14 #define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0]))
16 #define PSA_CONNECT(service) \
17 psa_handle_t ipc_handle; \
18 ipc_handle = psa_connect(service##_SID, service##_VERSION); \
19 if (!PSA_HANDLE_IS_VALID(ipc_handle)) { \
20 return PSA_ERROR_GENERIC_ERROR; \
23 #define PSA_CLOSE() psa_close(ipc_handle)
25 #define API_DISPATCH(sfn_name, sfn_id) \
26 psa_call(ipc_handle, PSA_IPC_CALL, \
27 in_vec, ARRAY_SIZE(in_vec), \
28 out_vec, ARRAY_SIZE(out_vec))
30 #define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \
31 psa_call(ipc_handle, PSA_IPC_CALL, \
32 in_vec, ARRAY_SIZE(in_vec), \
33 (psa_outvec *)NULL, 0)
46 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
74 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
89 TFM_CRYPTO_CLOSE_KEY);;
102 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
112 {.base = data, .len = data_length}
121 TFM_CRYPTO_IMPORT_KEY);
130 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
136 .key_handle = handle,
145 TFM_CRYPTO_DESTROY_KEY);
155 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
161 .key_handle = handle,
173 TFM_CRYPTO_GET_KEY_ATTRIBUTES);
182 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
202 TFM_CRYPTO_RESET_KEY_ATTRIBUTES);
214 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
220 .key_handle = handle,
226 {.
base = data, .len = data_size}
232 TFM_CRYPTO_EXPORT_KEY);
234 *data_length = out_vec[0].
len;
247 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
253 .key_handle = handle,
260 {.
base = data, .len = data_size}
266 TFM_CRYPTO_EXPORT_PUBLIC_KEY);
268 *data_length = out_vec[0].
len;
280 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
286 .key_handle = source_handle,
302 TFM_CRYPTO_COPY_KEY);
315 #ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
321 .op_handle = operation->
handle,
328 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
329 {.base = iv, .len = iv_size},
335 TFM_CRYPTO_CIPHER_GENERATE_IV);
337 *iv_length = out_vec[1].
len;
346 const unsigned char *iv,
349 #ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
355 .op_handle = operation->
handle,
360 {.base = iv, .len = iv_length},
363 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
369 TFM_CRYPTO_CIPHER_SET_IV);
381 #ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
387 .key_handle = handle,
389 .op_handle = operation->
handle,
396 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
402 TFM_CRYPTO_CIPHER_ENCRYPT_SETUP);
414 #ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
420 .key_handle = handle,
422 .op_handle = operation->
handle,
429 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
435 TFM_CRYPTO_CIPHER_DECRYPT_SETUP);
444 const uint8_t *input,
446 unsigned char *output,
448 size_t *output_length)
450 #ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
456 .op_handle = operation->
handle,
461 {.base = input, .len = input_length},
464 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
465 {.base = output, .len = output_size}
471 TFM_CRYPTO_CIPHER_UPDATE);
473 *output_length = out_vec[1].
len;
483 #ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
489 .op_handle = operation->
handle,
496 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
502 TFM_CRYPTO_CIPHER_ABORT);
513 size_t *output_length)
515 #ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED
521 .op_handle = operation->
handle,
528 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
529 {.base = output, .len = output_size},
535 TFM_CRYPTO_CIPHER_FINISH);
537 *output_length = out_vec[1].
len;
548 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
555 .op_handle = operation->
handle,
562 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
568 TFM_CRYPTO_HASH_SETUP);
577 const uint8_t *input,
580 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
586 .op_handle = operation->
handle,
591 {.base = input, .len = input_length},
594 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
600 TFM_CRYPTO_HASH_UPDATE);
613 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
619 .op_handle = operation->
handle,
626 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
627 {.base = hash, .len = hash_size},
633 TFM_CRYPTO_HASH_FINISH);
635 *hash_length = out_vec[1].
len;
647 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
653 .op_handle = operation->
handle,
658 {.base = hash, .len = hash_length},
661 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
667 TFM_CRYPTO_HASH_VERIFY);
677 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
683 .op_handle = operation->
handle,
690 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
696 TFM_CRYPTO_HASH_ABORT);
707 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
713 .op_handle = source_operation->
handle,
723 if (target_operation && (target_operation->
handle != 0)) {
730 TFM_CRYPTO_HASH_CLONE);
739 const uint8_t *input,
745 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
756 {.base = input, .len = input_length},
760 {.
base = hash, .len = hash_size}
766 TFM_CRYPTO_HASH_COMPUTE);
768 *hash_length = out_vec[0].
len;
777 const uint8_t *input,
782 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
793 {.base = input, .len = input_length},
794 {.base = hash, .len = hash_length},
800 TFM_CRYPTO_HASH_COMPARE);
814 #ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
820 .key_handle = handle,
822 .op_handle = operation->
handle,
829 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
835 TFM_CRYPTO_MAC_SIGN_SETUP);
847 #ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
853 .key_handle = handle,
855 .op_handle = operation->
handle,
862 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
868 TFM_CRYPTO_MAC_VERIFY_SETUP);
877 const uint8_t *input,
880 #ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
886 .op_handle = operation->
handle,
891 {.base = input, .len = input_length},
894 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
900 TFM_CRYPTO_MAC_UPDATE);
913 #ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
919 .op_handle = operation->
handle,
926 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
927 {.base = mac, .len = mac_size},
933 TFM_CRYPTO_MAC_SIGN_FINISH);
935 *mac_length = out_vec[1].
len;
947 #ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
953 .op_handle = operation->
handle,
958 {.base = mac, .len = mac_length},
961 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
967 TFM_CRYPTO_MAC_VERIFY_FINISH);
977 #ifdef TFM_CRYPTO_MAC_MODULE_DISABLED
983 .op_handle = operation->
handle,
990 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
996 TFM_CRYPTO_MAC_ABORT);
1006 const uint8_t *nonce,
1007 size_t nonce_length,
1008 const uint8_t *additional_data,
1009 size_t additional_data_length,
1010 const uint8_t *plaintext,
1011 size_t plaintext_length,
1012 uint8_t *ciphertext,
1013 size_t ciphertext_size,
1014 size_t *ciphertext_length)
1016 #ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
1022 .key_handle = handle,
1024 .aead_in = {.nonce = {0}, .nonce_length = nonce_length}
1028 if ((additional_data == NULL) && (additional_data_length != 0)) {
1035 {.base = plaintext, .len = plaintext_length},
1036 {.base = additional_data, .len = additional_data_length},
1039 {.
base = ciphertext, .len = ciphertext_size},
1046 if (nonce != NULL) {
1047 for (idx = 0; idx < nonce_length; idx++) {
1055 if (additional_data == NULL) {
1061 *ciphertext_length = out_vec[0].
len;
1071 const uint8_t *nonce,
1072 size_t nonce_length,
1073 const uint8_t *additional_data,
1074 size_t additional_data_length,
1075 const uint8_t *ciphertext,
1076 size_t ciphertext_length,
1078 size_t plaintext_size,
1079 size_t *plaintext_length)
1081 #ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED
1087 .key_handle = handle,
1089 .aead_in = {.nonce = {0}, .nonce_length = nonce_length}
1093 if ((additional_data == NULL) && (additional_data_length != 0)) {
1100 {.base = ciphertext, .len = ciphertext_length},
1101 {.base = additional_data, .len = additional_data_length},
1104 {.
base = plaintext, .len = plaintext_size},
1111 if (nonce != NULL) {
1112 for (idx = 0; idx < nonce_length; idx++) {
1120 if (additional_data == NULL) {
1126 *plaintext_length = out_vec[0].
len;
1136 const uint8_t *hash,
1139 size_t signature_size,
1140 size_t *signature_length)
1142 return psa_sign_hash(handle, alg, hash, hash_length, signature, signature_size, signature_length);
1147 const uint8_t *hash,
1150 size_t signature_size,
1151 size_t *signature_length)
1153 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
1159 .key_handle = handle,
1165 {.base = hash, .len = hash_length},
1168 {.
base = signature, .len = signature_size},
1174 TFM_CRYPTO_SIGN_HASH);
1176 *signature_length = out_vec[0].
len;
1186 const uint8_t *hash,
1188 const uint8_t *signature,
1189 size_t signature_length)
1191 return psa_verify_hash(handle, alg, hash, hash_length, signature, signature_length);
1196 const uint8_t *hash,
1198 const uint8_t *signature,
1199 size_t signature_length)
1201 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
1207 .key_handle = handle,
1213 {.base = hash, .len = hash_length},
1214 {.base = signature, .len = signature_length}
1220 TFM_CRYPTO_VERIFY_HASH);
1230 const uint8_t *input,
1231 size_t input_length,
1232 const uint8_t *salt,
1236 size_t *output_length)
1238 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
1244 .key_handle = handle,
1249 if ((salt == NULL) && (salt_length != 0)) {
1255 {.base = input, .len = input_length},
1256 {.base = salt, .len = salt_length}
1260 {.
base = output, .len = output_size},
1272 *output_length = out_vec[0].
len;
1282 const uint8_t *input,
1283 size_t input_length,
1284 const uint8_t *salt,
1288 size_t *output_length)
1290 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
1296 .key_handle = handle,
1301 if ((salt == NULL) && (salt_length != 0)) {
1307 {.base = input, .len = input_length},
1308 {.base = salt, .len = salt_length}
1312 {.
base = output, .len = output_size},
1324 *output_length = out_vec[0].
len;
1336 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1342 .op_handle = operation->
handle,
1356 TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY);
1367 size_t output_length)
1369 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1375 .op_handle = operation->
handle,
1383 {.
base = output, .len = output_length},
1389 TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES);
1402 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1408 .key_handle = handle,
1410 .op_handle = operation->
handle,
1420 TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY);
1431 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1437 .op_handle = operation->
handle,
1445 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
1451 TFM_CRYPTO_KEY_DERIVATION_ABORT);
1463 const uint8_t *peer_key,
1464 size_t peer_key_length)
1466 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1472 .key_handle = private_key,
1474 .op_handle = operation->
handle,
1479 {.base = peer_key, .len = peer_key_length},
1485 TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT);
1496 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1509 {.
base = output, .len = output_size},
1512 if (output_size == 0) {
1519 TFM_CRYPTO_GENERATE_RANDOM);
1530 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1550 TFM_CRYPTO_GENERATE_KEY);
1559 const uint8_t *data,
1573 size_t *data_length)
1583 const uint8_t *input,
1584 size_t input_length)
1594 uint8_t *ciphertext,
1595 size_t ciphertext_size,
1596 size_t *ciphertext_length,
1610 size_t plaintext_size,
1611 size_t *plaintext_length,
1633 const uint8_t *input,
1634 size_t input_length,
1648 const uint8_t *input,
1649 size_t input_length,
1651 const size_t mac_length)
1662 const uint8_t *input,
1663 size_t input_length,
1666 size_t *output_length)
1677 const uint8_t *input,
1678 size_t input_length,
1681 size_t *output_length)
1692 const uint8_t *peer_key,
1693 size_t peer_key_length,
1696 size_t *output_length)
1698 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1705 .key_handle = private_key
1710 {.base = peer_key, .len = peer_key_length},
1714 {.
base = output, .len = output_size},
1720 TFM_CRYPTO_RAW_KEY_AGREEMENT);
1722 *output_length = out_vec[0].
len;
1733 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1740 .op_handle = operation->
handle,
1747 {.
base = &(operation->
handle), .len =
sizeof(uint32_t)},
1753 TFM_CRYPTO_KEY_DERIVATION_SETUP);
1764 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1771 .op_handle = operation->
handle,
1781 TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY);
1791 const uint8_t *data,
1794 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1801 .op_handle = operation->
handle,
1806 {.base = data, .len = data_length},
1812 TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES);
1824 #ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED
1830 .op_handle = operation->
handle,
1845 TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY);
1877 size_t *nonce_length)
1887 const uint8_t *nonce,
1888 size_t nonce_length)
1899 size_t plaintext_length)
1909 const uint8_t *input,
1910 size_t input_length,
1913 size_t *output_length)
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg)
void psa_reset_key_attributes(psa_key_attributes_t *attributes)
#define TFM_CRYPTO_MAX_NONCE_LENGTH
This type is used to overcome a limitation in the number of maximum IOVECs that can be used especiall...
psa_status_t psa_generate_random(uint8_t *output, size_t output_size)
Generate random bytes.
psa_status_t psa_export_key(psa_key_handle_t handle, uint8_t *data, size_t data_size, size_t *data_length)
Export a key in binary format.
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_status_t psa_destroy_key(psa_key_handle_t handle)
Destroy a key.
psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const unsigned char *iv, size_t iv_length)
psa_status_t tfm_crypto_import_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Structure used to pack non-pointer types in a call.
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg)
psa_status_t psa_sign_hash(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
Sign a hash or short message with a private key.
psa_status_t tfm_crypto_hash_abort(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg)
psa_status_t tfm_crypto_cipher_decrypt_setup(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, size_t capacity)
psa_status_t tfm_crypto_cipher_update(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, psa_key_handle_t private_key, const uint8_t *peer_key, size_t peer_key_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_close_key(psa_key_handle_t handle)
psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
psa_status_t psa_export_public_key(psa_key_handle_t handle, uint8_t *data, size_t data_size, size_t *data_length)
Export a public key or the public part of a key pair in binary format.
psa_status_t tfm_crypto_key_derivation_input_bytes(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_export_public_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_mac_sign_finish(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_key_derivation_set_capacity(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_open_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Platform Security Architecture cryptography module.
psa_status_t tfm_crypto_cipher_abort(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_hash_verify(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
uint16_t psa_key_derivation_step_t
Encoding of the step of a key derivation.
psa_status_t tfm_crypto_verify_hash(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_generate_random(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_verify_hash(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
Verify the signature a hash or short message using a public key.
psa_status_t tfm_crypto_cipher_finish(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_hash_compute(psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length)
psa_status_t tfm_crypto_hash_compute(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t handle)
psa_status_t tfm_crypto_key_derivation_key_agreement(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_close_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t tfm_crypto_mac_verify_setup(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_get_key_attributes(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_key_derivation_get_capacity(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, const uint8_t *nonce, size_t nonce_length)
psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, size_t *capacity)
psa_status_t psa_aead_finish(psa_aead_operation_t *operation, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length, uint8_t *tag, size_t tag_size, size_t *tag_length)
psa_status_t tfm_crypto_hash_finish(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a short message with a public key.
psa_status_t tfm_crypto_hash_update(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_mac_update(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_export_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg)
psa_status_t psa_get_key_domain_parameters(const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length)
psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a short message with a private key.
#define API_DISPATCH(sfn_name, sfn_id)
psa_status_t tfm_crypto_mac_verify_finish(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t tfm_crypto_destroy_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_key_derivation_abort(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, psa_key_handle_t *handle)
Import a key in binary format.
psa_status_t tfm_crypto_cipher_encrypt_setup(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length)
psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, size_t ad_length, size_t plaintext_length)
psa_status_t psa_aead_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
#define PSA_ERROR_INVALID_ARGUMENT
psa_handle_t psa_connect(uint32_t sid, uint32_t version)
Connect to an RoT Service by its SID.
psa_status_t psa_mac_verify(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *mac, const size_t mac_length)
#define PSA_HANDLE_IS_VALID(handle)
psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation)
psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
psa_status_t psa_copy_key(psa_key_handle_t source_handle, const psa_key_attributes_t *attributes, psa_key_handle_t *target_handle)
psa_status_t tfm_crypto_mac_abort(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
psa_status_t tfm_crypto_sign_hash(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
struct psa_hash_operation_s psa_hash_operation_t
struct tfm_crypto_aead_pack_input aead_in
psa_status_t psa_aead_encrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
psa_status_t tfm_crypto_hash_compare(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define TFM_CRYPTO_VERSION
psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, uint8_t *nonce, size_t nonce_size, size_t *nonce_length)
psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg)
psa_status_t tfm_crypto_key_derivation_output_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg)
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg)
uint16_t psa_key_type_t
Encoding of a key type.
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length)
psa_status_t psa_get_key_attributes(psa_key_handle_t handle, psa_key_attributes_t *attributes)
psa_status_t psa_crypto_init(void)
Library initialization.
psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation, uint8_t *output, size_t output_length)
psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length)
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle)
Generate a key or key pair.
psa_status_t psa_aead_verify(psa_aead_operation_t *operation, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length, const uint8_t *tag, size_t tag_length)
psa_status_t tfm_crypto_hash_clone(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, size_t peer_key_length)
#define PSA_ERROR_NOT_SUPPORTED
psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
psa_status_t tfm_crypto_key_derivation_input_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, unsigned char *iv, size_t iv_size, size_t *iv_length)
#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id)
psa_status_t psa_open_key(psa_key_id_t id, psa_key_handle_t *handle)
struct psa_client_key_attributes_s psa_key_attributes_t
psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, psa_algorithm_t alg)
psa_status_t psa_mac_compute(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
psa_status_t tfm_crypto_cipher_generate_iv(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_key_derivation_setup(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_aead_update(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t tfm_crypto_copy_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define PSA_CONNECT(service)
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, unsigned char *output, size_t output_size, size_t *output_length)
psa_status_t tfm_crypto_hash_setup(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_cipher_set_iv(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define PSA_ERROR_BAD_STATE
psa_status_t tfm_crypto_key_derivation_output_bytes(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
int32_t psa_status_t
Function return status.
psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
psa_status_t tfm_crypto_mac_sign_setup(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_hash_compare(psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, size_t hash_length)
psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, psa_key_derivation_operation_t *operation, psa_key_handle_t *handle)
psa_status_t psa_call(psa_handle_t handle, int32_t type, const psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len)
Call an RoT Service on an established connection.
psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_status_t tfm_crypto_generate_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_reset_key_attributes(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_raw_key_agreement(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)