Integrate psa_key_agreement() with SPM code

mohammad1603 · mohammad1603 · commit 0c055f6691d3 · 2018-11-26T16:37:42.000+02:00
diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h
@@ -85,7 +85,8 @@ typedef enum psa_sec_function_s
     PSA_GENERATOR_READ,
     PSA_GENERATOR_IMPORT_KEY,
     PSA_GENERATOR_ABORT,
-    PSA_KEY_DERIVATION
+    PSA_KEY_DERIVATION,
+    PSA_KEY_AGREEMENT
 }psa_sec_function_t;
 
 /**@}*/
diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c
@@ -1028,6 +1028,32 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
 
 }
 
+psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
+                                psa_key_slot_t private_key,
+                                const uint8_t *peer_key,
+                                size_t peer_key_length,
+                                psa_algorithm_t alg )
+{
+    psa_error_t err_call;
+    psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0, 0, 0, 0 };
+    psa_crypto_ipc.key = private_key;
+    psa_crypto_ipc.alg = alg;
+    psa_crypto_ipc.func = PSA_KEY_AGREEMENT;
+
+    psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) },
+                               { peer_key, peer_key_length }};
+
+    generator->handle = psa_connect( PSA_GENERATOR_ID, MINOR_VER );
+    if( generator->handle <= 0 )
+        return( PSA_ERROR_COMMUNICATION_FAILURE );
+
+    err_call = psa_call( generator->handle, in_vec, 2, NULL, 0 );
+
+    if( err_call < 0 )
+        err_call = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE;
+    return( ( psa_status_t ) err_call );
+}
+
 psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
 {
     psa_error_t err_call = PSA_SUCCESS;
diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/crypto_spe.h b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/crypto_spe.h
@@ -57,6 +57,7 @@ extern "C" {
 #define psa_generator_import_key  psa_sec_generator_import_key
 #define mbedtls_psa_crypto_free  mbedtls_psa_sec_crypto_free
 #define psa_key_derivation  psa_sec_key_derivation
+#define psa_key_agreement  psa_sec_key_agreement
 #define psa_generator_abort  psa_sec_generator_abort
 #define mbedtls_psa_inject_entropy  mbedtls_psa_sec_inject_entropy
 
diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
@@ -1367,6 +1367,33 @@ void psa_crypto_generator_operations( void )
 
                     break;
                 }
+                case PSA_KEY_AGREEMENT:
+                {
+
+                    uint8_t *private_key = mbedtls_calloc( 1, msg.in_size[1] );
+                    if ( private_key == NULL )
+                    {
+                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
+                        break;
+                    }
+
+                    bytes_read = psa_read( msg.handle, 1, private_key,
+                                           msg.in_size[1] );
+                    if( bytes_read != msg.in_size[1] )
+                    {
+                        SPM_PANIC("SPM read length mismatch");
+                    }
+
+                    status = check_spm_key_acl(msg.handle, psa_crypto_ipc.key);
+                    if (status == PSA_SUCCESS) {
+                        status = psa_key_agreement( msg.rhandle, psa_crypto_ipc.key,
+                                                     private_key,
+                                                     msg.in_size[1],//private_key length
+                                                     psa_crypto_ipc.alg );
+                    }
+
+                    break;
+                }
                 default:
                 {
                     status = PSA_ERROR_NOT_SUPPORTED;
