1 /* Copyright (c) 2024 Nordic Semiconductor
2  * SPDX-License-Identifier: Apache-2.0
3  */
4 #ifndef SECURE_STORAGE_ITS_TRANSFORM_H
5 #define SECURE_STORAGE_ITS_TRANSFORM_H
6 
7 /** @file zephyr/secure_storage/its/transform.h The secure storage ITS transform module.
8  *
9  * The functions declared in this header implement the ITS transform module.
10  * They are meant to be called only by the ITS implementation.
11  * This header may be included when providing a custom implementation of the
12  * ITS transform module (@kconfig{CONFIG_SECURE_STORAGE_ITS_TRANSFORM_IMPLEMENTATION_CUSTOM}).
13  */
14 #include <zephyr/secure_storage/its/common.h>
15 
16 /** The maximum size, in bytes, of an entry's data after it has been transformed for storage. */
17 enum { SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE
18 	= CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE
19 	  + sizeof(secure_storage_packed_create_flags_t)
20 	  + CONFIG_SECURE_STORAGE_ITS_TRANSFORM_OUTPUT_OVERHEAD };
21 
22 #define SECURE_STORAGE_ITS_TRANSFORM_DATA_SIZE(stored_data_len) \
23 	(stored_data_len - (SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE \
24 			    - CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE))
25 
26 /** @brief Transforms the data of an ITS entry for storage.
27  *
28  * @param[in]  uid             The entry's UID.
29  * @param[in]  data_len        The number of bytes in `data`.
30  * @param[in]  data            The data to transform for storage.
31  * @param[in]  create_flags    The entry's create flags. It must contain only valid
32  *                             `PSA_STORAGE_FLAG_*` values. It gets stored as part of `stored_data`.
33  * @param[out] stored_data     The buffer to which the transformed data is written.
34  * @param[out] stored_data_len On success, the number of bytes written to `stored_data`.
35  *
36  * @return `PSA_SUCCESS` on success, anything else on failure.
37  */
38 psa_status_t secure_storage_its_transform_to_store(
39 		secure_storage_its_uid_t uid, size_t data_len, const void *data,
40 		secure_storage_packed_create_flags_t create_flags,
41 		uint8_t stored_data[static SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE],
42 		size_t *stored_data_len);
43 
44 /** @brief Transforms and validates the stored data of an ITS entry for use.
45  *
46  * @param[in]  uid             The entry's UID.
47  * @param[in]  stored_data_len The number of bytes in `stored_data`.
48  * @param[in]  stored_data     The stored data to transform for use.
49  * @param[in]  data_size       The size of `data` in bytes.
50  * @param[out] data            The buffer to which the transformed data is written.
51  * @param[out] data_len        On success, the number of bytes written to `stored_data`.
52  * @param[out] create_flags    On success, the entry's create flags.
53  *
54  * @return `PSA_SUCCESS` on success, anything else on failure.
55  */
56 psa_status_t secure_storage_its_transform_from_store(
57 		secure_storage_its_uid_t uid, size_t stored_data_len,
58 		const uint8_t stored_data[static SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE],
59 		size_t data_size, void *data, size_t *data_len,
60 		psa_storage_create_flags_t *create_flags);
61 
62 #endif
63