Pass public key curve info to TZ's ECDH

This is needed to compare curve with private EC curve in TZ.

Change-Id: I5c42b7395683bd14c391415537e31efc3dcb6fc4

diff --git a/src/manager/crypto/tz-backend/internals.cpp b/src/manager/crypto/tz-backend/internals.cpp
index 8470c12..b41c5cb 100644 (file)
--- a/src/manager/crypto/tz-backend/internals.cpp
+++ b/src/manager/crypto/tz-backend/internals.cpp
@@ -802,8 +802,29 @@ void deriveECDH(const RawBuffer &prvKeyId,
 
        RawBuffer secretPwdBuf(secretPwd.begin(), secretPwd.end());
 
+       int pubCurve = EC_GROUP_get_curve_name(ecGroup);
+       tz_ec tzCurve;
+       switch (pubCurve)
+       {
+       case NID_X9_62_prime192v1:
+               tzCurve = EC_NIST_P192;
+               break;
+
+       case NID_X9_62_prime256v1:
+               tzCurve = EC_NIST_P256;
+               break;
+
+       case NID_secp384r1:
+               tzCurve = EC_NIST_P384;
+               break;
+
+       default:
+               ThrowErr(Exc::Crypto::InputParam, "Unsupported public key EC");
+       }
+
        TrustZoneContext::Instance().executeEcdh(prvKeyId,
                                                                                         prvKeyPwd,
+                                                                                        tzCurve,
                                                                                         xBuf,
                                                                                         yBuf,
                                                                                         secretPwdBuf,

diff --git a/src/manager/crypto/tz-backend/tz-context.cpp b/src/manager/crypto/tz-backend/tz-context.cpp
index ffa41a0..b2bdf31 100644 (file)
--- a/src/manager/crypto/tz-backend/tz-context.cpp
+++ b/src/manager/crypto/tz-backend/tz-context.cpp
@@ -869,6 +869,7 @@ TZSerializablePwdData* makeSerializablePwd(const Pwd &pwd)
 
 void TrustZoneContext::executeEcdh(const RawBuffer &prvKeyId,
                                                                   const Pwd &prvKeyPwd,
+                                                                  const tz_ec curve,
                                                                   const RawBuffer &pubX,
                                                                   const RawBuffer &pubY,
                                                                   const RawBuffer &secretPwdBuf,
@@ -880,7 +881,7 @@ void TrustZoneContext::executeEcdh(const RawBuffer &prvKeyId,
        LogDebug("TrustZoneContext::executeEcdh");
 
        auto sIn = makeSerializer(
-               prvKeyId, prvKeyPwd, pubX, pubY, EncPwd{secretPwdBuf, secretPwdIV}, secretHash);
+               prvKeyId, prvKeyPwd, curve, pubX, pubY, EncPwd{secretPwdBuf, secretPwdIV}, secretHash);
        TrustZoneMemory inMemory(m_Context, sIn.GetSize(), TEEC_MEM_INPUT);
        sIn.Serialize(inMemory);
 

diff --git a/src/manager/crypto/tz-backend/tz-context.h b/src/manager/crypto/tz-backend/tz-context.h
index c69299d..9471807 100644 (file)
--- a/src/manager/crypto/tz-backend/tz-context.h
+++ b/src/manager/crypto/tz-backend/tz-context.h
@@ -179,6 +179,7 @@ public:
 
        void executeEcdh(const RawBuffer &prvKeyId,
                                         const Pwd &prvKeyPwd,
+                                        const tz_ec curve,
                                         const RawBuffer &pubX,
                                         const RawBuffer &pubY,
                                         const RawBuffer &secretPwdBuf,