projects / platform / core / security / key-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Implement EC key pair generation in TZ backend
[platform/core/security/key-manager.git] / src / manager / crypto / tz-backend / tz-context.h
1 /*
2  *  Copyright (c) 2017 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
3  *
4  *  Licensed under the Apache License, Version 2.0 (the "License");
5  *  you may not use this file except in compliance with the License.
6  *  You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  *  Unless required by applicable law or agreed to in writing, software
11  *  distributed under the License is distributed on an "AS IS" BASIS,
12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  *  See the License for the specific language governing permissions and
14  *  limitations under the License
15  */
16 /*
17  * @file       tz-context.h
18  * @author     Lukasz Kostyra (l.kostyra@samsung.com)
19  * @version    1.0
20  */
21 #pragma once
22
23 #include <tee_client_api.h>
24 #include <ckm/ckm-raw-buffer.h>
25 #include <data-type.h>
26 #include <km_ta_defines.h>
27 #include <memory>
28 #include <tz-backend/obj.h>
29 #include <generic-backend/encryption-params.h>
30 #include <tz-backend/tz-serializer.h>
31
32 namespace CKM {
33 namespace Crypto {
34 namespace TZ {
35 namespace Internals {
36
37 class TrustZoneContext final
38 {
39 public:
40         static TrustZoneContext& Instance();
41
42         void generateIV(RawBuffer &iv);
43         void generateSKey(tz_algo_type algo,
44                                         uint32_t keySizeBits,
45                                         const RawBuffer &hash);
46         void generateSKeyPwd(tz_algo_type algo,
47                                                 const RawBuffer &pwd,
48                                                 const RawBuffer &iv,
49                                                 const uint32_t pwdKeySizeBits,
50                                                 RawBuffer &pwdTag,
51                                                 const RawBuffer &hash);
52         void generateRSAKey(uint32_t keySizeBits,
53                                         const RawBuffer &pubPwd,
54                                         const RawBuffer &pubPwdIv,
55                                         const RawBuffer &privPwd,
56                                         const RawBuffer &privPwdIv,
57                                         RawBuffer &pubKeyTag,
58                                         RawBuffer &privKeyTag,
59                                         const RawBuffer &hashPriv,
60                                         const RawBuffer &hashPub);
61         void generateDSAKey(uint32_t keySizeBits,
62                                                 const RawBuffer &prime,
63                                                 const RawBuffer &subprime,
64                                                 const RawBuffer &base,
65                                                 const RawBuffer &pubPwd,
66                                                 const RawBuffer &pubPwdIv,
67                                                 const RawBuffer &privPwd,
68                                                 const RawBuffer &privPwdIv,
69                                                 RawBuffer &pubKeyTag,
70                                                 RawBuffer &privKeyTag,
71                                                 const RawBuffer &hashPriv,
72                                                 const RawBuffer &hashPub);
73         void generateECKey(tz_ec ec,
74                                            const RawBuffer &pubPwd,
75                                            const RawBuffer &pubPwdIv,
76                                            const RawBuffer &privPwd,
77                                            const RawBuffer &privPwdIv,
78                                            RawBuffer &pubKeyTag,
79                                            RawBuffer &privKeyTag,
80                                            const RawBuffer &hashPriv,
81                                            const RawBuffer &hashPub);
82
83         void importData(uint32_t dataType,
84                                         const RawBuffer &data,
85                                         const Crypto::EncryptionParams &encData,
86                                         const RawBuffer &pwd,
87                                         const RawBuffer &pwdIV,
88                                         const uint32_t keySizeBits,
89                                         RawBuffer &pwdTag,
90                                         const RawBuffer &hash);
91
92         void executeCrypt(tz_command cmd,
93                                         tz_algo_type algo,
94                                         const RawBuffer &keyId,
95                                         const Pwd &pwd,
96                                         const RawBuffer &iv,
97                                         const RawBuffer &data,
98                                         RawBuffer &out);
99
100         void executeEncryptAE(const RawBuffer &keyId,
101                                                 const Pwd &pwd,
102                                                 const RawBuffer &iv,
103                                                 int tagSizeBits,
104                                                 const RawBuffer &aad,
105                                                 const RawBuffer &data,
106                                                 RawBuffer &out,
107                                                 RawBuffer &tag);
108         void executeDecryptAE(const RawBuffer &keyId,
109                                                 const Pwd &pwd,
110                                                 const RawBuffer &iv,
111                                                 int tagSizeBits,
112                                                 const RawBuffer &tag,
113                                                 const RawBuffer &aad,
114                                                 const RawBuffer &data,
115                                                 RawBuffer &out);
116
117         void executeSign(tz_algo_type algo,
118                                         tz_hash_type hash,
119                                         const RawBuffer &keyId,
120                                         const Pwd &pwd,
121                                         const RawBuffer &message,
122                                         RawBuffer &signature);
123         int executeVerify(tz_algo_type algo,
124                                         tz_hash_type hash,
125                                         const RawBuffer &keyId,
126                                         const Pwd &pwd,
127                                         const RawBuffer &message,
128                                         const RawBuffer &signature);
129
130         void executeDestroy(const RawBuffer &keyId);
131
132         void getData(const RawBuffer &dataId,
133                                  const Pwd &pwd,
134                                  RawBuffer &data);
135
136         void destroyData(const RawBuffer &dataId);
137
138 private:
139         TrustZoneContext();
140         ~TrustZoneContext();
141         TrustZoneContext(const TrustZoneContext &other) = delete;
142         TrustZoneContext(TrustZoneContext &&other) = delete;
143
144         void Initialize();
145         void Destroy();
146         void Reload();
147
148         void GetDataSize(const RawBuffer &dataId, uint32_t &dataSize);
149
150         void Execute(tz_command commandID, TEEC_Operation* op);
151
152         void GenerateAKey(tz_command commandID,
153                           TZSerializer &sIn,
154                           uint32_t genParam,
155                           const RawBuffer &pubPwd,
156                           const RawBuffer &pubPwdIv,
157                           const RawBuffer &privPwd,
158                           const RawBuffer &privPwdIv,
159                           RawBuffer &pubKeyTag,
160                           RawBuffer &privKeyTag,
161                           const RawBuffer &hashPriv,
162                                           const RawBuffer &hashPub);
163
164         TEEC_Context m_Context;
165         TEEC_Session m_Session;
166
167         bool m_ContextInitialized;
168         bool m_SessionInitialized;
169 };
170
171 } // namespace Internals
172 } // namespace TZ
173 } // namespace Crypto
174 } // namespace CKM
Domain: Security / Utilities;