4  * SPDX-License-Identifier: Apache-2.0
21  * application keys (2 real keys per 1 configured) and device key + device key candidate.
35 	"BLE Mesh PSA key id range overlaps maximum allowed boundary.");
38 	"MAC length should be 16 bytes for 128-bits key for CMAC-AES");
41 	"MAC length should be 32 bytes for 256-bits key for HMAC-SHA");
51 int bt_mesh_crypto_init(void)  in bt_mesh_crypto_init()
54 		return -EIO;  in bt_mesh_crypto_init()
60 int bt_mesh_encrypt(const struct bt_mesh_key *key, const uint8_t plaintext[16],  in bt_mesh_encrypt()  argument
65 	int err = 0;  in bt_mesh_encrypt()
67 	status = psa_cipher_encrypt(key->key, PSA_ALG_ECB_NO_PADDING,  in bt_mesh_encrypt()
73 		err = -EIO;  in bt_mesh_encrypt()
79 int bt_mesh_ccm_encrypt(const struct bt_mesh_key *key, uint8_t nonce[13],  in bt_mesh_ccm_encrypt()  argument
85 	int err = 0;  in bt_mesh_ccm_encrypt()
88 	status = psa_aead_encrypt(key->key, alg,  in bt_mesh_ccm_encrypt()
96 		err = -EIO;  in bt_mesh_ccm_encrypt()
102 int bt_mesh_ccm_decrypt(const struct bt_mesh_key *key, uint8_t nonce[13],  in bt_mesh_ccm_decrypt()  argument
108 	int err = 0;  in bt_mesh_ccm_decrypt()
111 	status = psa_aead_decrypt(key->key, alg,  in bt_mesh_ccm_decrypt()
119 		err = -EIO;  in bt_mesh_ccm_decrypt()
125 int bt_mesh_aes_cmac_mesh_key(const struct bt_mesh_key *key, struct bt_mesh_sg *sg,  in bt_mesh_aes_cmac_mesh_key()  argument
132 	status = psa_mac_sign_setup(&operation, key->key, alg);  in bt_mesh_aes_cmac_mesh_key()
134 		return -EIO;  in bt_mesh_aes_cmac_mesh_key()
137 	for (; sg_len; sg_len--, sg++) {  in bt_mesh_aes_cmac_mesh_key()
138 		status = psa_mac_update(&operation, sg->data, sg->len);  in bt_mesh_aes_cmac_mesh_key()
141 			return -EIO;  in bt_mesh_aes_cmac_mesh_key()
149 		return -EIO;  in bt_mesh_aes_cmac_mesh_key()
153 		return -ERANGE;  in bt_mesh_aes_cmac_mesh_key()
159 int bt_mesh_aes_cmac_raw_key(const uint8_t key[16], struct bt_mesh_sg *sg,  in bt_mesh_aes_cmac_raw_key()
163 	int err;  in bt_mesh_aes_cmac_raw_key()
165 	err = bt_mesh_key_import(BT_MESH_KEY_TYPE_CMAC, key, &key_id);  in bt_mesh_aes_cmac_raw_key()
172 	psa_destroy_key(key_id.key);  in bt_mesh_aes_cmac_raw_key()
177 int bt_mesh_sha256_hmac_raw_key(const uint8_t key[32], struct bt_mesh_sg *sg, size_t sg_len,  in bt_mesh_sha256_hmac_raw_key()
187 	int err = 0;  in bt_mesh_sha256_hmac_raw_key()
189 	/* Import a key */  in bt_mesh_sha256_hmac_raw_key()
196 	status = psa_import_key(&attributes, key, 32, &key_id);  in bt_mesh_sha256_hmac_raw_key()
198 		err = -EIO;  in bt_mesh_sha256_hmac_raw_key()
206 		err = -EIO;  in bt_mesh_sha256_hmac_raw_key()
210 	for (; sg_len; sg_len--, sg++) {  in bt_mesh_sha256_hmac_raw_key()
211 		status = psa_mac_update(&operation, sg->data, sg->len);  in bt_mesh_sha256_hmac_raw_key()
214 			err = -EIO;  in bt_mesh_sha256_hmac_raw_key()
223 		err = -EIO;  in bt_mesh_sha256_hmac_raw_key()
228 		err = -ERANGE;  in bt_mesh_sha256_hmac_raw_key()
232 	/* Destroy the key */  in bt_mesh_sha256_hmac_raw_key()
238 int bt_mesh_pub_key_gen(void)  in bt_mesh_pub_key_gen()
242 	int err = 0;  in bt_mesh_pub_key_gen()
257 	/* Generate a key pair */  in bt_mesh_pub_key_gen()
260 		err = -EIO;  in bt_mesh_pub_key_gen()
267 		err = -EIO;  in bt_mesh_pub_key_gen()
272 		err = -ERANGE;  in bt_mesh_pub_key_gen()
291 	"Diffie-Hellman shared secret size should be the same in PSA and BLE Mesh");
294 	"Exported PSA public key should be 1 byte larger than BLE Mesh public key");
296 int bt_mesh_dhkey_gen(const uint8_t *pub_key, const uint8_t *priv_key, uint8_t *dhkey)  in bt_mesh_dhkey_gen()
298 	int err = 0;  in bt_mesh_dhkey_gen()
307 		/* Import a custom private key */  in bt_mesh_dhkey_gen()
316 			err = -EIO;  in bt_mesh_dhkey_gen()
325 	/* For elliptic curve key pairs for Weierstrass curve families (PSA_ECC_FAMILY_SECP_R1)  in bt_mesh_dhkey_gen()
326 	 *  the representations of public key is:  in bt_mesh_dhkey_gen()
327 	 *  - The byte 0x04;  in bt_mesh_dhkey_gen()
328 	 *  - x_P as a ceiling(m/8)-byte string, big-endian;  in bt_mesh_dhkey_gen()
329 	 *  - y_P as a ceiling(m/8)-byte string, big-endian.  in bt_mesh_dhkey_gen()
338 		err = -EIO;  in bt_mesh_dhkey_gen()
343 		err = -ERANGE;  in bt_mesh_dhkey_gen()
357 	for (int i = 0; i < BT_MESH_KEY_ID_RANGE_SIZE; i++) {  in bt_mesh_user_keyid_alloc()
367 __weak int bt_mesh_user_keyid_free(psa_key_id_t key_id)  in bt_mesh_user_keyid_free()
370 			BT_MESH_PSA_KEY_ID_USER_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {  in bt_mesh_user_keyid_free()
371 		atomic_clear_bit(pst_keys, key_id - BT_MESH_PSA_KEY_ID_USER_MIN);  in bt_mesh_user_keyid_free()
375 	return -EIO;  in bt_mesh_user_keyid_free()
381 				BT_MESH_PSA_KEY_ID_USER_MIN + BT_MESH_KEY_ID_RANGE_SIZE - 1)) {  in bt_mesh_user_keyid_assign()
382 		atomic_set_bit(pst_keys, key_id - BT_MESH_PSA_KEY_ID_USER_MIN);  in bt_mesh_user_keyid_assign()
386 int bt_mesh_key_import(enum bt_mesh_key_type type, const uint8_t in[16], struct bt_mesh_key *out)  in bt_mesh_key_import()
391 	int err = 0;  in bt_mesh_key_import()
417 				return -ENOMEM;  in bt_mesh_key_import()
433 				return -ENOMEM;  in bt_mesh_key_import()
447 		return -EIO;  in bt_mesh_key_import()
453 	status = psa_import_key(&key_attributes, in, 16, &out->key);  in bt_mesh_key_import()
455 		status == PSA_ERROR_ALREADY_EXISTS ? -EALREADY : -EIO;  in bt_mesh_key_import()
466 int bt_mesh_key_export(uint8_t out[16], const struct bt_mesh_key *in)  in bt_mesh_key_export()
470 	if (psa_export_key(in->key, out, 16, &data_length) != PSA_SUCCESS) {  in bt_mesh_key_export()
471 		return -EIO;  in bt_mesh_key_export()
475 		return -EIO;  in bt_mesh_key_export()
485 		bt_mesh_user_keyid_assign(dst->key);  in bt_mesh_key_assign()
489 int bt_mesh_key_destroy(const struct bt_mesh_key *key)  in bt_mesh_key_destroy()  argument
491 	if (psa_destroy_key(key->key) != PSA_SUCCESS) {  in bt_mesh_key_destroy()
492 		return -EIO;  in bt_mesh_key_destroy()
496 		return bt_mesh_user_keyid_free(key->key);  in bt_mesh_key_destroy()
502 int bt_mesh_key_compare(const uint8_t raw_key[16], const struct bt_mesh_key *key)  in bt_mesh_key_compare()  argument
505 	int err;  in bt_mesh_key_compare()
507 	err = bt_mesh_key_export(out, key);  in bt_mesh_key_compare()
515 __weak int bt_rand(void *buf, size_t len)  in bt_rand()
518 		return -EINVAL;  in bt_rand()
521 	return psa_generate_random(buf, len) == PSA_SUCCESS ? 0 : -EIO;  in bt_rand()