kernel/hil/public_key_crypto/
rsa_math.rs

1// Licensed under the Apache License, Version 2.0 or the MIT License.
2// SPDX-License-Identifier: Apache-2.0 OR MIT
3// Copyright Tock Contributors 2022.
4
5//! Interface for RSA Public/Private key encryption math operations
6
7use crate::ErrorCode;
8
9/// Upcall from the `RsaCryptoBase` trait.
10pub trait Client<'a> {
11    /// This callback is called when the mod_exponent operation is complete.
12    ///
13    /// The possible ErrorCodes are:
14    ///    - BUSY: An operation is already on going
15    ///    - INVAL: An invalid parameter was supplied
16    ///    - SIZE: The size of the `result` buffer is invalid
17    ///    - NOSUPPORT: The operation is not supported
18    fn mod_exponent_done(
19        &'a self,
20        status: Result<bool, ErrorCode>,
21        message: &'static mut [u8],
22        modulus: &'static [u8],
23        exponent: &'static [u8],
24        result: &'static mut [u8],
25    );
26}
27
28pub trait RsaCryptoBase<'a> {
29    /// Set the `Client` client to be called on completion.
30    fn set_client(&'a self, client: &'a dyn Client<'a>);
31
32    /// Clear any confidential data.
33    fn clear_data(&self);
34
35    /// Calculate (`message` ^ `exponent`) % `modulus` and store it in the
36    /// `result` buffer.
37    ///
38    /// On completion the `mod_exponent_done()` upcall will be scheduled.
39    ///
40    /// The length of `modulus` must be a power of 2 and determines the length
41    /// of the operation.
42    ///
43    /// The `message` and `exponent` buffers can be any length. All of the data
44    /// in the buffer up to the length of the `modulus` will be used. This
45    /// allows callers to allocate larger buffers to support multiple
46    /// RSA lengths, but only the operation length (defined by the modulus)
47    /// will be used.
48    ///
49    /// The `result` buffer must be at least as large as the `modulus` buffer,
50    /// otherwise Err(SIZE) will be returned.
51    /// If `result` is longer then `modulus` the data will be stored in the
52    /// `result` buffer from 0 to `modulue.len()`.
53    ///
54    /// The possible ErrorCodes are:
55    ///    - BUSY: An operation is already on going
56    ///    - INVAL: An invalid parameter was supplied
57    ///    - SIZE: The size of the `result` buffer is invalid
58    ///    - NOSUPPORT: The operation is not supported
59    fn mod_exponent(
60        &self,
61        message: &'static mut [u8],
62        modulus: &'static [u8],
63        exponent: &'static [u8],
64        result: &'static mut [u8],
65    ) -> Result<
66        (),
67        (
68            ErrorCode,
69            &'static mut [u8],
70            &'static [u8],
71            &'static [u8],
72            &'static mut [u8],
73        ),
74    >;
75}
76
77/// Upcall from the `RsaCryptoBase` trait.
78pub trait ClientMut<'a> {
79    /// This callback is called when the mod_exponent operation is complete.
80    ///
81    /// The possible ErrorCodes are:
82    ///    - BUSY: The system is busy
83    ///    - ALREADY: An operation is already on going
84    ///    - INVAL: An invalid parameter was supplied
85    ///    - SIZE: The size of the `result` buffer is invalid
86    ///    - NOSUPPORT: The operation is not supported
87    fn mod_exponent_done(
88        &'a self,
89        status: Result<bool, ErrorCode>,
90        message: &'static mut [u8],
91        modulus: &'static mut [u8],
92        exponent: &'static mut [u8],
93        result: &'static mut [u8],
94    );
95}
96
97pub trait RsaCryptoBaseMut<'a> {
98    /// Set the `ClientMut` client to be called on completion.
99    fn set_client(&'a self, client: &'a dyn ClientMut<'a>);
100
101    /// Clear any confidential data.
102    fn clear_data(&self);
103
104    /// Calculate (`message` ^ `exponent`) % `modulus` and store it in the
105    /// `result` buffer.
106    ///
107    /// On completion the `mod_exponent_done()` upcall will be scheduled.
108    ///
109    /// The length of `modulus` must be a power of 2 and determines the length
110    /// of the operation.
111    ///
112    /// The `message` and `exponent` buffers can be any length. All of the data
113    /// in the buffer up to the length of the `modulus` will be used. This
114    /// allows callers to allocate larger buffers to support multiple
115    /// RSA lengths, but only the operation length (defined by the modulus)
116    /// will be used.
117    ///
118    /// The `result` buffer must be at least as large as the `modulus` buffer,
119    /// otherwise Err(SIZE) will be returned.
120    /// If `result` is longer then `modulus` the data will be stored in the
121    /// `result` buffer from 0 to `modulue.len()`.
122    ///
123    /// The possible ErrorCodes are:
124    ///    - BUSY: The system is busy
125    ///    - ALREADY: An operation is already on going
126    ///    - INVAL: An invalid parameter was supplied
127    ///    - SIZE: The size of the `result` buffer is invalid
128    ///    - NOSUPPORT: The operation is not supported
129    fn mod_exponent(
130        &self,
131        message: &'static mut [u8],
132        modulus: &'static mut [u8],
133        exponent: &'static mut [u8],
134        result: &'static mut [u8],
135    ) -> Result<
136        (),
137        (
138            ErrorCode,
139            &'static mut [u8],
140            &'static mut [u8],
141            &'static mut [u8],
142            &'static mut [u8],
143        ),
144    >;
145}