psa_crypto_driver_wrappers.h (107973B)
1 /* 2 * Functions to delegate cryptographic operations to an available 3 * and appropriate accelerator. 4 * Warning: This file is now auto-generated. 5 */ 6 /* Copyright The Mbed TLS Contributors 7 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 8 */ 9 10 11 /* BEGIN-common headers */ 12 #include "common.h" 13 #include "psa_crypto_aead.h" 14 #include "psa_crypto_cipher.h" 15 #include "psa_crypto_core.h" 16 #include "psa_crypto_driver_wrappers_no_static.h" 17 #include "psa_crypto_hash.h" 18 #include "psa_crypto_mac.h" 19 #include "psa_crypto_pake.h" 20 #include "psa_crypto_rsa.h" 21 22 #include "mbedtls/platform.h" 23 #include "mbedtls/constant_time.h" 24 /* END-common headers */ 25 26 #if defined(MBEDTLS_PSA_CRYPTO_C) 27 28 /* BEGIN-driver headers */ 29 /* Headers for mbedtls_test opaque driver */ 30 #if defined(PSA_CRYPTO_DRIVER_TEST) 31 #include "test/drivers/test_driver.h" 32 33 #endif 34 /* Headers for mbedtls_test transparent driver */ 35 #if defined(PSA_CRYPTO_DRIVER_TEST) 36 #include "test/drivers/test_driver.h" 37 38 #endif 39 /* Headers for p256 transparent driver */ 40 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) 41 #include "../3rdparty/p256-m/p256-m_driver_entrypoints.h" 42 43 #endif 44 45 /* END-driver headers */ 46 47 /* Auto-generated values depending on which drivers are registered. 48 * ID 0 is reserved for unallocated operations. 49 * ID 1 is reserved for the Mbed TLS software driver. */ 50 /* BEGIN-driver id definition */ 51 #define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) 52 #define MBEDTLS_TEST_OPAQUE_DRIVER_ID (2) 53 #define MBEDTLS_TEST_TRANSPARENT_DRIVER_ID (3) 54 #define P256_TRANSPARENT_DRIVER_ID (4) 55 56 /* END-driver id */ 57 58 /* BEGIN-Common Macro definitions */ 59 60 /* END-Common Macro definitions */ 61 62 /* Support the 'old' SE interface when asked to */ 63 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 64 /* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style 65 * SE driver is present, to avoid unused argument errors at compile time. */ 66 #ifndef PSA_CRYPTO_DRIVER_PRESENT 67 #define PSA_CRYPTO_DRIVER_PRESENT 68 #endif 69 #include "psa_crypto_se.h" 70 #endif 71 72 static inline psa_status_t psa_driver_wrapper_init( void ) 73 { 74 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 75 76 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 77 status = psa_init_all_se_drivers( ); 78 if( status != PSA_SUCCESS ) 79 return( status ); 80 #endif 81 82 #if defined(PSA_CRYPTO_DRIVER_TEST) 83 status = mbedtls_test_transparent_init( ); 84 if( status != PSA_SUCCESS ) 85 return( status ); 86 87 status = mbedtls_test_opaque_init( ); 88 if( status != PSA_SUCCESS ) 89 return( status ); 90 #endif 91 92 (void) status; 93 return( PSA_SUCCESS ); 94 } 95 96 static inline void psa_driver_wrapper_free( void ) 97 { 98 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 99 /* Unregister all secure element drivers, so that we restart from 100 * a pristine state. */ 101 psa_unregister_all_se_drivers( ); 102 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 103 104 #if defined(PSA_CRYPTO_DRIVER_TEST) 105 mbedtls_test_transparent_free( ); 106 mbedtls_test_opaque_free( ); 107 #endif 108 } 109 110 /* Start delegation functions */ 111 static inline psa_status_t psa_driver_wrapper_sign_message( 112 const psa_key_attributes_t *attributes, 113 const uint8_t *key_buffer, 114 size_t key_buffer_size, 115 psa_algorithm_t alg, 116 const uint8_t *input, 117 size_t input_length, 118 uint8_t *signature, 119 size_t signature_size, 120 size_t *signature_length ) 121 { 122 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 123 psa_key_location_t location = 124 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 125 126 switch( location ) 127 { 128 case PSA_KEY_LOCATION_LOCAL_STORAGE: 129 /* Key is stored in the slot in export representation, so 130 * cycle through all known transparent accelerators */ 131 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 132 #if defined(PSA_CRYPTO_DRIVER_TEST) 133 status = mbedtls_test_transparent_signature_sign_message( 134 attributes, 135 key_buffer, 136 key_buffer_size, 137 alg, 138 input, 139 input_length, 140 signature, 141 signature_size, 142 signature_length ); 143 /* Declared with fallback == true */ 144 if( status != PSA_ERROR_NOT_SUPPORTED ) 145 return( status ); 146 #endif /* PSA_CRYPTO_DRIVER_TEST */ 147 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 148 break; 149 150 /* Add cases for opaque driver here */ 151 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 152 #if defined(PSA_CRYPTO_DRIVER_TEST) 153 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 154 status = mbedtls_test_opaque_signature_sign_message( 155 attributes, 156 key_buffer, 157 key_buffer_size, 158 alg, 159 input, 160 input_length, 161 signature, 162 signature_size, 163 signature_length ); 164 if( status != PSA_ERROR_NOT_SUPPORTED ) 165 return( status ); 166 break; 167 #endif /* PSA_CRYPTO_DRIVER_TEST */ 168 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 169 default: 170 /* Key is declared with a lifetime not known to us */ 171 (void)status; 172 break; 173 } 174 175 return( psa_sign_message_builtin( attributes, 176 key_buffer, 177 key_buffer_size, 178 alg, 179 input, 180 input_length, 181 signature, 182 signature_size, 183 signature_length ) ); 184 } 185 186 static inline psa_status_t psa_driver_wrapper_verify_message( 187 const psa_key_attributes_t *attributes, 188 const uint8_t *key_buffer, 189 size_t key_buffer_size, 190 psa_algorithm_t alg, 191 const uint8_t *input, 192 size_t input_length, 193 const uint8_t *signature, 194 size_t signature_length ) 195 { 196 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 197 psa_key_location_t location = 198 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 199 200 switch( location ) 201 { 202 case PSA_KEY_LOCATION_LOCAL_STORAGE: 203 /* Key is stored in the slot in export representation, so 204 * cycle through all known transparent accelerators */ 205 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 206 #if defined(PSA_CRYPTO_DRIVER_TEST) 207 status = mbedtls_test_transparent_signature_verify_message( 208 attributes, 209 key_buffer, 210 key_buffer_size, 211 alg, 212 input, 213 input_length, 214 signature, 215 signature_length ); 216 /* Declared with fallback == true */ 217 if( status != PSA_ERROR_NOT_SUPPORTED ) 218 return( status ); 219 #endif /* PSA_CRYPTO_DRIVER_TEST */ 220 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 221 break; 222 223 /* Add cases for opaque driver here */ 224 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 225 #if defined(PSA_CRYPTO_DRIVER_TEST) 226 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 227 return( mbedtls_test_opaque_signature_verify_message( 228 attributes, 229 key_buffer, 230 key_buffer_size, 231 alg, 232 input, 233 input_length, 234 signature, 235 signature_length ) ); 236 if( status != PSA_ERROR_NOT_SUPPORTED ) 237 return( status ); 238 break; 239 #endif /* PSA_CRYPTO_DRIVER_TEST */ 240 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 241 default: 242 /* Key is declared with a lifetime not known to us */ 243 (void)status; 244 break; 245 } 246 247 return( psa_verify_message_builtin( attributes, 248 key_buffer, 249 key_buffer_size, 250 alg, 251 input, 252 input_length, 253 signature, 254 signature_length ) ); 255 } 256 257 static inline psa_status_t psa_driver_wrapper_sign_hash( 258 const psa_key_attributes_t *attributes, 259 const uint8_t *key_buffer, size_t key_buffer_size, 260 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, 261 uint8_t *signature, size_t signature_size, size_t *signature_length ) 262 { 263 /* Try dynamically-registered SE interface first */ 264 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 265 const psa_drv_se_t *drv; 266 psa_drv_se_context_t *drv_context; 267 268 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 269 { 270 if( drv->asymmetric == NULL || 271 drv->asymmetric->p_sign == NULL ) 272 { 273 /* Key is defined in SE, but we have no way to exercise it */ 274 return( PSA_ERROR_NOT_SUPPORTED ); 275 } 276 return( drv->asymmetric->p_sign( 277 drv_context, *( (psa_key_slot_number_t *)key_buffer ), 278 alg, hash, hash_length, 279 signature, signature_size, signature_length ) ); 280 } 281 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 282 283 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 284 psa_key_location_t location = 285 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 286 287 switch( location ) 288 { 289 case PSA_KEY_LOCATION_LOCAL_STORAGE: 290 /* Key is stored in the slot in export representation, so 291 * cycle through all known transparent accelerators */ 292 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 293 #if defined(PSA_CRYPTO_DRIVER_TEST) 294 status = mbedtls_test_transparent_signature_sign_hash( attributes, 295 key_buffer, 296 key_buffer_size, 297 alg, 298 hash, 299 hash_length, 300 signature, 301 signature_size, 302 signature_length ); 303 /* Declared with fallback == true */ 304 if( status != PSA_ERROR_NOT_SUPPORTED ) 305 return( status ); 306 #endif /* PSA_CRYPTO_DRIVER_TEST */ 307 #if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) 308 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 309 PSA_ALG_IS_RANDOMIZED_ECDSA(alg) && 310 PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 && 311 psa_get_key_bits(attributes) == 256 ) 312 { 313 status = p256_transparent_sign_hash( attributes, 314 key_buffer, 315 key_buffer_size, 316 alg, 317 hash, 318 hash_length, 319 signature, 320 signature_size, 321 signature_length ); 322 if( status != PSA_ERROR_NOT_SUPPORTED ) 323 return( status ); 324 } 325 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 326 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 327 /* Fell through, meaning no accelerator supports this operation */ 328 return( psa_sign_hash_builtin( attributes, 329 key_buffer, 330 key_buffer_size, 331 alg, 332 hash, 333 hash_length, 334 signature, 335 signature_size, 336 signature_length ) ); 337 338 /* Add cases for opaque driver here */ 339 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 340 #if defined(PSA_CRYPTO_DRIVER_TEST) 341 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 342 return( mbedtls_test_opaque_signature_sign_hash( attributes, 343 key_buffer, 344 key_buffer_size, 345 alg, 346 hash, 347 hash_length, 348 signature, 349 signature_size, 350 signature_length ) ); 351 #endif /* PSA_CRYPTO_DRIVER_TEST */ 352 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 353 default: 354 /* Key is declared with a lifetime not known to us */ 355 (void)status; 356 return( PSA_ERROR_INVALID_ARGUMENT ); 357 } 358 } 359 360 static inline psa_status_t psa_driver_wrapper_verify_hash( 361 const psa_key_attributes_t *attributes, 362 const uint8_t *key_buffer, size_t key_buffer_size, 363 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, 364 const uint8_t *signature, size_t signature_length ) 365 { 366 /* Try dynamically-registered SE interface first */ 367 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 368 const psa_drv_se_t *drv; 369 psa_drv_se_context_t *drv_context; 370 371 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 372 { 373 if( drv->asymmetric == NULL || 374 drv->asymmetric->p_verify == NULL ) 375 { 376 /* Key is defined in SE, but we have no way to exercise it */ 377 return( PSA_ERROR_NOT_SUPPORTED ); 378 } 379 return( drv->asymmetric->p_verify( 380 drv_context, *( (psa_key_slot_number_t *)key_buffer ), 381 alg, hash, hash_length, 382 signature, signature_length ) ); 383 } 384 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 385 386 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 387 psa_key_location_t location = 388 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 389 390 switch( location ) 391 { 392 case PSA_KEY_LOCATION_LOCAL_STORAGE: 393 /* Key is stored in the slot in export representation, so 394 * cycle through all known transparent accelerators */ 395 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 396 #if defined(PSA_CRYPTO_DRIVER_TEST) 397 status = mbedtls_test_transparent_signature_verify_hash( 398 attributes, 399 key_buffer, 400 key_buffer_size, 401 alg, 402 hash, 403 hash_length, 404 signature, 405 signature_length ); 406 /* Declared with fallback == true */ 407 if( status != PSA_ERROR_NOT_SUPPORTED ) 408 return( status ); 409 #endif /* PSA_CRYPTO_DRIVER_TEST */ 410 #if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) 411 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 412 PSA_ALG_IS_ECDSA(alg) && 413 PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 && 414 psa_get_key_bits(attributes) == 256 ) 415 { 416 status = p256_transparent_verify_hash( attributes, 417 key_buffer, 418 key_buffer_size, 419 alg, 420 hash, 421 hash_length, 422 signature, 423 signature_length ); 424 if( status != PSA_ERROR_NOT_SUPPORTED ) 425 return( status ); 426 } 427 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 428 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 429 430 return( psa_verify_hash_builtin( attributes, 431 key_buffer, 432 key_buffer_size, 433 alg, 434 hash, 435 hash_length, 436 signature, 437 signature_length ) ); 438 439 /* Add cases for opaque driver here */ 440 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 441 #if defined(PSA_CRYPTO_DRIVER_TEST) 442 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 443 return( mbedtls_test_opaque_signature_verify_hash( attributes, 444 key_buffer, 445 key_buffer_size, 446 alg, 447 hash, 448 hash_length, 449 signature, 450 signature_length ) ); 451 #endif /* PSA_CRYPTO_DRIVER_TEST */ 452 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 453 default: 454 /* Key is declared with a lifetime not known to us */ 455 (void)status; 456 return( PSA_ERROR_INVALID_ARGUMENT ); 457 } 458 } 459 460 static inline uint32_t psa_driver_wrapper_sign_hash_get_num_ops( 461 psa_sign_hash_interruptible_operation_t *operation ) 462 { 463 switch( operation->id ) 464 { 465 /* If uninitialised, return 0, as no work can have been done. */ 466 case 0: 467 return 0; 468 469 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 470 return(mbedtls_psa_sign_hash_get_num_ops(&operation->ctx.mbedtls_ctx)); 471 472 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 473 #if defined(PSA_CRYPTO_DRIVER_TEST) 474 /* Add test driver tests here */ 475 476 #endif /* PSA_CRYPTO_DRIVER_TEST */ 477 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 478 } 479 480 /* Can't happen (see discussion in #8271) */ 481 return 0; 482 } 483 484 static inline uint32_t psa_driver_wrapper_verify_hash_get_num_ops( 485 psa_verify_hash_interruptible_operation_t *operation ) 486 { 487 switch( operation->id ) 488 { 489 /* If uninitialised, return 0, as no work can have been done. */ 490 case 0: 491 return 0; 492 493 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 494 return (mbedtls_psa_verify_hash_get_num_ops(&operation->ctx.mbedtls_ctx)); 495 496 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 497 #if defined(PSA_CRYPTO_DRIVER_TEST) 498 /* Add test driver tests here */ 499 500 #endif /* PSA_CRYPTO_DRIVER_TEST */ 501 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 502 503 } 504 505 /* Can't happen (see discussion in #8271) */ 506 return 0; 507 } 508 509 static inline psa_status_t psa_driver_wrapper_sign_hash_start( 510 psa_sign_hash_interruptible_operation_t *operation, 511 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 512 size_t key_buffer_size, psa_algorithm_t alg, 513 const uint8_t *hash, size_t hash_length ) 514 { 515 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 516 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 517 psa_get_key_lifetime(attributes) ); 518 519 switch( location ) 520 { 521 case PSA_KEY_LOCATION_LOCAL_STORAGE: 522 /* Key is stored in the slot in export representation, so 523 * cycle through all known transparent accelerators */ 524 525 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 526 #if defined(PSA_CRYPTO_DRIVER_TEST) 527 528 /* Add test driver tests here */ 529 530 /* Declared with fallback == true */ 531 532 #endif /* PSA_CRYPTO_DRIVER_TEST */ 533 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 534 535 /* Fell through, meaning no accelerator supports this operation */ 536 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 537 status = mbedtls_psa_sign_hash_start( &operation->ctx.mbedtls_ctx, 538 attributes, 539 key_buffer, key_buffer_size, 540 alg, hash, hash_length ); 541 break; 542 543 /* Add cases for opaque driver here */ 544 545 default: 546 /* Key is declared with a lifetime not known to us */ 547 status = PSA_ERROR_INVALID_ARGUMENT; 548 break; 549 } 550 551 return( status ); 552 } 553 554 static inline psa_status_t psa_driver_wrapper_sign_hash_complete( 555 psa_sign_hash_interruptible_operation_t *operation, 556 uint8_t *signature, size_t signature_size, 557 size_t *signature_length ) 558 { 559 switch( operation->id ) 560 { 561 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 562 return( mbedtls_psa_sign_hash_complete( &operation->ctx.mbedtls_ctx, 563 signature, signature_size, 564 signature_length ) ); 565 566 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 567 #if defined(PSA_CRYPTO_DRIVER_TEST) 568 /* Add test driver tests here */ 569 570 #endif /* PSA_CRYPTO_DRIVER_TEST */ 571 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 572 } 573 574 ( void ) signature; 575 ( void ) signature_size; 576 ( void ) signature_length; 577 578 return( PSA_ERROR_INVALID_ARGUMENT ); 579 } 580 581 static inline psa_status_t psa_driver_wrapper_sign_hash_abort( 582 psa_sign_hash_interruptible_operation_t *operation ) 583 { 584 switch( operation->id ) 585 { 586 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 587 return( mbedtls_psa_sign_hash_abort( &operation->ctx.mbedtls_ctx ) ); 588 589 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 590 #if defined(PSA_CRYPTO_DRIVER_TEST) 591 /* Add test driver tests here */ 592 593 #endif /* PSA_CRYPTO_DRIVER_TEST */ 594 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 595 } 596 597 return( PSA_ERROR_INVALID_ARGUMENT ); 598 } 599 600 static inline psa_status_t psa_driver_wrapper_verify_hash_start( 601 psa_verify_hash_interruptible_operation_t *operation, 602 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 603 size_t key_buffer_size, psa_algorithm_t alg, 604 const uint8_t *hash, size_t hash_length, 605 const uint8_t *signature, size_t signature_length ) 606 { 607 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 608 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 609 psa_get_key_lifetime(attributes) ); 610 611 switch( location ) 612 { 613 case PSA_KEY_LOCATION_LOCAL_STORAGE: 614 /* Key is stored in the slot in export representation, so 615 * cycle through all known transparent accelerators */ 616 617 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 618 #if defined(PSA_CRYPTO_DRIVER_TEST) 619 620 /* Add test driver tests here */ 621 622 /* Declared with fallback == true */ 623 624 #endif /* PSA_CRYPTO_DRIVER_TEST */ 625 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 626 627 /* Fell through, meaning no accelerator supports this operation */ 628 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 629 status = mbedtls_psa_verify_hash_start( &operation->ctx.mbedtls_ctx, 630 attributes, 631 key_buffer, key_buffer_size, 632 alg, hash, hash_length, 633 signature, signature_length ); 634 break; 635 636 /* Add cases for opaque driver here */ 637 638 default: 639 /* Key is declared with a lifetime not known to us */ 640 status = PSA_ERROR_INVALID_ARGUMENT; 641 break; 642 } 643 644 return( status ); 645 } 646 647 static inline psa_status_t psa_driver_wrapper_verify_hash_complete( 648 psa_verify_hash_interruptible_operation_t *operation ) 649 { 650 switch( operation->id ) 651 { 652 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 653 return( mbedtls_psa_verify_hash_complete( 654 &operation->ctx.mbedtls_ctx 655 ) ); 656 657 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 658 #if defined(PSA_CRYPTO_DRIVER_TEST) 659 /* Add test driver tests here */ 660 661 #endif /* PSA_CRYPTO_DRIVER_TEST */ 662 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 663 } 664 665 return( PSA_ERROR_INVALID_ARGUMENT ); 666 } 667 668 static inline psa_status_t psa_driver_wrapper_verify_hash_abort( 669 psa_verify_hash_interruptible_operation_t *operation ) 670 { 671 switch( operation->id ) 672 { 673 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 674 return( mbedtls_psa_verify_hash_abort( &operation->ctx.mbedtls_ctx 675 ) ); 676 677 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 678 #if defined(PSA_CRYPTO_DRIVER_TEST) 679 /* Add test driver tests here */ 680 681 #endif /* PSA_CRYPTO_DRIVER_TEST */ 682 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 683 } 684 685 return( PSA_ERROR_INVALID_ARGUMENT ); 686 } 687 688 /** Calculate the key buffer size required to store the key material of a key 689 * associated with an opaque driver from input key data. 690 * 691 * \param[in] attributes The key attributes 692 * \param[in] data The input key data. 693 * \param[in] data_length The input data length. 694 * \param[out] key_buffer_size Minimum buffer size to contain the key material. 695 * 696 * \retval #PSA_SUCCESS \emptydescription 697 * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription 698 * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription 699 */ 700 static inline psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( 701 const psa_key_attributes_t *attributes, 702 const uint8_t *data, 703 size_t data_length, 704 size_t *key_buffer_size ) 705 { 706 psa_key_location_t location = 707 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 708 psa_key_type_t key_type = psa_get_key_type(attributes); 709 710 *key_buffer_size = 0; 711 switch( location ) 712 { 713 #if defined(PSA_CRYPTO_DRIVER_TEST) 714 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 715 *key_buffer_size = mbedtls_test_opaque_size_function( key_type, 716 PSA_BYTES_TO_BITS( data_length ) ); 717 return( ( *key_buffer_size != 0 ) ? 718 PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); 719 #endif /* PSA_CRYPTO_DRIVER_TEST */ 720 721 default: 722 (void)key_type; 723 (void)data; 724 (void)data_length; 725 return( PSA_ERROR_INVALID_ARGUMENT ); 726 } 727 } 728 729 static inline psa_status_t psa_driver_wrapper_generate_key( 730 const psa_key_attributes_t *attributes, 731 const psa_custom_key_parameters_t *custom, 732 const uint8_t *custom_data, size_t custom_data_length, 733 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) 734 { 735 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 736 psa_key_location_t location = 737 PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); 738 739 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 740 int is_default_production = 741 psa_custom_key_parameters_are_default(custom, custom_data_length); 742 if( location != PSA_KEY_LOCATION_LOCAL_STORAGE && !is_default_production ) 743 { 744 /* We don't support passing custom production parameters 745 * to drivers yet. */ 746 return PSA_ERROR_NOT_SUPPORTED; 747 } 748 #else 749 int is_default_production = 1; 750 (void) is_default_production; 751 #endif 752 753 /* Try dynamically-registered SE interface first */ 754 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 755 const psa_drv_se_t *drv; 756 psa_drv_se_context_t *drv_context; 757 758 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 759 { 760 size_t pubkey_length = 0; /* We don't support this feature yet */ 761 if( drv->key_management == NULL || 762 drv->key_management->p_generate == NULL ) 763 { 764 /* Key is defined as being in SE, but we have no way to generate it */ 765 return( PSA_ERROR_NOT_SUPPORTED ); 766 } 767 return( drv->key_management->p_generate( 768 drv_context, 769 *( (psa_key_slot_number_t *)key_buffer ), 770 attributes, NULL, 0, &pubkey_length ) ); 771 } 772 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 773 774 switch( location ) 775 { 776 case PSA_KEY_LOCATION_LOCAL_STORAGE: 777 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 778 /* Transparent drivers are limited to generating asymmetric keys. */ 779 /* We don't support passing custom production parameters 780 * to drivers yet. */ 781 if( PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type(attributes) ) && 782 is_default_production ) 783 { 784 /* Cycle through all known transparent accelerators */ 785 #if defined(PSA_CRYPTO_DRIVER_TEST) 786 status = mbedtls_test_transparent_generate_key( 787 attributes, key_buffer, key_buffer_size, 788 key_buffer_length ); 789 /* Declared with fallback == true */ 790 if( status != PSA_ERROR_NOT_SUPPORTED ) 791 break; 792 #endif /* PSA_CRYPTO_DRIVER_TEST */ 793 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) 794 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 795 psa_get_key_type(attributes) == PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1) && 796 psa_get_key_bits(attributes) == 256 ) 797 { 798 status = p256_transparent_generate_key( attributes, 799 key_buffer, 800 key_buffer_size, 801 key_buffer_length ); 802 if( status != PSA_ERROR_NOT_SUPPORTED ) 803 break; 804 } 805 806 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 807 } 808 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 809 810 /* Software fallback */ 811 status = psa_generate_key_internal( 812 attributes, custom, custom_data, custom_data_length, 813 key_buffer, key_buffer_size, key_buffer_length ); 814 break; 815 816 /* Add cases for opaque driver here */ 817 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 818 #if defined(PSA_CRYPTO_DRIVER_TEST) 819 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 820 status = mbedtls_test_opaque_generate_key( 821 attributes, key_buffer, key_buffer_size, key_buffer_length ); 822 break; 823 #endif /* PSA_CRYPTO_DRIVER_TEST */ 824 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 825 826 default: 827 /* Key is declared with a lifetime not known to us */ 828 status = PSA_ERROR_INVALID_ARGUMENT; 829 break; 830 } 831 832 return( status ); 833 } 834 835 static inline psa_status_t psa_driver_wrapper_import_key( 836 const psa_key_attributes_t *attributes, 837 const uint8_t *data, 838 size_t data_length, 839 uint8_t *key_buffer, 840 size_t key_buffer_size, 841 size_t *key_buffer_length, 842 size_t *bits ) 843 { 844 845 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 846 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 847 psa_get_key_lifetime( attributes ) ); 848 849 /* Try dynamically-registered SE interface first */ 850 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 851 const psa_drv_se_t *drv; 852 psa_drv_se_context_t *drv_context; 853 854 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 855 { 856 if( drv->key_management == NULL || 857 drv->key_management->p_import == NULL ) 858 return( PSA_ERROR_NOT_SUPPORTED ); 859 860 /* The driver should set the number of key bits, however in 861 * case it doesn't, we initialize bits to an invalid value. */ 862 *bits = PSA_MAX_KEY_BITS + 1; 863 status = drv->key_management->p_import( 864 drv_context, 865 *( (psa_key_slot_number_t *)key_buffer ), 866 attributes, data, data_length, bits ); 867 868 if( status != PSA_SUCCESS ) 869 return( status ); 870 871 if( (*bits) > PSA_MAX_KEY_BITS ) 872 return( PSA_ERROR_NOT_SUPPORTED ); 873 874 return( PSA_SUCCESS ); 875 } 876 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 877 878 switch( location ) 879 { 880 case PSA_KEY_LOCATION_LOCAL_STORAGE: 881 /* Key is stored in the slot in export representation, so 882 * cycle through all known transparent accelerators */ 883 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 884 885 #if (defined(PSA_CRYPTO_DRIVER_TEST) ) 886 status = mbedtls_test_transparent_import_key 887 (attributes, 888 data, 889 data_length, 890 key_buffer, 891 key_buffer_size, 892 key_buffer_length, 893 bits 894 ); 895 896 if( status != PSA_ERROR_NOT_SUPPORTED ) 897 return( status ); 898 #endif 899 900 #if (defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) ) 901 status = p256_transparent_import_key 902 (attributes, 903 data, 904 data_length, 905 key_buffer, 906 key_buffer_size, 907 key_buffer_length, 908 bits 909 ); 910 911 if( status != PSA_ERROR_NOT_SUPPORTED ) 912 return( status ); 913 #endif 914 915 916 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 917 918 /* Fell through, meaning no accelerator supports this operation */ 919 return( psa_import_key_into_slot( attributes, 920 data, data_length, 921 key_buffer, key_buffer_size, 922 key_buffer_length, bits ) ); 923 /* Add cases for opaque driver here */ 924 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 925 926 #if (defined(PSA_CRYPTO_DRIVER_TEST) ) 927 case 0x7fffff: 928 return( mbedtls_test_opaque_import_key 929 (attributes, 930 data, 931 data_length, 932 key_buffer, 933 key_buffer_size, 934 key_buffer_length, 935 bits 936 )); 937 #endif 938 939 940 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 941 default: 942 (void)status; 943 return( PSA_ERROR_INVALID_ARGUMENT ); 944 } 945 946 } 947 948 static inline psa_status_t psa_driver_wrapper_export_key( 949 const psa_key_attributes_t *attributes, 950 const uint8_t *key_buffer, size_t key_buffer_size, 951 uint8_t *data, size_t data_size, size_t *data_length ) 952 953 { 954 955 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; 956 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 957 psa_get_key_lifetime( attributes ) ); 958 959 /* Try dynamically-registered SE interface first */ 960 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 961 const psa_drv_se_t *drv; 962 psa_drv_se_context_t *drv_context; 963 964 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 965 { 966 if( ( drv->key_management == NULL ) || 967 ( drv->key_management->p_export == NULL ) ) 968 { 969 return( PSA_ERROR_NOT_SUPPORTED ); 970 } 971 972 return( drv->key_management->p_export( 973 drv_context, 974 *( (psa_key_slot_number_t *)key_buffer ), 975 data, data_size, data_length ) ); 976 } 977 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 978 979 switch( location ) 980 { 981 case PSA_KEY_LOCATION_LOCAL_STORAGE: 982 return( psa_export_key_internal( attributes, 983 key_buffer, 984 key_buffer_size, 985 data, 986 data_size, 987 data_length ) ); 988 989 /* Add cases for opaque driver here */ 990 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 991 992 #if (defined(PSA_CRYPTO_DRIVER_TEST) ) 993 case 0x7fffff: 994 return( mbedtls_test_opaque_export_key 995 (attributes, 996 key_buffer, 997 key_buffer_size, 998 data, 999 data_size, 1000 data_length 1001 )); 1002 #endif 1003 1004 1005 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1006 default: 1007 /* Key is declared with a lifetime not known to us */ 1008 return( status ); 1009 } 1010 1011 } 1012 1013 static inline psa_status_t psa_driver_wrapper_copy_key( 1014 psa_key_attributes_t *attributes, 1015 const uint8_t *source_key, size_t source_key_length, 1016 uint8_t *target_key_buffer, size_t target_key_buffer_size, 1017 size_t *target_key_buffer_length ) 1018 { 1019 1020 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1021 psa_key_location_t location = 1022 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1023 1024 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 1025 const psa_drv_se_t *drv; 1026 psa_drv_se_context_t *drv_context; 1027 1028 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 1029 { 1030 /* Copying to a secure element is not implemented yet. */ 1031 return( PSA_ERROR_NOT_SUPPORTED ); 1032 } 1033 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 1034 1035 switch( location ) 1036 { 1037 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1038 1039 #if (defined(PSA_CRYPTO_DRIVER_TEST) ) 1040 case 0x7fffff: 1041 return( mbedtls_test_opaque_copy_key 1042 (attributes, 1043 source_key, 1044 source_key_length, 1045 target_key_buffer, 1046 target_key_buffer_size, 1047 target_key_buffer_length 1048 )); 1049 #endif 1050 1051 1052 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1053 default: 1054 (void)source_key; 1055 (void)source_key_length; 1056 (void)target_key_buffer; 1057 (void)target_key_buffer_size; 1058 (void)target_key_buffer_length; 1059 status = PSA_ERROR_INVALID_ARGUMENT; 1060 } 1061 return( status ); 1062 1063 } 1064 1065 /* 1066 * Cipher functions 1067 */ 1068 static inline psa_status_t psa_driver_wrapper_cipher_encrypt( 1069 const psa_key_attributes_t *attributes, 1070 const uint8_t *key_buffer, 1071 size_t key_buffer_size, 1072 psa_algorithm_t alg, 1073 const uint8_t *iv, 1074 size_t iv_length, 1075 const uint8_t *input, 1076 size_t input_length, 1077 uint8_t *output, 1078 size_t output_size, 1079 size_t *output_length ) 1080 { 1081 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1082 psa_key_location_t location = 1083 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1084 1085 switch( location ) 1086 { 1087 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1088 /* Key is stored in the slot in export representation, so 1089 * cycle through all known transparent accelerators */ 1090 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1091 #if defined(PSA_CRYPTO_DRIVER_TEST) 1092 status = mbedtls_test_transparent_cipher_encrypt( attributes, 1093 key_buffer, 1094 key_buffer_size, 1095 alg, 1096 iv, 1097 iv_length, 1098 input, 1099 input_length, 1100 output, 1101 output_size, 1102 output_length ); 1103 /* Declared with fallback == true */ 1104 if( status != PSA_ERROR_NOT_SUPPORTED ) 1105 return( status ); 1106 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1107 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1108 1109 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1110 return( mbedtls_psa_cipher_encrypt( attributes, 1111 key_buffer, 1112 key_buffer_size, 1113 alg, 1114 iv, 1115 iv_length, 1116 input, 1117 input_length, 1118 output, 1119 output_size, 1120 output_length ) ); 1121 #else 1122 return( PSA_ERROR_NOT_SUPPORTED ); 1123 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1124 1125 /* Add cases for opaque driver here */ 1126 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1127 #if defined(PSA_CRYPTO_DRIVER_TEST) 1128 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1129 return( mbedtls_test_opaque_cipher_encrypt( attributes, 1130 key_buffer, 1131 key_buffer_size, 1132 alg, 1133 iv, 1134 iv_length, 1135 input, 1136 input_length, 1137 output, 1138 output_size, 1139 output_length ) ); 1140 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1141 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1142 1143 default: 1144 /* Key is declared with a lifetime not known to us */ 1145 (void)status; 1146 (void)key_buffer; 1147 (void)key_buffer_size; 1148 (void)alg; 1149 (void)iv; 1150 (void)iv_length; 1151 (void)input; 1152 (void)input_length; 1153 (void)output; 1154 (void)output_size; 1155 (void)output_length; 1156 return( PSA_ERROR_INVALID_ARGUMENT ); 1157 } 1158 } 1159 1160 static inline psa_status_t psa_driver_wrapper_cipher_decrypt( 1161 const psa_key_attributes_t *attributes, 1162 const uint8_t *key_buffer, 1163 size_t key_buffer_size, 1164 psa_algorithm_t alg, 1165 const uint8_t *input, 1166 size_t input_length, 1167 uint8_t *output, 1168 size_t output_size, 1169 size_t *output_length ) 1170 { 1171 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1172 psa_key_location_t location = 1173 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1174 1175 switch( location ) 1176 { 1177 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1178 /* Key is stored in the slot in export representation, so 1179 * cycle through all known transparent accelerators */ 1180 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1181 #if defined(PSA_CRYPTO_DRIVER_TEST) 1182 status = mbedtls_test_transparent_cipher_decrypt( attributes, 1183 key_buffer, 1184 key_buffer_size, 1185 alg, 1186 input, 1187 input_length, 1188 output, 1189 output_size, 1190 output_length ); 1191 /* Declared with fallback == true */ 1192 if( status != PSA_ERROR_NOT_SUPPORTED ) 1193 return( status ); 1194 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1195 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1196 1197 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1198 return( mbedtls_psa_cipher_decrypt( attributes, 1199 key_buffer, 1200 key_buffer_size, 1201 alg, 1202 input, 1203 input_length, 1204 output, 1205 output_size, 1206 output_length ) ); 1207 #else 1208 return( PSA_ERROR_NOT_SUPPORTED ); 1209 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1210 1211 /* Add cases for opaque driver here */ 1212 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1213 #if defined(PSA_CRYPTO_DRIVER_TEST) 1214 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1215 return( mbedtls_test_opaque_cipher_decrypt( attributes, 1216 key_buffer, 1217 key_buffer_size, 1218 alg, 1219 input, 1220 input_length, 1221 output, 1222 output_size, 1223 output_length ) ); 1224 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1225 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1226 1227 default: 1228 /* Key is declared with a lifetime not known to us */ 1229 (void)status; 1230 (void)key_buffer; 1231 (void)key_buffer_size; 1232 (void)alg; 1233 (void)input; 1234 (void)input_length; 1235 (void)output; 1236 (void)output_size; 1237 (void)output_length; 1238 return( PSA_ERROR_INVALID_ARGUMENT ); 1239 } 1240 } 1241 1242 static inline psa_status_t psa_driver_wrapper_cipher_encrypt_setup( 1243 psa_cipher_operation_t *operation, 1244 const psa_key_attributes_t *attributes, 1245 const uint8_t *key_buffer, size_t key_buffer_size, 1246 psa_algorithm_t alg ) 1247 { 1248 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1249 psa_key_location_t location = 1250 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1251 1252 switch( location ) 1253 { 1254 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1255 /* Key is stored in the slot in export representation, so 1256 * cycle through all known transparent accelerators */ 1257 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1258 #if defined(PSA_CRYPTO_DRIVER_TEST) 1259 status = mbedtls_test_transparent_cipher_encrypt_setup( 1260 &operation->ctx.transparent_test_driver_ctx, 1261 attributes, 1262 key_buffer, 1263 key_buffer_size, 1264 alg ); 1265 /* Declared with fallback == true */ 1266 if( status == PSA_SUCCESS ) 1267 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1268 1269 if( status != PSA_ERROR_NOT_SUPPORTED ) 1270 return( status ); 1271 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1272 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1273 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1274 /* Fell through, meaning no accelerator supports this operation */ 1275 status = mbedtls_psa_cipher_encrypt_setup( &operation->ctx.mbedtls_ctx, 1276 attributes, 1277 key_buffer, 1278 key_buffer_size, 1279 alg ); 1280 if( status == PSA_SUCCESS ) 1281 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1282 1283 if( status != PSA_ERROR_NOT_SUPPORTED ) 1284 return( status ); 1285 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1286 return( PSA_ERROR_NOT_SUPPORTED ); 1287 1288 /* Add cases for opaque driver here */ 1289 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1290 #if defined(PSA_CRYPTO_DRIVER_TEST) 1291 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1292 status = mbedtls_test_opaque_cipher_encrypt_setup( 1293 &operation->ctx.opaque_test_driver_ctx, 1294 attributes, 1295 key_buffer, key_buffer_size, 1296 alg ); 1297 1298 if( status == PSA_SUCCESS ) 1299 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 1300 1301 return( status ); 1302 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1303 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1304 default: 1305 /* Key is declared with a lifetime not known to us */ 1306 (void)status; 1307 (void)operation; 1308 (void)key_buffer; 1309 (void)key_buffer_size; 1310 (void)alg; 1311 return( PSA_ERROR_INVALID_ARGUMENT ); 1312 } 1313 } 1314 1315 static inline psa_status_t psa_driver_wrapper_cipher_decrypt_setup( 1316 psa_cipher_operation_t *operation, 1317 const psa_key_attributes_t *attributes, 1318 const uint8_t *key_buffer, size_t key_buffer_size, 1319 psa_algorithm_t alg ) 1320 { 1321 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; 1322 psa_key_location_t location = 1323 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1324 1325 switch( location ) 1326 { 1327 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1328 /* Key is stored in the slot in export representation, so 1329 * cycle through all known transparent accelerators */ 1330 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1331 #if defined(PSA_CRYPTO_DRIVER_TEST) 1332 status = mbedtls_test_transparent_cipher_decrypt_setup( 1333 &operation->ctx.transparent_test_driver_ctx, 1334 attributes, 1335 key_buffer, 1336 key_buffer_size, 1337 alg ); 1338 /* Declared with fallback == true */ 1339 if( status == PSA_SUCCESS ) 1340 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1341 1342 if( status != PSA_ERROR_NOT_SUPPORTED ) 1343 return( status ); 1344 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1345 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1346 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1347 /* Fell through, meaning no accelerator supports this operation */ 1348 status = mbedtls_psa_cipher_decrypt_setup( &operation->ctx.mbedtls_ctx, 1349 attributes, 1350 key_buffer, 1351 key_buffer_size, 1352 alg ); 1353 if( status == PSA_SUCCESS ) 1354 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1355 1356 return( status ); 1357 #else /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1358 return( PSA_ERROR_NOT_SUPPORTED ); 1359 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1360 1361 /* Add cases for opaque driver here */ 1362 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1363 #if defined(PSA_CRYPTO_DRIVER_TEST) 1364 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1365 status = mbedtls_test_opaque_cipher_decrypt_setup( 1366 &operation->ctx.opaque_test_driver_ctx, 1367 attributes, 1368 key_buffer, key_buffer_size, 1369 alg ); 1370 1371 if( status == PSA_SUCCESS ) 1372 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 1373 1374 return( status ); 1375 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1376 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1377 default: 1378 /* Key is declared with a lifetime not known to us */ 1379 (void)status; 1380 (void)operation; 1381 (void)key_buffer; 1382 (void)key_buffer_size; 1383 (void)alg; 1384 return( PSA_ERROR_INVALID_ARGUMENT ); 1385 } 1386 } 1387 1388 static inline psa_status_t psa_driver_wrapper_cipher_set_iv( 1389 psa_cipher_operation_t *operation, 1390 const uint8_t *iv, 1391 size_t iv_length ) 1392 { 1393 switch( operation->id ) 1394 { 1395 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1396 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1397 return( mbedtls_psa_cipher_set_iv( &operation->ctx.mbedtls_ctx, 1398 iv, 1399 iv_length ) ); 1400 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1401 1402 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1403 #if defined(PSA_CRYPTO_DRIVER_TEST) 1404 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1405 return( mbedtls_test_transparent_cipher_set_iv( 1406 &operation->ctx.transparent_test_driver_ctx, 1407 iv, iv_length ) ); 1408 1409 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1410 return( mbedtls_test_opaque_cipher_set_iv( 1411 &operation->ctx.opaque_test_driver_ctx, 1412 iv, iv_length ) ); 1413 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1414 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1415 } 1416 1417 (void)iv; 1418 (void)iv_length; 1419 1420 return( PSA_ERROR_INVALID_ARGUMENT ); 1421 } 1422 1423 static inline psa_status_t psa_driver_wrapper_cipher_update( 1424 psa_cipher_operation_t *operation, 1425 const uint8_t *input, 1426 size_t input_length, 1427 uint8_t *output, 1428 size_t output_size, 1429 size_t *output_length ) 1430 { 1431 switch( operation->id ) 1432 { 1433 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1434 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1435 return( mbedtls_psa_cipher_update( &operation->ctx.mbedtls_ctx, 1436 input, 1437 input_length, 1438 output, 1439 output_size, 1440 output_length ) ); 1441 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1442 1443 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1444 #if defined(PSA_CRYPTO_DRIVER_TEST) 1445 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1446 return( mbedtls_test_transparent_cipher_update( 1447 &operation->ctx.transparent_test_driver_ctx, 1448 input, input_length, 1449 output, output_size, output_length ) ); 1450 1451 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1452 return( mbedtls_test_opaque_cipher_update( 1453 &operation->ctx.opaque_test_driver_ctx, 1454 input, input_length, 1455 output, output_size, output_length ) ); 1456 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1457 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1458 } 1459 1460 (void)input; 1461 (void)input_length; 1462 (void)output; 1463 (void)output_size; 1464 (void)output_length; 1465 1466 return( PSA_ERROR_INVALID_ARGUMENT ); 1467 } 1468 1469 static inline psa_status_t psa_driver_wrapper_cipher_finish( 1470 psa_cipher_operation_t *operation, 1471 uint8_t *output, 1472 size_t output_size, 1473 size_t *output_length ) 1474 { 1475 switch( operation->id ) 1476 { 1477 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1478 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1479 return( mbedtls_psa_cipher_finish( &operation->ctx.mbedtls_ctx, 1480 output, 1481 output_size, 1482 output_length ) ); 1483 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1484 1485 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1486 #if defined(PSA_CRYPTO_DRIVER_TEST) 1487 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1488 return( mbedtls_test_transparent_cipher_finish( 1489 &operation->ctx.transparent_test_driver_ctx, 1490 output, output_size, output_length ) ); 1491 1492 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1493 return( mbedtls_test_opaque_cipher_finish( 1494 &operation->ctx.opaque_test_driver_ctx, 1495 output, output_size, output_length ) ); 1496 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1497 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1498 } 1499 1500 (void)output; 1501 (void)output_size; 1502 (void)output_length; 1503 1504 return( PSA_ERROR_INVALID_ARGUMENT ); 1505 } 1506 1507 static inline psa_status_t psa_driver_wrapper_cipher_abort( 1508 psa_cipher_operation_t *operation ) 1509 { 1510 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1511 1512 switch( operation->id ) 1513 { 1514 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1515 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1516 return( mbedtls_psa_cipher_abort( &operation->ctx.mbedtls_ctx ) ); 1517 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1518 1519 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1520 #if defined(PSA_CRYPTO_DRIVER_TEST) 1521 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1522 status = mbedtls_test_transparent_cipher_abort( 1523 &operation->ctx.transparent_test_driver_ctx ); 1524 mbedtls_platform_zeroize( 1525 &operation->ctx.transparent_test_driver_ctx, 1526 sizeof( operation->ctx.transparent_test_driver_ctx ) ); 1527 return( status ); 1528 1529 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1530 status = mbedtls_test_opaque_cipher_abort( 1531 &operation->ctx.opaque_test_driver_ctx ); 1532 mbedtls_platform_zeroize( 1533 &operation->ctx.opaque_test_driver_ctx, 1534 sizeof( operation->ctx.opaque_test_driver_ctx ) ); 1535 return( status ); 1536 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1537 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1538 } 1539 1540 (void)status; 1541 return( PSA_ERROR_INVALID_ARGUMENT ); 1542 } 1543 1544 /* 1545 * Hashing functions 1546 */ 1547 static inline psa_status_t psa_driver_wrapper_hash_compute( 1548 psa_algorithm_t alg, 1549 const uint8_t *input, 1550 size_t input_length, 1551 uint8_t *hash, 1552 size_t hash_size, 1553 size_t *hash_length) 1554 { 1555 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1556 1557 /* Try accelerators first */ 1558 #if defined(PSA_CRYPTO_DRIVER_TEST) 1559 status = mbedtls_test_transparent_hash_compute( 1560 alg, input, input_length, hash, hash_size, hash_length ); 1561 if( status != PSA_ERROR_NOT_SUPPORTED ) 1562 return( status ); 1563 #endif 1564 1565 /* If software fallback is compiled in, try fallback */ 1566 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1567 status = mbedtls_psa_hash_compute( alg, input, input_length, 1568 hash, hash_size, hash_length ); 1569 if( status != PSA_ERROR_NOT_SUPPORTED ) 1570 return( status ); 1571 #endif 1572 (void) status; 1573 (void) alg; 1574 (void) input; 1575 (void) input_length; 1576 (void) hash; 1577 (void) hash_size; 1578 (void) hash_length; 1579 1580 return( PSA_ERROR_NOT_SUPPORTED ); 1581 } 1582 1583 static inline psa_status_t psa_driver_wrapper_hash_setup( 1584 psa_hash_operation_t *operation, 1585 psa_algorithm_t alg ) 1586 { 1587 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1588 1589 /* Try setup on accelerators first */ 1590 #if defined(PSA_CRYPTO_DRIVER_TEST) 1591 status = mbedtls_test_transparent_hash_setup( 1592 &operation->ctx.test_driver_ctx, alg ); 1593 if( status == PSA_SUCCESS ) 1594 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1595 1596 if( status != PSA_ERROR_NOT_SUPPORTED ) 1597 return( status ); 1598 #endif 1599 1600 /* If software fallback is compiled in, try fallback */ 1601 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1602 status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg ); 1603 if( status == PSA_SUCCESS ) 1604 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1605 1606 if( status != PSA_ERROR_NOT_SUPPORTED ) 1607 return( status ); 1608 #endif 1609 /* Nothing left to try if we fall through here */ 1610 (void) status; 1611 (void) operation; 1612 (void) alg; 1613 return( PSA_ERROR_NOT_SUPPORTED ); 1614 } 1615 1616 static inline psa_status_t psa_driver_wrapper_hash_clone( 1617 const psa_hash_operation_t *source_operation, 1618 psa_hash_operation_t *target_operation ) 1619 { 1620 switch( source_operation->id ) 1621 { 1622 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1623 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1624 target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1625 return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, 1626 &target_operation->ctx.mbedtls_ctx ) ); 1627 #endif 1628 #if defined(PSA_CRYPTO_DRIVER_TEST) 1629 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1630 target_operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1631 return( mbedtls_test_transparent_hash_clone( 1632 &source_operation->ctx.test_driver_ctx, 1633 &target_operation->ctx.test_driver_ctx ) ); 1634 #endif 1635 default: 1636 (void) target_operation; 1637 return( PSA_ERROR_BAD_STATE ); 1638 } 1639 } 1640 1641 static inline psa_status_t psa_driver_wrapper_hash_update( 1642 psa_hash_operation_t *operation, 1643 const uint8_t *input, 1644 size_t input_length ) 1645 { 1646 switch( operation->id ) 1647 { 1648 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1649 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1650 return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, 1651 input, input_length ) ); 1652 #endif 1653 #if defined(PSA_CRYPTO_DRIVER_TEST) 1654 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1655 return( mbedtls_test_transparent_hash_update( 1656 &operation->ctx.test_driver_ctx, 1657 input, input_length ) ); 1658 #endif 1659 default: 1660 (void) input; 1661 (void) input_length; 1662 return( PSA_ERROR_BAD_STATE ); 1663 } 1664 } 1665 1666 static inline psa_status_t psa_driver_wrapper_hash_finish( 1667 psa_hash_operation_t *operation, 1668 uint8_t *hash, 1669 size_t hash_size, 1670 size_t *hash_length ) 1671 { 1672 switch( operation->id ) 1673 { 1674 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1675 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1676 return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, 1677 hash, hash_size, hash_length ) ); 1678 #endif 1679 #if defined(PSA_CRYPTO_DRIVER_TEST) 1680 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1681 return( mbedtls_test_transparent_hash_finish( 1682 &operation->ctx.test_driver_ctx, 1683 hash, hash_size, hash_length ) ); 1684 #endif 1685 default: 1686 (void) hash; 1687 (void) hash_size; 1688 (void) hash_length; 1689 return( PSA_ERROR_BAD_STATE ); 1690 } 1691 } 1692 1693 static inline psa_status_t psa_driver_wrapper_hash_abort( 1694 psa_hash_operation_t *operation ) 1695 { 1696 switch( operation->id ) 1697 { 1698 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1699 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1700 return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); 1701 #endif 1702 #if defined(PSA_CRYPTO_DRIVER_TEST) 1703 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1704 return( mbedtls_test_transparent_hash_abort( 1705 &operation->ctx.test_driver_ctx ) ); 1706 #endif 1707 default: 1708 return( PSA_ERROR_BAD_STATE ); 1709 } 1710 } 1711 1712 static inline psa_status_t psa_driver_wrapper_aead_encrypt( 1713 const psa_key_attributes_t *attributes, 1714 const uint8_t *key_buffer, size_t key_buffer_size, 1715 psa_algorithm_t alg, 1716 const uint8_t *nonce, size_t nonce_length, 1717 const uint8_t *additional_data, size_t additional_data_length, 1718 const uint8_t *plaintext, size_t plaintext_length, 1719 uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) 1720 { 1721 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1722 psa_key_location_t location = 1723 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1724 1725 switch( location ) 1726 { 1727 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1728 /* Key is stored in the slot in export representation, so 1729 * cycle through all known transparent accelerators */ 1730 1731 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1732 #if defined(PSA_CRYPTO_DRIVER_TEST) 1733 status = mbedtls_test_transparent_aead_encrypt( 1734 attributes, key_buffer, key_buffer_size, 1735 alg, 1736 nonce, nonce_length, 1737 additional_data, additional_data_length, 1738 plaintext, plaintext_length, 1739 ciphertext, ciphertext_size, ciphertext_length ); 1740 /* Declared with fallback == true */ 1741 if( status != PSA_ERROR_NOT_SUPPORTED ) 1742 return( status ); 1743 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1744 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1745 1746 /* Fell through, meaning no accelerator supports this operation */ 1747 return( mbedtls_psa_aead_encrypt( 1748 attributes, key_buffer, key_buffer_size, 1749 alg, 1750 nonce, nonce_length, 1751 additional_data, additional_data_length, 1752 plaintext, plaintext_length, 1753 ciphertext, ciphertext_size, ciphertext_length ) ); 1754 1755 /* Add cases for opaque driver here */ 1756 1757 default: 1758 /* Key is declared with a lifetime not known to us */ 1759 (void)status; 1760 return( PSA_ERROR_INVALID_ARGUMENT ); 1761 } 1762 } 1763 1764 static inline psa_status_t psa_driver_wrapper_aead_decrypt( 1765 const psa_key_attributes_t *attributes, 1766 const uint8_t *key_buffer, size_t key_buffer_size, 1767 psa_algorithm_t alg, 1768 const uint8_t *nonce, size_t nonce_length, 1769 const uint8_t *additional_data, size_t additional_data_length, 1770 const uint8_t *ciphertext, size_t ciphertext_length, 1771 uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) 1772 { 1773 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1774 psa_key_location_t location = 1775 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1776 1777 switch( location ) 1778 { 1779 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1780 /* Key is stored in the slot in export representation, so 1781 * cycle through all known transparent accelerators */ 1782 1783 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1784 #if defined(PSA_CRYPTO_DRIVER_TEST) 1785 status = mbedtls_test_transparent_aead_decrypt( 1786 attributes, key_buffer, key_buffer_size, 1787 alg, 1788 nonce, nonce_length, 1789 additional_data, additional_data_length, 1790 ciphertext, ciphertext_length, 1791 plaintext, plaintext_size, plaintext_length ); 1792 /* Declared with fallback == true */ 1793 if( status != PSA_ERROR_NOT_SUPPORTED ) 1794 return( status ); 1795 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1796 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1797 1798 /* Fell through, meaning no accelerator supports this operation */ 1799 return( mbedtls_psa_aead_decrypt( 1800 attributes, key_buffer, key_buffer_size, 1801 alg, 1802 nonce, nonce_length, 1803 additional_data, additional_data_length, 1804 ciphertext, ciphertext_length, 1805 plaintext, plaintext_size, plaintext_length ) ); 1806 1807 /* Add cases for opaque driver here */ 1808 1809 default: 1810 /* Key is declared with a lifetime not known to us */ 1811 (void)status; 1812 return( PSA_ERROR_INVALID_ARGUMENT ); 1813 } 1814 } 1815 1816 static inline psa_status_t psa_driver_wrapper_aead_encrypt_setup( 1817 psa_aead_operation_t *operation, 1818 const psa_key_attributes_t *attributes, 1819 const uint8_t *key_buffer, size_t key_buffer_size, 1820 psa_algorithm_t alg ) 1821 { 1822 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1823 psa_key_location_t location = 1824 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1825 1826 switch( location ) 1827 { 1828 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1829 /* Key is stored in the slot in export representation, so 1830 * cycle through all known transparent accelerators */ 1831 1832 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1833 #if defined(PSA_CRYPTO_DRIVER_TEST) 1834 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1835 status = mbedtls_test_transparent_aead_encrypt_setup( 1836 &operation->ctx.transparent_test_driver_ctx, 1837 attributes, key_buffer, key_buffer_size, 1838 alg ); 1839 1840 /* Declared with fallback == true */ 1841 if( status != PSA_ERROR_NOT_SUPPORTED ) 1842 return( status ); 1843 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1844 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1845 1846 /* Fell through, meaning no accelerator supports this operation */ 1847 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1848 status = mbedtls_psa_aead_encrypt_setup( 1849 &operation->ctx.mbedtls_ctx, attributes, 1850 key_buffer, key_buffer_size, 1851 alg ); 1852 1853 return( status ); 1854 1855 /* Add cases for opaque driver here */ 1856 1857 default: 1858 /* Key is declared with a lifetime not known to us */ 1859 (void)status; 1860 return( PSA_ERROR_INVALID_ARGUMENT ); 1861 } 1862 } 1863 1864 static inline psa_status_t psa_driver_wrapper_aead_decrypt_setup( 1865 psa_aead_operation_t *operation, 1866 const psa_key_attributes_t *attributes, 1867 const uint8_t *key_buffer, size_t key_buffer_size, 1868 psa_algorithm_t alg ) 1869 { 1870 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1871 psa_key_location_t location = 1872 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1873 1874 switch( location ) 1875 { 1876 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1877 /* Key is stored in the slot in export representation, so 1878 * cycle through all known transparent accelerators */ 1879 1880 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1881 #if defined(PSA_CRYPTO_DRIVER_TEST) 1882 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1883 status = mbedtls_test_transparent_aead_decrypt_setup( 1884 &operation->ctx.transparent_test_driver_ctx, 1885 attributes, 1886 key_buffer, key_buffer_size, 1887 alg ); 1888 1889 /* Declared with fallback == true */ 1890 if( status != PSA_ERROR_NOT_SUPPORTED ) 1891 return( status ); 1892 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1893 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1894 1895 /* Fell through, meaning no accelerator supports this operation */ 1896 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1897 status = mbedtls_psa_aead_decrypt_setup( 1898 &operation->ctx.mbedtls_ctx, 1899 attributes, 1900 key_buffer, key_buffer_size, 1901 alg ); 1902 1903 return( status ); 1904 1905 /* Add cases for opaque driver here */ 1906 1907 default: 1908 /* Key is declared with a lifetime not known to us */ 1909 (void)status; 1910 return( PSA_ERROR_INVALID_ARGUMENT ); 1911 } 1912 } 1913 1914 static inline psa_status_t psa_driver_wrapper_aead_set_nonce( 1915 psa_aead_operation_t *operation, 1916 const uint8_t *nonce, 1917 size_t nonce_length ) 1918 { 1919 switch( operation->id ) 1920 { 1921 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 1922 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1923 return( mbedtls_psa_aead_set_nonce( &operation->ctx.mbedtls_ctx, 1924 nonce, 1925 nonce_length ) ); 1926 1927 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 1928 1929 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1930 #if defined(PSA_CRYPTO_DRIVER_TEST) 1931 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1932 return( mbedtls_test_transparent_aead_set_nonce( 1933 &operation->ctx.transparent_test_driver_ctx, 1934 nonce, nonce_length ) ); 1935 1936 /* Add cases for opaque driver here */ 1937 1938 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1939 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1940 } 1941 1942 (void)nonce; 1943 (void)nonce_length; 1944 1945 return( PSA_ERROR_INVALID_ARGUMENT ); 1946 } 1947 1948 static inline psa_status_t psa_driver_wrapper_aead_set_lengths( 1949 psa_aead_operation_t *operation, 1950 size_t ad_length, 1951 size_t plaintext_length ) 1952 { 1953 switch( operation->id ) 1954 { 1955 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 1956 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1957 return( mbedtls_psa_aead_set_lengths( &operation->ctx.mbedtls_ctx, 1958 ad_length, 1959 plaintext_length ) ); 1960 1961 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 1962 1963 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1964 #if defined(PSA_CRYPTO_DRIVER_TEST) 1965 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1966 return( mbedtls_test_transparent_aead_set_lengths( 1967 &operation->ctx.transparent_test_driver_ctx, 1968 ad_length, plaintext_length ) ); 1969 1970 /* Add cases for opaque driver here */ 1971 1972 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1973 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1974 } 1975 1976 (void)ad_length; 1977 (void)plaintext_length; 1978 1979 return( PSA_ERROR_INVALID_ARGUMENT ); 1980 } 1981 1982 static inline psa_status_t psa_driver_wrapper_aead_update_ad( 1983 psa_aead_operation_t *operation, 1984 const uint8_t *input, 1985 size_t input_length ) 1986 { 1987 switch( operation->id ) 1988 { 1989 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 1990 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1991 return( mbedtls_psa_aead_update_ad( &operation->ctx.mbedtls_ctx, 1992 input, 1993 input_length ) ); 1994 1995 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 1996 1997 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1998 #if defined(PSA_CRYPTO_DRIVER_TEST) 1999 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2000 return( mbedtls_test_transparent_aead_update_ad( 2001 &operation->ctx.transparent_test_driver_ctx, 2002 input, input_length ) ); 2003 2004 /* Add cases for opaque driver here */ 2005 2006 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2007 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2008 } 2009 2010 (void)input; 2011 (void)input_length; 2012 2013 return( PSA_ERROR_INVALID_ARGUMENT ); 2014 } 2015 2016 static inline psa_status_t psa_driver_wrapper_aead_update( 2017 psa_aead_operation_t *operation, 2018 const uint8_t *input, 2019 size_t input_length, 2020 uint8_t *output, 2021 size_t output_size, 2022 size_t *output_length ) 2023 { 2024 switch( operation->id ) 2025 { 2026 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 2027 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2028 return( mbedtls_psa_aead_update( &operation->ctx.mbedtls_ctx, 2029 input, input_length, 2030 output, output_size, 2031 output_length ) ); 2032 2033 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 2034 2035 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2036 #if defined(PSA_CRYPTO_DRIVER_TEST) 2037 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2038 return( mbedtls_test_transparent_aead_update( 2039 &operation->ctx.transparent_test_driver_ctx, 2040 input, input_length, output, output_size, 2041 output_length ) ); 2042 2043 /* Add cases for opaque driver here */ 2044 2045 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2046 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2047 } 2048 2049 (void)input; 2050 (void)input_length; 2051 (void)output; 2052 (void)output_size; 2053 (void)output_length; 2054 2055 return( PSA_ERROR_INVALID_ARGUMENT ); 2056 } 2057 2058 static inline psa_status_t psa_driver_wrapper_aead_finish( 2059 psa_aead_operation_t *operation, 2060 uint8_t *ciphertext, 2061 size_t ciphertext_size, 2062 size_t *ciphertext_length, 2063 uint8_t *tag, 2064 size_t tag_size, 2065 size_t *tag_length ) 2066 { 2067 switch( operation->id ) 2068 { 2069 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 2070 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2071 return( mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx, 2072 ciphertext, 2073 ciphertext_size, 2074 ciphertext_length, tag, 2075 tag_size, tag_length ) ); 2076 2077 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 2078 2079 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2080 #if defined(PSA_CRYPTO_DRIVER_TEST) 2081 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2082 return( mbedtls_test_transparent_aead_finish( 2083 &operation->ctx.transparent_test_driver_ctx, 2084 ciphertext, ciphertext_size, 2085 ciphertext_length, tag, tag_size, tag_length ) ); 2086 2087 /* Add cases for opaque driver here */ 2088 2089 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2090 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2091 } 2092 2093 (void)ciphertext; 2094 (void)ciphertext_size; 2095 (void)ciphertext_length; 2096 (void)tag; 2097 (void)tag_size; 2098 (void)tag_length; 2099 2100 return( PSA_ERROR_INVALID_ARGUMENT ); 2101 } 2102 2103 static inline psa_status_t psa_driver_wrapper_aead_verify( 2104 psa_aead_operation_t *operation, 2105 uint8_t *plaintext, 2106 size_t plaintext_size, 2107 size_t *plaintext_length, 2108 const uint8_t *tag, 2109 size_t tag_length ) 2110 { 2111 switch( operation->id ) 2112 { 2113 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 2114 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2115 { 2116 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2117 uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE]; 2118 size_t check_tag_length; 2119 2120 status = mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx, 2121 plaintext, 2122 plaintext_size, 2123 plaintext_length, 2124 check_tag, 2125 sizeof( check_tag ), 2126 &check_tag_length ); 2127 2128 if( status == PSA_SUCCESS ) 2129 { 2130 if( tag_length != check_tag_length || 2131 mbedtls_ct_memcmp( tag, check_tag, tag_length ) 2132 != 0 ) 2133 status = PSA_ERROR_INVALID_SIGNATURE; 2134 } 2135 2136 mbedtls_platform_zeroize( check_tag, sizeof( check_tag ) ); 2137 2138 return( status ); 2139 } 2140 2141 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 2142 2143 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2144 #if defined(PSA_CRYPTO_DRIVER_TEST) 2145 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2146 return( mbedtls_test_transparent_aead_verify( 2147 &operation->ctx.transparent_test_driver_ctx, 2148 plaintext, plaintext_size, 2149 plaintext_length, tag, tag_length ) ); 2150 2151 /* Add cases for opaque driver here */ 2152 2153 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2154 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2155 } 2156 2157 (void)plaintext; 2158 (void)plaintext_size; 2159 (void)plaintext_length; 2160 (void)tag; 2161 (void)tag_length; 2162 2163 return( PSA_ERROR_INVALID_ARGUMENT ); 2164 } 2165 2166 static inline psa_status_t psa_driver_wrapper_aead_abort( 2167 psa_aead_operation_t *operation ) 2168 { 2169 switch( operation->id ) 2170 { 2171 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 2172 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2173 return( mbedtls_psa_aead_abort( &operation->ctx.mbedtls_ctx ) ); 2174 2175 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 2176 2177 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2178 #if defined(PSA_CRYPTO_DRIVER_TEST) 2179 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2180 return( mbedtls_test_transparent_aead_abort( 2181 &operation->ctx.transparent_test_driver_ctx ) ); 2182 2183 /* Add cases for opaque driver here */ 2184 2185 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2186 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2187 } 2188 2189 return( PSA_ERROR_INVALID_ARGUMENT ); 2190 } 2191 2192 /* 2193 * MAC functions 2194 */ 2195 static inline psa_status_t psa_driver_wrapper_mac_compute( 2196 const psa_key_attributes_t *attributes, 2197 const uint8_t *key_buffer, 2198 size_t key_buffer_size, 2199 psa_algorithm_t alg, 2200 const uint8_t *input, 2201 size_t input_length, 2202 uint8_t *mac, 2203 size_t mac_size, 2204 size_t *mac_length ) 2205 { 2206 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2207 psa_key_location_t location = 2208 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2209 2210 switch( location ) 2211 { 2212 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2213 /* Key is stored in the slot in export representation, so 2214 * cycle through all known transparent accelerators */ 2215 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2216 #if defined(PSA_CRYPTO_DRIVER_TEST) 2217 status = mbedtls_test_transparent_mac_compute( 2218 attributes, key_buffer, key_buffer_size, alg, 2219 input, input_length, 2220 mac, mac_size, mac_length ); 2221 /* Declared with fallback == true */ 2222 if( status != PSA_ERROR_NOT_SUPPORTED ) 2223 return( status ); 2224 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2225 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2226 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2227 /* Fell through, meaning no accelerator supports this operation */ 2228 status = mbedtls_psa_mac_compute( 2229 attributes, key_buffer, key_buffer_size, alg, 2230 input, input_length, 2231 mac, mac_size, mac_length ); 2232 if( status != PSA_ERROR_NOT_SUPPORTED ) 2233 return( status ); 2234 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2235 return( PSA_ERROR_NOT_SUPPORTED ); 2236 2237 /* Add cases for opaque driver here */ 2238 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2239 #if defined(PSA_CRYPTO_DRIVER_TEST) 2240 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2241 status = mbedtls_test_opaque_mac_compute( 2242 attributes, key_buffer, key_buffer_size, alg, 2243 input, input_length, 2244 mac, mac_size, mac_length ); 2245 return( status ); 2246 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2247 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2248 default: 2249 /* Key is declared with a lifetime not known to us */ 2250 (void) key_buffer; 2251 (void) key_buffer_size; 2252 (void) alg; 2253 (void) input; 2254 (void) input_length; 2255 (void) mac; 2256 (void) mac_size; 2257 (void) mac_length; 2258 (void) status; 2259 return( PSA_ERROR_INVALID_ARGUMENT ); 2260 } 2261 } 2262 2263 static inline psa_status_t psa_driver_wrapper_mac_sign_setup( 2264 psa_mac_operation_t *operation, 2265 const psa_key_attributes_t *attributes, 2266 const uint8_t *key_buffer, 2267 size_t key_buffer_size, 2268 psa_algorithm_t alg ) 2269 { 2270 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2271 psa_key_location_t location = 2272 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2273 2274 switch( location ) 2275 { 2276 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2277 /* Key is stored in the slot in export representation, so 2278 * cycle through all known transparent accelerators */ 2279 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2280 #if defined(PSA_CRYPTO_DRIVER_TEST) 2281 status = mbedtls_test_transparent_mac_sign_setup( 2282 &operation->ctx.transparent_test_driver_ctx, 2283 attributes, 2284 key_buffer, key_buffer_size, 2285 alg ); 2286 /* Declared with fallback == true */ 2287 if( status == PSA_SUCCESS ) 2288 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 2289 2290 if( status != PSA_ERROR_NOT_SUPPORTED ) 2291 return( status ); 2292 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2293 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2294 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2295 /* Fell through, meaning no accelerator supports this operation */ 2296 status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx, 2297 attributes, 2298 key_buffer, key_buffer_size, 2299 alg ); 2300 if( status == PSA_SUCCESS ) 2301 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 2302 2303 if( status != PSA_ERROR_NOT_SUPPORTED ) 2304 return( status ); 2305 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2306 return( PSA_ERROR_NOT_SUPPORTED ); 2307 2308 /* Add cases for opaque driver here */ 2309 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2310 #if defined(PSA_CRYPTO_DRIVER_TEST) 2311 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2312 status = mbedtls_test_opaque_mac_sign_setup( 2313 &operation->ctx.opaque_test_driver_ctx, 2314 attributes, 2315 key_buffer, key_buffer_size, 2316 alg ); 2317 2318 if( status == PSA_SUCCESS ) 2319 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 2320 2321 return( status ); 2322 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2323 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2324 default: 2325 /* Key is declared with a lifetime not known to us */ 2326 (void) status; 2327 (void) operation; 2328 (void) key_buffer; 2329 (void) key_buffer_size; 2330 (void) alg; 2331 return( PSA_ERROR_INVALID_ARGUMENT ); 2332 } 2333 } 2334 2335 static inline psa_status_t psa_driver_wrapper_mac_verify_setup( 2336 psa_mac_operation_t *operation, 2337 const psa_key_attributes_t *attributes, 2338 const uint8_t *key_buffer, 2339 size_t key_buffer_size, 2340 psa_algorithm_t alg ) 2341 { 2342 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2343 psa_key_location_t location = 2344 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2345 2346 switch( location ) 2347 { 2348 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2349 /* Key is stored in the slot in export representation, so 2350 * cycle through all known transparent accelerators */ 2351 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2352 #if defined(PSA_CRYPTO_DRIVER_TEST) 2353 status = mbedtls_test_transparent_mac_verify_setup( 2354 &operation->ctx.transparent_test_driver_ctx, 2355 attributes, 2356 key_buffer, key_buffer_size, 2357 alg ); 2358 /* Declared with fallback == true */ 2359 if( status == PSA_SUCCESS ) 2360 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 2361 2362 if( status != PSA_ERROR_NOT_SUPPORTED ) 2363 return( status ); 2364 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2365 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2366 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2367 /* Fell through, meaning no accelerator supports this operation */ 2368 status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx, 2369 attributes, 2370 key_buffer, key_buffer_size, 2371 alg ); 2372 if( status == PSA_SUCCESS ) 2373 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 2374 2375 if( status != PSA_ERROR_NOT_SUPPORTED ) 2376 return( status ); 2377 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2378 return( PSA_ERROR_NOT_SUPPORTED ); 2379 2380 /* Add cases for opaque driver here */ 2381 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2382 #if defined(PSA_CRYPTO_DRIVER_TEST) 2383 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2384 status = mbedtls_test_opaque_mac_verify_setup( 2385 &operation->ctx.opaque_test_driver_ctx, 2386 attributes, 2387 key_buffer, key_buffer_size, 2388 alg ); 2389 2390 if( status == PSA_SUCCESS ) 2391 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 2392 2393 return( status ); 2394 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2395 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2396 default: 2397 /* Key is declared with a lifetime not known to us */ 2398 (void) status; 2399 (void) operation; 2400 (void) key_buffer; 2401 (void) key_buffer_size; 2402 (void) alg; 2403 return( PSA_ERROR_INVALID_ARGUMENT ); 2404 } 2405 } 2406 2407 static inline psa_status_t psa_driver_wrapper_mac_update( 2408 psa_mac_operation_t *operation, 2409 const uint8_t *input, 2410 size_t input_length ) 2411 { 2412 switch( operation->id ) 2413 { 2414 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2415 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2416 return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx, 2417 input, input_length ) ); 2418 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2419 2420 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2421 #if defined(PSA_CRYPTO_DRIVER_TEST) 2422 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2423 return( mbedtls_test_transparent_mac_update( 2424 &operation->ctx.transparent_test_driver_ctx, 2425 input, input_length ) ); 2426 2427 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2428 return( mbedtls_test_opaque_mac_update( 2429 &operation->ctx.opaque_test_driver_ctx, 2430 input, input_length ) ); 2431 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2432 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2433 default: 2434 (void) input; 2435 (void) input_length; 2436 return( PSA_ERROR_INVALID_ARGUMENT ); 2437 } 2438 } 2439 2440 static inline psa_status_t psa_driver_wrapper_mac_sign_finish( 2441 psa_mac_operation_t *operation, 2442 uint8_t *mac, 2443 size_t mac_size, 2444 size_t *mac_length ) 2445 { 2446 switch( operation->id ) 2447 { 2448 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2449 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2450 return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx, 2451 mac, mac_size, mac_length ) ); 2452 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2453 2454 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2455 #if defined(PSA_CRYPTO_DRIVER_TEST) 2456 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2457 return( mbedtls_test_transparent_mac_sign_finish( 2458 &operation->ctx.transparent_test_driver_ctx, 2459 mac, mac_size, mac_length ) ); 2460 2461 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2462 return( mbedtls_test_opaque_mac_sign_finish( 2463 &operation->ctx.opaque_test_driver_ctx, 2464 mac, mac_size, mac_length ) ); 2465 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2466 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2467 default: 2468 (void) mac; 2469 (void) mac_size; 2470 (void) mac_length; 2471 return( PSA_ERROR_INVALID_ARGUMENT ); 2472 } 2473 } 2474 2475 static inline psa_status_t psa_driver_wrapper_mac_verify_finish( 2476 psa_mac_operation_t *operation, 2477 const uint8_t *mac, 2478 size_t mac_length ) 2479 { 2480 switch( operation->id ) 2481 { 2482 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2483 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2484 return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx, 2485 mac, mac_length ) ); 2486 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2487 2488 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2489 #if defined(PSA_CRYPTO_DRIVER_TEST) 2490 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2491 return( mbedtls_test_transparent_mac_verify_finish( 2492 &operation->ctx.transparent_test_driver_ctx, 2493 mac, mac_length ) ); 2494 2495 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2496 return( mbedtls_test_opaque_mac_verify_finish( 2497 &operation->ctx.opaque_test_driver_ctx, 2498 mac, mac_length ) ); 2499 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2500 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2501 default: 2502 (void) mac; 2503 (void) mac_length; 2504 return( PSA_ERROR_INVALID_ARGUMENT ); 2505 } 2506 } 2507 2508 static inline psa_status_t psa_driver_wrapper_mac_abort( 2509 psa_mac_operation_t *operation ) 2510 { 2511 switch( operation->id ) 2512 { 2513 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2514 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2515 return( mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ) ); 2516 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2517 2518 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2519 #if defined(PSA_CRYPTO_DRIVER_TEST) 2520 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2521 return( mbedtls_test_transparent_mac_abort( 2522 &operation->ctx.transparent_test_driver_ctx ) ); 2523 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2524 return( mbedtls_test_opaque_mac_abort( 2525 &operation->ctx.opaque_test_driver_ctx ) ); 2526 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2527 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2528 default: 2529 return( PSA_ERROR_INVALID_ARGUMENT ); 2530 } 2531 } 2532 2533 /* 2534 * Asymmetric cryptography 2535 */ 2536 static inline psa_status_t psa_driver_wrapper_asymmetric_encrypt( 2537 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 2538 size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, 2539 size_t input_length, const uint8_t *salt, size_t salt_length, 2540 uint8_t *output, size_t output_size, size_t *output_length ) 2541 { 2542 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2543 psa_key_location_t location = 2544 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2545 2546 switch( location ) 2547 { 2548 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2549 /* Key is stored in the slot in export representation, so 2550 * cycle through all known transparent accelerators */ 2551 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2552 #if defined(PSA_CRYPTO_DRIVER_TEST) 2553 status = mbedtls_test_transparent_asymmetric_encrypt( attributes, 2554 key_buffer, key_buffer_size, alg, input, input_length, 2555 salt, salt_length, output, output_size, 2556 output_length ); 2557 /* Declared with fallback == true */ 2558 if( status != PSA_ERROR_NOT_SUPPORTED ) 2559 return( status ); 2560 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2561 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2562 return( mbedtls_psa_asymmetric_encrypt( attributes, 2563 key_buffer, key_buffer_size, alg, input, input_length, 2564 salt, salt_length, output, output_size, output_length ) 2565 ); 2566 /* Add cases for opaque driver here */ 2567 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2568 #if defined(PSA_CRYPTO_DRIVER_TEST) 2569 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2570 return( mbedtls_test_opaque_asymmetric_encrypt( attributes, 2571 key_buffer, key_buffer_size, alg, input, input_length, 2572 salt, salt_length, output, output_size, output_length ) 2573 ); 2574 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2575 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2576 2577 default: 2578 /* Key is declared with a lifetime not known to us */ 2579 (void)status; 2580 (void)key_buffer; 2581 (void)key_buffer_size; 2582 (void)alg; 2583 (void)input; 2584 (void)input_length; 2585 (void)salt; 2586 (void)salt_length; 2587 (void)output; 2588 (void)output_size; 2589 (void)output_length; 2590 return( PSA_ERROR_INVALID_ARGUMENT ); 2591 } 2592 } 2593 2594 static inline psa_status_t psa_driver_wrapper_asymmetric_decrypt( 2595 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 2596 size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, 2597 size_t input_length, const uint8_t *salt, size_t salt_length, 2598 uint8_t *output, size_t output_size, size_t *output_length ) 2599 { 2600 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2601 psa_key_location_t location = 2602 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2603 2604 switch( location ) 2605 { 2606 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2607 /* Key is stored in the slot in export representation, so 2608 * cycle through all known transparent accelerators */ 2609 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2610 #if defined(PSA_CRYPTO_DRIVER_TEST) 2611 status = mbedtls_test_transparent_asymmetric_decrypt( attributes, 2612 key_buffer, key_buffer_size, alg, input, input_length, 2613 salt, salt_length, output, output_size, 2614 output_length ); 2615 /* Declared with fallback == true */ 2616 if( status != PSA_ERROR_NOT_SUPPORTED ) 2617 return( status ); 2618 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2619 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2620 return( mbedtls_psa_asymmetric_decrypt( attributes, 2621 key_buffer, key_buffer_size, alg,input, input_length, 2622 salt, salt_length, output, output_size, 2623 output_length ) ); 2624 /* Add cases for opaque driver here */ 2625 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2626 #if defined(PSA_CRYPTO_DRIVER_TEST) 2627 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2628 return( mbedtls_test_opaque_asymmetric_decrypt( attributes, 2629 key_buffer, key_buffer_size, alg, input, input_length, 2630 salt, salt_length, output, output_size, 2631 output_length ) ); 2632 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2633 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2634 2635 default: 2636 /* Key is declared with a lifetime not known to us */ 2637 (void)status; 2638 (void)key_buffer; 2639 (void)key_buffer_size; 2640 (void)alg; 2641 (void)input; 2642 (void)input_length; 2643 (void)salt; 2644 (void)salt_length; 2645 (void)output; 2646 (void)output_size; 2647 (void)output_length; 2648 return( PSA_ERROR_INVALID_ARGUMENT ); 2649 } 2650 } 2651 2652 static inline psa_status_t psa_driver_wrapper_key_agreement( 2653 const psa_key_attributes_t *attributes, 2654 const uint8_t *key_buffer, 2655 size_t key_buffer_size, 2656 psa_algorithm_t alg, 2657 const uint8_t *peer_key, 2658 size_t peer_key_length, 2659 uint8_t *shared_secret, 2660 size_t shared_secret_size, 2661 size_t *shared_secret_length 2662 ) 2663 { 2664 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2665 psa_key_location_t location = 2666 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2667 2668 switch( location ) 2669 { 2670 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2671 /* Key is stored in the slot in export representation, so 2672 * cycle through all known transparent accelerators */ 2673 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2674 #if defined(PSA_CRYPTO_DRIVER_TEST) 2675 status = 2676 mbedtls_test_transparent_key_agreement( attributes, 2677 key_buffer, key_buffer_size, alg, peer_key, 2678 peer_key_length, shared_secret, shared_secret_size, 2679 shared_secret_length ); 2680 if( status != PSA_ERROR_NOT_SUPPORTED ) 2681 return( status ); 2682 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2683 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) 2684 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 2685 PSA_ALG_IS_ECDH(alg) && 2686 PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 && 2687 psa_get_key_bits(attributes) == 256 ) 2688 { 2689 status = p256_transparent_key_agreement( attributes, 2690 key_buffer, 2691 key_buffer_size, 2692 alg, 2693 peer_key, 2694 peer_key_length, 2695 shared_secret, 2696 shared_secret_size, 2697 shared_secret_length ); 2698 if( status != PSA_ERROR_NOT_SUPPORTED) 2699 return( status ); 2700 } 2701 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 2702 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2703 2704 /* Software Fallback */ 2705 status = psa_key_agreement_raw_builtin( attributes, 2706 key_buffer, 2707 key_buffer_size, 2708 alg, 2709 peer_key, 2710 peer_key_length, 2711 shared_secret, 2712 shared_secret_size, 2713 shared_secret_length ); 2714 return( status ); 2715 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2716 #if defined(PSA_CRYPTO_DRIVER_TEST) 2717 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2718 return( mbedtls_test_opaque_key_agreement( attributes, 2719 key_buffer, key_buffer_size, alg, peer_key, 2720 peer_key_length, shared_secret, shared_secret_size, 2721 shared_secret_length ) ); 2722 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2723 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2724 2725 default: 2726 (void) attributes; 2727 (void) key_buffer; 2728 (void) key_buffer_size; 2729 (void) peer_key; 2730 (void) peer_key_length; 2731 (void) shared_secret; 2732 (void) shared_secret_size; 2733 (void) shared_secret_length; 2734 return( PSA_ERROR_NOT_SUPPORTED ); 2735 2736 } 2737 } 2738 2739 static inline psa_status_t psa_driver_wrapper_pake_setup( 2740 psa_pake_operation_t *operation, 2741 const psa_crypto_driver_pake_inputs_t *inputs ) 2742 { 2743 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2744 2745 psa_key_location_t location = 2746 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( &inputs->attributes ) ); 2747 2748 switch( location ) 2749 { 2750 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2751 /* Key is stored in the slot in export representation, so 2752 * cycle through all known transparent accelerators */ 2753 status = PSA_ERROR_NOT_SUPPORTED; 2754 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2755 #if defined(PSA_CRYPTO_DRIVER_TEST) 2756 status = mbedtls_test_transparent_pake_setup( 2757 &operation->data.ctx.transparent_test_driver_ctx, 2758 inputs ); 2759 if( status == PSA_SUCCESS ) 2760 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 2761 /* Declared with fallback == true */ 2762 if( status != PSA_ERROR_NOT_SUPPORTED ) 2763 return( status ); 2764 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2765 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2766 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2767 status = mbedtls_psa_pake_setup( &operation->data.ctx.mbedtls_ctx, 2768 inputs ); 2769 if( status == PSA_SUCCESS ) 2770 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 2771 #endif 2772 return status; 2773 /* Add cases for opaque driver here */ 2774 default: 2775 /* Key is declared with a lifetime not known to us */ 2776 (void)operation; 2777 return( PSA_ERROR_INVALID_ARGUMENT ); 2778 } 2779 } 2780 2781 static inline psa_status_t psa_driver_wrapper_pake_output( 2782 psa_pake_operation_t *operation, 2783 psa_crypto_driver_pake_step_t step, 2784 uint8_t *output, 2785 size_t output_size, 2786 size_t *output_length ) 2787 { 2788 switch( operation->id ) 2789 { 2790 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2791 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2792 return( mbedtls_psa_pake_output( &operation->data.ctx.mbedtls_ctx, step, 2793 output, output_size, output_length ) ); 2794 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2795 2796 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2797 #if defined(PSA_CRYPTO_DRIVER_TEST) 2798 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2799 return( mbedtls_test_transparent_pake_output( 2800 &operation->data.ctx.transparent_test_driver_ctx, 2801 step, output, output_size, output_length ) ); 2802 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2803 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2804 default: 2805 (void) step; 2806 (void) output; 2807 (void) output_size; 2808 (void) output_length; 2809 return( PSA_ERROR_INVALID_ARGUMENT ); 2810 } 2811 } 2812 2813 static inline psa_status_t psa_driver_wrapper_pake_input( 2814 psa_pake_operation_t *operation, 2815 psa_crypto_driver_pake_step_t step, 2816 const uint8_t *input, 2817 size_t input_length ) 2818 { 2819 switch( operation->id ) 2820 { 2821 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2822 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2823 return( mbedtls_psa_pake_input( &operation->data.ctx.mbedtls_ctx, 2824 step, input, 2825 input_length ) ); 2826 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2827 2828 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2829 #if defined(PSA_CRYPTO_DRIVER_TEST) 2830 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2831 return( mbedtls_test_transparent_pake_input( 2832 &operation->data.ctx.transparent_test_driver_ctx, 2833 step, 2834 input, input_length ) ); 2835 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2836 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2837 default: 2838 (void) step; 2839 (void) input; 2840 (void) input_length; 2841 return( PSA_ERROR_INVALID_ARGUMENT ); 2842 } 2843 } 2844 2845 static inline psa_status_t psa_driver_wrapper_pake_get_implicit_key( 2846 psa_pake_operation_t *operation, 2847 uint8_t *output, size_t output_size, 2848 size_t *output_length ) 2849 { 2850 switch( operation->id ) 2851 { 2852 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2853 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2854 return( mbedtls_psa_pake_get_implicit_key( &operation->data.ctx.mbedtls_ctx, 2855 output, output_size, output_length ) ); 2856 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2857 2858 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2859 #if defined(PSA_CRYPTO_DRIVER_TEST) 2860 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2861 return( mbedtls_test_transparent_pake_get_implicit_key( 2862 &operation->data.ctx.transparent_test_driver_ctx, 2863 output, output_size, output_length ) ); 2864 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2865 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2866 default: 2867 (void) output; 2868 (void) output_size; 2869 (void) output_length; 2870 return( PSA_ERROR_INVALID_ARGUMENT ); 2871 } 2872 } 2873 2874 static inline psa_status_t psa_driver_wrapper_pake_abort( 2875 psa_pake_operation_t * operation ) 2876 { 2877 switch( operation->id ) 2878 { 2879 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2880 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2881 return( mbedtls_psa_pake_abort( &operation->data.ctx.mbedtls_ctx ) ); 2882 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2883 2884 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2885 #if defined(PSA_CRYPTO_DRIVER_TEST) 2886 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2887 return( mbedtls_test_transparent_pake_abort( 2888 &operation->data.ctx.transparent_test_driver_ctx ) ); 2889 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2890 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2891 default: 2892 return( PSA_ERROR_INVALID_ARGUMENT ); 2893 } 2894 } 2895 2896 #endif /* MBEDTLS_PSA_CRYPTO_C */