TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / sandbox / pfalcon / trusted-firmware-m / 202425a49119ef21f99d1e78c2cd33edd1819474 / . / interface / include / tfm_crypto_defs.h
blob: 1d26c0680d87f847f81ed2fbc6baa23b4637787c [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Antonio de Angelisc26af632021-10-07 15:04:12 +0100[diff] [blame]2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#ifndef __TFM_CRYPTO_DEFS_H__
9#define __TFM_CRYPTO_DEFS_H__
10
11#ifdef __cplusplus
12extern "C" {
13#endif
14
15#include <stdint.h>
16#include <limits.h>
17#include "tfm_api.h"
Jamie Foxcc31d402019-01-28 17:13:52 +0000[diff] [blame]18#include "psa/crypto.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]19
20/**
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]21 * \brief This type is used to overcome a limitation in the number of maximum
22 * IOVECs that can be used especially in psa_aead_encrypt and
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame^]23 * psa_aead_decrypt.
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]24 */
25#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u)
26struct tfm_crypto_aead_pack_input {
27 uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH];
28 uint32_t nonce_length;
29};
30
31/**
32 * \brief Structure used to pack non-pointer types in a call
33 *
34 */
35struct tfm_crypto_pack_iovec {
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame^]36 uint32_t function_id; /*!< Used to identify the function in the
37 * API dispatcher to the service backend
38 */
39 uint16_t step; /*!< Key derivation step */
40 psa_key_id_t key_id; /*!< Key id */
41 psa_algorithm_t alg; /*!< Algorithm */
42 uint32_t op_handle; /*!< Frontend context handle associated to a
43 * multipart operation
44 */
45 size_t capacity; /*!< Key derivation capacity */
46 size_t ad_length; /*!< Additional Data length for multipart AEAD */
47 size_t plaintext_length; /*!< Plaintext length for multipart AEAD */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]48
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame^]49 struct tfm_crypto_aead_pack_input aead_in; /*!< Packs AEAD-related inputs */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]50};
51
52/**
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame^]53 * \brief X macro describing each of the available PSA Crypto APIs in terms of
54 * group ID (\ref tfm_crypto_group_id) and multipart function type
55 * (\ref tfm_crypto_function_type)
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]56 */
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame^]57#define TFM_CRYPTO_SERVICE_API_DESCRIPTION \
58 X(TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID, \
59 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
60 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
61 X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID, \
62 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
63 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
64 X(TFM_CRYPTO_OPEN_KEY_SID, \
65 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
66 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
67 X(TFM_CRYPTO_CLOSE_KEY_SID, \
68 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
69 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
70 X(TFM_CRYPTO_IMPORT_KEY_SID, \
71 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
72 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
73 X(TFM_CRYPTO_DESTROY_KEY_SID, \
74 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
75 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
76 X(TFM_CRYPTO_EXPORT_KEY_SID, \
77 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
78 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
79 X(TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID, \
80 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
81 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
82 X(TFM_CRYPTO_PURGE_KEY_SID, \
83 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
84 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
85 X(TFM_CRYPTO_COPY_KEY_SID, \
86 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
87 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
88 X(TFM_CRYPTO_GENERATE_KEY_SID, \
89 TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, \
90 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
91 X(TFM_CRYPTO_HASH_COMPUTE_SID, \
92 TFM_CRYPTO_GROUP_ID_HASH, \
93 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
94 X(TFM_CRYPTO_HASH_COMPARE_SID, \
95 TFM_CRYPTO_GROUP_ID_HASH, \
96 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
97 X(TFM_CRYPTO_HASH_SETUP_SID, \
98 TFM_CRYPTO_GROUP_ID_HASH, \
99 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
100 X(TFM_CRYPTO_HASH_UPDATE_SID, \
101 TFM_CRYPTO_GROUP_ID_HASH, \
102 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
103 X(TFM_CRYPTO_HASH_CLONE_SID, \
104 TFM_CRYPTO_GROUP_ID_HASH, \
105 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
106 X(TFM_CRYPTO_HASH_FINISH_SID, \
107 TFM_CRYPTO_GROUP_ID_HASH, \
108 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
109 X(TFM_CRYPTO_HASH_VERIFY_SID, \
110 TFM_CRYPTO_GROUP_ID_HASH, \
111 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
112 X(TFM_CRYPTO_HASH_ABORT_SID, \
113 TFM_CRYPTO_GROUP_ID_HASH, \
114 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
115 X(TFM_CRYPTO_MAC_COMPUTE_SID, \
116 TFM_CRYPTO_GROUP_ID_MAC, \
117 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
118 X(TFM_CRYPTO_MAC_VERIFY_SID, \
119 TFM_CRYPTO_GROUP_ID_MAC, \
120 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
121 X(TFM_CRYPTO_MAC_SIGN_SETUP_SID, \
122 TFM_CRYPTO_GROUP_ID_MAC, \
123 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
124 X(TFM_CRYPTO_MAC_VERIFY_SETUP_SID, \
125 TFM_CRYPTO_GROUP_ID_MAC, \
126 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
127 X(TFM_CRYPTO_MAC_UPDATE_SID, \
128 TFM_CRYPTO_GROUP_ID_MAC, \
129 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
130 X(TFM_CRYPTO_MAC_SIGN_FINISH_SID, \
131 TFM_CRYPTO_GROUP_ID_MAC, \
132 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
133 X(TFM_CRYPTO_MAC_VERIFY_FINISH_SID, \
134 TFM_CRYPTO_GROUP_ID_MAC, \
135 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
136 X(TFM_CRYPTO_MAC_ABORT_SID, \
137 TFM_CRYPTO_GROUP_ID_MAC, \
138 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
139 X(TFM_CRYPTO_CIPHER_ENCRYPT_SID, \
140 TFM_CRYPTO_GROUP_ID_CIPHER, \
141 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
142 X(TFM_CRYPTO_CIPHER_DECRYPT_SID, \
143 TFM_CRYPTO_GROUP_ID_CIPHER, \
144 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
145 X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID, \
146 TFM_CRYPTO_GROUP_ID_CIPHER, \
147 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
148 X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID, \
149 TFM_CRYPTO_GROUP_ID_CIPHER, \
150 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
151 X(TFM_CRYPTO_CIPHER_GENERATE_IV_SID, \
152 TFM_CRYPTO_GROUP_ID_CIPHER, \
153 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
154 X(TFM_CRYPTO_CIPHER_SET_IV_SID, \
155 TFM_CRYPTO_GROUP_ID_CIPHER, \
156 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
157 X(TFM_CRYPTO_CIPHER_UPDATE_SID, \
158 TFM_CRYPTO_GROUP_ID_CIPHER, \
159 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
160 X(TFM_CRYPTO_CIPHER_FINISH_SID, \
161 TFM_CRYPTO_GROUP_ID_CIPHER, \
162 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
163 X(TFM_CRYPTO_CIPHER_ABORT_SID, \
164 TFM_CRYPTO_GROUP_ID_CIPHER, \
165 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
166 X(TFM_CRYPTO_AEAD_ENCRYPT_SID, \
167 TFM_CRYPTO_GROUP_ID_AEAD, \
168 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
169 X(TFM_CRYPTO_AEAD_DECRYPT_SID, \
170 TFM_CRYPTO_GROUP_ID_AEAD, \
171 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
172 X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID, \
173 TFM_CRYPTO_GROUP_ID_AEAD, \
174 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
175 X(TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID, \
176 TFM_CRYPTO_GROUP_ID_AEAD, \
177 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
178 X(TFM_CRYPTO_AEAD_GENERATE_NONCE_SID, \
179 TFM_CRYPTO_GROUP_ID_AEAD, \
180 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
181 X(TFM_CRYPTO_AEAD_SET_NONCE_SID, \
182 TFM_CRYPTO_GROUP_ID_AEAD, \
183 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
184 X(TFM_CRYPTO_AEAD_SET_LENGTHS_SID, \
185 TFM_CRYPTO_GROUP_ID_AEAD, \
186 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
187 X(TFM_CRYPTO_AEAD_UPDATE_AD_SID, \
188 TFM_CRYPTO_GROUP_ID_AEAD, \
189 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
190 X(TFM_CRYPTO_AEAD_UPDATE_SID, \
191 TFM_CRYPTO_GROUP_ID_AEAD, \
192 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
193 X(TFM_CRYPTO_AEAD_FINISH_SID, \
194 TFM_CRYPTO_GROUP_ID_AEAD, \
195 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
196 X(TFM_CRYPTO_AEAD_VERIFY_SID, \
197 TFM_CRYPTO_GROUP_ID_AEAD, \
198 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
199 X(TFM_CRYPTO_AEAD_ABORT_SID, \
200 TFM_CRYPTO_GROUP_ID_AEAD, \
201 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
202 X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID, \
203 TFM_CRYPTO_GROUP_ID_ASYM_SIGN, \
204 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
205 X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE_SID, \
206 TFM_CRYPTO_GROUP_ID_ASYM_SIGN, \
207 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
208 X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID, \
209 TFM_CRYPTO_GROUP_ID_ASYM_SIGN, \
210 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
211 X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH_SID, \
212 TFM_CRYPTO_GROUP_ID_ASYM_SIGN, \
213 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
214 X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID, \
215 TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT, \
216 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
217 X(TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID, \
218 TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT, \
219 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
220 X(TFM_CRYPTO_RAW_KEY_AGREEMENT_SID, \
221 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
222 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
223 X(TFM_CRYPTO_KEY_DERIVATION_SETUP_SID, \
224 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
225 TFM_CRYPTO_FUNCTION_TYPE_SETUP) \
226 X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID, \
227 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
228 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
229 X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID, \
230 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
231 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
232 X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID, \
233 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
234 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
235 X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID, \
236 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
237 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
238 X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID, \
239 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
240 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
241 X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID, \
242 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
243 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
244 X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID, \
245 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
246 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
247 X(TFM_CRYPTO_KEY_DERIVATION_ABORT_SID, \
248 TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, \
249 TFM_CRYPTO_FUNCTION_TYPE_LOOKUP) \
250 X(TFM_CRYPTO_GENERATE_RANDOM_SID, \
251 TFM_CRYPTO_GROUP_ID_RANDOM, \
252 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
253 X(TFM_CRYPTO_API_DISPATCHER_SID, \
254 TFM_CRYPTO_GROUP_ID_RANDOM, \
255 TFM_CRYPTO_FUNCTION_TYPE_NON_MULTIPART) \
256/**
257 * \brief Numerical progressive value identifying a function API exposed through
258 * the interfaces (S or NS). It's used to dispatch the requests from S/NS
259 * to the corresponding API implementation in the Crypto service backend.
260 */
261#define X(function_id, group_id, function_type) function_id,
262enum tfm_crypto_function_id {
263 TFM_CRYPTO_SERVICE_API_DESCRIPTION
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]264};
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame^]265#undef X
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]266
267/**
Edison Ai080b2e22019-04-17 16:27:21 +0800[diff] [blame]268 * \brief Define an invalid value for an SID
Antonio de Angelis25e2b2d2019-04-25 14:49:50 +0100[diff] [blame]269 *
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]270 */
Edison Ai080b2e22019-04-17 16:27:21 +0800[diff] [blame]271#define TFM_CRYPTO_SID_INVALID (~0x0u)
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]272
273/**
Louis Mayencourt7a36f782018-09-24 14:00:57 +0100[diff] [blame]274 * \brief This value is used to mark an handle as invalid.
275 *
276 */
Jamie Fox707caf72019-05-29 15:14:18 +0100[diff] [blame]277#define TFM_CRYPTO_INVALID_HANDLE (0x0u)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]278
279/**
Jamie Foxdadb4e82019-09-03 17:59:41 +0100[diff] [blame]280 * \brief The persistent key identifier that refers to the hardware unique key.
281 *
282 */
283#define TFM_CRYPTO_KEY_ID_HUK (0xFFFF815Bu)
284
285/**
286 * \brief The algorithm identifier that refers to key derivation from the
287 * hardware unique key.
288 *
289 */
290#define TFM_CRYPTO_ALG_HUK_DERIVATION ((psa_algorithm_t)0xB0000F00)
291
292/**
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]293 * \brief Define miscellaneous literal constants that are used in the service
Antonio de Angelis377a1552018-11-22 17:02:40 +0000[diff] [blame]294 *
295 */
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]296enum {
297 TFM_CRYPTO_NOT_IN_USE = 0,
298 TFM_CRYPTO_IN_USE = 1
299};
300
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]301#ifdef __cplusplus
302}
303#endif
304
305#endif /* __TFM_CRYPTO_DEFS_H__ */