ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #9575 from itayzafrir/crypto-64-bit-key-ids 

Crypto IPC 64 bit key ids for ITS
pull/10797/head
Martin Kojtal 2019-02-27 09:29:18 +01:00 committed by GitHub
parent d96c9e8800 fc2b0726b6
commit 5ab69d5d6b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 172 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

295
components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c
View File

@ -23,16 +23,22 @@
#include <stdlib.h>
#include <string.h>
#include "psa_crypto_srv_ifs.h"
#include "psa/client.h"
#include "crypto.h"
#include "crypto_platform_spe.h"
#include "mbed_assert.h"
#define MINOR_VER 1
#define CLIENT_PSA_KEY_ID_SIZE_IN_BYTES 4
MBED_STATIC_ASSERT(sizeof(psa_key_id_t) == CLIENT_PSA_KEY_ID_SIZE_IN_BYTES, "Unexpected psa_key_id_t size");
psa_status_t psa_crypto_init(void)
{
psa_status_t err_call;
psa_status_t status;
psa_handle_t handle = PSA_NULL_HANDLE;
handle = psa_connect(PSA_CRYPTO_INIT_ID, MINOR_VER);
@ -40,10 +46,10 @@ psa_status_t psa_crypto_init(void)
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, NULL, 0, NULL, 0);
status = psa_call(handle, NULL, 0, NULL, 0);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
/****************************************************************/
@ -52,7 +58,7 @@ psa_status_t psa_crypto_init(void)
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
if (operation->handle <= 0) {
@ -63,11 +69,11 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
psa_invec in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) };
err_call = psa_call(operation->handle, &in_vec, 1, NULL, 0);
status = psa_call(operation->handle, &in_vec, 1, NULL, 0);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
static psa_status_t psa_mac_setup(psa_mac_operation_t *operation,
@ -75,7 +81,7 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation,
psa_algorithm_t alg,
psa_sec_function_t func)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = func;
@ -90,9 +96,8 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return ((psa_status_t) err);
status = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return (status);
}
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
@ -119,7 +124,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
const uint8_t *input,
size_t input_length)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = PSA_MAC_UPDATE;
@ -132,9 +137,8 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err = psa_call(operation->handle, in_vec, 2, NULL, 0);
return ((psa_status_t) err);
status = psa_call(operation->handle, in_vec, 2, NULL, 0);
return (status);
}
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
@ -142,7 +146,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
size_t mac_size,
size_t *mac_length)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = PSA_MAC_SIGN_FINISH;
@ -156,18 +160,18 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(operation->handle, in_vec, 2, out_vec, 2);
status = psa_call(operation->handle, in_vec, 2, out_vec, 2);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
const uint8_t *mac,
size_t mac_length)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = PSA_MAC_VERIFY_FINISH;
@ -181,11 +185,11 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(operation->handle, in_vec, 3, NULL, 0);
status = psa_call(operation->handle, in_vec, 3, NULL, 0);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
@ -195,7 +199,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
if (operation->handle <= 0) {
@ -206,17 +210,17 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
psa_invec in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) };
err_call = psa_call(operation->handle, &in_vec, 1, NULL, 0);
status = psa_call(operation->handle, &in_vec, 1, NULL, 0);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
psa_algorithm_t alg)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = PSA_HASH_SETUP;
@ -229,16 +233,15 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return ((psa_status_t) err);
status = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return (status);
}
psa_status_t psa_hash_update(psa_hash_operation_t *operation,
const uint8_t *input,
size_t input_length)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = PSA_HASH_UPDATE;
@ -251,9 +254,8 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err = psa_call(operation->handle, in_vec, 2, NULL, 0);
return ((psa_status_t) err);
status = psa_call(operation->handle, in_vec, 2, NULL, 0);
return (status);
}
psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
@ -261,7 +263,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
size_t hash_size,
size_t *hash_length)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = PSA_HASH_FINISH;
@ -277,18 +279,18 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(operation->handle, in_vec, 2, out_vec, 2);
status = psa_call(operation->handle, in_vec, 2, out_vec, 2);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
const uint8_t *hash,
size_t hash_length)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_crypto_ipc.func = PSA_HASH_VERIFY;
@ -302,17 +304,17 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(operation->handle, in_vec, 3, NULL, 0);
status = psa_call(operation->handle, in_vec, 3, NULL, 0);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
psa_hash_operation_t *target_operation)
{
psa_status_t err_call = 0;
psa_status_t status = 0;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
size_t index;
@ -332,20 +334,20 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
}
psa_crypto_ipc.func = PSA_HASH_CLONE_BEGIN;
err_call = psa_call(source_operation->handle, in_vec, 1, &out_vec, 1);
if (err_call != 0) {
status = psa_call(source_operation->handle, in_vec, 1, &out_vec, 1);
if (status != PSA_SUCCESS) {
goto exit;
}
psa_crypto_ipc.func = PSA_HASH_CLONE_END;
err_call = psa_call(target_operation->handle, in_vec, 2, NULL, 0);
status = psa_call(target_operation->handle, in_vec, 2, NULL, 0);
exit:
if (err_call != 0) {
if (status != PSA_SUCCESS) {
psa_close(target_operation->handle);
target_operation->handle = PSA_NULL_HANDLE;
}
return ((psa_status_t) err_call);
return (status);
}
/****************************************************************/
@ -364,7 +366,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t key_handle,
size_t *ciphertext_length)
{
psa_handle_t handle = PSA_NULL_HANDLE;
psa_status_t call_error = PSA_SUCCESS;
psa_status_t status = PSA_SUCCESS;
psa_crypto_ipc_aead_t psa_crypto_ipc = { 0, 0, 0, 0, 0, 0, { 0 } };
psa_invec in_vec[2];
psa_outvec out_vec[2];
@ -413,11 +415,10 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
call_error = psa_call(handle, in_vec, 2, out_vec, 2);
status = psa_call(handle, in_vec, 2, out_vec, 2);
psa_close(handle);
return ((psa_status_t)call_error);
return (status);
}
@ -434,7 +435,7 @@ psa_status_t psa_aead_decrypt(psa_key_handle_t key_handle,
size_t *plaintext_length)
{
psa_handle_t handle = PSA_NULL_HANDLE;
psa_status_t call_error = PSA_SUCCESS;
psa_status_t status = PSA_SUCCESS;
psa_crypto_ipc_aead_t psa_crypto_ipc = { 0, 0, 0, 0, 0, 0, { 0 } };
psa_invec in_vec[2];
psa_outvec out_vec[2];
@ -482,11 +483,10 @@ psa_status_t psa_aead_decrypt(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
call_error = psa_call(handle, in_vec, 2, out_vec, 2);
status = psa_call(handle, in_vec, 2, out_vec, 2);
psa_close(handle);
return ((psa_status_t)call_error);
return (status);
}
/****************************************************************/
@ -502,7 +502,7 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t key_handle,
size_t *signature_length)
{
psa_handle_t handle = PSA_NULL_HANDLE;
psa_status_t call_error = PSA_SUCCESS;
psa_status_t status = PSA_SUCCESS;
psa_crypto_ipc_asymmetric_t psa_crypto_ipc = { 0, 0, 0, 0, 0 };
psa_invec in_vec[2];
psa_outvec out_vec[2];
@ -530,11 +530,10 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
call_error = psa_call(handle, in_vec, 2, out_vec, 2);
status = psa_call(handle, in_vec, 2, out_vec, 2);
psa_close(handle);
return ((psa_status_t)call_error);
return (status);
}
psa_status_t psa_asymmetric_verify(psa_key_handle_t key_handle,
@ -545,7 +544,7 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t key_handle,
size_t signature_size)
{
psa_handle_t handle = PSA_NULL_HANDLE;
psa_status_t call_error = PSA_SUCCESS;
psa_status_t status = PSA_SUCCESS;
psa_crypto_ipc_asymmetric_t psa_crypto_ipc = { 0, 0, 0, 0, 0 };
psa_invec in_vec[3];
@ -567,10 +566,10 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t key_handle,
if (handle <= 0) {
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
call_error = psa_call(handle, in_vec, 3, NULL, 0);
status = psa_call(handle, in_vec, 3, NULL, 0);
psa_close(handle);
return ((psa_status_t)call_error);
return (status);
}
static psa_status_t psa_asymmetric_operation(psa_sec_function_t func,
@ -585,7 +584,7 @@ static psa_status_t psa_asymmetric_operation(psa_sec_function_t func,
size_t *output_length)
{
psa_handle_t handle = PSA_NULL_HANDLE;
psa_status_t call_error = PSA_SUCCESS;
psa_status_t status = PSA_SUCCESS;
psa_crypto_ipc_asymmetric_t psa_crypto_ipc = { 0, 0, 0, 0, 0 };
psa_invec in_vec[2];
psa_outvec out_vec[2];
@ -624,11 +623,10 @@ static psa_status_t psa_asymmetric_operation(psa_sec_function_t func,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
call_error = psa_call(handle, in_vec, 2, out_vec, 2);
status = psa_call(handle, in_vec, 2, out_vec, 2);
psa_close(handle);
return ((psa_status_t)call_error);
return (status);
}
psa_status_t psa_asymmetric_encrypt(psa_key_handle_t key_handle,
@ -673,7 +671,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_handle_t key_handle,
psa_status_t psa_allocate_key(psa_key_handle_t *key_handle)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = *key_handle;
psa_key_mng_ipc.func = PSA_ALLOCATE_KEY;
@ -690,17 +688,17 @@ psa_status_t psa_allocate_key(psa_key_handle_t *key_handle)
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 1, out_vec, 1);
status = psa_call(handle, in_vec, 1, out_vec, 1);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
psa_key_id_t id,
psa_key_handle_t *key_handle)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = *key_handle;
psa_key_mng_ipc.lifetime = lifetime;
@ -720,17 +718,17 @@ psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 2, out_vec, 1);
status = psa_call(handle, in_vec, 2, out_vec, 1);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
psa_key_id_t id,
psa_key_handle_t *key_handle)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = *key_handle;
psa_key_mng_ipc.lifetime = lifetime;
@ -750,15 +748,15 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 2, out_vec, 1);
status = psa_call(handle, in_vec, 2, out_vec, 1);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_close_key(psa_key_handle_t key_handle)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.func = PSA_CLOSE_KEY;
@ -772,16 +770,16 @@ psa_status_t psa_close_key(psa_key_handle_t key_handle)
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 1, NULL, 0);
status = psa_call(handle, in_vec, 1, NULL, 0);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_get_key_lifetime(psa_key_handle_t key_handle,
psa_key_lifetime_t *lifetime)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.func = PSA_GET_KEY_LIFETIME;
@ -800,10 +798,10 @@ psa_status_t psa_get_key_lifetime(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 1, out_vec, 1);
status = psa_call(handle, in_vec, 1, out_vec, 1);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy)
@ -827,7 +825,7 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy,
psa_status_t psa_set_key_policy(psa_key_handle_t key_handle,
const psa_key_policy_t *policy)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.func = PSA_SET_KEY_POLICY;
@ -842,16 +840,16 @@ psa_status_t psa_set_key_policy(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 2, NULL, 0);
status = psa_call(handle, in_vec, 2, NULL, 0);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_get_key_policy(psa_key_handle_t key_handle,
psa_key_policy_t *policy)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.func = PSA_GET_KEY_POLICY;
@ -872,10 +870,10 @@ psa_status_t psa_get_key_policy(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 1, out_vec, 1);
status = psa_call(handle, in_vec, 1, out_vec, 1);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_import_key(psa_key_handle_t key_handle,
@ -883,7 +881,7 @@ psa_status_t psa_import_key(psa_key_handle_t key_handle,
const uint8_t *data,
size_t data_length)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.type = type;
@ -899,15 +897,15 @@ psa_status_t psa_import_key(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 2, NULL, 0);
status = psa_call(handle, in_vec, 2, NULL, 0);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_destroy_key(psa_key_handle_t key_handle)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.func = PSA_DESTROY_KEY;
@ -921,17 +919,17 @@ psa_status_t psa_destroy_key(psa_key_handle_t key_handle)
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 1, NULL, 0);
status = psa_call(handle, in_vec, 1, NULL, 0);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_get_key_information(psa_key_handle_t key_handle,
psa_key_type_t *type,
size_t *bits)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.func = PSA_GET_KEY_INFORMATION;
@ -956,10 +954,10 @@ psa_status_t psa_get_key_information(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 1, out_vec, 2);
status = psa_call(handle, in_vec, 1, out_vec, 2);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
static psa_status_t psa_export_key_common(psa_key_handle_t key_handle,
@ -968,7 +966,7 @@ static psa_status_t psa_export_key_common(psa_key_handle_t key_handle,
size_t *data_length,
psa_sec_function_t func)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.func = func;
@ -984,10 +982,10 @@ static psa_status_t psa_export_key_common(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 1, out_vec, 2);
status = psa_call(handle, in_vec, 1, out_vec, 2);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_export_key(psa_key_handle_t key_handle,
@ -1017,7 +1015,7 @@ psa_status_t psa_generate_key(psa_key_handle_t key_handle,
const void *parameters,
size_t parameters_size)
{
psa_status_t err_call;
psa_status_t status;
psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0, 0 };
psa_key_mng_ipc.handle = key_handle;
psa_key_mng_ipc.type = type;
@ -1041,10 +1039,10 @@ psa_status_t psa_generate_key(psa_key_handle_t key_handle,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, in_vec, 3, NULL, 0);
status = psa_call(handle, in_vec, 3, NULL, 0);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
/****************************************************************/
@ -1054,7 +1052,7 @@ psa_status_t psa_generate_key(psa_key_handle_t key_handle,
psa_status_t psa_generate_random(uint8_t *output,
size_t output_size)
{
psa_status_t err_call;
psa_status_t status;
psa_handle_t handle = PSA_NULL_HANDLE;
psa_outvec out_vec[1] = { { output, output_size } };
@ -1063,10 +1061,10 @@ psa_status_t psa_generate_random(uint8_t *output,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, NULL, 0, out_vec, 1);
status = psa_call(handle, NULL, 0, out_vec, 1);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
/****************************************************************/
@ -1076,7 +1074,7 @@ psa_status_t psa_generate_random(uint8_t *output,
psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
size_t seed_size)
{
psa_status_t err_call;
psa_status_t status;
psa_handle_t handle = PSA_NULL_HANDLE;
psa_invec in_vec = { seed, seed_size };
@ -1085,10 +1083,10 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(handle, &in_vec, 1, NULL, 0);
status = psa_call(handle, &in_vec, 1, NULL, 0);
psa_close(handle);
return ((psa_status_t) err_call);
return (status);
}
/****************************************************************/
/* PSA Generator */
@ -1096,7 +1094,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
size_t *capacity)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 };
psa_crypto_ipc.func = PSA_GET_GENERATOR_CAPACITY;
psa_invec in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) };
@ -1106,16 +1104,15 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(generator->handle, &in_vec, 1, &out_vec, 1);
return ((psa_status_t) err_call);
status = psa_call(generator->handle, &in_vec, 1, &out_vec, 1);
return (status);
}
psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
uint8_t *output,
size_t output_length)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 };
psa_crypto_ipc.func = PSA_GENERATOR_READ;
psa_invec in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) };
@ -1125,9 +1122,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(generator->handle, &in_vec, 1, &out_vec, 1);
return ((psa_status_t) err_call);
status = psa_call(generator->handle, &in_vec, 1, &out_vec, 1);
return (status);
}
psa_status_t psa_generator_import_key(psa_key_handle_t key_handle,
@ -1135,7 +1131,7 @@ psa_status_t psa_generator_import_key(psa_key_handle_t key_handle,
size_t bits,
psa_crypto_generator_t *generator)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 };
psa_crypto_ipc.handle = key_handle;
psa_crypto_ipc.func = PSA_GENERATOR_IMPORT_KEY;
@ -1148,9 +1144,8 @@ psa_status_t psa_generator_import_key(psa_key_handle_t key_handle,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(generator->handle, in_vec, 3, NULL, 0);
return ((psa_status_t) err_call);
status = psa_call(generator->handle, in_vec, 3, NULL, 0);
return (status);
}
psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
@ -1162,7 +1157,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
size_t label_length,
size_t capacity)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 };
psa_crypto_ipc.handle = key_handle;
psa_crypto_ipc.alg = alg;
@ -1179,9 +1174,8 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(generator->handle, in_vec, 3, NULL, 0);
return ((psa_status_t) err_call);
status = psa_call(generator->handle, in_vec, 3, NULL, 0);
return (status);
}
psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
@ -1190,7 +1184,7 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
size_t peer_key_length,
psa_algorithm_t alg)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 };
psa_crypto_ipc.handle = private_key_handle;
psa_crypto_ipc.alg = alg;
@ -1205,25 +1199,23 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err_call = psa_call(generator->handle, in_vec, 2, NULL, 0);
return ((psa_status_t) err_call);
status = psa_call(generator->handle, in_vec, 2, NULL, 0);
return (status);
}
psa_status_t psa_generator_abort(psa_crypto_generator_t *generator)
{
psa_status_t err_call = PSA_SUCCESS;
psa_status_t status = PSA_SUCCESS;
psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 };
psa_crypto_ipc.func = PSA_GENERATOR_ABORT;
psa_invec in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) };
if (generator->handle != PSA_NULL_HANDLE) {
err_call = psa_call(generator->handle, &in_vec, 1, NULL, 0);
status = psa_call(generator->handle, &in_vec, 1, NULL, 0);
psa_close(generator->handle);
generator->handle = PSA_NULL_HANDLE;
}
return ((psa_status_t) err_call);
return (status);
}
/****************************************************************/
@ -1234,7 +1226,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
psa_key_handle_t key_handle,
psa_algorithm_t alg)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_invec in_vec;
@ -1250,16 +1242,15 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return ((psa_status_t) err);
status = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return (status);
}
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
psa_key_handle_t key_handle,
psa_algorithm_t alg)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_invec in_vec;
@ -1277,9 +1268,8 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
return (PSA_ERROR_COMMUNICATION_FAILURE);
}
err = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return ((psa_status_t) err);
status = psa_call(operation->handle, &in_vec, 1, NULL, 0);
return (status);
}
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
@ -1287,7 +1277,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
size_t iv_size,
size_t *iv_length)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_invec in_vec;
psa_outvec out_vec[2];
@ -1309,16 +1299,15 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err = psa_call(operation->handle, &in_vec, 1, out_vec, 2);
return ((psa_status_t) err);
status = psa_call(operation->handle, &in_vec, 1, out_vec, 2);
return (status);
}
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
const unsigned char *iv,
size_t iv_length)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_invec in_vec[2];
@ -1335,9 +1324,8 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err = psa_call(operation->handle, in_vec, 2, NULL, 0);
return ((psa_status_t) err);
status = psa_call(operation->handle, in_vec, 2, NULL, 0);
return (status);
}
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
@ -1347,7 +1335,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
size_t output_size,
size_t *output_length)
{
psa_status_t err;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_invec in_vec[2];
psa_outvec out_vec[2];
@ -1373,9 +1361,8 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err = psa_call(operation->handle, in_vec, 2, out_vec, 2);
return ((psa_status_t) err);
status = psa_call(operation->handle, in_vec, 2, out_vec, 2);
return (status);
}
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
@ -1383,7 +1370,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
size_t output_size,
size_t *output_length)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_invec in_vec;
psa_outvec out_vec[2];
@ -1406,16 +1393,16 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
return (PSA_ERROR_BAD_STATE);
}
err_call = psa_call(operation->handle, &in_vec, 1, out_vec, 2);
status = psa_call(operation->handle, &in_vec, 1, out_vec, 2);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
{
psa_status_t err_call;
psa_status_t status;
psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 };
psa_invec in_vec;
@ -1429,11 +1416,11 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
&psa_crypto_ipc, sizeof(psa_crypto_ipc)
};
err_call = psa_call(operation->handle, &in_vec, 1, NULL, 0);
status = psa_call(operation->handle, &in_vec, 1, NULL, 0);
psa_close(operation->handle);
operation->handle = PSA_NULL_HANDLE;
return ((psa_status_t) err_call);
return (status);
}
void mbedtls_psa_crypto_free(void)

2
components/TARGET_PSA/services/crypto/COMPONENT_SPE/crypto_spe.h
View File

@ -65,6 +65,8 @@ extern "C" {
#define psa_close_key psa_sec_close_key
#define psa_hash_clone psa_sec_hash_clone
#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER 1
#include "crypto.h"
#ifdef __cplusplus

46
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
View File

@ -1,8 +1,10 @@
// ---------------------------------- Includes ---------------------------------
#include <stdint.h>
#include <string.h>
#include "psa/client.h"
#include "psa/service.h"
#include "psa/client.h"
#if defined(TARGET_TFM)
#define SPM_PANIC(format, ...) \
{ \
@ -23,6 +25,8 @@
#define mbedtls_free free
#endif
#include "mbed_assert.h"
// ---------------------------------- Macros -----------------------------------
#if !defined(MIN)
#define MIN( a, b ) ( ( ( a ) < ( b ) ) ? ( a ) : ( b ) )
@ -49,6 +53,9 @@ the data will be read in chunks of size */
#endif
static psa_spm_hash_clone_t psa_spm_hash_clones[MAX_CONCURRENT_HASH_CLONES];
#define CLIENT_PSA_KEY_ID_SIZE_IN_BYTES 4
MBED_STATIC_ASSERT(sizeof(psa_key_id_t) != CLIENT_PSA_KEY_ID_SIZE_IN_BYTES, "Unexpected psa_key_id_t size");
// ------------------------- Internal Helper Functions -------------------------
static inline psa_status_t reserve_hash_clone(int32_t partition_id, void *source_operation, size_t *index)
{
@ -144,7 +151,7 @@ static void psa_crypto_init_operation(void)
}
}
psa_reply(msg.handle, (psa_status_t) status);
psa_reply(msg.handle, status);
}
static void psa_crypto_free_operation(void)
@ -181,7 +188,7 @@ static void psa_crypto_free_operation(void)
}
}
psa_reply(msg.handle, (psa_status_t) status);
psa_reply(msg.handle, status);
}
static void psa_mac_operation(void)
@ -352,7 +359,7 @@ static void psa_mac_operation(void)
}
}
psa_reply(msg.handle, (psa_status_t) status);
psa_reply(msg.handle, status);
}
static void psa_hash_operation(void)
@ -737,7 +744,7 @@ static void psa_asymmetric_operation(void)
}
}
psa_reply(msg.handle, (psa_status_t) status);
psa_reply(msg.handle, status);
}
static void psa_aead_operation()
@ -846,7 +853,7 @@ static void psa_aead_operation()
}
}
psa_reply(msg.handle, (psa_status_t) status);
psa_reply(msg.handle, status);
}
static void psa_symmetric_operation(void)
@ -1016,7 +1023,7 @@ static void psa_symmetric_operation(void)
}
}
psa_reply(msg.handle, (psa_status_t) status);
psa_reply(msg.handle, status);
}
@ -1213,16 +1220,16 @@ static void psa_key_management_operation(void)
}
case PSA_CREATE_KEY: {
psa_key_id_t id = 0;
size_t max_bits = 0;
psa_key_id_t id;
id.owner = psa_identity(msg.handle);
bytes_read = psa_read(msg.handle, 1, &id, msg.in_size[1]);
bytes_read = psa_read(msg.handle, 1, &(id.key_id), msg.in_size[1]);
if (bytes_read != msg.in_size[1]) {
SPM_PANIC("SPM read length mismatch");
}
bytes_read = psa_read(msg.handle, 2, &max_bits, msg.in_size[2]);
if (bytes_read != msg.in_size[2]) {
SPM_PANIC("SPM read length mismatch");
if (msg.in_size[1] != CLIENT_PSA_KEY_ID_SIZE_IN_BYTES) {
SPM_PANIC("Unexpected psa_key_id_t size received from client");
}
status = psa_create_key(psa_key_mng.lifetime, id, &psa_key_mng.handle);
@ -1233,13 +1240,18 @@ static void psa_key_management_operation(void)
}
case PSA_OPEN_KEY: {
psa_key_id_t id = 0;
psa_key_id_t id;
id.owner = psa_identity(msg.handle);
bytes_read = psa_read(msg.handle, 1, &id, msg.in_size[1]);
bytes_read = psa_read(msg.handle, 1, &(id.key_id), msg.in_size[1]);
if (bytes_read != msg.in_size[1]) {
SPM_PANIC("SPM read length mismatch");
}
if (msg.in_size[1] != CLIENT_PSA_KEY_ID_SIZE_IN_BYTES) {
SPM_PANIC("Unexpected psa_key_id_t size received from client");
}
status = psa_open_key(psa_key_mng.lifetime, id, &psa_key_mng.handle);
if (status == PSA_SUCCESS) {
psa_write(msg.handle, 0, &psa_key_mng.handle, sizeof(psa_key_mng.handle));
@ -1535,7 +1547,7 @@ void psa_crypto_generator_operations(void)
}
}
psa_reply(msg.handle, (psa_status_t) status);
psa_reply(msg.handle, status);
}