2 * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 * @author Krishna Raghottam Devale (k.devale@samsung.com)
20 * @brief SSF crypto functions
29 #include <sys/ioctl.h>
30 #include <crypto_internal.h>
33 #include <permission.h>
38 #include "ssf_crypto_openssl.h"
40 #define TAG "TEE:Crypto"
42 #define CRYPTO_PANIC do{LOGE(MODULE_SSF_LIB, "This Line!");TEE_Panic(0);}while(0)
44 #define MAX_ATTRIBUTE_NUMBER 35 // Maximum number of attributes for each object
47 #define CRYPTO_INTERNAL_LOG(_f, _a...) printf("[%s]%d: " _f "\n", __func__ , __LINE__ , ## _a)
48 #define CRYPTO_INTERNAL_LOG_BYTE(msg, Data, DataLen) { \
50 printf("%10s =", msg); \
52 for( idx = 0; idx < (int)DataLen; idx++) { \
53 if( (idx != 0) && ((idx%16) == 0) ) printf("\n"); \
54 if((idx % 16) == 0) printf("\t\""); \
55 printf("%.2X", Data[idx]); \
56 if( (idx != 0) && ((idx%16) == 15) ) printf("\""); \
61 #define CRYPTO_INTERNAL_LOG(_f, _a...)
62 #define CRYPTO_INTERNAL_LOG_BYTE(msg, Data, DataLen)
65 struct __TEE_Attributees
68 TEE_Attribute attr_array[MAX_ATTRIBUTE_NUMBER];
71 struct TransientObject
74 struct __TEE_Attributees attr;
77 struct __TEE_ObjectHandle
79 struct TransientObject tr;
83 struct __TEE_OperationHandle
85 TEE_OperationInfo info;
88 static int sw_crypto_ioctl_init(crypto_internal_operation *operation, crypto_internal_keystruct *key, unsigned char *ivec, unsigned int ivec_len)
90 (void)ivec_len; /* actually always==16 */
93 unsigned int padding = ID_NO_PADDING;
94 CryptoCoreContainer *handle = (CryptoCoreContainer *)operation->crypto;
96 switch(operation->info.algorithm)
98 /* TEE_OPERATION_CIPHER */
99 case TEE_ALG_AES_ECB_NOPAD:
100 if(operation->info.mode == TEE_MODE_ENCRYPT) mode = ID_ENC_ECB;
101 else mode = ID_DEC_ECB;
102 padding = ID_NO_PADDING;
103 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
106 case TEE_ALG_AES_ECB_PKCS5:
107 case TEE_ALG_AES_ECB_PKCS7:
108 if(operation->info.mode == TEE_MODE_ENCRYPT) mode = ID_ENC_ECB;
109 else mode = ID_DEC_ECB;
110 padding = ID_NO_PADDING /* ID_PKCS5 */;
111 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
114 case TEE_ALG_AES_ECB_ISO9797_M1:
115 case TEE_ALG_AES_ECB_ISO9797_M2:
116 if(operation->info.mode == TEE_MODE_ENCRYPT) mode = ID_ENC_ECB;
117 else mode = ID_DEC_ECB;
118 padding = ID_NO_PADDING /* ID_PKCS5 */;
119 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
122 case TEE_ALG_AES_CBC_NOPAD:
123 if(operation->info.mode == TEE_MODE_ENCRYPT) mode = ID_ENC_CBC;
124 else mode = ID_DEC_CBC;
125 padding = ID_NO_PADDING;
126 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
129 case TEE_ALG_AES_CBC_PKCS5:
130 case TEE_ALG_AES_CBC_PKCS7:
131 if(operation->info.mode == TEE_MODE_ENCRYPT) mode = ID_ENC_CBC;
132 else mode = ID_DEC_CBC;
133 padding = ID_NO_PADDING/* ID_PKCS5 */;
134 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
137 case TEE_ALG_AES_CBC_ISO9797_M1:
138 case TEE_ALG_AES_CBC_ISO9797_M2:
139 if(operation->info.mode == TEE_MODE_ENCRYPT) mode = ID_ENC_CBC;
140 else mode = ID_DEC_CBC;
141 padding = ID_NO_PADDING /* ID_PKCS5 */;
142 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
145 case TEE_ALG_AES_CTR:
146 case TEE_ALG_AES_CTR_NOPAD:
147 if(operation->info.mode == TEE_MODE_ENCRYPT) mode = ID_ENC_CTR;
148 else mode = ID_DEC_CTR;
149 padding = ID_NO_PADDING;
150 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
153 case TEE_ALG_AES_CTS:
154 case TEE_ALG_AES_XTS:
157 case TEE_ALG_DES_ECB_NOPAD:
158 case TEE_ALG_DES3_ECB_NOPAD:
159 if(operation->info.mode == TEE_MODE_ENCRYPT) {
164 padding = ID_NO_PADDING;
165 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
168 case TEE_ALG_DES_CBC_NOPAD:
169 case TEE_ALG_DES3_CBC_NOPAD:
170 if(operation->info.mode == TEE_MODE_ENCRYPT) {
175 padding = ID_NO_PADDING;
176 rc = handle->SE_init(handle, mode, padding, key->secret.buffer, key->secret.size, ivec);
179 case TEE_ALG_HMAC_MD5:
180 case TEE_ALG_HMAC_SHA1:
181 case TEE_ALG_HMAC_SHA224:
182 case TEE_ALG_HMAC_SHA256:
183 case TEE_ALG_HMAC_SHA384:
184 case TEE_ALG_HMAC_SHA512:
185 case TEE_ALG_AES_CBC_MAC_NOPAD:
186 case TEE_ALG_AES_CBC_MAC_PKCS5:
187 case TEE_ALG_DES_CBC_MAC_NOPAD:
188 case TEE_ALG_DES_CBC_MAC_PKCS5:
189 case TEE_ALG_AES_CMAC:
190 case TEE_ALG_DES3_CBC_MAC_NOPAD:
191 case TEE_ALG_DES3_CBC_MAC_PKCS5:
192 rc = handle->MAC_init(handle, key->secret.buffer, key->secret.size);
195 case TEE_ALG_AES_CCM:
196 case TEE_ALG_AES_GCM:
205 rc = handle->MD_init(handle);
208 case TEE_ALG_RSA_NOPAD:
209 padding = ID_NO_PADDING;
210 rc = handle->RSA_setKeypairForCRT(handle, padding,
211 key->rsa_modulus.buffer, key->rsa_modulus.size,
212 key->rsa_public.buffer, key->rsa_public.size,
213 key->rsa_private.buffer, key->rsa_private.size,
214 key->rsa_prime1.buffer, key->rsa_prime1.size,
215 key->rsa_prime2.buffer, key->rsa_prime2.size,
216 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
217 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
218 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
221 case TEE_ALG_RSAES_PKCS1_V1_5:
222 padding = ID_RSAES_PKCS15;
223 rc = handle->RSA_setKeypairForCRT(handle, padding,
224 key->rsa_modulus.buffer, key->rsa_modulus.size,
225 key->rsa_public.buffer, key->rsa_public.size,
226 key->rsa_private.buffer, key->rsa_private.size,
227 key->rsa_prime1.buffer, key->rsa_prime1.size,
228 key->rsa_prime2.buffer, key->rsa_prime2.size,
229 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
230 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
231 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
234 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
235 padding = ID_RSAES_OAEP_SHA1;
236 rc = handle->RSA_setKeypairForCRT(handle, padding,
237 key->rsa_modulus.buffer, key->rsa_modulus.size,
238 key->rsa_public.buffer, key->rsa_public.size,
239 key->rsa_private.buffer, key->rsa_private.size,
240 key->rsa_prime1.buffer, key->rsa_prime1.size,
241 key->rsa_prime2.buffer, key->rsa_prime2.size,
242 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
243 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
244 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
247 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
248 padding = ID_RSAES_OAEP_SHA224;
249 rc = handle->RSA_setKeypairForCRT(handle, padding,
250 key->rsa_modulus.buffer, key->rsa_modulus.size,
251 key->rsa_public.buffer, key->rsa_public.size,
252 key->rsa_private.buffer, key->rsa_private.size,
253 key->rsa_prime1.buffer, key->rsa_prime1.size,
254 key->rsa_prime2.buffer, key->rsa_prime2.size,
255 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
256 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
257 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
260 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
261 padding = ID_RSAES_OAEP_SHA256;
262 rc = handle->RSA_setKeypairForCRT(handle, padding,
263 key->rsa_modulus.buffer, key->rsa_modulus.size,
264 key->rsa_public.buffer, key->rsa_public.size,
265 key->rsa_private.buffer, key->rsa_private.size,
266 key->rsa_prime1.buffer, key->rsa_prime1.size,
267 key->rsa_prime2.buffer, key->rsa_prime2.size,
268 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
269 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
270 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
273 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
274 padding = ID_RSAES_OAEP_SHA384;
275 rc = handle->RSA_setKeypairForCRT(handle, padding,
276 key->rsa_modulus.buffer, key->rsa_modulus.size,
277 key->rsa_public.buffer, key->rsa_public.size,
278 key->rsa_private.buffer, key->rsa_private.size,
279 key->rsa_prime1.buffer, key->rsa_prime1.size,
280 key->rsa_prime2.buffer, key->rsa_prime2.size,
281 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
282 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
283 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
286 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
287 padding = ID_RSAES_OAEP_SHA512;
288 rc = handle->RSA_setKeypairForCRT(handle, padding,
289 key->rsa_modulus.buffer, key->rsa_modulus.size,
290 key->rsa_public.buffer, key->rsa_public.size,
291 key->rsa_private.buffer, key->rsa_private.size,
292 key->rsa_prime1.buffer, key->rsa_prime1.size,
293 key->rsa_prime2.buffer, key->rsa_prime2.size,
294 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
295 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
296 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
299 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
300 padding = ID_RSASSA_PKCS15_MD5;
301 rc = handle->RSA_setKeypairForCRT(handle, padding,
302 key->rsa_modulus.buffer, key->rsa_modulus.size,
303 key->rsa_public.buffer, key->rsa_public.size,
304 key->rsa_private.buffer, key->rsa_private.size,
305 key->rsa_prime1.buffer, key->rsa_prime1.size,
306 key->rsa_prime2.buffer, key->rsa_prime2.size,
307 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
308 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
309 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
312 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
313 padding = ID_RSASSA_PKCS15_SHA1;
314 rc = handle->RSA_setKeypairForCRT(handle, padding,
315 key->rsa_modulus.buffer, key->rsa_modulus.size,
316 key->rsa_public.buffer, key->rsa_public.size,
317 key->rsa_private.buffer, key->rsa_private.size,
318 key->rsa_prime1.buffer, key->rsa_prime1.size,
319 key->rsa_prime2.buffer, key->rsa_prime2.size,
320 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
321 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
322 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
325 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
326 padding = ID_RSASSA_PKCS15_SHA224;
327 rc = handle->RSA_setKeypairForCRT(handle, padding,
328 key->rsa_modulus.buffer, key->rsa_modulus.size,
329 key->rsa_public.buffer, key->rsa_public.size,
330 key->rsa_private.buffer, key->rsa_private.size,
331 key->rsa_prime1.buffer, key->rsa_prime1.size,
332 key->rsa_prime2.buffer, key->rsa_prime2.size,
333 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
334 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
335 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
338 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
339 padding = ID_RSASSA_PKCS15_SHA256;
340 rc = handle->RSA_setKeypairForCRT(handle, padding,
341 key->rsa_modulus.buffer, key->rsa_modulus.size,
342 key->rsa_public.buffer, key->rsa_public.size,
343 key->rsa_private.buffer, key->rsa_private.size,
344 key->rsa_prime1.buffer, key->rsa_prime1.size,
345 key->rsa_prime2.buffer, key->rsa_prime2.size,
346 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
347 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
348 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
351 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
352 padding = ID_RSASSA_PKCS15_SHA384;
353 rc = handle->RSA_setKeypairForCRT(handle, padding,
354 key->rsa_modulus.buffer, key->rsa_modulus.size,
355 key->rsa_public.buffer, key->rsa_public.size,
356 key->rsa_private.buffer, key->rsa_private.size,
357 key->rsa_prime1.buffer, key->rsa_prime1.size,
358 key->rsa_prime2.buffer, key->rsa_prime2.size,
359 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
360 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
361 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
364 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
365 padding = ID_RSASSA_PKCS15_SHA512;
366 rc = handle->RSA_setKeypairForCRT(handle, padding,
367 key->rsa_modulus.buffer, key->rsa_modulus.size,
368 key->rsa_public.buffer, key->rsa_public.size,
369 key->rsa_private.buffer, key->rsa_private.size,
370 key->rsa_prime1.buffer, key->rsa_prime1.size,
371 key->rsa_prime2.buffer, key->rsa_prime2.size,
372 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
373 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
374 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
377 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
378 padding = ID_RSASSA_PSS_SHA1;
379 rc = handle->RSA_setKeypairForCRT(handle, padding,
380 key->rsa_modulus.buffer, key->rsa_modulus.size,
381 key->rsa_public.buffer, key->rsa_public.size,
382 key->rsa_private.buffer, key->rsa_private.size,
383 key->rsa_prime1.buffer, key->rsa_prime1.size,
384 key->rsa_prime2.buffer, key->rsa_prime2.size,
385 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
386 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
387 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
390 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
391 padding = ID_RSASSA_PSS_SHA224;
392 rc = handle->RSA_setKeypairForCRT(handle, padding,
393 key->rsa_modulus.buffer, key->rsa_modulus.size,
394 key->rsa_public.buffer, key->rsa_public.size,
395 key->rsa_private.buffer, key->rsa_private.size,
396 key->rsa_prime1.buffer, key->rsa_prime1.size,
397 key->rsa_prime2.buffer, key->rsa_prime2.size,
398 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
399 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
400 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
403 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
404 padding = ID_RSASSA_PSS_SHA256;
405 rc = handle->RSA_setKeypairForCRT(handle, padding,
406 key->rsa_modulus.buffer, key->rsa_modulus.size,
407 key->rsa_public.buffer, key->rsa_public.size,
408 key->rsa_private.buffer, key->rsa_private.size,
409 key->rsa_prime1.buffer, key->rsa_prime1.size,
410 key->rsa_prime2.buffer, key->rsa_prime2.size,
411 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
412 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
413 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
416 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
417 padding = ID_RSASSA_PSS_SHA384;
418 rc = handle->RSA_setKeypairForCRT(handle, padding,
419 key->rsa_modulus.buffer, key->rsa_modulus.size,
420 key->rsa_public.buffer, key->rsa_public.size,
421 key->rsa_private.buffer, key->rsa_private.size,
422 key->rsa_prime1.buffer, key->rsa_prime1.size,
423 key->rsa_prime2.buffer, key->rsa_prime2.size,
424 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
425 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
426 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
429 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
430 padding = ID_RSASSA_PSS_SHA512;
431 rc = handle->RSA_setKeypairForCRT(handle, padding,
432 key->rsa_modulus.buffer, key->rsa_modulus.size,
433 key->rsa_public.buffer, key->rsa_public.size,
434 key->rsa_private.buffer, key->rsa_private.size,
435 key->rsa_prime1.buffer, key->rsa_prime1.size,
436 key->rsa_prime2.buffer, key->rsa_prime2.size,
437 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
438 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
439 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
442 case TEE_ALG_DSA_SHA1:
444 rc = handle->RSA_setKeypairForCRT(handle, padding,
445 key->rsa_modulus.buffer, key->rsa_modulus.size,
446 key->rsa_public.buffer, key->rsa_public.size,
447 key->rsa_private.buffer, key->rsa_private.size,
448 key->rsa_prime1.buffer, key->rsa_prime1.size,
449 key->rsa_prime2.buffer, key->rsa_prime2.size,
450 key->rsa_exponent1.buffer, key->rsa_exponent1.size,
451 key->rsa_exponent2.buffer, key->rsa_exponent2.size,
452 key->rsa_coefficient.buffer, key->rsa_coefficient.size);
455 case TEE_ALG_GENERATE_SECRET_KEY:
456 rc = handle->PRNG_get(handle, key->secret.size, key->secret.buffer);
457 /* Ignore return value to avoid CRYPTO_PANIC. Only SDRM_X931_ConditionalTest() can return TEE_ERROR.*/
461 case TEE_ALG_GENERATE_RSA_KEY:
463 unsigned char E[3] = {0x01, 0x00, 0x01};
464 unsigned int ELen = 3;
466 rc = handle->RSA_genKeypairWithEforCRT(handle, padding,
468 key->rsa_modulus.buffer, &key->rsa_modulus.size,
469 key->rsa_private.buffer, &key->rsa_private.size,
470 key->rsa_prime1.buffer, &key->rsa_prime1.size,
471 key->rsa_prime2.buffer, &key->rsa_prime2.size,
472 key->rsa_exponent1.buffer, &key->rsa_exponent1.size,
473 key->rsa_exponent2.buffer, &key->rsa_exponent2.size,
474 key->rsa_coefficient.buffer, &key->rsa_coefficient.size);
476 memcpy(key->rsa_public.buffer, E, ELen);
477 key->rsa_public.size = ELen;
482 LOGE(MODULE_SSF_LIB, "Not Support Algorithm : %X ", operation->info.algorithm);
486 CRYPTO_INTERNAL_LOG("rc=%d ", rc);
490 static int sw_crypto_ioctl_update(crypto_internal_operation *operation, unsigned char* src_addr, unsigned int src_size, unsigned char* dst_addr, unsigned int* dst_size)
493 CryptoCoreContainer *handle = (CryptoCoreContainer *)operation->crypto;
495 switch(operation->info.algorithm)
497 /* TEE_OPERATION_CIPHER */
498 case TEE_ALG_AES_ECB_NOPAD:
499 case TEE_ALG_AES_ECB_PKCS5:
500 case TEE_ALG_AES_ECB_PKCS7:
501 case TEE_ALG_AES_ECB_ISO9797_M1:
502 case TEE_ALG_AES_ECB_ISO9797_M2:
503 case TEE_ALG_AES_CBC_NOPAD:
504 case TEE_ALG_AES_CBC_PKCS5:
505 case TEE_ALG_AES_CBC_PKCS7:
506 case TEE_ALG_AES_CBC_ISO9797_M1:
507 case TEE_ALG_AES_CBC_ISO9797_M2:
508 case TEE_ALG_AES_CTR:
509 case TEE_ALG_AES_CTR_NOPAD:
510 case TEE_ALG_DES_ECB_NOPAD:
511 case TEE_ALG_DES3_ECB_NOPAD:
512 case TEE_ALG_DES_CBC_NOPAD:
513 case TEE_ALG_DES3_CBC_NOPAD:
514 rc = handle->SE_process(handle, src_addr, src_size, dst_addr, dst_size);
517 case TEE_ALG_HMAC_MD5:
518 case TEE_ALG_HMAC_SHA1:
519 case TEE_ALG_HMAC_SHA224:
520 case TEE_ALG_HMAC_SHA256:
521 case TEE_ALG_HMAC_SHA384:
522 case TEE_ALG_HMAC_SHA512:
523 case TEE_ALG_AES_CBC_MAC_NOPAD:
524 case TEE_ALG_AES_CBC_MAC_PKCS5:
525 case TEE_ALG_DES_CBC_MAC_NOPAD:
526 case TEE_ALG_DES_CBC_MAC_PKCS5:
527 case TEE_ALG_AES_CMAC:
528 case TEE_ALG_DES3_CBC_MAC_NOPAD:
529 case TEE_ALG_DES3_CBC_MAC_PKCS5:
530 rc = handle->MAC_update(handle, src_addr, src_size);
539 rc = handle->MD_update(handle, src_addr, src_size);
543 LOGE(MODULE_SSF_LIB, "Not Support Algorithm : %X", operation->info.algorithm);
548 if(src_size && dst_size) {
549 CRYPTO_INTERNAL_LOG("rc=%d src_size=%d dst_size=%d", rc, src_size, *dst_size);
551 CRYPTO_INTERNAL_LOG("rc=%d", rc);
556 static int sw_crypto_ioctl_final(crypto_internal_operation *operation, unsigned char* src_addr, unsigned int src_size, unsigned char* dst_addr, unsigned int* dst_size)
560 CryptoCoreContainer *handle = (CryptoCoreContainer *)operation->crypto;
562 switch(operation->info.algorithm)
564 /* TEE_OPERATION_CIPHER */
565 case TEE_ALG_AES_ECB_NOPAD:
566 case TEE_ALG_AES_ECB_PKCS5:
567 case TEE_ALG_AES_ECB_PKCS7:
568 case TEE_ALG_AES_ECB_ISO9797_M1:
569 case TEE_ALG_AES_ECB_ISO9797_M2:
570 case TEE_ALG_AES_CBC_NOPAD:
571 case TEE_ALG_AES_CBC_PKCS5:
572 case TEE_ALG_AES_CBC_PKCS7:
573 case TEE_ALG_AES_CBC_ISO9797_M1:
574 case TEE_ALG_AES_CBC_ISO9797_M2:
575 case TEE_ALG_AES_CTR_NOPAD:
576 case TEE_ALG_AES_CTR:
577 rc = handle->SE_final(handle, src_addr, src_size, dst_addr, dst_size);
580 case TEE_ALG_AES_CTS:
581 case TEE_ALG_AES_XTS:
584 case TEE_ALG_DES_ECB_NOPAD:
585 case TEE_ALG_DES3_ECB_NOPAD:
586 case TEE_ALG_DES_CBC_NOPAD:
587 case TEE_ALG_DES3_CBC_NOPAD:
588 rc = handle->SE_final(handle, src_addr, src_size, dst_addr, dst_size);
591 /* TEE_OPERATION_MAC */
592 case TEE_ALG_HMAC_MD5:
593 case TEE_ALG_HMAC_SHA1:
594 case TEE_ALG_HMAC_SHA224:
595 case TEE_ALG_HMAC_SHA256:
596 case TEE_ALG_HMAC_SHA384:
597 case TEE_ALG_HMAC_SHA512:
598 case TEE_ALG_AES_CBC_MAC_NOPAD:
599 case TEE_ALG_AES_CBC_MAC_PKCS5:
600 case TEE_ALG_DES_CBC_MAC_NOPAD:
601 case TEE_ALG_DES_CBC_MAC_PKCS5:
602 case TEE_ALG_AES_CMAC:
603 case TEE_ALG_DES3_CBC_MAC_NOPAD:
604 case TEE_ALG_DES3_CBC_MAC_PKCS5:
605 if(src_addr && src_size != 0) {
606 handle->MAC_update(handle, src_addr, src_size);
608 rc = handle->MAC_final(handle, dst_addr, dst_size);
611 /* TEE_OPERATION_AE */
612 case TEE_ALG_AES_CCM:
613 case TEE_ALG_AES_GCM:
616 /* TEE_OPERATION_DIGEST */
623 if(src_addr && src_size != 0) {
624 handle->MD_update(handle, src_addr, src_size);
626 rc = handle->MD_final(handle, dst_addr);
627 *dst_size = operation->info.digestLength;
630 /* TEE_OPERATION_ASYMMETRIC_CIPHER */
631 case TEE_ALG_RSA_NOPAD:
632 case TEE_ALG_RSAES_PKCS1_V1_5:
633 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
634 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
635 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
636 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
637 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
638 if (operation->info.mode == TEE_MODE_ENCRYPT ) {
639 rc = handle->AE_encrypt(handle, src_addr, src_size, dst_addr, dst_size);
641 rc = handle->AE_decrypt(handle, src_addr, src_size, dst_addr, dst_size);
645 /* TEE_OPERATION_ASYMMETRIC_SIGNATURE */
646 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
647 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
648 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
649 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
650 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
651 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
652 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
653 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
654 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
655 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
656 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
657 if (operation->info.mode == TEE_MODE_SIGN ) {
658 rc = handle->DS_sign(handle, src_addr, src_size, dst_addr, dst_size);
660 rc = handle->DS_verify(handle, src_addr, src_size, dst_addr, *dst_size, &result);
667 case TEE_ALG_GENERATE_SECRET_KEY:
671 case TEE_ALG_GENERATE_RSA_KEY:
676 LOGE(MODULE_SSF_LIB, "Not Support Algorithm : %X", operation->info.algorithm);
680 if(src_size && dst_size) {
681 CRYPTO_INTERNAL_LOG("rc=%d src_size=%d dst_size=%d", rc, src_size, *dst_size);
683 CRYPTO_INTERNAL_LOG("rc=%d", rc);
688 static int sw_crypto_open(crypto_internal_operation *operation)
692 switch(operation->info.algorithm)
694 /* TEE_OPERATION_CIPHER */
695 case TEE_ALG_AES_ECB_NOPAD:
696 case TEE_ALG_AES_CBC_NOPAD:
697 case TEE_ALG_AES_CTR:
698 case TEE_ALG_AES_CTR_NOPAD:
699 case TEE_ALG_AES_ECB_PKCS5:
700 case TEE_ALG_AES_ECB_PKCS7:
701 case TEE_ALG_AES_ECB_ISO9797_M1:
702 case TEE_ALG_AES_ECB_ISO9797_M2:
703 case TEE_ALG_AES_CBC_PKCS5:
704 case TEE_ALG_AES_CBC_PKCS7:
705 case TEE_ALG_AES_CBC_ISO9797_M1:
706 case TEE_ALG_AES_CBC_ISO9797_M2:
707 if (operation->info.keySize == 128) {
709 } else if (operation->info.keySize == 192) {
711 } else if (operation->info.keySize == 256) {
717 case TEE_ALG_AES_XTS:
718 case TEE_ALG_AES_CTS:
721 case TEE_ALG_DES_ECB_NOPAD:
722 case TEE_ALG_DES_CBC_NOPAD:
725 case TEE_ALG_DES3_ECB_NOPAD:
726 case TEE_ALG_DES3_CBC_NOPAD:
730 /* TEE_OPERATION_MAC */
731 case TEE_ALG_AES_CBC_MAC_NOPAD:
732 case TEE_ALG_AES_CBC_MAC_PKCS5:
733 case TEE_ALG_AES_CMAC:
734 case TEE_ALG_DES_CBC_MAC_NOPAD:
735 case TEE_ALG_DES_CBC_MAC_PKCS5:
736 case TEE_ALG_DES3_CBC_MAC_NOPAD:
737 case TEE_ALG_DES3_CBC_MAC_PKCS5:
740 case TEE_ALG_HMAC_MD5:
743 case TEE_ALG_HMAC_SHA1:
746 case TEE_ALG_HMAC_SHA224:
749 case TEE_ALG_HMAC_SHA256:
752 case TEE_ALG_HMAC_SHA384:
755 case TEE_ALG_HMAC_SHA512:
759 /* TEE_OPERATION_AE */
760 case TEE_ALG_AES_CCM:
761 case TEE_ALG_AES_GCM:
765 /* TEE_OPERATION_DIGEST */
785 /* TEE_OPERATION_ASYMMETRIC_CIPHER */
786 case TEE_ALG_RSA_NOPAD:
787 case TEE_ALG_RSAES_PKCS1_V1_5:
788 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
789 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
790 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
791 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
792 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
793 if (operation->info.keySize == 512) {
795 } else if (operation->info.keySize == 1024) {
797 } else if (operation->info.keySize == 2048) {
799 } else if (operation->info.keySize == 3072) {
801 } else if (operation->info.keySize == 4096) {
808 /* TEE_OPERATION_ASYMMETRIC_SIGNATURE */
809 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
810 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
811 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
812 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
813 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
814 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
815 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
816 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
817 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
818 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
819 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
820 if (operation->info.keySize == 512) {
822 } else if (operation->info.keySize == 1024) {
824 } else if (operation->info.keySize == 2048) {
826 } else if (operation->info.keySize == 3072) {
828 } else if (operation->info.keySize == 4096) {
835 case TEE_ALG_DSA_SHA1:
839 case TEE_ALG_ECDSA_P160:
840 case TEE_ALG_ECDSA_P192:
841 case TEE_ALG_ECDSA_P224:
842 case TEE_ALG_ECDSA_P256:
843 case TEE_ALG_ECDSA_P384:
844 case TEE_ALG_ECDSA_P521:
848 /* TEE_OPERATION_KEY_DERIVATION */
849 case TEE_ALG_DH_DERIVE_SHARED_SECRET:
853 case TEE_ALG_ECDH_P192:
854 case TEE_ALG_ECDH_P224:
855 case TEE_ALG_ECDH_P256:
856 case TEE_ALG_ECDH_P384:
857 case TEE_ALG_ECDH_P521:
861 case TEE_ALG_GENERATE_SECRET_KEY:
865 case TEE_ALG_GENERATE_RSA_KEY:
866 if (operation->info.keySize == 512) {
868 } else if (operation->info.keySize == 1024) {
870 } else if (operation->info.keySize == 2048) {
872 } else if (operation->info.keySize == 3072) {
874 } else if (operation->info.keySize == 4096) {
882 LOGE(MODULE_SSF_LIB, "Not Support Algorithm : %X ", operation->info.algorithm);
887 operation->crypto = (void*)create_CryptoCoreContainer(alg);
889 if(operation->crypto == NULL) {
898 static int sw_crypto_close(crypto_internal_operation *operation)
901 if(operation->crypto) {
902 destroy_CryptoCoreContainer((CryptoCoreContainer*)operation->crypto);
904 operation->crypto = NULL;
908 int crypto_internal_open(crypto_internal_operation *operation)
910 if (operation->info.algorithm == TEE_ALG_AES_GCM) {
911 return ossl_crypto_open(operation);
913 return sw_crypto_open(operation);
917 int crypto_internal_close(crypto_internal_operation *operation)
919 if (operation->info.algorithm == TEE_ALG_AES_GCM) {
920 ossl_crypto_close(operation);
923 return sw_crypto_close(operation);
927 int crypto_internal_init(crypto_internal_operation *operation, crypto_internal_keystruct *key, unsigned char *ivec, size_t ivec_len)
929 return sw_crypto_ioctl_init(operation, key, ivec, ivec_len);
932 int crypto_internal_update(crypto_internal_operation *operation, unsigned char *src_data, size_t src_len, unsigned char *dst_data, size_t *dst_len)
934 unsigned char* in_data = NULL;
935 unsigned char* out_data = NULL;
936 unsigned int in_size = 0;
937 unsigned int out_size = 0;
938 unsigned int num = 0;
939 unsigned int processing_len = 0;
940 unsigned int total_processing_len = 0;
941 int (*crypto_update_engine)(crypto_internal_operation *, unsigned char *, unsigned int, unsigned char *, unsigned int*);
943 crypto_update_engine = sw_crypto_ioctl_update;
946 in_data = (unsigned char*)src_data;
949 out_data = (unsigned char*)dst_data;
952 in_size = (unsigned int)src_len;
955 out_size = (unsigned int)*dst_len;
958 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
959 CRYPTO_INTERNAL_LOG("in_size=%d out_size=%d op->data_len=%d, processed=%d", in_size, out_size, operation->data_len, total_processing_len);
961 if(operation->info.operationClass == TEE_OPERATION_CIPHER)
963 if (operation->data_len != 0)
965 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
968 num = (size_t)(operation->block_len - operation->data_len);
971 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
973 memcpy(operation->data + operation->data_len, in_data, num);
975 operation->data_len += num;
977 in_data = (unsigned char*)((unsigned long)in_data + num);
979 /* accumulated data is full */
980 if (operation->data_len == operation->block_len)
982 processing_len = out_size;
983 if (crypto_update_engine(operation, operation->data, operation->data_len, out_data, &processing_len)) {
986 total_processing_len += processing_len;
987 out_size -= processing_len;
988 out_data = (unsigned char*)((unsigned long) out_data + processing_len);
989 operation->data_len = 0;
992 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
997 size_t should_be_processed_of_bytes = (size_t)in_size/operation->block_len*operation->block_len;
998 size_t remaining_number_of_bytes = in_size-should_be_processed_of_bytes;
1000 CRYPTO_INTERNAL_LOG("should_be_processed_of_bytes=%zd remaining_number_of_bytes=%zd processed=%d", should_be_processed_of_bytes, remaining_number_of_bytes, total_processing_len);
1001 if (should_be_processed_of_bytes != 0)
1003 processing_len = out_size-total_processing_len;
1004 if (crypto_update_engine(operation, in_data, should_be_processed_of_bytes, out_data, &processing_len)) {
1007 total_processing_len += processing_len;
1008 in_size -= processing_len;
1009 in_data = (unsigned char*)((unsigned long) in_data + processing_len);
1012 if(remaining_number_of_bytes != 0) {
1013 memcpy(operation->data, in_data, remaining_number_of_bytes);
1014 operation->data_len = remaining_number_of_bytes;
1017 } else if (operation->info.operationClass == TEE_OPERATION_MAC || operation->info.operationClass == TEE_OPERATION_DIGEST) {
1018 if (operation->data_len != 0)
1020 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
1023 num = (size_t)(operation->block_len - operation->data_len);
1026 CRYPTO_INTERNAL_LOG("num=%d in_size=%d processed=%d", num, in_size, total_processing_len);
1028 memcpy(operation->data + operation->data_len, in_data, num);
1030 operation->data_len += num;
1032 in_data = (unsigned char*)((unsigned long)in_data + num);
1034 /* accumulated data is full */
1035 if (operation->data_len == operation->block_len)
1037 if (crypto_update_engine(operation, operation->data, operation->data_len, NULL, NULL)) {
1040 operation->data_len = 0;
1043 total_processing_len += num;
1045 CRYPTO_INTERNAL_LOG("num=%d in_size=%d processed=%d", num, in_size, total_processing_len);
1050 size_t should_be_processed_of_bytes = (size_t)in_size/operation->block_len*operation->block_len;
1051 size_t remaining_number_of_bytes = in_size-should_be_processed_of_bytes;
1053 CRYPTO_INTERNAL_LOG("should_be_processed_of_bytes=%zd remaining_number_of_bytes=%zd processed=%d", should_be_processed_of_bytes, remaining_number_of_bytes, total_processing_len);
1054 if (should_be_processed_of_bytes != 0)
1056 if (crypto_update_engine(operation, in_data, should_be_processed_of_bytes, NULL, NULL)) {
1059 total_processing_len += should_be_processed_of_bytes;
1060 in_size -= should_be_processed_of_bytes;
1061 in_data = (unsigned char*)((unsigned long) in_data + should_be_processed_of_bytes);
1064 if(remaining_number_of_bytes != 0) {
1065 memcpy(operation->data, in_data, remaining_number_of_bytes);
1066 total_processing_len += remaining_number_of_bytes;
1067 operation->data_len = remaining_number_of_bytes;
1068 in_size -= remaining_number_of_bytes;
1072 if(crypto_update_engine(operation, in_data, in_size, out_data, &out_size)) {
1077 CRYPTO_INTERNAL_LOG("in_size=%d processed=%d", in_size, total_processing_len);
1078 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1079 if(operation->info.operationClass == TEE_OPERATION_CIPHER && dst_len) {
1080 *dst_len = total_processing_len;
1087 int crypto_internal_final(crypto_internal_operation *operation, unsigned char *src_data, size_t src_len, unsigned char *dst_data, size_t *dst_len)
1089 unsigned char* in_data = NULL;
1090 unsigned char* out_data = NULL;
1091 unsigned int in_size = 0;
1092 unsigned int out_size = 0;
1093 unsigned int num = 0;
1094 unsigned int processing_len = 0;
1095 unsigned int total_processing_len = 0;
1096 int (*crypto_update_engine)(crypto_internal_operation *, unsigned char *, unsigned int, unsigned char *, unsigned int*);
1097 int (*crypto_final_engine)(crypto_internal_operation *, unsigned char *, unsigned int, unsigned char *, unsigned int*);
1099 crypto_update_engine = sw_crypto_ioctl_update;
1100 crypto_final_engine = sw_crypto_ioctl_final;
1103 in_data = (unsigned char*)src_data;
1106 out_data = (unsigned char*)dst_data;
1109 in_size = (unsigned int)src_len;
1112 out_size = (unsigned int)*dst_len;
1115 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1116 CRYPTO_INTERNAL_LOG("in_size=%d out_size=%d op->data_len=%d processed=%d", in_size, out_size, operation->data_len, total_processing_len);
1118 if(operation->info.operationClass == TEE_OPERATION_CIPHER)
1120 if (operation->data_len != 0)
1122 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
1125 num = (size_t)(operation->block_len - operation->data_len);
1128 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
1130 memcpy(operation->data + operation->data_len, in_data, num);
1132 operation->data_len += num;
1134 in_data = (unsigned char*)((unsigned long)in_data + num);
1136 /* accumulated data is full */
1137 if (operation->data_len == operation->block_len)
1139 processing_len = out_size;
1140 if (crypto_update_engine(operation, operation->data, operation->data_len, out_data, &processing_len)) {
1143 total_processing_len += processing_len;
1144 out_size -= processing_len;
1146 out_data = (unsigned char*)((unsigned long) out_data + processing_len);
1148 operation->data_len = 0;
1152 if (in_size == 0 && operation->data_len != 0) {
1153 in_size = operation->data_len;
1154 in_data = operation->data;
1155 operation->data_len = 0;
1157 CRYPTO_INTERNAL_LOG("num=%d in_size=%d out_size=%d processed=%d", num, in_size, out_size, total_processing_len);
1160 // process remaining data
1162 size_t should_be_processed_of_bytes = (size_t)in_size/operation->block_len*operation->block_len;
1163 size_t remaining_number_of_bytes = in_size-should_be_processed_of_bytes;
1165 CRYPTO_INTERNAL_LOG("should_be_processed_of_bytes=%zd remaining_number_of_bytes=%zd processed=%d", should_be_processed_of_bytes, remaining_number_of_bytes, total_processing_len);
1166 if (should_be_processed_of_bytes != 0)
1168 processing_len = out_size-total_processing_len;
1169 if (crypto_update_engine(operation, in_data, should_be_processed_of_bytes, out_data, &processing_len)) {
1172 total_processing_len += processing_len;
1173 in_size -= processing_len;
1174 in_data = (unsigned char*)((unsigned long) in_data + processing_len);
1176 out_data = (unsigned char*)((unsigned long) out_data + processing_len);
1180 if (operation->info.mode == TEE_MODE_ENCRYPT)
1182 unsigned int pad_byte;
1183 size_t should_be_processed_of_pad_bytes = 0;
1186 if (operation->info.algorithm == TEE_ALG_AES_ECB_NOPAD || operation->info.algorithm == TEE_ALG_AES_CBC_NOPAD ||
1187 operation->info.algorithm == TEE_ALG_DES_ECB_NOPAD || operation->info.algorithm == TEE_ALG_DES_CBC_NOPAD ||
1188 operation->info.algorithm == TEE_ALG_DES3_ECB_NOPAD || operation->info.algorithm == TEE_ALG_DES3_CBC_NOPAD)
1190 CRYPTO_INTERNAL_LOG("ENC NOPAD : Ignore remaining_number_of_bytes=%zd !!", remaining_number_of_bytes);
1194 memcpy(operation->data, in_data, remaining_number_of_bytes);
1195 operation->data_len += remaining_number_of_bytes;
1197 if (dst_len && *dst_len < total_processing_len+operation->block_len) {
1198 return TEE_ERROR_SHORT_BUFFER;
1201 pad_byte = operation->block_len - remaining_number_of_bytes;
1203 if (operation->info.algorithm == TEE_ALG_AES_ECB_PKCS5 || operation->info.algorithm == TEE_ALG_AES_ECB_PKCS7 ||
1204 operation->info.algorithm == TEE_ALG_AES_CBC_PKCS5 || operation->info.algorithm == TEE_ALG_AES_CBC_PKCS7) {
1205 should_be_processed_of_pad_bytes = operation->block_len;
1207 memset(operation->data + operation->data_len, pad_byte, pad_byte);
1208 CRYPTO_INTERNAL_LOG("ENC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1209 CRYPTO_INTERNAL_LOG("ENC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1210 } else if (operation->info.algorithm == TEE_ALG_AES_ECB_ISO9797_M1 || operation->info.algorithm == TEE_ALG_AES_CBC_ISO9797_M1) {
1211 if (pad_byte != 0 && (operation->block_len != pad_byte)) {
1212 should_be_processed_of_pad_bytes = operation->block_len;
1214 memset(operation->data + operation->data_len, 0x00, pad_byte);
1215 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1216 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1218 should_be_processed_of_pad_bytes = 0;
1220 } else if (operation->info.algorithm == TEE_ALG_AES_ECB_ISO9797_M2 || operation->info.algorithm == TEE_ALG_AES_CBC_ISO9797_M2) {
1221 should_be_processed_of_pad_bytes = operation->block_len;
1223 memset(operation->data + operation->data_len, 0x00, pad_byte);
1224 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1225 CRYPTO_INTERNAL_LOG("ENC ZERO : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1227 operation->data[operation->data_len] = 0x80;
1228 CRYPTO_INTERNAL_LOG("ENC ISO9797 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1229 CRYPTO_INTERNAL_LOG("ENC ISO9797 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1230 } else if (operation->info.algorithm == TEE_ALG_AES_CTR || operation->info.algorithm == TEE_ALG_AES_CTR_NOPAD) {
1231 should_be_processed_of_pad_bytes = remaining_number_of_bytes;
1234 if (crypto_final_engine(operation, operation->data, should_be_processed_of_pad_bytes, out_data, &processing_len)) {
1238 total_processing_len += processing_len;
1239 } else if (operation->info.mode == TEE_MODE_DECRYPT) {
1240 unsigned char * pad = out_data;
1241 unsigned int npad = 0;
1246 if (operation->info.algorithm == TEE_ALG_AES_ECB_NOPAD || operation->info.algorithm == TEE_ALG_AES_CBC_NOPAD ||
1247 operation->info.algorithm == TEE_ALG_DES_ECB_NOPAD || operation->info.algorithm == TEE_ALG_DES_CBC_NOPAD ||
1248 operation->info.algorithm == TEE_ALG_DES3_ECB_NOPAD || operation->info.algorithm == TEE_ALG_DES3_CBC_NOPAD) {
1249 CRYPTO_INTERNAL_LOG("DEC NOPAD : Ignore remaining_number_of_bytes=%zd !!", remaining_number_of_bytes);
1252 } else if (operation->info.algorithm == TEE_ALG_AES_ECB_PKCS5 || operation->info.algorithm == TEE_ALG_AES_ECB_PKCS7 ||
1253 operation->info.algorithm == TEE_ALG_AES_CBC_PKCS5 || operation->info.algorithm == TEE_ALG_AES_CBC_PKCS7) {
1254 memcpy(operation->data, pad-operation->block_len, operation->block_len);
1255 CRYPTO_INTERNAL_LOG("DEC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1256 CRYPTO_INTERNAL_LOG("DEC PKCS : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1261 if (npad <= operation->block_len) { // can't be more than block length
1264 for(i = 0; i < npad; i++, pad--) {
1272 if (total_processing_len >= npad)
1273 total_processing_len -= npad; // padding OK. Othewise padding will not be removed
1275 total_processing_len = 0;
1278 } else if (operation->info.algorithm == TEE_ALG_AES_ECB_ISO9797_M1 ||operation->info.algorithm == TEE_ALG_AES_CBC_ISO9797_M1) {
1279 CRYPTO_INTERNAL_LOG("DEC ISO9797 M1 : Ignore remaining_number_of_bytes=%zd !!", remaining_number_of_bytes);
1281 } else if (operation->info.algorithm == TEE_ALG_AES_ECB_ISO9797_M2 || operation->info.algorithm == TEE_ALG_AES_CBC_ISO9797_M2) {
1282 memcpy(operation->data, pad-operation->block_len, operation->block_len);
1283 CRYPTO_INTERNAL_LOG("DEC ISO9797 M2 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[0], operation->data[1], operation->data[2], operation->data[3], operation->data[4], operation->data[5], operation->data[6], operation->data[7]);
1284 CRYPTO_INTERNAL_LOG("DEC ISO9797 M2 : op->data=%2X%2X%2X%2X%2X%2X%2X%2X", operation->data[8], operation->data[9], operation->data[10], operation->data[11], operation->data[12], operation->data[13], operation->data[14], operation->data[15]);
1289 if (*pad == 0x00) // remove 0s
1290 for (; npad < operation->block_len-1 && *pad == 0x00; npad++, pad--);
1292 if (*pad == 0x80) { // correct M2 padding
1293 npad++; // remove 1st PAD byte 0x80
1294 } else { // M2 padding error
1295 npad = 0; // don't remove any padding
1298 if (total_processing_len >= npad)
1299 total_processing_len -= npad;
1301 total_processing_len = 0;
1302 } else if (operation->info.algorithm == TEE_ALG_AES_CTR || operation->info.algorithm == TEE_ALG_AES_CTR_NOPAD) {
1303 memcpy(operation->data, in_data, remaining_number_of_bytes);
1304 operation->data_len += remaining_number_of_bytes;
1306 if (crypto_final_engine(operation, operation->data, remaining_number_of_bytes, out_data, &processing_len)) {
1309 total_processing_len += remaining_number_of_bytes;
1315 } else if (operation->info.operationClass == TEE_OPERATION_MAC || operation->info.operationClass == TEE_OPERATION_DIGEST) {
1316 if (operation->data_len != 0) {
1317 if (in_size < (size_t)(operation->block_len - operation->data_len)) {
1320 num = (size_t)(operation->block_len - operation->data_len);
1323 CRYPTO_INTERNAL_LOG("num=%d in_size=%d processed=%d", num, in_size, total_processing_len);
1325 memcpy(operation->data + operation->data_len, in_data, num);
1327 operation->data_len += num;
1329 in_data = (unsigned char*)((unsigned long)in_data + num);
1331 /* accumulated data is full */
1332 if (operation->data_len == operation->block_len) {
1333 if (crypto_update_engine(operation, operation->data, operation->data_len, NULL, NULL)) {
1336 operation->data_len = 0;
1340 if (in_size == 0 && operation->data_len != 0) {
1341 in_size = operation->data_len;
1342 in_data = operation->data;
1343 operation->data_len = 0;
1345 CRYPTO_INTERNAL_LOG("num=%d in_size=%d op->data_len=%d", num, in_size, operation->data_len);
1349 if (crypto_final_engine(operation, in_data, in_size, out_data, &out_size)) {
1352 total_processing_len += in_size;
1355 if (crypto_final_engine(operation, in_data, in_size, out_data, &out_size)) {
1358 total_processing_len += in_size;
1361 CRYPTO_INTERNAL_LOG("in_size=%d out_size=%d processed=%d", in_size, out_size, total_processing_len);
1362 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1363 if (operation->info.operationClass == TEE_OPERATION_CIPHER && dst_len) {
1364 *dst_len = total_processing_len;
1365 } else if (operation->info.operationClass == TEE_OPERATION_MAC && dst_len) {
1366 *dst_len = out_size;
1367 } else if (operation->info.operationClass == TEE_OPERATION_AE && dst_len) {
1368 *dst_len = total_processing_len;
1369 } else if (operation->info.operationClass == TEE_OPERATION_DIGEST && dst_len) {
1370 *dst_len = out_size;
1371 } else if (operation->info.operationClass == TEE_OPERATION_ASYMMETRIC_CIPHER && dst_len) {
1372 *dst_len = out_size;
1373 } else if (operation->info.operationClass == TEE_OPERATION_ASYMMETRIC_SIGNATURE && dst_len) {
1374 *dst_len = out_size;
1378 LOGE(MODULE_SSF_LIB, "THIS HERE!!!");
1379 CRYPTO_INTERNAL_LOG("--------------------------------------------------------------");
1384 void TEE_DigestInit(TEE_OperationHandle operation);
1386 TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, uint32_t algorithm, uint32_t mode, uint32_t maxKeySize)
1388 PERMISSION_CHECK(PERM_CRYPTO);
1389 crypto_internal_operation * op;
1390 TEE_Result rc = TEE_SUCCESS;
1391 uint32_t alg_class = 0;
1392 uint32_t key_object_type = 0;
1393 uint32_t digest_len = 0;
1394 uint32_t block_len = 0;
1395 TEE_ObjectHandle key1 = TEE_HANDLE_NULL;
1396 TEE_ObjectHandle key2 = TEE_HANDLE_NULL;
1398 // check parameters compatibility
1401 /* Algorithm Class is SYMMETRIC CIPHER */
1402 case TEE_ALG_AES_ECB_NOPAD:
1403 case TEE_ALG_AES_CBC_NOPAD:
1404 case TEE_ALG_AES_CTR:
1405 case TEE_ALG_AES_CTR_NOPAD:
1406 case TEE_ALG_AES_ECB_PKCS5:
1407 case TEE_ALG_AES_ECB_PKCS7:
1408 case TEE_ALG_AES_ECB_ISO9797_M1:
1409 case TEE_ALG_AES_ECB_ISO9797_M2:
1410 case TEE_ALG_AES_CBC_PKCS5:
1411 case TEE_ALG_AES_CBC_PKCS7:
1412 case TEE_ALG_AES_CBC_ISO9797_M1:
1413 case TEE_ALG_AES_CBC_ISO9797_M2:
1414 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1415 return TEE_ERROR_NOT_SUPPORTED;
1418 alg_class = TEE_OPERATION_CIPHER;
1419 key_object_type = TEE_TYPE_AES;
1424 case TEE_ALG_AES_XTS:
1425 case TEE_ALG_AES_CTS:
1426 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1427 return TEE_ERROR_NOT_SUPPORTED;
1430 alg_class = TEE_OPERATION_CIPHER;
1431 key_object_type = TEE_TYPE_AES;
1432 block_len = 32; // for CTS & XTS need 2 AES blocks
1436 case TEE_ALG_DES_ECB_NOPAD:
1437 case TEE_ALG_DES_CBC_NOPAD:
1439 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1440 return TEE_ERROR_NOT_SUPPORTED;
1443 alg_class = TEE_OPERATION_CIPHER;
1444 key_object_type = TEE_TYPE_DES;
1449 case TEE_ALG_DES3_ECB_NOPAD:
1450 case TEE_ALG_DES3_CBC_NOPAD:
1451 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1452 return TEE_ERROR_NOT_SUPPORTED;
1455 alg_class = TEE_OPERATION_CIPHER;
1456 key_object_type = TEE_TYPE_DES3;
1461 /* Algorithm Class is AE */
1462 case TEE_ALG_AES_CCM:
1463 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1464 return TEE_ERROR_NOT_SUPPORTED;
1467 alg_class = TEE_OPERATION_AE;
1468 key_object_type = TEE_TYPE_AES;
1473 case TEE_ALG_AES_GCM:
1474 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1475 return TEE_ERROR_NOT_SUPPORTED;
1478 alg_class = TEE_OPERATION_AE;
1479 key_object_type = TEE_TYPE_AES;
1484 /* Algorithm Class is MAC */
1485 case TEE_ALG_AES_CBC_MAC_NOPAD:
1486 case TEE_ALG_AES_CBC_MAC_PKCS5:
1487 case TEE_ALG_AES_CMAC:
1488 if (mode != TEE_MODE_MAC) {
1489 return TEE_ERROR_NOT_SUPPORTED;
1492 alg_class = TEE_OPERATION_MAC;
1493 key_object_type = TEE_TYPE_AES;
1498 case TEE_ALG_DES_CBC_MAC_NOPAD:
1499 case TEE_ALG_DES_CBC_MAC_PKCS5:
1500 if (mode != TEE_MODE_MAC) {
1501 return TEE_ERROR_NOT_SUPPORTED;
1504 alg_class = TEE_OPERATION_MAC;
1505 key_object_type = TEE_TYPE_DES;
1510 case TEE_ALG_DES3_CBC_MAC_NOPAD:
1511 case TEE_ALG_DES3_CBC_MAC_PKCS5:
1512 if (mode != TEE_MODE_MAC) {
1513 return TEE_ERROR_NOT_SUPPORTED;
1516 alg_class = TEE_OPERATION_MAC;
1517 key_object_type = TEE_TYPE_DES3;
1522 case TEE_ALG_HMAC_MD5:
1523 if (mode != TEE_MODE_MAC) {
1524 return TEE_ERROR_NOT_SUPPORTED;
1527 alg_class = TEE_OPERATION_MAC;
1528 key_object_type = TEE_TYPE_HMAC_MD5;
1533 case TEE_ALG_HMAC_SHA1:
1534 if (mode != TEE_MODE_MAC) {
1535 return TEE_ERROR_NOT_SUPPORTED;
1538 alg_class = TEE_OPERATION_MAC;
1539 key_object_type = TEE_TYPE_HMAC_SHA1;
1544 case TEE_ALG_HMAC_SHA224:
1545 if (mode != TEE_MODE_MAC) {
1546 return TEE_ERROR_NOT_SUPPORTED;
1549 alg_class = TEE_OPERATION_MAC;
1550 key_object_type = TEE_TYPE_HMAC_SHA224;
1555 case TEE_ALG_HMAC_SHA256:
1556 if (mode != TEE_MODE_MAC) {
1557 return TEE_ERROR_NOT_SUPPORTED;
1560 alg_class = TEE_OPERATION_MAC;
1561 key_object_type = TEE_TYPE_HMAC_SHA256;
1566 case TEE_ALG_HMAC_SHA384:
1567 if (mode != TEE_MODE_MAC) {
1568 return TEE_ERROR_NOT_SUPPORTED;
1571 alg_class = TEE_OPERATION_MAC;
1572 key_object_type = TEE_TYPE_HMAC_SHA384;
1577 case TEE_ALG_HMAC_SHA512:
1578 if (mode != TEE_MODE_MAC) {
1579 return TEE_ERROR_NOT_SUPPORTED;
1582 alg_class = TEE_OPERATION_MAC;
1583 key_object_type = TEE_TYPE_HMAC_SHA512;
1588 /* Algorithm Class is DIGIT */
1590 if (mode != TEE_MODE_DIGEST) {
1591 return TEE_ERROR_NOT_SUPPORTED;
1594 alg_class = TEE_OPERATION_DIGEST;
1595 key_object_type = 0;
1601 if (mode != TEE_MODE_DIGEST) {
1602 return TEE_ERROR_NOT_SUPPORTED;
1605 alg_class = TEE_OPERATION_DIGEST;
1606 key_object_type = 0;
1611 case TEE_ALG_SHA224:
1612 if (mode != TEE_MODE_DIGEST) {
1613 return TEE_ERROR_NOT_SUPPORTED;
1616 alg_class = TEE_OPERATION_DIGEST;
1617 key_object_type = 0;
1622 case TEE_ALG_SHA256:
1623 if (mode != TEE_MODE_DIGEST) {
1624 return TEE_ERROR_NOT_SUPPORTED;
1627 alg_class = TEE_OPERATION_DIGEST;
1628 key_object_type = 0;
1633 case TEE_ALG_SHA384:
1634 if (mode != TEE_MODE_DIGEST) {
1635 return TEE_ERROR_NOT_SUPPORTED;
1638 alg_class = TEE_OPERATION_DIGEST;
1639 key_object_type = 0;
1644 case TEE_ALG_SHA512:
1645 if (mode != TEE_MODE_DIGEST) {
1646 return TEE_ERROR_NOT_SUPPORTED;
1649 alg_class = TEE_OPERATION_DIGEST;
1650 key_object_type = 0;
1655 /* Algorithm Class is ASYMMETRIC CIPHER */
1656 case TEE_ALG_RSAES_PKCS1_V1_5:
1657 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
1658 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
1659 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
1660 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
1661 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
1662 case TEE_ALG_RSA_NOPAD:
1663 if (mode != TEE_MODE_ENCRYPT && mode != TEE_MODE_DECRYPT) {
1664 return TEE_ERROR_NOT_SUPPORTED;
1667 alg_class = TEE_OPERATION_ASYMMETRIC_CIPHER;
1668 key_object_type = TEE_TYPE_RSA_KEYPAIR;
1673 /* Algorithm Class is SIGNATURE */
1674 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
1675 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
1676 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
1677 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
1678 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
1679 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
1680 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
1681 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
1682 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
1683 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
1684 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
1685 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1686 return TEE_ERROR_NOT_SUPPORTED;
1689 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1690 key_object_type = TEE_TYPE_RSA_KEYPAIR;
1693 case TEE_ALG_ECDSA_P160:
1694 case TEE_ALG_ECDSA_P192:
1695 case TEE_ALG_ECDSA_P224:
1696 case TEE_ALG_ECDSA_P256:
1697 case TEE_ALG_ECDSA_P384:
1698 case TEE_ALG_ECDSA_P521:
1699 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1700 return TEE_ERROR_NOT_SUPPORTED;
1703 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1704 key_object_type = TEE_TYPE_RSA_KEYPAIR;
1707 case TEE_ALG_DSA_SHA1:
1708 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1709 return TEE_ERROR_NOT_SUPPORTED;
1712 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1713 key_object_type = TEE_TYPE_DSA_KEYPAIR;
1716 case TEE_ALG_ECDH_P192:
1717 case TEE_ALG_ECDH_P224:
1718 case TEE_ALG_ECDH_P256:
1719 case TEE_ALG_ECDH_P384:
1720 case TEE_ALG_ECDH_P521:
1721 if (mode != TEE_MODE_SIGN && mode != TEE_MODE_VERIFY) {
1722 return TEE_ERROR_NOT_SUPPORTED;
1725 alg_class = TEE_OPERATION_ASYMMETRIC_SIGNATURE;
1726 key_object_type = TEE_TYPE_ECDH_KEYPAIR;
1729 /* Algorithm Class is KEY DERIVATION */
1730 case TEE_ALG_DH_DERIVE_SHARED_SECRET:
1731 if (mode != TEE_MODE_DERIVE) {
1732 return TEE_ERROR_NOT_SUPPORTED;
1735 alg_class = TEE_OPERATION_KEY_DERIVATION;
1736 key_object_type = TEE_TYPE_DH_KEYPAIR;
1740 LOGE(MODULE_SSF_LIB, "Not Support Algorithm : %X", algorithm);
1741 rc = TEE_ERROR_NOT_SUPPORTED;
1746 /* first malloc for crypto operation */
1747 op = (crypto_internal_operation *)malloc(sizeof (crypto_internal_operation));
1749 rc = TEE_ERROR_OUT_OF_MEMORY;
1753 memset(op, 0, sizeof (crypto_internal_operation));
1755 /* Set TEE_OperationInfo */
1756 op->info.algorithm = algorithm;
1757 op->info.operationClass = alg_class;
1758 op->info.mode = mode;
1759 op->info.digestLength = digest_len;
1760 op->info.maxKeySize = maxKeySize;
1761 op->info.keySize = maxKeySize;
1763 if (mode == TEE_MODE_ENCRYPT) {
1764 op->info.requiredKeyUsage |= TEE_USAGE_ENCRYPT;
1766 if (mode == TEE_MODE_DECRYPT) {
1767 op->info.requiredKeyUsage |= TEE_USAGE_DECRYPT;
1769 if (mode == TEE_MODE_MAC) {
1770 op->info.requiredKeyUsage |= TEE_USAGE_MAC;
1772 if (mode == TEE_MODE_DERIVE) {
1773 op->info.requiredKeyUsage |= TEE_USAGE_DERIVE;
1775 if (mode == TEE_MODE_SIGN) {
1776 op->info.requiredKeyUsage |= TEE_USAGE_SIGN;
1778 if (mode == TEE_MODE_VERIFY) {
1779 op->info.requiredKeyUsage |= TEE_USAGE_VERIFY;
1781 if (algorithm == TEE_ALG_RSA_NOPAD)
1783 if (mode == TEE_MODE_ENCRYPT) {
1784 op->info.requiredKeyUsage |= TEE_USAGE_VERIFY;
1785 } else if (mode == TEE_MODE_DECRYPT) {
1786 op->info.requiredKeyUsage |= TEE_USAGE_SIGN;
1790 if (algorithm == TEE_ALG_AES_XTS) {
1791 op->info.handleState |= TEE_HANDLE_FLAG_EXPECT_TWO_KEYS;
1795 if (crypto_internal_open(op) != 0) {
1796 rc = TEE_ERROR_NOT_SUPPORTED;
1801 if (key_object_type) {
1802 if (TEE_AllocateTransientObject(key_object_type, maxKeySize, &key1) != TEE_SUCCESS) {
1803 rc = TEE_ERROR_OUT_OF_MEMORY;
1808 /* key2 alloc for XTS */
1809 if (algorithm == TEE_ALG_AES_XTS) {
1810 if (TEE_AllocateTransientObject(key_object_type, maxKeySize, &key2) != TEE_SUCCESS) {
1811 rc = TEE_ERROR_OUT_OF_MEMORY;
1816 /* key map for crypto operation */
1819 op->block_len = block_len;
1821 *operation = (TEE_OperationHandle)op;
1823 if (alg_class == TEE_OPERATION_DIGEST) {
1824 TEE_DigestInit(*operation);
1830 crypto_internal_close(op);
1832 TEE_CloseObject(key1);
1835 TEE_CloseObject(key2);
1841 *operation = TEE_HANDLE_NULL;
1842 LOGE(MODULE_SSF_LIB, "Error : %X", rc);
1846 void TEE_FreeOperation(TEE_OperationHandle operation)
1848 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
1850 crypto_internal_operation * op;
1852 if (operation == TEE_HANDLE_NULL) {
1855 op = (crypto_internal_operation*)operation;
1857 TEE_CloseObject(op->key1);
1860 TEE_CloseObject(op->key2);
1862 crypto_internal_close(op);
1867 void TEE_GetOperationInfo(TEE_OperationHandle operation, TEE_OperationInfo* operationInfo)
1869 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
1871 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1873 operationInfo->algorithm = op->info.algorithm;
1874 operationInfo->digestLength = op->info.digestLength;
1875 operationInfo->handleState = op->info.handleState;
1876 operationInfo->keySize = op->info.keySize;
1877 operationInfo->maxKeySize = op->info.maxKeySize;
1878 operationInfo->mode = op->info.mode;
1879 operationInfo->operationClass = op->info.operationClass;
1880 operationInfo->requiredKeyUsage = op->info.requiredKeyUsage;
1883 void TEE_ResetOperation(TEE_OperationHandle operation)
1885 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
1887 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1888 op->info.handleState &= ~TEE_HANDLE_FLAG_INITIALIZED;
1892 TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation, TEE_ObjectHandle key)
1894 PERMISSION_CHECK(PERM_CRYPTO);
1896 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1897 if (!op || op->info.operationClass == TEE_OPERATION_DIGEST || op->info.algorithm == TEE_ALG_AES_XTS)
1899 LOGE(MODULE_SSF_LIB, "op->info.operationClass == TEE_OPERATION_DIGEST\n");
1900 return TEE_ERROR_BAD_PARAMETERS;
1903 if (key == TEE_HANDLE_NULL)
1905 TEE_CloseObject(op->key1);
1906 op->key1 = TEE_HANDLE_NULL;
1910 if ((key->tr.info.objectUsage | ~(op->info.requiredKeyUsage)) != 0xffffffff)
1912 LOGE(MODULE_SSF_LIB, "(key->tr.info.objectUsage | ~(op->info.requiredKeyUsage)) != 0xffffffff\n");
1913 return TEE_ERROR_BAD_PARAMETERS;
1916 TEE_CopyObjectAttributes(op->key1, key);
1918 op->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
1922 TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation, TEE_ObjectHandle key1, TEE_ObjectHandle key2)
1924 PERMISSION_CHECK(PERM_CRYPTO);
1926 crypto_internal_operation * op = (crypto_internal_operation*) operation;
1928 if ( (key1 && !key2) || (!key1 && key2)) {
1931 if (!op || op->info.algorithm != TEE_ALG_AES_XTS) {
1937 TEE_CloseObject(op->key1);
1938 TEE_CloseObject(op->key2);
1939 op->key1 = TEE_HANDLE_NULL;
1940 op->key2 = TEE_HANDLE_NULL;
1944 if (key1 && (key1->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
1947 if (key2 && (key2->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
1952 TEE_CopyObjectAttributes(op->key1, key1);
1956 TEE_CopyObjectAttributes(op->key2, key2);
1959 op->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
1964 void TEE_CopyOperation(TEE_OperationHandle dstOperation, TEE_OperationHandle srcOperation)
1966 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
1968 crypto_internal_operation * dstOp = (crypto_internal_operation*) dstOperation;
1969 crypto_internal_operation * srcOp = (crypto_internal_operation*) srcOperation;
1971 if (dstOp->info.mode != srcOp->info.mode || dstOp->info.algorithm != srcOp->info.algorithm) {
1974 if (dstOp->info.maxKeySize < srcOp->info.maxKeySize) {
1978 dstOp->info.algorithm = srcOp->info.algorithm;
1979 dstOp->info.digestLength = srcOp->info.digestLength;
1980 dstOp->info.handleState = srcOp->info.handleState;
1981 dstOp->info.keySize = srcOp->info.keySize;
1982 dstOp->info.maxKeySize = srcOp->info.maxKeySize;
1983 dstOp->info.mode = srcOp->info.mode;
1984 dstOp->info.operationClass = srcOp->info.operationClass;
1985 dstOp->info.requiredKeyUsage = srcOp->info.requiredKeyUsage;
1988 TEE_CopyObjectAttributes(dstOp->key1, srcOp->key1);
1991 TEE_CopyObjectAttributes(dstOp->key2, srcOp->key2);
1993 if (srcOp->crypto) {
1994 if (crypto_internal_open(dstOp) != 0) {
1998 dstOp->crypto = NULL;
2003 // Message Digest Functions
2005 This is not GP Spec function. but I used this
2007 void TEE_DigestInit(TEE_OperationHandle operation)
2009 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2011 if (crypto_internal_init(op, NULL, NULL, 0)) {
2014 op->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
2015 op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED;
2019 void TEE_DigestUpdate(TEE_OperationHandle operation, const void* chunk, size_t chunkSize)
2021 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2022 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2024 if (!op || !chunk || !chunkSize) {
2027 if (op->info.operationClass != TEE_OPERATION_DIGEST) {
2030 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2031 TEE_DigestInit(operation);
2033 if (crypto_internal_update(op, (unsigned char*)chunk, chunkSize, NULL, NULL)) {
2039 TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, const void* chunk, size_t chunkLen, void* hash, size_t *hashLen)
2041 PERMISSION_CHECK(PERM_CRYPTO);
2042 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2044 if (!hash || *hashLen < op->info.digestLength) {
2045 return TEE_ERROR_SHORT_BUFFER;
2047 if (op->info.operationClass != TEE_OPERATION_DIGEST) {
2050 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2051 TEE_DigestInit(operation);
2053 if(crypto_internal_final(op, (unsigned char*)chunk, chunkLen, (unsigned char*)hash, hashLen)) {
2059 // Symmetric Cipher Functions
2060 void TEE_CipherInit(TEE_OperationHandle operation, const void* IV, size_t IVLen)
2062 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2063 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2064 crypto_internal_keystruct key;
2065 unsigned char key_buf[32] = {0x0, };
2067 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2068 key.secret.size = sizeof(key_buf);
2069 key.secret.buffer = key_buf;
2071 if (op->info.operationClass != TEE_OPERATION_CIPHER) {
2074 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2077 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_SECRET_VALUE,
2078 (void*)key.secret.buffer, (size_t*)&key.secret.size) != TEE_SUCCESS) {
2081 if (!key.secret.buffer) {
2084 if (crypto_internal_init(op, &key, (unsigned char*)IV, IVLen)) {
2087 op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED;
2091 TEE_Result TEE_CipherUpdate(TEE_OperationHandle operation, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2093 PERMISSION_CHECK(PERM_CRYPTO);
2094 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2096 if (*destLen < srcLen) {
2097 return TEE_ERROR_SHORT_BUFFER;
2099 if (op->info.operationClass != TEE_OPERATION_CIPHER) {
2102 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2105 if (crypto_internal_update(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2111 TEE_Result TEE_CipherDoFinal(TEE_OperationHandle operation, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2113 PERMISSION_CHECK(PERM_CRYPTO);
2114 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2116 if (*destLen < srcLen) {
2117 return TEE_ERROR_SHORT_BUFFER;
2119 if (op->info.operationClass != TEE_OPERATION_CIPHER) {
2122 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2125 if (crypto_internal_final(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2132 void TEE_MACInit(TEE_OperationHandle operation, const void* IV, size_t IVLen)
2134 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2135 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2136 crypto_internal_keystruct key;
2137 unsigned char key_buf[128] = {0x0, };
2139 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2140 key.secret.size = sizeof(key_buf);
2141 key.secret.buffer = key_buf;
2143 if (op->info.operationClass != TEE_OPERATION_MAC) {
2146 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2149 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_SECRET_VALUE,
2150 (void*)key.secret.buffer, (size_t*)&key.secret.size) != TEE_SUCCESS) {
2153 if (!key.secret.buffer) {
2156 if (crypto_internal_init(op, &key, (unsigned char*)IV, IVLen)) {
2159 op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED;
2163 void TEE_MACUpdate(TEE_OperationHandle operation, const void* chunk, size_t chunkSize)
2165 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2166 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2168 if (!chunk || !chunkSize) {
2171 if (op->info.operationClass != TEE_OPERATION_MAC) {
2174 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2177 if (crypto_internal_update(op, (unsigned char*)chunk, chunkSize, NULL, NULL)) {
2183 TEE_Result TEE_MACComputeFinal(TEE_OperationHandle operation, const void* message, size_t messageLen, void* mac, size_t *macLen)
2185 PERMISSION_CHECK(PERM_CRYPTO);
2186 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2188 if (!mac || *macLen < op->info.digestLength) {
2189 return TEE_ERROR_SHORT_BUFFER;
2191 if (op->info.operationClass != TEE_OPERATION_MAC) {
2194 if (!(op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED)) {
2197 if(crypto_internal_final(op, (unsigned char*)message, messageLen, (unsigned char*)mac, macLen)) {
2203 TEE_Result TEE_MACCompareFinal(TEE_OperationHandle operation, void* message, size_t messageLen, void* mac, size_t *macLen)
2205 PERMISSION_CHECK(PERM_CRYPTO);
2206 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2208 size_t result_len = sizeof result;
2210 if (!mac || !macLen || *macLen != op->info.digestLength) {
2211 return TEE_ERROR_MAC_INVALID;
2213 if (TEE_MACComputeFinal(operation, (unsigned char*)message, messageLen, result, &result_len) != TEE_SUCCESS) {
2214 return TEE_ERROR_MAC_INVALID;
2216 if (memcmp(mac, result, *macLen)) {
2217 return TEE_ERROR_MAC_INVALID;
2223 // Authenticated Encryption Functions
2224 TEE_Result TEE_AEInit(TEE_OperationHandle operation, void* nonce, size_t nonceLen, uint32_t tagLen, uint32_t AADLen, uint32_t payloadLen)
2226 PERMISSION_CHECK(PERM_CRYPTO);
2228 crypto_internal_operation *op = (crypto_internal_operation*)operation;
2229 crypto_internal_keystruct key;
2230 unsigned char key_buf[32] = {0x0, };
2232 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2233 key.secret.size = sizeof(key_buf);
2234 key.secret.buffer = key_buf;
2237 if (op->info.operationClass != TEE_OPERATION_AE) {
2238 LOGE(MODULE_SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2241 if (op->info.mode != TEE_MODE_ENCRYPT && op->info.mode != TEE_MODE_DECRYPT) {
2242 LOGE(MODULE_SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2245 if (!(operation->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2246 LOGE(MODULE_SSF_LIB, "Key not set in operation");
2250 if (nonce == NULL || nonceLen < 12) {
2251 LOGE(MODULE_SSF_LIB, "Incorrect nonce provided");
2255 std::array<uint32_t, 5> values_GCM = {128, 120, 112, 104, 96};
2256 std::array<uint32_t, 6> values_CCM = {128, 112, 96, 64, 48, 32};
2257 switch (op->info.algorithm) {
2258 case TEE_ALG_AES_GCM: {
2259 if (std::find(values_GCM.begin(), values_GCM.end(), tagLen) == values_GCM.end()) {
2260 LOGE(MODULE_SSF_LIB, "Incorrect tag length %u", tagLen);
2261 return TEE_ERROR_NOT_SUPPORTED;
2265 case TEE_ALG_AES_CCM: {
2266 if (std::find(values_CCM.begin(), values_CCM.end(), tagLen) == values_CCM.end()) {
2267 LOGE(MODULE_SSF_LIB, "Incorrect tag length %u", tagLen);
2268 return TEE_ERROR_NOT_SUPPORTED;
2273 LOGE(MODULE_SSF_LIB, "Incorrect algorithm %x", op->info.algorithm);
2277 // CCM exclusive checks
2278 if (op->info.algorithm == TEE_ALG_AES_CCM) {
2279 // TODO support CCM and check AAD/payload here
2280 LOGE(MODULE_SSF_LIB, "CCM mode not supported");
2281 return TEE_ERROR_NOT_SUPPORTED;
2284 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_SECRET_VALUE,
2285 (void*)key.secret.buffer, (size_t*)&key.secret.size) != TEE_SUCCESS) {
2286 LOGE(MODULE_SSF_LIB, "Cannot acquire key from operation");
2289 if (!key.secret.buffer) {
2290 LOGE(MODULE_SSF_LIB, "Uninitialized operation key");
2294 if (ossl_crypto_ae_init(op, &key,
2295 (unsigned char*)nonce, nonceLen, tagLen)) {
2296 LOGE(MODULE_SSF_LIB, "Failed to initialize AE algorithm");
2303 void TEE_AEUpdateAAD(TEE_OperationHandle operation, void* AADdata, size_t AADdataLen)
2305 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2306 crypto_internal_operation *op = (crypto_internal_operation*)operation;
2309 if (op->info.operationClass != TEE_OPERATION_AE) {
2310 LOGE(MODULE_SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2313 if (op->info.mode != TEE_MODE_ENCRYPT && op->info.mode != TEE_MODE_DECRYPT) {
2314 LOGE(MODULE_SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2317 if (op->crypto == 0) {
2318 LOGE(MODULE_SSF_LIB, "Uninitialized operation handle provided");
2322 if (ossl_crypto_ae_update_aad(op, AADdata, AADdataLen)) {
2323 LOGE(MODULE_SSF_LIB, "Failed to update AAD data");
2330 TEE_Result TEE_AEUpdate(TEE_OperationHandle operation, void* srcData, size_t srcLen, void* destData, size_t *destLen)
2332 PERMISSION_CHECK(PERM_CRYPTO);
2333 crypto_internal_operation *op = (crypto_internal_operation*)operation;
2335 if (op->info.operationClass != TEE_OPERATION_AE) {
2336 LOGE(MODULE_SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2339 if (op->info.mode != TEE_MODE_ENCRYPT && op->info.mode != TEE_MODE_DECRYPT) {
2340 LOGE(MODULE_SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2343 if (op->crypto == 0) {
2344 LOGE(MODULE_SSF_LIB, "Uninitialized operation handle provided");
2348 if (ossl_crypto_ae_update(op, srcData, srcLen, destData, destLen)) {
2349 LOGE(MODULE_SSF_LIB, "Failed to update cipher data");
2356 TEE_Result TEE_AEEncryptFinal(TEE_OperationHandle operation, void* srcData, size_t srcLen, void* destData, size_t* destLen, void* tag, size_t* tagLen)
2358 PERMISSION_CHECK(PERM_CRYPTO);
2359 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2361 if (op->info.operationClass != TEE_OPERATION_AE) {
2362 LOGE(MODULE_SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2365 if (op->info.mode != TEE_MODE_ENCRYPT) {
2366 LOGE(MODULE_SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2369 if (op->crypto == 0) {
2370 LOGE(MODULE_SSF_LIB, "Uninitialized operation handle provided");
2374 if (ossl_crypto_ae_enc_final(op, srcData, srcLen, destData, destLen, tag, tagLen)) {
2375 LOGE(MODULE_SSF_LIB, "Failed to finalize AE encryption");
2382 TEE_Result TEE_AEDecryptFinal(TEE_OperationHandle operation, void* srcData, size_t srcLen, void* destData, size_t *destLen, void* tag, size_t tagLen)
2384 PERMISSION_CHECK(PERM_CRYPTO);
2385 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2386 TEE_Result ret = TEE_SUCCESS;
2388 if (op->info.operationClass != TEE_OPERATION_AE) {
2389 LOGE(MODULE_SSF_LIB, "Incorrect operation class %x", op->info.operationClass);
2392 if (op->info.mode != TEE_MODE_DECRYPT) {
2393 LOGE(MODULE_SSF_LIB, "Incorrect operation mode %x", op->info.mode);
2396 if (op->crypto == 0) {
2397 LOGE(MODULE_SSF_LIB, "Uninitialized operation handle provided");
2401 ret = ossl_crypto_ae_dec_final(op, srcData, srcLen, destData, destLen, tag, tagLen);
2402 if (ret != TEE_SUCCESS && ret != TEE_ERROR_MAC_INVALID) {
2403 LOGE(MODULE_SSF_LIB, "Failed to finalize AE decryption");
2410 TEE_Result TEE_AsymmetricEncrypt(TEE_OperationHandle operation, const TEE_Attribute* params, uint32_t paramCount, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2412 PERMISSION_CHECK(PERM_CRYPTO);
2415 crypto_internal_operation *op = (crypto_internal_operation*) operation;
2416 crypto_internal_keystruct key;
2417 unsigned char module_buf[512] = {0x0, };
2418 unsigned char pub_buf[512] = {0x0, };
2420 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2421 key.rsa_modulus.size = sizeof(module_buf);
2422 key.rsa_modulus.buffer = module_buf;
2423 key.rsa_public.size = sizeof(pub_buf);
2424 key.rsa_public.buffer = pub_buf;
2426 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_CIPHER) {
2429 if (op->info.mode != TEE_MODE_ENCRYPT ) {
2432 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2435 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2436 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2439 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2440 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2443 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer ) {
2446 if (crypto_internal_init(op, &key, NULL, 0)) {
2449 if (crypto_internal_final(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2450 return TEE_ERROR_SIGNATURE_INVALID;
2455 TEE_Result TEE_AsymmetricDecrypt(TEE_OperationHandle operation, const TEE_Attribute* params, uint32_t paramCount, const void* srcData, size_t srcLen, void* destData, size_t *destLen)
2457 PERMISSION_CHECK(PERM_CRYPTO);
2461 crypto_internal_operation * op = (crypto_internal_operation*) operation;
2462 crypto_internal_keystruct key;
2464 unsigned char module_buf[512] = {0x0, };
2465 unsigned char pub_buf[512] = {0x0, };
2466 unsigned char priv_buf[512] = {0x0, };
2468 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2469 key.rsa_modulus.size = sizeof(module_buf);
2470 key.rsa_modulus.buffer = module_buf;
2471 key.rsa_public.size = sizeof(pub_buf);
2472 key.rsa_public.buffer = pub_buf;
2473 key.rsa_private.size = sizeof(priv_buf);
2474 key.rsa_private.buffer = priv_buf;
2476 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_CIPHER) {
2479 if (op->info.mode != TEE_MODE_DECRYPT) {
2482 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2485 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2486 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2489 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2490 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2493 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIVATE_EXPONENT,
2494 (void*)key.rsa_private.buffer, (size_t*)&key.rsa_private.size) != TEE_SUCCESS) {
2497 #if 0 /* Not Support */
2498 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME1,
2499 (void*)key.rsa_prime1.buffer, (size_t*)&key.rsa_prime1.size) != TEE_SUCCESS) {
2502 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME2,
2503 (void*)key.rsa_prime2.buffer, (size_t*)&key.rsa_prime2.size) != TEE_SUCCESS) {
2506 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT1,
2507 (void*)key.rsa_exponent1.buffer, (size_t*)&key.rsa_exponent1.size) != TEE_SUCCESS) {
2510 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT2,
2511 (void*)key.rsa_exponent2.buffer, (size_t*)&key.rsa_exponent2.size) != TEE_SUCCESS) {
2514 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_COEFFICIENT,
2515 (void*)key.rsa_coefficient.buffer, (size_t*)&key.rsa_coefficient.size) != TEE_SUCCESS) {
2519 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer || !key.rsa_private.buffer
2520 /*|| !key.rsa_prime1.buffer || !key.rsa_prime2.buffer || !key.rsa_exponent1.buffer
2521 || !key.rsa_exponent2.buffer || !key.rsa_coefficient.buffer*/) {
2524 if (crypto_internal_init(op, &key, NULL, 0)) {
2527 if (crypto_internal_final(op, (unsigned char*)srcData, srcLen, (unsigned char*)destData, destLen)) {
2533 TEE_Result TEE_AsymmetricSignDigest( TEE_OperationHandle operation, const TEE_Attribute* params, uint32_t paramCount, const void* digest, size_t digestLen, void* signature, size_t *signatureLen)
2535 PERMISSION_CHECK(PERM_CRYPTO);
2538 crypto_internal_operation *op = (crypto_internal_operation*) operation;
2539 crypto_internal_keystruct key;
2541 unsigned char module_buf[384] = {0x0, };
2542 unsigned char pub_buf[384] = {0x0, };
2543 unsigned char priv_buf[384] = {0x0, };
2545 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2546 key.rsa_modulus.size = sizeof(module_buf);
2547 key.rsa_modulus.buffer = module_buf;
2548 key.rsa_public.size = sizeof(pub_buf);
2549 key.rsa_public.buffer = pub_buf;
2550 key.rsa_private.size = sizeof(priv_buf);
2551 key.rsa_private.buffer = priv_buf;
2553 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_SIGNATURE) {
2556 if (op->info.mode != TEE_MODE_SIGN ) {
2559 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2562 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2563 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2566 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2567 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2570 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIVATE_EXPONENT,
2571 (void*)key.rsa_private.buffer, (size_t*)&key.rsa_private.size) != TEE_SUCCESS) {
2574 #if 0 /* Not Support */
2575 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME1,
2576 (void*)key.rsa_prime1.buffer, (size_t*)&key.rsa_prime1.size) != TEE_SUCCESS) {
2579 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PRIME2,
2580 (void*)key.rsa_prime2.buffer, (size_t*)&key.rsa_prime2.size) != TEE_SUCCESS) {
2583 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT1,
2584 (void*)key.rsa_exponent1.buffer, (size_t*)&key.rsa_exponent1.size) != TEE_SUCCESS) {
2587 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_EXPONENT2,
2588 (void*)key.rsa_exponent2.buffer, (size_t*)&key.rsa_exponent2.size) != TEE_SUCCESS) {
2591 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_COEFFICIENT,
2592 (void*)key.rsa_coefficient.buffer, (size_t*)&key.rsa_coefficient.size) != TEE_SUCCESS) {
2596 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer || !key.rsa_private.buffer
2597 /*|| !key.rsa_prime1.buffer || !key.rsa_prime2.buffer || !key.rsa_exponent1.buffer
2598 || !key.rsa_exponent2.buffer || !key.rsa_coefficient.buffer*/) {
2601 if (crypto_internal_init(op, &key, NULL, 0)) {
2604 if (crypto_internal_final(op, (unsigned char*)digest, digestLen, (unsigned char*)signature, signatureLen)) {
2605 return TEE_ERROR_SHORT_BUFFER;
2610 TEE_Result TEE_AsymmetricVerifyDigest( TEE_OperationHandle operation, const TEE_Attribute* params, uint32_t paramCount, const void* digest, size_t digestLen, void* signature, size_t signatureLen)
2612 PERMISSION_CHECK(PERM_CRYPTO);
2615 crypto_internal_operation *op = (crypto_internal_operation*) operation;
2616 crypto_internal_keystruct key;
2617 size_t sign_len=signatureLen;
2619 unsigned char module_buf[384] = {0x0, };
2620 unsigned char pub_buf[384] = {0x0, };
2622 memset(&key, 0x00, sizeof(crypto_internal_keystruct));
2623 key.rsa_modulus.size = sizeof(module_buf);
2624 key.rsa_modulus.buffer = module_buf;
2625 key.rsa_public.size = sizeof(pub_buf);
2626 key.rsa_public.buffer = pub_buf;
2628 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_SIGNATURE) {
2631 if (op->info.mode != TEE_MODE_VERIFY ) {
2634 if (!(op->info.handleState & TEE_HANDLE_FLAG_KEY_SET)) {
2637 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_MODULUS,
2638 (void*)key.rsa_modulus.buffer, (size_t*)&key.rsa_modulus.size) != TEE_SUCCESS) {
2641 if (TEE_GetObjectBufferAttribute(op->key1, TEE_ATTR_RSA_PUBLIC_EXPONENT,
2642 (void*)key.rsa_public.buffer, (size_t*)&key.rsa_public.size) != TEE_SUCCESS) {
2645 if(!key.rsa_modulus.buffer || !key.rsa_public.buffer ) {
2648 if (crypto_internal_init(op, &key, NULL, 0)) {
2651 if (crypto_internal_final(op, (unsigned char*)digest, digestLen, (unsigned char*)signature, &sign_len)) {
2652 return TEE_ERROR_SIGNATURE_INVALID;
2657 // Key Derivation Functions
2658 void TEE_DeriveKey( TEE_OperationHandle operation, TEE_Attribute* params, uint32_t paramCount, TEE_ObjectHandle derivedKey)
2660 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2668 void TEE_GenerateRandom(void* randomBuffer, size_t randomBufferLen)
2670 PERMISSION_CHECK_RETURN_VOID(PERM_CRYPTO);
2671 crypto_internal_operation op;
2672 crypto_internal_keystruct key;
2673 unsigned char random[512] = {0};
2674 size_t random_len=512;
2675 memset((void *)&op,0,sizeof(op));
2676 if(randomBufferLen > 512)
2678 LOGE(MODULE_SSF_LIB, "currently only support less than 512 byte random data");
2681 op.info.algorithm = TEE_ALG_GENERATE_SECRET_KEY;
2682 op.info.keySize = randomBufferLen;
2683 /*cryptocore need bit_length*/
2684 key.secret.buffer = random;
2685 key.secret.size = random_len*8;
2687 if (crypto_internal_open(&op) != 0) {
2690 if (crypto_internal_init(&op, &key, NULL, 0)) {
2693 if (crypto_internal_final(&op, NULL, 0, NULL, NULL)) {
2696 if (crypto_internal_close(&op)) {
2699 memcpy(randomBuffer, random, randomBufferLen);