diff --git a/TESTS/psa/crypto_init/main.cpp b/TESTS/psa/crypto_init/main.cpp index 0de83b6d54..ff5ffd16c2 100644 --- a/TESTS/psa/crypto_init/main.cpp +++ b/TESTS/psa/crypto_init/main.cpp @@ -52,10 +52,11 @@ static void check_multi_crypto_init_deinit() uint8_t output[TEST_RANDOM_SIZE] = {0}; uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = {0}; /* inject some a seed for test*/ - for(int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) + for (int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) { seed[i] = i; + } /* don't really care if this succeed this is just to make crypto init pass*/ - mbedtls_psa_inject_entropy( seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE ); + mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE); psa_status_t status = psa_crypto_init(); TEST_ASSERT_EQUAL(PSA_SUCCESS, status); status = psa_crypto_init(); @@ -76,10 +77,11 @@ static void check_crypto_init_deinit() uint8_t output[TEST_RANDOM_SIZE] = {0}; uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = {0}; /* inject some a seed for test*/ - for(int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) + for (int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) { seed[i] = i; + } /* don't really care if this succeed this is just to make crypto init pass*/ - mbedtls_psa_inject_entropy( seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE ); + mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE); status = psa_generate_random(output, sizeof(output)); TEST_ASSERT_EQUAL(PSA_ERROR_BAD_STATE, status); status = psa_crypto_init(); diff --git a/TESTS/psa/entropy_inject/main.cpp b/TESTS/psa/entropy_inject/main.cpp index 90a9afef08..365c289af0 100644 --- a/TESTS/psa/entropy_inject/main.cpp +++ b/TESTS/psa/entropy_inject/main.cpp @@ -40,41 +40,41 @@ using namespace utest::v1; -uint8_t seed[MBEDTLS_ENTROPY_MAX_SEED_SIZE+2] = {0}; +uint8_t seed[MBEDTLS_ENTROPY_MAX_SEED_SIZE + 2] = {0}; -void validate_entropy_seed_injection( int seed_length_a, - int expected_status_a, - int seed_length_b, - int expected_status_b ) +void validate_entropy_seed_injection(int seed_length_a, + int expected_status_a, + int seed_length_b, + int expected_status_b) { psa_status_t status; uint8_t output[32] = { 0 }; uint8_t zeros[32] = { 0 }; - status = mbedtls_psa_inject_entropy( seed, seed_length_a ); - TEST_ASSERT( status == expected_status_a ); - status = mbedtls_psa_inject_entropy( seed, seed_length_b ); - TEST_ASSERT( status == expected_status_b ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 ); + status = mbedtls_psa_inject_entropy(seed, seed_length_a); + TEST_ASSERT(status == expected_status_a); + status = mbedtls_psa_inject_entropy(seed, seed_length_b); + TEST_ASSERT(status == expected_status_b); + TEST_ASSERT(psa_crypto_init() == PSA_SUCCESS); + TEST_ASSERT(psa_generate_random(output, sizeof(output)) == PSA_SUCCESS); + TEST_ASSERT(memcmp(output, zeros, sizeof(output)) != 0); } -void run_entropy_inject_with_crypto_init( ) +void run_entropy_inject_with_crypto_init() { psa_its_status_t its_status; psa_status_t status; status = psa_crypto_init(); - TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY ); - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE ); - TEST_ASSERT( status == PSA_SUCCESS ); + TEST_ASSERT(status == PSA_ERROR_INSUFFICIENT_ENTROPY); + status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE); + TEST_ASSERT(status == PSA_SUCCESS); status = psa_crypto_init(); - TEST_ASSERT( status == PSA_SUCCESS ); - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE ); - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); - mbedtls_psa_crypto_free( ); + TEST_ASSERT(status == PSA_SUCCESS); + status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE); + TEST_ASSERT(status == PSA_ERROR_NOT_PERMITTED); + mbedtls_psa_crypto_free(); /* The seed is written by nv_seed callback functions therefore the injection will fail */ - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE ); - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE); + TEST_ASSERT(status == PSA_ERROR_NOT_PERMITTED); } @@ -88,7 +88,7 @@ utest::v1::status_t greentea_test_setup(const size_t number_of_cases) static void injection_small_good() { - validate_entropy_seed_injection( MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_ERROR_NOT_PERMITTED); + validate_entropy_seed_injection(MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_ERROR_NOT_PERMITTED); } static void injection_big_good() @@ -113,14 +113,14 @@ static void injection_and_init_deinit() -/***************************************************************************************/ +/***************************************************************************************/ utest::v1::status_t case_teardown_handler(const Case *const source, const size_t passed, const size_t failed, const failure_t reason) { psa_status_t status; status = test_psa_its_reset(); TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status); - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); return greentea_case_teardown_handler(source, passed, failed, reason); } @@ -130,8 +130,7 @@ utest::v1::status_t case_setup_handler(const Case *const source, const size_t in status = test_psa_its_reset(); TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status); /* fill seed in some data */ - for( size_t i = 0; i < MBEDTLS_ENTROPY_MAX_SEED_SIZE+2; ++i) - { + for (size_t i = 0; i < MBEDTLS_ENTROPY_MAX_SEED_SIZE + 2; ++i) { seed[i] = i; } return greentea_case_setup_handler(source, index_of_case); diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h index c79749d988..43ce138949 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h @@ -38,8 +38,7 @@ */ /** \brief psa_s_function_t enum defines for all the available functions in PSA Crypto. */ -typedef enum psa_sec_function_s -{ +typedef enum psa_sec_function_s { PSA_CRYPTO_INVALID, PSA_CRYPTO_INIT, PSA_IMPORT_KEY, @@ -87,7 +86,7 @@ typedef enum psa_sec_function_s PSA_GENERATOR_ABORT, PSA_KEY_DERIVATION, PSA_KEY_AGREEMENT -}psa_sec_function_t; +} psa_sec_function_t; /**@}*/ @@ -101,8 +100,7 @@ typedef enum psa_sec_function_s * pack them together. */ -typedef struct psa_crypto_ipc_s -{ +typedef struct psa_crypto_ipc_s { psa_sec_function_t func; psa_key_slot_t key; psa_algorithm_t alg; @@ -113,8 +111,7 @@ typedef struct psa_crypto_ipc_s * and in order to use the existing infrastructure of the SPM-IPC we provide a struct to * pack them together. */ -typedef struct psa_crypto_derivation_ipc_s -{ +typedef struct psa_crypto_derivation_ipc_s { psa_sec_function_t func; psa_key_slot_t key; psa_algorithm_t alg; @@ -127,8 +124,7 @@ typedef struct psa_crypto_derivation_ipc_s * pack them together. */ -typedef struct psa_key_mng_ipc_s -{ +typedef struct psa_key_mng_ipc_s { psa_key_slot_t key; psa_key_type_t type; psa_sec_function_t func; @@ -142,8 +138,7 @@ typedef struct psa_key_mng_ipc_s // Max length supported for nonce is 16 bytes. #define PSA_AEAD_MAX_NONCE_SIZE 16 -typedef struct psa_crypto_ipc_aead_s -{ +typedef struct psa_crypto_ipc_aead_s { psa_sec_function_t func; psa_key_slot_t key; psa_algorithm_t alg; @@ -158,8 +153,7 @@ typedef struct psa_crypto_ipc_aead_s * and in order to use the existing infrastructure of the SPM-IPC we provide a struct to * pack them together. */ -typedef struct psa_crypto_ipc_asymmetric_s -{ +typedef struct psa_crypto_ipc_asymmetric_s { psa_sec_function_t func; psa_key_slot_t key; psa_algorithm_t alg; diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct_ipc.h b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct_ipc.h index afde363407..c23c178917 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct_ipc.h +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_struct_ipc.h @@ -27,39 +27,33 @@ #ifndef PSA_CRYPTO_STRUCT_H #define PSA_CRYPTO_STRUCT_H -struct psa_hash_operation_s -{ +struct psa_hash_operation_s { psa_handle_t handle; }; -struct psa_mac_operation_s -{ +struct psa_mac_operation_s { psa_handle_t handle; }; -struct psa_cipher_operation_s -{ +struct psa_cipher_operation_s { psa_handle_t handle; }; -struct psa_aead_operation_s -{ +struct psa_aead_operation_s { psa_handle_t handle; }; -struct psa_crypto_generator_s -{ +struct psa_crypto_generator_s { psa_handle_t handle; }; -static inline struct psa_crypto_generator_s psa_crypto_generator_init( void ) +static inline struct psa_crypto_generator_s psa_crypto_generator_init(void) { const struct psa_crypto_generator_s v = { 0 }; - return( v ); + return (v); } -struct psa_key_policy_s -{ +struct psa_key_policy_s { psa_key_usage_t usage; psa_algorithm_t alg; }; diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c index f2d218cbef..36e10cfff6 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c @@ -38,49 +38,53 @@ psa_status_t psa_crypto_init(void) psa_error_t err_call; psa_handle_t handle = PSA_NULL_HANDLE; - handle = psa_connect( PSA_CRYPTO_INIT_ID, MINOR_VER ); - if( handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_CRYPTO_INIT_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, NULL, 0, NULL, 0 ); - psa_close( handle ); + err_call = psa_call(handle, NULL, 0, NULL, 0); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } /****************************************************************/ /* PSA_MAC */ /****************************************************************/ -psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) +psa_status_t psa_mac_abort(psa_mac_operation_t *operation) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; - if( operation->handle <= 0 ) - return( PSA_SUCCESS ); + if (operation->handle <= 0) { + return (PSA_SUCCESS); + } psa_crypto_ipc.func = PSA_MAC_ABORT; - psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + psa_invec_t in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; - err_call = psa_call( operation->handle, &in_vec, 1, NULL, 0 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, &in_vec, 1, NULL, 0); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } -static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg, - psa_sec_function_t func ) +static psa_status_t psa_mac_setup(psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg, + psa_sec_function_t func) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -89,113 +93,124 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, psa_crypto_ipc.key = key; psa_crypto_ipc.alg = alg; - psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + psa_invec_t in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; - operation->handle = psa_connect( PSA_MAC_ID, MINOR_VER ); + operation->handle = psa_connect(PSA_MAC_ID, MINOR_VER); - if( operation->handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + if (operation->handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err = psa_call( operation->handle, &in_vec, 1, NULL, 0 ); - if( err < 0 ) + err = psa_call(operation->handle, &in_vec, 1, NULL, 0); + if (err < 0) { err = PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err ); + return ((psa_status_t) err); } -psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg ) +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg) { psa_status_t status = PSA_SUCCESS; - status = psa_mac_setup( operation, key, alg, PSA_MAC_SIGN_SETUP ); + status = psa_mac_setup(operation, key, alg, PSA_MAC_SIGN_SETUP); return status; } -psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg ) +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg) { psa_status_t status = PSA_SUCCESS; - status = psa_mac_setup( operation, key, alg, PSA_MAC_VERIFY_SETUP ); + status = psa_mac_setup(operation, key, alg, PSA_MAC_VERIFY_SETUP); return status; } -psa_status_t psa_mac_update( psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; psa_crypto_ipc.func = PSA_MAC_UPDATE; - psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { input, input_length } }; + psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { input, input_length } + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err = psa_call( operation->handle, in_vec, 2, NULL, 0 ); - if( err < 0 ) + err = psa_call(operation->handle, in_vec, 2, NULL, 0); + if (err < 0) { err = PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err ); + return ((psa_status_t) err); } -psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; psa_crypto_ipc.func = PSA_MAC_SIGN_FINISH; - psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { &mac_size, sizeof( mac_size ) } }; - psa_outvec_t out_vec[2] = { { mac, mac_size }, { mac_length, sizeof( *mac_length ) } }; + psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { &mac_size, sizeof(mac_size) } + }; + psa_outvec_t out_vec[2] = { { mac, mac_size }, { mac_length, sizeof(*mac_length) } }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err_call = psa_call( operation->handle, in_vec, 2, out_vec, 2 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, in_vec, 2, out_vec, 2); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } -psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; psa_crypto_ipc.func = PSA_MAC_VERIFY_FINISH; - psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { &mac_length, sizeof( mac_length ) }, - { mac, mac_length } }; + psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { &mac_length, sizeof(mac_length) }, + { mac, mac_length } + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err_call = psa_call( operation->handle, in_vec, 3, NULL , 0 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, in_vec, 3, NULL, 0); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } @@ -203,30 +218,32 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, /* PSA_HASH */ /****************************************************************/ -psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) +psa_status_t psa_hash_abort(psa_hash_operation_t *operation) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; - if( operation->handle <= 0 ) - return( PSA_SUCCESS ); + if (operation->handle <= 0) { + return (PSA_SUCCESS); + } psa_crypto_ipc.func = PSA_HASH_ABORT; - psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + psa_invec_t in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; - err_call = psa_call( operation->handle, &in_vec, 1, NULL, 0 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, &in_vec, 1, NULL, 0); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } -psa_status_t psa_hash_setup( psa_hash_operation_t *operation, - psa_algorithm_t alg ) +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, + psa_algorithm_t alg) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -234,110 +251,122 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_crypto_ipc.func = PSA_HASH_SETUP; psa_crypto_ipc.alg = alg; - psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + psa_invec_t in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; - operation->handle = psa_connect( PSA_HASH_ID, MINOR_VER ); - if( operation->handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + operation->handle = psa_connect(PSA_HASH_ID, MINOR_VER); + if (operation->handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err = psa_call( operation->handle, &in_vec, 1, NULL, 0 ); - if( err < 0 ) + err = psa_call(operation->handle, &in_vec, 1, NULL, 0); + if (err < 0) { err = PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err ); + return ((psa_status_t) err); } -psa_status_t psa_hash_update( psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ) +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; psa_crypto_ipc.func = PSA_HASH_UPDATE; - psa_invec_t in_vec[2] = { {&psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { input, input_length } }; + psa_invec_t in_vec[2] = { {&psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { input, input_length } + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err = psa_call( operation->handle, in_vec, 2, NULL, 0 ); - if( err < 0 ) + err = psa_call(operation->handle, in_vec, 2, NULL, 0); + if (err < 0) { err = PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err ); + return ((psa_status_t) err); } -psa_status_t psa_hash_finish( psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ) +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; psa_crypto_ipc.func = PSA_HASH_FINISH; - psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { &hash_size, sizeof( hash_size ) } }; + psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { &hash_size, sizeof(hash_size) } + }; psa_outvec_t out_vec[2] = { { hash, hash_size }, - { hash_length, sizeof( *hash_length ) } }; + { hash_length, sizeof(*hash_length) } + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err_call = psa_call( operation->handle, in_vec, 2, out_vec, 2 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, in_vec, 2, out_vec, 2); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } -psa_status_t psa_hash_verify( psa_hash_operation_t *operation, +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, - size_t hash_length ) + size_t hash_length) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; psa_crypto_ipc.func = PSA_HASH_VERIFY; - psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc_t ) }, - { &hash_length, sizeof( hash_length ) }, - { hash, hash_length } }; + psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc_t) }, + { &hash_length, sizeof(hash_length) }, + { hash, hash_length } + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err_call = psa_call( operation->handle, in_vec, 3, NULL, 0 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, in_vec, 3, NULL, 0); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } /****************************************************************/ /* AEAD */ /****************************************************************/ -psa_status_t psa_aead_encrypt( psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length ) +psa_status_t psa_aead_encrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length) { psa_handle_t handle = PSA_NULL_HANDLE; psa_error_t call_error = PSA_SUCCESS; @@ -351,54 +380,66 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, psa_crypto_ipc.additional_data_length = additional_data_length; psa_crypto_ipc.input_length = plaintext_length; - if( nonce_length > PSA_AEAD_MAX_NONCE_SIZE ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (nonce_length > PSA_AEAD_MAX_NONCE_SIZE) { + return (PSA_ERROR_INVALID_ARGUMENT); + } psa_crypto_ipc.nonce_size = nonce_length; - memcpy( psa_crypto_ipc.nonce, nonce, nonce_length ); + memcpy(psa_crypto_ipc.nonce, nonce, nonce_length); - uint8_t *buffer = calloc( 1, additional_data_length + - plaintext_length ); - if( buffer == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + uint8_t *buffer = calloc(1, additional_data_length + + plaintext_length); + if (buffer == NULL) { + return (PSA_ERROR_INSUFFICIENT_MEMORY); + } - memcpy( buffer, additional_data, additional_data_length ); - memcpy( buffer + additional_data_length, plaintext, plaintext_length ); + memcpy(buffer, additional_data, additional_data_length); + memcpy(buffer + additional_data_length, plaintext, plaintext_length); - in_vec[0] = ( psa_invec_t ) { &psa_crypto_ipc, - sizeof( psa_crypto_ipc_aead_t ) }; + in_vec[0] = (psa_invec_t) { + &psa_crypto_ipc, + sizeof(psa_crypto_ipc_aead_t) + }; - in_vec[1] = ( psa_invec_t ) { buffer, additional_data_length + - plaintext_length }; - out_vec[0] = ( psa_outvec_t ) { ciphertext, ciphertext_size }; - out_vec[1] = ( psa_outvec_t ) { ciphertext_length, sizeof( *ciphertext_length ) }; + in_vec[1] = (psa_invec_t) { + buffer, additional_data_length + + plaintext_length + }; + out_vec[0] = (psa_outvec_t) { + ciphertext, ciphertext_size + }; + out_vec[1] = (psa_outvec_t) { + ciphertext_length, sizeof(*ciphertext_length) + }; - handle = psa_connect( PSA_AEAD_ID, MINOR_VER ); - if( handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_AEAD_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - call_error = psa_call( handle, in_vec, 2, out_vec, 2 ); + call_error = psa_call(handle, in_vec, 2, out_vec, 2); - psa_close( handle ); + psa_close(handle); - if( call_error < 0 ) - call_error = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t )call_error ); + if (call_error < 0) { + call_error = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t)call_error); } -psa_status_t psa_aead_decrypt( psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length ) +psa_status_t psa_aead_decrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length) { psa_handle_t handle = PSA_NULL_HANDLE; psa_error_t call_error = PSA_SUCCESS; @@ -412,39 +453,51 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, psa_crypto_ipc.additional_data_length = additional_data_length; psa_crypto_ipc.input_length = ciphertext_length; - if( nonce_length > PSA_AEAD_MAX_NONCE_SIZE ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (nonce_length > PSA_AEAD_MAX_NONCE_SIZE) { + return (PSA_ERROR_INVALID_ARGUMENT); + } psa_crypto_ipc.nonce_size = nonce_length; - memcpy( psa_crypto_ipc.nonce, nonce, nonce_length ); + memcpy(psa_crypto_ipc.nonce, nonce, nonce_length); - uint8_t *buffer = calloc( 1, additional_data_length + - ciphertext_length ); - if( buffer == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + uint8_t *buffer = calloc(1, additional_data_length + + ciphertext_length); + if (buffer == NULL) { + return (PSA_ERROR_INSUFFICIENT_MEMORY); + } - memcpy( buffer, additional_data, additional_data_length ); - memcpy( buffer + additional_data_length, ciphertext, ciphertext_length ); + memcpy(buffer, additional_data, additional_data_length); + memcpy(buffer + additional_data_length, ciphertext, ciphertext_length); - in_vec[0] = ( psa_invec_t ) { &psa_crypto_ipc, - sizeof( psa_crypto_ipc_aead_t ) }; - in_vec[1] = ( psa_invec_t ) { buffer, additional_data_length + - ciphertext_length }; + in_vec[0] = (psa_invec_t) { + &psa_crypto_ipc, + sizeof(psa_crypto_ipc_aead_t) + }; + in_vec[1] = (psa_invec_t) { + buffer, additional_data_length + + ciphertext_length + }; - out_vec[0] = ( psa_outvec_t ) { plaintext, plaintext_size }; - out_vec[1] = ( psa_outvec_t ) { plaintext_length, sizeof( *plaintext_length ) }; + out_vec[0] = (psa_outvec_t) { + plaintext, plaintext_size + }; + out_vec[1] = (psa_outvec_t) { + plaintext_length, sizeof(*plaintext_length) + }; - handle = psa_connect( PSA_AEAD_ID, MINOR_VER ); - if( handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_AEAD_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - call_error = psa_call( handle, in_vec, 2, out_vec, 2 ); + call_error = psa_call(handle, in_vec, 2, out_vec, 2); - psa_close( handle ); + psa_close(handle); - if( call_error < 0 ) - call_error = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t )call_error ); + if (call_error < 0) { + call_error = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t)call_error); } /****************************************************************/ @@ -469,23 +522,33 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_crypto_ipc.key = key; psa_crypto_ipc.alg = alg; - in_vec[0] = ( psa_invec_t ) { &psa_crypto_ipc, - sizeof( psa_crypto_ipc_asymmetric_t ) }; - in_vec[1] = ( psa_invec_t ) { hash, hash_length }; - out_vec[0] = ( psa_outvec_t ) { signature, signature_size }; - out_vec[1] = ( psa_outvec_t ) { signature_length, sizeof( *signature_length ) }; + in_vec[0] = (psa_invec_t) { + &psa_crypto_ipc, + sizeof(psa_crypto_ipc_asymmetric_t) + }; + in_vec[1] = (psa_invec_t) { + hash, hash_length + }; + out_vec[0] = (psa_outvec_t) { + signature, signature_size + }; + out_vec[1] = (psa_outvec_t) { + signature_length, sizeof(*signature_length) + }; - handle = psa_connect( PSA_ASYMMETRIC_ID, MINOR_VER ); - if( handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_ASYMMETRIC_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - call_error = psa_call( handle, in_vec, 2, out_vec, 2 ); + call_error = psa_call(handle, in_vec, 2, out_vec, 2); - psa_close( handle ); + psa_close(handle); - if( call_error < 0 ) - call_error = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t )call_error ); + if (call_error < 0) { + call_error = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t)call_error); } psa_status_t psa_asymmetric_verify(psa_key_slot_t key, @@ -504,19 +567,27 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_crypto_ipc.key = key; psa_crypto_ipc.alg = alg; - in_vec[0] = ( psa_invec_t ) { &psa_crypto_ipc, - sizeof( psa_crypto_ipc_asymmetric_t ) }; - in_vec[1] = ( psa_invec_t ) { signature, signature_size }; - in_vec[2] = ( psa_invec_t ) { hash, hash_length }; - handle = psa_connect( PSA_ASYMMETRIC_ID, MINOR_VER ); - if( handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); - call_error = psa_call( handle, in_vec, 3, NULL, 0 ); - psa_close( handle ); + in_vec[0] = (psa_invec_t) { + &psa_crypto_ipc, + sizeof(psa_crypto_ipc_asymmetric_t) + }; + in_vec[1] = (psa_invec_t) { + signature, signature_size + }; + in_vec[2] = (psa_invec_t) { + hash, hash_length + }; + handle = psa_connect(PSA_ASYMMETRIC_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } + call_error = psa_call(handle, in_vec, 3, NULL, 0); + psa_close(handle); - if( call_error < 0 ) - call_error = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t )call_error ); + if (call_error < 0) { + call_error = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t)call_error); } static psa_status_t psa_asymmetric_operation(psa_sec_function_t func, @@ -542,31 +613,42 @@ static psa_status_t psa_asymmetric_operation(psa_sec_function_t func, psa_crypto_ipc.input_length = input_length; psa_crypto_ipc.salt_length = salt_length; - uint8_t *buffer = calloc( 1, input_length + salt_length ); - if( buffer == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + uint8_t *buffer = calloc(1, input_length + salt_length); + if (buffer == NULL) { + return (PSA_ERROR_INSUFFICIENT_MEMORY); + } memcpy(buffer, input, input_length); memcpy(buffer + input_length, salt, salt_length); - in_vec[0] = ( psa_invec_t ) { &psa_crypto_ipc, - sizeof( psa_crypto_ipc_asymmetric_t ) }; - in_vec[1] = ( psa_invec_t ) { buffer, input_length + salt_length }; + in_vec[0] = (psa_invec_t) { + &psa_crypto_ipc, + sizeof(psa_crypto_ipc_asymmetric_t) + }; + in_vec[1] = (psa_invec_t) { + buffer, input_length + salt_length + }; - out_vec[0] = ( psa_outvec_t ) { output, output_size }; - out_vec[1] = ( psa_outvec_t ) { output_length, sizeof( *output_length ) }; + out_vec[0] = (psa_outvec_t) { + output, output_size + }; + out_vec[1] = (psa_outvec_t) { + output_length, sizeof(*output_length) + }; - handle = psa_connect( PSA_ASYMMETRIC_ID, MINOR_VER ); - if( handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_ASYMMETRIC_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - call_error = psa_call( handle, in_vec, 2, out_vec, 2 ); + call_error = psa_call(handle, in_vec, 2, out_vec, 2); - psa_close( handle ); + psa_close(handle); - if( call_error < 0 ) - call_error = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t )call_error ); + if (call_error < 0) { + call_error = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t)call_error); } psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, @@ -580,9 +662,9 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, size_t *output_length) { psa_status_t status = psa_asymmetric_operation(PSA_ASYMMETRIC_ENCRYPT, key, - alg, input, input_length, - salt, salt_length, output, - output_size, output_length ); + alg, input, input_length, + salt, salt_length, output, + output_size, output_length); return status; } @@ -597,9 +679,9 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, size_t *output_length) { psa_status_t status = psa_asymmetric_operation(PSA_ASYMMETRIC_DECRYPT, key, - alg, input, input_length, - salt, salt_length, output, - output_size, output_length ); + alg, input, input_length, + salt, salt_length, output, + output_size, output_length); return status; } @@ -607,8 +689,8 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, /* PSA_KEY_MANAGMENT */ /****************************************************************/ -psa_status_t psa_get_key_lifetime( psa_key_slot_t key, - psa_key_lifetime_t *lifetime ) +psa_status_t psa_get_key_lifetime(psa_key_slot_t key, + psa_key_lifetime_t *lifetime) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -617,24 +699,30 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key, psa_key_mng_ipc.func = PSA_GET_KEY_LIFETIME; psa_handle_t handle = PSA_NULL_HANDLE; psa_invec_t in_vec[1] = { - { &psa_key_mng_ipc, sizeof( psa_key_mng_ipc_t ) } }; - psa_outvec_t out_vec[1] = { { lifetime, (lifetime == NULL ? 0 : - sizeof( *lifetime ) ) } }; + { &psa_key_mng_ipc, sizeof(psa_key_mng_ipc_t) } + }; + psa_outvec_t out_vec[1] = { { + lifetime, (lifetime == NULL ? 0 : + sizeof(*lifetime)) + } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 1, out_vec, 1 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 1, out_vec, 1); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_set_key_lifetime( psa_key_slot_t key, - psa_key_lifetime_t lifetime ) +psa_status_t psa_set_key_lifetime(psa_key_slot_t key, + psa_key_lifetime_t lifetime) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -643,49 +731,52 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key, psa_key_mng_ipc.func = PSA_SET_KEY_LIFETIME; psa_handle_t handle = PSA_NULL_HANDLE; psa_invec_t in_vec[2] = { - { &psa_key_mng_ipc, sizeof( psa_key_mng_ipc_t ) }, - { &lifetime, sizeof( psa_key_lifetime_t ) } }; + { &psa_key_mng_ipc, sizeof(psa_key_mng_ipc_t) }, + { &lifetime, sizeof(psa_key_lifetime_t) } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 2, NULL, 0 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 2, NULL, 0); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } /* the psa_key_policy_init psa_key_policy_get_usage, psa_key_policy_get_algorithm and psa_key_policy_set_usage accessor functions are implemented directly in the non-secure partition */ -void psa_key_policy_init( psa_key_policy_t *policy ) +void psa_key_policy_init(psa_key_policy_t *policy) { - memset( policy, 0, sizeof( psa_key_policy_t ) ); + memset(policy, 0, sizeof(psa_key_policy_t)); } -psa_key_usage_t psa_key_policy_get_usage( const psa_key_policy_t *policy ) +psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy) { - return( policy->usage ); + return (policy->usage); } -psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy ) +psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy) { - return( policy->alg ); + return (policy->alg); } -void psa_key_policy_set_usage( psa_key_policy_t *policy, - psa_key_usage_t usage, - psa_algorithm_t alg ) +void psa_key_policy_set_usage(psa_key_policy_t *policy, + psa_key_usage_t usage, + psa_algorithm_t alg) { policy->usage = usage; policy->alg = alg; } -psa_status_t psa_set_key_policy( psa_key_slot_t key, - const psa_key_policy_t *policy ) +psa_status_t psa_set_key_policy(psa_key_slot_t key, + const psa_key_policy_t *policy) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -694,23 +785,26 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key, psa_key_mng_ipc.func = PSA_SET_KEY_POLICY; psa_handle_t handle = PSA_NULL_HANDLE; psa_invec_t in_vec[2] = { - { &psa_key_mng_ipc, sizeof( psa_key_mng_ipc_t ) }, - { policy, ( policy == NULL ? 0 : sizeof( *policy ) ) } }; + { &psa_key_mng_ipc, sizeof(psa_key_mng_ipc_t) }, + { policy, (policy == NULL ? 0 : sizeof(*policy)) } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 2, NULL, 0 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 2, NULL, 0); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_get_key_policy( psa_key_slot_t key, - psa_key_policy_t *policy ) +psa_status_t psa_get_key_policy(psa_key_slot_t key, + psa_key_policy_t *policy) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -718,27 +812,35 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key, psa_key_mng_ipc.type = 0; psa_key_mng_ipc.func = PSA_GET_KEY_POLICY; psa_handle_t handle = PSA_NULL_HANDLE; - psa_invec_t in_vec[1] = { { &psa_key_mng_ipc, - sizeof( psa_key_mng_ipc_t ) } }; - psa_outvec_t out_vec[1] = { { policy, ( policy == NULL ? 0 : - sizeof( *policy ) ) } }; + psa_invec_t in_vec[1] = { { + &psa_key_mng_ipc, + sizeof(psa_key_mng_ipc_t) + } + }; + psa_outvec_t out_vec[1] = { { + policy, (policy == NULL ? 0 : + sizeof(*policy)) + } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 1, out_vec, 1 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 1, out_vec, 1); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_import_key( psa_key_slot_t key, - psa_key_type_t type, - const uint8_t *data, - size_t data_length ) +psa_status_t psa_import_key(psa_key_slot_t key, + psa_key_type_t type, + const uint8_t *data, + size_t data_length) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -747,22 +849,25 @@ psa_status_t psa_import_key( psa_key_slot_t key, psa_key_mng_ipc.func = PSA_IMPORT_KEY; psa_handle_t handle = PSA_NULL_HANDLE; psa_invec_t in_vec[2] = { - { &psa_key_mng_ipc, sizeof( psa_key_mng_ipc_t ) }, - { data, data_length } }; + { &psa_key_mng_ipc, sizeof(psa_key_mng_ipc_t) }, + { data, data_length } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 2, NULL, 0 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 2, NULL, 0); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_destroy_key( psa_key_slot_t key ) +psa_status_t psa_destroy_key(psa_key_slot_t key) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -771,23 +876,26 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) psa_key_mng_ipc.func = PSA_DESTROY_KEY; psa_handle_t handle = PSA_NULL_HANDLE; psa_invec_t in_vec[1] = { - { &psa_key_mng_ipc, sizeof( psa_key_mng_ipc_t ) } }; + { &psa_key_mng_ipc, sizeof(psa_key_mng_ipc_t) } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 1, NULL, 0 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 1, NULL, 0); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_get_key_information( psa_key_slot_t key, - psa_key_type_t *type, - size_t *bits ) +psa_status_t psa_get_key_information(psa_key_slot_t key, + psa_key_type_t *type, + size_t *bits) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -795,30 +903,40 @@ psa_status_t psa_get_key_information( psa_key_slot_t key, psa_key_mng_ipc.type = 0; psa_key_mng_ipc.func = PSA_GET_KEY_INFORMATION; psa_handle_t handle = PSA_NULL_HANDLE; - psa_invec_t in_vec[1] = { { &psa_key_mng_ipc, - sizeof( psa_key_mng_ipc_t ) } }; - psa_outvec_t out_vec[2] = { { type, ( type == NULL ? 0 : - sizeof( psa_key_type_t ) ) } , - { bits, ( bits == NULL ? 0 : - sizeof( size_t ) ) } }; + psa_invec_t in_vec[1] = { { + &psa_key_mng_ipc, + sizeof(psa_key_mng_ipc_t) + } + }; + psa_outvec_t out_vec[2] = { { + type, (type == NULL ? 0 : + sizeof(psa_key_type_t)) + }, + { + bits, (bits == NULL ? 0 : + sizeof(size_t)) + } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 1, out_vec, 2 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 1, out_vec, 2); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -static psa_status_t psa_export_key_common( psa_key_slot_t key, - uint8_t *data, - size_t data_size, - size_t *data_length, - psa_sec_function_t func ) +static psa_status_t psa_export_key_common(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length, + psa_sec_function_t func) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -827,48 +945,51 @@ static psa_status_t psa_export_key_common( psa_key_slot_t key, psa_key_mng_ipc.func = func; psa_handle_t handle = PSA_NULL_HANDLE; - psa_invec_t in_vec[1] = { { &psa_key_mng_ipc, sizeof( psa_key_mng_ipc_t ) } }; - psa_outvec_t out_vec[2] = { { data, data_size } , - { data_length, sizeof( *data_length ) } }; + psa_invec_t in_vec[1] = { { &psa_key_mng_ipc, sizeof(psa_key_mng_ipc_t) } }; + psa_outvec_t out_vec[2] = { { data, data_size }, + { data_length, sizeof(*data_length) } + }; - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 1, out_vec, 2 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 1, out_vec, 2); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_export_key( psa_key_slot_t key, +psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data, size_t data_size, - size_t *data_length ) + size_t *data_length) { - psa_status_t status = psa_export_key_common( key, data, data_size, - data_length , PSA_EXPORT_KEY ); - return status; + psa_status_t status = psa_export_key_common(key, data, data_size, + data_length, PSA_EXPORT_KEY); + return status; } -psa_status_t psa_export_public_key( psa_key_slot_t key, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t psa_export_public_key(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) { - psa_status_t status = psa_export_key_common( key, data, data_size, + psa_status_t status = psa_export_key_common(key, data, data_size, data_length, - PSA_EXPORT_PUBLIC_KEY ); - return status; + PSA_EXPORT_PUBLIC_KEY); + return status; } -psa_status_t psa_generate_key( psa_key_slot_t key, - psa_key_type_t type, - size_t bits, - const void *parameters, - size_t parameters_size ) +psa_status_t psa_generate_key(psa_key_slot_t key, + psa_key_type_t type, + size_t bits, + const void *parameters, + size_t parameters_size) { psa_error_t err_call; psa_key_mng_ipc_t psa_key_mng_ipc = { 0, 0, 0 }; @@ -878,155 +999,165 @@ psa_status_t psa_generate_key( psa_key_slot_t key, psa_handle_t handle = PSA_NULL_HANDLE; psa_invec_t in_vec[3]; in_vec[0].base = &psa_key_mng_ipc; - in_vec[0].len = sizeof ( psa_key_mng_ipc_t ); + in_vec[0].len = sizeof(psa_key_mng_ipc_t); in_vec[1].base = &bits; - in_vec[1].len = sizeof ( size_t ); + in_vec[1].len = sizeof(size_t); /* currently the parameter argument is used only for RSA keypair and ignored in other cases. support for other algorithms may be added later*/ - if ( PSA_KEY_TYPE_RSA_KEYPAIR == type ) - { + if (PSA_KEY_TYPE_RSA_KEYPAIR == type) { in_vec[2].base = parameters; /* size of parameter is unsigned integer as defined in header */ in_vec[2].len = parameters_size; - } - else // currenty ignored for non RSA case - { + } else { // currenty ignored for non RSA case in_vec[2].base = NULL; in_vec[2].len = 0; } - handle = psa_connect( PSA_KEY_MNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_KEY_MNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, in_vec, 3, NULL, 0 ); - psa_close( handle ); + err_call = psa_call(handle, in_vec, 3, NULL, 0); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } /****************************************************************/ /* PSA_RNG */ /****************************************************************/ -psa_status_t psa_generate_random( uint8_t *output, - size_t output_size ) +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size) { psa_error_t err_call; psa_handle_t handle = PSA_NULL_HANDLE; psa_outvec_t out_vec[1] = { { output, output_size } }; - handle = psa_connect( PSA_RNG_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_RNG_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, NULL, 0, out_vec, 1 ); - psa_close( handle ); + err_call = psa_call(handle, NULL, 0, out_vec, 1); + psa_close(handle); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } /****************************************************************/ /* PSA_ENTROPY_INJECT */ /****************************************************************/ -psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, - size_t seed_size ) +psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, + size_t seed_size) { psa_error_t err_call; psa_handle_t handle = PSA_NULL_HANDLE; psa_invec_t in_vec = { seed, seed_size }; - handle = psa_connect( PSA_ENTROPY_ID, MINOR_VER ); - if( handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + handle = psa_connect(PSA_ENTROPY_ID, MINOR_VER); + if (handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( handle, &in_vec, 1, NULL, 0 ); - psa_close( handle ); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + err_call = psa_call(handle, &in_vec, 1, NULL, 0); + psa_close(handle); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } /****************************************************************/ /* PSA Generator */ /****************************************************************/ -psa_status_t psa_get_generator_capacity( const psa_crypto_generator_t *generator, - size_t *capacity ) +psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, + size_t *capacity) { psa_error_t err_call; psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 }; psa_crypto_ipc.func = PSA_GET_GENERATOR_CAPACITY; - psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; - psa_outvec_t out_vec = { capacity, sizeof( *capacity ) }; + psa_invec_t in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; + psa_outvec_t out_vec = { capacity, sizeof(*capacity) }; - if( generator->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (generator->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err_call = psa_call( generator->handle, &in_vec, 1, &out_vec, 1 ); + err_call = psa_call(generator->handle, &in_vec, 1, &out_vec, 1); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_generator_read( psa_crypto_generator_t *generator, - uint8_t *output, - size_t output_length ) +psa_status_t psa_generator_read(psa_crypto_generator_t *generator, + uint8_t *output, + size_t output_length) { psa_error_t err_call; psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 }; psa_crypto_ipc.func = PSA_GENERATOR_READ; - psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + psa_invec_t in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; psa_outvec_t out_vec = { output, output_length }; - if( generator->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (generator->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err_call = psa_call( generator->handle, &in_vec, 1, &out_vec, 1 ); + err_call = psa_call(generator->handle, &in_vec, 1, &out_vec, 1); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_generator_import_key( psa_key_slot_t key, - psa_key_type_t type, - size_t bits, - psa_crypto_generator_t *generator ) +psa_status_t psa_generator_import_key(psa_key_slot_t key, + psa_key_type_t type, + size_t bits, + psa_crypto_generator_t *generator) { psa_error_t err_call; psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 }; psa_crypto_ipc.key = key; psa_crypto_ipc.func = PSA_GENERATOR_IMPORT_KEY; - psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { &type, sizeof( type ) }, - { &bits, sizeof( bits ) } }; - - if( generator->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - err_call = psa_call( generator->handle, in_vec, 3, NULL, 0 ); + psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { &type, sizeof(type) }, + { &bits, sizeof(bits) } + }; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (generator->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } + + err_call = psa_call(generator->handle, in_vec, 3, NULL, 0); + + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, - psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length, - size_t capacity ) +psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, + psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length, + size_t capacity) { psa_error_t err_call; psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 }; @@ -1035,27 +1166,30 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, psa_crypto_ipc.func = PSA_KEY_DERIVATION; psa_crypto_ipc.capacity = capacity; - psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { salt, salt_length }, - { label, label_length } }; + psa_invec_t in_vec[3] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { salt, salt_length }, + { label, label_length } + }; - generator->handle = psa_connect( PSA_GENERATOR_ID, MINOR_VER ); - if( generator->handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); + generator->handle = psa_connect(PSA_GENERATOR_ID, MINOR_VER); + if (generator->handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( generator->handle, in_vec, 3, NULL, 0 ); + err_call = psa_call(generator->handle, in_vec, 3, NULL, 0); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, - psa_key_slot_t private_key, - const uint8_t *peer_key, - size_t peer_key_length, - psa_algorithm_t alg ) +psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, + psa_key_slot_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + psa_algorithm_t alg) { psa_error_t err_call; psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 }; @@ -1063,36 +1197,39 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, psa_crypto_ipc.alg = alg; psa_crypto_ipc.func = PSA_KEY_AGREEMENT; - psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }, - { peer_key, peer_key_length }}; + psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }, + { peer_key, peer_key_length } + }; - generator->handle = psa_connect( PSA_GENERATOR_ID, MINOR_VER ); - if( generator->handle <= 0 ) - return( PSA_ERROR_COMMUNICATION_FAILURE ); + generator->handle = psa_connect(PSA_GENERATOR_ID, MINOR_VER); + if (generator->handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err_call = psa_call( generator->handle, in_vec, 2, NULL, 0 ); + err_call = psa_call(generator->handle, in_vec, 2, NULL, 0); - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) +psa_status_t psa_generator_abort(psa_crypto_generator_t *generator) { psa_error_t err_call = PSA_SUCCESS; psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 }; psa_crypto_ipc.func = PSA_GENERATOR_ABORT; - psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; - if( generator->handle != PSA_NULL_HANDLE ) - { - err_call = psa_call( generator->handle, &in_vec, 1, NULL, 0 ); - psa_close( generator->handle ); + psa_invec_t in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; + if (generator->handle != PSA_NULL_HANDLE) { + err_call = psa_call(generator->handle, &in_vec, 1, NULL, 0); + psa_close(generator->handle); generator->handle = PSA_NULL_HANDLE; } - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } - return( ( psa_status_t ) err_call ); + return ((psa_status_t) err_call); } @@ -1100,9 +1237,9 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) /* PSA_SYMMETRIC */ /****************************************************************/ -psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -1113,21 +1250,23 @@ psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, psa_crypto_ipc.alg = alg; in_vec.base = &psa_crypto_ipc; - in_vec.len = sizeof( psa_crypto_ipc ); + in_vec.len = sizeof(psa_crypto_ipc); - operation->handle = psa_connect( PSA_SYMMETRIC_ID, MINOR_VER ); - if( operation->handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + operation->handle = psa_connect(PSA_SYMMETRIC_ID, MINOR_VER); + if (operation->handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err = psa_call( operation->handle, &in_vec, 1, NULL, 0 ); - if( err < 0 ) - err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err ); + err = psa_call(operation->handle, &in_vec, 1, NULL, 0); + if (err < 0) { + err = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err); } -psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -1137,23 +1276,27 @@ psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, psa_crypto_ipc.key = key; psa_crypto_ipc.alg = alg; - in_vec = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + in_vec = (psa_invec_t) { + &psa_crypto_ipc, sizeof(psa_crypto_ipc) + }; - operation->handle = psa_connect( PSA_SYMMETRIC_ID, MINOR_VER ); + operation->handle = psa_connect(PSA_SYMMETRIC_ID, MINOR_VER); - if( operation->handle <= 0 ) - return ( PSA_ERROR_COMMUNICATION_FAILURE ); + if (operation->handle <= 0) { + return (PSA_ERROR_COMMUNICATION_FAILURE); + } - err = psa_call( operation->handle, &in_vec, 1, NULL, 0 ); - if( err < 0 ) - err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err ); + err = psa_call(operation->handle, &in_vec, 1, NULL, 0); + if (err < 0) { + err = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err); } -psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, - unsigned char *iv, - size_t iv_size, - size_t *iv_length ) +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -1162,23 +1305,31 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, psa_crypto_ipc.func = PSA_CIPHER_GENERATE_IV; - in_vec = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + in_vec = (psa_invec_t) { + &psa_crypto_ipc, sizeof(psa_crypto_ipc) + }; - out_vec[0] = ( psa_outvec_t ){ iv, iv_size }; - out_vec[1] = ( psa_outvec_t ){ iv_length, sizeof( *iv_length ) }; + out_vec[0] = (psa_outvec_t) { + iv, iv_size + }; + out_vec[1] = (psa_outvec_t) { + iv_length, sizeof(*iv_length) + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err = psa_call( operation->handle, &in_vec, 1, out_vec, 2 ); - if( err < 0 ) - err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err ); + err = psa_call(operation->handle, &in_vec, 1, out_vec, 2); + if (err < 0) { + err = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err); } -psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, - const unsigned char *iv, - size_t iv_length ) +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -1186,24 +1337,30 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, psa_crypto_ipc.func = PSA_CIPHER_SET_IV; - in_vec[0] = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; - in_vec[1] = ( psa_invec_t ){ iv, iv_length }; + in_vec[0] = (psa_invec_t) { + &psa_crypto_ipc, sizeof(psa_crypto_ipc) + }; + in_vec[1] = (psa_invec_t) { + iv, iv_length + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err = psa_call( operation->handle, in_vec, 2, NULL, 0 ); - if( err < 0 ) - err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err ); + err = psa_call(operation->handle, in_vec, 2, NULL, 0); + if (err < 0) { + err = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err); } -psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - unsigned char *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + unsigned char *output, + size_t output_size, + size_t *output_length) { psa_error_t err; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -1212,26 +1369,36 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, psa_crypto_ipc.func = PSA_CIPHER_UPDATE; - in_vec[0] = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; - in_vec[1] = ( psa_invec_t ){ input, input_length }; + in_vec[0] = (psa_invec_t) { + &psa_crypto_ipc, sizeof(psa_crypto_ipc) + }; + in_vec[1] = (psa_invec_t) { + input, input_length + }; - out_vec[0] = ( psa_outvec_t ){ output, output_size }; - out_vec[1] = ( psa_outvec_t ){ output_length, ( output_length == NULL ? 0 : - sizeof( *output_length ) ) }; + out_vec[0] = (psa_outvec_t) { + output, output_size + }; + out_vec[1] = (psa_outvec_t) { + output_length, (output_length == NULL ? 0 : + sizeof(*output_length)) + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err = psa_call( operation->handle, in_vec, 2, out_vec, 2 ); - if( err < 0 ) - err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err ); + err = psa_call(operation->handle, in_vec, 2, out_vec, 2); + if (err < 0) { + err = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err); } -psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; @@ -1240,54 +1407,67 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, psa_crypto_ipc.func = PSA_CIPHER_FINISH; - in_vec = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + in_vec = (psa_invec_t) { + &psa_crypto_ipc, sizeof(psa_crypto_ipc) + }; - out_vec[0] = ( psa_outvec_t ){ output, output_size }; - out_vec[1] = ( psa_outvec_t ){ output_length, ( output_length == NULL ? 0 : - sizeof( *output_length ) ) }; + out_vec[0] = (psa_outvec_t) { + output, output_size + }; + out_vec[1] = (psa_outvec_t) { + output_length, (output_length == NULL ? 0 : + sizeof(*output_length)) + }; - if( operation->handle <= 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->handle <= 0) { + return (PSA_ERROR_INVALID_ARGUMENT); + } - err_call = psa_call( operation->handle, &in_vec, 1, out_vec, 2 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, &in_vec, 1, out_vec, 2); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) { psa_error_t err_call; psa_crypto_ipc_t psa_crypto_ipc = { 0, 0, 0 }; psa_invec_t in_vec; - if( operation->handle <= 0 ) - return( PSA_SUCCESS ); + if (operation->handle <= 0) { + return (PSA_SUCCESS); + } psa_crypto_ipc.func = PSA_CIPHER_ABORT; - in_vec = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) }; + in_vec = (psa_invec_t) { + &psa_crypto_ipc, sizeof(psa_crypto_ipc) + }; - err_call = psa_call( operation->handle, &in_vec, 1, NULL, 0 ); - psa_close( operation->handle ); + err_call = psa_call(operation->handle, &in_vec, 1, NULL, 0); + psa_close(operation->handle); operation->handle = PSA_NULL_HANDLE; - if( err_call < 0 ) - err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE; - return( ( psa_status_t ) err_call ); + if (err_call < 0) { + err_call = (psa_error_t) PSA_ERROR_COMMUNICATION_FAILURE; + } + return ((psa_status_t) err_call); } -void mbedtls_psa_crypto_free( void ) +void mbedtls_psa_crypto_free(void) { psa_handle_t handle = PSA_NULL_HANDLE; //TODO: add retry mechanism to make sure resourecs were deallocated. - handle = psa_connect( PSA_CRYPTO_FREE_ID, MINOR_VER ); - if( handle <= 0 ) + handle = psa_connect(PSA_CRYPTO_FREE_ID, MINOR_VER); + if (handle <= 0) { return; - psa_call( handle, NULL, 0, NULL, 0 ); - psa_close( handle ); + } + psa_call(handle, NULL, 0, NULL, 0); + psa_close(handle); } #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index db4a20241a..a0b3c33026 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -20,215 +20,187 @@ static psa_spm_init_refence_counter = 0; // ------------------------- Partition's Main Thread --------------------------- -static void psa_crypto_init_operation( void ) +static void psa_crypto_init_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_CRYPTO_INIT, &msg ); + psa_get(PSA_CRYPTO_INIT, &msg); - switch ( msg.type ) - { + switch (msg.type) { case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - { + case PSA_IPC_DISCONNECT: { break; } - case PSA_IPC_CALL: - { + case PSA_IPC_CALL: { status = psa_crypto_init(); - if ( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { ++psa_spm_init_refence_counter; + } break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } - psa_reply( msg.handle, ( psa_error_t ) status ); + psa_reply(msg.handle, (psa_error_t) status); } -static void psa_crypto_free_operation( void ) +static void psa_crypto_free_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_CRYPTO_FREE, &msg ); + psa_get(PSA_CRYPTO_FREE, &msg); - switch ( msg.type ) - { + switch (msg.type) { case PSA_IPC_CONNECT: - case PSA_IPC_DISCONNECT: - { + case PSA_IPC_DISCONNECT: { break; } - case PSA_IPC_CALL: - { + case PSA_IPC_CALL: { /** perform crypto_free iff the number of init-s * is equal to the number of free-s */ --psa_spm_init_refence_counter; - if (!psa_spm_init_refence_counter) + if (!psa_spm_init_refence_counter) { mbedtls_psa_crypto_free(); + } break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } - psa_reply( msg.handle, ( psa_error_t ) status ); + psa_reply(msg.handle, (psa_error_t) status); } -static void psa_mac_operation( void ) +static void psa_mac_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_MAC, &msg ); + psa_get(PSA_MAC, &msg); - switch ( msg.type ) - { - case PSA_IPC_CONNECT: - { - psa_mac_operation_t *psa_operation = mbedtls_calloc( 1, sizeof( psa_mac_operation_t ) ); - if( psa_operation == NULL ) - { + switch (msg.type) { + case PSA_IPC_CONNECT: { + psa_mac_operation_t *psa_operation = mbedtls_calloc(1, sizeof(psa_mac_operation_t)); + if (psa_operation == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - psa_set_rhandle( msg.handle, psa_operation ); + psa_set_rhandle(msg.handle, psa_operation); break; } - case PSA_IPC_CALL: - { + case PSA_IPC_CALL: { uint32_t bytes_read; psa_crypto_ipc_t psa_crypto = { 0 }; - if( msg.in_size[0] != sizeof( psa_crypto_ipc_t ) ) - { + if (msg.in_size[0] != sizeof(psa_crypto_ipc_t)) { status = PSA_ERROR_COMMUNICATION_FAILURE; break; } - bytes_read = psa_read( msg.handle, 0, &psa_crypto, msg.in_size[0] ); + bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if( bytes_read != msg.in_size[0] ) - { + if (bytes_read != msg.in_size[0]) { SPM_PANIC("SPM read length mismatch"); } - switch( psa_crypto.func ) - { - case PSA_MAC_SIGN_SETUP: - { - status = psa_mac_sign_setup( msg.rhandle, - psa_crypto.key, - psa_crypto.alg ); + switch (psa_crypto.func) { + case PSA_MAC_SIGN_SETUP: { + status = psa_mac_sign_setup(msg.rhandle, + psa_crypto.key, + psa_crypto.alg); break; } - case PSA_MAC_VERIFY_SETUP: - { - status = psa_mac_verify_setup( msg.rhandle, - psa_crypto.key, - psa_crypto.alg ); + case PSA_MAC_VERIFY_SETUP: { + status = psa_mac_verify_setup(msg.rhandle, + psa_crypto.key, + psa_crypto.alg); break; } - case PSA_MAC_UPDATE: - { - uint8_t *input_ptr = mbedtls_calloc( 1, msg.in_size[1] ); - if( input_ptr == NULL ) - { + case PSA_MAC_UPDATE: { + uint8_t *input_ptr = mbedtls_calloc(1, msg.in_size[1]); + if (input_ptr == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, input_ptr, - msg.in_size[1] ); + bytes_read = psa_read(msg.handle, 1, input_ptr, + msg.in_size[1]); - if( bytes_read != msg.in_size[1] ) - { + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_mac_update( msg.rhandle, + status = psa_mac_update(msg.rhandle, input_ptr, - msg.in_size[1] ); + msg.in_size[1]); - mbedtls_free( input_ptr ); + mbedtls_free(input_ptr); break; } - case PSA_MAC_SIGN_FINISH: - { + case PSA_MAC_SIGN_FINISH: { size_t mac_size = 0; - bytes_read = psa_read( msg.handle, 1, &mac_size, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, &mac_size, + msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } size_t mac_length = 0; - uint8_t *mac = mbedtls_calloc( 1, mac_size ); - if( mac == NULL ) - { + uint8_t *mac = mbedtls_calloc(1, mac_size); + if (mac == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - status = psa_mac_sign_finish( msg.rhandle, mac, mac_size, - &mac_length ); + status = psa_mac_sign_finish(msg.rhandle, mac, mac_size, + &mac_length); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, mac, mac_length ); - psa_write( msg.handle, 1, &mac_length, - sizeof( mac_length ) ); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, mac, mac_length); + psa_write(msg.handle, 1, &mac_length, + sizeof(mac_length)); } - mbedtls_free( mac ); + mbedtls_free(mac); break; } - case PSA_MAC_VERIFY_FINISH: - { + case PSA_MAC_VERIFY_FINISH: { size_t mac_length = 0; - bytes_read = psa_read( msg.handle, 1, &mac_length, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] || - mac_length != msg.in_size[2] ) - { + bytes_read = psa_read(msg.handle, 1, &mac_length, + msg.in_size[1]); + if (bytes_read != msg.in_size[1] || + mac_length != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - uint8_t *mac = mbedtls_calloc( 1, mac_length ); - if( mac == NULL ) - { + uint8_t *mac = mbedtls_calloc(1, mac_length); + if (mac == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 2, mac, msg.in_size[2] ); - if( bytes_read != msg.in_size[2] ) - { + bytes_read = psa_read(msg.handle, 2, mac, msg.in_size[2]); + if (bytes_read != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_mac_verify_finish( msg.rhandle, mac, mac_length ); - mbedtls_free( mac ); + status = psa_mac_verify_finish(msg.rhandle, mac, mac_length); + mbedtls_free(mac); break; } - case PSA_MAC_ABORT: - { - status = psa_mac_abort( msg.rhandle ); + case PSA_MAC_ABORT: { + status = psa_mac_abort(msg.rhandle); break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } @@ -236,194 +208,168 @@ static void psa_mac_operation( void ) } break; } - case PSA_IPC_DISCONNECT: - { - psa_mac_abort( msg.rhandle ); - if( msg.rhandle != NULL ) - mbedtls_free( msg.rhandle ); + case PSA_IPC_DISCONNECT: { + psa_mac_abort(msg.rhandle); + if (msg.rhandle != NULL) { + mbedtls_free(msg.rhandle); + } break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } - psa_reply( msg.handle, ( psa_error_t ) status ); + psa_reply(msg.handle, (psa_error_t) status); } -static void psa_hash_operation( void ) +static void psa_hash_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_HASH, &msg ); + psa_get(PSA_HASH, &msg); - switch ( msg.type ) - { - case PSA_IPC_CONNECT: - { - psa_hash_operation_t *psa_operation = mbedtls_calloc( 1, sizeof( psa_hash_operation_t ) ); - if( psa_operation == NULL ) - { + switch (msg.type) { + case PSA_IPC_CONNECT: { + psa_hash_operation_t *psa_operation = mbedtls_calloc(1, sizeof(psa_hash_operation_t)); + if (psa_operation == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - psa_set_rhandle( msg.handle, psa_operation ); + psa_set_rhandle(msg.handle, psa_operation); break; } - case PSA_IPC_CALL: - { + case PSA_IPC_CALL: { uint32_t bytes_read = 0; psa_crypto_ipc_t psa_crypto = {0}; - if( msg.in_size[0] != sizeof( psa_crypto_ipc_t ) ) - { + if (msg.in_size[0] != sizeof(psa_crypto_ipc_t)) { status = PSA_ERROR_COMMUNICATION_FAILURE; break; } - bytes_read = psa_read( msg.handle, 0, &psa_crypto, msg.in_size[0] ); + bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if( bytes_read != msg.in_size[0] ) - { + if (bytes_read != msg.in_size[0]) { SPM_PANIC("SPM read length mismatch"); } - switch( psa_crypto.func ) - { - case PSA_HASH_SETUP: - { - status = psa_hash_setup( msg.rhandle, - psa_crypto.alg ); + switch (psa_crypto.func) { + case PSA_HASH_SETUP: { + status = psa_hash_setup(msg.rhandle, + psa_crypto.alg); break; } - case PSA_HASH_UPDATE: - { - uint8_t *input_ptr = mbedtls_calloc( 1, msg.in_size[1] ); - if( input_ptr == NULL ) - { + case PSA_HASH_UPDATE: { + uint8_t *input_ptr = mbedtls_calloc(1, msg.in_size[1]); + if (input_ptr == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, input_ptr, - msg.in_size[1] ); + bytes_read = psa_read(msg.handle, 1, input_ptr, + msg.in_size[1]); - if( bytes_read != msg.in_size[1] ) - { + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_hash_update( msg.rhandle, - input_ptr, - msg.in_size[1] ); - mbedtls_free( input_ptr ); + status = psa_hash_update(msg.rhandle, + input_ptr, + msg.in_size[1]); + mbedtls_free(input_ptr); break; } - case PSA_HASH_FINISH: - { + case PSA_HASH_FINISH: { size_t hash_size = 0; - bytes_read = psa_read( msg.handle, 1, &hash_size, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, &hash_size, + msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } size_t hash_length = 0; - uint8_t *hash = mbedtls_calloc( 1, hash_size ); - if( hash == NULL ) - { + uint8_t *hash = mbedtls_calloc(1, hash_size); + if (hash == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - status = psa_hash_finish( msg.rhandle, hash, hash_size, - &hash_length ); + status = psa_hash_finish(msg.rhandle, hash, hash_size, + &hash_length); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, hash, hash_length ); - psa_write( msg.handle, 1, &hash_length, - sizeof( hash_length ) ); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, hash, hash_length); + psa_write(msg.handle, 1, &hash_length, + sizeof(hash_length)); } - mbedtls_free( hash ); + mbedtls_free(hash); break; } - case PSA_HASH_VERIFY: - { + case PSA_HASH_VERIFY: { size_t hash_length = 0; - bytes_read = psa_read( msg.handle, 1, &hash_length, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] || - hash_length != msg.in_size[2] ) - { + bytes_read = psa_read(msg.handle, 1, &hash_length, + msg.in_size[1]); + if (bytes_read != msg.in_size[1] || + hash_length != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - uint8_t *hash = mbedtls_calloc( 1, hash_length ); - if( hash == NULL ) - { + uint8_t *hash = mbedtls_calloc(1, hash_length); + if (hash == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 2, hash, msg.in_size[2] ); - if( bytes_read != msg.in_size[2] ) - { + bytes_read = psa_read(msg.handle, 2, hash, msg.in_size[2]); + if (bytes_read != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_hash_verify( msg.rhandle, hash, hash_length ); - mbedtls_free( hash ); + status = psa_hash_verify(msg.rhandle, hash, hash_length); + mbedtls_free(hash); break; } - case PSA_HASH_ABORT: - { - status = psa_hash_abort( msg.rhandle ); + case PSA_HASH_ABORT: { + status = psa_hash_abort(msg.rhandle); break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } break; } - case PSA_IPC_DISCONNECT: - { - psa_hash_abort( msg.rhandle ); - if( msg.rhandle != NULL ) - mbedtls_free( msg.rhandle ); + case PSA_IPC_DISCONNECT: { + psa_hash_abort(msg.rhandle); + if (msg.rhandle != NULL) { + mbedtls_free(msg.rhandle); + } break; } - default: - { + default: { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } } - psa_reply( msg.handle, status ); + psa_reply(msg.handle, status); } -static void psa_asymmetric_operation( void ) +static void psa_asymmetric_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_ASYMMETRIC, &msg ); + psa_get(PSA_ASYMMETRIC, &msg); - switch ( msg.type ) - { + switch (msg.type) { case PSA_IPC_CONNECT: break; - case PSA_IPC_CALL: - { - if( msg.in_size[0] != sizeof( psa_crypto_ipc_asymmetric_t ) ) - { + case PSA_IPC_CALL: { + if (msg.in_size[0] != sizeof(psa_crypto_ipc_asymmetric_t)) { status = PSA_ERROR_COMMUNICATION_FAILURE; break; } @@ -431,166 +377,153 @@ static void psa_asymmetric_operation( void ) uint32_t bytes_read = 0; psa_crypto_ipc_asymmetric_t psa_crypto = {0}; - bytes_read = psa_read( msg.handle, 0, &psa_crypto, msg.in_size[0] ); + bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if( bytes_read != msg.in_size[0] ) - { + if (bytes_read != msg.in_size[0]) { SPM_PANIC("SPM read length mismatch"); } - switch( psa_crypto.func ) - { - case PSA_ASYMMETRIC_SIGN: - { + switch (psa_crypto.func) { + case PSA_ASYMMETRIC_SIGN: { uint8_t *signature; uint8_t *hash; size_t signature_length = 0; - signature = mbedtls_calloc( 1, msg.out_size[0] ); - if( signature == NULL ) - { + signature = mbedtls_calloc(1, msg.out_size[0]); + if (signature == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - hash = mbedtls_calloc( 1, msg.in_size[1] ); - if( hash == NULL ) - { + hash = mbedtls_calloc(1, msg.in_size[1]); + if (hash == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; - mbedtls_free( signature ); + mbedtls_free(signature); break; } - bytes_read = psa_read( msg.handle, 1, - hash, msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, + hash, msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_asymmetric_sign( psa_crypto.key, - psa_crypto.alg, - hash, - msg.in_size[1], - signature, - msg.out_size[0], - &signature_length ); + status = psa_asymmetric_sign(psa_crypto.key, + psa_crypto.alg, + hash, + msg.in_size[1], + signature, + msg.out_size[0], + &signature_length); - if( status == PSA_SUCCESS ) - psa_write( msg.handle, 0, signature, signature_length ); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, signature, signature_length); + } - psa_write( msg.handle, 1, - &signature_length, sizeof( signature_length ) ); - mbedtls_free( signature ); + psa_write(msg.handle, 1, + &signature_length, sizeof(signature_length)); + mbedtls_free(signature); break; } - case PSA_ASYMMETRIC_VERIFY: - { + case PSA_ASYMMETRIC_VERIFY: { uint8_t *signature; uint8_t *hash; - signature = mbedtls_calloc( 1, msg.in_size[1] ); - if( signature == NULL ) - { + signature = mbedtls_calloc(1, msg.in_size[1]); + if (signature == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, - signature, msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, + signature, msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - hash = mbedtls_calloc( 1, msg.in_size[2] ); - if( hash == NULL ) - { + hash = mbedtls_calloc(1, msg.in_size[2]); + if (hash == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 2, - hash, msg.in_size[2] ); - if( bytes_read != msg.in_size[2] ) - { + bytes_read = psa_read(msg.handle, 2, + hash, msg.in_size[2]); + if (bytes_read != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_asymmetric_verify( psa_crypto.key, - psa_crypto.alg, - hash, - msg.in_size[2], - signature, - msg.in_size[1] ); - mbedtls_free( signature ); - mbedtls_free( hash ); + status = psa_asymmetric_verify(psa_crypto.key, + psa_crypto.alg, + hash, + msg.in_size[2], + signature, + msg.in_size[1]); + mbedtls_free(signature); + mbedtls_free(hash); break; } case PSA_ASYMMETRIC_ENCRYPT: - case PSA_ASYMMETRIC_DECRYPT: - { + case PSA_ASYMMETRIC_DECRYPT: { uint8_t *input; uint8_t *salt; uint8_t *output; size_t output_length = 0; - uint8_t *buffer = mbedtls_calloc( 1, msg.in_size[1] ); - if( buffer == NULL ) - { + uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]); + if (buffer == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, buffer, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, buffer, + msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } input = buffer; salt = buffer + psa_crypto.input_length; - output = mbedtls_calloc( 1, msg.out_size[0] ); - if( output == NULL ) - { + output = mbedtls_calloc(1, msg.out_size[0]); + if (output == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; - mbedtls_free( buffer ); + mbedtls_free(buffer); break; } - if( psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT ) - status = psa_asymmetric_encrypt( psa_crypto.key, - psa_crypto.alg, - input, - psa_crypto.input_length, - salt, - psa_crypto.salt_length, - output, - msg.out_size[0], - &output_length ); + if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT) + status = psa_asymmetric_encrypt(psa_crypto.key, + psa_crypto.alg, + input, + psa_crypto.input_length, + salt, + psa_crypto.salt_length, + output, + msg.out_size[0], + &output_length); else - status = psa_asymmetric_decrypt( psa_crypto.key, - psa_crypto.alg, - input, - psa_crypto.input_length, - salt, - psa_crypto.salt_length, - output, - msg.out_size[0], - &output_length ); + status = psa_asymmetric_decrypt(psa_crypto.key, + psa_crypto.alg, + input, + psa_crypto.input_length, + salt, + psa_crypto.salt_length, + output, + msg.out_size[0], + &output_length); - if( status == PSA_SUCCESS ) - psa_write( msg.handle, 0, output, output_length ); - psa_write( msg.handle, 1, - &output_length, sizeof( output_length ) ); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + } + psa_write(msg.handle, 1, + &output_length, sizeof(output_length)); - mbedtls_free( output ); - mbedtls_free( buffer ); + mbedtls_free(output); + mbedtls_free(buffer); break; } break; default: - status = PSA_ERROR_NOT_SUPPORTED; + status = PSA_ERROR_NOT_SUPPORTED; } } case PSA_IPC_DISCONNECT: @@ -599,24 +532,21 @@ static void psa_asymmetric_operation( void ) default: status = PSA_ERROR_NOT_SUPPORTED; } - psa_reply( msg.handle, ( psa_error_t ) status ); + psa_reply(msg.handle, (psa_error_t) status); } static void psa_aead_operation() { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_AEAD, &msg ); + psa_get(PSA_AEAD, &msg); - switch ( msg.type ) - { + switch (msg.type) { case PSA_IPC_CONNECT: break; - case PSA_IPC_CALL: - { - if( msg.in_size[0] != sizeof( psa_crypto_ipc_aead_t ) ) - { + case PSA_IPC_CALL: { + if (msg.in_size[0] != sizeof(psa_crypto_ipc_aead_t)) { status = PSA_ERROR_COMMUNICATION_FAILURE; break; } @@ -624,85 +554,78 @@ static void psa_aead_operation() uint32_t bytes_read = 0; psa_crypto_ipc_aead_t psa_crypto = {0}; - bytes_read = psa_read( msg.handle, 0, &psa_crypto, msg.in_size[0] ); + bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]); - if( bytes_read != msg.in_size[0] ) - { + if (bytes_read != msg.in_size[0]) { SPM_PANIC("SPM read length mismatch"); } - switch( psa_crypto.func ) - { + switch (psa_crypto.func) { case PSA_AEAD_ENCRYPT: - case PSA_AEAD_DECRYPT: - { + case PSA_AEAD_DECRYPT: { uint8_t *input; uint8_t *additional_data; uint8_t *output; size_t output_length = 0; - uint8_t *buffer = mbedtls_calloc( 1, msg.in_size[1] ); - if( buffer == NULL ) - { + uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]); + if (buffer == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, buffer, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, buffer, + msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } additional_data = buffer; input = buffer + psa_crypto.additional_data_length; - output = mbedtls_calloc( 1, msg.out_size[0] ); - if( output == NULL ) - { - mbedtls_free( buffer ); + output = mbedtls_calloc(1, msg.out_size[0]); + if (output == NULL) { + mbedtls_free(buffer); status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - if( psa_crypto.func == PSA_AEAD_ENCRYPT ) - status = psa_aead_encrypt( psa_crypto.key, - psa_crypto.alg, - psa_crypto.nonce, - ( size_t )psa_crypto.nonce_size, - additional_data, - psa_crypto.additional_data_length, - input, - psa_crypto.input_length, - output, - msg.out_size[0], - &output_length ); + if (psa_crypto.func == PSA_AEAD_ENCRYPT) + status = psa_aead_encrypt(psa_crypto.key, + psa_crypto.alg, + psa_crypto.nonce, + (size_t)psa_crypto.nonce_size, + additional_data, + psa_crypto.additional_data_length, + input, + psa_crypto.input_length, + output, + msg.out_size[0], + &output_length); else - status = psa_aead_decrypt( psa_crypto.key, - psa_crypto.alg, - psa_crypto.nonce, - ( size_t )psa_crypto.nonce_size, - additional_data, - psa_crypto.additional_data_length, - input, - psa_crypto.input_length, - output, - msg.out_size[0], - &output_length ); + status = psa_aead_decrypt(psa_crypto.key, + psa_crypto.alg, + psa_crypto.nonce, + (size_t)psa_crypto.nonce_size, + additional_data, + psa_crypto.additional_data_length, + input, + psa_crypto.input_length, + output, + msg.out_size[0], + &output_length); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, output, output_length ); - psa_write( msg.handle, 1, - &output_length, sizeof( output_length ) ); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + psa_write(msg.handle, 1, + &output_length, sizeof(output_length)); } - mbedtls_free( buffer ); - mbedtls_free( output ); + mbedtls_free(buffer); + mbedtls_free(output); break; } - default: - status = PSA_ERROR_NOT_SUPPORTED; - break; + default: + status = PSA_ERROR_NOT_SUPPORTED; + break; } break; } @@ -712,464 +635,403 @@ static void psa_aead_operation() default: status = PSA_ERROR_NOT_SUPPORTED; } - psa_reply( msg.handle, ( psa_error_t ) status ); + psa_reply(msg.handle, (psa_error_t) status); } -static void psa_symmetric_operation( void ) +static void psa_symmetric_operation(void) { psa_status_t status = PSA_SUCCESS; psa_msg_t msg = { 0 }; - psa_get( PSA_SYMMETRIC, &msg ); + psa_get(PSA_SYMMETRIC, &msg); - switch ( msg.type ) - { - case PSA_IPC_CONNECT: - { + switch (msg.type) { + case PSA_IPC_CONNECT: { psa_cipher_operation_t *psa_operation = - mbedtls_calloc( 1, sizeof( psa_cipher_operation_t ) ); - if( psa_operation == NULL ) - { + mbedtls_calloc(1, sizeof(psa_cipher_operation_t)); + if (psa_operation == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - psa_set_rhandle( msg.handle, psa_operation ); + psa_set_rhandle(msg.handle, psa_operation); break; } - case PSA_IPC_CALL: - { + case PSA_IPC_CALL: { uint32_t bytes_read; psa_crypto_ipc_t psa_crypto_ipc = { 0 }; - if( msg.in_size[0] != sizeof( psa_crypto_ipc_t ) ) - { + if (msg.in_size[0] != sizeof(psa_crypto_ipc_t)) { status = PSA_ERROR_COMMUNICATION_FAILURE; break; } - bytes_read = psa_read( msg.handle, 0, &psa_crypto_ipc, - msg.in_size[0] ); - if( bytes_read != msg.in_size[0] ) - { + bytes_read = psa_read(msg.handle, 0, &psa_crypto_ipc, + msg.in_size[0]); + if (bytes_read != msg.in_size[0]) { SPM_PANIC("SPM read length mismatch"); } - switch ( psa_crypto_ipc.func ) - { - case PSA_CIPHER_ENCRYPT_SETUP: - { - status = psa_cipher_encrypt_setup( msg.rhandle, - psa_crypto_ipc.key, - psa_crypto_ipc.alg ); + switch (psa_crypto_ipc.func) { + case PSA_CIPHER_ENCRYPT_SETUP: { + status = psa_cipher_encrypt_setup(msg.rhandle, + psa_crypto_ipc.key, + psa_crypto_ipc.alg); break; } - case PSA_CIPHER_DECRYPT_SETUP: - { - status = psa_cipher_decrypt_setup( msg.rhandle, - psa_crypto_ipc.key, - psa_crypto_ipc.alg ); + case PSA_CIPHER_DECRYPT_SETUP: { + status = psa_cipher_decrypt_setup(msg.rhandle, + psa_crypto_ipc.key, + psa_crypto_ipc.alg); break; } - case PSA_CIPHER_GENERATE_IV: - { + case PSA_CIPHER_GENERATE_IV: { size_t iv_length = 0; size_t iv_size = msg.out_size[0]; unsigned char iv[PSA_AEAD_MAX_NONCE_SIZE] = { 0 }; - status = psa_cipher_generate_iv( msg.rhandle, iv, - iv_size, &iv_length ); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, iv, iv_length ); - psa_write( msg.handle, 1, &iv_length, - sizeof( iv_length ) ); + status = psa_cipher_generate_iv(msg.rhandle, iv, + iv_size, &iv_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, iv, iv_length); + psa_write(msg.handle, 1, &iv_length, + sizeof(iv_length)); } break; } - case PSA_CIPHER_SET_IV: - { + case PSA_CIPHER_SET_IV: { size_t iv_length = msg.in_size[1]; unsigned char iv[PSA_AEAD_MAX_NONCE_SIZE] = { 0 }; - bytes_read = psa_read( msg.handle, 1, iv, iv_length ); - if( bytes_read != iv_length ) - { + bytes_read = psa_read(msg.handle, 1, iv, iv_length); + if (bytes_read != iv_length) { SPM_PANIC("SPM read length mismatch"); } - status = psa_cipher_set_iv( msg.rhandle, iv, iv_length ); + status = psa_cipher_set_iv(msg.rhandle, iv, iv_length); break; } - case PSA_CIPHER_UPDATE: - { + case PSA_CIPHER_UPDATE: { size_t input_length = msg.in_size[1]; size_t output_size = msg.out_size[0]; size_t output_length = 0; uint8_t *input; unsigned char *output; - input = mbedtls_calloc( 1, input_length ); - if( input == NULL ) - { + input = mbedtls_calloc(1, input_length); + if (input == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, input, - input_length ); - if( bytes_read != input_length ) - { + bytes_read = psa_read(msg.handle, 1, input, + input_length); + if (bytes_read != input_length) { SPM_PANIC("SPM read length mismatch"); } - output = mbedtls_calloc( 1, output_size ); - if( output == NULL ) - { - mbedtls_free( input ); + output = mbedtls_calloc(1, output_size); + if (output == NULL) { + mbedtls_free(input); status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - status = psa_cipher_update( msg.rhandle, input, - input_length, output, output_size, &output_length ); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, output, output_length ); - psa_write( msg.handle, 1, - &output_length, sizeof( output_length ) ); + status = psa_cipher_update(msg.rhandle, input, + input_length, output, output_size, &output_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + psa_write(msg.handle, 1, + &output_length, sizeof(output_length)); } - mbedtls_free( input ); - mbedtls_free( output ); + mbedtls_free(input); + mbedtls_free(output); break; } - case PSA_CIPHER_FINISH: - { + case PSA_CIPHER_FINISH: { uint8_t *output; size_t output_size = msg.out_size[0]; size_t output_length = 0; - output = mbedtls_calloc( 1, output_size ); - if( output == NULL ) - { + output = mbedtls_calloc(1, output_size); + if (output == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - status = psa_cipher_finish( msg.rhandle, output, - output_size, &output_length ); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, output, output_length ); - psa_write( msg.handle, 1, - &output_length, sizeof( output_length ) ); + status = psa_cipher_finish(msg.rhandle, output, + output_size, &output_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + psa_write(msg.handle, 1, + &output_length, sizeof(output_length)); } - mbedtls_free( output ); + mbedtls_free(output); break; } - case PSA_CIPHER_ABORT: - { - status = psa_cipher_abort( msg.rhandle ); + case PSA_CIPHER_ABORT: { + status = psa_cipher_abort(msg.rhandle); break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } break; } - case PSA_IPC_DISCONNECT: - { - psa_cipher_abort( msg.rhandle ); - if( msg.rhandle != NULL ) - mbedtls_free( msg.rhandle ); + case PSA_IPC_DISCONNECT: { + psa_cipher_abort(msg.rhandle); + if (msg.rhandle != NULL) { + mbedtls_free(msg.rhandle); + } break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } - psa_reply( msg.handle, ( psa_error_t ) status ); + psa_reply(msg.handle, (psa_error_t) status); } -static void psa_key_management_operation( void ) +static void psa_key_management_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_KEY_MNG, &msg ); + psa_get(PSA_KEY_MNG, &msg); - switch ( msg.type ) - { - case PSA_IPC_CONNECT: - { - break; /* do nothing*/ + switch (msg.type) { + case PSA_IPC_CONNECT: { + break; /* do nothing*/ + } + + case PSA_IPC_CALL: { + if (msg.in_size[0] != sizeof(psa_key_mng_ipc_t)) { + status = PSA_ERROR_COMMUNICATION_FAILURE; + break; } - case PSA_IPC_CALL: - { - if( msg.in_size[0] != sizeof( psa_key_mng_ipc_t ) ) - { - status = PSA_ERROR_COMMUNICATION_FAILURE; + uint32_t bytes_read = 0; + psa_key_mng_ipc_t psa_key_mng = {0}; + + bytes_read = psa_read(msg.handle, 0, + &psa_key_mng, msg.in_size[0]); + + if (bytes_read != msg.in_size[0]) { + SPM_PANIC("SPM read length mismatch"); + } + + switch (psa_key_mng.func) { + case PSA_GET_KEY_LIFETIME: { + size_t lifetime_length = msg.out_size[0]; + psa_key_lifetime_t lifetime; + + status = psa_get_key_lifetime(psa_key_mng.key, + &lifetime); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, + &lifetime, lifetime_length); + } break; } + case PSA_SET_KEY_LIFETIME: { + size_t lifetime_length = msg.in_size[1]; + psa_key_lifetime_t lifetime; - uint32_t bytes_read = 0; - psa_key_mng_ipc_t psa_key_mng = {0}; - - bytes_read = psa_read( msg.handle, 0, - &psa_key_mng, msg.in_size[0] ); - - if( bytes_read != msg.in_size[0] ) - { - SPM_PANIC("SPM read length mismatch"); + bytes_read = psa_read(msg.handle, 1, + &lifetime, lifetime_length); + if (bytes_read != lifetime_length) { + SPM_PANIC("SPM read length mismatch"); + } + status = psa_set_key_lifetime(psa_key_mng.key, lifetime); + break; } + case PSA_SET_KEY_POLICY: { + size_t policy_length = msg.in_size[1]; + psa_key_policy_t policy; - switch( psa_key_mng.func ) - { - case PSA_GET_KEY_LIFETIME: - { - size_t lifetime_length = msg.out_size[0]; - psa_key_lifetime_t lifetime; - - status = psa_get_key_lifetime( psa_key_mng.key, - &lifetime ); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, - &lifetime, lifetime_length ); - } - break; - } - case PSA_SET_KEY_LIFETIME: - { - size_t lifetime_length = msg.in_size[1]; - psa_key_lifetime_t lifetime; - - bytes_read = psa_read( msg.handle, 1, - &lifetime, lifetime_length ); - if( bytes_read != lifetime_length ) - { - SPM_PANIC("SPM read length mismatch"); - } - status = psa_set_key_lifetime( psa_key_mng.key, lifetime ); - break; - } - case PSA_SET_KEY_POLICY: - { - size_t policy_length = msg.in_size[1]; - psa_key_policy_t policy; - - bytes_read = psa_read( msg.handle, 1, - &policy, policy_length ); - if( bytes_read != policy_length ) - { - SPM_PANIC("SPM read length mismatch"); - } - status = psa_set_key_policy( psa_key_mng.key, &policy); - break; - } - case PSA_GET_KEY_POLICY: - { - size_t policy_size = msg.out_size[0]; - psa_key_policy_t policy; - - status = psa_get_key_policy( psa_key_mng.key, &policy ); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, &policy, policy_size ); - } - break; - } - case PSA_IMPORT_KEY: - { - size_t key_length = msg.in_size[1]; - uint8_t *key = mbedtls_calloc( 1, key_length ); - if( key == NULL ) - { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - - bytes_read = psa_read( msg.handle, 1, key, key_length ); - if( bytes_read != key_length ) - { - SPM_PANIC("SPM read length mismatch"); - } - status = psa_import_key( psa_key_mng.key, - psa_key_mng.type, - key, key_length ); - mbedtls_free( key ); - break; - } - case PSA_DESTROY_KEY: - { - status = psa_destroy_key( psa_key_mng.key ); - break; - } - case PSA_GET_KEY_INFORMATION: - { - psa_key_type_t type; - size_t bits; - status = psa_get_key_information( psa_key_mng.key, - &type, &bits ); - if( status == PSA_SUCCESS ) - { - if( msg.out_size[0] >= sizeof( psa_key_type_t ) ) - psa_write( msg.handle, 0, - &type, sizeof( psa_key_type_t ) ); - if( msg.out_size[1] >= sizeof( size_t ) ) - psa_write( msg.handle, 1, &bits, sizeof( size_t ) ); - } - break; - } - case PSA_EXPORT_KEY: - { - size_t key_length = msg.out_size[0]; - size_t data_length; - uint8_t *key = mbedtls_calloc( 1, key_length ); - if ( key == NULL ) - { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - - status = psa_export_key( psa_key_mng.key, key, - key_length, &data_length ); - if( status == PSA_SUCCESS ) - psa_write( msg.handle, 0, key, data_length ); - - psa_write( msg.handle, 1, - &data_length, sizeof( size_t ) ); - mbedtls_free( key ); - break; - } - case PSA_EXPORT_PUBLIC_KEY: - { - size_t key_length = msg.out_size[0]; - size_t data_length; - uint8_t *key = mbedtls_calloc( 1, key_length ); - if ( key == NULL ) - { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - - status = psa_export_public_key( psa_key_mng.key, key, - key_length, &data_length ); - if( status == PSA_SUCCESS ) - psa_write( msg.handle, 0, key, data_length ); - - psa_write( msg.handle, 1, - &data_length, sizeof( size_t ) ); - mbedtls_free( key ); - break; - } - case PSA_GENERATE_KEY: - { - size_t bits; - size_t bits_size = msg.in_size[1]; - size_t parameter_size = msg.in_size[2]; - uint8_t *parameter = NULL; - - bytes_read = psa_read( msg.handle, 1, &bits, bits_size ); - if( bytes_read != bits_size ) - { - SPM_PANIC("SPM read length mismatch"); - } - if ( PSA_KEY_TYPE_RSA_KEYPAIR == psa_key_mng.type && - parameter_size != 0 ) - { - parameter = mbedtls_calloc( 1, parameter_size ); - if( parameter == NULL ) - { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - - - bytes_read = psa_read( msg.handle, 2, - parameter, parameter_size ); - - if( bytes_read != parameter_size ) - { - SPM_PANIC("SPM read length mismatch"); - } - } - status = psa_generate_key( psa_key_mng.key, - psa_key_mng.type, - bits, - parameter, parameter_size ); - mbedtls_free( parameter ); - - break; - } - default: - { - status = PSA_ERROR_NOT_SUPPORTED; - break; + bytes_read = psa_read(msg.handle, 1, + &policy, policy_length); + if (bytes_read != policy_length) { + SPM_PANIC("SPM read length mismatch"); } + status = psa_set_key_policy(psa_key_mng.key, &policy); + break; + } + case PSA_GET_KEY_POLICY: { + size_t policy_size = msg.out_size[0]; + psa_key_policy_t policy; + + status = psa_get_key_policy(psa_key_mng.key, &policy); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, &policy, policy_size); + } + break; + } + case PSA_IMPORT_KEY: { + size_t key_length = msg.in_size[1]; + uint8_t *key = mbedtls_calloc(1, key_length); + if (key == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } + + bytes_read = psa_read(msg.handle, 1, key, key_length); + if (bytes_read != key_length) { + SPM_PANIC("SPM read length mismatch"); + } + status = psa_import_key(psa_key_mng.key, + psa_key_mng.type, + key, key_length); + mbedtls_free(key); + break; + } + case PSA_DESTROY_KEY: { + status = psa_destroy_key(psa_key_mng.key); + break; + } + case PSA_GET_KEY_INFORMATION: { + psa_key_type_t type; + size_t bits; + status = psa_get_key_information(psa_key_mng.key, + &type, &bits); + if (status == PSA_SUCCESS) { + if (msg.out_size[0] >= sizeof(psa_key_type_t)) + psa_write(msg.handle, 0, + &type, sizeof(psa_key_type_t)); + if (msg.out_size[1] >= sizeof(size_t)) { + psa_write(msg.handle, 1, &bits, sizeof(size_t)); + } + } + break; + } + case PSA_EXPORT_KEY: { + size_t key_length = msg.out_size[0]; + size_t data_length; + uint8_t *key = mbedtls_calloc(1, key_length); + if (key == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } + + status = psa_export_key(psa_key_mng.key, key, + key_length, &data_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, key, data_length); + } + + psa_write(msg.handle, 1, + &data_length, sizeof(size_t)); + mbedtls_free(key); + break; + } + case PSA_EXPORT_PUBLIC_KEY: { + size_t key_length = msg.out_size[0]; + size_t data_length; + uint8_t *key = mbedtls_calloc(1, key_length); + if (key == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } + + status = psa_export_public_key(psa_key_mng.key, key, + key_length, &data_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, key, data_length); + } + + psa_write(msg.handle, 1, + &data_length, sizeof(size_t)); + mbedtls_free(key); + break; + } + case PSA_GENERATE_KEY: { + size_t bits; + size_t bits_size = msg.in_size[1]; + size_t parameter_size = msg.in_size[2]; + uint8_t *parameter = NULL; + + bytes_read = psa_read(msg.handle, 1, &bits, bits_size); + if (bytes_read != bits_size) { + SPM_PANIC("SPM read length mismatch"); + } + if (PSA_KEY_TYPE_RSA_KEYPAIR == psa_key_mng.type && + parameter_size != 0) { + parameter = mbedtls_calloc(1, parameter_size); + if (parameter == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } + + + bytes_read = psa_read(msg.handle, 2, + parameter, parameter_size); + + if (bytes_read != parameter_size) { + SPM_PANIC("SPM read length mismatch"); + } + } + status = psa_generate_key(psa_key_mng.key, + psa_key_mng.type, + bits, + parameter, parameter_size); + mbedtls_free(parameter); + + break; + } + default: { + status = PSA_ERROR_NOT_SUPPORTED; + break; } - break; - } - case PSA_IPC_DISCONNECT: - { - break; /* do nothing*/ - } - default: - { - status = PSA_ERROR_NOT_SUPPORTED; - break; } + break; } - psa_reply( msg.handle, status ); + case PSA_IPC_DISCONNECT: { + break; /* do nothing*/ + } + default: { + status = PSA_ERROR_NOT_SUPPORTED; + break; + } + } + psa_reply(msg.handle, status); } -static void psa_entropy_operation( void ) +static void psa_entropy_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_ENTROPY_INJECT, &msg ); + psa_get(PSA_ENTROPY_INJECT, &msg); #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) - switch ( msg.type ) - { - case PSA_IPC_CONNECT: - { + switch (msg.type) { + case PSA_IPC_CONNECT: { break; /* do nothing */ } - case PSA_IPC_CALL: - { + case PSA_IPC_CALL: { uint32_t bytes_read; size_t seed_size = msg.in_size[0]; - if( MBEDTLS_ENTROPY_MAX_SEED_SIZE < seed_size ) - { + if (MBEDTLS_ENTROPY_MAX_SEED_SIZE < seed_size) { status = PSA_ERROR_INVALID_ARGUMENT; break; } - unsigned char *seed = mbedtls_calloc( 1, seed_size ); - if( seed == NULL ) - { + unsigned char *seed = mbedtls_calloc(1, seed_size); + if (seed == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 0, seed, seed_size ); - if( bytes_read != seed_size ) - { + bytes_read = psa_read(msg.handle, 0, seed, seed_size); + if (bytes_read != seed_size) { SPM_PANIC("SPM read length mismatch"); } - status = mbedtls_psa_inject_entropy( seed, seed_size ); - mbedtls_free( seed ); + status = mbedtls_psa_inject_entropy(seed, seed_size); + mbedtls_free(seed); break; } - case PSA_IPC_DISCONNECT: - { + case PSA_IPC_DISCONNECT: { break; /* do nothing */ } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } @@ -1177,243 +1039,213 @@ static void psa_entropy_operation( void ) #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_ENTROPY_NV_SEED && MBEDTLS_PSA_HAS_ITS_IO*/ - psa_reply( msg.handle, status ); + psa_reply(msg.handle, status); } -static void psa_rng_operation( void ) +static void psa_rng_operation(void) { psa_msg_t msg = { 0 }; psa_status_t status = PSA_SUCCESS; - psa_get( PSA_RNG, &msg ); + psa_get(PSA_RNG, &msg); - switch ( msg.type ) - { - case PSA_IPC_CONNECT: - { - break; /* do nothing*/ - } - - case PSA_IPC_CALL: - { - size_t random_size = msg.out_size[0]; - unsigned char *random = mbedtls_calloc( 1, random_size ); - if( random == NULL ) - { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - status = psa_generate_random( random, random_size ); - if( status == PSA_SUCCESS ) - { - psa_write( msg.handle, 0, random, random_size ); - } - mbedtls_free( random ); - break; - } - case PSA_IPC_DISCONNECT: - { - break; /* do nothing*/ - } - default: - { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } + switch (msg.type) { + case PSA_IPC_CONNECT: { + break; /* do nothing*/ } - psa_reply( msg.handle, status ); -} - -void psa_crypto_generator_operations( void ) -{ - psa_status_t status = PSA_SUCCESS; - psa_msg_t msg = { 0 }; - - psa_get( PSA_GENERATOR, &msg ); - - switch ( msg.type ) - { - case PSA_IPC_CONNECT: - { - psa_crypto_generator_t *psa_operation = - mbedtls_calloc( 1, sizeof( psa_crypto_generator_t ) ); - if( psa_operation == NULL ) - { + case PSA_IPC_CALL: { + size_t random_size = msg.out_size[0]; + unsigned char *random = mbedtls_calloc(1, random_size); + if (random == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - psa_set_rhandle( msg.handle, psa_operation ); + status = psa_generate_random(random, random_size); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, random, random_size); + } + mbedtls_free(random); break; } - case PSA_IPC_CALL: - { + case PSA_IPC_DISCONNECT: { + break; /* do nothing*/ + } + default: { + status = PSA_ERROR_NOT_SUPPORTED; + break; + } + } + psa_reply(msg.handle, status); +} + + +void psa_crypto_generator_operations(void) +{ + psa_status_t status = PSA_SUCCESS; + psa_msg_t msg = { 0 }; + + psa_get(PSA_GENERATOR, &msg); + + switch (msg.type) { + case PSA_IPC_CONNECT: { + psa_crypto_generator_t *psa_operation = + mbedtls_calloc(1, sizeof(psa_crypto_generator_t)); + if (psa_operation == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } + psa_set_rhandle(msg.handle, psa_operation); + break; + } + case PSA_IPC_CALL: { uint32_t bytes_read; psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0 }; - if( msg.in_size[0] != sizeof( psa_crypto_derivation_ipc_t ) ) - { + if (msg.in_size[0] != sizeof(psa_crypto_derivation_ipc_t)) { status = PSA_ERROR_COMMUNICATION_FAILURE; break; } - bytes_read = psa_read( msg.handle, 0, &psa_crypto_ipc, - msg.in_size[0] ); - if( bytes_read != msg.in_size[0] ) - { + bytes_read = psa_read(msg.handle, 0, &psa_crypto_ipc, + msg.in_size[0]); + if (bytes_read != msg.in_size[0]) { SPM_PANIC("SPM read length mismatch"); } - switch ( psa_crypto_ipc.func ) - { - case PSA_GET_GENERATOR_CAPACITY: - { + switch (psa_crypto_ipc.func) { + case PSA_GET_GENERATOR_CAPACITY: { size_t capacity = 0; - status = psa_get_generator_capacity( msg.rhandle, - &capacity ); - if( status == PSA_SUCCESS ) - psa_write( msg.handle, 0, &capacity, - sizeof( capacity ) ); + status = psa_get_generator_capacity(msg.rhandle, + &capacity); + if (status == PSA_SUCCESS) + psa_write(msg.handle, 0, &capacity, + sizeof(capacity)); break; } - case PSA_GENERATOR_READ: - { + case PSA_GENERATOR_READ: { uint8_t *output = NULL; size_t output_length = msg.out_size[0]; - output = mbedtls_calloc( 1, output_length ); - if( output == NULL ) - { + output = mbedtls_calloc(1, output_length); + if (output == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - status = psa_generator_read( msg.rhandle, - output, output_length); - if( status == PSA_SUCCESS ) - psa_write( msg.handle, 0, output, output_length ); + status = psa_generator_read(msg.rhandle, + output, output_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + } - mbedtls_free( output ); + mbedtls_free(output); break; } - case PSA_GENERATOR_IMPORT_KEY: - { + case PSA_GENERATOR_IMPORT_KEY: { psa_key_type_t type; size_t bits; - bytes_read = psa_read( msg.handle, 1, - &type, msg.in_size[1] ); - if( bytes_read != sizeof( type ) ) - { + bytes_read = psa_read(msg.handle, 1, + &type, msg.in_size[1]); + if (bytes_read != sizeof(type)) { SPM_PANIC("SPM read length mismatch"); } - bytes_read = psa_read( msg.handle, 2, - &bits, msg.in_size[2] ); - if( bytes_read != sizeof( bits ) ) - { + bytes_read = psa_read(msg.handle, 2, + &bits, msg.in_size[2]); + if (bytes_read != sizeof(bits)) { SPM_PANIC("SPM read length mismatch"); } - status = psa_generator_import_key( psa_crypto_ipc.key, type, - bits, msg.rhandle ); + status = psa_generator_import_key(psa_crypto_ipc.key, type, + bits, msg.rhandle); break; } - case PSA_GENERATOR_ABORT: - { - status = psa_generator_abort( msg.rhandle ); + case PSA_GENERATOR_ABORT: { + status = psa_generator_abort(msg.rhandle); break; } - case PSA_KEY_DERIVATION: - { + case PSA_KEY_DERIVATION: { - uint8_t *salt = mbedtls_calloc( 1, msg.in_size[1] ); - if ( salt == NULL ) - { + uint8_t *salt = mbedtls_calloc(1, msg.in_size[1]); + if (salt == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, salt, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, salt, + msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - uint8_t *label = mbedtls_calloc( 1, msg.in_size[2] ); - if ( label == NULL ) - { + uint8_t *label = mbedtls_calloc(1, msg.in_size[2]); + if (label == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; - mbedtls_free( salt ); + mbedtls_free(salt); break; } - bytes_read = psa_read( msg.handle, 2, label, - msg.in_size[2] ); - if( bytes_read != msg.in_size[2] ) - { + bytes_read = psa_read(msg.handle, 2, label, + msg.in_size[2]); + if (bytes_read != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_key_derivation( msg.rhandle, psa_crypto_ipc.key, - psa_crypto_ipc.alg, - salt, - msg.in_size[1],//salt length - label, - msg.in_size[2],//label length - psa_crypto_ipc.capacity ); + status = psa_key_derivation(msg.rhandle, psa_crypto_ipc.key, + psa_crypto_ipc.alg, + salt, + msg.in_size[1],//salt length + label, + msg.in_size[2],//label length + psa_crypto_ipc.capacity); break; } - case PSA_KEY_AGREEMENT: - { + case PSA_KEY_AGREEMENT: { - uint8_t *private_key = mbedtls_calloc( 1, msg.in_size[1] ); - if ( private_key == NULL ) - { + uint8_t *private_key = mbedtls_calloc(1, msg.in_size[1]); + if (private_key == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; break; } - bytes_read = psa_read( msg.handle, 1, private_key, - msg.in_size[1] ); - if( bytes_read != msg.in_size[1] ) - { + bytes_read = psa_read(msg.handle, 1, private_key, + msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - status = psa_key_agreement( msg.rhandle, psa_crypto_ipc.key, - private_key, - msg.in_size[1],//private_key length - psa_crypto_ipc.alg ); + status = psa_key_agreement(msg.rhandle, psa_crypto_ipc.key, + private_key, + msg.in_size[1],//private_key length + psa_crypto_ipc.alg); break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } break; } - case PSA_IPC_DISCONNECT: - { - psa_generator_abort( msg.rhandle ); - if( msg.rhandle != NULL ) - mbedtls_free( msg.rhandle ); + case PSA_IPC_DISCONNECT: { + psa_generator_abort(msg.rhandle); + if (msg.rhandle != NULL) { + mbedtls_free(msg.rhandle); + } break; } - default: - { + default: { status = PSA_ERROR_NOT_SUPPORTED; break; } } - psa_reply( msg.handle, ( psa_error_t ) status ); + psa_reply(msg.handle, (psa_error_t) status); } @@ -1423,50 +1255,39 @@ void part_main(void *ptr) psa_status_t status = PSA_SUCCESS; while (1) { - signals = psa_wait_any( PSA_BLOCK ); - if( signals & PSA_CRYPTO_INIT ) - { + signals = psa_wait_any(PSA_BLOCK); + if (signals & PSA_CRYPTO_INIT) { psa_crypto_init_operation(); } - if( signals & PSA_MAC ) - { - psa_mac_operation( ); + if (signals & PSA_MAC) { + psa_mac_operation(); } - if( signals & PSA_HASH ) - { - psa_hash_operation( ); + if (signals & PSA_HASH) { + psa_hash_operation(); } - if( signals & PSA_SYMMETRIC ) - { + if (signals & PSA_SYMMETRIC) { psa_symmetric_operation(); } - if( signals & PSA_ASYMMETRIC ) - { - psa_asymmetric_operation( ); + if (signals & PSA_ASYMMETRIC) { + psa_asymmetric_operation(); } - if( signals & PSA_AEAD ) - { - psa_aead_operation( ); + if (signals & PSA_AEAD) { + psa_aead_operation(); } - if( signals & PSA_KEY_MNG ) - { - psa_key_management_operation( ); + if (signals & PSA_KEY_MNG) { + psa_key_management_operation(); } - if( signals & PSA_RNG ) - { - psa_rng_operation( ); + if (signals & PSA_RNG) { + psa_rng_operation(); } - if( signals & PSA_CRYPTO_FREE ) - { - psa_crypto_free_operation( ); + if (signals & PSA_CRYPTO_FREE) { + psa_crypto_free_operation(); } - if( signals & PSA_GENERATOR ) - { - psa_crypto_generator_operations( ); + if (signals & PSA_GENERATOR) { + psa_crypto_generator_operations(); } - if( signals & PSA_ENTROPY_INJECT ) - { - psa_entropy_operation( ); + if (signals & PSA_ENTROPY_INJECT) { + psa_entropy_operation(); } } }