2 * Copyright (c) 2017 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 * @author Lukasz Kostyra (l.kostyra@samsung.com)
23 #include <tee_client_api.h>
24 #include <ckm/ckm-raw-buffer.h>
25 #include <data-type.h>
26 #include <km_ta_defines.h>
28 #include <tz-backend/obj.h>
29 #include <generic-backend/encryption-params.h>
30 #include <tz-backend/tz-serializer.h>
37 class TrustZoneContext final
40 static TrustZoneContext& Instance();
42 void generateIV(RawBuffer &iv);
43 void generateSKey(tz_algo_type algo,
45 const RawBuffer &hash);
46 void generateSKeyPwd(tz_algo_type algo,
49 const uint32_t pwdKeySizeBits,
51 const RawBuffer &hash);
52 void generateRSAKey(uint32_t keySizeBits,
53 const RawBuffer &pubPwd,
54 const RawBuffer &pubPwdIv,
55 const RawBuffer &privPwd,
56 const RawBuffer &privPwdIv,
58 RawBuffer &privKeyTag,
59 const RawBuffer &hashPriv,
60 const RawBuffer &hashPub);
61 void generateDSAKey(uint32_t keySizeBits,
62 const RawBuffer &prime,
63 const RawBuffer &subprime,
64 const RawBuffer &base,
65 const RawBuffer &pubPwd,
66 const RawBuffer &pubPwdIv,
67 const RawBuffer &privPwd,
68 const RawBuffer &privPwdIv,
70 RawBuffer &privKeyTag,
71 const RawBuffer &hashPriv,
72 const RawBuffer &hashPub);
74 void importData(uint32_t dataType,
75 const RawBuffer &data,
76 const Crypto::EncryptionParams &encData,
78 const RawBuffer &pwdIV,
79 const uint32_t keySizeBits,
80 const uint32_t powTagSizeBits,
82 const RawBuffer &hash);
84 void executeCrypt(tz_command cmd,
86 const RawBuffer &keyId,
89 const RawBuffer &data,
92 void executeEncryptAE(const RawBuffer &keyId,
97 const RawBuffer &data,
100 void executeDecryptAE(const RawBuffer &keyId,
104 const RawBuffer &tag,
105 const RawBuffer &aad,
106 const RawBuffer &data,
109 void executeSign(tz_algo_type algo,
111 const RawBuffer &keyId,
113 const RawBuffer &message,
114 RawBuffer &signature);
115 int executeVerify(tz_algo_type algo,
117 const RawBuffer &keyId,
119 const RawBuffer &message,
120 const RawBuffer &signature);
122 void executeDestroy(const RawBuffer &keyId);
124 void getData(const RawBuffer &dataId,
128 void destroyData(const RawBuffer &dataId);
133 TrustZoneContext(const TrustZoneContext &other) = delete;
134 TrustZoneContext(TrustZoneContext &&other) = delete;
140 void GetDataSize(const RawBuffer &dataId, uint32_t &dataSize);
142 void Execute(tz_command commandID, TEEC_Operation* op);
144 void GenerateAKey(tz_command commandID,
146 uint32_t keySizeBits,
147 const RawBuffer &pubPwd,
148 const RawBuffer &pubPwdIv,
149 const RawBuffer &privPwd,
150 const RawBuffer &privPwdIv,
151 RawBuffer &pubKeyTag,
152 RawBuffer &privKeyTag,
153 const RawBuffer &hashPriv,
154 const RawBuffer &hashPub);
156 TEEC_Context m_Context;
157 TEEC_Session m_Session;
159 bool m_ContextInitialized;
160 bool m_SessionInitialized;
163 } // namespace Internals
165 } // namespace Crypto
projects / platform / core / security / key-manager.git / blob