Crypto: Allow renaming the TF-M Crypto APIs in the interface
The TF-M Crypto APIs by default coincide with the standard function
names specified in the PSA Crypto API specification. To allow more
flexibility in particular integration environments where different
implementations of the PSA Crypto API functions are available at
build time, the CONFIG_TFM_CRYPTO_API_RENAME define is introduced.
Setting it allows prefixing the PSA Crypto APIs exported by TF-M
with a prefix which is hardcoded in the TFM_CRYPTO_API macro,
defined in the interface file itself.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: Ic94f18ef8eb682d6afbbe05c2d07c180a035f0ee
diff --git a/docs/integration_guide/services/tfm_crypto_integration_guide.rst b/docs/integration_guide/services/tfm_crypto_integration_guide.rst
index 1218bfb..96a9b59 100644
--- a/docs/integration_guide/services/tfm_crypto_integration_guide.rst
+++ b/docs/integration_guide/services/tfm_crypto_integration_guide.rst
@@ -95,7 +95,13 @@
the contexts is much simpler (i.e. just an handle), and the Alloc module
keeps track of the association between handles and contexts
- ``tfm_crypto_api.c`` : This module is contained in ``interface/src`` and
- implements the PSA Crypto API client interface exposed to both S/NS clients
+ implements the PSA Crypto API client interface exposed to both S/NS clients.
+ This module allows a configuration option ``CONFIG_TFM_CRYPTO_API_RENAME``
+ to be set to 1 in case the NS environment or integrators want to rename the
+ API symbols exported by the TF-M Crypto service. The renaming adds a default
+ prefix, ``tfm_crypto__`` to all functions. The prefix can be changed editing
+ the interface file. This config option is for the NS environment or
+ integration setup only, hence it is not accessible through the TF-M config
- ``tfm_mbedcrypto_alt.c`` : This module is specific to the mbed TLS [3]_
library integration and provides some alternative implementation of mbed TLS
APIs that can be used when a optimised profile is chosen. Through the
diff --git a/interface/src/tfm_crypto_api.c b/interface/src/tfm_crypto_api.c
index 5cb22f8..8c85732 100644
--- a/interface/src/tfm_crypto_api.c
+++ b/interface/src/tfm_crypto_api.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -19,7 +19,40 @@
in_vec, IOVEC_LEN(in_vec), \
(psa_outvec *)NULL, 0)
-psa_status_t psa_crypto_init(void)
+/*!
+ * \def CONFIG_TFM_CRYPTO_API_RENAME
+ *
+ * \brief By setting this to 1, system integrators can rename the symbols of the
+ * PSA Crypto APIs available in the TF-M interface. It allows flexibility
+ * for some integration setups where multiple providers of the PSA Crypto
+ * APIs are available at link time. Normally this configuration option
+ * should not be enabled when building the Secure interface because the
+ * secure partitions will just use the standard function names. By default
+ * it prepends the "tfm_crypto__" prefix.
+ *
+ * \note This config option is not available through the TF-M configuration as
+ * it's for NS applications and system integrators to enable.
+ */
+
+/*!
+ * \def TFM_CRYPTO_API(ret, fun)
+ *
+ * \brief Define the function signature of a TF-M Crypto API with return
+ * type \a ret and PSA Crypto API function name \a fun
+ *
+ * \param ret return type associated to the API
+ * \param fun API name (e.g. a PSA Crypto API function name)
+ *
+ * \returns Function signature
+ */
+
+#if CONFIG_TFM_CRYPTO_API_RENAME == 1
+#define TFM_CRYPTO_API(ret, fun) ret tfm_crypto__##fun
+#else
+#define TFM_CRYPTO_API(ret, fun) ret fun
+#endif /* CONFIG_TFM_CRYPTO_API_RENAME */
+
+TFM_CRYPTO_API(psa_status_t, psa_crypto_init)(void)
{
/* Service init is performed during TFM boot up,
* so application level initialisation is empty
@@ -27,8 +60,8 @@
return PSA_SUCCESS;
}
-psa_status_t psa_open_key(psa_key_id_t id,
- psa_key_id_t *key)
+TFM_CRYPTO_API(psa_status_t, psa_open_key)(psa_key_id_t id,
+ psa_key_id_t *key)
{
const struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_OPEN_KEY_SID,
@@ -44,7 +77,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_close_key(psa_key_id_t key)
+TFM_CRYPTO_API(psa_status_t, psa_close_key)(psa_key_id_t key)
{
const struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_CLOSE_KEY_SID,
@@ -57,10 +90,10 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
- const uint8_t *data,
- size_t data_length,
- psa_key_id_t *key)
+TFM_CRYPTO_API(psa_status_t, psa_import_key)(const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ psa_key_id_t *key)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_IMPORT_KEY_SID,
@@ -77,7 +110,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_destroy_key(psa_key_id_t key)
+TFM_CRYPTO_API(psa_status_t, psa_destroy_key)(psa_key_id_t key)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_DESTROY_KEY_SID,
@@ -90,8 +123,8 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_get_key_attributes(psa_key_id_t key,
- psa_key_attributes_t *attributes)
+TFM_CRYPTO_API(psa_status_t, psa_get_key_attributes)(psa_key_id_t key,
+ psa_key_attributes_t *attributes)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
@@ -107,7 +140,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-void psa_reset_key_attributes(psa_key_attributes_t *attributes)
+TFM_CRYPTO_API(void, psa_reset_key_attributes)(psa_key_attributes_t *attributes)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
@@ -123,10 +156,10 @@
return;
}
-psa_status_t psa_export_key(psa_key_id_t key,
- uint8_t *data,
- size_t data_size,
- size_t *data_length)
+TFM_CRYPTO_API(psa_status_t, psa_export_key)(psa_key_id_t key,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -147,10 +180,10 @@
return status;
}
-psa_status_t psa_export_public_key(psa_key_id_t key,
- uint8_t *data,
- size_t data_size,
- size_t *data_length)
+TFM_CRYPTO_API(psa_status_t, psa_export_public_key)(psa_key_id_t key,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -172,7 +205,7 @@
return status;
}
-psa_status_t psa_purge_key(psa_key_id_t key)
+TFM_CRYPTO_API(psa_status_t, psa_purge_key)(psa_key_id_t key)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_PURGE_KEY_SID,
@@ -185,9 +218,9 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_copy_key(psa_key_id_t source_key,
- const psa_key_attributes_t *attributes,
- psa_key_id_t *target_key)
+TFM_CRYPTO_API(psa_status_t, psa_copy_key)(psa_key_id_t source_key,
+ const psa_key_attributes_t *attributes,
+ psa_key_id_t *target_key)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_COPY_KEY_SID,
@@ -206,10 +239,10 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
- unsigned char *iv,
- size_t iv_size,
- size_t *iv_length)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_generate_iv)(psa_cipher_operation_t *operation,
+ unsigned char *iv,
+ size_t iv_size,
+ size_t *iv_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -231,9 +264,9 @@
return status;
}
-psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
- const unsigned char *iv,
- size_t iv_length)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_set_iv)(psa_cipher_operation_t *operation,
+ const unsigned char *iv,
+ size_t iv_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
@@ -248,9 +281,9 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_encrypt_setup)(psa_cipher_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
@@ -269,9 +302,9 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_decrypt_setup)(psa_cipher_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
@@ -290,12 +323,12 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- unsigned char *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_update)(psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ unsigned char *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -318,7 +351,7 @@
return status;
}
-psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_abort)(psa_cipher_operation_t *operation)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_CIPHER_ABORT_SID,
@@ -335,10 +368,10 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_finish)(psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -361,8 +394,8 @@
return status;
}
-psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_hash_setup)(psa_hash_operation_t *operation,
+ psa_algorithm_t alg)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_HASH_SETUP_SID,
@@ -380,9 +413,9 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_hash_update(psa_hash_operation_t *operation,
- const uint8_t *input,
- size_t input_length)
+TFM_CRYPTO_API(psa_status_t, psa_hash_update)(psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_HASH_UPDATE_SID,
@@ -397,10 +430,10 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length)
+TFM_CRYPTO_API(psa_status_t, psa_hash_finish)(psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -423,9 +456,9 @@
return status;
}
-psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
- const uint8_t *hash,
- size_t hash_length)
+TFM_CRYPTO_API(psa_status_t, psa_hash_verify)(psa_hash_operation_t *operation,
+ const uint8_t *hash,
+ size_t hash_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_HASH_VERIFY_SID,
@@ -443,7 +476,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
+TFM_CRYPTO_API(psa_status_t, psa_hash_abort)(psa_hash_operation_t *operation)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_HASH_ABORT_SID,
@@ -460,8 +493,8 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
- psa_hash_operation_t *target_operation)
+TFM_CRYPTO_API(psa_status_t, psa_hash_clone)(const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_HASH_CLONE_SID,
@@ -485,12 +518,12 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_hash_compute(psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length)
+TFM_CRYPTO_API(psa_status_t, psa_hash_compute)(psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -514,11 +547,11 @@
return status;
}
-psa_status_t psa_hash_compare(psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *hash,
- size_t hash_length)
+TFM_CRYPTO_API(psa_status_t, psa_hash_compare)(psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *hash,
+ size_t hash_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_HASH_COMPARE_SID,
@@ -534,9 +567,9 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_mac_sign_setup)(psa_mac_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
@@ -555,9 +588,9 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_mac_verify_setup)(psa_mac_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
@@ -576,9 +609,9 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_mac_update(psa_mac_operation_t *operation,
- const uint8_t *input,
- size_t input_length)
+TFM_CRYPTO_API(psa_status_t, psa_mac_update)(psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_MAC_UPDATE_SID,
@@ -593,10 +626,10 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length)
+TFM_CRYPTO_API(psa_status_t, psa_mac_sign_finish)(psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -619,9 +652,9 @@
return status;
}
-psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
- const uint8_t *mac,
- size_t mac_length)
+TFM_CRYPTO_API(psa_status_t, psa_mac_verify_finish)(psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
@@ -639,7 +672,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
+TFM_CRYPTO_API(psa_status_t, psa_mac_abort)(psa_mac_operation_t *operation)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_MAC_ABORT_SID,
@@ -656,17 +689,17 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_aead_encrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *nonce,
- size_t nonce_length,
- const uint8_t *additional_data,
- size_t additional_data_length,
- const uint8_t *plaintext,
- size_t plaintext_length,
- uint8_t *ciphertext,
- size_t ciphertext_size,
- size_t *ciphertext_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_encrypt)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *plaintext,
+ size_t plaintext_length,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -717,17 +750,17 @@
return status;
}
-psa_status_t psa_aead_decrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *nonce,
- size_t nonce_length,
- const uint8_t *additional_data,
- size_t additional_data_length,
- const uint8_t *ciphertext,
- size_t ciphertext_length,
- uint8_t *plaintext,
- size_t plaintext_size,
- size_t *plaintext_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_decrypt)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -778,9 +811,9 @@
return status;
}
-psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_aead_encrypt_setup)(psa_aead_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -801,9 +834,9 @@
return status;
}
-psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
- psa_key_id_t key,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_aead_decrypt_setup)(psa_aead_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -824,10 +857,10 @@
return status;
}
-psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
- uint8_t *nonce,
- size_t nonce_size,
- size_t *nonce_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_generate_nonce)(psa_aead_operation_t *operation,
+ uint8_t *nonce,
+ size_t nonce_size,
+ size_t *nonce_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -848,9 +881,9 @@
return status;
}
-psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
- const uint8_t *nonce,
- size_t nonce_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_set_nonce)(psa_aead_operation_t *operation,
+ const uint8_t *nonce,
+ size_t nonce_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -867,9 +900,9 @@
return status;
}
-psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
- size_t ad_length,
- size_t plaintext_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_set_lengths)(psa_aead_operation_t *operation,
+ size_t ad_length,
+ size_t plaintext_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -887,9 +920,9 @@
return status;
}
-psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
- const uint8_t *input,
- size_t input_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_update_ad)(psa_aead_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -917,12 +950,12 @@
return status;
}
-psa_status_t psa_aead_update(psa_aead_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_update)(psa_aead_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -955,13 +988,13 @@
return status;
}
-psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
- uint8_t *ciphertext,
- size_t ciphertext_size,
- size_t *ciphertext_length,
- uint8_t *tag,
- size_t tag_size,
- size_t *tag_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_finish)(psa_aead_operation_t *operation,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length,
+ uint8_t *tag,
+ size_t tag_size,
+ size_t *tag_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1007,12 +1040,12 @@
return status;
}
-psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
- uint8_t *plaintext,
- size_t plaintext_size,
- size_t *plaintext_length,
- const uint8_t *tag,
- size_t tag_length)
+TFM_CRYPTO_API(psa_status_t, psa_aead_verify)(psa_aead_operation_t *operation,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length,
+ const uint8_t *tag,
+ size_t tag_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1055,7 +1088,7 @@
return status;
}
-psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
+TFM_CRYPTO_API(psa_status_t, psa_aead_abort)(psa_aead_operation_t *operation)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_AEAD_ABORT_SID,
@@ -1072,13 +1105,13 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_sign_message(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length)
+TFM_CRYPTO_API(psa_status_t, psa_sign_message)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1101,12 +1134,12 @@
return status;
}
-psa_status_t psa_verify_message(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *signature,
- size_t signature_length)
+TFM_CRYPTO_API(psa_status_t, psa_verify_message)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE_SID,
@@ -1123,13 +1156,13 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_sign_hash(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length)
+TFM_CRYPTO_API(psa_status_t, psa_sign_hash)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1153,12 +1186,12 @@
return status;
}
-psa_status_t psa_verify_hash(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- const uint8_t *signature,
- size_t signature_length)
+TFM_CRYPTO_API(psa_status_t, psa_verify_hash)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH_SID,
@@ -1175,15 +1208,15 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_asymmetric_encrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *salt,
- size_t salt_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_asymmetric_encrypt)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1220,15 +1253,15 @@
return status;
}
-psa_status_t psa_asymmetric_decrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *salt,
- size_t salt_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_asymmetric_decrypt)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1265,7 +1298,7 @@
return status;
}
-psa_status_t psa_key_derivation_get_capacity(
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_get_capacity)(
const psa_key_derivation_operation_t *operation,
size_t *capacity)
{
@@ -1285,7 +1318,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_key_derivation_output_bytes(
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_output_bytes)(
psa_key_derivation_operation_t *operation,
uint8_t *output,
size_t output_length)
@@ -1306,7 +1339,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_key_derivation_input_key(
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_input_key)(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
psa_key_id_t key)
@@ -1325,7 +1358,7 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_abort)(psa_key_derivation_operation_t *operation)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
@@ -1343,7 +1376,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_key_derivation_key_agreement(
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_key_agreement)(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
psa_key_id_t private_key,
@@ -1365,8 +1398,8 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_generate_random(uint8_t *output,
- size_t output_size)
+TFM_CRYPTO_API(psa_status_t, psa_generate_random)(uint8_t *output,
+ size_t output_size)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
@@ -1387,8 +1420,8 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
- psa_key_id_t *key)
+TFM_CRYPTO_API(psa_status_t, psa_generate_key)(const psa_key_attributes_t *attributes,
+ psa_key_id_t *key)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_GENERATE_KEY_SID,
@@ -1406,13 +1439,13 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_mac_compute(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length)
+TFM_CRYPTO_API(psa_status_t, psa_mac_compute)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1435,12 +1468,12 @@
return status;
}
-psa_status_t psa_mac_verify(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- const uint8_t *mac,
- const size_t mac_length)
+TFM_CRYPTO_API(psa_status_t, psa_mac_verify)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *mac,
+ const size_t mac_length)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_MAC_VERIFY_SID,
@@ -1457,13 +1490,13 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_cipher_encrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_encrypt)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1486,13 +1519,13 @@
return status;
}
-psa_status_t psa_cipher_decrypt(psa_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_cipher_decrypt)(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1515,13 +1548,13 @@
return status;
}
-psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
- psa_key_id_t private_key,
- const uint8_t *peer_key,
- size_t peer_key_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length)
+TFM_CRYPTO_API(psa_status_t, psa_raw_key_agreement)(psa_algorithm_t alg,
+ psa_key_id_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
@@ -1546,8 +1579,8 @@
return status;
}
-psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation,
- psa_algorithm_t alg)
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_setup)(psa_key_derivation_operation_t *operation,
+ psa_algorithm_t alg)
{
struct tfm_crypto_pack_iovec iov = {
.function_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
@@ -1565,7 +1598,7 @@
return API_DISPATCH(in_vec, out_vec);
}
-psa_status_t psa_key_derivation_set_capacity(
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_set_capacity)(
psa_key_derivation_operation_t *operation,
size_t capacity)
{
@@ -1582,7 +1615,7 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_key_derivation_input_bytes(
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_input_bytes)(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
const uint8_t *data,
@@ -1602,7 +1635,7 @@
return API_DISPATCH_NO_OUTVEC(in_vec);
}
-psa_status_t psa_key_derivation_output_key(
+TFM_CRYPTO_API(psa_status_t, psa_key_derivation_output_key)(
const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation,
psa_key_id_t *key)