GitBucket
Newer
/*
* Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
#include "tfm_crypto_defs.h"
#include "psa/crypto.h"
#include "tfm_ns_interface.h"
#include "psa_manifest/sid.h"
#include "psa/client.h"
#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0]))
#define PSA_CONNECT(service) \
psa_handle_t ipc_handle; \
ipc_handle = psa_connect(service##_SID, service##_VERSION); \
if (!PSA_HANDLE_IS_VALID(ipc_handle)) { \
return PSA_ERROR_GENERIC_ERROR; \
} \
#define PSA_CLOSE() psa_close(ipc_handle)
#define API_DISPATCH(sfn_name, sfn_id) \
psa_call(ipc_handle, PSA_IPC_CALL, \
in_vec, ARRAY_SIZE(in_vec), \
out_vec, ARRAY_SIZE(out_vec))
#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
psa_call(ipc_handle, PSA_IPC_CALL, \
in_vec, ARRAY_SIZE(in_vec), \
(psa_outvec *)NULL, 0)
psa_status_t psa_crypto_init(void)
{
/* Service init is performed during TFM boot up,
* so application level initialisation is empty
*/
return PSA_SUCCESS;
}
psa_status_t psa_open_key(psa_key_id_t id,
psa_key_handle_t *handle)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
const struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_OPEN_KEY_SID,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = &id, .len = sizeof(psa_key_id_t)},
};
psa_outvec out_vec[] = {
{.base = handle, .len = sizeof(psa_key_handle_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_open_key,
TFM_CRYPTO_OPEN_KEY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_close_key(psa_key_handle_t handle)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
const struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CLOSE_KEY_SID,
.key_handle = handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_close_key,
TFM_CRYPTO_CLOSE_KEY);;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
const uint8_t *data,
size_t data_length,
psa_key_handle_t *handle)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_IMPORT_KEY_SID,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = attributes, .len = sizeof(psa_key_attributes_t)},
{.base = data, .len = data_length}
};
psa_outvec out_vec[] = {
{.base = handle, .len = sizeof(psa_key_handle_t)}
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_import_key,
TFM_CRYPTO_IMPORT_KEY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_destroy_key(psa_key_handle_t handle)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_DESTROY_KEY_SID,
.key_handle = handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_destroy_key,
TFM_CRYPTO_DESTROY_KEY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_get_key_attributes(psa_key_handle_t handle,
psa_key_attributes_t *attributes)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
.key_handle = handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = attributes, .len = sizeof(psa_key_attributes_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_get_key_attributes,
TFM_CRYPTO_GET_KEY_ATTRIBUTES);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
void psa_reset_key_attributes(psa_key_attributes_t *attributes)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return;
#else
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = attributes, .len = sizeof(psa_key_attributes_t)},
};
psa_handle_t ipc_handle;
ipc_handle = psa_connect(TFM_CRYPTO_SID, TFM_CRYPTO_VERSION);
if (!PSA_HANDLE_IS_VALID(ipc_handle)) {
return;
}
(void)API_DISPATCH(tfm_crypto_reset_key_attributes,
TFM_CRYPTO_RESET_KEY_ATTRIBUTES);
PSA_CLOSE();
return;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_export_key(psa_key_handle_t handle,
uint8_t *data,
size_t data_size,
size_t *data_length)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_EXPORT_KEY_SID,
.key_handle = handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = data, .len = data_size}
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_export_key,
TFM_CRYPTO_EXPORT_KEY);
*data_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_export_public_key(psa_key_handle_t handle,
uint8_t *data,
size_t data_size,
size_t *data_length)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
.key_handle = handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = data, .len = data_size}
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_export_public_key,
TFM_CRYPTO_EXPORT_PUBLIC_KEY);
*data_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_copy_key(psa_key_handle_t source_handle,
const psa_key_attributes_t *attributes,
psa_key_handle_t *target_handle)
{
#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_COPY_KEY_SID,
.key_handle = source_handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = attributes, .len = sizeof(psa_key_attributes_t)},
};
psa_outvec out_vec[] = {
{.base = target_handle, .len = sizeof(psa_key_handle_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_copy_key,
TFM_CRYPTO_COPY_KEY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */
}
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
unsigned char *iv,
size_t iv_size,
size_t *iv_length)
{
#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
{.base = iv, .len = iv_size},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_cipher_generate_iv,
TFM_CRYPTO_CIPHER_GENERATE_IV);
*iv_length = out_vec[1].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
}
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
const unsigned char *iv,
size_t iv_length)
{
#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = iv, .len = iv_length},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_cipher_set_iv,
TFM_CRYPTO_CIPHER_SET_IV);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
}
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
psa_key_handle_t handle,
psa_algorithm_t alg)
{
#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
.key_handle = handle,
.alg = alg,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_cipher_encrypt_setup,
TFM_CRYPTO_CIPHER_ENCRYPT_SETUP);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
}
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
psa_key_handle_t handle,
psa_algorithm_t alg)
{
#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
.key_handle = handle,
.alg = alg,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_cipher_decrypt_setup,
TFM_CRYPTO_CIPHER_DECRYPT_SETUP);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
}
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
unsigned char *output,
size_t output_size,
size_t *output_length)
{
#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = input, .len = input_length},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
{.base = output, .len = output_size}
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_cipher_update,
TFM_CRYPTO_CIPHER_UPDATE);
*output_length = out_vec[1].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
}
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
{
#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_cipher_abort,
TFM_CRYPTO_CIPHER_ABORT);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
}
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
{.base = output, .len = output_size},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_cipher_finish,
TFM_CRYPTO_CIPHER_FINISH);
*output_length = out_vec[1].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */
}
psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
psa_algorithm_t alg)
{
#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_HASH_SETUP_SID,
.alg = alg,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_hash_setup,
TFM_CRYPTO_HASH_SETUP);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
}
psa_status_t psa_hash_update(psa_hash_operation_t *operation,
const uint8_t *input,
size_t input_length)
{
#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_HASH_UPDATE_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = input, .len = input_length},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_hash_update,
TFM_CRYPTO_HASH_UPDATE);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
}
psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_HASH_FINISH_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
{.base = hash, .len = hash_size},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_hash_finish,
TFM_CRYPTO_HASH_FINISH);
*hash_length = out_vec[1].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
}
psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
const uint8_t *hash,
size_t hash_length)
{
#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_HASH_VERIFY_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = hash, .len = hash_length},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_hash_verify,
TFM_CRYPTO_HASH_VERIFY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
}
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
{
#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_HASH_ABORT_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_hash_abort,
TFM_CRYPTO_HASH_ABORT);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
}
psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
psa_hash_operation_t *target_operation)
{
#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_HASH_CLONE_SID,
.op_handle = source_operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = target_operation, .len = sizeof(psa_hash_operation_t)},
};
if (target_operation && (target_operation->handle != 0)) {
return PSA_ERROR_BAD_STATE;
}
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_hash_clone,
TFM_CRYPTO_HASH_CLONE);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
}
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
psa_key_handle_t handle,
psa_algorithm_t alg)
{
#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
.key_handle = handle,
.alg = alg,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_mac_sign_setup,
TFM_CRYPTO_MAC_SIGN_SETUP);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
}
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
psa_key_handle_t handle,
psa_algorithm_t alg)
{
#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
.key_handle = handle,
.alg = alg,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_mac_verify_setup,
TFM_CRYPTO_MAC_VERIFY_SETUP);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
}
psa_status_t psa_mac_update(psa_mac_operation_t *operation,
const uint8_t *input,
size_t input_length)
{
#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_MAC_UPDATE_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = input, .len = input_length},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_mac_update,
TFM_CRYPTO_MAC_UPDATE);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
}
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
uint8_t *mac,
size_t mac_size,
size_t *mac_length)
{
#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
{.base = mac, .len = mac_size},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_mac_sign_finish,
TFM_CRYPTO_MAC_SIGN_FINISH);
*mac_length = out_vec[1].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
}
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
const uint8_t *mac,
size_t mac_length)
{
#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = mac, .len = mac_length},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_mac_verify_finish,
TFM_CRYPTO_MAC_VERIFY_FINISH);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
}
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
{
#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_MAC_ABORT_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_mac_abort,
TFM_CRYPTO_MAC_ABORT);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */
}
psa_status_t psa_aead_encrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *nonce,
size_t nonce_length,
const uint8_t *additional_data,
size_t additional_data_length,
const uint8_t *plaintext,
size_t plaintext_length,
uint8_t *ciphertext,
size_t ciphertext_size,
size_t *ciphertext_length)
{
#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
.key_handle = handle,
.alg = alg,
.aead_in = {.nonce = {0}, .nonce_length = nonce_length}
};
/* Sanitize the optional input */
if ((additional_data == NULL) && (additional_data_length != 0)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
size_t idx = 0;
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = plaintext, .len = plaintext_length},
{.base = additional_data, .len = additional_data_length},
};
psa_outvec out_vec[] = {
{.base = ciphertext, .len = ciphertext_size},
};
if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) {
return PSA_ERROR_INVALID_ARGUMENT;
}
if (nonce != NULL) {
for (idx = 0; idx < nonce_length; idx++) {
iov.aead_in.nonce[idx] = nonce[idx];
}
}
PSA_CONNECT(TFM_CRYPTO);
size_t in_len = ARRAY_SIZE(in_vec);
if (additional_data == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
*ciphertext_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
}
psa_status_t psa_aead_decrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *nonce,
size_t nonce_length,
const uint8_t *additional_data,
size_t additional_data_length,
const uint8_t *ciphertext,
size_t ciphertext_length,
uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length)
{
#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
.key_handle = handle,
.alg = alg,
.aead_in = {.nonce = {0}, .nonce_length = nonce_length}
};
/* Sanitize the optional input */
if ((additional_data == NULL) && (additional_data_length != 0)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
size_t idx = 0;
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = ciphertext, .len = ciphertext_length},
{.base = additional_data, .len = additional_data_length},
};
psa_outvec out_vec[] = {
{.base = plaintext, .len = plaintext_size},
};
if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) {
return PSA_ERROR_INVALID_ARGUMENT;
}
if (nonce != NULL) {
for (idx = 0; idx < nonce_length; idx++) {
iov.aead_in.nonce[idx] = nonce[idx];
}
}
PSA_CONNECT(TFM_CRYPTO);
size_t in_len = ARRAY_SIZE(in_vec);
if (additional_data == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
*plaintext_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */
}
psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
uint8_t *signature,
size_t signature_size,
size_t *signature_length)
{
return psa_sign_hash(handle, alg, hash, hash_length, signature, signature_size, signature_length);
}
psa_status_t psa_sign_hash(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
uint8_t *signature,
size_t signature_size,
size_t *signature_length)
{
#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_SIGN_HASH_SID,
.key_handle = handle,
.alg = alg,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = hash, .len = hash_length},
};
psa_outvec out_vec[] = {
{.base = signature, .len = signature_size},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_sign_hash,
TFM_CRYPTO_SIGN_HASH);
*signature_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
}
psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
const uint8_t *signature,
size_t signature_length)
{
return psa_verify_hash(handle, alg, hash, hash_length, signature, signature_length);
}
psa_status_t psa_verify_hash(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
const uint8_t *signature,
size_t signature_length)
{
#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_VERIFY_HASH_SID,
.key_handle = handle,
.alg = alg
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = hash, .len = hash_length},
{.base = signature, .len = signature_length}
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_verify_hash,
TFM_CRYPTO_VERIFY_HASH);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
}
psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *salt,
size_t salt_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
.key_handle = handle,
.alg = alg
};
/* Sanitize the optional input */
if ((salt == NULL) && (salt_length != 0)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = input, .len = input_length},
{.base = salt, .len = salt_length}
};
psa_outvec out_vec[] = {
{.base = output, .len = output_size},
};
PSA_CONNECT(TFM_CRYPTO);
size_t in_len = ARRAY_SIZE(in_vec);
if (salt == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
*output_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
}
psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *salt,
size_t salt_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
.key_handle = handle,
.alg = alg
};
/* Sanitize the optional input */
if ((salt == NULL) && (salt_length != 0)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = input, .len = input_length},
{.base = salt, .len = salt_length}
};
psa_outvec out_vec[] = {
{.base = output, .len = output_size},
};
PSA_CONNECT(TFM_CRYPTO);
size_t in_len = ARRAY_SIZE(in_vec);
if (salt == NULL) {
in_len--;
}
status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len,
out_vec, ARRAY_SIZE(out_vec));
*output_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_get_capacity(
const psa_key_derivation_operation_t *operation,
size_t *capacity)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = capacity, .len = sizeof(size_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_key_derivation_get_capacity,
TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_output_bytes(
psa_key_derivation_operation_t *operation,
uint8_t *output,
size_t output_length)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = output, .len = output_length},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_key_derivation_output_bytes,
TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_input_key(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
psa_key_handle_t handle)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
.key_handle = handle,
.step = step,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_key,
TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_abort(
psa_key_derivation_operation_t *operation)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_key_derivation_abort,
TFM_CRYPTO_KEY_DERIVATION_ABORT);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_key_agreement(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
psa_key_handle_t private_key,
const uint8_t *peer_key,
size_t peer_key_length)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
.key_handle = private_key,
.step = step,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = peer_key, .len = peer_key_length},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_key_agreement,
TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_generate_random(uint8_t *output,
size_t output_size)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = output, .len = output_size},
};
if (output_size == 0) {
return PSA_SUCCESS;
}
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_generate_random,
TFM_CRYPTO_GENERATE_RANDOM);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
psa_key_handle_t *handle)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_GENERATE_KEY_SID,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = attributes, .len = sizeof(psa_key_attributes_t)},
};
psa_outvec out_vec[] = {
{.base = handle, .len = sizeof(psa_key_handle_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_generate_key,
TFM_CRYPTO_GENERATE_KEY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
psa_key_type_t type,
const uint8_t *data,
size_t data_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_get_key_domain_parameters(
const psa_key_attributes_t *attributes,
uint8_t *data,
size_t data_size,
size_t *data_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_hash_compare(psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *hash,
const size_t hash_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
const uint8_t *input,
size_t input_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
uint8_t *ciphertext,
size_t ciphertext_size,
size_t *ciphertext_length,
uint8_t *tag,
size_t tag_size,
size_t *tag_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length,
const uint8_t *tag,
size_t tag_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_mac_compute(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *mac,
size_t mac_size,
size_t *mac_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_mac_verify(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *mac,
const size_t mac_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_cipher_encrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_cipher_decrypt(psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
psa_key_handle_t private_key,
const uint8_t *peer_key,
size_t peer_key_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
.alg = alg,
.key_handle = private_key
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = peer_key, .len = peer_key_length},
};
psa_outvec out_vec[] = {
{.base = output, .len = output_size},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_raw_key_agreement,
TFM_CRYPTO_RAW_KEY_AGREEMENT);
*output_length = out_vec[0].len;
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation,
psa_algorithm_t alg)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
.alg = alg,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
psa_outvec out_vec[] = {
{.base = &(operation->handle), .len = sizeof(uint32_t)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_key_derivation_setup,
TFM_CRYPTO_KEY_DERIVATION_SETUP);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_set_capacity(
psa_key_derivation_operation_t *operation,
size_t capacity)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
.capacity = capacity,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_set_capacity,
TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_input_bytes(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
const uint8_t *data,
size_t data_length)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
.step = step,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = data, .len = data_length},
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_bytes,
TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_key_derivation_output_key(
const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation,
psa_key_handle_t *handle)
{
#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
return PSA_ERROR_NOT_SUPPORTED;
#else
psa_status_t status;
struct tfm_crypto_pack_iovec iov = {
.sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
.op_handle = operation->handle,
};
psa_invec in_vec[] = {
{.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)},
{.base = attributes, .len = sizeof(psa_key_attributes_t)},
};
psa_outvec out_vec[] = {
{.base = handle, .len = sizeof(psa_key_handle_t)}
};
PSA_CONNECT(TFM_CRYPTO);
status = API_DISPATCH(tfm_crypto_key_derivation_output_key,
TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY);
PSA_CLOSE();
return status;
#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */
}
psa_status_t psa_hash_compute(psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
psa_key_handle_t handle,
psa_algorithm_t alg)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
psa_key_handle_t handle,
psa_algorithm_t alg)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
uint8_t *nonce,
size_t nonce_size,
size_t *nonce_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
const uint8_t *nonce,
size_t nonce_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
size_t ad_length,
size_t plaintext_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}
psa_status_t psa_aead_update(psa_aead_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
psa_status_t status;
status = PSA_ERROR_NOT_SUPPORTED;
return status;
}