diff --git a/platform/security/sl_component/sl_mbedtls_support/inc/threading_alt.h b/platform/security/sl_component/sl_mbedtls_support/inc/threading_alt.h
index 02ea5a9f56..43dda0c734 100644
--- a/platform/security/sl_component/sl_mbedtls_support/inc/threading_alt.h
+++ b/platform/security/sl_component/sl_mbedtls_support/inc/threading_alt.h
@@ -1,84 +1,85 @@
/**************************************************************************/ /**
- * @file
- * @brief Threading primitive implementation for mbed TLS
- *******************************************************************************
- * # License
- * Copyright 2021 Silicon Laboratories Inc. www.silabs.com
- *******************************************************************************
- *
- * SPDX-License-Identifier: Zlib
- *
- * The licensor of this software is Silicon Laboratories Inc.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty. In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- * claim that you wrote the original software. If you use this software
- * in a product, an acknowledgment in the product documentation would be
- * appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- * misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- *
- ******************************************************************************/
+ * @file
+ * @brief Threading primitive implementation for mbed TLS
+ *******************************************************************************
+ * # License
+ * Copyright 2021 Silicon Laboratories Inc. www.silabs.com
+ *******************************************************************************
+ *
+ * SPDX-License-Identifier: Zlib
+ *
+ * The licensor of this software is Silicon Laboratories Inc.
+ *
+ * This software is provided 'as-is', without any express or implied
+ * warranty. In no event will the authors be held liable for any damages
+ * arising from the use of this software.
+ *
+ * Permission is granted to anyone to use this software for any purpose,
+ * including commercial applications, and to alter it and redistribute it
+ * freely, subject to the following restrictions:
+ *
+ * 1. The origin of this software must not be misrepresented; you must not
+ * claim that you wrote the original software. If you use this software
+ * in a product, an acknowledgment in the product documentation would be
+ * appreciated but is not required.
+ * 2. Altered source versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software.
+ * 3. This notice may not be removed or altered from any source distribution.
+ *
+ ******************************************************************************/
#ifndef THREADING_ALT_H
#define THREADING_ALT_H
-/***************************************************************************//**
- * \addtogroup sl_crypto
- * \{
- ******************************************************************************/
+/***************************************************************************/ /**
+ * \addtogroup sl_crypto
+ * \{
+ ******************************************************************************/
+
+/***************************************************************************/ /**
+ * \addtogroup sl_crypto_threading Threading Primitives
+ * \brief Threading primitive implementation for mbed TLS
+ *
+ * This file contains the glue logic between the mbed TLS threading API
+ * and CMSIS RTOS2 API.
+ *
+ * In order to enable support for Micrium OS backend
+ * the user must make sure SL_CATALOG_MICRIUMOS_KERNEL_PRESENT is defined.
+ * In order to enable support for FreeRTOS backend the user must make sure
+ * SL_CATALOG_FREERTOS_KERNEL_PRESENT is defined.
+ *
+ * Applications created using Simplicity Studio 5 the sl_component_catalog.h
+ * file will define one of the above in order to declare the presence
+ * of a specific RTOS.
+ *
+ * \note
+ * In order to use the Silicon Labs Hardware Acceleration plugins in
+ * multi-threaded applications, select
+ * Mbed TLS support for EFM32/EFR32 crypto acceleration component.
+ *
+ * \{
+ ******************************************************************************/
-/***************************************************************************//**
- * \addtogroup sl_crypto_threading Threading Primitives
- * \brief Threading primitive implementation for mbed TLS
- *
- * This file contains the glue logic between the mbed TLS threading API
- * and CMSIS RTOS2 API.
- *
- * In order to enable support for Micrium OS backend
- * the user must make sure SL_CATALOG_MICRIUMOS_KERNEL_PRESENT is defined.
- * In order to enable support for FreeRTOS backend the user must make sure
- * SL_CATALOG_FREERTOS_KERNEL_PRESENT is defined.
- *
- * Applications created using Simplicity Studio 5 the sl_component_catalog.h
- * file will define one of the above in order to declare the presence
- * of a specific RTOS.
- *
- * \note
- * In order to use the Silicon Labs Hardware Acceleration plugins in
- * multi-threaded applications, select
- * Mbed TLS support for EFM32/EFR32 crypto acceleration component.
- *
- * \{
- ******************************************************************************/
-
-#include
#include "mbedtls/threading.h"
+#include
#if defined(MBEDTLS_THREADING_ALT) && defined(MBEDTLS_THREADING_C)
#if defined(SL_COMPONENT_CATALOG_PRESENT)
- #include "sl_component_catalog.h"
+#include "sl_component_catalog.h"
#endif
-#if defined(SL_CATALOG_MICRIUMOS_KERNEL_PRESENT) || defined(SL_CATALOG_FREERTOS_KERNEL_PRESENT)
+#if defined(SL_CATALOG_MICRIUMOS_KERNEL_PRESENT) || \
+ defined(SL_CATALOG_FREERTOS_KERNEL_PRESENT)
#include "cmsis_os2.h"
#include "sl_assert.h"
#if defined(SL_CATALOG_FREERTOS_KERNEL_PRESENT)
- #include "FreeRTOSConfig.h"
- #if (configSUPPORT_STATIC_ALLOCATION == 1)
- #include "FreeRTOS.h" // StaticSemaphore_t
- #endif
+#include "FreeRTOSConfig.h"
+#if (configSUPPORT_STATIC_ALLOCATION == 1)
+#include "FreeRTOS.h" // StaticSemaphore_t
+#endif
#endif
#ifdef __cplusplus
@@ -87,15 +88,16 @@ extern "C" {
#define SL_THREADING_ALT
-#define MUTEX_INIT = { 0 }
+#define MUTEX_INIT = {0}
/// SE manager mutex definition for CMSIS RTOS2.
typedef struct mbedtls_threading_mutex {
-#if defined(SL_CATALOG_FREERTOS_KERNEL_PRESENT) && (configSUPPORT_STATIC_ALLOCATION == 1)
+#if defined(SL_CATALOG_FREERTOS_KERNEL_PRESENT) && \
+ (configSUPPORT_STATIC_ALLOCATION == 1)
StaticSemaphore_t static_sem_object;
#endif
osMutexAttr_t mutex_attr;
- osMutexId_t mutex_ID;
+ osMutexId_t mutex_ID;
} mbedtls_threading_mutex_t;
/**
@@ -103,13 +105,13 @@ typedef struct mbedtls_threading_mutex {
*
* \param mutex Pointer to the mutex needing initialization
*/
-static inline void THREADING_InitMutex(mbedtls_threading_mutex_t *mutex)
-{
+static inline void THREADING_InitMutex(mbedtls_threading_mutex_t *mutex) {
if (mutex == NULL) {
return;
}
-#if defined(SL_CATALOG_FREERTOS_KERNEL_PRESENT) && (configSUPPORT_STATIC_ALLOCATION == 1)
+#if defined(SL_CATALOG_FREERTOS_KERNEL_PRESENT) && \
+ (configSUPPORT_STATIC_ALLOCATION == 1)
mutex->mutex_attr.cb_mem = &mutex->static_sem_object;
mutex->mutex_attr.cb_size = sizeof(mutex->static_sem_object);
#endif
@@ -124,8 +126,7 @@ static inline void THREADING_InitMutex(mbedtls_threading_mutex_t *mutex)
*
* \param mutex Pointer to the mutex being freed
*/
-static inline void THREADING_FreeMutex(mbedtls_threading_mutex_t *mutex)
-{
+static inline void THREADING_FreeMutex(mbedtls_threading_mutex_t *mutex) {
if (mutex == NULL) {
return;
}
@@ -141,8 +142,8 @@ static inline void THREADING_FreeMutex(mbedtls_threading_mutex_t *mutex)
*
* \return RTOS_ERR_NONE on success, error code otherwise.
*/
-static inline int THREADING_TakeMutexBlocking(mbedtls_threading_mutex_t *mutex)
-{
+static inline int
+THREADING_TakeMutexBlocking(mbedtls_threading_mutex_t *mutex) {
if (mutex == NULL) {
return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
}
@@ -159,10 +160,11 @@ static inline int THREADING_TakeMutexBlocking(mbedtls_threading_mutex_t *mutex)
*
* \param mutex Pointer to the mutex being tested
*
- * \return RTOS_ERR_NONE on success (= mutex successfully owned), error code otherwise.
+ * \return RTOS_ERR_NONE on success (= mutex successfully owned), error
+ * code otherwise.
*/
-static inline int THREADING_TakeMutexNonBlocking(mbedtls_threading_mutex_t *mutex)
-{
+static inline int
+THREADING_TakeMutexNonBlocking(mbedtls_threading_mutex_t *mutex) {
if (mutex == NULL) {
return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
}
@@ -181,8 +183,7 @@ static inline int THREADING_TakeMutexNonBlocking(mbedtls_threading_mutex_t *mute
*
* \return RTOS_ERR_NONE on success, error code otherwise.
*/
-static inline int THREADING_GiveMutex(mbedtls_threading_mutex_t *mutex)
-{
+static inline int THREADING_GiveMutex(mbedtls_threading_mutex_t *mutex) {
if (mutex == NULL) {
return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
}
@@ -198,27 +199,27 @@ static inline int THREADING_GiveMutex(mbedtls_threading_mutex_t *mutex)
}
#endif
-#endif // SL_CATALOG_MICRIUMOS_KERNEL_PRESENT || SL_CATALOG_FREERTOS_KERNEL_PRESENT
+#endif // SL_CATALOG_MICRIUMOS_KERNEL_PRESENT ||
+ // SL_CATALOG_FREERTOS_KERNEL_PRESENT
#ifdef __cplusplus
extern "C" {
#endif
/* Forward declaration of threading_set_alt */
-void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *),
- void (*mutex_free)(mbedtls_threading_mutex_t *),
- int (*mutex_lock)(mbedtls_threading_mutex_t *),
- int (*mutex_unlock)(mbedtls_threading_mutex_t *) );
+void mbedtls_threading_set_alt(
+ void (*mutex_init)(mbedtls_threading_mutex_t *),
+ void (*mutex_free)(mbedtls_threading_mutex_t *),
+ int (*mutex_lock)(mbedtls_threading_mutex_t *),
+ int (*mutex_unlock)(mbedtls_threading_mutex_t *));
/**
- * \brief Helper function for setting up the mbed TLS threading subsystem
+ * \brief Helper function for setting up the mbed TLS threading
+ * subsystem
*/
-static inline void THREADING_setup(void)
-{
- mbedtls_threading_set_alt(&THREADING_InitMutex,
- &THREADING_FreeMutex,
- &THREADING_TakeMutexBlocking,
- &THREADING_GiveMutex);
+static inline void THREADING_setup(void) {
+ mbedtls_threading_set_alt(&THREADING_InitMutex, &THREADING_FreeMutex,
+ &THREADING_TakeMutexBlocking, &THREADING_GiveMutex);
}
#ifdef __cplusplus
diff --git a/platform/security/sl_component/sl_psa_driver/src/sl_psa_its_nvm3.c b/platform/security/sl_component/sl_psa_driver/src/sl_psa_its_nvm3.c
index c5ff275fdd..6b2cacf83d 100644
--- a/platform/security/sl_component/sl_psa_driver/src/sl_psa_its_nvm3.c
+++ b/platform/security/sl_component/sl_psa_driver/src/sl_psa_its_nvm3.c
@@ -1,32 +1,32 @@
-/***************************************************************************//**
- * @file
- * @brief PSA ITS implementation based on Silicon Labs NVM3
- *******************************************************************************
- * # License
- * Copyright 2020 Silicon Laboratories Inc. www.silabs.com
- *******************************************************************************
- *
- * SPDX-License-Identifier: Zlib
- *
- * The licensor of this software is Silicon Laboratories Inc.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty. In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- * claim that you wrote the original software. If you use this software
- * in a product, an acknowledgment in the product documentation would be
- * appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- * misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- *
- ******************************************************************************/
+/***************************************************************************/ /**
+ * @file
+ * @brief PSA ITS implementation based on Silicon Labs NVM3
+ *******************************************************************************
+ * # License
+ * Copyright 2020 Silicon Laboratories Inc. www.silabs.com
+ *******************************************************************************
+ *
+ * SPDX-License-Identifier: Zlib
+ *
+ * The licensor of this software is Silicon Laboratories Inc.
+ *
+ * This software is provided 'as-is', without any express or implied
+ * warranty. In no event will the authors be held liable for any damages
+ * arising from the use of this software.
+ *
+ * Permission is granted to anyone to use this software for any purpose,
+ * including commercial applications, and to alter it and redistribute it
+ * freely, subject to the following restrictions:
+ *
+ * 1. The origin of this software must not be misrepresented; you must not
+ * claim that you wrote the original software. If you use this software
+ * in a product, an acknowledgment in the product documentation would be
+ * appreciated but is not required.
+ * 2. Altered source versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software.
+ * 3. This notice may not be removed or altered from any source distribution.
+ *
+ ******************************************************************************/
// The psa_driver_wrappers.h file that we're including here assumes that it has
// access to private struct members. Define this here in order to avoid
@@ -40,42 +40,42 @@
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && !defined(MBEDTLS_PSA_ITS_FILE_C)
+#include "mbedtls/platform.h"
+#include "nvm3_default.h"
#include "psa/internal_trusted_storage.h"
#include "psa/sli_internal_trusted_storage.h"
-#include "nvm3_default.h"
-#include "mbedtls/platform.h"
#include
#include
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- #include
- #include "psa/storage_common.h"
+#include "psa/storage_common.h"
+#include
#endif // TFM_CONFIG_SL_SECURE_LIBRARY
#if defined(SLI_PSA_ITS_ENCRYPTED)
- #include "psa_crypto_core.h"
- #include "psa_crypto_driver_wrappers.h"
- #if defined(SEMAILBOX_PRESENT)
- #include "psa/crypto_extra.h"
- #include "sl_psa_values.h"
- #include "sli_se_opaque_functions.h"
- #endif // defined(SEMAILBOX_PRESENT)
+#include "psa_crypto_core.h"
+#include "psa_crypto_driver_wrappers.h"
+#if defined(SEMAILBOX_PRESENT)
+#include "psa/crypto_extra.h"
+#include "sl_psa_values.h"
+#include "sli_se_opaque_functions.h"
+#endif // defined(SEMAILBOX_PRESENT)
#endif // defined(SLI_PSA_ITS_ENCRYPTED)
// SLI_STATIC_TESTABLE is used to expose otherwise-static variables during
// internal testing.
#if defined(SLI_STATIC_TESTABLE)
- #define SLI_STATIC
+#define SLI_STATIC
#else
- #define SLI_STATIC static
+#define SLI_STATIC static
#endif
// -------------------------------------
// Threading support
#if defined(MBEDTLS_THREADING_C)
- #include "cmsis_os2.h"
- #include "mbedtls/threading.h"
+#include "cmsis_os2.h"
+#include "mbedtls/threading.h"
// Mutex for protecting access to the ITS instance
SLI_STATIC mbedtls_threading_mutex_t its_mutex MUTEX_INIT;
@@ -87,8 +87,7 @@ static volatile bool its_mutex_inited = false;
* \return Previous lock state
*
*/
-static inline int32_t lock_task_switches(void)
-{
+static inline int32_t lock_task_switches(void) {
int32_t kernel_lock_state = 0;
osKernelState_t kernel_state = osKernelGetState();
if (kernel_state != osKernelInactive && kernel_state != osKernelReady) {
@@ -100,8 +99,7 @@ static inline int32_t lock_task_switches(void)
/**
* \brief Restores the previous lock state
*/
-static inline void restore_lock_state(int32_t kernel_lock_state)
-{
+static inline void restore_lock_state(int32_t kernel_lock_state) {
osKernelState_t kernel_state = osKernelGetState();
if (kernel_state != osKernelInactive && kernel_state != osKernelReady) {
if (osKernelRestoreLock(kernel_lock_state) < 0) {
@@ -115,8 +113,7 @@ static inline void restore_lock_state(int32_t kernel_lock_state)
/**
* \brief Pend on the ITS mutex
*/
-void sli_its_acquire_mutex(void)
-{
+void sli_its_acquire_mutex(void) {
#if defined(MBEDTLS_THREADING_C)
if (!its_mutex_inited) {
int32_t kernel_lock_state = lock_task_switches();
@@ -138,8 +135,7 @@ void sli_its_acquire_mutex(void)
/**
* \brief Free the ITS mutex.
*/
-void sli_its_release_mutex(void)
-{
+void sli_its_release_mutex(void) {
#if defined(MBEDTLS_THREADING_C)
if (its_mutex_inited) {
mbedtls_mutex_unlock(&its_mutex);
@@ -152,7 +148,8 @@ void sli_its_release_mutex(void)
#if (!SL_PSA_ITS_SUPPORT_V3_DRIVER)
#define SLI_PSA_ITS_NVM3_RANGE_START SLI_PSA_ITS_NVM3_RANGE_BASE
-#define SLI_PSA_ITS_NVM3_RANGE_END SLI_PSA_ITS_NVM3_RANGE_START + SL_PSA_ITS_MAX_FILES
+#define SLI_PSA_ITS_NVM3_RANGE_END \
+ SLI_PSA_ITS_NVM3_RANGE_START + SL_PSA_ITS_MAX_FILES
#define SLI_PSA_ITS_NVM3_INVALID_KEY (0)
#define SLI_PSA_ITS_NVM3_UNKNOWN_KEY (1)
@@ -163,18 +160,20 @@ void sli_its_release_mutex(void)
#define SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE 16
-// Enable backwards-compatibility with keys stored with a v1 header unless disabled.
+// Enable backwards-compatibility with keys stored with a v1 header unless
+// disabled.
#if !defined(SL_PSA_ITS_REMOVE_V1_HEADER_SUPPORT)
#define SLI_PSA_ITS_SUPPORT_V1_FORMAT
#endif
// Internal error codes local to this compile unit
#define SLI_PSA_ITS_ECODE_NO_VALID_HEADER (ECODE_EMDRV_NVM3_BASE - 1)
-#define SLI_PSA_ITS_ECODE_NEEDS_UPGRADE (ECODE_EMDRV_NVM3_BASE - 2)
+#define SLI_PSA_ITS_ECODE_NEEDS_UPGRADE (ECODE_EMDRV_NVM3_BASE - 2)
#if defined(SLI_PSA_ITS_ENCRYPTED)
-// Define some cryptographic constants if not already set. This depends on the underlying
-// crypto accelerator in use (CRYPTOACC has these defines, but not SEMAILBOX).
+// Define some cryptographic constants if not already set. This depends on the
+// underlying crypto accelerator in use (CRYPTOACC has these defines, but not
+// SEMAILBOX).
#if !defined(AES_MAC_SIZE)
#define AES_MAC_SIZE 16
#endif
@@ -183,14 +182,14 @@ void sli_its_release_mutex(void)
#define AES_IV_GCM_SIZE 12
#endif
-#define SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD (AES_IV_GCM_SIZE + AES_MAC_SIZE)
+#define SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD (AES_IV_GCM_SIZE + AES_MAC_SIZE)
#endif // defined(SLI_PSA_ITS_ENCRYPTED)
// -------------------------------------
// Local global static variables
SLI_STATIC bool nvm3_uid_set_cache_initialized = false;
-SLI_STATIC uint32_t nvm3_uid_set_cache[(SL_PSA_ITS_MAX_FILES + 31) / 32] = { 0 };
+SLI_STATIC uint32_t nvm3_uid_set_cache[(SL_PSA_ITS_MAX_FILES + 31) / 32] = {0};
typedef struct {
psa_storage_uid_t uid;
@@ -198,15 +197,14 @@ typedef struct {
bool set;
} previous_lookup_t;
-static previous_lookup_t previous_lookup = {
- 0, 0, false
-};
+static previous_lookup_t previous_lookup = {0, 0, false};
#if defined(SLI_PSA_ITS_ENCRYPTED)
// The root key is an AES-256 key, and is therefore 32 bytes.
-#define ROOT_KEY_SIZE (32)
-// The session key is derived from CMAC, which means it is equal to the AES block size, i.e. 16 bytes
-#define SESSION_KEY_SIZE (16)
+#define ROOT_KEY_SIZE (32)
+// The session key is derived from CMAC, which means it is equal to the AES
+// block size, i.e. 16 bytes
+#define SESSION_KEY_SIZE (16)
#if !defined(SEMAILBOX_PRESENT)
typedef struct {
@@ -215,8 +213,8 @@ typedef struct {
} root_key_t;
static root_key_t g_root_key = {
- .initialized = false,
- .data = { 0 },
+ .initialized = false,
+ .data = {0},
};
#endif // !defined(SEMAILBOX_PRESENT)
@@ -227,9 +225,9 @@ typedef struct {
} session_key_t;
static session_key_t g_cached_session_key = {
- .active = false,
- .uid = 0,
- .data = { 0 },
+ .active = false,
+ .uid = 0,
+ .data = {0},
};
#endif // defined(SLI_PSA_ITS_ENCRYPTED)
@@ -263,7 +261,8 @@ typedef struct {
// -------------------------------------
// Local function prototypes
-static nvm3_ObjectKey_t get_nvm3_id(psa_storage_uid_t uid, bool find_empty_slot);
+static nvm3_ObjectKey_t get_nvm3_id(psa_storage_uid_t uid,
+ bool find_empty_slot);
static nvm3_ObjectKey_t prepare_its_get_nvm3_id(psa_storage_uid_t uid);
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
@@ -271,22 +270,18 @@ static inline bool object_lives_in_s(const void *object, size_t object_size);
#endif // defined(TFM_CONFIG_SL_SECURE_LIBRARY)
#if defined(SLI_PSA_ITS_ENCRYPTED)
-static psa_status_t derive_session_key(uint8_t *iv,
- size_t iv_size,
+static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size,
uint8_t *session_key,
size_t session_key_size);
static psa_status_t encrypt_its_file(sli_its_file_meta_v2_t *metadata,
- uint8_t *plaintext,
- size_t plaintext_size,
+ uint8_t *plaintext, size_t plaintext_size,
sli_its_encrypted_blob_t *blob,
- size_t blob_size,
- size_t *blob_length);
+ size_t blob_size, size_t *blob_length);
static psa_status_t decrypt_its_file(sli_its_file_meta_v2_t *metadata,
sli_its_encrypted_blob_t *blob,
- size_t blob_size,
- uint8_t *plaintext,
+ size_t blob_size, uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length);
@@ -300,8 +295,7 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
// If an object of given size is fully encapsulated in a region of
// secure domain the function returns true.
-static inline bool object_lives_in_s(const void *object, size_t object_size)
-{
+static inline bool object_lives_in_s(const void *object, size_t object_size) {
cmse_address_info_t cmse_flags;
for (size_t i = 0u; i < object_size; i++) {
@@ -315,48 +309,45 @@ static inline bool object_lives_in_s(const void *object, size_t object_size)
}
#endif // defined(TFM_CONFIG_SL_SECURE_LIBRARY)
-static inline void cache_set(nvm3_ObjectKey_t key)
-{
+static inline void cache_set(nvm3_ObjectKey_t key) {
uint32_t i = key - SLI_PSA_ITS_NVM3_RANGE_START;
uint32_t bin = i / 32;
uint32_t offset = i - 32 * bin;
nvm3_uid_set_cache[bin] |= (1 << offset);
}
-static inline void cache_clear(nvm3_ObjectKey_t key)
-{
+static inline void cache_clear(nvm3_ObjectKey_t key) {
uint32_t i = key - SLI_PSA_ITS_NVM3_RANGE_START;
uint32_t bin = i / 32;
uint32_t offset = i - 32 * bin;
nvm3_uid_set_cache[bin] ^= (1 << offset);
}
-static inline bool cache_lookup(nvm3_ObjectKey_t key)
-{
+static inline bool cache_lookup(nvm3_ObjectKey_t key) {
uint32_t i = key - SLI_PSA_ITS_NVM3_RANGE_START;
uint32_t bin = i / 32;
uint32_t offset = i - 32 * bin;
return (bool)((nvm3_uid_set_cache[bin] >> offset) & 0x1);
}
-static void init_cache(void)
-{
+static void init_cache(void) {
size_t num_keys_referenced_by_nvm3;
- nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] = { 0 };
+ nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] =
+ {0};
for (nvm3_ObjectKey_t range_start = SLI_PSA_ITS_NVM3_RANGE_START;
range_start < SLI_PSA_ITS_NVM3_RANGE_END;
range_start += SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE) {
- nvm3_ObjectKey_t range_end = range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
+ nvm3_ObjectKey_t range_end =
+ range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
if (range_end > SLI_PSA_ITS_NVM3_RANGE_END) {
range_end = SLI_PSA_ITS_NVM3_RANGE_END;
}
- num_keys_referenced_by_nvm3 = nvm3_enumObjects(nvm3_defaultHandle,
- keys_referenced_by_nvm3,
- sizeof(keys_referenced_by_nvm3) / sizeof(nvm3_ObjectKey_t),
- range_start,
- range_end - 1);
+ num_keys_referenced_by_nvm3 = nvm3_enumObjects(
+ nvm3_defaultHandle, keys_referenced_by_nvm3,
+ sizeof(keys_referenced_by_nvm3) / sizeof(nvm3_ObjectKey_t), range_start,
+ range_end - 1);
for (size_t i = 0; i < num_keys_referenced_by_nvm3; i++) {
cache_set(keys_referenced_by_nvm3[i]);
@@ -368,10 +359,9 @@ static void init_cache(void)
// Read the file metadata for a specific NVM3 ID
static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
- sli_its_file_meta_v2_t* metadata,
- size_t* its_file_offset,
- size_t* its_file_size)
-{
+ sli_its_file_meta_v2_t *metadata,
+ size_t *its_file_offset,
+ size_t *its_file_size) {
// Initialize output variables to safe default
if (its_file_offset != NULL) {
*its_file_offset = 0;
@@ -380,10 +370,7 @@ static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
*its_file_size = 0;
}
- Ecode_t status = nvm3_readPartialData(nvm3_defaultHandle,
- key,
- metadata,
- 0,
+ Ecode_t status = nvm3_readPartialData(nvm3_defaultHandle, key, metadata, 0,
sizeof(sli_its_file_meta_v2_t));
if (status != ECODE_NVM3_OK) {
return status;
@@ -392,11 +379,8 @@ static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
#if defined(SLI_PSA_ITS_SUPPORT_V1_FORMAT)
// Re-read in v1 header format and translate to the latest structure version
if (metadata->magic == SLI_PSA_ITS_META_MAGIC_V1) {
- sl_its_file_meta_v1_t key_meta_v1 = { 0 };
- status = nvm3_readPartialData(nvm3_defaultHandle,
- key,
- &key_meta_v1,
- 0,
+ sl_its_file_meta_v1_t key_meta_v1 = {0};
+ status = nvm3_readPartialData(nvm3_defaultHandle, key, &key_meta_v1, 0,
sizeof(sl_its_file_meta_v1_t));
if (status != ECODE_NVM3_OK) {
@@ -428,10 +412,8 @@ static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
if (its_file_offset != NULL && its_file_size != NULL) {
// Calculate the ITS file size if requested
uint32_t obj_type;
- Ecode_t info_status = nvm3_getObjectInfo(nvm3_defaultHandle,
- key,
- &obj_type,
- its_file_size);
+ Ecode_t info_status =
+ nvm3_getObjectInfo(nvm3_defaultHandle, key, &obj_type, its_file_size);
if (info_status != ECODE_NVM3_OK) {
return info_status;
}
@@ -443,8 +425,8 @@ static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
}
// Search through NVM3 for uid
-static nvm3_ObjectKey_t get_nvm3_id(psa_storage_uid_t uid, bool find_empty_slot)
-{
+static nvm3_ObjectKey_t get_nvm3_id(psa_storage_uid_t uid,
+ bool find_empty_slot) {
Ecode_t status;
sli_its_file_meta_v2_t key_meta;
@@ -469,8 +451,8 @@ static nvm3_ObjectKey_t get_nvm3_id(psa_storage_uid_t uid, bool find_empty_slot)
status = get_file_metadata(object_id, &key_meta, NULL, NULL);
- if (status == ECODE_NVM3_OK
- || status == SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status == ECODE_NVM3_OK ||
+ status == SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
if (key_meta.uid == uid) {
previous_lookup.set = true;
previous_lookup.object_id = object_id;
@@ -482,8 +464,8 @@ static nvm3_ObjectKey_t get_nvm3_id(psa_storage_uid_t uid, bool find_empty_slot)
}
}
- if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER
- || status == ECODE_NVM3_ERR_READ_DATA_SIZE) {
+ if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER ||
+ status == ECODE_NVM3_ERR_READ_DATA_SIZE) {
// we don't expect any other data in our range then PSA ITS files.
// delete the file if the magic doesn't match or the object on disk
// is too small to even have full metadata.
@@ -500,11 +482,11 @@ static nvm3_ObjectKey_t get_nvm3_id(psa_storage_uid_t uid, bool find_empty_slot)
// Perform NVM3 open and fill the look-up table.
// Try to find the mapping NVM3 object ID with PSA ITS UID.
-static nvm3_ObjectKey_t prepare_its_get_nvm3_id(psa_storage_uid_t uid)
-{
+static nvm3_ObjectKey_t prepare_its_get_nvm3_id(psa_storage_uid_t uid) {
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- // With SKL the NVM3 instance must be initialized by the NS app. We therefore check that
- // it has been opened (which is done on init) rather than actually doing the init.
+ // With SKL the NVM3 instance must be initialized by the NS app. We therefore
+ // check that it has been opened (which is done on init) rather than actually
+ // doing the init.
if (!nvm3_defaultHandle->hasBeenOpened) {
#else
if (nvm3_initDefault() != ECODE_NVM3_OK) {
@@ -520,35 +502,40 @@ static nvm3_ObjectKey_t prepare_its_get_nvm3_id(psa_storage_uid_t uid)
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
-static inline void cache_session_key(uint8_t *session_key, psa_storage_uid_t uid)
-{
+static inline void cache_session_key(uint8_t *session_key,
+ psa_storage_uid_t uid) {
// Cache the session key
- memcpy(g_cached_session_key.data, session_key, sizeof(g_cached_session_key.data));
+ memcpy(g_cached_session_key.data, session_key,
+ sizeof(g_cached_session_key.data));
g_cached_session_key.uid = uid;
g_cached_session_key.active = true;
}
/**
- * \brief Derive a session key for ITS file encryption from the initialized root key and provided IV.
+ * \brief Derive a session key for ITS file encryption from the initialized root
+ * key and provided IV.
*
- * \param[in] iv Pointer to array containing the initialization vector to be used in the key derivation.
- * \param[in] iv_size Size of the IV buffer in bytes. Must be 12 bytes (AES-GCM IV size).
- * \param[out] session_key Pointer to array where derived session key shall be stored.
- * \param[out] session_key_size Size of the derived session key output array. Must be at least 32 bytes (AES-256 key size).
+ * \param[in] iv Pointer to array containing the initialization
+ * vector to be used in the key derivation. \param[in] iv_size Size of
+ * the IV buffer in bytes. Must be 12 bytes (AES-GCM IV size). \param[out]
+ * session_key Pointer to array where derived session key shall be stored.
+ * \param[out] session_key_size Size of the derived session key output array.
+ * Must be at least 32 bytes (AES-256 key size).
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because iv or session_key is NULL, or their sizes are incorrect.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_BAD_STATE The root key has
+ * not been initialized. \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because iv or session_key is NULL, or their sizes are
+ * incorrect. \retval PSA_ERROR_HARDWARE_FAILURE The operation failed
+ * because an internal cryptographic operation failed.
*/
-static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *session_key, size_t session_key_size)
-{
- if (iv == NULL
- || iv_size != AES_IV_GCM_SIZE
- || session_key == NULL
- || session_key_size < SESSION_KEY_SIZE) {
+static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size,
+ uint8_t *session_key,
+ size_t session_key_size) {
+ if (iv == NULL || iv_size != AES_IV_GCM_SIZE || session_key == NULL ||
+ session_key_size < SESSION_KEY_SIZE) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -561,9 +548,8 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
psa_key_lifetime_t reported_lifetime;
psa_drv_slot_number_t reported_slot;
- status = mbedtls_psa_platform_get_builtin_key(psa_get_key_id(&attributes),
- &reported_lifetime,
- &reported_slot);
+ status = mbedtls_psa_platform_get_builtin_key(
+ psa_get_key_id(&attributes), &reported_lifetime, &reported_slot);
if (status != PSA_SUCCESS) {
return status;
@@ -573,15 +559,12 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
uint8_t key_buffer[sizeof(sli_se_opaque_key_context_header_t)];
size_t key_buffer_size;
- status = sli_se_opaque_get_builtin_key(reported_slot,
- &attributes,
- key_buffer,
- sizeof(key_buffer),
- &key_buffer_size);
+ status = sli_se_opaque_get_builtin_key(reported_slot, &attributes, key_buffer,
+ sizeof(key_buffer), &key_buffer_size);
if (status != PSA_SUCCESS) {
return status;
}
-#else // defined(SEMAILBOX_PRESENT)
+#else // defined(SEMAILBOX_PRESENT)
// For VSE devices, use the previously initialized root key
if (!g_root_key.initialized) {
return PSA_ERROR_BAD_STATE;
@@ -593,24 +576,18 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
psa_set_key_bits(&attributes, ROOT_KEY_SIZE * 8);
// Point the key buffer to the global root key
- uint8_t *key_buffer = (uint8_t*)g_root_key.data;
+ uint8_t *key_buffer = (uint8_t *)g_root_key.data;
size_t key_buffer_size = sizeof(g_root_key.data);
#endif // defined(SEMAILBOX_PRESENT)
// Use CMAC as a key derivation function
size_t session_key_length;
status = psa_driver_wrapper_mac_compute(
- &attributes,
- key_buffer,
- key_buffer_size,
- PSA_ALG_CMAC,
- iv,
- iv_size,
- session_key,
- session_key_size,
- &session_key_length);
-
- // Verify that the key derivation was successful before transferring the key to the caller
+ &attributes, key_buffer, key_buffer_size, PSA_ALG_CMAC, iv, iv_size,
+ session_key, session_key_size, &session_key_length);
+
+ // Verify that the key derivation was successful before transferring the key
+ // to the caller
if (status != PSA_SUCCESS || session_key_length != SESSION_KEY_SIZE) {
memset(session_key, 0, session_key_size);
return PSA_ERROR_HARDWARE_FAILURE;
@@ -620,40 +597,42 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
}
/**
- * \brief Encrypt and authenticate ITS data with AES-128-GCM, storing the result in an encrypted blob.
- *
- * \param[in] metadata ITS metadata to be used as authenticated additional data.
- * \param[in] plaintext Pointer to array containing data to be encrypted.
- * \param[in] plaintext_size Size of provided plaintext data array.
- * \param[out] blob Pointer to array where the resulting encrypted blob shall be placed.
- * \param[in] blob_size Size of the output array. Must be at least as big as plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD
- * \param[out] blob_length Resulting size of the output blob.
+ * \brief Encrypt and authenticate ITS data with AES-128-GCM, storing the result
+ * in an encrypted blob.
+ *
+ * \param[in] metadata ITS metadata to be used as authenticated
+ * additional data. \param[in] plaintext Pointer to array containing data
+ * to be encrypted. \param[in] plaintext_size Size of provided plaintext data
+ * array. \param[out] blob Pointer to array where the resulting
+ * encrypted blob shall be placed. \param[in] blob_size Size of the output
+ * array. Must be at least as big as plaintext_size +
+ * SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD \param[out] blob_length Resulting
+ * size of the output blob.
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more arguments are NULL or of invalid size.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_BAD_STATE The root key has
+ * not been initialized. \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because one or more arguments are NULL or of invalid size.
+ * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an
+ * internal cryptographic operation failed.
*/
static psa_status_t encrypt_its_file(sli_its_file_meta_v2_t *metadata,
- uint8_t *plaintext,
- size_t plaintext_size,
+ uint8_t *plaintext, size_t plaintext_size,
sli_its_encrypted_blob_t *blob,
- size_t blob_size,
- size_t *blob_length)
-{
- if (metadata == NULL
- || (plaintext == NULL && plaintext_size > 0)
- || blob == NULL
- || blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD
- || blob_length == NULL) {
+ size_t blob_size, size_t *blob_length) {
+ if (metadata == NULL || (plaintext == NULL && plaintext_size > 0) ||
+ blob == NULL ||
+ blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD ||
+ blob_length == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
// Generate IV
size_t iv_length = 0;
- psa_status_t psa_status = mbedtls_psa_external_get_random(NULL, blob->iv, AES_IV_GCM_SIZE, &iv_length);
+ psa_status_t psa_status = mbedtls_psa_external_get_random(
+ NULL, blob->iv, AES_IV_GCM_SIZE, &iv_length);
if (psa_status != PSA_SUCCESS || iv_length != AES_IV_GCM_SIZE) {
return PSA_ERROR_HARDWARE_FAILURE;
@@ -667,7 +646,8 @@ static psa_status_t encrypt_its_file(sli_its_file_meta_v2_t *metadata,
psa_set_key_bits(&attributes, SESSION_KEY_SIZE * 8);
uint8_t session_key[SESSION_KEY_SIZE];
- psa_status = derive_session_key(blob->iv, AES_IV_GCM_SIZE, session_key, sizeof(session_key));
+ psa_status = derive_session_key(blob->iv, AES_IV_GCM_SIZE, session_key,
+ sizeof(session_key));
if (psa_status != PSA_SUCCESS) {
return psa_status;
}
@@ -676,20 +656,18 @@ static psa_status_t encrypt_its_file(sli_its_file_meta_v2_t *metadata,
// Retrieve data to be encrypted
if (plaintext_size != 0U) {
- memcpy(blob->data, ((uint8_t*)plaintext), plaintext_size);
+ memcpy(blob->data, ((uint8_t *)plaintext), plaintext_size);
}
// Encrypt and authenticate blob
size_t output_length = 0;
psa_status = psa_driver_wrapper_aead_encrypt(
- &attributes,
- session_key, sizeof(session_key),
- PSA_ALG_GCM,
- blob->iv, sizeof(blob->iv),
- (uint8_t*)metadata, sizeof(sli_its_file_meta_v2_t), // metadata is AAD
- blob->data, plaintext_size,
- blob->data, plaintext_size + AES_MAC_SIZE, // output == input for in-place encryption
- &output_length);
+ &attributes, session_key, sizeof(session_key), PSA_ALG_GCM, blob->iv,
+ sizeof(blob->iv), (uint8_t *)metadata,
+ sizeof(sli_its_file_meta_v2_t), // metadata is AAD
+ blob->data, plaintext_size, blob->data,
+ plaintext_size + AES_MAC_SIZE, // output == input for in-place encryption
+ &output_length);
// Clear the local session key immediately after we're done using it
memset(session_key, 0, sizeof(session_key));
@@ -710,33 +688,34 @@ static psa_status_t encrypt_its_file(sli_its_file_meta_v2_t *metadata,
/**
* \brief Decrypt and authenticate encrypted ITS data.
*
- * \param[in] metadata ITS metadata to be used as authenticated additional data. Must be identical to the metadata used during encryption.
+ * \param[in] metadata ITS metadata to be used as authenticated
+ * additional data. Must be identical to the metadata used during encryption.
* \param[in] blob Encrypted blob containing data to be decrypted.
* \param[in] blob_size Size of the encrypted blob in bytes.
- * \param[out] plaintext Pointer to array where the decrypted plaintext shall be placed.
- * \param[in] plaintext_size Size of the plaintext array. Must be equal to sizeof(blob->data) - AES_MAC_SIZE.
- * \param[out] plaintext_length Resulting length of the decrypted plaintext.
+ * \param[out] plaintext Pointer to array where the decrypted plaintext
+ * shall be placed. \param[in] plaintext_size Size of the plaintext array.
+ * Must be equal to sizeof(blob->data) - AES_MAC_SIZE. \param[out]
+ * plaintext_length Resulting length of the decrypted plaintext.
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of the decrypted data failed.
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more arguments are NULL or of invalid size.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_INVALID_SIGANTURE The operation
+ * failed because authentication of the decrypted data failed. \retval
+ * PSA_ERROR_BAD_STATE The root key has not been initialized.
+ * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because
+ * one or more arguments are NULL or of invalid size. \retval
+ * PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal
+ * cryptographic operation failed.
*/
static psa_status_t decrypt_its_file(sli_its_file_meta_v2_t *metadata,
sli_its_encrypted_blob_t *blob,
- size_t blob_size,
- uint8_t *plaintext,
+ size_t blob_size, uint8_t *plaintext,
size_t plaintext_size,
- size_t *plaintext_length)
-{
- if (metadata == NULL
- || blob == NULL
- || blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD
- || (plaintext == NULL && plaintext_size > 0)
- || plaintext_length == NULL) {
+ size_t *plaintext_length) {
+ if (metadata == NULL || blob == NULL ||
+ blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD ||
+ (plaintext == NULL && plaintext_size > 0) || plaintext_length == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -750,11 +729,13 @@ static psa_status_t decrypt_its_file(sli_its_file_meta_v2_t *metadata,
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t session_key[SESSION_KEY_SIZE];
- if (g_cached_session_key.active && g_cached_session_key.uid == metadata->uid) {
+ if (g_cached_session_key.active &&
+ g_cached_session_key.uid == metadata->uid) {
// Use cached session key if it's already set and UID matches
memcpy(session_key, g_cached_session_key.data, sizeof(session_key));
} else {
- psa_status = derive_session_key(blob->iv, AES_IV_GCM_SIZE, session_key, sizeof(session_key));
+ psa_status = derive_session_key(blob->iv, AES_IV_GCM_SIZE, session_key,
+ sizeof(session_key));
if (psa_status != PSA_SUCCESS) {
return psa_status;
}
@@ -764,14 +745,11 @@ static psa_status_t decrypt_its_file(sli_its_file_meta_v2_t *metadata,
// Decrypt and authenticate blob
size_t output_length = 0;
psa_status = psa_driver_wrapper_aead_decrypt(
- &attributes,
- session_key, sizeof(session_key),
- PSA_ALG_GCM,
- blob->iv, sizeof(blob->iv),
- (uint8_t*)metadata, sizeof(sli_its_file_meta_v2_t), // metadata is AAD
- blob->data, plaintext_size + AES_MAC_SIZE,
- plaintext, plaintext_size,
- &output_length);
+ &attributes, session_key, sizeof(session_key), PSA_ALG_GCM, blob->iv,
+ sizeof(blob->iv), (uint8_t *)metadata,
+ sizeof(sli_its_file_meta_v2_t), // metadata is AAD
+ blob->data, plaintext_size + AES_MAC_SIZE, plaintext, plaintext_size,
+ &output_length);
// Clear the session key immediately after we're done using it
memset(session_key, 0, sizeof(session_key));
@@ -781,8 +759,7 @@ static psa_status_t decrypt_its_file(sli_its_file_meta_v2_t *metadata,
return PSA_ERROR_INVALID_SIGNATURE;
}
- if (psa_status != PSA_SUCCESS
- || output_length != plaintext_size) {
+ if (psa_status != PSA_SUCCESS || output_length != plaintext_size) {
return PSA_ERROR_HARDWARE_FAILURE;
}
@@ -792,37 +769,41 @@ static psa_status_t decrypt_its_file(sli_its_file_meta_v2_t *metadata,
}
/**
- * \brief Authenticate encrypted ITS data and return the UID of the ITS file that was authenticated.
+ * \brief Authenticate encrypted ITS data and return the UID of the ITS file
+ * that was authenticated.
*
- * \details NOTE: This function will run decrypt_its_file() internally. The difference from the decrypt_its_file()
- * function is that authenticate_its_file() reads the NVM3 data, decrypts it in order to authenticate the
- * stored data, and then discards the plaintext. This is needed since PSA Crypto doesn't support the
- * GMAC primitive directly, which means we have to run a full GCM decrypt for authentication.
+ * \details NOTE: This function will run decrypt_its_file() internally. The
+ * difference from the decrypt_its_file() function is that
+ * authenticate_its_file() reads the NVM3 data, decrypts it in order to
+ * authenticate the stored data, and then discards the plaintext. This is needed
+ * since PSA Crypto doesn't support the GMAC primitive directly, which means we
+ * have to run a full GCM decrypt for authentication.
*
- * \param[in] nvm3_object_id The NVM3 id corresponding to the stored ITS file.
- * \param[out] authenticated_uid UID for the authenticated ITS file.
+ * \param[in] nvm3_object_id The NVM3 id corresponding to the stored ITS
+ * file. \param[out] authenticated_uid UID for the authenticated ITS file.
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of the decrypted data failed.
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more arguments are NULL or of invalid size.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_INVALID_SIGANTURE The operation
+ * failed because authentication of the decrypted data failed. \retval
+ * PSA_ERROR_BAD_STATE The root key has not been initialized.
+ * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because
+ * one or more arguments are NULL or of invalid size. \retval
+ * PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal
+ * cryptographic operation failed.
*/
-static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
- psa_storage_uid_t *authenticated_uid)
-{
+static psa_status_t
+authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
+ psa_storage_uid_t *authenticated_uid) {
psa_status_t ret = PSA_ERROR_CORRUPTION_DETECTED;
sli_its_file_meta_v2_t *its_file_meta = NULL;
sli_its_encrypted_blob_t *blob = NULL;
uint32_t obj_type;
size_t its_file_size = 0;
- Ecode_t status = nvm3_getObjectInfo(nvm3_defaultHandle,
- nvm3_object_id,
- &obj_type,
- &its_file_size);
+ Ecode_t status = nvm3_getObjectInfo(nvm3_defaultHandle, nvm3_object_id,
+ &obj_type, &its_file_size);
if (status != ECODE_NVM3_OK) {
return PSA_ERROR_STORAGE_FAILURE;
}
@@ -833,32 +814,32 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
}
memset(its_file_buffer, 0, its_file_size);
- status = nvm3_readData(nvm3_defaultHandle,
- nvm3_object_id,
- its_file_buffer,
+ status = nvm3_readData(nvm3_defaultHandle, nvm3_object_id, its_file_buffer,
its_file_size);
if (status != ECODE_NVM3_OK) {
ret = PSA_ERROR_STORAGE_FAILURE;
goto cleanup;
}
- its_file_meta = (sli_its_file_meta_v2_t*)its_file_buffer;
- blob = (sli_its_encrypted_blob_t*)(its_file_buffer + sizeof(sli_its_file_meta_v2_t));
+ its_file_meta = (sli_its_file_meta_v2_t *)its_file_buffer;
+ blob = (sli_its_encrypted_blob_t *)(its_file_buffer +
+ sizeof(sli_its_file_meta_v2_t));
// Decrypt and authenticate blob
size_t plaintext_length;
- ret = decrypt_its_file(its_file_meta,
- blob,
+ ret = decrypt_its_file(its_file_meta, blob,
its_file_size - sizeof(sli_its_file_meta_v2_t),
blob->data,
- its_file_size - sizeof(sli_its_file_meta_v2_t) - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
+ its_file_size - sizeof(sli_its_file_meta_v2_t) -
+ SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
&plaintext_length);
if (ret != PSA_SUCCESS) {
goto cleanup;
}
- if (plaintext_length != (its_file_size - sizeof(sli_its_file_meta_v2_t) - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
+ if (plaintext_length != (its_file_size - sizeof(sli_its_file_meta_v2_t) -
+ SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
ret = PSA_ERROR_INVALID_SIGNATURE;
goto cleanup;
}
@@ -869,9 +850,10 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
ret = PSA_SUCCESS;
- cleanup:
+cleanup:
- // Discard output, as we're only interested in whether the authentication check passed or not.
+ // Discard output, as we're only interested in whether the authentication
+ // check passed or not.
memset(its_file_buffer, 0, its_file_size);
mbedtls_free(its_file_buffer);
@@ -892,20 +874,23 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_FLAG_WRITE_ONCE
- * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`)
- * is invalid, for example is `NULL` or references memory the caller cannot access
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_NOT_PERMITTED The operation
+ * failed because the provided `uid` value was already created with
+ * PSA_STORAGE_FLAG_WRITE_ONCE \retval PSA_ERROR_NOT_SUPPORTED The
+ * operation failed because one or more of the flags provided in `create_flags`
+ * is not supported or is not valid \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * The operation failed because there was insufficient space on the storage
+ * medium \retval PSA_ERROR_STORAGE_FAILURE The operation failed
+ * because the physical storage has failed (Fatal error) \retval
+ * PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the
+ * provided pointers(`p_data`) is invalid, for example is `NULL` or references
+ * memory the caller cannot access \retval PSA_ERROR_HARDWARE_FAILURE The
+ * operation failed because an internal cryptographic operation failed.
*/
-psa_status_t psa_its_set(psa_storage_uid_t uid,
- uint32_t data_length,
+psa_status_t psa_its_set(psa_storage_uid_t uid, uint32_t data_length,
const void *p_data,
- psa_storage_create_flags_t create_flags)
-{
+ psa_storage_create_flags_t create_flags) {
if (data_length > NVM3_MAX_OBJECT_SIZE) {
return PSA_ERROR_STORAGE_FAILURE;
}
@@ -913,19 +898,20 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
return PSA_ERROR_INVALID_ARGUMENT;
}
- if (create_flags != PSA_STORAGE_FLAG_WRITE_ONCE
- && create_flags != PSA_STORAGE_FLAG_NONE
+ if (create_flags != PSA_STORAGE_FLAG_WRITE_ONCE &&
+ create_flags != PSA_STORAGE_FLAG_NONE
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
&& create_flags != PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
#endif
- ) {
+ ) {
return PSA_ERROR_NOT_SUPPORTED;
}
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- if ((create_flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE)
- && (!object_lives_in_s(p_data, data_length))) {
- // The flag indicates that this data should not be set by the non-secure domain
+ if ((create_flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE) &&
+ (!object_lives_in_s(p_data, data_length))) {
+ // The flag indicates that this data should not be set by the non-secure
+ // domain
return PSA_ERROR_INVALID_ARGUMENT;
}
#endif
@@ -933,7 +919,7 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
nvm3_ObjectKey_t nvm3_object_id = prepare_its_get_nvm3_id(uid);
Ecode_t status;
psa_status_t ret = PSA_SUCCESS;
- sli_its_file_meta_v2_t* its_file_meta;
+ sli_its_file_meta_v2_t *its_file_meta;
#if defined(SLI_PSA_ITS_ENCRYPTED)
psa_storage_uid_t authenticated_uid;
@@ -946,7 +932,8 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
size_t its_file_size = data_length;
#endif
- uint8_t *its_file_buffer = mbedtls_calloc(1, its_file_size + sizeof(sli_its_file_meta_v2_t));
+ uint8_t *its_file_buffer =
+ mbedtls_calloc(1, its_file_size + sizeof(sli_its_file_meta_v2_t));
if (its_file_buffer == NULL) {
ret = PSA_ERROR_INSUFFICIENT_MEMORY;
goto exit;
@@ -968,8 +955,7 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
// ITS UID was found. Read ITS meta data.
status = get_file_metadata(nvm3_object_id, its_file_meta, NULL, NULL);
- if (status != ECODE_NVM3_OK
- && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status != ECODE_NVM3_OK && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
ret = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
@@ -978,13 +964,14 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
|| its_file_meta->flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
#endif
- ) {
+ ) {
ret = PSA_ERROR_NOT_PERMITTED;
goto exit;
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // If the UID already exists, authenticate the existing value and make sure the stored UID is the same.
+ // If the UID already exists, authenticate the existing value and make sure
+ // the stored UID is the same.
ret = authenticate_its_file(nvm3_object_id, &authenticated_uid);
if (ret != PSA_SUCCESS) {
goto exit;
@@ -1000,16 +987,14 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
its_file_meta->flags = create_flags;
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // Everything after the file metadata will make up the encrypted & authenticated blob
- blob = (sli_its_encrypted_blob_t*)(its_file_buffer + sizeof(sli_its_file_meta_v2_t));
+ // Everything after the file metadata will make up the encrypted &
+ // authenticated blob
+ blob = (sli_its_encrypted_blob_t *)(its_file_buffer +
+ sizeof(sli_its_file_meta_v2_t));
// Encrypt and authenticate the provided data
- psa_status = encrypt_its_file(its_file_meta,
- (uint8_t*)p_data,
- data_length,
- blob,
- its_file_size,
- &blob_length);
+ psa_status = encrypt_its_file(its_file_meta, (uint8_t *)p_data, data_length,
+ blob, its_file_size, &blob_length);
if (psa_status != PSA_SUCCESS) {
ret = psa_status;
@@ -1023,13 +1008,13 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
#else
if (data_length != 0U) {
- memcpy(its_file_buffer + sizeof(sli_its_file_meta_v2_t), ((uint8_t*)p_data), data_length);
+ memcpy(its_file_buffer + sizeof(sli_its_file_meta_v2_t),
+ ((uint8_t *)p_data), data_length);
}
#endif
- status = nvm3_writeData(nvm3_defaultHandle,
- nvm3_object_id,
- its_file_buffer, its_file_size + sizeof(sli_its_file_meta_v2_t));
+ status = nvm3_writeData(nvm3_defaultHandle, nvm3_object_id, its_file_buffer,
+ its_file_size + sizeof(sli_its_file_meta_v2_t));
if (status == ECODE_NVM3_OK) {
// Power-loss might occur, however upon boot, the look-up table will be
@@ -1039,7 +1024,7 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
ret = PSA_ERROR_STORAGE_FAILURE;
}
- exit:
+exit:
if (its_file_buffer != NULL) {
// Clear and free key buffer before return.
memset(its_file_buffer, 0, its_file_size + sizeof(sli_its_file_meta_v2_t));
@@ -1054,27 +1039,29 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
*
* \param[in] uid The uid value
* \param[in] data_offset The starting offset of the data requested
- * \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer)
- * \param[out] p_data The buffer where the data will be placed upon successful completion
- * \param[out] p_data_length The amount of data returned in the p_data buffer
+ * \param[in] data_length the amount of data requested (and the minimum
+ * allocated size of the `p_data` buffer) \param[out] p_data The
+ * buffer where the data will be placed upon successful completion \param[out]
+ * p_data_length The amount of data returned in the p_data buffer
*
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
- * \retval PSA_ERROR_BUFFER_TOO_SMALL The operation failed because the data associated with provided uid is larger than `data_size`
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
- * is invalid. For example is `NULL` or references memory the caller cannot access.
- * In addition, this can also happen if an invalid offset was provided.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_DOES_NOT_EXIST The operation failed
+ * because the provided `uid` value was not found in the storage \retval
+ * PSA_ERROR_BUFFER_TOO_SMALL The operation failed because the data associated
+ * with provided uid is larger than `data_size` \retval
+ * PSA_ERROR_STORAGE_FAILURE The operation failed because the physical
+ * storage has failed (Fatal error) \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because one of the provided pointers(`p_data`,
+ * `p_data_length`) is invalid. For example is `NULL` or references memory the
+ * caller cannot access. In addition, this can also happen if an invalid offset
+ * was provided.
*/
-psa_status_t psa_its_get(psa_storage_uid_t uid,
- uint32_t data_offset,
- uint32_t data_length,
- void *p_data,
- size_t *p_data_length)
-{
+psa_status_t psa_its_get(psa_storage_uid_t uid, uint32_t data_offset,
+ uint32_t data_length, void *p_data,
+ size_t *p_data_length) {
psa_status_t ret = PSA_ERROR_CORRUPTION_DETECTED;
if ((data_length != 0U) && (p_data_length == NULL)) {
@@ -1082,10 +1069,10 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
}
if (data_length != 0U) {
- // If the request amount of data is 0, allow invalid pointer of the output buffer.
- if ((p_data == NULL)
- || ((uint32_t)p_data < SRAM_BASE)
- || ((uint32_t)p_data > (SRAM_BASE + SRAM_SIZE - data_length))) {
+ // If the request amount of data is 0, allow invalid pointer of the output
+ // buffer.
+ if ((p_data == NULL) || ((uint32_t)p_data < SRAM_BASE) ||
+ ((uint32_t)p_data > (SRAM_BASE + SRAM_SIZE - data_length))) {
return PSA_ERROR_INVALID_ARGUMENT;
}
}
@@ -1097,7 +1084,7 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
#endif
size_t its_file_data_size = 0u;
Ecode_t status;
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_size = 0;
size_t its_file_offset = 0;
@@ -1108,28 +1095,30 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
goto exit;
}
- status = get_file_metadata(nvm3_object_id, &its_file_meta, &its_file_offset, &its_file_size);
+ status = get_file_metadata(nvm3_object_id, &its_file_meta, &its_file_offset,
+ &its_file_size);
if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER) {
ret = PSA_ERROR_DOES_NOT_EXIST;
goto exit;
}
- if (status != ECODE_NVM3_OK
- && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status != ECODE_NVM3_OK && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
ret = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- if (its_file_meta.flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
- && !object_lives_in_s(p_data, data_length)) {
- // The flag indicates that this data should not be read back to the non-secure domain
+ if (its_file_meta.flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE &&
+ !object_lives_in_s(p_data, data_length)) {
+ // The flag indicates that this data should not be read back to the
+ // non-secure domain
ret = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
#endif
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // Subtract IV and MAC from ITS file as the below checks concern the actual data size
+ // Subtract IV and MAC from ITS file as the below checks concern the actual
+ // data size
its_file_data_size = its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD;
#else
its_file_data_size = its_file_size;
@@ -1146,7 +1135,8 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
goto exit;
}
} else {
- // Allow the offset at the data size boundary if the requested amount of data is zero.
+ // Allow the offset at the data size boundary if the requested amount of
+ // data is zero.
if (data_offset > its_file_data_size) {
ret = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
@@ -1161,42 +1151,38 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
#if defined(SLI_PSA_ITS_ENCRYPTED)
// its_file_size includes size of sli_its_encrypted_blob_t struct
- blob = (sli_its_encrypted_blob_t*)mbedtls_calloc(1, its_file_size);
+ blob = (sli_its_encrypted_blob_t *)mbedtls_calloc(1, its_file_size);
if (blob == NULL) {
ret = PSA_ERROR_INSUFFICIENT_MEMORY;
goto exit;
}
memset(blob, 0, its_file_size);
- status = nvm3_readPartialData(nvm3_defaultHandle,
- nvm3_object_id,
- blob,
- its_file_offset,
- its_file_size);
+ status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, blob,
+ its_file_offset, its_file_size);
if (status != ECODE_NVM3_OK) {
ret = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
// Decrypt and authenticate blob
- psa_status = decrypt_its_file(&its_file_meta,
- blob,
- its_file_size,
- blob->data,
- its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
- &plaintext_length);
+ psa_status = decrypt_its_file(
+ &its_file_meta, blob, its_file_size, blob->data,
+ its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD, &plaintext_length);
if (psa_status != PSA_SUCCESS) {
ret = psa_status;
goto exit;
}
- if (plaintext_length != (its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
+ if (plaintext_length !=
+ (its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
ret = PSA_ERROR_INVALID_SIGNATURE;
goto exit;
}
- // Verify that the requested UID is equal to the retrieved and authenticated UID
+ // Verify that the requested UID is equal to the retrieved and authenticated
+ // UID
if (uid != its_file_meta.uid) {
ret = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
@@ -1207,15 +1193,17 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
}
ret = PSA_SUCCESS;
- exit:
+exit:
if (blob != NULL) {
memset(blob, 0, its_file_size);
mbedtls_free(blob);
}
sli_its_release_mutex();
#else
- // If no encryption is used, just read out the data and write it directly to the output buffer
- status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, p_data, its_file_offset + data_offset, *p_data_length);
+ // If no encryption is used, just read out the data and write it directly to
+ // the output buffer
+ status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, p_data,
+ its_file_offset + data_offset, *p_data_length);
if (status != ECODE_NVM3_OK) {
ret = PSA_ERROR_STORAGE_FAILURE;
@@ -1223,7 +1211,7 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
ret = PSA_SUCCESS;
}
- exit:
+exit:
sli_its_release_mutex();
#endif
@@ -1234,27 +1222,30 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
* \brief Retrieve the metadata about the provided uid
*
* \param[in] uid The uid value
- * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
+ * \param[out] p_info A pointer to the `psa_storage_info_t` struct that
+ * will be populated with the metadata
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
- * is invalid, for example is `NULL` or references memory the caller cannot access
- * \retval PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of the stored metadata failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_DOES_NOT_EXIST The operation failed
+ * because the provided uid value was not found in the storage \retval
+ * PSA_ERROR_STORAGE_FAILURE The operation failed because the physical
+ * storage has failed (Fatal error) \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because one of the provided pointers(`p_info`) is invalid,
+ * for example is `NULL` or references memory the caller cannot access \retval
+ * PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of
+ * the stored metadata failed.
*/
psa_status_t psa_its_get_info(psa_storage_uid_t uid,
- struct psa_storage_info_t *p_info)
-{
+ struct psa_storage_info_t *p_info) {
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
if (p_info == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
Ecode_t status;
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_size = 0;
size_t its_file_offset = 0;
@@ -1265,20 +1256,21 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid,
goto exit;
}
- status = get_file_metadata(nvm3_object_id, &its_file_meta, &its_file_offset, &its_file_size);
+ status = get_file_metadata(nvm3_object_id, &its_file_meta, &its_file_offset,
+ &its_file_size);
if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER) {
psa_status = PSA_ERROR_DOES_NOT_EXIST;
goto exit;
}
- if (status != ECODE_NVM3_OK
- && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status != ECODE_NVM3_OK && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // Authenticate the ITS file (both metadata and ciphertext) before returning the metadata.
- // Note that this can potentially induce a significant performance hit.
+ // Authenticate the ITS file (both metadata and ciphertext) before returning
+ // the metadata. Note that this can potentially induce a significant
+ // performance hit.
psa_storage_uid_t authenticated_uid;
psa_status = authenticate_its_file(nvm3_object_id, &authenticated_uid);
if (psa_status != PSA_SUCCESS) {
@@ -1300,7 +1292,7 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid,
// Remove IV and MAC size from file size
p_info->size = its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD;
#endif
- exit:
+exit:
sli_its_release_mutex();
return psa_status;
}
@@ -1312,16 +1304,18 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid,
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
- * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_FLAG_WRITE_ONCE
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_DOES_NOT_EXIST The operation failed
+ * because the provided key value was not found in the storage \retval
+ * PSA_ERROR_NOT_PERMITTED The operation failed because the provided key
+ * value was created with PSA_STORAGE_FLAG_WRITE_ONCE \retval
+ * PSA_ERROR_STORAGE_FAILURE The operation failed because the physical
+ * storage has failed (Fatal error)
*/
-psa_status_t psa_its_remove(psa_storage_uid_t uid)
-{
+psa_status_t psa_its_remove(psa_storage_uid_t uid) {
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
Ecode_t status;
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_size = 0;
size_t its_file_offset = 0;
@@ -1332,13 +1326,13 @@ psa_status_t psa_its_remove(psa_storage_uid_t uid)
goto exit;
}
- status = get_file_metadata(nvm3_object_id, &its_file_meta, &its_file_offset, &its_file_size);
+ status = get_file_metadata(nvm3_object_id, &its_file_meta, &its_file_offset,
+ &its_file_size);
if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER) {
psa_status = PSA_ERROR_DOES_NOT_EXIST;
goto exit;
}
- if (status != ECODE_NVM3_OK
- && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status != ECODE_NVM3_OK && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
@@ -1347,13 +1341,14 @@ psa_status_t psa_its_remove(psa_storage_uid_t uid)
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
|| its_file_meta.flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
#endif
- ) {
+ ) {
psa_status = PSA_ERROR_NOT_PERMITTED;
goto exit;
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // If the UID already exists, authenticate the existing value and make sure the stored UID is the same.
+ // If the UID already exists, authenticate the existing value and make sure
+ // the stored UID is the same.
psa_storage_uid_t authenticated_uid;
psa_status = authenticate_its_file(nvm3_object_id, &authenticated_uid);
if (psa_status != PSA_SUCCESS) {
@@ -1381,22 +1376,22 @@ psa_status_t psa_its_remove(psa_storage_uid_t uid)
psa_status = PSA_ERROR_STORAGE_FAILURE;
}
- exit:
+exit:
sli_its_release_mutex();
return psa_status;
}
// -------------------------------------
// Silicon Labs extensions
-static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key)
-{
+static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key) {
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
// Encode the owner in the upper 32 bits. This means that if
// owner values are nonzero (as they are on a PSA platform),
// no key file will ever have a value less than 0x100000000, so
// the whole range 0..0xffffffff is available for non-key files.
uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key);
- return ((uint64_t)unsigned_owner_id << 32) | MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);
+ return ((uint64_t)unsigned_owner_id << 32) |
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);
#else
// Use the key id directly as a file name.
// psa_is_key_id_valid() in psa_crypto_slot_management.c
@@ -1407,8 +1402,7 @@ static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key)
}
psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
- mbedtls_svc_key_id_t new_id)
-{
+ mbedtls_svc_key_id_t new_id) {
psa_storage_uid_t old_uid = psa_its_identifier_of_slot(old_id);
psa_storage_uid_t new_uid = psa_its_identifier_of_slot(new_id);
Ecode_t status;
@@ -1416,7 +1410,7 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
size_t its_file_size = 0;
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
int8_t *its_file_buffer = NULL;
- sli_its_file_meta_v2_t* metadata = NULL;
+ sli_its_file_meta_v2_t *metadata = NULL;
#if defined(SLI_PSA_ITS_ENCRYPTED)
sli_its_encrypted_blob_t *blob = NULL;
@@ -1435,9 +1429,7 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
}
// Get total length to allocate
- status = nvm3_getObjectInfo(nvm3_defaultHandle,
- nvm3_object_id,
- &obj_type,
+ status = nvm3_getObjectInfo(nvm3_defaultHandle, nvm3_object_id, &obj_type,
&its_file_size);
if (status != ECODE_NVM3_OK) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
@@ -1450,12 +1442,10 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
psa_status = PSA_ERROR_INSUFFICIENT_MEMORY;
goto exit;
}
- metadata = (sli_its_file_meta_v2_t*) its_file_buffer;
+ metadata = (sli_its_file_meta_v2_t *)its_file_buffer;
// Read contents of pre-existing key into the temporary buffer
- status = nvm3_readData(nvm3_defaultHandle,
- nvm3_object_id,
- its_file_buffer,
+ status = nvm3_readData(nvm3_defaultHandle, nvm3_object_id, its_file_buffer,
its_file_size);
if (status != ECODE_NVM3_OK) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
@@ -1464,20 +1454,22 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
#if defined(SLI_PSA_ITS_ENCRYPTED)
// Decrypt and authenticate blob
- blob = (sli_its_encrypted_blob_t*)(its_file_buffer + sizeof(sli_its_file_meta_v2_t));
- decrypt_status = decrypt_its_file(metadata,
- blob,
- its_file_size - sizeof(sli_its_file_meta_v2_t),
- blob->data,
- its_file_size - sizeof(sli_its_file_meta_v2_t) - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
- &plaintext_length);
+ blob = (sli_its_encrypted_blob_t *)(its_file_buffer +
+ sizeof(sli_its_file_meta_v2_t));
+ decrypt_status = decrypt_its_file(
+ metadata, blob, its_file_size - sizeof(sli_its_file_meta_v2_t),
+ blob->data,
+ its_file_size - sizeof(sli_its_file_meta_v2_t) -
+ SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
+ &plaintext_length);
if (decrypt_status != PSA_SUCCESS) {
psa_status = decrypt_status;
goto exit;
}
- if (plaintext_length != (its_file_size - sizeof(sli_its_file_meta_v2_t) - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
+ if (plaintext_length != (its_file_size - sizeof(sli_its_file_meta_v2_t) -
+ SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
psa_status = PSA_ERROR_INVALID_SIGNATURE;
goto exit;
}
@@ -1487,7 +1479,8 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
#if defined(SLI_PSA_ITS_SUPPORT_V1_FORMAT)
if (metadata->magic == SLI_PSA_ITS_META_MAGIC_V1) {
// Recast as v1 metadata
- sl_its_file_meta_v1_t* metadata_v1 = (sl_its_file_meta_v1_t*) its_file_buffer;
+ sl_its_file_meta_v1_t *metadata_v1 =
+ (sl_its_file_meta_v1_t *)its_file_buffer;
if (metadata_v1->uid != old_uid) {
psa_status = PSA_ERROR_CORRUPTION_DETECTED;
goto exit;
@@ -1495,7 +1488,7 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
metadata_v1->uid = new_uid;
} else
#endif
- if (metadata->magic == SLI_PSA_ITS_META_MAGIC_V2) {
+ if (metadata->magic == SLI_PSA_ITS_META_MAGIC_V2) {
if (metadata->uid != old_uid) {
psa_status = PSA_ERROR_CORRUPTION_DETECTED;
goto exit;
@@ -1508,12 +1501,9 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
#if defined(SLI_PSA_ITS_ENCRYPTED)
// Encrypt and authenticate the modified data data
- encrypt_status = encrypt_its_file(metadata,
- blob->data,
- plaintext_length,
- blob,
- its_file_size - sizeof(sli_its_file_meta_v2_t),
- &blob_length);
+ encrypt_status = encrypt_its_file(
+ metadata, blob->data, plaintext_length, blob,
+ its_file_size - sizeof(sli_its_file_meta_v2_t), &blob_length);
if (encrypt_status != PSA_SUCCESS) {
psa_status = encrypt_status;
@@ -1527,9 +1517,7 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
#endif
// Overwrite the NVM3 token with the changed buffer
- status = nvm3_writeData(nvm3_defaultHandle,
- nvm3_object_id,
- its_file_buffer,
+ status = nvm3_writeData(nvm3_defaultHandle, nvm3_object_id, its_file_buffer,
its_file_size);
if (status == ECODE_NVM3_OK) {
// Update last lookup and report success
@@ -1543,7 +1531,7 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
psa_status = PSA_ERROR_STORAGE_FAILURE;
}
- exit:
+exit:
if (its_file_buffer != NULL) {
// Clear and free key buffer before return.
memset(its_file_buffer, 0, its_file_size);
@@ -1556,38 +1544,39 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
/**
* \brief Check if the ITS encryption is enabled
*/
-psa_status_t sli_psa_its_encrypted(void)
-{
- #if defined(SLI_PSA_ITS_ENCRYPTED)
+psa_status_t sli_psa_its_encrypted(void) {
+#if defined(SLI_PSA_ITS_ENCRYPTED)
return PSA_SUCCESS;
- #else
+#else
return PSA_ERROR_NOT_SUPPORTED;
- #endif
+#endif
}
#if defined(SLI_PSA_ITS_ENCRYPTED) && !defined(SEMAILBOX_PRESENT)
/**
- * \brief Set the root key to be used when deriving session keys for ITS encryption.
+ * \brief Set the root key to be used when deriving session keys for ITS
+ * encryption.
*
* \param[in] root_key Buffer containing the root key.
- * \param[in] root_key_size Size of the root key in bytes. Must be 32 (256 bits).
+ * \param[in] root_key_size Size of the root key in bytes. Must be 32 (256
+ * bits).
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The key was successfully set.
- * \retval PSA_ERROR_INVALID_ARGUMENT The root key was NULL or had an invalid size.
- * \retval PSA_ERROR_ALREADY_EXISTS The root key has already been initialized.
+ * \retval PSA_ERROR_INVALID_ARGUMENT The root key was NULL or had an
+ * invalid size. \retval PSA_ERROR_ALREADY_EXISTS The root key has
+ * already been initialized.
*/
-psa_status_t sli_psa_its_set_root_key(uint8_t *root_key, size_t root_key_size)
-{
+psa_status_t sli_psa_its_set_root_key(uint8_t *root_key, size_t root_key_size) {
// Check that arguments are valid
if (root_key == NULL || root_key_size != sizeof(g_root_key.data)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
// Check that the root key has not already been set
- // (This is possibly too restrictive. For TrustZone usage this can be enforced by
- // not exposing the function to NS instead.)
+ // (This is possibly too restrictive. For TrustZone usage this can be enforced
+ // by not exposing the function to NS instead.)
if (g_root_key.initialized) {
return PSA_ERROR_ALREADY_EXISTS;
}
@@ -1604,12 +1593,12 @@ psa_status_t sli_psa_its_set_root_key(uint8_t *root_key, size_t root_key_size)
// -------------------------------------
// Defines
-#define SLI_PSA_ITS_V3_DRIVER (0x3A)
-#define SLI_PSA_ITS_V2_DRIVER (0x74)
-#define SLI_PSA_ITS_NOT_CHECKED (0xE8)
-#define SLI_PSA_ITS_V2_DRIVER_FLAG_NVM3_ID (SLI_PSA_ITS_NVM3_RANGE_START - 1)
-#define SLI_PSA_ITS_NVM3_INVALID_KEY (0)
-#define SLI_PSA_ITS_NVM3_UNKNOWN_KEY (1)
+#define SLI_PSA_ITS_V3_DRIVER (0x3A)
+#define SLI_PSA_ITS_V2_DRIVER (0x74)
+#define SLI_PSA_ITS_NOT_CHECKED (0xE8)
+#define SLI_PSA_ITS_V2_DRIVER_FLAG_NVM3_ID (SLI_PSA_ITS_NVM3_RANGE_START - 1)
+#define SLI_PSA_ITS_NVM3_INVALID_KEY (0)
+#define SLI_PSA_ITS_NVM3_UNKNOWN_KEY (1)
#if SL_PSA_ITS_MAX_FILES > SLI_PSA_ITS_NVM3_RANGE_SIZE
#error "Trying to store more ITS files then our NVM3 range allows for"
@@ -1619,23 +1608,24 @@ psa_status_t sli_psa_its_set_root_key(uint8_t *root_key, size_t root_key_size)
// Internal error codes local to this compile unit
#define SLI_PSA_ITS_ECODE_NO_VALID_HEADER (ECODE_EMDRV_NVM3_BASE - 1)
-#define SLI_PSA_ITS_ECODE_NEEDS_UPGRADE (ECODE_EMDRV_NVM3_BASE - 2)
+#define SLI_PSA_ITS_ECODE_NEEDS_UPGRADE (ECODE_EMDRV_NVM3_BASE - 2)
// -------------------------------------
// Local global static variables
SLI_STATIC bool nvm3_uid_set_cache_initialized = false;
-SLI_STATIC uint32_t nvm3_uid_set_cache[(SL_PSA_ITS_MAX_FILES + 31) / 32] = { 0 };
-SLI_STATIC uint32_t nvm3_uid_tomb_cache[(SL_PSA_ITS_MAX_FILES + 31) / 32] = { 0 };
+SLI_STATIC uint32_t nvm3_uid_set_cache[(SL_PSA_ITS_MAX_FILES + 31) / 32] = {0};
+SLI_STATIC uint32_t nvm3_uid_tomb_cache[(SL_PSA_ITS_MAX_FILES + 31) / 32] = {0};
#if SL_PSA_ITS_SUPPORT_V2_DRIVER
SLI_STATIC uint32_t its_driver_version = SLI_PSA_ITS_NOT_CHECKED;
#endif // SL_PSA_ITS_SUPPORT_V2_DRIVER
#if defined(SLI_PSA_ITS_ENCRYPTED)
// The root key is an AES-256 key, and is therefore 32 bytes.
-#define ROOT_KEY_SIZE (32)
-// The session key is derived from CMAC, which means it is equal to the AES block size, i.e. 16 bytes
-#define SESSION_KEY_SIZE (16)
+#define ROOT_KEY_SIZE (32)
+// The session key is derived from CMAC, which means it is equal to the AES
+// block size, i.e. 16 bytes
+#define SESSION_KEY_SIZE (16)
#if !defined(SEMAILBOX_PRESENT)
typedef struct {
@@ -1644,8 +1634,8 @@ typedef struct {
} root_key_t;
static root_key_t g_root_key = {
- .initialized = false,
- .data = { 0 },
+ .initialized = false,
+ .data = {0},
};
#endif // !defined(SEMAILBOX_PRESENT)
@@ -1656,9 +1646,9 @@ typedef struct {
} session_key_t;
static session_key_t g_cached_session_key = {
- .active = false,
- .uid = 0,
- .data = { 0 },
+ .active = false,
+ .uid = 0,
+ .data = {0},
};
#endif // defined(SLI_PSA_ITS_ENCRYPTED)
@@ -1676,12 +1666,10 @@ typedef struct {
// -------------------------------------
// Local function prototypes
-static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
- bool find_empty_slot,
- sli_its_file_meta_v2_t* its_file_meta,
- size_t* its_file_offset,
- size_t* its_file_size,
- nvm3_ObjectKey_t * output_nvm3_id);
+static psa_status_t find_nvm3_id(psa_storage_uid_t uid, bool find_empty_slot,
+ sli_its_file_meta_v2_t *its_file_meta,
+ size_t *its_file_offset, size_t *its_file_size,
+ nvm3_ObjectKey_t *output_nvm3_id);
static nvm3_ObjectKey_t derive_nvm3_id(psa_storage_uid_t uid);
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
@@ -1689,15 +1677,13 @@ static inline bool object_lives_in_s(const void *object, size_t object_size);
#endif
#if defined(SLI_PSA_ITS_ENCRYPTED)
-static psa_status_t derive_session_key(uint8_t *iv,
- size_t iv_size,
+static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size,
uint8_t *session_key,
size_t session_key_size);
static psa_status_t sli_decrypt_its_file(sli_its_file_meta_v2_t *metadata,
sli_its_encrypted_blob_t *blob,
- size_t blob_size,
- uint8_t *plaintext,
+ size_t blob_size, uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length);
@@ -1707,15 +1693,14 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
#if SL_PSA_ITS_SUPPORT_V2_DRIVER
static psa_status_t psa_its_get_legacy(nvm3_ObjectKey_t nvm3_object_id,
- sli_its_file_meta_v2_t* its_file_meta,
+ sli_its_file_meta_v2_t *its_file_meta,
size_t its_file_size,
size_t its_file_offset, void *p_data);
static psa_status_t detect_legacy_versions();
static psa_status_t upgrade_all_keys();
-#if defined (SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
-psa_status_t psa_its_set_v1(psa_storage_uid_t uid,
- uint32_t data_length,
+#if defined(SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
+psa_status_t psa_its_set_v1(psa_storage_uid_t uid, uint32_t data_length,
const void *p_data,
psa_storage_create_flags_t create_flags);
#endif // SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL
@@ -1723,46 +1708,41 @@ psa_status_t psa_its_set_v1(psa_storage_uid_t uid,
// -------------------------------------
// Local function definitions
-static inline uint32_t get_index(nvm3_ObjectKey_t key)
-{
+static inline uint32_t get_index(nvm3_ObjectKey_t key) {
return (key - (SLI_PSA_ITS_NVM3_RANGE_START)) / 32;
}
-static inline uint32_t get_offset(nvm3_ObjectKey_t key)
-{
+static inline uint32_t get_offset(nvm3_ObjectKey_t key) {
return (key - (SLI_PSA_ITS_NVM3_RANGE_START)) % 32;
}
-static inline void set_cache(nvm3_ObjectKey_t key)
-{
+static inline void set_cache(nvm3_ObjectKey_t key) {
nvm3_uid_set_cache[get_index(key)] |= (1 << get_offset(key));
nvm3_uid_tomb_cache[get_index(key)] &= ~(1 << get_offset(key));
}
-static inline void set_tomb(nvm3_ObjectKey_t key)
-{
+static inline void set_tomb(nvm3_ObjectKey_t key) {
nvm3_uid_tomb_cache[get_index(key)] |= (1 << get_offset(key));
uint32_t cache_not_empty = 0;
- for ( size_t i = 0; i < (((SL_PSA_ITS_MAX_FILES) +31) / 32); i++ ) {
+ for (size_t i = 0; i < (((SL_PSA_ITS_MAX_FILES) + 31) / 32); i++) {
cache_not_empty += nvm3_uid_set_cache[i];
}
if (cache_not_empty == 0) {
- for ( size_t i = 0; i < (((SL_PSA_ITS_MAX_FILES) +31) / 32); i++ ) {
+ for (size_t i = 0; i < (((SL_PSA_ITS_MAX_FILES) + 31) / 32); i++) {
nvm3_uid_tomb_cache[i] = 0;
}
}
}
#if SL_PSA_ITS_SUPPORT_V2_DRIVER
-static inline psa_status_t write_driver_v3()
-{
+static inline psa_status_t write_driver_v3() {
uint8_t driver_verison = SLI_PSA_ITS_V3_DRIVER;
Ecode_t status;
- status = nvm3_writeData(nvm3_defaultHandle,
- SLI_PSA_ITS_V2_DRIVER_FLAG_NVM3_ID,
- &driver_verison, sizeof(uint8_t));
- if ( status != ECODE_NVM3_OK ) {
+ status =
+ nvm3_writeData(nvm3_defaultHandle, SLI_PSA_ITS_V2_DRIVER_FLAG_NVM3_ID,
+ &driver_verison, sizeof(uint8_t));
+ if (status != ECODE_NVM3_OK) {
return PSA_ERROR_STORAGE_FAILURE;
}
return PSA_SUCCESS;
@@ -1772,8 +1752,7 @@ static inline psa_status_t write_driver_v3()
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
// If an object of given size is fully encapsulated in a region of
// secure domain the function returns true.
-static inline bool object_lives_in_s(const void *object, size_t object_size)
-{
+static inline bool object_lives_in_s(const void *object, size_t object_size) {
cmse_address_info_t cmse_flags;
for (size_t i = 0u; i < object_size; i++) {
@@ -1787,36 +1766,31 @@ static inline bool object_lives_in_s(const void *object, size_t object_size)
}
#endif
-static inline void clear_cache(nvm3_ObjectKey_t key)
-{
+static inline void clear_cache(nvm3_ObjectKey_t key) {
nvm3_uid_set_cache[get_index(key)] ^= (1 << get_offset(key));
}
-static inline bool lookup_cache(nvm3_ObjectKey_t key)
-{
+static inline bool lookup_cache(nvm3_ObjectKey_t key) {
return (bool)((nvm3_uid_set_cache[get_index(key)] >> get_offset(key)) & 0x1);
}
-static inline bool lookup_tomb(nvm3_ObjectKey_t key)
-{
+static inline bool lookup_tomb(nvm3_ObjectKey_t key) {
return (bool)((nvm3_uid_tomb_cache[get_index(key)] >> get_offset(key)) & 0x1);
}
-static inline nvm3_ObjectKey_t increment_obj_id(nvm3_ObjectKey_t id)
-{
- return SLI_PSA_ITS_NVM3_RANGE_START + ((id - SLI_PSA_ITS_NVM3_RANGE_START + 1)
- % SL_PSA_ITS_MAX_FILES);
+static inline nvm3_ObjectKey_t increment_obj_id(nvm3_ObjectKey_t id) {
+ return SLI_PSA_ITS_NVM3_RANGE_START +
+ ((id - SLI_PSA_ITS_NVM3_RANGE_START + 1) % SL_PSA_ITS_MAX_FILES);
}
-static inline nvm3_ObjectKey_t prng(psa_storage_uid_t uid)
-{
-// Squash uid down to a 32 bit word
+static inline nvm3_ObjectKey_t prng(psa_storage_uid_t uid) {
+ // Squash uid down to a 32 bit word
nvm3_ObjectKey_t uid_32 = uid & 0xFFFFFFFF;
nvm3_ObjectKey_t xored_32 = (uid >> 32) ^ uid_32;
nvm3_ObjectKey_t temp;
-// Accumulate all "entropy" towards the LSB, since that is where we need it
- for ( size_t i = 1; i < 4; i++ ) {
+ // Accumulate all "entropy" towards the LSB, since that is where we need it
+ for (size_t i = 1; i < 4; i++) {
temp = xored_32 ^ (xored_32 >> (8 * i));
- if ((temp & 0x3) != 0 ) {
+ if ((temp & 0x3) != 0) {
temp = temp << 2;
}
uid_32 = (uid_32 + temp);
@@ -1824,39 +1798,38 @@ static inline nvm3_ObjectKey_t prng(psa_storage_uid_t uid)
return uid_32;
}
-static inline nvm3_ObjectKey_t derive_nvm3_id(psa_storage_uid_t uid)
-{
+static inline nvm3_ObjectKey_t derive_nvm3_id(psa_storage_uid_t uid) {
return SLI_PSA_ITS_NVM3_RANGE_START + (prng(uid) % (SL_PSA_ITS_MAX_FILES));
}
-static void init_cache(void)
-{
+static void init_cache(void) {
size_t num_keys_referenced_by_nvm3;
- nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] = { 0 };
+ nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] =
+ {0};
size_t num_del_keys_from_nvm3;
- nvm3_ObjectKey_t deleted_keys_from_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] = { 0 };
+ nvm3_ObjectKey_t deleted_keys_from_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] = {
+ 0};
for (nvm3_ObjectKey_t range_start = SLI_PSA_ITS_NVM3_RANGE_START;
range_start < SLI_PSA_ITS_NVM3_RANGE_END;
range_start += SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE) {
- nvm3_ObjectKey_t range_end = range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
+ nvm3_ObjectKey_t range_end =
+ range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
if (range_end > SLI_PSA_ITS_NVM3_RANGE_END) {
range_end = SLI_PSA_ITS_NVM3_RANGE_END;
}
- num_keys_referenced_by_nvm3 = nvm3_enumObjects(nvm3_defaultHandle,
- keys_referenced_by_nvm3,
- sizeof(keys_referenced_by_nvm3) / sizeof(nvm3_ObjectKey_t),
- range_start,
- range_end - 1);
+ num_keys_referenced_by_nvm3 = nvm3_enumObjects(
+ nvm3_defaultHandle, keys_referenced_by_nvm3,
+ sizeof(keys_referenced_by_nvm3) / sizeof(nvm3_ObjectKey_t), range_start,
+ range_end - 1);
for (size_t i = 0; i < num_keys_referenced_by_nvm3; i++) {
set_cache(keys_referenced_by_nvm3[i]);
}
- num_del_keys_from_nvm3 = nvm3_enumDeletedObjects(nvm3_defaultHandle,
- deleted_keys_from_nvm3,
- sizeof(deleted_keys_from_nvm3) / sizeof(nvm3_ObjectKey_t),
- range_start,
- range_end - 1);
+ num_del_keys_from_nvm3 = nvm3_enumDeletedObjects(
+ nvm3_defaultHandle, deleted_keys_from_nvm3,
+ sizeof(deleted_keys_from_nvm3) / sizeof(nvm3_ObjectKey_t), range_start,
+ range_end - 1);
for (size_t i = 0; i < num_del_keys_from_nvm3; i++) {
set_tomb(deleted_keys_from_nvm3[i]);
}
@@ -1866,10 +1839,9 @@ static void init_cache(void)
// Read the file metadata for a specific NVM3 ID
static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
- sli_its_file_meta_v2_t* metadata,
- size_t* its_file_offset,
- size_t* its_file_size)
-{
+ sli_its_file_meta_v2_t *metadata,
+ size_t *its_file_offset,
+ size_t *its_file_size) {
// Initialize output variables to safe default
if (its_file_offset != NULL) {
*its_file_offset = 0;
@@ -1878,23 +1850,17 @@ static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
*its_file_size = 0;
}
- Ecode_t status = nvm3_readPartialData(nvm3_defaultHandle,
- key,
- metadata,
- 0,
+ Ecode_t status = nvm3_readPartialData(nvm3_defaultHandle, key, metadata, 0,
sizeof(sli_its_file_meta_v2_t));
if (status != ECODE_NVM3_OK) {
return status;
}
-#if defined (SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
+#if defined(SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
// Re-read in v1 header format and translate to the latest structure version
if (metadata->magic == SLI_PSA_ITS_META_MAGIC_V1) {
- sl_its_file_meta_v1_t key_meta_v1 = { 0 };
- status = nvm3_readPartialData(nvm3_defaultHandle,
- key,
- &key_meta_v1,
- 0,
+ sl_its_file_meta_v1_t key_meta_v1 = {0};
+ status = nvm3_readPartialData(nvm3_defaultHandle, key, &key_meta_v1, 0,
sizeof(sl_its_file_meta_v1_t));
if (status != ECODE_NVM3_OK) {
@@ -1926,10 +1892,8 @@ static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
if (its_file_offset != NULL && its_file_size != NULL) {
// Calculate the ITS file size if requested
uint32_t obj_type;
- Ecode_t info_status = nvm3_getObjectInfo(nvm3_defaultHandle,
- key,
- &obj_type,
- its_file_size);
+ Ecode_t info_status =
+ nvm3_getObjectInfo(nvm3_defaultHandle, key, &obj_type, its_file_size);
if (info_status != ECODE_NVM3_OK) {
return info_status;
}
@@ -1942,11 +1906,9 @@ static Ecode_t get_file_metadata(nvm3_ObjectKey_t key,
#if SL_PSA_ITS_SUPPORT_V2_DRIVER
static psa_status_t psa_its_get_legacy(nvm3_ObjectKey_t nvm3_object_id,
- sli_its_file_meta_v2_t* its_file_meta,
+ sli_its_file_meta_v2_t *its_file_meta,
size_t its_file_size,
- size_t its_file_offset,
- void *p_data)
-{
+ size_t its_file_offset, void *p_data) {
Ecode_t status;
if (its_file_size == 0) {
if (its_file_meta != NULL) {
@@ -1960,35 +1922,30 @@ static psa_status_t psa_its_get_legacy(nvm3_ObjectKey_t nvm3_object_id,
size_t plaintext_length;
// its_file_size includes size of sli_its_encrypted_blob_t struct
- blob = (sli_its_encrypted_blob_t*)mbedtls_calloc(1, its_file_size);
+ blob = (sli_its_encrypted_blob_t *)mbedtls_calloc(1, its_file_size);
if (blob == NULL) {
return PSA_ERROR_INSUFFICIENT_MEMORY;
}
memset(blob, 0, its_file_size);
- status = nvm3_readPartialData(nvm3_defaultHandle,
- nvm3_object_id,
- blob,
- its_file_offset,
- its_file_size);
+ status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, blob,
+ its_file_offset, its_file_size);
if (status != ECODE_NVM3_OK) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
goto cleanup;
}
// Decrypt and authenticate blob
- psa_status = sli_decrypt_its_file(its_file_meta,
- blob,
- its_file_size,
- blob->data,
- its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
- &plaintext_length);
+ psa_status = sli_decrypt_its_file(
+ its_file_meta, blob, its_file_size, blob->data,
+ its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD, &plaintext_length);
if (psa_status != PSA_SUCCESS) {
goto cleanup;
}
- if (plaintext_length != (its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
+ if (plaintext_length !=
+ (its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
psa_status = PSA_ERROR_INVALID_SIGNATURE;
goto cleanup;
}
@@ -1998,14 +1955,15 @@ static psa_status_t psa_its_get_legacy(nvm3_ObjectKey_t nvm3_object_id,
}
psa_status = PSA_SUCCESS;
- cleanup:
+cleanup:
if (blob != NULL) {
memset(blob, 0, its_file_size);
mbedtls_free(blob);
}
return psa_status;
#else
- // If no encryption is used, just read out the data and write it directly to the output buffer
+ // If no encryption is used, just read out the data and write it directly to
+ // the output buffer
status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, p_data,
its_file_offset, its_file_size);
@@ -2017,10 +1975,10 @@ static psa_status_t psa_its_get_legacy(nvm3_ObjectKey_t nvm3_object_id,
#endif
}
-// Function sets detect the presence of v1 and v2 its driver. If there is something
-// stored in v1/v2 driver range, it sets its_driver_version to SLI_PSA_ITS_V2_DRIVER.
-static psa_status_t detect_legacy_versions()
-{
+// Function sets detect the presence of v1 and v2 its driver. If there is
+// something stored in v1/v2 driver range, it sets its_driver_version to
+// SLI_PSA_ITS_V2_DRIVER.
+static psa_status_t detect_legacy_versions() {
uint8_t driver_verison = 0;
Ecode_t status;
status = nvm3_readData(nvm3_defaultHandle, SLI_PSA_ITS_V2_DRIVER_FLAG_NVM3_ID,
@@ -2035,43 +1993,39 @@ static psa_status_t detect_legacy_versions()
size_t num_keys_referenced_by_nvm3;
- nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] = {
- 0
- };
+ nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] =
+ {0};
- for ( nvm3_ObjectKey_t range_start = SLI_PSA_ITS_NVM3_RANGE_START_V2_DRIVER;
- range_start < SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER;
- range_start += SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE ) {
+ for (nvm3_ObjectKey_t range_start = SLI_PSA_ITS_NVM3_RANGE_START_V2_DRIVER;
+ range_start < SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER;
+ range_start += SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE) {
nvm3_ObjectKey_t range_end =
- range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
- if (range_end > SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER ) {
+ range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
+ if (range_end > SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER) {
range_end = SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER;
}
- num_keys_referenced_by_nvm3 = nvm3_enumObjects(nvm3_defaultHandle,
- keys_referenced_by_nvm3,
- sizeof(keys_referenced_by_nvm3)
- / sizeof(nvm3_ObjectKey_t),
- range_start,
- range_end - 1);
+ num_keys_referenced_by_nvm3 = nvm3_enumObjects(
+ nvm3_defaultHandle, keys_referenced_by_nvm3,
+ sizeof(keys_referenced_by_nvm3) / sizeof(nvm3_ObjectKey_t), range_start,
+ range_end - 1);
if (num_keys_referenced_by_nvm3 > 0) {
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_size = 0;
size_t its_file_offset = 0;
- status = get_file_metadata(keys_referenced_by_nvm3[0],
- &its_file_meta, &its_file_offset,
- &its_file_size);
+ status = get_file_metadata(keys_referenced_by_nvm3[0], &its_file_meta,
+ &its_file_offset, &its_file_size);
if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER) {
return PSA_ERROR_DOES_NOT_EXIST;
}
- if (status != ECODE_NVM3_OK
- && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status != ECODE_NVM3_OK &&
+ status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
return PSA_ERROR_STORAGE_FAILURE;
}
- if ((its_file_meta.magic == SLI_PSA_ITS_META_MAGIC_V1)
- || (its_file_meta.magic == SLI_PSA_ITS_META_MAGIC_V2)) {
+ if ((its_file_meta.magic == SLI_PSA_ITS_META_MAGIC_V1) ||
+ (its_file_meta.magic == SLI_PSA_ITS_META_MAGIC_V2)) {
its_driver_version = SLI_PSA_ITS_V2_DRIVER;
return PSA_SUCCESS;
} else {
@@ -2083,86 +2037,78 @@ static psa_status_t detect_legacy_versions()
return PSA_SUCCESS;
}
-static psa_status_t upgrade_all_keys()
-{
+static psa_status_t upgrade_all_keys() {
size_t num_keys_referenced_by_nvm3;
- nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] = {
- 0
- };
+ nvm3_ObjectKey_t keys_referenced_by_nvm3[SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE] =
+ {0};
Ecode_t status;
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_data_size;
- uint8_t * its_file_buffer = NULL;
+ uint8_t *its_file_buffer = NULL;
size_t its_file_size = 0;
size_t its_file_offset;
- for ( nvm3_ObjectKey_t range_start = SLI_PSA_ITS_NVM3_RANGE_START_V2_DRIVER;
- range_start < SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER;
- range_start += SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE ) {
+ for (nvm3_ObjectKey_t range_start = SLI_PSA_ITS_NVM3_RANGE_START_V2_DRIVER;
+ range_start < SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER;
+ range_start += SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE) {
nvm3_ObjectKey_t range_end =
- range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
- if (range_end >= SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER ) {
+ range_start + SLI_PSA_ITS_CACHE_INIT_CHUNK_SIZE;
+ if (range_end >= SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER) {
range_end = SLI_PSA_ITS_NVM3_RANGE_END_V2_DRIVER;
}
- num_keys_referenced_by_nvm3 = nvm3_enumObjects(nvm3_defaultHandle,
- keys_referenced_by_nvm3,
- sizeof(keys_referenced_by_nvm3)
- /
- sizeof(nvm3_ObjectKey_t),
- range_start,
- range_end - 1);
- for ( size_t i = 0; i < num_keys_referenced_by_nvm3; i++ ) {
+ num_keys_referenced_by_nvm3 = nvm3_enumObjects(
+ nvm3_defaultHandle, keys_referenced_by_nvm3,
+ sizeof(keys_referenced_by_nvm3) / sizeof(nvm3_ObjectKey_t), range_start,
+ range_end - 1);
+ for (size_t i = 0; i < num_keys_referenced_by_nvm3; i++) {
its_file_size = 0;
its_file_offset = 0;
- status = get_file_metadata(keys_referenced_by_nvm3[i],
- &(its_file_meta), &its_file_offset,
- &its_file_size);
- if ( status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER) {
+ status = get_file_metadata(keys_referenced_by_nvm3[i], &(its_file_meta),
+ &its_file_offset, &its_file_size);
+ if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER) {
return PSA_ERROR_DOES_NOT_EXIST;
}
- if ( status != ECODE_NVM3_OK
- && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status != ECODE_NVM3_OK &&
+ status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
return PSA_ERROR_STORAGE_FAILURE;
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // Subtract IV and MAC from ITS file as the below checks concern the actual data size
+ // Subtract IV and MAC from ITS file as the below checks concern the
+ // actual data size
its_file_data_size = its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD;
#else
its_file_data_size = its_file_size;
#endif
- if ((its_file_meta.magic != SLI_PSA_ITS_META_MAGIC_V2)
- && (its_file_meta.magic != SLI_PSA_ITS_META_MAGIC_V1)) {
+ if ((its_file_meta.magic != SLI_PSA_ITS_META_MAGIC_V2) &&
+ (its_file_meta.magic != SLI_PSA_ITS_META_MAGIC_V1)) {
return PSA_ERROR_STORAGE_FAILURE;
}
- its_file_buffer = mbedtls_calloc(1, its_file_size + sizeof(sli_its_file_meta_v2_t));
+ its_file_buffer =
+ mbedtls_calloc(1, its_file_size + sizeof(sli_its_file_meta_v2_t));
if (its_file_buffer == NULL) {
return PSA_ERROR_INSUFFICIENT_MEMORY;
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
- psa_status = psa_its_get_legacy(keys_referenced_by_nvm3[i],
- &(its_file_meta),
- its_file_size,
- its_file_offset,
- its_file_buffer);
+ psa_status =
+ psa_its_get_legacy(keys_referenced_by_nvm3[i], &(its_file_meta),
+ its_file_size, its_file_offset, its_file_buffer);
#else
- psa_status = psa_its_get_legacy(keys_referenced_by_nvm3[i],
- NULL,
- its_file_size,
- its_file_offset,
- its_file_buffer);
+ psa_status =
+ psa_its_get_legacy(keys_referenced_by_nvm3[i], NULL, its_file_size,
+ its_file_offset, its_file_buffer);
#endif
if (psa_status != PSA_SUCCESS) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
-#if defined (SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
+#if defined(SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
if (its_file_meta.magic == SLI_PSA_ITS_META_MAGIC_V1) {
psa_status = psa_its_set_v1(its_file_meta.uid, its_file_data_size,
its_file_buffer, its_file_meta.flags);
@@ -2173,64 +2119,65 @@ static psa_status_t upgrade_all_keys()
its_file_buffer, its_file_meta.flags);
}
- if ((psa_status != PSA_SUCCESS) && (psa_status
- != PSA_ERROR_NOT_PERMITTED)) {
+ if ((psa_status != PSA_SUCCESS) &&
+ (psa_status != PSA_ERROR_NOT_PERMITTED)) {
goto exit;
}
- status = nvm3_deleteObject(nvm3_defaultHandle,
- keys_referenced_by_nvm3[i]);
+ status =
+ nvm3_deleteObject(nvm3_defaultHandle, keys_referenced_by_nvm3[i]);
- if ( status != ECODE_NVM3_OK ) {
+ if (status != ECODE_NVM3_OK) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
- memset(its_file_buffer, 0, its_file_size + sizeof(sli_its_file_meta_v2_t));
+ memset(its_file_buffer, 0,
+ its_file_size + sizeof(sli_its_file_meta_v2_t));
mbedtls_free(its_file_buffer);
}
}
return PSA_SUCCESS;
- exit:
+exit:
// Clear and free key buffer before return.
memset(its_file_buffer, 0, its_file_size + sizeof(sli_its_file_meta_v2_t));
mbedtls_free(its_file_buffer);
return psa_status;
}
-#if defined (SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
-psa_status_t psa_its_set_v1(psa_storage_uid_t uid,
- uint32_t data_length,
+#if defined(SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL)
+psa_status_t psa_its_set_v1(psa_storage_uid_t uid, uint32_t data_length,
const void *p_data,
- psa_storage_create_flags_t create_flags)
-{
+ psa_storage_create_flags_t create_flags) {
if ((data_length != 0U) && (p_data == NULL)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
- if (create_flags != PSA_STORAGE_FLAG_WRITE_ONCE
- && create_flags != PSA_STORAGE_FLAG_NONE
+ if (create_flags != PSA_STORAGE_FLAG_WRITE_ONCE &&
+ create_flags != PSA_STORAGE_FLAG_NONE
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
&& create_flags != PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
#endif
- ) {
+ ) {
return PSA_ERROR_NOT_SUPPORTED;
}
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- if ((create_flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE)
- && (!object_lives_in_s(p_data, data_length))) {
- // The flag indicates that this data should not be set by the non-secure domain
+ if ((create_flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE) &&
+ (!object_lives_in_s(p_data, data_length))) {
+ // The flag indicates that this data should not be set by the non-secure
+ // domain
return PSA_ERROR_INVALID_ARGUMENT;
}
#endif
Ecode_t status;
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
- sl_its_file_meta_v1_t* its_file_meta;
+ sl_its_file_meta_v1_t *its_file_meta;
nvm3_ObjectKey_t nvm3_object_id = 0;
size_t its_file_size = data_length;
- uint8_t *its_file_buffer = mbedtls_calloc(1, its_file_size + sizeof(sl_its_file_meta_v1_t));
+ uint8_t *its_file_buffer =
+ mbedtls_calloc(1, its_file_size + sizeof(sl_its_file_meta_v1_t));
if (its_file_buffer == NULL) {
return PSA_ERROR_INSUFFICIENT_MEMORY;
}
@@ -2240,8 +2187,8 @@ psa_status_t psa_its_set_v1(psa_storage_uid_t uid,
sli_its_file_meta_v2_t its_file_meta_v2;
sli_its_acquire_mutex();
- psa_status = find_nvm3_id(uid, true, &its_file_meta_v2, NULL, NULL,
- &nvm3_object_id);
+ psa_status =
+ find_nvm3_id(uid, true, &its_file_meta_v2, NULL, NULL, &nvm3_object_id);
if (psa_status != PSA_SUCCESS) {
if (psa_status == PSA_ERROR_DOES_NOT_EXIST) {
psa_status = PSA_ERROR_INSUFFICIENT_STORAGE;
@@ -2254,14 +2201,12 @@ psa_status_t psa_its_set_v1(psa_storage_uid_t uid,
its_file_meta->flags = create_flags;
if (data_length != 0U) {
- memcpy(its_file_buffer + sizeof(sl_its_file_meta_v1_t), ((uint8_t*)
- p_data), data_length);
+ memcpy(its_file_buffer + sizeof(sl_its_file_meta_v1_t), ((uint8_t *)p_data),
+ data_length);
}
- status = nvm3_writeData(nvm3_defaultHandle,
- nvm3_object_id,
- its_file_buffer, its_file_size + sizeof
- (sl_its_file_meta_v1_t));
+ status = nvm3_writeData(nvm3_defaultHandle, nvm3_object_id, its_file_buffer,
+ its_file_size + sizeof(sl_its_file_meta_v1_t));
if (status == ECODE_NVM3_OK) {
// Power-loss might occur, however upon boot, the look-up table will be
@@ -2271,48 +2216,47 @@ psa_status_t psa_its_set_v1(psa_storage_uid_t uid,
psa_status = PSA_ERROR_STORAGE_FAILURE;
}
- exit:
+exit:
// Clear and free key buffer before return.
memset(its_file_buffer, 0, its_file_size + sizeof(sl_its_file_meta_v1_t));
mbedtls_free(its_file_buffer);
sli_its_release_mutex();
return psa_status;
}
-#endif //SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL
-#endif //SL_PSA_ITS_SUPPORT_V1_DRIVER
+#endif // SLI_PSA_ITS_SUPPORT_V1_FORMAT_INTERNAL
+#endif // SL_PSA_ITS_SUPPORT_V1_DRIVER
/**
* \brief Search through NVM3 for correct uid
*
* \param[in] uid UID under what we want to store the data
- * \param[in] find_empty_slot Indicates whether we want to find existing data or empty space for storing new.
- * \param[out] its_file_meta Meta information of ITS file
- * \param[out] its_file_offset Offset of ITS file
- * \param[out] its_file_size Size of ITS file
- * \param[out] output_nvm3_id NVM3 ID corresponding to UID.
+ * \param[in] find_empty_slot Indicates whether we want to find existing data
+ * or empty space for storing new. \param[out] its_file_meta Meta information
+ * of ITS file \param[out] its_file_offset Offset of ITS file \param[out]
+ * its_file_size Size of ITS file \param[out] output_nvm3_id NVM3 ID
+ * corresponding to UID.
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The data with this UID are not stored in NVM3
- * \retval PSA_ERROR_NOT_PERMITTED The requested operation is not permitted
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_DOES_NOT_EXIST The data with this
+ * UID are not stored in NVM3 \retval PSA_ERROR_NOT_PERMITTED The
+ * requested operation is not permitted
*/
-static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
- bool find_empty_slot,
- sli_its_file_meta_v2_t* its_file_meta,
- size_t* its_file_offset,
- size_t* its_file_size,
- nvm3_ObjectKey_t * output_nvm3_id)
-{
+static psa_status_t find_nvm3_id(psa_storage_uid_t uid, bool find_empty_slot,
+ sli_its_file_meta_v2_t *its_file_meta,
+ size_t *its_file_offset, size_t *its_file_size,
+ nvm3_ObjectKey_t *output_nvm3_id) {
Ecode_t status;
nvm3_ObjectKey_t tmp_id = 0;
nvm3_ObjectKey_t nvm3_object_id = 0;
nvm3_object_id = derive_nvm3_id(uid);
if (nvm3_uid_set_cache_initialized == false) {
-#if defined(TFM_CONFIG_SL_SECURE_LIBRARY) \
- // With SKL the NVM3 instance must be initialized by the NS app. We therefore check that
- // it has been opened (which is done on init) rather than actually doing the init.
+#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
+// With SKL the NVM3 instance must be initialized by the NS app. We therefore
+// check that it has been opened (which is done on init) rather than actually
+// doing the init.
if (!nvm3_defaultHandle->hasBeenOpened) {
#else
if (nvm3_initDefault() != ECODE_NVM3_OK) {
@@ -2321,17 +2265,17 @@ static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
}
#if SL_PSA_ITS_SUPPORT_V2_DRIVER
- if ( its_driver_version == SLI_PSA_ITS_NOT_CHECKED ) {
- if ( detect_legacy_versions() != PSA_SUCCESS ) {
+ if (its_driver_version == SLI_PSA_ITS_NOT_CHECKED) {
+ if (detect_legacy_versions() != PSA_SUCCESS) {
return PSA_ERROR_STORAGE_FAILURE;
}
- if ( its_driver_version == SLI_PSA_ITS_V2_DRIVER ) {
+ if (its_driver_version == SLI_PSA_ITS_V2_DRIVER) {
psa_status_t psa_status = upgrade_all_keys();
- if ( psa_status != PSA_SUCCESS ) {
+ if (psa_status != PSA_SUCCESS) {
return psa_status;
}
psa_status = write_driver_v3();
- if ( psa_status != PSA_SUCCESS ) {
+ if (psa_status != PSA_SUCCESS) {
return psa_status;
}
} else {
@@ -2345,12 +2289,12 @@ static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
#endif
}
- for (size_t i = 0; i < SL_PSA_ITS_MAX_FILES; ++i ) {
+ for (size_t i = 0; i < SL_PSA_ITS_MAX_FILES; ++i) {
if (!lookup_cache(nvm3_object_id)) {
// dont exist
if (lookup_tomb(nvm3_object_id)) {
// tombstone
- if (tmp_id == 0 ) {
+ if (tmp_id == 0) {
// mark first empty space
tmp_id = nvm3_object_id;
}
@@ -2373,8 +2317,8 @@ static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
status = get_file_metadata(nvm3_object_id, its_file_meta, its_file_offset,
its_file_size);
- if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER
- || status == ECODE_NVM3_ERR_READ_DATA_SIZE) {
+ if (status == SLI_PSA_ITS_ECODE_NO_VALID_HEADER ||
+ status == ECODE_NVM3_ERR_READ_DATA_SIZE) {
// we don't expect any other data in our range then PSA ITS files.
// delete the file if the magic doesn't match or the object on disk
// is too small to even have full metadata.
@@ -2384,8 +2328,7 @@ static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
}
}
- if (status != ECODE_NVM3_OK
- && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
+ if (status != ECODE_NVM3_OK && status != SLI_PSA_ITS_ECODE_NEEDS_UPGRADE) {
return PSA_ERROR_STORAGE_FAILURE;
}
@@ -2395,15 +2338,17 @@ static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
if (find_empty_slot) {
if (its_file_meta->flags == PSA_STORAGE_FLAG_WRITE_ONCE
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- || its_file_meta->flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
+ || its_file_meta->flags ==
+ PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
#endif
- ) {
+ ) {
return PSA_ERROR_NOT_PERMITTED;
}
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // If the UID already exists, authenticate the existing value and make sure the stored UID is the same.
- // Note that this can potentially induce a significant performance hit.
+ // If the UID already exists, authenticate the existing value and make
+ // sure the stored UID is the same. Note that this can potentially induce
+ // a significant performance hit.
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_storage_uid_t authenticated_uid = 0;
psa_status = authenticate_its_file(nvm3_object_id, &authenticated_uid);
@@ -2429,35 +2374,40 @@ static psa_status_t find_nvm3_id(psa_storage_uid_t uid,
}
#if defined(SLI_PSA_ITS_ENCRYPTED)
-static inline void cache_session_key(uint8_t *session_key, psa_storage_uid_t uid)
-{
+static inline void cache_session_key(uint8_t *session_key,
+ psa_storage_uid_t uid) {
// Cache the session key
- memcpy(g_cached_session_key.data, session_key, sizeof(g_cached_session_key.data));
+ memcpy(g_cached_session_key.data, session_key,
+ sizeof(g_cached_session_key.data));
g_cached_session_key.uid = uid;
g_cached_session_key.active = true;
}
/**
- * \brief Derive a session key for ITS file encryption from the initialized root key and provided IV.
+ * \brief Derive a session key for ITS file encryption from the initialized root
+ * key and provided IV.
*
- * \param[in] iv Pointer to array containing the initialization vector to be used in the key derivation.
- * \param[in] iv_size Size of the IV buffer in bytes. Must be 12 bytes (AES-GCM IV size).
- * \param[out] session_key Pointer to array where derived session key shall be stored.
- * \param[out] session_key_size Size of the derived session key output array. Must be at least 32 bytes (AES-256 key size).
+ * \param[in] iv Pointer to array containing the initialization
+ * vector to be used in the key derivation. \param[in] iv_size Size of
+ * the IV buffer in bytes. Must be 12 bytes (AES-GCM IV size). \param[out]
+ * session_key Pointer to array where derived session key shall be stored.
+ * \param[out] session_key_size Size of the derived session key output array.
+ * Must be at least 32 bytes (AES-256 key size).
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because iv or session_key is NULL, or their sizes are incorrect.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_BAD_STATE The root key has
+ * not been initialized. \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because iv or session_key is NULL, or their sizes are
+ * incorrect. \retval PSA_ERROR_HARDWARE_FAILURE The operation failed
+ * because an internal cryptographic operation failed.
*/
-static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *session_key, size_t session_key_size)
-{
- if (iv == NULL
- || iv_size != AES_GCM_IV_SIZE
- || session_key == NULL
- || session_key_size < SESSION_KEY_SIZE) {
+static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size,
+ uint8_t *session_key,
+ size_t session_key_size) {
+ if (iv == NULL || iv_size != AES_GCM_IV_SIZE || session_key == NULL ||
+ session_key_size < SESSION_KEY_SIZE) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -2470,9 +2420,8 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
psa_key_lifetime_t reported_lifetime;
psa_drv_slot_number_t reported_slot;
- status = mbedtls_psa_platform_get_builtin_key(psa_get_key_id(&attributes),
- &reported_lifetime,
- &reported_slot);
+ status = mbedtls_psa_platform_get_builtin_key(
+ psa_get_key_id(&attributes), &reported_lifetime, &reported_slot);
if (status != PSA_SUCCESS) {
return status;
@@ -2482,15 +2431,12 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
uint8_t key_buffer[sizeof(sli_se_opaque_key_context_header_t)];
size_t key_buffer_size;
- status = sli_se_opaque_get_builtin_key(reported_slot,
- &attributes,
- key_buffer,
- sizeof(key_buffer),
- &key_buffer_size);
+ status = sli_se_opaque_get_builtin_key(reported_slot, &attributes, key_buffer,
+ sizeof(key_buffer), &key_buffer_size);
if (status != PSA_SUCCESS) {
return status;
}
-#else // defined(SEMAILBOX_PRESENT)
+#else // defined(SEMAILBOX_PRESENT)
// For VSE devices, use the previously initialized root key
if (!g_root_key.initialized) {
return PSA_ERROR_BAD_STATE;
@@ -2502,24 +2448,18 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
psa_set_key_bits(&attributes, ROOT_KEY_SIZE * 8);
// Point the key buffer to the global root key
- uint8_t *key_buffer = (uint8_t*)g_root_key.data;
+ uint8_t *key_buffer = (uint8_t *)g_root_key.data;
size_t key_buffer_size = sizeof(g_root_key.data);
#endif // defined(SEMAILBOX_PRESENT)
// Use CMAC as a key derivation function
size_t session_key_length;
status = psa_driver_wrapper_mac_compute(
- &attributes,
- key_buffer,
- key_buffer_size,
- PSA_ALG_CMAC,
- iv,
- iv_size,
- session_key,
- session_key_size,
- &session_key_length);
-
- // Verify that the key derivation was successful before transferring the key to the caller
+ &attributes, key_buffer, key_buffer_size, PSA_ALG_CMAC, iv, iv_size,
+ session_key, session_key_size, &session_key_length);
+
+ // Verify that the key derivation was successful before transferring the key
+ // to the caller
if (status != PSA_SUCCESS || session_key_length != SESSION_KEY_SIZE) {
memset(session_key, 0, session_key_size);
return PSA_ERROR_HARDWARE_FAILURE;
@@ -2529,40 +2469,42 @@ static psa_status_t derive_session_key(uint8_t *iv, size_t iv_size, uint8_t *ses
}
/**
- * \brief Encrypt and authenticate ITS data with AES-128-GCM, storing the result in an encrypted blob.
- *
- * \param[in] metadata ITS metadata to be used as authenticated additional data.
- * \param[in] plaintext Pointer to array containing data to be encrypted.
- * \param[in] plaintext_size Size of provided plaintext data array.
- * \param[out] blob Pointer to array where the resulting encrypted blob shall be placed.
- * \param[in] blob_size Size of the output array. Must be at least as big as plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD
- * \param[out] blob_length Resulting size of the output blob.
+ * \brief Encrypt and authenticate ITS data with AES-128-GCM, storing the result
+ * in an encrypted blob.
+ *
+ * \param[in] metadata ITS metadata to be used as authenticated
+ * additional data. \param[in] plaintext Pointer to array containing data
+ * to be encrypted. \param[in] plaintext_size Size of provided plaintext data
+ * array. \param[out] blob Pointer to array where the resulting
+ * encrypted blob shall be placed. \param[in] blob_size Size of the output
+ * array. Must be at least as big as plaintext_size +
+ * SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD \param[out] blob_length Resulting
+ * size of the output blob.
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more arguments are NULL or of invalid size.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_BAD_STATE The root key has
+ * not been initialized. \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because one or more arguments are NULL or of invalid size.
+ * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an
+ * internal cryptographic operation failed.
*/
psa_status_t sli_encrypt_its_file(sli_its_file_meta_v2_t *metadata,
- uint8_t *plaintext,
- size_t plaintext_size,
+ uint8_t *plaintext, size_t plaintext_size,
sli_its_encrypted_blob_t *blob,
- size_t blob_size,
- size_t *blob_length)
-{
- if (metadata == NULL
- || (plaintext == NULL && plaintext_size > 0)
- || blob == NULL
- || blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD
- || blob_length == NULL) {
+ size_t blob_size, size_t *blob_length) {
+ if (metadata == NULL || (plaintext == NULL && plaintext_size > 0) ||
+ blob == NULL ||
+ blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD ||
+ blob_length == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
// Generate IV
size_t iv_length = 0;
- psa_status_t psa_status = mbedtls_psa_external_get_random(NULL, blob->iv, AES_GCM_IV_SIZE, &iv_length);
+ psa_status_t psa_status = mbedtls_psa_external_get_random(
+ NULL, blob->iv, AES_GCM_IV_SIZE, &iv_length);
if (psa_status != PSA_SUCCESS || iv_length != AES_GCM_IV_SIZE) {
return PSA_ERROR_HARDWARE_FAILURE;
@@ -2576,7 +2518,8 @@ psa_status_t sli_encrypt_its_file(sli_its_file_meta_v2_t *metadata,
psa_set_key_bits(&attributes, SESSION_KEY_SIZE * 8);
uint8_t session_key[SESSION_KEY_SIZE];
- psa_status = derive_session_key(blob->iv, AES_GCM_IV_SIZE, session_key, sizeof(session_key));
+ psa_status = derive_session_key(blob->iv, AES_GCM_IV_SIZE, session_key,
+ sizeof(session_key));
if (psa_status != PSA_SUCCESS) {
return psa_status;
}
@@ -2585,20 +2528,19 @@ psa_status_t sli_encrypt_its_file(sli_its_file_meta_v2_t *metadata,
// Retrieve data to be encrypted
if (plaintext_size != 0U) {
- memcpy(blob->data, ((uint8_t*)plaintext), plaintext_size);
+ memcpy(blob->data, ((uint8_t *)plaintext), plaintext_size);
}
// Encrypt and authenticate blob
size_t output_length = 0;
psa_status = psa_driver_wrapper_aead_encrypt(
- &attributes,
- session_key, sizeof(session_key),
- PSA_ALG_GCM,
- blob->iv, sizeof(blob->iv),
- (uint8_t*)metadata, sizeof(sli_its_file_meta_v2_t), // metadata is AAD
- blob->data, plaintext_size,
- blob->data, plaintext_size + AES_GCM_MAC_SIZE, // output == input for in-place encryption
- &output_length);
+ &attributes, session_key, sizeof(session_key), PSA_ALG_GCM, blob->iv,
+ sizeof(blob->iv), (uint8_t *)metadata,
+ sizeof(sli_its_file_meta_v2_t), // metadata is AAD
+ blob->data, plaintext_size, blob->data,
+ plaintext_size +
+ AES_GCM_MAC_SIZE, // output == input for in-place encryption
+ &output_length);
// Clear the local session key immediately after we're done using it
memset(session_key, 0, sizeof(session_key));
@@ -2619,33 +2561,34 @@ psa_status_t sli_encrypt_its_file(sli_its_file_meta_v2_t *metadata,
/**
* \brief Decrypt and authenticate encrypted ITS data.
*
- * \param[in] metadata ITS metadata to be used as authenticated additional data. Must be identical to the metadata used during encryption.
+ * \param[in] metadata ITS metadata to be used as authenticated
+ * additional data. Must be identical to the metadata used during encryption.
* \param[in] blob Encrypted blob containing data to be decrypted.
* \param[in] blob_size Size of the encrypted blob in bytes.
- * \param[out] plaintext Pointer to array where the decrypted plaintext shall be placed.
- * \param[in] plaintext_size Size of the plaintext array. Must be equal to sizeof(blob->data) - AES_GCM_MAC_SIZE.
- * \param[out] plaintext_length Resulting length of the decrypted plaintext.
+ * \param[out] plaintext Pointer to array where the decrypted plaintext
+ * shall be placed. \param[in] plaintext_size Size of the plaintext array.
+ * Must be equal to sizeof(blob->data) - AES_GCM_MAC_SIZE. \param[out]
+ * plaintext_length Resulting length of the decrypted plaintext.
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of the decrypted data failed.
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more arguments are NULL or of invalid size.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_INVALID_SIGANTURE The operation
+ * failed because authentication of the decrypted data failed. \retval
+ * PSA_ERROR_BAD_STATE The root key has not been initialized.
+ * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because
+ * one or more arguments are NULL or of invalid size. \retval
+ * PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal
+ * cryptographic operation failed.
*/
static psa_status_t sli_decrypt_its_file(sli_its_file_meta_v2_t *metadata,
sli_its_encrypted_blob_t *blob,
- size_t blob_size,
- uint8_t *plaintext,
+ size_t blob_size, uint8_t *plaintext,
size_t plaintext_size,
- size_t *plaintext_length)
-{
- if (metadata == NULL
- || blob == NULL
- || blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD
- || (plaintext == NULL && plaintext_size > 0)
- || plaintext_length == NULL) {
+ size_t *plaintext_length) {
+ if (metadata == NULL || blob == NULL ||
+ blob_size < plaintext_size + SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD ||
+ (plaintext == NULL && plaintext_size > 0) || plaintext_length == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -2659,11 +2602,13 @@ static psa_status_t sli_decrypt_its_file(sli_its_file_meta_v2_t *metadata,
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t session_key[SESSION_KEY_SIZE];
- if (g_cached_session_key.active && g_cached_session_key.uid == metadata->uid) {
+ if (g_cached_session_key.active &&
+ g_cached_session_key.uid == metadata->uid) {
// Use cached session key if it's already set and UID matches
memcpy(session_key, g_cached_session_key.data, sizeof(session_key));
} else {
- psa_status = derive_session_key(blob->iv, AES_GCM_IV_SIZE, session_key, sizeof(session_key));
+ psa_status = derive_session_key(blob->iv, AES_GCM_IV_SIZE, session_key,
+ sizeof(session_key));
if (psa_status != PSA_SUCCESS) {
return psa_status;
}
@@ -2673,14 +2618,11 @@ static psa_status_t sli_decrypt_its_file(sli_its_file_meta_v2_t *metadata,
// Decrypt and authenticate blob
size_t output_length = 0;
psa_status = psa_driver_wrapper_aead_decrypt(
- &attributes,
- session_key, sizeof(session_key),
- PSA_ALG_GCM,
- blob->iv, sizeof(blob->iv),
- (uint8_t*)metadata, sizeof(sli_its_file_meta_v2_t), // metadata is AAD
- blob->data, plaintext_size + AES_GCM_MAC_SIZE,
- plaintext, plaintext_size,
- &output_length);
+ &attributes, session_key, sizeof(session_key), PSA_ALG_GCM, blob->iv,
+ sizeof(blob->iv), (uint8_t *)metadata,
+ sizeof(sli_its_file_meta_v2_t), // metadata is AAD
+ blob->data, plaintext_size + AES_GCM_MAC_SIZE, plaintext, plaintext_size,
+ &output_length);
// Clear the session key immediately after we're done using it
memset(session_key, 0, sizeof(session_key));
@@ -2690,8 +2632,7 @@ static psa_status_t sli_decrypt_its_file(sli_its_file_meta_v2_t *metadata,
return PSA_ERROR_INVALID_SIGNATURE;
}
- if (psa_status != PSA_SUCCESS
- || output_length != plaintext_size) {
+ if (psa_status != PSA_SUCCESS || output_length != plaintext_size) {
return PSA_ERROR_HARDWARE_FAILURE;
}
@@ -2701,37 +2642,41 @@ static psa_status_t sli_decrypt_its_file(sli_its_file_meta_v2_t *metadata,
}
/**
- * \brief Authenticate encrypted ITS data and return the UID of the ITS file that was authenticated.
+ * \brief Authenticate encrypted ITS data and return the UID of the ITS file
+ * that was authenticated.
*
- * \details NOTE: This function will run sli_decrypt_its_file() internally. The difference from the sli_decrypt_its_file()
- * function is that authenticate_its_file() reads the NVM3 data, decrypts it in order to authenticate the
- * stored data, and then discards the plaintext. This is needed since PSA Crypto doesn't support the
- * GMAC primitive directly, which means we have to run a full GCM decrypt for authentication.
+ * \details NOTE: This function will run sli_decrypt_its_file() internally. The
+ * difference from the sli_decrypt_its_file() function is that
+ * authenticate_its_file() reads the NVM3 data, decrypts it in order to
+ * authenticate the stored data, and then discards the plaintext. This is needed
+ * since PSA Crypto doesn't support the GMAC primitive directly, which means we
+ * have to run a full GCM decrypt for authentication.
*
- * \param[in] nvm3_object_id The NVM3 id corresponding to the stored ITS file.
- * \param[out] authenticated_uid UID for the authenticated ITS file.
+ * \param[in] nvm3_object_id The NVM3 id corresponding to the stored ITS
+ * file. \param[out] authenticated_uid UID for the authenticated ITS file.
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of the decrypted data failed.
- * \retval PSA_ERROR_BAD_STATE The root key has not been initialized.
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more arguments are NULL or of invalid size.
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_INVALID_SIGANTURE The operation
+ * failed because authentication of the decrypted data failed. \retval
+ * PSA_ERROR_BAD_STATE The root key has not been initialized.
+ * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because
+ * one or more arguments are NULL or of invalid size. \retval
+ * PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal
+ * cryptographic operation failed.
*/
-static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
- psa_storage_uid_t *authenticated_uid)
-{
+static psa_status_t
+authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
+ psa_storage_uid_t *authenticated_uid) {
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
sli_its_file_meta_v2_t *its_file_meta = NULL;
sli_its_encrypted_blob_t *blob = NULL;
uint32_t obj_type;
size_t its_file_size = 0;
- Ecode_t status = nvm3_getObjectInfo(nvm3_defaultHandle,
- nvm3_object_id,
- &obj_type,
- &its_file_size);
+ Ecode_t status = nvm3_getObjectInfo(nvm3_defaultHandle, nvm3_object_id,
+ &obj_type, &its_file_size);
if (status != ECODE_NVM3_OK) {
return PSA_ERROR_STORAGE_FAILURE;
}
@@ -2742,32 +2687,32 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
}
memset(its_file_buffer, 0, its_file_size);
- status = nvm3_readData(nvm3_defaultHandle,
- nvm3_object_id,
- its_file_buffer,
+ status = nvm3_readData(nvm3_defaultHandle, nvm3_object_id, its_file_buffer,
its_file_size);
if (status != ECODE_NVM3_OK) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
goto cleanup;
}
- its_file_meta = (sli_its_file_meta_v2_t*)its_file_buffer;
- blob = (sli_its_encrypted_blob_t*)(its_file_buffer + sizeof(sli_its_file_meta_v2_t));
+ its_file_meta = (sli_its_file_meta_v2_t *)its_file_buffer;
+ blob = (sli_its_encrypted_blob_t *)(its_file_buffer +
+ sizeof(sli_its_file_meta_v2_t));
// Decrypt and authenticate blob
size_t plaintext_length;
- psa_status = sli_decrypt_its_file(its_file_meta,
- blob,
- its_file_size - sizeof(sli_its_file_meta_v2_t),
- blob->data,
- its_file_size - sizeof(sli_its_file_meta_v2_t) - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
- &plaintext_length);
+ psa_status = sli_decrypt_its_file(
+ its_file_meta, blob, its_file_size - sizeof(sli_its_file_meta_v2_t),
+ blob->data,
+ its_file_size - sizeof(sli_its_file_meta_v2_t) -
+ SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
+ &plaintext_length);
if (psa_status != PSA_SUCCESS) {
goto cleanup;
}
- if (plaintext_length != (its_file_size - sizeof(sli_its_file_meta_v2_t) - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
+ if (plaintext_length != (its_file_size - sizeof(sli_its_file_meta_v2_t) -
+ SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
psa_status = PSA_ERROR_INVALID_SIGNATURE;
goto cleanup;
}
@@ -2778,9 +2723,10 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
psa_status = PSA_SUCCESS;
- cleanup:
+cleanup:
- // Discard output, as we're only interested in whether the authentication check passed or not.
+ // Discard output, as we're only interested in whether the authentication
+ // check passed or not.
memset(its_file_buffer, 0, its_file_size);
mbedtls_free(its_file_buffer);
@@ -2801,21 +2747,25 @@ static psa_status_t authenticate_its_file(nvm3_ObjectKey_t nvm3_object_id,
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_FLAG_WRITE_ONCE
- * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`)
- * is invalid, for example is `NULL` or references memory the caller cannot access
- * \retval PSA_ERROR_HARDWARE_FAILURE The operation failed because an internal cryptographic operation failed.
- * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the provided `uid` doesnt match the autenticated uid from the storage
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_NOT_PERMITTED The operation
+ * failed because the provided `uid` value was already created with
+ * PSA_STORAGE_FLAG_WRITE_ONCE \retval PSA_ERROR_NOT_SUPPORTED The
+ * operation failed because one or more of the flags provided in `create_flags`
+ * is not supported or is not valid \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * The operation failed because there was insufficient space on the storage
+ * medium \retval PSA_ERROR_STORAGE_FAILURE The operation failed
+ * because the physical storage has failed (Fatal error) \retval
+ * PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the
+ * provided pointers(`p_data`) is invalid, for example is `NULL` or references
+ * memory the caller cannot access \retval PSA_ERROR_HARDWARE_FAILURE The
+ * operation failed because an internal cryptographic operation failed. \retval
+ * PSA_ERROR_INVALID_SIGNATURE The operation failed because the provided
+ * `uid` doesnt match the autenticated uid from the storage
*/
-psa_status_t psa_its_set(psa_storage_uid_t uid,
- uint32_t data_length,
+psa_status_t psa_its_set(psa_storage_uid_t uid, uint32_t data_length,
const void *p_data,
- psa_storage_create_flags_t create_flags)
-{
+ psa_storage_create_flags_t create_flags) {
if ((data_length != 0U) && (p_data == NULL)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
@@ -2823,26 +2773,27 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
return PSA_ERROR_STORAGE_FAILURE;
}
- if (create_flags != PSA_STORAGE_FLAG_WRITE_ONCE
- && create_flags != PSA_STORAGE_FLAG_NONE
+ if (create_flags != PSA_STORAGE_FLAG_WRITE_ONCE &&
+ create_flags != PSA_STORAGE_FLAG_NONE
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
&& create_flags != PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
#endif
- ) {
+ ) {
return PSA_ERROR_NOT_SUPPORTED;
}
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- if ((create_flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE)
- && (!object_lives_in_s(p_data, data_length))) {
- // The flag indicates that this data should not be set by the non-secure domain
+ if ((create_flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE) &&
+ (!object_lives_in_s(p_data, data_length))) {
+ // The flag indicates that this data should not be set by the non-secure
+ // domain
return PSA_ERROR_INVALID_ARGUMENT;
}
#endif
Ecode_t status;
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
- sli_its_file_meta_v2_t* its_file_meta;
+ sli_its_file_meta_v2_t *its_file_meta;
nvm3_ObjectKey_t nvm3_object_id = 0;
#if defined(SLI_PSA_ITS_ENCRYPTED)
sli_its_encrypted_blob_t *blob = NULL;
@@ -2852,7 +2803,8 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
size_t its_file_size = data_length;
#endif
- uint8_t *its_file_buffer = mbedtls_calloc(1, its_file_size + sizeof(sli_its_file_meta_v2_t));
+ uint8_t *its_file_buffer =
+ mbedtls_calloc(1, its_file_size + sizeof(sli_its_file_meta_v2_t));
if (its_file_buffer == NULL) {
return PSA_ERROR_INSUFFICIENT_MEMORY;
}
@@ -2861,7 +2813,8 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
its_file_meta = (sli_its_file_meta_v2_t *)its_file_buffer;
sli_its_acquire_mutex();
- psa_status = find_nvm3_id(uid, true, its_file_meta, NULL, NULL, &nvm3_object_id);
+ psa_status =
+ find_nvm3_id(uid, true, its_file_meta, NULL, NULL, &nvm3_object_id);
if (psa_status != PSA_SUCCESS) {
if (psa_status == PSA_ERROR_DOES_NOT_EXIST) {
psa_status = PSA_ERROR_INSUFFICIENT_STORAGE;
@@ -2874,16 +2827,15 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
its_file_meta->flags = create_flags;
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // Everything after the the file metadata will make up the encrypted & authenticated blob
- blob = (sli_its_encrypted_blob_t*)(its_file_buffer + sizeof(sli_its_file_meta_v2_t));
+ // Everything after the the file metadata will make up the encrypted &
+ // authenticated blob
+ blob = (sli_its_encrypted_blob_t *)(its_file_buffer +
+ sizeof(sli_its_file_meta_v2_t));
// Encrypt and authenticate the provided data
- psa_status = sli_encrypt_its_file(its_file_meta,
- (uint8_t*)p_data,
- data_length,
- blob,
- its_file_size,
- &blob_length);
+ psa_status =
+ sli_encrypt_its_file(its_file_meta, (uint8_t *)p_data, data_length, blob,
+ its_file_size, &blob_length);
if (psa_status != PSA_SUCCESS) {
goto exit;
@@ -2896,13 +2848,13 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
#else
if (data_length != 0U) {
- memcpy(its_file_buffer + sizeof(sli_its_file_meta_v2_t), ((uint8_t*)p_data), data_length);
+ memcpy(its_file_buffer + sizeof(sli_its_file_meta_v2_t),
+ ((uint8_t *)p_data), data_length);
}
#endif
- status = nvm3_writeData(nvm3_defaultHandle,
- nvm3_object_id,
- its_file_buffer, its_file_size + sizeof(sli_its_file_meta_v2_t));
+ status = nvm3_writeData(nvm3_defaultHandle, nvm3_object_id, its_file_buffer,
+ its_file_size + sizeof(sli_its_file_meta_v2_t));
if (status == ECODE_NVM3_OK) {
// Power-loss might occur, however upon boot, the look-up table will be
@@ -2912,7 +2864,7 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
psa_status = PSA_ERROR_STORAGE_FAILURE;
}
- exit:
+exit:
// Clear and free key buffer before return.
memset(its_file_buffer, 0, its_file_size + sizeof(sli_its_file_meta_v2_t));
mbedtls_free(its_file_buffer);
@@ -2925,36 +2877,38 @@ psa_status_t psa_its_set(psa_storage_uid_t uid,
*
* \param[in] uid The uid value
* \param[in] data_offset The starting offset of the data requested
- * \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer)
- * \param[out] p_data The buffer where the data will be placed upon successful completion
- * \param[out] p_data_length The amount of data returned in the p_data buffer
+ * \param[in] data_length the amount of data requested (and the minimum
+ * allocated size of the `p_data` buffer) \param[out] p_data The
+ * buffer where the data will be placed upon successful completion \param[out]
+ * p_data_length The amount of data returned in the p_data buffer
*
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
- * \retval PSA_ERROR_BUFFER_TOO_SMALL The operation failed because the data associated with provided uid is larger than `data_size`
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
- * is invalid. For example is `NULL` or references memory the caller cannot access.
- * In addition, this can also happen if an invalid offset was provided.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_DOES_NOT_EXIST The operation failed
+ * because the provided `uid` value was not found in the storage \retval
+ * PSA_ERROR_BUFFER_TOO_SMALL The operation failed because the data associated
+ * with provided uid is larger than `data_size` \retval
+ * PSA_ERROR_STORAGE_FAILURE The operation failed because the physical
+ * storage has failed (Fatal error) \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because one of the provided pointers(`p_data`,
+ * `p_data_length`) is invalid. For example is `NULL` or references memory the
+ * caller cannot access. In addition, this can also happen if an invalid offset
+ * was provided.
*/
-psa_status_t psa_its_get(psa_storage_uid_t uid,
- uint32_t data_offset,
- uint32_t data_length,
- void *p_data,
- size_t *p_data_length)
-{
+psa_status_t psa_its_get(psa_storage_uid_t uid, uint32_t data_offset,
+ uint32_t data_length, void *p_data,
+ size_t *p_data_length) {
if ((data_length != 0U) && (p_data_length == NULL)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
if (data_length != 0U) {
- // If the request amount of data is 0, allow invalid pointer of the output buffer.
- if ((p_data == NULL)
- || ((uint32_t)p_data < SRAM_BASE)
- || ((uint32_t)p_data > (SRAM_BASE + SRAM_SIZE - data_length))) {
+ // If the request amount of data is 0, allow invalid pointer of the output
+ // buffer.
+ if ((p_data == NULL) || ((uint32_t)p_data < SRAM_BASE) ||
+ ((uint32_t)p_data > (SRAM_BASE + SRAM_SIZE - data_length))) {
return PSA_ERROR_INVALID_ARGUMENT;
}
}
@@ -2965,28 +2919,31 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
#endif
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
Ecode_t status;
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_size = 0u;
size_t its_file_data_size = 0u;
size_t its_file_offset = 0u;
nvm3_ObjectKey_t nvm3_object_id;
sli_its_acquire_mutex();
- psa_status = find_nvm3_id(uid, false, &its_file_meta, &its_file_offset, &its_file_size, &nvm3_object_id);
+ psa_status = find_nvm3_id(uid, false, &its_file_meta, &its_file_offset,
+ &its_file_size, &nvm3_object_id);
if (psa_status != PSA_SUCCESS) {
goto exit;
}
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
- if (its_file_meta.flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE
- && !object_lives_in_s(p_data, data_length)) {
- // The flag indicates that this data should not be read back to the non-secure domain
+ if (its_file_meta.flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE &&
+ !object_lives_in_s(p_data, data_length)) {
+ // The flag indicates that this data should not be read back to the
+ // non-secure domain
psa_status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
#endif
#if defined(SLI_PSA_ITS_ENCRYPTED)
- // Subtract IV and MAC from ITS file as the below checks concern the actual data size
+ // Subtract IV and MAC from ITS file as the below checks concern the actual
+ // data size
its_file_data_size = its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD;
#else
its_file_data_size = its_file_size;
@@ -3003,7 +2960,8 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
goto exit;
}
} else {
- // Allow the offset at the data size boundary if the requested amount of data is zero.
+ // Allow the offset at the data size boundary if the requested amount of
+ // data is zero.
if (data_offset > its_file_data_size) {
psa_status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
@@ -3018,41 +2976,37 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
#if defined(SLI_PSA_ITS_ENCRYPTED)
// its_file_size includes size of sli_its_encrypted_blob_t struct
- blob = (sli_its_encrypted_blob_t*)mbedtls_calloc(1, its_file_size);
+ blob = (sli_its_encrypted_blob_t *)mbedtls_calloc(1, its_file_size);
if (blob == NULL) {
psa_status = PSA_ERROR_INSUFFICIENT_MEMORY;
goto exit;
}
memset(blob, 0, its_file_size);
- status = nvm3_readPartialData(nvm3_defaultHandle,
- nvm3_object_id,
- blob,
- its_file_offset,
- its_file_size);
+ status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, blob,
+ its_file_offset, its_file_size);
if (status != ECODE_NVM3_OK) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
goto exit;
}
// Decrypt and authenticate blob
- psa_status = sli_decrypt_its_file(&its_file_meta,
- blob,
- its_file_size,
- blob->data,
- its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD,
- &plaintext_length);
+ psa_status = sli_decrypt_its_file(
+ &its_file_meta, blob, its_file_size, blob->data,
+ its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD, &plaintext_length);
if (psa_status != PSA_SUCCESS) {
goto exit;
}
- if (plaintext_length != (its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
+ if (plaintext_length !=
+ (its_file_size - SLI_ITS_ENCRYPTED_BLOB_SIZE_OVERHEAD)) {
psa_status = PSA_ERROR_INVALID_SIGNATURE;
goto exit;
}
- // Verify that the requested UID is equal to the retrieved and authenticated UID
+ // Verify that the requested UID is equal to the retrieved and authenticated
+ // UID
if (uid != its_file_meta.uid) {
psa_status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
@@ -3063,15 +3017,17 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
}
psa_status = PSA_SUCCESS;
- exit:
+exit:
if (blob != NULL) {
memset(blob, 0, its_file_size);
mbedtls_free(blob);
}
sli_its_release_mutex();
#else
- // If no encryption is used, just read out the data and write it directly to the output buffer
- status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, p_data, its_file_offset + data_offset, *p_data_length);
+ // If no encryption is used, just read out the data and write it directly to
+ // the output buffer
+ status = nvm3_readPartialData(nvm3_defaultHandle, nvm3_object_id, p_data,
+ its_file_offset + data_offset, *p_data_length);
if (status != ECODE_NVM3_OK) {
psa_status = PSA_ERROR_STORAGE_FAILURE;
@@ -3079,7 +3035,7 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
psa_status = PSA_SUCCESS;
}
- exit:
+exit:
sli_its_release_mutex();
#endif
@@ -3090,32 +3046,36 @@ psa_status_t psa_its_get(psa_storage_uid_t uid,
* \brief Retrieve the metadata about the provided uid
*
* \param[in] uid The uid value
- * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
+ * \param[out] p_info A pointer to the `psa_storage_info_t` struct that
+ * will be populated with the metadata
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
- * is invalid, for example is `NULL` or references memory the caller cannot access
- * \retval PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of the stored metadata failed.
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_DOES_NOT_EXIST The operation failed
+ * because the provided uid value was not found in the storage \retval
+ * PSA_ERROR_STORAGE_FAILURE The operation failed because the physical
+ * storage has failed (Fatal error) \retval PSA_ERROR_INVALID_ARGUMENT The
+ * operation failed because one of the provided pointers(`p_info`) is invalid,
+ * for example is `NULL` or references memory the caller cannot access \retval
+ * PSA_ERROR_INVALID_SIGANTURE The operation failed because authentication of
+ * the stored metadata failed.
*/
psa_status_t psa_its_get_info(psa_storage_uid_t uid,
- struct psa_storage_info_t *p_info)
-{
+ struct psa_storage_info_t *p_info) {
if (p_info == NULL) {
return PSA_ERROR_INVALID_ARGUMENT;
}
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_size = 0;
size_t its_file_offset = 0;
nvm3_ObjectKey_t nvm3_object_id;
sli_its_acquire_mutex();
- psa_status = find_nvm3_id(uid, false, &its_file_meta, &its_file_offset, &its_file_size, &nvm3_object_id);
+ psa_status = find_nvm3_id(uid, false, &its_file_meta, &its_file_offset,
+ &its_file_size, &nvm3_object_id);
if (psa_status != PSA_SUCCESS) {
sli_its_release_mutex();
return psa_status;
@@ -3139,22 +3099,25 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid,
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
- * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_FLAG_WRITE_ONCE
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval PSA_SUCCESS The operation completed
+ * successfully \retval PSA_ERROR_DOES_NOT_EXIST The operation failed
+ * because the provided key value was not found in the storage \retval
+ * PSA_ERROR_NOT_PERMITTED The operation failed because the provided key
+ * value was created with PSA_STORAGE_FLAG_WRITE_ONCE \retval
+ * PSA_ERROR_STORAGE_FAILURE The operation failed because the physical
+ * storage has failed (Fatal error)
*/
-psa_status_t psa_its_remove(psa_storage_uid_t uid)
-{
+psa_status_t psa_its_remove(psa_storage_uid_t uid) {
psa_status_t psa_status = PSA_ERROR_CORRUPTION_DETECTED;
Ecode_t status;
- sli_its_file_meta_v2_t its_file_meta = { 0 };
+ sli_its_file_meta_v2_t its_file_meta = {0};
size_t its_file_size = 0;
size_t its_file_offset = 0;
nvm3_ObjectKey_t nvm3_object_id;
sli_its_acquire_mutex();
- psa_status = find_nvm3_id(uid, false, &its_file_meta, &its_file_offset, &its_file_size, &nvm3_object_id);
+ psa_status = find_nvm3_id(uid, false, &its_file_meta, &its_file_offset,
+ &its_file_size, &nvm3_object_id);
if (psa_status != PSA_SUCCESS) {
goto exit;
}
@@ -3162,7 +3125,7 @@ psa_status_t psa_its_remove(psa_storage_uid_t uid)
#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
|| (its_file_meta.flags == PSA_STORAGE_FLAG_WRITE_ONCE_SECURE_ACCESSIBLE)
#endif
- ) {
+ ) {
psa_status = PSA_ERROR_NOT_PERMITTED;
goto exit;
}
@@ -3177,7 +3140,7 @@ psa_status_t psa_its_remove(psa_storage_uid_t uid)
psa_status = PSA_ERROR_STORAGE_FAILURE;
}
- exit:
+exit:
sli_its_release_mutex();
return psa_status;
}
@@ -3185,15 +3148,15 @@ psa_status_t psa_its_remove(psa_storage_uid_t uid)
// -------------------------------------
// Silicon Labs extensions
-static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key)
-{
+static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key) {
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
/* Encode the owner in the upper 32 bits. This means that if
* owner values are nonzero (as they are on a PSA platform),
* no key file will ever have a value less than 0x100000000, so
* the whole range 0..0xffffffff is available for non-key files. */
uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key);
- return ((uint64_t) unsigned_owner_id << 32) | MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);
+ return ((uint64_t)unsigned_owner_id << 32) |
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);
#else
/* Use the key id directly as a file name.
* psa_is_key_id_valid() in psa_crypto_slot_management.c
@@ -3204,8 +3167,7 @@ static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key)
}
psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
- mbedtls_svc_key_id_t new_id)
-{
+ mbedtls_svc_key_id_t new_id) {
psa_storage_uid_t old_uid = psa_its_identifier_of_slot(old_id);
psa_storage_uid_t new_uid = psa_its_identifier_of_slot(new_id);
size_t its_file_size = 0;
@@ -3226,15 +3188,14 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
return PSA_ERROR_INSUFFICIENT_MEMORY;
}
// Read contents of pre-existing key into the temporary buffer
- status = psa_its_get(old_uid, 0, p_info.size, its_file_buffer,
- &its_file_size);
+ status =
+ psa_its_get(old_uid, 0, p_info.size, its_file_buffer, &its_file_size);
if (status != PSA_SUCCESS) {
goto exit;
}
- status = psa_its_set(new_uid, its_file_size, its_file_buffer,
- p_info.flags);
+ status = psa_its_set(new_uid, its_file_size, its_file_buffer, p_info.flags);
if (status != PSA_SUCCESS) {
goto exit;
@@ -3246,7 +3207,7 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
goto exit;
}
- exit:
+exit:
// Clear and free key buffer before return.
memset(its_file_buffer, 0, its_file_size);
mbedtls_free(its_file_buffer);
@@ -3256,8 +3217,7 @@ psa_status_t sli_psa_its_change_key_id(mbedtls_svc_key_id_t old_id,
/**
* \brief Check if the ITS encryption is enabled
*/
-psa_status_t sli_psa_its_encrypted(void)
-{
+psa_status_t sli_psa_its_encrypted(void) {
#if defined(SLI_PSA_ITS_ENCRYPTED)
return PSA_SUCCESS;
#else
@@ -3267,27 +3227,29 @@ psa_status_t sli_psa_its_encrypted(void)
#if defined(SLI_PSA_ITS_ENCRYPTED) && !defined(SEMAILBOX_PRESENT)
/**
- * \brief Set the root key to be used when deriving session keys for ITS encryption.
+ * \brief Set the root key to be used when deriving session keys for ITS
+ * encryption.
*
* \param[in] root_key Buffer containing the root key.
- * \param[in] root_key_size Size of the root key in bytes. Must be 32 (256 bits).
+ * \param[in] root_key_size Size of the root key in bytes. Must be 32 (256
+ * bits).
*
* \return A status indicating the success/failure of the operation
*
* \retval PSA_SUCCESS The key was successfully set.
- * \retval PSA_ERROR_INVALID_ARGUMENT The root key was NULL or had an invalid size.
- * \retval PSA_ERROR_ALREADY_EXISTS The root key has already been initialized.
+ * \retval PSA_ERROR_INVALID_ARGUMENT The root key was NULL or had an
+ * invalid size. \retval PSA_ERROR_ALREADY_EXISTS The root key has
+ * already been initialized.
*/
-psa_status_t sli_psa_its_set_root_key(uint8_t *root_key, size_t root_key_size)
-{
+psa_status_t sli_psa_its_set_root_key(uint8_t *root_key, size_t root_key_size) {
// Check that arguments are valid
if (root_key == NULL || root_key_size != sizeof(g_root_key.data)) {
return PSA_ERROR_INVALID_ARGUMENT;
}
// Check that the root key has not already been set
- // (This is possibly too restrictive. For TrustZone usage this can be enforced by
- // not exposing the function to NS instead.)
+ // (This is possibly too restrictive. For TrustZone usage this can be enforced
+ // by not exposing the function to NS instead.)
if (g_root_key.initialized) {
return PSA_ERROR_ALREADY_EXISTS;
}