| #
86ee543b |
| 07-Mar-2024 |
Sami Tolvanen <samitolvanen@google.com> |
core: pass TEE_ATTR_RSA_OAEP_MGF_HASH to RSA-OAEP implementations
OP-TEE currently doesn't support using a different hash for MGF1
with RSA-OAEP. However, this is required for AOSP compatibility
(e.
core: pass TEE_ATTR_RSA_OAEP_MGF_HASH to RSA-OAEP implementations
OP-TEE currently doesn't support using a different hash for MGF1
with RSA-OAEP. However, this is required for AOSP compatibility
(e.g. in EncryptionOperationsTest.RsaOaepWithMGFDigestSuccess [1]).
Pass the MGF1 attribute to crypto implementations. Note that
only libtomcrypt supports this feature at the moment, so other
implementations will either fail or fall back to libtomcrypt when
passed a different MGF1 hash.
Link: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/security/keymint/aidl/vts/functional/KeyMintTest.cpp#5552 [1]
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
b303be92 |
| 01-Apr-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
drivers: crypto: add stubbed fault mitigation in crypto_acipher_rsassa_verify()
Adds a stubbed fault mitigation for the drivers version of
crypto_acipher_rsassa_verify). End the function with FTMN_C
drivers: crypto: add stubbed fault mitigation in crypto_acipher_rsassa_verify()
Adds a stubbed fault mitigation for the drivers version of
crypto_acipher_rsassa_verify). End the function with FTMN_CALLEE_DONE()
to record that the function was indeed called and a redundant copy of
the return value.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
f3eff2ed |
| 04-Jul-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
core: crypto-api: rsa: pass algorithm to implementation
This is required for drivers that might only support some
of the algorithms and want to delegate the operation to
their software implementatio
core: crypto-api: rsa: pass algorithm to implementation
This is required for drivers that might only support some
of the algorithms and want to delegate the operation to
their software implementations
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>
show more ...
|
| #
45f25897 |
| 10-Jan-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
drivers: crypto: rsa: handle not implemented sign/verify operations
Route the unimplemented RSA sign/verify optional cases to their
software implementations.
Signed-off-by: Jorge Ramirez-Ortiz <jor
drivers: crypto: rsa: handle not implemented sign/verify operations
Route the unimplemented RSA sign/verify optional cases to their
software implementations.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
8bddeb85 |
| 22-Oct-2021 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
drivers: crypto: rsa/ecc/dsa: input parameter validation
To comply with the PKCS#11 convention for functions returning output
in a variable-length buffer, prefer to check the required size of the
ou
drivers: crypto: rsa/ecc/dsa: input parameter validation
To comply with the PKCS#11 convention for functions returning output
in a variable-length buffer, prefer to check the required size of the
output buffer before the existence of the output buffer itself.
This will save callers from having to allocate a buffer that might not
be used.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Cedric Neveux <cedric.neveux@nxp.com>
show more ...
|
| #
e08643a4 |
| 05-Oct-2021 |
Clement Faure <clement.faure@nxp.com> |
drivers: crypto: fix RSAES-OAEP encryption length check
According to PKCS#1 v2.2: RSA Cryptography Standard, for RSAES-OAEP
Encryption operation function, the following length check must be done
pri
drivers: crypto: fix RSAES-OAEP encryption length check
According to PKCS#1 v2.2: RSA Cryptography Standard, for RSAES-OAEP
Encryption operation function, the following length check must be done
prior the encryptioon operation [1]:
Return error if mLen > k - 2*hlen - 2
Because (k - 2*hlen - 2) must be superior or equal to zero, return an
error also if 2*hlen >= k - 2
Links: [1] https://datatracker.ietf.org/doc/html/rfc8017
Fixes: f5a70e3efb ("drivers: crypto: generic resources for crypto device driver - RSA")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
a1d5c81f |
| 11-Aug-2020 |
Elias von Däniken <elias.vondaeniken@bluewin.ch> |
crypto: add function to free rsa keypair
There was no function to proper free a rsa kepair from inside a PTA.
Now there is crypto_acipher_free_rsa_keypair().
Signed-off-by: Elias von Däniken <elias
crypto: add function to free rsa keypair
There was no function to proper free a rsa kepair from inside a PTA.
Now there is crypto_acipher_free_rsa_keypair().
Signed-off-by: Elias von Däniken <elias.vondaeniken@bluewin.ch>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
56094125 |
| 06-May-2020 |
Sander Visser <github@visser.se> |
core: rsa: Avoid NULL dereferencing in RSA trace messages
Show 0 size for NULL message/cipher length.
Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@lin
core: rsa: Avoid NULL dereferencing in RSA trace messages
Show 0 size for NULL message/cipher length.
Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
7c767434 |
| 02-Apr-2020 |
Albert Schwarzkopf <a.schwarzkopf@phytec.de> |
core: merge tee_*_get_digest_size() into a single function
Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().
Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGE
core: merge tee_*_get_digest_size() into a single function
Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().
Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGEST_SIZE.
Remove tee_mac_get_digest_size() as its functionality
is handled by tee_alg_get_digest_size() now.
Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
f5a70e3e |
| 04-Feb-2020 |
Cedric Neveux <cedric.neveux@nxp.com> |
drivers: crypto: generic resources for crypto device driver - RSA
TEE Crypto generic APIs to HW driver interface
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.
drivers: crypto: generic resources for crypto device driver - RSA
TEE Crypto generic APIs to HW driver interface
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|