1
/**
2
 * \file psa/crypto_platform.h
3
 *
4
 * \brief PSA cryptography module: Mbed TLS platform definitions
5
 *
6
 * \note This file may not be included directly. Applications must
7
 * include psa/crypto.h.
8
 *
9
 * This file contains platform-dependent type definitions.
10
 *
11
 * In implementations with isolation between the application and the
12
 * cryptography module, implementers should take care to ensure that
13
 * the definitions that are exposed to applications match what the
14
 * module implements.
15
 */
16
/*
17
 *  Copyright The Mbed TLS Contributors
18
 *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
19
 */
20

21
#ifndef PSA_CRYPTO_PLATFORM_H
22
#define PSA_CRYPTO_PLATFORM_H
23
#include "mbedtls/private_access.h"
24

25
/*
26
 * Include the build-time configuration information header. Here, we do not
27
 * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
28
 * is basically just an alias to it. This is to ease the maintenance of the
29
 * TF-PSA-Crypto repository which has a different build system and
30
 * configuration.
31
 */
32
#include "psa/build_info.h"
33

34
/* PSA requires several types which C99 provides in stdint.h. */
35
#include <stdint.h>
36

37
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
38

39
/* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA
40
 * partition identifier.
41
 *
42
 * The function psa_its_identifier_of_slot() in psa_crypto_storage.c that
43
 * translates a key identifier to a key storage file name assumes that
44
 * mbedtls_key_owner_id_t is a 32-bit integer. This function thus needs
45
 * reworking if mbedtls_key_owner_id_t is not defined as a 32-bit integer
46
 * here anymore.
47
 */
48
typedef int32_t mbedtls_key_owner_id_t;
49

50
/** Compare two key owner identifiers.
51
 *
52
 * \param id1 First key owner identifier.
53
 * \param id2 Second key owner identifier.
54
 *
55
 * \return Non-zero if the two key owner identifiers are equal, zero otherwise.
56
 */
57
static inline int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1,
58
                                             mbedtls_key_owner_id_t id2)
59
{
60
    return id1 == id2;
61
}
62

63
#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
64

65
/*
66
 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
67
 * (Secure Partition Manager) integration which separates the code into two
68
 * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
69
 * Environment). When building for the SPE, an additional header file should be
70
 * included.
71
 */
72
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
73
#define PSA_CRYPTO_SECURE 1
74
#include "crypto_spe.h"
75
#endif // MBEDTLS_PSA_CRYPTO_SPM
76

77
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
78
/** The type of the context passed to mbedtls_psa_external_get_random().
79
 *
80
 * Mbed TLS initializes the context to all-bits-zero before calling
81
 * mbedtls_psa_external_get_random() for the first time.
82
 *
83
 * The definition of this type in the Mbed TLS source code is for
84
 * demonstration purposes. Implementers of mbedtls_psa_external_get_random()
85
 * are expected to replace it with a custom definition.
86
 */
87
typedef struct {
88
    uintptr_t MBEDTLS_PRIVATE(opaque)[2];
89
} mbedtls_psa_external_random_context_t;
90
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
91

92
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
93
/** The type of the client handle used in context structures
94
 *
95
 * When a client view of the multipart context structures is required,
96
 * this handle is used to keep a mapping with the service side of the
97
 * context which contains the actual data.
98
 */
99
typedef uint32_t mbedtls_psa_client_handle_t;
100
#endif
101

102
#endif /* PSA_CRYPTO_PLATFORM_H */
103

104