TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / shared / psa-adac.git / 381aa15956845b51a1e0be47a44a45d15a2bc612 / . / psa-adac / sdm / src / sdm_token.c
blob: 90ff81deadb7e616aef70e2cf6d5cf13a5c1e34e [file] [log] [blame]
Maulik Patel28c16e42022-11-29 15:34:23 +0000[diff] [blame]1/*
Mathias Brossard6cff9c22025-02-19 22:25:51 -0600[diff] [blame]2 * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
Maulik Patel28c16e42022-11-29 15:34:23 +0000[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include "psa_adac_config.h"
9#include "psa_adac.h"
10#include "psa_adac_crypto_api.h"
11#include "psa_adac_cryptosystems.h"
12#include "psa_adac_debug.h"
13
14#include <stdlib.h>
15#include <stdio.h>
16#include <string.h>
17
18static psa_status_t psa_adac_pki_sign(psa_algorithm_t sig_algo, psa_algorithm_t hash_algo,
19 const uint8_t *inputs[], size_t input_sizes[], size_t input_count,
20 psa_key_handle_t handle, uint8_t sig[], size_t sig_size,
21 size_t *sig_length)
22{
23 uint8_t hash[PSA_HASH_MAX_SIZE];
24 size_t hash_size;
25 psa_status_t status = psa_adac_hash_multiple(hash_algo, inputs, input_sizes, input_count,
26 hash, sizeof(hash), &hash_size);
27 if (PSA_SUCCESS != status) {
28 PSA_ADAC_LOG_ERR("token", "Error hashing (%d)\n", status);
29 } else if (PSA_SUCCESS != (status = psa_sign_hash(handle, sig_algo, hash, hash_size, sig,
30 sig_size, sig_length))) {
31 PSA_ADAC_LOG_ERR("token", "Error signing (%d)\n", status);
32 }
33
34 return status;
35}
36
37static psa_status_t psa_adac_mac_sign(psa_algorithm_t algo, const uint8_t *inputs[], size_t input_sizes[],
38 size_t input_count, const uint8_t key[], size_t key_size,
39 uint8_t mac[], size_t mac_length, size_t *mac_size)
40{
41 psa_status_t status;
42 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
43 psa_key_handle_t handle;
44 psa_key_type_t kt;
45 size_t length, bits;
46
47 if (algo == PSA_ALG_CMAC) {
48 if (key_size != 16) {
49 return PSA_ERROR_INVALID_ARGUMENT;
50 }
51 kt = PSA_KEY_TYPE_AES;
52 bits = 128;
53 } else if (algo == PSA_ALG_HMAC(PSA_ALG_SHA_256)) {
54 if (key_size != 32) {
55 return PSA_ERROR_INVALID_ARGUMENT;
56 }
57 kt = PSA_KEY_TYPE_HMAC;
58 bits = 256;
59 } else {
60 return PSA_ERROR_NOT_SUPPORTED;
61 }
62
63 psa_set_key_usage_flags(&attributes, 0);
64 psa_set_key_algorithm(&attributes, algo);
65 psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
66 psa_set_key_type(&attributes, kt);
67 psa_set_key_bits(&attributes, bits);
68
69 psa_mac_operation_t operation = psa_mac_operation_init();
70
71 if (PSA_SUCCESS == (status = psa_import_key(&attributes, key, key_size, &handle))) {
72 if (PSA_SUCCESS == (status = psa_mac_sign_setup(&operation, handle, algo))) {
73 for (int i = 0; (i < input_count) && (status == PSA_SUCCESS); i++) {
74 status = psa_mac_update(&operation, inputs[i], input_sizes[i]);
75 }
76
77 if (PSA_SUCCESS == status) {
78 status = psa_mac_sign_finish(&operation, mac, mac_length, mac_size);
79 }
80 }
81
82 psa_destroy_key(handle);
83 }
84
85 return status;
86}
87
88psa_status_t psa_adac_sign_token(uint8_t challenge[], size_t challenge_size, uint8_t signature_type,
89 uint8_t exts[], size_t exts_size, uint8_t *fragment[],
90 size_t *fragment_size, uint8_t req_perms[],
91 psa_key_handle_t handle, uint8_t *key, size_t key_size)
92{
93 uint8_t hash[PSA_HASH_MAX_SIZE], *sig, *ext_hash, *_fragment;
94 size_t token_size, hash_size, sig_size, body_size, tbs_size, ext_hash_size;
95 psa_algorithm_t hash_algo, sig_algo;
96 psa_status_t status;
97 size_t ign = 0;
98
99 if (signature_type == ECDSA_P256_SHA256) {
100#ifdef PSA_ADAC_EC_P256
101 token_size = sizeof(token_p256_t) + exts_size;
102 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
103 token_p256_t *token = (token_p256_t *) (_fragment + sizeof(psa_tlv_t));
104 tbs_size = token->signature - (uint8_t *) token;
105 body_size = sizeof(*token);
106 sig = token->signature;
107 sig_size = sizeof(token->signature);
108 hash_algo = ECDSA_P256_HASH_ALGORITHM;
109 sig_algo = ECDSA_P256_SIGN_ALGORITHM;
110 ext_hash = token->extensions_hash;
111 ext_hash_size = sizeof(token->extensions_hash);
112#else
113 return PSA_ERROR_NOT_SUPPORTED;
114#endif /* PSA_ADAC_EC_P256 */
Mathias Brossard6cff9c22025-02-19 22:25:51 -0600[diff] [blame]115 } else if (signature_type == ECDSA_P384_SHA384) {
116#ifdef PSA_ADAC_EC_P384
117 token_size = sizeof(token_p384_t) + exts_size;
118 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
119 token_p384_t *token = (token_p384_t *) (_fragment + sizeof(psa_tlv_t));
120 tbs_size = token->signature - (uint8_t *) token;
121 body_size = sizeof(*token);
122 sig = token->signature;
123 sig_size = sizeof(token->signature);
124 hash_algo = ECDSA_P384_HASH_ALGORITHM;
125 sig_algo = ECDSA_P384_SIGN_ALGORITHM;
126 ext_hash = token->extensions_hash;
127 ext_hash_size = sizeof(token->extensions_hash);
128#else
129 return PSA_ERROR_NOT_SUPPORTED;
130#endif /* PSA_ADAC_EC_P384 */
Maulik Patel28c16e42022-11-29 15:34:23 +0000[diff] [blame]131 } else if (signature_type == ECDSA_P521_SHA512) {
132#ifdef PSA_ADAC_EC_P521
133 token_size = sizeof(token_p521_t) + exts_size;
134 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
135 token_p521_t *token = (token_p521_t *) (_fragment + sizeof(psa_tlv_t));
136 tbs_size = token->signature - (uint8_t *) token;
137 body_size = sizeof(*token);
138 sig = token->signature;
139 sig_size = sizeof(token->signature);
140 hash_algo = ECDSA_P521_HASH_ALGORITHM;
141 sig_algo = ECDSA_P521_SIGN_ALGORITHM;
142 ext_hash = token->extensions_hash;
143 ext_hash_size = sizeof(token->extensions_hash);
144#else
145 return PSA_ERROR_NOT_SUPPORTED;
146#endif /* PSA_ADAC_EC_P521 */
147 } else if (signature_type == RSA_3072_SHA256) {
148#ifdef PSA_ADAC_RSA3072
149 body_size = sizeof(token_rsa3072_t);
150 token_size = sizeof(token_rsa3072_t) + exts_size;
151 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
152 token_rsa3072_t *token = (token_rsa3072_t *) (_fragment + sizeof(psa_tlv_t));
153 tbs_size = token->signature - (uint8_t *) token;
154 sig = token->signature;
155 sig_size = sizeof(token->signature);
156 hash_algo = RSA_3072_HASH_ALGORITHM;
157 sig_algo = RSA_3072_SIGN_ALGORITHM;
158 ext_hash = token->extensions_hash;
159 ext_hash_size = sizeof(token->extensions_hash);
160#else
161 return PSA_ERROR_NOT_SUPPORTED;
162#endif /* PSA_ADAC_RSA3072 */
163 } else if (signature_type == RSA_4096_SHA256) {
164#ifdef PSA_ADAC_RSA4096
165 token_size = sizeof(token_rsa4096_t) + exts_size;
166 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
167 token_rsa4096_t *token = (token_rsa4096_t *) (_fragment + sizeof(psa_tlv_t));
168 tbs_size = token->signature - (uint8_t *) token;
169 body_size = sizeof(*token);
170 sig = token->signature;
171 sig_size = sizeof(token->signature);
172 hash_algo = RSA_4096_HASH_ALGORITHM;
173 sig_algo = RSA_4096_SIGN_ALGORITHM;
174 ext_hash = token->extensions_hash;
175 ext_hash_size = sizeof(token->extensions_hash);
176#else
177 return PSA_ERROR_NOT_SUPPORTED;
178#endif /* PSA_ADAC_RSA4096 */
179 } else if (signature_type == ED_25519_SHA512) {
180#ifdef PSA_ADAC_ED25519
181 token_size = sizeof(token_ed255_t) + exts_size;
182 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
183 token_ed255_t *token = (token_ed255_t *) (_fragment + sizeof(psa_tlv_t));
184 tbs_size = token->signature - (uint8_t *) token;
185 body_size = sizeof(*token);
186 sig = token->signature;
187 sig_size = sizeof(token->signature);
188 hash_algo = EDDSA_ED25519_HASH_ALGORITHM;
189 sig_algo = EDDSA_ED25519_SIGN_ALGORITHM;
190 ext_hash = token->extensions_hash;
191 ext_hash_size = sizeof(token->extensions_hash);
192#else
193 return PSA_ERROR_NOT_SUPPORTED;
194#endif /* PSA_ADAC_ED25519 */
195 } else if (signature_type == ED_448_SHAKE256) {
196#ifdef PSA_ADAC_ED448
197 token_size = sizeof(token_ed448_t) + exts_size;
198 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
199 token_ed448_t *token = (token_ed448_t *) (_fragment + sizeof(psa_tlv_t));
200 tbs_size = token->signature - (uint8_t *) token;
201 body_size = sizeof(*token);
202 sig = token->signature;
203 sig_size = sizeof(token->signature);
204 hash_algo = EDDSA_ED448_HASH_ALGORITHM;
205 sig_algo = EDDSA_ED448_SIGN_ALGORITHM;
206 ext_hash = token->extensions_hash;
207 ext_hash_size = sizeof(token->extensions_hash);
208#else
209 return PSA_ERROR_NOT_SUPPORTED;
210#endif /* PSA_ADAC_ED448 */
211 } else if (signature_type == SM_SM2_SM3) {
212#ifdef PSA_ADAC_SM2
213 token_size = sizeof(token_sm2sm3_t) + exts_size;
214 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
215 token_sm2sm3_t *token = (token_sm2sm3_t *) (_fragment + sizeof(psa_tlv_t));
216 tbs_size = token->signature - (uint8_t *) token;
217 body_size = sizeof(*token);
218 sig = token->signature;
219 sig_size = sizeof(token->signature);
220 hash_algo = SM2_SM3_HASH_ALGORITHM;
221 sig_algo = SM2_SM3_SIGN_ALGORITHM;
222 ext_hash = token->extensions_hash;
223 ext_hash_size = sizeof(token->extensions_hash);
224#else
225 return PSA_ERROR_NOT_SUPPORTED;
226#endif /* PSA_ADAC_SM2 */
227 } else if (signature_type == CMAC_AES) {
228#ifdef PSA_ADAC_CMAC
229 token_size = sizeof(token_cmac_t) + exts_size;
230 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
231 token_cmac_t *token = (token_cmac_t *) (_fragment + sizeof(psa_tlv_t));
232 tbs_size = token->signature - (uint8_t *) token;
233 body_size = sizeof(*token);
234 sig = token->signature;
235 sig_size = sizeof(token->signature);
236 hash_algo = CMAC_HASH_ALGORITHM;
237 sig_algo = CMAC_SIGN_ALGORITHM;
238 ext_hash = token->extensions_hash;
239 ext_hash_size = sizeof(token->extensions_hash);
240#else
241 return PSA_ERROR_NOT_SUPPORTED;
242#endif /* PSA_ADAC_CMAC */
243 } else if (signature_type == HMAC_SHA256) {
244#ifdef PSA_ADAC_HMAC
245 token_size = sizeof(token_hmac_t) + exts_size;
246 _fragment = (uint8_t *) calloc(1, token_size + sizeof(psa_tlv_t));
247 token_hmac_t *token = (token_hmac_t *) (_fragment + sizeof(psa_tlv_t));
248 tbs_size = token->signature - (uint8_t *) token;
249 body_size = sizeof(*token);
250 sig = token->signature;
251 sig_size = sizeof(token->signature);
252 hash_algo = HMAC_HASH_ALGORITHM;
253 sig_algo = HMAC_SIGN_ALGORITHM;
254 ext_hash = token->extensions_hash;
255 ext_hash_size = sizeof(token->extensions_hash);
256#else
257 return PSA_ERROR_NOT_SUPPORTED;
258#endif /* PSA_ADAC_HMAC */
259 } else {
260 return PSA_ERROR_NOT_SUPPORTED;
261 }
262
263 ((psa_tlv_t *) _fragment)->_reserved = 0x0;
264 ((psa_tlv_t *) _fragment)->type_id = PSA_BINARY_TOKEN;
265 ((psa_tlv_t *) _fragment)->length_in_bytes = token_size;
266
267 token_header_t *token = (token_header_t *) (_fragment + sizeof(psa_tlv_t));
268 token->format_version.major = ADAC_TOKEN_MAJOR;
269 token->format_version.minor = ADAC_TOKEN_MINOR;
270 token->signature_type = signature_type;
271 token->extensions_bytes = exts_size;
272
273 if (req_perms != NULL) {
274 memcpy((void*) (token->requested_permissions), req_perms, PERMISSION_BITS / 8);
275 } else {
276 memset((void*) (token->requested_permissions), 0xFF, PERMISSION_BITS / 8);
277 }
278
279 if (exts_size > 0) {
280 /* FIXME: Support PSA_ALG_CMAC */
281 psa_adac_hash(hash_algo, exts, exts_size, ext_hash, ext_hash_size, &hash_size);
282 memcpy((void *) (token + body_size), exts, exts_size);
283 } else {
284 memset((void *) ext_hash, 0, ext_hash_size);
285 }
286
287
288 const uint8_t *inputs[2] = {_fragment + sizeof(psa_tlv_t), challenge};
289 size_t input_sizes[2] = {tbs_size, challenge_size};
290
291 if ((sig_algo == CMAC_SIGN_ALGORITHM) || (sig_algo == HMAC_SIGN_ALGORITHM)) {
292 status = psa_adac_mac_sign(sig_algo, inputs, input_sizes, 2, key, key_size,
293 sig, sig_size, &ign);
294 } else {
295 status = psa_adac_pki_sign(sig_algo, hash_algo, inputs, input_sizes, 2, handle,
296 sig, sig_size, &ign);
297 }
298
299 if (PSA_SUCCESS != status) {
300 PSA_ADAC_LOG_ERR("token", "Error signing (%d)\n", status);
301 } else {
302 *fragment = _fragment;
303 *fragment_size = token_size + sizeof(psa_tlv_t);
304 }
305
306 return status;
307}