Add padding parameter to encrypt/decrypt

author Jakub Wlostowski <j.wlostowski@samsung.com>

Fri, 9 May 2025 11:34:53 +0000 (13:34 +0200)

committer Jakub Wlostowski <j.wlostowski@samsung.com>

Wed, 14 May 2025 08:20:04 +0000 (10:20 +0200)
author Jakub Wlostowski <j.wlostowski@samsung.com>
Fri, 9 May 2025 11:34:53 +0000 (13:34 +0200)
committer Jakub Wlostowski <j.wlostowski@samsung.com>
Wed, 14 May 2025 08:20:04 +0000 (10:20 +0200)
diff --git a/haltest/security-keys.cpp b/haltest/security-keys.cpp

index 4d22c42859d2a102ed23c46e041c4f72b0e17876..6ad741311b82e01036bef5bdeb126ece734e49ff 100644 (file)
--- a/haltest/security-keys.cpp
+++ b/haltest/security-keys.cpp
@@ -405,6 +405,7 @@ TEST_F(SECURITY_KEYS, EncryptDecryptDataPositive)
          context,
          aes_ctr_algo,
          sha256_hash,
+        HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7,
          key_id,
          key_pwd_iv_tag,
          data,
@@ -417,6 +418,7 @@ TEST_F(SECURITY_KEYS, EncryptDecryptDataPositive)
          context,
          aes_ctr_algo,
          sha256_hash,
+        HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7,
          key_id,
          key_pwd_iv_tag,
          *(encrypted.Get()),
@@ -651,6 +653,7 @@ TEST_F(SECURITY_KEYS, EncapsDecapsPositive)
          context,
          aes_ctr_algo,
          sha256_hash,
+        HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7,
          encapsulated_key_id,
          encapsulated_key_pwd_iv_tag,
          data,
@@ -665,6 +668,7 @@ TEST_F(SECURITY_KEYS, EncapsDecapsPositive)
          context,
          aes_ctr_algo,
          sha256_hash,
+        HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7,
          decapsulated_key_id,
          decapsulated_key_pwd_iv_tag,
          *(encrypted.Get()),
@@ -1080,6 +1084,7 @@ TEST_F(SECURITY_KEYS, ImportExportWrappedKeyPositive)
          context,
          aes_ctr_algo,
          sha256_hash,
+        HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7,
          key_to_wrap_id,
          key_to_wrap_pwd_iv_tag,
          data,
@@ -1095,6 +1100,7 @@ TEST_F(SECURITY_KEYS, ImportExportWrappedKeyPositive)
          context,
          aes_ctr_algo,
          sha256_hash,
+        HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7,
          import_key_id,
          imported_key_pwd_iv_tag,
          *(encrypted.Get()),
diff --git a/include/hal-security-keys-interface-1.h b/include/hal-security-keys-interface-1.h

index f951e7d1c3e9363259020dcb11fa1187d58bf7fc..1eeb8c685c7bc067cd874856301f04ae706bdd51 100644 (file)
--- a/include/hal-security-keys-interface-1.h
+++ b/include/hal-security-keys-interface-1.h
@@ -218,6 +218,7 @@ typedef struct _hal_backend_security_keys_funcs {
      int (*encrypt_data)(const hal_security_keys_context_s context,
                          const hal_security_keys_algo_type_e algo,
                          const hal_security_keys_hash_algorithm_e hash,
+                        const hal_security_keys_padding_algorithm_e padding,
                          const hal_security_keys_data_s key_id,
                          const hal_security_keys_password_iv_tag_s key_pwd,
                          const hal_security_keys_data_s data,
@@ -228,6 +229,7 @@ typedef struct _hal_backend_security_keys_funcs {
      int (*decrypt_data)(const hal_security_keys_context_s context,
                          const hal_security_keys_algo_type_e algo,
                          const hal_security_keys_hash_algorithm_e hash,
+                        const hal_security_keys_padding_algorithm_e padding,
                          const hal_security_keys_data_s key_id,
                          const hal_security_keys_password_iv_tag_s key_pwd,
                          const hal_security_keys_data_s data,
diff --git a/include/hal-security-keys-types.h b/include/hal-security-keys-types.h

index d2772650e26151faaae06468d0ee7fadae0f2fdb..7d600bd102b4347ed3e8f4053562c207a6ad6f53 100644 (file)
--- a/include/hal-security-keys-types.h
+++ b/include/hal-security-keys-types.h
@@ -152,6 +152,18 @@ typedef enum {
      HAL_SECURITY_KEYS_HASH_ALGORITHM_SHA512,    /**< SHA512 */
  } hal_security_keys_hash_algorithm_e;
  
+/**
+ * @brief Enumeration for padding algorithm.
+ * @since HAL_MODULE_SECURITY_KEYS 1.0
+ */
+typedef enum {
+    HAL_SECURITY_KEYS_PADDING_ALGORITHM_NONE,          /**< None */
+    HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7,         /**< PKCS#7 */
+    HAL_SECURITY_KEYS_PADDING_ALGORITHM_ISO9797_M2,    /**< ISO9797 method 2 padding */
+    HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS1,         /**< PKCS#1 */
+    HAL_SECURITY_KEYS_PADDING_ALGORITHM_X931,          /**< X391 */
+} hal_security_keys_padding_algorithm_e;
+
  /**
   * @brief Enumeration for KDF PRF type.
   * @since HAL_MODULE_SECURITY_KEYS 1.0
diff --git a/include/hal-security-keys.h b/include/hal-security-keys.h

index aef6366ebf16914f496ecfa107f3ee363e8ab76f..170fc555f7c27cd34a85b8a7089c0d6bd84be0fa 100644 (file)
--- a/include/hal-security-keys.h
+++ b/include/hal-security-keys.h
@@ -189,6 +189,7 @@ int hal_security_keys_decrypt_data_auth(const hal_security_keys_context_s contex
  int hal_security_keys_encrypt_data(const hal_security_keys_context_s context,
                                     const hal_security_keys_algo_type_e algo,
                                     const hal_security_keys_hash_algorithm_e hash,
+                                   const hal_security_keys_padding_algorithm_e padding,
                                     const hal_security_keys_data_s key_id,
                                     const hal_security_keys_password_iv_tag_s key_pwd,
                                     const hal_security_keys_data_s data,
@@ -198,6 +199,7 @@ int hal_security_keys_encrypt_data(const hal_security_keys_context_s context,
  int hal_security_keys_decrypt_data(const hal_security_keys_context_s context,
                                     const hal_security_keys_algo_type_e algo,
                                     const hal_security_keys_hash_algorithm_e hash,
+                                   const hal_security_keys_padding_algorithm_e padding,
                                     const hal_security_keys_data_s key_id,
                                     const hal_security_keys_password_iv_tag_s key_pwd,
                                     const hal_security_keys_data_s data,
diff --git a/src/hal-api-security-keys.c b/src/hal-api-security-keys.c

index 936e4faad7d82b382b8b07f154f8dc174434c414..e20a24ebd03143036341e44ec09b606516adb574 100644 (file)
--- a/src/hal-api-security-keys.c
+++ b/src/hal-api-security-keys.c
@@ -342,6 +342,7 @@ EXPORT int hal_security_keys_decrypt_data_auth(const hal_security_keys_context_s
  EXPORT int hal_security_keys_encrypt_data(const hal_security_keys_context_s context,
                                            const hal_security_keys_algo_type_e algo,
                                            const hal_security_keys_hash_algorithm_e hash,
+                                          const hal_security_keys_padding_algorithm_e padding,
                                            const hal_security_keys_data_s key_id,
                                            const hal_security_keys_password_iv_tag_s key_pwd,
                                            const hal_security_keys_data_s data,
@@ -350,12 +351,13 @@ EXPORT int hal_security_keys_encrypt_data(const hal_security_keys_context_s cont
  {
      if (!g_security_keys_funcs)
          return HAL_SECURITY_KEYS_ERROR_NOT_SUPPORTED;
-    return g_security_keys_funcs->encrypt_data(context, algo, hash, key_id, key_pwd, data, iv, out);
+    return g_security_keys_funcs->encrypt_data(context, algo, hash, padding, key_id, key_pwd, data, iv, out);
  }
  
  EXPORT int hal_security_keys_decrypt_data(const hal_security_keys_context_s context,
                                            const hal_security_keys_algo_type_e algo,
                                            const hal_security_keys_hash_algorithm_e hash,
+                                          const hal_security_keys_padding_algorithm_e padding,
                                            const hal_security_keys_data_s key_id,
                                            const hal_security_keys_password_iv_tag_s key_pwd,
                                            const hal_security_keys_data_s data,
@@ -364,7 +366,7 @@ EXPORT int hal_security_keys_decrypt_data(const hal_security_keys_context_s cont
  {
      if (!g_security_keys_funcs)
          return HAL_SECURITY_KEYS_ERROR_NOT_SUPPORTED;
-    return g_security_keys_funcs->decrypt_data(context, algo, hash, key_id, key_pwd, data, iv, out);
+    return g_security_keys_funcs->decrypt_data(context, algo, hash, padding, key_id, key_pwd, data, iv, out);
  }
  
  EXPORT int hal_security_keys_destroy_data(const hal_security_keys_context_s context,
author	Jakub Wlostowski <j.wlostowski@samsung.com>
	Fri, 9 May 2025 11:34:53 +0000 (13:34 +0200)
committer	Jakub Wlostowski <j.wlostowski@samsung.com>
	Wed, 14 May 2025 08:20:04 +0000 (10:20 +0200)
haltest/security-keys.cpp		patch \| blob \| history
include/hal-security-keys-interface-1.h		patch \| blob \| history
include/hal-security-keys-types.h		patch \| blob \| history
include/hal-security-keys.h		patch \| blob \| history
src/hal-api-security-keys.c		patch \| blob \| history