TEE_Result KM_SaveKey(void *data, size_t data_size, TEE_ObjectHandle key, void *objId,
size_t objId_size);
-TEE_Result KM_OpenKey(void *objId, size_t objId_size, uint32_t *key_bits_size,
- TEE_ObjectHandle *hndl);
+TEE_Result KM_OpenKey(void *objId, size_t objId_size, TEE_ObjectHandle *hndl);
TEE_Result KM_ImportKey(TEE_ObjectHandle hndl, uint32_t tee_key_type, void *buffer,
uint32_t *buffer_size);
void KM_DestroyData(void *objId, uint32_t objId_size);
+// Use the 4 functions below to adjust size units (bits vs. bytes) to specific TEE implementation
+static inline uint32_t KM_ObjectSizeBytes(const TEE_ObjectInfo *info)
+{
+ return (info->objectSize + 7)/8;
+}
+
+static inline uint32_t KM_ObjectSizeBits(const TEE_ObjectInfo *info)
+{
+ return info->objectSize;
+}
+
+static inline uint32_t KM_MaxObjectSizeBits(const TEE_ObjectInfo *info)
+{
+ return info->maxObjectSize;
+}
+
+static inline void KM_InitRefAttribute(TEE_Attribute *attr, uint32_t attributeID, void *buffer,
+ size_t lengthBytes)
+{
+ TEE_InitRefAttribute(attr, attributeID, buffer, lengthBytes);
+}
+
#endif // __INTERNAL_H__
}
}
-static uint32_t KM_SignatureSizeFromKey(TEE_ObjectHandle key)
-{
- TEE_ObjectInfo info;
- TEE_GetObjectInfo(key, &info);
-
- return (info.objectSize + 7) >> 3;
-}
-
static uint32_t KM_CheckAlgoKeySize(uint32_t type, uint32_t key_size)
{
switch (type) {
if (pwdData != NULL) {
ret = KM_DecryptAsymKey(keyIdData, pwdData, key);
} else {
- ret = KM_OpenKey(keyIdData->data, keyIdData->data_size, NULL, key);
+ ret = KM_OpenKey(keyIdData->data, keyIdData->data_size, key);
}
if (TEE_SUCCESS != ret)
}
// generate private key
- TEE_InitRefAttribute(&dsaParams[0], TEE_ATTR_DSA_PRIME, primeBuf.data, primeBuf.data_size);
- TEE_InitRefAttribute(&dsaParams[1], TEE_ATTR_DSA_SUBPRIME, subprimeBuf.data, subprimeBuf.data_size);
- TEE_InitRefAttribute(&dsaParams[2], TEE_ATTR_DSA_BASE, baseBuf.data, baseBuf.data_size);
+ KM_InitRefAttribute(&dsaParams[0], TEE_ATTR_DSA_PRIME, primeBuf.data, primeBuf.data_size);
+ KM_InitRefAttribute(&dsaParams[1], TEE_ATTR_DSA_SUBPRIME, subprimeBuf.data, subprimeBuf.data_size);
+ KM_InitRefAttribute(&dsaParams[2], TEE_ATTR_DSA_BASE, baseBuf.data, baseBuf.data_size);
return KM_GenerateAsymKey(bufferPtr,
bufferSizeGuard,
if (pwd_data != NULL) {
ret = KM_DecryptKey(key_id_data->data, key_id_data->data_size, pwd_data, &key);
} else {
- ret = KM_OpenKey(key_id_data->data, key_id_data->data_size, NULL, &key);
+ ret = KM_OpenKey(key_id_data->data, key_id_data->data_size, &key);
}
if (ret != TEE_SUCCESS) {
if (pwd_data != NULL) {
ret = KM_DecryptKey(key_id_data->data, key_id_data->data_size, pwd_data, &key);
} else {
- ret = KM_OpenKey(key_id_data->data, key_id_data->data_size, NULL, &key);
+ ret = KM_OpenKey(key_id_data->data, key_id_data->data_size, &key);
}
if (TEE_SUCCESS != ret) {
goto clean;
TEE_Result ret = TEE_SUCCESS;
TEE_ObjectHandle key = TEE_HANDLE_NULL;
TEE_OperationHandle operation = TEE_HANDLE_NULL;
+ TEE_ObjectInfo info;
KM_SymmetricInput *input = NULL;
KM_InputData *inputData = NULL;
goto clean;
}
- outSize = KM_SignatureSizeFromKey(key);
+ TEE_GetObjectInfo(key, &info);
+
+ outSize = KM_ObjectSizeBytes(&info);
out = malloc(outSize);
if (out == NULL) {
LOG("Failed to allocate output buffer");
TEE_Attribute attr;
TEE_Result ret = TEE_SUCCESS;
- TEE_InitRefAttribute(&attr, TEE_ATTR_SECRET_VALUE, key, (key_bits_size + 7)/8);
+ KM_InitRefAttribute(&attr, TEE_ATTR_SECRET_VALUE, key, (key_bits_size + 7)/8);
ret = TEE_AllocateTransientObject(tee_key_type, key_bits_size, hndl);
if (TEE_SUCCESS != ret) {
LOG("TEE_AllocateTransientObject has failed with=%x. Arguments=(tee_key_type=%X, "
}
TEE_GetObjectInfo(keyHndl, &objInfo);
- if (objInfo.objectSize == 0) {
+ keyBufSize = KM_ObjectSizeBytes(&objInfo);
+
+ if (keyBufSize == 0) {
LOG("Key provided for encryption is not initialized");
return TEE_ERROR_BAD_PARAMETERS;
}
return TEE_ERROR_BAD_PARAMETERS;
}
- keyBufSize = objInfo.objectSize;
keyBuf = malloc(keyBufSize);
if (keyBuf == NULL) {
LOG("Failed to allocate memory for key encryption");
}
// create new key from encrypted one
- ret = KM_CreateKey(objInfo.objectType, objInfo.objectSize, encKeyBuf, encKeyHndl);
+ ret = KM_CreateKey(objInfo.objectType, encKeyBufSize * 8, encKeyBuf, encKeyHndl);
if (ret != TEE_SUCCESS) {
LOG("Failed to create new key from encrypted");
goto out;
{
TEE_ObjectInfo objInfo;
TEE_Result ret;
+ uint32_t objSize;
if (attr == NULL) {
LOG("Attribute buffer is NULL");
* buffer in TEE_GetObjectBufferAttribute doesn't work in simulator.
*/
TEE_GetObjectInfo(keyHndl, &objInfo);
- if (((objInfo.handleFlags & TEE_HANDLE_FLAG_INITIALIZED) == 0) ||
- (objInfo.objectSize == 0)) {
+ objSize = KM_ObjectSizeBytes(&objInfo);
+ if (((objInfo.handleFlags & TEE_HANDLE_FLAG_INITIALIZED) == 0) || (objSize == 0)) {
LOG("Key provided for encryption is not initialized");
return TEE_ERROR_BAD_PARAMETERS;
}
- attr->data_size = (objInfo.objectSize + 7) >> 3;
+ attr->data_size = objSize;
attr->data = malloc(attr->data_size);
if (attr->data == NULL) {
LOG("Failed to allocate memory for key attribute.");
KM_BinaryData attributes[attrsCount];
KM_BinaryData tmpEncKey;
KM_BinaryData tmpTag;
+ uint32_t maxObjectSizeBits = 0;
if (encKey == NULL) {
LOG("There's no buffer for encrypted key");
tmpTag.data_size = 0;
TEE_GetObjectInfo(keyHndl, &objInfo);
+ maxObjectSizeBits = KM_MaxObjectSizeBits(&objInfo);
if (((objInfo.handleFlags & TEE_HANDLE_FLAG_INITIALIZED) == 0) ||
- (objInfo.maxObjectSize == 0)) {
+ (maxObjectSizeBits == 0)) {
LOG("Key provided for encryption is not initialized");
return TEE_ERROR_BAD_PARAMETERS;
}
goto clean;
}
- if (KM_SerializeFlag(&keyDataBufferPtr, &keyDataBufferGuard, objInfo.maxObjectSize)) {
+ if (KM_SerializeFlag(&keyDataBufferPtr, &keyDataBufferGuard, maxObjectSizeBits)) {
LOG("Failed to serialize object max size");
ret = TEE_ERROR_GENERIC;
goto clean;
TEE_Attribute attributes[attrsCount];
TEE_Result ret = 0;
uint32_t i = 0;
- uint32_t maxObjectSize = 0;
+ uint32_t maxObjectSizeBits = 0;
- if (KM_DeserializeFlag(&data, &dataSize, &maxObjectSize)) {
+ if (KM_DeserializeFlag(&data, &dataSize, &maxObjectSizeBits)) {
LOG("Failed to deserialize object size");
return TEE_ERROR_BAD_PARAMETERS;
}
return TEE_ERROR_BAD_PARAMETERS;
}
- TEE_InitRefAttribute(&attributes[i], attrIDs[i],
- readAttr[i].data, readAttr[i].data_size);
+ KM_InitRefAttribute(&attributes[i], attrIDs[i], readAttr[i].data, readAttr[i].data_size);
}
- ret = TEE_AllocateTransientObject(keyType, maxObjectSize, hndl);
+ ret = TEE_AllocateTransientObject(keyType, maxObjectSizeBits, hndl);
if (ret != TEE_SUCCESS) {
LOG("Failed to allocate transient object for new key, ret %x", ret);
return ret;
return TEE_ERROR_BAD_PARAMETERS;
}
- ret = KM_OpenKey(id, id_size, NULL, &objHandle);
+ ret = KM_OpenKey(id, id_size, &objHandle);
TEE_GetObjectInfo(objHandle, &objInfo);
- if (objInfo.objectSize == 0) {
+ keyBufSize = KM_ObjectSizeBytes(&objInfo);
+ if (keyBufSize == 0) {
LOG("Key provided for encryption is not initialized");
return TEE_ERROR_BAD_PARAMETERS;
}
- keyBufSize = objInfo.objectSize;
keyBuf = malloc(keyBufSize);
if (keyBuf == NULL) {
LOG("Failed to allocate memory for key encryption");
}
// create new key from decrypted one
- ret = KM_CreateKey(objInfo.objectType, objInfo.objectSize, decKeyBuf, decKeyHndl);
+ ret = KM_CreateKey(objInfo.objectType, decKeyBufSize * 8, decKeyBuf, decKeyHndl);
if (ret != TEE_SUCCESS) {
LOG("Failed to create new key from decrypted");
goto out;
{
TEE_Result ret = TEE_SUCCESS;
TEE_ObjectInfo info;
+ uint32_t bits;
TEE_GetObjectInfo(op_key_hndl, &info);
- LOGD("Operation key size: %d alg: %x", info.objectSize, algo);
- ret = TEE_AllocateOperation(hndl, algo, mode, info.objectSize);
+ bits = KM_ObjectSizeBits(&info);
+ LOGD("Operation key size: %d alg: %x", bits, algo);
+ ret = TEE_AllocateOperation(hndl, algo, mode, bits);
if (TEE_SUCCESS != ret) {
LOG("TEE_AllocateOperation has failed with=%x.", ret);
return ret;
return ret;
}
-TEE_Result KM_OpenKey(void *objId, size_t objId_size, uint32_t *key_bits_size,
- TEE_ObjectHandle *hndl)
+TEE_Result KM_OpenKey(void *objId, size_t objId_size, TEE_ObjectHandle *hndl)
{
TEE_Result ret = TEE_SUCCESS;
- TEE_ObjectInfo info;
uint32_t flags =
TEE_DATA_FLAG_ACCESS_READ;
return ret;
}
- if (key_bits_size) {
- TEE_GetObjectInfo(*hndl, &info);
- *key_bits_size = info.objectSize;
- }
return ret;
}
projects / platform / core / security / trusted / key-manager-ta.git / commitdiff