mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-12-21 12:33:49 +01:00
27cf424720
Currently PSA mac backends can only implement psa_mac_compute() from the PSA crypto API, but not psa_mac_verify() and the associated multi-part functions. Extend the location and algorithm dispatchers to connect the above PSA API functions to suitable backends. Also extend the MAC backend API to allow backends to implement those additional functions. Due to a design issue with the SE backend API (context size is dynamic, thus requiring a memory allocation) only psa_mac_verify() can be accelerated by SE backends. Signed-off-by: Armin Wolf <W_Armin@gmx.de>
276 lines
13 KiB
C
276 lines
13 KiB
C
/*
|
|
* Copyright (C) 2021 HAW Hamburg
|
|
*
|
|
* This file is subject to the terms and conditions of the GNU Lesser
|
|
* General Public License v2.1. See the file LICENSE in the top level
|
|
* directory for more details.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
/**
|
|
* @ingroup sys_psa_crypto
|
|
* @defgroup sys_psa_crypto_loc_disp PSA Crypto Location Dispatcher
|
|
* @{
|
|
*
|
|
* @file psa_crypto_location_dispatch.h
|
|
* @brief Function declarations for the PSA Crypto location dispatcher.
|
|
*
|
|
* @author Lena Boeckmann <lena.boeckmann@haw-hamburg.de>
|
|
*/
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#include <stdlib.h>
|
|
#include "kernel_defines.h"
|
|
#include "psa/crypto.h"
|
|
|
|
#if IS_USED(MODULE_PSA_ASYMMETRIC)
|
|
/**
|
|
* @brief Dispatch call of a hash signature function to a location specific backend.
|
|
* See psa_sign_hash()
|
|
*/
|
|
psa_status_t psa_location_dispatch_sign_hash( const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *hash,
|
|
size_t hash_length,
|
|
uint8_t *signature,
|
|
size_t signature_size,
|
|
size_t *signature_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a message signature function to a location specific backend.
|
|
* See psa_sign_message()
|
|
*/
|
|
psa_status_t psa_location_dispatch_sign_message(const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *input,
|
|
size_t input_length,
|
|
uint8_t *signature,
|
|
size_t signature_size,
|
|
size_t *signature_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a hash verification function to a location specific backend.
|
|
* See psa_verify_hash()
|
|
*/
|
|
psa_status_t psa_location_dispatch_verify_hash( const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *hash,
|
|
size_t hash_length,
|
|
const uint8_t *signature,
|
|
size_t signature_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a message verification function to a location specific backend.
|
|
* See psa_verify_message()
|
|
*/
|
|
psa_status_t psa_location_dispatch_verify_message(const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *input,
|
|
size_t input_length,
|
|
const uint8_t *signature,
|
|
size_t signature_length);
|
|
#endif /* MODULE_PSA_ASYMMETRIC */
|
|
|
|
#if IS_USED(MODULE_PSA_MAC)
|
|
/**
|
|
* @brief Dispatch call of a mac computation function to a location-specific backend.
|
|
* See @ref psa_mac_compute()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_compute(const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *input,
|
|
size_t input_length,
|
|
uint8_t *mac,
|
|
size_t mac_size,
|
|
size_t *mac_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a mac verification function to a location-specific backend.
|
|
* See @ref psa_mac_verify()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_verify(const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *input,
|
|
size_t input_length,
|
|
const uint8_t *mac,
|
|
size_t mac_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a mac sign setup function to a location-specific backend.
|
|
* See @ref psa_mac_sign_setup()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_sign_setup(psa_mac_operation_t *operation,
|
|
const psa_key_attributes_t *attributes,
|
|
const psa_key_slot_t *slot,
|
|
psa_algorithm_t alg);
|
|
|
|
/**
|
|
* @brief Dispatch call of a mac verify setup function to a location-specific backend.
|
|
* See @ref psa_mac_verify_setup()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_verify_setup(psa_mac_operation_t *operation,
|
|
const psa_key_attributes_t *attributes,
|
|
const psa_key_slot_t *slot,
|
|
psa_algorithm_t alg);
|
|
|
|
/**
|
|
* @brief Dispatch call of a mac update function to a location-specific backend.
|
|
* See @ref psa_mac_update()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_update(psa_mac_operation_t *operation,
|
|
const uint8_t *input,
|
|
size_t input_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a mac sign finish function to a location-specific backend.
|
|
* See @ref psa_mac_sign_finish()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_sign_finish(psa_mac_operation_t *operation,
|
|
uint8_t *mac,
|
|
size_t mac_size,
|
|
size_t *mac_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a mac verify finish function to a location-specific backend.
|
|
* See @ref psa_mac_verify_finish()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_verify_finish(psa_mac_operation_t *operation,
|
|
const uint8_t *mac,
|
|
size_t mac_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a mac abort function to a location-specific backend.
|
|
* See @ref psa_mac_abort()
|
|
*/
|
|
psa_status_t psa_location_dispatch_mac_abort(psa_mac_operation_t *operation);
|
|
#endif /* MODULE_PSA_MAC */
|
|
|
|
#if IS_USED(MODULE_PSA_KEY_MANAGEMENT)
|
|
/**
|
|
* @brief Dispatch call of the key generation function to a location specific backend.
|
|
* See psa_generate_key()
|
|
*/
|
|
psa_status_t psa_location_dispatch_generate_key(const psa_key_attributes_t *attributes,
|
|
psa_key_slot_t *slot);
|
|
|
|
/**
|
|
* @brief Dispatch call of the key import function to a location specific backend.
|
|
* See psa_import_key()
|
|
*/
|
|
psa_status_t psa_location_dispatch_import_key( const psa_key_attributes_t *attributes,
|
|
const uint8_t *data, size_t data_length,
|
|
psa_key_slot_t *slot, size_t *bits);
|
|
#endif /* MODULE_PSA_KEY_MANAGEMENT */
|
|
|
|
#if IS_USED(MODULE_PSA_CIPHER)
|
|
/**
|
|
* @brief Dispatch call of a cipher encrypt setup function to a location specific backend.
|
|
* See psa_cipher_setup()
|
|
*/
|
|
psa_status_t psa_location_dispatch_cipher_encrypt_setup( psa_cipher_operation_t *operation,
|
|
const psa_key_attributes_t *attributes,
|
|
const psa_key_slot_t *slot,
|
|
psa_algorithm_t alg);
|
|
|
|
/**
|
|
* @brief Dispatch call of a cipher decrypt setup function to a location specific backend.
|
|
* See psa_cipher_setup()
|
|
*/
|
|
psa_status_t psa_location_dispatch_cipher_decrypt_setup(psa_cipher_operation_t *operation,
|
|
const psa_key_attributes_t *attributes,
|
|
const psa_key_slot_t *slot,
|
|
psa_algorithm_t alg);
|
|
|
|
/**
|
|
* @brief Dispatch call of a function to set a cipher IV to a location specific backend.
|
|
* See psa_cipher_set_iv()
|
|
*/
|
|
psa_status_t psa_location_dispatch_cipher_set_iv( psa_cipher_operation_t *operation,
|
|
const uint8_t *iv,
|
|
size_t iv_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a cipher encrypt function to a location specific backend.
|
|
* See psa_cipher_encrypt()
|
|
*/
|
|
psa_status_t psa_location_dispatch_cipher_encrypt( const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *input,
|
|
size_t input_length,
|
|
uint8_t *output,
|
|
size_t output_size,
|
|
size_t *output_length);
|
|
|
|
/**
|
|
* @brief Dispatch call of a cipher decrypt function to a location specific backend.
|
|
* See psa_cipher_decrypt()
|
|
*/
|
|
psa_status_t psa_location_dispatch_cipher_decrypt( const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *input,
|
|
size_t input_length,
|
|
uint8_t *output,
|
|
size_t output_size,
|
|
size_t *output_length);
|
|
#endif /* MODULE_PSA_CIPHER */
|
|
|
|
#if IS_USED(MODULE_PSA_AEAD)
|
|
/**
|
|
* @brief Dispatch a aead encrypt function to a specific backend.
|
|
* See @ref psa_aead_encrypt()
|
|
*/
|
|
psa_status_t psa_location_dispatch_aead_encrypt(const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *nonce,
|
|
size_t nonce_length,
|
|
const uint8_t *additional_data,
|
|
size_t additional_data_length,
|
|
const uint8_t *plaintext,
|
|
size_t plaintext_length,
|
|
uint8_t *ciphertext,
|
|
size_t ciphertext_size,
|
|
size_t *ciphertext_length);
|
|
/**
|
|
* @brief Dispatch a aead decrypt function to a specific backend.
|
|
* See @ref psa_aead_decrypt()
|
|
*/
|
|
psa_status_t psa_location_dispatch_aead_decrypt(const psa_key_attributes_t *attributes,
|
|
psa_algorithm_t alg,
|
|
const psa_key_slot_t *slot,
|
|
const uint8_t *nonce,
|
|
size_t nonce_length,
|
|
const uint8_t *additional_data,
|
|
size_t additional_data_length,
|
|
const uint8_t *ciphertext,
|
|
size_t ciphertext_length,
|
|
uint8_t *plaintext,
|
|
size_t plaintext_size,
|
|
size_t *plaintext_length);
|
|
#endif /* MODULE_PSA_AEAD */
|
|
|
|
/**
|
|
* @brief Dispatch call of a random number generator to a specific backend.
|
|
* See psa_generate_random()
|
|
*/
|
|
psa_status_t psa_location_dispatch_generate_random(uint8_t *output,
|
|
size_t output_size);
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
/** @} */
|