NCBI C++ ToolKit
psa_crypto_driver_wrappers.c
Go to the documentation of this file.

Go to the SVN repository for this file.

1 /*
2  * Functions to delegate cryptographic operations to an available
3  * and appropriate accelerator.
4  * Warning: This file will be auto-generated in the future.
5  */
6 /* Copyright The Mbed TLS Contributors
7  * SPDX-License-Identifier: Apache-2.0
8  *
9  * Licensed under the Apache License, Version 2.0 (the "License"); you may
10  * not use this file except in compliance with the License.
11  * You may obtain a copy of the License at
12  *
13  * http://www.apache.org/licenses/LICENSE-2.0
14  *
15  * Unless required by applicable law or agreed to in writing, software
16  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18  * See the License for the specific language governing permissions and
19  * limitations under the License.
20  */
21 
22 #include "psa_crypto_aead.h"
23 #include "psa_crypto_cipher.h"
24 #include "psa_crypto_core.h"
25 #include "psa_crypto_driver_wrappers.h"
26 #include "psa_crypto_hash.h"
27 #include "psa_crypto_mac.h"
28 
29 #include "mbedtls/platform.h"
30 
31 #if defined(MBEDTLS_PSA_CRYPTO_C)
32 
33 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
34 
35 /* Include test driver definition when running tests */
36 #if defined(PSA_CRYPTO_DRIVER_TEST)
37 #ifndef PSA_CRYPTO_DRIVER_PRESENT
38 #define PSA_CRYPTO_DRIVER_PRESENT
39 #endif
40 #ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
41 #define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
42 #endif
43 #include "test/drivers/test_driver.h"
44 #endif /* PSA_CRYPTO_DRIVER_TEST */
45 
46 /* Repeat above block for each JSON-declared driver during autogeneration */
47 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
48 
49 /* Auto-generated values depending on which drivers are registered.
50  * ID 0 is reserved for unallocated operations.
51  * ID 1 is reserved for the Mbed TLS software driver. */
52 #define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1)
53 
54 #if defined(PSA_CRYPTO_DRIVER_TEST)
55 #define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2)
56 #define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3)
57 #endif /* PSA_CRYPTO_DRIVER_TEST */
58 
59 /* Support the 'old' SE interface when asked to */
60 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
61 /* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
62  * SE driver is present, to avoid unused argument errors at compile time. */
63 #ifndef PSA_CRYPTO_DRIVER_PRESENT
64 #define PSA_CRYPTO_DRIVER_PRESENT
65 #endif
66 #include "psa_crypto_se.h"
67 #endif
68 
69 psa_status_t psa_driver_wrapper_init(void)
70 {
71  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
72 
73 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
74  status = psa_init_all_se_drivers();
75  if (status != PSA_SUCCESS) {
76  return status;
77  }
78 #endif
79 
80 #if defined(PSA_CRYPTO_DRIVER_TEST)
81  status = mbedtls_test_transparent_init();
82  if (status != PSA_SUCCESS) {
83  return status;
84  }
85 
86  status = mbedtls_test_opaque_init();
87  if (status != PSA_SUCCESS) {
88  return status;
89  }
90 #endif
91 
92  (void) status;
93  return PSA_SUCCESS;
94 }
95 
96 void psa_driver_wrapper_free(void)
97 {
98 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
99  /* Unregister all secure element drivers, so that we restart from
100  * a pristine state. */
101  psa_unregister_all_se_drivers();
102 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
103 
104 #if defined(PSA_CRYPTO_DRIVER_TEST)
105  mbedtls_test_transparent_free();
106  mbedtls_test_opaque_free();
107 #endif
108 }
109 
110 /* Start delegation functions */
111 psa_status_t psa_driver_wrapper_sign_message(
112  const psa_key_attributes_t *attributes,
113  const uint8_t *key_buffer,
114  size_t key_buffer_size,
115  psa_algorithm_t alg,
116  const uint8_t *input,
117  size_t input_length,
118  uint8_t *signature,
119  size_t signature_size,
120  size_t *signature_length)
121 {
122  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
123  psa_key_location_t location =
124  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
125 
126  switch (location) {
127  case PSA_KEY_LOCATION_LOCAL_STORAGE:
128  /* Key is stored in the slot in export representation, so
129  * cycle through all known transparent accelerators */
130 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
131 #if defined(PSA_CRYPTO_DRIVER_TEST)
132  status = mbedtls_test_transparent_signature_sign_message(
133  attributes,
134  key_buffer,
135  key_buffer_size,
136  alg,
137  input,
138  input_length,
139  signature,
140  signature_size,
141  signature_length);
142  /* Declared with fallback == true */
143  if (status != PSA_ERROR_NOT_SUPPORTED) {
144  return status;
145  }
146 #endif /* PSA_CRYPTO_DRIVER_TEST */
147 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
148  break;
149 
150  /* Add cases for opaque driver here */
151 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
152 #if defined(PSA_CRYPTO_DRIVER_TEST)
153  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
154  status = mbedtls_test_opaque_signature_sign_message(
155  attributes,
156  key_buffer,
157  key_buffer_size,
158  alg,
159  input,
160  input_length,
161  signature,
162  signature_size,
163  signature_length);
164  if (status != PSA_ERROR_NOT_SUPPORTED) {
165  return status;
166  }
167  break;
168 #endif /* PSA_CRYPTO_DRIVER_TEST */
169 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
170  default:
171  /* Key is declared with a lifetime not known to us */
172  (void) status;
173  break;
174  }
175 
176  return psa_sign_message_builtin(attributes,
177  key_buffer,
178  key_buffer_size,
179  alg,
180  input,
181  input_length,
182  signature,
183  signature_size,
184  signature_length);
185 }
186 
187 psa_status_t psa_driver_wrapper_verify_message(
188  const psa_key_attributes_t *attributes,
189  const uint8_t *key_buffer,
190  size_t key_buffer_size,
191  psa_algorithm_t alg,
192  const uint8_t *input,
193  size_t input_length,
194  const uint8_t *signature,
195  size_t signature_length)
196 {
197  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
198  psa_key_location_t location =
199  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
200 
201  switch (location) {
202  case PSA_KEY_LOCATION_LOCAL_STORAGE:
203  /* Key is stored in the slot in export representation, so
204  * cycle through all known transparent accelerators */
205 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
206 #if defined(PSA_CRYPTO_DRIVER_TEST)
207  status = mbedtls_test_transparent_signature_verify_message(
208  attributes,
209  key_buffer,
210  key_buffer_size,
211  alg,
212  input,
213  input_length,
214  signature,
215  signature_length);
216  /* Declared with fallback == true */
217  if (status != PSA_ERROR_NOT_SUPPORTED) {
218  return status;
219  }
220 #endif /* PSA_CRYPTO_DRIVER_TEST */
221 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
222  break;
223 
224  /* Add cases for opaque driver here */
225 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
226 #if defined(PSA_CRYPTO_DRIVER_TEST)
227  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
228  return mbedtls_test_opaque_signature_verify_message(
229  attributes,
230  key_buffer,
231  key_buffer_size,
232  alg,
233  input,
234  input_length,
235  signature,
236  signature_length);
237  if (status != PSA_ERROR_NOT_SUPPORTED) {
238  return status;
239  }
240  break;
241 #endif /* PSA_CRYPTO_DRIVER_TEST */
242 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
243  default:
244  /* Key is declared with a lifetime not known to us */
245  (void) status;
246  break;
247  }
248 
249  return psa_verify_message_builtin(attributes,
250  key_buffer,
251  key_buffer_size,
252  alg,
253  input,
254  input_length,
255  signature,
256  signature_length);
257 }
258 
259 psa_status_t psa_driver_wrapper_sign_hash(
260  const psa_key_attributes_t *attributes,
261  const uint8_t *key_buffer, size_t key_buffer_size,
262  psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
263  uint8_t *signature, size_t signature_size, size_t *signature_length)
264 {
265  /* Try dynamically-registered SE interface first */
266 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
267  const psa_drv_se_t *drv;
268  psa_drv_se_context_t *drv_context;
269 
270  if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
271  if (drv->asymmetric == NULL ||
272  drv->asymmetric->p_sign == NULL) {
273  /* Key is defined in SE, but we have no way to exercise it */
274  return PSA_ERROR_NOT_SUPPORTED;
275  }
276  return drv->asymmetric->p_sign(
277  drv_context, *((psa_key_slot_number_t *) key_buffer),
278  alg, hash, hash_length,
279  signature, signature_size, signature_length);
280  }
281 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
282 
283  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
284  psa_key_location_t location =
285  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
286 
287  switch (location) {
288  case PSA_KEY_LOCATION_LOCAL_STORAGE:
289  /* Key is stored in the slot in export representation, so
290  * cycle through all known transparent accelerators */
291 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
292 #if defined(PSA_CRYPTO_DRIVER_TEST)
293  status = mbedtls_test_transparent_signature_sign_hash(attributes,
294  key_buffer,
295  key_buffer_size,
296  alg,
297  hash,
298  hash_length,
299  signature,
300  signature_size,
301  signature_length);
302  /* Declared with fallback == true */
303  if (status != PSA_ERROR_NOT_SUPPORTED) {
304  return status;
305  }
306 #endif /* PSA_CRYPTO_DRIVER_TEST */
307 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
308  /* Fell through, meaning no accelerator supports this operation */
309  return psa_sign_hash_builtin(attributes,
310  key_buffer,
311  key_buffer_size,
312  alg,
313  hash,
314  hash_length,
315  signature,
316  signature_size,
317  signature_length);
318 
319  /* Add cases for opaque driver here */
320 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
321 #if defined(PSA_CRYPTO_DRIVER_TEST)
322  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
323  return mbedtls_test_opaque_signature_sign_hash(attributes,
324  key_buffer,
325  key_buffer_size,
326  alg,
327  hash,
328  hash_length,
329  signature,
330  signature_size,
331  signature_length);
332 #endif /* PSA_CRYPTO_DRIVER_TEST */
333 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
334  default:
335  /* Key is declared with a lifetime not known to us */
336  (void) status;
337  return PSA_ERROR_INVALID_ARGUMENT;
338  }
339 }
340 
341 psa_status_t psa_driver_wrapper_verify_hash(
342  const psa_key_attributes_t *attributes,
343  const uint8_t *key_buffer, size_t key_buffer_size,
344  psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
345  const uint8_t *signature, size_t signature_length)
346 {
347  /* Try dynamically-registered SE interface first */
348 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
349  const psa_drv_se_t *drv;
350  psa_drv_se_context_t *drv_context;
351 
352  if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
353  if (drv->asymmetric == NULL ||
354  drv->asymmetric->p_verify == NULL) {
355  /* Key is defined in SE, but we have no way to exercise it */
356  return PSA_ERROR_NOT_SUPPORTED;
357  }
358  return drv->asymmetric->p_verify(
359  drv_context, *((psa_key_slot_number_t *) key_buffer),
360  alg, hash, hash_length,
361  signature, signature_length);
362  }
363 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
364 
365  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
366  psa_key_location_t location =
367  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
368 
369  switch (location) {
370  case PSA_KEY_LOCATION_LOCAL_STORAGE:
371  /* Key is stored in the slot in export representation, so
372  * cycle through all known transparent accelerators */
373 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
374 #if defined(PSA_CRYPTO_DRIVER_TEST)
375  status = mbedtls_test_transparent_signature_verify_hash(
376  attributes,
377  key_buffer,
378  key_buffer_size,
379  alg,
380  hash,
381  hash_length,
382  signature,
383  signature_length);
384  /* Declared with fallback == true */
385  if (status != PSA_ERROR_NOT_SUPPORTED) {
386  return status;
387  }
388 #endif /* PSA_CRYPTO_DRIVER_TEST */
389 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
390 
391  return psa_verify_hash_builtin(attributes,
392  key_buffer,
393  key_buffer_size,
394  alg,
395  hash,
396  hash_length,
397  signature,
398  signature_length);
399 
400  /* Add cases for opaque driver here */
401 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
402 #if defined(PSA_CRYPTO_DRIVER_TEST)
403  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
404  return mbedtls_test_opaque_signature_verify_hash(attributes,
405  key_buffer,
406  key_buffer_size,
407  alg,
408  hash,
409  hash_length,
410  signature,
411  signature_length);
412 #endif /* PSA_CRYPTO_DRIVER_TEST */
413 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
414  default:
415  /* Key is declared with a lifetime not known to us */
416  (void) status;
417  return PSA_ERROR_INVALID_ARGUMENT;
418  }
419 }
420 
421 /** Get the key buffer size required to store the key material of a key
422  * associated with an opaque driver without storage.
423  *
424  * \param[in] attributes The key attributes.
425  * \param[out] key_buffer_size Minimum buffer size to contain the key material
426  *
427  * \retval #PSA_SUCCESS
428  * The minimum size for a buffer to contain the key material has been
429  * returned successfully.
430  * \retval #PSA_ERROR_INVALID_ARGUMENT
431  * The size in bits of the key is not valid.
432  * \retval #PSA_ERROR_NOT_SUPPORTED
433  * The type and/or the size in bits of the key or the combination of
434  * the two is not supported.
435  */
436 psa_status_t psa_driver_wrapper_get_key_buffer_size(
437  const psa_key_attributes_t *attributes,
438  size_t *key_buffer_size)
439 {
440  psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
441  psa_key_type_t key_type = attributes->core.type;
442  size_t key_bits = attributes->core.bits;
443 
444  *key_buffer_size = 0;
445  switch (location) {
446 #if defined(PSA_CRYPTO_DRIVER_TEST)
447  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
448 #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
449  /* Emulate property 'builtin_key_size' */
450  if (psa_key_id_is_builtin(
451  MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
452  psa_get_key_id(attributes)))) {
453  *key_buffer_size = sizeof(psa_drv_slot_number_t);
454  return PSA_SUCCESS;
455  }
456 #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
457  *key_buffer_size = mbedtls_test_size_function(key_type, key_bits);
458  return (*key_buffer_size != 0) ?
459  PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED;
460 #endif /* PSA_CRYPTO_DRIVER_TEST */
461 
462  default:
463  (void) key_type;
464  (void) key_bits;
465  return PSA_ERROR_NOT_SUPPORTED;
466  }
467 }
468 
469 psa_status_t psa_driver_wrapper_generate_key(
470  const psa_key_attributes_t *attributes,
471  uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
472 {
473  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
474  psa_key_location_t location =
475  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
476 
477  /* Try dynamically-registered SE interface first */
478 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
479  const psa_drv_se_t *drv;
480  psa_drv_se_context_t *drv_context;
481 
482  if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
483  size_t pubkey_length = 0; /* We don't support this feature yet */
484  if (drv->key_management == NULL ||
485  drv->key_management->p_generate == NULL) {
486  /* Key is defined as being in SE, but we have no way to generate it */
487  return PSA_ERROR_NOT_SUPPORTED;
488  }
489  return drv->key_management->p_generate(
490  drv_context,
491  *((psa_key_slot_number_t *) key_buffer),
492  attributes, NULL, 0, &pubkey_length);
493  }
494 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
495 
496  switch (location) {
497  case PSA_KEY_LOCATION_LOCAL_STORAGE:
498 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
499  /* Transparent drivers are limited to generating asymmetric keys */
500  if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->core.type)) {
501  /* Cycle through all known transparent accelerators */
502 #if defined(PSA_CRYPTO_DRIVER_TEST)
503  status = mbedtls_test_transparent_generate_key(
504  attributes, key_buffer, key_buffer_size,
505  key_buffer_length);
506  /* Declared with fallback == true */
507  if (status != PSA_ERROR_NOT_SUPPORTED) {
508  break;
509  }
510 #endif /* PSA_CRYPTO_DRIVER_TEST */
511  }
512 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
513 
514  /* Software fallback */
515  status = psa_generate_key_internal(
516  attributes, key_buffer, key_buffer_size, key_buffer_length);
517  break;
518 
519  /* Add cases for opaque driver here */
520 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
521 #if defined(PSA_CRYPTO_DRIVER_TEST)
522  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
523  status = mbedtls_test_opaque_generate_key(
524  attributes, key_buffer, key_buffer_size, key_buffer_length);
525  break;
526 #endif /* PSA_CRYPTO_DRIVER_TEST */
527 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
528 
529  default:
530  /* Key is declared with a lifetime not known to us */
531  status = PSA_ERROR_INVALID_ARGUMENT;
532  break;
533  }
534 
535  return status;
536 }
537 
538 psa_status_t psa_driver_wrapper_import_key(
539  const psa_key_attributes_t *attributes,
540  const uint8_t *data,
541  size_t data_length,
542  uint8_t *key_buffer,
543  size_t key_buffer_size,
544  size_t *key_buffer_length,
545  size_t *bits)
546 {
547  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
548  psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
549  psa_get_key_lifetime(attributes));
550 
551  /* Try dynamically-registered SE interface first */
552 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
553  const psa_drv_se_t *drv;
554  psa_drv_se_context_t *drv_context;
555 
556  if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
557  if (drv->key_management == NULL ||
558  drv->key_management->p_import == NULL) {
559  return PSA_ERROR_NOT_SUPPORTED;
560  }
561 
562  /* The driver should set the number of key bits, however in
563  * case it doesn't, we initialize bits to an invalid value. */
564  *bits = PSA_MAX_KEY_BITS + 1;
565  status = drv->key_management->p_import(
566  drv_context,
567  *((psa_key_slot_number_t *) key_buffer),
568  attributes, data, data_length, bits);
569 
570  if (status != PSA_SUCCESS) {
571  return status;
572  }
573 
574  if ((*bits) > PSA_MAX_KEY_BITS) {
575  return PSA_ERROR_NOT_SUPPORTED;
576  }
577 
578  return PSA_SUCCESS;
579  }
580 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
581 
582  switch (location) {
583  case PSA_KEY_LOCATION_LOCAL_STORAGE:
584  /* Key is stored in the slot in export representation, so
585  * cycle through all known transparent accelerators */
586 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
587 #if defined(PSA_CRYPTO_DRIVER_TEST)
588  status = mbedtls_test_transparent_import_key(
589  attributes,
590  data, data_length,
591  key_buffer, key_buffer_size,
592  key_buffer_length, bits);
593  /* Declared with fallback == true */
594  if (status != PSA_ERROR_NOT_SUPPORTED) {
595  return status;
596  }
597 #endif /* PSA_CRYPTO_DRIVER_TEST */
598 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
599  /* Fell through, meaning no accelerator supports this operation */
600  return psa_import_key_into_slot(attributes,
601  data, data_length,
602  key_buffer, key_buffer_size,
603  key_buffer_length, bits);
604 
605  default:
606  /* Importing a key with external storage in not yet supported.
607  * Return in error indicating that the lifetime is not valid. */
608  (void) status;
609  return PSA_ERROR_INVALID_ARGUMENT;
610  }
611 
612 }
613 
614 psa_status_t psa_driver_wrapper_export_key(
615  const psa_key_attributes_t *attributes,
616  const uint8_t *key_buffer, size_t key_buffer_size,
617  uint8_t *data, size_t data_size, size_t *data_length)
618 
619 {
620  psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
621  psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
622  psa_get_key_lifetime(attributes));
623 
624  /* Try dynamically-registered SE interface first */
625 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
626  const psa_drv_se_t *drv;
627  psa_drv_se_context_t *drv_context;
628 
629  if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
630  if ((drv->key_management == NULL) ||
631  (drv->key_management->p_export == NULL)) {
632  return PSA_ERROR_NOT_SUPPORTED;
633  }
634 
635  return drv->key_management->p_export(
636  drv_context,
637  *((psa_key_slot_number_t *) key_buffer),
638  data, data_size, data_length);
639  }
640 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
641 
642  switch (location) {
643  case PSA_KEY_LOCATION_LOCAL_STORAGE:
644  return psa_export_key_internal(attributes,
645  key_buffer,
646  key_buffer_size,
647  data,
648  data_size,
649  data_length);
650 
651  /* Add cases for opaque driver here */
652 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
653 #if defined(PSA_CRYPTO_DRIVER_TEST)
654  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
655  return mbedtls_test_opaque_export_key(attributes,
656  key_buffer,
657  key_buffer_size,
658  data,
659  data_size,
660  data_length);
661 #endif /* PSA_CRYPTO_DRIVER_TEST */
662 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
663  default:
664  /* Key is declared with a lifetime not known to us */
665  return status;
666  }
667 }
668 
669 psa_status_t psa_driver_wrapper_export_public_key(
670  const psa_key_attributes_t *attributes,
671  const uint8_t *key_buffer, size_t key_buffer_size,
672  uint8_t *data, size_t data_size, size_t *data_length)
673 
674 {
675  psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
676  psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
677  psa_get_key_lifetime(attributes));
678 
679  /* Try dynamically-registered SE interface first */
680 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
681  const psa_drv_se_t *drv;
682  psa_drv_se_context_t *drv_context;
683 
684  if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
685  if ((drv->key_management == NULL) ||
686  (drv->key_management->p_export_public == NULL)) {
687  return PSA_ERROR_NOT_SUPPORTED;
688  }
689 
690  return drv->key_management->p_export_public(
691  drv_context,
692  *((psa_key_slot_number_t *) key_buffer),
693  data, data_size, data_length);
694  }
695 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
696 
697  switch (location) {
698  case PSA_KEY_LOCATION_LOCAL_STORAGE:
699  /* Key is stored in the slot in export representation, so
700  * cycle through all known transparent accelerators */
701 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
702 #if defined(PSA_CRYPTO_DRIVER_TEST)
703  status = mbedtls_test_transparent_export_public_key(
704  attributes,
705  key_buffer,
706  key_buffer_size,
707  data,
708  data_size,
709  data_length);
710  /* Declared with fallback == true */
711  if (status != PSA_ERROR_NOT_SUPPORTED) {
712  return status;
713  }
714 #endif /* PSA_CRYPTO_DRIVER_TEST */
715 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
716  /* Fell through, meaning no accelerator supports this operation */
717  return psa_export_public_key_internal(attributes,
718  key_buffer,
719  key_buffer_size,
720  data,
721  data_size,
722  data_length);
723 
724  /* Add cases for opaque driver here */
725 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
726 #if defined(PSA_CRYPTO_DRIVER_TEST)
727  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
728  return mbedtls_test_opaque_export_public_key(attributes,
729  key_buffer,
730  key_buffer_size,
731  data,
732  data_size,
733  data_length);
734 #endif /* PSA_CRYPTO_DRIVER_TEST */
735 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
736  default:
737  /* Key is declared with a lifetime not known to us */
738  return status;
739  }
740 }
741 
742 psa_status_t psa_driver_wrapper_get_builtin_key(
743  psa_drv_slot_number_t slot_number,
744  psa_key_attributes_t *attributes,
745  uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
746 {
747  psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
748  switch (location) {
749 #if defined(PSA_CRYPTO_DRIVER_TEST)
750  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
751  return mbedtls_test_opaque_get_builtin_key(
752  slot_number,
753  attributes,
754  key_buffer, key_buffer_size, key_buffer_length);
755 #endif /* PSA_CRYPTO_DRIVER_TEST */
756  default:
757  (void) slot_number;
758  (void) key_buffer;
759  (void) key_buffer_size;
760  (void) key_buffer_length;
761  return PSA_ERROR_DOES_NOT_EXIST;
762  }
763 }
764 
765 /*
766  * Cipher functions
767  */
768 psa_status_t psa_driver_wrapper_cipher_encrypt(
769  const psa_key_attributes_t *attributes,
770  const uint8_t *key_buffer,
771  size_t key_buffer_size,
772  psa_algorithm_t alg,
773  const uint8_t *iv,
774  size_t iv_length,
775  const uint8_t *input,
776  size_t input_length,
777  uint8_t *output,
778  size_t output_size,
779  size_t *output_length)
780 {
781  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
782  psa_key_location_t location =
783  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
784 
785  switch (location) {
786  case PSA_KEY_LOCATION_LOCAL_STORAGE:
787  /* Key is stored in the slot in export representation, so
788  * cycle through all known transparent accelerators */
789 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
790 #if defined(PSA_CRYPTO_DRIVER_TEST)
791  status = mbedtls_test_transparent_cipher_encrypt(attributes,
792  key_buffer,
793  key_buffer_size,
794  alg,
795  iv,
796  iv_length,
797  input,
798  input_length,
799  output,
800  output_size,
801  output_length);
802  /* Declared with fallback == true */
803  if (status != PSA_ERROR_NOT_SUPPORTED) {
804  return status;
805  }
806 #endif /* PSA_CRYPTO_DRIVER_TEST */
807 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
808 
809 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
810  return mbedtls_psa_cipher_encrypt(attributes,
811  key_buffer,
812  key_buffer_size,
813  alg,
814  iv,
815  iv_length,
816  input,
817  input_length,
818  output,
819  output_size,
820  output_length);
821 #else
822  return PSA_ERROR_NOT_SUPPORTED;
823 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
824 
825  /* Add cases for opaque driver here */
826 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
827 #if defined(PSA_CRYPTO_DRIVER_TEST)
828  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
829  return mbedtls_test_opaque_cipher_encrypt(attributes,
830  key_buffer,
831  key_buffer_size,
832  alg,
833  iv,
834  iv_length,
835  input,
836  input_length,
837  output,
838  output_size,
839  output_length);
840 #endif /* PSA_CRYPTO_DRIVER_TEST */
841 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
842 
843  default:
844  /* Key is declared with a lifetime not known to us */
845  (void) status;
846  (void) key_buffer;
847  (void) key_buffer_size;
848  (void) alg;
849  (void) iv;
850  (void) iv_length;
851  (void) input;
852  (void) input_length;
853  (void) output;
854  (void) output_size;
855  (void) output_length;
856  return PSA_ERROR_INVALID_ARGUMENT;
857  }
858 }
859 
860 psa_status_t psa_driver_wrapper_cipher_decrypt(
861  const psa_key_attributes_t *attributes,
862  const uint8_t *key_buffer,
863  size_t key_buffer_size,
864  psa_algorithm_t alg,
865  const uint8_t *input,
866  size_t input_length,
867  uint8_t *output,
868  size_t output_size,
869  size_t *output_length)
870 {
871  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
872  psa_key_location_t location =
873  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
874 
875  switch (location) {
876  case PSA_KEY_LOCATION_LOCAL_STORAGE:
877  /* Key is stored in the slot in export representation, so
878  * cycle through all known transparent accelerators */
879 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
880 #if defined(PSA_CRYPTO_DRIVER_TEST)
881  status = mbedtls_test_transparent_cipher_decrypt(attributes,
882  key_buffer,
883  key_buffer_size,
884  alg,
885  input,
886  input_length,
887  output,
888  output_size,
889  output_length);
890  /* Declared with fallback == true */
891  if (status != PSA_ERROR_NOT_SUPPORTED) {
892  return status;
893  }
894 #endif /* PSA_CRYPTO_DRIVER_TEST */
895 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
896 
897 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
898  return mbedtls_psa_cipher_decrypt(attributes,
899  key_buffer,
900  key_buffer_size,
901  alg,
902  input,
903  input_length,
904  output,
905  output_size,
906  output_length);
907 #else
908  return PSA_ERROR_NOT_SUPPORTED;
909 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
910 
911  /* Add cases for opaque driver here */
912 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
913 #if defined(PSA_CRYPTO_DRIVER_TEST)
914  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
915  return mbedtls_test_opaque_cipher_decrypt(attributes,
916  key_buffer,
917  key_buffer_size,
918  alg,
919  input,
920  input_length,
921  output,
922  output_size,
923  output_length);
924 #endif /* PSA_CRYPTO_DRIVER_TEST */
925 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
926 
927  default:
928  /* Key is declared with a lifetime not known to us */
929  (void) status;
930  (void) key_buffer;
931  (void) key_buffer_size;
932  (void) alg;
933  (void) input;
934  (void) input_length;
935  (void) output;
936  (void) output_size;
937  (void) output_length;
938  return PSA_ERROR_INVALID_ARGUMENT;
939  }
940 }
941 
942 psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
943  psa_cipher_operation_t *operation,
944  const psa_key_attributes_t *attributes,
945  const uint8_t *key_buffer, size_t key_buffer_size,
946  psa_algorithm_t alg)
947 {
948  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
949  psa_key_location_t location =
950  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
951 
952  switch (location) {
953  case PSA_KEY_LOCATION_LOCAL_STORAGE:
954  /* Key is stored in the slot in export representation, so
955  * cycle through all known transparent accelerators */
956 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
957 #if defined(PSA_CRYPTO_DRIVER_TEST)
958  status = mbedtls_test_transparent_cipher_encrypt_setup(
959  &operation->ctx.transparent_test_driver_ctx,
960  attributes,
961  key_buffer,
962  key_buffer_size,
963  alg);
964  /* Declared with fallback == true */
965  if (status == PSA_SUCCESS) {
966  operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
967  }
968 
969  if (status != PSA_ERROR_NOT_SUPPORTED) {
970  return status;
971  }
972 #endif /* PSA_CRYPTO_DRIVER_TEST */
973 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
974 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
975  /* Fell through, meaning no accelerator supports this operation */
976  status = mbedtls_psa_cipher_encrypt_setup(&operation->ctx.mbedtls_ctx,
977  attributes,
978  key_buffer,
979  key_buffer_size,
980  alg);
981  if (status == PSA_SUCCESS) {
982  operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
983  }
984 
985  if (status != PSA_ERROR_NOT_SUPPORTED) {
986  return status;
987  }
988 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
989  return PSA_ERROR_NOT_SUPPORTED;
990 
991  /* Add cases for opaque driver here */
992 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
993 #if defined(PSA_CRYPTO_DRIVER_TEST)
994  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
995  status = mbedtls_test_opaque_cipher_encrypt_setup(
996  &operation->ctx.opaque_test_driver_ctx,
997  attributes,
998  key_buffer, key_buffer_size,
999  alg);
1000 
1001  if (status == PSA_SUCCESS) {
1002  operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
1003  }
1004 
1005  return status;
1006 #endif /* PSA_CRYPTO_DRIVER_TEST */
1007 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1008  default:
1009  /* Key is declared with a lifetime not known to us */
1010  (void) status;
1011  (void) operation;
1012  (void) key_buffer;
1013  (void) key_buffer_size;
1014  (void) alg;
1015  return PSA_ERROR_INVALID_ARGUMENT;
1016  }
1017 }
1018 
1019 psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
1020  psa_cipher_operation_t *operation,
1021  const psa_key_attributes_t *attributes,
1022  const uint8_t *key_buffer, size_t key_buffer_size,
1023  psa_algorithm_t alg)
1024 {
1025  psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
1026  psa_key_location_t location =
1027  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
1028 
1029  switch (location) {
1030  case PSA_KEY_LOCATION_LOCAL_STORAGE:
1031  /* Key is stored in the slot in export representation, so
1032  * cycle through all known transparent accelerators */
1033 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1034 #if defined(PSA_CRYPTO_DRIVER_TEST)
1035  status = mbedtls_test_transparent_cipher_decrypt_setup(
1036  &operation->ctx.transparent_test_driver_ctx,
1037  attributes,
1038  key_buffer,
1039  key_buffer_size,
1040  alg);
1041  /* Declared with fallback == true */
1042  if (status == PSA_SUCCESS) {
1043  operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
1044  }
1045 
1046  if (status != PSA_ERROR_NOT_SUPPORTED) {
1047  return status;
1048  }
1049 #endif /* PSA_CRYPTO_DRIVER_TEST */
1050 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1051 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1052  /* Fell through, meaning no accelerator supports this operation */
1053  status = mbedtls_psa_cipher_decrypt_setup(&operation->ctx.mbedtls_ctx,
1054  attributes,
1055  key_buffer,
1056  key_buffer_size,
1057  alg);
1058  if (status == PSA_SUCCESS) {
1059  operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1060  }
1061 
1062  return status;
1063 #else /* MBEDTLS_PSA_BUILTIN_CIPHER */
1064  return PSA_ERROR_NOT_SUPPORTED;
1065 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1066 
1067  /* Add cases for opaque driver here */
1068 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1069 #if defined(PSA_CRYPTO_DRIVER_TEST)
1070  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1071  status = mbedtls_test_opaque_cipher_decrypt_setup(
1072  &operation->ctx.opaque_test_driver_ctx,
1073  attributes,
1074  key_buffer, key_buffer_size,
1075  alg);
1076 
1077  if (status == PSA_SUCCESS) {
1078  operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
1079  }
1080 
1081  return status;
1082 #endif /* PSA_CRYPTO_DRIVER_TEST */
1083 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1084  default:
1085  /* Key is declared with a lifetime not known to us */
1086  (void) status;
1087  (void) operation;
1088  (void) key_buffer;
1089  (void) key_buffer_size;
1090  (void) alg;
1091  return PSA_ERROR_INVALID_ARGUMENT;
1092  }
1093 }
1094 
1095 psa_status_t psa_driver_wrapper_cipher_set_iv(
1096  psa_cipher_operation_t *operation,
1097  const uint8_t *iv,
1098  size_t iv_length)
1099 {
1100  switch (operation->id) {
1101 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1102  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1103  return mbedtls_psa_cipher_set_iv(&operation->ctx.mbedtls_ctx,
1104  iv,
1105  iv_length);
1106 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1107 
1108 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1109 #if defined(PSA_CRYPTO_DRIVER_TEST)
1110  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1111  return mbedtls_test_transparent_cipher_set_iv(
1112  &operation->ctx.transparent_test_driver_ctx,
1113  iv, iv_length);
1114 
1115  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1116  return mbedtls_test_opaque_cipher_set_iv(
1117  &operation->ctx.opaque_test_driver_ctx,
1118  iv, iv_length);
1119 #endif /* PSA_CRYPTO_DRIVER_TEST */
1120 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1121  }
1122 
1123  (void) iv;
1124  (void) iv_length;
1125 
1126  return PSA_ERROR_INVALID_ARGUMENT;
1127 }
1128 
1129 psa_status_t psa_driver_wrapper_cipher_update(
1130  psa_cipher_operation_t *operation,
1131  const uint8_t *input,
1132  size_t input_length,
1133  uint8_t *output,
1134  size_t output_size,
1135  size_t *output_length)
1136 {
1137  switch (operation->id) {
1138 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1139  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1140  return mbedtls_psa_cipher_update(&operation->ctx.mbedtls_ctx,
1141  input,
1142  input_length,
1143  output,
1144  output_size,
1145  output_length);
1146 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1147 
1148 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1149 #if defined(PSA_CRYPTO_DRIVER_TEST)
1150  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1151  return mbedtls_test_transparent_cipher_update(
1152  &operation->ctx.transparent_test_driver_ctx,
1153  input, input_length,
1154  output, output_size, output_length);
1155 
1156  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1157  return mbedtls_test_opaque_cipher_update(
1158  &operation->ctx.opaque_test_driver_ctx,
1159  input, input_length,
1160  output, output_size, output_length);
1161 #endif /* PSA_CRYPTO_DRIVER_TEST */
1162 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1163  }
1164 
1165  (void) input;
1166  (void) input_length;
1167  (void) output;
1168  (void) output_size;
1169  (void) output_length;
1170 
1171  return PSA_ERROR_INVALID_ARGUMENT;
1172 }
1173 
1174 psa_status_t psa_driver_wrapper_cipher_finish(
1175  psa_cipher_operation_t *operation,
1176  uint8_t *output,
1177  size_t output_size,
1178  size_t *output_length)
1179 {
1180  switch (operation->id) {
1181 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1182  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1183  return mbedtls_psa_cipher_finish(&operation->ctx.mbedtls_ctx,
1184  output,
1185  output_size,
1186  output_length);
1187 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1188 
1189 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1190 #if defined(PSA_CRYPTO_DRIVER_TEST)
1191  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1192  return mbedtls_test_transparent_cipher_finish(
1193  &operation->ctx.transparent_test_driver_ctx,
1194  output, output_size, output_length);
1195 
1196  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1197  return mbedtls_test_opaque_cipher_finish(
1198  &operation->ctx.opaque_test_driver_ctx,
1199  output, output_size, output_length);
1200 #endif /* PSA_CRYPTO_DRIVER_TEST */
1201 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1202  }
1203 
1204  (void) output;
1205  (void) output_size;
1206  (void) output_length;
1207 
1208  return PSA_ERROR_INVALID_ARGUMENT;
1209 }
1210 
1211 psa_status_t psa_driver_wrapper_cipher_abort(
1212  psa_cipher_operation_t *operation)
1213 {
1214  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1215 
1216  switch (operation->id) {
1217 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
1218  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1219  return mbedtls_psa_cipher_abort(&operation->ctx.mbedtls_ctx);
1220 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
1221 
1222 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1223 #if defined(PSA_CRYPTO_DRIVER_TEST)
1224  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1225  status = mbedtls_test_transparent_cipher_abort(
1226  &operation->ctx.transparent_test_driver_ctx);
1227  mbedtls_platform_zeroize(
1228  &operation->ctx.transparent_test_driver_ctx,
1229  sizeof(operation->ctx.transparent_test_driver_ctx));
1230  return status;
1231 
1232  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1233  status = mbedtls_test_opaque_cipher_abort(
1234  &operation->ctx.opaque_test_driver_ctx);
1235  mbedtls_platform_zeroize(
1236  &operation->ctx.opaque_test_driver_ctx,
1237  sizeof(operation->ctx.opaque_test_driver_ctx));
1238  return status;
1239 #endif /* PSA_CRYPTO_DRIVER_TEST */
1240 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1241  }
1242 
1243  (void) status;
1244  return PSA_ERROR_INVALID_ARGUMENT;
1245 }
1246 
1247 /*
1248  * Hashing functions
1249  */
1250 psa_status_t psa_driver_wrapper_hash_compute(
1251  psa_algorithm_t alg,
1252  const uint8_t *input,
1253  size_t input_length,
1254  uint8_t *hash,
1255  size_t hash_size,
1256  size_t *hash_length)
1257 {
1258  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1259 
1260  /* Try accelerators first */
1261 #if defined(PSA_CRYPTO_DRIVER_TEST)
1262  status = mbedtls_test_transparent_hash_compute(
1263  alg, input, input_length, hash, hash_size, hash_length);
1264  if (status != PSA_ERROR_NOT_SUPPORTED) {
1265  return status;
1266  }
1267 #endif
1268 
1269  /* If software fallback is compiled in, try fallback */
1270 #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1271  status = mbedtls_psa_hash_compute(alg, input, input_length,
1272  hash, hash_size, hash_length);
1273  if (status != PSA_ERROR_NOT_SUPPORTED) {
1274  return status;
1275  }
1276 #endif
1277  (void) status;
1278  (void) alg;
1279  (void) input;
1280  (void) input_length;
1281  (void) hash;
1282  (void) hash_size;
1283  (void) hash_length;
1284 
1285  return PSA_ERROR_NOT_SUPPORTED;
1286 }
1287 
1288 psa_status_t psa_driver_wrapper_hash_setup(
1289  psa_hash_operation_t *operation,
1290  psa_algorithm_t alg)
1291 {
1292  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1293 
1294  /* Try setup on accelerators first */
1295 #if defined(PSA_CRYPTO_DRIVER_TEST)
1296  status = mbedtls_test_transparent_hash_setup(
1297  &operation->ctx.test_driver_ctx, alg);
1298  if (status == PSA_SUCCESS) {
1299  operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
1300  }
1301 
1302  if (status != PSA_ERROR_NOT_SUPPORTED) {
1303  return status;
1304  }
1305 #endif
1306 
1307  /* If software fallback is compiled in, try fallback */
1308 #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1309  status = mbedtls_psa_hash_setup(&operation->ctx.mbedtls_ctx, alg);
1310  if (status == PSA_SUCCESS) {
1311  operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1312  }
1313 
1314  if (status != PSA_ERROR_NOT_SUPPORTED) {
1315  return status;
1316  }
1317 #endif
1318  /* Nothing left to try if we fall through here */
1319  (void) status;
1320  (void) operation;
1321  (void) alg;
1322  return PSA_ERROR_NOT_SUPPORTED;
1323 }
1324 
1325 psa_status_t psa_driver_wrapper_hash_clone(
1326  const psa_hash_operation_t *source_operation,
1327  psa_hash_operation_t *target_operation)
1328 {
1329  switch (source_operation->id) {
1330 #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1331  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1332  target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1333  return mbedtls_psa_hash_clone(&source_operation->ctx.mbedtls_ctx,
1334  &target_operation->ctx.mbedtls_ctx);
1335 #endif
1336 #if defined(PSA_CRYPTO_DRIVER_TEST)
1337  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1338  target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
1339  return mbedtls_test_transparent_hash_clone(
1340  &source_operation->ctx.test_driver_ctx,
1341  &target_operation->ctx.test_driver_ctx);
1342 #endif
1343  default:
1344  (void) target_operation;
1345  return PSA_ERROR_BAD_STATE;
1346  }
1347 }
1348 
1349 psa_status_t psa_driver_wrapper_hash_update(
1350  psa_hash_operation_t *operation,
1351  const uint8_t *input,
1352  size_t input_length)
1353 {
1354  switch (operation->id) {
1355 #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1356  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1357  return mbedtls_psa_hash_update(&operation->ctx.mbedtls_ctx,
1358  input, input_length);
1359 #endif
1360 #if defined(PSA_CRYPTO_DRIVER_TEST)
1361  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1362  return mbedtls_test_transparent_hash_update(
1363  &operation->ctx.test_driver_ctx,
1364  input, input_length);
1365 #endif
1366  default:
1367  (void) input;
1368  (void) input_length;
1369  return PSA_ERROR_BAD_STATE;
1370  }
1371 }
1372 
1373 psa_status_t psa_driver_wrapper_hash_finish(
1374  psa_hash_operation_t *operation,
1375  uint8_t *hash,
1376  size_t hash_size,
1377  size_t *hash_length)
1378 {
1379  switch (operation->id) {
1380 #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1381  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1382  return mbedtls_psa_hash_finish(&operation->ctx.mbedtls_ctx,
1383  hash, hash_size, hash_length);
1384 #endif
1385 #if defined(PSA_CRYPTO_DRIVER_TEST)
1386  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1387  return mbedtls_test_transparent_hash_finish(
1388  &operation->ctx.test_driver_ctx,
1389  hash, hash_size, hash_length);
1390 #endif
1391  default:
1392  (void) hash;
1393  (void) hash_size;
1394  (void) hash_length;
1395  return PSA_ERROR_BAD_STATE;
1396  }
1397 }
1398 
1399 psa_status_t psa_driver_wrapper_hash_abort(
1400  psa_hash_operation_t *operation)
1401 {
1402  switch (operation->id) {
1403 #if defined(MBEDTLS_PSA_BUILTIN_HASH)
1404  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1405  return mbedtls_psa_hash_abort(&operation->ctx.mbedtls_ctx);
1406 #endif
1407 #if defined(PSA_CRYPTO_DRIVER_TEST)
1408  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1409  return mbedtls_test_transparent_hash_abort(
1410  &operation->ctx.test_driver_ctx);
1411 #endif
1412  default:
1413  return PSA_ERROR_BAD_STATE;
1414  }
1415 }
1416 
1417 psa_status_t psa_driver_wrapper_aead_encrypt(
1418  const psa_key_attributes_t *attributes,
1419  const uint8_t *key_buffer, size_t key_buffer_size,
1420  psa_algorithm_t alg,
1421  const uint8_t *nonce, size_t nonce_length,
1422  const uint8_t *additional_data, size_t additional_data_length,
1423  const uint8_t *plaintext, size_t plaintext_length,
1424  uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
1425 {
1426  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1427  psa_key_location_t location =
1428  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
1429 
1430  switch (location) {
1431  case PSA_KEY_LOCATION_LOCAL_STORAGE:
1432  /* Key is stored in the slot in export representation, so
1433  * cycle through all known transparent accelerators */
1434 
1435 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1436 #if defined(PSA_CRYPTO_DRIVER_TEST)
1437  status = mbedtls_test_transparent_aead_encrypt(
1438  attributes, key_buffer, key_buffer_size,
1439  alg,
1440  nonce, nonce_length,
1441  additional_data, additional_data_length,
1442  plaintext, plaintext_length,
1443  ciphertext, ciphertext_size, ciphertext_length);
1444  /* Declared with fallback == true */
1445  if (status != PSA_ERROR_NOT_SUPPORTED) {
1446  return status;
1447  }
1448 #endif /* PSA_CRYPTO_DRIVER_TEST */
1449 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1450 
1451  /* Fell through, meaning no accelerator supports this operation */
1452  return mbedtls_psa_aead_encrypt(
1453  attributes, key_buffer, key_buffer_size,
1454  alg,
1455  nonce, nonce_length,
1456  additional_data, additional_data_length,
1457  plaintext, plaintext_length,
1458  ciphertext, ciphertext_size, ciphertext_length);
1459 
1460  /* Add cases for opaque driver here */
1461 
1462  default:
1463  /* Key is declared with a lifetime not known to us */
1464  (void) status;
1465  return PSA_ERROR_INVALID_ARGUMENT;
1466  }
1467 }
1468 
1469 psa_status_t psa_driver_wrapper_aead_decrypt(
1470  const psa_key_attributes_t *attributes,
1471  const uint8_t *key_buffer, size_t key_buffer_size,
1472  psa_algorithm_t alg,
1473  const uint8_t *nonce, size_t nonce_length,
1474  const uint8_t *additional_data, size_t additional_data_length,
1475  const uint8_t *ciphertext, size_t ciphertext_length,
1476  uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
1477 {
1478  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1479  psa_key_location_t location =
1480  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
1481 
1482  switch (location) {
1483  case PSA_KEY_LOCATION_LOCAL_STORAGE:
1484  /* Key is stored in the slot in export representation, so
1485  * cycle through all known transparent accelerators */
1486 
1487 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1488 #if defined(PSA_CRYPTO_DRIVER_TEST)
1489  status = mbedtls_test_transparent_aead_decrypt(
1490  attributes, key_buffer, key_buffer_size,
1491  alg,
1492  nonce, nonce_length,
1493  additional_data, additional_data_length,
1494  ciphertext, ciphertext_length,
1495  plaintext, plaintext_size, plaintext_length);
1496  /* Declared with fallback == true */
1497  if (status != PSA_ERROR_NOT_SUPPORTED) {
1498  return status;
1499  }
1500 #endif /* PSA_CRYPTO_DRIVER_TEST */
1501 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1502 
1503  /* Fell through, meaning no accelerator supports this operation */
1504  return mbedtls_psa_aead_decrypt(
1505  attributes, key_buffer, key_buffer_size,
1506  alg,
1507  nonce, nonce_length,
1508  additional_data, additional_data_length,
1509  ciphertext, ciphertext_length,
1510  plaintext, plaintext_size, plaintext_length);
1511 
1512  /* Add cases for opaque driver here */
1513 
1514  default:
1515  /* Key is declared with a lifetime not known to us */
1516  (void) status;
1517  return PSA_ERROR_INVALID_ARGUMENT;
1518  }
1519 }
1520 
1521 
1522 /*
1523  * MAC functions
1524  */
1525 psa_status_t psa_driver_wrapper_mac_compute(
1526  const psa_key_attributes_t *attributes,
1527  const uint8_t *key_buffer,
1528  size_t key_buffer_size,
1529  psa_algorithm_t alg,
1530  const uint8_t *input,
1531  size_t input_length,
1532  uint8_t *mac,
1533  size_t mac_size,
1534  size_t *mac_length)
1535 {
1536  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1537  psa_key_location_t location =
1538  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
1539 
1540  switch (location) {
1541  case PSA_KEY_LOCATION_LOCAL_STORAGE:
1542  /* Key is stored in the slot in export representation, so
1543  * cycle through all known transparent accelerators */
1544 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1545 #if defined(PSA_CRYPTO_DRIVER_TEST)
1546  status = mbedtls_test_transparent_mac_compute(
1547  attributes, key_buffer, key_buffer_size, alg,
1548  input, input_length,
1549  mac, mac_size, mac_length);
1550  /* Declared with fallback == true */
1551  if (status != PSA_ERROR_NOT_SUPPORTED) {
1552  return status;
1553  }
1554 #endif /* PSA_CRYPTO_DRIVER_TEST */
1555 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1556 #if defined(MBEDTLS_PSA_BUILTIN_MAC)
1557  /* Fell through, meaning no accelerator supports this operation */
1558  status = mbedtls_psa_mac_compute(
1559  attributes, key_buffer, key_buffer_size, alg,
1560  input, input_length,
1561  mac, mac_size, mac_length);
1562  if (status != PSA_ERROR_NOT_SUPPORTED) {
1563  return status;
1564  }
1565 #endif /* MBEDTLS_PSA_BUILTIN_MAC */
1566  return PSA_ERROR_NOT_SUPPORTED;
1567 
1568  /* Add cases for opaque driver here */
1569 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1570 #if defined(PSA_CRYPTO_DRIVER_TEST)
1571  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1572  status = mbedtls_test_opaque_mac_compute(
1573  attributes, key_buffer, key_buffer_size, alg,
1574  input, input_length,
1575  mac, mac_size, mac_length);
1576  return status;
1577 #endif /* PSA_CRYPTO_DRIVER_TEST */
1578 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1579  default:
1580  /* Key is declared with a lifetime not known to us */
1581  (void) key_buffer;
1582  (void) key_buffer_size;
1583  (void) alg;
1584  (void) input;
1585  (void) input_length;
1586  (void) mac;
1587  (void) mac_size;
1588  (void) mac_length;
1589  (void) status;
1590  return PSA_ERROR_INVALID_ARGUMENT;
1591  }
1592 }
1593 
1594 psa_status_t psa_driver_wrapper_mac_sign_setup(
1595  psa_mac_operation_t *operation,
1596  const psa_key_attributes_t *attributes,
1597  const uint8_t *key_buffer,
1598  size_t key_buffer_size,
1599  psa_algorithm_t alg)
1600 {
1601  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1602  psa_key_location_t location =
1603  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
1604 
1605  switch (location) {
1606  case PSA_KEY_LOCATION_LOCAL_STORAGE:
1607  /* Key is stored in the slot in export representation, so
1608  * cycle through all known transparent accelerators */
1609 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1610 #if defined(PSA_CRYPTO_DRIVER_TEST)
1611  status = mbedtls_test_transparent_mac_sign_setup(
1612  &operation->ctx.transparent_test_driver_ctx,
1613  attributes,
1614  key_buffer, key_buffer_size,
1615  alg);
1616  /* Declared with fallback == true */
1617  if (status == PSA_SUCCESS) {
1618  operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
1619  }
1620 
1621  if (status != PSA_ERROR_NOT_SUPPORTED) {
1622  return status;
1623  }
1624 #endif /* PSA_CRYPTO_DRIVER_TEST */
1625 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1626 #if defined(MBEDTLS_PSA_BUILTIN_MAC)
1627  /* Fell through, meaning no accelerator supports this operation */
1628  status = mbedtls_psa_mac_sign_setup(&operation->ctx.mbedtls_ctx,
1629  attributes,
1630  key_buffer, key_buffer_size,
1631  alg);
1632  if (status == PSA_SUCCESS) {
1633  operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1634  }
1635 
1636  if (status != PSA_ERROR_NOT_SUPPORTED) {
1637  return status;
1638  }
1639 #endif /* MBEDTLS_PSA_BUILTIN_MAC */
1640  return PSA_ERROR_NOT_SUPPORTED;
1641 
1642  /* Add cases for opaque driver here */
1643 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1644 #if defined(PSA_CRYPTO_DRIVER_TEST)
1645  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1646  status = mbedtls_test_opaque_mac_sign_setup(
1647  &operation->ctx.opaque_test_driver_ctx,
1648  attributes,
1649  key_buffer, key_buffer_size,
1650  alg);
1651 
1652  if (status == PSA_SUCCESS) {
1653  operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
1654  }
1655 
1656  return status;
1657 #endif /* PSA_CRYPTO_DRIVER_TEST */
1658 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1659  default:
1660  /* Key is declared with a lifetime not known to us */
1661  (void) status;
1662  (void) operation;
1663  (void) key_buffer;
1664  (void) key_buffer_size;
1665  (void) alg;
1666  return PSA_ERROR_INVALID_ARGUMENT;
1667  }
1668 }
1669 
1670 psa_status_t psa_driver_wrapper_mac_verify_setup(
1671  psa_mac_operation_t *operation,
1672  const psa_key_attributes_t *attributes,
1673  const uint8_t *key_buffer,
1674  size_t key_buffer_size,
1675  psa_algorithm_t alg)
1676 {
1677  psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1678  psa_key_location_t location =
1679  PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
1680 
1681  switch (location) {
1682  case PSA_KEY_LOCATION_LOCAL_STORAGE:
1683  /* Key is stored in the slot in export representation, so
1684  * cycle through all known transparent accelerators */
1685 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1686 #if defined(PSA_CRYPTO_DRIVER_TEST)
1687  status = mbedtls_test_transparent_mac_verify_setup(
1688  &operation->ctx.transparent_test_driver_ctx,
1689  attributes,
1690  key_buffer, key_buffer_size,
1691  alg);
1692  /* Declared with fallback == true */
1693  if (status == PSA_SUCCESS) {
1694  operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
1695  }
1696 
1697  if (status != PSA_ERROR_NOT_SUPPORTED) {
1698  return status;
1699  }
1700 #endif /* PSA_CRYPTO_DRIVER_TEST */
1701 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1702 #if defined(MBEDTLS_PSA_BUILTIN_MAC)
1703  /* Fell through, meaning no accelerator supports this operation */
1704  status = mbedtls_psa_mac_verify_setup(&operation->ctx.mbedtls_ctx,
1705  attributes,
1706  key_buffer, key_buffer_size,
1707  alg);
1708  if (status == PSA_SUCCESS) {
1709  operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
1710  }
1711 
1712  if (status != PSA_ERROR_NOT_SUPPORTED) {
1713  return status;
1714  }
1715 #endif /* MBEDTLS_PSA_BUILTIN_MAC */
1716  return PSA_ERROR_NOT_SUPPORTED;
1717 
1718  /* Add cases for opaque driver here */
1719 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1720 #if defined(PSA_CRYPTO_DRIVER_TEST)
1721  case PSA_CRYPTO_TEST_DRIVER_LOCATION:
1722  status = mbedtls_test_opaque_mac_verify_setup(
1723  &operation->ctx.opaque_test_driver_ctx,
1724  attributes,
1725  key_buffer, key_buffer_size,
1726  alg);
1727 
1728  if (status == PSA_SUCCESS) {
1729  operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
1730  }
1731 
1732  return status;
1733 #endif /* PSA_CRYPTO_DRIVER_TEST */
1734 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1735  default:
1736  /* Key is declared with a lifetime not known to us */
1737  (void) status;
1738  (void) operation;
1739  (void) key_buffer;
1740  (void) key_buffer_size;
1741  (void) alg;
1742  return PSA_ERROR_INVALID_ARGUMENT;
1743  }
1744 }
1745 
1746 psa_status_t psa_driver_wrapper_mac_update(
1747  psa_mac_operation_t *operation,
1748  const uint8_t *input,
1749  size_t input_length)
1750 {
1751  switch (operation->id) {
1752 #if defined(MBEDTLS_PSA_BUILTIN_MAC)
1753  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1754  return mbedtls_psa_mac_update(&operation->ctx.mbedtls_ctx,
1755  input, input_length);
1756 #endif /* MBEDTLS_PSA_BUILTIN_MAC */
1757 
1758 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1759 #if defined(PSA_CRYPTO_DRIVER_TEST)
1760  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1761  return mbedtls_test_transparent_mac_update(
1762  &operation->ctx.transparent_test_driver_ctx,
1763  input, input_length);
1764 
1765  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1766  return mbedtls_test_opaque_mac_update(
1767  &operation->ctx.opaque_test_driver_ctx,
1768  input, input_length);
1769 #endif /* PSA_CRYPTO_DRIVER_TEST */
1770 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1771  default:
1772  (void) input;
1773  (void) input_length;
1774  return PSA_ERROR_INVALID_ARGUMENT;
1775  }
1776 }
1777 
1778 psa_status_t psa_driver_wrapper_mac_sign_finish(
1779  psa_mac_operation_t *operation,
1780  uint8_t *mac,
1781  size_t mac_size,
1782  size_t *mac_length)
1783 {
1784  switch (operation->id) {
1785 #if defined(MBEDTLS_PSA_BUILTIN_MAC)
1786  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1787  return mbedtls_psa_mac_sign_finish(&operation->ctx.mbedtls_ctx,
1788  mac, mac_size, mac_length);
1789 #endif /* MBEDTLS_PSA_BUILTIN_MAC */
1790 
1791 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1792 #if defined(PSA_CRYPTO_DRIVER_TEST)
1793  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1794  return mbedtls_test_transparent_mac_sign_finish(
1795  &operation->ctx.transparent_test_driver_ctx,
1796  mac, mac_size, mac_length);
1797 
1798  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1799  return mbedtls_test_opaque_mac_sign_finish(
1800  &operation->ctx.opaque_test_driver_ctx,
1801  mac, mac_size, mac_length);
1802 #endif /* PSA_CRYPTO_DRIVER_TEST */
1803 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1804  default:
1805  (void) mac;
1806  (void) mac_size;
1807  (void) mac_length;
1808  return PSA_ERROR_INVALID_ARGUMENT;
1809  }
1810 }
1811 
1812 psa_status_t psa_driver_wrapper_mac_verify_finish(
1813  psa_mac_operation_t *operation,
1814  const uint8_t *mac,
1815  size_t mac_length)
1816 {
1817  switch (operation->id) {
1818 #if defined(MBEDTLS_PSA_BUILTIN_MAC)
1819  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1820  return mbedtls_psa_mac_verify_finish(&operation->ctx.mbedtls_ctx,
1821  mac, mac_length);
1822 #endif /* MBEDTLS_PSA_BUILTIN_MAC */
1823 
1824 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1825 #if defined(PSA_CRYPTO_DRIVER_TEST)
1826  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1827  return mbedtls_test_transparent_mac_verify_finish(
1828  &operation->ctx.transparent_test_driver_ctx,
1829  mac, mac_length);
1830 
1831  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1832  return mbedtls_test_opaque_mac_verify_finish(
1833  &operation->ctx.opaque_test_driver_ctx,
1834  mac, mac_length);
1835 #endif /* PSA_CRYPTO_DRIVER_TEST */
1836 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1837  default:
1838  (void) mac;
1839  (void) mac_length;
1840  return PSA_ERROR_INVALID_ARGUMENT;
1841  }
1842 }
1843 
1844 psa_status_t psa_driver_wrapper_mac_abort(
1845  psa_mac_operation_t *operation)
1846 {
1847  switch (operation->id) {
1848 #if defined(MBEDTLS_PSA_BUILTIN_MAC)
1849  case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
1850  return mbedtls_psa_mac_abort(&operation->ctx.mbedtls_ctx);
1851 #endif /* MBEDTLS_PSA_BUILTIN_MAC */
1852 
1853 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
1854 #if defined(PSA_CRYPTO_DRIVER_TEST)
1855  case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
1856  return mbedtls_test_transparent_mac_abort(
1857  &operation->ctx.transparent_test_driver_ctx);
1858  case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
1859  return mbedtls_test_opaque_mac_abort(
1860  &operation->ctx.opaque_test_driver_ctx);
1861 #endif /* PSA_CRYPTO_DRIVER_TEST */
1862 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
1863  default:
1864  return PSA_ERROR_INVALID_ARGUMENT;
1865  }
1866 }
1867 
1868 #endif /* MBEDTLS_PSA_CRYPTO_C */
attributes
static const struct attribute attributes[]
Definition: attributes.c:165
location
static const char location[]
Definition: config.c:97
PSA_MAX_KEY_BITS
#define PSA_MAX_KEY_BITS
Definition: crypto_struct.h:274
NULL
#define NULL
Definition: ncbistd.hpp:225
psa_get_key_lifetime
static psa_key_lifetime_t psa_get_key_lifetime(const psa_key_attributes_t *attributes)
Retrieve the lifetime from key attributes.
psa_get_key_id
static mbedtls_svc_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes)
Retrieve the key identifier from key attributes.
bm::operation
operation
Bit operations.
Definition: bmconst.h:191
psa_key_type_t
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:81
PSA_KEY_TYPE_IS_ASYMMETRIC
#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)
Whether a key type is asymmetric: either a key pair or a public key.
Definition: crypto_values.h:390
psa_algorithm_t
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:137
psa_status_t
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:62
PSA_ERROR_CORRUPTION_DETECTED
#define PSA_ERROR_CORRUPTION_DETECTED
A tampering attempt was detected.
Definition: crypto_values.h:242
PSA_ERROR_DOES_NOT_EXIST
#define PSA_ERROR_DOES_NOT_EXIST
Asking for an item that doesn't exist.
Definition: crypto_values.h:121
PSA_ERROR_NOT_SUPPORTED
#define PSA_ERROR_NOT_SUPPORTED
The requested operation or a parameter is not supported by this implementation.
Definition: crypto_values.h:84
PSA_SUCCESS
#define PSA_SUCCESS
The action was completed successfully.
Definition: crypto_values.h:68
PSA_ERROR_INVALID_ARGUMENT
#define PSA_ERROR_INVALID_ARGUMENT
The parameters passed to the function are invalid.
Definition: crypto_values.h:148
PSA_ERROR_BAD_STATE
#define PSA_ERROR_BAD_STATE
The requested action cannot be performed in the current state.
Definition: crypto_values.h:137
PSA_KEY_LOCATION_LOCAL_STORAGE
#define PSA_KEY_LOCATION_LOCAL_STORAGE
The local storage area for persistent keys.
Definition: crypto_values.h:2088
PSA_KEY_LIFETIME_GET_LOCATION
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)
Definition: crypto_values.h:2025
psa_key_location_t
uint32_t psa_key_location_t
Encoding of key location indicators.
Definition: crypto_types.h:263
MBEDTLS_SVC_KEY_ID_GET_KEY_ID
#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)
Definition: crypto_values.h:2119
psa_drv_slot_number_t
uint64_t psa_drv_slot_number_t
A slot number identifying a key in a driver.
Definition: crypto_extra.h:740
psa_key_slot_number_t
uint64_t psa_key_slot_number_t
An internal designation of a key slot between the core part of the PSA Crypto implementation and the ...
Definition: crypto_se_driver.h:148
input
static int input()
Definition: lex.newick.cpp:1147
psa_sign_hash_builtin
#define psa_sign_hash_builtin
Definition: ncbicxx_rename_mbedtls.h:1347
psa_import_key_into_slot
#define psa_import_key_into_slot
Definition: ncbicxx_rename_mbedtls.h:1305
psa_verify_hash_builtin
#define psa_verify_hash_builtin
Definition: ncbicxx_rename_mbedtls.h:1355
psa_verify_message_builtin
#define psa_verify_message_builtin
Definition: ncbicxx_rename_mbedtls.h:1359
psa_export_public_key_internal
#define psa_export_public_key_internal
Definition: ncbicxx_rename_mbedtls.h:1277
psa_sign_message_builtin
#define psa_sign_message_builtin
Definition: ncbicxx_rename_mbedtls.h:1351
psa_export_key_internal
#define psa_export_key_internal
Definition: ncbicxx_rename_mbedtls.h:1273
psa_generate_key_internal
#define psa_generate_key_internal
Definition: ncbicxx_rename_mbedtls.h:1281
platform.h
This file contains the definitions and functions of the Mbed TLS platform abstraction layer.
mbedtls_platform_zeroize
void mbedtls_platform_zeroize(void *buf, size_t len)
Securely zeroize a buffer.
output
static SQLCHAR output[256]
Definition: print.c:5
psa_crypto_aead.h
mbedtls_psa_aead_encrypt
psa_status_t mbedtls_psa_aead_encrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
Process an authenticated encryption operation.
mbedtls_psa_aead_decrypt
psa_status_t mbedtls_psa_aead_decrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
Process an authenticated decryption operation.
psa_crypto_cipher.h
mbedtls_psa_cipher_decrypt
psa_status_t mbedtls_psa_cipher_decrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Decrypt a message using a symmetric cipher.
mbedtls_psa_cipher_decrypt_setup
psa_status_t mbedtls_psa_cipher_decrypt_setup(mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
Set the key for a multipart symmetric decryption operation.
mbedtls_psa_cipher_update
psa_status_t mbedtls_psa_cipher_update(mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt or decrypt a message fragment in an active cipher operation.
mbedtls_psa_cipher_encrypt_setup
psa_status_t mbedtls_psa_cipher_encrypt_setup(mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
Set the key for a multipart symmetric encryption operation.
mbedtls_psa_cipher_abort
psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation)
Abort a cipher operation.
mbedtls_psa_cipher_finish
psa_status_t mbedtls_psa_cipher_finish(mbedtls_psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
Finish encrypting or decrypting a message in a cipher operation.
mbedtls_psa_cipher_set_iv
psa_status_t mbedtls_psa_cipher_set_iv(mbedtls_psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length)
Set the IV for a symmetric encryption or decryption operation.
mbedtls_psa_cipher_encrypt
psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *iv, size_t iv_length, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
Encrypt a message using a symmetric cipher.
psa_crypto_core.h
PSA_CRYPTO_MBED_TLS_DRIVER_ID
#define PSA_CRYPTO_MBED_TLS_DRIVER_ID
Definition: psa_crypto_driver_wrappers.c:52
psa_crypto_driver_wrappers.h
psa_driver_wrapper_cipher_abort
psa_status_t psa_driver_wrapper_cipher_abort(psa_cipher_operation_t *operation)
psa_driver_wrapper_hash_abort
psa_status_t psa_driver_wrapper_hash_abort(psa_hash_operation_t *operation)
psa_driver_wrapper_import_key
psa_status_t psa_driver_wrapper_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits)
psa_driver_wrapper_cipher_update
psa_status_t psa_driver_wrapper_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_driver_wrapper_cipher_finish
psa_status_t psa_driver_wrapper_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length)
psa_driver_wrapper_mac_sign_finish
psa_status_t psa_driver_wrapper_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_driver_wrapper_hash_update
psa_status_t psa_driver_wrapper_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
psa_driver_wrapper_hash_finish
psa_status_t psa_driver_wrapper_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)
psa_driver_wrapper_hash_setup
psa_status_t psa_driver_wrapper_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg)
psa_driver_wrapper_mac_compute
psa_status_t psa_driver_wrapper_mac_compute(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *mac, size_t mac_size, size_t *mac_length)
psa_driver_wrapper_hash_clone
psa_status_t psa_driver_wrapper_hash_clone(const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation)
psa_driver_wrapper_hash_compute
psa_status_t psa_driver_wrapper_hash_compute(psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length)
psa_driver_wrapper_export_key
psa_status_t psa_driver_wrapper_export_key(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length)
psa_driver_wrapper_cipher_decrypt_setup
psa_status_t psa_driver_wrapper_cipher_decrypt_setup(psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
psa_driver_wrapper_get_builtin_key
psa_status_t psa_driver_wrapper_get_builtin_key(psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
psa_driver_wrapper_init
psa_status_t psa_driver_wrapper_init(void)
psa_driver_wrapper_mac_verify_finish
psa_status_t psa_driver_wrapper_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
psa_driver_wrapper_aead_decrypt
psa_status_t psa_driver_wrapper_aead_decrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
psa_driver_wrapper_free
void psa_driver_wrapper_free(void)
psa_driver_wrapper_aead_encrypt
psa_status_t psa_driver_wrapper_aead_encrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
psa_driver_wrapper_generate_key
psa_status_t psa_driver_wrapper_generate_key(const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
psa_driver_wrapper_get_key_buffer_size
psa_status_t psa_driver_wrapper_get_key_buffer_size(const psa_key_attributes_t *attributes, size_t *key_buffer_size)
psa_driver_wrapper_verify_message
psa_status_t psa_driver_wrapper_verify_message(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *signature, size_t signature_length)
psa_driver_wrapper_mac_sign_setup
psa_status_t psa_driver_wrapper_mac_sign_setup(psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
psa_driver_wrapper_mac_update
psa_status_t psa_driver_wrapper_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
psa_driver_wrapper_cipher_set_iv
psa_status_t psa_driver_wrapper_cipher_set_iv(psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length)
psa_driver_wrapper_cipher_decrypt
psa_status_t psa_driver_wrapper_cipher_decrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_driver_wrapper_mac_abort
psa_status_t psa_driver_wrapper_mac_abort(psa_mac_operation_t *operation)
psa_driver_wrapper_mac_verify_setup
psa_status_t psa_driver_wrapper_mac_verify_setup(psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
psa_driver_wrapper_verify_hash
psa_status_t psa_driver_wrapper_verify_hash(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length)
psa_driver_wrapper_export_public_key
psa_status_t psa_driver_wrapper_export_public_key(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length)
psa_driver_wrapper_cipher_encrypt
psa_status_t psa_driver_wrapper_cipher_encrypt(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *iv, size_t iv_length, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length)
psa_driver_wrapper_sign_hash
psa_status_t psa_driver_wrapper_sign_hash(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
psa_driver_wrapper_cipher_encrypt_setup
psa_status_t psa_driver_wrapper_cipher_encrypt_setup(psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
psa_driver_wrapper_sign_message
psa_status_t psa_driver_wrapper_sign_message(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *signature, size_t signature_size, size_t *signature_length)
psa_crypto_hash.h
mbedtls_psa_hash_clone
psa_status_t mbedtls_psa_hash_clone(const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation)
Clone an Mbed TLS hash operation.
mbedtls_psa_hash_setup
psa_status_t mbedtls_psa_hash_setup(mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg)
Set up a multipart hash operation using Mbed TLS routines.
mbedtls_psa_hash_finish
psa_status_t mbedtls_psa_hash_finish(mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length)
Finish the calculation of the Mbed TLS-calculated hash of a message.
mbedtls_psa_hash_abort
psa_status_t mbedtls_psa_hash_abort(mbedtls_psa_hash_operation_t *operation)
Abort an Mbed TLS hash operation.
mbedtls_psa_hash_compute
psa_status_t mbedtls_psa_hash_compute(psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length)
Calculate the hash (digest) of a message using Mbed TLS routines.
mbedtls_psa_hash_update
psa_status_t mbedtls_psa_hash_update(mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length)
Add a message fragment to a multipart Mbed TLS hash operation.
psa_crypto_mac.h
mbedtls_psa_mac_compute
psa_status_t mbedtls_psa_mac_compute(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *mac, size_t mac_size, size_t *mac_length)
Calculate the MAC (message authentication code) of a message using Mbed TLS.
mbedtls_psa_mac_verify_finish
psa_status_t mbedtls_psa_mac_verify_finish(mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length)
Finish the calculation of the MAC of a message and compare it with an expected value using Mbed TLS.
mbedtls_psa_mac_update
psa_status_t mbedtls_psa_mac_update(mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length)
Add a message fragment to a multipart MAC operation using Mbed TLS.
mbedtls_psa_mac_verify_setup
psa_status_t mbedtls_psa_mac_verify_setup(mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
Set up a multipart MAC verification operation using Mbed TLS.
mbedtls_psa_mac_abort
psa_status_t mbedtls_psa_mac_abort(mbedtls_psa_mac_operation_t *operation)
Abort a MAC operation using Mbed TLS.
mbedtls_psa_mac_sign_finish
psa_status_t mbedtls_psa_mac_sign_finish(mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length)
Finish the calculation of the MAC of a message using Mbed TLS.
mbedtls_psa_mac_sign_setup
psa_status_t mbedtls_psa_mac_sign_setup(mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg)
Set up a multipart MAC calculation operation using Mbed TLS.
psa_crypto_se.h
psa_init_all_se_drivers
psa_status_t psa_init_all_se_drivers(void)
Initialize all secure element drivers.
psa_get_se_driver
int psa_get_se_driver(psa_key_lifetime_t lifetime, const psa_drv_se_t **p_methods, psa_drv_se_context_t **p_drv_context)
Return the secure element driver information for a lifetime value.
psa_unregister_all_se_drivers
void psa_unregister_all_se_drivers(void)
Unregister all secure element drivers.
uint8_t
unsigned char uint8_t
Definition: stdint.h:124
attribute::type
test_type_t type
Definition: attributes.c:161
hash
Definition: _hash_fun.h:40
psa_cipher_operation_s
Definition: crypto_struct.h:101
psa_drv_se_asymmetric_t::p_verify
psa_drv_se_asymmetric_verify_t p_verify
Function that performs an asymmetric verify operation.
Definition: crypto_se_driver.h:686
psa_drv_se_asymmetric_t::p_sign
psa_drv_se_asymmetric_sign_t p_sign
Function that performs an asymmetric sign operation.
Definition: crypto_se_driver.h:684
psa_drv_se_context_t
Driver context structure.
Definition: crypto_se_driver.h:55
psa_drv_se_key_management_t::p_export
psa_drv_se_export_key_t p_export
Function that performs a key export operation.
Definition: crypto_se_driver.h:1132
psa_drv_se_key_management_t::p_import
psa_drv_se_import_key_t p_import
Function that performs a key import operation.
Definition: crypto_se_driver.h:1126
psa_drv_se_key_management_t::p_generate
psa_drv_se_generate_key_t p_generate
Function that performs a generation.
Definition: crypto_se_driver.h:1128
psa_drv_se_key_management_t::p_export_public
psa_drv_se_export_key_t p_export_public
Function that performs a public key export operation.
Definition: crypto_se_driver.h:1134
psa_drv_se_t
A structure containing pointers to all the entry points of a secure element driver.
Definition: crypto_se_driver.h:1289
psa_drv_se_t::key_management
const psa_drv_se_key_management_t * key_management
Definition: crypto_se_driver.h:1319
psa_drv_se_t::asymmetric
const psa_drv_se_asymmetric_t * asymmetric
Definition: crypto_se_driver.h:1323
psa_hash_operation_s
Definition: crypto_struct.h:83
psa_hash_operation_s::ctx
psa_driver_hash_context_t ctx
Definition: crypto_struct.h:91
psa_hash_operation_s::id
unsigned int id
Unique ID indicating which driver got assigned to do the operation.
Definition: crypto_struct.h:90
psa_key_attributes_s
Definition: crypto_struct.h:311
psa_mac_operation_s
Definition: crypto_struct.h:129
psa_driver_hash_context_t::mbedtls_ctx
mbedtls_psa_hash_operation_t mbedtls_ctx
Definition: crypto_driver_contexts_primitives.h:101
Generated by doxygen 1.9.0
Modified on Mon Dec 11 02:35:58 2023 by modify_doxy.py rev. 669887