@@ -72,53 +72,52 @@ static ATCAIfaceCfg atca_iface_config = {
7272
7373psa_status_t atecc608a_to_psa_error (ATCA_STATUS ret )
7474{
75- switch (ret )
76- {
77- case ATCA_SUCCESS :
78- case ATCA_RX_NO_RESPONSE :
79- case ATCA_WAKE_SUCCESS :
80- return PSA_SUCCESS ;
81- case ATCA_BAD_PARAM :
82- case ATCA_INVALID_ID :
83- return PSA_ERROR_INVALID_ARGUMENT ;
84- case ATCA_ASSERT_FAILURE :
85- return PSA_ERROR_TAMPERING_DETECTED ;
86- case ATCA_SMALL_BUFFER :
87- return PSA_ERROR_BUFFER_TOO_SMALL ;
88- case ATCA_RX_CRC_ERROR :
89- case ATCA_RX_FAIL :
90- case ATCA_STATUS_CRC :
91- case ATCA_RESYNC_WITH_WAKEUP :
92- case ATCA_PARITY_ERROR :
93- case ATCA_TX_TIMEOUT :
94- case ATCA_RX_TIMEOUT :
95- case ATCA_TOO_MANY_COMM_RETRIES :
96- case ATCA_COMM_FAIL :
97- case ATCA_TIMEOUT :
98- case ATCA_TX_FAIL :
99- case ATCA_NO_DEVICES :
100- return PSA_ERROR_COMMUNICATION_FAILURE ;
101- case ATCA_UNIMPLEMENTED :
102- return PSA_ERROR_NOT_SUPPORTED ;
103- case ATCA_ALLOC_FAILURE :
104- return PSA_ERROR_INSUFFICIENT_MEMORY ;
105- case ATCA_BAD_OPCODE :
106- case ATCA_CONFIG_ZONE_LOCKED :
107- case ATCA_DATA_ZONE_LOCKED :
108- case ATCA_NOT_LOCKED :
109- case ATCA_WAKE_FAILED :
110- case ATCA_STATUS_UNKNOWN :
111- case ATCA_STATUS_ECC :
112- case ATCA_STATUS_SELFTEST_ERROR :
113- case ATCA_CHECKMAC_VERIFY_FAILED :
114- case ATCA_PARSE_ERROR :
115- case ATCA_FUNC_FAIL :
116- case ATCA_GEN_FAIL :
117- case ATCA_EXECUTION_ERROR :
118- case ATCA_HEALTH_TEST_ERROR :
119- case ATCA_INVALID_SIZE :
120- default :
121- return PSA_ERROR_HARDWARE_FAILURE ;
75+ switch (ret ) {
76+ case ATCA_SUCCESS :
77+ case ATCA_RX_NO_RESPONSE :
78+ case ATCA_WAKE_SUCCESS :
79+ return PSA_SUCCESS ;
80+ case ATCA_BAD_PARAM :
81+ case ATCA_INVALID_ID :
82+ return PSA_ERROR_INVALID_ARGUMENT ;
83+ case ATCA_ASSERT_FAILURE :
84+ return PSA_ERROR_CORRUPTION_DETECTED ;
85+ case ATCA_SMALL_BUFFER :
86+ return PSA_ERROR_BUFFER_TOO_SMALL ;
87+ case ATCA_RX_CRC_ERROR :
88+ case ATCA_RX_FAIL :
89+ case ATCA_STATUS_CRC :
90+ case ATCA_RESYNC_WITH_WAKEUP :
91+ case ATCA_PARITY_ERROR :
92+ case ATCA_TX_TIMEOUT :
93+ case ATCA_RX_TIMEOUT :
94+ case ATCA_TOO_MANY_COMM_RETRIES :
95+ case ATCA_COMM_FAIL :
96+ case ATCA_TIMEOUT :
97+ case ATCA_TX_FAIL :
98+ case ATCA_NO_DEVICES :
99+ return PSA_ERROR_COMMUNICATION_FAILURE ;
100+ case ATCA_UNIMPLEMENTED :
101+ return PSA_ERROR_NOT_SUPPORTED ;
102+ case ATCA_ALLOC_FAILURE :
103+ return PSA_ERROR_INSUFFICIENT_MEMORY ;
104+ case ATCA_BAD_OPCODE :
105+ case ATCA_CONFIG_ZONE_LOCKED :
106+ case ATCA_DATA_ZONE_LOCKED :
107+ case ATCA_NOT_LOCKED :
108+ case ATCA_WAKE_FAILED :
109+ case ATCA_STATUS_UNKNOWN :
110+ case ATCA_STATUS_ECC :
111+ case ATCA_STATUS_SELFTEST_ERROR :
112+ case ATCA_CHECKMAC_VERIFY_FAILED :
113+ case ATCA_PARSE_ERROR :
114+ case ATCA_FUNC_FAIL :
115+ case ATCA_GEN_FAIL :
116+ case ATCA_EXECUTION_ERROR :
117+ case ATCA_HEALTH_TEST_ERROR :
118+ case ATCA_INVALID_SIZE :
119+ default :
120+ return PSA_ERROR_HARDWARE_FAILURE ;
122121 }
123122}
124123
@@ -140,7 +139,7 @@ static void pubkey_for_psa(uint8_t *data)
140139static psa_status_t is_public_key_slot (uint16_t key_slot )
141140{
142141 /* Keys 8 to 15 can store public keys. Slots 1-7 are too small. */
143- return ((key_slot >= 8 && key_slot <=15 ) ? PSA_SUCCESS : PSA_ERROR_INVALID_ARGUMENT );
142+ return ((key_slot >= 8 && key_slot <= 15 ) ? PSA_SUCCESS : PSA_ERROR_INVALID_ARGUMENT );
144143}
145144
146145psa_status_t atecc608a_init ()
@@ -153,7 +152,8 @@ psa_status_t atecc608a_deinit()
153152 return atecc608a_to_psa_error (atcab_release ());
154153}
155154
156- static psa_status_t atecc608a_export_public_key (psa_key_slot_number_t key ,
155+ static psa_status_t atecc608a_export_public_key (psa_drv_se_context_t * drv_context ,
156+ psa_key_slot_number_t key ,
157157 uint8_t * p_data , size_t data_size ,
158158 size_t * p_data_length )
159159{
@@ -164,8 +164,7 @@ static psa_status_t atecc608a_export_public_key(psa_key_slot_number_t key,
164164 const uint16_t slot = key ;
165165 psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
166166
167- if (data_size < key_data_len )
168- {
167+ if (data_size < key_data_len ) {
169168 return PSA_ERROR_BUFFER_TOO_SMALL ;
170169 }
171170
@@ -185,13 +184,15 @@ static psa_status_t atecc608a_export_public_key(psa_key_slot_number_t key,
185184 atecc608a_deinit ();
186185 return status ;
187186}
188- static psa_status_t atecc608a_import_public_key (psa_key_slot_number_t key_slot ,
187+ static psa_status_t atecc608a_import_public_key (psa_drv_se_context_t * drv_context ,
188+ psa_key_slot_number_t key_slot ,
189189 psa_key_lifetime_t lifetime ,
190190 psa_key_type_t type ,
191191 psa_algorithm_t alg ,
192192 psa_key_usage_t usage ,
193193 const uint8_t * p_data ,
194- size_t data_length )
194+ size_t data_length ,
195+ size_t * bits )
195196{
196197 const uint16_t key_id = key_slot ;
197198 psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
@@ -201,19 +202,16 @@ static psa_status_t atecc608a_import_public_key(psa_key_slot_number_t key_slot,
201202 /* Check if the key has a size of 65 {0x04, X, Y}. */
202203 if (data_length != PSA_KEY_EXPORT_MAX_SIZE (PSA_KEY_TYPE_ECC_PUBLIC_KEY (
203204 PSA_ECC_CURVE_SECP256R1 ),
204- 256 ))
205- {
205+ 256 )) {
206206 return PSA_ERROR_INVALID_ARGUMENT ;
207207 }
208208
209- if (type != PSA_KEY_TYPE_ECC_PUBLIC_KEY (PSA_ECC_CURVE_SECP256R1 ))
210- {
209+ if (type != PSA_KEY_TYPE_ECC_PUBLIC_KEY (PSA_ECC_CURVE_SECP256R1 )) {
211210 return PSA_ERROR_NOT_SUPPORTED ;
212211 }
213212
214213 /* The driver can only do randomized ECDSA on SHA-256 */
215- if (alg != PSA_ALG_ECDSA (PSA_ALG_SHA_256 ) && alg != PSA_ALG_ECDSA_ANY )
216- {
214+ if (alg != PSA_ALG_ECDSA (PSA_ALG_SHA_256 ) && alg != PSA_ALG_ECDSA_ANY ) {
217215 return PSA_ERROR_NOT_SUPPORTED ;
218216 }
219217
@@ -225,12 +223,11 @@ static psa_status_t atecc608a_import_public_key(psa_key_slot_number_t key_slot,
225223 return status ;
226224}
227225
228- static psa_status_t atecc608a_generate_key (psa_key_slot_number_t key_slot ,
226+ static psa_status_t atecc608a_generate_key (psa_drv_se_context_t * drv_context ,
227+ psa_key_slot_number_t key_slot ,
229228 psa_key_type_t type ,
230229 psa_key_usage_t usage ,
231230 size_t bits ,
232- const void * extra ,
233- size_t extra_size ,
234231 uint8_t * p_pubkey_out ,
235232 size_t pubkey_out_size ,
236233 size_t * p_pubkey_length )
@@ -239,40 +236,32 @@ static psa_status_t atecc608a_generate_key(psa_key_slot_number_t key_slot,
239236 psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
240237
241238 /* The hardware has slots 0-15 */
242- if (key_slot > 15 )
243- {
239+ if (key_slot > 15 ) {
244240 return PSA_ERROR_INVALID_ARGUMENT ;
245241 }
246242
247- if (type != PSA_KEY_TYPE_ECC_KEYPAIR (PSA_ECC_CURVE_SECP256R1 ))
248- {
243+ if (type != PSA_KEY_TYPE_ECC_KEY_PAIR (PSA_ECC_CURVE_SECP256R1 )) {
249244 return PSA_ERROR_NOT_SUPPORTED ;
250245 }
251246
252- if (bits != PSA_BYTES_TO_BITS (ATCA_PRIV_KEY_SIZE ))
253- {
247+ if (bits != PSA_BYTES_TO_BITS (ATCA_PRIV_KEY_SIZE )) {
254248 return PSA_ERROR_NOT_SUPPORTED ;
255249 }
256250
257- if (p_pubkey_out != NULL && pubkey_out_size < 1 + ATCA_PUB_KEY_SIZE )
258- {
259- return PSA_ERROR_BUFFER_TOO_SMALL ;
251+ if (p_pubkey_out != NULL && pubkey_out_size < 1 + ATCA_PUB_KEY_SIZE ) {
252+ return PSA_ERROR_BUFFER_TOO_SMALL ;
260253 }
261254
262255 ASSERT_SUCCESS_PSA (atecc608a_init ());
263256
264- if (p_pubkey_out != NULL )
265- {
257+ if (p_pubkey_out != NULL ) {
266258 ASSERT_SUCCESS (atcab_genkey (key_id , pubkey_for_driver (p_pubkey_out )));
267259 pubkey_for_psa (p_pubkey_out );
268- }
269- else
270- {
260+ } else {
271261 ASSERT_SUCCESS (atcab_genkey (key_id , NULL ));
272262 }
273263
274- if (p_pubkey_length != NULL )
275- {
264+ if (p_pubkey_length != NULL ) {
276265 * p_pubkey_length = 1 + ATCA_PUB_KEY_SIZE ;
277266 }
278267
@@ -281,7 +270,8 @@ static psa_status_t atecc608a_generate_key(psa_key_slot_number_t key_slot,
281270 return status ;
282271}
283272
284- static psa_status_t atecc608a_asymmetric_sign (psa_key_slot_number_t key_slot ,
273+ static psa_status_t atecc608a_asymmetric_sign (psa_drv_se_context_t * drv_context ,
274+ psa_key_slot_number_t key_slot ,
285275 psa_algorithm_t alg ,
286276 const uint8_t * p_hash ,
287277 size_t hash_length ,
@@ -293,19 +283,16 @@ static psa_status_t atecc608a_asymmetric_sign(psa_key_slot_number_t key_slot,
293283 psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
294284
295285 /* The driver can only do randomized ECDSA on SHA-256 */
296- if (alg != PSA_ALG_ECDSA (PSA_ALG_SHA_256 ) && alg != PSA_ALG_ECDSA_ANY )
297- {
286+ if (alg != PSA_ALG_ECDSA (PSA_ALG_SHA_256 ) && alg != PSA_ALG_ECDSA_ANY ) {
298287 return PSA_ERROR_NOT_SUPPORTED ;
299288 }
300289
301- if (hash_length != PSA_HASH_SIZE (PSA_ALG_SHA_256 ))
302- {
290+ if (hash_length != PSA_HASH_SIZE (PSA_ALG_SHA_256 )) {
303291 /* The driver only supports signing things of length 32. */
304292 return PSA_ERROR_NOT_SUPPORTED ;
305293 }
306294
307- if (signature_size < ATCA_SIG_SIZE )
308- {
295+ if (signature_size < ATCA_SIG_SIZE ) {
309296 return PSA_ERROR_BUFFER_TOO_SMALL ;
310297 }
311298
@@ -327,7 +314,8 @@ static psa_status_t atecc608a_asymmetric_sign(psa_key_slot_number_t key_slot,
327314 return status ;
328315}
329316
330- psa_status_t atecc608a_asymmetric_verify (psa_key_slot_number_t key_slot ,
317+ psa_status_t atecc608a_asymmetric_verify (psa_drv_se_context_t * drv_context ,
318+ psa_key_slot_number_t key_slot ,
331319 psa_algorithm_t alg ,
332320 const uint8_t * p_hash ,
333321 size_t hash_length ,
@@ -341,19 +329,16 @@ psa_status_t atecc608a_asymmetric_verify(psa_key_slot_number_t key_slot,
341329 ASSERT_SUCCESS_PSA (is_public_key_slot (key_id ));
342330
343331 /* The driver can only do randomized ECDSA on SHA-256 */
344- if (alg != PSA_ALG_ECDSA (PSA_ALG_SHA_256 ) && alg != PSA_ALG_ECDSA_ANY )
345- {
332+ if (alg != PSA_ALG_ECDSA (PSA_ALG_SHA_256 ) && alg != PSA_ALG_ECDSA_ANY ) {
346333 return PSA_ERROR_NOT_SUPPORTED ;
347334 }
348335
349- if (hash_length != PSA_HASH_SIZE (PSA_ALG_SHA_256 ))
350- {
336+ if (hash_length != PSA_HASH_SIZE (PSA_ALG_SHA_256 )) {
351337 /* The driver only supports hashes of length 32. */
352338 return PSA_ERROR_NOT_SUPPORTED ;
353339 }
354340
355- if (signature_length != ATCA_SIG_SIZE )
356- {
341+ if (signature_length != ATCA_SIG_SIZE ) {
357342 /* The driver only supports signatures of length 64. */
358343 return PSA_ERROR_INVALID_SIGNATURE ;
359344 }
@@ -372,8 +357,7 @@ psa_status_t atecc608a_write(uint16_t slot, size_t offset, const uint8_t *data,
372357 psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
373358
374359 /* The hardware has slots 0-15 */
375- if (slot > 15 )
376- {
360+ if (slot > 15 ) {
377361 return PSA_ERROR_INVALID_ARGUMENT ;
378362 }
379363
@@ -390,8 +374,7 @@ psa_status_t atecc608a_read(uint16_t slot, size_t offset, uint8_t *data, size_t
390374 psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
391375
392376 /* The hardware has slots 0-15 */
393- if (slot > 15 )
394- {
377+ if (slot > 15 ) {
395378 return PSA_ERROR_INVALID_ARGUMENT ;
396379 }
397380
@@ -403,35 +386,44 @@ psa_status_t atecc608a_read(uint16_t slot, size_t offset, uint8_t *data, size_t
403386 return status ;
404387}
405388
406- #define PSA_ATECC608A_LIFETIME 0xdeadbeefU
407-
408- static psa_drv_se_asymmetric_t atecc608a_asymmetric =
389+ psa_status_t atecc608a_check_slot ( psa_drv_se_context_t * drv_context ,
390+ const psa_key_attributes_t * attributes ,
391+ psa_key_slot_number_t key_slot )
409392{
393+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR (attributes -> type )) {
394+ if (key_slot <= 15 ) {
395+ return PSA_SUCCESS ;
396+ }
397+ } else if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY (attributes -> type )) {
398+ if (key_slot >= 8 && key_slot <= 15 ) {
399+ return PSA_SUCCESS ;
400+ }
401+ }
402+ return PSA_ERROR_NOT_SUPPORTED ;
403+ }
404+
405+ static psa_drv_se_asymmetric_t atecc608a_asymmetric = {
410406 .p_sign = atecc608a_asymmetric_sign ,
411407 .p_verify = atecc608a_asymmetric_verify ,
412408 .p_encrypt = 0 ,
413409 .p_decrypt = 0 ,
414410};
415411
416- static psa_drv_se_key_management_t atecc608a_key_management =
417- {
412+ static psa_drv_se_key_management_t atecc608a_key_management = {
418413 /* So far there is no public key import function in the API, so use this instead */
419414 .p_import = atecc608a_import_public_key ,
420415 .p_generate = atecc608a_generate_key ,
421416 .p_destroy = 0 ,
422- /* So far there is no public key export function in the API, so use this instead */
423- .p_export = atecc608a_export_public_key ,
417+ . p_export_public = atecc608a_export_public_key ,
418+ .p_check_slot = atecc608a_check_slot ,
424419};
425420
426- psa_drv_se_info_t atecc608a_drv_info =
427- {
428- .lifetime = PSA_ATECC608A_LIFETIME ,
429- .p_key_management = & atecc608a_key_management ,
430- .p_mac = 0 ,
431- .p_cipher = 0 ,
432- .p_asym = & atecc608a_asymmetric ,
433- .p_aead = 0 ,
434- .p_derive = 0 ,
435- .slot_min = 0 ,
436- .slot_max = 0 ,
421+ psa_drv_se_t atecc608a_drv_info = {
422+ .key_management = & atecc608a_key_management ,
423+ .mac = 0 ,
424+ .cipher = 0 ,
425+ .asymmetric = & atecc608a_asymmetric ,
426+ .aead = 0 ,
427+ .derivation = 0 ,
428+ .hal_version = PSA_DRV_SE_HAL_VERSION
437429};
0 commit comments