psa_crypto_driver_wrappers.h.jinja (106957B)
1 /* 2 * Functions to delegate cryptographic operations to an available 3 * and appropriate accelerator. 4 * Warning: This file is now auto-generated. 5 */ 6 /* Copyright The Mbed TLS Contributors 7 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 8 */ 9 10 11 /* BEGIN-common headers */ 12 #include "common.h" 13 #include "psa_crypto_aead.h" 14 #include "psa_crypto_cipher.h" 15 #include "psa_crypto_core.h" 16 #include "psa_crypto_driver_wrappers_no_static.h" 17 #include "psa_crypto_hash.h" 18 #include "psa_crypto_mac.h" 19 #include "psa_crypto_pake.h" 20 #include "psa_crypto_rsa.h" 21 22 #include "mbedtls/platform.h" 23 #include "mbedtls/constant_time.h" 24 /* END-common headers */ 25 26 #if defined(MBEDTLS_PSA_CRYPTO_C) 27 28 /* BEGIN-driver headers */ 29 {% for driver in drivers -%} 30 /* Headers for {{driver.prefix}} {{driver.type}} driver */ 31 {% if driver['mbedtls/h_condition'] is defined -%} 32 #if {{ driver['mbedtls/h_condition'] }} 33 {% endif -%} 34 {% for header in driver.headers -%} 35 #include "{{ header }}" 36 {% endfor %} 37 {% if driver['mbedtls/h_condition'] is defined -%} 38 #endif 39 {% endif -%} 40 {% endfor %} 41 /* END-driver headers */ 42 43 /* Auto-generated values depending on which drivers are registered. 44 * ID 0 is reserved for unallocated operations. 45 * ID 1 is reserved for the Mbed TLS software driver. */ 46 /* BEGIN-driver id definition */ 47 #define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) 48 {% for driver in drivers -%} 49 #define {{(driver.prefix + "_" + driver.type + "_driver_id").upper()}} ({{ loop.index + 1 }}) 50 {% endfor %} 51 /* END-driver id */ 52 53 /* BEGIN-Common Macro definitions */ 54 {% macro entry_point_name(capability, entry_point, driver) -%} 55 {% if capability.name is defined and entry_point in capability.names.keys() -%} 56 {{ capability.names[entry_point]}} 57 {% else -%} 58 {{driver.prefix}}_{{driver.type}}_{{entry_point}} 59 {% endif -%} 60 {% endmacro %} 61 /* END-Common Macro definitions */ 62 63 /* Support the 'old' SE interface when asked to */ 64 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 65 /* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style 66 * SE driver is present, to avoid unused argument errors at compile time. */ 67 #ifndef PSA_CRYPTO_DRIVER_PRESENT 68 #define PSA_CRYPTO_DRIVER_PRESENT 69 #endif 70 #include "psa_crypto_se.h" 71 #endif 72 73 static inline psa_status_t psa_driver_wrapper_init( void ) 74 { 75 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 76 77 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 78 status = psa_init_all_se_drivers( ); 79 if( status != PSA_SUCCESS ) 80 return( status ); 81 #endif 82 83 #if defined(PSA_CRYPTO_DRIVER_TEST) 84 status = mbedtls_test_transparent_init( ); 85 if( status != PSA_SUCCESS ) 86 return( status ); 87 88 status = mbedtls_test_opaque_init( ); 89 if( status != PSA_SUCCESS ) 90 return( status ); 91 #endif 92 93 (void) status; 94 return( PSA_SUCCESS ); 95 } 96 97 static inline void psa_driver_wrapper_free( void ) 98 { 99 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 100 /* Unregister all secure element drivers, so that we restart from 101 * a pristine state. */ 102 psa_unregister_all_se_drivers( ); 103 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 104 105 #if defined(PSA_CRYPTO_DRIVER_TEST) 106 mbedtls_test_transparent_free( ); 107 mbedtls_test_opaque_free( ); 108 #endif 109 } 110 111 /* Start delegation functions */ 112 static inline psa_status_t psa_driver_wrapper_sign_message( 113 const psa_key_attributes_t *attributes, 114 const uint8_t *key_buffer, 115 size_t key_buffer_size, 116 psa_algorithm_t alg, 117 const uint8_t *input, 118 size_t input_length, 119 uint8_t *signature, 120 size_t signature_size, 121 size_t *signature_length ) 122 { 123 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 124 psa_key_location_t location = 125 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 126 127 switch( location ) 128 { 129 case PSA_KEY_LOCATION_LOCAL_STORAGE: 130 /* Key is stored in the slot in export representation, so 131 * cycle through all known transparent accelerators */ 132 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 133 #if defined(PSA_CRYPTO_DRIVER_TEST) 134 status = mbedtls_test_transparent_signature_sign_message( 135 attributes, 136 key_buffer, 137 key_buffer_size, 138 alg, 139 input, 140 input_length, 141 signature, 142 signature_size, 143 signature_length ); 144 /* Declared with fallback == true */ 145 if( status != PSA_ERROR_NOT_SUPPORTED ) 146 return( status ); 147 #endif /* PSA_CRYPTO_DRIVER_TEST */ 148 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 149 break; 150 151 /* Add cases for opaque driver here */ 152 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 153 #if defined(PSA_CRYPTO_DRIVER_TEST) 154 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 155 status = mbedtls_test_opaque_signature_sign_message( 156 attributes, 157 key_buffer, 158 key_buffer_size, 159 alg, 160 input, 161 input_length, 162 signature, 163 signature_size, 164 signature_length ); 165 if( status != PSA_ERROR_NOT_SUPPORTED ) 166 return( status ); 167 break; 168 #endif /* PSA_CRYPTO_DRIVER_TEST */ 169 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 170 default: 171 /* Key is declared with a lifetime not known to us */ 172 (void)status; 173 break; 174 } 175 176 return( psa_sign_message_builtin( attributes, 177 key_buffer, 178 key_buffer_size, 179 alg, 180 input, 181 input_length, 182 signature, 183 signature_size, 184 signature_length ) ); 185 } 186 187 static inline psa_status_t psa_driver_wrapper_verify_message( 188 const psa_key_attributes_t *attributes, 189 const uint8_t *key_buffer, 190 size_t key_buffer_size, 191 psa_algorithm_t alg, 192 const uint8_t *input, 193 size_t input_length, 194 const uint8_t *signature, 195 size_t signature_length ) 196 { 197 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 198 psa_key_location_t location = 199 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 200 201 switch( location ) 202 { 203 case PSA_KEY_LOCATION_LOCAL_STORAGE: 204 /* Key is stored in the slot in export representation, so 205 * cycle through all known transparent accelerators */ 206 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 207 #if defined(PSA_CRYPTO_DRIVER_TEST) 208 status = mbedtls_test_transparent_signature_verify_message( 209 attributes, 210 key_buffer, 211 key_buffer_size, 212 alg, 213 input, 214 input_length, 215 signature, 216 signature_length ); 217 /* Declared with fallback == true */ 218 if( status != PSA_ERROR_NOT_SUPPORTED ) 219 return( status ); 220 #endif /* PSA_CRYPTO_DRIVER_TEST */ 221 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 222 break; 223 224 /* Add cases for opaque driver here */ 225 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 226 #if defined(PSA_CRYPTO_DRIVER_TEST) 227 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 228 return( mbedtls_test_opaque_signature_verify_message( 229 attributes, 230 key_buffer, 231 key_buffer_size, 232 alg, 233 input, 234 input_length, 235 signature, 236 signature_length ) ); 237 if( status != PSA_ERROR_NOT_SUPPORTED ) 238 return( status ); 239 break; 240 #endif /* PSA_CRYPTO_DRIVER_TEST */ 241 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 242 default: 243 /* Key is declared with a lifetime not known to us */ 244 (void)status; 245 break; 246 } 247 248 return( psa_verify_message_builtin( attributes, 249 key_buffer, 250 key_buffer_size, 251 alg, 252 input, 253 input_length, 254 signature, 255 signature_length ) ); 256 } 257 258 static inline psa_status_t psa_driver_wrapper_sign_hash( 259 const psa_key_attributes_t *attributes, 260 const uint8_t *key_buffer, size_t key_buffer_size, 261 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, 262 uint8_t *signature, size_t signature_size, size_t *signature_length ) 263 { 264 /* Try dynamically-registered SE interface first */ 265 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 266 const psa_drv_se_t *drv; 267 psa_drv_se_context_t *drv_context; 268 269 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 270 { 271 if( drv->asymmetric == NULL || 272 drv->asymmetric->p_sign == NULL ) 273 { 274 /* Key is defined in SE, but we have no way to exercise it */ 275 return( PSA_ERROR_NOT_SUPPORTED ); 276 } 277 return( drv->asymmetric->p_sign( 278 drv_context, *( (psa_key_slot_number_t *)key_buffer ), 279 alg, hash, hash_length, 280 signature, signature_size, signature_length ) ); 281 } 282 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 283 284 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 285 psa_key_location_t location = 286 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 287 288 switch( location ) 289 { 290 case PSA_KEY_LOCATION_LOCAL_STORAGE: 291 /* Key is stored in the slot in export representation, so 292 * cycle through all known transparent accelerators */ 293 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 294 #if defined(PSA_CRYPTO_DRIVER_TEST) 295 status = mbedtls_test_transparent_signature_sign_hash( attributes, 296 key_buffer, 297 key_buffer_size, 298 alg, 299 hash, 300 hash_length, 301 signature, 302 signature_size, 303 signature_length ); 304 /* Declared with fallback == true */ 305 if( status != PSA_ERROR_NOT_SUPPORTED ) 306 return( status ); 307 #endif /* PSA_CRYPTO_DRIVER_TEST */ 308 #if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) 309 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 310 PSA_ALG_IS_RANDOMIZED_ECDSA(alg) && 311 PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 && 312 psa_get_key_bits(attributes) == 256 ) 313 { 314 status = p256_transparent_sign_hash( attributes, 315 key_buffer, 316 key_buffer_size, 317 alg, 318 hash, 319 hash_length, 320 signature, 321 signature_size, 322 signature_length ); 323 if( status != PSA_ERROR_NOT_SUPPORTED ) 324 return( status ); 325 } 326 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 327 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 328 /* Fell through, meaning no accelerator supports this operation */ 329 return( psa_sign_hash_builtin( attributes, 330 key_buffer, 331 key_buffer_size, 332 alg, 333 hash, 334 hash_length, 335 signature, 336 signature_size, 337 signature_length ) ); 338 339 /* Add cases for opaque driver here */ 340 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 341 #if defined(PSA_CRYPTO_DRIVER_TEST) 342 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 343 return( mbedtls_test_opaque_signature_sign_hash( attributes, 344 key_buffer, 345 key_buffer_size, 346 alg, 347 hash, 348 hash_length, 349 signature, 350 signature_size, 351 signature_length ) ); 352 #endif /* PSA_CRYPTO_DRIVER_TEST */ 353 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 354 default: 355 /* Key is declared with a lifetime not known to us */ 356 (void)status; 357 return( PSA_ERROR_INVALID_ARGUMENT ); 358 } 359 } 360 361 static inline psa_status_t psa_driver_wrapper_verify_hash( 362 const psa_key_attributes_t *attributes, 363 const uint8_t *key_buffer, size_t key_buffer_size, 364 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, 365 const uint8_t *signature, size_t signature_length ) 366 { 367 /* Try dynamically-registered SE interface first */ 368 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 369 const psa_drv_se_t *drv; 370 psa_drv_se_context_t *drv_context; 371 372 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 373 { 374 if( drv->asymmetric == NULL || 375 drv->asymmetric->p_verify == NULL ) 376 { 377 /* Key is defined in SE, but we have no way to exercise it */ 378 return( PSA_ERROR_NOT_SUPPORTED ); 379 } 380 return( drv->asymmetric->p_verify( 381 drv_context, *( (psa_key_slot_number_t *)key_buffer ), 382 alg, hash, hash_length, 383 signature, signature_length ) ); 384 } 385 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 386 387 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 388 psa_key_location_t location = 389 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 390 391 switch( location ) 392 { 393 case PSA_KEY_LOCATION_LOCAL_STORAGE: 394 /* Key is stored in the slot in export representation, so 395 * cycle through all known transparent accelerators */ 396 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 397 #if defined(PSA_CRYPTO_DRIVER_TEST) 398 status = mbedtls_test_transparent_signature_verify_hash( 399 attributes, 400 key_buffer, 401 key_buffer_size, 402 alg, 403 hash, 404 hash_length, 405 signature, 406 signature_length ); 407 /* Declared with fallback == true */ 408 if( status != PSA_ERROR_NOT_SUPPORTED ) 409 return( status ); 410 #endif /* PSA_CRYPTO_DRIVER_TEST */ 411 #if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) 412 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 413 PSA_ALG_IS_ECDSA(alg) && 414 PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 && 415 psa_get_key_bits(attributes) == 256 ) 416 { 417 status = p256_transparent_verify_hash( attributes, 418 key_buffer, 419 key_buffer_size, 420 alg, 421 hash, 422 hash_length, 423 signature, 424 signature_length ); 425 if( status != PSA_ERROR_NOT_SUPPORTED ) 426 return( status ); 427 } 428 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 429 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 430 431 return( psa_verify_hash_builtin( attributes, 432 key_buffer, 433 key_buffer_size, 434 alg, 435 hash, 436 hash_length, 437 signature, 438 signature_length ) ); 439 440 /* Add cases for opaque driver here */ 441 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 442 #if defined(PSA_CRYPTO_DRIVER_TEST) 443 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 444 return( mbedtls_test_opaque_signature_verify_hash( attributes, 445 key_buffer, 446 key_buffer_size, 447 alg, 448 hash, 449 hash_length, 450 signature, 451 signature_length ) ); 452 #endif /* PSA_CRYPTO_DRIVER_TEST */ 453 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 454 default: 455 /* Key is declared with a lifetime not known to us */ 456 (void)status; 457 return( PSA_ERROR_INVALID_ARGUMENT ); 458 } 459 } 460 461 static inline uint32_t psa_driver_wrapper_sign_hash_get_num_ops( 462 psa_sign_hash_interruptible_operation_t *operation ) 463 { 464 switch( operation->id ) 465 { 466 /* If uninitialised, return 0, as no work can have been done. */ 467 case 0: 468 return 0; 469 470 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 471 return(mbedtls_psa_sign_hash_get_num_ops(&operation->ctx.mbedtls_ctx)); 472 473 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 474 #if defined(PSA_CRYPTO_DRIVER_TEST) 475 /* Add test driver tests here */ 476 477 #endif /* PSA_CRYPTO_DRIVER_TEST */ 478 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 479 } 480 481 /* Can't happen (see discussion in #8271) */ 482 return 0; 483 } 484 485 static inline uint32_t psa_driver_wrapper_verify_hash_get_num_ops( 486 psa_verify_hash_interruptible_operation_t *operation ) 487 { 488 switch( operation->id ) 489 { 490 /* If uninitialised, return 0, as no work can have been done. */ 491 case 0: 492 return 0; 493 494 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 495 return (mbedtls_psa_verify_hash_get_num_ops(&operation->ctx.mbedtls_ctx)); 496 497 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 498 #if defined(PSA_CRYPTO_DRIVER_TEST) 499 /* Add test driver tests here */ 500 501 #endif /* PSA_CRYPTO_DRIVER_TEST */ 502 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 503 504 } 505 506 /* Can't happen (see discussion in #8271) */ 507 return 0; 508 } 509 510 static inline psa_status_t psa_driver_wrapper_sign_hash_start( 511 psa_sign_hash_interruptible_operation_t *operation, 512 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 513 size_t key_buffer_size, psa_algorithm_t alg, 514 const uint8_t *hash, size_t hash_length ) 515 { 516 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 517 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 518 psa_get_key_lifetime(attributes) ); 519 520 switch( location ) 521 { 522 case PSA_KEY_LOCATION_LOCAL_STORAGE: 523 /* Key is stored in the slot in export representation, so 524 * cycle through all known transparent accelerators */ 525 526 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 527 #if defined(PSA_CRYPTO_DRIVER_TEST) 528 529 /* Add test driver tests here */ 530 531 /* Declared with fallback == true */ 532 533 #endif /* PSA_CRYPTO_DRIVER_TEST */ 534 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 535 536 /* Fell through, meaning no accelerator supports this operation */ 537 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 538 status = mbedtls_psa_sign_hash_start( &operation->ctx.mbedtls_ctx, 539 attributes, 540 key_buffer, key_buffer_size, 541 alg, hash, hash_length ); 542 break; 543 544 /* Add cases for opaque driver here */ 545 546 default: 547 /* Key is declared with a lifetime not known to us */ 548 status = PSA_ERROR_INVALID_ARGUMENT; 549 break; 550 } 551 552 return( status ); 553 } 554 555 static inline psa_status_t psa_driver_wrapper_sign_hash_complete( 556 psa_sign_hash_interruptible_operation_t *operation, 557 uint8_t *signature, size_t signature_size, 558 size_t *signature_length ) 559 { 560 switch( operation->id ) 561 { 562 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 563 return( mbedtls_psa_sign_hash_complete( &operation->ctx.mbedtls_ctx, 564 signature, signature_size, 565 signature_length ) ); 566 567 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 568 #if defined(PSA_CRYPTO_DRIVER_TEST) 569 /* Add test driver tests here */ 570 571 #endif /* PSA_CRYPTO_DRIVER_TEST */ 572 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 573 } 574 575 ( void ) signature; 576 ( void ) signature_size; 577 ( void ) signature_length; 578 579 return( PSA_ERROR_INVALID_ARGUMENT ); 580 } 581 582 static inline psa_status_t psa_driver_wrapper_sign_hash_abort( 583 psa_sign_hash_interruptible_operation_t *operation ) 584 { 585 switch( operation->id ) 586 { 587 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 588 return( mbedtls_psa_sign_hash_abort( &operation->ctx.mbedtls_ctx ) ); 589 590 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 591 #if defined(PSA_CRYPTO_DRIVER_TEST) 592 /* Add test driver tests here */ 593 594 #endif /* PSA_CRYPTO_DRIVER_TEST */ 595 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 596 } 597 598 return( PSA_ERROR_INVALID_ARGUMENT ); 599 } 600 601 static inline psa_status_t psa_driver_wrapper_verify_hash_start( 602 psa_verify_hash_interruptible_operation_t *operation, 603 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 604 size_t key_buffer_size, psa_algorithm_t alg, 605 const uint8_t *hash, size_t hash_length, 606 const uint8_t *signature, size_t signature_length ) 607 { 608 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 609 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 610 psa_get_key_lifetime(attributes) ); 611 612 switch( location ) 613 { 614 case PSA_KEY_LOCATION_LOCAL_STORAGE: 615 /* Key is stored in the slot in export representation, so 616 * cycle through all known transparent accelerators */ 617 618 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 619 #if defined(PSA_CRYPTO_DRIVER_TEST) 620 621 /* Add test driver tests here */ 622 623 /* Declared with fallback == true */ 624 625 #endif /* PSA_CRYPTO_DRIVER_TEST */ 626 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 627 628 /* Fell through, meaning no accelerator supports this operation */ 629 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 630 status = mbedtls_psa_verify_hash_start( &operation->ctx.mbedtls_ctx, 631 attributes, 632 key_buffer, key_buffer_size, 633 alg, hash, hash_length, 634 signature, signature_length ); 635 break; 636 637 /* Add cases for opaque driver here */ 638 639 default: 640 /* Key is declared with a lifetime not known to us */ 641 status = PSA_ERROR_INVALID_ARGUMENT; 642 break; 643 } 644 645 return( status ); 646 } 647 648 static inline psa_status_t psa_driver_wrapper_verify_hash_complete( 649 psa_verify_hash_interruptible_operation_t *operation ) 650 { 651 switch( operation->id ) 652 { 653 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 654 return( mbedtls_psa_verify_hash_complete( 655 &operation->ctx.mbedtls_ctx 656 ) ); 657 658 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 659 #if defined(PSA_CRYPTO_DRIVER_TEST) 660 /* Add test driver tests here */ 661 662 #endif /* PSA_CRYPTO_DRIVER_TEST */ 663 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 664 } 665 666 return( PSA_ERROR_INVALID_ARGUMENT ); 667 } 668 669 static inline psa_status_t psa_driver_wrapper_verify_hash_abort( 670 psa_verify_hash_interruptible_operation_t *operation ) 671 { 672 switch( operation->id ) 673 { 674 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 675 return( mbedtls_psa_verify_hash_abort( &operation->ctx.mbedtls_ctx 676 ) ); 677 678 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 679 #if defined(PSA_CRYPTO_DRIVER_TEST) 680 /* Add test driver tests here */ 681 682 #endif /* PSA_CRYPTO_DRIVER_TEST */ 683 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 684 } 685 686 return( PSA_ERROR_INVALID_ARGUMENT ); 687 } 688 689 /** Calculate the key buffer size required to store the key material of a key 690 * associated with an opaque driver from input key data. 691 * 692 * \param[in] attributes The key attributes 693 * \param[in] data The input key data. 694 * \param[in] data_length The input data length. 695 * \param[out] key_buffer_size Minimum buffer size to contain the key material. 696 * 697 * \retval #PSA_SUCCESS \emptydescription 698 * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription 699 * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription 700 */ 701 static inline psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( 702 const psa_key_attributes_t *attributes, 703 const uint8_t *data, 704 size_t data_length, 705 size_t *key_buffer_size ) 706 { 707 psa_key_location_t location = 708 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 709 psa_key_type_t key_type = psa_get_key_type(attributes); 710 711 *key_buffer_size = 0; 712 switch( location ) 713 { 714 #if defined(PSA_CRYPTO_DRIVER_TEST) 715 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 716 *key_buffer_size = mbedtls_test_opaque_size_function( key_type, 717 PSA_BYTES_TO_BITS( data_length ) ); 718 return( ( *key_buffer_size != 0 ) ? 719 PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); 720 #endif /* PSA_CRYPTO_DRIVER_TEST */ 721 722 default: 723 (void)key_type; 724 (void)data; 725 (void)data_length; 726 return( PSA_ERROR_INVALID_ARGUMENT ); 727 } 728 } 729 730 static inline psa_status_t psa_driver_wrapper_generate_key( 731 const psa_key_attributes_t *attributes, 732 const psa_custom_key_parameters_t *custom, 733 const uint8_t *custom_data, size_t custom_data_length, 734 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) 735 { 736 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 737 psa_key_location_t location = 738 PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); 739 740 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 741 int is_default_production = 742 psa_custom_key_parameters_are_default(custom, custom_data_length); 743 if( location != PSA_KEY_LOCATION_LOCAL_STORAGE && !is_default_production ) 744 { 745 /* We don't support passing custom production parameters 746 * to drivers yet. */ 747 return PSA_ERROR_NOT_SUPPORTED; 748 } 749 #else 750 int is_default_production = 1; 751 (void) is_default_production; 752 #endif 753 754 /* Try dynamically-registered SE interface first */ 755 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 756 const psa_drv_se_t *drv; 757 psa_drv_se_context_t *drv_context; 758 759 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 760 { 761 size_t pubkey_length = 0; /* We don't support this feature yet */ 762 if( drv->key_management == NULL || 763 drv->key_management->p_generate == NULL ) 764 { 765 /* Key is defined as being in SE, but we have no way to generate it */ 766 return( PSA_ERROR_NOT_SUPPORTED ); 767 } 768 return( drv->key_management->p_generate( 769 drv_context, 770 *( (psa_key_slot_number_t *)key_buffer ), 771 attributes, NULL, 0, &pubkey_length ) ); 772 } 773 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 774 775 switch( location ) 776 { 777 case PSA_KEY_LOCATION_LOCAL_STORAGE: 778 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 779 /* Transparent drivers are limited to generating asymmetric keys. */ 780 /* We don't support passing custom production parameters 781 * to drivers yet. */ 782 if( PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type(attributes) ) && 783 is_default_production ) 784 { 785 /* Cycle through all known transparent accelerators */ 786 #if defined(PSA_CRYPTO_DRIVER_TEST) 787 status = mbedtls_test_transparent_generate_key( 788 attributes, key_buffer, key_buffer_size, 789 key_buffer_length ); 790 /* Declared with fallback == true */ 791 if( status != PSA_ERROR_NOT_SUPPORTED ) 792 break; 793 #endif /* PSA_CRYPTO_DRIVER_TEST */ 794 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) 795 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 796 psa_get_key_type(attributes) == PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1) && 797 psa_get_key_bits(attributes) == 256 ) 798 { 799 status = p256_transparent_generate_key( attributes, 800 key_buffer, 801 key_buffer_size, 802 key_buffer_length ); 803 if( status != PSA_ERROR_NOT_SUPPORTED ) 804 break; 805 } 806 807 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 808 } 809 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 810 811 /* Software fallback */ 812 status = psa_generate_key_internal( 813 attributes, custom, custom_data, custom_data_length, 814 key_buffer, key_buffer_size, key_buffer_length ); 815 break; 816 817 /* Add cases for opaque driver here */ 818 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 819 #if defined(PSA_CRYPTO_DRIVER_TEST) 820 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 821 status = mbedtls_test_opaque_generate_key( 822 attributes, key_buffer, key_buffer_size, key_buffer_length ); 823 break; 824 #endif /* PSA_CRYPTO_DRIVER_TEST */ 825 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 826 827 default: 828 /* Key is declared with a lifetime not known to us */ 829 status = PSA_ERROR_INVALID_ARGUMENT; 830 break; 831 } 832 833 return( status ); 834 } 835 836 static inline psa_status_t psa_driver_wrapper_import_key( 837 const psa_key_attributes_t *attributes, 838 const uint8_t *data, 839 size_t data_length, 840 uint8_t *key_buffer, 841 size_t key_buffer_size, 842 size_t *key_buffer_length, 843 size_t *bits ) 844 { 845 {% with entry_point = "import_key" -%} 846 {% macro entry_point_param(driver) -%} 847 attributes, 848 data, 849 data_length, 850 key_buffer, 851 key_buffer_size, 852 key_buffer_length, 853 bits 854 {% endmacro %} 855 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 856 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 857 psa_get_key_lifetime( attributes ) ); 858 859 /* Try dynamically-registered SE interface first */ 860 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 861 const psa_drv_se_t *drv; 862 psa_drv_se_context_t *drv_context; 863 864 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 865 { 866 if( drv->key_management == NULL || 867 drv->key_management->p_import == NULL ) 868 return( PSA_ERROR_NOT_SUPPORTED ); 869 870 /* The driver should set the number of key bits, however in 871 * case it doesn't, we initialize bits to an invalid value. */ 872 *bits = PSA_MAX_KEY_BITS + 1; 873 status = drv->key_management->p_import( 874 drv_context, 875 *( (psa_key_slot_number_t *)key_buffer ), 876 attributes, data, data_length, bits ); 877 878 if( status != PSA_SUCCESS ) 879 return( status ); 880 881 if( (*bits) > PSA_MAX_KEY_BITS ) 882 return( PSA_ERROR_NOT_SUPPORTED ); 883 884 return( PSA_SUCCESS ); 885 } 886 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 887 888 switch( location ) 889 { 890 case PSA_KEY_LOCATION_LOCAL_STORAGE: 891 /* Key is stored in the slot in export representation, so 892 * cycle through all known transparent accelerators */ 893 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 894 {% with nest_indent=12 %} 895 {% include "OS-template-transparent.jinja" -%} 896 {% endwith -%} 897 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 898 899 /* Fell through, meaning no accelerator supports this operation */ 900 return( psa_import_key_into_slot( attributes, 901 data, data_length, 902 key_buffer, key_buffer_size, 903 key_buffer_length, bits ) ); 904 /* Add cases for opaque driver here */ 905 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 906 {% with nest_indent=8 %} 907 {% include "OS-template-opaque.jinja" -%} 908 {% endwith -%} 909 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 910 default: 911 (void)status; 912 return( PSA_ERROR_INVALID_ARGUMENT ); 913 } 914 {% endwith %} 915 } 916 917 static inline psa_status_t psa_driver_wrapper_export_key( 918 const psa_key_attributes_t *attributes, 919 const uint8_t *key_buffer, size_t key_buffer_size, 920 uint8_t *data, size_t data_size, size_t *data_length ) 921 922 { 923 {% with entry_point = "export_key" -%} 924 {% macro entry_point_param(driver) -%} 925 attributes, 926 key_buffer, 927 key_buffer_size, 928 data, 929 data_size, 930 data_length 931 {% endmacro %} 932 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; 933 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( 934 psa_get_key_lifetime( attributes ) ); 935 936 /* Try dynamically-registered SE interface first */ 937 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 938 const psa_drv_se_t *drv; 939 psa_drv_se_context_t *drv_context; 940 941 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 942 { 943 if( ( drv->key_management == NULL ) || 944 ( drv->key_management->p_export == NULL ) ) 945 { 946 return( PSA_ERROR_NOT_SUPPORTED ); 947 } 948 949 return( drv->key_management->p_export( 950 drv_context, 951 *( (psa_key_slot_number_t *)key_buffer ), 952 data, data_size, data_length ) ); 953 } 954 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 955 956 switch( location ) 957 { 958 case PSA_KEY_LOCATION_LOCAL_STORAGE: 959 return( psa_export_key_internal( attributes, 960 key_buffer, 961 key_buffer_size, 962 data, 963 data_size, 964 data_length ) ); 965 966 /* Add cases for opaque driver here */ 967 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 968 {% with nest_indent=8 %} 969 {% include "OS-template-opaque.jinja" -%} 970 {% endwith -%} 971 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 972 default: 973 /* Key is declared with a lifetime not known to us */ 974 return( status ); 975 } 976 {% endwith %} 977 } 978 979 static inline psa_status_t psa_driver_wrapper_copy_key( 980 psa_key_attributes_t *attributes, 981 const uint8_t *source_key, size_t source_key_length, 982 uint8_t *target_key_buffer, size_t target_key_buffer_size, 983 size_t *target_key_buffer_length ) 984 { 985 {% with entry_point = "copy_key" -%} 986 {% macro entry_point_param(driver) -%} 987 attributes, 988 source_key, 989 source_key_length, 990 target_key_buffer, 991 target_key_buffer_size, 992 target_key_buffer_length 993 {% endmacro %} 994 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 995 psa_key_location_t location = 996 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 997 998 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 999 const psa_drv_se_t *drv; 1000 psa_drv_se_context_t *drv_context; 1001 1002 if( psa_get_se_driver( psa_get_key_lifetime(attributes), &drv, &drv_context ) ) 1003 { 1004 /* Copying to a secure element is not implemented yet. */ 1005 return( PSA_ERROR_NOT_SUPPORTED ); 1006 } 1007 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ 1008 1009 switch( location ) 1010 { 1011 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1012 {% with nest_indent=8 %} 1013 {% include "OS-template-opaque.jinja" -%} 1014 {% endwith -%} 1015 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1016 default: 1017 (void)source_key; 1018 (void)source_key_length; 1019 (void)target_key_buffer; 1020 (void)target_key_buffer_size; 1021 (void)target_key_buffer_length; 1022 status = PSA_ERROR_INVALID_ARGUMENT; 1023 } 1024 return( status ); 1025 {% endwith %} 1026 } 1027 1028 /* 1029 * Cipher functions 1030 */ 1031 static inline psa_status_t psa_driver_wrapper_cipher_encrypt( 1032 const psa_key_attributes_t *attributes, 1033 const uint8_t *key_buffer, 1034 size_t key_buffer_size, 1035 psa_algorithm_t alg, 1036 const uint8_t *iv, 1037 size_t iv_length, 1038 const uint8_t *input, 1039 size_t input_length, 1040 uint8_t *output, 1041 size_t output_size, 1042 size_t *output_length ) 1043 { 1044 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1045 psa_key_location_t location = 1046 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1047 1048 switch( location ) 1049 { 1050 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1051 /* Key is stored in the slot in export representation, so 1052 * cycle through all known transparent accelerators */ 1053 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1054 #if defined(PSA_CRYPTO_DRIVER_TEST) 1055 status = mbedtls_test_transparent_cipher_encrypt( attributes, 1056 key_buffer, 1057 key_buffer_size, 1058 alg, 1059 iv, 1060 iv_length, 1061 input, 1062 input_length, 1063 output, 1064 output_size, 1065 output_length ); 1066 /* Declared with fallback == true */ 1067 if( status != PSA_ERROR_NOT_SUPPORTED ) 1068 return( status ); 1069 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1070 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1071 1072 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1073 return( mbedtls_psa_cipher_encrypt( attributes, 1074 key_buffer, 1075 key_buffer_size, 1076 alg, 1077 iv, 1078 iv_length, 1079 input, 1080 input_length, 1081 output, 1082 output_size, 1083 output_length ) ); 1084 #else 1085 return( PSA_ERROR_NOT_SUPPORTED ); 1086 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1087 1088 /* Add cases for opaque driver here */ 1089 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1090 #if defined(PSA_CRYPTO_DRIVER_TEST) 1091 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1092 return( mbedtls_test_opaque_cipher_encrypt( attributes, 1093 key_buffer, 1094 key_buffer_size, 1095 alg, 1096 iv, 1097 iv_length, 1098 input, 1099 input_length, 1100 output, 1101 output_size, 1102 output_length ) ); 1103 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1104 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1105 1106 default: 1107 /* Key is declared with a lifetime not known to us */ 1108 (void)status; 1109 (void)key_buffer; 1110 (void)key_buffer_size; 1111 (void)alg; 1112 (void)iv; 1113 (void)iv_length; 1114 (void)input; 1115 (void)input_length; 1116 (void)output; 1117 (void)output_size; 1118 (void)output_length; 1119 return( PSA_ERROR_INVALID_ARGUMENT ); 1120 } 1121 } 1122 1123 static inline psa_status_t psa_driver_wrapper_cipher_decrypt( 1124 const psa_key_attributes_t *attributes, 1125 const uint8_t *key_buffer, 1126 size_t key_buffer_size, 1127 psa_algorithm_t alg, 1128 const uint8_t *input, 1129 size_t input_length, 1130 uint8_t *output, 1131 size_t output_size, 1132 size_t *output_length ) 1133 { 1134 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1135 psa_key_location_t location = 1136 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1137 1138 switch( location ) 1139 { 1140 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1141 /* Key is stored in the slot in export representation, so 1142 * cycle through all known transparent accelerators */ 1143 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1144 #if defined(PSA_CRYPTO_DRIVER_TEST) 1145 status = mbedtls_test_transparent_cipher_decrypt( attributes, 1146 key_buffer, 1147 key_buffer_size, 1148 alg, 1149 input, 1150 input_length, 1151 output, 1152 output_size, 1153 output_length ); 1154 /* Declared with fallback == true */ 1155 if( status != PSA_ERROR_NOT_SUPPORTED ) 1156 return( status ); 1157 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1158 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1159 1160 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1161 return( mbedtls_psa_cipher_decrypt( attributes, 1162 key_buffer, 1163 key_buffer_size, 1164 alg, 1165 input, 1166 input_length, 1167 output, 1168 output_size, 1169 output_length ) ); 1170 #else 1171 return( PSA_ERROR_NOT_SUPPORTED ); 1172 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1173 1174 /* Add cases for opaque driver here */ 1175 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1176 #if defined(PSA_CRYPTO_DRIVER_TEST) 1177 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1178 return( mbedtls_test_opaque_cipher_decrypt( attributes, 1179 key_buffer, 1180 key_buffer_size, 1181 alg, 1182 input, 1183 input_length, 1184 output, 1185 output_size, 1186 output_length ) ); 1187 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1188 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1189 1190 default: 1191 /* Key is declared with a lifetime not known to us */ 1192 (void)status; 1193 (void)key_buffer; 1194 (void)key_buffer_size; 1195 (void)alg; 1196 (void)input; 1197 (void)input_length; 1198 (void)output; 1199 (void)output_size; 1200 (void)output_length; 1201 return( PSA_ERROR_INVALID_ARGUMENT ); 1202 } 1203 } 1204 1205 static inline psa_status_t psa_driver_wrapper_cipher_encrypt_setup( 1206 psa_cipher_operation_t *operation, 1207 const psa_key_attributes_t *attributes, 1208 const uint8_t *key_buffer, size_t key_buffer_size, 1209 psa_algorithm_t alg ) 1210 { 1211 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1212 psa_key_location_t location = 1213 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1214 1215 switch( location ) 1216 { 1217 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1218 /* Key is stored in the slot in export representation, so 1219 * cycle through all known transparent accelerators */ 1220 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1221 #if defined(PSA_CRYPTO_DRIVER_TEST) 1222 status = mbedtls_test_transparent_cipher_encrypt_setup( 1223 &operation->ctx.transparent_test_driver_ctx, 1224 attributes, 1225 key_buffer, 1226 key_buffer_size, 1227 alg ); 1228 /* Declared with fallback == true */ 1229 if( status == PSA_SUCCESS ) 1230 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1231 1232 if( status != PSA_ERROR_NOT_SUPPORTED ) 1233 return( status ); 1234 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1235 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1236 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1237 /* Fell through, meaning no accelerator supports this operation */ 1238 status = mbedtls_psa_cipher_encrypt_setup( &operation->ctx.mbedtls_ctx, 1239 attributes, 1240 key_buffer, 1241 key_buffer_size, 1242 alg ); 1243 if( status == PSA_SUCCESS ) 1244 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1245 1246 if( status != PSA_ERROR_NOT_SUPPORTED ) 1247 return( status ); 1248 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1249 return( PSA_ERROR_NOT_SUPPORTED ); 1250 1251 /* Add cases for opaque driver here */ 1252 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1253 #if defined(PSA_CRYPTO_DRIVER_TEST) 1254 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1255 status = mbedtls_test_opaque_cipher_encrypt_setup( 1256 &operation->ctx.opaque_test_driver_ctx, 1257 attributes, 1258 key_buffer, key_buffer_size, 1259 alg ); 1260 1261 if( status == PSA_SUCCESS ) 1262 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 1263 1264 return( status ); 1265 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1266 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1267 default: 1268 /* Key is declared with a lifetime not known to us */ 1269 (void)status; 1270 (void)operation; 1271 (void)key_buffer; 1272 (void)key_buffer_size; 1273 (void)alg; 1274 return( PSA_ERROR_INVALID_ARGUMENT ); 1275 } 1276 } 1277 1278 static inline psa_status_t psa_driver_wrapper_cipher_decrypt_setup( 1279 psa_cipher_operation_t *operation, 1280 const psa_key_attributes_t *attributes, 1281 const uint8_t *key_buffer, size_t key_buffer_size, 1282 psa_algorithm_t alg ) 1283 { 1284 psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; 1285 psa_key_location_t location = 1286 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1287 1288 switch( location ) 1289 { 1290 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1291 /* Key is stored in the slot in export representation, so 1292 * cycle through all known transparent accelerators */ 1293 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1294 #if defined(PSA_CRYPTO_DRIVER_TEST) 1295 status = mbedtls_test_transparent_cipher_decrypt_setup( 1296 &operation->ctx.transparent_test_driver_ctx, 1297 attributes, 1298 key_buffer, 1299 key_buffer_size, 1300 alg ); 1301 /* Declared with fallback == true */ 1302 if( status == PSA_SUCCESS ) 1303 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1304 1305 if( status != PSA_ERROR_NOT_SUPPORTED ) 1306 return( status ); 1307 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1308 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1309 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1310 /* Fell through, meaning no accelerator supports this operation */ 1311 status = mbedtls_psa_cipher_decrypt_setup( &operation->ctx.mbedtls_ctx, 1312 attributes, 1313 key_buffer, 1314 key_buffer_size, 1315 alg ); 1316 if( status == PSA_SUCCESS ) 1317 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1318 1319 return( status ); 1320 #else /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1321 return( PSA_ERROR_NOT_SUPPORTED ); 1322 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1323 1324 /* Add cases for opaque driver here */ 1325 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1326 #if defined(PSA_CRYPTO_DRIVER_TEST) 1327 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 1328 status = mbedtls_test_opaque_cipher_decrypt_setup( 1329 &operation->ctx.opaque_test_driver_ctx, 1330 attributes, 1331 key_buffer, key_buffer_size, 1332 alg ); 1333 1334 if( status == PSA_SUCCESS ) 1335 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 1336 1337 return( status ); 1338 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1339 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1340 default: 1341 /* Key is declared with a lifetime not known to us */ 1342 (void)status; 1343 (void)operation; 1344 (void)key_buffer; 1345 (void)key_buffer_size; 1346 (void)alg; 1347 return( PSA_ERROR_INVALID_ARGUMENT ); 1348 } 1349 } 1350 1351 static inline psa_status_t psa_driver_wrapper_cipher_set_iv( 1352 psa_cipher_operation_t *operation, 1353 const uint8_t *iv, 1354 size_t iv_length ) 1355 { 1356 switch( operation->id ) 1357 { 1358 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1359 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1360 return( mbedtls_psa_cipher_set_iv( &operation->ctx.mbedtls_ctx, 1361 iv, 1362 iv_length ) ); 1363 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1364 1365 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1366 #if defined(PSA_CRYPTO_DRIVER_TEST) 1367 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1368 return( mbedtls_test_transparent_cipher_set_iv( 1369 &operation->ctx.transparent_test_driver_ctx, 1370 iv, iv_length ) ); 1371 1372 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1373 return( mbedtls_test_opaque_cipher_set_iv( 1374 &operation->ctx.opaque_test_driver_ctx, 1375 iv, iv_length ) ); 1376 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1377 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1378 } 1379 1380 (void)iv; 1381 (void)iv_length; 1382 1383 return( PSA_ERROR_INVALID_ARGUMENT ); 1384 } 1385 1386 static inline psa_status_t psa_driver_wrapper_cipher_update( 1387 psa_cipher_operation_t *operation, 1388 const uint8_t *input, 1389 size_t input_length, 1390 uint8_t *output, 1391 size_t output_size, 1392 size_t *output_length ) 1393 { 1394 switch( operation->id ) 1395 { 1396 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1397 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1398 return( mbedtls_psa_cipher_update( &operation->ctx.mbedtls_ctx, 1399 input, 1400 input_length, 1401 output, 1402 output_size, 1403 output_length ) ); 1404 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1405 1406 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1407 #if defined(PSA_CRYPTO_DRIVER_TEST) 1408 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1409 return( mbedtls_test_transparent_cipher_update( 1410 &operation->ctx.transparent_test_driver_ctx, 1411 input, input_length, 1412 output, output_size, output_length ) ); 1413 1414 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1415 return( mbedtls_test_opaque_cipher_update( 1416 &operation->ctx.opaque_test_driver_ctx, 1417 input, input_length, 1418 output, output_size, output_length ) ); 1419 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1420 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1421 } 1422 1423 (void)input; 1424 (void)input_length; 1425 (void)output; 1426 (void)output_size; 1427 (void)output_length; 1428 1429 return( PSA_ERROR_INVALID_ARGUMENT ); 1430 } 1431 1432 static inline psa_status_t psa_driver_wrapper_cipher_finish( 1433 psa_cipher_operation_t *operation, 1434 uint8_t *output, 1435 size_t output_size, 1436 size_t *output_length ) 1437 { 1438 switch( operation->id ) 1439 { 1440 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1441 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1442 return( mbedtls_psa_cipher_finish( &operation->ctx.mbedtls_ctx, 1443 output, 1444 output_size, 1445 output_length ) ); 1446 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1447 1448 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1449 #if defined(PSA_CRYPTO_DRIVER_TEST) 1450 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1451 return( mbedtls_test_transparent_cipher_finish( 1452 &operation->ctx.transparent_test_driver_ctx, 1453 output, output_size, output_length ) ); 1454 1455 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1456 return( mbedtls_test_opaque_cipher_finish( 1457 &operation->ctx.opaque_test_driver_ctx, 1458 output, output_size, output_length ) ); 1459 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1460 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1461 } 1462 1463 (void)output; 1464 (void)output_size; 1465 (void)output_length; 1466 1467 return( PSA_ERROR_INVALID_ARGUMENT ); 1468 } 1469 1470 static inline psa_status_t psa_driver_wrapper_cipher_abort( 1471 psa_cipher_operation_t *operation ) 1472 { 1473 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1474 1475 switch( operation->id ) 1476 { 1477 #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) 1478 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1479 return( mbedtls_psa_cipher_abort( &operation->ctx.mbedtls_ctx ) ); 1480 #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ 1481 1482 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1483 #if defined(PSA_CRYPTO_DRIVER_TEST) 1484 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1485 status = mbedtls_test_transparent_cipher_abort( 1486 &operation->ctx.transparent_test_driver_ctx ); 1487 mbedtls_platform_zeroize( 1488 &operation->ctx.transparent_test_driver_ctx, 1489 sizeof( operation->ctx.transparent_test_driver_ctx ) ); 1490 return( status ); 1491 1492 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 1493 status = mbedtls_test_opaque_cipher_abort( 1494 &operation->ctx.opaque_test_driver_ctx ); 1495 mbedtls_platform_zeroize( 1496 &operation->ctx.opaque_test_driver_ctx, 1497 sizeof( operation->ctx.opaque_test_driver_ctx ) ); 1498 return( status ); 1499 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1500 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1501 } 1502 1503 (void)status; 1504 return( PSA_ERROR_INVALID_ARGUMENT ); 1505 } 1506 1507 /* 1508 * Hashing functions 1509 */ 1510 static inline psa_status_t psa_driver_wrapper_hash_compute( 1511 psa_algorithm_t alg, 1512 const uint8_t *input, 1513 size_t input_length, 1514 uint8_t *hash, 1515 size_t hash_size, 1516 size_t *hash_length) 1517 { 1518 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1519 1520 /* Try accelerators first */ 1521 #if defined(PSA_CRYPTO_DRIVER_TEST) 1522 status = mbedtls_test_transparent_hash_compute( 1523 alg, input, input_length, hash, hash_size, hash_length ); 1524 if( status != PSA_ERROR_NOT_SUPPORTED ) 1525 return( status ); 1526 #endif 1527 1528 /* If software fallback is compiled in, try fallback */ 1529 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1530 status = mbedtls_psa_hash_compute( alg, input, input_length, 1531 hash, hash_size, hash_length ); 1532 if( status != PSA_ERROR_NOT_SUPPORTED ) 1533 return( status ); 1534 #endif 1535 (void) status; 1536 (void) alg; 1537 (void) input; 1538 (void) input_length; 1539 (void) hash; 1540 (void) hash_size; 1541 (void) hash_length; 1542 1543 return( PSA_ERROR_NOT_SUPPORTED ); 1544 } 1545 1546 static inline psa_status_t psa_driver_wrapper_hash_setup( 1547 psa_hash_operation_t *operation, 1548 psa_algorithm_t alg ) 1549 { 1550 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1551 1552 /* Try setup on accelerators first */ 1553 #if defined(PSA_CRYPTO_DRIVER_TEST) 1554 status = mbedtls_test_transparent_hash_setup( 1555 &operation->ctx.test_driver_ctx, alg ); 1556 if( status == PSA_SUCCESS ) 1557 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1558 1559 if( status != PSA_ERROR_NOT_SUPPORTED ) 1560 return( status ); 1561 #endif 1562 1563 /* If software fallback is compiled in, try fallback */ 1564 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1565 status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg ); 1566 if( status == PSA_SUCCESS ) 1567 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1568 1569 if( status != PSA_ERROR_NOT_SUPPORTED ) 1570 return( status ); 1571 #endif 1572 /* Nothing left to try if we fall through here */ 1573 (void) status; 1574 (void) operation; 1575 (void) alg; 1576 return( PSA_ERROR_NOT_SUPPORTED ); 1577 } 1578 1579 static inline psa_status_t psa_driver_wrapper_hash_clone( 1580 const psa_hash_operation_t *source_operation, 1581 psa_hash_operation_t *target_operation ) 1582 { 1583 switch( source_operation->id ) 1584 { 1585 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1586 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1587 target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1588 return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, 1589 &target_operation->ctx.mbedtls_ctx ) ); 1590 #endif 1591 #if defined(PSA_CRYPTO_DRIVER_TEST) 1592 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1593 target_operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1594 return( mbedtls_test_transparent_hash_clone( 1595 &source_operation->ctx.test_driver_ctx, 1596 &target_operation->ctx.test_driver_ctx ) ); 1597 #endif 1598 default: 1599 (void) target_operation; 1600 return( PSA_ERROR_BAD_STATE ); 1601 } 1602 } 1603 1604 static inline psa_status_t psa_driver_wrapper_hash_update( 1605 psa_hash_operation_t *operation, 1606 const uint8_t *input, 1607 size_t input_length ) 1608 { 1609 switch( operation->id ) 1610 { 1611 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1612 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1613 return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, 1614 input, input_length ) ); 1615 #endif 1616 #if defined(PSA_CRYPTO_DRIVER_TEST) 1617 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1618 return( mbedtls_test_transparent_hash_update( 1619 &operation->ctx.test_driver_ctx, 1620 input, input_length ) ); 1621 #endif 1622 default: 1623 (void) input; 1624 (void) input_length; 1625 return( PSA_ERROR_BAD_STATE ); 1626 } 1627 } 1628 1629 static inline psa_status_t psa_driver_wrapper_hash_finish( 1630 psa_hash_operation_t *operation, 1631 uint8_t *hash, 1632 size_t hash_size, 1633 size_t *hash_length ) 1634 { 1635 switch( operation->id ) 1636 { 1637 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1638 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1639 return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, 1640 hash, hash_size, hash_length ) ); 1641 #endif 1642 #if defined(PSA_CRYPTO_DRIVER_TEST) 1643 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1644 return( mbedtls_test_transparent_hash_finish( 1645 &operation->ctx.test_driver_ctx, 1646 hash, hash_size, hash_length ) ); 1647 #endif 1648 default: 1649 (void) hash; 1650 (void) hash_size; 1651 (void) hash_length; 1652 return( PSA_ERROR_BAD_STATE ); 1653 } 1654 } 1655 1656 static inline psa_status_t psa_driver_wrapper_hash_abort( 1657 psa_hash_operation_t *operation ) 1658 { 1659 switch( operation->id ) 1660 { 1661 #if defined(MBEDTLS_PSA_BUILTIN_HASH) 1662 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1663 return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); 1664 #endif 1665 #if defined(PSA_CRYPTO_DRIVER_TEST) 1666 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1667 return( mbedtls_test_transparent_hash_abort( 1668 &operation->ctx.test_driver_ctx ) ); 1669 #endif 1670 default: 1671 return( PSA_ERROR_BAD_STATE ); 1672 } 1673 } 1674 1675 static inline psa_status_t psa_driver_wrapper_aead_encrypt( 1676 const psa_key_attributes_t *attributes, 1677 const uint8_t *key_buffer, size_t key_buffer_size, 1678 psa_algorithm_t alg, 1679 const uint8_t *nonce, size_t nonce_length, 1680 const uint8_t *additional_data, size_t additional_data_length, 1681 const uint8_t *plaintext, size_t plaintext_length, 1682 uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) 1683 { 1684 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1685 psa_key_location_t location = 1686 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1687 1688 switch( location ) 1689 { 1690 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1691 /* Key is stored in the slot in export representation, so 1692 * cycle through all known transparent accelerators */ 1693 1694 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1695 #if defined(PSA_CRYPTO_DRIVER_TEST) 1696 status = mbedtls_test_transparent_aead_encrypt( 1697 attributes, key_buffer, key_buffer_size, 1698 alg, 1699 nonce, nonce_length, 1700 additional_data, additional_data_length, 1701 plaintext, plaintext_length, 1702 ciphertext, ciphertext_size, ciphertext_length ); 1703 /* Declared with fallback == true */ 1704 if( status != PSA_ERROR_NOT_SUPPORTED ) 1705 return( status ); 1706 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1707 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1708 1709 /* Fell through, meaning no accelerator supports this operation */ 1710 return( mbedtls_psa_aead_encrypt( 1711 attributes, key_buffer, key_buffer_size, 1712 alg, 1713 nonce, nonce_length, 1714 additional_data, additional_data_length, 1715 plaintext, plaintext_length, 1716 ciphertext, ciphertext_size, ciphertext_length ) ); 1717 1718 /* Add cases for opaque driver here */ 1719 1720 default: 1721 /* Key is declared with a lifetime not known to us */ 1722 (void)status; 1723 return( PSA_ERROR_INVALID_ARGUMENT ); 1724 } 1725 } 1726 1727 static inline psa_status_t psa_driver_wrapper_aead_decrypt( 1728 const psa_key_attributes_t *attributes, 1729 const uint8_t *key_buffer, size_t key_buffer_size, 1730 psa_algorithm_t alg, 1731 const uint8_t *nonce, size_t nonce_length, 1732 const uint8_t *additional_data, size_t additional_data_length, 1733 const uint8_t *ciphertext, size_t ciphertext_length, 1734 uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) 1735 { 1736 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1737 psa_key_location_t location = 1738 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1739 1740 switch( location ) 1741 { 1742 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1743 /* Key is stored in the slot in export representation, so 1744 * cycle through all known transparent accelerators */ 1745 1746 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1747 #if defined(PSA_CRYPTO_DRIVER_TEST) 1748 status = mbedtls_test_transparent_aead_decrypt( 1749 attributes, key_buffer, key_buffer_size, 1750 alg, 1751 nonce, nonce_length, 1752 additional_data, additional_data_length, 1753 ciphertext, ciphertext_length, 1754 plaintext, plaintext_size, plaintext_length ); 1755 /* Declared with fallback == true */ 1756 if( status != PSA_ERROR_NOT_SUPPORTED ) 1757 return( status ); 1758 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1759 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1760 1761 /* Fell through, meaning no accelerator supports this operation */ 1762 return( mbedtls_psa_aead_decrypt( 1763 attributes, key_buffer, key_buffer_size, 1764 alg, 1765 nonce, nonce_length, 1766 additional_data, additional_data_length, 1767 ciphertext, ciphertext_length, 1768 plaintext, plaintext_size, plaintext_length ) ); 1769 1770 /* Add cases for opaque driver here */ 1771 1772 default: 1773 /* Key is declared with a lifetime not known to us */ 1774 (void)status; 1775 return( PSA_ERROR_INVALID_ARGUMENT ); 1776 } 1777 } 1778 1779 static inline psa_status_t psa_driver_wrapper_aead_encrypt_setup( 1780 psa_aead_operation_t *operation, 1781 const psa_key_attributes_t *attributes, 1782 const uint8_t *key_buffer, size_t key_buffer_size, 1783 psa_algorithm_t alg ) 1784 { 1785 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1786 psa_key_location_t location = 1787 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1788 1789 switch( location ) 1790 { 1791 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1792 /* Key is stored in the slot in export representation, so 1793 * cycle through all known transparent accelerators */ 1794 1795 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1796 #if defined(PSA_CRYPTO_DRIVER_TEST) 1797 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1798 status = mbedtls_test_transparent_aead_encrypt_setup( 1799 &operation->ctx.transparent_test_driver_ctx, 1800 attributes, key_buffer, key_buffer_size, 1801 alg ); 1802 1803 /* Declared with fallback == true */ 1804 if( status != PSA_ERROR_NOT_SUPPORTED ) 1805 return( status ); 1806 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1807 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1808 1809 /* Fell through, meaning no accelerator supports this operation */ 1810 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1811 status = mbedtls_psa_aead_encrypt_setup( 1812 &operation->ctx.mbedtls_ctx, attributes, 1813 key_buffer, key_buffer_size, 1814 alg ); 1815 1816 return( status ); 1817 1818 /* Add cases for opaque driver here */ 1819 1820 default: 1821 /* Key is declared with a lifetime not known to us */ 1822 (void)status; 1823 return( PSA_ERROR_INVALID_ARGUMENT ); 1824 } 1825 } 1826 1827 static inline psa_status_t psa_driver_wrapper_aead_decrypt_setup( 1828 psa_aead_operation_t *operation, 1829 const psa_key_attributes_t *attributes, 1830 const uint8_t *key_buffer, size_t key_buffer_size, 1831 psa_algorithm_t alg ) 1832 { 1833 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1834 psa_key_location_t location = 1835 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 1836 1837 switch( location ) 1838 { 1839 case PSA_KEY_LOCATION_LOCAL_STORAGE: 1840 /* Key is stored in the slot in export representation, so 1841 * cycle through all known transparent accelerators */ 1842 1843 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1844 #if defined(PSA_CRYPTO_DRIVER_TEST) 1845 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 1846 status = mbedtls_test_transparent_aead_decrypt_setup( 1847 &operation->ctx.transparent_test_driver_ctx, 1848 attributes, 1849 key_buffer, key_buffer_size, 1850 alg ); 1851 1852 /* Declared with fallback == true */ 1853 if( status != PSA_ERROR_NOT_SUPPORTED ) 1854 return( status ); 1855 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1856 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1857 1858 /* Fell through, meaning no accelerator supports this operation */ 1859 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 1860 status = mbedtls_psa_aead_decrypt_setup( 1861 &operation->ctx.mbedtls_ctx, 1862 attributes, 1863 key_buffer, key_buffer_size, 1864 alg ); 1865 1866 return( status ); 1867 1868 /* Add cases for opaque driver here */ 1869 1870 default: 1871 /* Key is declared with a lifetime not known to us */ 1872 (void)status; 1873 return( PSA_ERROR_INVALID_ARGUMENT ); 1874 } 1875 } 1876 1877 static inline psa_status_t psa_driver_wrapper_aead_set_nonce( 1878 psa_aead_operation_t *operation, 1879 const uint8_t *nonce, 1880 size_t nonce_length ) 1881 { 1882 switch( operation->id ) 1883 { 1884 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 1885 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1886 return( mbedtls_psa_aead_set_nonce( &operation->ctx.mbedtls_ctx, 1887 nonce, 1888 nonce_length ) ); 1889 1890 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 1891 1892 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1893 #if defined(PSA_CRYPTO_DRIVER_TEST) 1894 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1895 return( mbedtls_test_transparent_aead_set_nonce( 1896 &operation->ctx.transparent_test_driver_ctx, 1897 nonce, nonce_length ) ); 1898 1899 /* Add cases for opaque driver here */ 1900 1901 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1902 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1903 } 1904 1905 (void)nonce; 1906 (void)nonce_length; 1907 1908 return( PSA_ERROR_INVALID_ARGUMENT ); 1909 } 1910 1911 static inline psa_status_t psa_driver_wrapper_aead_set_lengths( 1912 psa_aead_operation_t *operation, 1913 size_t ad_length, 1914 size_t plaintext_length ) 1915 { 1916 switch( operation->id ) 1917 { 1918 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 1919 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1920 return( mbedtls_psa_aead_set_lengths( &operation->ctx.mbedtls_ctx, 1921 ad_length, 1922 plaintext_length ) ); 1923 1924 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 1925 1926 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1927 #if defined(PSA_CRYPTO_DRIVER_TEST) 1928 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1929 return( mbedtls_test_transparent_aead_set_lengths( 1930 &operation->ctx.transparent_test_driver_ctx, 1931 ad_length, plaintext_length ) ); 1932 1933 /* Add cases for opaque driver here */ 1934 1935 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1936 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1937 } 1938 1939 (void)ad_length; 1940 (void)plaintext_length; 1941 1942 return( PSA_ERROR_INVALID_ARGUMENT ); 1943 } 1944 1945 static inline psa_status_t psa_driver_wrapper_aead_update_ad( 1946 psa_aead_operation_t *operation, 1947 const uint8_t *input, 1948 size_t input_length ) 1949 { 1950 switch( operation->id ) 1951 { 1952 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 1953 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1954 return( mbedtls_psa_aead_update_ad( &operation->ctx.mbedtls_ctx, 1955 input, 1956 input_length ) ); 1957 1958 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 1959 1960 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1961 #if defined(PSA_CRYPTO_DRIVER_TEST) 1962 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 1963 return( mbedtls_test_transparent_aead_update_ad( 1964 &operation->ctx.transparent_test_driver_ctx, 1965 input, input_length ) ); 1966 1967 /* Add cases for opaque driver here */ 1968 1969 #endif /* PSA_CRYPTO_DRIVER_TEST */ 1970 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 1971 } 1972 1973 (void)input; 1974 (void)input_length; 1975 1976 return( PSA_ERROR_INVALID_ARGUMENT ); 1977 } 1978 1979 static inline psa_status_t psa_driver_wrapper_aead_update( 1980 psa_aead_operation_t *operation, 1981 const uint8_t *input, 1982 size_t input_length, 1983 uint8_t *output, 1984 size_t output_size, 1985 size_t *output_length ) 1986 { 1987 switch( operation->id ) 1988 { 1989 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 1990 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 1991 return( mbedtls_psa_aead_update( &operation->ctx.mbedtls_ctx, 1992 input, input_length, 1993 output, output_size, 1994 output_length ) ); 1995 1996 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 1997 1998 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 1999 #if defined(PSA_CRYPTO_DRIVER_TEST) 2000 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2001 return( mbedtls_test_transparent_aead_update( 2002 &operation->ctx.transparent_test_driver_ctx, 2003 input, input_length, output, output_size, 2004 output_length ) ); 2005 2006 /* Add cases for opaque driver here */ 2007 2008 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2009 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2010 } 2011 2012 (void)input; 2013 (void)input_length; 2014 (void)output; 2015 (void)output_size; 2016 (void)output_length; 2017 2018 return( PSA_ERROR_INVALID_ARGUMENT ); 2019 } 2020 2021 static inline psa_status_t psa_driver_wrapper_aead_finish( 2022 psa_aead_operation_t *operation, 2023 uint8_t *ciphertext, 2024 size_t ciphertext_size, 2025 size_t *ciphertext_length, 2026 uint8_t *tag, 2027 size_t tag_size, 2028 size_t *tag_length ) 2029 { 2030 switch( operation->id ) 2031 { 2032 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 2033 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2034 return( mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx, 2035 ciphertext, 2036 ciphertext_size, 2037 ciphertext_length, tag, 2038 tag_size, tag_length ) ); 2039 2040 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 2041 2042 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2043 #if defined(PSA_CRYPTO_DRIVER_TEST) 2044 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2045 return( mbedtls_test_transparent_aead_finish( 2046 &operation->ctx.transparent_test_driver_ctx, 2047 ciphertext, ciphertext_size, 2048 ciphertext_length, tag, tag_size, tag_length ) ); 2049 2050 /* Add cases for opaque driver here */ 2051 2052 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2053 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2054 } 2055 2056 (void)ciphertext; 2057 (void)ciphertext_size; 2058 (void)ciphertext_length; 2059 (void)tag; 2060 (void)tag_size; 2061 (void)tag_length; 2062 2063 return( PSA_ERROR_INVALID_ARGUMENT ); 2064 } 2065 2066 static inline psa_status_t psa_driver_wrapper_aead_verify( 2067 psa_aead_operation_t *operation, 2068 uint8_t *plaintext, 2069 size_t plaintext_size, 2070 size_t *plaintext_length, 2071 const uint8_t *tag, 2072 size_t tag_length ) 2073 { 2074 switch( operation->id ) 2075 { 2076 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 2077 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2078 { 2079 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2080 uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE]; 2081 size_t check_tag_length; 2082 2083 status = mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx, 2084 plaintext, 2085 plaintext_size, 2086 plaintext_length, 2087 check_tag, 2088 sizeof( check_tag ), 2089 &check_tag_length ); 2090 2091 if( status == PSA_SUCCESS ) 2092 { 2093 if( tag_length != check_tag_length || 2094 mbedtls_ct_memcmp( tag, check_tag, tag_length ) 2095 != 0 ) 2096 status = PSA_ERROR_INVALID_SIGNATURE; 2097 } 2098 2099 mbedtls_platform_zeroize( check_tag, sizeof( check_tag ) ); 2100 2101 return( status ); 2102 } 2103 2104 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 2105 2106 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2107 #if defined(PSA_CRYPTO_DRIVER_TEST) 2108 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2109 return( mbedtls_test_transparent_aead_verify( 2110 &operation->ctx.transparent_test_driver_ctx, 2111 plaintext, plaintext_size, 2112 plaintext_length, tag, tag_length ) ); 2113 2114 /* Add cases for opaque driver here */ 2115 2116 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2117 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2118 } 2119 2120 (void)plaintext; 2121 (void)plaintext_size; 2122 (void)plaintext_length; 2123 (void)tag; 2124 (void)tag_length; 2125 2126 return( PSA_ERROR_INVALID_ARGUMENT ); 2127 } 2128 2129 static inline psa_status_t psa_driver_wrapper_aead_abort( 2130 psa_aead_operation_t *operation ) 2131 { 2132 switch( operation->id ) 2133 { 2134 #if defined(MBEDTLS_PSA_BUILTIN_AEAD) 2135 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2136 return( mbedtls_psa_aead_abort( &operation->ctx.mbedtls_ctx ) ); 2137 2138 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */ 2139 2140 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2141 #if defined(PSA_CRYPTO_DRIVER_TEST) 2142 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2143 return( mbedtls_test_transparent_aead_abort( 2144 &operation->ctx.transparent_test_driver_ctx ) ); 2145 2146 /* Add cases for opaque driver here */ 2147 2148 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2149 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2150 } 2151 2152 return( PSA_ERROR_INVALID_ARGUMENT ); 2153 } 2154 2155 /* 2156 * MAC functions 2157 */ 2158 static inline psa_status_t psa_driver_wrapper_mac_compute( 2159 const psa_key_attributes_t *attributes, 2160 const uint8_t *key_buffer, 2161 size_t key_buffer_size, 2162 psa_algorithm_t alg, 2163 const uint8_t *input, 2164 size_t input_length, 2165 uint8_t *mac, 2166 size_t mac_size, 2167 size_t *mac_length ) 2168 { 2169 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2170 psa_key_location_t location = 2171 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2172 2173 switch( location ) 2174 { 2175 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2176 /* Key is stored in the slot in export representation, so 2177 * cycle through all known transparent accelerators */ 2178 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2179 #if defined(PSA_CRYPTO_DRIVER_TEST) 2180 status = mbedtls_test_transparent_mac_compute( 2181 attributes, key_buffer, key_buffer_size, alg, 2182 input, input_length, 2183 mac, mac_size, mac_length ); 2184 /* Declared with fallback == true */ 2185 if( status != PSA_ERROR_NOT_SUPPORTED ) 2186 return( status ); 2187 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2188 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2189 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2190 /* Fell through, meaning no accelerator supports this operation */ 2191 status = mbedtls_psa_mac_compute( 2192 attributes, key_buffer, key_buffer_size, alg, 2193 input, input_length, 2194 mac, mac_size, mac_length ); 2195 if( status != PSA_ERROR_NOT_SUPPORTED ) 2196 return( status ); 2197 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2198 return( PSA_ERROR_NOT_SUPPORTED ); 2199 2200 /* Add cases for opaque driver here */ 2201 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2202 #if defined(PSA_CRYPTO_DRIVER_TEST) 2203 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2204 status = mbedtls_test_opaque_mac_compute( 2205 attributes, key_buffer, key_buffer_size, alg, 2206 input, input_length, 2207 mac, mac_size, mac_length ); 2208 return( status ); 2209 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2210 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2211 default: 2212 /* Key is declared with a lifetime not known to us */ 2213 (void) key_buffer; 2214 (void) key_buffer_size; 2215 (void) alg; 2216 (void) input; 2217 (void) input_length; 2218 (void) mac; 2219 (void) mac_size; 2220 (void) mac_length; 2221 (void) status; 2222 return( PSA_ERROR_INVALID_ARGUMENT ); 2223 } 2224 } 2225 2226 static inline psa_status_t psa_driver_wrapper_mac_sign_setup( 2227 psa_mac_operation_t *operation, 2228 const psa_key_attributes_t *attributes, 2229 const uint8_t *key_buffer, 2230 size_t key_buffer_size, 2231 psa_algorithm_t alg ) 2232 { 2233 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2234 psa_key_location_t location = 2235 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2236 2237 switch( location ) 2238 { 2239 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2240 /* Key is stored in the slot in export representation, so 2241 * cycle through all known transparent accelerators */ 2242 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2243 #if defined(PSA_CRYPTO_DRIVER_TEST) 2244 status = mbedtls_test_transparent_mac_sign_setup( 2245 &operation->ctx.transparent_test_driver_ctx, 2246 attributes, 2247 key_buffer, key_buffer_size, 2248 alg ); 2249 /* Declared with fallback == true */ 2250 if( status == PSA_SUCCESS ) 2251 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 2252 2253 if( status != PSA_ERROR_NOT_SUPPORTED ) 2254 return( status ); 2255 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2256 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2257 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2258 /* Fell through, meaning no accelerator supports this operation */ 2259 status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx, 2260 attributes, 2261 key_buffer, key_buffer_size, 2262 alg ); 2263 if( status == PSA_SUCCESS ) 2264 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 2265 2266 if( status != PSA_ERROR_NOT_SUPPORTED ) 2267 return( status ); 2268 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2269 return( PSA_ERROR_NOT_SUPPORTED ); 2270 2271 /* Add cases for opaque driver here */ 2272 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2273 #if defined(PSA_CRYPTO_DRIVER_TEST) 2274 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2275 status = mbedtls_test_opaque_mac_sign_setup( 2276 &operation->ctx.opaque_test_driver_ctx, 2277 attributes, 2278 key_buffer, key_buffer_size, 2279 alg ); 2280 2281 if( status == PSA_SUCCESS ) 2282 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 2283 2284 return( status ); 2285 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2286 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2287 default: 2288 /* Key is declared with a lifetime not known to us */ 2289 (void) status; 2290 (void) operation; 2291 (void) key_buffer; 2292 (void) key_buffer_size; 2293 (void) alg; 2294 return( PSA_ERROR_INVALID_ARGUMENT ); 2295 } 2296 } 2297 2298 static inline psa_status_t psa_driver_wrapper_mac_verify_setup( 2299 psa_mac_operation_t *operation, 2300 const psa_key_attributes_t *attributes, 2301 const uint8_t *key_buffer, 2302 size_t key_buffer_size, 2303 psa_algorithm_t alg ) 2304 { 2305 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2306 psa_key_location_t location = 2307 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2308 2309 switch( location ) 2310 { 2311 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2312 /* Key is stored in the slot in export representation, so 2313 * cycle through all known transparent accelerators */ 2314 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2315 #if defined(PSA_CRYPTO_DRIVER_TEST) 2316 status = mbedtls_test_transparent_mac_verify_setup( 2317 &operation->ctx.transparent_test_driver_ctx, 2318 attributes, 2319 key_buffer, key_buffer_size, 2320 alg ); 2321 /* Declared with fallback == true */ 2322 if( status == PSA_SUCCESS ) 2323 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 2324 2325 if( status != PSA_ERROR_NOT_SUPPORTED ) 2326 return( status ); 2327 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2328 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2329 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2330 /* Fell through, meaning no accelerator supports this operation */ 2331 status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx, 2332 attributes, 2333 key_buffer, key_buffer_size, 2334 alg ); 2335 if( status == PSA_SUCCESS ) 2336 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 2337 2338 if( status != PSA_ERROR_NOT_SUPPORTED ) 2339 return( status ); 2340 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2341 return( PSA_ERROR_NOT_SUPPORTED ); 2342 2343 /* Add cases for opaque driver here */ 2344 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2345 #if defined(PSA_CRYPTO_DRIVER_TEST) 2346 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2347 status = mbedtls_test_opaque_mac_verify_setup( 2348 &operation->ctx.opaque_test_driver_ctx, 2349 attributes, 2350 key_buffer, key_buffer_size, 2351 alg ); 2352 2353 if( status == PSA_SUCCESS ) 2354 operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID; 2355 2356 return( status ); 2357 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2358 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2359 default: 2360 /* Key is declared with a lifetime not known to us */ 2361 (void) status; 2362 (void) operation; 2363 (void) key_buffer; 2364 (void) key_buffer_size; 2365 (void) alg; 2366 return( PSA_ERROR_INVALID_ARGUMENT ); 2367 } 2368 } 2369 2370 static inline psa_status_t psa_driver_wrapper_mac_update( 2371 psa_mac_operation_t *operation, 2372 const uint8_t *input, 2373 size_t input_length ) 2374 { 2375 switch( operation->id ) 2376 { 2377 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2378 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2379 return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx, 2380 input, input_length ) ); 2381 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2382 2383 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2384 #if defined(PSA_CRYPTO_DRIVER_TEST) 2385 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2386 return( mbedtls_test_transparent_mac_update( 2387 &operation->ctx.transparent_test_driver_ctx, 2388 input, input_length ) ); 2389 2390 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2391 return( mbedtls_test_opaque_mac_update( 2392 &operation->ctx.opaque_test_driver_ctx, 2393 input, input_length ) ); 2394 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2395 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2396 default: 2397 (void) input; 2398 (void) input_length; 2399 return( PSA_ERROR_INVALID_ARGUMENT ); 2400 } 2401 } 2402 2403 static inline psa_status_t psa_driver_wrapper_mac_sign_finish( 2404 psa_mac_operation_t *operation, 2405 uint8_t *mac, 2406 size_t mac_size, 2407 size_t *mac_length ) 2408 { 2409 switch( operation->id ) 2410 { 2411 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2412 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2413 return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx, 2414 mac, mac_size, mac_length ) ); 2415 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2416 2417 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2418 #if defined(PSA_CRYPTO_DRIVER_TEST) 2419 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2420 return( mbedtls_test_transparent_mac_sign_finish( 2421 &operation->ctx.transparent_test_driver_ctx, 2422 mac, mac_size, mac_length ) ); 2423 2424 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2425 return( mbedtls_test_opaque_mac_sign_finish( 2426 &operation->ctx.opaque_test_driver_ctx, 2427 mac, mac_size, mac_length ) ); 2428 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2429 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2430 default: 2431 (void) mac; 2432 (void) mac_size; 2433 (void) mac_length; 2434 return( PSA_ERROR_INVALID_ARGUMENT ); 2435 } 2436 } 2437 2438 static inline psa_status_t psa_driver_wrapper_mac_verify_finish( 2439 psa_mac_operation_t *operation, 2440 const uint8_t *mac, 2441 size_t mac_length ) 2442 { 2443 switch( operation->id ) 2444 { 2445 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2446 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2447 return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx, 2448 mac, mac_length ) ); 2449 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2450 2451 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2452 #if defined(PSA_CRYPTO_DRIVER_TEST) 2453 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2454 return( mbedtls_test_transparent_mac_verify_finish( 2455 &operation->ctx.transparent_test_driver_ctx, 2456 mac, mac_length ) ); 2457 2458 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2459 return( mbedtls_test_opaque_mac_verify_finish( 2460 &operation->ctx.opaque_test_driver_ctx, 2461 mac, mac_length ) ); 2462 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2463 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2464 default: 2465 (void) mac; 2466 (void) mac_length; 2467 return( PSA_ERROR_INVALID_ARGUMENT ); 2468 } 2469 } 2470 2471 static inline psa_status_t psa_driver_wrapper_mac_abort( 2472 psa_mac_operation_t *operation ) 2473 { 2474 switch( operation->id ) 2475 { 2476 #if defined(MBEDTLS_PSA_BUILTIN_MAC) 2477 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2478 return( mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ) ); 2479 #endif /* MBEDTLS_PSA_BUILTIN_MAC */ 2480 2481 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2482 #if defined(PSA_CRYPTO_DRIVER_TEST) 2483 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2484 return( mbedtls_test_transparent_mac_abort( 2485 &operation->ctx.transparent_test_driver_ctx ) ); 2486 case MBEDTLS_TEST_OPAQUE_DRIVER_ID: 2487 return( mbedtls_test_opaque_mac_abort( 2488 &operation->ctx.opaque_test_driver_ctx ) ); 2489 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2490 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2491 default: 2492 return( PSA_ERROR_INVALID_ARGUMENT ); 2493 } 2494 } 2495 2496 /* 2497 * Asymmetric cryptography 2498 */ 2499 static inline psa_status_t psa_driver_wrapper_asymmetric_encrypt( 2500 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 2501 size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, 2502 size_t input_length, const uint8_t *salt, size_t salt_length, 2503 uint8_t *output, size_t output_size, size_t *output_length ) 2504 { 2505 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2506 psa_key_location_t location = 2507 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2508 2509 switch( location ) 2510 { 2511 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2512 /* Key is stored in the slot in export representation, so 2513 * cycle through all known transparent accelerators */ 2514 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2515 #if defined(PSA_CRYPTO_DRIVER_TEST) 2516 status = mbedtls_test_transparent_asymmetric_encrypt( attributes, 2517 key_buffer, key_buffer_size, alg, input, input_length, 2518 salt, salt_length, output, output_size, 2519 output_length ); 2520 /* Declared with fallback == true */ 2521 if( status != PSA_ERROR_NOT_SUPPORTED ) 2522 return( status ); 2523 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2524 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2525 return( mbedtls_psa_asymmetric_encrypt( attributes, 2526 key_buffer, key_buffer_size, alg, input, input_length, 2527 salt, salt_length, output, output_size, output_length ) 2528 ); 2529 /* Add cases for opaque driver here */ 2530 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2531 #if defined(PSA_CRYPTO_DRIVER_TEST) 2532 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2533 return( mbedtls_test_opaque_asymmetric_encrypt( attributes, 2534 key_buffer, key_buffer_size, alg, input, input_length, 2535 salt, salt_length, output, output_size, output_length ) 2536 ); 2537 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2538 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2539 2540 default: 2541 /* Key is declared with a lifetime not known to us */ 2542 (void)status; 2543 (void)key_buffer; 2544 (void)key_buffer_size; 2545 (void)alg; 2546 (void)input; 2547 (void)input_length; 2548 (void)salt; 2549 (void)salt_length; 2550 (void)output; 2551 (void)output_size; 2552 (void)output_length; 2553 return( PSA_ERROR_INVALID_ARGUMENT ); 2554 } 2555 } 2556 2557 static inline psa_status_t psa_driver_wrapper_asymmetric_decrypt( 2558 const psa_key_attributes_t *attributes, const uint8_t *key_buffer, 2559 size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, 2560 size_t input_length, const uint8_t *salt, size_t salt_length, 2561 uint8_t *output, size_t output_size, size_t *output_length ) 2562 { 2563 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2564 psa_key_location_t location = 2565 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2566 2567 switch( location ) 2568 { 2569 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2570 /* Key is stored in the slot in export representation, so 2571 * cycle through all known transparent accelerators */ 2572 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2573 #if defined(PSA_CRYPTO_DRIVER_TEST) 2574 status = mbedtls_test_transparent_asymmetric_decrypt( attributes, 2575 key_buffer, key_buffer_size, alg, input, input_length, 2576 salt, salt_length, output, output_size, 2577 output_length ); 2578 /* Declared with fallback == true */ 2579 if( status != PSA_ERROR_NOT_SUPPORTED ) 2580 return( status ); 2581 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2582 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2583 return( mbedtls_psa_asymmetric_decrypt( attributes, 2584 key_buffer, key_buffer_size, alg,input, input_length, 2585 salt, salt_length, output, output_size, 2586 output_length ) ); 2587 /* Add cases for opaque driver here */ 2588 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2589 #if defined(PSA_CRYPTO_DRIVER_TEST) 2590 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2591 return( mbedtls_test_opaque_asymmetric_decrypt( attributes, 2592 key_buffer, key_buffer_size, alg, input, input_length, 2593 salt, salt_length, output, output_size, 2594 output_length ) ); 2595 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2596 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2597 2598 default: 2599 /* Key is declared with a lifetime not known to us */ 2600 (void)status; 2601 (void)key_buffer; 2602 (void)key_buffer_size; 2603 (void)alg; 2604 (void)input; 2605 (void)input_length; 2606 (void)salt; 2607 (void)salt_length; 2608 (void)output; 2609 (void)output_size; 2610 (void)output_length; 2611 return( PSA_ERROR_INVALID_ARGUMENT ); 2612 } 2613 } 2614 2615 static inline psa_status_t psa_driver_wrapper_key_agreement( 2616 const psa_key_attributes_t *attributes, 2617 const uint8_t *key_buffer, 2618 size_t key_buffer_size, 2619 psa_algorithm_t alg, 2620 const uint8_t *peer_key, 2621 size_t peer_key_length, 2622 uint8_t *shared_secret, 2623 size_t shared_secret_size, 2624 size_t *shared_secret_length 2625 ) 2626 { 2627 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2628 psa_key_location_t location = 2629 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime(attributes) ); 2630 2631 switch( location ) 2632 { 2633 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2634 /* Key is stored in the slot in export representation, so 2635 * cycle through all known transparent accelerators */ 2636 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2637 #if defined(PSA_CRYPTO_DRIVER_TEST) 2638 status = 2639 mbedtls_test_transparent_key_agreement( attributes, 2640 key_buffer, key_buffer_size, alg, peer_key, 2641 peer_key_length, shared_secret, shared_secret_size, 2642 shared_secret_length ); 2643 if( status != PSA_ERROR_NOT_SUPPORTED ) 2644 return( status ); 2645 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2646 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) 2647 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type(attributes) ) && 2648 PSA_ALG_IS_ECDH(alg) && 2649 PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(attributes)) == PSA_ECC_FAMILY_SECP_R1 && 2650 psa_get_key_bits(attributes) == 256 ) 2651 { 2652 status = p256_transparent_key_agreement( attributes, 2653 key_buffer, 2654 key_buffer_size, 2655 alg, 2656 peer_key, 2657 peer_key_length, 2658 shared_secret, 2659 shared_secret_size, 2660 shared_secret_length ); 2661 if( status != PSA_ERROR_NOT_SUPPORTED) 2662 return( status ); 2663 } 2664 #endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 2665 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2666 2667 /* Software Fallback */ 2668 status = psa_key_agreement_raw_builtin( attributes, 2669 key_buffer, 2670 key_buffer_size, 2671 alg, 2672 peer_key, 2673 peer_key_length, 2674 shared_secret, 2675 shared_secret_size, 2676 shared_secret_length ); 2677 return( status ); 2678 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2679 #if defined(PSA_CRYPTO_DRIVER_TEST) 2680 case PSA_CRYPTO_TEST_DRIVER_LOCATION: 2681 return( mbedtls_test_opaque_key_agreement( attributes, 2682 key_buffer, key_buffer_size, alg, peer_key, 2683 peer_key_length, shared_secret, shared_secret_size, 2684 shared_secret_length ) ); 2685 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2686 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2687 2688 default: 2689 (void) attributes; 2690 (void) key_buffer; 2691 (void) key_buffer_size; 2692 (void) peer_key; 2693 (void) peer_key_length; 2694 (void) shared_secret; 2695 (void) shared_secret_size; 2696 (void) shared_secret_length; 2697 return( PSA_ERROR_NOT_SUPPORTED ); 2698 2699 } 2700 } 2701 2702 static inline psa_status_t psa_driver_wrapper_pake_setup( 2703 psa_pake_operation_t *operation, 2704 const psa_crypto_driver_pake_inputs_t *inputs ) 2705 { 2706 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 2707 2708 psa_key_location_t location = 2709 PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( &inputs->attributes ) ); 2710 2711 switch( location ) 2712 { 2713 case PSA_KEY_LOCATION_LOCAL_STORAGE: 2714 /* Key is stored in the slot in export representation, so 2715 * cycle through all known transparent accelerators */ 2716 status = PSA_ERROR_NOT_SUPPORTED; 2717 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2718 #if defined(PSA_CRYPTO_DRIVER_TEST) 2719 status = mbedtls_test_transparent_pake_setup( 2720 &operation->data.ctx.transparent_test_driver_ctx, 2721 inputs ); 2722 if( status == PSA_SUCCESS ) 2723 operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; 2724 /* Declared with fallback == true */ 2725 if( status != PSA_ERROR_NOT_SUPPORTED ) 2726 return( status ); 2727 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2728 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2729 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2730 status = mbedtls_psa_pake_setup( &operation->data.ctx.mbedtls_ctx, 2731 inputs ); 2732 if( status == PSA_SUCCESS ) 2733 operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; 2734 #endif 2735 return status; 2736 /* Add cases for opaque driver here */ 2737 default: 2738 /* Key is declared with a lifetime not known to us */ 2739 (void)operation; 2740 return( PSA_ERROR_INVALID_ARGUMENT ); 2741 } 2742 } 2743 2744 static inline psa_status_t psa_driver_wrapper_pake_output( 2745 psa_pake_operation_t *operation, 2746 psa_crypto_driver_pake_step_t step, 2747 uint8_t *output, 2748 size_t output_size, 2749 size_t *output_length ) 2750 { 2751 switch( operation->id ) 2752 { 2753 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2754 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2755 return( mbedtls_psa_pake_output( &operation->data.ctx.mbedtls_ctx, step, 2756 output, output_size, output_length ) ); 2757 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2758 2759 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2760 #if defined(PSA_CRYPTO_DRIVER_TEST) 2761 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2762 return( mbedtls_test_transparent_pake_output( 2763 &operation->data.ctx.transparent_test_driver_ctx, 2764 step, output, output_size, output_length ) ); 2765 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2766 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2767 default: 2768 (void) step; 2769 (void) output; 2770 (void) output_size; 2771 (void) output_length; 2772 return( PSA_ERROR_INVALID_ARGUMENT ); 2773 } 2774 } 2775 2776 static inline psa_status_t psa_driver_wrapper_pake_input( 2777 psa_pake_operation_t *operation, 2778 psa_crypto_driver_pake_step_t step, 2779 const uint8_t *input, 2780 size_t input_length ) 2781 { 2782 switch( operation->id ) 2783 { 2784 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2785 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2786 return( mbedtls_psa_pake_input( &operation->data.ctx.mbedtls_ctx, 2787 step, input, 2788 input_length ) ); 2789 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2790 2791 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2792 #if defined(PSA_CRYPTO_DRIVER_TEST) 2793 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2794 return( mbedtls_test_transparent_pake_input( 2795 &operation->data.ctx.transparent_test_driver_ctx, 2796 step, 2797 input, input_length ) ); 2798 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2799 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2800 default: 2801 (void) step; 2802 (void) input; 2803 (void) input_length; 2804 return( PSA_ERROR_INVALID_ARGUMENT ); 2805 } 2806 } 2807 2808 static inline psa_status_t psa_driver_wrapper_pake_get_implicit_key( 2809 psa_pake_operation_t *operation, 2810 uint8_t *output, size_t output_size, 2811 size_t *output_length ) 2812 { 2813 switch( operation->id ) 2814 { 2815 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2816 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2817 return( mbedtls_psa_pake_get_implicit_key( &operation->data.ctx.mbedtls_ctx, 2818 output, output_size, output_length ) ); 2819 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2820 2821 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2822 #if defined(PSA_CRYPTO_DRIVER_TEST) 2823 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2824 return( mbedtls_test_transparent_pake_get_implicit_key( 2825 &operation->data.ctx.transparent_test_driver_ctx, 2826 output, output_size, output_length ) ); 2827 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2828 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2829 default: 2830 (void) output; 2831 (void) output_size; 2832 (void) output_length; 2833 return( PSA_ERROR_INVALID_ARGUMENT ); 2834 } 2835 } 2836 2837 static inline psa_status_t psa_driver_wrapper_pake_abort( 2838 psa_pake_operation_t * operation ) 2839 { 2840 switch( operation->id ) 2841 { 2842 #if defined(MBEDTLS_PSA_BUILTIN_PAKE) 2843 case PSA_CRYPTO_MBED_TLS_DRIVER_ID: 2844 return( mbedtls_psa_pake_abort( &operation->data.ctx.mbedtls_ctx ) ); 2845 #endif /* MBEDTLS_PSA_BUILTIN_PAKE */ 2846 2847 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 2848 #if defined(PSA_CRYPTO_DRIVER_TEST) 2849 case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: 2850 return( mbedtls_test_transparent_pake_abort( 2851 &operation->data.ctx.transparent_test_driver_ctx ) ); 2852 #endif /* PSA_CRYPTO_DRIVER_TEST */ 2853 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 2854 default: 2855 return( PSA_ERROR_INVALID_ARGUMENT ); 2856 } 2857 } 2858 2859 #endif /* MBEDTLS_PSA_CRYPTO_C */