Blame - interface/include/tfm_crypto_defs.h - sandbox/pfalcon/trusted-firmware-m

blob: d3207303572f66db6d839a271dff7c626e4026a4 [file] [log] [blame]

Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	1	/*
Antonio de Angelis	c26af63	2021-10-07 15:04:12 +0100	[diff] [blame]	2	* Copyright (c) 2018-2022, Arm Limited. All rights reserved.
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	3	*
				4	* SPDX-License-Identifier: BSD-3-Clause
				5	*
				6	*/
				7
				8	#ifndef __TFM_CRYPTO_DEFS_H__
				9	#define __TFM_CRYPTO_DEFS_H__
				10
				11	#ifdef __cplusplus
				12	extern "C" {
				13	#endif
				14
				15	#include <stdint.h>
Jamie Fox	cc31d40	2019-01-28 17:13:52 +0000	[diff] [blame]	16	#include "psa/crypto.h"
Raef Coles	79809c7	2022-03-02 13:48:20 +0000	[diff] [blame]	17	#ifdef PLATFORM_DEFAULT_CRYPTO_KEYS
				18	#include "crypto_keys/tfm_builtin_key_ids.h"
				19	#else
				20	#include "tfm_builtin_key_ids.h"
				21	#endif /* PLATFORM_DEFAULT_CRYPTO_KEYS */
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	22
				23	/**
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	24	* \brief The maximum supported length of a nonce through the TF-M
				25	* interfaces
Antonio de Angelis	4743e67	2019-04-11 11:38:48 +0100	[diff] [blame]	26	*/
				27	#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u)
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	28
				29	/**
				30	* \brief This type is used to overcome a limitation in the number of maximum
				31	* IOVECs that can be used especially in psa_aead_encrypt and
				32	* psa_aead_decrypt. By using this type we pack the nonce and the actual
				33	* nonce_length at part of the same structure
				34	*/
Antonio de Angelis	4743e67	2019-04-11 11:38:48 +0100	[diff] [blame]	35	struct tfm_crypto_aead_pack_input {
				36	uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH];
				37	uint32_t nonce_length;
				38	};
				39
				40	/**
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	41	* \brief Structure used to pack non-pointer types in a call to PSA Crypto APIs
Antonio de Angelis	4743e67	2019-04-11 11:38:48 +0100	[diff] [blame]	42	*
				43	*/
				44	struct tfm_crypto_pack_iovec {
Antonio de Angelis	202425a	2022-04-06 11:13:15 +0100	[diff] [blame]	45	psa_key_id_t key_id; /!< Key id /
				46	psa_algorithm_t alg; /!< Algorithm /
				47	uint32_t op_handle; /*!< Frontend context handle associated to a
				48	* multipart operation
				49	*/
				50	size_t capacity; /!< Key derivation capacity /
				51	size_t ad_length; /!< Additional Data length for multipart AEAD /
				52	size_t plaintext_length; /!< Plaintext length for multipart AEAD /
Antonio de Angelis	4743e67	2019-04-11 11:38:48 +0100	[diff] [blame]	53
Antonio de Angelis	202425a	2022-04-06 11:13:15 +0100	[diff] [blame]	54	struct tfm_crypto_aead_pack_input aead_in; /!< Packs AEAD-related inputs /
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	55
				56	uint16_t function_id; /*!< Used to identify the function in the
				57	* API dispatcher to the service backend
				58	* See tfm_crypto_func_sid for detail
				59	*/
				60	uint16_t step; /!< Key derivation step /
Antonio de Angelis	4743e67	2019-04-11 11:38:48 +0100	[diff] [blame]	61	};
				62
				63	/**
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	64	* \brief Type associated to the group of a function encoding. There can be
				65	* nine groups (Random, Key management, Hash, MAC, Cipher, AEAD,
				66	* Asym sign, Asym encrypt, Key derivation).
Antonio de Angelis	4743e67	2019-04-11 11:38:48 +0100	[diff] [blame]	67	*/
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	68	enum tfm_crypto_group_id {
				69	TFM_CRYPTO_GROUP_ID_RANDOM = 0x0,
				70	TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT,
				71	TFM_CRYPTO_GROUP_ID_HASH,
				72	TFM_CRYPTO_GROUP_ID_MAC,
				73	TFM_CRYPTO_GROUP_ID_CIPHER,
				74	TFM_CRYPTO_GROUP_ID_AEAD,
				75	TFM_CRYPTO_GROUP_ID_ASYM_SIGN,
				76	TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT,
				77	TFM_CRYPTO_GROUP_ID_KEY_DERIVATION,
				78	};
				79
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	80	/* Set of X macros describing each of the available PSA Crypto APIs */
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	81	#define KEY_MANAGEMENT_FUNCS \
				82	X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \
				83	X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES) \
				84	X(TFM_CRYPTO_OPEN_KEY) \
				85	X(TFM_CRYPTO_CLOSE_KEY) \
				86	X(TFM_CRYPTO_IMPORT_KEY) \
				87	X(TFM_CRYPTO_DESTROY_KEY) \
				88	X(TFM_CRYPTO_EXPORT_KEY) \
				89	X(TFM_CRYPTO_EXPORT_PUBLIC_KEY) \
				90	X(TFM_CRYPTO_PURGE_KEY) \
				91	X(TFM_CRYPTO_COPY_KEY) \
				92	X(TFM_CRYPTO_GENERATE_KEY)
				93
				94	#define HASH_FUNCS \
				95	X(TFM_CRYPTO_HASH_COMPUTE) \
				96	X(TFM_CRYPTO_HASH_COMPARE) \
				97	X(TFM_CRYPTO_HASH_SETUP) \
				98	X(TFM_CRYPTO_HASH_UPDATE) \
				99	X(TFM_CRYPTO_HASH_CLONE) \
				100	X(TFM_CRYPTO_HASH_FINISH) \
				101	X(TFM_CRYPTO_HASH_VERIFY) \
				102	X(TFM_CRYPTO_HASH_ABORT)
				103
				104	#define MAC_FUNCS \
				105	X(TFM_CRYPTO_MAC_COMPUTE) \
				106	X(TFM_CRYPTO_MAC_VERIFY) \
				107	X(TFM_CRYPTO_MAC_SIGN_SETUP) \
				108	X(TFM_CRYPTO_MAC_VERIFY_SETUP) \
				109	X(TFM_CRYPTO_MAC_UPDATE) \
				110	X(TFM_CRYPTO_MAC_SIGN_FINISH) \
				111	X(TFM_CRYPTO_MAC_VERIFY_FINISH) \
				112	X(TFM_CRYPTO_MAC_ABORT)
				113
				114	#define CIPHER_FUNCS \
				115	X(TFM_CRYPTO_CIPHER_ENCRYPT) \
				116	X(TFM_CRYPTO_CIPHER_DECRYPT) \
				117	X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP) \
				118	X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP) \
				119	X(TFM_CRYPTO_CIPHER_GENERATE_IV) \
				120	X(TFM_CRYPTO_CIPHER_SET_IV) \
				121	X(TFM_CRYPTO_CIPHER_UPDATE) \
				122	X(TFM_CRYPTO_CIPHER_FINISH) \
				123	X(TFM_CRYPTO_CIPHER_ABORT)
				124
				125	#define AEAD_FUNCS \
				126	X(TFM_CRYPTO_AEAD_ENCRYPT) \
				127	X(TFM_CRYPTO_AEAD_DECRYPT) \
				128	X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP) \
				129	X(TFM_CRYPTO_AEAD_DECRYPT_SETUP) \
				130	X(TFM_CRYPTO_AEAD_GENERATE_NONCE) \
				131	X(TFM_CRYPTO_AEAD_SET_NONCE) \
				132	X(TFM_CRYPTO_AEAD_SET_LENGTHS) \
				133	X(TFM_CRYPTO_AEAD_UPDATE_AD) \
				134	X(TFM_CRYPTO_AEAD_UPDATE) \
				135	X(TFM_CRYPTO_AEAD_FINISH) \
				136	X(TFM_CRYPTO_AEAD_VERIFY) \
				137	X(TFM_CRYPTO_AEAD_ABORT)
				138
				139	#define ASYMMETRIC_SIGN_FUNCS \
				140	X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \
				141	X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \
				142	X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \
				143	X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH)
				144
				145	#define AYSMMETRIC_ENCRYPT_FUNCS \
				146	X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \
				147	X(TFM_CRYPTO_ASYMMETRIC_DECRYPT)
				148
				149	#define KEY_DERIVATION_FUNCS \
				150	X(TFM_CRYPTO_RAW_KEY_AGREEMENT) \
				151	X(TFM_CRYPTO_KEY_DERIVATION_SETUP) \
				152	X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY) \
				153	X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \
				154	X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \
				155	X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \
				156	X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \
				157	X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \
				158	X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \
				159	X(TFM_CRYPTO_KEY_DERIVATION_ABORT)
				160
				161	#define RANDOM_FUNCS \
				162	X(TFM_CRYPTO_GENERATE_RANDOM)
				163
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	164	/**
				165	* \brief Define function IDs in each group. The function ID will be encoded into
				166	* tfm_crypto_func_sid below. Each group is defined as a dedicated enum
Antonio de Angelis	202425a	2022-04-06 11:13:15 +0100	[diff] [blame]	167	*/
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	168	#define X(func_id) func_id,
				169	enum tfm_crypto_key_management_func_id {
				170	KEY_MANAGEMENT_FUNCS
				171	};
				172	enum tfm_crypto_hash_func_id {
				173	HASH_FUNCS
				174	};
				175	enum tfm_crypto_mac_func_id {
				176	MAC_FUNCS
				177	};
				178	enum tfm_crypto_cipher_func_id {
				179	CIPHER_FUNCS
				180	};
				181	enum tfm_crypto_aead_func_id {
				182	AEAD_FUNCS
				183	};
				184	enum tfm_crypto_asym_sign_func_id {
				185	ASYMMETRIC_SIGN_FUNCS
				186	};
				187	enum tfm_crypto_asym_encrypt_func_id {
				188	AYSMMETRIC_ENCRYPT_FUNCS
				189	};
				190	enum tfm_crypto_key_derivation_func_id {
				191	KEY_DERIVATION_FUNCS
				192	};
				193	enum tfm_crypto_random_func_id {
				194	RANDOM_FUNCS
				195	};
				196	#undef X
				197
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	198	/**
				199	* \brief This macro is used to encode a function ID in a 16-bit value as the
				200	* top 8 bits towards the MSB
				201	*/
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	202	#define FUNC_ID(func_id) (((func_id) & 0xFF) << 8)
				203
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	204	/**
				205	* \brief This macro is used to extract the group_id from an encoded function_id
				206	* by accessing the low 8 bits towards the LSB
				207	*/
				208	#define TFM_CRYPTO_GET_GROUP_ID(_function_id) \
				209	((enum tfm_crypto_group_id)((_function_id) & 0xFF))
				210	/**
				211	* \brief This type defines numerical progressive values identifying a function API
				212	* exposed through the interfaces (S or NS). It's used to dispatch the requests
				213	* from S/NS to the corresponding API implementation in the Crypto service backend.
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	214	*
Antonio de Angelis	844e940	2022-12-06 13:36:49 +0000	[diff] [blame]	215	* \note Each function SID is encoded as uint16_t.
				216	* +-----------+-----------+
				217	* \| Func ID \| Group ID \|
				218	* +-----------+-----------+
				219	* (MSB)15 8 7 0(LSB)
				220	*
				221	* where Func ID is defined in each group tfm_crypto_*_func_id enum above and Group ID
				222	* is defined in \ref tfm_crypto_group_id.
David Hu	c9679cc	2022-06-21 13:09:34 +0800	[diff] [blame]	223	*/
				224	enum tfm_crypto_func_sid {
				225
				226	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				227	(TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT & 0xFF)),
				228
				229	KEY_MANAGEMENT_FUNCS
				230
				231	#undef X
				232	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				233	(TFM_CRYPTO_GROUP_ID_HASH & 0xFF)),
				234	HASH_FUNCS
				235
				236	#undef X
				237	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				238	(TFM_CRYPTO_GROUP_ID_MAC & 0xFF)),
				239	MAC_FUNCS
				240
				241	#undef X
				242	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				243	(TFM_CRYPTO_GROUP_ID_CIPHER & 0xFF)),
				244	CIPHER_FUNCS
				245
				246	#undef X
				247	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				248	(TFM_CRYPTO_GROUP_ID_AEAD & 0xFF)),
				249	AEAD_FUNCS
				250
				251	#undef X
				252	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				253	(TFM_CRYPTO_GROUP_ID_ASYM_SIGN & 0xFF)),
				254	ASYMMETRIC_SIGN_FUNCS
				255
				256	#undef X
				257	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				258	(TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT & 0xFF)),
				259	AYSMMETRIC_ENCRYPT_FUNCS
				260
				261	#undef X
				262	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				263	(TFM_CRYPTO_GROUP_ID_KEY_DERIVATION & 0xFF)),
				264	KEY_DERIVATION_FUNCS
				265
				266	#undef X
				267	#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) \| \
				268	(TFM_CRYPTO_GROUP_ID_RANDOM & 0xFF)),
				269	RANDOM_FUNCS
				270
Antonio de Angelis	25e2b2d	2019-04-25 14:49:50 +0100	[diff] [blame]	271	};
Antonio de Angelis	202425a	2022-04-06 11:13:15 +0100	[diff] [blame]	272	#undef X
Antonio de Angelis	4743e67	2019-04-11 11:38:48 +0100	[diff] [blame]	273
Antonio de Angelis	8908f47	2018-08-31 15:44:25 +0100	[diff] [blame]	274	#ifdef __cplusplus
				275	}
				276	#endif
				277
				278	#endif /* __TFM_CRYPTO_DEFS_H__ */