TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
crypto_hash.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #include <stddef.h>
9 #include <stdint.h>
10 
11 #include "tfm_mbedcrypto_include.h"
12 
13 #include "tfm_crypto_api.h"
14 #include "tfm_crypto_defs.h"
15 #include "tfm_crypto_private.h"
16 
24  size_t in_len,
25  psa_outvec out_vec[],
26  size_t out_len)
27 {
28 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
30 #else
31  psa_status_t status = PSA_SUCCESS;
32  psa_hash_operation_t *operation = NULL;
33 
34  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
35 
36  if ((out_vec[0].len != sizeof(uint32_t)) ||
37  (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
39  }
40  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
41  uint32_t handle = iov->op_handle;
42  uint32_t *handle_out = out_vec[0].base;
43  psa_algorithm_t alg = iov->alg;
44 
45  /* Init the handle in the operation with the one passed from the iov */
46  *handle_out = iov->op_handle;
47 
48  /* Allocate the operation context in the secure world */
50  &handle,
51  (void **)&operation);
52  if (status != PSA_SUCCESS) {
53  return status;
54  }
55 
56  *handle_out = handle;
57 
58  status = psa_hash_setup(operation, alg);
59  if (status != PSA_SUCCESS) {
60  /* Release the operation context, ignore if the operation fails. */
61  (void)tfm_crypto_operation_release(handle_out);
62  return status;
63  }
64 
65  return PSA_SUCCESS;
66 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
67 }
68 
70  size_t in_len,
71  psa_outvec out_vec[],
72  size_t out_len)
73 {
74 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
76 #else
77  psa_status_t status = PSA_SUCCESS;
78  psa_hash_operation_t *operation = NULL;
79 
80  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 2, out_len, 1, 1);
81 
82  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
83  (out_vec[0].len != sizeof(uint32_t))) {
85  }
86  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
87  uint32_t handle = iov->op_handle;
88  uint32_t *handle_out = out_vec[0].base;
89  const uint8_t *input = in_vec[1].base;
90  size_t input_length = in_vec[1].len;
91 
92  /* Init the handle in the operation with the one passed from the iov */
93  *handle_out = iov->op_handle;
94 
95  /* Look up the corresponding operation context */
97  handle,
98  (void **)&operation);
99  if (status != PSA_SUCCESS) {
100  return status;
101  }
102 
103  status = psa_hash_update(operation, input, input_length);
104  if (status != PSA_SUCCESS) {
105  /* Release the operation context, ignore if the operation fails. */
106  (void)tfm_crypto_operation_release(handle_out);
107  return status;
108  }
109 
110  return PSA_SUCCESS;
111 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
112 }
113 
115  size_t in_len,
116  psa_outvec out_vec[],
117  size_t out_len)
118 {
119 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
121 #else
122  psa_status_t status = PSA_SUCCESS;
123  psa_hash_operation_t *operation = NULL;
124 
125  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 2);
126 
127  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
128  (out_vec[0].len != sizeof(uint32_t))) {
130  }
131  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
132  uint32_t handle = iov->op_handle;
133  uint32_t *handle_out = out_vec[0].base;
134  uint8_t *hash = out_vec[1].base;
135  size_t hash_size = out_vec[1].len;
136 
137  /* Init the handle in the operation with the one passed from the iov */
138  *handle_out = iov->op_handle;
139 
140  /* Initialise hash_length to zero */
141  out_vec[1].len = 0;
142 
143  /* Look up the corresponding operation context */
145  handle,
146  (void **)&operation);
147  if (status != PSA_SUCCESS) {
148  return status;
149  }
150 
151  status = psa_hash_finish(operation, hash, hash_size, &out_vec[1].len);
152  if (status != PSA_SUCCESS) {
153  /* Release the operation context, ignore if the operation fails. */
154  (void)tfm_crypto_operation_release(handle_out);
155  return status;
156  }
157 
158  status = tfm_crypto_operation_release(handle_out);
159 
160  return status;
161 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
162 }
163 
165  size_t in_len,
166  psa_outvec out_vec[],
167  size_t out_len)
168 {
169 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
171 #else
172  psa_status_t status = PSA_SUCCESS;
173  psa_hash_operation_t *operation = NULL;
174 
175  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 2, out_len, 1, 1);
176 
177  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
178  (out_vec[0].len != sizeof(uint32_t))) {
180  }
181  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
182  uint32_t handle = iov->op_handle;
183  uint32_t *handle_out = out_vec[0].base;
184  const uint8_t *hash = in_vec[1].base;
185  size_t hash_length = in_vec[1].len;
186 
187  /* Init the handle in the operation with the one passed from the iov */
188  *handle_out = iov->op_handle;
189 
190  /* Look up the corresponding operation context */
192  handle,
193  (void **)&operation);
194  if (status != PSA_SUCCESS) {
195  return status;
196  }
197 
198  status = psa_hash_verify(operation, hash, hash_length);
199  if (status != PSA_SUCCESS) {
200  /* Release the operation context, ignore if the operation fails. */
201  (void)tfm_crypto_operation_release(handle_out);
202  return status;
203  }
204 
205  status = tfm_crypto_operation_release(handle_out);
206 
207  return status;
208 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
209 }
210 
212  size_t in_len,
213  psa_outvec out_vec[],
214  size_t out_len)
215 {
216 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
218 #else
219  psa_status_t status = PSA_SUCCESS;
220  psa_hash_operation_t *operation = NULL;
221 
222  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
223 
224  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
225  (out_vec[0].len != sizeof(uint32_t))) {
227  }
228  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
229  uint32_t handle = iov->op_handle;
230  uint32_t *handle_out = out_vec[0].base;
231 
232  /* Init the handle in the operation with the one passed from the iov */
233  *handle_out = iov->op_handle;
234 
235  /* Look up the corresponding operation context */
237  handle,
238  (void **)&operation);
239  if (status != PSA_SUCCESS) {
240  /* Operation does not exist, so abort has no effect */
241  return PSA_SUCCESS;
242  }
243 
244  status = psa_hash_abort(operation);
245  if (status != PSA_SUCCESS) {
246  /* Release the operation context, ignore if the operation fails. */
247  (void)tfm_crypto_operation_release(handle_out);
248  return status;
249  }
250 
251  status = tfm_crypto_operation_release(handle_out);
252 
253  return status;
254 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
255 }
256 
258  size_t in_len,
259  psa_outvec out_vec[],
260  size_t out_len)
261 {
262 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
264 #else
265  psa_status_t status = PSA_SUCCESS;
266  psa_hash_operation_t *source_operation = NULL;
267  psa_hash_operation_t *target_operation = NULL;
268 
269  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
270 
271  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
272  (out_vec[0].len != sizeof(uint32_t))) {
274  }
275  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
276  uint32_t source_handle = iov->op_handle;
277  uint32_t *target_handle = out_vec[0].base;
278 
279  /* Look up the corresponding source operation context */
281  source_handle,
282  (void **)&source_operation);
283  if (status != PSA_SUCCESS) {
284  return status;
285  }
286 
287  /* Allocate the target operation context in the secure world */
289  target_handle,
290  (void **)&target_operation);
291  if (status != PSA_SUCCESS) {
292  return status;
293  }
294 
295  status = psa_hash_clone(source_operation, target_operation);
296  if (status != PSA_SUCCESS) {
297  /* Release the target operation context, ignore if it fails. */
298  (void)tfm_crypto_operation_release(target_handle);
299  return status;
300  }
301 
302  return status;
303 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
304 }
305 
307  size_t in_len,
308  psa_outvec out_vec[],
309  size_t out_len)
310 {
311 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
313 #else
314 
315  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 2, out_len, 0, 1);
316 
317  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
319  }
320 
321  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
322  psa_algorithm_t alg = iov->alg;
323  const uint8_t *input = in_vec[1].base;
324  size_t input_length = in_vec[1].len;
325  uint8_t *hash = out_vec[0].base;
326  size_t hash_size = out_vec[0].len;
327 
328  /* Initialize hash_length to zero */
329  out_vec[0].len = 0;
330  return psa_hash_compute(alg, input, input_length, hash, hash_size,
331  &out_vec[0].len);
332 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
333 }
334 
336  size_t in_len,
337  psa_outvec out_vec[],
338  size_t out_len)
339 {
340 #ifdef TFM_CRYPTO_HASH_MODULE_DISABLED
342 #else
343 
344  CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 3, out_len, 0, 0);
345 
346  if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec))) {
348  }
349 
350  const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
351  psa_algorithm_t alg = iov->alg;
352  const uint8_t *input = in_vec[1].base;
353  size_t input_length = in_vec[1].len;
354  const uint8_t *hash = in_vec[2].base;
355  size_t hash_length = in_vec[2].len;
356 
357  return psa_hash_compare(alg, input, input_length, hash, hash_length);
358 #endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */
359 }
Structure used to pack non-pointer types in a call.
psa_status_t tfm_crypto_hash_abort(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:211
void * base
Definition: client.h:75
#define psa_hash_setup
Definition: crypto_spe.h:89
#define PSA_SUCCESS
Definition: crypto_values.h:35
psa_status_t tfm_crypto_operation_alloc(enum tfm_crypto_operation_type type, uint32_t *handle, void **ctx)
Allocate an operation context in the backend.
Definition: crypto_alloc.c:94
#define psa_hash_compute
Definition: crypto_spe.h:101
psa_status_t tfm_crypto_hash_verify(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:164
size_t len
Definition: client.h:68
#define psa_hash_compare
Definition: crypto_spe.h:103
psa_status_t tfm_crypto_hash_compute(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:306
#define psa_hash_verify
Definition: crypto_spe.h:95
#define psa_hash_finish
Definition: crypto_spe.h:93
psa_algorithm_t alg
psa_status_t tfm_crypto_hash_finish(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:114
psa_status_t tfm_crypto_hash_update(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:69
psa_status_t tfm_crypto_operation_release(uint32_t *handle)
Release an operation context in the backend.
Definition: crypto_alloc.c:132
#define psa_hash_update
Definition: crypto_spe.h:91
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:90
psa_status_t tfm_crypto_hash_compare(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:335
#define CRYPTO_IN_OUT_LEN_VALIDATE(in_len, in_min, in_max, out_len, out_min, out_max)
#define PSA_ERROR_PROGRAMMER_ERROR
Definition: error.h:32
psa_status_t tfm_crypto_hash_clone(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:257
#define PSA_ERROR_NOT_SUPPORTED
Definition: crypto_values.h:52
#define psa_hash_abort
Definition: crypto_spe.h:97
size_t len
Definition: client.h:76
#define psa_hash_clone
Definition: crypto_spe.h:99
psa_status_t tfm_crypto_hash_setup(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Definition: crypto_hash.c:23
const void * base
Definition: client.h:67
psa_status_t tfm_crypto_operation_lookup(enum tfm_crypto_operation_type type, uint32_t handle, void **ctx)
Look up an operation context in the backend for the corresponding frontend operation.
Definition: crypto_alloc.c:159
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43