From: Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
Date: Tue, 28 Mar 2023 16:16:18 +0000 (+0200)
Subject: Use new types in key derivation
X-Git-Tag: accepted/tizen/unified/20230406.165733~5^2~5
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F58%2F290558%2F2;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git

Use new types in key derivation

Change-Id: I379f6a1c53c278c0adbaa71269b6232176601769
---

diff --git a/src/manager/crypto/tz-backend/internals.cpp b/src/manager/crypto/tz-backend/internals.cpp
index b8abe24..5b8ad1e 100644
--- a/src/manager/crypto/tz-backend/internals.cpp
+++ b/src/manager/crypto/tz-backend/internals.cpp
@@ -113,6 +113,37 @@ tz_ec toTzEc(CKM::ElipticCurve ec)
 	}
 }
 
+tz_prf toTzPrf(CKM::KdfPrf prf)
+{
+	switch(prf) {
+	case CKM::KdfPrf::HMAC_SHA256: return PRF_HMAC_SHA256;
+	case CKM::KdfPrf::HMAC_SHA384: return PRF_HMAC_SHA384;
+	case CKM::KdfPrf::HMAC_SHA512: return PRF_HMAC_SHA512;
+	default: ThrowErr(CKM::Exc::Crypto::DataTypeNotSupported, "PRF not supported by tz-backend");
+	}
+}
+
+tz_kbkdf_mode toTzKbkdfMode(CKM::KbkdfMode mode)
+{
+	switch(mode) {
+	case CKM::KbkdfMode::COUNTER: return KBKDF_MODE_COUNTER;
+	default:
+		ThrowErr(CKM::Exc::Crypto::DataTypeNotSupported, "KBKDF mode not supported by tz-backend");
+	}
+}
+
+tz_kbkdf_ctr_loc toTzCtrLoc(CKM::KbkdfCounterLocation loc)
+{
+	switch(loc) {
+	case CKM::KbkdfCounterLocation::BEFORE_FIXED: return KBKDF_LOC_BEFORE_FIXED;
+	case CKM::KbkdfCounterLocation::AFTER_FIXED: return KBKDF_LOC_AFTER_FIXED;
+	case CKM::KbkdfCounterLocation::MIDDLE_FIXED: return KBKDF_LOC_MIDDLE_FIXED;
+	default:
+		ThrowErr(CKM::Exc::Crypto::DataTypeNotSupported,
+			"KBKDF counter location not supported by tz-backend");
+	}
+}
+
 } // namespace
 
 namespace CKM {
@@ -641,9 +672,9 @@ void deriveKBKDF(const RawBuffer &secret,
 	RawBuffer keyPwdBuf(keyPwd.begin(), keyPwd.end());
 
 	TrustZoneContext::Instance().executeKbkdf(secret,
-											  prf,
-											  mode,
-											  location,
+											  toTzPrf(prf),
+											  toTzKbkdfMode(mode),
+											  toTzCtrLoc(location),
 											  rlen,
 											  llen,
 											  noSeparator,
diff --git a/src/manager/crypto/tz-backend/tz-context.cpp b/src/manager/crypto/tz-backend/tz-context.cpp
index efeb4a9..a058e1b 100644
--- a/src/manager/crypto/tz-backend/tz-context.cpp
+++ b/src/manager/crypto/tz-backend/tz-context.cpp
@@ -703,9 +703,9 @@ void TrustZoneContext::executeEcdh(const RawBuffer &prvKeyId,
 }
 
 void TrustZoneContext::executeKbkdf(const RawBuffer& secret,
-									KdfPrf prf,
-									KbkdfMode mode,
-									KbkdfCounterLocation location,
+									tz_prf prf,
+									tz_kbkdf_mode mode,
+									tz_kbkdf_ctr_loc location,
 									size_t rlen,
 									size_t llen,
 									bool noSeparator,
diff --git a/src/manager/crypto/tz-backend/tz-context.h b/src/manager/crypto/tz-backend/tz-context.h
index 9f7ed02..2a1cff3 100644
--- a/src/manager/crypto/tz-backend/tz-context.h
+++ b/src/manager/crypto/tz-backend/tz-context.h
@@ -145,9 +145,9 @@ public:
 					 const RawBuffer &secretHash);
 
 	void executeKbkdf(const RawBuffer& secret,
-					  KdfPrf prf,
-					  KbkdfMode mode,
-					  KbkdfCounterLocation location,
+					  tz_prf prf,
+					  tz_kbkdf_mode mode,
+					  tz_kbkdf_ctr_loc location,
 					  size_t rlen,
 					  size_t llen,
 					  bool noSeparator,