18 #ifndef TFM_CRYPTO_MAX_KEY_HANDLES
19 #define TFM_CRYPTO_MAX_KEY_HANDLES (16)
27 #ifndef TFM_CRYPTO_KEY_MODULE_DISABLED
42 if (client_key_attr == NULL || key_attributes == NULL) {
46 *key_attributes = psa_key_attributes_init();
49 key_attributes->core.
type = client_key_attr->
type;
51 key_attributes->core.policy.
usage = client_key_attr->
usage;
52 key_attributes->core.policy.
alg = client_key_attr->
alg;
53 key_attributes->core.
bits = client_key_attr->
bits;
56 key_attributes->core.
id.key_id = client_key_attr->
id;
57 key_attributes->core.
id.owner = client_id;
66 if (client_key_attr == NULL || key_attributes == NULL) {
74 client_key_attr->
type = key_attributes->core.
type;
76 client_key_attr->
usage = key_attributes->core.policy.
usage;
77 client_key_attr->
alg = key_attributes->core.policy.
alg;
78 client_key_attr->
bits = key_attributes->core.
bits;
81 client_key_attr->
id = key_attributes->core.
id.key_id;
89 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
92 int32_t partition_id = 0;
102 if (handle_owner[i].in_use && handle_owner[i].handle == handle) {
103 if (handle_owner[i].owner == partition_id) {
120 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
139 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
143 int32_t partition_id;
150 handle_owner[index].
owner = partition_id;
151 handle_owner[index].
handle = key_handle;
163 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
176 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
189 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
201 const uint8_t *data = in_vec[2].
base;
202 size_t data_length = in_vec[2].
len;
207 int32_t partition_id = 0;
208 bool empty_found =
false;
233 status =
psa_import_key(&key_attributes, data, data_length, key_handle);
236 handle_owner[i].
owner = partition_id;
237 handle_owner[i].
handle = *key_handle;
250 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
257 (in_vec[1].len !=
sizeof(psa_app_key_id_t)) ||
262 psa_app_key_id_t client_key_id = *((psa_app_key_id_t *)in_vec[1].base);
266 int32_t partition_id;
275 if (i == TFM_CRYPTO_MAX_KEY_HANDLES) {
285 id = (
psa_key_id_t){ .key_id = client_key_id, .owner = partition_id };
290 handle_owner[i].
owner = partition_id;
291 handle_owner[i].
handle = *key_handle;
304 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
327 handle_owner[index].
owner = 0;
328 handle_owner[index].
handle = 0;
341 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
364 handle_owner[index].
owner = 0;
365 handle_owner[index].
handle = 0;
378 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
416 #if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
430 int32_t partition_id;
456 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
468 uint8_t *data = out_vec[0].
base;
469 size_t data_size = out_vec[0].
len;
480 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
492 uint8_t *data = out_vec[0].
base;
493 size_t data_size = out_vec[0].
len;
504 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
523 int32_t partition_id = 0;
524 bool empty_found =
false;
549 status =
psa_copy_key(source_handle, &key_attributes, target_handle);
552 handle_owner[i].
owner = partition_id;
553 handle_owner[i].
handle = *target_handle;
566 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
582 int32_t partition_id = 0;
583 bool empty_found =
false;
611 handle_owner[i].
owner = partition_id;
612 handle_owner[i].
handle = *key_handle;
psa_key_handle_t key_handle
psa_status_t tfm_crypto_check_handle_owner(psa_key_handle_t handle, uint32_t *index)
Checks that the requested handle belongs to the requesting partition.
psa_status_t tfm_crypto_import_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
Structure used to pack non-pointer types in a call.
psa_status_t tfm_crypto_export_public_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_open_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define PSA_CLIENT_KEY_ATTRIBUTES_INIT
psa_status_t tfm_crypto_key_attributes_to_client(const psa_key_attributes_t *key_attributes, struct psa_client_key_attributes_s *client_key_attr)
Converts key attributes to client key attributes.
psa_status_t tfm_crypto_key_attributes_from_client(const struct psa_client_key_attributes_s *client_key_attr, int32_t client_id, psa_key_attributes_t *key_attributes)
Gets key attributes from client key attributes.
psa_status_t tfm_crypto_close_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define psa_reset_key_attributes
psa_status_t tfm_crypto_get_key_attributes(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define PSA_KEY_ATTRIBUTES_INIT
#define TFM_CRYPTO_MAX_KEY_HANDLES
#define PSA_ERROR_INSUFFICIENT_MEMORY
psa_status_t tfm_crypto_export_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define psa_get_key_attributes
psa_status_t tfm_crypto_get_caller_id(int32_t *id)
Returns the ID of the caller.
psa_status_t tfm_crypto_destroy_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
#define PSA_ERROR_NOT_PERMITTED
#define psa_export_public_key
#define CRYPTO_IN_OUT_LEN_VALIDATE(in_len, in_min, in_max, out_len, out_min, out_max)
psa_status_t tfm_crypto_set_key_storage(uint32_t index, psa_key_handle_t key_handle)
Sets the index of the local storage in use with a key requested by the calling partition, and stores the corresponding key_handle.
#define PSA_ERROR_PROGRAMMER_ERROR
#define PSA_ERROR_NOT_SUPPORTED
psa_status_t tfm_crypto_check_key_storage(uint32_t *index)
Checks that there is enough local storage in RAM to keep another key, and returns the index of the st...
#define PSA_ERROR_INVALID_HANDLE
psa_status_t tfm_crypto_get_key_domain_parameters(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_copy_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_set_key_domain_parameters(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
int32_t psa_status_t
Function return status.
psa_status_t tfm_crypto_generate_key(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)
psa_status_t tfm_crypto_reset_key_attributes(psa_invec in_vec[], size_t in_len, psa_outvec out_vec[], size_t out_len)