From: Jakub Wlostowski Date: Fri, 9 May 2025 11:34:53 +0000 (+0200) Subject: Add padding parameter to encrypt/decrypt X-Git-Tag: accepted/tizen/unified/20250604.163030~3 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=dadcceffb5799a5e249041c0fbdf5ee0cacea225;p=platform%2Fhal%2Fapi%2Fsecurity.git Add padding parameter to encrypt/decrypt Change-Id: Ib8cf16d83fa6b9081a2249ca0054675888290896 --- diff --git a/haltest/security-keys.cpp b/haltest/security-keys.cpp index 4d22c42..6ad7413 100644 --- a/haltest/security-keys.cpp +++ b/haltest/security-keys.cpp @@ -405,6 +405,7 @@ TEST_F(SECURITY_KEYS, EncryptDecryptDataPositive) context, aes_ctr_algo, sha256_hash, + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7, key_id, key_pwd_iv_tag, data, @@ -417,6 +418,7 @@ TEST_F(SECURITY_KEYS, EncryptDecryptDataPositive) context, aes_ctr_algo, sha256_hash, + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7, key_id, key_pwd_iv_tag, *(encrypted.Get()), @@ -651,6 +653,7 @@ TEST_F(SECURITY_KEYS, EncapsDecapsPositive) context, aes_ctr_algo, sha256_hash, + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7, encapsulated_key_id, encapsulated_key_pwd_iv_tag, data, @@ -665,6 +668,7 @@ TEST_F(SECURITY_KEYS, EncapsDecapsPositive) context, aes_ctr_algo, sha256_hash, + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7, decapsulated_key_id, decapsulated_key_pwd_iv_tag, *(encrypted.Get()), @@ -1080,6 +1084,7 @@ TEST_F(SECURITY_KEYS, ImportExportWrappedKeyPositive) context, aes_ctr_algo, sha256_hash, + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7, key_to_wrap_id, key_to_wrap_pwd_iv_tag, data, @@ -1095,6 +1100,7 @@ TEST_F(SECURITY_KEYS, ImportExportWrappedKeyPositive) context, aes_ctr_algo, sha256_hash, + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7, import_key_id, imported_key_pwd_iv_tag, *(encrypted.Get()), diff --git a/include/hal-security-keys-interface-1.h b/include/hal-security-keys-interface-1.h index f951e7d..1eeb8c6 100644 --- a/include/hal-security-keys-interface-1.h +++ b/include/hal-security-keys-interface-1.h @@ -218,6 +218,7 @@ typedef struct _hal_backend_security_keys_funcs { int (*encrypt_data)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, @@ -228,6 +229,7 @@ typedef struct _hal_backend_security_keys_funcs { int (*decrypt_data)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, diff --git a/include/hal-security-keys-types.h b/include/hal-security-keys-types.h index d277265..7d600bd 100644 --- a/include/hal-security-keys-types.h +++ b/include/hal-security-keys-types.h @@ -152,6 +152,18 @@ typedef enum { HAL_SECURITY_KEYS_HASH_ALGORITHM_SHA512, /**< SHA512 */ } hal_security_keys_hash_algorithm_e; +/** + * @brief Enumeration for padding algorithm. + * @since HAL_MODULE_SECURITY_KEYS 1.0 + */ +typedef enum { + HAL_SECURITY_KEYS_PADDING_ALGORITHM_NONE, /**< None */ + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7, /**< PKCS#7 */ + HAL_SECURITY_KEYS_PADDING_ALGORITHM_ISO9797_M2, /**< ISO9797 method 2 padding */ + HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS1, /**< PKCS#1 */ + HAL_SECURITY_KEYS_PADDING_ALGORITHM_X931, /**< X391 */ +} hal_security_keys_padding_algorithm_e; + /** * @brief Enumeration for KDF PRF type. * @since HAL_MODULE_SECURITY_KEYS 1.0 diff --git a/include/hal-security-keys.h b/include/hal-security-keys.h index aef6366..170fc55 100644 --- a/include/hal-security-keys.h +++ b/include/hal-security-keys.h @@ -189,6 +189,7 @@ int hal_security_keys_decrypt_data_auth(const hal_security_keys_context_s contex int hal_security_keys_encrypt_data(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, @@ -198,6 +199,7 @@ int hal_security_keys_encrypt_data(const hal_security_keys_context_s context, int hal_security_keys_decrypt_data(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, diff --git a/src/hal-api-security-keys.c b/src/hal-api-security-keys.c index 936e4fa..e20a24e 100644 --- a/src/hal-api-security-keys.c +++ b/src/hal-api-security-keys.c @@ -342,6 +342,7 @@ EXPORT int hal_security_keys_decrypt_data_auth(const hal_security_keys_context_s EXPORT int hal_security_keys_encrypt_data(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, @@ -350,12 +351,13 @@ EXPORT int hal_security_keys_encrypt_data(const hal_security_keys_context_s cont { if (!g_security_keys_funcs) return HAL_SECURITY_KEYS_ERROR_NOT_SUPPORTED; - return g_security_keys_funcs->encrypt_data(context, algo, hash, key_id, key_pwd, data, iv, out); + return g_security_keys_funcs->encrypt_data(context, algo, hash, padding, key_id, key_pwd, data, iv, out); } EXPORT int hal_security_keys_decrypt_data(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, + const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, @@ -364,7 +366,7 @@ EXPORT int hal_security_keys_decrypt_data(const hal_security_keys_context_s cont { if (!g_security_keys_funcs) return HAL_SECURITY_KEYS_ERROR_NOT_SUPPORTED; - return g_security_keys_funcs->decrypt_data(context, algo, hash, key_id, key_pwd, data, iv, out); + return g_security_keys_funcs->decrypt_data(context, algo, hash, padding, key_id, key_pwd, data, iv, out); } EXPORT int hal_security_keys_destroy_data(const hal_security_keys_context_s context,