TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / sandbox / pfalcon / trusted-firmware-m / e152498ccda0e25544f5429a8f53b9bbc94733ec / . / secure_fw / partitions / crypto / crypto_init.c
blob: ab02882a8db4d2a77756fe24e0d2951487a7b9ec [file] [log] [blame]
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]1/*
Kevin Peng6aa48952022-01-28 15:40:46 +0800[diff] [blame]2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]7#include <stdbool.h>
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]8
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]9#include "tfm_mbedcrypto_include.h"
10
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]11#include "tfm_crypto_api.h"
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]12#include "tfm_crypto_defs.h"
Summer Qinc737ece2020-08-28 10:47:26 +0800[diff] [blame]13#include "tfm_sp_log.h"
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]14
15/*
16 * \brief This Mbed TLS include is needed to initialise the memory allocator
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]17 * of the library used for internal allocations
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]18 */
19#include "mbedtls/memory_buffer_alloc.h"
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]20
Sherry Zhange1524982022-06-08 16:57:59 +0800[diff] [blame^]21#include "mbedtls/platform.h"
22
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]23#ifdef CRYPTO_NV_SEED
24#include "tfm_plat_crypto_nv_seed.h"
25#endif /* CRYPTO_NV_SEED */
Summer Qina5448d62020-12-07 14:03:37 +0800[diff] [blame]26
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]27#ifndef TFM_PSA_API
28#include "tfm_secure_api.h"
29#endif
30
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]31#ifdef CRYPTO_HW_ACCELERATOR
32#include "crypto_hw.h"
Michel Jaouenf41c6422021-10-07 14:38:08 +0200[diff] [blame]33#endif /* CRYPTO_HW_ACCELERATOR */
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]34
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]35#ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
36#error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be selected in Mbed TLS config file"
37#endif
38
39/**
40 * \brief Type describing the properties of each function identifier, i.e. the
41 * group ID and the function type
42 */
43struct tfm_crypto_api_descriptor {
44 uint8_t group_id : 6; /*!< Value from \ref tfm_crypto_group_id */
45 uint8_t function_type: 2; /*!< Value from \ref tfm_crypto_function_type */
46};
47
48/**
49 * \brief This table contains the description of each of the function IDs
50 * defined by \ref tfm_crypto_function_id
51 */
52#define X(_function_id, _group_id, _function_type) \
53 [_function_id] = {.group_id = _group_id, .function_type = _function_type},
54static const struct tfm_crypto_api_descriptor tfm_crypto_api_descriptor[] = {
55 TFM_CRYPTO_SERVICE_API_DESCRIPTION
56};
57#undef X
58
59enum tfm_crypto_function_type get_function_type_from_descriptor(enum tfm_crypto_function_id func)
60{
61 return tfm_crypto_api_descriptor[func].function_type;
62}
63
64enum tfm_crypto_group_id get_group_id_from_descriptor(enum tfm_crypto_function_id func)
65{
66 return tfm_crypto_api_descriptor[func].group_id;
67}
68
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]69#ifdef TFM_PSA_API
Ken Liub671d682022-05-12 20:39:29 +0800[diff] [blame]70#include <string.h>
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]71#include "psa/framework_feature.h"
Jamie Foxcc31d402019-01-28 17:13:52 +0000[diff] [blame]72#include "psa/service.h"
Edison Aicc4c6162019-06-21 13:52:49 +0800[diff] [blame]73#include "psa_manifest/tfm_crypto.h"
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]74
75/**
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]76 * \brief Aligns a value x up to an alignment a.
77 */
78#define ALIGN(x, a) (((x) + ((a) - 1)) & ~((a) - 1))
79
80/**
81 * \brief Maximum alignment required by any iovec parameters to the TF-M Crypto
82 * partition.
83 */
84#define TFM_CRYPTO_IOVEC_ALIGNMENT (4u)
85
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]86#if PSA_FRAMEWORK_HAS_MM_IOVEC == 1
87static int32_t g_client_id;
88
89static void tfm_crypto_set_caller_id(int32_t id)
90{
91 g_client_id = id;
92}
93
94psa_status_t tfm_crypto_get_caller_id(int32_t *id)
95{
96 *id = g_client_id;
97 return PSA_SUCCESS;
98}
99
100static psa_status_t tfm_crypto_init_iovecs(const psa_msg_t *msg,
101 psa_invec in_vec[],
102 size_t in_len,
103 psa_outvec out_vec[],
104 size_t out_len)
105{
106 uint32_t i;
107
108 /* Map from the second element as the first is read when parsing */
109 for (i = 1; i < in_len; i++) {
110 in_vec[i].len = msg->in_size[i];
111 if (in_vec[i].len != 0) {
112 in_vec[i].base = psa_map_invec(msg->handle, i);
113 } else {
114 in_vec[i].base = NULL;
115 }
116 }
117
118 for (i = 0; i < out_len; i++) {
119 out_vec[i].len = msg->out_size[i];
120 if (out_vec[i].len != 0) {
121 out_vec[i].base = psa_map_outvec(msg->handle, i);
122 } else {
123 out_vec[i].base = NULL;
124 }
125 }
126
127 return PSA_SUCCESS;
128}
129#else /* PSA_FRAMEWORK_HAS_MM_IOVEC == 1 */
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]130/**
131 * \brief Default size of the internal scratch buffer used for IOVec allocations
132 * in bytes
133 */
134#ifndef TFM_CRYPTO_IOVEC_BUFFER_SIZE
Soby Mathew7740b602020-10-07 12:08:28 +0100[diff] [blame]135#error TFM_CRYPTO_IOVEC_BUFFER_SIZE is not defined
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]136#endif
137
138/**
139 * \brief Internal scratch used for IOVec allocations
140 *
141 */
142static struct tfm_crypto_scratch {
143 __attribute__((__aligned__(TFM_CRYPTO_IOVEC_ALIGNMENT)))
144 uint8_t buf[TFM_CRYPTO_IOVEC_BUFFER_SIZE];
145 uint32_t alloc_index;
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]146 int32_t owner;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]147} scratch = {.buf = {0}, .alloc_index = 0};
148
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]149static psa_status_t tfm_crypto_set_scratch_owner(int32_t id)
150{
151 scratch.owner = id;
152 return PSA_SUCCESS;
153}
154
155static psa_status_t tfm_crypto_get_scratch_owner(int32_t *id)
156{
157 *id = scratch.owner;
158 return PSA_SUCCESS;
159}
160
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]161static psa_status_t tfm_crypto_alloc_scratch(size_t requested_size, void **buf)
162{
163 /* Ensure alloc_index remains aligned to the required iovec alignment */
164 requested_size = ALIGN(requested_size, TFM_CRYPTO_IOVEC_ALIGNMENT);
165
166 if (requested_size > (sizeof(scratch.buf) - scratch.alloc_index)) {
167 return PSA_ERROR_INSUFFICIENT_MEMORY;
168 }
169
170 /* Compute the pointer to the allocated space */
171 *buf = (void *)&scratch.buf[scratch.alloc_index];
172
173 /* Increase the allocated size */
174 scratch.alloc_index += requested_size;
175
176 return PSA_SUCCESS;
177}
178
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]179static void tfm_crypto_clear_scratch(void)
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]180{
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]181 scratch.owner = 0;
Ken Liub671d682022-05-12 20:39:29 +0800[diff] [blame]182 (void)memset(scratch.buf, 0, scratch.alloc_index);
Summer Qin0a9e5372020-11-27 16:04:05 +0800[diff] [blame]183 scratch.alloc_index = 0;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]184}
185
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]186static void tfm_crypto_set_caller_id(int32_t id)
187{
188 /* Set the owner of the data in the scratch */
189 (void)tfm_crypto_set_scratch_owner(id);
190}
191
192psa_status_t tfm_crypto_get_caller_id(int32_t *id)
193{
194 return tfm_crypto_get_scratch_owner(id);
195}
196
197static psa_status_t tfm_crypto_init_iovecs(const psa_msg_t *msg,
198 psa_invec in_vec[],
199 size_t in_len,
200 psa_outvec out_vec[],
201 size_t out_len)
202{
203 uint32_t i;
204 void *alloc_buf_ptr = NULL;
205 psa_status_t status;
206
207 /* Alloc/read from the second element as the first is read when parsing */
208 for (i = 1; i < in_len; i++) {
209 /* Allocate necessary space in the internal scratch */
210 status = tfm_crypto_alloc_scratch(msg->in_size[i], &alloc_buf_ptr);
211 if (status != PSA_SUCCESS) {
212 tfm_crypto_clear_scratch();
213 return status;
214 }
215 /* Read from the IPC framework inputs into the scratch */
216 in_vec[i].len =
217 psa_read(msg->handle, i, alloc_buf_ptr, msg->in_size[i]);
218 /* Populate the fields of the input to the secure function */
219 in_vec[i].base = alloc_buf_ptr;
220 }
221
222 for (i = 0; i < out_len; i++) {
223 /* Allocate necessary space for the output in the internal scratch */
224 status = tfm_crypto_alloc_scratch(msg->out_size[i], &alloc_buf_ptr);
225 if (status != PSA_SUCCESS) {
226 tfm_crypto_clear_scratch();
227 return status;
228 }
229 /* Populate the fields of the output to the secure function */
230 out_vec[i].base = alloc_buf_ptr;
231 out_vec[i].len = msg->out_size[i];
232 }
233
234 return PSA_SUCCESS;
235}
236#endif /* PSA_FRAMEWORK_HAS_MM_IOVEC == 1 */
237
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]238static psa_status_t tfm_crypto_call_srv(const psa_msg_t *msg)
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]239{
240 psa_status_t status = PSA_SUCCESS;
TTornblomfaf74f52020-03-04 17:56:27 +0100[diff] [blame]241 size_t in_len = PSA_MAX_IOVEC, out_len = PSA_MAX_IOVEC, i;
Soby Mathewd8abdfd2020-10-14 10:28:01 +0100[diff] [blame]242 psa_invec in_vec[PSA_MAX_IOVEC] = { {NULL, 0} };
243 psa_outvec out_vec[PSA_MAX_IOVEC] = { {NULL, 0} };
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]244 struct tfm_crypto_pack_iovec iov = {0};
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]245
246 /* Check the number of in_vec filled */
Jamie Fox9a234e22019-04-30 11:12:05 +0100[diff] [blame]247 while ((in_len > 0) && (msg->in_size[in_len - 1] == 0)) {
248 in_len--;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]249 }
250
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]251 /* Check the number of out_vec filled */
252 while ((out_len > 0) && (msg->out_size[out_len - 1] == 0)) {
253 out_len--;
254 }
255
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]256 /* There will always be a tfm_crypto_pack_iovec in the first iovec */
257 if (in_len < 1) {
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]258 return PSA_ERROR_GENERIC_ERROR;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]259 }
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]260
261 if (psa_read(msg->handle, 0, &iov, sizeof(iov)) != sizeof(iov)) {
262 return PSA_ERROR_GENERIC_ERROR;
263 }
264
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]265 /* Initialise the first iovec with the IOV read when parsing */
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]266 in_vec[0].base = &iov;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]267 in_vec[0].len = sizeof(struct tfm_crypto_pack_iovec);
268
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]269 status = tfm_crypto_init_iovecs(msg, in_vec, in_len, out_vec, out_len);
270 if (status != PSA_SUCCESS) {
271 return status;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]272 }
273
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]274 tfm_crypto_set_caller_id(msg->client_id);
Antonio de Angelis60a6fe62019-06-18 15:27:34 +0100[diff] [blame]275
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]276 /* Call the dispatcher to the functions that implement the PSA Crypto API */
277 status = tfm_crypto_api_dispatcher(in_vec, in_len, out_vec, out_len);
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]278
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]279#if PSA_FRAMEWORK_HAS_MM_IOVEC == 1
280 for (i = 0; i < out_len; i++) {
281 if (out_vec[i].base != NULL) {
282 psa_unmap_outvec(msg->handle, i, out_vec[i].len);
283 }
284 }
285#else
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]286 /* Write into the IPC framework outputs from the scratch */
287 for (i = 0; i < out_len; i++) {
288 psa_write(msg->handle, i, out_vec[i].base, out_vec[i].len);
289 }
290
291 /* Clear the allocated internal scratch before returning */
Summer Qin0a9e5372020-11-27 16:04:05 +0800[diff] [blame]292 tfm_crypto_clear_scratch();
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]293#endif
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]294
295 return status;
296}
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]297#else /* TFM_PSA_API */
298psa_status_t tfm_crypto_get_caller_id(int32_t *id)
299{
300 int32_t res;
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]301
Kevin Pengfe730cc2022-04-11 17:48:42 +0800[diff] [blame]302 res = tfm_core_get_caller_client_id(id);
303 if (res != TFM_SUCCESS) {
304 return PSA_ERROR_NOT_PERMITTED;
305 } else {
306 return PSA_SUCCESS;
307 }
308}
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]309#endif /* TFM_PSA_API */
310
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]311/**
312 * \brief Default value for the size of the static buffer used by Mbed
313 * Crypto for its dynamic allocations
314 */
315#ifndef TFM_CRYPTO_ENGINE_BUF_SIZE
Soby Mathew7740b602020-10-07 12:08:28 +0100[diff] [blame]316#error TFM_CRYPTO_ENGINE_BUF_SIZE is not defined
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]317#endif
318
319/**
320 * \brief Static buffer to be used by Mbed Crypto for memory allocations
321 *
322 */
323static uint8_t mbedtls_mem_buf[TFM_CRYPTO_ENGINE_BUF_SIZE] = {0};
324
325static psa_status_t tfm_crypto_engine_init(void)
326{
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]327#ifdef CRYPTO_NV_SEED
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]328 LOG_INFFMT("[INF][Crypto] ");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]329#ifdef TFM_PSA_API
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]330 LOG_INFFMT("Provisioning entropy seed... ");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]331 if (tfm_plat_crypto_provision_entropy_seed() != TFM_CRYPTO_NV_SEED_SUCCESS) {
Summer Qina5448d62020-12-07 14:03:37 +0800[diff] [blame]332 return PSA_ERROR_GENERIC_ERROR;
333 }
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]334 LOG_INFFMT("\033[0;32mcomplete.\033[0m\r\n");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]335#else
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]336 LOG_INFFMT("TF-M in library mode uses a dummy NV seed. ");
337 LOG_INFFMT("This is not suitable for production! ");
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]338 LOG_INFFMT("This device is \033[1;31mNOT SECURE\033[0m\r\n");
Raef Coles618fc152021-06-18 09:26:46 +0100[diff] [blame]339#endif /* TFM_PSA_API */
340#endif /* CRYPTO_NV_SEED */
Summer Qina5448d62020-12-07 14:03:37 +0800[diff] [blame]341
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]342 /* Initialise the Mbed Crypto memory allocator to use static memory
343 * allocation from the provided buffer instead of using the heap
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]344 */
345 mbedtls_memory_buffer_alloc_init(mbedtls_mem_buf,
346 TFM_CRYPTO_ENGINE_BUF_SIZE);
347
Sherry Zhange1524982022-06-08 16:57:59 +0800[diff] [blame^]348 /* mbedtls_printf is used to print messages including error information. */
349#if (TFM_PARTITION_LOG_LEVEL >= TFM_PARTITION_LOG_LEVEL_ERROR)
350 mbedtls_platform_set_printf(tfm_sp_log_printf);
351#endif
352
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]353 /* Initialise the crypto accelerator if one is enabled */
354#ifdef CRYPTO_HW_ACCELERATOR
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]355 LOG_INFFMT("[INF][Crypto] Initialising HW accelerator... ");
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]356 if (crypto_hw_accelerator_init() != 0) {
357 return PSA_ERROR_HARDWARE_FAILURE;
358 }
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]359 LOG_INFFMT("\033[0;32mcomplete.\033[0m\r\n");
Raef Colesd2485af2019-10-30 10:15:33 +0000[diff] [blame]360#endif /* CRYPTO_HW_ACCELERATOR */
361
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]362 /* Previous function does not return any value, so just call the
363 * initialisation function of the Mbed Crypto layer
364 */
365 return psa_crypto_init();
366}
367
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]368static psa_status_t tfm_crypto_module_init(void)
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]369{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]370 /* Init the Alloc module */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]371 return tfm_crypto_init_alloc();
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]372}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]373
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]374psa_status_t tfm_crypto_init(void)
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]375{
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]376 psa_status_t status;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]377
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]378 /* Initialise other modules of the service */
Antonio de Angelisab85ccd2019-03-25 15:14:29 +0000[diff] [blame]379 status = tfm_crypto_module_init();
380 if (status != PSA_SUCCESS) {
381 return status;
Antonio de Angeliscf85ba22018-10-09 13:29:40 +0100[diff] [blame]382 }
383
Jamie Fox0e54ebc2019-04-09 14:21:04 +0100[diff] [blame]384 /* Initialise the engine layer */
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]385 return tfm_crypto_engine_init();
386}
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]387
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]388#ifdef TFM_PSA_API
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]389psa_status_t tfm_crypto_sfn(const psa_msg_t *msg)
390{
391 /* Process the message type */
392 switch (msg->type) {
393 case PSA_IPC_CALL:
394 return tfm_crypto_call_srv(msg);
395 default:
396 return PSA_ERROR_NOT_SUPPORTED;
397 }
Antonio de Angelis4743e672019-04-11 11:38:48 +0100[diff] [blame]398
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]399 return PSA_ERROR_GENERIC_ERROR;
Antonio de Angelis8908f472018-08-31 15:44:25 +0100[diff] [blame]400}
Kevin Peng2d4bc2e2022-01-28 16:19:30 +0800[diff] [blame]401#endif
Antonio de Angelis202425a2022-04-06 11:13:15 +0100[diff] [blame]402
403psa_status_t tfm_crypto_api_dispatcher(psa_invec in_vec[],
404 size_t in_len,
405 psa_outvec out_vec[],
406 size_t out_len)
407{
408 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
409 const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
410 int32_t caller_id = 0;
411 mbedtls_svc_key_id_t encoded_key = MBEDTLS_SVC_KEY_ID_INIT;
412 bool is_key_required = false;
413
414 if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
415 return PSA_ERROR_PROGRAMMER_ERROR;
416 }
417
418 is_key_required = !(TFM_CRYPTO_IS_GROUP_ID(
419 iov->function_id, TFM_CRYPTO_GROUP_ID_HASH) ||
420 (iov->function_id == TFM_CRYPTO_GENERATE_RANDOM_SID));
421
422 if (is_key_required) {
423 status = tfm_crypto_get_caller_id(&caller_id);
424 if (status != PSA_SUCCESS) {
425 return status;
426 }
427 /* The caller_id being set in the owner field is the partition ID
428 * of the calling partition
429 */
430 encoded_key = mbedtls_svc_key_id_make(caller_id, iov->key_id);
431 }
432
433 /* Dispatch to each sub-module based on the Group ID */
434 if (TFM_CRYPTO_IS_GROUP_ID(
435 iov->function_id, TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT)) {
436 status = tfm_crypto_key_management_interface(in_vec,
437 out_vec,
438 &encoded_key);
439 } else if (TFM_CRYPTO_IS_GROUP_ID(
440 iov->function_id, TFM_CRYPTO_GROUP_ID_HASH)) {
441 status = tfm_crypto_hash_interface(in_vec, out_vec);
442 } else if (TFM_CRYPTO_IS_GROUP_ID(
443 iov->function_id, TFM_CRYPTO_GROUP_ID_MAC)) {
444 status = tfm_crypto_mac_interface(in_vec,
445 out_vec,
446 &encoded_key);
447 } else if (TFM_CRYPTO_IS_GROUP_ID(
448 iov->function_id, TFM_CRYPTO_GROUP_ID_CIPHER)) {
449 status = tfm_crypto_cipher_interface(in_vec,
450 out_vec,
451 &encoded_key);
452 } else if (TFM_CRYPTO_IS_GROUP_ID(
453 iov->function_id, TFM_CRYPTO_GROUP_ID_AEAD)) {
454 status = tfm_crypto_aead_interface(in_vec,
455 out_vec,
456 &encoded_key);
457 } else if (TFM_CRYPTO_IS_GROUP_ID(
458 iov->function_id, TFM_CRYPTO_GROUP_ID_ASYM_SIGN) ||
459 TFM_CRYPTO_IS_GROUP_ID(
460 iov->function_id, TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT)) {
461 status = tfm_crypto_asymmetric_interface(in_vec,
462 out_vec,
463 &encoded_key);
464 } else if (TFM_CRYPTO_IS_GROUP_ID(
465 iov->function_id, TFM_CRYPTO_GROUP_ID_KEY_DERIVATION)) {
466 status = tfm_crypto_key_derivation_interface(in_vec,
467 out_vec,
468 &encoded_key);
469 } else if (iov->function_id == TFM_CRYPTO_GENERATE_RANDOM_SID) {
470 status = tfm_crypto_random_interface(in_vec, out_vec);
471 } else {
472 LOG_ERRFMT("[ERR][Crypto] Unsupported request!\r\n");
473 status = PSA_ERROR_NOT_SUPPORTED;
474 }
475
476 return status;
477}