1b0563631STom Van Eyck /*
2b0563631STom Van Eyck * Functions to delegate cryptographic operations to an available
3b0563631STom Van Eyck * and appropriate accelerator.
4b0563631STom Van Eyck * Warning: This file is now auto-generated.
5b0563631STom Van Eyck */
6b0563631STom Van Eyck /* Copyright The Mbed TLS Contributors
7b0563631STom Van Eyck * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8b0563631STom Van Eyck */
9b0563631STom Van Eyck
10b0563631STom Van Eyck
11b0563631STom Van Eyck /* BEGIN-common headers */
12b0563631STom Van Eyck #include "common.h"
13b0563631STom Van Eyck #include "psa_crypto_aead.h"
14b0563631STom Van Eyck #include "psa_crypto_cipher.h"
15b0563631STom Van Eyck #include "psa_crypto_core.h"
16b0563631STom Van Eyck #include "psa_crypto_driver_wrappers_no_static.h"
17b0563631STom Van Eyck #include "psa_crypto_hash.h"
18b0563631STom Van Eyck #include "psa_crypto_mac.h"
19b0563631STom Van Eyck #include "psa_crypto_pake.h"
20b0563631STom Van Eyck #include "psa_crypto_rsa.h"
21b0563631STom Van Eyck
22b0563631STom Van Eyck #include "mbedtls/platform.h"
23b0563631STom Van Eyck #include "mbedtls/constant_time.h"
24b0563631STom Van Eyck /* END-common headers */
25b0563631STom Van Eyck
26b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_C)
27b0563631STom Van Eyck
28b0563631STom Van Eyck /* BEGIN-driver headers */
29b0563631STom Van Eyck /* Headers for mbedtls_test opaque driver */
30b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
31b0563631STom Van Eyck #include "test/drivers/test_driver.h"
32b0563631STom Van Eyck
33b0563631STom Van Eyck #endif
34b0563631STom Van Eyck /* Headers for mbedtls_test transparent driver */
35b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
36b0563631STom Van Eyck #include "test/drivers/test_driver.h"
37b0563631STom Van Eyck
38b0563631STom Van Eyck #endif
39b0563631STom Van Eyck /* Headers for p256 transparent driver */
40b0563631STom Van Eyck #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
41b0563631STom Van Eyck #include "../3rdparty/p256-m/p256-m_driver_entrypoints.h"
42b0563631STom Van Eyck
43b0563631STom Van Eyck #endif
44b0563631STom Van Eyck
45b0563631STom Van Eyck /* END-driver headers */
46b0563631STom Van Eyck
47b0563631STom Van Eyck /* Auto-generated values depending on which drivers are registered.
48b0563631STom Van Eyck * ID 0 is reserved for unallocated operations.
49b0563631STom Van Eyck * ID 1 is reserved for the Mbed TLS software driver. */
50b0563631STom Van Eyck /* BEGIN-driver id definition */
51b0563631STom Van Eyck #define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1)
52b0563631STom Van Eyck #define MBEDTLS_TEST_OPAQUE_DRIVER_ID (2)
53b0563631STom Van Eyck #define MBEDTLS_TEST_TRANSPARENT_DRIVER_ID (3)
54b0563631STom Van Eyck #define P256_TRANSPARENT_DRIVER_ID (4)
55b0563631STom Van Eyck
56b0563631STom Van Eyck /* END-driver id */
57b0563631STom Van Eyck
58b0563631STom Van Eyck /* BEGIN-Common Macro definitions */
59b0563631STom Van Eyck
60b0563631STom Van Eyck /* END-Common Macro definitions */
61b0563631STom Van Eyck
62b0563631STom Van Eyck /* Support the 'old' SE interface when asked to */
63b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
64b0563631STom Van Eyck /* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
65b0563631STom Van Eyck * SE driver is present, to avoid unused argument errors at compile time. */
66b0563631STom Van Eyck #ifndef PSA_CRYPTO_DRIVER_PRESENT
67b0563631STom Van Eyck #define PSA_CRYPTO_DRIVER_PRESENT
68b0563631STom Van Eyck #endif
69b0563631STom Van Eyck #include "psa_crypto_se.h"
70b0563631STom Van Eyck #endif
71b0563631STom Van Eyck
psa_driver_wrapper_init(void)72b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_init( void )
73b0563631STom Van Eyck {
74b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
75b0563631STom Van Eyck
76b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
77b0563631STom Van Eyck status = psa_init_all_se_drivers( );
78b0563631STom Van Eyck if( status != PSA_SUCCESS )
79b0563631STom Van Eyck return( status );
80b0563631STom Van Eyck #endif
81b0563631STom Van Eyck
82b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
83b0563631STom Van Eyck status = mbedtls_test_transparent_init( );
84b0563631STom Van Eyck if( status != PSA_SUCCESS )
85b0563631STom Van Eyck return( status );
86b0563631STom Van Eyck
87b0563631STom Van Eyck status = mbedtls_test_opaque_init( );
88b0563631STom Van Eyck if( status != PSA_SUCCESS )
89b0563631STom Van Eyck return( status );
90b0563631STom Van Eyck #endif
91b0563631STom Van Eyck
92b0563631STom Van Eyck (void) status;
93b0563631STom Van Eyck return( PSA_SUCCESS );
94b0563631STom Van Eyck }
95b0563631STom Van Eyck
psa_driver_wrapper_free(void)96b0563631STom Van Eyck static inline void psa_driver_wrapper_free( void )
97b0563631STom Van Eyck {
98b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
99b0563631STom Van Eyck /* Unregister all secure element drivers, so that we restart from
100b0563631STom Van Eyck * a pristine state. */
101b0563631STom Van Eyck psa_unregister_all_se_drivers( );
102b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
103b0563631STom Van Eyck
104b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
105b0563631STom Van Eyck mbedtls_test_transparent_free( );
106b0563631STom Van Eyck mbedtls_test_opaque_free( );
107b0563631STom Van Eyck #endif
108b0563631STom Van Eyck }
109b0563631STom Van Eyck
110b0563631STom Van Eyck /* Start delegation functions */
psa_driver_wrapper_sign_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * signature,size_t signature_size,size_t * signature_length)111b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_sign_message(
112b0563631STom Van Eyck const psa_key_attributes_t *attributes,
113b0563631STom Van Eyck const uint8_t *key_buffer,
114b0563631STom Van Eyck size_t key_buffer_size,
115b0563631STom Van Eyck psa_algorithm_t alg,
116b0563631STom Van Eyck const uint8_t *input,
117b0563631STom Van Eyck size_t input_length,
118b0563631STom Van Eyck uint8_t *signature,
119b0563631STom Van Eyck size_t signature_size,
120b0563631STom Van Eyck size_t *signature_length )
121b0563631STom Van Eyck {
122b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
123b0563631STom Van Eyck psa_key_location_t location =
124b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
125b0563631STom Van Eyck
126b0563631STom Van Eyck switch( location )
127b0563631STom Van Eyck {
128b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
129b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
130b0563631STom Van Eyck * cycle through all known transparent accelerators */
131b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
132b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
133b0563631STom Van Eyck status = mbedtls_test_transparent_signature_sign_message(
134b0563631STom Van Eyck attributes,
135b0563631STom Van Eyck key_buffer,
136b0563631STom Van Eyck key_buffer_size,
137b0563631STom Van Eyck alg,
138b0563631STom Van Eyck input,
139b0563631STom Van Eyck input_length,
140b0563631STom Van Eyck signature,
141b0563631STom Van Eyck signature_size,
142b0563631STom Van Eyck signature_length );
143b0563631STom Van Eyck /* Declared with fallback == true */
144b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
145b0563631STom Van Eyck return( status );
146b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
147b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
148b0563631STom Van Eyck break;
149b0563631STom Van Eyck
150b0563631STom Van Eyck /* Add cases for opaque driver here */
151b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
152b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
153b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
154b0563631STom Van Eyck status = mbedtls_test_opaque_signature_sign_message(
155b0563631STom Van Eyck attributes,
156b0563631STom Van Eyck key_buffer,
157b0563631STom Van Eyck key_buffer_size,
158b0563631STom Van Eyck alg,
159b0563631STom Van Eyck input,
160b0563631STom Van Eyck input_length,
161b0563631STom Van Eyck signature,
162b0563631STom Van Eyck signature_size,
163b0563631STom Van Eyck signature_length );
164b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
165b0563631STom Van Eyck return( status );
166b0563631STom Van Eyck break;
167b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
168b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
169b0563631STom Van Eyck default:
170b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
171b0563631STom Van Eyck (void)status;
172b0563631STom Van Eyck break;
173b0563631STom Van Eyck }
174b0563631STom Van Eyck
175b0563631STom Van Eyck return( psa_sign_message_builtin( attributes,
176b0563631STom Van Eyck key_buffer,
177b0563631STom Van Eyck key_buffer_size,
178b0563631STom Van Eyck alg,
179b0563631STom Van Eyck input,
180b0563631STom Van Eyck input_length,
181b0563631STom Van Eyck signature,
182b0563631STom Van Eyck signature_size,
183b0563631STom Van Eyck signature_length ) );
184b0563631STom Van Eyck }
185b0563631STom Van Eyck
psa_driver_wrapper_verify_message(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * signature,size_t signature_length)186b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_verify_message(
187b0563631STom Van Eyck const psa_key_attributes_t *attributes,
188b0563631STom Van Eyck const uint8_t *key_buffer,
189b0563631STom Van Eyck size_t key_buffer_size,
190b0563631STom Van Eyck psa_algorithm_t alg,
191b0563631STom Van Eyck const uint8_t *input,
192b0563631STom Van Eyck size_t input_length,
193b0563631STom Van Eyck const uint8_t *signature,
194b0563631STom Van Eyck size_t signature_length )
195b0563631STom Van Eyck {
196b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
197b0563631STom Van Eyck psa_key_location_t location =
198b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
199b0563631STom Van Eyck
200b0563631STom Van Eyck switch( location )
201b0563631STom Van Eyck {
202b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
203b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
204b0563631STom Van Eyck * cycle through all known transparent accelerators */
205b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
206b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
207b0563631STom Van Eyck status = mbedtls_test_transparent_signature_verify_message(
208b0563631STom Van Eyck attributes,
209b0563631STom Van Eyck key_buffer,
210b0563631STom Van Eyck key_buffer_size,
211b0563631STom Van Eyck alg,
212b0563631STom Van Eyck input,
213b0563631STom Van Eyck input_length,
214b0563631STom Van Eyck signature,
215b0563631STom Van Eyck signature_length );
216b0563631STom Van Eyck /* Declared with fallback == true */
217b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
218b0563631STom Van Eyck return( status );
219b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
220b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
221b0563631STom Van Eyck break;
222b0563631STom Van Eyck
223b0563631STom Van Eyck /* Add cases for opaque driver here */
224b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
225b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
226b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
227b0563631STom Van Eyck return( mbedtls_test_opaque_signature_verify_message(
228b0563631STom Van Eyck attributes,
229b0563631STom Van Eyck key_buffer,
230b0563631STom Van Eyck key_buffer_size,
231b0563631STom Van Eyck alg,
232b0563631STom Van Eyck input,
233b0563631STom Van Eyck input_length,
234b0563631STom Van Eyck signature,
235b0563631STom Van Eyck signature_length ) );
236b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
237b0563631STom Van Eyck return( status );
238b0563631STom Van Eyck break;
239b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
240b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
241b0563631STom Van Eyck default:
242b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
243b0563631STom Van Eyck (void)status;
244b0563631STom Van Eyck break;
245b0563631STom Van Eyck }
246b0563631STom Van Eyck
247b0563631STom Van Eyck return( psa_verify_message_builtin( attributes,
248b0563631STom Van Eyck key_buffer,
249b0563631STom Van Eyck key_buffer_size,
250b0563631STom Van Eyck alg,
251b0563631STom Van Eyck input,
252b0563631STom Van Eyck input_length,
253b0563631STom Van Eyck signature,
254b0563631STom Van Eyck signature_length ) );
255b0563631STom Van Eyck }
256b0563631STom Van Eyck
psa_driver_wrapper_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)257b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_sign_hash(
258b0563631STom Van Eyck const psa_key_attributes_t *attributes,
259b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
260b0563631STom Van Eyck psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
261b0563631STom Van Eyck uint8_t *signature, size_t signature_size, size_t *signature_length )
262b0563631STom Van Eyck {
263b0563631STom Van Eyck /* Try dynamically-registered SE interface first */
264b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
265b0563631STom Van Eyck const psa_drv_se_t *drv;
266b0563631STom Van Eyck psa_drv_se_context_t *drv_context;
267b0563631STom Van Eyck
268b0563631STom Van Eyck if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) )
269b0563631STom Van Eyck {
270b0563631STom Van Eyck if( drv->asymmetric == NULL ||
271b0563631STom Van Eyck drv->asymmetric->p_sign == NULL )
272b0563631STom Van Eyck {
273b0563631STom Van Eyck /* Key is defined in SE, but we have no way to exercise it */
274b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
275b0563631STom Van Eyck }
276b0563631STom Van Eyck return( drv->asymmetric->p_sign(
277b0563631STom Van Eyck drv_context, *( (psa_key_slot_number_t *)key_buffer ),
278b0563631STom Van Eyck alg, hash, hash_length,
279b0563631STom Van Eyck signature, signature_size, signature_length ) );
280b0563631STom Van Eyck }
281b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
282b0563631STom Van Eyck
283b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
284b0563631STom Van Eyck psa_key_location_t location =
285b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
286b0563631STom Van Eyck
287b0563631STom Van Eyck switch( location )
288b0563631STom Van Eyck {
289b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
290b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
291b0563631STom Van Eyck * cycle through all known transparent accelerators */
292b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
293b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
294b0563631STom Van Eyck status = mbedtls_test_transparent_signature_sign_hash( attributes,
295b0563631STom Van Eyck key_buffer,
296b0563631STom Van Eyck key_buffer_size,
297b0563631STom Van Eyck alg,
298b0563631STom Van Eyck hash,
299b0563631STom Van Eyck hash_length,
300b0563631STom Van Eyck signature,
301b0563631STom Van Eyck signature_size,
302b0563631STom Van Eyck signature_length );
303b0563631STom Van Eyck /* Declared with fallback == true */
304b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
305b0563631STom Van Eyck return( status );
306b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
307b0563631STom Van Eyck #if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED)
308b0563631STom Van Eyck if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) &&
309*c3deb3d6SEtienne Carriere PSA_ALG_IS_RANDOMIZED_ECDSA(alg) &&
310b0563631STom Van Eyck PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 &&
311b0563631STom Van Eyck psa_get_key_bits(attributes) == 256 )
312b0563631STom Van Eyck {
313b0563631STom Van Eyck status = p256_transparent_sign_hash( attributes,
314b0563631STom Van Eyck key_buffer,
315b0563631STom Van Eyck key_buffer_size,
316b0563631STom Van Eyck alg,
317b0563631STom Van Eyck hash,
318b0563631STom Van Eyck hash_length,
319b0563631STom Van Eyck signature,
320b0563631STom Van Eyck signature_size,
321b0563631STom Van Eyck signature_length );
322b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
323b0563631STom Van Eyck return( status );
324b0563631STom Van Eyck }
325b0563631STom Van Eyck #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */
326b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
327b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
328b0563631STom Van Eyck return( psa_sign_hash_builtin( attributes,
329b0563631STom Van Eyck key_buffer,
330b0563631STom Van Eyck key_buffer_size,
331b0563631STom Van Eyck alg,
332b0563631STom Van Eyck hash,
333b0563631STom Van Eyck hash_length,
334b0563631STom Van Eyck signature,
335b0563631STom Van Eyck signature_size,
336b0563631STom Van Eyck signature_length ) );
337b0563631STom Van Eyck
338b0563631STom Van Eyck /* Add cases for opaque driver here */
339b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
340b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
341b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
342b0563631STom Van Eyck return( mbedtls_test_opaque_signature_sign_hash( attributes,
343b0563631STom Van Eyck key_buffer,
344b0563631STom Van Eyck key_buffer_size,
345b0563631STom Van Eyck alg,
346b0563631STom Van Eyck hash,
347b0563631STom Van Eyck hash_length,
348b0563631STom Van Eyck signature,
349b0563631STom Van Eyck signature_size,
350b0563631STom Van Eyck signature_length ) );
351b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
352b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
353b0563631STom Van Eyck default:
354b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
355b0563631STom Van Eyck (void)status;
356b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
357b0563631STom Van Eyck }
358b0563631STom Van Eyck }
359b0563631STom Van Eyck
psa_driver_wrapper_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)360b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_verify_hash(
361b0563631STom Van Eyck const psa_key_attributes_t *attributes,
362b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
363b0563631STom Van Eyck psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
364b0563631STom Van Eyck const uint8_t *signature, size_t signature_length )
365b0563631STom Van Eyck {
366b0563631STom Van Eyck /* Try dynamically-registered SE interface first */
367b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
368b0563631STom Van Eyck const psa_drv_se_t *drv;
369b0563631STom Van Eyck psa_drv_se_context_t *drv_context;
370b0563631STom Van Eyck
371b0563631STom Van Eyck if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) )
372b0563631STom Van Eyck {
373b0563631STom Van Eyck if( drv->asymmetric == NULL ||
374b0563631STom Van Eyck drv->asymmetric->p_verify == NULL )
375b0563631STom Van Eyck {
376b0563631STom Van Eyck /* Key is defined in SE, but we have no way to exercise it */
377b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
378b0563631STom Van Eyck }
379b0563631STom Van Eyck return( drv->asymmetric->p_verify(
380b0563631STom Van Eyck drv_context, *( (psa_key_slot_number_t *)key_buffer ),
381b0563631STom Van Eyck alg, hash, hash_length,
382b0563631STom Van Eyck signature, signature_length ) );
383b0563631STom Van Eyck }
384b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
385b0563631STom Van Eyck
386b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
387b0563631STom Van Eyck psa_key_location_t location =
388b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
389b0563631STom Van Eyck
390b0563631STom Van Eyck switch( location )
391b0563631STom Van Eyck {
392b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
393b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
394b0563631STom Van Eyck * cycle through all known transparent accelerators */
395b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
396b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
397b0563631STom Van Eyck status = mbedtls_test_transparent_signature_verify_hash(
398b0563631STom Van Eyck attributes,
399b0563631STom Van Eyck key_buffer,
400b0563631STom Van Eyck key_buffer_size,
401b0563631STom Van Eyck alg,
402b0563631STom Van Eyck hash,
403b0563631STom Van Eyck hash_length,
404b0563631STom Van Eyck signature,
405b0563631STom Van Eyck signature_length );
406b0563631STom Van Eyck /* Declared with fallback == true */
407b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
408b0563631STom Van Eyck return( status );
409b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
410b0563631STom Van Eyck #if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED)
411b0563631STom Van Eyck if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) &&
412b0563631STom Van Eyck PSA_ALG_IS_ECDSA(alg) &&
413b0563631STom Van Eyck PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 &&
414b0563631STom Van Eyck psa_get_key_bits(attributes) == 256 )
415b0563631STom Van Eyck {
416b0563631STom Van Eyck status = p256_transparent_verify_hash( attributes,
417b0563631STom Van Eyck key_buffer,
418b0563631STom Van Eyck key_buffer_size,
419b0563631STom Van Eyck alg,
420b0563631STom Van Eyck hash,
421b0563631STom Van Eyck hash_length,
422b0563631STom Van Eyck signature,
423b0563631STom Van Eyck signature_length );
424b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
425b0563631STom Van Eyck return( status );
426b0563631STom Van Eyck }
427b0563631STom Van Eyck #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */
428b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
429b0563631STom Van Eyck
430b0563631STom Van Eyck return( psa_verify_hash_builtin( attributes,
431b0563631STom Van Eyck key_buffer,
432b0563631STom Van Eyck key_buffer_size,
433b0563631STom Van Eyck alg,
434b0563631STom Van Eyck hash,
435b0563631STom Van Eyck hash_length,
436b0563631STom Van Eyck signature,
437b0563631STom Van Eyck signature_length ) );
438b0563631STom Van Eyck
439b0563631STom Van Eyck /* Add cases for opaque driver here */
440b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
441b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
442b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
443b0563631STom Van Eyck return( mbedtls_test_opaque_signature_verify_hash( attributes,
444b0563631STom Van Eyck key_buffer,
445b0563631STom Van Eyck key_buffer_size,
446b0563631STom Van Eyck alg,
447b0563631STom Van Eyck hash,
448b0563631STom Van Eyck hash_length,
449b0563631STom Van Eyck signature,
450b0563631STom Van Eyck signature_length ) );
451b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
452b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
453b0563631STom Van Eyck default:
454b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
455b0563631STom Van Eyck (void)status;
456b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
457b0563631STom Van Eyck }
458b0563631STom Van Eyck }
459b0563631STom Van Eyck
psa_driver_wrapper_sign_hash_get_num_ops(psa_sign_hash_interruptible_operation_t * operation)460b0563631STom Van Eyck static inline uint32_t psa_driver_wrapper_sign_hash_get_num_ops(
461b0563631STom Van Eyck psa_sign_hash_interruptible_operation_t *operation )
462b0563631STom Van Eyck {
463b0563631STom Van Eyck switch( operation->id )
464b0563631STom Van Eyck {
465b0563631STom Van Eyck /* If uninitialised, return 0, as no work can have been done. */
466b0563631STom Van Eyck case 0:
467b0563631STom Van Eyck return 0;
468b0563631STom Van Eyck
469b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
470b0563631STom Van Eyck return(mbedtls_psa_sign_hash_get_num_ops(&operation->ctx.mbedtls_ctx));
471b0563631STom Van Eyck
472b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
473b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
474b0563631STom Van Eyck /* Add test driver tests here */
475b0563631STom Van Eyck
476b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
477b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
478b0563631STom Van Eyck }
479b0563631STom Van Eyck
480b0563631STom Van Eyck /* Can't happen (see discussion in #8271) */
481b0563631STom Van Eyck return 0;
482b0563631STom Van Eyck }
483b0563631STom Van Eyck
psa_driver_wrapper_verify_hash_get_num_ops(psa_verify_hash_interruptible_operation_t * operation)484b0563631STom Van Eyck static inline uint32_t psa_driver_wrapper_verify_hash_get_num_ops(
485b0563631STom Van Eyck psa_verify_hash_interruptible_operation_t *operation )
486b0563631STom Van Eyck {
487b0563631STom Van Eyck switch( operation->id )
488b0563631STom Van Eyck {
489b0563631STom Van Eyck /* If uninitialised, return 0, as no work can have been done. */
490b0563631STom Van Eyck case 0:
491b0563631STom Van Eyck return 0;
492b0563631STom Van Eyck
493b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
494b0563631STom Van Eyck return (mbedtls_psa_verify_hash_get_num_ops(&operation->ctx.mbedtls_ctx));
495b0563631STom Van Eyck
496b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
497b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
498b0563631STom Van Eyck /* Add test driver tests here */
499b0563631STom Van Eyck
500b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
501b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
502b0563631STom Van Eyck
503b0563631STom Van Eyck }
504b0563631STom Van Eyck
505b0563631STom Van Eyck /* Can't happen (see discussion in #8271) */
506b0563631STom Van Eyck return 0;
507b0563631STom Van Eyck }
508b0563631STom Van Eyck
psa_driver_wrapper_sign_hash_start(psa_sign_hash_interruptible_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length)509b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_sign_hash_start(
510b0563631STom Van Eyck psa_sign_hash_interruptible_operation_t *operation,
511b0563631STom Van Eyck const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
512b0563631STom Van Eyck size_t key_buffer_size, psa_algorithm_t alg,
513b0563631STom Van Eyck const uint8_t *hash, size_t hash_length )
514b0563631STom Van Eyck {
515b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
516b0563631STom Van Eyck psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
517b0563631STom Van Eyck psa_get_key_lifetime(attributes) );
518b0563631STom Van Eyck
519b0563631STom Van Eyck switch( location )
520b0563631STom Van Eyck {
521b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
522b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
523b0563631STom Van Eyck * cycle through all known transparent accelerators */
524b0563631STom Van Eyck
525b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
526b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
527b0563631STom Van Eyck
528b0563631STom Van Eyck /* Add test driver tests here */
529b0563631STom Van Eyck
530b0563631STom Van Eyck /* Declared with fallback == true */
531b0563631STom Van Eyck
532b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
533b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
534b0563631STom Van Eyck
535b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
536b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
537b0563631STom Van Eyck status = mbedtls_psa_sign_hash_start( &operation->ctx.mbedtls_ctx,
538b0563631STom Van Eyck attributes,
539b0563631STom Van Eyck key_buffer, key_buffer_size,
540b0563631STom Van Eyck alg, hash, hash_length );
541b0563631STom Van Eyck break;
542b0563631STom Van Eyck
543b0563631STom Van Eyck /* Add cases for opaque driver here */
544b0563631STom Van Eyck
545b0563631STom Van Eyck default:
546b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
547b0563631STom Van Eyck status = PSA_ERROR_INVALID_ARGUMENT;
548b0563631STom Van Eyck break;
549b0563631STom Van Eyck }
550b0563631STom Van Eyck
551b0563631STom Van Eyck return( status );
552b0563631STom Van Eyck }
553b0563631STom Van Eyck
psa_driver_wrapper_sign_hash_complete(psa_sign_hash_interruptible_operation_t * operation,uint8_t * signature,size_t signature_size,size_t * signature_length)554b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_sign_hash_complete(
555b0563631STom Van Eyck psa_sign_hash_interruptible_operation_t *operation,
556b0563631STom Van Eyck uint8_t *signature, size_t signature_size,
557b0563631STom Van Eyck size_t *signature_length )
558b0563631STom Van Eyck {
559b0563631STom Van Eyck switch( operation->id )
560b0563631STom Van Eyck {
561b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
562b0563631STom Van Eyck return( mbedtls_psa_sign_hash_complete( &operation->ctx.mbedtls_ctx,
563b0563631STom Van Eyck signature, signature_size,
564b0563631STom Van Eyck signature_length ) );
565b0563631STom Van Eyck
566b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
567b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
568b0563631STom Van Eyck /* Add test driver tests here */
569b0563631STom Van Eyck
570b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
571b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
572b0563631STom Van Eyck }
573b0563631STom Van Eyck
574b0563631STom Van Eyck ( void ) signature;
575b0563631STom Van Eyck ( void ) signature_size;
576b0563631STom Van Eyck ( void ) signature_length;
577b0563631STom Van Eyck
578b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
579b0563631STom Van Eyck }
580b0563631STom Van Eyck
psa_driver_wrapper_sign_hash_abort(psa_sign_hash_interruptible_operation_t * operation)581b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_sign_hash_abort(
582b0563631STom Van Eyck psa_sign_hash_interruptible_operation_t *operation )
583b0563631STom Van Eyck {
584b0563631STom Van Eyck switch( operation->id )
585b0563631STom Van Eyck {
586b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
587b0563631STom Van Eyck return( mbedtls_psa_sign_hash_abort( &operation->ctx.mbedtls_ctx ) );
588b0563631STom Van Eyck
589b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
590b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
591b0563631STom Van Eyck /* Add test driver tests here */
592b0563631STom Van Eyck
593b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
594b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
595b0563631STom Van Eyck }
596b0563631STom Van Eyck
597b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
598b0563631STom Van Eyck }
599b0563631STom Van Eyck
psa_driver_wrapper_verify_hash_start(psa_verify_hash_interruptible_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)600b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_verify_hash_start(
601b0563631STom Van Eyck psa_verify_hash_interruptible_operation_t *operation,
602b0563631STom Van Eyck const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
603b0563631STom Van Eyck size_t key_buffer_size, psa_algorithm_t alg,
604b0563631STom Van Eyck const uint8_t *hash, size_t hash_length,
605b0563631STom Van Eyck const uint8_t *signature, size_t signature_length )
606b0563631STom Van Eyck {
607b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
608b0563631STom Van Eyck psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
609b0563631STom Van Eyck psa_get_key_lifetime(attributes) );
610b0563631STom Van Eyck
611b0563631STom Van Eyck switch( location )
612b0563631STom Van Eyck {
613b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
614b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
615b0563631STom Van Eyck * cycle through all known transparent accelerators */
616b0563631STom Van Eyck
617b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
618b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
619b0563631STom Van Eyck
620b0563631STom Van Eyck /* Add test driver tests here */
621b0563631STom Van Eyck
622b0563631STom Van Eyck /* Declared with fallback == true */
623b0563631STom Van Eyck
624b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
625b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
626b0563631STom Van Eyck
627b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
628b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
629b0563631STom Van Eyck status = mbedtls_psa_verify_hash_start( &operation->ctx.mbedtls_ctx,
630b0563631STom Van Eyck attributes,
631b0563631STom Van Eyck key_buffer, key_buffer_size,
632b0563631STom Van Eyck alg, hash, hash_length,
633b0563631STom Van Eyck signature, signature_length );
634b0563631STom Van Eyck break;
635b0563631STom Van Eyck
636b0563631STom Van Eyck /* Add cases for opaque driver here */
637b0563631STom Van Eyck
638b0563631STom Van Eyck default:
639b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
640b0563631STom Van Eyck status = PSA_ERROR_INVALID_ARGUMENT;
641b0563631STom Van Eyck break;
642b0563631STom Van Eyck }
643b0563631STom Van Eyck
644b0563631STom Van Eyck return( status );
645b0563631STom Van Eyck }
646b0563631STom Van Eyck
psa_driver_wrapper_verify_hash_complete(psa_verify_hash_interruptible_operation_t * operation)647b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_verify_hash_complete(
648b0563631STom Van Eyck psa_verify_hash_interruptible_operation_t *operation )
649b0563631STom Van Eyck {
650b0563631STom Van Eyck switch( operation->id )
651b0563631STom Van Eyck {
652b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
653b0563631STom Van Eyck return( mbedtls_psa_verify_hash_complete(
654b0563631STom Van Eyck &operation->ctx.mbedtls_ctx
655b0563631STom Van Eyck ) );
656b0563631STom Van Eyck
657b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
658b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
659b0563631STom Van Eyck /* Add test driver tests here */
660b0563631STom Van Eyck
661b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
662b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
663b0563631STom Van Eyck }
664b0563631STom Van Eyck
665b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
666b0563631STom Van Eyck }
667b0563631STom Van Eyck
psa_driver_wrapper_verify_hash_abort(psa_verify_hash_interruptible_operation_t * operation)668b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_verify_hash_abort(
669b0563631STom Van Eyck psa_verify_hash_interruptible_operation_t *operation )
670b0563631STom Van Eyck {
671b0563631STom Van Eyck switch( operation->id )
672b0563631STom Van Eyck {
673b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
674b0563631STom Van Eyck return( mbedtls_psa_verify_hash_abort( &operation->ctx.mbedtls_ctx
675b0563631STom Van Eyck ) );
676b0563631STom Van Eyck
677b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
678b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
679b0563631STom Van Eyck /* Add test driver tests here */
680b0563631STom Van Eyck
681b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
682b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
683b0563631STom Van Eyck }
684b0563631STom Van Eyck
685b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
686b0563631STom Van Eyck }
687b0563631STom Van Eyck
688b0563631STom Van Eyck /** Calculate the key buffer size required to store the key material of a key
689b0563631STom Van Eyck * associated with an opaque driver from input key data.
690b0563631STom Van Eyck *
691b0563631STom Van Eyck * \param[in] attributes The key attributes
692b0563631STom Van Eyck * \param[in] data The input key data.
693b0563631STom Van Eyck * \param[in] data_length The input data length.
694b0563631STom Van Eyck * \param[out] key_buffer_size Minimum buffer size to contain the key material.
695b0563631STom Van Eyck *
696b0563631STom Van Eyck * \retval #PSA_SUCCESS \emptydescription
697b0563631STom Van Eyck * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
698b0563631STom Van Eyck * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
699b0563631STom Van Eyck */
psa_driver_wrapper_get_key_buffer_size_from_key_data(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,size_t * key_buffer_size)700b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data(
701b0563631STom Van Eyck const psa_key_attributes_t *attributes,
702b0563631STom Van Eyck const uint8_t *data,
703b0563631STom Van Eyck size_t data_length,
704b0563631STom Van Eyck size_t *key_buffer_size )
705b0563631STom Van Eyck {
706b0563631STom Van Eyck psa_key_location_t location =
707b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
708b0563631STom Van Eyck psa_key_type_t key_type = psa_get_key_type(attributes);
709b0563631STom Van Eyck
710b0563631STom Van Eyck *key_buffer_size = 0;
711b0563631STom Van Eyck switch( location )
712b0563631STom Van Eyck {
713b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
714b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
715b0563631STom Van Eyck *key_buffer_size = mbedtls_test_opaque_size_function( key_type,
716b0563631STom Van Eyck PSA_BYTES_TO_BITS( data_length ) );
717b0563631STom Van Eyck return( ( *key_buffer_size != 0 ) ?
718b0563631STom Van Eyck PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED );
719b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
720b0563631STom Van Eyck
721b0563631STom Van Eyck default:
722b0563631STom Van Eyck (void)key_type;
723b0563631STom Van Eyck (void)data;
724b0563631STom Van Eyck (void)data_length;
725b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
726b0563631STom Van Eyck }
727b0563631STom Van Eyck }
728b0563631STom Van Eyck
psa_driver_wrapper_generate_key(const psa_key_attributes_t * attributes,const psa_custom_key_parameters_t * custom,const uint8_t * custom_data,size_t custom_data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)729b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_generate_key(
730b0563631STom Van Eyck const psa_key_attributes_t *attributes,
731cb034002SJerome Forissier const psa_custom_key_parameters_t *custom,
732cb034002SJerome Forissier const uint8_t *custom_data, size_t custom_data_length,
733b0563631STom Van Eyck uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
734b0563631STom Van Eyck {
735b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
736b0563631STom Van Eyck psa_key_location_t location =
737b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes));
738b0563631STom Van Eyck
739b0563631STom Van Eyck #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
740b0563631STom Van Eyck int is_default_production =
741cb034002SJerome Forissier psa_custom_key_parameters_are_default(custom, custom_data_length);
742b0563631STom Van Eyck if( location != PSA_KEY_LOCATION_LOCAL_STORAGE && !is_default_production )
743b0563631STom Van Eyck {
744b0563631STom Van Eyck /* We don't support passing custom production parameters
745b0563631STom Van Eyck * to drivers yet. */
746b0563631STom Van Eyck return PSA_ERROR_NOT_SUPPORTED;
747b0563631STom Van Eyck }
748b0563631STom Van Eyck #else
749b0563631STom Van Eyck int is_default_production = 1;
750b0563631STom Van Eyck (void) is_default_production;
751b0563631STom Van Eyck #endif
752b0563631STom Van Eyck
753b0563631STom Van Eyck /* Try dynamically-registered SE interface first */
754b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
755b0563631STom Van Eyck const psa_drv_se_t *drv;
756b0563631STom Van Eyck psa_drv_se_context_t *drv_context;
757b0563631STom Van Eyck
758b0563631STom Van Eyck if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) )
759b0563631STom Van Eyck {
760b0563631STom Van Eyck size_t pubkey_length = 0; /* We don't support this feature yet */
761b0563631STom Van Eyck if( drv->key_management == NULL ||
762b0563631STom Van Eyck drv->key_management->p_generate == NULL )
763b0563631STom Van Eyck {
764b0563631STom Van Eyck /* Key is defined as being in SE, but we have no way to generate it */
765b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
766b0563631STom Van Eyck }
767b0563631STom Van Eyck return( drv->key_management->p_generate(
768b0563631STom Van Eyck drv_context,
769b0563631STom Van Eyck *( (psa_key_slot_number_t *)key_buffer ),
770b0563631STom Van Eyck attributes, NULL, 0, &pubkey_length ) );
771b0563631STom Van Eyck }
772b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
773b0563631STom Van Eyck
774b0563631STom Van Eyck switch( location )
775b0563631STom Van Eyck {
776b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
777b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
778b0563631STom Van Eyck /* Transparent drivers are limited to generating asymmetric keys. */
779b0563631STom Van Eyck /* We don't support passing custom production parameters
780b0563631STom Van Eyck * to drivers yet. */
781b0563631STom Van Eyck if( PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type(attributes) ) &&
782b0563631STom Van Eyck is_default_production )
783b0563631STom Van Eyck {
784b0563631STom Van Eyck /* Cycle through all known transparent accelerators */
785b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
786b0563631STom Van Eyck status = mbedtls_test_transparent_generate_key(
787b0563631STom Van Eyck attributes, key_buffer, key_buffer_size,
788b0563631STom Van Eyck key_buffer_length );
789b0563631STom Van Eyck /* Declared with fallback == true */
790b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
791b0563631STom Van Eyck break;
792b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
793b0563631STom Van Eyck #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
794b0563631STom Van Eyck if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) &&
795b0563631STom Van Eyck psa_get_key_type(attributes) == PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1) &&
796b0563631STom Van Eyck psa_get_key_bits(attributes) == 256 )
797b0563631STom Van Eyck {
798b0563631STom Van Eyck status = p256_transparent_generate_key( attributes,
799b0563631STom Van Eyck key_buffer,
800b0563631STom Van Eyck key_buffer_size,
801b0563631STom Van Eyck key_buffer_length );
802b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
803b0563631STom Van Eyck break;
804b0563631STom Van Eyck }
805b0563631STom Van Eyck
806b0563631STom Van Eyck #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */
807b0563631STom Van Eyck }
808b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
809b0563631STom Van Eyck
810b0563631STom Van Eyck /* Software fallback */
811b0563631STom Van Eyck status = psa_generate_key_internal(
812cb034002SJerome Forissier attributes, custom, custom_data, custom_data_length,
813b0563631STom Van Eyck key_buffer, key_buffer_size, key_buffer_length );
814b0563631STom Van Eyck break;
815b0563631STom Van Eyck
816b0563631STom Van Eyck /* Add cases for opaque driver here */
817b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
818b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
819b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
820b0563631STom Van Eyck status = mbedtls_test_opaque_generate_key(
821b0563631STom Van Eyck attributes, key_buffer, key_buffer_size, key_buffer_length );
822b0563631STom Van Eyck break;
823b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
824b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
825b0563631STom Van Eyck
826b0563631STom Van Eyck default:
827b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
828b0563631STom Van Eyck status = PSA_ERROR_INVALID_ARGUMENT;
829b0563631STom Van Eyck break;
830b0563631STom Van Eyck }
831b0563631STom Van Eyck
832b0563631STom Van Eyck return( status );
833b0563631STom Van Eyck }
834b0563631STom Van Eyck
psa_driver_wrapper_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)835b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_import_key(
836b0563631STom Van Eyck const psa_key_attributes_t *attributes,
837b0563631STom Van Eyck const uint8_t *data,
838b0563631STom Van Eyck size_t data_length,
839b0563631STom Van Eyck uint8_t *key_buffer,
840b0563631STom Van Eyck size_t key_buffer_size,
841b0563631STom Van Eyck size_t *key_buffer_length,
842b0563631STom Van Eyck size_t *bits )
843b0563631STom Van Eyck {
844b0563631STom Van Eyck
845b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
846b0563631STom Van Eyck psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
847b0563631STom Van Eyck psa_get_key_lifetime( attributes ) );
848b0563631STom Van Eyck
849b0563631STom Van Eyck /* Try dynamically-registered SE interface first */
850b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
851b0563631STom Van Eyck const psa_drv_se_t *drv;
852b0563631STom Van Eyck psa_drv_se_context_t *drv_context;
853b0563631STom Van Eyck
854b0563631STom Van Eyck if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) )
855b0563631STom Van Eyck {
856b0563631STom Van Eyck if( drv->key_management == NULL ||
857b0563631STom Van Eyck drv->key_management->p_import == NULL )
858b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
859b0563631STom Van Eyck
860b0563631STom Van Eyck /* The driver should set the number of key bits, however in
861b0563631STom Van Eyck * case it doesn't, we initialize bits to an invalid value. */
862b0563631STom Van Eyck *bits = PSA_MAX_KEY_BITS + 1;
863b0563631STom Van Eyck status = drv->key_management->p_import(
864b0563631STom Van Eyck drv_context,
865b0563631STom Van Eyck *( (psa_key_slot_number_t *)key_buffer ),
866b0563631STom Van Eyck attributes, data, data_length, bits );
867b0563631STom Van Eyck
868b0563631STom Van Eyck if( status != PSA_SUCCESS )
869b0563631STom Van Eyck return( status );
870b0563631STom Van Eyck
871b0563631STom Van Eyck if( (*bits) > PSA_MAX_KEY_BITS )
872b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
873b0563631STom Van Eyck
874b0563631STom Van Eyck return( PSA_SUCCESS );
875b0563631STom Van Eyck }
876b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
877b0563631STom Van Eyck
878b0563631STom Van Eyck switch( location )
879b0563631STom Van Eyck {
880b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
881b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
882b0563631STom Van Eyck * cycle through all known transparent accelerators */
883b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
884b0563631STom Van Eyck
885b0563631STom Van Eyck #if (defined(PSA_CRYPTO_DRIVER_TEST) )
886b0563631STom Van Eyck status = mbedtls_test_transparent_import_key
887b0563631STom Van Eyck (attributes,
888b0563631STom Van Eyck data,
889b0563631STom Van Eyck data_length,
890b0563631STom Van Eyck key_buffer,
891b0563631STom Van Eyck key_buffer_size,
892b0563631STom Van Eyck key_buffer_length,
893b0563631STom Van Eyck bits
894b0563631STom Van Eyck );
895b0563631STom Van Eyck
896b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
897b0563631STom Van Eyck return( status );
898b0563631STom Van Eyck #endif
899b0563631STom Van Eyck
900b0563631STom Van Eyck #if (defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) )
901b0563631STom Van Eyck status = p256_transparent_import_key
902b0563631STom Van Eyck (attributes,
903b0563631STom Van Eyck data,
904b0563631STom Van Eyck data_length,
905b0563631STom Van Eyck key_buffer,
906b0563631STom Van Eyck key_buffer_size,
907b0563631STom Van Eyck key_buffer_length,
908b0563631STom Van Eyck bits
909b0563631STom Van Eyck );
910b0563631STom Van Eyck
911b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
912b0563631STom Van Eyck return( status );
913b0563631STom Van Eyck #endif
914b0563631STom Van Eyck
915b0563631STom Van Eyck
916b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
917b0563631STom Van Eyck
918b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
919b0563631STom Van Eyck return( psa_import_key_into_slot( attributes,
920b0563631STom Van Eyck data, data_length,
921b0563631STom Van Eyck key_buffer, key_buffer_size,
922b0563631STom Van Eyck key_buffer_length, bits ) );
923b0563631STom Van Eyck /* Add cases for opaque driver here */
924b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
925b0563631STom Van Eyck
926b0563631STom Van Eyck #if (defined(PSA_CRYPTO_DRIVER_TEST) )
927b0563631STom Van Eyck case 0x7fffff:
928b0563631STom Van Eyck return( mbedtls_test_opaque_import_key
929b0563631STom Van Eyck (attributes,
930b0563631STom Van Eyck data,
931b0563631STom Van Eyck data_length,
932b0563631STom Van Eyck key_buffer,
933b0563631STom Van Eyck key_buffer_size,
934b0563631STom Van Eyck key_buffer_length,
935b0563631STom Van Eyck bits
936b0563631STom Van Eyck ));
937b0563631STom Van Eyck #endif
938b0563631STom Van Eyck
939b0563631STom Van Eyck
940b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
941b0563631STom Van Eyck default:
942b0563631STom Van Eyck (void)status;
943b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
944b0563631STom Van Eyck }
945b0563631STom Van Eyck
946b0563631STom Van Eyck }
947b0563631STom Van Eyck
psa_driver_wrapper_export_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)948b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_export_key(
949b0563631STom Van Eyck const psa_key_attributes_t *attributes,
950b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
951b0563631STom Van Eyck uint8_t *data, size_t data_size, size_t *data_length )
952b0563631STom Van Eyck
953b0563631STom Van Eyck {
954b0563631STom Van Eyck
955b0563631STom Van Eyck psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
956b0563631STom Van Eyck psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
957b0563631STom Van Eyck psa_get_key_lifetime( attributes ) );
958b0563631STom Van Eyck
959b0563631STom Van Eyck /* Try dynamically-registered SE interface first */
960b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
961b0563631STom Van Eyck const psa_drv_se_t *drv;
962b0563631STom Van Eyck psa_drv_se_context_t *drv_context;
963b0563631STom Van Eyck
964b0563631STom Van Eyck if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) )
965b0563631STom Van Eyck {
966b0563631STom Van Eyck if( ( drv->key_management == NULL ) ||
967b0563631STom Van Eyck ( drv->key_management->p_export == NULL ) )
968b0563631STom Van Eyck {
969b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
970b0563631STom Van Eyck }
971b0563631STom Van Eyck
972b0563631STom Van Eyck return( drv->key_management->p_export(
973b0563631STom Van Eyck drv_context,
974b0563631STom Van Eyck *( (psa_key_slot_number_t *)key_buffer ),
975b0563631STom Van Eyck data, data_size, data_length ) );
976b0563631STom Van Eyck }
977b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
978b0563631STom Van Eyck
979b0563631STom Van Eyck switch( location )
980b0563631STom Van Eyck {
981b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
982b0563631STom Van Eyck return( psa_export_key_internal( attributes,
983b0563631STom Van Eyck key_buffer,
984b0563631STom Van Eyck key_buffer_size,
985b0563631STom Van Eyck data,
986b0563631STom Van Eyck data_size,
987b0563631STom Van Eyck data_length ) );
988b0563631STom Van Eyck
989b0563631STom Van Eyck /* Add cases for opaque driver here */
990b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
991b0563631STom Van Eyck
992b0563631STom Van Eyck #if (defined(PSA_CRYPTO_DRIVER_TEST) )
993b0563631STom Van Eyck case 0x7fffff:
994b0563631STom Van Eyck return( mbedtls_test_opaque_export_key
995b0563631STom Van Eyck (attributes,
996b0563631STom Van Eyck key_buffer,
997b0563631STom Van Eyck key_buffer_size,
998b0563631STom Van Eyck data,
999b0563631STom Van Eyck data_size,
1000b0563631STom Van Eyck data_length
1001b0563631STom Van Eyck ));
1002b0563631STom Van Eyck #endif
1003b0563631STom Van Eyck
1004b0563631STom Van Eyck
1005b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1006b0563631STom Van Eyck default:
1007b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1008b0563631STom Van Eyck return( status );
1009b0563631STom Van Eyck }
1010b0563631STom Van Eyck
1011b0563631STom Van Eyck }
1012b0563631STom Van Eyck
psa_driver_wrapper_copy_key(psa_key_attributes_t * attributes,const uint8_t * source_key,size_t source_key_length,uint8_t * target_key_buffer,size_t target_key_buffer_size,size_t * target_key_buffer_length)1013b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_copy_key(
1014b0563631STom Van Eyck psa_key_attributes_t *attributes,
1015b0563631STom Van Eyck const uint8_t *source_key, size_t source_key_length,
1016b0563631STom Van Eyck uint8_t *target_key_buffer, size_t target_key_buffer_size,
1017b0563631STom Van Eyck size_t *target_key_buffer_length )
1018b0563631STom Van Eyck {
1019b0563631STom Van Eyck
1020b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1021b0563631STom Van Eyck psa_key_location_t location =
1022b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1023b0563631STom Van Eyck
1024b0563631STom Van Eyck #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
1025b0563631STom Van Eyck const psa_drv_se_t *drv;
1026b0563631STom Van Eyck psa_drv_se_context_t *drv_context;
1027b0563631STom Van Eyck
1028b0563631STom Van Eyck if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) )
1029b0563631STom Van Eyck {
1030b0563631STom Van Eyck /* Copying to a secure element is not implemented yet. */
1031b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
1032b0563631STom Van Eyck }
1033b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
1034b0563631STom Van Eyck
1035b0563631STom Van Eyck switch( location )
1036b0563631STom Van Eyck {
1037b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1038b0563631STom Van Eyck
1039b0563631STom Van Eyck #if (defined(PSA_CRYPTO_DRIVER_TEST) )
1040b0563631STom Van Eyck case 0x7fffff:
1041b0563631STom Van Eyck return( mbedtls_test_opaque_copy_key
1042b0563631STom Van Eyck (attributes,
1043b0563631STom Van Eyck source_key,
1044b0563631STom Van Eyck source_key_length,
1045b0563631STom Van Eyck target_key_buffer,
1046b0563631STom Van Eyck target_key_buffer_size,
1047b0563631STom Van Eyck target_key_buffer_length
1048b0563631STom Van Eyck ));
1049b0563631STom Van Eyck #endif
1050b0563631STom Van Eyck
1051b0563631STom Van Eyck
1052b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1053b0563631STom Van Eyck default:
1054b0563631STom Van Eyck (void)source_key;
1055b0563631STom Van Eyck (void)source_key_length;
1056b0563631STom Van Eyck (void)target_key_buffer;
1057b0563631STom Van Eyck (void)target_key_buffer_size;
1058b0563631STom Van Eyck (void)target_key_buffer_length;
1059b0563631STom Van Eyck status = PSA_ERROR_INVALID_ARGUMENT;
1060b0563631STom Van Eyck }
1061b0563631STom Van Eyck return( status );
1062b0563631STom Van Eyck
1063b0563631STom Van Eyck }
1064b0563631STom Van Eyck
1065b0563631STom Van Eyck /*
1066b0563631STom Van Eyck * Cipher functions
1067b0563631STom Van Eyck */
psa_driver_wrapper_cipher_encrypt(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * iv,size_t iv_length,const uint8_t * input,size_t input_length,uint8_t * output,size_t output_size,size_t * output_length)1068b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_encrypt(
1069b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1070b0563631STom Van Eyck const uint8_t *key_buffer,
1071b0563631STom Van Eyck size_t key_buffer_size,
1072b0563631STom Van Eyck psa_algorithm_t alg,
1073b0563631STom Van Eyck const uint8_t *iv,
1074b0563631STom Van Eyck size_t iv_length,
1075b0563631STom Van Eyck const uint8_t *input,
1076b0563631STom Van Eyck size_t input_length,
1077b0563631STom Van Eyck uint8_t *output,
1078b0563631STom Van Eyck size_t output_size,
1079b0563631STom Van Eyck size_t *output_length )
1080b0563631STom Van Eyck {
1081b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1082b0563631STom Van Eyck psa_key_location_t location =
1083b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1084b0563631STom Van Eyck
1085b0563631STom Van Eyck switch( location )
1086b0563631STom Van Eyck {
1087b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1088b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1089b0563631STom Van Eyck * cycle through all known transparent accelerators */
1090b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1091b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1092b0563631STom Van Eyck status = mbedtls_test_transparent_cipher_encrypt( attributes,
1093b0563631STom Van Eyck key_buffer,
1094b0563631STom Van Eyck key_buffer_size,
1095b0563631STom Van Eyck alg,
1096b0563631STom Van Eyck iv,
1097b0563631STom Van Eyck iv_length,
1098b0563631STom Van Eyck input,
1099b0563631STom Van Eyck input_length,
1100b0563631STom Van Eyck output,
1101b0563631STom Van Eyck output_size,
1102b0563631STom Van Eyck output_length );
1103b0563631STom Van Eyck /* Declared with fallback == true */
1104b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1105b0563631STom Van Eyck return( status );
1106b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1107b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1108b0563631STom Van Eyck
1109b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1110b0563631STom Van Eyck return( mbedtls_psa_cipher_encrypt( attributes,
1111b0563631STom Van Eyck key_buffer,
1112b0563631STom Van Eyck key_buffer_size,
1113b0563631STom Van Eyck alg,
1114b0563631STom Van Eyck iv,
1115b0563631STom Van Eyck iv_length,
1116b0563631STom Van Eyck input,
1117b0563631STom Van Eyck input_length,
1118b0563631STom Van Eyck output,
1119b0563631STom Van Eyck output_size,
1120b0563631STom Van Eyck output_length ) );
1121b0563631STom Van Eyck #else
1122b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
1123b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1124b0563631STom Van Eyck
1125b0563631STom Van Eyck /* Add cases for opaque driver here */
1126b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1127b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1128b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1129b0563631STom Van Eyck return( mbedtls_test_opaque_cipher_encrypt( attributes,
1130b0563631STom Van Eyck key_buffer,
1131b0563631STom Van Eyck key_buffer_size,
1132b0563631STom Van Eyck alg,
1133b0563631STom Van Eyck iv,
1134b0563631STom Van Eyck iv_length,
1135b0563631STom Van Eyck input,
1136b0563631STom Van Eyck input_length,
1137b0563631STom Van Eyck output,
1138b0563631STom Van Eyck output_size,
1139b0563631STom Van Eyck output_length ) );
1140b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1141b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1142b0563631STom Van Eyck
1143b0563631STom Van Eyck default:
1144b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1145b0563631STom Van Eyck (void)status;
1146b0563631STom Van Eyck (void)key_buffer;
1147b0563631STom Van Eyck (void)key_buffer_size;
1148b0563631STom Van Eyck (void)alg;
1149b0563631STom Van Eyck (void)iv;
1150b0563631STom Van Eyck (void)iv_length;
1151b0563631STom Van Eyck (void)input;
1152b0563631STom Van Eyck (void)input_length;
1153b0563631STom Van Eyck (void)output;
1154b0563631STom Van Eyck (void)output_size;
1155b0563631STom Van Eyck (void)output_length;
1156b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1157b0563631STom Van Eyck }
1158b0563631STom Van Eyck }
1159b0563631STom Van Eyck
psa_driver_wrapper_cipher_decrypt(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * output,size_t output_size,size_t * output_length)1160b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_decrypt(
1161b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1162b0563631STom Van Eyck const uint8_t *key_buffer,
1163b0563631STom Van Eyck size_t key_buffer_size,
1164b0563631STom Van Eyck psa_algorithm_t alg,
1165b0563631STom Van Eyck const uint8_t *input,
1166b0563631STom Van Eyck size_t input_length,
1167b0563631STom Van Eyck uint8_t *output,
1168b0563631STom Van Eyck size_t output_size,
1169b0563631STom Van Eyck size_t *output_length )
1170b0563631STom Van Eyck {
1171b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1172b0563631STom Van Eyck psa_key_location_t location =
1173b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1174b0563631STom Van Eyck
1175b0563631STom Van Eyck switch( location )
1176b0563631STom Van Eyck {
1177b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1178b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1179b0563631STom Van Eyck * cycle through all known transparent accelerators */
1180b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1181b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1182b0563631STom Van Eyck status = mbedtls_test_transparent_cipher_decrypt( attributes,
1183b0563631STom Van Eyck key_buffer,
1184b0563631STom Van Eyck key_buffer_size,
1185b0563631STom Van Eyck alg,
1186b0563631STom Van Eyck input,
1187b0563631STom Van Eyck input_length,
1188b0563631STom Van Eyck output,
1189b0563631STom Van Eyck output_size,
1190b0563631STom Van Eyck output_length );
1191b0563631STom Van Eyck /* Declared with fallback == true */
1192b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1193b0563631STom Van Eyck return( status );
1194b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1195b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1196b0563631STom Van Eyck
1197b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1198b0563631STom Van Eyck return( mbedtls_psa_cipher_decrypt( attributes,
1199b0563631STom Van Eyck key_buffer,
1200b0563631STom Van Eyck key_buffer_size,
1201b0563631STom Van Eyck alg,
1202b0563631STom Van Eyck input,
1203b0563631STom Van Eyck input_length,
1204b0563631STom Van Eyck output,
1205b0563631STom Van Eyck output_size,
1206b0563631STom Van Eyck output_length ) );
1207b0563631STom Van Eyck #else
1208b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
1209b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1210b0563631STom Van Eyck
1211b0563631STom Van Eyck /* Add cases for opaque driver here */
1212b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1213b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1214b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1215b0563631STom Van Eyck return( mbedtls_test_opaque_cipher_decrypt( attributes,
1216b0563631STom Van Eyck key_buffer,
1217b0563631STom Van Eyck key_buffer_size,
1218b0563631STom Van Eyck alg,
1219b0563631STom Van Eyck input,
1220b0563631STom Van Eyck input_length,
1221b0563631STom Van Eyck output,
1222b0563631STom Van Eyck output_size,
1223b0563631STom Van Eyck output_length ) );
1224b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1225b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1226b0563631STom Van Eyck
1227b0563631STom Van Eyck default:
1228b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1229b0563631STom Van Eyck (void)status;
1230b0563631STom Van Eyck (void)key_buffer;
1231b0563631STom Van Eyck (void)key_buffer_size;
1232b0563631STom Van Eyck (void)alg;
1233b0563631STom Van Eyck (void)input;
1234b0563631STom Van Eyck (void)input_length;
1235b0563631STom Van Eyck (void)output;
1236b0563631STom Van Eyck (void)output_size;
1237b0563631STom Van Eyck (void)output_length;
1238b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1239b0563631STom Van Eyck }
1240b0563631STom Van Eyck }
1241b0563631STom Van Eyck
psa_driver_wrapper_cipher_encrypt_setup(psa_cipher_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg)1242b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
1243b0563631STom Van Eyck psa_cipher_operation_t *operation,
1244b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1245b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
1246b0563631STom Van Eyck psa_algorithm_t alg )
1247b0563631STom Van Eyck {
1248b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1249b0563631STom Van Eyck psa_key_location_t location =
1250b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1251b0563631STom Van Eyck
1252b0563631STom Van Eyck switch( location )
1253b0563631STom Van Eyck {
1254b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1255b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1256b0563631STom Van Eyck * cycle through all known transparent accelerators */
1257b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1258b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1259b0563631STom Van Eyck status = mbedtls_test_transparent_cipher_encrypt_setup(
1260b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1261b0563631STom Van Eyck attributes,
1262b0563631STom Van Eyck key_buffer,
1263b0563631STom Van Eyck key_buffer_size,
1264b0563631STom Van Eyck alg );
1265b0563631STom Van Eyck /* Declared with fallback == true */
1266b0563631STom Van Eyck if( status == PSA_SUCCESS )
1267b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
1268b0563631STom Van Eyck
1269b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1270b0563631STom Van Eyck return( status );
1271b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1272b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1273b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1274b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
1275b0563631STom Van Eyck status = mbedtls_psa_cipher_encrypt_setup( &operation->ctx.mbedtls_ctx,
1276b0563631STom Van Eyck attributes,
1277b0563631STom Van Eyck key_buffer,
1278b0563631STom Van Eyck key_buffer_size,
1279b0563631STom Van Eyck alg );
1280b0563631STom Van Eyck if( status == PSA_SUCCESS )
1281b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1282b0563631STom Van Eyck
1283b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1284b0563631STom Van Eyck return( status );
1285b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1286b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
1287b0563631STom Van Eyck
1288b0563631STom Van Eyck /* Add cases for opaque driver here */
1289b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1290b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1291b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1292b0563631STom Van Eyck status = mbedtls_test_opaque_cipher_encrypt_setup(
1293b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
1294b0563631STom Van Eyck attributes,
1295b0563631STom Van Eyck key_buffer, key_buffer_size,
1296b0563631STom Van Eyck alg );
1297b0563631STom Van Eyck
1298b0563631STom Van Eyck if( status == PSA_SUCCESS )
1299b0563631STom Van Eyck operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
1300b0563631STom Van Eyck
1301b0563631STom Van Eyck return( status );
1302b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1303b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1304b0563631STom Van Eyck default:
1305b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1306b0563631STom Van Eyck (void)status;
1307b0563631STom Van Eyck (void)operation;
1308b0563631STom Van Eyck (void)key_buffer;
1309b0563631STom Van Eyck (void)key_buffer_size;
1310b0563631STom Van Eyck (void)alg;
1311b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1312b0563631STom Van Eyck }
1313b0563631STom Van Eyck }
1314b0563631STom Van Eyck
psa_driver_wrapper_cipher_decrypt_setup(psa_cipher_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg)1315b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
1316b0563631STom Van Eyck psa_cipher_operation_t *operation,
1317b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1318b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
1319b0563631STom Van Eyck psa_algorithm_t alg )
1320b0563631STom Van Eyck {
1321b0563631STom Van Eyck psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
1322b0563631STom Van Eyck psa_key_location_t location =
1323b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1324b0563631STom Van Eyck
1325b0563631STom Van Eyck switch( location )
1326b0563631STom Van Eyck {
1327b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1328b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1329b0563631STom Van Eyck * cycle through all known transparent accelerators */
1330b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1331b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1332b0563631STom Van Eyck status = mbedtls_test_transparent_cipher_decrypt_setup(
1333b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1334b0563631STom Van Eyck attributes,
1335b0563631STom Van Eyck key_buffer,
1336b0563631STom Van Eyck key_buffer_size,
1337b0563631STom Van Eyck alg );
1338b0563631STom Van Eyck /* Declared with fallback == true */
1339b0563631STom Van Eyck if( status == PSA_SUCCESS )
1340b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
1341b0563631STom Van Eyck
1342b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1343b0563631STom Van Eyck return( status );
1344b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1345b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1346b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1347b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
1348b0563631STom Van Eyck status = mbedtls_psa_cipher_decrypt_setup( &operation->ctx.mbedtls_ctx,
1349b0563631STom Van Eyck attributes,
1350b0563631STom Van Eyck key_buffer,
1351b0563631STom Van Eyck key_buffer_size,
1352b0563631STom Van Eyck alg );
1353b0563631STom Van Eyck if( status == PSA_SUCCESS )
1354b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1355b0563631STom Van Eyck
1356b0563631STom Van Eyck return( status );
1357b0563631STom Van Eyck #else /* MBEDTLS_PSA_BUILTIN_CIPHER */
1358b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
1359b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1360b0563631STom Van Eyck
1361b0563631STom Van Eyck /* Add cases for opaque driver here */
1362b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1363b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1364b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1365b0563631STom Van Eyck status = mbedtls_test_opaque_cipher_decrypt_setup(
1366b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
1367b0563631STom Van Eyck attributes,
1368b0563631STom Van Eyck key_buffer, key_buffer_size,
1369b0563631STom Van Eyck alg );
1370b0563631STom Van Eyck
1371b0563631STom Van Eyck if( status == PSA_SUCCESS )
1372b0563631STom Van Eyck operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
1373b0563631STom Van Eyck
1374b0563631STom Van Eyck return( status );
1375b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1376b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1377b0563631STom Van Eyck default:
1378b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1379b0563631STom Van Eyck (void)status;
1380b0563631STom Van Eyck (void)operation;
1381b0563631STom Van Eyck (void)key_buffer;
1382b0563631STom Van Eyck (void)key_buffer_size;
1383b0563631STom Van Eyck (void)alg;
1384b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1385b0563631STom Van Eyck }
1386b0563631STom Van Eyck }
1387b0563631STom Van Eyck
psa_driver_wrapper_cipher_set_iv(psa_cipher_operation_t * operation,const uint8_t * iv,size_t iv_length)1388b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_set_iv(
1389b0563631STom Van Eyck psa_cipher_operation_t *operation,
1390b0563631STom Van Eyck const uint8_t *iv,
1391b0563631STom Van Eyck size_t iv_length )
1392b0563631STom Van Eyck {
1393b0563631STom Van Eyck switch( operation->id )
1394b0563631STom Van Eyck {
1395b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1396b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1397b0563631STom Van Eyck return( mbedtls_psa_cipher_set_iv( &operation->ctx.mbedtls_ctx,
1398b0563631STom Van Eyck iv,
1399b0563631STom Van Eyck iv_length ) );
1400b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1401b0563631STom Van Eyck
1402b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1403b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1404b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1405b0563631STom Van Eyck return( mbedtls_test_transparent_cipher_set_iv(
1406b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1407b0563631STom Van Eyck iv, iv_length ) );
1408b0563631STom Van Eyck
1409b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
1410b0563631STom Van Eyck return( mbedtls_test_opaque_cipher_set_iv(
1411b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
1412b0563631STom Van Eyck iv, iv_length ) );
1413b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1414b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1415b0563631STom Van Eyck }
1416b0563631STom Van Eyck
1417b0563631STom Van Eyck (void)iv;
1418b0563631STom Van Eyck (void)iv_length;
1419b0563631STom Van Eyck
1420b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1421b0563631STom Van Eyck }
1422b0563631STom Van Eyck
psa_driver_wrapper_cipher_update(psa_cipher_operation_t * operation,const uint8_t * input,size_t input_length,uint8_t * output,size_t output_size,size_t * output_length)1423b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_update(
1424b0563631STom Van Eyck psa_cipher_operation_t *operation,
1425b0563631STom Van Eyck const uint8_t *input,
1426b0563631STom Van Eyck size_t input_length,
1427b0563631STom Van Eyck uint8_t *output,
1428b0563631STom Van Eyck size_t output_size,
1429b0563631STom Van Eyck size_t *output_length )
1430b0563631STom Van Eyck {
1431b0563631STom Van Eyck switch( operation->id )
1432b0563631STom Van Eyck {
1433b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1434b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1435b0563631STom Van Eyck return( mbedtls_psa_cipher_update( &operation->ctx.mbedtls_ctx,
1436b0563631STom Van Eyck input,
1437b0563631STom Van Eyck input_length,
1438b0563631STom Van Eyck output,
1439b0563631STom Van Eyck output_size,
1440b0563631STom Van Eyck output_length ) );
1441b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1442b0563631STom Van Eyck
1443b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1444b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1445b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1446b0563631STom Van Eyck return( mbedtls_test_transparent_cipher_update(
1447b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1448b0563631STom Van Eyck input, input_length,
1449b0563631STom Van Eyck output, output_size, output_length ) );
1450b0563631STom Van Eyck
1451b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
1452b0563631STom Van Eyck return( mbedtls_test_opaque_cipher_update(
1453b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
1454b0563631STom Van Eyck input, input_length,
1455b0563631STom Van Eyck output, output_size, output_length ) );
1456b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1457b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1458b0563631STom Van Eyck }
1459b0563631STom Van Eyck
1460b0563631STom Van Eyck (void)input;
1461b0563631STom Van Eyck (void)input_length;
1462b0563631STom Van Eyck (void)output;
1463b0563631STom Van Eyck (void)output_size;
1464b0563631STom Van Eyck (void)output_length;
1465b0563631STom Van Eyck
1466b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1467b0563631STom Van Eyck }
1468b0563631STom Van Eyck
psa_driver_wrapper_cipher_finish(psa_cipher_operation_t * operation,uint8_t * output,size_t output_size,size_t * output_length)1469b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_finish(
1470b0563631STom Van Eyck psa_cipher_operation_t *operation,
1471b0563631STom Van Eyck uint8_t *output,
1472b0563631STom Van Eyck size_t output_size,
1473b0563631STom Van Eyck size_t *output_length )
1474b0563631STom Van Eyck {
1475b0563631STom Van Eyck switch( operation->id )
1476b0563631STom Van Eyck {
1477b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1478b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1479b0563631STom Van Eyck return( mbedtls_psa_cipher_finish( &operation->ctx.mbedtls_ctx,
1480b0563631STom Van Eyck output,
1481b0563631STom Van Eyck output_size,
1482b0563631STom Van Eyck output_length ) );
1483b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1484b0563631STom Van Eyck
1485b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1486b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1487b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1488b0563631STom Van Eyck return( mbedtls_test_transparent_cipher_finish(
1489b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1490b0563631STom Van Eyck output, output_size, output_length ) );
1491b0563631STom Van Eyck
1492b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
1493b0563631STom Van Eyck return( mbedtls_test_opaque_cipher_finish(
1494b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
1495b0563631STom Van Eyck output, output_size, output_length ) );
1496b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1497b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1498b0563631STom Van Eyck }
1499b0563631STom Van Eyck
1500b0563631STom Van Eyck (void)output;
1501b0563631STom Van Eyck (void)output_size;
1502b0563631STom Van Eyck (void)output_length;
1503b0563631STom Van Eyck
1504b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1505b0563631STom Van Eyck }
1506b0563631STom Van Eyck
psa_driver_wrapper_cipher_abort(psa_cipher_operation_t * operation)1507b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_cipher_abort(
1508b0563631STom Van Eyck psa_cipher_operation_t *operation )
1509b0563631STom Van Eyck {
1510b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1511b0563631STom Van Eyck
1512b0563631STom Van Eyck switch( operation->id )
1513b0563631STom Van Eyck {
1514b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1515b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1516b0563631STom Van Eyck return( mbedtls_psa_cipher_abort( &operation->ctx.mbedtls_ctx ) );
1517b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1518b0563631STom Van Eyck
1519b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1520b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1521b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1522b0563631STom Van Eyck status = mbedtls_test_transparent_cipher_abort(
1523b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx );
1524b0563631STom Van Eyck mbedtls_platform_zeroize(
1525b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1526b0563631STom Van Eyck sizeof( operation->ctx.transparent_test_driver_ctx ) );
1527b0563631STom Van Eyck return( status );
1528b0563631STom Van Eyck
1529b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
1530b0563631STom Van Eyck status = mbedtls_test_opaque_cipher_abort(
1531b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx );
1532b0563631STom Van Eyck mbedtls_platform_zeroize(
1533b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
1534b0563631STom Van Eyck sizeof( operation->ctx.opaque_test_driver_ctx ) );
1535b0563631STom Van Eyck return( status );
1536b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1537b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1538b0563631STom Van Eyck }
1539b0563631STom Van Eyck
1540b0563631STom Van Eyck (void)status;
1541b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1542b0563631STom Van Eyck }
1543b0563631STom Van Eyck
1544b0563631STom Van Eyck /*
1545b0563631STom Van Eyck * Hashing functions
1546b0563631STom Van Eyck */
psa_driver_wrapper_hash_compute(psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * hash,size_t hash_size,size_t * hash_length)1547b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_hash_compute(
1548b0563631STom Van Eyck psa_algorithm_t alg,
1549b0563631STom Van Eyck const uint8_t *input,
1550b0563631STom Van Eyck size_t input_length,
1551b0563631STom Van Eyck uint8_t *hash,
1552b0563631STom Van Eyck size_t hash_size,
1553b0563631STom Van Eyck size_t *hash_length)
1554b0563631STom Van Eyck {
1555b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1556b0563631STom Van Eyck
1557b0563631STom Van Eyck /* Try accelerators first */
1558b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1559b0563631STom Van Eyck status = mbedtls_test_transparent_hash_compute(
1560b0563631STom Van Eyck alg, input, input_length, hash, hash_size, hash_length );
1561b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1562b0563631STom Van Eyck return( status );
1563b0563631STom Van Eyck #endif
1564b0563631STom Van Eyck
1565b0563631STom Van Eyck /* If software fallback is compiled in, try fallback */
1566b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1567b0563631STom Van Eyck status = mbedtls_psa_hash_compute( alg, input, input_length,
1568b0563631STom Van Eyck hash, hash_size, hash_length );
1569b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1570b0563631STom Van Eyck return( status );
1571b0563631STom Van Eyck #endif
1572b0563631STom Van Eyck (void) status;
1573b0563631STom Van Eyck (void) alg;
1574b0563631STom Van Eyck (void) input;
1575b0563631STom Van Eyck (void) input_length;
1576b0563631STom Van Eyck (void) hash;
1577b0563631STom Van Eyck (void) hash_size;
1578b0563631STom Van Eyck (void) hash_length;
1579b0563631STom Van Eyck
1580b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
1581b0563631STom Van Eyck }
1582b0563631STom Van Eyck
psa_driver_wrapper_hash_setup(psa_hash_operation_t * operation,psa_algorithm_t alg)1583b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_hash_setup(
1584b0563631STom Van Eyck psa_hash_operation_t *operation,
1585b0563631STom Van Eyck psa_algorithm_t alg )
1586b0563631STom Van Eyck {
1587b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1588b0563631STom Van Eyck
1589b0563631STom Van Eyck /* Try setup on accelerators first */
1590b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1591b0563631STom Van Eyck status = mbedtls_test_transparent_hash_setup(
1592b0563631STom Van Eyck &operation->ctx.test_driver_ctx, alg );
1593b0563631STom Van Eyck if( status == PSA_SUCCESS )
1594b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
1595b0563631STom Van Eyck
1596b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1597b0563631STom Van Eyck return( status );
1598b0563631STom Van Eyck #endif
1599b0563631STom Van Eyck
1600b0563631STom Van Eyck /* If software fallback is compiled in, try fallback */
1601b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1602b0563631STom Van Eyck status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg );
1603b0563631STom Van Eyck if( status == PSA_SUCCESS )
1604b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1605b0563631STom Van Eyck
1606b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1607b0563631STom Van Eyck return( status );
1608b0563631STom Van Eyck #endif
1609b0563631STom Van Eyck /* Nothing left to try if we fall through here */
1610b0563631STom Van Eyck (void) status;
1611b0563631STom Van Eyck (void) operation;
1612b0563631STom Van Eyck (void) alg;
1613b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
1614b0563631STom Van Eyck }
1615b0563631STom Van Eyck
psa_driver_wrapper_hash_clone(const psa_hash_operation_t * source_operation,psa_hash_operation_t * target_operation)1616b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_hash_clone(
1617b0563631STom Van Eyck const psa_hash_operation_t *source_operation,
1618b0563631STom Van Eyck psa_hash_operation_t *target_operation )
1619b0563631STom Van Eyck {
1620b0563631STom Van Eyck switch( source_operation->id )
1621b0563631STom Van Eyck {
1622b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1623b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1624b0563631STom Van Eyck target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1625b0563631STom Van Eyck return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx,
1626b0563631STom Van Eyck &target_operation->ctx.mbedtls_ctx ) );
1627b0563631STom Van Eyck #endif
1628b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1629b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1630b0563631STom Van Eyck target_operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
1631b0563631STom Van Eyck return( mbedtls_test_transparent_hash_clone(
1632b0563631STom Van Eyck &source_operation->ctx.test_driver_ctx,
1633b0563631STom Van Eyck &target_operation->ctx.test_driver_ctx ) );
1634b0563631STom Van Eyck #endif
1635b0563631STom Van Eyck default:
1636b0563631STom Van Eyck (void) target_operation;
1637b0563631STom Van Eyck return( PSA_ERROR_BAD_STATE );
1638b0563631STom Van Eyck }
1639b0563631STom Van Eyck }
1640b0563631STom Van Eyck
psa_driver_wrapper_hash_update(psa_hash_operation_t * operation,const uint8_t * input,size_t input_length)1641b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_hash_update(
1642b0563631STom Van Eyck psa_hash_operation_t *operation,
1643b0563631STom Van Eyck const uint8_t *input,
1644b0563631STom Van Eyck size_t input_length )
1645b0563631STom Van Eyck {
1646b0563631STom Van Eyck switch( operation->id )
1647b0563631STom Van Eyck {
1648b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1649b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1650b0563631STom Van Eyck return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx,
1651b0563631STom Van Eyck input, input_length ) );
1652b0563631STom Van Eyck #endif
1653b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1654b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1655b0563631STom Van Eyck return( mbedtls_test_transparent_hash_update(
1656b0563631STom Van Eyck &operation->ctx.test_driver_ctx,
1657b0563631STom Van Eyck input, input_length ) );
1658b0563631STom Van Eyck #endif
1659b0563631STom Van Eyck default:
1660b0563631STom Van Eyck (void) input;
1661b0563631STom Van Eyck (void) input_length;
1662b0563631STom Van Eyck return( PSA_ERROR_BAD_STATE );
1663b0563631STom Van Eyck }
1664b0563631STom Van Eyck }
1665b0563631STom Van Eyck
psa_driver_wrapper_hash_finish(psa_hash_operation_t * operation,uint8_t * hash,size_t hash_size,size_t * hash_length)1666b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_hash_finish(
1667b0563631STom Van Eyck psa_hash_operation_t *operation,
1668b0563631STom Van Eyck uint8_t *hash,
1669b0563631STom Van Eyck size_t hash_size,
1670b0563631STom Van Eyck size_t *hash_length )
1671b0563631STom Van Eyck {
1672b0563631STom Van Eyck switch( operation->id )
1673b0563631STom Van Eyck {
1674b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1675b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1676b0563631STom Van Eyck return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx,
1677b0563631STom Van Eyck hash, hash_size, hash_length ) );
1678b0563631STom Van Eyck #endif
1679b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1680b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1681b0563631STom Van Eyck return( mbedtls_test_transparent_hash_finish(
1682b0563631STom Van Eyck &operation->ctx.test_driver_ctx,
1683b0563631STom Van Eyck hash, hash_size, hash_length ) );
1684b0563631STom Van Eyck #endif
1685b0563631STom Van Eyck default:
1686b0563631STom Van Eyck (void) hash;
1687b0563631STom Van Eyck (void) hash_size;
1688b0563631STom Van Eyck (void) hash_length;
1689b0563631STom Van Eyck return( PSA_ERROR_BAD_STATE );
1690b0563631STom Van Eyck }
1691b0563631STom Van Eyck }
1692b0563631STom Van Eyck
psa_driver_wrapper_hash_abort(psa_hash_operation_t * operation)1693b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_hash_abort(
1694b0563631STom Van Eyck psa_hash_operation_t *operation )
1695b0563631STom Van Eyck {
1696b0563631STom Van Eyck switch( operation->id )
1697b0563631STom Van Eyck {
1698b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1699b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1700b0563631STom Van Eyck return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) );
1701b0563631STom Van Eyck #endif
1702b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1703b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1704b0563631STom Van Eyck return( mbedtls_test_transparent_hash_abort(
1705b0563631STom Van Eyck &operation->ctx.test_driver_ctx ) );
1706b0563631STom Van Eyck #endif
1707b0563631STom Van Eyck default:
1708b0563631STom Van Eyck return( PSA_ERROR_BAD_STATE );
1709b0563631STom Van Eyck }
1710b0563631STom Van Eyck }
1711b0563631STom Van Eyck
psa_driver_wrapper_aead_encrypt(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * nonce,size_t nonce_length,const uint8_t * additional_data,size_t additional_data_length,const uint8_t * plaintext,size_t plaintext_length,uint8_t * ciphertext,size_t ciphertext_size,size_t * ciphertext_length)1712b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_encrypt(
1713b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1714b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
1715b0563631STom Van Eyck psa_algorithm_t alg,
1716b0563631STom Van Eyck const uint8_t *nonce, size_t nonce_length,
1717b0563631STom Van Eyck const uint8_t *additional_data, size_t additional_data_length,
1718b0563631STom Van Eyck const uint8_t *plaintext, size_t plaintext_length,
1719b0563631STom Van Eyck uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
1720b0563631STom Van Eyck {
1721b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1722b0563631STom Van Eyck psa_key_location_t location =
1723b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1724b0563631STom Van Eyck
1725b0563631STom Van Eyck switch( location )
1726b0563631STom Van Eyck {
1727b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1728b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1729b0563631STom Van Eyck * cycle through all known transparent accelerators */
1730b0563631STom Van Eyck
1731b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1732b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1733b0563631STom Van Eyck status = mbedtls_test_transparent_aead_encrypt(
1734b0563631STom Van Eyck attributes, key_buffer, key_buffer_size,
1735b0563631STom Van Eyck alg,
1736b0563631STom Van Eyck nonce, nonce_length,
1737b0563631STom Van Eyck additional_data, additional_data_length,
1738b0563631STom Van Eyck plaintext, plaintext_length,
1739b0563631STom Van Eyck ciphertext, ciphertext_size, ciphertext_length );
1740b0563631STom Van Eyck /* Declared with fallback == true */
1741b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1742b0563631STom Van Eyck return( status );
1743b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1744b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1745b0563631STom Van Eyck
1746b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
1747b0563631STom Van Eyck return( mbedtls_psa_aead_encrypt(
1748b0563631STom Van Eyck attributes, key_buffer, key_buffer_size,
1749b0563631STom Van Eyck alg,
1750b0563631STom Van Eyck nonce, nonce_length,
1751b0563631STom Van Eyck additional_data, additional_data_length,
1752b0563631STom Van Eyck plaintext, plaintext_length,
1753b0563631STom Van Eyck ciphertext, ciphertext_size, ciphertext_length ) );
1754b0563631STom Van Eyck
1755b0563631STom Van Eyck /* Add cases for opaque driver here */
1756b0563631STom Van Eyck
1757b0563631STom Van Eyck default:
1758b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1759b0563631STom Van Eyck (void)status;
1760b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1761b0563631STom Van Eyck }
1762b0563631STom Van Eyck }
1763b0563631STom Van Eyck
psa_driver_wrapper_aead_decrypt(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * nonce,size_t nonce_length,const uint8_t * additional_data,size_t additional_data_length,const uint8_t * ciphertext,size_t ciphertext_length,uint8_t * plaintext,size_t plaintext_size,size_t * plaintext_length)1764b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_decrypt(
1765b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1766b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
1767b0563631STom Van Eyck psa_algorithm_t alg,
1768b0563631STom Van Eyck const uint8_t *nonce, size_t nonce_length,
1769b0563631STom Van Eyck const uint8_t *additional_data, size_t additional_data_length,
1770b0563631STom Van Eyck const uint8_t *ciphertext, size_t ciphertext_length,
1771b0563631STom Van Eyck uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
1772b0563631STom Van Eyck {
1773b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1774b0563631STom Van Eyck psa_key_location_t location =
1775b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1776b0563631STom Van Eyck
1777b0563631STom Van Eyck switch( location )
1778b0563631STom Van Eyck {
1779b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1780b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1781b0563631STom Van Eyck * cycle through all known transparent accelerators */
1782b0563631STom Van Eyck
1783b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1784b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1785b0563631STom Van Eyck status = mbedtls_test_transparent_aead_decrypt(
1786b0563631STom Van Eyck attributes, key_buffer, key_buffer_size,
1787b0563631STom Van Eyck alg,
1788b0563631STom Van Eyck nonce, nonce_length,
1789b0563631STom Van Eyck additional_data, additional_data_length,
1790b0563631STom Van Eyck ciphertext, ciphertext_length,
1791b0563631STom Van Eyck plaintext, plaintext_size, plaintext_length );
1792b0563631STom Van Eyck /* Declared with fallback == true */
1793b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1794b0563631STom Van Eyck return( status );
1795b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1796b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1797b0563631STom Van Eyck
1798b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
1799b0563631STom Van Eyck return( mbedtls_psa_aead_decrypt(
1800b0563631STom Van Eyck attributes, key_buffer, key_buffer_size,
1801b0563631STom Van Eyck alg,
1802b0563631STom Van Eyck nonce, nonce_length,
1803b0563631STom Van Eyck additional_data, additional_data_length,
1804b0563631STom Van Eyck ciphertext, ciphertext_length,
1805b0563631STom Van Eyck plaintext, plaintext_size, plaintext_length ) );
1806b0563631STom Van Eyck
1807b0563631STom Van Eyck /* Add cases for opaque driver here */
1808b0563631STom Van Eyck
1809b0563631STom Van Eyck default:
1810b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1811b0563631STom Van Eyck (void)status;
1812b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1813b0563631STom Van Eyck }
1814b0563631STom Van Eyck }
1815b0563631STom Van Eyck
psa_driver_wrapper_aead_encrypt_setup(psa_aead_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg)1816b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_encrypt_setup(
1817b0563631STom Van Eyck psa_aead_operation_t *operation,
1818b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1819b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
1820b0563631STom Van Eyck psa_algorithm_t alg )
1821b0563631STom Van Eyck {
1822b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1823b0563631STom Van Eyck psa_key_location_t location =
1824b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1825b0563631STom Van Eyck
1826b0563631STom Van Eyck switch( location )
1827b0563631STom Van Eyck {
1828b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1829b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1830b0563631STom Van Eyck * cycle through all known transparent accelerators */
1831b0563631STom Van Eyck
1832b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1833b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1834b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
1835b0563631STom Van Eyck status = mbedtls_test_transparent_aead_encrypt_setup(
1836b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1837b0563631STom Van Eyck attributes, key_buffer, key_buffer_size,
1838b0563631STom Van Eyck alg );
1839b0563631STom Van Eyck
1840b0563631STom Van Eyck /* Declared with fallback == true */
1841b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1842b0563631STom Van Eyck return( status );
1843b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1844b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1845b0563631STom Van Eyck
1846b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
1847b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1848b0563631STom Van Eyck status = mbedtls_psa_aead_encrypt_setup(
1849b0563631STom Van Eyck &operation->ctx.mbedtls_ctx, attributes,
1850b0563631STom Van Eyck key_buffer, key_buffer_size,
1851b0563631STom Van Eyck alg );
1852b0563631STom Van Eyck
1853b0563631STom Van Eyck return( status );
1854b0563631STom Van Eyck
1855b0563631STom Van Eyck /* Add cases for opaque driver here */
1856b0563631STom Van Eyck
1857b0563631STom Van Eyck default:
1858b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1859b0563631STom Van Eyck (void)status;
1860b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1861b0563631STom Van Eyck }
1862b0563631STom Van Eyck }
1863b0563631STom Van Eyck
psa_driver_wrapper_aead_decrypt_setup(psa_aead_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg)1864b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_decrypt_setup(
1865b0563631STom Van Eyck psa_aead_operation_t *operation,
1866b0563631STom Van Eyck const psa_key_attributes_t *attributes,
1867b0563631STom Van Eyck const uint8_t *key_buffer, size_t key_buffer_size,
1868b0563631STom Van Eyck psa_algorithm_t alg )
1869b0563631STom Van Eyck {
1870b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1871b0563631STom Van Eyck psa_key_location_t location =
1872b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
1873b0563631STom Van Eyck
1874b0563631STom Van Eyck switch( location )
1875b0563631STom Van Eyck {
1876b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
1877b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
1878b0563631STom Van Eyck * cycle through all known transparent accelerators */
1879b0563631STom Van Eyck
1880b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1881b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1882b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
1883b0563631STom Van Eyck status = mbedtls_test_transparent_aead_decrypt_setup(
1884b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1885b0563631STom Van Eyck attributes,
1886b0563631STom Van Eyck key_buffer, key_buffer_size,
1887b0563631STom Van Eyck alg );
1888b0563631STom Van Eyck
1889b0563631STom Van Eyck /* Declared with fallback == true */
1890b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
1891b0563631STom Van Eyck return( status );
1892b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1893b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1894b0563631STom Van Eyck
1895b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
1896b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1897b0563631STom Van Eyck status = mbedtls_psa_aead_decrypt_setup(
1898b0563631STom Van Eyck &operation->ctx.mbedtls_ctx,
1899b0563631STom Van Eyck attributes,
1900b0563631STom Van Eyck key_buffer, key_buffer_size,
1901b0563631STom Van Eyck alg );
1902b0563631STom Van Eyck
1903b0563631STom Van Eyck return( status );
1904b0563631STom Van Eyck
1905b0563631STom Van Eyck /* Add cases for opaque driver here */
1906b0563631STom Van Eyck
1907b0563631STom Van Eyck default:
1908b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
1909b0563631STom Van Eyck (void)status;
1910b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1911b0563631STom Van Eyck }
1912b0563631STom Van Eyck }
1913b0563631STom Van Eyck
psa_driver_wrapper_aead_set_nonce(psa_aead_operation_t * operation,const uint8_t * nonce,size_t nonce_length)1914b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_set_nonce(
1915b0563631STom Van Eyck psa_aead_operation_t *operation,
1916b0563631STom Van Eyck const uint8_t *nonce,
1917b0563631STom Van Eyck size_t nonce_length )
1918b0563631STom Van Eyck {
1919b0563631STom Van Eyck switch( operation->id )
1920b0563631STom Van Eyck {
1921b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
1922b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1923b0563631STom Van Eyck return( mbedtls_psa_aead_set_nonce( &operation->ctx.mbedtls_ctx,
1924b0563631STom Van Eyck nonce,
1925b0563631STom Van Eyck nonce_length ) );
1926b0563631STom Van Eyck
1927b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_AEAD */
1928b0563631STom Van Eyck
1929b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1930b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1931b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1932b0563631STom Van Eyck return( mbedtls_test_transparent_aead_set_nonce(
1933b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1934b0563631STom Van Eyck nonce, nonce_length ) );
1935b0563631STom Van Eyck
1936b0563631STom Van Eyck /* Add cases for opaque driver here */
1937b0563631STom Van Eyck
1938b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1939b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1940b0563631STom Van Eyck }
1941b0563631STom Van Eyck
1942b0563631STom Van Eyck (void)nonce;
1943b0563631STom Van Eyck (void)nonce_length;
1944b0563631STom Van Eyck
1945b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1946b0563631STom Van Eyck }
1947b0563631STom Van Eyck
psa_driver_wrapper_aead_set_lengths(psa_aead_operation_t * operation,size_t ad_length,size_t plaintext_length)1948b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_set_lengths(
1949b0563631STom Van Eyck psa_aead_operation_t *operation,
1950b0563631STom Van Eyck size_t ad_length,
1951b0563631STom Van Eyck size_t plaintext_length )
1952b0563631STom Van Eyck {
1953b0563631STom Van Eyck switch( operation->id )
1954b0563631STom Van Eyck {
1955b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
1956b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1957b0563631STom Van Eyck return( mbedtls_psa_aead_set_lengths( &operation->ctx.mbedtls_ctx,
1958b0563631STom Van Eyck ad_length,
1959b0563631STom Van Eyck plaintext_length ) );
1960b0563631STom Van Eyck
1961b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_AEAD */
1962b0563631STom Van Eyck
1963b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1964b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1965b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
1966b0563631STom Van Eyck return( mbedtls_test_transparent_aead_set_lengths(
1967b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
1968b0563631STom Van Eyck ad_length, plaintext_length ) );
1969b0563631STom Van Eyck
1970b0563631STom Van Eyck /* Add cases for opaque driver here */
1971b0563631STom Van Eyck
1972b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
1973b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1974b0563631STom Van Eyck }
1975b0563631STom Van Eyck
1976b0563631STom Van Eyck (void)ad_length;
1977b0563631STom Van Eyck (void)plaintext_length;
1978b0563631STom Van Eyck
1979b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
1980b0563631STom Van Eyck }
1981b0563631STom Van Eyck
psa_driver_wrapper_aead_update_ad(psa_aead_operation_t * operation,const uint8_t * input,size_t input_length)1982b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_update_ad(
1983b0563631STom Van Eyck psa_aead_operation_t *operation,
1984b0563631STom Van Eyck const uint8_t *input,
1985b0563631STom Van Eyck size_t input_length )
1986b0563631STom Van Eyck {
1987b0563631STom Van Eyck switch( operation->id )
1988b0563631STom Van Eyck {
1989b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
1990b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1991b0563631STom Van Eyck return( mbedtls_psa_aead_update_ad( &operation->ctx.mbedtls_ctx,
1992b0563631STom Van Eyck input,
1993b0563631STom Van Eyck input_length ) );
1994b0563631STom Van Eyck
1995b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_AEAD */
1996b0563631STom Van Eyck
1997b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1998b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
1999b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2000b0563631STom Van Eyck return( mbedtls_test_transparent_aead_update_ad(
2001b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2002b0563631STom Van Eyck input, input_length ) );
2003b0563631STom Van Eyck
2004b0563631STom Van Eyck /* Add cases for opaque driver here */
2005b0563631STom Van Eyck
2006b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2007b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2008b0563631STom Van Eyck }
2009b0563631STom Van Eyck
2010b0563631STom Van Eyck (void)input;
2011b0563631STom Van Eyck (void)input_length;
2012b0563631STom Van Eyck
2013b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2014b0563631STom Van Eyck }
2015b0563631STom Van Eyck
psa_driver_wrapper_aead_update(psa_aead_operation_t * operation,const uint8_t * input,size_t input_length,uint8_t * output,size_t output_size,size_t * output_length)2016b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_update(
2017b0563631STom Van Eyck psa_aead_operation_t *operation,
2018b0563631STom Van Eyck const uint8_t *input,
2019b0563631STom Van Eyck size_t input_length,
2020b0563631STom Van Eyck uint8_t *output,
2021b0563631STom Van Eyck size_t output_size,
2022b0563631STom Van Eyck size_t *output_length )
2023b0563631STom Van Eyck {
2024b0563631STom Van Eyck switch( operation->id )
2025b0563631STom Van Eyck {
2026b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
2027b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2028b0563631STom Van Eyck return( mbedtls_psa_aead_update( &operation->ctx.mbedtls_ctx,
2029b0563631STom Van Eyck input, input_length,
2030b0563631STom Van Eyck output, output_size,
2031b0563631STom Van Eyck output_length ) );
2032b0563631STom Van Eyck
2033b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_AEAD */
2034b0563631STom Van Eyck
2035b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2036b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2037b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2038b0563631STom Van Eyck return( mbedtls_test_transparent_aead_update(
2039b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2040b0563631STom Van Eyck input, input_length, output, output_size,
2041b0563631STom Van Eyck output_length ) );
2042b0563631STom Van Eyck
2043b0563631STom Van Eyck /* Add cases for opaque driver here */
2044b0563631STom Van Eyck
2045b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2046b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2047b0563631STom Van Eyck }
2048b0563631STom Van Eyck
2049b0563631STom Van Eyck (void)input;
2050b0563631STom Van Eyck (void)input_length;
2051b0563631STom Van Eyck (void)output;
2052b0563631STom Van Eyck (void)output_size;
2053b0563631STom Van Eyck (void)output_length;
2054b0563631STom Van Eyck
2055b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2056b0563631STom Van Eyck }
2057b0563631STom Van Eyck
psa_driver_wrapper_aead_finish(psa_aead_operation_t * operation,uint8_t * ciphertext,size_t ciphertext_size,size_t * ciphertext_length,uint8_t * tag,size_t tag_size,size_t * tag_length)2058b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_finish(
2059b0563631STom Van Eyck psa_aead_operation_t *operation,
2060b0563631STom Van Eyck uint8_t *ciphertext,
2061b0563631STom Van Eyck size_t ciphertext_size,
2062b0563631STom Van Eyck size_t *ciphertext_length,
2063b0563631STom Van Eyck uint8_t *tag,
2064b0563631STom Van Eyck size_t tag_size,
2065b0563631STom Van Eyck size_t *tag_length )
2066b0563631STom Van Eyck {
2067b0563631STom Van Eyck switch( operation->id )
2068b0563631STom Van Eyck {
2069b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
2070b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2071b0563631STom Van Eyck return( mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx,
2072b0563631STom Van Eyck ciphertext,
2073b0563631STom Van Eyck ciphertext_size,
2074b0563631STom Van Eyck ciphertext_length, tag,
2075b0563631STom Van Eyck tag_size, tag_length ) );
2076b0563631STom Van Eyck
2077b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_AEAD */
2078b0563631STom Van Eyck
2079b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2080b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2081b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2082b0563631STom Van Eyck return( mbedtls_test_transparent_aead_finish(
2083b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2084b0563631STom Van Eyck ciphertext, ciphertext_size,
2085b0563631STom Van Eyck ciphertext_length, tag, tag_size, tag_length ) );
2086b0563631STom Van Eyck
2087b0563631STom Van Eyck /* Add cases for opaque driver here */
2088b0563631STom Van Eyck
2089b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2090b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2091b0563631STom Van Eyck }
2092b0563631STom Van Eyck
2093b0563631STom Van Eyck (void)ciphertext;
2094b0563631STom Van Eyck (void)ciphertext_size;
2095b0563631STom Van Eyck (void)ciphertext_length;
2096b0563631STom Van Eyck (void)tag;
2097b0563631STom Van Eyck (void)tag_size;
2098b0563631STom Van Eyck (void)tag_length;
2099b0563631STom Van Eyck
2100b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2101b0563631STom Van Eyck }
2102b0563631STom Van Eyck
psa_driver_wrapper_aead_verify(psa_aead_operation_t * operation,uint8_t * plaintext,size_t plaintext_size,size_t * plaintext_length,const uint8_t * tag,size_t tag_length)2103b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_verify(
2104b0563631STom Van Eyck psa_aead_operation_t *operation,
2105b0563631STom Van Eyck uint8_t *plaintext,
2106b0563631STom Van Eyck size_t plaintext_size,
2107b0563631STom Van Eyck size_t *plaintext_length,
2108b0563631STom Van Eyck const uint8_t *tag,
2109b0563631STom Van Eyck size_t tag_length )
2110b0563631STom Van Eyck {
2111b0563631STom Van Eyck switch( operation->id )
2112b0563631STom Van Eyck {
2113b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
2114b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2115b0563631STom Van Eyck {
2116b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2117b0563631STom Van Eyck uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
2118b0563631STom Van Eyck size_t check_tag_length;
2119b0563631STom Van Eyck
2120b0563631STom Van Eyck status = mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx,
2121b0563631STom Van Eyck plaintext,
2122b0563631STom Van Eyck plaintext_size,
2123b0563631STom Van Eyck plaintext_length,
2124b0563631STom Van Eyck check_tag,
2125b0563631STom Van Eyck sizeof( check_tag ),
2126b0563631STom Van Eyck &check_tag_length );
2127b0563631STom Van Eyck
2128b0563631STom Van Eyck if( status == PSA_SUCCESS )
2129b0563631STom Van Eyck {
2130b0563631STom Van Eyck if( tag_length != check_tag_length ||
2131b0563631STom Van Eyck mbedtls_ct_memcmp( tag, check_tag, tag_length )
2132b0563631STom Van Eyck != 0 )
2133b0563631STom Van Eyck status = PSA_ERROR_INVALID_SIGNATURE;
2134b0563631STom Van Eyck }
2135b0563631STom Van Eyck
2136b0563631STom Van Eyck mbedtls_platform_zeroize( check_tag, sizeof( check_tag ) );
2137b0563631STom Van Eyck
2138b0563631STom Van Eyck return( status );
2139b0563631STom Van Eyck }
2140b0563631STom Van Eyck
2141b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_AEAD */
2142b0563631STom Van Eyck
2143b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2144b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2145b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2146b0563631STom Van Eyck return( mbedtls_test_transparent_aead_verify(
2147b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2148b0563631STom Van Eyck plaintext, plaintext_size,
2149b0563631STom Van Eyck plaintext_length, tag, tag_length ) );
2150b0563631STom Van Eyck
2151b0563631STom Van Eyck /* Add cases for opaque driver here */
2152b0563631STom Van Eyck
2153b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2154b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2155b0563631STom Van Eyck }
2156b0563631STom Van Eyck
2157b0563631STom Van Eyck (void)plaintext;
2158b0563631STom Van Eyck (void)plaintext_size;
2159b0563631STom Van Eyck (void)plaintext_length;
2160b0563631STom Van Eyck (void)tag;
2161b0563631STom Van Eyck (void)tag_length;
2162b0563631STom Van Eyck
2163b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2164b0563631STom Van Eyck }
2165b0563631STom Van Eyck
psa_driver_wrapper_aead_abort(psa_aead_operation_t * operation)2166b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_aead_abort(
2167b0563631STom Van Eyck psa_aead_operation_t *operation )
2168b0563631STom Van Eyck {
2169b0563631STom Van Eyck switch( operation->id )
2170b0563631STom Van Eyck {
2171b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
2172b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2173b0563631STom Van Eyck return( mbedtls_psa_aead_abort( &operation->ctx.mbedtls_ctx ) );
2174b0563631STom Van Eyck
2175b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_AEAD */
2176b0563631STom Van Eyck
2177b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2178b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2179b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2180b0563631STom Van Eyck return( mbedtls_test_transparent_aead_abort(
2181b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx ) );
2182b0563631STom Van Eyck
2183b0563631STom Van Eyck /* Add cases for opaque driver here */
2184b0563631STom Van Eyck
2185b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2186b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2187b0563631STom Van Eyck }
2188b0563631STom Van Eyck
2189b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2190b0563631STom Van Eyck }
2191b0563631STom Van Eyck
2192b0563631STom Van Eyck /*
2193b0563631STom Van Eyck * MAC functions
2194b0563631STom Van Eyck */
psa_driver_wrapper_mac_compute(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * mac,size_t mac_size,size_t * mac_length)2195b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_mac_compute(
2196b0563631STom Van Eyck const psa_key_attributes_t *attributes,
2197b0563631STom Van Eyck const uint8_t *key_buffer,
2198b0563631STom Van Eyck size_t key_buffer_size,
2199b0563631STom Van Eyck psa_algorithm_t alg,
2200b0563631STom Van Eyck const uint8_t *input,
2201b0563631STom Van Eyck size_t input_length,
2202b0563631STom Van Eyck uint8_t *mac,
2203b0563631STom Van Eyck size_t mac_size,
2204b0563631STom Van Eyck size_t *mac_length )
2205b0563631STom Van Eyck {
2206b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2207b0563631STom Van Eyck psa_key_location_t location =
2208b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
2209b0563631STom Van Eyck
2210b0563631STom Van Eyck switch( location )
2211b0563631STom Van Eyck {
2212b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
2213b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
2214b0563631STom Van Eyck * cycle through all known transparent accelerators */
2215b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2216b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2217b0563631STom Van Eyck status = mbedtls_test_transparent_mac_compute(
2218b0563631STom Van Eyck attributes, key_buffer, key_buffer_size, alg,
2219b0563631STom Van Eyck input, input_length,
2220b0563631STom Van Eyck mac, mac_size, mac_length );
2221b0563631STom Van Eyck /* Declared with fallback == true */
2222b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2223b0563631STom Van Eyck return( status );
2224b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2225b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2226b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_MAC)
2227b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
2228b0563631STom Van Eyck status = mbedtls_psa_mac_compute(
2229b0563631STom Van Eyck attributes, key_buffer, key_buffer_size, alg,
2230b0563631STom Van Eyck input, input_length,
2231b0563631STom Van Eyck mac, mac_size, mac_length );
2232b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2233b0563631STom Van Eyck return( status );
2234b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_MAC */
2235b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
2236b0563631STom Van Eyck
2237b0563631STom Van Eyck /* Add cases for opaque driver here */
2238b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2239b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2240b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
2241b0563631STom Van Eyck status = mbedtls_test_opaque_mac_compute(
2242b0563631STom Van Eyck attributes, key_buffer, key_buffer_size, alg,
2243b0563631STom Van Eyck input, input_length,
2244b0563631STom Van Eyck mac, mac_size, mac_length );
2245b0563631STom Van Eyck return( status );
2246b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2247b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2248b0563631STom Van Eyck default:
2249b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
2250b0563631STom Van Eyck (void) key_buffer;
2251b0563631STom Van Eyck (void) key_buffer_size;
2252b0563631STom Van Eyck (void) alg;
2253b0563631STom Van Eyck (void) input;
2254b0563631STom Van Eyck (void) input_length;
2255b0563631STom Van Eyck (void) mac;
2256b0563631STom Van Eyck (void) mac_size;
2257b0563631STom Van Eyck (void) mac_length;
2258b0563631STom Van Eyck (void) status;
2259b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2260b0563631STom Van Eyck }
2261b0563631STom Van Eyck }
2262b0563631STom Van Eyck
psa_driver_wrapper_mac_sign_setup(psa_mac_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg)2263b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_mac_sign_setup(
2264b0563631STom Van Eyck psa_mac_operation_t *operation,
2265b0563631STom Van Eyck const psa_key_attributes_t *attributes,
2266b0563631STom Van Eyck const uint8_t *key_buffer,
2267b0563631STom Van Eyck size_t key_buffer_size,
2268b0563631STom Van Eyck psa_algorithm_t alg )
2269b0563631STom Van Eyck {
2270b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2271b0563631STom Van Eyck psa_key_location_t location =
2272b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
2273b0563631STom Van Eyck
2274b0563631STom Van Eyck switch( location )
2275b0563631STom Van Eyck {
2276b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
2277b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
2278b0563631STom Van Eyck * cycle through all known transparent accelerators */
2279b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2280b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2281b0563631STom Van Eyck status = mbedtls_test_transparent_mac_sign_setup(
2282b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2283b0563631STom Van Eyck attributes,
2284b0563631STom Van Eyck key_buffer, key_buffer_size,
2285b0563631STom Van Eyck alg );
2286b0563631STom Van Eyck /* Declared with fallback == true */
2287b0563631STom Van Eyck if( status == PSA_SUCCESS )
2288b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
2289b0563631STom Van Eyck
2290b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2291b0563631STom Van Eyck return( status );
2292b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2293b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2294b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_MAC)
2295b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
2296b0563631STom Van Eyck status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx,
2297b0563631STom Van Eyck attributes,
2298b0563631STom Van Eyck key_buffer, key_buffer_size,
2299b0563631STom Van Eyck alg );
2300b0563631STom Van Eyck if( status == PSA_SUCCESS )
2301b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
2302b0563631STom Van Eyck
2303b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2304b0563631STom Van Eyck return( status );
2305b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_MAC */
2306b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
2307b0563631STom Van Eyck
2308b0563631STom Van Eyck /* Add cases for opaque driver here */
2309b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2310b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2311b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
2312b0563631STom Van Eyck status = mbedtls_test_opaque_mac_sign_setup(
2313b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
2314b0563631STom Van Eyck attributes,
2315b0563631STom Van Eyck key_buffer, key_buffer_size,
2316b0563631STom Van Eyck alg );
2317b0563631STom Van Eyck
2318b0563631STom Van Eyck if( status == PSA_SUCCESS )
2319b0563631STom Van Eyck operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
2320b0563631STom Van Eyck
2321b0563631STom Van Eyck return( status );
2322b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2323b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2324b0563631STom Van Eyck default:
2325b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
2326b0563631STom Van Eyck (void) status;
2327b0563631STom Van Eyck (void) operation;
2328b0563631STom Van Eyck (void) key_buffer;
2329b0563631STom Van Eyck (void) key_buffer_size;
2330b0563631STom Van Eyck (void) alg;
2331b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2332b0563631STom Van Eyck }
2333b0563631STom Van Eyck }
2334b0563631STom Van Eyck
psa_driver_wrapper_mac_verify_setup(psa_mac_operation_t * operation,const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg)2335b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_mac_verify_setup(
2336b0563631STom Van Eyck psa_mac_operation_t *operation,
2337b0563631STom Van Eyck const psa_key_attributes_t *attributes,
2338b0563631STom Van Eyck const uint8_t *key_buffer,
2339b0563631STom Van Eyck size_t key_buffer_size,
2340b0563631STom Van Eyck psa_algorithm_t alg )
2341b0563631STom Van Eyck {
2342b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2343b0563631STom Van Eyck psa_key_location_t location =
2344b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
2345b0563631STom Van Eyck
2346b0563631STom Van Eyck switch( location )
2347b0563631STom Van Eyck {
2348b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
2349b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
2350b0563631STom Van Eyck * cycle through all known transparent accelerators */
2351b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2352b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2353b0563631STom Van Eyck status = mbedtls_test_transparent_mac_verify_setup(
2354b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2355b0563631STom Van Eyck attributes,
2356b0563631STom Van Eyck key_buffer, key_buffer_size,
2357b0563631STom Van Eyck alg );
2358b0563631STom Van Eyck /* Declared with fallback == true */
2359b0563631STom Van Eyck if( status == PSA_SUCCESS )
2360b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
2361b0563631STom Van Eyck
2362b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2363b0563631STom Van Eyck return( status );
2364b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2365b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2366b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_MAC)
2367b0563631STom Van Eyck /* Fell through, meaning no accelerator supports this operation */
2368b0563631STom Van Eyck status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx,
2369b0563631STom Van Eyck attributes,
2370b0563631STom Van Eyck key_buffer, key_buffer_size,
2371b0563631STom Van Eyck alg );
2372b0563631STom Van Eyck if( status == PSA_SUCCESS )
2373b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
2374b0563631STom Van Eyck
2375b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2376b0563631STom Van Eyck return( status );
2377b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_MAC */
2378b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
2379b0563631STom Van Eyck
2380b0563631STom Van Eyck /* Add cases for opaque driver here */
2381b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2382b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2383b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
2384b0563631STom Van Eyck status = mbedtls_test_opaque_mac_verify_setup(
2385b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
2386b0563631STom Van Eyck attributes,
2387b0563631STom Van Eyck key_buffer, key_buffer_size,
2388b0563631STom Van Eyck alg );
2389b0563631STom Van Eyck
2390b0563631STom Van Eyck if( status == PSA_SUCCESS )
2391b0563631STom Van Eyck operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
2392b0563631STom Van Eyck
2393b0563631STom Van Eyck return( status );
2394b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2395b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2396b0563631STom Van Eyck default:
2397b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
2398b0563631STom Van Eyck (void) status;
2399b0563631STom Van Eyck (void) operation;
2400b0563631STom Van Eyck (void) key_buffer;
2401b0563631STom Van Eyck (void) key_buffer_size;
2402b0563631STom Van Eyck (void) alg;
2403b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2404b0563631STom Van Eyck }
2405b0563631STom Van Eyck }
2406b0563631STom Van Eyck
psa_driver_wrapper_mac_update(psa_mac_operation_t * operation,const uint8_t * input,size_t input_length)2407b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_mac_update(
2408b0563631STom Van Eyck psa_mac_operation_t *operation,
2409b0563631STom Van Eyck const uint8_t *input,
2410b0563631STom Van Eyck size_t input_length )
2411b0563631STom Van Eyck {
2412b0563631STom Van Eyck switch( operation->id )
2413b0563631STom Van Eyck {
2414b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_MAC)
2415b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2416b0563631STom Van Eyck return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx,
2417b0563631STom Van Eyck input, input_length ) );
2418b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_MAC */
2419b0563631STom Van Eyck
2420b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2421b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2422b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2423b0563631STom Van Eyck return( mbedtls_test_transparent_mac_update(
2424b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2425b0563631STom Van Eyck input, input_length ) );
2426b0563631STom Van Eyck
2427b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
2428b0563631STom Van Eyck return( mbedtls_test_opaque_mac_update(
2429b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
2430b0563631STom Van Eyck input, input_length ) );
2431b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2432b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2433b0563631STom Van Eyck default:
2434b0563631STom Van Eyck (void) input;
2435b0563631STom Van Eyck (void) input_length;
2436b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2437b0563631STom Van Eyck }
2438b0563631STom Van Eyck }
2439b0563631STom Van Eyck
psa_driver_wrapper_mac_sign_finish(psa_mac_operation_t * operation,uint8_t * mac,size_t mac_size,size_t * mac_length)2440b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_mac_sign_finish(
2441b0563631STom Van Eyck psa_mac_operation_t *operation,
2442b0563631STom Van Eyck uint8_t *mac,
2443b0563631STom Van Eyck size_t mac_size,
2444b0563631STom Van Eyck size_t *mac_length )
2445b0563631STom Van Eyck {
2446b0563631STom Van Eyck switch( operation->id )
2447b0563631STom Van Eyck {
2448b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_MAC)
2449b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2450b0563631STom Van Eyck return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx,
2451b0563631STom Van Eyck mac, mac_size, mac_length ) );
2452b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_MAC */
2453b0563631STom Van Eyck
2454b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2455b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2456b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2457b0563631STom Van Eyck return( mbedtls_test_transparent_mac_sign_finish(
2458b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2459b0563631STom Van Eyck mac, mac_size, mac_length ) );
2460b0563631STom Van Eyck
2461b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
2462b0563631STom Van Eyck return( mbedtls_test_opaque_mac_sign_finish(
2463b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
2464b0563631STom Van Eyck mac, mac_size, mac_length ) );
2465b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2466b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2467b0563631STom Van Eyck default:
2468b0563631STom Van Eyck (void) mac;
2469b0563631STom Van Eyck (void) mac_size;
2470b0563631STom Van Eyck (void) mac_length;
2471b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2472b0563631STom Van Eyck }
2473b0563631STom Van Eyck }
2474b0563631STom Van Eyck
psa_driver_wrapper_mac_verify_finish(psa_mac_operation_t * operation,const uint8_t * mac,size_t mac_length)2475b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_mac_verify_finish(
2476b0563631STom Van Eyck psa_mac_operation_t *operation,
2477b0563631STom Van Eyck const uint8_t *mac,
2478b0563631STom Van Eyck size_t mac_length )
2479b0563631STom Van Eyck {
2480b0563631STom Van Eyck switch( operation->id )
2481b0563631STom Van Eyck {
2482b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_MAC)
2483b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2484b0563631STom Van Eyck return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx,
2485b0563631STom Van Eyck mac, mac_length ) );
2486b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_MAC */
2487b0563631STom Van Eyck
2488b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2489b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2490b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2491b0563631STom Van Eyck return( mbedtls_test_transparent_mac_verify_finish(
2492b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx,
2493b0563631STom Van Eyck mac, mac_length ) );
2494b0563631STom Van Eyck
2495b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
2496b0563631STom Van Eyck return( mbedtls_test_opaque_mac_verify_finish(
2497b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx,
2498b0563631STom Van Eyck mac, mac_length ) );
2499b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2500b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2501b0563631STom Van Eyck default:
2502b0563631STom Van Eyck (void) mac;
2503b0563631STom Van Eyck (void) mac_length;
2504b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2505b0563631STom Van Eyck }
2506b0563631STom Van Eyck }
2507b0563631STom Van Eyck
psa_driver_wrapper_mac_abort(psa_mac_operation_t * operation)2508b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_mac_abort(
2509b0563631STom Van Eyck psa_mac_operation_t *operation )
2510b0563631STom Van Eyck {
2511b0563631STom Van Eyck switch( operation->id )
2512b0563631STom Van Eyck {
2513b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_MAC)
2514b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2515b0563631STom Van Eyck return( mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ) );
2516b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_MAC */
2517b0563631STom Van Eyck
2518b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2519b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2520b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2521b0563631STom Van Eyck return( mbedtls_test_transparent_mac_abort(
2522b0563631STom Van Eyck &operation->ctx.transparent_test_driver_ctx ) );
2523b0563631STom Van Eyck case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
2524b0563631STom Van Eyck return( mbedtls_test_opaque_mac_abort(
2525b0563631STom Van Eyck &operation->ctx.opaque_test_driver_ctx ) );
2526b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2527b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2528b0563631STom Van Eyck default:
2529b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2530b0563631STom Van Eyck }
2531b0563631STom Van Eyck }
2532b0563631STom Van Eyck
2533b0563631STom Van Eyck /*
2534b0563631STom Van Eyck * Asymmetric cryptography
2535b0563631STom Van Eyck */
psa_driver_wrapper_asymmetric_encrypt(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * salt,size_t salt_length,uint8_t * output,size_t output_size,size_t * output_length)2536b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_asymmetric_encrypt(
2537b0563631STom Van Eyck const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
2538b0563631STom Van Eyck size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input,
2539b0563631STom Van Eyck size_t input_length, const uint8_t *salt, size_t salt_length,
2540b0563631STom Van Eyck uint8_t *output, size_t output_size, size_t *output_length )
2541b0563631STom Van Eyck {
2542b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2543b0563631STom Van Eyck psa_key_location_t location =
2544b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
2545b0563631STom Van Eyck
2546b0563631STom Van Eyck switch( location )
2547b0563631STom Van Eyck {
2548b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
2549b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
2550b0563631STom Van Eyck * cycle through all known transparent accelerators */
2551b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2552b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2553b0563631STom Van Eyck status = mbedtls_test_transparent_asymmetric_encrypt( attributes,
2554b0563631STom Van Eyck key_buffer, key_buffer_size, alg, input, input_length,
2555b0563631STom Van Eyck salt, salt_length, output, output_size,
2556b0563631STom Van Eyck output_length );
2557b0563631STom Van Eyck /* Declared with fallback == true */
2558b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2559b0563631STom Van Eyck return( status );
2560b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2561b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2562b0563631STom Van Eyck return( mbedtls_psa_asymmetric_encrypt( attributes,
2563b0563631STom Van Eyck key_buffer, key_buffer_size, alg, input, input_length,
2564b0563631STom Van Eyck salt, salt_length, output, output_size, output_length )
2565b0563631STom Van Eyck );
2566b0563631STom Van Eyck /* Add cases for opaque driver here */
2567b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2568b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2569b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
2570b0563631STom Van Eyck return( mbedtls_test_opaque_asymmetric_encrypt( attributes,
2571b0563631STom Van Eyck key_buffer, key_buffer_size, alg, input, input_length,
2572b0563631STom Van Eyck salt, salt_length, output, output_size, output_length )
2573b0563631STom Van Eyck );
2574b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2575b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2576b0563631STom Van Eyck
2577b0563631STom Van Eyck default:
2578b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
2579b0563631STom Van Eyck (void)status;
2580b0563631STom Van Eyck (void)key_buffer;
2581b0563631STom Van Eyck (void)key_buffer_size;
2582b0563631STom Van Eyck (void)alg;
2583b0563631STom Van Eyck (void)input;
2584b0563631STom Van Eyck (void)input_length;
2585b0563631STom Van Eyck (void)salt;
2586b0563631STom Van Eyck (void)salt_length;
2587b0563631STom Van Eyck (void)output;
2588b0563631STom Van Eyck (void)output_size;
2589b0563631STom Van Eyck (void)output_length;
2590b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2591b0563631STom Van Eyck }
2592b0563631STom Van Eyck }
2593b0563631STom Van Eyck
psa_driver_wrapper_asymmetric_decrypt(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * input,size_t input_length,const uint8_t * salt,size_t salt_length,uint8_t * output,size_t output_size,size_t * output_length)2594b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_asymmetric_decrypt(
2595b0563631STom Van Eyck const psa_key_attributes_t *attributes, const uint8_t *key_buffer,
2596b0563631STom Van Eyck size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input,
2597b0563631STom Van Eyck size_t input_length, const uint8_t *salt, size_t salt_length,
2598b0563631STom Van Eyck uint8_t *output, size_t output_size, size_t *output_length )
2599b0563631STom Van Eyck {
2600b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2601b0563631STom Van Eyck psa_key_location_t location =
2602b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
2603b0563631STom Van Eyck
2604b0563631STom Van Eyck switch( location )
2605b0563631STom Van Eyck {
2606b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
2607b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
2608b0563631STom Van Eyck * cycle through all known transparent accelerators */
2609b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2610b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2611b0563631STom Van Eyck status = mbedtls_test_transparent_asymmetric_decrypt( attributes,
2612b0563631STom Van Eyck key_buffer, key_buffer_size, alg, input, input_length,
2613b0563631STom Van Eyck salt, salt_length, output, output_size,
2614b0563631STom Van Eyck output_length );
2615b0563631STom Van Eyck /* Declared with fallback == true */
2616b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2617b0563631STom Van Eyck return( status );
2618b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2619b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2620b0563631STom Van Eyck return( mbedtls_psa_asymmetric_decrypt( attributes,
2621b0563631STom Van Eyck key_buffer, key_buffer_size, alg,input, input_length,
2622b0563631STom Van Eyck salt, salt_length, output, output_size,
2623b0563631STom Van Eyck output_length ) );
2624b0563631STom Van Eyck /* Add cases for opaque driver here */
2625b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2626b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2627b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
2628b0563631STom Van Eyck return( mbedtls_test_opaque_asymmetric_decrypt( attributes,
2629b0563631STom Van Eyck key_buffer, key_buffer_size, alg, input, input_length,
2630b0563631STom Van Eyck salt, salt_length, output, output_size,
2631b0563631STom Van Eyck output_length ) );
2632b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2633b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2634b0563631STom Van Eyck
2635b0563631STom Van Eyck default:
2636b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
2637b0563631STom Van Eyck (void)status;
2638b0563631STom Van Eyck (void)key_buffer;
2639b0563631STom Van Eyck (void)key_buffer_size;
2640b0563631STom Van Eyck (void)alg;
2641b0563631STom Van Eyck (void)input;
2642b0563631STom Van Eyck (void)input_length;
2643b0563631STom Van Eyck (void)salt;
2644b0563631STom Van Eyck (void)salt_length;
2645b0563631STom Van Eyck (void)output;
2646b0563631STom Van Eyck (void)output_size;
2647b0563631STom Van Eyck (void)output_length;
2648b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2649b0563631STom Van Eyck }
2650b0563631STom Van Eyck }
2651b0563631STom Van Eyck
psa_driver_wrapper_key_agreement(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * peer_key,size_t peer_key_length,uint8_t * shared_secret,size_t shared_secret_size,size_t * shared_secret_length)2652b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_key_agreement(
2653b0563631STom Van Eyck const psa_key_attributes_t *attributes,
2654b0563631STom Van Eyck const uint8_t *key_buffer,
2655b0563631STom Van Eyck size_t key_buffer_size,
2656b0563631STom Van Eyck psa_algorithm_t alg,
2657b0563631STom Van Eyck const uint8_t *peer_key,
2658b0563631STom Van Eyck size_t peer_key_length,
2659b0563631STom Van Eyck uint8_t *shared_secret,
2660b0563631STom Van Eyck size_t shared_secret_size,
2661b0563631STom Van Eyck size_t *shared_secret_length
2662b0563631STom Van Eyck )
2663b0563631STom Van Eyck {
2664b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2665b0563631STom Van Eyck psa_key_location_t location =
2666b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) );
2667b0563631STom Van Eyck
2668b0563631STom Van Eyck switch( location )
2669b0563631STom Van Eyck {
2670b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
2671b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
2672b0563631STom Van Eyck * cycle through all known transparent accelerators */
2673b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2674b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2675b0563631STom Van Eyck status =
2676b0563631STom Van Eyck mbedtls_test_transparent_key_agreement( attributes,
2677b0563631STom Van Eyck key_buffer, key_buffer_size, alg, peer_key,
2678b0563631STom Van Eyck peer_key_length, shared_secret, shared_secret_size,
2679b0563631STom Van Eyck shared_secret_length );
2680b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2681b0563631STom Van Eyck return( status );
2682b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2683b0563631STom Van Eyck #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
2684b0563631STom Van Eyck if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) &&
2685b0563631STom Van Eyck PSA_ALG_IS_ECDH(alg) &&
2686b0563631STom Van Eyck PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 &&
2687b0563631STom Van Eyck psa_get_key_bits(attributes) == 256 )
2688b0563631STom Van Eyck {
2689b0563631STom Van Eyck status = p256_transparent_key_agreement( attributes,
2690b0563631STom Van Eyck key_buffer,
2691b0563631STom Van Eyck key_buffer_size,
2692b0563631STom Van Eyck alg,
2693b0563631STom Van Eyck peer_key,
2694b0563631STom Van Eyck peer_key_length,
2695b0563631STom Van Eyck shared_secret,
2696b0563631STom Van Eyck shared_secret_size,
2697b0563631STom Van Eyck shared_secret_length );
2698b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED)
2699b0563631STom Van Eyck return( status );
2700b0563631STom Van Eyck }
2701b0563631STom Van Eyck #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */
2702b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2703b0563631STom Van Eyck
2704b0563631STom Van Eyck /* Software Fallback */
2705b0563631STom Van Eyck status = psa_key_agreement_raw_builtin( attributes,
2706b0563631STom Van Eyck key_buffer,
2707b0563631STom Van Eyck key_buffer_size,
2708b0563631STom Van Eyck alg,
2709b0563631STom Van Eyck peer_key,
2710b0563631STom Van Eyck peer_key_length,
2711b0563631STom Van Eyck shared_secret,
2712b0563631STom Van Eyck shared_secret_size,
2713b0563631STom Van Eyck shared_secret_length );
2714b0563631STom Van Eyck return( status );
2715b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2716b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2717b0563631STom Van Eyck case PSA_CRYPTO_TEST_DRIVER_LOCATION:
2718b0563631STom Van Eyck return( mbedtls_test_opaque_key_agreement( attributes,
2719b0563631STom Van Eyck key_buffer, key_buffer_size, alg, peer_key,
2720b0563631STom Van Eyck peer_key_length, shared_secret, shared_secret_size,
2721b0563631STom Van Eyck shared_secret_length ) );
2722b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2723b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2724b0563631STom Van Eyck
2725b0563631STom Van Eyck default:
2726b0563631STom Van Eyck (void) attributes;
2727b0563631STom Van Eyck (void) key_buffer;
2728b0563631STom Van Eyck (void) key_buffer_size;
2729b0563631STom Van Eyck (void) peer_key;
2730b0563631STom Van Eyck (void) peer_key_length;
2731b0563631STom Van Eyck (void) shared_secret;
2732b0563631STom Van Eyck (void) shared_secret_size;
2733b0563631STom Van Eyck (void) shared_secret_length;
2734b0563631STom Van Eyck return( PSA_ERROR_NOT_SUPPORTED );
2735b0563631STom Van Eyck
2736b0563631STom Van Eyck }
2737b0563631STom Van Eyck }
2738b0563631STom Van Eyck
psa_driver_wrapper_pake_setup(psa_pake_operation_t * operation,const psa_crypto_driver_pake_inputs_t * inputs)2739b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_pake_setup(
2740b0563631STom Van Eyck psa_pake_operation_t *operation,
2741b0563631STom Van Eyck const psa_crypto_driver_pake_inputs_t *inputs )
2742b0563631STom Van Eyck {
2743b0563631STom Van Eyck psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
2744b0563631STom Van Eyck
2745b0563631STom Van Eyck psa_key_location_t location =
2746b0563631STom Van Eyck PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( &inputs->attributes ) );
2747b0563631STom Van Eyck
2748b0563631STom Van Eyck switch( location )
2749b0563631STom Van Eyck {
2750b0563631STom Van Eyck case PSA_KEY_LOCATION_LOCAL_STORAGE:
2751b0563631STom Van Eyck /* Key is stored in the slot in export representation, so
2752b0563631STom Van Eyck * cycle through all known transparent accelerators */
2753b0563631STom Van Eyck status = PSA_ERROR_NOT_SUPPORTED;
2754b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2755b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2756b0563631STom Van Eyck status = mbedtls_test_transparent_pake_setup(
2757b0563631STom Van Eyck &operation->data.ctx.transparent_test_driver_ctx,
2758b0563631STom Van Eyck inputs );
2759b0563631STom Van Eyck if( status == PSA_SUCCESS )
2760b0563631STom Van Eyck operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
2761b0563631STom Van Eyck /* Declared with fallback == true */
2762b0563631STom Van Eyck if( status != PSA_ERROR_NOT_SUPPORTED )
2763b0563631STom Van Eyck return( status );
2764b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2765b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2766b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
2767b0563631STom Van Eyck status = mbedtls_psa_pake_setup( &operation->data.ctx.mbedtls_ctx,
2768b0563631STom Van Eyck inputs );
2769b0563631STom Van Eyck if( status == PSA_SUCCESS )
2770b0563631STom Van Eyck operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
2771b0563631STom Van Eyck #endif
2772b0563631STom Van Eyck return status;
2773b0563631STom Van Eyck /* Add cases for opaque driver here */
2774b0563631STom Van Eyck default:
2775b0563631STom Van Eyck /* Key is declared with a lifetime not known to us */
2776b0563631STom Van Eyck (void)operation;
2777b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2778b0563631STom Van Eyck }
2779b0563631STom Van Eyck }
2780b0563631STom Van Eyck
psa_driver_wrapper_pake_output(psa_pake_operation_t * operation,psa_crypto_driver_pake_step_t step,uint8_t * output,size_t output_size,size_t * output_length)2781b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_pake_output(
2782b0563631STom Van Eyck psa_pake_operation_t *operation,
2783b0563631STom Van Eyck psa_crypto_driver_pake_step_t step,
2784b0563631STom Van Eyck uint8_t *output,
2785b0563631STom Van Eyck size_t output_size,
2786b0563631STom Van Eyck size_t *output_length )
2787b0563631STom Van Eyck {
2788b0563631STom Van Eyck switch( operation->id )
2789b0563631STom Van Eyck {
2790b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
2791b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2792b0563631STom Van Eyck return( mbedtls_psa_pake_output( &operation->data.ctx.mbedtls_ctx, step,
2793b0563631STom Van Eyck output, output_size, output_length ) );
2794b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_PAKE */
2795b0563631STom Van Eyck
2796b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2797b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2798b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2799b0563631STom Van Eyck return( mbedtls_test_transparent_pake_output(
2800b0563631STom Van Eyck &operation->data.ctx.transparent_test_driver_ctx,
2801b0563631STom Van Eyck step, output, output_size, output_length ) );
2802b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2803b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2804b0563631STom Van Eyck default:
2805b0563631STom Van Eyck (void) step;
2806b0563631STom Van Eyck (void) output;
2807b0563631STom Van Eyck (void) output_size;
2808b0563631STom Van Eyck (void) output_length;
2809b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2810b0563631STom Van Eyck }
2811b0563631STom Van Eyck }
2812b0563631STom Van Eyck
psa_driver_wrapper_pake_input(psa_pake_operation_t * operation,psa_crypto_driver_pake_step_t step,const uint8_t * input,size_t input_length)2813b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_pake_input(
2814b0563631STom Van Eyck psa_pake_operation_t *operation,
2815b0563631STom Van Eyck psa_crypto_driver_pake_step_t step,
2816b0563631STom Van Eyck const uint8_t *input,
2817b0563631STom Van Eyck size_t input_length )
2818b0563631STom Van Eyck {
2819b0563631STom Van Eyck switch( operation->id )
2820b0563631STom Van Eyck {
2821b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
2822b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2823b0563631STom Van Eyck return( mbedtls_psa_pake_input( &operation->data.ctx.mbedtls_ctx,
2824b0563631STom Van Eyck step, input,
2825b0563631STom Van Eyck input_length ) );
2826b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_PAKE */
2827b0563631STom Van Eyck
2828b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2829b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2830b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2831b0563631STom Van Eyck return( mbedtls_test_transparent_pake_input(
2832b0563631STom Van Eyck &operation->data.ctx.transparent_test_driver_ctx,
2833b0563631STom Van Eyck step,
2834b0563631STom Van Eyck input, input_length ) );
2835b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2836b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2837b0563631STom Van Eyck default:
2838b0563631STom Van Eyck (void) step;
2839b0563631STom Van Eyck (void) input;
2840b0563631STom Van Eyck (void) input_length;
2841b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2842b0563631STom Van Eyck }
2843b0563631STom Van Eyck }
2844b0563631STom Van Eyck
psa_driver_wrapper_pake_get_implicit_key(psa_pake_operation_t * operation,uint8_t * output,size_t output_size,size_t * output_length)2845b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_pake_get_implicit_key(
2846b0563631STom Van Eyck psa_pake_operation_t *operation,
2847b0563631STom Van Eyck uint8_t *output, size_t output_size,
2848b0563631STom Van Eyck size_t *output_length )
2849b0563631STom Van Eyck {
2850b0563631STom Van Eyck switch( operation->id )
2851b0563631STom Van Eyck {
2852b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
2853b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2854b0563631STom Van Eyck return( mbedtls_psa_pake_get_implicit_key( &operation->data.ctx.mbedtls_ctx,
2855b0563631STom Van Eyck output, output_size, output_length ) );
2856b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_PAKE */
2857b0563631STom Van Eyck
2858b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2859b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2860b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2861b0563631STom Van Eyck return( mbedtls_test_transparent_pake_get_implicit_key(
2862b0563631STom Van Eyck &operation->data.ctx.transparent_test_driver_ctx,
2863b0563631STom Van Eyck output, output_size, output_length ) );
2864b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2865b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2866b0563631STom Van Eyck default:
2867b0563631STom Van Eyck (void) output;
2868b0563631STom Van Eyck (void) output_size;
2869b0563631STom Van Eyck (void) output_length;
2870b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2871b0563631STom Van Eyck }
2872b0563631STom Van Eyck }
2873b0563631STom Van Eyck
psa_driver_wrapper_pake_abort(psa_pake_operation_t * operation)2874b0563631STom Van Eyck static inline psa_status_t psa_driver_wrapper_pake_abort(
2875b0563631STom Van Eyck psa_pake_operation_t * operation )
2876b0563631STom Van Eyck {
2877b0563631STom Van Eyck switch( operation->id )
2878b0563631STom Van Eyck {
2879b0563631STom Van Eyck #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
2880b0563631STom Van Eyck case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
2881b0563631STom Van Eyck return( mbedtls_psa_pake_abort( &operation->data.ctx.mbedtls_ctx ) );
2882b0563631STom Van Eyck #endif /* MBEDTLS_PSA_BUILTIN_PAKE */
2883b0563631STom Van Eyck
2884b0563631STom Van Eyck #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
2885b0563631STom Van Eyck #if defined(PSA_CRYPTO_DRIVER_TEST)
2886b0563631STom Van Eyck case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
2887b0563631STom Van Eyck return( mbedtls_test_transparent_pake_abort(
2888b0563631STom Van Eyck &operation->data.ctx.transparent_test_driver_ctx ) );
2889b0563631STom Van Eyck #endif /* PSA_CRYPTO_DRIVER_TEST */
2890b0563631STom Van Eyck #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
2891b0563631STom Van Eyck default:
2892b0563631STom Van Eyck return( PSA_ERROR_INVALID_ARGUMENT );
2893b0563631STom Van Eyck }
2894b0563631STom Van Eyck }
2895b0563631STom Van Eyck
2896b0563631STom Van Eyck #endif /* MBEDTLS_PSA_CRYPTO_C */
2897