core: crypto_bignum_free(): add indirection and set pointer to NULL

To prevent human mistake, crypto_bignum_free() sets the location of the
bignum pointer to NULL after freeing it.

Signed-off-by: J

core: crypto_bignum_free(): add indirection and set pointer to NULL

To prevent human mistake, crypto_bignum_free() sets the location of the
bignum pointer to NULL after freeing it.

Signed-off-by: Jihwan Park <jihwp@amazon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET and TEE_ALG_ECDSA_SHA*

Adds the defines
- TEE_ALG_ECDH_DERIVE_SHARED_SECRET
- TEE_ALG_ECDSA_SHA1
- TEE_ALG_ECDSA_SHA224
- TEE_ALG_ECDSA_SHA256
- TEE_ALG_

GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET and TEE_ALG_ECDSA_SHA*

Adds the defines
- TEE_ALG_ECDH_DERIVE_SHARED_SECRET
- TEE_ALG_ECDSA_SHA1
- TEE_ALG_ECDSA_SHA224
- TEE_ALG_ECDSA_SHA256
- TEE_ALG_ECDSA_SHA386
- TEE_ALG_ECDSA_SHA512
from TEE Internal Core API version 1.3.1 to replace the previous now
deprecated defines:
- TEE_ALG_ECDSA_P192
- TEE_ALG_ECDSA_P224
- TEE_ALG_ECDSA_P256
- TEE_ALG_ECDSA_P384
- TEE_ALG_ECDSA_P521
- TEE_ALG_ECDH_P192
- TEE_ALG_ECDH_P224
- TEE_ALG_ECDH_P256
- TEE_ALG_ECDH_P384
- TEE_ALG_ECDH_P521

The new defines have new values and the values from the old defines are
not reused.

The syscall ABI maintains compatibility by handling both the old and new
values in parallel from now on.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: use IS_ENABLED2()

Replaces use of IS_ENABLED() with IS_ENABLED2() where applicable.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@

core: use IS_ENABLED2()

Replaces use of IS_ENABLED() with IS_ENABLED2() where applicable.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: ltc: ecc: support the crypto driver

Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to LTC software operations.

Signed-off-by: Jorge Ramirez-Or

core: ltc: ecc: support the crypto driver

Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to LTC software operations.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: sm2: use proper curve during key generation

TEE_GenerateKey() generates an invalid key pair for SM2: the point is not
on the curve, it is on the NIST P256 curve instead. Fix this by looki

core: ltc: sm2: use proper curve during key generation

TEE_GenerateKey() generates an invalid key pair for SM2: the point is not
on the curve, it is on the NIST P256 curve instead. Fix this by looking
up the proper curve name before key generation.

Link: https://github.com/OP-TEE/optee_os/issues/5211
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: ltc: sm2: set curve by default when key type is SM2

crypto_asym_alloc_ecc_keypair() and crypto_asym_alloc_ecc_public_key()
should set the curve field of the ecc_key structure to TEE_ECC_CURVE_

core: ltc: sm2: set curve by default when key type is SM2

crypto_asym_alloc_ecc_keypair() and crypto_asym_alloc_ecc_public_key()
should set the curve field of the ecc_key structure to TEE_ECC_CURVE_SM2
when the key type is one of TEE_TYPE_SM2_{DSA,KEP,PKE}_KEYPAIR because
the user is not supposed to provide any TEE_ATTR_ECC_CURVE attribute,
contrary to other ECC algorithms.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: libtomcrypt: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <

core: libtomcrypt: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: change SM2 PKE to use crypto_ecc_[public/keypair]_ops

Change the crypto_acipher_sm2_pke_encrypt and
crypto_acipher_sm2_pke_decrypt to use the crypto_ecc_public_ops and
crypto_ecc_keypair_

core: ltc: change SM2 PKE to use crypto_ecc_[public/keypair]_ops

Change the crypto_acipher_sm2_pke_encrypt and
crypto_acipher_sm2_pke_decrypt to use the crypto_ecc_public_ops and
crypto_ecc_keypair_ops methods.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: set SM2 ECC Keys operations

Change the SM2 DSA sign/verify to be called through the allocated ECC
keys operations like ECC sign/verify operations.

Signed-off-by: Cedric Neveux <cedric.ne

core: ltc: set SM2 ECC Keys operations

Change the SM2 DSA sign/verify to be called through the allocated ECC
keys operations like ECC sign/verify operations.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libs: ltc and mbedtls introduce crypto_ecc[public/keypair]_ops

Change ECC call functions name to be able to use a ECC HW driver.
At ECC public and keypair allocation, if success, set the key ops fie

libs: ltc and mbedtls introduce crypto_ecc[public/keypair]_ops

Change ECC call functions name to be able to use a ECC HW driver.
At ECC public and keypair allocation, if success, set the key ops field
to call the cryptographic operations linked to the key allocator.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: ECC: make sure key_size is consistent with attributes

TEE_GenerateKey() takes a key_size argument and various attributes. If
the size derived from the attributes is not key_size, we sh

core: crypto: ECC: make sure key_size is consistent with attributes

TEE_GenerateKey() takes a key_size argument and various attributes. If
the size derived from the attributes is not key_size, we should return
TEE_ERROR_BAD_PARAMETERS as per the GP TEE Internal Core API
specification v1.2.1: "If an incorrect or inconsistent attribute is
detected. The checks that are performed depend on the implementation.".

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled w

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled with CFG_CRYPTO_SM2_KEP=y (default y) wich currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: ecc_populate_ltc_private_key(): copy public part

A private key alone is not always useful; the public part of the
key is often needed. Adjust ecc_populate_ltc_private_key() accordingly.

core: ltc: ecc_populate_ltc_private_key(): copy public part

A private key alone is not always useful; the public part of the
key is often needed. Adjust ecc_populate_ltc_private_key() accordingly.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enab

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enabled with CFG_CRYPTO_SM2_DSA=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with CFG_CRYPTO_SM2_PKE=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: export ECC key helper functions

The static functions ecc_populate_ltc_private_key() and
ecc_populate_ltc_public_key() will be useful for other ECC algorithms
than the ones currently handl

core: ltc: export ECC key helper functions

The static functions ecc_populate_ltc_private_key() and
ecc_populate_ltc_public_key() will be useful for other ECC algorithms
than the ones currently handled by core/lib/libtomcrypt/ecc.c, namely:
the SM2 family of algorithms. Therefore, export these functions in
"acipher_helpers.h".

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Squashed commit upgrading to libtomcrypt-1.18.2-develop-20180819

Squash merging branch import/libtomcrypt-1.18.2-develop-20180819

5ecac6e9227c ("core: ltc: adapt to new version of LibTomCrypt")
54d

Squashed commit upgrading to libtomcrypt-1.18.2-develop-20180819

Squash merging branch import/libtomcrypt-1.18.2-develop-20180819

5ecac6e9227c ("core: ltc: adapt to new version of LibTomCrypt")
54d7f2f10c33 ("core: ltc: aes_modes_armv8a_ce_a64.S: get rid of literal load of addend vector")
68b1adf4c3db ("core: ltc: aes_modes_armv8a_ce_a64.S: fix incorrect assembly syntax")
b73cfbef058f ("core: ltc: make key in accel_ecb_encrypt() and accel_ecb_decrypt() const")
7160452f6698 ("core: ltc: fix 'switch case misses default'")
05313fd03df1 ("core: ltc: move AES CE files under aes/")
00ed54001f7d ("core: ltc: add custom DH key generation function dh_make_key()")
279e09ee4c7c ("core: ltc: tomcrypt_custom.h: OP-TEE thread support")
e61adb1a2203 ("core: crypto: libtomcrypt: fix LTC_CLEAN_STACK bug")
5c75c2d02f13 ("core: LTC use only _CFG_CORE_LTC_ variables")
5decfe20864a ("core: crypto: arm64 ce: update AES CBC routines")
c54b6344cc4e ("core: crypto: cleanup and fix CE accelerated AES CTR")
3f4d78d04eef ("core: crypto: arm32: add counter increment in ce_aes_ctr_encrypt()")
a85a4f88e39d ("Remove 'All rights reserved' from Linaro files")
14ec45d62762 ("Remove license notice from Linaro files")
084691667db2 ("Add SPDX license identifiers")
48de810896b8 ("LTC: add GHASH acceleration")
9f4ecf2ea898 ("arm32: AES using ARMv8-A cryptographic extensions")
a360627e4130 ("arm64: libtomcrypt: rename AES CE files")
48dab9f6464b ("arm64: libtomcrypt: move inline assembly to .S file")
7479ed2a4be9 ("ltc: bugfix find_prng()")
271db0fe9309 ("ltc: make cipher_descriptor a pointer to descriptors")
cbf6e51b6086 ("ltc: make hash_descriptor a pointer to descriptors")
6982b2b65910 ("ltc: make prng_descriptor a pointer to descriptors")
034ed64a6bb2 ("arm: Fix SHA-1 with cryptographic extensions")
468fcca20d8b ("arm64: SHA-224/SHA-256 using ARMv8-A cryptographic extensions")
a55567f8611c ("arm: update SHA-256 32-bit CE implementation to process multiple blocks")
ee62ece8ecf4 ("arm: update SHA-1 32-bit CE implementation to process multiple blocks")
4287faa43c7c ("arm64: SHA-1 using ARMv8-A cryptographic extensions")
0c6c51d33f05 ("ECC: optimize the pool of temporary variables")
f79f07210b95 ("arm64: AES XTS using ARMv8-A cryptographic extensions")
dc3e64eee4af ("arm64: AES using ARMv8-A cryptographic extensions")
fcad408195d8 ("SHA-1 ARMv8 crypto extension implementation")
e9fa8daa66ed ("SHA-256 ARMv8 crypto extension implementation")
36c11ddb0f2f ("Import LibTomCrypt v1.18.2 branch "develop" (Aug 19, 2019)")
01c7a0fe164c ("Remove LibTomCrypt")

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: rename prng_mpa to prng_crypto

Changes the name of the registered prng descriptor from "prng_mpa" to
"prng_crypto" to better reflect the source of the prng.

Acked-by: Jerome Forissier <j

core: ltc: rename prng_mpa to prng_crypto

Changes the name of the registered prng descriptor from "prng_mpa" to
"prng_crypto" to better reflect the source of the prng.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: move ecc wrappers to separate file

Moves the ECC wrappers in tee_ltc_provider.c to its own file, ecc.c.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wikla

core: ltc: move ecc wrappers to separate file

Moves the ECC wrappers in tee_ltc_provider.c to its own file, ecc.c.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...