yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

psa: driver: Replace pcd_ prefix with psa_drv_

Browse source 
The `pcd_` prefix is ambiguous and does not make it clear that the types
and symbols are standardized by PSA. Replace `pcd_` with a prefix that can
be shared with all PSA drivers, `psa_drv_`.
This commit is contained in:
Jaeden Amero 2018-10-26 10:49:58 +01:00
parent e095d60d95
commit 1acb2c4317
1 changed files with 349 additions and 349 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

280
include/psa/crypto_driver.h
View file

@ -48,7 +48,7 @@ typedef uint32_t psa_key_usage_t;
/** \defgroup opaque_mac Opaque Message Authentication Code /** \defgroup opaque_mac Opaque Message Authentication Code
* Generation and authentication of Message Authentication Codes (MACs) using * Generation and authentication of Message Authentication Codes (MACs) using
* opaque keys can be done either as a single function call (via the * opaque keys can be done either as a single function call (via the
* `pcd_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in * `psa_drv_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in
* parts using the following sequence: * parts using the following sequence:
* - `psa_mac_opaque_setup_t` * - `psa_mac_opaque_setup_t`
* - `psa_mac_opaque_update_t` * - `psa_mac_opaque_update_t`
@ -75,7 +75,7 @@ typedef uint32_t psa_key_usage_t;
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context, typedef psa_status_t (*psa_drv_mac_opaque_setup_t)(void *p_context,
psa_key_slot_t key_slot, psa_key_slot_t key_slot,
psa_algorithm_t algorithm); psa_algorithm_t algorithm);
@ -89,7 +89,7 @@ typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context,
* to the MAC operation * to the MAC operation
* \param[in] input_length The size in bytes of the input message buffer * \param[in] input_length The size in bytes of the input message buffer
*/ */
typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, typedef psa_status_t (*psa_drv_mac_opaque_update_t)(void *p_context,
const uint8_t *p_input, const uint8_t *p_input,
size_t input_length); size_t input_length);
@ -109,7 +109,7 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context, typedef psa_status_t (*psa_drv_mac_opaque_finish_t)(void *p_context,
uint8_t *p_mac, uint8_t *p_mac,
size_t mac_size, size_t mac_size,
size_t *p_mac_length); size_t *p_mac_length);
@ -130,7 +130,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context,
* The operation completed successfully, but the calculated MAC did * The operation completed successfully, but the calculated MAC did
* not match the provided MAC * not match the provided MAC
*/ */
typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context, typedef psa_status_t (*psa_drv_mac_opaque_finish_verify_t)(void *p_context,
const uint8_t *p_mac, const uint8_t *p_mac,
size_t mac_length); size_t mac_length);
@ -139,7 +139,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context,
* \param[in,out] p_context A hardware-specific structure for the previously * \param[in,out] p_context A hardware-specific structure for the previously
* started MAC operation to be aborted * started MAC operation to be aborted
*/ */
typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); typedef psa_status_t (*psa_drv_mac_opaque_abort_t)(void *p_context);
/** \brief A function that performs a MAC operation in one command and returns /** \brief A function that performs a MAC operation in one command and returns
* the calculated MAC using an opaque key * the calculated MAC using an opaque key
@ -158,7 +158,7 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input, typedef psa_status_t (*psa_drv_mac_opaque_generate_t)(const uint8_t *p_input,
size_t input_length, size_t input_length,
psa_key_slot_t key_slot, psa_key_slot_t key_slot,
psa_algorithm_t alg, psa_algorithm_t alg,
@ -185,7 +185,7 @@ typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input,
* The operation completed successfully, but the calculated MAC did * The operation completed successfully, but the calculated MAC did
* not match the provided MAC * not match the provided MAC
*/ */
typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input, typedef psa_status_t (*psa_drv_mac_opaque_verify_t)(const uint8_t *p_input,
size_t input_length, size_t input_length,
psa_key_slot_t key_slot, psa_key_slot_t key_slot,
psa_algorithm_t alg, psa_algorithm_t alg,
@ -199,7 +199,7 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
* upon startup. * upon startup.
* *
* If one of the functions is not implemented (such as * If one of the functions is not implemented (such as
* `pcd_mac_opaque_generate_t`), it should be set to NULL. * `psa_drv_mac_opaque_generate_t`), it should be set to NULL.
* *
* Driver implementers should ensure that they implement all of the functions * Driver implementers should ensure that they implement all of the functions
* that make sense for their hardware, and that they provide a full solution * that make sense for their hardware, and that they provide a full solution
@ -207,38 +207,38 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
* `p_update` and at least one of `p_finish` or `p_finish_verify`). * `p_update` and at least one of `p_finish` or `p_finish_verify`).
* *
*/ */
struct pcd_mac_opaque_t { struct psa_drv_mac_opaque_t {
/**The size in bytes of the hardware-specific Opaque-MAC Context structure /**The size in bytes of the hardware-specific Opaque-MAC Context structure
*/ */
size_t context_size; size_t context_size;
/** Function that performs the setup operation /** Function that performs the setup operation
*/ */
pcd_mac_opaque_setup_t *p_setup; psa_drv_mac_opaque_setup_t *p_setup;
/** Function that performs the update operation /** Function that performs the update operation
*/ */
pcd_mac_opaque_update_t *p_update; psa_drv_mac_opaque_update_t *p_update;
/** Function that completes the operation /** Function that completes the operation
*/ */
pcd_mac_opaque_finish_t *p_finish; psa_drv_mac_opaque_finish_t *p_finish;
/** Function that completed a MAC operation with a verify check /** Function that completed a MAC operation with a verify check
*/ */
pcd_mac_opaque_finish_verify_t *p_finish_verify; psa_drv_mac_opaque_finish_verify_t *p_finish_verify;
/** Function that aborts a previoustly started operation /** Function that aborts a previoustly started operation
*/ */
pcd_mac_opaque_abort_t *p_abort; psa_drv_mac_opaque_abort_t *p_abort;
/** Function that performs the MAC operation in one call /** Function that performs the MAC operation in one call
*/ */
pcd_mac_opaque_generate_t *p_mac; psa_drv_mac_opaque_generate_t *p_mac;
/** Function that performs the MAC and verify operation in one call /** Function that performs the MAC and verify operation in one call
*/ */
pcd_mac_opaque_verify_t *p_mac_verify; psa_drv_mac_opaque_verify_t *p_mac_verify;
}; };
/**@}*/ /**@}*/
/** \defgroup transparent_mac Transparent Message Authentication Code /** \defgroup transparent_mac Transparent Message Authentication Code
* Generation and authentication of Message Authentication Codes (MACs) using * Generation and authentication of Message Authentication Codes (MACs) using
* transparent keys can be done either as a single function call (via the * transparent keys can be done either as a single function call (via the
* `pcd_mac_transparent_generate_t` or `psa_mac_transparent_verify_t` * `psa_drv_mac_transparent_generate_t` or `psa_mac_transparent_verify_t`
* functions), or in parts using the following sequence: * functions), or in parts using the following sequence:
* - `psa_mac_transparent_setup_t` * - `psa_mac_transparent_setup_t`
* - `psa_mac_transparent_update_t` * - `psa_mac_transparent_update_t`
@ -259,7 +259,7 @@ struct pcd_mac_opaque_t {
* The contents of this structure are implementation dependent and are * The contents of this structure are implementation dependent and are
* therefore not described here. * therefore not described here.
*/ */
typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t; typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t;
/** \brief The function prototype for the setup operation of a /** \brief The function prototype for the setup operation of a
* transparent-key MAC operation * transparent-key MAC operation
@ -267,7 +267,7 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_setup * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_setup
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT` * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
* is the specific variant of a MAC operation (such as HMAC or CMAC) * is the specific variant of a MAC operation (such as HMAC or CMAC)
@ -281,7 +281,7 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context,
const uint8_t *p_key, const uint8_t *p_key,
size_t key_length); size_t key_length);
@ -291,7 +291,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_update * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_update
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
* is the specific variant of a MAC operation (such as HMAC or CMAC) * is the specific variant of a MAC operation (such as HMAC or CMAC)
@ -303,7 +303,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_
* to the MAC operation * to the MAC operation
* \param[in] input_length The size in bytes of the input message buffer * \param[in] input_length The size in bytes of the input message buffer
*/ */
typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context,
const uint8_t *p_input, const uint8_t *p_input,
size_t input_length); size_t input_length);
@ -313,7 +313,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_finish * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
* the specific variant of a MAC operation (such as HMAC or CMAC) * the specific variant of a MAC operation (such as HMAC or CMAC)
@ -328,7 +328,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context,
uint8_t *p_mac, uint8_t *p_mac,
size_t mac_length); size_t mac_length);
@ -338,7 +338,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
* the specific variant of a MAC operation (such as HMAC or CMAC) * the specific variant of a MAC operation (such as HMAC or CMAC)
@ -354,7 +354,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* The operation completed successfully and the comparison matched * The operation completed successfully and the comparison matched
*/ */
typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context,
const uint8_t *p_mac, const uint8_t *p_mac,
size_t mac_length); size_t mac_length);
@ -364,7 +364,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_abort * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_abort
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
* the specific variant of a MAC operation (such as HMAC or CMAC) * the specific variant of a MAC operation (such as HMAC or CMAC)
@ -374,7 +374,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_
* aborted * aborted
* *
*/ */
typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_t *p_context); typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context);
/** \brief The function prototype for a one-shot operation of a transparent-key /** \brief The function prototype for a one-shot operation of a transparent-key
* MAC operation * MAC operation
@ -382,7 +382,7 @@ typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_mac_transparent_<ALGO>_<MAC_VARIANT> * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
* the specific variant of a MAC operation (such as HMAC or CMAC) * the specific variant of a MAC operation (such as HMAC or CMAC)
@ -397,7 +397,7 @@ typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_
* upon success * upon success
* \param[in] mac_length The length in bytes of the `p_mac` buffer * \param[in] mac_length The length in bytes of the `p_mac` buffer
*/ */
typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input,
size_t input_length, size_t input_length,
const uint8_t *p_key, const uint8_t *p_key,
size_t key_length, size_t key_length,
@ -411,7 +411,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_verify * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_verify
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
* the specific variant of a MAC operation (such as HMAC or CMAC) * the specific variant of a MAC operation (such as HMAC or CMAC)
@ -428,7 +428,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* The operation completed successfully and the comparison matched * The operation completed successfully and the comparison matched
*/ */
typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input,
size_t input_length, size_t input_length,
const uint8_t *p_key, const uint8_t *p_key,
size_t key_length, size_t key_length,
@ -441,11 +441,11 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
* *
* Encryption and Decryption using opaque keys in block modes other than ECB * Encryption and Decryption using opaque keys in block modes other than ECB
* must be done in multiple parts, using the following flow: * must be done in multiple parts, using the following flow:
* - `pcd_cipher_opaque_setup_t` * - `psa_drv_cipher_opaque_setup_t`
* - `pcd_cipher_opaque_set_iv_t` (optional depending upon block mode) * - `psa_drv_cipher_opaque_set_iv_t` (optional depending upon block mode)
* - `pcd_cipher_opaque_update_t` * - `psa_drv_cipher_opaque_update_t`
* - ... * - ...
* - `pcd_cipher_opaque_finish_t` * - `psa_drv_cipher_opaque_finish_t`
* If a previously started Opaque Cipher operation needs to be terminated, it * If a previously started Opaque Cipher operation needs to be terminated, it
* should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may
@ -454,7 +454,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
* *
* In situations where a PSA Cryptographic API implementation is using a block * In situations where a PSA Cryptographic API implementation is using a block
* mode not-supported by the underlying hardware or driver, it can construct * mode not-supported by the underlying hardware or driver, it can construct
* the block mode itself, while calling the `pcd_cipher_opaque_ecb_t` function * the block mode itself, while calling the `psa_drv_cipher_opaque_ecb_t` function
* pointer for the cipher operations. * pointer for the cipher operations.
*/ */
/**@{*/ /**@{*/
@ -474,7 +474,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* \retval PSA_ERROR_NOT_SUPPORTED * \retval PSA_ERROR_NOT_SUPPORTED
*/ */
typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context,
psa_key_slot_t key_slot, psa_key_slot_t key_slot,
psa_algorithm_t algorithm, psa_algorithm_t algorithm,
encrypt_or_decrypt_t direction); encrypt_or_decrypt_t direction);
@ -494,7 +494,7 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context, typedef psa_status_t (*psa_drv_cipher_opaque_set_iv_t)(void *p_context,
const uint8_t *p_iv, const uint8_t *p_iv,
size_t iv_length); size_t iv_length);
@ -516,7 +516,7 @@ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context,
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context, typedef psa_status_t (*psa_drv_cipher_opaque_update_t)(void *p_context,
const uint8_t *p_input, const uint8_t *p_input,
size_t input_size, size_t input_size,
uint8_t *p_output, uint8_t *p_output,
@ -537,7 +537,7 @@ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context,
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context, typedef psa_status_t (*psa_drv_cipher_opaque_finish_t)(void *p_context,
uint8_t *p_output, uint8_t *p_output,
size_t output_size, size_t output_size,
size_t *p_output_length); size_t *p_output_length);
@ -548,7 +548,7 @@ typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context,
* \param[in,out] p_context A hardware-specific structure for the * \param[in,out] p_context A hardware-specific structure for the
* previously started cipher operation * previously started cipher operation
*/ */
typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context);
/** \brief A function that performs the ECB block mode for opaque-key cipher /** \brief A function that performs the ECB block mode for opaque-key cipher
* operations * operations
@ -572,7 +572,7 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* \retval PSA_ERROR_NOT_SUPPORTED * \retval PSA_ERROR_NOT_SUPPORTED
*/ */
typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
psa_algorithm_t algorithm, psa_algorithm_t algorithm,
encrypt_or_decrypt_t direction, encrypt_or_decrypt_t direction,
const uint8_t *p_input, const uint8_t *p_input,
@ -588,28 +588,28 @@ typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
* appropriate upon startup. * appropriate upon startup.
* *
* If one of the functions is not implemented (such as * If one of the functions is not implemented (such as
* `pcd_cipher_opaque_ecb_t`), it should be set to NULL. * `psa_drv_cipher_opaque_ecb_t`), it should be set to NULL.
*/ */
struct pcd_cipher_opaque_t { struct psa_drv_cipher_opaque_t {
/** The size in bytes of the hardware-specific Opaque Cipher context /** The size in bytes of the hardware-specific Opaque Cipher context
* structure * structure
*/ */
size_t size; size_t size;
/** Function that performs the setup operation */ /** Function that performs the setup operation */
pcd_cipher_opaque_setup_t *p_setup; psa_drv_cipher_opaque_setup_t *p_setup;
/** Function that sets the IV (if necessary) */ /** Function that sets the IV (if necessary) */
pcd_cipher_opaque_set_iv_t *p_set_iv; psa_drv_cipher_opaque_set_iv_t *p_set_iv;
/** Function that performs the update operation */ /** Function that performs the update operation */
pcd_cipher_opaque_update_t *p_update; psa_drv_cipher_opaque_update_t *p_update;
/** Function that completes the operation */ /** Function that completes the operation */
pcd_cipher_opaque_finish_t *p_finish; psa_drv_cipher_opaque_finish_t *p_finish;
/** Function that aborts the operation */ /** Function that aborts the operation */
pcd_cipher_opaque_abort_t *p_abort; psa_drv_cipher_opaque_abort_t *p_abort;
/** Function that performs ECB mode for the cipher /** Function that performs ECB mode for the cipher
* (Danger: ECB mode should not be used directly by clients of the PSA * (Danger: ECB mode should not be used directly by clients of the PSA
* Crypto Client API) * Crypto Client API)
*/ */
pcd_cipher_opaque_ecb_t *p_ecb; psa_drv_cipher_opaque_ecb_t *p_ecb;
}; };
/**@}*/ /**@}*/
@ -617,11 +617,11 @@ struct pcd_cipher_opaque_t {
/** \defgroup transparent_cipher Transparent Block Cipher /** \defgroup transparent_cipher Transparent Block Cipher
* Encryption and Decryption using transparent keys in block modes other than * Encryption and Decryption using transparent keys in block modes other than
* ECB must be done in multiple parts, using the following flow: * ECB must be done in multiple parts, using the following flow:
* - `pcd_cipher_transparent_setup_t` * - `psa_drv_cipher_transparent_setup_t`
* - `pcd_cipher_transparent_set_iv_t` (optional depending upon block mode) * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode)
* - `pcd_cipher_transparent_update_t` * - `psa_drv_cipher_transparent_update_t`
* - ... * - ...
* - `pcd_cipher_transparent_finish_t` * - `psa_drv_cipher_transparent_finish_t`
* If a previously started Transparent Cipher operation needs to be terminated, * If a previously started Transparent Cipher operation needs to be terminated,
* it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do * it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do
@ -635,21 +635,21 @@ struct pcd_cipher_opaque_t {
* The contents of this structure are implementation dependent and are * The contents of this structure are implementation dependent and are
* therefore not described here. * therefore not described here.
*/ */
typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t; typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t;
/** \brief The function prototype for the setup operation of transparent-key /** \brief The function prototype for the setup operation of transparent-key
* block cipher operations. * block cipher operations.
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* conventions: * conventions:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_cipher_transparent_setup_<CIPHER_NAME>_<MODE> * psa_drv_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where * Where
* - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
* - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
* or for stream ciphers: * or for stream ciphers:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_cipher_transparent_setup_<CIPHER_NAME> * psa_drv_cipher_transparent_setup_<CIPHER_NAME>
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4) * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
* *
@ -663,7 +663,7 @@ typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context,
encrypt_or_decrypt_t direction, encrypt_or_decrypt_t direction,
const uint8_t *p_key_data, const uint8_t *p_key_data,
size_t key_data_size); size_t key_data_size);
@ -673,7 +673,7 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE> * psa_drv_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where * Where
* - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@ -686,7 +686,7 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context,
const uint8_t *p_iv, const uint8_t *p_iv,
size_t iv_length); size_t iv_length);
@ -696,7 +696,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_cipher_transparent_update_<CIPHER_NAME>_<MODE> * psa_drv_cipher_transparent_update_<CIPHER_NAME>_<MODE>
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where * Where
* - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@ -715,7 +715,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context,
const uint8_t *p_input, const uint8_t *p_input,
size_t input_size, size_t input_size,
uint8_t *p_output, uint8_t *p_output,
@ -728,7 +728,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_cipher_transparent_finish_<CIPHER_NAME>_<MODE> * psa_drv_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where * Where
* - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@ -744,7 +744,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_context_t *p_context, typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context,
uint8_t *p_output, uint8_t *p_output,
size_t output_size, size_t output_size,
size_t *p_output_length); size_t *p_output_length);
@ -755,7 +755,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c
* Functions that implement the following prototype should be named in the * Functions that implement the following prototype should be named in the
* following convention: * following convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_cipher_transparent_abort_<CIPHER_NAME>_<MODE> * psa_drv_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where * Where
* - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@ -766,7 +766,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_context_t *p_context); typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context);
/**@}*/ /**@}*/
@ -791,7 +791,7 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_co
* The contents of this structure are implementation dependent and are * The contents of this structure are implementation dependent and are
* therefore not described here * therefore not described here
*/ */
typedef struct pcd_hash_context_s pcd_hash_context_t; typedef struct psa_drv_hash_context_s psa_drv_hash_context_t;
/** \brief The function prototype for the start operation of a hash (message /** \brief The function prototype for the start operation of a hash (message
* digest) operation * digest) operation
@ -799,7 +799,7 @@ typedef struct pcd_hash_context_s pcd_hash_context_t;
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_hash_<ALGO>_setup * psa_drv_hash_<ALGO>_setup
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying hash function * Where `ALGO` is the name of the underlying hash function
* *
@ -808,7 +808,7 @@ typedef struct pcd_hash_context_s pcd_hash_context_t;
* *
* \retval PSA_SUCCESS Success. * \retval PSA_SUCCESS Success.
*/ */
typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context); typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
/** \brief The function prototype for the update operation of a hash (message /** \brief The function prototype for the update operation of a hash (message
* digest) operation * digest) operation
@ -816,7 +816,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_hash_<ALGO>_update * psa_drv_hash_<ALGO>_update
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm * Where `ALGO` is the name of the underlying algorithm
* *
@ -827,7 +827,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
* to the hash operation * to the hash operation
* \param[in] input_length The size in bytes of the input message buffer * \param[in] input_length The size in bytes of the input message buffer
*/ */
typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context, typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context,
const uint8_t *p_input, const uint8_t *p_input,
size_t input_length); size_t input_length);
@ -837,7 +837,7 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_hash_<ALGO>_finish * psa_drv_hash_<ALGO>_finish
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm * Where `ALGO` is the name of the underlying algorithm
* *
@ -854,7 +854,7 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context, typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
uint8_t *p_output, uint8_t *p_output,
size_t output_size, size_t output_size,
size_t *p_output_length); size_t *p_output_length);
@ -865,14 +865,14 @@ typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context,
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_hash_<ALGO>_abort * psa_drv_hash_<ALGO>_abort
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the underlying algorithm * Where `ALGO` is the name of the underlying algorithm
* *
* \param[in,out] p_context A hardware-specific structure for the previously * \param[in,out] p_context A hardware-specific structure for the previously
* started hash operation to be aborted * started hash operation to be aborted
*/ */
typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context); typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context);
/**@}*/ /**@}*/
@ -900,7 +900,7 @@ typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context);
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_hash, const uint8_t *p_hash,
size_t hash_length, size_t hash_length,
@ -924,7 +924,7 @@ typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* The signature is valid. * The signature is valid.
*/ */
typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_hash, const uint8_t *p_hash,
size_t hash_length, size_t hash_length,
@ -960,7 +960,7 @@ typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_input, const uint8_t *p_input,
size_t input_length, size_t input_length,
@ -997,7 +997,7 @@ typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_input, const uint8_t *p_input,
size_t input_length, size_t input_length,
@ -1016,15 +1016,15 @@ typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
* *
* If one of the functions is not implemented, it should be set to NULL. * If one of the functions is not implemented, it should be set to NULL.
*/ */
struct pcd_asymmetric_opaque_t { struct psa_drv_asymmetric_opaque_t {
/** Function that performs the asymmetric sign operation */ /** Function that performs the asymmetric sign operation */
pcd_asymmetric_opaque_sign_t *p_sign; psa_drv_asymmetric_opaque_sign_t *p_sign;
/** Function that performs the asymmetric verify operation */ /** Function that performs the asymmetric verify operation */
pcd_asymmetric_opaque_verify_t *p_verify; psa_drv_asymmetric_opaque_verify_t *p_verify;
/** Function that performs the asymmetric encrypt operation */ /** Function that performs the asymmetric encrypt operation */
pcd_asymmetric_opaque_encrypt_t *p_encrypt; psa_drv_asymmetric_opaque_encrypt_t *p_encrypt;
/** Function that performs the asymmetric decrypt operation */ /** Function that performs the asymmetric decrypt operation */
pcd_asymmetric_opaque_decrypt_t *p_decrypt; psa_drv_asymmetric_opaque_decrypt_t *p_decrypt;
}; };
/**@}*/ /**@}*/
@ -1045,7 +1045,7 @@ struct pcd_asymmetric_opaque_t {
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_asymmetric_<ALGO>_sign * psa_drv_asymmetric_<ALGO>_sign
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the signing algorithm * Where `ALGO` is the name of the signing algorithm
* *
@ -1063,7 +1063,7 @@ struct pcd_asymmetric_opaque_t {
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key,
size_t key_size, size_t key_size,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_hash, const uint8_t *p_hash,
@ -1079,7 +1079,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_asymmetric_<ALGO>_verify * psa_drv_asymmetric_<ALGO>_verify
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the signing algorithm * Where `ALGO` is the name of the signing algorithm
* *
@ -1096,7 +1096,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
* The signature is valid. * The signature is valid.
*/ */
typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key,
size_t key_size, size_t key_size,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_hash, const uint8_t *p_hash,
@ -1111,7 +1111,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_asymmetric_<ALGO>_encrypt * psa_drv_asymmetric_<ALGO>_encrypt
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the encryption algorithm * Where `ALGO` is the name of the encryption algorithm
* *
@ -1140,7 +1140,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key,
size_t key_size, size_t key_size,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_input, const uint8_t *p_input,
@ -1157,7 +1157,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_asymmetric_<ALGO>_decrypt * psa_drv_asymmetric_<ALGO>_decrypt
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the encryption algorithm * Where `ALGO` is the name of the encryption algorithm
* *
@ -1186,7 +1186,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key,
size_t key_size, size_t key_size,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *p_input, const uint8_t *p_input,
@ -1237,7 +1237,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
psa_algorithm_t algorithm, psa_algorithm_t algorithm,
const uint8_t *p_nonce, const uint8_t *p_nonce,
size_t nonce_length, size_t nonce_length,
@ -1277,7 +1277,7 @@ typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
psa_algorithm_t algorithm, psa_algorithm_t algorithm,
const uint8_t *p_nonce, const uint8_t *p_nonce,
size_t nonce_length, size_t nonce_length,
@ -1298,11 +1298,11 @@ typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
* *
* If one of the functions is not implemented, it should be set to NULL. * If one of the functions is not implemented, it should be set to NULL.
*/ */
struct pcd_aead_opaque_t { struct psa_drv_aead_opaque_t {
/** Function that performs the AEAD encrypt operation */ /** Function that performs the AEAD encrypt operation */
pcd_aead_opaque_encrypt_t *p_encrypt; psa_drv_aead_opaque_encrypt_t *p_encrypt;
/** Function that performs the AEAD decrypt operation */ /** Function that performs the AEAD decrypt operation */
pcd_aead_opaque_decrypt_t *p_decrypt; psa_drv_aead_opaque_decrypt_t *p_decrypt;
}; };
/**@}*/ /**@}*/
@ -1322,7 +1322,7 @@ struct pcd_aead_opaque_t {
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_aead_<ALGO>_encrypt * psa_drv_aead_<ALGO>_encrypt
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the AEAD algorithm * Where `ALGO` is the name of the AEAD algorithm
* *
@ -1357,7 +1357,7 @@ struct pcd_aead_opaque_t {
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key,
size_t key_length, size_t key_length,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *nonce, const uint8_t *nonce,
@ -1375,7 +1375,7 @@ typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key,
* Functions that implement the prototype should be named in the following * Functions that implement the prototype should be named in the following
* convention: * convention:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_aead_<ALGO>_decrypt * psa_drv_aead_<ALGO>_decrypt
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* Where `ALGO` is the name of the AEAD algorithm * Where `ALGO` is the name of the AEAD algorithm
* \param[in] p_key A pointer to the key material * \param[in] p_key A pointer to the key material
@ -1408,7 +1408,7 @@ typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key,
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key,
size_t key_length, size_t key_length,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *nonce, const uint8_t *nonce,
@ -1430,7 +1430,7 @@ typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key,
/** \brief A hardware-specific structure for a entropy providing hardware /** \brief A hardware-specific structure for a entropy providing hardware
*/ */
typedef struct pcd_entropy_context_s pcd_entropy_context_t; typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t;
/** \brief Initialize an entropy driver /** \brief Initialize an entropy driver
* *
@ -1441,7 +1441,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t;
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context);
/** \brief Get a specified number of bits from the entropy source /** \brief Get a specified number of bits from the entropy source
* *
@ -1469,7 +1469,7 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context, typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context,
uint8_t *p_buffer, uint8_t *p_buffer,
uint32_t buffer_size, uint32_t buffer_size,
uint32_t *p_received_entropy_bits); uint32_t *p_received_entropy_bits);
@ -1483,12 +1483,12 @@ typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context,
* *
* If one of the functions is not implemented, it should be set to NULL. * If one of the functions is not implemented, it should be set to NULL.
*/ */
struct pcd_entropy_t { struct psa_drv_entropy_t {
/** Function that performs initialization for the entropy source */ /** Function that performs initialization for the entropy source */
pcd_entropy_init_t *p_init; psa_drv_entropy_init_t *p_init;
/** Function that performs the get_bits operation for the entropy source /** Function that performs the get_bits operation for the entropy source
*/ */
pcd_entropy_get_bits_t *p_get_bits; psa_drv_entropy_get_bits_t *p_get_bits;
}; };
/**@}*/ /**@}*/
@ -1517,7 +1517,7 @@ struct pcd_entropy_t {
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
* Success. * Success.
*/ */
typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot, typedef psa_status_t (*psa_drv_opaque_import_key_t)(psa_key_slot_t key_slot,
psa_key_type_t type, psa_key_type_t type,
psa_algorithm_t algorithm, psa_algorithm_t algorithm,
psa_key_usage_t usage, psa_key_usage_t usage,
@ -1540,7 +1540,7 @@ typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot,
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
* The slot's content, if any, has been erased. * The slot's content, if any, has been erased.
*/ */
typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key); typedef psa_status_t (*psa_drv_destroy_key_t)(psa_key_slot_t key);
/** /**
* \brief Export a key in binary format * \brief Export a key in binary format
@ -1582,7 +1582,7 @@ typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key);
* \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_TAMPERING_DETECTED
*/ */
typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key, typedef psa_status_t (*psa_drv_export_key_t)(psa_key_slot_t key,
uint8_t *p_data, uint8_t *p_data,
size_t data_size, size_t data_size,
size_t *p_data_length); size_t *p_data_length);
@ -1608,7 +1608,7 @@ typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key,
* *
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key, typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key,
uint8_t *p_data, uint8_t *p_data,
size_t data_size, size_t data_size,
size_t *p_data_length); size_t *p_data_length);
@ -1622,15 +1622,15 @@ typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key,
* *
* If one of the functions is not implemented, it should be set to NULL. * If one of the functions is not implemented, it should be set to NULL.
*/ */
struct pcd_key_management_t { struct psa_drv_key_management_t {
/** Function that performs the key import operation */ /** Function that performs the key import operation */
pcd_opaque_import_key_t *p_import; psa_drv_opaque_import_key_t *p_import;
/** Function that performs the key destroy operation */ /** Function that performs the key destroy operation */
pcd_destroy_key_t *p_destroy; psa_drv_destroy_key_t *p_destroy;
/** Function that performs the key export operation */ /** Function that performs the key export operation */
pcd_export_key_t *p_export; psa_drv_export_key_t *p_export;
/** Function that perforsm the public key export operation */ /** Function that perforsm the public key export operation */
pcd_export_public_key_t *p_export_public; psa_drv_export_public_key_t *p_export_public;
}; };
/**@}*/ /**@}*/
@ -1646,38 +1646,38 @@ struct pcd_key_management_t {
* for both of the flows. * for both of the flows.
* *
* There are two different final functions for the flows, * There are two different final functions for the flows,
* `pcd_key_derivation_derive` and `pcd_key_derivation_export`. * `psa_drv_key_derivation_derive` and `psa_drv_key_derivation_export`.
* `pcd_key_derivation_derive` is used when the key material should be placed * `psa_drv_key_derivation_derive` is used when the key material should be placed
* in a slot on the hardware and not exposed to the caller. * in a slot on the hardware and not exposed to the caller.
* `pcd_key_derivation_export` is used when the key material should be returned * `psa_drv_key_derivation_export` is used when the key material should be returned
* to the PSA Cryptographic API implementation. * to the PSA Cryptographic API implementation.
* *
* Different key derivation algorithms require a different number of inputs. * Different key derivation algorithms require a different number of inputs.
* Instead of having an API that takes as input variable length arrays, which * Instead of having an API that takes as input variable length arrays, which
* can be problemmatic to manage on embedded platforms, the inputs are passed * can be problemmatic to manage on embedded platforms, the inputs are passed
* to the driver via a function, `pcd_key_derivation_collateral`, that is * to the driver via a function, `psa_drv_key_derivation_collateral`, that is
* called multiple times with different `collateral_id`s. Thus, for a key * called multiple times with different `collateral_id`s. Thus, for a key
* derivation algorithm that required 3 paramter inputs, the flow would look * derivation algorithm that required 3 paramter inputs, the flow would look
* something like: * something like:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); * psa_drv_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
* pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0, * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_0,
* p_collateral_0, * p_collateral_0,
* collateral_0_size); * collateral_0_size);
* pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1, * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_1,
* p_collateral_1, * p_collateral_1,
* collateral_1_size); * collateral_1_size);
* pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2, * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_2,
* p_collateral_2, * p_collateral_2,
* collateral_2_size); * collateral_2_size);
* pcd_key_derivation_derive(); * psa_drv_key_derivation_derive();
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
* *
* key agreement example: * key agreement example:
* ~~~~~~~~~~~~~{.c} * ~~~~~~~~~~~~~{.c}
* pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes); * psa_drv_key_derivation_setup(alg, source_key. dest_key_size_bytes);
* pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); * psa_drv_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
* pcd_key_derivation_export(p_session_key, * psa_drv_key_derivation_export(p_session_key,
* session_key_size, * session_key_size,
* &session_key_length); * &session_key_length);
* ~~~~~~~~~~~~~ * ~~~~~~~~~~~~~
@ -1689,7 +1689,7 @@ struct pcd_key_management_t {
* The contents of this structure are implementation dependent and are * The contents of this structure are implementation dependent and are
* therefore not described here * therefore not described here
*/ */
typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t; typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t;
/** \brief Set up a key derivation operation by specifying the algorithm and /** \brief Set up a key derivation operation by specifying the algorithm and
* the source key sot * the source key sot
@ -1702,7 +1702,7 @@ typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t;
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t *p_context, typedef psa_status_t (*psa_drv_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context,
psa_algorithm_t kdf_alg, psa_algorithm_t kdf_alg,
psa_key_slot_t source_key); psa_key_slot_t source_key);
@ -1721,7 +1721,7 @@ typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_context_t *p_context, typedef psa_status_t (*psa_drv_key_derivation_collateral_t)(psa_drv_key_derivation_context_t *p_context,
uint32_t collateral_id, uint32_t collateral_id,
const uint8_t *p_collateral, const uint8_t *p_collateral,
size_t collateral_size); size_t collateral_size);
@ -1735,7 +1735,7 @@ typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_conte
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t *p_context, typedef psa_status_t (*psa_drv_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context,
psa_key_slot_t dest_key); psa_key_slot_t dest_key);
/** \brief Perform the final step of a key agreement and place the generated /** \brief Perform the final step of a key agreement and place the generated
@ -1749,7 +1749,7 @@ typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t
* *
* \retval PSA_SUCCESS * \retval PSA_SUCCESS
*/ */
typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output, typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output,
size_t output_size, size_t output_size,
size_t *p_output_length); size_t *p_output_length);
@ -1762,16 +1762,16 @@ typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output,
* *
* If one of the functions is not implemented, it should be set to NULL. * If one of the functions is not implemented, it should be set to NULL.
*/ */
struct pcd_key_derivation_t { struct psa_drv_key_derivation_t {
/** Function that performs the key derivation setup */ /** Function that performs the key derivation setup */
pcd_key_derivation_setup_t *p_setup; psa_drv_key_derivation_setup_t *p_setup;
/** Function that sets the key derivation collateral */ /** Function that sets the key derivation collateral */
pcd_key_derivation_collateral_t *p_collateral; psa_drv_key_derivation_collateral_t *p_collateral;
/** Function that performs the final key derivation step */ /** Function that performs the final key derivation step */
pcd_key_derivation_derive_t *p_derive; psa_drv_key_derivation_derive_t *p_derive;
/** Function that perforsm the final key derivation or agreement and /** Function that perforsm the final key derivation or agreement and
* exports the key */ * exports the key */
pcd_key_derivation_export_t *p_export; psa_drv_key_derivation_export_t *p_export;
}; };
/**@}*/ /**@}*/