TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
crypto_asymmetric.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #include <stddef.h>
9 #include <stdint.h>
10 
11 #include "tfm_mbedcrypto_include.h"
12 
13 #include "tfm_crypto_api.h"
14 #include "tfm_crypto_defs.h"
15 #include "tfm_crypto_private.h"
16 
24  size_t in_len,
25  psa_outvec out_vec[],
26  size_t out_len)
27 {
28 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
30 #else
31  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 2, out_len, 0, 1);
32 
33  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
35  }
36 
37  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
38  psa_key_handle_t handle = iov->key_handle;
39  psa_algorithm_t alg = iov->alg;
40  const uint8_t *hash = in_vec[1].base;
41  size_t hash_length = in_vec[1].len;
42  uint8_t *signature = out_vec[0].base;
43  size_t signature_size = out_vec[0].len;
44  psa_status_t status = tfm_crypto_check_handle_owner(handle, NULL);
45 
46  if (status != PSA_SUCCESS) {
47  return status;
48  }
49 
50  return psa_sign_hash(handle, alg, hash, hash_length,
51  signature, signature_size, &(out_vec[0].len));
52 #endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
53 }
54 
56  size_t in_len,
57  psa_outvec out_vec[],
58  size_t out_len)
59 {
60 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
62 #else
63  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 3, out_len, 0, 0);
64 
65  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
67  }
68 
69  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
70 
71  psa_key_handle_t handle = iov->key_handle;
72  psa_algorithm_t alg = iov->alg;
73  const uint8_t *hash = in_vec[1].base;
74  size_t hash_length = in_vec[1].len;
75  const uint8_t *signature = in_vec[2].base;
76  size_t signature_length = in_vec[2].len;
77  psa_status_t status = tfm_crypto_check_handle_owner(handle, NULL);
78 
79  if (status != PSA_SUCCESS) {
80  return status;
81  }
82 
83  return psa_verify_hash(handle, alg, hash, hash_length,
84  signature, signature_length);
85 #endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
86 }
87 
89  size_t in_len,
90  psa_outvec out_vec[],
91  size_t out_len)
92 {
93 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
95 #else
96  psa_status_t status;
97 
98  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 3, out_len, 0, 1);
99 
100  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
102  }
103 
104  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
105  psa_key_handle_t handle = iov->key_handle;
106  psa_algorithm_t alg = iov->alg;
107  const uint8_t *input = in_vec[1].base;
108  size_t input_length = in_vec[1].len;
109  const uint8_t *salt = in_vec[2].base;
110  size_t salt_length = in_vec[2].len;
111  uint8_t *output = out_vec[0].base;
112  size_t output_size = out_vec[0].len;
113  psa_key_type_t type;
114  size_t key_bits;
116 
117  status = tfm_crypto_check_handle_owner(handle, NULL);
118  if (status != PSA_SUCCESS) {
119  return status;
120  }
121 
122  status = psa_get_key_attributes(handle, &key_attributes);
123  if (status != PSA_SUCCESS) {
124  return status;
125  }
126 
127  key_bits = psa_get_key_bits(&key_attributes);
128  type = psa_get_key_type(&key_attributes);
129 
130  psa_reset_key_attributes(&key_attributes);
131 
132  /* Check that the output buffer is large enough */
133  if (output_size < PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(type, key_bits, alg)) {
135  }
136 
137  return psa_asymmetric_encrypt(handle, alg, input, input_length,
138  salt, salt_length,
139  output, output_size, &(out_vec[0].len));
140 #endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
141 }
142 
144  size_t in_len,
145  psa_outvec out_vec[],
146  size_t out_len)
147 {
148 #ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED
150 #else
151 
152  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 3, out_len, 0, 1);
153 
154  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
156  }
157  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
158 
159  psa_key_handle_t handle = iov->key_handle;
160  psa_algorithm_t alg = iov->alg;
161  const uint8_t *input = in_vec[1].base;
162  size_t input_length = in_vec[1].len;
163  const uint8_t *salt = in_vec[2].base;
164  size_t salt_length = in_vec[2].len;
165  uint8_t *output = out_vec[0].base;
166  size_t output_size = out_vec[0].len;
167  psa_status_t status;
168 
169  status = tfm_crypto_check_handle_owner(handle, NULL);
170  if (status != PSA_SUCCESS) {
171  return status;
172  }
173 
174  return psa_asymmetric_decrypt(handle, alg, input, input_length,
175  salt, salt_length,
176  output, output_size, &(out_vec[0].len));
177 #endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */
178 }
psa_key_handle_t key_handle
psa_status_t tfm_crypto_check_handle_owner(psa_key_handle_t handle, uint32_t *index)
Checks that the requested handle belongs to the requesting partition.
Definition: crypto_key.c:86
Structure used to pack non-pointer types in a call.
psa_status_t tfm_crypto_asymmetric_encrypt(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
void * base
Definition: client.h:75
#define PSA_SUCCESS
Definition: crypto_values.h:35
#define PSA_ERROR_BUFFER_TOO_SMALL
Definition: crypto_values.h:77
size_t len
Definition: client.h:68
#define psa_asymmetric_decrypt
Definition: crypto_spe.h:125
psa_status_t tfm_crypto_verify_hash(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_asymmetric_decrypt(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_algorithm_t alg
#define psa_reset_key_attributes
Definition: crypto_spe.h:63
#define PSA_KEY_ATTRIBUTES_INIT
Definition: crypto.h:113
#define psa_get_key_attributes
Definition: crypto_spe.h:61
#define psa_verify_hash
Definition: crypto_spe.h:121
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:90
psa_status_t tfm_crypto_sign_hash(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define CRYPTO_IN_OUT_LEN_VALIDATE(in_len, in_min, in_max, out_len, out_min, out_max)
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:58
#define PSA_ERROR_PROGRAMMER_ERROR
Definition: error.h:32
#define psa_asymmetric_encrypt
Definition: crypto_spe.h:123
_unsigned_integral_type_ psa_key_handle_t
Key handle.
Definition: crypto.h:35
#define PSA_ERROR_NOT_SUPPORTED
Definition: crypto_values.h:52
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
Definition: crypto_sizes.h:392
size_t len
Definition: client.h:76
const void * base
Definition: client.h:67
#define psa_sign_hash
Definition: crypto_spe.h:119
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43