aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKevin Peng <kevin.peng@arm.com>2019-07-29 16:05:42 +0800
committerKen Liu <ken.liu@arm.com>2019-08-16 02:18:15 +0000
commit9449a361776b2c08834c05e8f276ffa87301d18b (patch)
tree1963924e8bdd2646949b9805e78da05e6c37ed68
parent519ed86207edef10b67621d108321357960da421 (diff)
downloadtrusted-firmware-m-9449a361776b2c08834c05e8f276ffa87301d18b.tar.gz
Interface: Split the source files for different models
This patch splits the interface source files for different models. They only contain the implementations for each model respectively. Change-Id: I70aef5384754c445787327ec2c61fc57201da86f Signed-off-by: Kevin Peng <kevin.peng@arm.com>
-rw-r--r--app/CMakeLists.txt37
-rw-r--r--interface/src/tfm_audit_func_api.c (renamed from interface/src/tfm_audit_api.c)0
-rw-r--r--interface/src/tfm_crypto_func_api.c1230
-rw-r--r--interface/src/tfm_crypto_ipc_api.c (renamed from interface/src/tfm_crypto_api.c)243
-rw-r--r--interface/src/tfm_initial_attestation_func_api.c58
-rw-r--r--interface/src/tfm_initial_attestation_ipc_api.c (renamed from interface/src/tfm_initial_attestation_api.c)29
-rw-r--r--interface/src/tfm_platform_func_api.c (renamed from interface/src/tfm_platform_api.c)0
-rw-r--r--interface/src/tfm_sst_func_api.c159
-rw-r--r--interface/src/tfm_sst_ipc_api.c (renamed from interface/src/tfm_sst_api.c)62
9 files changed, 1502 insertions, 316 deletions
diff --git a/app/CMakeLists.txt b/app/CMakeLists.txt
index 7d3016c27..eeeccaf88 100644
--- a/app/CMakeLists.txt
+++ b/app/CMakeLists.txt
@@ -46,23 +46,46 @@ if (NOT DEFINED TFM_PARTITION_PLATFORM)
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PLATFORM is undefined.")
endif()
+if (NOT DEFINED TFM_PSA_API)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PSA_API is undefined.")
+endif()
+
set(NS_APP_SRC "${CMSIS_5_DIR}/CMSIS/RTOS2/RTX/Config/RTX_Config.c"
"${CMSIS_5_DIR}/CMSIS/RTOS2/RTX/Source/rtx_lib.c"
"${APP_DIR}/main_ns.c"
"${APP_DIR}/tfm_integ_test.c"
"${APP_DIR}/os_wrapper_cmsis_rtos_v2.c"
- "${INTERFACE_DIR}/src/tfm_sst_api.c"
- "${INTERFACE_DIR}/src/tfm_crypto_api.c"
- "${INTERFACE_DIR}/src/tfm_initial_attestation_api.c"
"${INTERFACE_DIR}/src/tfm_ns_interface.c"
)
+if (TFM_PSA_API)
+ list(APPEND NS_APP_SRC
+ "${INTERFACE_DIR}/src/tfm_sst_ipc_api.c"
+ "${INTERFACE_DIR}/src/tfm_crypto_ipc_api.c"
+ "${INTERFACE_DIR}/src/tfm_initial_attestation_ipc_api.c"
+ )
+else()
+ list(APPEND NS_APP_SRC
+ "${INTERFACE_DIR}/src/tfm_sst_func_api.c"
+ "${INTERFACE_DIR}/src/tfm_crypto_func_api.c"
+ "${INTERFACE_DIR}/src/tfm_initial_attestation_func_api.c"
+ )
+endif()
+
if (TFM_PARTITION_AUDIT_LOG)
- list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_audit_api.c")
+ if (TFM_PSA_API)
+ message(FATAL_ERROR "Audit log has not been supported in IPC model yet.")
+ else()
+ list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_audit_func_api.c")
+ endif()
endif()
if (TFM_PARTITION_PLATFORM)
- list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_platform_api.c")
+ if (TFM_PSA_API)
+ message(FATAL_ERROR "Platform service has not been supported in IPC model yet.")
+ else()
+ list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_platform_func_api.c")
+ endif()
endif()
if (NOT DEFINED TFM_NS_CLIENT_IDENTIFICATION)
@@ -78,9 +101,7 @@ if (PSA_API_TEST_NS)
list(APPEND NS_APP_SRC "${APP_DIR}/psa_api_test.c")
endif()
-if (NOT DEFINED TFM_PSA_API)
- message(FATAL_ERROR "Incomplete build configuration: TFM_PSA_API is undefined. ")
-elseif (TFM_PSA_API)
+if (TFM_PSA_API)
list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_psa_ns_api.c")
endif()
diff --git a/interface/src/tfm_audit_api.c b/interface/src/tfm_audit_func_api.c
index 343963502..343963502 100644
--- a/interface/src/tfm_audit_api.c
+++ b/interface/src/tfm_audit_func_api.c
diff --git a/interface/src/tfm_crypto_func_api.c b/interface/src/tfm_crypto_func_api.c
new file mode 100644
index 000000000..176c192e1
--- /dev/null
+++ b/interface/src/tfm_crypto_func_api.c
@@ -0,0 +1,1230 @@
+/*
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "tfm_veneers.h"
+#include "tfm_crypto_defs.h"
+#include "psa/crypto.h"
+#include "tfm_ns_interface.h"
+
+#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0]))
+
+#define API_DISPATCH(sfn_name, sfn_id) \
+ tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
+ (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
+ (uint32_t)out_vec, ARRAY_SIZE(out_vec))
+
+#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
+ tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
+ (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
+ (uint32_t)NULL, 0)
+
+psa_status_t psa_crypto_init(void)
+{
+ /* Service init is performed during TFM boot up,
+ * so application level initialisation is empty
+ */
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_allocate_key(psa_key_handle_t *handle)
+{
+ psa_status_t status;
+ const struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_ALLOCATE_KEY_SID,
+ };
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = handle, .len = sizeof(psa_key_handle_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_allocate_key,
+ TFM_CRYPTO_ALLOCATE_KEY);
+
+ return status;
+}
+
+psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
+ psa_key_id_t id,
+ psa_key_handle_t *handle)
+{
+ (void)lifetime;
+ (void)id;
+ (void)handle;
+
+ /* TODO: Persistent key APIs are not supported yet */
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
+ psa_key_id_t id,
+ psa_key_handle_t *handle)
+{
+ (void)lifetime;
+ (void)id;
+ (void)handle;
+
+ /* TODO: Persistent key APIs are not supported yet */
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_close_key(psa_key_handle_t handle)
+{
+ (void)handle;
+
+ /* TODO: Persistent key APIs are not supported yet */
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_import_key(psa_key_handle_t handle,
+ psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_IMPORT_KEY_SID,
+ .key_handle = handle,
+ .type = type,
+ };
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = data, .len = data_length}
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_import_key,
+ TFM_CRYPTO_IMPORT_KEY);
+
+ return status;
+}
+
+psa_status_t psa_destroy_key(psa_key_handle_t handle)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_DESTROY_KEY_SID,
+ .key_handle = handle,
+ };
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_destroy_key,
+ TFM_CRYPTO_DESTROY_KEY);
+
+ return status;
+}
+
+psa_status_t psa_get_key_information(psa_key_handle_t handle,
+ psa_key_type_t *type,
+ size_t *bits)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GET_KEY_INFORMATION_SID,
+ .key_handle = handle,
+ };
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = type, .len = sizeof(psa_key_type_t)},
+ {.base = bits, .len = sizeof(size_t)}
+ };
+
+ status = API_DISPATCH(tfm_crypto_get_key_information,
+ TFM_CRYPTO_GET_KEY_INFORMATION);
+
+ return status;
+}
+
+psa_status_t psa_export_key(psa_key_handle_t handle,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_EXPORT_KEY_SID,
+ .key_handle = handle,
+ };
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = data, .len = data_size}
+ };
+
+ status = API_DISPATCH(tfm_crypto_export_key,
+ TFM_CRYPTO_EXPORT_KEY);
+
+ *data_length = out_vec[0].len;
+
+
+ return status;
+}
+
+psa_status_t psa_export_public_key(psa_key_handle_t handle,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
+ .key_handle = handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = data, .len = data_size}
+ };
+
+ status = API_DISPATCH(tfm_crypto_export_public_key,
+ TFM_CRYPTO_EXPORT_PUBLIC_KEY);
+
+ *data_length = out_vec[0].len;
+
+ return status;
+}
+
+psa_status_t psa_copy_key(psa_key_handle_t source_handle,
+ psa_key_handle_t target_handle,
+ const psa_key_policy_t *constraint)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_COPY_KEY_SID,
+ .key_handle = source_handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = &target_handle, .len = sizeof(psa_key_handle_t)},
+ {.base = constraint, .len = sizeof(psa_key_policy_t)},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_copy_key,
+ TFM_CRYPTO_COPY_KEY);
+
+ return status;
+}
+
+void psa_key_policy_set_usage(psa_key_policy_t *policy,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg)
+{
+ policy->usage = usage;
+ policy->alg = alg;
+}
+
+psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy)
+{
+ return policy->usage;
+}
+
+psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy)
+{
+ return policy->alg;
+}
+
+psa_status_t psa_set_key_policy(psa_key_handle_t handle,
+ const psa_key_policy_t *policy)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_SET_KEY_POLICY_SID,
+ .key_handle = handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = policy, .len = sizeof(psa_key_policy_t)},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_set_key_policy,
+ TFM_CRYPTO_SET_KEY_POLICY);
+
+ return status;
+}
+
+psa_status_t psa_get_key_policy(psa_key_handle_t handle,
+ psa_key_policy_t *policy)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GET_KEY_POLICY_SID,
+ .key_handle = handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = policy, .len = sizeof(psa_key_policy_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_get_key_policy,
+ TFM_CRYPTO_GET_KEY_POLICY);
+
+ return status;
+}
+
+psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
+ psa_key_lifetime_t *lifetime)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GET_KEY_LIFETIME_SID,
+ .key_handle = handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = lifetime, .len = sizeof(psa_key_lifetime_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_get_key_lifetime,
+ TFM_CRYPTO_GET_KEY_LIFETIME);
+
+ return status;
+}
+
+psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
+ unsigned char *iv,
+ size_t iv_size,
+ size_t *iv_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ {.base = iv, .len = iv_size},
+ };
+
+ status = API_DISPATCH(tfm_crypto_cipher_generate_iv,
+ TFM_CRYPTO_CIPHER_GENERATE_IV);
+
+ *iv_length = out_vec[1].len;
+
+ return status;
+}
+
+psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
+ const unsigned char *iv,
+ size_t iv_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = iv, .len = iv_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_cipher_set_iv,
+ TFM_CRYPTO_CIPHER_SET_IV);
+
+ return status;
+}
+
+psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
+ .key_handle = handle,
+ .alg = alg,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_cipher_encrypt_setup,
+ TFM_CRYPTO_CIPHER_ENCRYPT_SETUP);
+
+ return status;
+}
+
+psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
+ .key_handle = handle,
+ .alg = alg,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_cipher_decrypt_setup,
+ TFM_CRYPTO_CIPHER_DECRYPT_SETUP);
+
+ return status;
+}
+
+psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ unsigned char *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = input, .len = input_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ {.base = output, .len = output_size}
+ };
+
+ status = API_DISPATCH(tfm_crypto_cipher_update,
+ TFM_CRYPTO_CIPHER_UPDATE);
+
+ *output_length = out_vec[1].len;
+
+ return status;
+}
+
+psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_cipher_abort,
+ TFM_CRYPTO_CIPHER_ABORT);
+
+ return status;
+}
+
+psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ {.base = output, .len = output_size},
+ };
+
+ status = API_DISPATCH(tfm_crypto_cipher_finish,
+ TFM_CRYPTO_CIPHER_FINISH);
+
+ *output_length = out_vec[1].len;
+
+ return status;
+}
+
+psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
+ psa_algorithm_t alg)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_HASH_SETUP_SID,
+ .alg = alg,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_hash_setup,
+ TFM_CRYPTO_HASH_SETUP);
+
+ return status;
+}
+
+psa_status_t psa_hash_update(psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_HASH_UPDATE_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = input, .len = input_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_hash_update,
+ TFM_CRYPTO_HASH_UPDATE);
+
+ return status;
+}
+
+psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_HASH_FINISH_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ {.base = hash, .len = hash_size},
+ };
+
+ status = API_DISPATCH(tfm_crypto_hash_finish,
+ TFM_CRYPTO_HASH_FINISH);
+
+ *hash_length = out_vec[1].len;
+
+ return status;
+}
+
+psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
+ const uint8_t *hash,
+ size_t hash_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_HASH_VERIFY_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = hash, .len = hash_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_hash_verify,
+ TFM_CRYPTO_HASH_VERIFY);
+
+ return status;
+}
+
+psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_HASH_ABORT_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_hash_abort,
+ TFM_CRYPTO_HASH_ABORT);
+
+ return status;
+}
+
+psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_HASH_CLONE_SID,
+ .op_handle = source_operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = target_operation, .len = sizeof(psa_hash_operation_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_hash_clone,
+ TFM_CRYPTO_HASH_CLONE);
+
+ return status;
+}
+
+psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
+ .key_handle = handle,
+ .alg = alg,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_mac_sign_setup,
+ TFM_CRYPTO_MAC_SIGN_SETUP);
+
+ return status;
+}
+
+psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
+ .key_handle = handle,
+ .alg = alg,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_mac_verify_setup,
+ TFM_CRYPTO_MAC_VERIFY_SETUP);
+
+ return status;
+}
+
+psa_status_t psa_mac_update(psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_UPDATE_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = input, .len = input_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_mac_update,
+ TFM_CRYPTO_MAC_UPDATE);
+
+ return status;
+}
+
+psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ {.base = mac, .len = mac_size},
+ };
+
+ status = API_DISPATCH(tfm_crypto_mac_sign_finish,
+ TFM_CRYPTO_MAC_SIGN_FINISH);
+
+ *mac_length = out_vec[1].len;
+
+ return status;
+}
+
+psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = mac, .len = mac_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_mac_verify_finish,
+ TFM_CRYPTO_MAC_VERIFY_FINISH);
+
+ return status;
+}
+
+psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_MAC_ABORT_SID,
+ .op_handle = operation->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+ psa_outvec out_vec[] = {
+ {.base = &(operation->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_mac_abort,
+ TFM_CRYPTO_MAC_ABORT);
+
+ return status;
+}
+
+psa_status_t psa_aead_encrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *plaintext,
+ size_t plaintext_length,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
+ .key_handle = handle,
+ .alg = alg,
+ .aead_in = {.nonce = {0}, .nonce_length = nonce_length}
+ };
+
+ /* Sanitize the optional input */
+ if ((additional_data == NULL) && (additional_data_length != 0)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ size_t idx = 0;
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = plaintext, .len = plaintext_length},
+ {.base = additional_data, .len = additional_data_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = ciphertext, .len = ciphertext_size},
+ };
+
+ if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ if (nonce != NULL) {
+ for (idx = 0; idx < nonce_length; idx++) {
+ iov.aead_in.nonce[idx] = nonce[idx];
+ }
+ }
+
+ status = API_DISPATCH(tfm_crypto_aead_encrypt,
+ TFM_CRYPTO_AEAD_ENCRYPT);
+
+ *ciphertext_length = out_vec[0].len;
+
+ return status;
+}
+
+psa_status_t psa_aead_decrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
+ .key_handle = handle,
+ .alg = alg,
+ .aead_in = {.nonce = {0}, .nonce_length = nonce_length}
+ };
+
+ /* Sanitize the optional input */
+ if ((additional_data == NULL) && (additional_data_length != 0)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ size_t idx = 0;
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = ciphertext, .len = ciphertext_length},
+ {.base = additional_data, .len = additional_data_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = plaintext, .len = plaintext_size},
+ };
+
+ if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ if (nonce != NULL) {
+ for (idx = 0; idx < nonce_length; idx++) {
+ iov.aead_in.nonce[idx] = nonce[idx];
+ }
+ }
+
+ status = API_DISPATCH(tfm_crypto_aead_decrypt,
+ TFM_CRYPTO_AEAD_DECRYPT);
+
+ *plaintext_length = out_vec[0].len;
+
+ return status;
+}
+
+psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_SID,
+ .key_handle = handle,
+ .alg = alg,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = hash, .len = hash_length},
+ };
+ psa_outvec out_vec[] = {
+ {.base = signature, .len = signature_size},
+ };
+
+ status = API_DISPATCH(tfm_crypto_asymmetric_sign,
+ TFM_CRYPTO_ASYMMETRIC_SIGN);
+
+ *signature_length = out_vec[0].len;
+
+ return status;
+}
+
+psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_VERIFY_SID,
+ .key_handle = handle,
+ .alg = alg
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = hash, .len = hash_length},
+ {.base = signature, .len = signature_length}
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_asymmetric_verify,
+ TFM_CRYPTO_ASYMMETRIC_VERIFY);
+
+ return status;
+}
+
+psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
+ .key_handle = handle,
+ .alg = alg
+ };
+
+ /* Sanitize the optional input */
+ if ((salt == NULL) && (salt_length != 0)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = input, .len = input_length},
+ {.base = salt, .len = salt_length}
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = output, .len = output_size},
+ };
+
+ status = API_DISPATCH(tfm_crypto_asymmetric_encrypt,
+ TFM_CRYPTO_ASYMMETRIC_ENCRYPT);
+
+ *output_length = out_vec[0].len;
+
+ return status;
+}
+
+psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
+ .key_handle = handle,
+ .alg = alg
+ };
+
+ /* Sanitize the optional input */
+ if ((salt == NULL) && (salt_length != 0)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = input, .len = input_length},
+ {.base = salt, .len = salt_length}
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = output, .len = output_size},
+ };
+
+ status = API_DISPATCH(tfm_crypto_asymmetric_decrypt,
+ TFM_CRYPTO_ASYMMETRIC_DECRYPT);
+
+ *output_length = out_vec[0].len;
+
+ return status;
+}
+
+psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
+ size_t *capacity)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GET_GENERATOR_CAPACITY_SID,
+ .op_handle = generator->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = capacity, .len = sizeof(size_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_get_generator_capacity,
+ TFM_CRYPTO_GET_GENERATOR_CAPACITY);
+
+ return status;
+}
+
+psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
+ uint8_t *output,
+ size_t output_length)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GENERATOR_READ_SID,
+ .op_handle = generator->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = output, .len = output_length},
+ };
+
+ status = API_DISPATCH(tfm_crypto_generator_read,
+ TFM_CRYPTO_GENERATOR_READ);
+
+ return status;
+}
+
+psa_status_t psa_generator_import_key(psa_key_handle_t handle,
+ psa_key_type_t type,
+ size_t bits,
+ psa_crypto_generator_t *generator)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GENERATOR_IMPORT_KEY_SID,
+ .key_handle = handle,
+ .type = type,
+ .op_handle = generator->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = &bits, .len = sizeof(size_t)},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_generator_import_key,
+ TFM_CRYPTO_GENERATOR_IMPORT_KEY);
+
+ return status;
+}
+
+psa_status_t psa_generator_abort(psa_crypto_generator_t *generator)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GENERATOR_ABORT_SID,
+ .op_handle = generator->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = &(generator->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_generator_abort,
+ TFM_CRYPTO_GENERATOR_ABORT);
+
+ return status;
+}
+
+psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *salt,
+ size_t salt_length,
+ const uint8_t *label,
+ size_t label_length,
+ size_t capacity)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SID,
+ .key_handle = handle,
+ .alg = alg,
+ .op_handle = generator->handle,
+ .capacity = capacity,
+ };
+
+ /* Sanitize the optional input */
+ if ((salt == NULL) && (salt_length != 0)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ if ((label == NULL) && (label_length != 0)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = salt, .len = salt_length},
+ {.base = label, .len = label_length},
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = &(generator->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_key_derivation,
+ TFM_CRYPTO_KEY_DERIVATION);
+
+ return status;
+}
+
+psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
+ psa_key_handle_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ psa_algorithm_t alg)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_KEY_AGREEMENT_SID,
+ .key_handle = private_key,
+ .alg = alg,
+ .op_handle = generator->handle,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = peer_key, .len = peer_key_length},
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = &(generator->handle), .len = sizeof(uint32_t)},
+ };
+
+ status = API_DISPATCH(tfm_crypto_key_agreement,
+ TFM_CRYPTO_KEY_AGREEMENT);
+
+ return status;
+}
+
+psa_status_t psa_generate_random(uint8_t *output,
+ size_t output_size)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
+ };
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ };
+
+ psa_outvec out_vec[] = {
+ {.base = output, .len = output_size},
+ };
+
+ if (output_size == 0) {
+ return PSA_SUCCESS;
+ }
+
+ status = API_DISPATCH(tfm_crypto_generate_random,
+ TFM_CRYPTO_GENERATE_RANDOM);
+
+ return status;
+}
+
+psa_status_t psa_generate_key(psa_key_handle_t handle,
+ psa_key_type_t type,
+ size_t bits,
+ const void *extra,
+ size_t extra_size)
+{
+ psa_status_t status;
+ struct tfm_crypto_pack_iovec iov = {
+ .sfn_id = TFM_CRYPTO_GENERATE_KEY_SID,
+ .key_handle = handle,
+ .type = type,
+ };
+
+ /* Sanitize the optional input */
+ if ((extra == NULL) && (extra_size != 0)) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ psa_invec in_vec[] = {
+ {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
+ {.base = &bits, .len = sizeof(size_t)},
+ {.base = extra, .len = extra_size},
+ };
+
+ status = API_DISPATCH_NO_OUTVEC(tfm_crypto_generate_key,
+ TFM_CRYPTO_GENERATE_KEY);
+
+ return status;
+}
diff --git a/interface/src/tfm_crypto_api.c b/interface/src/tfm_crypto_ipc_api.c
index c53641b54..cf6152c20 100644
--- a/interface/src/tfm_crypto_api.c
+++ b/interface/src/tfm_crypto_ipc_api.c
@@ -9,15 +9,11 @@
#include "tfm_crypto_defs.h"
#include "psa/crypto.h"
#include "tfm_ns_interface.h"
-#ifdef TFM_PSA_API
#include "psa_manifest/sid.h"
-#endif
+#include "psa/client.h"
#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0]))
-#ifdef TFM_PSA_API
-#include "psa/client.h"
-
#define PSA_CONNECT(service) \
psa_handle_t ipc_handle; \
ipc_handle = psa_connect(service##_SID, service##_VERSION); \
@@ -36,17 +32,6 @@
psa_call(ipc_handle, PSA_IPC_CALL, \
in_vec, ARRAY_SIZE(in_vec), \
(psa_outvec *)NULL, 0)
-#else
-#define API_DISPATCH(sfn_name, sfn_id) \
- tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
- (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
- (uint32_t)out_vec, ARRAY_SIZE(out_vec))
-
-#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
- tfm_ns_interface_dispatch((veneer_fn)tfm_##sfn_name##_veneer,\
- (uint32_t)in_vec, ARRAY_SIZE(in_vec), \
- (uint32_t)NULL, 0)
-#endif
psa_status_t psa_crypto_init(void)
{
@@ -72,15 +57,12 @@ psa_status_t psa_allocate_key(psa_key_handle_t *handle)
{.base = handle, .len = sizeof(psa_key_handle_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_allocate_key,
TFM_CRYPTO_ALLOCATE_KEY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -149,15 +131,12 @@ psa_status_t psa_import_key(psa_key_handle_t handle,
{.base = data, .len = data_length}
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_import_key,
TFM_CRYPTO_IMPORT_KEY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -177,15 +156,12 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle)
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_destroy_key,
TFM_CRYPTO_DESTROY_KEY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -211,15 +187,12 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle,
{.base = bits, .len = sizeof(size_t)}
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_get_key_information,
TFM_CRYPTO_GET_KEY_INFORMATION);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -245,18 +218,14 @@ psa_status_t psa_export_key(psa_key_handle_t handle,
{.base = data, .len = data_size}
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_export_key,
TFM_CRYPTO_EXPORT_KEY);
*data_length = out_vec[0].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -283,18 +252,14 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle,
{.base = data, .len = data_size}
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_export_public_key,
TFM_CRYPTO_EXPORT_PUBLIC_KEY);
*data_length = out_vec[0].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -319,15 +284,12 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle,
{.base = constraint, .len = sizeof(psa_key_policy_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_copy_key,
TFM_CRYPTO_COPY_KEY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -368,15 +330,12 @@ psa_status_t psa_set_key_policy(psa_key_handle_t handle,
{.base = policy, .len = sizeof(psa_key_policy_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_set_key_policy,
TFM_CRYPTO_SET_KEY_POLICY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -401,15 +360,12 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle,
{.base = policy, .len = sizeof(psa_key_policy_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_get_key_policy,
TFM_CRYPTO_GET_KEY_POLICY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -434,15 +390,12 @@ psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
{.base = lifetime, .len = sizeof(psa_key_lifetime_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_get_key_lifetime,
TFM_CRYPTO_GET_KEY_LIFETIME);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
@@ -470,18 +423,14 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
{.base = iv, .len = iv_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_cipher_generate_iv,
TFM_CRYPTO_CIPHER_GENERATE_IV);
*iv_length = out_vec[1].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
@@ -508,15 +457,12 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_cipher_set_iv,
TFM_CRYPTO_CIPHER_SET_IV);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
@@ -544,15 +490,12 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_cipher_encrypt_setup,
TFM_CRYPTO_CIPHER_ENCRYPT_SETUP);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
@@ -580,15 +523,12 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_cipher_decrypt_setup,
TFM_CRYPTO_CIPHER_DECRYPT_SETUP);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
@@ -619,18 +559,14 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
{.base = output, .len = output_size}
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_cipher_update,
TFM_CRYPTO_CIPHER_UPDATE);
*output_length = out_vec[1].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
@@ -654,15 +590,12 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_cipher_abort,
TFM_CRYPTO_CIPHER_ABORT);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
@@ -690,18 +623,14 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
{.base = output, .len = output_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_cipher_finish,
TFM_CRYPTO_CIPHER_FINISH);
*output_length = out_vec[1].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
@@ -727,16 +656,12 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_hash_setup,
TFM_CRYPTO_HASH_SETUP);
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
@@ -763,16 +688,12 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_hash_update,
TFM_CRYPTO_HASH_UPDATE);
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
@@ -800,18 +721,14 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
{.base = hash, .len = hash_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_hash_finish,
TFM_CRYPTO_HASH_FINISH);
*hash_length = out_vec[1].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
@@ -838,15 +755,12 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_hash_verify,
TFM_CRYPTO_HASH_VERIFY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
@@ -870,15 +784,12 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_hash_abort,
TFM_CRYPTO_HASH_ABORT);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
@@ -903,15 +814,12 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
{.base = target_operation, .len = sizeof(psa_hash_operation_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_hash_clone,
TFM_CRYPTO_HASH_CLONE);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
@@ -939,15 +847,12 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_mac_sign_setup,
TFM_CRYPTO_MAC_SIGN_SETUP);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
@@ -975,15 +880,12 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_mac_verify_setup,
TFM_CRYPTO_MAC_VERIFY_SETUP);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
@@ -1010,15 +912,12 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_mac_update,
TFM_CRYPTO_MAC_UPDATE);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
@@ -1046,18 +945,14 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
{.base = mac, .len = mac_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_mac_sign_finish,
TFM_CRYPTO_MAC_SIGN_FINISH);
*mac_length = out_vec[1].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
@@ -1084,16 +979,12 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_mac_verify_finish,
TFM_CRYPTO_MAC_VERIFY_FINISH);
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
@@ -1117,15 +1008,12 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_mac_abort,
TFM_CRYPTO_MAC_ABORT);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
@@ -1179,27 +1067,18 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle,
}
}
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
-#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (additional_data == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
-#else
- status = API_DISPATCH(tfm_crypto_aead_encrypt,
- TFM_CRYPTO_AEAD_ENCRYPT);
-#endif
*ciphertext_length = out_vec[0].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
@@ -1253,27 +1132,18 @@ psa_status_t psa_aead_decrypt(psa_key_handle_t handle,
}
}
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
-#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (additional_data == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
-#else
- status = API_DISPATCH(tfm_crypto_aead_decrypt,
- TFM_CRYPTO_AEAD_DECRYPT);
-#endif
*plaintext_length = out_vec[0].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
@@ -1305,18 +1175,14 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
{.base = signature, .len = signature_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_asymmetric_sign,
TFM_CRYPTO_ASYMMETRIC_SIGN);
*signature_length = out_vec[0].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
@@ -1345,15 +1211,12 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
{.base = signature, .len = signature_length}
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_asymmetric_verify,
TFM_CRYPTO_ASYMMETRIC_VERIFY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
@@ -1394,27 +1257,18 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle,
{.base = output, .len = output_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
-#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (salt == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
-#else
- status = API_DISPATCH(tfm_crypto_asymmetric_encrypt,
- TFM_CRYPTO_ASYMMETRIC_ENCRYPT);
-#endif
*output_length = out_vec[0].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
@@ -1455,27 +1309,18 @@ psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle,
{.base = output, .len = output_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
-#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (salt == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
-#else
- status = API_DISPATCH(tfm_crypto_asymmetric_decrypt,
- TFM_CRYPTO_ASYMMETRIC_DECRYPT);
-#endif
*output_length = out_vec[0].len;
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
@@ -1501,15 +1346,12 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
{.base = capacity, .len = sizeof(size_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_get_generator_capacity,
TFM_CRYPTO_GET_GENERATOR_CAPACITY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
@@ -1536,15 +1378,12 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
{.base = output, .len = output_length},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_generator_read,
TFM_CRYPTO_GENERATOR_READ);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
@@ -1571,15 +1410,12 @@ psa_status_t psa_generator_import_key(psa_key_handle_t handle,
{.base = &bits, .len = sizeof(size_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_generator_import_key,
TFM_CRYPTO_GENERATOR_IMPORT_KEY);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
@@ -1604,15 +1440,12 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator)
{.base = &(generator->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_generator_abort,
TFM_CRYPTO_GENERATOR_ABORT);
-#ifdef TFM_PSA_API
+
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
@@ -1658,11 +1491,8 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
{.base = &(generator->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
-#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (label == NULL) {
in_len--;
@@ -1672,14 +1502,8 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
-#else
- status = API_DISPATCH(tfm_crypto_key_derivation,
- TFM_CRYPTO_KEY_DERIVATION);
-#endif
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
@@ -1711,16 +1535,12 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
{.base = &(generator->handle), .len = sizeof(uint32_t)},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_key_agreement,
TFM_CRYPTO_KEY_AGREEMENT);
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
@@ -1749,16 +1569,12 @@ psa_status_t psa_generate_random(uint8_t *output,
return PSA_SUCCESS;
}
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
status = API_DISPATCH(tfm_crypto_generate_random,
TFM_CRYPTO_GENERATE_RANDOM);
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
@@ -1791,25 +1607,16 @@ psa_status_t psa_generate_key(psa_key_handle_t handle,
{.base = extra, .len = extra_size},
};
-#ifdef TFM_PSA_API
PSA_CONNECT(TFM_CRYPTO);
-#endif
-#ifdef TFM_PSA_API
size_t in_len = ARRAY_SIZE(in_vec);
if (extra == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, NULL, 0);
-#else
- status = API_DISPATCH_NO_OUTVEC(tfm_crypto_generate_key,
- TFM_CRYPTO_GENERATE_KEY);
-#endif
-#ifdef TFM_PSA_API
PSA_CLOSE();
-#endif
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
diff --git a/interface/src/tfm_initial_attestation_func_api.c b/interface/src/tfm_initial_attestation_func_api.c
new file mode 100644
index 000000000..c391f6117
--- /dev/null
+++ b/interface/src/tfm_initial_attestation_func_api.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "psa/initial_attestation.h"
+#include "tfm_veneers.h"
+#include "tfm_ns_interface.h"
+#include "psa/client.h"
+
+#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0]))
+
+enum psa_attest_err_t
+psa_initial_attest_get_token(const uint8_t *challenge_obj,
+ uint32_t challenge_size,
+ uint8_t *token,
+ uint32_t *token_size)
+{
+
+ int32_t res;
+
+ psa_invec in_vec[] = {
+ {challenge_obj, challenge_size}
+ };
+ psa_outvec out_vec[] = {
+ {token, *token_size}
+ };
+
+ res = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_initial_attest_get_token_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+
+ if (res == (int32_t)PSA_ATTEST_ERR_SUCCESS) {
+ *token_size = out_vec[0].len;
+ }
+
+ return (enum psa_attest_err_t)res;
+}
+
+enum psa_attest_err_t
+psa_initial_attest_get_token_size(uint32_t challenge_size,
+ uint32_t *token_size)
+{
+ psa_invec in_vec[] = {
+ {&challenge_size, sizeof(challenge_size)}
+ };
+ psa_outvec out_vec[] = {
+ {token_size, sizeof(uint32_t)}
+ };
+
+ return (enum psa_attest_err_t)tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_initial_attest_get_token_size_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+}
diff --git a/interface/src/tfm_initial_attestation_api.c b/interface/src/tfm_initial_attestation_ipc_api.c
index 1bcce057f..10b3a5931 100644
--- a/interface/src/tfm_initial_attestation_api.c
+++ b/interface/src/tfm_initial_attestation_ipc_api.c
@@ -9,9 +9,7 @@
#include "tfm_veneers.h"
#include "tfm_ns_interface.h"
#include "psa/client.h"
-#ifdef TFM_PSA_API
#include "psa_manifest/sid.h"
-#endif
#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0]))
@@ -21,12 +19,9 @@ psa_initial_attest_get_token(const uint8_t *challenge_obj,
uint8_t *token,
uint32_t *token_size)
{
-#ifdef TFM_PSA_API
psa_handle_t handle = PSA_NULL_HANDLE;
psa_status_t status;
-#else
- int32_t res;
-#endif
+
psa_invec in_vec[] = {
{challenge_obj, challenge_size}
};
@@ -34,7 +29,6 @@ psa_initial_attest_get_token(const uint8_t *challenge_obj,
{token, *token_size}
};
-#ifdef TFM_PSA_API
handle = psa_connect(TFM_ATTEST_GET_TOKEN_SID,
TFM_ATTEST_GET_TOKEN_VERSION);
if (handle <= 0) {
@@ -55,28 +49,14 @@ psa_initial_attest_get_token(const uint8_t *challenge_obj,
}
return (enum psa_attest_err_t)status;
-#else
- res = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_initial_attest_get_token_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
-
- if (res == (int32_t)PSA_ATTEST_ERR_SUCCESS) {
- *token_size = out_vec[0].len;
- }
-
- return (enum psa_attest_err_t)res;
-#endif
}
enum psa_attest_err_t
psa_initial_attest_get_token_size(uint32_t challenge_size,
uint32_t *token_size)
{
-#ifdef TFM_PSA_API
psa_handle_t handle = PSA_NULL_HANDLE;
psa_status_t status;
-#endif
psa_invec in_vec[] = {
{&challenge_size, sizeof(challenge_size)}
};
@@ -84,7 +64,6 @@ psa_initial_attest_get_token_size(uint32_t challenge_size,
{token_size, sizeof(uint32_t)}
};
-#ifdef TFM_PSA_API
handle = psa_connect(TFM_ATTEST_GET_TOKEN_SIZE_SID,
TFM_ATTEST_GET_TOKEN_SIZE_VERSION);
if (handle <= 0) {
@@ -101,10 +80,4 @@ psa_initial_attest_get_token_size(uint32_t challenge_size,
}
return (enum psa_attest_err_t)status;
-#else
- return (enum psa_attest_err_t)tfm_ns_interface_dispatch(
- (veneer_fn)tfm_initial_attest_get_token_size_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
-#endif
}
diff --git a/interface/src/tfm_platform_api.c b/interface/src/tfm_platform_func_api.c
index 3ef0c86c8..3ef0c86c8 100644
--- a/interface/src/tfm_platform_api.c
+++ b/interface/src/tfm_platform_func_api.c
diff --git a/interface/src/tfm_sst_func_api.c b/interface/src/tfm_sst_func_api.c
new file mode 100644
index 000000000..6d94d6794
--- /dev/null
+++ b/interface/src/tfm_sst_func_api.c
@@ -0,0 +1,159 @@
+/*
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "psa/protected_storage.h"
+
+#include "tfm_ns_interface.h"
+#include "tfm_veneers.h"
+
+#define IOVEC_LEN(x) (uint32_t)(sizeof(x)/sizeof(x[0]))
+
+psa_ps_status_t psa_ps_set(psa_ps_uid_t uid,
+ uint32_t data_length,
+ const void *p_data,
+ psa_ps_create_flags_t create_flags)
+{
+ psa_status_t status;
+ psa_ps_status_t err;
+ psa_invec in_vec[] = {
+ { .base = &uid, .len = sizeof(uid) },
+ { .base = p_data, .len = data_length },
+ { .base = &create_flags, .len = sizeof(create_flags) }
+ };
+
+ psa_outvec out_vec[] = {
+ { .base = &err , .len = sizeof(err) }
+ };
+
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_set_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+ if (status != PSA_SUCCESS) {
+ return PSA_PS_ERROR_OPERATION_FAILED;
+ }
+
+ return err;
+}
+
+psa_ps_status_t psa_ps_get(psa_ps_uid_t uid,
+ uint32_t data_offset,
+ uint32_t data_length,
+ void *p_data)
+{
+ psa_status_t status;
+ psa_ps_status_t err;
+ psa_invec in_vec[] = {
+ { .base = &uid, .len = sizeof(uid) },
+ { .base = &data_offset, .len = sizeof(data_offset) }
+ };
+
+ psa_outvec out_vec[] = {
+ { .base = &err, .len = sizeof(err) },
+ { .base = p_data, .len = data_length }
+ };
+
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_get_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+
+ if (status != PSA_SUCCESS) {
+ return PSA_PS_ERROR_OPERATION_FAILED;
+ }
+
+ return err;
+}
+
+psa_ps_status_t psa_ps_get_info(psa_ps_uid_t uid, struct psa_ps_info_t *p_info)
+{
+ psa_status_t status;
+ psa_ps_status_t err;
+ psa_invec in_vec[] = {
+ { .base = &uid, .len = sizeof(uid) }
+ };
+
+ psa_outvec out_vec[] = {
+ { .base = &err, .len = sizeof(err) },
+ { .base = p_info, .len = sizeof(*p_info) }
+ };
+
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_get_info_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+
+ if (status != PSA_SUCCESS) {
+ return PSA_PS_ERROR_OPERATION_FAILED;
+ }
+
+ return err;
+}
+
+psa_ps_status_t psa_ps_remove(psa_ps_uid_t uid)
+{
+ psa_status_t status;
+ psa_ps_status_t err;
+ psa_invec in_vec[] = {
+ { .base = &uid, .len = sizeof(uid) }
+ };
+
+ psa_outvec out_vec[] = {
+ { .base = &err, .len = sizeof(err) }
+ };
+
+ status = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_remove_req_veneer,
+ (uint32_t)in_vec, IOVEC_LEN(in_vec),
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+
+ if (status != PSA_SUCCESS) {
+ return PSA_PS_ERROR_OPERATION_FAILED;
+ }
+
+ return err;
+}
+
+psa_ps_status_t psa_ps_create(psa_ps_uid_t uid, uint32_t size,
+ psa_ps_create_flags_t create_flags)
+{
+ (void)uid;
+ (void)size;
+ (void)create_flags;
+
+ return PSA_PS_ERROR_NOT_SUPPORTED;
+}
+
+psa_ps_status_t psa_ps_set_extended(psa_ps_uid_t uid, uint32_t data_offset,
+ uint32_t data_length, const void *p_data)
+{
+ (void)uid;
+ (void)data_offset;
+ (void)data_length;
+ (void)p_data;
+
+ return PSA_PS_ERROR_NOT_SUPPORTED;
+}
+
+uint32_t psa_ps_get_support(void)
+{
+ /* Initialise support_flags to a sensible default, to avoid returning an
+ * uninitialised value in case the secure function fails.
+ */
+ uint32_t support_flags = 0;
+
+ psa_outvec out_vec[] = {
+ { .base = &support_flags, .len = sizeof(support_flags) }
+ };
+
+ (void)tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_tfm_sst_get_support_req_veneer,
+ (uint32_t)NULL, 0,
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+
+ return support_flags;
+}
diff --git a/interface/src/tfm_sst_api.c b/interface/src/tfm_sst_ipc_api.c
index c3a1504dc..9ef95ff49 100644
--- a/interface/src/tfm_sst_api.c
+++ b/interface/src/tfm_sst_ipc_api.c
@@ -9,9 +9,7 @@
#include "tfm_ns_interface.h"
#include "tfm_veneers.h"
-#ifdef TFM_PSA_API
#include "psa_manifest/sid.h"
-#endif
#define IOVEC_LEN(x) (uint32_t)(sizeof(x)/sizeof(x[0]))
@@ -22,9 +20,7 @@ psa_ps_status_t psa_ps_set(psa_ps_uid_t uid,
{
psa_status_t status;
psa_ps_status_t err;
-#ifdef TFM_PSA_API
psa_handle_t handle;
-#endif
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) },
@@ -36,7 +32,6 @@ psa_ps_status_t psa_ps_set(psa_ps_uid_t uid,
{ .base = &err , .len = sizeof(err) }
};
-#ifdef TFM_PSA_API
handle = psa_connect(TFM_SST_SET_SID, TFM_SST_SET_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_PS_ERROR_OPERATION_FAILED;
@@ -50,15 +45,6 @@ psa_ps_status_t psa_ps_set(psa_ps_uid_t uid,
if (status != PSA_SUCCESS) {
return PSA_PS_ERROR_OPERATION_FAILED;
}
-#else
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_set_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
- if (status != PSA_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-#endif
return err;
}
@@ -70,9 +56,7 @@ psa_ps_status_t psa_ps_get(psa_ps_uid_t uid,
{
psa_status_t status;
psa_ps_status_t err;
-#ifdef TFM_PSA_API
psa_handle_t handle;
-#endif
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) },
@@ -84,7 +68,6 @@ psa_ps_status_t psa_ps_get(psa_ps_uid_t uid,
{ .base = p_data, .len = data_length }
};
-#ifdef TFM_PSA_API
handle = psa_connect(TFM_SST_GET_SID, TFM_SST_GET_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_PS_ERROR_OPERATION_FAILED;
@@ -98,16 +81,6 @@ psa_ps_status_t psa_ps_get(psa_ps_uid_t uid,
if (status != PSA_SUCCESS) {
return PSA_PS_ERROR_OPERATION_FAILED;
}
-#else
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_get_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
-
- if (status != PSA_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-#endif
return err;
}
@@ -116,9 +89,7 @@ psa_ps_status_t psa_ps_get_info(psa_ps_uid_t uid, struct psa_ps_info_t *p_info)
{
psa_status_t status;
psa_ps_status_t err;
-#ifdef TFM_PSA_API
psa_handle_t handle;
-#endif
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) }
@@ -129,7 +100,6 @@ psa_ps_status_t psa_ps_get_info(psa_ps_uid_t uid, struct psa_ps_info_t *p_info)
{ .base = p_info, .len = sizeof(*p_info) }
};
-#ifdef TFM_PSA_API
handle = psa_connect(TFM_SST_GET_INFO_SID, TFM_SST_GET_INFO_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_PS_ERROR_OPERATION_FAILED;
@@ -143,16 +113,6 @@ psa_ps_status_t psa_ps_get_info(psa_ps_uid_t uid, struct psa_ps_info_t *p_info)
if (status != PSA_SUCCESS) {
return PSA_PS_ERROR_OPERATION_FAILED;
}
-#else
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_get_info_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
-
- if (status != PSA_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-#endif
return err;
}
@@ -161,9 +121,7 @@ psa_ps_status_t psa_ps_remove(psa_ps_uid_t uid)
{
psa_status_t status;
psa_ps_status_t err;
-#ifdef TFM_PSA_API
psa_handle_t handle;
-#endif
psa_invec in_vec[] = {
{ .base = &uid, .len = sizeof(uid) }
@@ -173,7 +131,6 @@ psa_ps_status_t psa_ps_remove(psa_ps_uid_t uid)
{ .base = &err, .len = sizeof(err) }
};
-#ifdef TFM_PSA_API
handle = psa_connect(TFM_SST_REMOVE_SID, TFM_SST_REMOVE_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return PSA_PS_ERROR_OPERATION_FAILED;
@@ -187,16 +144,6 @@ psa_ps_status_t psa_ps_remove(psa_ps_uid_t uid)
if (status != PSA_SUCCESS) {
return PSA_PS_ERROR_OPERATION_FAILED;
}
-#else
- status = tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_remove_req_veneer,
- (uint32_t)in_vec, IOVEC_LEN(in_vec),
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
-
- if (status != PSA_SUCCESS) {
- return PSA_PS_ERROR_OPERATION_FAILED;
- }
-#endif
return err;
}
@@ -228,9 +175,7 @@ uint32_t psa_ps_get_support(void)
* uninitialised value in case the secure function fails.
*/
uint32_t support_flags = 0;
-#ifdef TFM_PSA_API
psa_handle_t handle;
-#endif
psa_outvec out_vec[] = {
{ .base = &support_flags, .len = sizeof(support_flags) }
@@ -239,7 +184,6 @@ uint32_t psa_ps_get_support(void)
/* The PSA API does not return an error, so any error from TF-M is
* ignored.
*/
-#ifdef TFM_PSA_API
handle = psa_connect(TFM_SST_GET_SUPPORT_SID, TFM_SST_GET_SUPPORT_VERSION);
if (!PSA_HANDLE_IS_VALID(handle)) {
return support_flags;
@@ -248,12 +192,6 @@ uint32_t psa_ps_get_support(void)
(void)psa_call(handle, PSA_IPC_CALL, NULL, 0, out_vec, IOVEC_LEN(out_vec));
psa_close(handle);
-#else
- (void)tfm_ns_interface_dispatch(
- (veneer_fn)tfm_tfm_sst_get_support_req_veneer,
- (uint32_t)NULL, 0,
- (uint32_t)out_vec, IOVEC_LEN(out_vec));
-#endif
return support_flags;
}