psa: Call cipher setup implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 399b37c..b26a988 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3443,22 +3443,6 @@
operation->alg = alg;
}
- if( status != PSA_ERROR_NOT_SUPPORTED ||
- psa_key_lifetime_is_external( slot->attr.lifetime ) )
- goto exit;
-
- /* Try doing the operation through a driver before using software fallback. */
- if( cipher_operation == MBEDTLS_ENCRYPT )
- status = mbedtls_psa_cipher_encrypt_setup( operation, &attributes,
- slot->key.data,
- slot->key.bytes,
- alg );
- else
- status = mbedtls_psa_cipher_decrypt_setup( operation, &attributes,
- slot->key.data,
- slot->key.bytes,
- alg );
-
exit:
if( status == PSA_SUCCESS )
{
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index 0c55463..7960a08 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -19,6 +19,7 @@
* limitations under the License.
*/
+#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h"
#include "psa_crypto_driver_wrappers.h"
#include "psa_crypto_hash.h"
@@ -715,8 +716,7 @@
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_location_t location =
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
void *driver_ctx = NULL;
@@ -726,6 +726,7 @@
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
driver_ctx = mbedtls_calloc( 1,
sizeof( test_transparent_cipher_operation_t ) );
@@ -751,11 +752,19 @@
mbedtls_free( driver_ctx );
}
- return( status );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
+ return( mbedtls_psa_cipher_encrypt_setup( operation,
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg ) );
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
driver_ctx =
@@ -782,19 +791,13 @@
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
+ (void)status;
+ (void)driver_ctx;
return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void)operation;
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
@@ -803,7 +806,6 @@
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
psa_key_location_t location =
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
@@ -814,6 +816,7 @@
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
driver_ctx = mbedtls_calloc( 1,
sizeof( test_transparent_cipher_operation_t ) );
@@ -839,11 +842,18 @@
mbedtls_free( driver_ctx );
}
- return( status );
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
+ return( mbedtls_psa_cipher_decrypt_setup( operation,
+ attributes,
+ key_buffer,
+ key_buffer_size,
+ alg ) );
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
driver_ctx =
@@ -870,19 +880,13 @@
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
+ (void)status;
+ (void)driver_ctx;
return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void)operation;
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_generate_iv(