#include <generic-backend/exception.h>
#include <tz-backend/ctx.h>
#include <tz-backend/internals.h>
+#include <dpl/log/log.h>
namespace CKM {
namespace Crypto {
return Internals::finalizeCipher(m_opId, input);
}
+CipherCtx::~CipherCtx()
+{
+ // Always try to cleanup the TA side. Ignore the results.
+ try {
+ Internals::cleanupCipher(m_opId);
+ } catch (...) {
+ LogError("Context cleanup failed");
+ }
+}
+
} // namespace TZ
} // namespace Crypto
} // namespace CKM
RawBuffer update(const RawBuffer& input) override;
RawBuffer finalize(const RawBuffer& input) override;
+ ~CipherCtx();
+
private:
uint32_t m_opId;
};
return TrustZoneContext::Instance().finalizeGcmCipher(opId, data);
}
+void cleanupCipher(uint32_t opId)
+{
+ return TrustZoneContext::Instance().cleanupCipher(opId);
+}
+
RawBuffer sign(const RawBuffer &pkeyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
RawBuffer finalizeCipher(uint32_t opId,
const RawBuffer &data);
+void cleanupCipher(uint32_t opId);
+
RawBuffer sign(const RawBuffer &pkeyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
#include <tz-backend/store.h>
#include <tz-backend/internals.h>
-#include <dpl/log/log.h>
#include <message-buffer.h>
namespace CKM {
return out;
}
+void TrustZoneContext::cleanupCipher(uint32_t opId)
+{
+ TEEC_Operation op;
+ op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, TEEC_NONE, TEEC_NONE, TEEC_NONE);
+ op.params[0].value.a = opId;
+
+ Execute(CMD_CIPHER_CLEANUP, &op);
+}
+
void TrustZoneContext::executeSign(tz_algo_type algo,
tz_hash_type hash,
const RawBuffer &keyId,
RawBuffer finalizeGcmCipher(uint32_t opId,
const RawBuffer &data);
+ void cleanupCipher(uint32_t opId);
+
void executeSign(tz_algo_type algo,
tz_hash_type hash,
const RawBuffer &keyId,