search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
text
[RRG-proxmark3.git] / common / mbedtls / psa_crypto_driver_wrappers.c
blob33a62c1e902fac6e5ec5affc9d2895dafd10a1a2
1 /*
2 * Functions to delegate cryptographic operations to an available
3 * and appropriate accelerator.
4 * Warning: This file will be auto-generated in the future.
5 */
6 /* Copyright The Mbed TLS Contributors
7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 */
21
22 #include "psa_crypto_core.h"
23 #include "psa_crypto_driver_wrappers.h"
24 #include "mbedtls/platform.h"
25
26 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
27
28 /* Include test driver definition when running tests */
29 #if defined(PSA_CRYPTO_DRIVER_TEST)
30 #ifndef PSA_CRYPTO_DRIVER_PRESENT
31 #define PSA_CRYPTO_DRIVER_PRESENT
32 #endif
33 #ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
34 #define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
35 #endif
36 #include "test/drivers/test_driver.h"
37 #endif /* PSA_CRYPTO_DRIVER_TEST */
38
39 /* Repeat above block for each JSON-declared driver during autogeneration */
40
41 /* Auto-generated values depending on which drivers are registered. ID 0 is
42 * reserved for unallocated operations. */
43 #if defined(PSA_CRYPTO_DRIVER_TEST)
44 #define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (1)
45 #define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (2)
46 #endif /* PSA_CRYPTO_DRIVER_TEST */
47 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
48
49 /* Support the 'old' SE interface when asked to */
50 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
51 /* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
52 * SE driver is present, to avoid unused argument errors at compile time. */
53 #ifndef PSA_CRYPTO_DRIVER_PRESENT
54 #define PSA_CRYPTO_DRIVER_PRESENT
55 #endif
56 #include "psa_crypto_se.h"
57 #endif
58
59 /* Start delegation functions */
60 psa_status_t psa_driver_wrapper_sign_hash(
61 const psa_key_attributes_t *attributes,
62 const uint8_t *key_buffer, size_t key_buffer_size,
63 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
64 uint8_t *signature, size_t signature_size, size_t *signature_length) {
65 /* Try dynamically-registered SE interface first */
66 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
67 const psa_drv_se_t *drv;
68 psa_drv_se_context_t *drv_context;
69
70 if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
71 if (drv->asymmetric == NULL ||
72 drv->asymmetric->p_sign == NULL) {
73 /* Key is defined in SE, but we have no way to exercise it */
74 return (PSA_ERROR_NOT_SUPPORTED);
75 }
76 return (drv->asymmetric->p_sign(
77 drv_context, *((psa_key_slot_number_t *)key_buffer),
78 alg, hash, hash_length,
79 signature, signature_size, signature_length));
80 }
81 #endif /* PSA_CRYPTO_SE_C */
82
83 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
84 psa_key_location_t location =
85 PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
86
87 switch (location) {
88 case PSA_KEY_LOCATION_LOCAL_STORAGE:
89 /* Key is stored in the slot in export representation, so
90 * cycle through all known transparent accelerators */
91 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
92 #if defined(PSA_CRYPTO_DRIVER_TEST)
93 status = test_transparent_signature_sign_hash(attributes,
94 key_buffer,
95 key_buffer_size,
96 alg,
97 hash,
98 hash_length,
99 signature,
100 signature_size,
101 signature_length);
102 /* Declared with fallback == true */
103 if (status != PSA_ERROR_NOT_SUPPORTED)
104 return (status);
105 #endif /* PSA_CRYPTO_DRIVER_TEST */
106 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
107 /* Fell through, meaning no accelerator supports this operation */
108 return (psa_sign_hash_internal(attributes,
109 key_buffer,
110 key_buffer_size,
111 alg,
112 hash,
113 hash_length,
114 signature,
115 signature_size,
116 signature_length));
117
118 /* Add cases for opaque driver here */
119 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
120 #if defined(PSA_CRYPTO_DRIVER_TEST)
121 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
122 return (test_opaque_signature_sign_hash(attributes,
123 key_buffer,
124 key_buffer_size,
125 alg,
126 hash,
127 hash_length,
128 signature,
129 signature_size,
130 signature_length));
131 #endif /* PSA_CRYPTO_DRIVER_TEST */
132 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
133 default:
134 /* Key is declared with a lifetime not known to us */
135 (void)status;
136 return (PSA_ERROR_INVALID_ARGUMENT);
137 }
138 }
139
140 psa_status_t psa_driver_wrapper_verify_hash(
141 const psa_key_attributes_t *attributes,
142 const uint8_t *key_buffer, size_t key_buffer_size,
143 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
144 const uint8_t *signature, size_t signature_length) {
145 /* Try dynamically-registered SE interface first */
146 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
147 const psa_drv_se_t *drv;
148 psa_drv_se_context_t *drv_context;
149
150 if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
151 if (drv->asymmetric == NULL ||
152 drv->asymmetric->p_verify == NULL) {
153 /* Key is defined in SE, but we have no way to exercise it */
154 return (PSA_ERROR_NOT_SUPPORTED);
155 }
156 return (drv->asymmetric->p_verify(
157 drv_context, *((psa_key_slot_number_t *)key_buffer),
158 alg, hash, hash_length,
159 signature, signature_length));
160 }
161 #endif /* PSA_CRYPTO_SE_C */
162
163 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
164 psa_key_location_t location =
165 PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
166
167 switch (location) {
168 case PSA_KEY_LOCATION_LOCAL_STORAGE:
169 /* Key is stored in the slot in export representation, so
170 * cycle through all known transparent accelerators */
171 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
172 #if defined(PSA_CRYPTO_DRIVER_TEST)
173 status = test_transparent_signature_verify_hash(attributes,
174 key_buffer,
175 key_buffer_size,
176 alg,
177 hash,
178 hash_length,
179 signature,
180 signature_length);
181 /* Declared with fallback == true */
182 if (status != PSA_ERROR_NOT_SUPPORTED)
183 return (status);
184 #endif /* PSA_CRYPTO_DRIVER_TEST */
185 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
186
187 return (psa_verify_hash_internal(attributes,
188 key_buffer,
189 key_buffer_size,
190 alg,
191 hash,
192 hash_length,
193 signature,
194 signature_length));
195
196 /* Add cases for opaque driver here */
197 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
198 #if defined(PSA_CRYPTO_DRIVER_TEST)
199 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
200 return (test_opaque_signature_verify_hash(attributes,
201 key_buffer,
202 key_buffer_size,
203 alg,
204 hash,
205 hash_length,
206 signature,
207 signature_length));
208 #endif /* PSA_CRYPTO_DRIVER_TEST */
209 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
210 default:
211 /* Key is declared with a lifetime not known to us */
212 (void)status;
213 return (PSA_ERROR_INVALID_ARGUMENT);
214 }
215 }
216
217 /** Get the key buffer size for the key material of a generated key in the
218 * case of an opaque driver without storage.
219 *
220 * \param[in] attributes The key attributes.
221 * \param[out] key_buffer_size Minimum buffer size to contain the key material
222 *
223 * \retval #PSA_SUCCESS
224 * The minimum size for a buffer to contain the key material has been
225 * returned successfully.
226 * \retval #PSA_ERROR_INVALID_ARGUMENT
227 * The size in bits of the key is not valid.
228 * \retval #PSA_ERROR_NOT_SUPPORTED
229 * The type and/or the size in bits of the key or the combination of
230 * the two is not supported.
231 */
232 psa_status_t psa_driver_wrapper_get_key_buffer_size(
233 const psa_key_attributes_t *attributes,
234 size_t *key_buffer_size) {
235 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
236 psa_key_type_t key_type = attributes->core.type;
237 size_t key_bits = attributes->core.bits;
238
239 *key_buffer_size = 0;
240 switch (location) {
241 #if defined(PSA_CRYPTO_DRIVER_TEST)
242 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
243 #ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
244 *key_buffer_size = test_size_function(key_type, key_bits);
245 return (PSA_SUCCESS);
246 #else /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
247 if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type)) {
248 int public_key_overhead =
249 ((TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1) ?
250 PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) : 0);
251 *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
252 + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE
253 + public_key_overhead;
254 } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) {
255 *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
256 + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE;
257 } else if (!PSA_KEY_TYPE_IS_KEY_PAIR(key_type) &&
258 !PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) {
259 *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
260 + TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR
261 * ((key_bits + 7) / 8);
262 } else {
263 return (PSA_ERROR_NOT_SUPPORTED);
264 }
265 return (PSA_SUCCESS);
266 #endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
267 #endif /* PSA_CRYPTO_DRIVER_TEST */
268
269 default:
270 (void)key_type;
271 (void)key_bits;
272 return (PSA_ERROR_NOT_SUPPORTED);
273 }
274 }
275
276 psa_status_t psa_driver_wrapper_generate_key(
277 const psa_key_attributes_t *attributes,
278 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) {
279 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
280 psa_key_location_t location =
281 PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
282
283 /* Try dynamically-registered SE interface first */
284 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
285 const psa_drv_se_t *drv;
286 psa_drv_se_context_t *drv_context;
287
288 if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
289 size_t pubkey_length = 0; /* We don't support this feature yet */
290 if (drv->key_management == NULL ||
291 drv->key_management->p_generate == NULL) {
292 /* Key is defined as being in SE, but we have no way to generate it */
293 return (PSA_ERROR_NOT_SUPPORTED);
294 }
295 return (drv->key_management->p_generate(
296 drv_context,
297 *((psa_key_slot_number_t *)key_buffer),
298 attributes, NULL, 0, &pubkey_length));
299 }
300 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
301
302 switch (location) {
303 case PSA_KEY_LOCATION_LOCAL_STORAGE:
304 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
305 /* Transparent drivers are limited to generating asymmetric keys */
306 if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->core.type)) {
307 /* Cycle through all known transparent accelerators */
308 #if defined(PSA_CRYPTO_DRIVER_TEST)
309 status = test_transparent_generate_key(
310 attributes, key_buffer, key_buffer_size,
311 key_buffer_length);
312 /* Declared with fallback == true */
313 if (status != PSA_ERROR_NOT_SUPPORTED)
314 break;
315 #endif /* PSA_CRYPTO_DRIVER_TEST */
316 }
317 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
318
319 /* Software fallback */
320 status = psa_generate_key_internal(
321 attributes, key_buffer, key_buffer_size, key_buffer_length);
322 break;
323
324 /* Add cases for opaque driver here */
325 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
326 #if defined(PSA_CRYPTO_DRIVER_TEST)
327 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
328 status = test_opaque_generate_key(
329 attributes, key_buffer, key_buffer_size, key_buffer_length);
330 break;
331 #endif /* PSA_CRYPTO_DRIVER_TEST */
332 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
333
334 default:
335 /* Key is declared with a lifetime not known to us */
336 status = PSA_ERROR_INVALID_ARGUMENT;
337 break;
338 }
339
340 return (status);
341 }
342
343 psa_status_t psa_driver_wrapper_import_key(
344 const psa_key_attributes_t *attributes,
345 const uint8_t *data,
346 size_t data_length,
347 uint8_t *key_buffer,
348 size_t key_buffer_size,
349 size_t *key_buffer_length,
350 size_t *bits) {
351 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
352 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
353 psa_get_key_lifetime(attributes));
354
355 /* Try dynamically-registered SE interface first */
356 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
357 const psa_drv_se_t *drv;
358 psa_drv_se_context_t *drv_context;
359
360 if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
361 if (drv->key_management == NULL ||
362 drv->key_management->p_import == NULL)
363 return (PSA_ERROR_NOT_SUPPORTED);
364
365 /* The driver should set the number of key bits, however in
366 * case it doesn't, we initialize bits to an invalid value. */
367 *bits = PSA_MAX_KEY_BITS + 1;
368 status = drv->key_management->p_import(
369 drv_context,
370 *((psa_key_slot_number_t *)key_buffer),
371 attributes, data, data_length, bits);
372
373 if (status != PSA_SUCCESS)
374 return (status);
375
376 if ((*bits) > PSA_MAX_KEY_BITS)
377 return (PSA_ERROR_NOT_SUPPORTED);
378
379 return (PSA_SUCCESS);
380 }
381 #endif /* PSA_CRYPTO_SE_C */
382
383 switch (location) {
384 case PSA_KEY_LOCATION_LOCAL_STORAGE:
385 /* Key is stored in the slot in export representation, so
386 * cycle through all known transparent accelerators */
387 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
388 #if defined(PSA_CRYPTO_DRIVER_TEST)
389 status = test_transparent_import_key(attributes,
390 data, data_length,
391 key_buffer, key_buffer_size,
392 key_buffer_length, bits);
393 /* Declared with fallback == true */
394 if (status != PSA_ERROR_NOT_SUPPORTED)
395 return (status);
396 #endif /* PSA_CRYPTO_DRIVER_TEST */
397 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
398 /* Fell through, meaning no accelerator supports this operation */
399 return (psa_import_key_into_slot(attributes,
400 data, data_length,
401 key_buffer, key_buffer_size,
402 key_buffer_length, bits));
403
404 default:
405 /* Importing a key with external storage in not yet supported.
406 * Return in error indicating that the lifetime is not valid. */
407 (void)status;
408 return (PSA_ERROR_INVALID_ARGUMENT);
409 }
410
411 }
412
413 psa_status_t psa_driver_wrapper_export_key(
414 const psa_key_attributes_t *attributes,
415 const uint8_t *key_buffer, size_t key_buffer_size,
416 uint8_t *data, size_t data_size, size_t *data_length)
417
418 {
419 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
420 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
421 psa_get_key_lifetime(attributes));
422
423 /* Try dynamically-registered SE interface first */
424 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
425 const psa_drv_se_t *drv;
426 psa_drv_se_context_t *drv_context;
427
428 if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
429 if ((drv->key_management == NULL) ||
430 (drv->key_management->p_export == NULL)) {
431 return (PSA_ERROR_NOT_SUPPORTED);
432 }
433
434 return (drv->key_management->p_export(
435 drv_context,
436 *((psa_key_slot_number_t *)key_buffer),
437 data, data_size, data_length));
438 }
439 #endif /* PSA_CRYPTO_SE_C */
440
441 switch (location) {
442 case PSA_KEY_LOCATION_LOCAL_STORAGE:
443 return (psa_export_key_internal(attributes,
444 key_buffer,
445 key_buffer_size,
446 data,
447 data_size,
448 data_length));
449
450 /* Add cases for opaque driver here */
451 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
452 #if defined(PSA_CRYPTO_DRIVER_TEST)
453 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
454 return (test_opaque_export_key(attributes,
455 key_buffer,
456 key_buffer_size,
457 data,
458 data_size,
459 data_length));
460 #endif /* PSA_CRYPTO_DRIVER_TEST */
461 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
462 default:
463 /* Key is declared with a lifetime not known to us */
464 return (status);
465 }
466 }
467
468 psa_status_t psa_driver_wrapper_export_public_key(
469 const psa_key_attributes_t *attributes,
470 const uint8_t *key_buffer, size_t key_buffer_size,
471 uint8_t *data, size_t data_size, size_t *data_length)
472
473 {
474 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
475 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
476 psa_get_key_lifetime(attributes));
477
478 /* Try dynamically-registered SE interface first */
479 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
480 const psa_drv_se_t *drv;
481 psa_drv_se_context_t *drv_context;
482
483 if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
484 if ((drv->key_management == NULL) ||
485 (drv->key_management->p_export_public == NULL)) {
486 return (PSA_ERROR_NOT_SUPPORTED);
487 }
488
489 return (drv->key_management->p_export_public(
490 drv_context,
491 *((psa_key_slot_number_t *)key_buffer),
492 data, data_size, data_length));
493 }
494 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
495
496 switch (location) {
497 case PSA_KEY_LOCATION_LOCAL_STORAGE:
498 /* Key is stored in the slot in export representation, so
499 * cycle through all known transparent accelerators */
500 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
501 #if defined(PSA_CRYPTO_DRIVER_TEST)
502 status = test_transparent_export_public_key(attributes,
503 key_buffer,
504 key_buffer_size,
505 data,
506 data_size,
507 data_length);
508 /* Declared with fallback == true */
509 if (status != PSA_ERROR_NOT_SUPPORTED)
510 return (status);
511 #endif /* PSA_CRYPTO_DRIVER_TEST */
512 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
513 /* Fell through, meaning no accelerator supports this operation */
514 return (psa_export_public_key_internal(attributes,
515 key_buffer,
516 key_buffer_size,
517 data,
518 data_size,
519 data_length));
520
521 /* Add cases for opaque driver here */
522 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
523 #if defined(PSA_CRYPTO_DRIVER_TEST)
524 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
525 return (test_opaque_export_public_key(attributes,
526 key_buffer,
527 key_buffer_size,
528 data,
529 data_size,
530 data_length));
531 #endif /* PSA_CRYPTO_DRIVER_TEST */
532 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
533 default:
534 /* Key is declared with a lifetime not known to us */
535 return (status);
536 }
537 }
538
539 /*
540 * Cipher functions
541 */
542 psa_status_t psa_driver_wrapper_cipher_encrypt(
543 psa_key_slot_t *slot,
544 psa_algorithm_t alg,
545 const uint8_t *input,
546 size_t input_length,
547 uint8_t *output,
548 size_t output_size,
549 size_t *output_length) {
550 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
551 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
552 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
553 psa_key_attributes_t attributes = {
554 .core = slot->attr
555 };
556
557 switch (location) {
558 case PSA_KEY_LOCATION_LOCAL_STORAGE:
559 /* Key is stored in the slot in export representation, so
560 * cycle through all known transparent accelerators */
561 #if defined(PSA_CRYPTO_DRIVER_TEST)
562 status = test_transparent_cipher_encrypt(&attributes,
563 slot->key.data,
564 slot->key.bytes,
565 alg,
566 input,
567 input_length,
568 output,
569 output_size,
570 output_length);
571 /* Declared with fallback == true */
572 if (status != PSA_ERROR_NOT_SUPPORTED)
573 return (status);
574 #endif /* PSA_CRYPTO_DRIVER_TEST */
575 /* Fell through, meaning no accelerator supports this operation */
576 return (PSA_ERROR_NOT_SUPPORTED);
577 /* Add cases for opaque driver here */
578 #if defined(PSA_CRYPTO_DRIVER_TEST)
579 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
580 return (test_opaque_cipher_encrypt(&attributes,
581 slot->key.data,
582 slot->key.bytes,
583 alg,
584 input,
585 input_length,
586 output,
587 output_size,
588 output_length));
589 #endif /* PSA_CRYPTO_DRIVER_TEST */
590 default:
591 /* Key is declared with a lifetime not known to us */
592 return (status);
593 }
594 #else /* PSA_CRYPTO_DRIVER_PRESENT */
595 (void) slot;
596 (void) alg;
597 (void) input;
598 (void) input_length;
599 (void) output;
600 (void) output_size;
601 (void) output_length;
602
603 return (PSA_ERROR_NOT_SUPPORTED);
604 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
605 }
606
607 psa_status_t psa_driver_wrapper_cipher_decrypt(
608 psa_key_slot_t *slot,
609 psa_algorithm_t alg,
610 const uint8_t *input,
611 size_t input_length,
612 uint8_t *output,
613 size_t output_size,
614 size_t *output_length) {
615 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
616 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
617 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
618 psa_key_attributes_t attributes = {
619 .core = slot->attr
620 };
621
622 switch (location) {
623 case PSA_KEY_LOCATION_LOCAL_STORAGE:
624 /* Key is stored in the slot in export representation, so
625 * cycle through all known transparent accelerators */
626 #if defined(PSA_CRYPTO_DRIVER_TEST)
627 status = test_transparent_cipher_decrypt(&attributes,
628 slot->key.data,
629 slot->key.bytes,
630 alg,
631 input,
632 input_length,
633 output,
634 output_size,
635 output_length);
636 /* Declared with fallback == true */
637 if (status != PSA_ERROR_NOT_SUPPORTED)
638 return (status);
639 #endif /* PSA_CRYPTO_DRIVER_TEST */
640 /* Fell through, meaning no accelerator supports this operation */
641 return (PSA_ERROR_NOT_SUPPORTED);
642 /* Add cases for opaque driver here */
643 #if defined(PSA_CRYPTO_DRIVER_TEST)
644 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
645 return (test_opaque_cipher_decrypt(&attributes,
646 slot->key.data,
647 slot->key.bytes,
648 alg,
649 input,
650 input_length,
651 output,
652 output_size,
653 output_length));
654 #endif /* PSA_CRYPTO_DRIVER_TEST */
655 default:
656 /* Key is declared with a lifetime not known to us */
657 return (status);
658 }
659 #else /* PSA_CRYPTO_DRIVER_PRESENT */
660 (void) slot;
661 (void) alg;
662 (void) input;
663 (void) input_length;
664 (void) output;
665 (void) output_size;
666 (void) output_length;
667
668 return (PSA_ERROR_NOT_SUPPORTED);
669 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
670 }
671
672 psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
673 psa_operation_driver_context_t *operation,
674 psa_key_slot_t *slot,
675 psa_algorithm_t alg) {
676 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
677 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
678 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
679 psa_key_attributes_t attributes = {
680 .core = slot->attr
681 };
682
683 switch (location) {
684 case PSA_KEY_LOCATION_LOCAL_STORAGE:
685 /* Key is stored in the slot in export representation, so
686 * cycle through all known transparent accelerators */
687 #if defined(PSA_CRYPTO_DRIVER_TEST)
688 operation->ctx = mbedtls_calloc(1, sizeof(test_transparent_cipher_operation_t));
689 if (operation->ctx == NULL)
690 return PSA_ERROR_INSUFFICIENT_MEMORY;
691
692 status = test_transparent_cipher_encrypt_setup(operation->ctx,
693 &attributes,
694 slot->key.data,
695 slot->key.bytes,
696 alg);
697 /* Declared with fallback == true */
698 if (status == PSA_SUCCESS)
699 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
700 else {
701 mbedtls_platform_zeroize(
702 operation->ctx,
703 sizeof(test_transparent_cipher_operation_t));
704 mbedtls_free(operation->ctx);
705 operation->ctx = NULL;
706 }
707
708 return (status);
709 #endif /* PSA_CRYPTO_DRIVER_TEST */
710 /* Fell through, meaning no accelerator supports this operation */
711 return (PSA_ERROR_NOT_SUPPORTED);
712 /* Add cases for opaque driver here */
713 #if defined(PSA_CRYPTO_DRIVER_TEST)
714 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
715 operation->ctx = mbedtls_calloc(1, sizeof(test_opaque_cipher_operation_t));
716 if (operation->ctx == NULL)
717 return (PSA_ERROR_INSUFFICIENT_MEMORY);
718
719 status = test_opaque_cipher_encrypt_setup(operation->ctx,
720 &attributes,
721 slot->key.data,
722 slot->key.bytes,
723 alg);
724 if (status == PSA_SUCCESS)
725 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
726 else {
727 mbedtls_platform_zeroize(
728 operation->ctx,
729 sizeof(test_opaque_cipher_operation_t));
730 mbedtls_free(operation->ctx);
731 operation->ctx = NULL;
732 }
733
734 return (status);
735 #endif /* PSA_CRYPTO_DRIVER_TEST */
736 default:
737 /* Key is declared with a lifetime not known to us */
738 return (PSA_ERROR_NOT_SUPPORTED);
739 }
740 #else /* PSA_CRYPTO_DRIVER_PRESENT */
741 (void)slot;
742 (void)alg;
743 (void)operation;
744
745 return (PSA_ERROR_NOT_SUPPORTED);
746 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
747 }
748
749 psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
750 psa_operation_driver_context_t *operation,
751 psa_key_slot_t *slot,
752 psa_algorithm_t alg) {
753 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
754 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
755 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
756 psa_key_attributes_t attributes = {
757 .core = slot->attr
758 };
759
760 switch (location) {
761 case PSA_KEY_LOCATION_LOCAL_STORAGE:
762 /* Key is stored in the slot in export representation, so
763 * cycle through all known transparent accelerators */
764 #if defined(PSA_CRYPTO_DRIVER_TEST)
765 operation->ctx = mbedtls_calloc(1, sizeof(test_transparent_cipher_operation_t));
766 if (operation->ctx == NULL)
767 return (PSA_ERROR_INSUFFICIENT_MEMORY);
768
769 status = test_transparent_cipher_decrypt_setup(operation->ctx,
770 &attributes,
771 slot->key.data,
772 slot->key.bytes,
773 alg);
774 /* Declared with fallback == true */
775 if (status == PSA_SUCCESS)
776 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
777 else {
778 mbedtls_platform_zeroize(
779 operation->ctx,
780 sizeof(test_transparent_cipher_operation_t));
781 mbedtls_free(operation->ctx);
782 operation->ctx = NULL;
783 }
784
785 return (status);
786 #endif /* PSA_CRYPTO_DRIVER_TEST */
787 /* Fell through, meaning no accelerator supports this operation */
788 return (PSA_ERROR_NOT_SUPPORTED);
789 /* Add cases for opaque driver here */
790 #if defined(PSA_CRYPTO_DRIVER_TEST)
791 case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
792 operation->ctx = mbedtls_calloc(1, sizeof(test_opaque_cipher_operation_t));
793 if (operation->ctx == NULL)
794 return PSA_ERROR_INSUFFICIENT_MEMORY;
795
796 status = test_opaque_cipher_decrypt_setup(operation->ctx,
797 &attributes,
798 slot->key.data,
799 slot->key.bytes,
800 alg);
801 if (status == PSA_SUCCESS)
802 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
803 else {
804 mbedtls_platform_zeroize(
805 operation->ctx,
806 sizeof(test_opaque_cipher_operation_t));
807 mbedtls_free(operation->ctx);
808 operation->ctx = NULL;
809 }
810
811 return (status);
812 #endif /* PSA_CRYPTO_DRIVER_TEST */
813 default:
814 /* Key is declared with a lifetime not known to us */
815 return (PSA_ERROR_NOT_SUPPORTED);
816 }
817 #else /* PSA_CRYPTO_DRIVER_PRESENT */
818 (void)slot;
819 (void)alg;
820 (void)operation;
821
822 return (PSA_ERROR_NOT_SUPPORTED);
823 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
824 }
825
826 psa_status_t psa_driver_wrapper_cipher_generate_iv(
827 psa_operation_driver_context_t *operation,
828 uint8_t *iv,
829 size_t iv_size,
830 size_t *iv_length) {
831 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
832 switch (operation->id) {
833 #if defined(PSA_CRYPTO_DRIVER_TEST)
834 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
835 return (test_transparent_cipher_generate_iv(operation->ctx,
836 iv,
837 iv_size,
838 iv_length));
839 #endif /* PSA_CRYPTO_DRIVER_TEST */
840 #if defined(PSA_CRYPTO_DRIVER_TEST)
841 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
842 return (test_opaque_cipher_generate_iv(operation->ctx,
843 iv,
844 iv_size,
845 iv_length));
846 #endif /* PSA_CRYPTO_DRIVER_TEST */
847 default:
848 /* Key is attached to a driver not known to us */
849 return (PSA_ERROR_BAD_STATE);
850 }
851 #else /* PSA_CRYPTO_DRIVER_PRESENT */
852 (void) operation;
853 (void) iv;
854 (void) iv_size;
855 (void) iv_length;
856
857 return (PSA_ERROR_NOT_SUPPORTED);
858 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
859 }
860
861 psa_status_t psa_driver_wrapper_cipher_set_iv(
862 psa_operation_driver_context_t *operation,
863 const uint8_t *iv,
864 size_t iv_length) {
865 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
866 switch (operation->id) {
867 #if defined(PSA_CRYPTO_DRIVER_TEST)
868 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
869 return (test_transparent_cipher_set_iv(operation->ctx,
870 iv,
871 iv_length));
872 #endif /* PSA_CRYPTO_DRIVER_TEST */
873 #if defined(PSA_CRYPTO_DRIVER_TEST)
874 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
875 return (test_opaque_cipher_set_iv(operation->ctx,
876 iv,
877 iv_length));
878 #endif /* PSA_CRYPTO_DRIVER_TEST */
879 default:
880 /* Key is attached to a driver not known to us */
881 return (PSA_ERROR_BAD_STATE);
882 }
883 #else /* PSA_CRYPTO_DRIVER_PRESENT */
884 (void) operation;
885 (void) iv;
886 (void) iv_length;
887
888 return (PSA_ERROR_NOT_SUPPORTED);
889 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
890 }
891
892 psa_status_t psa_driver_wrapper_cipher_update(
893 psa_operation_driver_context_t *operation,
894 const uint8_t *input,
895 size_t input_length,
896 uint8_t *output,
897 size_t output_size,
898 size_t *output_length) {
899 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
900 switch (operation->id) {
901 #if defined(PSA_CRYPTO_DRIVER_TEST)
902 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
903 return (test_transparent_cipher_update(operation->ctx,
904 input,
905 input_length,
906 output,
907 output_size,
908 output_length));
909 #endif /* PSA_CRYPTO_DRIVER_TEST */
910 #if defined(PSA_CRYPTO_DRIVER_TEST)
911 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
912 return (test_opaque_cipher_update(operation->ctx,
913 input,
914 input_length,
915 output,
916 output_size,
917 output_length));
918 #endif /* PSA_CRYPTO_DRIVER_TEST */
919 default:
920 /* Key is attached to a driver not known to us */
921 return (PSA_ERROR_BAD_STATE);
922 }
923 #else /* PSA_CRYPTO_DRIVER_PRESENT */
924 (void) operation;
925 (void) input;
926 (void) input_length;
927 (void) output;
928 (void) output_length;
929 (void) output_size;
930
931 return (PSA_ERROR_NOT_SUPPORTED);
932 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
933 }
934
935 psa_status_t psa_driver_wrapper_cipher_finish(
936 psa_operation_driver_context_t *operation,
937 uint8_t *output,
938 size_t output_size,
939 size_t *output_length) {
940 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
941 switch (operation->id) {
942 #if defined(PSA_CRYPTO_DRIVER_TEST)
943 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
944 return (test_transparent_cipher_finish(operation->ctx,
945 output,
946 output_size,
947 output_length));
948 #endif /* PSA_CRYPTO_DRIVER_TEST */
949 #if defined(PSA_CRYPTO_DRIVER_TEST)
950 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
951 return (test_opaque_cipher_finish(operation->ctx,
952 output,
953 output_size,
954 output_length));
955 #endif /* PSA_CRYPTO_DRIVER_TEST */
956 default:
957 /* Key is attached to a driver not known to us */
958 return (PSA_ERROR_BAD_STATE);
959 }
960 #else /* PSA_CRYPTO_DRIVER_PRESENT */
961 (void) operation;
962 (void) output;
963 (void) output_size;
964 (void) output_length;
965
966 return (PSA_ERROR_NOT_SUPPORTED);
967 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
968 }
969
970 psa_status_t psa_driver_wrapper_cipher_abort(
971 psa_operation_driver_context_t *operation) {
972 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
973 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
974
975 /* The object has (apparently) been initialized but it is not in use. It's
976 * ok to call abort on such an object, and there's nothing to do. */
977 if (operation->ctx == NULL && operation->id == 0)
978 return (PSA_SUCCESS);
979
980 switch (operation->id) {
981 #if defined(PSA_CRYPTO_DRIVER_TEST)
982 case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
983 status = test_transparent_cipher_abort(operation->ctx);
984 mbedtls_platform_zeroize(
985 operation->ctx,
986 sizeof(test_transparent_cipher_operation_t));
987 mbedtls_free(operation->ctx);
988 operation->ctx = NULL;
989 operation->id = 0;
990
991 return (status);
992 #endif /* PSA_CRYPTO_DRIVER_TEST */
993 #if defined(PSA_CRYPTO_DRIVER_TEST)
994 case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
995 status = test_opaque_cipher_abort(operation->ctx);
996 mbedtls_platform_zeroize(
997 operation->ctx,
998 sizeof(test_opaque_cipher_operation_t));
999 mbedtls_free(operation->ctx);
1000 operation->ctx = NULL;
1001 operation->id = 0;
1002
1003 return (status);
1004 #endif /* PSA_CRYPTO_DRIVER_TEST */
1005 default:
1006 /* Operation is attached to a driver not known to us */
1007 return (PSA_ERROR_BAD_STATE);
1008 }
1009 #else /* PSA_CRYPTO_DRIVER_PRESENT */
1010 (void)operation;
1011
1012 return (PSA_ERROR_NOT_SUPPORTED);
1013 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
1014 }
1015
1016 /* End of automatically generated file. */
Proxmark3 - the RFID research Swiss army knife. Iceman firmware