1 /*
2  * Copyright (c) 2020 Arm Limited
3  * SPDX-License-Identifier: BSD-3-Clause
4  */
5 
6 #ifndef PSA_ADAC_PSA_CRYPTO_API_H
7 #define PSA_ADAC_PSA_CRYPTO_API_H
8 
9 #include <psa/crypto.h>
10 
11 #ifdef __cplusplus
12 extern "C" {
13 #endif
14 
15 /** \addtogroup adac-crypto-api
16  * @{
17  */
18 
19 /** \brief ADAC cryptographic back-end initialization
20  *
21  * This function will be called by ADA library.
22  */
23 psa_status_t psa_adac_crypto_init();
24 
25 /** \brief Generate challenge
26  *
27  * \param[out] output       Output buffer for the challenge.
28  * \param output_size       Number of bytes to generate and output.
29  */
30 psa_status_t psa_adac_generate_challenge(uint8_t *output, size_t output_size);
31 
32 /** \brief Compute the hash of a message
33  *
34  * \param alg               The hash algorithm to compute.
35  * \param[in] input         Buffer containing the message to hash.
36  * \param input_size        Size of the \p input buffer in bytes.
37  * \param[out] hash         Buffer where the hash is to be written.
38  * \param hash_size         Size of the \p hash buffer in bytes.
39  * \param[out] hash_length  On success, the length of the hash in bytes.
40  *
41  * \retval PSA_SUCCESS
42  *         Success.
43  * \retval PSA_ERROR_NOT_SUPPORTED
44  *         \p alg is not supported (or unknown hash algorithm).
45  * \retval PSA_ERROR_INVALID_ARGUMENT
46  * \retval PSA_ERROR_HARDWARE_FAILURE
47  */
48 psa_status_t psa_adac_hash(psa_algorithm_t alg, const uint8_t *input,
49         size_t input_size, uint8_t *hash, size_t hash_size,
50         size_t *hash_length);
51 
52 /** \brief Compute the hash of a message composed of multiple parts
53  *
54  * \param alg               The hash algorithm to compute.
55  * \param[in] inputs        Array of buffers containing the message to hash.
56  * \param[in] input_sizes   Array of size of the \p inputs buffers in bytes.
57  * \param input_count       Number of entries in \p inputs and \p input_sizes.
58  * \param[out] hash         Buffer where the hash is to be written.
59  * \param hash_size         Size of the \p hash buffer in bytes.
60  * \param[out] hash_length  On success, the length of the hash in bytes.
61  *
62  * \retval PSA_SUCCESS
63  *         Success.
64  * \retval PSA_ERROR_NOT_SUPPORTED
65  *         \p alg is not supported (or unknown hash algorithm).
66  * \retval PSA_ERROR_INVALID_ARGUMENT
67  * \retval PSA_ERROR_HARDWARE_FAILURE
68  */
69 psa_status_t psa_adac_hash_multiple(psa_algorithm_t alg,
70         const uint8_t *inputs[], size_t input_sizes[], size_t input_count,
71         uint8_t hash[], size_t hash_size, size_t *hash_length);
72 
73 /** \brief Compute the hash of a message and compare it with an expected value.
74  *
75  * \param alg               The hash algorithm to compute.
76  * \param[in] input         Buffer containing the message to hash.
77  * \param input_size        Size of the \p input buffer in bytes.
78  * \param[out] hash         Buffer containing the expected hash value.
79  * \param hash_size         Size of the \p hash buffer in bytes.
80  *
81  * \retval PSA_SUCCESS
82  *         The expected hash is identical to the actual hash of the input.
83  * \retval PSA_ERROR_INVALID_SIGNATURE
84  *         The hash of the message was calculated successfully, but it
85  *         differs from the expected hash.
86  * \retval PSA_ERROR_NOT_SUPPORTED
87  *         \p alg is not supported (or unknown hash algorithm).
88  * \retval PSA_ERROR_INVALID_ARGUMENT
89  * \retval PSA_ERROR_HARDWARE_FAILURE
90  */
91 psa_status_t psa_adac_hash_verify(psa_algorithm_t alg, const uint8_t input[],
92         size_t input_size, uint8_t hash[], size_t hash_size);
93 
94 /** \brief Compute the hash of a message and compare it with a list of
95  *         expected values
96  *
97  * \param alg               The hash algorithm to compute.
98  * \param[in] input         Buffer containing the message to hash.
99  * \param input_length      Size of the \p input buffer in bytes.
100  * \param[out] hash         Buffer containing the expected hash value.
101  * \param hash_size         Size of the \p hash buffer in bytes.
102  * \param hash_count        How many hashes to verify
103  *
104  * \retval PSA_SUCCESS
105  *         The expected hash is identical to the actual hash of the input.
106  * \retval PSA_ERROR_INVALID_SIGNATURE
107  *         The hash of the message was calculated successfully, but it
108  *         differs from the expected hash.
109  * \retval PSA_ERROR_NOT_SUPPORTED
110  *         \p alg is not supported (or unknown hash algorithm).
111  * \retval PSA_ERROR_INVALID_ARGUMENT
112  * \retval PSA_ERROR_HARDWARE_FAILURE
113  *
114  */
115 psa_status_t psa_adac_hash_verify_multiple(psa_algorithm_t alg,
116         const uint8_t input[], size_t input_length, uint8_t *hash[],
117         size_t hash_size[], size_t hash_count);
118 
119 /** \brief Verify a signature
120  *
121  * \param key_type          Type of key.
122  * \param key               The key.
123  * \param key_size          Key size.
124  * \param hash_alg          The hash algorithm to compute.
125  * \param[in] inputs        Buffer containing the message to hash.
126  * \param input_sizes       Size of the \p input buffer in bytes.
127  * \param input_count       Number of inouts.
128  * \param sig_alg           Singature algorithm.
129  * \param sig               Singature.
130  * \param sig_size          Singature size.
131  *
132  * \retval PSA_SUCCESS
133  * \retval PSA_ERROR_NOT_SUPPORTED
134  * \retval PSA_ERROR_INVALID_ARGUMENT
135  * \retval PSA_ERROR_INVALID_SIGNATURE
136  */
137 psa_status_t psa_adac_verify_signature(uint8_t key_type, uint8_t *key,
138         size_t key_size, psa_algorithm_t hash_algo, const uint8_t *inputs[],
139         size_t input_sizes[], size_t input_count, psa_algorithm_t sig_algo,
140         uint8_t *sig, size_t sig_size);
141 
142 /** \brief Verify a message authentication code
143  *
144  * \param alg               The hash algorithm to compute.
145  * \param[in] input         Buffer containing the message to hash.
146  * \param input_size        Size of the \p input buffer in bytes.
147  * \param input_count       Number of inouts.
148  * \param key               The key.
149  * \param key_size          Key size.
150  * \param mac
151  * \param mac_size
152  *
153  * \retval PSA_ERROR_NOT_SUPPORTED
154  */
155 psa_status_t psa_adac_mac_verify(psa_algorithm_t alg, const uint8_t *inputs[],
156         size_t input_sizes[], size_t input_count, const uint8_t key[],
157         size_t key_size, uint8_t mac[], size_t mac_size);
158 
159 /** \brief Derive key
160  *
161  * \param crt
162  * \param crt_size
163  * \param key_type          Type of key.
164  * \param key               The key.
165  * \param key_size          Key size.
166  *
167  * \retval PSA_ERROR_NOT_SUPPORTED
168  */
169 psa_status_t psa_adac_derive_key(uint8_t *crt, size_t crt_size,
170         uint8_t key_type, uint8_t *key, size_t key_size);
171 
172 /**@}*/
173 
174 #ifdef __cplusplus
175 }
176 #endif
177 
178 #endif //PSA_ADAC_PSA_CRYPTO_API_H
179