cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

psa: Call cipher setup implementation as a driver

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2020-12-14 18:08:20 +01:00
parent a4af55f14f
commit 0b80559827
2 changed files with 29 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
library/psa_crypto.c
View File

@ -3443,22 +3443,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
operation->alg = alg; operation->alg = alg;
} }
if( status != PSA_ERROR_NOT_SUPPORTED ||
psa_key_lifetime_is_external( slot->attr.lifetime ) )
goto exit;
/* Try doing the operation through a driver before using software fallback. */
if( cipher_operation == MBEDTLS_ENCRYPT )
status = mbedtls_psa_cipher_encrypt_setup( operation, &attributes,
slot->key.data,
slot->key.bytes,
alg );
else
status = mbedtls_psa_cipher_decrypt_setup( operation, &attributes,
slot->key.data,
slot->key.bytes,
alg );
exit: exit:
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
{ {

54
library/psa_crypto_driver_wrappers.c
View File

@ -19,6 +19,7 @@
* limitations under the License. * limitations under the License.
*/ */
#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h" #include "psa_crypto_core.h"
#include "psa_crypto_driver_wrappers.h" #include "psa_crypto_driver_wrappers.h"
#include "psa_crypto_hash.h" #include "psa_crypto_hash.h"
@ -715,8 +716,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
psa_key_location_t location = psa_key_location_t location =
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
void *driver_ctx = NULL; void *driver_ctx = NULL;
@ -726,6 +726,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
case PSA_KEY_LOCATION_LOCAL_STORAGE: case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so /* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */ * cycle through all known transparent accelerators */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
driver_ctx = mbedtls_calloc( 1, driver_ctx = mbedtls_calloc( 1,
sizeof( test_transparent_cipher_operation_t ) ); sizeof( test_transparent_cipher_operation_t ) );
@ -751,11 +752,19 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
mbedtls_free( driver_ctx ); mbedtls_free( driver_ctx );
} }
return( status ); if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */ /* Fell through, meaning no accelerator supports this operation */
return( PSA_ERROR_NOT_SUPPORTED ); return( mbedtls_psa_cipher_encrypt_setup( operation,
attributes,
key_buffer,
key_buffer_size,
alg ) );
/* Add cases for opaque driver here */ /* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LIFETIME: case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
driver_ctx = driver_ctx =
@ -782,19 +791,13 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
return( status ); return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default: default:
/* Key is declared with a lifetime not known to us */ /* Key is declared with a lifetime not known to us */
(void)status;
(void)driver_ctx;
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
} }
#else /* PSA_CRYPTO_DRIVER_PRESENT */
(void)operation;
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
} }
psa_status_t psa_driver_wrapper_cipher_decrypt_setup( psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
@ -803,7 +806,6 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
psa_key_location_t location = psa_key_location_t location =
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
@ -814,6 +816,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
case PSA_KEY_LOCATION_LOCAL_STORAGE: case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so /* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */ * cycle through all known transparent accelerators */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
driver_ctx = mbedtls_calloc( 1, driver_ctx = mbedtls_calloc( 1,
sizeof( test_transparent_cipher_operation_t ) ); sizeof( test_transparent_cipher_operation_t ) );
@ -839,11 +842,18 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
mbedtls_free( driver_ctx ); mbedtls_free( driver_ctx );
} }
return( status ); if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */ /* Fell through, meaning no accelerator supports this operation */
return( PSA_ERROR_NOT_SUPPORTED ); return( mbedtls_psa_cipher_decrypt_setup( operation,
attributes,
key_buffer,
key_buffer_size,
alg ) );
/* Add cases for opaque driver here */ /* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LIFETIME: case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
driver_ctx = driver_ctx =
@ -870,19 +880,13 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
return( status ); return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default: default:
/* Key is declared with a lifetime not known to us */ /* Key is declared with a lifetime not known to us */
(void)status;
(void)driver_ctx;
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
} }
#else /* PSA_CRYPTO_DRIVER_PRESENT */
(void)operation;
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
} }
psa_status_t psa_driver_wrapper_cipher_generate_iv( psa_status_t psa_driver_wrapper_cipher_generate_iv(