From: Jakub Wlostowski Date: Fri, 9 May 2025 11:41:38 +0000 (+0200) Subject: Add padding parameter to encrypt/decrypt X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;ds=sidebyside;p=platform%2Fhal%2Fbackend%2Femulator%2Fsecurity-keys.git Add padding parameter to encrypt/decrypt Change-Id: I22a6d0697548927e5a396f1cd311eda649461eba --- diff --git a/src/hal-backend-security-keys-api.cpp b/src/hal-backend-security-keys-api.cpp index 30a0883..5ab0b82 100644 --- a/src/hal-backend-security-keys-api.cpp +++ b/src/hal-backend-security-keys-api.cpp @@ -109,6 +109,17 @@ tz_hash_type to_tz_hash_type(hal_security_keys_hash_algorithm_e hash) } } +tz_padding_type to_tz_padding_type(hal_security_keys_padding_algorithm_e padding) +{ + switch (padding) { + case HAL_SECURITY_KEYS_PADDING_ALGORITHM_NONE: return PADDING_NONE; + case HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7: return PADDING_PKCS7; + case HAL_SECURITY_KEYS_PADDING_ALGORITHM_ISO9797_M2: return PADDING_ISO9797_M2; + default: + throw std::invalid_argument("Requested padding algorithm is not supported"); + } +} + tz_prf to_tz_prf(hal_security_keys_kdf_prf_type_e prf) { switch (prf) { @@ -1215,6 +1226,7 @@ int security_keys_decrypt_data_auth(const hal_security_keys_context_s context, int security_keys_encrypt_data(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, @@ -1237,12 +1249,13 @@ int security_keys_encrypt_data(const hal_security_keys_context_s context, auto tz_algo_type = to_tz_algo_type(algo); auto tz_hash_type = to_tz_hash_type(hash); + auto tz_padding_type = to_tz_padding_type(padding); TZSerializer s_in; if (tz_algo_type == ALGO_RSA) s_in = makeSerializer(data, key_pwd, tz_hash_type, key_id); else - s_in = makeSerializer(data, key_pwd, iv, key_id); + s_in = makeSerializer(data, key_pwd, tz_padding_type, iv, key_id); TrustZoneMemory in_memory(*tz_context, s_in.GetSize(), TEEC_MEM_INPUT); s_in.Serialize(in_memory); @@ -1273,6 +1286,7 @@ int security_keys_encrypt_data(const hal_security_keys_context_s context, int security_keys_decrypt_data(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, @@ -1295,12 +1309,13 @@ int security_keys_decrypt_data(const hal_security_keys_context_s context, auto tz_algo_type = to_tz_algo_type(algo); auto tz_hash_type = to_tz_hash_type(hash); + auto tz_padding_type = to_tz_padding_type(padding); TZSerializer s_in; if (tz_algo_type == ALGO_RSA) s_in = makeSerializer(data, key_pwd, tz_hash_type, key_id); else - s_in = makeSerializer(data, key_pwd, iv, key_id); + s_in = makeSerializer(data, key_pwd, tz_padding_type, iv, key_id); TrustZoneMemory in_memory(*tz_context, s_in.GetSize(), TEEC_MEM_INPUT); s_in.Serialize(in_memory); diff --git a/src/km_ta_defines.h b/src/km_ta_defines.h index 7ee3cf5..a5eb7ab 100644 --- a/src/km_ta_defines.h +++ b/src/km_ta_defines.h @@ -100,6 +100,16 @@ typedef enum { HASH_SHA512, /** SHA512 */ } tz_hash_type; +/** + * Enumeration for padding algorithm. + */ +typedef enum { + PADDING_NONE, /** None */ + PADDING_PKCS7, /** PKCS#7 */ + PADDING_ISO9797_M2, /** ISO9797 method 2 padding */ + PADDING_ZERO, /** Zero padding */ +} tz_padding_type; + /** * Enumeration for data type, that can be stored on TA side. */