« back to all changes in this revision
Viewing changes to mbedtls.old/psa_crypto_driver_wrappers.c
- browse files at revision 80
- compare with another revision
- download diff
- download tarball
- view history from revision 80
- Committer: teusjannette at gmail
- Date: 2021-10-15 18:20:48 UTC
- Revision ID: teusjannette@gmail.com-20211015182048-jxzor4v0vphq2avn
new upstream version
- files added:
- mbedtls.old/config_psa.h
- files removed:
- mbedtls/config_psa.h
- files modified:
- bb/logic.cpp
added
removed
mbedtls.old/psa_crypto_driver_wrappers.c
1
/*
2
* Functions to delegate cryptographic operations to an available
3
* and appropriate accelerator.
4
* Warning: This file will be auto-generated in the future.
5
*/
6
/* Copyright The Mbed TLS Contributors
7
* SPDX-License-Identifier: Apache-2.0
8
*
9
* Licensed under the Apache License, Version 2.0 (the "License"); you may
10
* not use this file except in compliance with the License.
11
* You may obtain a copy of the License at
12
*
13
* http://www.apache.org/licenses/LICENSE-2.0
14
*
15
* Unless required by applicable law or agreed to in writing, software
16
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18
* See the License for the specific language governing permissions and
19
* limitations under the License.
20
*/
21
22
#include "psa_crypto_core.h"
23
#include "psa_crypto_driver_wrappers.h"
24
#include "mbedtls/platform.h"
25
26
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
27
28
/* Include test driver definition when running tests */
29
#if defined(PSA_CRYPTO_DRIVER_TEST)
30
#ifndef PSA_CRYPTO_DRIVER_PRESENT
31
#define PSA_CRYPTO_DRIVER_PRESENT
32
#endif
33
#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
34
#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
35
#endif
36
#include "test/drivers/test_driver.h"
37
#endif /* PSA_CRYPTO_DRIVER_TEST */
38
39
/* Repeat above block for each JSON-declared driver during autogeneration */
40
41
/* Auto-generated values depending on which drivers are registered. ID 0 is
42
* reserved for unallocated operations. */
43
#if defined(PSA_CRYPTO_DRIVER_TEST)
44
#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (1)
45
#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (2)
46
#endif /* PSA_CRYPTO_DRIVER_TEST */
47
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
48
49
/* Support the 'old' SE interface when asked to */
50
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
51
/* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
52
* SE driver is present, to avoid unused argument errors at compile time. */
53
#ifndef PSA_CRYPTO_DRIVER_PRESENT
54
#define PSA_CRYPTO_DRIVER_PRESENT
55
#endif
56
#include "psa_crypto_se.h"
57
#endif
58
59
/* Start delegation functions */
60
psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
61
psa_algorithm_t alg,
62
const uint8_t *hash,
63
size_t hash_length,
64
uint8_t *signature,
65
size_t signature_size,
66
size_t *signature_length )
67
{
68
#if defined(PSA_CRYPTO_DRIVER_PRESENT)
69
/* Try dynamically-registered SE interface first */
70
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
71
const psa_drv_se_t *drv;
72
psa_drv_se_context_t *drv_context;
73
74
if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
75
{
76
if( drv->asymmetric == NULL ||
77
drv->asymmetric->p_sign == NULL )
78
{
79
/* Key is defined in SE, but we have no way to exercise it */
80
return( PSA_ERROR_NOT_SUPPORTED );
81
}
82
return( drv->asymmetric->p_sign( drv_context,
83
slot->data.se.slot_number,
84
alg,
85
hash, hash_length,
86
signature, signature_size,
87
signature_length ) );
88
}
89
#endif /* PSA_CRYPTO_SE_C */
90
91
/* Then try accelerator API */
92
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
93
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
94
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
95
psa_key_attributes_t attributes = {
96
.core = slot->attr
97
};
98
99
switch( location )
100
{
101
case PSA_KEY_LOCATION_LOCAL_STORAGE:
102
/* Key is stored in the slot in export representation, so
103
* cycle through all known transparent accelerators */
104
#if defined(PSA_CRYPTO_DRIVER_TEST)
105
status = test_transparent_signature_sign_hash( &attributes,
106
slot->data.key.data,
107
slot->data.key.bytes,
108
alg,
109
hash,
110
hash_length,
111
signature,
112
signature_size,
113
signature_length );
114
/* Declared with fallback == true */
115
if( status != PSA_ERROR_NOT_SUPPORTED )
116
return( status );
117
#endif /* PSA_CRYPTO_DRIVER_TEST */
118
/* Fell through, meaning no accelerator supports this operation */
119
return( PSA_ERROR_NOT_SUPPORTED );
120
/* Add cases for opaque driver here */
121
#if defined(PSA_CRYPTO_DRIVER_TEST)
122
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
123
return( test_opaque_signature_sign_hash( &attributes,
124
slot->data.key.data,
125
slot->data.key.bytes,
126
alg,
127
hash,
128
hash_length,
129
signature,
130
signature_size,
131
signature_length ) );
132
#endif /* PSA_CRYPTO_DRIVER_TEST */
133
default:
134
/* Key is declared with a lifetime not known to us */
135
return( status );
136
}
137
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
138
return( PSA_ERROR_NOT_SUPPORTED );
139
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
140
#else /* PSA_CRYPTO_DRIVER_PRESENT */
141
(void)slot;
142
(void)alg;
143
(void)hash;
144
(void)hash_length;
145
(void)signature;
146
(void)signature_size;
147
(void)signature_length;
148
149
return( PSA_ERROR_NOT_SUPPORTED );
150
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
151
}
152
153
psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
154
psa_algorithm_t alg,
155
const uint8_t *hash,
156
size_t hash_length,
157
const uint8_t *signature,
158
size_t signature_length )
159
{
160
#if defined(PSA_CRYPTO_DRIVER_PRESENT)
161
/* Try dynamically-registered SE interface first */
162
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
163
const psa_drv_se_t *drv;
164
psa_drv_se_context_t *drv_context;
165
166
if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
167
{
168
if( drv->asymmetric == NULL ||
169
drv->asymmetric->p_verify == NULL )
170
{
171
/* Key is defined in SE, but we have no way to exercise it */
172
return( PSA_ERROR_NOT_SUPPORTED );
173
}
174
return( drv->asymmetric->p_verify( drv_context,
175
slot->data.se.slot_number,
176
alg,
177
hash, hash_length,
178
signature, signature_length ) );
179
}
180
#endif /* PSA_CRYPTO_SE_C */
181
182
/* Then try accelerator API */
183
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
184
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
185
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
186
psa_key_attributes_t attributes = {
187
.core = slot->attr
188
};
189
190
switch( location )
191
{
192
case PSA_KEY_LOCATION_LOCAL_STORAGE:
193
/* Key is stored in the slot in export representation, so
194
* cycle through all known transparent accelerators */
195
#if defined(PSA_CRYPTO_DRIVER_TEST)
196
status = test_transparent_signature_verify_hash( &attributes,
197
slot->data.key.data,
198
slot->data.key.bytes,
199
alg,
200
hash,
201
hash_length,
202
signature,
203
signature_length );
204
/* Declared with fallback == true */
205
if( status != PSA_ERROR_NOT_SUPPORTED )
206
return( status );
207
#endif /* PSA_CRYPTO_DRIVER_TEST */
208
/* Fell through, meaning no accelerator supports this operation */
209
return( PSA_ERROR_NOT_SUPPORTED );
210
/* Add cases for opaque driver here */
211
#if defined(PSA_CRYPTO_DRIVER_TEST)
212
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
213
return( test_opaque_signature_verify_hash( &attributes,
214
slot->data.key.data,
215
slot->data.key.bytes,
216
alg,
217
hash,
218
hash_length,
219
signature,
220
signature_length ) );
221
#endif /* PSA_CRYPTO_DRIVER_TEST */
222
default:
223
/* Key is declared with a lifetime not known to us */
224
return( status );
225
}
226
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
227
return( PSA_ERROR_NOT_SUPPORTED );
228
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
229
#else /* PSA_CRYPTO_DRIVER_PRESENT */
230
(void)slot;
231
(void)alg;
232
(void)hash;
233
(void)hash_length;
234
(void)signature;
235
(void)signature_length;
236
237
return( PSA_ERROR_NOT_SUPPORTED );
238
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
239
}
240
241
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
242
/** Calculate the size to allocate for buffering a key with given attributes.
243
*
244
* This function provides a way to get the expected size for storing a key with
245
* the given attributes. This will be the size of the export representation for
246
* cleartext keys, and a driver-defined size for keys stored by opaque drivers.
247
*
248
* \param[in] attributes The key attribute structure of the key to store.
249
* \param[out] expected_size On success, a byte size large enough to contain
250
* the declared key.
251
*
252
* \retval #PSA_SUCCESS
253
* \retval #PSA_ERROR_NOT_SUPPORTED
254
*/
255
static psa_status_t get_expected_key_size( const psa_key_attributes_t *attributes,
256
size_t *expected_size )
257
{
258
size_t buffer_size = 0;
259
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
260
psa_key_type_t key_type = attributes->core.type;
261
size_t key_bits = attributes->core.bits;
262
263
switch( location )
264
{
265
case PSA_KEY_LOCATION_LOCAL_STORAGE:
266
buffer_size = PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits );
267
268
if( buffer_size == 0 )
269
return( PSA_ERROR_NOT_SUPPORTED );
270
271
*expected_size = buffer_size;
272
return( PSA_SUCCESS );
273
274
#if defined(PSA_CRYPTO_DRIVER_TEST)
275
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
276
#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
277
*expected_size = test_size_function( key_type, key_bits );
278
return( PSA_SUCCESS );
279
#else /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
280
if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) )
281
{
282
int public_key_overhead = ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) ?
283
PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) : 0 );
284
*expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
285
+ TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE
286
+ public_key_overhead;
287
}
288
else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( attributes->core.type ) )
289
{
290
*expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
291
+ TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE;
292
}
293
else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) &&
294
!PSA_KEY_TYPE_IS_PUBLIC_KEY ( attributes->core.type ) )
295
{
296
*expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
297
+ TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR
298
* ( ( key_bits + 7 ) / 8 );
299
}
300
else
301
{
302
return( PSA_ERROR_NOT_SUPPORTED );
303
}
304
return( PSA_SUCCESS );
305
#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
306
#endif /* PSA_CRYPTO_DRIVER_TEST */
307
308
default:
309
return( PSA_ERROR_NOT_SUPPORTED );
310
}
311
}
312
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
313
314
psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
315
psa_key_slot_t *slot )
316
{
317
#if defined(PSA_CRYPTO_DRIVER_PRESENT)
318
/* Try dynamically-registered SE interface first */
319
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
320
const psa_drv_se_t *drv;
321
psa_drv_se_context_t *drv_context;
322
323
if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
324
{
325
size_t pubkey_length = 0; /* We don't support this feature yet */
326
if( drv->key_management == NULL ||
327
drv->key_management->p_generate == NULL )
328
{
329
/* Key is defined as being in SE, but we have no way to generate it */
330
return( PSA_ERROR_NOT_SUPPORTED );
331
}
332
return( drv->key_management->p_generate(
333
drv_context,
334
slot->data.se.slot_number, attributes,
335
NULL, 0, &pubkey_length ) );
336
}
337
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
338
339
/* Then try accelerator API */
340
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
341
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
342
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
343
size_t export_size = 0;
344
345
status = get_expected_key_size( attributes, &export_size );
346
if( status != PSA_SUCCESS )
347
return( status );
348
349
slot->data.key.data = mbedtls_calloc(1, export_size);
350
if( slot->data.key.data == NULL )
351
return( PSA_ERROR_INSUFFICIENT_MEMORY );
352
slot->data.key.bytes = export_size;
353
354
switch( location )
355
{
356
case PSA_KEY_LOCATION_LOCAL_STORAGE:
357
/* Key is stored in the slot in export representation, so
358
* cycle through all known transparent accelerators */
359
360
/* Transparent drivers are limited to generating asymmetric keys */
361
if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
362
{
363
status = PSA_ERROR_NOT_SUPPORTED;
364
break;
365
}
366
#if defined(PSA_CRYPTO_DRIVER_TEST)
367
status = test_transparent_generate_key( attributes,
368
slot->data.key.data,
369
slot->data.key.bytes,
370
&slot->data.key.bytes );
371
/* Declared with fallback == true */
372
if( status != PSA_ERROR_NOT_SUPPORTED )
373
break;
374
#endif /* PSA_CRYPTO_DRIVER_TEST */
375
/* Fell through, meaning no accelerator supports this operation */
376
status = PSA_ERROR_NOT_SUPPORTED;
377
break;
378
/* Add cases for opaque driver here */
379
#if defined(PSA_CRYPTO_DRIVER_TEST)
380
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
381
status = test_opaque_generate_key( attributes,
382
slot->data.key.data,
383
slot->data.key.bytes,
384
&slot->data.key.bytes );
385
break;
386
#endif /* PSA_CRYPTO_DRIVER_TEST */
387
default:
388
/* Key is declared with a lifetime not known to us */
389
status = PSA_ERROR_INVALID_ARGUMENT;
390
break;
391
}
392
393
if( status != PSA_SUCCESS )
394
{
395
/* free allocated buffer */
396
mbedtls_free( slot->data.key.data );
397
slot->data.key.data = NULL;
398
slot->data.key.bytes = 0;
399
}
400
401
return( status );
402
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
403
return( PSA_ERROR_NOT_SUPPORTED );
404
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
405
#else /* PSA_CRYPTO_DRIVER_PRESENT */
406
(void) attributes;
407
(void) slot;
408
409
return( PSA_ERROR_NOT_SUPPORTED );
410
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
411
}
412
413
psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
414
const uint8_t *data,
415
size_t data_length,
416
size_t *bits )
417
{
418
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
419
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
420
/* Try accelerators in turn */
421
#if defined(PSA_CRYPTO_DRIVER_TEST)
422
status = test_transparent_validate_key( attributes,
423
data,
424
data_length,
425
bits );
426
/* Declared with fallback == true */
427
if( status != PSA_ERROR_NOT_SUPPORTED )
428
return( status );
429
#endif /* PSA_CRYPTO_DRIVER_TEST */
430
431
return( PSA_ERROR_NOT_SUPPORTED );
432
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
433
(void) attributes;
434
(void) data;
435
(void) data_length;
436
(void) bits;
437
return( PSA_ERROR_NOT_SUPPORTED );
438
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
439
}
440
441
psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
442
uint8_t *data,
443
size_t data_size,
444
size_t *data_length )
445
{
446
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
447
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
448
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
449
psa_key_attributes_t attributes = {
450
.core = slot->attr
451
};
452
453
switch( location )
454
{
455
case PSA_KEY_LOCATION_LOCAL_STORAGE:
456
/* Key is stored in the slot in export representation, so
457
* cycle through all known transparent accelerators */
458
#if defined(PSA_CRYPTO_DRIVER_TEST)
459
status = test_transparent_export_public_key( &attributes,
460
slot->data.key.data,
461
slot->data.key.bytes,
462
data,
463
data_size,
464
data_length );
465
/* Declared with fallback == true */
466
if( status != PSA_ERROR_NOT_SUPPORTED )
467
return( status );
468
#endif /* PSA_CRYPTO_DRIVER_TEST */
469
/* Fell through, meaning no accelerator supports this operation */
470
return( PSA_ERROR_NOT_SUPPORTED );
471
/* Add cases for opaque driver here */
472
#if defined(PSA_CRYPTO_DRIVER_TEST)
473
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
474
return( test_opaque_export_public_key( &attributes,
475
slot->data.key.data,
476
slot->data.key.bytes,
477
data,
478
data_size,
479
data_length ) );
480
#endif /* PSA_CRYPTO_DRIVER_TEST */
481
default:
482
/* Key is declared with a lifetime not known to us */
483
return( status );
484
}
485
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
486
(void) slot;
487
(void) data;
488
(void) data_size;
489
(void) data_length;
490
return( PSA_ERROR_NOT_SUPPORTED );
491
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
492
}
493
494
/*
495
* Cipher functions
496
*/
497
psa_status_t psa_driver_wrapper_cipher_encrypt(
498
psa_key_slot_t *slot,
499
psa_algorithm_t alg,
500
const uint8_t *input,
501
size_t input_length,
502
uint8_t *output,
503
size_t output_size,
504
size_t *output_length )
505
{
506
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
507
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
508
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
509
psa_key_attributes_t attributes = {
510
.core = slot->attr
511
};
512
513
switch( location )
514
{
515
case PSA_KEY_LOCATION_LOCAL_STORAGE:
516
/* Key is stored in the slot in export representation, so
517
* cycle through all known transparent accelerators */
518
#if defined(PSA_CRYPTO_DRIVER_TEST)
519
status = test_transparent_cipher_encrypt( &attributes,
520
slot->data.key.data,
521
slot->data.key.bytes,
522
alg,
523
input,
524
input_length,
525
output,
526
output_size,
527
output_length );
528
/* Declared with fallback == true */
529
if( status != PSA_ERROR_NOT_SUPPORTED )
530
return( status );
531
#endif /* PSA_CRYPTO_DRIVER_TEST */
532
/* Fell through, meaning no accelerator supports this operation */
533
return( PSA_ERROR_NOT_SUPPORTED );
534
/* Add cases for opaque driver here */
535
#if defined(PSA_CRYPTO_DRIVER_TEST)
536
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
537
return( test_opaque_cipher_encrypt( &attributes,
538
slot->data.key.data,
539
slot->data.key.bytes,
540
alg,
541
input,
542
input_length,
543
output,
544
output_size,
545
output_length ) );
546
#endif /* PSA_CRYPTO_DRIVER_TEST */
547
default:
548
/* Key is declared with a lifetime not known to us */
549
return( status );
550
}
551
#else /* PSA_CRYPTO_DRIVER_PRESENT */
552
(void) slot;
553
(void) alg;
554
(void) input;
555
(void) input_length;
556
(void) output;
557
(void) output_size;
558
(void) output_length;
559
560
return( PSA_ERROR_NOT_SUPPORTED );
561
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
562
}
563
564
psa_status_t psa_driver_wrapper_cipher_decrypt(
565
psa_key_slot_t *slot,
566
psa_algorithm_t alg,
567
const uint8_t *input,
568
size_t input_length,
569
uint8_t *output,
570
size_t output_size,
571
size_t *output_length )
572
{
573
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
574
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
575
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
576
psa_key_attributes_t attributes = {
577
.core = slot->attr
578
};
579
580
switch( location )
581
{
582
case PSA_KEY_LOCATION_LOCAL_STORAGE:
583
/* Key is stored in the slot in export representation, so
584
* cycle through all known transparent accelerators */
585
#if defined(PSA_CRYPTO_DRIVER_TEST)
586
status = test_transparent_cipher_decrypt( &attributes,
587
slot->data.key.data,
588
slot->data.key.bytes,
589
alg,
590
input,
591
input_length,
592
output,
593
output_size,
594
output_length );
595
/* Declared with fallback == true */
596
if( status != PSA_ERROR_NOT_SUPPORTED )
597
return( status );
598
#endif /* PSA_CRYPTO_DRIVER_TEST */
599
/* Fell through, meaning no accelerator supports this operation */
600
return( PSA_ERROR_NOT_SUPPORTED );
601
/* Add cases for opaque driver here */
602
#if defined(PSA_CRYPTO_DRIVER_TEST)
603
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
604
return( test_opaque_cipher_decrypt( &attributes,
605
slot->data.key.data,
606
slot->data.key.bytes,
607
alg,
608
input,
609
input_length,
610
output,
611
output_size,
612
output_length ) );
613
#endif /* PSA_CRYPTO_DRIVER_TEST */
614
default:
615
/* Key is declared with a lifetime not known to us */
616
return( status );
617
}
618
#else /* PSA_CRYPTO_DRIVER_PRESENT */
619
(void) slot;
620
(void) alg;
621
(void) input;
622
(void) input_length;
623
(void) output;
624
(void) output_size;
625
(void) output_length;
626
627
return( PSA_ERROR_NOT_SUPPORTED );
628
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
629
}
630
631
psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
632
psa_operation_driver_context_t *operation,
633
psa_key_slot_t *slot,
634
psa_algorithm_t alg )
635
{
636
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
637
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
638
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
639
psa_key_attributes_t attributes = {
640
.core = slot->attr
641
};
642
643
switch( location )
644
{
645
case PSA_KEY_LOCATION_LOCAL_STORAGE:
646
/* Key is stored in the slot in export representation, so
647
* cycle through all known transparent accelerators */
648
#if defined(PSA_CRYPTO_DRIVER_TEST)
649
operation->ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
650
if( operation->ctx == NULL )
651
return PSA_ERROR_INSUFFICIENT_MEMORY;
652
653
status = test_transparent_cipher_encrypt_setup( operation->ctx,
654
&attributes,
655
slot->data.key.data,
656
slot->data.key.bytes,
657
alg );
658
/* Declared with fallback == true */
659
if( status == PSA_SUCCESS )
660
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
661
else
662
{
663
mbedtls_platform_zeroize(
664
operation->ctx,
665
sizeof( test_transparent_cipher_operation_t ) );
666
mbedtls_free( operation->ctx );
667
operation->ctx = NULL;
668
}
669
670
return( status );
671
#endif /* PSA_CRYPTO_DRIVER_TEST */
672
/* Fell through, meaning no accelerator supports this operation */
673
return( PSA_ERROR_NOT_SUPPORTED );
674
/* Add cases for opaque driver here */
675
#if defined(PSA_CRYPTO_DRIVER_TEST)
676
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
677
operation->ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
678
if( operation->ctx == NULL )
679
return( PSA_ERROR_INSUFFICIENT_MEMORY );
680
681
status = test_opaque_cipher_encrypt_setup( operation->ctx,
682
&attributes,
683
slot->data.key.data,
684
slot->data.key.bytes,
685
alg );
686
if( status == PSA_SUCCESS )
687
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
688
else
689
{
690
mbedtls_platform_zeroize(
691
operation->ctx,
692
sizeof( test_opaque_cipher_operation_t ) );
693
mbedtls_free( operation->ctx );
694
operation->ctx = NULL;
695
}
696
697
return( status );
698
#endif /* PSA_CRYPTO_DRIVER_TEST */
699
default:
700
/* Key is declared with a lifetime not known to us */
701
return( PSA_ERROR_NOT_SUPPORTED );
702
}
703
#else /* PSA_CRYPTO_DRIVER_PRESENT */
704
(void)slot;
705
(void)alg;
706
(void)operation;
707
708
return( PSA_ERROR_NOT_SUPPORTED );
709
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
710
}
711
712
psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
713
psa_operation_driver_context_t *operation,
714
psa_key_slot_t *slot,
715
psa_algorithm_t alg )
716
{
717
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
718
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
719
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
720
psa_key_attributes_t attributes = {
721
.core = slot->attr
722
};
723
724
switch( location )
725
{
726
case PSA_KEY_LOCATION_LOCAL_STORAGE:
727
/* Key is stored in the slot in export representation, so
728
* cycle through all known transparent accelerators */
729
#if defined(PSA_CRYPTO_DRIVER_TEST)
730
operation->ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
731
if( operation->ctx == NULL )
732
return( PSA_ERROR_INSUFFICIENT_MEMORY );
733
734
status = test_transparent_cipher_decrypt_setup( operation->ctx,
735
&attributes,
736
slot->data.key.data,
737
slot->data.key.bytes,
738
alg );
739
/* Declared with fallback == true */
740
if( status == PSA_SUCCESS )
741
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
742
else
743
{
744
mbedtls_platform_zeroize(
745
operation->ctx,
746
sizeof( test_transparent_cipher_operation_t ) );
747
mbedtls_free( operation->ctx );
748
operation->ctx = NULL;
749
}
750
751
return( status );
752
#endif /* PSA_CRYPTO_DRIVER_TEST */
753
/* Fell through, meaning no accelerator supports this operation */
754
return( PSA_ERROR_NOT_SUPPORTED );
755
/* Add cases for opaque driver here */
756
#if defined(PSA_CRYPTO_DRIVER_TEST)
757
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
758
operation->ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
759
if( operation->ctx == NULL )
760
return PSA_ERROR_INSUFFICIENT_MEMORY;
761
762
status = test_opaque_cipher_decrypt_setup( operation->ctx,
763
&attributes,
764
slot->data.key.data,
765
slot->data.key.bytes,
766
alg );
767
if( status == PSA_SUCCESS )
768
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
769
else
770
{
771
mbedtls_platform_zeroize(
772
operation->ctx,
773
sizeof( test_opaque_cipher_operation_t ) );
774
mbedtls_free( operation->ctx );
775
operation->ctx = NULL;
776
}
777
778
return( status );
779
#endif /* PSA_CRYPTO_DRIVER_TEST */
780
default:
781
/* Key is declared with a lifetime not known to us */
782
return( PSA_ERROR_NOT_SUPPORTED );
783
}
784
#else /* PSA_CRYPTO_DRIVER_PRESENT */
785
(void)slot;
786
(void)alg;
787
(void)operation;
788
789
return( PSA_ERROR_NOT_SUPPORTED );
790
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
791
}
792
793
psa_status_t psa_driver_wrapper_cipher_generate_iv(
794
psa_operation_driver_context_t *operation,
795
uint8_t *iv,
796
size_t iv_size,
797
size_t *iv_length )
798
{
799
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
800
switch( operation->id )
801
{
802
#if defined(PSA_CRYPTO_DRIVER_TEST)
803
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
804
return( test_transparent_cipher_generate_iv( operation->ctx,
805
iv,
806
iv_size,
807
iv_length ) );
808
#endif /* PSA_CRYPTO_DRIVER_TEST */
809
#if defined(PSA_CRYPTO_DRIVER_TEST)
810
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
811
return( test_opaque_cipher_generate_iv( operation->ctx,
812
iv,
813
iv_size,
814
iv_length ) );
815
#endif /* PSA_CRYPTO_DRIVER_TEST */
816
default:
817
/* Key is attached to a driver not known to us */
818
return( PSA_ERROR_BAD_STATE );
819
}
820
#else /* PSA_CRYPTO_DRIVER_PRESENT */
821
(void) operation;
822
(void) iv;
823
(void) iv_size;
824
(void) iv_length;
825
826
return( PSA_ERROR_NOT_SUPPORTED );
827
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
828
}
829
830
psa_status_t psa_driver_wrapper_cipher_set_iv(
831
psa_operation_driver_context_t *operation,
832
const uint8_t *iv,
833
size_t iv_length )
834
{
835
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
836
switch( operation->id )
837
{
838
#if defined(PSA_CRYPTO_DRIVER_TEST)
839
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
840
return( test_transparent_cipher_set_iv( operation->ctx,
841
iv,
842
iv_length ) );
843
#endif /* PSA_CRYPTO_DRIVER_TEST */
844
#if defined(PSA_CRYPTO_DRIVER_TEST)
845
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
846
return( test_opaque_cipher_set_iv( operation->ctx,
847
iv,
848
iv_length ) );
849
#endif /* PSA_CRYPTO_DRIVER_TEST */
850
default:
851
/* Key is attached to a driver not known to us */
852
return( PSA_ERROR_BAD_STATE );
853
}
854
#else /* PSA_CRYPTO_DRIVER_PRESENT */
855
(void) operation;
856
(void) iv;
857
(void) iv_length;
858
859
return( PSA_ERROR_NOT_SUPPORTED );
860
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
861
}
862
863
psa_status_t psa_driver_wrapper_cipher_update(
864
psa_operation_driver_context_t *operation,
865
const uint8_t *input,
866
size_t input_length,
867
uint8_t *output,
868
size_t output_size,
869
size_t *output_length )
870
{
871
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
872
switch( operation->id )
873
{
874
#if defined(PSA_CRYPTO_DRIVER_TEST)
875
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
876
return( test_transparent_cipher_update( operation->ctx,
877
input,
878
input_length,
879
output,
880
output_size,
881
output_length ) );
882
#endif /* PSA_CRYPTO_DRIVER_TEST */
883
#if defined(PSA_CRYPTO_DRIVER_TEST)
884
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
885
return( test_opaque_cipher_update( operation->ctx,
886
input,
887
input_length,
888
output,
889
output_size,
890
output_length ) );
891
#endif /* PSA_CRYPTO_DRIVER_TEST */
892
default:
893
/* Key is attached to a driver not known to us */
894
return( PSA_ERROR_BAD_STATE );
895
}
896
#else /* PSA_CRYPTO_DRIVER_PRESENT */
897
(void) operation;
898
(void) input;
899
(void) input_length;
900
(void) output;
901
(void) output_length;
902
(void) output_size;
903
904
return( PSA_ERROR_NOT_SUPPORTED );
905
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
906
}
907
908
psa_status_t psa_driver_wrapper_cipher_finish(
909
psa_operation_driver_context_t *operation,
910
uint8_t *output,
911
size_t output_size,
912
size_t *output_length )
913
{
914
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
915
switch( operation->id )
916
{
917
#if defined(PSA_CRYPTO_DRIVER_TEST)
918
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
919
return( test_transparent_cipher_finish( operation->ctx,
920
output,
921
output_size,
922
output_length ) );
923
#endif /* PSA_CRYPTO_DRIVER_TEST */
924
#if defined(PSA_CRYPTO_DRIVER_TEST)
925
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
926
return( test_opaque_cipher_finish( operation->ctx,
927
output,
928
output_size,
929
output_length ) );
930
#endif /* PSA_CRYPTO_DRIVER_TEST */
931
default:
932
/* Key is attached to a driver not known to us */
933
return( PSA_ERROR_BAD_STATE );
934
}
935
#else /* PSA_CRYPTO_DRIVER_PRESENT */
936
(void) operation;
937
(void) output;
938
(void) output_size;
939
(void) output_length;
940
941
return( PSA_ERROR_NOT_SUPPORTED );
942
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
943
}
944
945
psa_status_t psa_driver_wrapper_cipher_abort(
946
psa_operation_driver_context_t *operation )
947
{
948
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
949
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
950
951
/* The object has (apparently) been initialized but it is not in use. It's
952
* ok to call abort on such an object, and there's nothing to do. */
953
if( operation->ctx == NULL && operation->id == 0 )
954
return( PSA_SUCCESS );
955
956
switch( operation->id )
957
{
958
#if defined(PSA_CRYPTO_DRIVER_TEST)
959
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
960
status = test_transparent_cipher_abort( operation->ctx );
961
mbedtls_platform_zeroize(
962
operation->ctx,
963
sizeof( test_transparent_cipher_operation_t ) );
964
mbedtls_free( operation->ctx );
965
operation->ctx = NULL;
966
operation->id = 0;
967
968
return( status );
969
#endif /* PSA_CRYPTO_DRIVER_TEST */
970
#if defined(PSA_CRYPTO_DRIVER_TEST)
971
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
972
status = test_opaque_cipher_abort( operation->ctx );
973
mbedtls_platform_zeroize(
974
operation->ctx,
975
sizeof( test_opaque_cipher_operation_t ) );
976
mbedtls_free( operation->ctx );
977
operation->ctx = NULL;
978
operation->id = 0;
979
980
return( status );
981
#endif /* PSA_CRYPTO_DRIVER_TEST */
982
default:
983
/* Operation is attached to a driver not known to us */
984
return( PSA_ERROR_BAD_STATE );
985
}
986
#else /* PSA_CRYPTO_DRIVER_PRESENT */
987
(void)operation;
988
989
return( PSA_ERROR_NOT_SUPPORTED );
990
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
991
}
992
993
/* End of automatically generated file. */
Loggerhead is a web-based interface for Breezy
Version: 2.0.1