1 /** 2 * \file psa_crypto_invasive.h 3 * 4 * \brief PSA cryptography module: invasive interfaces for test only. 5 * 6 * The interfaces in this file are intended for testing purposes only. 7 * They MUST NOT be made available to clients over IPC in integrations 8 * with isolation, and they SHOULD NOT be made available in library 9 * integrations except when building the library for testing. 10 */ 11 /* 12 * Copyright The Mbed TLS Contributors 13 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 14 */ 15 16 #ifndef PSA_CRYPTO_INVASIVE_H 17 #define PSA_CRYPTO_INVASIVE_H 18 19 /* 20 * Include the build-time configuration information header. Here, we do not 21 * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which 22 * is basically just an alias to it. This is to ease the maintenance of the 23 * TF-PSA-Crypto repository which has a different build system and 24 * configuration. 25 */ 26 #include "psa/build_info.h" 27 28 #include "psa/crypto.h" 29 #include "common.h" 30 31 #include "mbedtls/entropy.h" 32 33 #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) 34 /** \brief Configure entropy sources. 35 * 36 * This function may only be called before a call to psa_crypto_init(), 37 * or after a call to mbedtls_psa_crypto_free() and before any 38 * subsequent call to psa_crypto_init(). 39 * 40 * This function is only intended for test purposes. The functionality 41 * it provides is also useful for system integrators, but 42 * system integrators should configure entropy drivers instead of 43 * breaking through to the Mbed TLS API. 44 * 45 * \param entropy_init Function to initialize the entropy context 46 * and set up the desired entropy sources. 47 * It is called by psa_crypto_init(). 48 * By default this is mbedtls_entropy_init(). 49 * This function cannot report failures directly. 50 * To indicate a failure, set the entropy context 51 * to a state where mbedtls_entropy_func() will 52 * return an error. 53 * \param entropy_free Function to free the entropy context 54 * and associated resources. 55 * It is called by mbedtls_psa_crypto_free(). 56 * By default this is mbedtls_entropy_free(). 57 * 58 * \retval #PSA_SUCCESS 59 * Success. 60 * \retval #PSA_ERROR_NOT_PERMITTED 61 * The caller does not have the permission to configure 62 * entropy sources. 63 * \retval #PSA_ERROR_BAD_STATE 64 * The library has already been initialized. 65 */ 66 psa_status_t mbedtls_psa_crypto_configure_entropy_sources( 67 void (* entropy_init)(mbedtls_entropy_context *ctx), 68 void (* entropy_free)(mbedtls_entropy_context *ctx)); 69 #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ 70 71 #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) 72 psa_status_t psa_mac_key_can_do( 73 psa_algorithm_t algorithm, 74 psa_key_type_t key_type); 75 76 psa_status_t psa_crypto_copy_input(const uint8_t *input, size_t input_len, 77 uint8_t *input_copy, size_t input_copy_len); 78 79 psa_status_t psa_crypto_copy_output(const uint8_t *output_copy, size_t output_copy_len, 80 uint8_t *output, size_t output_len); 81 82 /* 83 * Test hooks to use for memory unpoisoning/poisoning in copy functions. 84 */ 85 extern void (*psa_input_pre_copy_hook)(const uint8_t *input, size_t input_len); 86 extern void (*psa_input_post_copy_hook)(const uint8_t *input, size_t input_len); 87 extern void (*psa_output_pre_copy_hook)(const uint8_t *output, size_t output_len); 88 extern void (*psa_output_post_copy_hook)(const uint8_t *output, size_t output_len); 89 90 #endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_PSA_CRYPTO_C */ 91 92 #endif /* PSA_CRYPTO_INVASIVE_H */ 93