commit 2d73c209444deafb7d51408e23dc7283049f9960
author Michael Thomas <michael.thomas@renesas.com> Fri Jan 10 21:59:40 2020 +0000
committer Michael Thomas <michael.thomas@renesas.com> Fri Jan 10 21:59:40 2020 +0000
tree 3f88d91314baad6c61c029e09446c23ea9b13c02
parent 6ef5072c5a571150ba8d9a7f02b26376d7c5b0eb

Context setup for vendor defeind AES key

include/psa/crypto.h

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 90c9397..bdac6c8 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3587,63 +3587,6 @@
 psa_status_t psa_generate_random(uint8_t * output, size_t output_size);
 
 /**
- * \brief Generate symmetric key of vendor defined format.
- *
- * \warning This function **can** fail! Callers MUST check the return status
- *          and MUST NOT use the content of the output buffer if the return
- *          status is not #PSA_SUCCESS.
- *
- * \note    This function has to be defined by the vendor.
- *          A weakly linked version is provided by default and returns
- *          PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
- *          to generate a key, use psa_generate_key() instead.
- *
- * \param[in] type          Type of symmetric key to be generated.
- * \param[out] output       Output buffer for the generated data.
- * \param[out] output_size  Number of bytes to generate and output.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size);
-
-/**
- * \brief Perform vendor specific setup for cipher operations.
- *
- *
- * \note    This function has to be defined by the vendor.
- *          A weakly linked version is provided by default and returns
- *          PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
- *          to generate a key, use psa_generate_key() instead.
- *
- * \param[in] type          Type of symmetric key to be generated.
- * \param[out] output       Output buffer for the generated data.
- * \param[out] output_size  Number of bytes to generate and output.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg);
-
-/**
  * \brief Generate a key or key pair.
  *
  * The key is generated randomly.

include/psa/crypto_extra.h

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 636c881..64fa494 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -66,6 +66,62 @@
  * @{
  */
 
+/**
+ * \brief Generate symmetric key of vendor defined format.
+ *
+ * \warning This function **can** fail! Callers MUST check the return status
+ *          and MUST NOT use the content of the output buffer if the return
+ *          status is not #PSA_SUCCESS.
+ *
+ * \note    This function has to be defined by the vendor.
+ *          A weakly linked version is provided by default and returns
+ *          PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
+ *          to generate a key, use psa_generate_key() instead.
+ *
+ * \param[in] type          Type of symmetric key to be generated.
+ * \param[out] output       Output buffer for the generated data.
+ * \param[out] output_size  Number of bytes to generate and output.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t psa_generate_symmetric_vendor(psa_key_type_t type, size_t bits, uint8_t * output, size_t output_size);
+
+/**
+ * \brief Perform vendor specific setup for cipher operations.
+ *
+ *
+ * \note    This function has to be defined by the vendor.
+ *          A weakly linked version is provided by default and returns
+ *          PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
+ *          to generate a key, use psa_generate_key() instead.
+ *
+ * \param[in,out] operation     The operation object to set up. It must have
+ *                              been initialized as per the documentation for
+ *                              #psa_cipher_operation_t and not yet in use.
+ * \param handle                Handle to the key to use for the operation.
+ *                              It must remain valid until the operation
+ *                              terminates.
+ * \param alg                   The cipher algorithm to compute
+ *                              (\c PSA_ALG_XXX value such that
+ *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * .
+ */
+psa_status_t psa_cipher_setup_vendor(psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg);
+
 /** \brief Declare the enrollment algorithm for a key.
  *
  * An operation on a key may indifferently use the algorithm set with

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 52191a6..61d43f6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3694,6 +3694,17 @@
     mbedtls_cipher_init( &operation->ctx.cipher );
     return( PSA_SUCCESS );
 }
+// The weakly linked function "psa_cipher_setup_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if 
+// the vendor does not provide a definition for "psa_cipher_setup_vendor"
+psa_status_t psa_cipher_setup_vendor( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg) __attribute__ ((weak, alias("psa_cipher_setup_vendor_weak")));
+psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg);
+psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg)
+{
+    (void)operation;
+    (void)handle;
+    (void)alg;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
 
 static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
                                       psa_key_handle_t handle,
@@ -3789,6 +3800,11 @@
         operation->iv_size = 12;
 #endif
 
+    if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type))
+    {
+        status = psa_cipher_setup_vendor(operation, handle, alg); 
+    }
+
 
 exit:
     if( status == 0 )