AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #5396 from SiliconLabs/codegen_1.1

Browse Source 
Driver dispatch Codegen 1.1
This commit is contained in:
Gilles Peskine 2022-11-07 15:27:41 +01:00 committed by GitHub
commit 34c09469f3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 552 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog.d/psa_crypto_code_gen_1_1.txt Normal file
View File

@ -0,0 +1,6 @@
Features
* Brought in PSA code geneneration JSON driver list.
Added auto generated templating support for key management.
Added Support for transparent and opaque keys (import/export/copy).
Included some general JSON validation for the given entry points.
Addresses version 1.1 of #5137.

6
docs/proposed/psa-driver-developer-guide.md
View File

@ -36,6 +36,12 @@ A driver therefore consists of:
Mbed TLS calls driver entry points [as specified in the PSA Cryptography Driver Interface specification](psa-driver-interface.html#driver-entry-points) except as otherwise indicated in this section. Mbed TLS calls driver entry points [as specified in the PSA Cryptography Driver Interface specification](psa-driver-interface.html#driver-entry-points) except as otherwise indicated in this section.
## Mbed TLS extensions
The driver description can include Mbed TLS extensions (marked by the namespace "mbedtls"). Mbed TLS extensions are meant to extend/help integrating the driver into the library's infrastructure.
* `"mbedtls/h_condition"` (optional, string) can include complex preprocessor definitions to conditionally include header files for a given driver.
* `"mbedtls/c_condition"` (optional, string) can include complex preprocessor definitions to conditionally enable dispatch capabilities for a driver.
## Building and testing your driver ## Building and testing your driver
<!-- TODO --> <!-- TODO -->

18
docs/proposed/psa-driver-wrappers-codegen-migration-guide.md
View File

@ -13,20 +13,28 @@ During the process of implementation there might be minor variations wrt version
## Prerequisites ## Prerequisites
Python3 and Jinja2 rev 2.10.1 Python3, Jinja2 rev 2.10.1 and jsonschema rev 3.2.0
## Feature Version ## Feature Version
1.0 1.1
### What's critical for a migrating user ### What's critical for a migrating user
The Driver Wrapper auto generation project is designed to use a python templating library ( Jinja2 ) to render templates based on drivers that are defined using a Driver description JSON file(s). The Driver Wrapper auto generation project is designed to use a python templating library ( Jinja2 ) to render templates based on drivers that are defined using a Driver description JSON file(s).
While that is the larger goal, for version 1.0 here's what's changed While that is the larger goal, for version 1.1 here's what's changed
#### What's changed #### What's changed
(1) psa_crypto_driver_wrappers.c will from this point on be auto generated. (1) psa_crypto_driver_wrappers.c will from this point on be auto generated.
(2) The auto generation is based on the template file at scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja. (2) The auto generation is based on the template file at **scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja**.
(3) So while all driver wrapper templating support is yet to come in, the library user will need to patch into the template file as needed, this could be read as replacing the template file with the current psa_crypto_driver_wrappers.c file maintained by the library user. (3) The driver JSONS to be used for generating the psa_crypto_driver_wrappers.c file can be found at **scripts/data_files/driver_jsons/** as their default location, this path includes the schemas against which the driver schemas will be validated (driver_opaque_schema.json, driver_transparent_schema.json) and a driverlist.json which specifies the drivers to be considered and the order in which they want to be called into. The default location for driverlist.json and driver JSONS can be overloaded by passing an argument --json-dir while running the script generate_driver_wrappers.py.
(4) While the complete driver wrapper templating support is yet to come in, if the library user sees a need to patch psa_crypto_driver_wrappers.c file, the user will need to patch into the template file as needed (psa_crypto_driver_wrappers.c.jinja).
#### How to set your driver up
Please refer to psa-driver-interface.md for information on how a driver schema can be written.
One can also refer to the example test drivers/ JSON schemas under **scripts/data_files/driver_jsons/**.
The JSON file 'driverlist.json' is meant to be edited by the user to reflect the drivers one wants to use on a device. The order in which the drivers are passed is also essential if/when there are multiple transparent drivers on a given system to retain the same order in the templating.

71
scripts/data_files/driver_jsons/driver_opaque_schema.json Normal file
View File

@ -0,0 +1,71 @@
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"_comment": {
"type": "string"
},
"prefix": {
"type": "string",
"pattern": "^[A-Z_a-z][0-9A-Z_a-z]*$"
},
"type": {
"type": "string",
"const": ["opaque"]
},
"location": {
"type": ["integer","string"],
"pattern": "^(0x|0X)?[a-fA-F0-9]+$"
},
"mbedtls/h_condition": {
"type": "string"
},
"headers": {
"type": "array",
"items": {
"type": "string"
},
"default": []
},
"capabilities": {
"type": "array",
"items": [
{
"type": "object",
"properties": {
"_comment": {
"type": "string"
},
"mbedtls/c_condition": {
"type": "string"
},
"entry_points": {
"type": "array",
"items": {
"type": "string"
}
},
"names": {
"type": "object",
"patternProperties": {
"^[A-Z_a-z][0-9A-Z_a-z]*$": {
"type": "string",
"pattern": "^[A-Z_a-z][0-9A-Z_a-z]*$"
}
}
}
},
"required": [
"entry_points"
]
}
]
}
},
"required": [
"prefix",
"type",
"location",
"capabilities"
]
}

70
scripts/data_files/driver_jsons/driver_transparent_schema.json Normal file
View File

@ -0,0 +1,70 @@
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"_comment": {
"type": "string"
},
"prefix": {
"type": "string",
"pattern": "^[A-Z_a-z][0-9A-Z_a-z]*$"
},
"type": {
"type": "string",
"const": ["transparent"]
},
"mbedtls/h_condition": {
"type": "string"
},
"headers": {
"type": "array",
"items": {
"type": "string"
},
"default": []
},
"capabilities": {
"type": "array",
"items": [
{
"type": "object",
"properties": {
"_comment": {
"type": "string"
},
"mbedtls/c_condition": {
"type": "string"
},
"entry_points": {
"type": "array",
"items": {
"type": "string"
}
},
"names": {
"type": "object",
"patternProperties": {
"^[A-Z_a-z][0-9A-Z_a-z]*$": {
"type": "string",
"pattern": "^[A-Z_a-z][0-9A-Z_a-z]*$"
}
}
},
"fallback": {
"type": "boolean",
"default": "false"
}
},
"required": [
"entry_points"
]
}
]
}
},
"required": [
"prefix",
"type",
"capabilities"
]
}

1
scripts/data_files/driver_jsons/driverlist.json Normal file
View File

@ -0,0 +1 @@
["mbedtls_test_opaque_driver.json","mbedtls_test_transparent_driver.json"]

20
scripts/data_files/driver_jsons/mbedtls_test_opaque_driver.json Normal file
View File

@ -0,0 +1,20 @@
{
"prefix": "mbedtls_test",
"type": "opaque",
"location": "0x7fffff",
"mbedtls/h_condition": "defined(PSA_CRYPTO_DRIVER_TEST)",
"headers": ["test/drivers/test_driver.h"],
"capabilities": [
{
"_comment": "The Mbed TLS opaque driver supports import key/export key/export_public key",
"mbedtls/c_condition": "defined(PSA_CRYPTO_DRIVER_TEST)",
"entry_points": ["import_key", "export_key", "export_public_key"]
},
{
"_comment": "The Mbed TLS opaque driver supports copy key/ get builtin key",
"mbedtls/c_condition": "defined(PSA_CRYPTO_DRIVER_TEST)",
"entry_points": ["copy_key", "get_builtin_key"],
"names": {"copy_key":"mbedtls_test_opaque_copy_key", "get_builtin_key":"mbedtls_test_opaque_get_builtin_key"}
}
]
}

22
scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json Normal file
View File

@ -0,0 +1,22 @@
{
"prefix": "mbedtls_test",
"type": "transparent",
"mbedtls/h_condition": "defined(PSA_CRYPTO_DRIVER_TEST)",
"headers": ["test/drivers/test_driver.h"],
"capabilities": [
{
"_comment": "The Mbed TLS transparent driver supports import key/export key",
"mbedtls/c_condition": "defined(PSA_CRYPTO_DRIVER_TEST)",
"entry_points": ["import_key", "export_key"],
"fallback": true
},
{
"_comment": "The Mbed TLS transparent driver supports export_public key",
"mbedtls/c_condition": "defined(PSA_CRYPTO_DRIVER_TEST)",
"entry_points": ["export_public_key"],
"fallback": true,
"names": {"export_public_key":"mbedtls_test_transparent_export_public_key"}
}
]
}

17
scripts/data_files/driver_templates/OS-template-opaque.jinja Normal file
View File

@ -0,0 +1,17 @@
{# One Shot function's dispatch code for opaque drivers.
Expected inputs:
* drivers: the list of driver descriptions.
* entry_point: the name of the entry point that this function dispatches to.
* entry_point_param(driver): the parameters to pass to the entry point.
* nest_indent: number of extra spaces to indent the code to.
-#}
{% for driver in drivers if driver.type == "opaque" -%}
{% for capability in driver.capabilities if entry_point in capability.entry_points -%}
#if ({% if capability['mbedtls/c_condition'] is defined -%}{{ capability['mbedtls/c_condition'] }} {% else -%} {{ 1 }} {% endif %})
{%- filter indent(width = nest_indent) %}
case {{ driver.location }}:
return( {{ entry_point_name(capability, entry_point, driver) }}({{entry_point_param(driver) | indent(20)}}));
{% endfilter -%}
#endif
{% endfor %}
{% endfor %}

19
scripts/data_files/driver_templates/OS-template-transparent.jinja Normal file
View File

@ -0,0 +1,19 @@
{# One Shot function's dispatch code for transparent drivers.
Expected inputs:
* drivers: the list of driver descriptions.
* entry_point: the name of the entry point that this function dispatches to.
* entry_point_param(driver): the parameters to pass to the entry point.
* nest_indent: number of extra spaces to indent the code to.
-#}
{% for driver in drivers if driver.type == "transparent" -%}
{% for capability in driver.capabilities if entry_point in capability.entry_points -%}
#if ({% if capability['mbedtls/c_condition'] is defined -%}{{ capability['mbedtls/c_condition'] }} {% else -%} {{ 1 }} {% endif %})
{%- filter indent(width = nest_indent) %}
status = {{ entry_point_name(capability, entry_point, driver) }}({{entry_point_param(driver) | indent(20)}});
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
{% endfilter -%}
#endif
{% endfor %}
{% endfor %}

260
scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
View File

@ -1,7 +1,7 @@
/* /*
* Functions to delegate cryptographic operations to an available * Functions to delegate cryptographic operations to an available
* and appropriate accelerator. * and appropriate accelerator.
* Warning: This file will be auto-generated in the future. * Warning: This file is now auto-generated.
*/ */
/* Copyright The Mbed TLS Contributors /* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
@ -19,6 +19,8 @@
* limitations under the License. * limitations under the License.
*/ */
/* BEGIN-common headers */
#include "common.h" #include "common.h"
#include "psa_crypto_aead.h" #include "psa_crypto_aead.h"
#include "psa_crypto_cipher.h" #include "psa_crypto_cipher.h"
@ -29,34 +31,46 @@
#include "psa_crypto_rsa.h" #include "psa_crypto_rsa.h"
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
/* END-common headers */
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_PSA_CRYPTO_C)
/* BEGIN-driver headers */
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
{% for driver in drivers -%}
/* Include test driver definition when running tests */ /* Headers for {{driver.prefix}} {{driver.type}} driver */
#if defined(PSA_CRYPTO_DRIVER_TEST) {% if driver['mbedtls/h_condition'] is defined -%}
#ifndef PSA_CRYPTO_DRIVER_PRESENT #if {{ driver['mbedtls/h_condition'] }}
#define PSA_CRYPTO_DRIVER_PRESENT {% endif -%}
{% for header in driver.headers -%}
#include "{{ header }}"
{% endfor %}
{% if driver['mbedtls/h_condition'] is defined -%}
#endif #endif
#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT {% endif -%}
#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT {% endfor %}
#endif
#include "test/drivers/test_driver.h"
#endif /* PSA_CRYPTO_DRIVER_TEST */
/* Repeat above block for each JSON-declared driver during autogeneration */
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
/* END-driver headers */
/* Auto-generated values depending on which drivers are registered. /* Auto-generated values depending on which drivers are registered.
* ID 0 is reserved for unallocated operations. * ID 0 is reserved for unallocated operations.
* ID 1 is reserved for the Mbed TLS software driver. */ * ID 1 is reserved for the Mbed TLS software driver. */
/* BEGIN-driver id definition */
#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) #define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1)
{% for driver in drivers -%}
#define {{(driver.prefix + "_" + driver.type + "_driver_id").upper()}} ({{ loop.index + 1 }})
{% endfor %}
/* END-driver id */
#if defined(PSA_CRYPTO_DRIVER_TEST) /* BEGIN-Common Macro definitions */
#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2) {% macro entry_point_name(capability, entry_point, driver) -%}
#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3) {% if capability.name is defined and entry_point in capability.names.keys() -%}
#endif /* PSA_CRYPTO_DRIVER_TEST */ {{ capability.names[entry_point]}}
{% else -%}
{{driver.prefix}}_{{driver.type}}_{{entry_point}}
{% endif -%}
{% endmacro %}
/* END-Common Macro definitions */
/* Support the 'old' SE interface when asked to */ /* Support the 'old' SE interface when asked to */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@ -592,6 +606,16 @@ psa_status_t psa_driver_wrapper_import_key(
size_t *key_buffer_length, size_t *key_buffer_length,
size_t *bits ) size_t *bits )
{ {
{% with entry_point = "import_key" -%}
{% macro entry_point_param(driver) -%}
attributes,
data,
data_length,
key_buffer,
key_buffer_size,
key_buffer_length,
bits
{% endmacro %}
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
psa_get_key_lifetime( attributes ) ); psa_get_key_lifetime( attributes ) );
@ -631,17 +655,11 @@ psa_status_t psa_driver_wrapper_import_key(
/* Key is stored in the slot in export representation, so /* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */ * cycle through all known transparent accelerators */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) {% with nest_indent=12 %}
status = mbedtls_test_transparent_import_key( {% include "OS-template-transparent.jinja" -%}
attributes, {% endwith -%}
data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */ /* Fell through, meaning no accelerator supports this operation */
return( psa_import_key_into_slot( attributes, return( psa_import_key_into_slot( attributes,
data, data_length, data, data_length,
@ -649,20 +667,15 @@ psa_status_t psa_driver_wrapper_import_key(
key_buffer_length, bits ) ); key_buffer_length, bits ) );
/* Add cases for opaque driver here */ /* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) {% with nest_indent=8 %}
case PSA_CRYPTO_TEST_DRIVER_LOCATION: {% include "OS-template-opaque.jinja" -%}
return( mbedtls_test_opaque_import_key( {% endwith -%}
attributes,
data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default: default:
(void)status; (void)status;
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
} }
{% endwith %}
} }
psa_status_t psa_driver_wrapper_export_key( psa_status_t psa_driver_wrapper_export_key(
@ -671,6 +684,15 @@ psa_status_t psa_driver_wrapper_export_key(
uint8_t *data, size_t data_size, size_t *data_length ) uint8_t *data, size_t data_size, size_t *data_length )
{ {
{% with entry_point = "export_key" -%}
{% macro entry_point_param(driver) -%}
attributes,
key_buffer,
key_buffer_size,
data,
data_size,
data_length
{% endmacro %}
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
psa_get_key_lifetime( attributes ) ); psa_get_key_lifetime( attributes ) );
@ -707,20 +729,15 @@ psa_status_t psa_driver_wrapper_export_key(
/* Add cases for opaque driver here */ /* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) {% with nest_indent=8 %}
case PSA_CRYPTO_TEST_DRIVER_LOCATION: {% include "OS-template-opaque.jinja" -%}
return( mbedtls_test_opaque_export_key( attributes, {% endwith -%}
key_buffer,
key_buffer_size,
data,
data_size,
data_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default: default:
/* Key is declared with a lifetime not known to us */ /* Key is declared with a lifetime not known to us */
return( status ); return( status );
} }
{% endwith %}
} }
psa_status_t psa_driver_wrapper_export_public_key( psa_status_t psa_driver_wrapper_export_public_key(
@ -729,6 +746,15 @@ psa_status_t psa_driver_wrapper_export_public_key(
uint8_t *data, size_t data_size, size_t *data_length ) uint8_t *data, size_t data_size, size_t *data_length )
{ {
{% with entry_point = "export_public_key" -%}
{% macro entry_point_param(driver) -%}
attributes,
key_buffer,
key_buffer_size,
data,
data_size,
data_length
{% endmacro %}
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
psa_get_key_lifetime( attributes ) ); psa_get_key_lifetime( attributes ) );
@ -759,18 +785,9 @@ psa_status_t psa_driver_wrapper_export_public_key(
/* Key is stored in the slot in export representation, so /* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */ * cycle through all known transparent accelerators */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) {% with nest_indent=12 %}
status = mbedtls_test_transparent_export_public_key( {% include "OS-template-transparent.jinja" -%}
attributes, {% endwith -%}
key_buffer,
key_buffer_size,
data,
data_size,
data_length );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */ /* Fell through, meaning no accelerator supports this operation */
return( psa_export_public_key_internal( attributes, return( psa_export_public_key_internal( attributes,
@ -782,20 +799,15 @@ psa_status_t psa_driver_wrapper_export_public_key(
/* Add cases for opaque driver here */ /* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) {% with nest_indent=8 %}
case PSA_CRYPTO_TEST_DRIVER_LOCATION: {% include "OS-template-opaque.jinja" -%}
return( mbedtls_test_opaque_export_public_key( attributes, {% endwith -%}
key_buffer,
key_buffer_size,
data,
data_size,
data_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default: default:
/* Key is declared with a lifetime not known to us */ /* Key is declared with a lifetime not known to us */
return( status ); return( status );
} }
{% endwith %}
} }
psa_status_t psa_driver_wrapper_get_builtin_key( psa_status_t psa_driver_wrapper_get_builtin_key(
@ -803,15 +815,21 @@ psa_status_t psa_driver_wrapper_get_builtin_key(
psa_key_attributes_t *attributes, psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{ {
{% with entry_point = "get_builtin_key" -%}
{% macro entry_point_param(driver) -%}
slot_number,
attributes,
key_buffer,
key_buffer_size,
key_buffer_length
{% endmacro %}
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location ) switch( location )
{ {
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LOCATION: {% with nest_indent=8 %}
return( mbedtls_test_opaque_get_builtin_key( {% include "OS-template-opaque.jinja" -%}
slot_number, {% endwith -%}
attributes,
key_buffer, key_buffer_size, key_buffer_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
default: default:
(void) slot_number; (void) slot_number;
@ -820,6 +838,7 @@ psa_status_t psa_driver_wrapper_get_builtin_key(
(void) key_buffer_length; (void) key_buffer_length;
return( PSA_ERROR_DOES_NOT_EXIST ); return( PSA_ERROR_DOES_NOT_EXIST );
} }
{% endwith %}
} }
psa_status_t psa_driver_wrapper_copy_key( psa_status_t psa_driver_wrapper_copy_key(
@ -828,6 +847,15 @@ psa_status_t psa_driver_wrapper_copy_key(
uint8_t *target_key_buffer, size_t target_key_buffer_size, uint8_t *target_key_buffer, size_t target_key_buffer_size,
size_t *target_key_buffer_length ) size_t *target_key_buffer_length )
{ {
{% with entry_point = "copy_key" -%}
{% macro entry_point_param(driver) -%}
attributes,
source_key,
source_key_length,
target_key_buffer,
target_key_buffer_size,
target_key_buffer_length
{% endmacro %}
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_location_t location = psa_key_location_t location =
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
@ -846,14 +874,9 @@ psa_status_t psa_driver_wrapper_copy_key(
switch( location ) switch( location )
{ {
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) {% with nest_indent=8 %}
case PSA_CRYPTO_TEST_DRIVER_LOCATION: {% include "OS-template-opaque.jinja" -%}
return( mbedtls_test_opaque_copy_key( attributes, source_key, {% endwith -%}
source_key_length,
target_key_buffer,
target_key_buffer_size,
target_key_buffer_length) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default: default:
(void)source_key; (void)source_key;
@ -864,6 +887,7 @@ psa_status_t psa_driver_wrapper_copy_key(
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
} }
return( status ); return( status );
{% endwith %}
} }
/* /*
@ -1068,7 +1092,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
alg ); alg );
/* Declared with fallback == true */ /* Declared with fallback == true */
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
if( status != PSA_ERROR_NOT_SUPPORTED ) if( status != PSA_ERROR_NOT_SUPPORTED )
return( status ); return( status );
@ -1100,7 +1124,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
alg ); alg );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
return( status ); return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
@ -1141,7 +1165,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
alg ); alg );
/* Declared with fallback == true */ /* Declared with fallback == true */
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
if( status != PSA_ERROR_NOT_SUPPORTED ) if( status != PSA_ERROR_NOT_SUPPORTED )
return( status ); return( status );
@ -1172,7 +1196,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
alg ); alg );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
return( status ); return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
@ -1204,12 +1228,12 @@ psa_status_t psa_driver_wrapper_cipher_set_iv(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_cipher_set_iv( return( mbedtls_test_transparent_cipher_set_iv(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
iv, iv_length ) ); iv, iv_length ) );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
return( mbedtls_test_opaque_cipher_set_iv( return( mbedtls_test_opaque_cipher_set_iv(
&operation->ctx.opaque_test_driver_ctx, &operation->ctx.opaque_test_driver_ctx,
iv, iv_length ) ); iv, iv_length ) );
@ -1245,13 +1269,13 @@ psa_status_t psa_driver_wrapper_cipher_update(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_cipher_update( return( mbedtls_test_transparent_cipher_update(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
input, input_length, input, input_length,
output, output_size, output_length ) ); output, output_size, output_length ) );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
return( mbedtls_test_opaque_cipher_update( return( mbedtls_test_opaque_cipher_update(
&operation->ctx.opaque_test_driver_ctx, &operation->ctx.opaque_test_driver_ctx,
input, input_length, input, input_length,
@ -1287,12 +1311,12 @@ psa_status_t psa_driver_wrapper_cipher_finish(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_cipher_finish( return( mbedtls_test_transparent_cipher_finish(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
output, output_size, output_length ) ); output, output_size, output_length ) );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
return( mbedtls_test_opaque_cipher_finish( return( mbedtls_test_opaque_cipher_finish(
&operation->ctx.opaque_test_driver_ctx, &operation->ctx.opaque_test_driver_ctx,
output, output_size, output_length ) ); output, output_size, output_length ) );
@ -1321,7 +1345,7 @@ psa_status_t psa_driver_wrapper_cipher_abort(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
status = mbedtls_test_transparent_cipher_abort( status = mbedtls_test_transparent_cipher_abort(
&operation->ctx.transparent_test_driver_ctx ); &operation->ctx.transparent_test_driver_ctx );
mbedtls_platform_zeroize( mbedtls_platform_zeroize(
@ -1329,7 +1353,7 @@ psa_status_t psa_driver_wrapper_cipher_abort(
sizeof( operation->ctx.transparent_test_driver_ctx ) ); sizeof( operation->ctx.transparent_test_driver_ctx ) );
return( status ); return( status );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
status = mbedtls_test_opaque_cipher_abort( status = mbedtls_test_opaque_cipher_abort(
&operation->ctx.opaque_test_driver_ctx ); &operation->ctx.opaque_test_driver_ctx );
mbedtls_platform_zeroize( mbedtls_platform_zeroize(
@ -1394,7 +1418,7 @@ psa_status_t psa_driver_wrapper_hash_setup(
status = mbedtls_test_transparent_hash_setup( status = mbedtls_test_transparent_hash_setup(
&operation->ctx.test_driver_ctx, alg ); &operation->ctx.test_driver_ctx, alg );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
if( status != PSA_ERROR_NOT_SUPPORTED ) if( status != PSA_ERROR_NOT_SUPPORTED )
return( status ); return( status );
@ -1429,8 +1453,8 @@ psa_status_t psa_driver_wrapper_hash_clone(
&target_operation->ctx.mbedtls_ctx ) ); &target_operation->ctx.mbedtls_ctx ) );
#endif #endif
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; target_operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
return( mbedtls_test_transparent_hash_clone( return( mbedtls_test_transparent_hash_clone(
&source_operation->ctx.test_driver_ctx, &source_operation->ctx.test_driver_ctx,
&target_operation->ctx.test_driver_ctx ) ); &target_operation->ctx.test_driver_ctx ) );
@ -1454,7 +1478,7 @@ psa_status_t psa_driver_wrapper_hash_update(
input, input_length ) ); input, input_length ) );
#endif #endif
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_hash_update( return( mbedtls_test_transparent_hash_update(
&operation->ctx.test_driver_ctx, &operation->ctx.test_driver_ctx,
input, input_length ) ); input, input_length ) );
@ -1480,7 +1504,7 @@ psa_status_t psa_driver_wrapper_hash_finish(
hash, hash_size, hash_length ) ); hash, hash_size, hash_length ) );
#endif #endif
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_hash_finish( return( mbedtls_test_transparent_hash_finish(
&operation->ctx.test_driver_ctx, &operation->ctx.test_driver_ctx,
hash, hash_size, hash_length ) ); hash, hash_size, hash_length ) );
@ -1503,7 +1527,7 @@ psa_status_t psa_driver_wrapper_hash_abort(
return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) );
#endif #endif
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_hash_abort( return( mbedtls_test_transparent_hash_abort(
&operation->ctx.test_driver_ctx ) ); &operation->ctx.test_driver_ctx ) );
#endif #endif
@ -1634,7 +1658,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt_setup(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
status = mbedtls_test_transparent_aead_encrypt_setup( status = mbedtls_test_transparent_aead_encrypt_setup(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
attributes, key_buffer, key_buffer_size, attributes, key_buffer, key_buffer_size,
@ -1682,7 +1706,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt_setup(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
status = mbedtls_test_transparent_aead_decrypt_setup( status = mbedtls_test_transparent_aead_decrypt_setup(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
attributes, attributes,
@ -1731,7 +1755,7 @@ psa_status_t psa_driver_wrapper_aead_set_nonce(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_aead_set_nonce( return( mbedtls_test_transparent_aead_set_nonce(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
nonce, nonce_length ) ); nonce, nonce_length ) );
@ -1765,7 +1789,7 @@ psa_status_t psa_driver_wrapper_aead_set_lengths(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_aead_set_lengths( return( mbedtls_test_transparent_aead_set_lengths(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
ad_length, plaintext_length ) ); ad_length, plaintext_length ) );
@ -1799,7 +1823,7 @@ psa_status_t psa_driver_wrapper_aead_update_ad(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_aead_update_ad( return( mbedtls_test_transparent_aead_update_ad(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
input, input_length ) ); input, input_length ) );
@ -1837,7 +1861,7 @@ psa_status_t psa_driver_wrapper_aead_update(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_aead_update( return( mbedtls_test_transparent_aead_update(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
input, input_length, output, output_size, input, input_length, output, output_size,
@ -1881,7 +1905,7 @@ psa_status_t psa_driver_wrapper_aead_finish(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_aead_finish( return( mbedtls_test_transparent_aead_finish(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
ciphertext, ciphertext_size, ciphertext, ciphertext_size,
@ -1945,7 +1969,7 @@ psa_status_t psa_driver_wrapper_aead_verify(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_aead_verify( return( mbedtls_test_transparent_aead_verify(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
plaintext, plaintext_size, plaintext, plaintext_size,
@ -1979,7 +2003,7 @@ psa_status_t psa_driver_wrapper_aead_abort(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_aead_abort( return( mbedtls_test_transparent_aead_abort(
&operation->ctx.transparent_test_driver_ctx ) ); &operation->ctx.transparent_test_driver_ctx ) );
@ -2088,7 +2112,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup(
alg ); alg );
/* Declared with fallback == true */ /* Declared with fallback == true */
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
if( status != PSA_ERROR_NOT_SUPPORTED ) if( status != PSA_ERROR_NOT_SUPPORTED )
return( status ); return( status );
@ -2119,7 +2143,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup(
alg ); alg );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
return( status ); return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
@ -2160,7 +2184,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup(
alg ); alg );
/* Declared with fallback == true */ /* Declared with fallback == true */
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID;
if( status != PSA_ERROR_NOT_SUPPORTED ) if( status != PSA_ERROR_NOT_SUPPORTED )
return( status ); return( status );
@ -2191,7 +2215,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup(
alg ); alg );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; operation->id = MBEDTLS_TEST_OPAQUE_DRIVER_ID;
return( status ); return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
@ -2222,12 +2246,12 @@ psa_status_t psa_driver_wrapper_mac_update(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_mac_update( return( mbedtls_test_transparent_mac_update(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
input, input_length ) ); input, input_length ) );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
return( mbedtls_test_opaque_mac_update( return( mbedtls_test_opaque_mac_update(
&operation->ctx.opaque_test_driver_ctx, &operation->ctx.opaque_test_driver_ctx,
input, input_length ) ); input, input_length ) );
@ -2256,12 +2280,12 @@ psa_status_t psa_driver_wrapper_mac_sign_finish(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_mac_sign_finish( return( mbedtls_test_transparent_mac_sign_finish(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
mac, mac_size, mac_length ) ); mac, mac_size, mac_length ) );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
return( mbedtls_test_opaque_mac_sign_finish( return( mbedtls_test_opaque_mac_sign_finish(
&operation->ctx.opaque_test_driver_ctx, &operation->ctx.opaque_test_driver_ctx,
mac, mac_size, mac_length ) ); mac, mac_size, mac_length ) );
@ -2290,12 +2314,12 @@ psa_status_t psa_driver_wrapper_mac_verify_finish(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_mac_verify_finish( return( mbedtls_test_transparent_mac_verify_finish(
&operation->ctx.transparent_test_driver_ctx, &operation->ctx.transparent_test_driver_ctx,
mac, mac_length ) ); mac, mac_length ) );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
return( mbedtls_test_opaque_mac_verify_finish( return( mbedtls_test_opaque_mac_verify_finish(
&operation->ctx.opaque_test_driver_ctx, &operation->ctx.opaque_test_driver_ctx,
mac, mac_length ) ); mac, mac_length ) );
@ -2320,10 +2344,10 @@ psa_status_t psa_driver_wrapper_mac_abort(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID:
return( mbedtls_test_transparent_mac_abort( return( mbedtls_test_transparent_mac_abort(
&operation->ctx.transparent_test_driver_ctx ) ); &operation->ctx.transparent_test_driver_ctx ) );
case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: case MBEDTLS_TEST_OPAQUE_DRIVER_ID:
return( mbedtls_test_opaque_mac_abort( return( mbedtls_test_opaque_mac_abort(
&operation->ctx.opaque_test_driver_ctx ) ); &operation->ctx.opaque_test_driver_ctx ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */

3
scripts/driver.requirements.txt
View File

@ -15,4 +15,5 @@ Jinja2 >= 2.10.1; python_version < '3.10'
Jinja2 >= 2.10.3; python_version >= '3.10' Jinja2 >= 2.10.3; python_version >= '3.10'
# Jinja2 >=2.10, <3.0 needs a separate package for type annotations # Jinja2 >=2.10, <3.0 needs a separate package for type annotations
types-Jinja2 types-Jinja2
jsonschema >= 3.2.0
types-jsonschema

166
scripts/generate_driver_wrappers.py
View File

@ -22,54 +22,194 @@
import sys import sys
import os import os
import json
from typing import NewType, Dict, Any
from traceback import format_tb
import argparse import argparse
import jsonschema
import jinja2 import jinja2
from mbedtls_dev import build_tree from mbedtls_dev import build_tree
def render(template_path: str) -> str: JSONSchema = NewType('JSONSchema', object)
# The Driver is an Object, but practically it's indexable and can called a dictionary to
# keep MyPy happy till MyPy comes with a more composite type for JsonObjects.
Driver = NewType('Driver', dict)
class JsonValidationException(Exception):
def __init__(self, message="Json Validation Failed"):
self.message = message
super().__init__(self.message)
class DriverReaderException(Exception):
def __init__(self, message="Driver Reader Failed"):
self.message = message
super().__init__(self.message)
def render(template_path: str, driver_jsoncontext: list) -> str:
""" """
Render template from the input file. Render template from the input file and driver JSON.
""" """
environment = jinja2.Environment( environment = jinja2.Environment(
loader=jinja2.FileSystemLoader(os.path.dirname(template_path)), loader=jinja2.FileSystemLoader(os.path.dirname(template_path)),
keep_trailing_newline=True) keep_trailing_newline=True)
template = environment.get_template(os.path.basename(template_path)) template = environment.get_template(os.path.basename(template_path))
return template.render() return template.render(drivers=driver_jsoncontext)
def generate_driver_wrapper_file(mbedtls_root: str, output_dir: str) -> None:
def generate_driver_wrapper_file(template_dir: str,
output_dir: str,
driver_jsoncontext: list) -> None:
""" """
Generate the file psa_crypto_driver_wrapper.c. Generate the file psa_crypto_driver_wrapper.c.
""" """
driver_wrapper_template_filename = \ driver_wrapper_template_filename = \
os.path.join(mbedtls_root, \ os.path.join(template_dir, "psa_crypto_driver_wrappers.c.jinja")
"scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja")
result = render(driver_wrapper_template_filename) result = render(driver_wrapper_template_filename, driver_jsoncontext)
with open(os.path.join(output_dir, "psa_crypto_driver_wrappers.c"), 'w') as out_file: with open(file=os.path.join(output_dir, "psa_crypto_driver_wrappers.c"),
mode='w',
encoding='UTF-8') as out_file:
out_file.write(result) out_file.write(result)
def validate_json(driverjson_data: Driver, driverschema_list: dict) -> None:
"""
Validate the Driver JSON against an appropriate schema
the schema passed could be that matching an opaque/ transparent driver.
"""
driver_type = driverjson_data["type"]
driver_prefix = driverjson_data["prefix"]
try:
_schema = driverschema_list[driver_type]
jsonschema.validate(instance=driverjson_data, schema=_schema)
except KeyError as err:
# This could happen if the driverjson_data.type does not exist in the provided schema list
# schemas = {'transparent': transparent_driver_schema, 'opaque': opaque_driver_schema}
# Print onto stdout and stderr.
print("Unknown Driver type " + driver_type +
" for driver " + driver_prefix, str(err))
print("Unknown Driver type " + driver_type +
" for driver " + driver_prefix, str(err), file=sys.stderr)
raise JsonValidationException() from err
except jsonschema.exceptions.ValidationError as err:
# Print onto stdout and stderr.
print("Error: Failed to validate data file: {} using schema: {}."
"\n Exception Message: \"{}\""
" ".format(driverjson_data, _schema, str(err)))
print("Error: Failed to validate data file: {} using schema: {}."
"\n Exception Message: \"{}\""
" ".format(driverjson_data, _schema, str(err)), file=sys.stderr)
raise JsonValidationException() from err
def load_driver(schemas: Dict[str, Any], driver_file: str) -> Any:
"""loads validated json driver"""
with open(file=driver_file, mode='r', encoding='UTF-8') as f:
json_data = json.load(f)
try:
validate_json(json_data, schemas)
except JsonValidationException as e:
raise DriverReaderException from e
return json_data
def load_schemas(mbedtls_root: str) -> Dict[str, Any]:
"""
Load schemas map
"""
schema_file_paths = {
'transparent': os.path.join(mbedtls_root,
'scripts',
'data_files',
'driver_jsons',
'driver_transparent_schema.json'),
'opaque': os.path.join(mbedtls_root,
'scripts',
'data_files',
'driver_jsons',
'driver_opaque_schema.json')
}
driver_schema = {}
for key, file_path in schema_file_paths.items():
with open(file=file_path, mode='r', encoding='UTF-8') as file:
driver_schema[key] = json.load(file)
return driver_schema
def read_driver_descriptions(mbedtls_root: str,
json_directory: str,
jsondriver_list: str) -> list:
"""
Merge driver JSON files into a single ordered JSON after validation.
"""
driver_schema = load_schemas(mbedtls_root)
with open(file=os.path.join(json_directory, jsondriver_list),
mode='r',
encoding='UTF-8') as driver_list_file:
driver_list = json.load(driver_list_file)
return [load_driver(schemas=driver_schema,
driver_file=os.path.join(json_directory, driver_file_name))
for driver_file_name in driver_list]
def trace_exception(e: Exception, file=sys.stderr) -> None:
"""Prints exception trace to the given TextIO handle"""
print("Exception: type: %s, message: %s, trace: %s" % (
e.__class__, str(e), format_tb(e.__traceback__)
), file)
def main() -> int: def main() -> int:
""" """
Main with command line arguments. Main with command line arguments.
""" """
def_arg_mbedtls_root = build_tree.guess_mbedtls_root() def_arg_mbedtls_root = build_tree.guess_mbedtls_root()
def_arg_output_dir = os.path.join(def_arg_mbedtls_root, 'library')
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument('--mbedtls-root', nargs='?', default=def_arg_mbedtls_root, parser.add_argument('--mbedtls-root', default=def_arg_mbedtls_root,
help='root directory of mbedtls source code') help='root directory of mbedtls source code')
parser.add_argument('--template-dir',
help='directory holding the driver templates')
parser.add_argument('--json-dir',
help='directory holding the driver JSONs')
parser.add_argument('output_directory', nargs='?', parser.add_argument('output_directory', nargs='?',
default=def_arg_output_dir, help='output file\'s location') help='output file\'s location')
args = parser.parse_args() args = parser.parse_args()
mbedtls_root = os.path.abspath(args.mbedtls_root) mbedtls_root = os.path.abspath(args.mbedtls_root)
output_directory = args.output_directory
generate_driver_wrapper_file(mbedtls_root, output_directory) output_directory = args.output_directory if args.output_directory is not None else \
os.path.join(mbedtls_root, 'library')
template_directory = args.template_dir if args.template_dir is not None else \
os.path.join(mbedtls_root,
'scripts',
'data_files',
'driver_templates')
json_directory = args.json_dir if args.json_dir is not None else \
os.path.join(mbedtls_root,
'scripts',
'data_files',
'driver_jsons')
try:
# Read and validate list of driver jsons from driverlist.json
merged_driver_json = read_driver_descriptions(mbedtls_root,
json_directory,
'driverlist.json')
except DriverReaderException as e:
trace_exception(e)
return 1
generate_driver_wrapper_file(template_directory, output_directory, merged_driver_json)
return 0 return 0
if __name__ == '__main__': if __name__ == '__main__':
sys.exit(main()) sys.exit(main())

9
tests/include/test/drivers/test_driver.h
View File

@ -20,6 +20,14 @@
#ifndef PSA_CRYPTO_TEST_DRIVER_H #ifndef PSA_CRYPTO_TEST_DRIVER_H
#define PSA_CRYPTO_TEST_DRIVER_H #define PSA_CRYPTO_TEST_DRIVER_H
#if defined(PSA_CRYPTO_DRIVER_TEST)
#ifndef PSA_CRYPTO_DRIVER_PRESENT
#define PSA_CRYPTO_DRIVER_PRESENT
#endif
#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
#endif
#define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff #define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff
#include "test/drivers/aead.h" #include "test/drivers/aead.h"
@ -30,4 +38,5 @@
#include "test/drivers/signature.h" #include "test/drivers/signature.h"
#include "test/drivers/asymmetric_encryption.h" #include "test/drivers/asymmetric_encryption.h"
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVER_H */ #endif /* PSA_CRYPTO_TEST_DRIVER_H */

2
tests/scripts/check_names.py
View File

@ -278,7 +278,7 @@ class CodeParser():
"library/*.c", "library/*.c",
"3rdparty/everest/library/everest.c", "3rdparty/everest/library/everest.c",
"3rdparty/everest/library/x25519.c" "3rdparty/everest/library/x25519.c"
]) ], ["library/psa_crypto_driver_wrappers.c"])
symbols = self.parse_symbols() symbols = self.parse_symbols()
# Remove identifier macros like mbedtls_printf or mbedtls_calloc # Remove identifier macros like mbedtls_printf or mbedtls_calloc