_export_public_key(
726 const psa_key_attributes_t *attributes,
727 const uint8_t *key_buffer, size_t key_buffer_size,
728 uint8_t *data, size_t data_size, size_t *data_length )
729
Steven Cooremanb9b84422020-10-14 14:39:20 +0200730{
Steven Cooremanb9b84422020-10-14 14:39:20 +0200731 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
Ronald Cron84cc9942020-11-25 14:30:05 +0100732 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
733 psa_get_key_lifetime( attributes ) );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200734
Ronald Cron152e3f82020-11-26 16:06:41 +0100735 /* Try dynamically-registered SE interface first */
736#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
737 const psa_drv_se_t *drv;
738 psa_drv_se_context_t *drv_context;
739
740 if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
741 {
742 if( ( drv->key_management == NULL ) ||
743 ( drv->key_management->p_export_public == NULL ) )
Ronald Cron9cfdf6e2021-01-18 11:58:39 +0100744 {
Ronald Cron152e3f82020-11-26 16:06:41 +0100745 return( PSA_ERROR_NOT_SUPPORTED );
Ronald Cron9cfdf6e2021-01-18 11:58:39 +0100746 }
Ronald Cron152e3f82020-11-26 16:06:41 +0100747
748 return( drv->key_management->p_export_public(
749 drv_context,
750 *( (psa_key_slot_number_t *)key_buffer ),
751 data, data_size, data_length ) );
752 }
753#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
754
Steven Cooremanb9b84422020-10-14 14:39:20 +0200755 switch( location )
756 {
757 case PSA_KEY_LOCATION_LOCAL_STORAGE:
758 /* Key is stored in the slot in export representation, so
759 * cycle through all known transparent accelerators */
Ronald Cron67227982020-11-26 15:16:05 +0100760#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremanb9b84422020-10-14 14:39:20 +0200761#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +0200762 status = mbedtls_test_transparent_export_public_key(
763 attributes,
764 key_buffer,
765 key_buffer_size,
766 data,
767 data_size,
768 data_length );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200769 /* Declared with fallback == true */
770 if( status != PSA_ERROR_NOT_SUPPORTED )
771 return( status );
772#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron67227982020-11-26 15:16:05 +0100773#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooremanb9b84422020-10-14 14:39:20 +0200774 /* Fell through, meaning no accelerator supports this operation */
Ronald Cron67227982020-11-26 15:16:05 +0100775 return( psa_export_public_key_internal( attributes,
776 key_buffer,
777 key_buffer_size,
778 data,
779 data_size,
780 data_length ) );
781
Steven Cooremanb9b84422020-10-14 14:39:20 +0200782 /* Add cases for opaque driver here */
Ronald Cron67227982020-11-26 15:16:05 +0100783#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooremanb9b84422020-10-14 14:39:20 +0200784#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100785 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +0200786 return( mbedtls_test_opaque_export_public_key( attributes,
787 key_buffer,
788 key_buffer_size,
789 data,
790 data_size,
791 data_length ) );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200792#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron67227982020-11-26 15:16:05 +0100793#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooremanb9b84422020-10-14 14:39:20 +0200794 default:
795 /* Key is declared with a lifetime not known to us */
796 return( status );
797 }
Steven Cooremanb9b84422020-10-14 14:39:20 +0200798}
799
Steven Cooreman6801f082021-02-19 17:21:22 +0100800psa_status_t psa_driver_wrapper_get_builtin_key(
801 psa_drv_slot_number_t slot_number,
802 psa_key_attributes_t *attributes,
803 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
804{
805 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
806 switch( location )
807 {
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100808#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100809 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +0200810 return( mbedtls_test_opaque_get_builtin_key(
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100811 slot_number,
812 attributes,
813 key_buffer, key_buffer_size, key_buffer_length ) );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100814#endif /* PSA_CRYPTO_DRIVER_TEST */
Steven Cooreman6801f082021-02-19 17:21:22 +0100815 default:
816 (void) slot_number;
817 (void) key_buffer;
818 (void) key_buffer_size;
819 (void) key_buffer_length;
820 return( PSA_ERROR_DOES_NOT_EXIST );
821 }
822}
823
Archana8a180362021-07-05 02:18:48 +0530824psa_status_t psa_driver_wrapper_copy_key(
825 psa_key_attributes_t *attributes,
Archana9d17bf42021-09-10 06:22:44 +0530826 const uint8_t *source_key, size_t source_key_length,
Archana449608b2021-09-08 15:36:05 +0530827 uint8_t *target_key_buffer, size_t target_key_buffer_size,
828 size_t *target_key_buffer_length )
Archana8a180362021-07-05 02:18:48 +0530829{
Archana449608b2021-09-08 15:36:05 +0530830 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
831 psa_key_location_t location =
832 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Archana8a180362021-07-05 02:18:48 +0530833
Archana9d17bf42021-09-10 06:22:44 +0530834#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
835 const psa_drv_se_t *drv;
836 psa_drv_se_context_t *drv_context;
837
838 if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
839 {
840 /* Copying to a secure element is not implemented yet. */
841 return( PSA_ERROR_NOT_SUPPORTED );
842 }
843#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
844
Archana8a180362021-07-05 02:18:48 +0530845 switch( location )
846 {
847#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
848#if defined(PSA_CRYPTO_DRIVER_TEST)
849 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
850 return( mbedtls_test_opaque_copy_key( attributes, source_key,
Archana9d17bf42021-09-10 06:22:44 +0530851 source_key_length,
Archana8a180362021-07-05 02:18:48 +0530852 target_key_buffer,
Archana449608b2021-09-08 15:36:05 +0530853 target_key_buffer_size,
854 target_key_buffer_length) );
Archana8a180362021-07-05 02:18:48 +0530855#endif /* PSA_CRYPTO_DRIVER_TEST */
856#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
857 default:
858 (void)source_key;
Archana9d17bf42021-09-10 06:22:44 +0530859 (void)source_key_length;
Archana8a180362021-07-05 02:18:48 +0530860 (void)target_key_buffer;
Archana449608b2021-09-08 15:36:05 +0530861 (void)target_key_buffer_size;
862 (void)target_key_buffer_length;
Archana8a180362021-07-05 02:18:48 +0530863 status = PSA_ERROR_INVALID_ARGUMENT;
864 }
865 return( status );
866}
867
Steven Cooreman37941cb2020-07-28 18:49:51 +0200868/*
869 * Cipher functions
870 */
871psa_status_t psa_driver_wrapper_cipher_encrypt(
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100872 const psa_key_attributes_t *attributes,
873 const uint8_t *key_buffer,
874 size_t key_buffer_size,
Steven Cooreman37941cb2020-07-28 18:49:51 +0200875 psa_algorithm_t alg,
876 const uint8_t *input,
877 size_t input_length,
878 uint8_t *output,
879 size_t output_size,
880 size_t *output_length )
881{
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100882 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
883 psa_key_location_t location =
884 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200885
886 switch( location )
887 {
888 case PSA_KEY_LOCATION_LOCAL_STORAGE:
889 /* Key is stored in the slot in export representation, so
890 * cycle through all known transparent accelerators */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100891#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +0200892#if defined(PSA_CRYPTO_DRIVER_TEST)
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100893 status = mbedtls_test_transparent_cipher_encrypt( attributes,
894 key_buffer,
895 key_buffer_size,
Ronald Cron7f13fa22021-04-13 12:41:34 +0200896 alg,
897 input,
898 input_length,
899 output,
900 output_size,
901 output_length );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200902 /* Declared with fallback == true */
903 if( status != PSA_ERROR_NOT_SUPPORTED )
Steven Cooreman5240e8b2020-09-09 11:51:45 +0200904 return( status );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200905#endif /* PSA_CRYPTO_DRIVER_TEST */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100906#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
907
908#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
909 return( mbedtls_psa_cipher_encrypt( attributes,
910 key_buffer,
911 key_buffer_size,
912 alg,
913 input,
914 input_length,
915 output,
916 output_size,
917 output_length ) );
gabor-mezei-arm0a93b662021-06-25 15:43:32 +0200918#else
Steven Cooreman5240e8b2020-09-09 11:51:45 +0200919 return( PSA_ERROR_NOT_SUPPORTED );
gabor-mezei-arm0a93b662021-06-25 15:43:32 +0200920#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100921
Steven Cooreman37941cb2020-07-28 18:49:51 +0200922 /* Add cases for opaque driver here */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100923#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +0200924#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +0100925 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100926 return( mbedtls_test_opaque_cipher_encrypt( attributes,
927 key_buffer,
928 key_buffer_size,
Ronald Cron7f13fa22021-04-13 12:41:34 +0200929 alg,
930 input,
931 input_length,
932 output,
933 output_size,
934 output_length ) );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200935#endif /* PSA_CRYPTO_DRIVER_TEST */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100936#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
937
Steven Cooreman37941cb2020-07-28 18:49:51 +0200938 default:
939 /* Key is declared with a lifetime not known to us */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100940 (void)status;
941 (void)key_buffer;
942 (void)key_buffer_size;
943 (void)alg;
944 (void)input;
945 (void)input_length;
946 (void)output;
947 (void)output_size;
948 (void)output_length;
949 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200950 }
Steven Cooreman37941cb2020-07-28 18:49:51 +0200951}
952
953psa_status_t psa_driver_wrapper_cipher_decrypt(
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100954 const psa_key_attributes_t *attributes,
955 const uint8_t *key_buffer,
956 size_t key_buffer_size,
Steven Cooreman37941cb2020-07-28 18:49:51 +0200957 psa_algorithm_t alg,
958 const uint8_t *input,
959 size_t input_length,
960 uint8_t *output,
961 size_t output_size,
962 size_t *output_length )
963{
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100964 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
965 psa_key_location_t location =
966 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200967
968 switch( location )
969 {
970 case PSA_KEY_LOCATION_LOCAL_STORAGE:
971 /* Key is stored in the slot in export representation, so
972 * cycle through all known transparent accelerators */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100973#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +0200974#if defined(PSA_CRYPTO_DRIVER_TEST)
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100975 status = mbedtls_test_transparent_cipher_decrypt( attributes,
976 key_buffer,
977 key_buffer_size,
Ronald Cron7f13fa22021-04-13 12:41:34 +0200978 alg,
979 input,
980 input_length,
981 output,
982 output_size,
983 output_length );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200984 /* Declared with fallback == true */
985 if( status != PSA_ERROR_NOT_SUPPORTED )
Steven Cooreman5240e8b2020-09-09 11:51:45 +0200986 return( status );
Steven Cooreman37941cb2020-07-28 18:49:51 +0200987#endif /* PSA_CRYPTO_DRIVER_TEST */
gabor-mezei-arma9449a02021-03-25 11:17:10 +0100988#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
989
990#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
991 return( mbedtls_psa_cipher_decrypt( attributes,
992 key_buffer,
993 key_buffer_size,
994 alg,
995 input,
996 input_length,
997 output,
998 output_size,
999 output_length ) );
gabor-mezei-arm0a93b662021-06-25 15:43:32 +02001000#else
Steven Cooreman5240e8b2020-09-09 11:51:45 +02001001 return( PSA_ERROR_NOT_SUPPORTED );
gabor-mezei-arm0a93b662021-06-25 15:43:32 +02001002#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
gabor-mezei-arma9449a02021-03-25 11:17:10 +01001003
Steven Cooreman37941cb2020-07-28 18:49:51 +02001004 /* Add cases for opaque driver here */
gabor-mezei-arma9449a02021-03-25 11:17:10 +01001005#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001006#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +01001007 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
gabor-mezei-arma9449a02021-03-25 11:17:10 +01001008 return( mbedtls_test_opaque_cipher_decrypt( attributes,
1009 key_buffer,
1010 key_buffer_size,
Ronald Cron7f13fa22021-04-13 12:41:34 +02001011 alg,
1012 input,
1013 input_length,
1014 output,
1015 output_size,
1016 output_length ) );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001017#endif /* PSA_CRYPTO_DRIVER_TEST */
gabor-mezei-arma9449a02021-03-25 11:17:10 +01001018#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1019
Steven Cooreman37941cb2020-07-28 18:49:51 +02001020 default:
1021 /* Key is declared with a lifetime not known to us */
gabor-mezei-arma9449a02021-03-25 11:17:10 +01001022 (void)status;
1023 (void)key_buffer;
1024 (void)key_buffer_size;
1025 (void)alg;
1026 (void)input;
1027 (void)input_length;
1028 (void)output;
1029 (void)output_size;
1030 (void)output_length;
1031 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001032 }
Steven Cooreman37941cb2020-07-28 18:49:51 +02001033}
1034
1035psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
Ronald Crona4af55f2020-12-14 14:36:06 +01001036 psa_cipher_operation_t *operation,
1037 const psa_key_attributes_t *attributes,
1038 const uint8_t *key_buffer, size_t key_buffer_size,
Steven Cooreman37941cb2020-07-28 18:49:51 +02001039 psa_algorithm_t alg )
1040{
Ronald Cron0b805592020-12-14 18:08:20 +01001041 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
Ronald Crona4af55f2020-12-14 14:36:06 +01001042 psa_key_location_t location =
1043 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001044
Steven Cooreman37941cb2020-07-28 18:49:51 +02001045 switch( location )
1046 {
1047 case PSA_KEY_LOCATION_LOCAL_STORAGE:
1048 /* Key is stored in the slot in export representation, so
1049 * cycle through all known transparent accelerators */
Ronald Cron0b805592020-12-14 18:08:20 +01001050#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001051#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +02001052 status = mbedtls_test_transparent_cipher_encrypt_setup(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001053 &operation->ctx.transparent_test_driver_ctx,
1054 attributes,
1055 key_buffer,
1056 key_buffer_size,
1057 alg );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001058 /* Declared with fallback == true */
Steven Cooreman150c99b2020-09-09 14:32:44 +02001059 if( status == PSA_SUCCESS )
Ronald Cron49fafa92021-03-10 08:34:23 +01001060 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
Steven Cooreman150c99b2020-09-09 14:32:44 +02001061
Ronald Cron0b805592020-12-14 18:08:20 +01001062 if( status != PSA_ERROR_NOT_SUPPORTED )
1063 return( status );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001064#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron0b805592020-12-14 18:08:20 +01001065#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001066#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001067 /* Fell through, meaning no accelerator supports this operation */
Ronald Cron6e412a72021-03-10 09:58:47 +01001068 status = mbedtls_psa_cipher_encrypt_setup( &operation->ctx.mbedtls_ctx,
Ronald Cron49fafa92021-03-10 08:34:23 +01001069 attributes,
1070 key_buffer,
1071 key_buffer_size,
1072 alg );
1073 if( status == PSA_SUCCESS )
Ronald Cron6e412a72021-03-10 09:58:47 +01001074 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
Ronald Cron49fafa92021-03-10 08:34:23 +01001075
Ronald Cron7b4154d2021-03-19 14:49:41 +01001076 if( status != PSA_ERROR_NOT_SUPPORTED )
1077 return( status );
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001078#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1079 return( PSA_ERROR_NOT_SUPPORTED );
Ronald Cron0b805592020-12-14 18:08:20 +01001080
Steven Cooreman37941cb2020-07-28 18:49:51 +02001081 /* Add cases for opaque driver here */
Ronald Cron0b805592020-12-14 18:08:20 +01001082#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001083#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +01001084 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001085 status = mbedtls_test_opaque_cipher_encrypt_setup(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001086 &operation->ctx.opaque_test_driver_ctx,
1087 attributes,
1088 key_buffer, key_buffer_size,
1089 alg );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001090
Steven Cooreman37941cb2020-07-28 18:49:51 +02001091 if( status == PSA_SUCCESS )
Ronald Cron49fafa92021-03-10 08:34:23 +01001092 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
Steven Cooreman37941cb2020-07-28 18:49:51 +02001093
Steven Cooreman5240e8b2020-09-09 11:51:45 +02001094 return( status );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001095#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron0b805592020-12-14 18:08:20 +01001096#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooreman37941cb2020-07-28 18:49:51 +02001097 default:
1098 /* Key is declared with a lifetime not known to us */
Ronald Cron0b805592020-12-14 18:08:20 +01001099 (void)status;
Ronald Cron7a55deb2021-04-28 14:29:00 +02001100 (void)operation;
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001101 (void)key_buffer;
1102 (void)key_buffer_size;
1103 (void)alg;
Ronald Cronc45b4af2020-09-29 16:18:05 +02001104 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001105 }
Steven Cooreman37941cb2020-07-28 18:49:51 +02001106}
1107
1108psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
Ronald Crona4af55f2020-12-14 14:36:06 +01001109 psa_cipher_operation_t *operation,
1110 const psa_key_attributes_t *attributes,
1111 const uint8_t *key_buffer, size_t key_buffer_size,
Steven Cooreman37941cb2020-07-28 18:49:51 +02001112 psa_algorithm_t alg )
1113{
Steven Cooreman37941cb2020-07-28 18:49:51 +02001114 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
Ronald Crona4af55f2020-12-14 14:36:06 +01001115 psa_key_location_t location =
1116 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001117
Steven Cooreman37941cb2020-07-28 18:49:51 +02001118 switch( location )
1119 {
1120 case PSA_KEY_LOCATION_LOCAL_STORAGE:
1121 /* Key is stored in the slot in export representation, so
1122 * cycle through all known transparent accelerators */
Ronald Cron0b805592020-12-14 18:08:20 +01001123#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001124#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +02001125 status = mbedtls_test_transparent_cipher_decrypt_setup(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001126 &operation->ctx.transparent_test_driver_ctx,
1127 attributes,
1128 key_buffer,
1129 key_buffer_size,
1130 alg );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001131 /* Declared with fallback == true */
Steven Cooreman150c99b2020-09-09 14:32:44 +02001132 if( status == PSA_SUCCESS )
Ronald Cron49fafa92021-03-10 08:34:23 +01001133 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
Steven Cooreman150c99b2020-09-09 14:32:44 +02001134
Ronald Cron0b805592020-12-14 18:08:20 +01001135 if( status != PSA_ERROR_NOT_SUPPORTED )
1136 return( status );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001137#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron0b805592020-12-14 18:08:20 +01001138#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001139#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001140 /* Fell through, meaning no accelerator supports this operation */
Ronald Cron6e412a72021-03-10 09:58:47 +01001141 status = mbedtls_psa_cipher_decrypt_setup( &operation->ctx.mbedtls_ctx,
Ronald Cron49fafa92021-03-10 08:34:23 +01001142 attributes,
1143 key_buffer,
1144 key_buffer_size,
1145 alg );
1146 if( status == PSA_SUCCESS )
1147 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1148
1149 return( status );
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001150#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1151 return( PSA_ERROR_NOT_SUPPORTED );
Ronald Cron49fafa92021-03-10 08:34:23 +01001152
Steven Cooreman37941cb2020-07-28 18:49:51 +02001153 /* Add cases for opaque driver here */
Ronald Cron0b805592020-12-14 18:08:20 +01001154#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001155#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremana1ce2f22021-03-18 20:49:29 +01001156 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001157 status = mbedtls_test_opaque_cipher_decrypt_setup(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001158 &operation->ctx.opaque_test_driver_ctx,
1159 attributes,
1160 key_buffer, key_buffer_size,
1161 alg );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001162
Steven Cooreman37941cb2020-07-28 18:49:51 +02001163 if( status == PSA_SUCCESS )
Ronald Cron49fafa92021-03-10 08:34:23 +01001164 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
Steven Cooreman37941cb2020-07-28 18:49:51 +02001165
Steven Cooreman5240e8b2020-09-09 11:51:45 +02001166 return( status );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001167#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Cron0b805592020-12-14 18:08:20 +01001168#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Steven Cooreman37941cb2020-07-28 18:49:51 +02001169 default:
1170 /* Key is declared with a lifetime not known to us */
Ronald Cron0b805592020-12-14 18:08:20 +01001171 (void)status;
Ronald Cron17006702021-12-03 15:25:24 +01001172 (void)operation;
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001173 (void)key_buffer;
1174 (void)key_buffer_size;
1175 (void)alg;
Ronald Cronc45b4af2020-09-29 16:18:05 +02001176 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001177 }
Steven Cooreman37941cb2020-07-28 18:49:51 +02001178}
1179
Steven Cooreman37941cb2020-07-28 18:49:51 +02001180psa_status_t psa_driver_wrapper_cipher_set_iv(
Ronald Cron6056fe82020-12-15 13:58:07 +01001181 psa_cipher_operation_t *operation,
Steven Cooreman37941cb2020-07-28 18:49:51 +02001182 const uint8_t *iv,
1183 size_t iv_length )
1184{
Ronald Cron49fafa92021-03-10 08:34:23 +01001185 switch( operation->id )
1186 {
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001187#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
Ronald Cron49fafa92021-03-10 08:34:23 +01001188 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Ronald Cron6e412a72021-03-10 09:58:47 +01001189 return( mbedtls_psa_cipher_set_iv( &operation->ctx.mbedtls_ctx,
Ronald Cron49fafa92021-03-10 08:34:23 +01001190 iv,
1191 iv_length ) );
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001192#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
Ronald Crondd24c9b2020-12-15 14:10:01 +01001193
1194#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001195#if defined(PSA_CRYPTO_DRIVER_TEST)
1196 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001197 return( mbedtls_test_transparent_cipher_set_iv(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001198 &operation->ctx.transparent_test_driver_ctx,
1199 iv, iv_length ) );
Ronald Cron49fafa92021-03-10 08:34:23 +01001200
Steven Cooreman37941cb2020-07-28 18:49:51 +02001201 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001202 return( mbedtls_test_opaque_cipher_set_iv(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001203 &operation->ctx.opaque_test_driver_ctx,
1204 iv, iv_length ) );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001205#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Crondd24c9b2020-12-15 14:10:01 +01001206#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Ronald Cron49fafa92021-03-10 08:34:23 +01001207 }
Steven Cooreman37941cb2020-07-28 18:49:51 +02001208
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001209 (void)iv;
1210 (void)iv_length;
1211
Ronald Crondd24c9b2020-12-15 14:10:01 +01001212 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001213}
1214
1215psa_status_t psa_driver_wrapper_cipher_update(
Ronald Cron6056fe82020-12-15 13:58:07 +01001216 psa_cipher_operation_t *operation,
Steven Cooreman37941cb2020-07-28 18:49:51 +02001217 const uint8_t *input,
1218 size_t input_length,
1219 uint8_t *output,
1220 size_t output_size,
1221 size_t *output_length )
1222{
Ronald Cron49fafa92021-03-10 08:34:23 +01001223 switch( operation->id )
Steven Cooreman37941cb2020-07-28 18:49:51 +02001224 {
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001225#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
Ronald Cron49fafa92021-03-10 08:34:23 +01001226 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Ronald Cron6e412a72021-03-10 09:58:47 +01001227 return( mbedtls_psa_cipher_update( &operation->ctx.mbedtls_ctx,
Ronald Cron49fafa92021-03-10 08:34:23 +01001228 input,
1229 input_length,
1230 output,
1231 output_size,
1232 output_length ) );
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001233#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1234
Ronald Cron49fafa92021-03-10 08:34:23 +01001235#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001236#if defined(PSA_CRYPTO_DRIVER_TEST)
1237 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001238 return( mbedtls_test_transparent_cipher_update(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001239 &operation->ctx.transparent_test_driver_ctx,
1240 input, input_length,
1241 output, output_size, output_length ) );
1242
Steven Cooreman37941cb2020-07-28 18:49:51 +02001243 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001244 return( mbedtls_test_opaque_cipher_update(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001245 &operation->ctx.opaque_test_driver_ctx,
1246 input, input_length,
1247 output, output_size, output_length ) );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001248#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Crondd24c9b2020-12-15 14:10:01 +01001249#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Ronald Cron49fafa92021-03-10 08:34:23 +01001250 }
Steven Cooreman37941cb2020-07-28 18:49:51 +02001251
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001252 (void)input;
1253 (void)input_length;
1254 (void)output;
1255 (void)output_size;
1256 (void)output_length;
1257
Ronald Crondd24c9b2020-12-15 14:10:01 +01001258 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001259}
1260
1261psa_status_t psa_driver_wrapper_cipher_finish(
Ronald Cron6056fe82020-12-15 13:58:07 +01001262 psa_cipher_operation_t *operation,
Steven Cooreman37941cb2020-07-28 18:49:51 +02001263 uint8_t *output,
1264 size_t output_size,
1265 size_t *output_length )
1266{
Ronald Cron49fafa92021-03-10 08:34:23 +01001267 switch( operation->id )
1268 {
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001269#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
Ronald Cron49fafa92021-03-10 08:34:23 +01001270 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Ronald Cron6e412a72021-03-10 09:58:47 +01001271 return( mbedtls_psa_cipher_finish( &operation->ctx.mbedtls_ctx,
Ronald Cron49fafa92021-03-10 08:34:23 +01001272 output,
1273 output_size,
1274 output_length ) );
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001275#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
Ronald Crondd24c9b2020-12-15 14:10:01 +01001276
1277#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001278#if defined(PSA_CRYPTO_DRIVER_TEST)
1279 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001280 return( mbedtls_test_transparent_cipher_finish(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001281 &operation->ctx.transparent_test_driver_ctx,
1282 output, output_size, output_length ) );
Ronald Cron49fafa92021-03-10 08:34:23 +01001283
Steven Cooreman37941cb2020-07-28 18:49:51 +02001284 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001285 return( mbedtls_test_opaque_cipher_finish(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001286 &operation->ctx.opaque_test_driver_ctx,
1287 output, output_size, output_length ) );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001288#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Crondd24c9b2020-12-15 14:10:01 +01001289#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Ronald Cron49fafa92021-03-10 08:34:23 +01001290 }
Steven Cooreman37941cb2020-07-28 18:49:51 +02001291
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001292 (void)output;
1293 (void)output_size;
1294 (void)output_length;
1295
Ronald Crondd24c9b2020-12-15 14:10:01 +01001296 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001297}
1298
1299psa_status_t psa_driver_wrapper_cipher_abort(
Ronald Cron6056fe82020-12-15 13:58:07 +01001300 psa_cipher_operation_t *operation )
Steven Cooreman37941cb2020-07-28 18:49:51 +02001301{
Ronald Crondd24c9b2020-12-15 14:10:01 +01001302 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
Steven Cooreman37941cb2020-07-28 18:49:51 +02001303
Ronald Cron49fafa92021-03-10 08:34:23 +01001304 switch( operation->id )
Steven Cooreman37941cb2020-07-28 18:49:51 +02001305 {
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001306#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
Ronald Cron49fafa92021-03-10 08:34:23 +01001307 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Ronald Cron6e412a72021-03-10 09:58:47 +01001308 return( mbedtls_psa_cipher_abort( &operation->ctx.mbedtls_ctx ) );
Ronald Cron5d9b00d2021-03-10 14:43:20 +01001309#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
Ronald Cron49fafa92021-03-10 08:34:23 +01001310
1311#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
Steven Cooreman37941cb2020-07-28 18:49:51 +02001312#if defined(PSA_CRYPTO_DRIVER_TEST)
1313 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001314 status = mbedtls_test_transparent_cipher_abort(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001315 &operation->ctx.transparent_test_driver_ctx );
Steven Cooremancfeea8f2020-09-09 15:09:18 +02001316 mbedtls_platform_zeroize(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001317 &operation->ctx.transparent_test_driver_ctx,
1318 sizeof( operation->ctx.transparent_test_driver_ctx ) );
Steven Cooreman5240e8b2020-09-09 11:51:45 +02001319 return( status );
Ronald Cron49fafa92021-03-10 08:34:23 +01001320
Steven Cooreman37941cb2020-07-28 18:49:51 +02001321 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001322 status = mbedtls_test_opaque_cipher_abort(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001323 &operation->ctx.opaque_test_driver_ctx );
Steven Cooremancfeea8f2020-09-09 15:09:18 +02001324 mbedtls_platform_zeroize(
Ronald Cron7cb9c3d2021-03-10 12:21:48 +01001325 &operation->ctx.opaque_test_driver_ctx,
1326 sizeof( operation->ctx.opaque_test_driver_ctx ) );
Steven Cooreman5240e8b2020-09-09 11:51:45 +02001327 return( status );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001328#endif /* PSA_CRYPTO_DRIVER_TEST */
Ronald Crondd24c9b2020-12-15 14:10:01 +01001329#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
Ronald Cron49fafa92021-03-10 08:34:23 +01001330 }
Steven Cooreman37941cb2020-07-28 18:49:51 +02001331
Ronald Cron49fafa92021-03-10 08:34:23 +01001332 (void)status;
Ronald Crondd24c9b2020-12-15 14:10:01 +01001333 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooreman37941cb2020-07-28 18:49:51 +02001334}
1335
Steven Cooreman1e582352021-02-18 17:24:37 +01001336/*
1337 * Hashing functions
1338 */
1339psa_status_t psa_driver_wrapper_hash_compute(
1340 psa_algorithm_t alg,
1341 const uint8_t *input,
1342 size_t input_length,
1343 uint8_t *hash,
1344 size_t hash_size,
1345 size_t *hash_length)
1346{
Steven Cooreman0eeb7942021-03-08 12:13:21 +01001347 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
Steven Cooreman1e582352021-02-18 17:24:37 +01001348
1349 /* Try accelerators first */
Steven Cooremanf8e45a42021-03-16 11:07:55 +01001350#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +02001351 status = mbedtls_test_transparent_hash_compute(
Steven Cooreman0f8ffa82021-03-15 11:56:33 +01001352 alg, input, input_length, hash, hash_size, hash_length );
Steven Cooremanf7638102021-03-04 15:14:36 +01001353 if( status != PSA_ERROR_NOT_SUPPORTED )
1354 return( status );
1355#endif
Steven Cooreman1e582352021-02-18 17:24:37 +01001356
1357 /* If software fallback is compiled in, try fallback */
1358#if defined(MBEDTLS_PSA_BUILTIN_HASH)
1359 status = mbedtls_psa_hash_compute( alg, input, input_length,
1360 hash, hash_size, hash_length );
1361 if( status != PSA_ERROR_NOT_SUPPORTED )
1362 return( status );
1363#endif
Steven Cooreman0eeb7942021-03-08 12:13:21 +01001364 (void) status;
1365 (void) alg;
1366 (void) input;
1367 (void) input_length;
1368 (void) hash;
1369 (void) hash_size;
1370 (void) hash_length;
Steven Cooreman1e582352021-02-18 17:24:37 +01001371
Steven Cooreman0eeb7942021-03-08 12:13:21 +01001372 return( PSA_ERROR_NOT_SUPPORTED );
Steven Cooreman1e582352021-02-18 17:24:37 +01001373}
1374
1375psa_status_t psa_driver_wrapper_hash_setup(
Steven Cooremandbf8ced2021-03-04 13:01:18 +01001376 psa_hash_operation_t *operation,
Steven Cooreman1e582352021-02-18 17:24:37 +01001377 psa_algorithm_t alg )
1378{
Steven Cooreman0eeb7942021-03-08 12:13:21 +01001379 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
Steven Cooreman1e582352021-02-18 17:24:37 +01001380
Steven Cooreman1e582352021-02-18 17:24:37 +01001381 /* Try setup on accelerators first */
Steven Cooremanf8e45a42021-03-16 11:07:55 +01001382#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +02001383 status = mbedtls_test_transparent_hash_setup(
Steven Cooreman0f8ffa82021-03-15 11:56:33 +01001384 &operation->ctx.test_driver_ctx, alg );
Steven Cooremanf7638102021-03-04 15:14:36 +01001385 if( status == PSA_SUCCESS )
1386 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
1387
1388 if( status != PSA_ERROR_NOT_SUPPORTED )
1389 return( status );
1390#endif
Steven Cooreman1e582352021-02-18 17:24:37 +01001391
1392 /* If software fallback is compiled in, try fallback */
1393#if defined(MBEDTLS_PSA_BUILTIN_HASH)
Steven Cooremandbf8ced2021-03-04 13:01:18 +01001394 status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg );
Steven Cooreman1e582352021-02-18 17:24:37 +01001395 if( status == PSA_SUCCESS )
Steven Cooreman1e582352021-02-18 17:24:37 +01001396 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
Steven Cooreman1e582352021-02-18 17:24:37 +01001397
1398 if( status != PSA_ERROR_NOT_SUPPORTED )
1399 return( status );
1400#endif
1401 /* Nothing left to try if we fall through here */
1402 (void) status;
1403 (void) operation;
1404 (void) alg;
1405 return( PSA_ERROR_NOT_SUPPORTED );
1406}
1407
1408psa_status_t psa_driver_wrapper_hash_clone(
Steven Cooremandbf8ced2021-03-04 13:01:18 +01001409 const psa_hash_operation_t *source_operation,
1410 psa_hash_operation_t *target_operation )
Steven Cooreman1e582352021-02-18 17:24:37 +01001411{
Steven Cooreman1e582352021-02-18 17:24:37 +01001412 switch( source_operation->id )
1413 {
Steven Cooreman5e4c18f2021-03-15 12:26:07 +01001414#if defined(MBEDTLS_PSA_BUILTIN_HASH)
1415 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1416 target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1417 return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx,
1418 &target_operation->ctx.mbedtls_ctx ) );
1419#endif
Steven Cooremanf8e45a42021-03-16 11:07:55 +01001420#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremanf7638102021-03-04 15:14:36 +01001421 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1422 target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
Ronald Cron7f13fa22021-04-13 12:41:34 +02001423 return( mbedtls_test_transparent_hash_clone(
Steven Cooreman0f8ffa82021-03-15 11:56:33 +01001424 &source_operation->ctx.test_driver_ctx,
1425 &target_operation->ctx.test_driver_ctx ) );
Steven Cooremanf7638102021-03-04 15:14:36 +01001426#endif
Steven Cooreman1e582352021-02-18 17:24:37 +01001427 default:
Steven Cooreman1e582352021-02-18 17:24:37 +01001428 (void) target_operation;
1429 return( PSA_ERROR_BAD_STATE );
1430 }
Steven Cooreman1e582352021-02-18 17:24:37 +01001431}
1432
1433psa_status_t psa_driver_wrapper_hash_update(
Steven Cooremandbf8ced2021-03-04 13:01:18 +01001434 psa_hash_operation_t *operation,
Steven Cooreman1e582352021-02-18 17:24:37 +01001435 const uint8_t *input,
1436 size_t input_length )
1437{
Steven Cooreman1e582352021-02-18 17:24:37 +01001438 switch( operation->id )
1439 {
Steven Cooreman5e4c18f2021-03-15 12:26:07 +01001440#if defined(MBEDTLS_PSA_BUILTIN_HASH)
1441 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1442 return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx,
1443 input, input_length ) );
1444#endif
Steven Cooremanf8e45a42021-03-16 11:07:55 +01001445#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremanf7638102021-03-04 15:14:36 +01001446 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001447 return( mbedtls_test_transparent_hash_update(
Steven Cooreman0f8ffa82021-03-15 11:56:33 +01001448 &operation->ctx.test_driver_ctx,
1449 input, input_length ) );
Steven Cooremanf7638102021-03-04 15:14:36 +01001450#endif
Steven Cooreman1e582352021-02-18 17:24:37 +01001451 default:
Steven Cooreman1e582352021-02-18 17:24:37 +01001452 (void) input;
1453 (void) input_length;
1454 return( PSA_ERROR_BAD_STATE );
1455 }
Steven Cooreman1e582352021-02-18 17:24:37 +01001456}
1457
1458psa_status_t psa_driver_wrapper_hash_finish(
Steven Cooremandbf8ced2021-03-04 13:01:18 +01001459 psa_hash_operation_t *operation,
Steven Cooreman1e582352021-02-18 17:24:37 +01001460 uint8_t *hash,
1461 size_t hash_size,
1462 size_t *hash_length )
1463{
Steven Cooreman1e582352021-02-18 17:24:37 +01001464 switch( operation->id )
1465 {
Steven Cooreman5e4c18f2021-03-15 12:26:07 +01001466#if defined(MBEDTLS_PSA_BUILTIN_HASH)
1467 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1468 return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx,
1469 hash, hash_size, hash_length ) );
1470#endif
Steven Cooremanf8e45a42021-03-16 11:07:55 +01001471#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremanf7638102021-03-04 15:14:36 +01001472 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001473 return( mbedtls_test_transparent_hash_finish(
Steven Cooreman0f8ffa82021-03-15 11:56:33 +01001474 &operation->ctx.test_driver_ctx,
1475 hash, hash_size, hash_length ) );
Steven Cooremanf7638102021-03-04 15:14:36 +01001476#endif
Steven Cooreman1e582352021-02-18 17:24:37 +01001477 default:
Steven Cooreman1e582352021-02-18 17:24:37 +01001478 (void) hash;
1479 (void) hash_size;
1480 (void) hash_length;
1481 return( PSA_ERROR_BAD_STATE );
1482 }
Steven Cooreman1e582352021-02-18 17:24:37 +01001483}
1484
1485psa_status_t psa_driver_wrapper_hash_abort(
Steven Cooremandbf8ced2021-03-04 13:01:18 +01001486 psa_hash_operation_t *operation )
Steven Cooreman1e582352021-02-18 17:24:37 +01001487{
Steven Cooreman1e582352021-02-18 17:24:37 +01001488 switch( operation->id )
1489 {
Steven Cooreman5e4c18f2021-03-15 12:26:07 +01001490#if defined(MBEDTLS_PSA_BUILTIN_HASH)
1491 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1492 return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) );
1493#endif
Steven Cooremanf8e45a42021-03-16 11:07:55 +01001494#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremanf7638102021-03-04 15:14:36 +01001495 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Ronald Cron7f13fa22021-04-13 12:41:34 +02001496 return( mbedtls_test_transparent_hash_abort(
Steven Cooreman0f8ffa82021-03-15 11:56:33 +01001497 &operation->ctx.test_driver_ctx ) );
Steven Cooremanf7638102021-03-04 15:14:36 +01001498#endif
Steven Cooreman1e582352021-02-18 17:24:37 +01001499 default:
Steven Cooreman1e582352021-02-18 17:24:37 +01001500 return( PSA_ERROR_BAD_STATE );
1501 }
1502}
1503
Ronald Cronde822812021-03-17 16:08:20 +01001504psa_status_t psa_driver_wrapper_aead_encrypt(
1505 const psa_key_attributes_t *attributes,
1506 const uint8_t *key_buffer, size_t key_buffer_size,
1507 psa_algorithm_t alg,
1508 const uint8_t *nonce, size_t nonce_length,
1509 const uint8_t *additional_data, size_t additional_data_length,
1510 const uint8_t *plaintext, size_t plaintext_length,
1511 uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
1512{
1513 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1514 psa_key_location_t location =
1515 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
1516
1517 switch( location )
1518 {
1519 case PSA_KEY_LOCATION_LOCAL_STORAGE:
1520 /* Key is stored in the slot in export representation, so
1521 * cycle through all known transparent accelerators */
1522
1523#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1524#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +02001525 status = mbedtls_test_transparent_aead_encrypt(
Ronald Cronde822812021-03-17 16:08:20 +01001526 attributes, key_buffer, key_buffer_size,
1527 alg,
1528 nonce, nonce_length,
1529 additional_data, additional_data_length,
1530 plaintext, plaintext_length,
1531 ciphertext, ciphertext_size, ciphertext_length );
1532 /* Declared with fallback == true */
1533 if( status != PSA_ERROR_NOT_SUPPORTED )
1534 return( status );
1535#endif /* PSA_CRYPTO_DRIVER_TEST */
1536#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1537
1538 /* Fell through, meaning no accelerator supports this operation */
1539 return( mbedtls_psa_aead_encrypt(
1540 attributes, key_buffer, key_buffer_size,
1541 alg,
1542 nonce, nonce_length,
1543 additional_data, additional_data_length,
1544 plaintext, plaintext_length,
1545 ciphertext, ciphertext_size, ciphertext_length ) );
1546
1547 /* Add cases for opaque driver here */
1548
1549 default:
1550 /* Key is declared with a lifetime not known to us */
1551 (void)status;
1552 return( PSA_ERROR_INVALID_ARGUMENT );
1553 }
1554}
1555
1556psa_status_t psa_driver_wrapper_aead_decrypt(
1557 const psa_key_attributes_t *attributes,
1558 const uint8_t *key_buffer, size_t key_buffer_size,
1559 psa_algorithm_t alg,
1560 const uint8_t *nonce, size_t nonce_length,
1561 const uint8_t *additional_data, size_t additional_data_length,
1562 const uint8_t *ciphertext, size_t ciphertext_length,
1563 uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
1564{
1565 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1566 psa_key_location_t location =
1567 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
1568
1569 switch( location )
1570 {
1571 case PSA_KEY_LOCATION_LOCAL_STORAGE:
1572 /* Key is stored in the slot in export representation, so
1573 * cycle through all known transparent accelerators */
1574
1575#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1576#if defined(PSA_CRYPTO_DRIVER_TEST)
Ronald Cron7f13fa22021-04-13 12:41:34 +02001577 status = mbedtls_test_transparent_aead_decrypt(
Ronald Cronde822812021-03-17 16:08:20 +01001578 attributes, key_buffer, key_buffer_size,
1579 alg,
1580 nonce, nonce_length,
1581 additional_data, additional_data_length,
1582 ciphertext, ciphertext_length,
1583 plaintext, plaintext_size, plaintext_length );
1584 /* Declared with fallback == true */
1585 if( status != PSA_ERROR_NOT_SUPPORTED )
1586 return( status );
1587#endif /* PSA_CRYPTO_DRIVER_TEST */
1588#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1589
1590 /* Fell through, meaning no accelerator supports this operation */
1591 return( mbedtls_psa_aead_decrypt(
1592 attributes, key_buffer, key_buffer_size,
1593 alg,
1594 nonce, nonce_length,
1595 additional_data, additional_data_length,
1596 ciphertext, ciphertext_length,
1597 plaintext, plaintext_size, plaintext_length ) );
1598
1599 /* Add cases for opaque driver here */
1600
1601 default:
1602 /* Key is declared with a lifetime not known to us */
1603 (void)status;
1604 return( PSA_ERROR_INVALID_ARGUMENT );
1605 }
1606}
Steven Cooremand13a70f2021-03-19 15:24:23 +01001607
Paul Elliott6504aa62021-04-20 17:09:36 +01001608psa_status_t psa_driver_wrapper_aead_encrypt_setup(
1609 psa_aead_operation_t *operation,
1610 const psa_key_attributes_t *attributes,
1611 const uint8_t *key_buffer, size_t key_buffer_size,
1612 psa_algorithm_t alg )
1613{
1614 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1615 psa_key_location_t location =
1616 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
1617
1618 switch( location )
1619 {
1620 case PSA_KEY_LOCATION_LOCAL_STORAGE:
1621 /* Key is stored in the slot in export representation, so
1622 * cycle through all known transparent accelerators */
1623
1624#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1625#if defined(PSA_CRYPTO_DRIVER_TEST)
Paul Elliottd7ab9f12021-06-23 09:52:19 +01001626 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
Paul Elliotta218ceb2021-05-07 15:10:31 +01001627 status = mbedtls_test_transparent_aead_encrypt_setup(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001628 &operation->ctx.transparent_test_driver_ctx,
1629 attributes, key_buffer, key_buffer_size,
Paul Elliott4bbe82b2021-04-27 12:11:56 +01001630 alg );
Paul Elliott6504aa62021-04-20 17:09:36 +01001631
Paul Elliottd7ab9f12021-06-23 09:52:19 +01001632 /* Declared with fallback == true */
Paul Elliott6504aa62021-04-20 17:09:36 +01001633 if( status != PSA_ERROR_NOT_SUPPORTED )
1634 return( status );
1635#endif /* PSA_CRYPTO_DRIVER_TEST */
1636#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1637
1638 /* Fell through, meaning no accelerator supports this operation */
Paul Elliottd7ab9f12021-06-23 09:52:19 +01001639 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
Paul Elliott6504aa62021-04-20 17:09:36 +01001640 status = mbedtls_psa_aead_encrypt_setup(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001641 &operation->ctx.mbedtls_ctx, attributes,
Paul Elliott6504aa62021-04-20 17:09:36 +01001642 key_buffer, key_buffer_size,
1643 alg );
1644
Paul Elliott6504aa62021-04-20 17:09:36 +01001645 return( status );
1646
1647 /* Add cases for opaque driver here */
1648
1649 default:
1650 /* Key is declared with a lifetime not known to us */
1651 (void)status;
1652 return( PSA_ERROR_INVALID_ARGUMENT );
1653 }
1654}
1655
1656psa_status_t psa_driver_wrapper_aead_decrypt_setup(
1657 psa_aead_operation_t *operation,
1658 const psa_key_attributes_t *attributes,
1659 const uint8_t *key_buffer, size_t key_buffer_size,
1660 psa_algorithm_t alg )
1661{
1662 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1663 psa_key_location_t location =
1664 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
1665
1666 switch( location )
1667 {
1668 case PSA_KEY_LOCATION_LOCAL_STORAGE:
1669 /* Key is stored in the slot in export representation, so
1670 * cycle through all known transparent accelerators */
1671
1672#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1673#if defined(PSA_CRYPTO_DRIVER_TEST)
Paul Elliottd7ab9f12021-06-23 09:52:19 +01001674 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
Paul Elliotta218ceb2021-05-07 15:10:31 +01001675 status = mbedtls_test_transparent_aead_decrypt_setup(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001676 &operation->ctx.transparent_test_driver_ctx,
Paul Elliott5d3a3c32021-08-19 18:34:41 +01001677 attributes,
Paul Elliott4bbe82b2021-04-27 12:11:56 +01001678 key_buffer, key_buffer_size,
1679 alg );
Paul Elliott6504aa62021-04-20 17:09:36 +01001680
Paul Elliottd7ab9f12021-06-23 09:52:19 +01001681 /* Declared with fallback == true */
Paul Elliott6504aa62021-04-20 17:09:36 +01001682 if( status != PSA_ERROR_NOT_SUPPORTED )
1683 return( status );
1684#endif /* PSA_CRYPTO_DRIVER_TEST */
1685#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1686
1687 /* Fell through, meaning no accelerator supports this operation */
Paul Elliottd7ab9f12021-06-23 09:52:19 +01001688 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
Paul Elliott6504aa62021-04-20 17:09:36 +01001689 status = mbedtls_psa_aead_decrypt_setup(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001690 &operation->ctx.mbedtls_ctx,
Paul Elliott5d3a3c32021-08-19 18:34:41 +01001691 attributes,
Paul Elliott6504aa62021-04-20 17:09:36 +01001692 key_buffer, key_buffer_size,
1693 alg );
1694
Paul Elliott6504aa62021-04-20 17:09:36 +01001695 return( status );
1696
1697 /* Add cases for opaque driver here */
1698
1699 default:
1700 /* Key is declared with a lifetime not known to us */
1701 (void)status;
1702 return( PSA_ERROR_INVALID_ARGUMENT );
1703 }
1704}
1705
Paul Elliott6504aa62021-04-20 17:09:36 +01001706psa_status_t psa_driver_wrapper_aead_set_nonce(
1707 psa_aead_operation_t *operation,
1708 const uint8_t *nonce,
1709 size_t nonce_length )
1710{
1711 switch( operation->id )
1712 {
Paul Elliott5c656cb2021-05-19 14:15:01 +01001713#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
Paul Elliott6504aa62021-04-20 17:09:36 +01001714 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001715 return( mbedtls_psa_aead_set_nonce( &operation->ctx.mbedtls_ctx,
1716 nonce,
Paul Elliotta218ceb2021-05-07 15:10:31 +01001717 nonce_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001718
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001719#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
Paul Elliott6504aa62021-04-20 17:09:36 +01001720
1721#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1722#if defined(PSA_CRYPTO_DRIVER_TEST)
1723 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Paul Elliotta218ceb2021-05-07 15:10:31 +01001724 return( mbedtls_test_transparent_aead_set_nonce(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001725 &operation->ctx.transparent_test_driver_ctx,
1726 nonce, nonce_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001727
1728 /* Add cases for opaque driver here */
1729
1730#endif /* PSA_CRYPTO_DRIVER_TEST */
1731#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1732 }
1733
1734 (void)nonce;
1735 (void)nonce_length;
1736
1737 return( PSA_ERROR_INVALID_ARGUMENT );
1738}
1739
1740psa_status_t psa_driver_wrapper_aead_set_lengths(
1741 psa_aead_operation_t *operation,
1742 size_t ad_length,
1743 size_t plaintext_length )
1744{
1745 switch( operation->id )
1746 {
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001747#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
Paul Elliott6504aa62021-04-20 17:09:36 +01001748 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Paul Elliottdff6c5d2021-09-28 11:00:20 +01001749 return( mbedtls_psa_aead_set_lengths( &operation->ctx.mbedtls_ctx,
1750 ad_length,
1751 plaintext_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001752
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001753#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
Paul Elliott6504aa62021-04-20 17:09:36 +01001754
1755#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1756#if defined(PSA_CRYPTO_DRIVER_TEST)
1757 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Paul Elliotta218ceb2021-05-07 15:10:31 +01001758 return( mbedtls_test_transparent_aead_set_lengths(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001759 &operation->ctx.transparent_test_driver_ctx,
1760 ad_length, plaintext_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001761
1762 /* Add cases for opaque driver here */
1763
1764#endif /* PSA_CRYPTO_DRIVER_TEST */
1765#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1766 }
1767
1768 (void)ad_length;
1769 (void)plaintext_length;
1770
1771 return( PSA_ERROR_INVALID_ARGUMENT );
1772}
1773
1774psa_status_t psa_driver_wrapper_aead_update_ad(
1775 psa_aead_operation_t *operation,
1776 const uint8_t *input,
1777 size_t input_length )
1778{
1779 switch( operation->id )
1780 {
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001781#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
Paul Elliott6504aa62021-04-20 17:09:36 +01001782 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001783 return( mbedtls_psa_aead_update_ad( &operation->ctx.mbedtls_ctx,
1784 input,
Paul Elliotta218ceb2021-05-07 15:10:31 +01001785 input_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001786
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001787#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
Paul Elliott6504aa62021-04-20 17:09:36 +01001788
1789#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1790#if defined(PSA_CRYPTO_DRIVER_TEST)
1791 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Paul Elliotta218ceb2021-05-07 15:10:31 +01001792 return( mbedtls_test_transparent_aead_update_ad(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001793 &operation->ctx.transparent_test_driver_ctx,
1794 input, input_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001795
1796 /* Add cases for opaque driver here */
1797
1798#endif /* PSA_CRYPTO_DRIVER_TEST */
1799#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1800 }
1801
1802 (void)input;
1803 (void)input_length;
1804
1805 return( PSA_ERROR_INVALID_ARGUMENT );
1806}
1807
1808psa_status_t psa_driver_wrapper_aead_update(
1809 psa_aead_operation_t *operation,
1810 const uint8_t *input,
1811 size_t input_length,
1812 uint8_t *output,
1813 size_t output_size,
1814 size_t *output_length )
1815{
1816 switch( operation->id )
1817 {
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001818#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
Paul Elliott6504aa62021-04-20 17:09:36 +01001819 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001820 return( mbedtls_psa_aead_update( &operation->ctx.mbedtls_ctx,
1821 input, input_length,
Paul Elliotta218ceb2021-05-07 15:10:31 +01001822 output, output_size,
1823 output_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001824
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001825#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
Paul Elliott6504aa62021-04-20 17:09:36 +01001826
1827#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1828#if defined(PSA_CRYPTO_DRIVER_TEST)
1829 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Paul Elliotta218ceb2021-05-07 15:10:31 +01001830 return( mbedtls_test_transparent_aead_update(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001831 &operation->ctx.transparent_test_driver_ctx,
1832 input, input_length, output, output_size,
Paul Elliott4bbe82b2021-04-27 12:11:56 +01001833 output_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001834
1835 /* Add cases for opaque driver here */
1836
1837#endif /* PSA_CRYPTO_DRIVER_TEST */
1838#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1839 }
1840
1841 (void)input;
1842 (void)input_length;
1843 (void)output;
1844 (void)output_size;
1845 (void)output_length;
1846
1847 return( PSA_ERROR_INVALID_ARGUMENT );
1848}
1849
1850psa_status_t psa_driver_wrapper_aead_finish(
1851 psa_aead_operation_t *operation,
1852 uint8_t *ciphertext,
1853 size_t ciphertext_size,
1854 size_t *ciphertext_length,
1855 uint8_t *tag,
1856 size_t tag_size,
1857 size_t *tag_length )
1858{
1859 switch( operation->id )
1860 {
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001861#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
Paul Elliott6504aa62021-04-20 17:09:36 +01001862 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001863 return( mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx,
1864 ciphertext,
Paul Elliotta218ceb2021-05-07 15:10:31 +01001865 ciphertext_size,
1866 ciphertext_length, tag,
1867 tag_size, tag_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001868
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001869#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
Paul Elliott6504aa62021-04-20 17:09:36 +01001870
1871#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1872#if defined(PSA_CRYPTO_DRIVER_TEST)
1873 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Paul Elliotta218ceb2021-05-07 15:10:31 +01001874 return( mbedtls_test_transparent_aead_finish(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001875 &operation->ctx.transparent_test_driver_ctx,
1876 ciphertext, ciphertext_size,
Paul Elliott4bbe82b2021-04-27 12:11:56 +01001877 ciphertext_length, tag, tag_size, tag_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001878
1879 /* Add cases for opaque driver here */
1880
1881#endif /* PSA_CRYPTO_DRIVER_TEST */
1882#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1883 }
1884
1885 (void)ciphertext;
1886 (void)ciphertext_size;
1887 (void)ciphertext_length;
1888 (void)tag;
1889 (void)tag_size;
1890 (void)tag_length;
1891
1892 return( PSA_ERROR_INVALID_ARGUMENT );
1893}
1894
1895psa_status_t psa_driver_wrapper_aead_verify(
1896 psa_aead_operation_t *operation,
1897 uint8_t *plaintext,
1898 size_t plaintext_size,
1899 size_t *plaintext_length,
1900 const uint8_t *tag,
1901 size_t tag_length )
1902{
1903 switch( operation->id )
1904 {
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001905#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
Paul Elliott6504aa62021-04-20 17:09:36 +01001906 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Paul Elliott315628d2021-07-20 18:25:54 +01001907 {
1908 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1909 uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
1910 size_t check_tag_length;
1911
1912 status = mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx,
1913 plaintext,
1914 plaintext_size,
1915 plaintext_length,
1916 check_tag,
Paul Elliottb183d562021-09-13 19:02:57 +01001917 sizeof( check_tag ),
Paul Elliott315628d2021-07-20 18:25:54 +01001918 &check_tag_length );
1919
1920 if( status == PSA_SUCCESS )
1921 {
1922 if( tag_length != check_tag_length ||
1923 mbedtls_psa_safer_memcmp( tag, check_tag, tag_length )
1924 != 0 )
1925 status = PSA_ERROR_INVALID_SIGNATURE;
1926 }
1927
Paul Elliott06b6b8c2021-09-13 19:02:04 +01001928 mbedtls_platform_zeroize( check_tag, sizeof( check_tag ) );
1929
Paul Elliott315628d2021-07-20 18:25:54 +01001930 return( status );
1931 }
Paul Elliott6504aa62021-04-20 17:09:36 +01001932
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001933#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
Paul Elliott6504aa62021-04-20 17:09:36 +01001934
1935#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1936#if defined(PSA_CRYPTO_DRIVER_TEST)
1937 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Paul Elliotta218ceb2021-05-07 15:10:31 +01001938 return( mbedtls_test_transparent_aead_verify(
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001939 &operation->ctx.transparent_test_driver_ctx,
1940 plaintext, plaintext_size,
Paul Elliott4bbe82b2021-04-27 12:11:56 +01001941 plaintext_length, tag, tag_length ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001942
1943 /* Add cases for opaque driver here */
1944
1945#endif /* PSA_CRYPTO_DRIVER_TEST */
1946#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1947 }
1948
1949 (void)plaintext;
1950 (void)plaintext_size;
1951 (void)plaintext_length;
1952 (void)tag;
1953 (void)tag_length;
1954
1955 return( PSA_ERROR_INVALID_ARGUMENT );
1956}
1957
1958psa_status_t psa_driver_wrapper_aead_abort(
1959 psa_aead_operation_t *operation )
1960{
1961 switch( operation->id )
1962 {
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001963#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
Paul Elliott6504aa62021-04-20 17:09:36 +01001964 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001965 return( mbedtls_psa_aead_abort( &operation->ctx.mbedtls_ctx ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001966
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001967#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
Paul Elliott6504aa62021-04-20 17:09:36 +01001968
1969#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1970#if defined(PSA_CRYPTO_DRIVER_TEST)
1971 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Paul Elliottcbbde5f2021-05-10 18:19:46 +01001972 return( mbedtls_test_transparent_aead_abort(
1973 &operation->ctx.transparent_test_driver_ctx ) );
Paul Elliott6504aa62021-04-20 17:09:36 +01001974
1975 /* Add cases for opaque driver here */
1976
1977#endif /* PSA_CRYPTO_DRIVER_TEST */
1978#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1979 }
1980
1981 return( PSA_ERROR_INVALID_ARGUMENT );
1982}
Steven Cooremand13a70f2021-03-19 15:24:23 +01001983
1984/*
1985 * MAC functions
1986 */
1987psa_status_t psa_driver_wrapper_mac_compute(
1988 const psa_key_attributes_t *attributes,
1989 const uint8_t *key_buffer,
1990 size_t key_buffer_size,
1991 psa_algorithm_t alg,
1992 const uint8_t *input,
1993 size_t input_length,
1994 uint8_t *mac,
1995 size_t mac_size,
1996 size_t *mac_length )
1997{
1998 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1999 psa_key_location_t location =
2000 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
2001
2002 switch( location )
2003 {
2004 case PSA_KEY_LOCATION_LOCAL_STORAGE:
2005 /* Key is stored in the slot in export representation, so
2006 * cycle through all known transparent accelerators */
2007#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2008#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002009 status = mbedtls_test_transparent_mac_compute(
Steven Cooremand13a70f2021-03-19 15:24:23 +01002010 attributes, key_buffer, key_buffer_size, alg,
2011 input, input_length,
2012 mac, mac_size, mac_length );
2013 /* Declared with fallback == true */
2014 if( status != PSA_ERROR_NOT_SUPPORTED )
2015 return( status );
2016#endif /* PSA_CRYPTO_DRIVER_TEST */
2017#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2018#if defined(MBEDTLS_PSA_BUILTIN_MAC)
2019 /* Fell through, meaning no accelerator supports this operation */
2020 status = mbedtls_psa_mac_compute(
2021 attributes, key_buffer, key_buffer_size, alg,
2022 input, input_length,
2023 mac, mac_size, mac_length );
2024 if( status != PSA_ERROR_NOT_SUPPORTED )
2025 return( status );
2026#endif /* MBEDTLS_PSA_BUILTIN_MAC */
2027 return( PSA_ERROR_NOT_SUPPORTED );
2028
2029 /* Add cases for opaque driver here */
2030#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2031#if defined(PSA_CRYPTO_DRIVER_TEST)
2032 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002033 status = mbedtls_test_opaque_mac_compute(
Steven Cooremand13a70f2021-03-19 15:24:23 +01002034 attributes, key_buffer, key_buffer_size, alg,
2035 input, input_length,
2036 mac, mac_size, mac_length );
2037 return( status );
2038#endif /* PSA_CRYPTO_DRIVER_TEST */
2039#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2040 default:
2041 /* Key is declared with a lifetime not known to us */
2042 (void) key_buffer;
2043 (void) key_buffer_size;
2044 (void) alg;
2045 (void) input;
2046 (void) input_length;
2047 (void) mac;
2048 (void) mac_size;
2049 (void) mac_length;
2050 (void) status;
2051 return( PSA_ERROR_INVALID_ARGUMENT );
2052 }
2053}
2054
2055psa_status_t psa_driver_wrapper_mac_sign_setup(
2056 psa_mac_operation_t *operation,
2057 const psa_key_attributes_t *attributes,
2058 const uint8_t *key_buffer,
2059 size_t key_buffer_size,
2060 psa_algorithm_t alg )
2061{
2062 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2063 psa_key_location_t location =
2064 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
2065
2066 switch( location )
2067 {
2068 case PSA_KEY_LOCATION_LOCAL_STORAGE:
2069 /* Key is stored in the slot in export representation, so
2070 * cycle through all known transparent accelerators */
2071#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2072#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002073 status = mbedtls_test_transparent_mac_sign_setup(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002074 &operation->ctx.transparent_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002075 attributes,
2076 key_buffer, key_buffer_size,
2077 alg );
2078 /* Declared with fallback == true */
2079 if( status == PSA_SUCCESS )
2080 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
2081
2082 if( status != PSA_ERROR_NOT_SUPPORTED )
2083 return( status );
2084#endif /* PSA_CRYPTO_DRIVER_TEST */
2085#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2086#if defined(MBEDTLS_PSA_BUILTIN_MAC)
2087 /* Fell through, meaning no accelerator supports this operation */
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002088 status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002089 attributes,
2090 key_buffer, key_buffer_size,
2091 alg );
2092 if( status == PSA_SUCCESS )
2093 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
2094
2095 if( status != PSA_ERROR_NOT_SUPPORTED )
2096 return( status );
2097#endif /* MBEDTLS_PSA_BUILTIN_MAC */
2098 return( PSA_ERROR_NOT_SUPPORTED );
2099
2100 /* Add cases for opaque driver here */
2101#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2102#if defined(PSA_CRYPTO_DRIVER_TEST)
2103 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002104 status = mbedtls_test_opaque_mac_sign_setup(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002105 &operation->ctx.opaque_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002106 attributes,
2107 key_buffer, key_buffer_size,
2108 alg );
2109
2110 if( status == PSA_SUCCESS )
2111 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
2112
2113 return( status );
2114#endif /* PSA_CRYPTO_DRIVER_TEST */
2115#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2116 default:
2117 /* Key is declared with a lifetime not known to us */
2118 (void) status;
Ronald Cron7a55deb2021-04-28 14:29:00 +02002119 (void) operation;
Steven Cooremand13a70f2021-03-19 15:24:23 +01002120 (void) key_buffer;
2121 (void) key_buffer_size;
2122 (void) alg;
2123 return( PSA_ERROR_INVALID_ARGUMENT );
2124 }
2125}
2126
2127psa_status_t psa_driver_wrapper_mac_verify_setup(
2128 psa_mac_operation_t *operation,
2129 const psa_key_attributes_t *attributes,
2130 const uint8_t *key_buffer,
2131 size_t key_buffer_size,
2132 psa_algorithm_t alg )
2133{
2134 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2135 psa_key_location_t location =
2136 PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
2137
2138 switch( location )
2139 {
2140 case PSA_KEY_LOCATION_LOCAL_STORAGE:
2141 /* Key is stored in the slot in export representation, so
2142 * cycle through all known transparent accelerators */
2143#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2144#if defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002145 status = mbedtls_test_transparent_mac_verify_setup(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002146 &operation->ctx.transparent_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002147 attributes,
2148 key_buffer, key_buffer_size,
2149 alg );
2150 /* Declared with fallback == true */
2151 if( status == PSA_SUCCESS )
2152 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
2153
2154 if( status != PSA_ERROR_NOT_SUPPORTED )
2155 return( status );
2156#endif /* PSA_CRYPTO_DRIVER_TEST */
2157#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2158#if defined(MBEDTLS_PSA_BUILTIN_MAC)
2159 /* Fell through, meaning no accelerator supports this operation */
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002160 status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002161 attributes,
2162 key_buffer, key_buffer_size,
2163 alg );
2164 if( status == PSA_SUCCESS )
2165 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
2166
2167 if( status != PSA_ERROR_NOT_SUPPORTED )
2168 return( status );
2169#endif /* MBEDTLS_PSA_BUILTIN_MAC */
2170 return( PSA_ERROR_NOT_SUPPORTED );
2171
2172 /* Add cases for opaque driver here */
2173#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2174#if defined(PSA_CRYPTO_DRIVER_TEST)
2175 case PSA_CRYPTO_TEST_DRIVER_LOCATION:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002176 status = mbedtls_test_opaque_mac_verify_setup(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002177 &operation->ctx.opaque_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002178 attributes,
2179 key_buffer, key_buffer_size,
2180 alg );
2181
2182 if( status == PSA_SUCCESS )
2183 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
2184
2185 return( status );
2186#endif /* PSA_CRYPTO_DRIVER_TEST */
2187#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2188 default:
2189 /* Key is declared with a lifetime not known to us */
2190 (void) status;
Ronald Cron7a55deb2021-04-28 14:29:00 +02002191 (void) operation;
Steven Cooremand13a70f2021-03-19 15:24:23 +01002192 (void) key_buffer;
2193 (void) key_buffer_size;
2194 (void) alg;
2195 return( PSA_ERROR_INVALID_ARGUMENT );
2196 }
2197}
2198
2199psa_status_t psa_driver_wrapper_mac_update(
2200 psa_mac_operation_t *operation,
2201 const uint8_t *input,
2202 size_t input_length )
2203{
2204 switch( operation->id )
2205 {
2206#if defined(MBEDTLS_PSA_BUILTIN_MAC)
2207 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002208 return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002209 input, input_length ) );
2210#endif /* MBEDTLS_PSA_BUILTIN_MAC */
2211
2212#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2213#if defined(PSA_CRYPTO_DRIVER_TEST)
2214 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002215 return( mbedtls_test_transparent_mac_update(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002216 &operation->ctx.transparent_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002217 input, input_length ) );
2218
2219 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002220 return( mbedtls_test_opaque_mac_update(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002221 &operation->ctx.opaque_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002222 input, input_length ) );
2223#endif /* PSA_CRYPTO_DRIVER_TEST */
2224#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2225 default:
2226 (void) input;
2227 (void) input_length;
2228 return( PSA_ERROR_INVALID_ARGUMENT );
2229 }
2230}
2231
2232psa_status_t psa_driver_wrapper_mac_sign_finish(
2233 psa_mac_operation_t *operation,
2234 uint8_t *mac,
2235 size_t mac_size,
2236 size_t *mac_length )
2237{
2238 switch( operation->id )
2239 {
2240#if defined(MBEDTLS_PSA_BUILTIN_MAC)
2241 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002242 return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002243 mac, mac_size, mac_length ) );
2244#endif /* MBEDTLS_PSA_BUILTIN_MAC */
2245
2246#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2247#if defined(PSA_CRYPTO_DRIVER_TEST)
2248 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002249 return( mbedtls_test_transparent_mac_sign_finish(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002250 &operation->ctx.transparent_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002251 mac, mac_size, mac_length ) );
2252
2253 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002254 return( mbedtls_test_opaque_mac_sign_finish(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002255 &operation->ctx.opaque_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002256 mac, mac_size, mac_length ) );
2257#endif /* PSA_CRYPTO_DRIVER_TEST */
2258#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2259 default:
2260 (void) mac;
2261 (void) mac_size;
2262 (void) mac_length;
2263 return( PSA_ERROR_INVALID_ARGUMENT );
2264 }
2265}
2266
2267psa_status_t psa_driver_wrapper_mac_verify_finish(
2268 psa_mac_operation_t *operation,
2269 const uint8_t *mac,
2270 size_t mac_length )
2271{
2272 switch( operation->id )
2273 {
2274#if defined(MBEDTLS_PSA_BUILTIN_MAC)
2275 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002276 return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002277 mac, mac_length ) );
2278#endif /* MBEDTLS_PSA_BUILTIN_MAC */
2279
2280#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2281#if defined(PSA_CRYPTO_DRIVER_TEST)
2282 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002283 return( mbedtls_test_transparent_mac_verify_finish(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002284 &operation->ctx.transparent_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002285 mac, mac_length ) );
2286
2287 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002288 return( mbedtls_test_opaque_mac_verify_finish(
Steven Cooreman77e2cc52021-03-19 17:05:52 +01002289 &operation->ctx.opaque_test_driver_ctx,
Steven Cooremand13a70f2021-03-19 15:24:23 +01002290 mac, mac_length ) );
2291#endif /* PSA_CRYPTO_DRIVER_TEST */
2292#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2293 default:
2294 (void) mac;
2295 (void) mac_length;
2296 return( PSA_ERROR_INVALID_ARGUMENT );
2297 }
2298}
2299
2300psa_status_t psa_driver_wrapper_mac_abort(
2301 psa_mac_operation_t *operation )
2302{
Steven Cooremand13a70f2021-03-19 15:24:23 +01002303 switch( operation->id )
2304 {
2305#if defined(MBEDTLS_PSA_BUILTIN_MAC)
2306 case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
Steven Cooremane6804192021-03-19 18:28:56 +01002307 return( mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ) );
Steven Cooremand13a70f2021-03-19 15:24:23 +01002308#endif /* MBEDTLS_PSA_BUILTIN_MAC */
2309
2310#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2311#if defined(PSA_CRYPTO_DRIVER_TEST)
2312 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002313 return( mbedtls_test_transparent_mac_abort(
Steven Cooremane6804192021-03-19 18:28:56 +01002314 &operation->ctx.transparent_test_driver_ctx ) );
Steven Cooremand13a70f2021-03-19 15:24:23 +01002315 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
Steven Cooremanc7f0a572021-04-29 21:10:11 +02002316 return( mbedtls_test_opaque_mac_abort(
Steven Cooremane6804192021-03-19 18:28:56 +01002317 &operation->ctx.opaque_test_driver_ctx ) );
Steven Cooremand13a70f2021-03-19 15:24:23 +01002318#endif /* PSA_CRYPTO_DRIVER_TEST */
2319#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2320 default:
Steven Cooremane6804192021-03-19 18:28:56 +01002321 return( PSA_ERROR_INVALID_ARGUMENT );
Steven Cooremand13a70f2021-03-19 15:24:23 +01002322 }
Steven Cooremand13a70f2021-03-19 15:24:23 +01002323}
Gilles Peskine1905a242021-04-24 13:19:45 +02002324
2325#endif /* MBEDTLS_PSA_CRYPTO_C */