TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7ff7965561863346218d0ec5dfa50d58893f7903 / . / library / psa_crypto_se.c
blob: 9628ff2899eb792e5b79c3f1e179304ac9dabe82 [file] [log] [blame]
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]1/*
2 * PSA crypto support for secure element drivers
3 */
Bence Szépkúti86974652020-06-15 11:59:37 +0200[diff] [blame]4/*
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]5 * Copyright The Mbed TLS Contributors
Dave Rodgman7ff79652023-11-03 12:04:52 +0000[diff] [blame^]6 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]7 */
8
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]9#include "common.h"
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]10
Gilles Peskinea8ade162019-06-26 11:24:49 +0200[diff] [blame]11#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]12
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]13#include <stdint.h>
Gilles Peskined0890212019-06-24 14:34:43 +0200[diff] [blame]14#include <string.h>
15
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]16#include "psa/crypto_se_driver.h"
17
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]18#include "psa_crypto_se.h"
19
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]20#if defined(MBEDTLS_PSA_ITS_FILE_C)
21#include "psa_crypto_its.h"
22#else /* Native ITS implementation */
23#include "psa/error.h"
24#include "psa/internal_trusted_storage.h"
25#endif
26
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]27#include "mbedtls/platform.h"
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]28
29
30
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]31/****************************************************************/
32/* Driver lookup */
33/****************************************************************/
34
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]35/* This structure is identical to psa_drv_se_context_t declared in
36 * `crypto_se_driver.h`, except that some parts are writable here
37 * (non-const, or pointer to non-const). */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]38typedef struct {
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]39 void *persistent_data;
40 size_t persistent_data_size;
41 uintptr_t transient_data;
42} psa_drv_se_internal_context_t;
43
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]44struct psa_se_drv_table_entry_s {
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]45 psa_key_location_t location;
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]46 const psa_drv_se_t *methods;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]47 union {
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]48 psa_drv_se_internal_context_t internal;
49 psa_drv_se_context_t context;
Gilles Peskine1a75d0c2020-04-14 19:33:25 +0200[diff] [blame]50 } u;
Gilles Peskine01fd8752020-04-14 19:31:52 +0200[diff] [blame]51};
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]52
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]53static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS];
54
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]55psa_se_drv_table_entry_t *psa_get_se_driver_entry(
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]56 psa_key_lifetime_t lifetime)
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]57{
58 size_t i;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]59 psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]60 /* In the driver table, location=0 means an entry that isn't used.
61 * No driver has a location of 0 because it's a reserved value
62 * (which designates transparent keys). Make sure we never return
63 * a driver entry for location 0. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]64 if (location == 0) {
65 return NULL;
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]66 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]67 for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
68 if (driver_table[i].location == location) {
69 return &driver_table[i];
70 }
71 }
72 return NULL;
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]73}
74
75const psa_drv_se_t *psa_get_se_driver_methods(
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]76 const psa_se_drv_table_entry_t *driver)
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]77{
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]78 return driver->methods;
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]79}
80
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]81psa_drv_se_context_t *psa_get_se_driver_context(
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]82 psa_se_drv_table_entry_t *driver)
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]83{
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]84 return &driver->u.context;
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]85}
86
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]87int psa_get_se_driver(psa_key_lifetime_t lifetime,
88 const psa_drv_se_t **p_methods,
89 psa_drv_se_context_t **p_drv_context)
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]90{
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]91 psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry(lifetime);
92 if (p_methods != NULL) {
93 *p_methods = (driver ? driver->methods : NULL);
94 }
95 if (p_drv_context != NULL) {
96 *p_drv_context = (driver ? &driver->u.context : NULL);
97 }
98 return driver != NULL;
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]99}
100
101
102
103/****************************************************************/
104/* Persistent data management */
105/****************************************************************/
106
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]107static psa_status_t psa_get_se_driver_its_file_uid(
108 const psa_se_drv_table_entry_t *driver,
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]109 psa_storage_uid_t *uid)
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]110{
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]111 if (driver->location > PSA_MAX_SE_LOCATION) {
112 return PSA_ERROR_NOT_SUPPORTED;
113 }
Gilles Peskine573bbc12019-07-23 19:59:23 +0200[diff] [blame]114
115#if SIZE_MAX > UINT32_MAX
116 /* ITS file sizes are limited to 32 bits. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]117 if (driver->u.internal.persistent_data_size > UINT32_MAX) {
118 return PSA_ERROR_NOT_SUPPORTED;
119 }
Gilles Peskine573bbc12019-07-23 19:59:23 +0200[diff] [blame]120#endif
121
Gilles Peskine75c126b2019-07-24 15:56:01 +0200[diff] [blame]122 /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]123 *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]124 return PSA_SUCCESS;
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]125}
126
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]127psa_status_t psa_load_se_persistent_data(
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]128 const psa_se_drv_table_entry_t *driver)
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]129{
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]130 psa_status_t status;
131 psa_storage_uid_t uid;
Gilles Peskine8b663892019-07-31 17:57:57 +0200[diff] [blame]132 size_t length;
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]133
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]134 status = psa_get_se_driver_its_file_uid(driver, &uid);
135 if (status != PSA_SUCCESS) {
136 return status;
137 }
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]138
Gilles Peskine8b663892019-07-31 17:57:57 +0200[diff] [blame]139 /* Read the amount of persistent data that the driver requests.
140 * If the data in storage is larger, it is truncated. If the data
141 * in storage is smaller, silently keep what is already at the end
142 * of the output buffer. */
Gilles Peskine75c126b2019-07-24 15:56:01 +0200[diff] [blame]143 /* psa_get_se_driver_its_file_uid ensures that the size_t
144 * persistent_data_size is in range, but compilers don't know that,
145 * so cast to reassure them. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]146 return psa_its_get(uid, 0,
147 (uint32_t) driver->u.internal.persistent_data_size,
148 driver->u.internal.persistent_data,
149 &length);
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]150}
151
152psa_status_t psa_save_se_persistent_data(
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]153 const psa_se_drv_table_entry_t *driver)
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]154{
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]155 psa_status_t status;
156 psa_storage_uid_t uid;
157
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]158 status = psa_get_se_driver_its_file_uid(driver, &uid);
159 if (status != PSA_SUCCESS) {
160 return status;
161 }
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]162
Gilles Peskine75c126b2019-07-24 15:56:01 +0200[diff] [blame]163 /* psa_get_se_driver_its_file_uid ensures that the size_t
164 * persistent_data_size is in range, but compilers don't know that,
165 * so cast to reassure them. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]166 return psa_its_set(uid,
167 (uint32_t) driver->u.internal.persistent_data_size,
168 driver->u.internal.persistent_data,
169 0);
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]170}
171
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]172psa_status_t psa_destroy_se_persistent_data(psa_key_location_t location)
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]173{
174 psa_storage_uid_t uid;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]175 if (location > PSA_MAX_SE_LOCATION) {
176 return PSA_ERROR_NOT_SUPPORTED;
177 }
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]178 uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + location;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]179 return psa_its_remove(uid);
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]180}
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]181
Gilles Peskinecbaff462019-07-12 23:46:04 +0200[diff] [blame]182psa_status_t psa_find_se_slot_for_key(
183 const psa_key_attributes_t *attributes,
Gilles Peskinee88c2c12019-08-05 16:44:14 +0200[diff] [blame]184 psa_key_creation_method_t method,
Gilles Peskinecbaff462019-07-12 23:46:04 +0200[diff] [blame]185 psa_se_drv_table_entry_t *driver,
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]186 psa_key_slot_number_t *slot_number)
Gilles Peskinecbaff462019-07-12 23:46:04 +0200[diff] [blame]187{
188 psa_status_t status;
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]189 psa_key_location_t key_location =
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]190 PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes));
Gilles Peskinecbaff462019-07-12 23:46:04 +0200[diff] [blame]191
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]192 /* If the location is wrong, it's a bug in the library. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]193 if (driver->location != key_location) {
194 return PSA_ERROR_CORRUPTION_DETECTED;
195 }
Gilles Peskinecbaff462019-07-12 23:46:04 +0200[diff] [blame]196
197 /* If the driver doesn't support key creation in any way, give up now. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]198 if (driver->methods->key_management == NULL) {
199 return PSA_ERROR_NOT_SUPPORTED;
200 }
Gilles Peskinecbaff462019-07-12 23:46:04 +0200[diff] [blame]201
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]202 if (psa_get_key_slot_number(attributes, slot_number) == PSA_SUCCESS) {
Gilles Peskine46d94392019-08-05 14:55:50 +0200[diff] [blame]203 /* The application wants to use a specific slot. Allow it if
204 * the driver supports it. On a system with isolation,
205 * the crypto service must check that the application is
206 * permitted to request this slot. */
207 psa_drv_se_validate_slot_number_t p_validate_slot_number =
208 driver->methods->key_management->p_validate_slot_number;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]209 if (p_validate_slot_number == NULL) {
210 return PSA_ERROR_NOT_SUPPORTED;
211 }
212 status = p_validate_slot_number(&driver->u.context,
213 driver->u.internal.persistent_data,
214 attributes, method,
215 *slot_number);
216 } else if (method == PSA_KEY_CREATION_REGISTER) {
Gilles Peskine3efcebb2019-10-01 14:18:35 +0200[diff] [blame]217 /* The application didn't specify a slot number. This doesn't
218 * make sense when registering a slot. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]219 return PSA_ERROR_INVALID_ARGUMENT;
220 } else {
Gilles Peskine46d94392019-08-05 14:55:50 +0200[diff] [blame]221 /* The application didn't tell us which slot to use. Let the driver
222 * choose. This is the normal case. */
223 psa_drv_se_allocate_key_t p_allocate =
224 driver->methods->key_management->p_allocate;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]225 if (p_allocate == NULL) {
226 return PSA_ERROR_NOT_SUPPORTED;
227 }
228 status = p_allocate(&driver->u.context,
229 driver->u.internal.persistent_data,
230 attributes, method,
231 slot_number);
Gilles Peskine46d94392019-08-05 14:55:50 +0200[diff] [blame]232 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]233 return status;
Gilles Peskinecbaff462019-07-12 23:46:04 +0200[diff] [blame]234}
235
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]236psa_status_t psa_destroy_se_key(psa_se_drv_table_entry_t *driver,
237 psa_key_slot_number_t slot_number)
Gilles Peskine354f7672019-07-12 23:46:38 +0200[diff] [blame]238{
239 psa_status_t status;
240 psa_status_t storage_status;
Gilles Peskine340b1272019-07-25 14:13:24 +0200[diff] [blame]241 /* Normally a missing method would mean that the action is not
242 * supported. But psa_destroy_key() is not supposed to return
243 * PSA_ERROR_NOT_SUPPORTED: if you can create a key, you should
244 * be able to destroy it. The only use case for a driver that
245 * does not have a way to destroy keys at all is if the keys are
246 * locked in a read-only state: we can use the keys but not
247 * destroy them. Hence, if the driver doesn't support destroying
248 * keys, it's really a lack of permission. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]249 if (driver->methods->key_management == NULL ||
250 driver->methods->key_management->p_destroy == NULL) {
251 return PSA_ERROR_NOT_PERMITTED;
252 }
Gilles Peskine354f7672019-07-12 23:46:38 +0200[diff] [blame]253 status = driver->methods->key_management->p_destroy(
Gilles Peskine1a75d0c2020-04-14 19:33:25 +0200[diff] [blame]254 &driver->u.context,
255 driver->u.internal.persistent_data,
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]256 slot_number);
257 storage_status = psa_save_se_persistent_data(driver);
258 return status == PSA_SUCCESS ? storage_status : status;
Gilles Peskine354f7672019-07-12 23:46:38 +0200[diff] [blame]259}
260
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]261psa_status_t psa_init_all_se_drivers(void)
Gilles Peskined9348f22019-10-01 15:22:29 +0200[diff] [blame]262{
263 size_t i;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]264 for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
Gilles Peskined9348f22019-10-01 15:22:29 +0200[diff] [blame]265 psa_se_drv_table_entry_t *driver = &driver_table[i];
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]266 if (driver->location == 0) {
Gilles Peskined9348f22019-10-01 15:22:29 +0200[diff] [blame]267 continue; /* skipping unused entry */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]268 }
269 const psa_drv_se_t *methods = psa_get_se_driver_methods(driver);
270 if (methods->p_init != NULL) {
Gilles Peskined9348f22019-10-01 15:22:29 +0200[diff] [blame]271 psa_status_t status = methods->p_init(
Gilles Peskine1a75d0c2020-04-14 19:33:25 +0200[diff] [blame]272 &driver->u.context,
273 driver->u.internal.persistent_data,
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]274 driver->location);
275 if (status != PSA_SUCCESS) {
276 return status;
277 }
278 status = psa_save_se_persistent_data(driver);
279 if (status != PSA_SUCCESS) {
280 return status;
281 }
Gilles Peskined9348f22019-10-01 15:22:29 +0200[diff] [blame]282 }
283 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]284 return PSA_SUCCESS;
Gilles Peskined9348f22019-10-01 15:22:29 +0200[diff] [blame]285}
286
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]287
288
289/****************************************************************/
290/* Driver registration */
291/****************************************************************/
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]292
293psa_status_t psa_register_se_driver(
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]294 psa_key_location_t location,
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]295 const psa_drv_se_t *methods)
296{
297 size_t i;
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]298 psa_status_t status;
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]299
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]300 if (methods->hal_version != PSA_DRV_SE_HAL_VERSION) {
301 return PSA_ERROR_NOT_SUPPORTED;
302 }
Gilles Peskine9717d102019-06-26 11:50:04 +0200[diff] [blame]303 /* Driver table entries are 0-initialized. 0 is not a valid driver
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]304 * location because it means a transparent key. */
Tom Cosgrovebdd01a72023-03-08 14:19:51 +0000[diff] [blame]305 MBEDTLS_STATIC_ASSERT(PSA_KEY_LOCATION_LOCAL_STORAGE == 0,
306 "Secure element support requires 0 to mean a local key");
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]307 if (location == PSA_KEY_LOCATION_LOCAL_STORAGE) {
308 return PSA_ERROR_INVALID_ARGUMENT;
309 }
310 if (location > PSA_MAX_SE_LOCATION) {
311 return PSA_ERROR_NOT_SUPPORTED;
312 }
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]313
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]314 for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
315 if (driver_table[i].location == 0) {
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]316 break;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]317 }
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]318 /* Check that location isn't already in use up to the first free
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]319 * entry. Since entries are created in order and never deleted,
320 * there can't be a used entry after the first free entry. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]321 if (driver_table[i].location == location) {
322 return PSA_ERROR_ALREADY_EXISTS;
323 }
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]324 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]325 if (i == PSA_MAX_SE_DRIVERS) {
326 return PSA_ERROR_INSUFFICIENT_MEMORY;
327 }
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]328
Gilles Peskine2b04f462020-05-10 00:44:04 +0200[diff] [blame]329 driver_table[i].location = location;
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]330 driver_table[i].methods = methods;
Gilles Peskine1a75d0c2020-04-14 19:33:25 +0200[diff] [blame]331 driver_table[i].u.internal.persistent_data_size =
Gilles Peskined5536d82019-10-01 16:55:29 +0200[diff] [blame]332 methods->persistent_data_size;
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]333
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]334 if (methods->persistent_data_size != 0) {
Gilles Peskine1a75d0c2020-04-14 19:33:25 +0200[diff] [blame]335 driver_table[i].u.internal.persistent_data =
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]336 mbedtls_calloc(1, methods->persistent_data_size);
337 if (driver_table[i].u.internal.persistent_data == NULL) {
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]338 status = PSA_ERROR_INSUFFICIENT_MEMORY;
339 goto error;
340 }
Gilles Peskine8b96cad2019-07-23 17:38:08 +0200[diff] [blame]341 /* Load the driver's persistent data. On first use, the persistent
342 * data does not exist in storage, and is initialized to
343 * all-bits-zero by the calloc call just above. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]344 status = psa_load_se_persistent_data(&driver_table[i]);
345 if (status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST) {
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]346 goto error;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]347 }
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]348 }
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]349
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]350 return PSA_SUCCESS;
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]351
352error:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]353 memset(&driver_table[i], 0, sizeof(driver_table[i]));
354 return status;
Gilles Peskinea899a722019-06-24 14:06:43 +0200[diff] [blame]355}
356
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]357void psa_unregister_all_se_drivers(void)
Gilles Peskined0890212019-06-24 14:34:43 +0200[diff] [blame]358{
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]359 size_t i;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]360 for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
361 if (driver_table[i].u.internal.persistent_data != NULL) {
362 mbedtls_free(driver_table[i].u.internal.persistent_data);
363 }
Gilles Peskine5243a202019-07-12 23:38:19 +0200[diff] [blame]364 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]365 memset(driver_table, 0, sizeof(driver_table));
Gilles Peskined0890212019-06-24 14:34:43 +0200[diff] [blame]366}
367
Gilles Peskinef989dbe2019-06-26 18:18:12 +0200[diff] [blame]368
369
370/****************************************************************/
371/* The end */
372/****************************************************************/
373
Gilles Peskinea8ade162019-06-26 11:24:49 +0200[diff] [blame]374#endif /* MBEDTLS_PSA_CRYPTO_SE_C */