GP11 : Asymmetric functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.

GP11 : Asymmetric functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : AE functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.or

GP11 : AE functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : MAC functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.o

GP11 : MAC functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : Symmetric cipher functions panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont

GP11 : Symmetric cipher functions panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : Message digest functions panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.

GP11 : Message digest functions panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : TEE_SetOperationKey/2 panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org

GP11 : TEE_SetOperationKey/2 panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : TEE_ResetOperation panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.or

GP11 : TEE_ResetOperation panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : TEE_FreeOperation panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.o

GP11 : TEE_FreeOperation panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11: TEE_AllocateOperation panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linar

GP11: TEE_AllocateOperation panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP Internal Core API v1.1 : update TEE_AllocateOperation ECC

add TEE_ALG_ECDSA_Pxxx/TEE_ALG_ECDH_Pxxx

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand

GP Internal Core API v1.1 : update TEE_AllocateOperation ECC

add TEE_ALG_ECDSA_Pxxx/TEE_ALG_ECDH_Pxxx

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP Internal Core API v1.1 : update TEE_AllocateOperation DSA

add TEE_ALG_DSA_SHA224/TEE_ALG_DSA_SHA256

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.bran

GP Internal Core API v1.1 : update TEE_AllocateOperation DSA

add TEE_ALG_DSA_SHA224/TEE_ALG_DSA_SHA256

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP Internal Core API v1.1 : review internal client and cancellation functions

update panic reasons
checkpatch warning fix (else after return)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>

GP Internal Core API v1.1 : review internal client and cancellation functions

update panic reasons
checkpatch warning fix (else after return)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP Internal Core API v1.1 : add new functions, panicked IDs

- Add new functions (that will replace deprecated functions)
TEE_GetObjectInfo1, TEE_RestrictObjectUsage1,
TEE_CopyObjectAttributes1, TEE_

GP Internal Core API v1.1 : add new functions, panicked IDs

- Add new functions (that will replace deprecated functions)
TEE_GetObjectInfo1, TEE_RestrictObjectUsage1,
TEE_CopyObjectAttributes1, TEE_CloseAndDeletePersistentObject1

- Support of deprecated functions available (will be removed in future release).
Note: TEE_ERROR_STORAGE_NOT_AVAILABLE case not implemented in OP-TEE core
(e.g. media removal)

- Add panicked functions identifiers (debug purpose)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

Update ABI-32bits and v1.1 uint32_t changes

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pasc

Update ABI-32bits and v1.1 uint32_t changes

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

GP Internal Core API v1.1 : add defines, update type

Note: TEE_DATA_FLAG_OVERWRITE not supported

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@lina

GP Internal Core API v1.1 : add defines, update type

Note: TEE_DATA_FLAG_OVERWRITE not supported

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: James Kung <james.kung@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM Cannes)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (FVP)

show more ...

libutee: AES buffer not processed when size=16

In TEE_CipherUpdate, buffers must be processed when
the size of the input buffer is exactly the right minimum size.
As an example, in AES128, 16 bytes

libutee: AES buffer not processed when size=16

In TEE_CipherUpdate, buffers must be processed when
the size of the input buffer is exactly the right minimum size.
As an example, in AES128, 16 bytes output must be given
every 16 bytes input.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Tested-by: Jeremy PLANEIX <jeremy.planeix@st.com>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

util.h: add parentheses in ROUND{UP,DOWN} macros

Adds parentheses in ROUND{UP,DOWN} macros in util.h and removes
ROUND{UP,DOWN} and MIN/MAX macros from utee_defines.h as they are
redundant.

Signed-

util.h: add parentheses in ROUND{UP,DOWN} macros

Adds parentheses in ROUND{UP,DOWN} macros in util.h and removes
ROUND{UP,DOWN} and MIN/MAX macros from utee_defines.h as they are
redundant.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Add PKCS #5 v2.0 key derivation function 2 (PBKDF2)

This commit implements a crypto extension to support the key derivation
function defined in section 5.2 of RFC 2898
(https://www.ietf.org/rfc/rfc2

Add PKCS #5 v2.0 key derivation function 2 (PBKDF2)

This commit implements a crypto extension to support the key derivation
function defined in section 5.2 of RFC 2898
(https://www.ietf.org/rfc/rfc2898.txt), which is a re-publish of PKCS #5 v2.0.
The underlying pseudorandom function is HMAC-SHA1, which is the default PRF
specified in the RFC. It would be trivial to support the other HMAC functions
already implemented in OP-TEE.

See documentation/extensions/crypto_pbkdf2.md for details.

Tested on PLATFORM=vexpress-qemu_virt with the test vectors from RFC 6070
(https://www.ietf.org/rfc/rfc6070.txt).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Add HMAC-based extract-and-expand key derivation function (HKDF)

HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm.
As per the RFC:

A key derivation function (KDF) is a bas

Add HMAC-based extract-and-expand key derivation function (HKDF)

HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm.
As per the RFC:

A key derivation function (KDF) is a basic and essential component of
cryptographic systems. Its goal is to take some source of initial
keying material and derive from it one or more cryptographically
strong secret keys.
[...]
HKDF follows the "extract-then-expand" paradigm, where the KDF
logically consists of two modules.
[...]
The goal of the "extract" stage is to "concentrate" the possibly
dispersed entropy of the input keying material into a short, but
cryptographically strong, pseudorandom key.
[...]
The second stage "expands" the pseudorandom key to the desired
length; the number and lengths of the output keys depend on the
specific cryptographic algorithms for which the keys are needed.

Since HKDF is not covered by the GlobalPlatform Internal API specification
v1.0/v1.1, this commit introduces extensions to the specification.
More specifically: it defines new algorithms, a new object type and new
object attributes. This implementation supports all the usual hash
functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may
produce output keys of length up to 4096 bits (currently limited only by
the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET).
Aside from minor updates to object manipulation functions to support
the new data, the function TEE_DeriveKey() is mostly impacted.

The file documentation/extensions/crypto_hkdf.md contains the modifications
to the GP Internal API v1.0 spec in order to support HKDF.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Add Concat KDF (Concatenation Key Derivation Function, NIST SP 800-56A R1)

Concat KDF is a key derivation algorithm defined in section 5.8.1 of
the NIST Special Publication 800-56A Revision 1, "Reco

Add Concat KDF (Concatenation Key Derivation Function, NIST SP 800-56A R1)

Concat KDF is a key derivation algorithm defined in section 5.8.1 of
the NIST Special Publication 800-56A Revision 1, "Recommendation for Pair-Wise
Key Establishment Schemes Using Discrete Logarithm Cryptography"
(http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf)

This is a TEE implementation of the function, which supports the following
hash algorithms: SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512.
The actual key derivation is implemented in TEE_DeriveKey() thanks to
custom extensions to the GlobalPlatform API v1.0. Please refer to
documentation/extensions/crypto_concat_kdf.md for details.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

TEE_DeriveKey(): remove redundant parameter check

paramCount and params are checked by the system service
tee_svc_cryp_derive_key() so they do not need to be checked in libutee.

Signed-off-by: Jero

TEE_DeriveKey(): remove redundant parameter check

paramCount and params are checked by the system service
tee_svc_cryp_derive_key() so they do not need to be checked in libutee.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TEE_MACCompareFinal(): use buf_compare_ct(), don't clear stack on exit

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU v

TEE_MACCompareFinal(): use buf_compare_ct(), don't clear stack on exit

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU virt platform)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Digest operations now supports NULL arguments

Hash algorithms should support NULL arguments and zero length strings.
Following changes will make is possible to call TEE_DigestUpdate and
TEE_DigestDo

Digest operations now supports NULL arguments

Hash algorithms should support NULL arguments and zero length strings.
Following changes will make is possible to call TEE_DigestUpdate and
TEE_DigestDoFinal interchangeably.

Following combinations are now working.
----------------------------------------
| TEE_DigestUpdate | TEE_DigestDoFinal |
----------------------------------------
| NULL | NULL |
| NULL | MESSAGE |
| MESSAGE | NULL |
| MESSAGE | MESSAGE |
| N/A | NULL |
| N/A | MESSAGE |
----------------------------------------

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (FVP)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Fix #6323: A failing RSA decode leads to panic

Change-Id: Ia4762f076922338f280d431f104b653e731bf64f
Reviewed-on: https://gerrit.st.com/11598
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.

Fix #6323: A failing RSA decode leads to panic

Change-Id: Ia4762f076922338f280d431f104b653e731bf64f
Reviewed-on: https://gerrit.st.com/11598
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Tested-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Tested-by: Jocelyn RICARD <jocelyn.ricard@st.com>
Reviewed-by: Pascal BRAND <pascal.brand@st.com>

Update wrt comments from review

Fix returned error when the mode is not ok

show more ...

TEE_ROUNDxxx renamed in ROUNDxxx in libutee

This change is to have the same macro names in core
part and libutee part