uint32_t with_pwd = 0;
uint32_t dataSizeBits_flag;
uint32_t dataTypeFlag; // representation of tz_data_type
+ void *tmp = NULL;
KM_BinaryData plainData; // Used during decryption with build-in key
KM_BinaryData encData; // Used during encyption with password
}
dataToSave = encData;
}
- ret = KM_SaveData(dataToSave.data, dataToSave.data_size, objId.data, objId.data_size);
+ tmp = malloc(dataToSave.data_size);
+ if (!tmp) {
+ LOG("Allocating memory has failed.");
+ goto clean;
+ }
+ memcpy(tmp, dataToSave.data, dataToSave.data_size);
+ ret = KM_SaveData(tmp, dataToSave.data_size, objId.data, objId.data_size);
+ free(tmp);
if (ret != TEE_SUCCESS) {
LOG("Failed to save data to storage");
+ goto clean;
}
} else if (dataTypeFlag == TYPE_SKEY) {
if (!KM_CheckAlgoKeySize(TEE_TYPE_AES, dataSizeBits_flag)) {
ret = TEE_ERROR_BAD_PARAMETERS;
goto clean;
}
+ readData.data = malloc(outData.data_size);
+ if (readData.data == NULL) {
+ LOG("Failed to allocate object buffer");
+ ret = TEE_ERROR_OUT_OF_MEMORY;
+ goto clean;
+ }
+ readData.data_size = outData.data_size;
+ ret = KM_GetData(readData.data, readData.data_size, objId.data, objId.data_size);
+ if (ret != TEE_SUCCESS) {
+ LOG("Failed to read object data from storage");
+ goto clean;
+ }
if (with_pwd) {
if (KM_DeserializePwdData(&in_buffer, &in_size_guard, &pwdData)) {
LOG("Error in deserialization");
ret = TEE_ERROR_BAD_PARAMETERS;
goto clean;
}
- readData.data = malloc(outData.data_size);
- if (readData.data == NULL) {
- LOG("Failed to allocate object buffer for decrypting data");
- ret = TEE_ERROR_OUT_OF_MEMORY;
- goto clean;
- }
- readData.data_size = outData.data_size;
- ret = KM_GetData(readData.data, readData.data_size, objId.data, objId.data_size);
- if (ret != TEE_SUCCESS) {
- LOG("Failed to read object data from storage");
- goto clean;
- }
ret = KM_DecryptDataWithPwd(&pwdData, readData.data, readData.data_size, outData.data, &outData.data_size);
if (ret != TEE_SUCCESS) {
LOG("Failed to decrypt data with pwd");
}
} else {
- ret = KM_GetData(outData.data, outData.data_size, objId.data, objId.data_size);
- if (ret != TEE_SUCCESS) {
- LOG("Failed to read object data from storage");
- }
+ memcpy(outData.data, readData.data, outData.data_size);
}
clean:
return ret;
}
+// Data stored in TEE Storage need to be located in Secure Memory
TEE_Result KM_SaveKey(void *data, size_t data_size, TEE_ObjectHandle key, void *objId,
size_t objId_size)
{
TEE_GenerateRandom(iv, iv_size);
}
+// Data stored in TEE Storage need to be located in Secure Memory
TEE_Result KM_SaveData(void *data, uint32_t data_size, void *objId, uint32_t objId_size)
{
TEE_Result ret = TEE_SUCCESS;
TEE_ObjectHandle handl;
- uint32_t flags = 0;
+ uint32_t flags = TEE_DATA_FLAG_ACCESS_READ | TEE_DATA_FLAG_ACCESS_WRITE;
ret = TEE_CreatePersistentObject(TEE_STORAGE_PRIVATE, objId, objId_size, flags,
TEE_HANDLE_NULL, data, data_size, &handl);
projects / platform / core / security / trusted / key-manager-ta.git / commitdiff