utee: support prehashed RSA sign/ver without ASN.1

Add TEE Core Internal API extension TEE_ALG_RSASSA_PKCS1_V1_5 to
sign/verify pre-hashed PKCS#1 v1.5 EMSA without ASN.1 around the hash.
This relies

utee: support prehashed RSA sign/ver without ASN.1

Add TEE Core Internal API extension TEE_ALG_RSASSA_PKCS1_V1_5 to
sign/verify pre-hashed PKCS#1 v1.5 EMSA without ASN.1 around the hash.
This relies on libtomcrypt LTC_PKCS_1_V1_5_NA1. The extension can be
turned on with CFG_CRYPTO_RSASSA_NA1.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Gabor Szekely <szvgabor@gmail.com>

show more ...

Add rand() for TA usage

Adds rand() by declaring it in stdlib.h where it's expected to be found.
Implementation is provided in libutee since it depends on
TEE_GenerateRandom().

Reviewed-by: Joakim

Add rand() for TA usage

Adds rand() by declaring it in stdlib.h where it's expected to be found.
Implementation is provided in libutee since it depends on
TEE_GenerateRandom().

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are owned by either only STMicroelectronics or only both
Linaro and STMicroelectronics.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: out and tag buffers can be too short in TEE_AEEncryptFinal

With this change, a single call to TEE_AEEncryptFinal() checks both
the output data buffer size and the tag buffer size and return

libutee: out and tag buffers can be too short in TEE_AEEncryptFinal

With this change, a single call to TEE_AEEncryptFinal() checks both
the output data buffer size and the tag buffer size and return
TEE_ERROR_SHORT_BUFFER with both expected size if at least one
of the provided buffer is too short.

Before this change caller may need to call twice TEE_AEEncryptFinal()
in the right order to get the output buffers sizes, first for the
output data size then for the tag data size.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] wa

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] was used to double check the license matching
code in the Python script. All the licenses detected by scancode are
either detected by spdxify.py, or have no SPDX identifier, or are false
matches.

Link: [1] https://spdx.org/licenses/
Link: [2] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Link: [3] https://github.com/nexB/scancode-toolkit
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Remove buffering for AES CTR

CTR mode of AES algorithm turns block cipher into stream cipher.
It means that input data can has any size independent from block
size. It must be processed and result c

Remove buffering for AES CTR

CTR mode of AES algorithm turns block cipher into stream cipher.
It means that input data can has any size independent from block
size. It must be processed and result ciphertext must be
generated after each TEE_CipherUpdate function call. That is why
it is incorrect to apply for AES CTR the input buffering on
TEE_CipherUpdate call when size is not multiple of block size.

Signed-off-by: Bogdan Liulko <bogdan.liulko@globallogic.com>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Bogdan Liulko <bogdan.liulko@globallogic.com> (R-Car)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: Remove buffering for AES GCM

GCM mode of AES algorithm is essentially a stream cipher. It means
that there is no requirements for input data size related to block
size. And every time when

libutee: Remove buffering for AES GCM

GCM mode of AES algorithm is essentially a stream cipher. It means
that there is no requirements for input data size related to block
size. And every time when AEUpdate is called input data must be
processed and output immediately generated. That is why
it is incorrect to apply for AES GCM the input buffering on
AEUpdate call when size is not multiple of block size.

Signed-off-by: Bogdan Liulko <bogdan.liulko@globallogic.com>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Bogdan Liulko <bogdan.liulko@globallogic.com> (R-Car)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

libutee: API: add 'const' qualifiers

As per the GlobalPlatform Internal Core API Specification v1.1,
section 3.4 Parameter Annotations: "[...] the [in], [inbuf],
[instring], [instringopt], and [ctx]

libutee: API: add 'const' qualifiers

As per the GlobalPlatform Internal Core API Specification v1.1,
section 3.4 Parameter Annotations: "[...] the [in], [inbuf],
[instring], [instringopt], and [ctx] annotations can make use of the
const C keyword [...] the C header file of a compliant Implementation
SHOULD use the const keyword when these annotations appear."

Note that the TA entry points: TA_OpenSessionEntryPoint(),
TA_CloseSessionEntryPoint() and TA_InvokeCommandEntryPoint() are
unchanged to avoid breaking existing code (not worth it).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: preserve error code when calling TEE_Panic()

On many occasions, libutee calls TEE_Panic(0) to kill a TA. When an
error status from a lower layer is available, it is much more helpful
to pas

libutee: preserve error code when calling TEE_Panic()

On many occasions, libutee calls TEE_Panic(0) to kill a TA. When an
error status from a lower layer is available, it is much more helpful
to pass it instead of zero, because the code is shown in the debug
traces.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: AES CTS fix

Ad-hoc fix for regressions introduced by [1].
Tested on HiKey using latest optee_test including GlobalPlatform tests
(32/64-bit TEE core, 32/64-bit libutee, with/without ARMv8 C

libutee: AES CTS fix

Ad-hoc fix for regressions introduced by [1].
Tested on HiKey using latest optee_test including GlobalPlatform tests
(32/64-bit TEE core, 32/64-bit libutee, with/without ARMv8 CE
acceleration).

Fixes: b1ecda78bab4 ("libutee: fix off-by-one error in tee_buffer_update()") [1]
Fixes: https://github.com/OP-TEE/optee_os/issues/1305
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: fix off-by-one error in tee_buffer_update()

Makes the ROUNDUP() call in the "feeding from src" case consistent with
the "feeding from buffer" case a few lines earlier. Without this fix,
AES

libutee: fix off-by-one error in tee_buffer_update()

Makes the ROUNDUP() call in the "feeding from src" case consistent with
the "feeding from buffer" case a few lines earlier. Without this fix,
AES CTR encryption or decryption could fail because update would feed
blocks too soon, leaving less than two blocks in the internal buffer
thus causing utee_cipher_final() (called from TEE_CipherDoFinal()) to
fail and panic the TA.

Fixes: https://github.com/OP-TEE/optee_os/issues/1203
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: bugfix srcData == NULL cases

Fixes faulty treatment of srcData == NULL in TEE_CipherUpdate(),
TEE_AEUpdate(), TEE_AEEncryptFinal(), TEE_AEDecryptFinal().

Reviewed-by: Jerome Forissier <jer

libutee: bugfix srcData == NULL cases

Fixes faulty treatment of srcData == NULL in TEE_CipherUpdate(),
TEE_AEUpdate(), TEE_AEEncryptFinal(), TEE_AEDecryptFinal().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Guanchao Liang <liang.guanchao@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
[Rebase on top of master]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutee: TEE_AEUpdate(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378615
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@l

libutee: TEE_AEUpdate(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378615
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_AEEncryptFinal(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378616
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wikla

libutee: TEE_AEEncryptFinal(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378616
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_AEDecryptFinal(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378617
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wikla

libutee: TEE_AEDecryptFinal(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378617
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_AllocateOperation(): rewrite FALLTHROUGH comment

Fixes: Coverity CID:1378629
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@li

libutee: TEE_AllocateOperation(): rewrite FALLTHROUGH comment

Fixes: Coverity CID:1378629
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_CipherDoFinal(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378631
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklan

libutee: TEE_CipherDoFinal(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378631
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_CipherUpdate(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378632
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wikland

libutee: TEE_CipherUpdate(): do nothing when (!srcData && !srcLen)

Fixes: Coverity CID:1378632
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Make TEE Core TA interaction 64-bit compatible

* Updates TA entry
* Update ta_head
* Updates the syscall interface
* Adds functions to make a short pointer (32-bit uref) from a kernel pointer
and

Make TEE Core TA interaction 64-bit compatible

* Updates TA entry
* Update ta_head
* Updates the syscall interface
* Adds functions to make a short pointer (32-bit uref) from a kernel pointer
and vice versa

Note that this change is not backwards compatible, TAs needs to be
recompiled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

libutee: fix cleanup in TEE_AllocateOperation()

Fixes error handling in TEE_AllocateOperation()

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@l

libutee: fix cleanup in TEE_AllocateOperation()

Fixes error handling in TEE_AllocateOperation()

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

GP11 : operation state handling

Change-Id: I136443ef2f137b2e12902324d724fff7ce7c590e
Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jerome Forisssier <jerome.forissier@linaro.o

GP11 : operation state handling

Change-Id: I136443ef2f137b2e12902324d724fff7ce7c590e
Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jerome Forisssier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

Remove useless src alignment check in TEE_UpdateXXX

Tested-by: Pascal BRAND <pascal.brand@st.com>
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Reviewed-by: Etienne CARRIERE <etienne

Remove useless src alignment check in TEE_UpdateXXX

Tested-by: Pascal BRAND <pascal.brand@st.com>
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Reviewed-by: Etienne CARRIERE <etienne.carriere@st.com>
Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

libutee: reset state after TEE_DigestDoFinal()

As per GlobalPlatform Internal API Specifications v1.0 and v1.1,
section 6.3.2 TEE_DigestDoFinal: "Afterwards the Message Digest
operation is reset [to

libutee: reset state after TEE_DigestDoFinal()

As per GlobalPlatform Internal API Specifications v1.0 and v1.1,
section 6.3.2 TEE_DigestDoFinal: "Afterwards the Message Digest
operation is reset [to initial state] and can be reused" (the words
in square brackets are in v1.1 only).

Note that other TEE_xxxFinal() functions are not modified because
the specifications state that the application shall panic if "the
operation has not been started yet with TEE_[xxx]Init() or has already
been finalized."

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

GP11 : TEE_GetOperationInfoMultiple

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org

GP11 : TEE_GetOperationInfoMultiple

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : Key derivation function fix

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (

GP11 : Key derivation function fix

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...