From: Krzysztof Jackiewicz Date: Wed, 9 Aug 2023 15:26:24 +0000 (+0200) Subject: Pass public key curve info to TZ's ECDH X-Git-Tag: accepted/tizen/6.0/unified/20230822.095020~5 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=15b9f24f046d84a4505a7fc794180d166924b39c;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git Pass public key curve info to TZ's ECDH This is needed to compare curve with private EC curve in TZ. Change-Id: I5c42b7395683bd14c391415537e31efc3dcb6fc4 --- diff --git a/src/manager/crypto/tz-backend/internals.cpp b/src/manager/crypto/tz-backend/internals.cpp index 8470c129..b41c5cbc 100644 --- a/src/manager/crypto/tz-backend/internals.cpp +++ b/src/manager/crypto/tz-backend/internals.cpp @@ -802,8 +802,29 @@ void deriveECDH(const RawBuffer &prvKeyId, RawBuffer secretPwdBuf(secretPwd.begin(), secretPwd.end()); + int pubCurve = EC_GROUP_get_curve_name(ecGroup); + tz_ec tzCurve; + switch (pubCurve) + { + case NID_X9_62_prime192v1: + tzCurve = EC_NIST_P192; + break; + + case NID_X9_62_prime256v1: + tzCurve = EC_NIST_P256; + break; + + case NID_secp384r1: + tzCurve = EC_NIST_P384; + break; + + default: + ThrowErr(Exc::Crypto::InputParam, "Unsupported public key EC"); + } + TrustZoneContext::Instance().executeEcdh(prvKeyId, prvKeyPwd, + tzCurve, xBuf, yBuf, secretPwdBuf, diff --git a/src/manager/crypto/tz-backend/tz-context.cpp b/src/manager/crypto/tz-backend/tz-context.cpp index ffa41a0b..b2bdf319 100644 --- a/src/manager/crypto/tz-backend/tz-context.cpp +++ b/src/manager/crypto/tz-backend/tz-context.cpp @@ -869,6 +869,7 @@ TZSerializablePwdData* makeSerializablePwd(const Pwd &pwd) void TrustZoneContext::executeEcdh(const RawBuffer &prvKeyId, const Pwd &prvKeyPwd, + const tz_ec curve, const RawBuffer &pubX, const RawBuffer &pubY, const RawBuffer &secretPwdBuf, @@ -880,7 +881,7 @@ void TrustZoneContext::executeEcdh(const RawBuffer &prvKeyId, LogDebug("TrustZoneContext::executeEcdh"); auto sIn = makeSerializer( - prvKeyId, prvKeyPwd, pubX, pubY, EncPwd{secretPwdBuf, secretPwdIV}, secretHash); + prvKeyId, prvKeyPwd, curve, pubX, pubY, EncPwd{secretPwdBuf, secretPwdIV}, secretHash); TrustZoneMemory inMemory(m_Context, sIn.GetSize(), TEEC_MEM_INPUT); sIn.Serialize(inMemory); diff --git a/src/manager/crypto/tz-backend/tz-context.h b/src/manager/crypto/tz-backend/tz-context.h index c69299d8..9471807d 100644 --- a/src/manager/crypto/tz-backend/tz-context.h +++ b/src/manager/crypto/tz-backend/tz-context.h @@ -179,6 +179,7 @@ public: void executeEcdh(const RawBuffer &prvKeyId, const Pwd &prvKeyPwd, + const tz_ec curve, const RawBuffer &pubX, const RawBuffer &pubY, const RawBuffer &secretPwdBuf,