1 /* 2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 */ 7 8 #ifndef __TFM_CRYPTO_API_H__ 9 #define __TFM_CRYPTO_API_H__ 10 11 #ifdef __cplusplus 12 extern "C" { 13 #endif 14 15 #include <limits.h> 16 #include <stdint.h> 17 #include "tfm_crypto_defs.h" 18 #include "tfm_crypto_key.h" 19 #include "psa/client.h" 20 21 /** 22 * \brief List of possible operation types supported by the TFM based 23 * implementation. This type is needed by the operation allocation, 24 * lookup and release functions. 25 * 26 */ 27 enum tfm_crypto_operation_type { 28 TFM_CRYPTO_OPERATION_NONE = 0, 29 TFM_CRYPTO_CIPHER_OPERATION = 1, 30 TFM_CRYPTO_MAC_OPERATION = 2, 31 TFM_CRYPTO_HASH_OPERATION = 3, 32 TFM_CRYPTO_KEY_DERIVATION_OPERATION = 4, 33 TFM_CRYPTO_AEAD_OPERATION = 5, 34 35 /* Used to force the enum size */ 36 TFM_CRYPTO_OPERATION_TYPE_MAX = INT_MAX 37 }; 38 39 /** 40 * \brief Initialise the service 41 * 42 * \return Return values as described in \ref psa_status_t 43 */ 44 psa_status_t tfm_crypto_init(void); 45 46 /** 47 * \brief Initialise the Alloc module 48 * 49 * \return Return values as described in \ref psa_status_t 50 */ 51 psa_status_t tfm_crypto_init_alloc(void); 52 53 /** 54 * \brief Returns the ID of the caller 55 * 56 * \param[out] id Pointer to hold the ID of the caller 57 * 58 * \return Return values as described in \ref psa_status_t 59 */ 60 psa_status_t tfm_crypto_get_caller_id(int32_t *id); 61 62 /** 63 * \brief Allocate an operation context in the backend 64 * 65 * \param[in] type Type of the operation context to allocate 66 * \param[out] handle Pointer to hold the allocated handle 67 * \param[out ctx Double pointer to the corresponding context 68 * 69 * \return Return values as described in \ref psa_status_t 70 */ 71 psa_status_t tfm_crypto_operation_alloc(enum tfm_crypto_operation_type type, 72 uint32_t *handle, 73 void **ctx); 74 /** 75 * \brief Release an operation context in the backend 76 * 77 * \param[in/out] handle Pointer to the handle of the context to release 78 * 79 * \return Return values as described in \ref psa_status_t 80 */ 81 psa_status_t tfm_crypto_operation_release(uint32_t *handle); 82 /** 83 * \brief Look up an operation context in the backend for the corresponding 84 * frontend operation 85 * 86 * \param[in] type Type of the operation context to look up 87 * \param[in] handle Handle of the context to lookup 88 * \param[out] ctx Double pointer to the corresponding context 89 * 90 * \return Return values as described in \ref psa_status_t 91 */ 92 psa_status_t tfm_crypto_operation_lookup(enum tfm_crypto_operation_type type, 93 uint32_t handle, 94 void **ctx); 95 96 /** 97 * \brief This function acts as interface from the framework dispatching 98 * calls to the set of functions that implement the PSA Crypto APIs. 99 * It is based on the Uniform Signatures prototype. 100 * 101 * \param[in] in_vec Array of invec parameters 102 * \param[in] in_len Length of the valid entries in in_vec 103 * \param[out] out_vec Array of outvec parameters 104 * \param[in] out_len Length of the valid entries in out_vec 105 * 106 * \return Return values as described in \ref psa_status_t 107 */ 108 psa_status_t tfm_crypto_api_dispatcher(psa_invec in_vec[], 109 size_t in_len, 110 psa_outvec out_vec[], 111 size_t out_len); 112 /** 113 * \brief This function acts as interface for the Key management module 114 * 115 * \param[in] in_vec Array of invec parameters 116 * \param[out] out_vec Array of outvec parameters 117 * \param[in] encoded_key Key encoded with partition_id and key_id 118 * 119 * \return Return values as described in \ref psa_status_t 120 */ 121 psa_status_t tfm_crypto_key_management_interface(psa_invec in_vec[], 122 psa_outvec out_vec[], 123 struct tfm_crypto_key_id_s *encoded_key); 124 /** 125 * \brief This function acts as interface for the MAC module 126 * 127 * \param[in] in_vec Array of invec parameters 128 * \param[out] out_vec Array of outvec parameters 129 * \param[in] encoded_key Key encoded with partition_id and key_id 130 * 131 * \return Return values as described in \ref psa_status_t 132 */ 133 psa_status_t tfm_crypto_mac_interface(psa_invec in_vec[], 134 psa_outvec out_vec[], 135 struct tfm_crypto_key_id_s *encoded_key); 136 /** 137 * \brief This function acts as interface for the Cipher module 138 * 139 * \param[in] in_vec Array of invec parameters 140 * \param[out] out_vec Array of outvec parameters 141 * \param[in] encoded_key Key encoded with partition_id and key_id 142 * 143 * \return Return values as described in \ref psa_status_t 144 */ 145 psa_status_t tfm_crypto_cipher_interface(psa_invec in_vec[], 146 psa_outvec out_vec[], 147 struct tfm_crypto_key_id_s *encoded_key); 148 /** 149 * \brief This function acts as interface for the AEAD module 150 * 151 * \param[in] in_vec Array of invec parameters 152 * \param[out] out_vec Array of outvec parameters 153 * \param[in] encoded_key Key encoded with partition_id and key_id 154 * 155 * \return Return values as described in \ref psa_status_t 156 */ 157 psa_status_t tfm_crypto_aead_interface(psa_invec in_vec[], 158 psa_outvec out_vec[], 159 struct tfm_crypto_key_id_s *encoded_key); 160 161 /** 162 * \brief This function acts as interface for the Asymmetric signing module 163 * 164 * \param[in] in_vec Array of invec parameters 165 * \param[out] out_vec Array of outvec parameters 166 * \param[in] encoded_key Key encoded with partition_id and key_id 167 * 168 * \return Return values as described in \ref psa_status_t 169 */ 170 psa_status_t tfm_crypto_asymmetric_sign_interface(psa_invec in_vec[], 171 psa_outvec out_vec[], 172 struct tfm_crypto_key_id_s *encoded_key); 173 174 /** 175 * \brief This function acts as interface for the Asymmetric encryption module 176 * 177 * \param[in] in_vec Array of invec parameters 178 * \param[out] out_vec Array of outvec parameters 179 * \param[in] encoded_key Key encoded with partition_id and key_id 180 * 181 * \return Return values as described in \ref psa_status_t 182 */ 183 psa_status_t tfm_crypto_asymmetric_encrypt_interface(psa_invec in_vec[], 184 psa_outvec out_vec[], 185 struct tfm_crypto_key_id_s *encoded_key); 186 187 /** 188 * \brief This function acts as interface for the Key derivation module 189 * 190 * \param[in] in_vec Array of invec parameters 191 * \param[out] out_vec Array of outvec parameters 192 * \param[in] encoded_key Key encoded with partition_id and key_id 193 * 194 * \return Return values as described in \ref psa_status_t 195 */ 196 psa_status_t tfm_crypto_key_derivation_interface(psa_invec in_vec[], 197 psa_outvec out_vec[], 198 struct tfm_crypto_key_id_s *encoded_key); 199 /** 200 * \brief This function acts as interface for the Random module 201 * 202 * \param[in] in_vec Array of invec parameters 203 * \param[out] out_vec Array of outvec parameters 204 * 205 * \return Return values as described in \ref psa_status_t 206 */ 207 psa_status_t tfm_crypto_random_interface(psa_invec in_vec[], 208 psa_outvec out_vec[]); 209 /** 210 * \brief This function acts as interface for the Hash module 211 * 212 * \param[in] in_vec Array of invec parameters 213 * \param[out] out_vec Array of outvec parameters 214 * 215 * \return Return values as described in \ref psa_status_t 216 */ 217 psa_status_t tfm_crypto_hash_interface(psa_invec in_vec[], 218 psa_outvec out_vec[]); 219 220 #ifdef __cplusplus 221 } 222 #endif 223 224 #endif /* __TFM_CRYPTO_API_H__ */ 225
