2 * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 * @author Krishna Raghottam Devale (k.devale@samsung.com)
20 * @brief SSF crypto functions
29 #include <sys/ioctl.h>
30 #include <crypto_internal.h>
33 #include <permission.h>
36 #include "ssf_crypto_openssl.h"
38 #define TAG "TEE:Crypto"
40 #define CRYPTO_PANIC do{LOGE(SSF_LIB, "This Line!");TEE_Panic(0);}while(0)
42 #define MAX_ATTRIBUTE_NUMBER 35 // Maximum number of attributes for each object
45 #define CRYPTO_INTERNAL_LOG(_f, _a...) printf("[%s]%d: " _f "\n", __func__ , __LINE__ , ## _a)
46 #define CRYPTO_INTERNAL_LOG_BYTE(msg, Data, DataLen) { \
48 printf("%10s =", msg); \
50 for( idx=0; idx<(int)DataLen; idx++) { \
51 if( (idx!=0) && ((idx%16)==0) ) printf("\n"); \
52 if((idx % 16) == 0) printf("\t\""); \
53 printf("%.2X", Data[idx]); \
54 if( (idx!=0) && ((idx%16)==15) ) printf("\""); \
59 #define CRYPTO_INTERNAL_LOG(_f, _a...)
60 #define CRYPTO_INTERNAL_LOG_BYTE(msg, Data, DataLen)
63 struct __TEE_Attributees
66 TEE_Attribute attr_array[MAX_ATTRIBUTE_NUMBER];
69 struct TransientObject
72 struct __TEE_Attributees attr;
75 struct __TEE_ObjectHandle
77 struct TransientObject tr;
81 struct __TEE_OperationHandle
83 TEE_OperationInfo info;
86 static int sw_crypto_ioctl_init(crypto_internal_operation *operation, crypto_internal_keystruct *key, unsigned char *ivec, unsigned int ivec_len)
88 (void)ivec_len; /* actually always==16 */
91 unsigned int padding=ID_NO_PADDING;
92 CryptoCoreContainer *handle=(CryptoCoreContainer *)operation->crypto;
94 switch(operation->info.algorithm)
96 /* TEE_OPERATION_CIPHER */
97 case TEE_ALG_AES_ECB_NOPAD:
98 if(operation->info.mode == TEE_MODE_ENCRYPT) mode=ID_ENC_ECB;
100 padding = ID_NO_PADDING;
101 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
104 case TEE_ALG_AES_ECB_PKCS5:
105 case TEE_ALG_AES_ECB_PKCS7:
106 if(operation->info.mode == TEE_MODE_ENCRYPT) mode=ID_ENC_ECB;
107 else mode=ID_DEC_ECB;
108 padding = ID_NO_PADDING /* ID_PKCS5 */;
109 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
112 case TEE_ALG_AES_ECB_ISO9797_M1:
113 case TEE_ALG_AES_ECB_ISO9797_M2:
114 if(operation->info.mode == TEE_MODE_ENCRYPT) mode=ID_ENC_ECB;
115 else mode=ID_DEC_ECB;
116 padding = ID_NO_PADDING /* ID_PKCS5 */;
117 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
120 case TEE_ALG_AES_CBC_NOPAD:
121 if(operation->info.mode == TEE_MODE_ENCRYPT) mode=ID_ENC_CBC;
122 else mode=ID_DEC_CBC;
123 padding = ID_NO_PADDING;
124 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
127 case TEE_ALG_AES_CBC_PKCS5:
128 case TEE_ALG_AES_CBC_PKCS7:
129 if(operation->info.mode == TEE_MODE_ENCRYPT) mode=ID_ENC_CBC;
130 else mode=ID_DEC_CBC;
131 padding = ID_NO_PADDING/* ID_PKCS5 */;
132 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
135 case TEE_ALG_AES_CBC_ISO9797_M1:
136 case TEE_ALG_AES_CBC_ISO9797_M2:
137 if(operation->info.mode == TEE_MODE_ENCRYPT) mode=ID_ENC_CBC;
138 else mode=ID_DEC_CBC;
139 padding = ID_NO_PADDING /* ID_PKCS5 */;
140 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
143 case TEE_ALG_AES_CTR:
144 case TEE_ALG_AES_CTR_NOPAD:
145 if(operation->info.mode == TEE_MODE_ENCRYPT) mode=ID_ENC_CTR;
146 else mode=ID_DEC_CTR;
147 padding = ID_NO_PADDING;
148 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
151 case TEE_ALG_AES_CTS:
152 case TEE_ALG_AES_XTS:
155 case TEE_ALG_DES_ECB_NOPAD:
156 case TEE_ALG_DES3_ECB_NOPAD:
157 if(operation->info.mode == TEE_MODE_ENCRYPT) {
163 padding = ID_NO_PADDING;
164 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
167 case TEE_ALG_DES_CBC_NOPAD:
168 case TEE_ALG_DES3_CBC_NOPAD:
169 if(operation->info.mode == TEE_MODE_ENCRYPT) {
175 padding = ID_NO_PADDING;
176 rc=handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
179 case TEE_ALG_HMAC_MD5:
180 case TEE_ALG_HMAC_SHA1:
181 case TEE_ALG_HMAC_SHA224:
182 case TEE_ALG_HMAC_SHA256:
183 case TEE_ALG_HMAC_SHA384:
184 case TEE_ALG_HMAC_SHA512:
185 case TEE_ALG_AES_CBC_MAC_NOPAD:
186 case TEE_ALG_AES_CBC_MAC_PKCS5:
187 case TEE_ALG_DES_CBC_MAC_NOPAD:
188 case TEE_ALG_DES_CBC_MAC_PKCS5:
189 case TEE_ALG_AES_CMAC:
190 case TEE_ALG_DES3_CBC_MAC_NOPAD:
191 case TEE_ALG_DES3_CBC_MAC_PKCS5:
192 rc=handle->MAC_init(handle, key->secret.buffer, key->secret.size);
195 case TEE_ALG_AES_CCM:
196 case TEE_ALG_AES_GCM:
205 rc=handle->MD_init(handle);
208 case TEE_ALG_RSA_NOPAD:
209 padding = ID_NO_PADDING;
210 rc=handle->RSA_setKeypairForCRT(handle, padding,
211 key->rsa_modulus.buffer, key->rsa_modulus.size,
212 key->rsa_public.buffer, key->rsa_public.size,
213 key->rsa_private.buffer, key->rsa_private.size,
214 key->rsa_prime1.buffer, key->rsa_prime1.size,
215 key->rsa_prime2.buffer, key->rsa_prime2.size,
216 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
217 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
218 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
221 case TEE_ALG_RSAES_PKCS1_V1_5:
222 padding = ID_RSAES_PKCS15;
223 rc=handle->RSA_setKeypairForCRT(handle, padding,
224 key->rsa_modulus.buffer, key->rsa_modulus.size,
225 key->rsa_public.buffer, key->rsa_public.size,
226 key->rsa_private.buffer, key->rsa_private.size,
227 key->rsa_prime1.buffer, key->rsa_prime1.size,
228 key->rsa_prime2.buffer, key->rsa_prime2.size,
229 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
230 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
231 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
234 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
235 padding = ID_RSAES_OAEP_SHA1;
236 rc=handle->RSA_setKeypairForCRT(handle, padding,
237 key->rsa_modulus.buffer, key->rsa_modulus.size,
238 key->rsa_public.buffer, key->rsa_public.size,
239 key->rsa_private.buffer, key->rsa_private.size,
240 key->rsa_prime1.buffer, key->rsa_prime1.size,
241 key->rsa_prime2.buffer, key->rsa_prime2.size,
242 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
243 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
244 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
247 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
248 padding = ID_RSAES_OAEP_SHA224;
249 rc=handle->RSA_setKeypairForCRT(handle, padding,
250 key->rsa_modulus.buffer, key->rsa_modulus.size,
251 key->rsa_public.buffer, key->rsa_public.size,
252 key->rsa_private.buffer, key->rsa_private.size,
253 key->rsa_prime1.buffer, key->rsa_prime1.size,
254 key->rsa_prime2.buffer, key->rsa_prime2.size,
255 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
256 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
257 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
260 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
261 padding = ID_RSAES_OAEP_SHA256;
262 rc=handle->RSA_setKeypairForCRT(handle, padding,
263 key->rsa_modulus.buffer, key->rsa_modulus.size,
264 key->rsa_public.buffer, key->rsa_public.size,
265 key->rsa_private.buffer, key->rsa_private.size,
266 key->rsa_prime1.buffer, key->rsa_prime1.size,
267 key->rsa_prime2.buffer, key->rsa_prime2.size,
268 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
269 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
270 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
273 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
274 padding = ID_RSAES_OAEP_SHA384;
275 rc=handle->RSA_setKeypairForCRT(handle, padding,
276 key->rsa_modulus.buffer, key->rsa_modulus.size,
277 key->rsa_public.buffer, key->rsa_public.size,
278 key->rsa_private.buffer, key->rsa_private.size,
279 key->rsa_prime1.buffer, key->rsa_prime1.size,
280 key->rsa_prime2.buffer, key->rsa_prime2.size,
281 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
282 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
283 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
286 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
287 padding = ID_RSAES_OAEP_SHA512;
288 rc=handle->RSA_setKeypairForCRT(handle, padding,
289 key->rsa_modulus.buffer, key->rsa_modulus.size,
290 key->rsa_public.buffer, key->rsa_public.size,
291 key->rsa_private.buffer, key->rsa_private.size,
292 key->rsa_prime1.buffer, key->rsa_prime1.size,
293 key->rsa_prime2.buffer, key->rsa_prime2.size,
294 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
295 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
296 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
299 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
300 padding = ID_RSASSA_PKCS15_MD5;
301 rc=handle->RSA_setKeypairForCRT(handle, padding,
302 key->rsa_modulus.buffer, key->rsa_modulus.size,
303 key->rsa_public.buffer, key->rsa_public.size,
304 key->rsa_private.buffer, key->rsa_private.size,
305 key->rsa_prime1.buffer, key->rsa_prime1.size,
306 key->rsa_prime2.buffer, key->rsa_prime2.size,
307 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
308 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
309 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
312 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
313 padding = ID_RSASSA_PKCS15_SHA1;
314 rc=handle->RSA_setKeypairForCRT(handle, padding,
315 key->rsa_modulus.buffer, key->rsa_modulus.size,
316 key->rsa_public.buffer, key->rsa_public.size,
317 key->rsa_private.buffer, key->rsa_private.size,
318 key->rsa_prime1.buffer, key->rsa_prime1.size,
319 key->rsa_prime2.buffer, key->rsa_prime2.size,
320 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
321 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
322 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
325 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
326 padding = ID_RSASSA_PKCS15_SHA224;
327 rc=handle->RSA_setKeypairForCRT(handle, padding,
328 key->rsa_modulus.buffer, key->rsa_modulus.size,
329 key->rsa_public.buffer, key->rsa_public.size,
330 key->rsa_private.buffer, key->rsa_private.size,
331 key->rsa_prime1.buffer, key->rsa_prime1.size,
332 key->rsa_prime2.buffer, key->rsa_prime2.size,
333 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
334 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
335 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
338 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
339 padding = ID_RSASSA_PKCS15_SHA256;
340 rc=handle->RSA_setKeypairForCRT(handle, padding,
341 key->rsa_modulus.buffer, key->rsa_modulus.size,
342 key->rsa_public.buffer, key->rsa_public.size,
343 key->rsa_private.buffer, key->rsa_private.size,
344 key->rsa_prime1.buffer, key->rsa_prime1.size,
345 key->rsa_prime2.buffer, key->rsa_prime2.size,
346 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
347 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
348 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
351 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
352 padding = ID_RSASSA_PKCS15_SHA384;
353 rc=handle->RSA_setKeypairForCRT(handle, padding,
354 key->rsa_modulus.buffer, key->rsa_modulus.size,
355 key->rsa_public.buffer, key->rsa_public.size,
356 key->rsa_private.buffer, key->rsa_private.size,
357 key->rsa_prime1.buffer, key->rsa_prime1.size,
358 key->rsa_prime2.buffer, key->rsa_prime2.size,
359 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
360 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
361 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
364 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
365 padding = ID_RSASSA_PKCS15_SHA512;
366 rc=handle->RSA_setKeypairForCRT(handle, padding,
367 key->rsa_modulus.buffer, key->rsa_modulus.size,
368 key->rsa_public.buffer, key->rsa_public.size,
369 key->rsa_private.buffer, key->rsa_private.size,
370 key->rsa_prime1.buffer, key->rsa_prime1.size,
371 key->rsa_prime2.buffer, key->rsa_prime2.size,
372 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
373 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
374 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
377 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
378 padding = ID_RSASSA_PSS_SHA1;
379 rc=handle->RSA_setKeypairForCRT(handle, padding,
380 key->rsa_modulus.buffer, key->rsa_modulus.size,
381 key->rsa_public.buffer, key->rsa_public.size,
382 key->rsa_private.buffer, key->rsa_private.size,
383 key->rsa_prime1.buffer, key->rsa_prime1.size,
384 key->rsa_prime2.buffer, key->rsa_prime2.size,
385 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
386 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
387 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
390 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
391 padding = ID_RSASSA_PSS_SHA224;
392 rc=handle->RSA_setKeypairForCRT(handle, padding,
393 key->rsa_modulus.buffer, key->rsa_modulus.size,
394 key->rsa_public.buffer, key->rsa_public.size,
395 key->rsa_private.buffer, key->rsa_private.size,
396 key->rsa_prime1.buffer, key->rsa_prime1.size,
397 key->rsa_prime2.buffer, key->rsa_prime2.size,
398 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
399 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
400 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
403 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
404 padding = ID_RSASSA_PSS_SHA256;
405 rc=handle->RSA_setKeypairForCRT(handle, padding,
406 key->rsa_modulus.buffer, key->rsa_modulus.size,
407 key->rsa_public.buffer, key->rsa_public.size,
408 key->rsa_private.buffer, key->rsa_private.size,
409 key->rsa_prime1.buffer, key->rsa_prime1.size,
410 key->rsa_prime2.buffer, key->rsa_prime2.size,
411 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
412 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
413 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
416 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
417 padding = ID_RSASSA_PSS_SHA384;
418 rc=handle->RSA_setKeypairForCRT(handle, padding,
419 key->rsa_modulus.buffer, key->rsa_modulus.size,
420 key->rsa_public.buffer, key->rsa_public.size,
421 key->rsa_private.buffer, key->rsa_private.size,
422 key->rsa_prime1.buffer, key->rsa_prime1.size,
423 key->rsa_prime2.buffer, key->rsa_prime2.size,
424 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
425 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
426 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
429 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
430 padding = ID_RSASSA_PSS_SHA512;
431 rc=handle->RSA_setKeypairForCRT(handle, padding,
432 key->rsa_modulus.buffer, key->rsa_modulus.size,
433 key->rsa_public.buffer, key->rsa_public.size,
434 key->rsa_private.buffer, key->rsa_private.size,
435 key->rsa_prime1.buffer, key->rsa_prime1.size,
436 key->rsa_prime2.buffer, key->rsa_prime2.size,
437 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
438 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
439 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
442 case TEE_ALG_DSA_SHA1:
444 rc=handle->RSA_setKeypairForCRT(handle, padding,
445 key->rsa_modulus.buffer, key->rsa_modulus.size,
446 key->rsa_public.buffer, key->rsa_public.size,
447 key->rsa_private.buffer, key->rsa_private.size,
448 key->rsa_prime1.buffer, key->rsa_prime1.size,
449 key->rsa_prime2.buffer, key->rsa_prime2.size,
450 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
451 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
452 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
455 case TEE_ALG_GENERATE_SECRET_KEY:
456 rc=handle->PRNG_get(handle, key->secret.size, key->secret.buffer);
457 /* Ignore return value to avoid CRYPTO_PANIC. Only SDRM_X931_ConditionalTest() can return TEE_ERROR.*/
461 case TEE_ALG_GENERATE_RSA_KEY:
463 unsigned char E[3] = {0x01, 0x00, 0x01};
464 unsigned int ELen = 3;
466 rc=handle->RSA_genKeypairWithEforCRT(handle, padding,
468 key->rsa_modulus.buffer, &key->rsa_modulus.size,
469 key->rsa_private.buffer, &key->rsa_private.size,
470 key->rsa_prime1.buffer, &key->rsa_prime1.size,
471 key->rsa_prime2.buffer, &key->rsa_prime2.size,
472 key->rsa_exponent1.buffer, &key->rsa_exponent1.size,
473 key->rsa_exponent2.buffer, &key->rsa_exponent2.size,
474 key->rsa_coefficient.buffer, &key->rsa_coefficient.size);
476 /*if(rc == (-ETIMEDOUT))
478 LOGE(SSF_LIB, "Algorithm - %X : TIMEOUT \n", operation->info.algorithm);
479 rc = TEE_ERROR_TIMEOUT;
482 memcpy(key->rsa_public.buffer, E, ELen);
483 key->rsa_public.size = ELen;
488 LOGE(SSF_LIB, "Not Support Algorithm : %X ", operation->info.algorithm);
492 CRYPTO_INTERNAL_LOG("rc=%d ", rc);
496 static int sw_crypto_ioctl_update (crypto_internal_operation *operation, unsigned char* src_addr, unsigned int src_size, unsigned char* dst_addr, unsigned int* dst_size)
499 CryptoCoreContainer *handle=(CryptoCoreContainer *)operation->crypto;
501 switch(operation->info.algorithm)
503 /* TEE_OPERATION_CIPHER */
504 case TEE_ALG_AES_ECB_NOPAD:
505 case TEE_ALG_AES_ECB_PKCS5:
506 case TEE_ALG_AES_ECB_PKCS7:
507 case TEE_ALG_AES_ECB_ISO9797_M1:
508 case TEE_ALG_AES_ECB_ISO9797_M2:
509 case TEE_ALG_AES_CBC_NOPAD:
510 case TEE_ALG_AES_CBC_PKCS5:
511 case TEE_ALG_AES_CBC_PKCS7:
512 case TEE_ALG_AES_CBC_ISO9797_M1:
513 case TEE_ALG_AES_CBC_ISO9797_M2:
514 case TEE_ALG_AES_CTR:
515 case TEE_ALG_AES_CTR_NOPAD:
516 case TEE_ALG_DES_ECB_NOPAD:
517 case TEE_ALG_DES3_ECB_NOPAD:
518 case TEE_ALG_DES_CBC_NOPAD:
519 case TEE_ALG_DES3_CBC_NOPAD:
520 rc=handle->SE_process(handle, src_addr, src_size, dst_addr, dst_size);
523 case TEE_ALG_HMAC_MD5:
524 case TEE_ALG_HMAC_SHA1:
525 case TEE_ALG_HMAC_SHA224:
526 case TEE_ALG_HMAC_SHA256:
527 case TEE_ALG_HMAC_SHA384:
528 case TEE_ALG_HMAC_SHA512:
529 case TEE_ALG_AES_CBC_MAC_NOPAD:
530 case TEE_ALG_AES_CBC_MAC_PKCS5:
531 case TEE_ALG_DES_CBC_MAC_NOPAD:
532 case TEE_ALG_DES_CBC_MAC_PKCS5:
533 case TEE_ALG_AES_CMAC:
534 case TEE_ALG_DES3_CBC_MAC_NOPAD:
535 case TEE_ALG_DES3_CBC_MAC_PKCS5:
536 rc=handle->MAC_update(handle, src_addr, src_size);
545 rc=handle->MD_update(handle, src_addr, src_size);
549 LOGE(SSF_LIB, "Not Support Algorithm : %X", operation->info.algorithm);
554 if(src_size && dst_size) {CRYPTO_INTERNAL_LOG("rc=%d src_size=%d dst_size=%d", rc, src_size, *dst_size);}
555 else {CRYPTO_INTERNAL_LOG("rc=%d", rc);}
559 static int sw_crypto_ioctl_final (crypto_internal_operation *operation, unsigned char* src_addr, unsigned int src_size, unsigned char* dst_addr, unsigned int* dst_size)
563 CryptoCoreContainer *handle=(CryptoCoreContainer *)operation->crypto;
565 switch(operation->info.algorithm)
567 /* TEE_OPERATION_CIPHER */
568 case TEE_ALG_AES_ECB_NOPAD:
569 case TEE_ALG_AES_ECB_PKCS5:
570 case TEE_ALG_AES_ECB_PKCS7:
571 case TEE_ALG_AES_ECB_ISO9797_M1:
572 case TEE_ALG_AES_ECB_ISO9797_M2:
573 case TEE_ALG_AES_CBC_NOPAD:
574 case TEE_ALG_AES_CBC_PKCS5:
575 case TEE_ALG_AES_CBC_PKCS7:
576 case TEE_ALG_AES_CBC_ISO9797_M1:
577 case TEE_ALG_AES_CBC_ISO9797_M2:
578 case TEE_ALG_AES_CTR_NOPAD:
579 case TEE_ALG_AES_CTR:
580 rc=handle->SE_final(handle, src_addr, src_size, dst_addr, dst_size);
583 case TEE_ALG_AES_CTS:
584 case TEE_ALG_AES_XTS:
587 case TEE_ALG_DES_ECB_NOPAD:
588 case TEE_ALG_DES3_ECB_NOPAD:
589 case TEE_ALG_DES_CBC_NOPAD:
590 case TEE_ALG_DES3_CBC_NOPAD:
591 rc=handle->SE_final(handle, src_addr, src_size, dst_addr, dst_size);
594 /* TEE_OPERATION_MAC */
595 case TEE_ALG_HMAC_MD5:
596 case TEE_ALG_HMAC_SHA1:
597 case TEE_ALG_HMAC_SHA224:
598 case TEE_ALG_HMAC_SHA256:
599 case TEE_ALG_HMAC_SHA384:
600 case TEE_ALG_HMAC_SHA512:
601 case TEE_ALG_AES_CBC_MAC_NOPAD:
602 case TEE_ALG_AES_CBC_MAC_PKCS5:
603 case TEE_ALG_DES_CBC_MAC_NOPAD:
604 case TEE_ALG_DES_CBC_MAC_PKCS5:
605 case TEE_ALG_AES_CMAC:
606 case TEE_ALG_DES3_CBC_MAC_NOPAD:
607 case TEE_ALG_DES3_CBC_MAC_PKCS5:
608 if(src_addr && src_size!=0) {
609 handle->MAC_update(handle, src_addr, src_size);
611 rc=handle->MAC_final(handle, dst_addr, dst_size);
614 /* TEE_OPERATION_AE */
615 case TEE_ALG_AES_CCM:
616 case TEE_ALG_AES_GCM:
619 /* TEE_OPERATION_DIGEST */
626 if(src_addr && src_size!=0) {
627 handle->MD_update(handle, src_addr, src_size);
629 rc=handle->MD_final(handle, dst_addr);
630 *dst_size = operation->info.digestLength;
633 /* TEE_OPERATION_ASYMMETRIC_CIPHER */
634 case TEE_ALG_RSA_NOPAD:
635 case TEE_ALG_RSAES_PKCS1_V1_5:
636 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
637 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
638 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
639 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
640 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
641 if (operation->info.mode == TEE_MODE_ENCRYPT ) {
642 rc=handle->AE_encrypt(handle, src_addr, src_size, dst_addr, dst_size);
645 rc=handle->AE_decrypt(handle, src_addr, src_size, dst_addr, dst_size);
649 /* TEE_OPERATION_ASYMMETRIC_SIGNATURE */
650 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
651 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
652 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
653 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
654 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
655 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
656 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
657 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
658 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
659 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
660 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
661 if (operation->info.mode == TEE_MODE_SIGN ) {
662 rc=handle->DS_sign(handle, src_addr, src_size, dst_addr, dst_size);
665 rc=handle->DS_verify(handle, src_addr, src_size, dst_addr, *dst_size, &result);
672 case TEE_ALG_GENERATE_SECRET_KEY:
676 case TEE_ALG_GENERATE_RSA_KEY:
681 LOGE(SSF_LIB, "Not Support Algorithm : %X", operation->info.algorithm);
685 if(src_size && dst_size) {CRYPTO_INTERNAL_LOG("rc=%d src_size=%d dst_size=%d", rc, src_size, *dst_size);}
686 else {CRYPTO_INTERNAL_LOG("rc=%d", rc);}
690 static int sw_crypto_open(crypto_internal_operation *operation)
694 switch(operation->info.algorithm)
696 /* TEE_OPERATION_CIPHER */
697 case TEE_ALG_AES_ECB_NOPAD:
698 case TEE_ALG_AES_CBC_NOPAD:
699 case TEE_ALG_AES_CTR:
700 case TEE_ALG_AES_CTR_NOPAD:
701 case TEE_ALG_AES_ECB_PKCS5:
702 case TEE_ALG_AES_ECB_PKCS7:
703 case TEE_ALG_AES_ECB_ISO9797_M1:
704 case TEE_ALG_AES_ECB_ISO9797_M2:
705 case TEE_ALG_AES_CBC_PKCS5:
706 case TEE_ALG_AES_CBC_PKCS7:
707 case TEE_ALG_AES_CBC_ISO9797_M1:
708 case TEE_ALG_AES_CBC_ISO9797_M2:
709 if (operation->info.keySize== 128) {
712 else if (operation->info.keySize== 192) {
715 else if (operation->info.keySize== 256) {
722 case TEE_ALG_AES_XTS:
723 case TEE_ALG_AES_CTS:
726 case TEE_ALG_DES_ECB_NOPAD:
727 case TEE_ALG_DES_CBC_NOPAD:
730 case TEE_ALG_DES3_ECB_NOPAD:
731 case TEE_ALG_DES3_CBC_NOPAD:
735 /* TEE_OPERATION_MAC */
736 case TEE_ALG_AES_CBC_MAC_NOPAD:
737 case TEE_ALG_AES_CBC_MAC_PKCS5:
738 case TEE_ALG_AES_CMAC:
739 case TEE_ALG_DES_CBC_MAC_NOPAD:
740 case TEE_ALG_DES_CBC_MAC_PKCS5:
741 case TEE_ALG_DES3_CBC_MAC_NOPAD:
742 case TEE_ALG_DES3_CBC_MAC_PKCS5:
745 case TEE_ALG_HMAC_MD5:
748 case TEE_ALG_HMAC_SHA1:
751 case TEE_ALG_HMAC_SHA224:
754 case TEE_ALG_HMAC_SHA256:
757 case TEE_ALG_HMAC_SHA384:
760 case TEE_ALG_HMAC_SHA512:
764 /* TEE_OPERATION_AE */
765 case TEE_ALG_AES_CCM:
766 case TEE_ALG_AES_GCM:
770 /* TEE_OPERATION_DIGEST */
790 /* TEE_OPERATION_ASYMMETRIC_CIPHER */
791 case TEE_ALG_RSA_NOPAD:
792 case TEE_ALG_RSAES_PKCS1_V1_5:
793 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
794 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
795 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
796 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
797 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
798 if (operation->info.keySize== 512) {
801 else if (operation->info.keySize== 1024) {
804 else if (operation->info.keySize== 2048) {
807 else if (operation->info.keySize== 3072) {
810 else if (operation->info.keySize== 4096) {
818 /* TEE_OPERATION_ASYMMETRIC_SIGNATURE */
819 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
820 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
821 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
822 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
823 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
824 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
825 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
826 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
827 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
828 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
829 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
830 if (operation->info.keySize== 512) {
833 else if (operation->info.keySize== 1024) {
836 else if (operation->info.keySize== 2048) {
839 else if (operation->info.keySize== 3072) {
842 else if (operation->info.keySize== 4096) {
850 case TEE_ALG_DSA_SHA1:
854 case TEE_ALG_ECDSA_P160:
855 case TEE_ALG_ECDSA_P192:
856 case TEE_ALG_ECDSA_P224:
857 case TEE_ALG_ECDSA_P256:
858 case TEE_ALG_ECDSA_P384:
859 case TEE_ALG_ECDSA_P521:
863 /* TEE_OPERATION_KEY_DERIVATION */
864 case TEE_ALG_DH_DERIVE_SHARED_SECRET:
868 case TEE_ALG_ECDH_P192:
869 case TEE_ALG_ECDH_P224:
870 case TEE_ALG_ECDH_P256:
871 case TEE_ALG_ECDH_P384:
872 case TEE_ALG_ECDH_P521:
876 case TEE_ALG_GENERATE_SECRET_KEY:
880 case TEE_ALG_GENERATE_RSA_KEY:
881 if (operation->info.keySize== 512) {
884 else if (operation->info.keySize== 1024) {
887 else if (operation->info.keySize== 2048) {
890 else if (operation->info.keySize== 3072) {
893 else if (operation->info.keySize== 4096) {
902 LOGE(SSF_LIB, "Not Support Algorithm : %X ", operation->info.algorithm);
907 operation->crypto = (void*)create_CryptoCoreContainer(alg);
909 if(operation->crypto == NULL) {
918 static int sw_crypto_close(crypto_internal_operation *operation)
921 if(operation->crypto) {
922 destroy_CryptoCoreContainer((CryptoCoreContainer*)operation->crypto);
924 operation->crypto = NULL;
928 int crypto_internal_open(crypto_internal_operation *operation)
930 if (operation->info.algorithm == TEE_ALG_AES_GCM) {
931 return ossl_crypto_open(operation);
933 return sw_crypto_open(operation);
937 int crypto_internal_close(crypto_internal_operation *operation)
939 if (operation->info.algorithm == TEE_ALG_AES_GCM) {
940 ossl_crypto_close(operation);
943 return sw_crypto_close(operation);
947 int crypto_internal_init(crypto_internal_operation *operation, crypto_internal_keystruct *key, unsigned char *ivec, size_t ivec_len)
949 return sw_crypto_ioctl_init(operation, key, ivec, ivec_len);
952 int crypto_internal_update(crypto_internal_operation *operation, unsigned char *src_data, size_t src_len, unsigned char *dst_data, size_t *dst_len)
954 unsigned char* in_data=NULL;
955 unsigned char* out_data=NULL;
956 unsigned int in_size=0;
957 unsigned int out_size=0;
959 unsigned int processing_len=0;
960 unsigned int total_processing_len=0;
961 int (*crypto_update_engine)(crypto_internal_operation *, unsigned char *, unsigned int, unsigned char *, unsigned int*);
963 crypto_update_engine=sw_crypto_ioctl_update;
966 in_data=(unsigned char*)src_data;
969 out_data=(unsigned char*)dst_data;
972 in_size=(unsigned int)src_len;
975 out_size=(unsigned int)*dst_len;
978 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
979 CRYPTO_INTERNAL_LOG("in_size=%d out_size=%d op->data_len=%d, processed=%d", in_size, out_size, operation->data_len, total_processing_len);
981 if(operation->info.operationClass == TEE_OPERATION_CIPHER)
983 if (operation->data_len != 0)
985 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
989 num = (size_t)(operation->block_len - operation->data_len);
992 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
994 memcpy(operation->data + operation->data_len, in_data, num);
996 operation->data_len += num;
998 in_data = (unsigned char*)((unsigned long)in_data + num);
1000 /* accumulated data is full */
1001 if (operation->data_len == operation->block_len)
1003 processing_len = out_size;
1004 if (crypto_update_engine(operation, operation->data, operation->data_len, out_data, &processing_len)) {
1007 total_processing_len += processing_len;
1008 out_size -= processing_len;
1009 out_data = (unsigned char*)((unsigned long) out_data + processing_len);
1010 operation->data_len = 0;
1013 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
1018 size_t should_be_processed_of_bytes = (size_t)in_size/operation->block_len*operation->block_len;
1019 size_t remaining_number_of_bytes = in_size-should_be_processed_of_bytes;
1021 CRYPTO_INTERNAL_LOG("should_be_processed_of_bytes=%zd remaining_number_of_bytes=%zd processed=%d", should_be_processed_of_bytes, remaining_number_of_bytes, total_processing_len);
1022 if (should_be_processed_of_bytes != 0)
1024 processing_len = out_size-total_processing_len;
1025 if (crypto_update_engine(operation, in_data, should_be_processed_of_bytes, out_data, &processing_len)) {
1028 total_processing_len += processing_len;
1029 in_size -= processing_len;
1030 in_data = (unsigned char*)((unsigned long) in_data + processing_len);
1033 if(remaining_number_of_bytes != 0) {
1034 memcpy(operation->data, in_data, remaining_number_of_bytes);
1035 operation->data_len = remaining_number_of_bytes;
1039 else if(operation->info.operationClass == TEE_OPERATION_MAC || operation->info.operationClass == TEE_OPERATION_DIGEST)
1041 if (operation->data_len != 0)
1043 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
1047 num = (size_t)(operation->block_len - operation->data_len);
1050 CRYPTO_INTERNAL_LOG("num=%d in_size=%d processed=%d", num, in_size, total_processing_len);
1052 memcpy(operation->data + operation->data_len, in_data, num);
1054 operation->data_len += num;
1056 in_data = (unsigned char*)((unsigned long)in_data + num);
1058 /* accumulated data is full */
1059 if (operation->data_len == operation->block_len)
1061 if (crypto_update_engine(operation, operation->data, operation->data_len, NULL, NULL)) {
1064 operation->data_len = 0;
1067 total_processing_len += num;
1069 CRYPTO_INTERNAL_LOG("num=%d in_size=%d processed=%d", num, in_size, total_processing_len);
1074 size_t should_be_processed_of_bytes = (size_t)in_size/operation->block_len*operation->block_len;
1075 size_t remaining_number_of_bytes = in_size-should_be_processed_of_bytes;
1077 CRYPTO_INTERNAL_LOG("should_be_processed_of_bytes=%zd remaining_number_of_bytes=%zd processed=%d", should_be_processed_of_bytes, remaining_number_of_bytes, total_processing_len);
1078 if (should_be_processed_of_bytes != 0)
1080 if (crypto_update_engine(operation, in_data, should_be_processed_of_bytes, NULL, NULL)) {
1083 total_processing_len += should_be_processed_of_bytes;
1084 in_size -= should_be_processed_of_bytes;
1085 in_data = (unsigned char*)((unsigned long) in_data + should_be_processed_of_bytes);
1088 if(remaining_number_of_bytes != 0) {
1089 memcpy(operation->data, in_data, remaining_number_of_bytes);
1090 total_processing_len += remaining_number_of_bytes;
1091 operation->data_len = remaining_number_of_bytes;
1092 in_size -= remaining_number_of_bytes;
1098 if(crypto_update_engine(operation, in_data, in_size, out_data, &out_size)) {
1103 CRYPTO_INTERNAL_LOG("in_size=%d processed=%d", in_size, total_processing_len);
1104 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1105 if(operation->info.operationClass == TEE_OPERATION_CIPHER && dst_len) {
1106 *dst_len = total_processing_len;
1113 int crypto_internal_final(crypto_internal_operation *operation, unsigned char *src_data, size_t src_len, unsigned char *dst_data, size_t *dst_len)
1115 unsigned char* in_data=NULL;
1116 unsigned char* out_data=NULL;
1117 unsigned int in_size=0;
1118 unsigned int out_size=0;
1120 unsigned int processing_len=0;
1121 unsigned int total_processing_len=0;
1122 int (*crypto_update_engine)(crypto_internal_operation *, unsigned char *, unsigned int, unsigned char *, unsigned int*);
1123 int (*crypto_final_engine)(crypto_internal_operation *, unsigned char *, unsigned int, unsigned char *, unsigned int*);
1125 crypto_update_engine=sw_crypto_ioctl_update;
1126 crypto_final_engine=sw_crypto_ioctl_final;
1129 in_data=(unsigned char*)src_data;
1132 out_data=(unsigned char*)dst_data;
1135 in_size=(unsigned int)src_len;
1138 out_size=(unsigned int)*dst_len;
1141 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1142 CRYPTO_INTERNAL_LOG("in_size=%d out_size=%d op->data_len=%d processed=%d", in_size, out_size, operation->data_len, total_processing_len);
1144 if(operation->info.operationClass == TEE_OPERATION_CIPHER)
1146 if (operation->data_len != 0)
1148 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
1152 num = (size_t)(operation->block_len - operation->data_len);
1155 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
1157 memcpy(operation->data + operation->data_len, in_data, num);
1159 operation->data_len += num;
1161 in_data = (unsigned char*)((unsigned long)in_data + num);
1163 /* accumulated data is full */
1164 if (operation->data_len == operation->block_len)
1166 processing_len = out_size;
1167 if (crypto_update_engine(operation, operation->data, operation->data_len, out_data, &processing_len)) {
1170 total_processing_len += processing_len;
1171 out_size -= processing_len;
1172 out_data = (unsigned char*)((unsigned long) out_data + processing_len);
1173 operation->data_len = 0;
1177 if (in_size == 0 && operation->data_len != 0) {
1178 in_size = operation->data_len;
1179 in_data = operation->data;
1180 operation->data_len = 0;
1182 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
1185 // process remaining data
1187 size_t should_be_processed_of_bytes = (size_t)in_size/operation->block_len*operation->block_len;
1188 size_t remaining_number_of_bytes = in_size-should_be_processed_of_bytes;
1190 CRYPTO_INTERNAL_LOG("should_be_processed_of_bytes=%zd remaining_number_of_bytes=%zd processed=%d", should_be_processed_of_bytes, remaining_number_of_bytes, total_processing_len);
1191 if (should_be_processed_of_bytes != 0)
1193 processing_len = out_size-total_processing_len;
1194 if (crypto_update_engine(operation, in_data, should_be_processed_of_bytes, out_data, &processing_len)) {
1197 total_processing_len += processing_len;
1198 in_size -= processing_len;
1199 in_data = (unsigned char*)((unsigned long) in_data + processing_len);
1200 out_data = (unsigned char*)((unsigned long) out_data + processing_len);
1203 if(operation->info.mode==TEE_MODE_ENCRYPT)
1205 unsigned int pad_byte;
1206 size_t should_be_processed_of_pad_bytes = 0;
1209 if (operation->info.algorithm==TEE_ALG_AES_ECB_NOPAD ||operation->info.algorithm==TEE_ALG_AES_CBC_NOPAD||
1210 operation->info.algorithm==TEE_ALG_DES_ECB_NOPAD ||operation->info.algorithm==TEE_ALG_DES_CBC_NOPAD||
1211 operation->info.algorithm==TEE_ALG_DES3_ECB_NOPAD || operation->info.algorithm==TEE_ALG_DES3_CBC_NOPAD)
1213 CRYPTO_INTERNAL_LOG("ENC NOPAD : Ignore remaining_number_of_bytes=%zd !!", remaining_number_of_bytes);
1217 memcpy(operation->data, in_data, remaining_number_of_bytes);
1218 operation->data_len += remaining_number_of_bytes;
1220 if (dst_len && *dst_len < total_processing_len+operation->block_len) {
1221 return TEE_ERROR_SHORT_BUFFER;
1224 pad_byte = operation->block_len - remaining_number_of_bytes;
1226 if (operation->info.algorithm==TEE_ALG_AES_ECB_PKCS5 ||operation->info.algorithm==TEE_ALG_AES_ECB_PKCS7 ||
1227 operation->info.algorithm==TEE_ALG_AES_CBC_PKCS5 ||operation->info.algorithm==TEE_ALG_AES_CBC_PKCS7)
1229 should_be_processed_of_pad_bytes = operation->block_len;
1231 memset(operation->data + operation->data_len, pad_byte, pad_byte);
1232 CRYPTO_INTERNAL_LOG("ENC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1233 CRYPTO_INTERNAL_LOG("ENC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1235 else if(operation->info.algorithm==TEE_ALG_AES_ECB_ISO9797_M1 ||operation->info.algorithm==TEE_ALG_AES_CBC_ISO9797_M1)
1237 if(pad_byte != 0 && (operation->block_len != pad_byte))
1239 should_be_processed_of_pad_bytes = operation->block_len;
1241 memset(operation->data + operation->data_len, 0x00, pad_byte);
1242 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1243 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1247 should_be_processed_of_pad_bytes = 0;
1250 else if (operation->info.algorithm==TEE_ALG_AES_ECB_ISO9797_M2 || operation->info.algorithm==TEE_ALG_AES_CBC_ISO9797_M2)
1252 should_be_processed_of_pad_bytes = operation->block_len;
1254 memset(operation->data + operation->data_len, 0x00, pad_byte);
1255 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1256 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1258 operation->data[operation->data_len] = 0x80;
1259 CRYPTO_INTERNAL_LOG("ENC ISO9797 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1260 CRYPTO_INTERNAL_LOG("ENC ISO9797 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1262 else if(operation->info.algorithm==TEE_ALG_AES_CTR || operation->info.algorithm==TEE_ALG_AES_CTR_NOPAD)
1264 should_be_processed_of_pad_bytes = remaining_number_of_bytes;
1267 if (crypto_final_engine(operation, operation->data, should_be_processed_of_pad_bytes, out_data, &processing_len)) {
1271 total_processing_len += processing_len;
1273 else if(operation->info.mode==TEE_MODE_DECRYPT) {
1274 unsigned char * pad = out_data;
1275 unsigned int npad=0;
1277 if (operation->info.algorithm==TEE_ALG_AES_ECB_NOPAD || operation->info.algorithm==TEE_ALG_AES_CBC_NOPAD||
1278 operation->info.algorithm==TEE_ALG_DES_ECB_NOPAD || operation->info.algorithm==TEE_ALG_DES_CBC_NOPAD||
1279 operation->info.algorithm==TEE_ALG_DES3_ECB_NOPAD || operation->info.algorithm==TEE_ALG_DES3_CBC_NOPAD)
1281 CRYPTO_INTERNAL_LOG("DEC NOPAD : Ignore remaining_number_of_bytes=%zd !!", remaining_number_of_bytes);
1286 operation->info.algorithm==TEE_ALG_AES_ECB_PKCS5 ||operation->info.algorithm==TEE_ALG_AES_ECB_PKCS7 ||
1287 operation->info.algorithm==TEE_ALG_AES_CBC_PKCS5 ||operation->info.algorithm==TEE_ALG_AES_CBC_PKCS7)
1289 memcpy(operation->data, pad-operation->block_len, operation->block_len);
1290 CRYPTO_INTERNAL_LOG("DEC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1291 CRYPTO_INTERNAL_LOG("DEC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1296 if (npad <= operation->block_len) // can't be more than block length
1300 for(i = 0; i < npad; i++, pad--) {
1308 total_processing_len -= npad; // padding OK. Othewise padding will not be removed
1312 else if(operation->info.algorithm==TEE_ALG_AES_ECB_ISO9797_M1 ||operation->info.algorithm==TEE_ALG_AES_CBC_ISO9797_M1)
1314 CRYPTO_INTERNAL_LOG("DEC ISO9797 M1 : Ignore remaining_number_of_bytes=%zd !!", remaining_number_of_bytes);
1317 else if (operation->info.algorithm==TEE_ALG_AES_ECB_ISO9797_M2 || operation->info.algorithm==TEE_ALG_AES_CBC_ISO9797_M2)
1319 memcpy(operation->data, pad-operation->block_len, operation->block_len);
1320 CRYPTO_INTERNAL_LOG("DEC ISO9797 M2 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1321 CRYPTO_INTERNAL_LOG("DEC ISO9797 M2 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1326 if (*pad==0x00) // remove 0s
1327 for(; npad < operation->block_len-1 && *pad==0x00; npad++,pad--);
1329 if (*pad==0x80) { // correct M2 padding
1330 npad++; // remove 1st PAD byte 0x80
1332 else { // M2 padding error
1333 npad = 0; // don't remove any padding
1336 total_processing_len -= npad;
1338 else if(operation->info.algorithm==TEE_ALG_AES_CTR || operation->info.algorithm==TEE_ALG_AES_CTR_NOPAD)
1340 memcpy(operation->data, in_data, remaining_number_of_bytes);
1341 operation->data_len += remaining_number_of_bytes;
1343 if (crypto_final_engine(operation, operation->data, remaining_number_of_bytes, out_data, &processing_len)) {
1346 total_processing_len += remaining_number_of_bytes;
1355 else if(operation->info.operationClass == TEE_OPERATION_MAC || operation->info.operationClass == TEE_OPERATION_DIGEST)
1357 if (operation->data_len != 0)
1359 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
1363 num = (size_t)(operation->block_len - operation->data_len);
1366 CRYPTO_INTERNAL_LOG("num=%d in_size=%d processed=%d", num, in_size, total_processing_len);
1368 memcpy(operation->data + operation->data_len, in_data, num);
1370 operation->data_len += num;
1372 in_data = (unsigned char*)((unsigned long)in_data + num);
1374 /* accumulated data is full */
1375 if (operation->data_len == operation->block_len)
1377 if (crypto_update_engine(operation, operation->data, operation->data_len, NULL, NULL)) {
1380 operation->data_len = 0;
1384 if (in_size == 0 && operation->data_len != 0) {
1385 in_size = operation->data_len;
1386 in_data = operation->data;
1387 operation->data_len = 0;
1389 CRYPTO_INTERNAL_LOG("num=%d in_size=%d op->data_len=%d", num, in_size, operation->data_len);
1394 if(crypto_final_engine(operation, in_data, in_size, out_data, &out_size)) {
1397 total_processing_len += in_size;
1402 if(crypto_final_engine(operation, in_data, in_size, out_data, &out_size)) {
1405 total_processing_len += in_size;
1408 CRYPTO_INTERNAL_LOG("in_size=%d out_size=%d processed=%d", in_size, out_size, total_processing_len);
1409 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1410 if(operation->info.operationClass == TEE_OPERATION_CIPHER && dst_len) {
1411 *dst_len = total_processing_len;
1413 else if(operation->info.operationClass == TEE_OPERATION_MAC && dst_len) {
1414 *dst_len = out_size;
1416 else if(operation->info.operationClass == TEE_OPERATION_AE && dst_len) {
1417 *dst_len = total_processing_len;
1419 else if(operation->info.operationClass == TEE_OPERATION_DIGEST && dst_len) {
1420 *dst_len = out_size;
1422 else if(operation->info.operationClass == TEE_OPERATION_ASYMMETRIC_CIPHER && dst_len) {
1423 *dst_len = out_size;
1425 else if(operation->info.operationClass == TEE_OPERATION_ASYMMETRIC_SIGNATURE && dst_len) {
1426 *dst_len = out_size;
1430 LOGE(SSF_LIB, "THIS HERE!!!");
1431 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1436 void TEE_DigestInit(TEE_OperationHandle operation);
1438 TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, uint32_t algorithm, uint32_t mode, uint32_t maxKeySize)
1440 PERMISSION_CHECK(PERM_CRYPTO);
1441 crypto_internal_operation * op;
1442 TEE_Result rc=TEE_SUCCESS;
1443 uint32_t alg_class = 0;
1444 uint32_t key_object_type = 0;
1445 uint32_t digest_len = 0;
1446 uint32_t block_len = 0;
1447 TEE_ObjectHandle key1 = TEE_HANDLE_NULL;
1448 TEE_ObjectHandle key2 = TEE_HANDLE_NULL;
1450 // check parameters compatibility
1453 /* Algorithm Class is SYMMETRIC CIPHER */
1454 case TEE_ALG_AES_ECB_NOPAD:
1455 case TEE_ALG_AES_CBC_NOPAD:
1456 case TEE_ALG_AES_CTR:
1457 case TEE_ALG_AES_CTR_NOPAD:
1458 case TEE_ALG_AES_ECB_PKCS5:
1459 case TEE_ALG_AES_ECB_PKCS7:
1460 case TEE_ALG_AES_ECB_ISO9797_M1:
1461 case TEE_ALG_AES_ECB_ISO9797_M2:
1462 case TEE_ALG_AES_CBC_PKCS5:
1463 case TEE_ALG_AES_CBC_PKCS7:
1464 case TEE_ALG_AES_CBC_ISO9797_M1:
1465 case TEE_ALG_AES_CBC_ISO9797_M2:
1466 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1467 return TEE_ERROR_NOT_SUPPORTED;
1470 alg_class = TEE_OPERATION_CIPHER;
1471 key_object_type = TEE_TYPE_AES;
1476 case TEE_ALG_AES_XTS:
1477 case TEE_ALG_AES_CTS:
1478 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1479 return TEE_ERROR_NOT_SUPPORTED;
1482 alg_class = TEE_OPERATION_CIPHER;
1483 key_object_type = TEE_TYPE_AES;
1484 block_len = 32; // for CTS & XTS need 2 AES blocks
1488 case TEE_ALG_DES_ECB_NOPAD:
1489 case TEE_ALG_DES_CBC_NOPAD:
1491 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1492 return TEE_ERROR_NOT_SUPPORTED;
1495 alg_class = TEE_OPERATION_CIPHER;
1496 key_object_type = TEE_TYPE_DES;
1501 case TEE_ALG_DES3_ECB_NOPAD:
1502 case TEE_ALG_DES3_CBC_NOPAD:
1503 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1504 return TEE_ERROR_NOT_SUPPORTED;
1507 alg_class = TEE_OPERATION_CIPHER;
1508 key_object_type = TEE_TYPE_DES3;
1513 /* Algorithm Class is AE */
1514 case TEE_ALG_AES_CCM:
1515 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1516 return TEE_ERROR_NOT_SUPPORTED;
1519 alg_class = TEE_OPERATION_AE;
1520 key_object_type = TEE_TYPE_AES;
1525 case TEE_ALG_AES_GCM:
1526 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1527 return TEE_ERROR_NOT_SUPPORTED;
1530 alg_class = TEE_OPERATION_AE;
1531 key_object_type = TEE_TYPE_AES;
1536 /* Algorithm Class is MAC */
1537 case TEE_ALG_AES_CBC_MAC_NOPAD:
1538 case TEE_ALG_AES_CBC_MAC_PKCS5:
1539 case TEE_ALG_AES_CMAC:
1540 if (mode != TEE_MODE_MAC) {
1541 return TEE_ERROR_NOT_SUPPORTED;
1544 alg_class = TEE_OPERATION_MAC;
1545 key_object_type = TEE_TYPE_AES;
1550 case TEE_ALG_DES_CBC_MAC_NOPAD:
1551 case TEE_ALG_DES_CBC_MAC_PKCS5:
1552 if (mode != TEE_MODE_MAC) {
1553 return TEE_ERROR_NOT_SUPPORTED;
1556 alg_class = TEE_OPERATION_MAC;
1557 key_object_type = TEE_TYPE_DES;
1562 case TEE_ALG_DES3_CBC_MAC_NOPAD:
1563 case TEE_ALG_DES3_CBC_MAC_PKCS5:
1564 if (mode != TEE_MODE_MAC) {
1565 return TEE_ERROR_NOT_SUPPORTED;
1568 alg_class = TEE_OPERATION_MAC;
1569 key_object_type = TEE_TYPE_DES3;
1574 case TEE_ALG_HMAC_MD5:
1575 if (mode != TEE_MODE_MAC) {
1576 return TEE_ERROR_NOT_SUPPORTED;
1579 alg_class = TEE_OPERATION_MAC;
1580 key_object_type = TEE_TYPE_HMAC_MD5;
1585 case TEE_ALG_HMAC_SHA1:
1586 if (mode != TEE_MODE_MAC) {
1587 return TEE_ERROR_NOT_SUPPORTED;
1590 alg_class = TEE_OPERATION_MAC;
1591 key_object_type = TEE_TYPE_HMAC_SHA1;
1596 case TEE_ALG_HMAC_SHA224:
1597 if (mode != TEE_MODE_MAC) {
1598 return TEE_ERROR_NOT_SUPPORTED;
1601 alg_class = TEE_OPERATION_MAC;
1602 key_object_type = TEE_TYPE_HMAC_SHA224;
1607 case TEE_ALG_HMAC_SHA256:
1608 if (mode != TEE_MODE_MAC) {
1609 return TEE_ERROR_NOT_SUPPORTED;
1612 alg_class = TEE_OPERATION_MAC;
1613 key_object_type = TEE_TYPE_HMAC_SHA256;
1618 case TEE_ALG_HMAC_SHA384:
1619 if (mode != TEE_MODE_MAC) {
1620 return TEE_ERROR_NOT_SUPPORTED;
1623 alg_class = TEE_OPERATION_MAC;
1624 key_object_type = TEE_TYPE_HMAC_SHA384;
1629 case TEE_ALG_HMAC_SHA512:
1630 if (mode != TEE_MODE_MAC) {
1631 return TEE_ERROR_NOT_SUPPORTED;
1634 alg_class = TEE_OPERATION_MAC;
1635 key_object_type = TEE_TYPE_HMAC_SHA512;
1640 /* Algorithm Class is DIGIT */
1642 if (mode != TEE_MODE_DIGEST) {
1643 return TEE_ERROR_NOT_SUPPORTED;
1646 alg_class = TEE_OPERATION_DIGEST;
1647 key_object_type = 0;
1653 if (mode != TEE_MODE_DIGEST) {
1654 return TEE_ERROR_NOT_SUPPORTED;
1657 alg_class = TEE_OPERATION_DIGEST;
1658 key_object_type = 0;
1663 case TEE_ALG_SHA224:
1664 if (mode != TEE_MODE_DIGEST) {
1665 return TEE_ERROR_NOT_SUPPORTED;
1668 alg_class = TEE_OPERATION_DIGEST;
1669 key_object_type = 0;
1674 case TEE_ALG_SHA256:
1675 if (mode != TEE_MODE_DIGEST) {
1676 return TEE_ERROR_NOT_SUPPORTED;
1679 alg_class = TEE_OPERATION_DIGEST;
1680 key_object_type = 0;
1685 case TEE_ALG_SHA384:
1686 if (mode != TEE_MODE_DIGEST) {
1687 return TEE_ERROR_NOT_SUPPORTED;
1690 alg_class = TEE_OPERATION_DIGEST;
1691 key_object_type = 0;
1696 case TEE_ALG_SHA512:
1697 if (mode != TEE_MODE_DIGEST) {
1698 return TEE_ERROR_NOT_SUPPORTED;
1701 alg_class = TEE_OPERATION_DIGEST;
1702 key_object_type = 0;
1707 /* Algorithm Class is ASYMMETRIC CIPHER */
1708 case TEE_ALG_RSAES_PKCS1_V1_5:
1709 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
1710 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
1711 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
1712 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
1713 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
1714 case TEE_ALG_RSA_NOPAD:
1715 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1716 return TEE_ERROR_NOT_SUPPORTED;
1719 alg_class = TEE_OPERATION_ASYMMETRIC_CIPHER;
1720 key_object_type = TEE_TYPE_RSA_KEYPAIR;
1725 /* Algorithm Class is SIGNATURE */
1726 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
1727 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
1728 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
1729 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
1730 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
1731 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
1732 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
1733 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
1734 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
1735 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
1736 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
1737 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1738 return TEE_ERROR_NOT_SUPPORTED;
1741 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1742 key_object_type = TEE_TYPE_RSA_KEYPAIR;
1745 case TEE_ALG_ECDSA_P160:
1746 case TEE_ALG_ECDSA_P192:
1747 case TEE_ALG_ECDSA_P224:
1748 case TEE_ALG_ECDSA_P256:
1749 case TEE_ALG_ECDSA_P384:
1750 case TEE_ALG_ECDSA_P521:
1751 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1752 return TEE_ERROR_NOT_SUPPORTED;
1755 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1756 key_object_type = TEE_TYPE_RSA_KEYPAIR;
1759 case TEE_ALG_DSA_SHA1:
1760 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1761 return TEE_ERROR_NOT_SUPPORTED;
1764 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1765 key_object_type = TEE_TYPE_DSA_KEYPAIR;
1768 case TEE_ALG_ECDH_P192:
1769 case TEE_ALG_ECDH_P224:
1770 case TEE_ALG_ECDH_P256:
1771 case TEE_ALG_ECDH_P384:
1772 case TEE_ALG_ECDH_P521:
1773 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1774 return TEE_ERROR_NOT_SUPPORTED;
1777 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1778 key_object_type = TEE_TYPE_ECDH_KEYPAIR;
1781 /* Algorithm Class is KEY DERIVATION */
1782 case TEE_ALG_DH_DERIVE_SHARED_SECRET:
1783 if (mode != TEE_MODE_DERIVE) {
1784 return TEE_ERROR_NOT_SUPPORTED;
1787 alg_class = TEE_OPERATION_KEY_DERIVATION;
1788 key_object_type = TEE_TYPE_DH_KEYPAIR;
1792 LOGE(SSF_LIB, "Not Support Algorithm : %X", algorithm);
1793 rc = TEE_ERROR_NOT_SUPPORTED;
1798 /* first malloc for crypto operation */
1799 op = (crypto_internal_operation *)malloc(sizeof (crypto_internal_operation));
1801 rc = TEE_ERROR_OUT_OF_MEMORY;
1805 memset(op, 0, sizeof (crypto_internal_operation));
1807 /* Set TEE_OperationInfo */
1808 op->info.algorithm = algorithm;
1809 op->info.operationClass = alg_class;
1810 op->info.mode = mode;
1811 op->info.digestLength = digest_len;
1812 op->info.maxKeySize = maxKeySize;
1813 op->info.keySize = maxKeySize;
1815 if (mode == TEE_MODE_ENCRYPT) {
1816 op->info.requiredKeyUsage |= TEE_USAGE_ENCRYPT;
1818 if (mode == TEE_MODE_DECRYPT) {
1819 op->info.requiredKeyUsage |= TEE_USAGE_DECRYPT;
1821 if (mode == TEE_MODE_MAC) {
1822 op->info.requiredKeyUsage |= TEE_USAGE_MAC;
1824 if (mode == TEE_MODE_DERIVE) {
1825 op->info.requiredKeyUsage |= TEE_USAGE_DERIVE;
1827 if (mode == TEE_MODE_SIGN) {
1828 op->info.requiredKeyUsage |= TEE_USAGE_SIGN;
1830 if (mode == TEE_MODE_VERIFY) {
1831 op->info.requiredKeyUsage |= TEE_USAGE_VERIFY;
1833 if (algorithm == TEE_ALG_RSA_NOPAD)
1835 if (mode == TEE_MODE_ENCRYPT) {
1836 op->info.requiredKeyUsage |= TEE_USAGE_VERIFY;
1838 else if (mode == TEE_MODE_DECRYPT) {
1839 op->info.requiredKeyUsage |= TEE_USAGE_SIGN;
1843 if (algorithm == TEE_ALG_AES_XTS) {
1844 op->info.handleState |= TEE_HANDLE_FLAG_EXPECT_TWO_KEYS;
1848 if (crypto_internal_open(op)!=0) {
1849 rc = TEE_ERROR_NOT_SUPPORTED;
1854 if (key_object_type) {
1855 if (TEE_AllocateTransientObject(key_object_type, maxKeySize, &key1) != TEE_SUCCESS) {
1856 rc = TEE_ERROR_OUT_OF_MEMORY;
1861 /* key2 alloc for XTS */
1862 if (algorithm == TEE_ALG_AES_XTS) {
1863 if (TEE_AllocateTransientObject(key_object_type, maxKeySize, &key2) != TEE_SUCCESS) {
1864 rc = TEE_ERROR_OUT_OF_MEMORY;
1869 /* key map for crypto operation */
1872 op->block_len = block_len;
1874 *operation = (TEE_OperationHandle)op;
1876 if (alg_class == TEE_OPERATION_DIGEST) {
1877 TEE_DigestInit(*operation);
1883 crypto_internal_close(op);
1885 TEE_CloseObject(key1);
1888 TEE_CloseObject(key2);
1894 *operation = TEE_HANDLE_NULL;
1895 LOGE(SSF_LIB, "Error : %X", rc);
1899 void TEE_FreeOperation(TEE_OperationHandle operation)
1901 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
1903 crypto_internal_operation * op;
1905 if (operation == TEE_HANDLE_NULL) {
1908 op = (crypto_internal_operation*)operation;
1910 TEE_CloseObject(op->key1);
1913 TEE_CloseObject(op->key2);
1915 crypto_internal_close(op);
1920 void TEE_GetOperationInfo( TEE_OperationHandle operation, TEE_OperationInfo* operationInfo)
1922 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
1924 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1926 operationInfo->algorithm = op->info.algorithm;
1927 operationInfo->digestLength = op->info.digestLength;
1928 operationInfo->handleState = op->info.handleState;
1929 operationInfo->keySize = op->info.keySize;
1930 operationInfo->maxKeySize = op->info.maxKeySize;
1931 operationInfo->mode = op->info.mode;
1932 operationInfo->operationClass = op->info.operationClass;
1933 operationInfo->requiredKeyUsage = op->info.requiredKeyUsage;
1936 void TEE_ResetOperation( TEE_OperationHandle operation)
1938 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
1940 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1941 op->info.handleState &= ~TEE_HANDLE_FLAG_INITIALIZED;
1945 TEE_Result TEE_SetOperationKey( TEE_OperationHandle operation, TEE_ObjectHandle key)
1947 PERMISSION_CHECK(PERM_CRYPTO);
1949 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1950 if (!op || op->info.operationClass == TEE_OPERATION_DIGEST || op->info.algorithm == TEE_ALG_AES_XTS)
1952 LOGE(SSF_LIB, "op->info.operationClass == TEE_OPERATION_DIGEST\n");
1953 return TEE_ERROR_BAD_PARAMETERS;
1957 if (key == TEE_HANDLE_NULL)
1959 TEE_CloseObject(op->key1);
1960 op->key1 = TEE_HANDLE_NULL;
1964 if ((key->tr.info.objectUsage | ~(op->info.requiredKeyUsage)) != 0xffffffff)
1966 LOGE(SSF_LIB, "(key->tr.info.objectUsage | ~(op->info.requiredKeyUsage)) != 0xffffffff\n");
1967 return TEE_ERROR_BAD_PARAMETERS;
1971 TEE_CopyObjectAttributes(op->key1, key);
1973 op->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
1977 TEE_Result TEE_SetOperationKey2( TEE_OperationHandle operation, TEE_ObjectHandle key1, TEE_ObjectHandle key2)
1979 PERMISSION_CHECK(PERM_CRYPTO);
1981 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1983 if ( (key1 && !key2) || (!key1 && key2)) {
1986 if (!op || op->info.algorithm != TEE_ALG_AES_XTS) {
1992 TEE_CloseObject(op->key1);
1993 TEE_CloseObject(op->key2);
1994 op->key1 = TEE_HANDLE_NULL;
1995 op->key2 = TEE_HANDLE_NULL;
1999 if (key1 && (key1->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
2002 if (key2 && (key2->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
2007 TEE_CopyObjectAttributes(op->key1, key1);
2011 TEE_CopyObjectAttributes(op->key2, key2);
2014 op->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
2019 void TEE_CopyOperation( TEE_OperationHandle dstOperation, TEE_OperationHandle srcOperation)
2021 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2023 crypto_internal_operation * dstOp = (crypto_internal_operation*) dstOperation;
2024 crypto_internal_operation * srcOp = (crypto_internal_operation*) srcOperation;
2026 if (dstOp->info.mode != srcOp->info.mode || dstOp->info.algorithm != srcOp->info.algorithm) {
2029 if (dstOp->info.maxKeySize < srcOp->info.maxKeySize) {
2033 dstOp->info.algorithm = srcOp->info.algorithm;
2034 dstOp->info.digestLength = srcOp->info.digestLength;
2035 dstOp->info.handleState = srcOp->info.handleState;
2036 dstOp->info.keySize = srcOp->info.keySize;
2037 dstOp->info.maxKeySize = srcOp->info.maxKeySize;
2038 dstOp->info.mode = srcOp->info.mode;
2039 dstOp->info.operationClass = srcOp->info.operationClass;
2040 dstOp->info.requiredKeyUsage = srcOp->info.requiredKeyUsage;
2043 TEE_CopyObjectAttributes(dstOp->key1, srcOp->key1);
2046 TEE_CopyObjectAttributes(dstOp->key2, srcOp->key2);
2048 if (srcOp->crypto) {
2049 if (crypto_internal_open(dstOp) != 0) {
2054 dstOp->crypto = NULL;
2059 // Message Digest Functions
2061 This is not GP Spec function. but I used this
2063 void TEE_DigestInit(TEE_OperationHandle operation)
2065 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2067 if (crypto_internal_init(op, NULL, NULL, 0)) {
2070 op->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
2071 op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED;
2075 void TEE_DigestUpdate( TEE_OperationHandle operation, const void* chunk, size_t chunkSize)
2077 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2078 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2080 if (!op || !chunk || !chunkSize) {
2083 if (op->info.operationClass != TEE_OPERATION_DIGEST) {
2086 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2087 TEE_DigestInit(operation);
2089 if (crypto_internal_update(op, (unsigned char*)chunk, chunkSize, NULL, NULL)) {
2095 TEE_Result TEE_DigestDoFinal( TEE_OperationHandle operation, const void* chunk, size_t chunkLen, void* hash, size_t *hashLen)
2097 PERMISSION_CHECK(PERM_CRYPTO);
2098 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2100 if (!hash || *hashLen < op->info.digestLength) {
2101 return TEE_ERROR_SHORT_BUFFER;
2103 if (op->info.operationClass != TEE_OPERATION_DIGEST) {
2106 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2107 TEE_DigestInit(operation);
2109 if(crypto_internal_final(op, (unsigned char*)chunk, chunkLen, (unsigned char*)hash, hashLen)) {
2115 // Symmetric Cipher Functions
2116 void TEE_CipherInit( TEE_OperationHandle operation, const void* IV, size_t IVLen)
2118 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2119 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2120 crypto_internal_keystruct key;
2121 unsigned char key_buf[32] = {0x0, };
2123 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2124 key.secret.size = sizeof(key_buf);
2125 key.secret.buffer = key_buf;
2127 if (op->info.operationClass != TEE_OPERATION_CIPHER) {
2130 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2133 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_SECRET_VALUE,
2134 (void*)key.secret.buffer, (size_t*)&key.secret.size) != TEE_SUCCESS) {
2137 if (!key.secret.buffer) {
2140 if (crypto_internal_init(op, &key, (unsigned char*)IV, IVLen)) {
2143 op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED;
2147 TEE_Result TEE_CipherUpdate( TEE_OperationHandle operation, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2149 PERMISSION_CHECK(PERM_CRYPTO);
2150 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2152 if (*destLen < srcLen) {
2153 return TEE_ERROR_SHORT_BUFFER;
2155 if (op->info.operationClass != TEE_OPERATION_CIPHER) {
2158 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2161 if (crypto_internal_update(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2167 TEE_Result TEE_CipherDoFinal( TEE_OperationHandle operation, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2169 PERMISSION_CHECK(PERM_CRYPTO);
2170 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2172 if (*destLen < srcLen) {
2173 return TEE_ERROR_SHORT_BUFFER;
2175 if (op->info.operationClass != TEE_OPERATION_CIPHER) {
2178 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2181 if (crypto_internal_final(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2188 void TEE_MACInit( TEE_OperationHandle operation, const void* IV, size_t IVLen)
2190 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2191 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2192 crypto_internal_keystruct key;
2193 unsigned char key_buf[128] = {0x0, };
2195 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2196 key.secret.size = sizeof(key_buf);
2197 key.secret.buffer = key_buf;
2199 if (op->info.operationClass != TEE_OPERATION_MAC) {
2202 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2205 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_SECRET_VALUE,
2206 (void*)key.secret.buffer, (size_t*)&key.secret.size) != TEE_SUCCESS) {
2209 if (!key.secret.buffer) {
2212 if (crypto_internal_init(op, &key, (unsigned char*)IV, IVLen)) {
2215 op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED;
2219 void TEE_MACUpdate( TEE_OperationHandle operation, const void* chunk, size_t chunkSize)
2221 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2222 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2224 if (!chunk || !chunkSize) {
2227 if (op->info.operationClass != TEE_OPERATION_MAC) {
2230 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2233 if (crypto_internal_update(op, (unsigned char*)chunk, chunkSize, NULL, NULL)) {
2239 TEE_Result TEE_MACComputeFinal( TEE_OperationHandle operation, const void* message, size_t messageLen, void* mac, size_t *macLen)
2241 PERMISSION_CHECK(PERM_CRYPTO);
2242 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2244 if (!mac || *macLen < op->info.digestLength) {
2245 return TEE_ERROR_SHORT_BUFFER;
2247 if (op->info.operationClass != TEE_OPERATION_MAC) {
2250 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2253 if(crypto_internal_final(op, (unsigned char*)message, messageLen, (unsigned char*)mac, macLen)) {
2259 TEE_Result TEE_MACCompareFinal( TEE_OperationHandle operation, void* message, size_t messageLen, void* mac, size_t *macLen)
2261 PERMISSION_CHECK(PERM_CRYPTO);
2262 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2264 size_t result_len = sizeof result;
2266 if (!mac || !macLen || *macLen != op->info.digestLength) {
2267 return TEE_ERROR_MAC_INVALID;
2269 if (TEE_MACComputeFinal(operation, (unsigned char*)message, messageLen, result, &result_len) != TEE_SUCCESS) {
2270 return TEE_ERROR_MAC_INVALID;
2272 if (memcmp(mac, result, *macLen)) {
2273 return TEE_ERROR_MAC_INVALID;
2279 // Authenticated Encryption Functions
2280 TEE_Result TEE_AEInit(TEE_OperationHandle operation, void* nonce, size_t nonceLen, uint32_t tagLen, uint32_t AADLen, uint32_t payloadLen)
2282 PERMISSION_CHECK(PERM_CRYPTO);
2284 crypto_internal_operation *op = (crypto_internal_operation*)operation;
2285 crypto_internal_keystruct key;
2286 unsigned char key_buf[32] = {0x0, };
2288 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2289 key.secret.size = sizeof(key_buf);
2290 key.secret.buffer = key_buf;
2293 if (op->info.operationClass != TEE_OPERATION_AE) {
2294 LOGE(SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2297 if (op->info.mode != TEE_MODE_ENCRYPT && op->info.mode != TEE_MODE_DECRYPT) {
2298 LOGE(SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2301 if (!(operation->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2302 LOGE(SSF_LIB, "Key not set in operation");
2306 if (nonce == NULL || nonceLen < 12) {
2307 LOGE(SSF_LIB, "Incorrect nonce provided");
2311 switch (op->info.algorithm) {
2312 case TEE_ALG_AES_GCM: {
2321 LOGE(SSF_LIB, "Incorrect tag length %u", tagLen);
2322 return TEE_ERROR_NOT_SUPPORTED;
2326 case TEE_ALG_AES_CCM: {
2336 LOGE(SSF_LIB, "Incorrect tag length %u", tagLen);
2337 return TEE_ERROR_NOT_SUPPORTED;
2342 LOGE(SSF_LIB, "Incorrect algorithm %x", op->info.algorithm);
2346 // CCM exclusive checks
2347 if (op->info.algorithm == TEE_ALG_AES_CCM) {
2348 // TODO support CCM and check AAD/payload here
2349 LOGE(SSF_LIB, "CCM mode not supported");
2350 return TEE_ERROR_NOT_SUPPORTED;
2353 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_SECRET_VALUE,
2354 (void*)key.secret.buffer, (size_t*)&key.secret.size) != TEE_SUCCESS) {
2355 LOGE(SSF_LIB, "Cannot acquire key from operation");
2358 if (!key.secret.buffer) {
2359 LOGE(SSF_LIB, "Uninitialized operation key");
2363 if (ossl_crypto_ae_init(op, &key,
2364 (unsigned char*)nonce, nonceLen, tagLen)) {
2365 LOGE(SSF_LIB, "Failed to initialize AE algorithm");
2372 void TEE_AEUpdateAAD(TEE_OperationHandle operation, void* AADdata, size_t AADdataLen)
2374 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2375 crypto_internal_operation *op = (crypto_internal_operation*)operation;
2378 if (op->info.operationClass != TEE_OPERATION_AE) {
2379 LOGE(SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2382 if (op->info.mode != TEE_MODE_ENCRYPT && op->info.mode != TEE_MODE_DECRYPT) {
2383 LOGE(SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2386 if (op->crypto == 0) {
2387 LOGE(SSF_LIB, "Uninitialized operation handle provided");
2391 if (ossl_crypto_ae_update_aad(op, AADdata, AADdataLen)) {
2392 LOGE(SSF_LIB, "Failed to update AAD data");
2399 TEE_Result TEE_AEUpdate(TEE_OperationHandle operation, void* srcData, size_t srcLen, void* destData, size_t *destLen)
2401 PERMISSION_CHECK(PERM_CRYPTO);
2402 crypto_internal_operation *op = (crypto_internal_operation*)operation;
2404 if (op->info.operationClass != TEE_OPERATION_AE) {
2405 LOGE(SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2408 if (op->info.mode != TEE_MODE_ENCRYPT && op->info.mode != TEE_MODE_DECRYPT) {
2409 LOGE(SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2412 if (op->crypto == 0) {
2413 LOGE(SSF_LIB, "Uninitialized operation handle provided");
2417 if (ossl_crypto_ae_update(op, srcData, srcLen, destData, destLen)) {
2418 LOGE(SSF_LIB, "Failed to update cipher data");
2425 TEE_Result TEE_AEEncryptFinal(TEE_OperationHandle operation, void* srcData, size_t srcLen, void* destData, size_t* destLen, void* tag, size_t* tagLen)
2427 PERMISSION_CHECK(PERM_CRYPTO);
2428 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2430 if (op->info.operationClass != TEE_OPERATION_AE) {
2431 LOGE(SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2434 if (op->info.mode != TEE_MODE_ENCRYPT) {
2435 LOGE(SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2438 if (op->crypto == 0) {
2439 LOGE(SSF_LIB, "Uninitialized operation handle provided");
2443 if (ossl_crypto_ae_enc_final(op, srcData, srcLen, destData, destLen, tag, tagLen)) {
2444 LOGE(SSF_LIB, "Failed to finalize AE encryption");
2451 TEE_Result TEE_AEDecryptFinal(TEE_OperationHandle operation, void* srcData, size_t srcLen, void* destData, size_t *destLen, void* tag, size_t tagLen)
2453 PERMISSION_CHECK(PERM_CRYPTO);
2454 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2455 TEE_Result ret = TEE_SUCCESS;
2457 if (op->info.operationClass != TEE_OPERATION_AE) {
2458 LOGE(SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2461 if (op->info.mode != TEE_MODE_DECRYPT) {
2462 LOGE(SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2465 if (op->crypto == 0) {
2466 LOGE(SSF_LIB, "Uninitialized operation handle provided");
2470 ret = ossl_crypto_ae_dec_final(op, srcData, srcLen, destData, destLen, tag, tagLen);
2471 if (ret != TEE_SUCCESS && ret != TEE_ERROR_MAC_INVALID) {
2472 LOGE(SSF_LIB, "Failed to finalize AE decryption");
2479 TEE_Result TEE_AsymmetricEncrypt( TEE_OperationHandle operation,const TEE_Attribute* params, uint32_t paramCount, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2481 PERMISSION_CHECK(PERM_CRYPTO);
2484 crypto_internal_operation *op = (crypto_internal_operation*) operation;
2485 crypto_internal_keystruct key;
2486 unsigned char module_buf[512] = {0x0, };
2487 unsigned char pub_buf[512] = {0x0, };
2489 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2490 key.rsa_modulus.size = sizeof(module_buf);
2491 key.rsa_modulus.buffer = module_buf;
2492 key.rsa_public.size = sizeof(pub_buf);
2493 key.rsa_public.buffer = pub_buf;
2495 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_CIPHER) {
2498 if (op->info.mode != TEE_MODE_ENCRYPT ) {
2501 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2504 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2505 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2508 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2509 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2512 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer ) {
2515 if (crypto_internal_init(op, &key, NULL, 0)) {
2518 if (crypto_internal_final(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2519 return TEE_ERROR_SIGNATURE_INVALID;
2524 TEE_Result TEE_AsymmetricDecrypt( TEE_OperationHandle operation, const TEE_Attribute* params, uint32_t paramCount, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2526 PERMISSION_CHECK(PERM_CRYPTO);
2530 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2531 crypto_internal_keystruct key;
2533 unsigned char module_buf[512] = {0x0, };
2534 unsigned char pub_buf[512] = {0x0, };
2535 unsigned char priv_buf[512] = {0x0, };
2537 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2538 key.rsa_modulus.size = sizeof(module_buf);
2539 key.rsa_modulus.buffer = module_buf;
2540 key.rsa_public.size = sizeof(pub_buf);
2541 key.rsa_public.buffer = pub_buf;
2542 key.rsa_private.size = sizeof(priv_buf);
2543 key.rsa_private.buffer = priv_buf;
2545 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_CIPHER) {
2548 if (op->info.mode != TEE_MODE_DECRYPT) {
2551 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2554 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2555 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2558 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2559 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2562 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIVATE_EXPONENT,
2563 (void*)key.rsa_private.buffer, (size_t*)&key.rsa_private.size) != TEE_SUCCESS) {
2566 #if 0 /* Not Support */
2567 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME1,
2568 (void*)key.rsa_prime1.buffer, (size_t*)&key.rsa_prime1.size) != TEE_SUCCESS) {
2571 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME2,
2572 (void*)key.rsa_prime2.buffer, (size_t*)&key.rsa_prime2.size) != TEE_SUCCESS) {
2575 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT1,
2576 (void*)key.rsa_exponent1.buffer, (size_t*)&key.rsa_exponent1.size) != TEE_SUCCESS) {
2579 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT2,
2580 (void*)key.rsa_exponent2.buffer, (size_t*)&key.rsa_exponent2.size) != TEE_SUCCESS) {
2583 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_COEFFICIENT,
2584 (void*)key.rsa_coefficient.buffer, (size_t*)&key.rsa_coefficient.size) != TEE_SUCCESS) {
2588 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer || !key.rsa_private.buffer
2589 /*|| !key.rsa_prime1.buffer || !key.rsa_prime2.buffer || !key.rsa_exponent1.buffer
2590 || !key.rsa_exponent2.buffer || !key.rsa_coefficient.buffer*/) {
2593 if (crypto_internal_init(op, &key, NULL, 0)) {
2596 if (crypto_internal_final(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2602 TEE_Result TEE_AsymmetricSignDigest( TEE_OperationHandle operation, const TEE_Attribute* params, uint32_t paramCount, const void* digest, size_t digestLen, void* signature, size_t *signatureLen)
2604 PERMISSION_CHECK(PERM_CRYPTO);
2607 crypto_internal_operation *op = (crypto_internal_operation*) operation;
2608 crypto_internal_keystruct key;
2610 unsigned char module_buf[384] = {0x0, };
2611 unsigned char pub_buf[384] = {0x0, };
2612 unsigned char priv_buf[384] = {0x0, };
2614 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2615 key.rsa_modulus.size = sizeof(module_buf);
2616 key.rsa_modulus.buffer = module_buf;
2617 key.rsa_public.size = sizeof(pub_buf);
2618 key.rsa_public.buffer = pub_buf;
2619 key.rsa_private.size = sizeof(priv_buf);
2620 key.rsa_private.buffer = priv_buf;
2622 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_SIGNATURE) {
2625 if (op->info.mode != TEE_MODE_SIGN ) {
2628 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2631 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2632 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2635 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2636 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2639 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIVATE_EXPONENT,
2640 (void*)key.rsa_private.buffer, (size_t*)&key.rsa_private.size) != TEE_SUCCESS) {
2643 #if 0 /* Not Support */
2644 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME1,
2645 (void*)key.rsa_prime1.buffer, (size_t*)&key.rsa_prime1.size) != TEE_SUCCESS) {
2648 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME2,
2649 (void*)key.rsa_prime2.buffer, (size_t*)&key.rsa_prime2.size) != TEE_SUCCESS) {
2652 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT1,
2653 (void*)key.rsa_exponent1.buffer, (size_t*)&key.rsa_exponent1.size) != TEE_SUCCESS) {
2656 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT2,
2657 (void*)key.rsa_exponent2.buffer, (size_t*)&key.rsa_exponent2.size) != TEE_SUCCESS) {
2660 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_COEFFICIENT,
2661 (void*)key.rsa_coefficient.buffer, (size_t*)&key.rsa_coefficient.size) != TEE_SUCCESS) {
2665 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer || !key.rsa_private.buffer
2666 /*|| !key.rsa_prime1.buffer || !key.rsa_prime2.buffer || !key.rsa_exponent1.buffer
2667 || !key.rsa_exponent2.buffer || !key.rsa_coefficient.buffer*/) {
2670 if (crypto_internal_init(op, &key, NULL, 0)) {
2673 if (crypto_internal_final(op, (unsigned char*)digest, digestLen, (unsigned char*)signature, signatureLen)) {
2674 return TEE_ERROR_SHORT_BUFFER;
2679 TEE_Result TEE_AsymmetricVerifyDigest( TEE_OperationHandle operation, const TEE_Attribute* params, uint32_t paramCount, const void* digest, size_t digestLen, void* signature, size_t signatureLen)
2681 PERMISSION_CHECK(PERM_CRYPTO);
2684 crypto_internal_operation *op = (crypto_internal_operation*) operation;
2685 crypto_internal_keystruct key;
2686 size_t sign_len=signatureLen;
2688 unsigned char module_buf[384] = {0x0, };
2689 unsigned char pub_buf[384] = {0x0, };
2691 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2692 key.rsa_modulus.size = sizeof(module_buf);
2693 key.rsa_modulus.buffer = module_buf;
2694 key.rsa_public.size = sizeof(pub_buf);
2695 key.rsa_public.buffer = pub_buf;
2697 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_SIGNATURE) {
2700 if (op->info.mode != TEE_MODE_VERIFY ) {
2703 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2706 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2707 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2710 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2711 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2714 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer ) {
2717 if (crypto_internal_init(op, &key, NULL, 0)) {
2720 if (crypto_internal_final(op, (unsigned char*)digest, digestLen, (unsigned char*)signature, &sign_len)) {
2721 return TEE_ERROR_SIGNATURE_INVALID;
2726 // Key Derivation Functions
2727 void TEE_DeriveKey( TEE_OperationHandle operation, TEE_Attribute* params, uint32_t paramCount, TEE_ObjectHandle derivedKey)
2729 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2737 void TEE_GenerateRandom(void* randomBuffer, size_t randomBufferLen)
2739 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2740 crypto_internal_operation op;
2741 crypto_internal_keystruct key;
2742 unsigned char random[512] = {0};
2743 size_t random_len=512;
2744 memset((void *)&op,0,sizeof(op));
2745 if(randomBufferLen > 512)
2747 LOGE(SSF_LIB, "currently only support less than 512 byte random data");
2750 op.info.algorithm = TEE_ALG_GENERATE_SECRET_KEY;
2751 op.info.keySize = randomBufferLen;
2752 /*cryptocore need bit_length*/
2753 key.secret.buffer = random;
2754 key.secret.size = random_len*8;
2756 if (crypto_internal_open(&op)!=0) {
2759 if (crypto_internal_init(&op, &key, NULL, 0)) {
2762 if (crypto_internal_final(&op, NULL, 0, NULL, NULL)) {
2765 if (crypto_internal_close(&op)) {
2768 memcpy(randomBuffer, random, randomBufferLen);