psa_crypto_its.h 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150
  1. /** \file psa_crypto_its.h
  2. * \brief Interface of trusted storage that crypto is built on.
  3. */
  4. /*
  5. * Copyright The Mbed TLS Contributors
  6. * SPDX-License-Identifier: Apache-2.0
  7. *
  8. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  9. * not use this file except in compliance with the License.
  10. * You may obtain a copy of the License at
  11. *
  12. * http://www.apache.org/licenses/LICENSE-2.0
  13. *
  14. * Unless required by applicable law or agreed to in writing, software
  15. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  16. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  17. * See the License for the specific language governing permissions and
  18. * limitations under the License.
  19. */
  20. #ifndef PSA_CRYPTO_ITS_H
  21. #define PSA_CRYPTO_ITS_H
  22. #include <stddef.h>
  23. #include <stdint.h>
  24. #include <psa/crypto_types.h>
  25. #include <psa/crypto_values.h>
  26. #ifdef __cplusplus
  27. extern "C" {
  28. #endif
  29. /** \brief Flags used when creating a data entry
  30. */
  31. typedef uint32_t psa_storage_create_flags_t;
  32. /** \brief A type for UIDs used for identifying data
  33. */
  34. typedef uint64_t psa_storage_uid_t;
  35. #define PSA_STORAGE_FLAG_NONE 0 /**< No flags to pass */
  36. #define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able to be modified or deleted. Intended to be used to set bits in `psa_storage_create_flags_t`*/
  37. /**
  38. * \brief A container for metadata associated with a specific uid
  39. */
  40. struct psa_storage_info_t
  41. {
  42. uint32_t size; /**< The size of the data associated with a uid **/
  43. psa_storage_create_flags_t flags; /**< The flags set when the uid was created **/
  44. };
  45. /** Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */
  46. #define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0)
  47. /** \brief PSA storage specific error codes
  48. */
  49. #define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
  50. #define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
  51. #define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */
  52. #define PSA_ITS_API_VERSION_MINOR 1 /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */
  53. /**
  54. * \brief create a new or modify an existing uid/value pair
  55. *
  56. * \param[in] uid the identifier for the data
  57. * \param[in] data_length The size in bytes of the data in `p_data`
  58. * \param[in] p_data A buffer containing the data
  59. * \param[in] create_flags The flags that the data will be stored with
  60. *
  61. * \return A status indicating the success/failure of the operation
  62. *
  63. * \retval #PSA_SUCCESS The operation completed successfully
  64. * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
  65. * \retval #PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
  66. * \retval #PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
  67. * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
  68. * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`)
  69. * is invalid, for example is `NULL` or references memory the caller cannot access
  70. */
  71. psa_status_t psa_its_set(psa_storage_uid_t uid,
  72. uint32_t data_length,
  73. const void *p_data,
  74. psa_storage_create_flags_t create_flags);
  75. /**
  76. * \brief Retrieve the value associated with a provided uid
  77. *
  78. * \param[in] uid The uid value
  79. * \param[in] data_offset The starting offset of the data requested
  80. * \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer)
  81. * \param[out] p_data The buffer where the data will be placed upon successful completion
  82. * \param[out] p_data_length The amount of data returned in the p_data buffer
  83. *
  84. *
  85. * \return A status indicating the success/failure of the operation
  86. *
  87. * \retval #PSA_SUCCESS The operation completed successfully
  88. * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
  89. * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
  90. * \retval #PSA_ERROR_DATA_CORRUPT The operation failed because stored data has been corrupted
  91. * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
  92. * is invalid. For example is `NULL` or references memory the caller cannot access.
  93. * In addition, this can also happen if an invalid offset was provided.
  94. */
  95. psa_status_t psa_its_get(psa_storage_uid_t uid,
  96. uint32_t data_offset,
  97. uint32_t data_length,
  98. void *p_data,
  99. size_t *p_data_length );
  100. /**
  101. * \brief Retrieve the metadata about the provided uid
  102. *
  103. * \param[in] uid The uid value
  104. * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
  105. *
  106. * \return A status indicating the success/failure of the operation
  107. *
  108. * \retval #PSA_SUCCESS The operation completed successfully
  109. * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
  110. * \retval #PSA_ERROR_DATA_CORRUPT The operation failed because stored data has been corrupted
  111. * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
  112. * is invalid, for example is `NULL` or references memory the caller cannot access
  113. */
  114. psa_status_t psa_its_get_info(psa_storage_uid_t uid,
  115. struct psa_storage_info_t *p_info);
  116. /**
  117. * \brief Remove the provided key and its associated data from the storage
  118. *
  119. * \param[in] uid The uid value
  120. *
  121. * \return A status indicating the success/failure of the operation
  122. *
  123. * \retval #PSA_SUCCESS The operation completed successfully
  124. * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
  125. * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG
  126. * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
  127. */
  128. psa_status_t psa_its_remove(psa_storage_uid_t uid);
  129. #ifdef __cplusplus
  130. }
  131. #endif
  132. #endif /* PSA_CRYPTO_ITS_H */