projects / platform / hal / backend / emulator / security-keys.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 566c03e)
Add padding parameter to encrypt/decrypt 49/323949/4 tizen
authorJakub Wlostowski <j.wlostowski@samsung.com>
Fri, 9 May 2025 11:41:38 +0000 (13:41 +0200)
committerJakub Wlostowski <j.wlostowski@samsung.com>
Wed, 14 May 2025 08:21:51 +0000 (10:21 +0200)
Change-Id: I22a6d0697548927e5a396f1cd311eda649461eba

src/hal-backend-security-keys-api.cpp patch | blob | history
src/km_ta_defines.h patch | blob | history

diff --git a/src/hal-backend-security-keys-api.cpp b/src/hal-backend-security-keys-api.cpp
index 30a0883dc21b49280907c4e9c8f0a89348f2b57f..5ab0b826e79d78fbfc80863aecf8f1f14e1e6821 100644 (file)
--- a/src/hal-backend-security-keys-api.cpp
+++ b/src/hal-backend-security-keys-api.cpp
@@ -109,6 +109,17 @@ tz_hash_type to_tz_hash_type(hal_security_keys_hash_algorithm_e hash)
        }
 }
 
+tz_padding_type to_tz_padding_type(hal_security_keys_padding_algorithm_e padding)
+{
+       switch (padding) {
+               case HAL_SECURITY_KEYS_PADDING_ALGORITHM_NONE:       return PADDING_NONE;
+               case HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7:      return PADDING_PKCS7;
+               case HAL_SECURITY_KEYS_PADDING_ALGORITHM_ISO9797_M2: return PADDING_ISO9797_M2;
+               default:
+                       throw std::invalid_argument("Requested padding algorithm is not supported");
+       }
+}
+
 tz_prf to_tz_prf(hal_security_keys_kdf_prf_type_e prf)
 {
        switch (prf) {
@@ -1215,6 +1226,7 @@ int security_keys_decrypt_data_auth(const hal_security_keys_context_s context,
 int security_keys_encrypt_data(const hal_security_keys_context_s context,
                                                           const hal_security_keys_algo_type_e algo,
                                                           const hal_security_keys_hash_algorithm_e hash,
+                                                          const hal_security_keys_padding_algorithm_e padding,
                                                           const hal_security_keys_data_s key_id,
                                                           const hal_security_keys_password_iv_tag_s key_pwd,
                                                           const hal_security_keys_data_s data,
@@ -1237,12 +1249,13 @@ int security_keys_encrypt_data(const hal_security_keys_context_s context,
 
        auto tz_algo_type = to_tz_algo_type(algo);
        auto tz_hash_type = to_tz_hash_type(hash);
+       auto tz_padding_type = to_tz_padding_type(padding);
 
        TZSerializer s_in;
        if (tz_algo_type == ALGO_RSA)
                s_in = makeSerializer(data, key_pwd, tz_hash_type, key_id);
        else
-               s_in = makeSerializer(data, key_pwd, iv, key_id);
+               s_in = makeSerializer(data, key_pwd, tz_padding_type, iv, key_id);
 
        TrustZoneMemory in_memory(*tz_context, s_in.GetSize(), TEEC_MEM_INPUT);
        s_in.Serialize(in_memory);
@@ -1273,6 +1286,7 @@ int security_keys_encrypt_data(const hal_security_keys_context_s context,
 int security_keys_decrypt_data(const hal_security_keys_context_s context,
                                                           const hal_security_keys_algo_type_e algo,
                                                           const hal_security_keys_hash_algorithm_e hash,
+                                                          const hal_security_keys_padding_algorithm_e padding,
                                                           const hal_security_keys_data_s key_id,
                                                           const hal_security_keys_password_iv_tag_s key_pwd,
                                                           const hal_security_keys_data_s data,
@@ -1295,12 +1309,13 @@ int security_keys_decrypt_data(const hal_security_keys_context_s context,
 
        auto tz_algo_type = to_tz_algo_type(algo);
        auto tz_hash_type = to_tz_hash_type(hash);
+       auto tz_padding_type = to_tz_padding_type(padding);
 
        TZSerializer s_in;
        if (tz_algo_type == ALGO_RSA)
                s_in = makeSerializer(data, key_pwd, tz_hash_type, key_id);
        else
-               s_in = makeSerializer(data, key_pwd, iv, key_id);
+               s_in = makeSerializer(data, key_pwd, tz_padding_type, iv, key_id);
 
        TrustZoneMemory in_memory(*tz_context, s_in.GetSize(), TEEC_MEM_INPUT);
        s_in.Serialize(in_memory);
diff --git a/src/km_ta_defines.h b/src/km_ta_defines.h
index 7ee3cf5b424cde7debc55bd04f0b138c2a40a28e..a5eb7abf4dc215b727655d918d545a3e3dec62e1 100644 (file)
--- a/src/km_ta_defines.h
+++ b/src/km_ta_defines.h
@@ -100,6 +100,16 @@ typedef enum {
        HASH_SHA512,            /** SHA512 */
 } tz_hash_type;
 
+/**
+ * Enumeration for padding algorithm.
+ */
+typedef enum {
+       PADDING_NONE,                   /** None */
+       PADDING_PKCS7,                  /** PKCS#7 */
+       PADDING_ISO9797_M2,             /** ISO9797 method 2 padding */
+       PADDING_ZERO,                   /** Zero padding */
+} tz_padding_type;
+
 /**
  * Enumeration for data type, that can be stored on TA side.
  */
Domain: Security / Utilities