summaryrefslogtreecommitdiff
path: root/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch')
-rw-r--r--meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch413
1 files changed, 0 insertions, 413 deletions
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch
deleted file mode 100644
index 7e65de8698..0000000000
--- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch
+++ /dev/null
@@ -1,413 +0,0 @@
-From ca7d37502f9453125aead14c7ee5181336cbe8f4 Mon Sep 17 00:00:00 2001
-From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
-Date: Thu, 9 Feb 2023 00:22:40 +0000
-Subject: [PATCH 1/3] TF-Mv1.7 alignment: Align PSA Crypto SIDs
-
-This patch is to change the PSA Crypto SIDs to match the values of the
-PSA Crypto SID definitions in TF-M v1.7 running on the secure enclave
-
-Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
-Upstream-Status: Pending [Not submitted yet]
----
- .../service/common/include/psa/crypto_sid.h | 241 ++++++++++++++++++
- components/service/common/include/psa/sid.h | 78 +-----
- .../caller/psa_ipc/crypto_caller_sign_hash.h | 4 +-
- .../psa_ipc/crypto_caller_verify_hash.h | 4 +-
- 4 files changed, 249 insertions(+), 78 deletions(-)
- create mode 100644 components/service/common/include/psa/crypto_sid.h
-
-diff --git a/components/service/common/include/psa/crypto_sid.h b/components/service/common/include/psa/crypto_sid.h
-new file mode 100644
-index 00000000..5b05f46d
---- /dev/null
-+++ b/components/service/common/include/psa/crypto_sid.h
-@@ -0,0 +1,241 @@
-+/*
-+ * Copyright (c) 2023, Arm Limited. All rights reserved.
-+ *
-+ * SPDX-License-Identifier: BSD-3-Clause
-+ *
-+ */
-+
-+#ifndef __PSA_CRYPTO_SID_H__
-+#define __PSA_CRYPTO_SID_H__
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+#include <stdint.h>
-+
-+/**
-+ * \brief Type associated to the group of a function encoding. There can be
-+ * nine groups (Random, Key management, Hash, MAC, Cipher, AEAD,
-+ * Asym sign, Asym encrypt, Key derivation).
-+ */
-+enum tfm_crypto_group_id {
-+ TFM_CRYPTO_GROUP_ID_RANDOM = 0x0,
-+ TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT,
-+ TFM_CRYPTO_GROUP_ID_HASH,
-+ TFM_CRYPTO_GROUP_ID_MAC,
-+ TFM_CRYPTO_GROUP_ID_CIPHER,
-+ TFM_CRYPTO_GROUP_ID_AEAD,
-+ TFM_CRYPTO_GROUP_ID_ASYM_SIGN,
-+ TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT,
-+ TFM_CRYPTO_GROUP_ID_KEY_DERIVATION,
-+};
-+
-+/* X macro describing each of the available PSA Crypto APIs */
-+#define KEY_MANAGEMENT_FUNCS \
-+ X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \
-+ X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES) \
-+ X(TFM_CRYPTO_OPEN_KEY) \
-+ X(TFM_CRYPTO_CLOSE_KEY) \
-+ X(TFM_CRYPTO_IMPORT_KEY) \
-+ X(TFM_CRYPTO_DESTROY_KEY) \
-+ X(TFM_CRYPTO_EXPORT_KEY) \
-+ X(TFM_CRYPTO_EXPORT_PUBLIC_KEY) \
-+ X(TFM_CRYPTO_PURGE_KEY) \
-+ X(TFM_CRYPTO_COPY_KEY) \
-+ X(TFM_CRYPTO_GENERATE_KEY)
-+
-+#define HASH_FUNCS \
-+ X(TFM_CRYPTO_HASH_COMPUTE) \
-+ X(TFM_CRYPTO_HASH_COMPARE) \
-+ X(TFM_CRYPTO_HASH_SETUP) \
-+ X(TFM_CRYPTO_HASH_UPDATE) \
-+ X(TFM_CRYPTO_HASH_CLONE) \
-+ X(TFM_CRYPTO_HASH_FINISH) \
-+ X(TFM_CRYPTO_HASH_VERIFY) \
-+ X(TFM_CRYPTO_HASH_ABORT)
-+
-+#define MAC_FUNCS \
-+ X(TFM_CRYPTO_MAC_COMPUTE) \
-+ X(TFM_CRYPTO_MAC_VERIFY) \
-+ X(TFM_CRYPTO_MAC_SIGN_SETUP) \
-+ X(TFM_CRYPTO_MAC_VERIFY_SETUP) \
-+ X(TFM_CRYPTO_MAC_UPDATE) \
-+ X(TFM_CRYPTO_MAC_SIGN_FINISH) \
-+ X(TFM_CRYPTO_MAC_VERIFY_FINISH) \
-+ X(TFM_CRYPTO_MAC_ABORT)
-+
-+#define CIPHER_FUNCS \
-+ X(TFM_CRYPTO_CIPHER_ENCRYPT) \
-+ X(TFM_CRYPTO_CIPHER_DECRYPT) \
-+ X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP) \
-+ X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP) \
-+ X(TFM_CRYPTO_CIPHER_GENERATE_IV) \
-+ X(TFM_CRYPTO_CIPHER_SET_IV) \
-+ X(TFM_CRYPTO_CIPHER_UPDATE) \
-+ X(TFM_CRYPTO_CIPHER_FINISH) \
-+ X(TFM_CRYPTO_CIPHER_ABORT)
-+
-+#define AEAD_FUNCS \
-+ X(TFM_CRYPTO_AEAD_ENCRYPT) \
-+ X(TFM_CRYPTO_AEAD_DECRYPT) \
-+ X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP) \
-+ X(TFM_CRYPTO_AEAD_DECRYPT_SETUP) \
-+ X(TFM_CRYPTO_AEAD_GENERATE_NONCE) \
-+ X(TFM_CRYPTO_AEAD_SET_NONCE) \
-+ X(TFM_CRYPTO_AEAD_SET_LENGTHS) \
-+ X(TFM_CRYPTO_AEAD_UPDATE_AD) \
-+ X(TFM_CRYPTO_AEAD_UPDATE) \
-+ X(TFM_CRYPTO_AEAD_FINISH) \
-+ X(TFM_CRYPTO_AEAD_VERIFY) \
-+ X(TFM_CRYPTO_AEAD_ABORT)
-+
-+#define ASYMMETRIC_SIGN_FUNCS \
-+ X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \
-+ X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \
-+ X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \
-+ X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH)
-+
-+#define AYSMMETRIC_ENCRYPT_FUNCS \
-+ X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \
-+ X(TFM_CRYPTO_ASYMMETRIC_DECRYPT)
-+
-+#define KEY_DERIVATION_FUNCS \
-+ X(TFM_CRYPTO_RAW_KEY_AGREEMENT) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_SETUP) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \
-+ X(TFM_CRYPTO_KEY_DERIVATION_ABORT)
-+
-+#define RANDOM_FUNCS \
-+ X(TFM_CRYPTO_GENERATE_RANDOM)
-+
-+/*
-+ * Define function IDs in each group. The function ID will be encoded into
-+ * tfm_crypto_func_sid below.
-+ * Each group is defined as a dedicated enum in case the total number of
-+ * PSA Crypto APIs exceeds 256.
-+ */
-+#define X(func_id) func_id,
-+enum tfm_crypto_key_management_func_id {
-+ KEY_MANAGEMENT_FUNCS
-+};
-+enum tfm_crypto_hash_func_id {
-+ HASH_FUNCS
-+};
-+enum tfm_crypto_mac_func_id {
-+ MAC_FUNCS
-+};
-+enum tfm_crypto_cipher_func_id {
-+ CIPHER_FUNCS
-+};
-+enum tfm_crypto_aead_func_id {
-+ AEAD_FUNCS
-+};
-+enum tfm_crypto_asym_sign_func_id {
-+ ASYMMETRIC_SIGN_FUNCS
-+};
-+enum tfm_crypto_asym_encrypt_func_id {
-+ AYSMMETRIC_ENCRYPT_FUNCS
-+};
-+enum tfm_crypto_key_derivation_func_id {
-+ KEY_DERIVATION_FUNCS
-+};
-+enum tfm_crypto_random_func_id {
-+ RANDOM_FUNCS
-+};
-+#undef X
-+
-+#define FUNC_ID(func_id) (((func_id) & 0xFF) << 8)
-+
-+/*
-+ * Numerical progressive value identifying a function API exposed through
-+ * the interfaces (S or NS). It's used to dispatch the requests from S/NS
-+ * to the corresponding API implementation in the Crypto service backend.
-+ *
-+ * Each function SID is encoded as uint16_t.
-+ * | Func ID | Group ID |
-+ * 15 8 7 0
-+ * Func ID is defined in each group func_id enum above
-+ * Group ID is defined in tfm_crypto_group_id.
-+ */
-+enum tfm_crypto_func_sid {
-+
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT & 0xFF)),
-+
-+ KEY_MANAGEMENT_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_HASH & 0xFF)),
-+ HASH_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_MAC & 0xFF)),
-+ MAC_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_CIPHER & 0xFF)),
-+ CIPHER_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_AEAD & 0xFF)),
-+ AEAD_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_ASYM_SIGN & 0xFF)),
-+ ASYMMETRIC_SIGN_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT & 0xFF)),
-+ AYSMMETRIC_ENCRYPT_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_KEY_DERIVATION & 0xFF)),
-+ KEY_DERIVATION_FUNCS
-+
-+#undef X
-+#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
-+ (TFM_CRYPTO_GROUP_ID_RANDOM & 0xFF)),
-+ RANDOM_FUNCS
-+
-+};
-+#undef X
-+
-+/**
-+ * \brief Define an invalid value for an SID
-+ *
-+ */
-+#define TFM_CRYPTO_SID_INVALID (~0x0u)
-+
-+/**
-+ * \brief This value is used to mark an handle as invalid.
-+ *
-+ */
-+#define TFM_CRYPTO_INVALID_HANDLE (0x0u)
-+
-+/**
-+ * \brief Define miscellaneous literal constants that are used in the service
-+ *
-+ */
-+enum {
-+ TFM_CRYPTO_NOT_IN_USE = 0,
-+ TFM_CRYPTO_IN_USE = 1
-+};
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* __PSA_CRYPTO_SID_H__ */
-diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
-index 8103a9af..50ad070e 100644
---- a/components/service/common/include/psa/sid.h
-+++ b/components/service/common/include/psa/sid.h
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
-+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
-@@ -12,6 +12,9 @@
- extern "C" {
- #endif
-
-+/******** PSA Crypto SIDs ********/
-+#include "crypto_sid.h"
-+
- /******** TFM_SP_PS ********/
- #define TFM_PROTECTED_STORAGE_SERVICE_SID (0x00000060U)
- #define TFM_PROTECTED_STORAGE_SERVICE_VERSION (1U)
-@@ -43,79 +46,6 @@ extern "C" {
- #define TFM_PLATFORM_SERVICE_HANDLE (0x40000105U)
-
-
--/**
-- * \brief Define a progressive numerical value for each SID which can be used
-- * when dispatching the requests to the service
-- */
--enum {
-- TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u),
-- TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
-- TFM_CRYPTO_OPEN_KEY_SID,
-- TFM_CRYPTO_CLOSE_KEY_SID,
-- TFM_CRYPTO_IMPORT_KEY_SID,
-- TFM_CRYPTO_DESTROY_KEY_SID,
-- TFM_CRYPTO_EXPORT_KEY_SID,
-- TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
-- TFM_CRYPTO_PURGE_KEY_SID,
-- TFM_CRYPTO_COPY_KEY_SID,
-- TFM_CRYPTO_HASH_COMPUTE_SID,
-- TFM_CRYPTO_HASH_COMPARE_SID,
-- TFM_CRYPTO_HASH_SETUP_SID,
-- TFM_CRYPTO_HASH_UPDATE_SID,
-- TFM_CRYPTO_HASH_FINISH_SID,
-- TFM_CRYPTO_HASH_VERIFY_SID,
-- TFM_CRYPTO_HASH_ABORT_SID,
-- TFM_CRYPTO_HASH_CLONE_SID,
-- TFM_CRYPTO_MAC_COMPUTE_SID,
-- TFM_CRYPTO_MAC_VERIFY_SID,
-- TFM_CRYPTO_MAC_SIGN_SETUP_SID,
-- TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
-- TFM_CRYPTO_MAC_UPDATE_SID,
-- TFM_CRYPTO_MAC_SIGN_FINISH_SID,
-- TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
-- TFM_CRYPTO_MAC_ABORT_SID,
-- TFM_CRYPTO_CIPHER_ENCRYPT_SID,
-- TFM_CRYPTO_CIPHER_DECRYPT_SID,
-- TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
-- TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
-- TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
-- TFM_CRYPTO_CIPHER_SET_IV_SID,
-- TFM_CRYPTO_CIPHER_UPDATE_SID,
-- TFM_CRYPTO_CIPHER_FINISH_SID,
-- TFM_CRYPTO_CIPHER_ABORT_SID,
-- TFM_CRYPTO_AEAD_ENCRYPT_SID,
-- TFM_CRYPTO_AEAD_DECRYPT_SID,
-- TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
-- TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
-- TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
-- TFM_CRYPTO_AEAD_SET_NONCE_SID,
-- TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
-- TFM_CRYPTO_AEAD_UPDATE_AD_SID,
-- TFM_CRYPTO_AEAD_UPDATE_SID,
-- TFM_CRYPTO_AEAD_FINISH_SID,
-- TFM_CRYPTO_AEAD_VERIFY_SID,
-- TFM_CRYPTO_AEAD_ABORT_SID,
-- TFM_CRYPTO_SIGN_MESSAGE_SID,
-- TFM_CRYPTO_VERIFY_MESSAGE_SID,
-- TFM_CRYPTO_SIGN_HASH_SID,
-- TFM_CRYPTO_VERIFY_HASH_SID,
-- TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
-- TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
-- TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
-- TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
-- TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
-- TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
-- TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
-- TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
-- TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
-- TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
-- TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
-- TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
-- TFM_CRYPTO_GENERATE_RANDOM_SID,
-- TFM_CRYPTO_GENERATE_KEY_SID,
-- TFM_CRYPTO_SID_MAX,
--};
--
- /******** TFM_SP_PLATFORM ********/
- #define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U)
- #define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U)
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-index e4a2b167..9276748d 100644
---- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
-@@ -37,7 +37,7 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
- struct rpc_caller *caller = ipc->caller;
- psa_status_t status;
- struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_SIGN_HASH_SID,
-+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
- .key_id = id,
- .alg = alg,
- };
-@@ -70,7 +70,7 @@ static inline psa_status_t crypto_caller_sign_message(struct service_client *con
- struct rpc_caller *caller = ipc->caller;
- psa_status_t status;
- struct psa_ipc_crypto_pack_iovec iov = {
-- .sfn_id = TFM_CRYPTO_SIGN_MESSAGE_SID,
-+ .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
- .key_id = id,
- .alg = alg,
- };
-diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-index cc9279ee..bcd8e0e4 100644
---- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-+++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
-@@ -63,7 +63,7 @@ static inline psa_status_t crypto_caller_verify_hash(struct service_client *cont
- {
-
- return crypto_caller_common(context,id,alg,hash,hash_length,
-- signature,signature_length, TFM_CRYPTO_VERIFY_HASH_SID);
-+ signature,signature_length, TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH_SID);
- }
-
- static inline psa_status_t crypto_caller_verify_message(struct service_client *context,
-@@ -76,7 +76,7 @@ static inline psa_status_t crypto_caller_verify_message(struct service_client *c
- {
-
- return crypto_caller_common(context,id,alg,hash,hash_length,
-- signature,signature_length, TFM_CRYPTO_VERIFY_MESSAGE_SID);
-+ signature,signature_length, TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE_SID);
- }
-
- #ifdef __cplusplus
---
-2.25.1
-
generated by cgit v1.2.3 (git 2.39.0) at 2024-05-19 22:30:31 +0300