Add 3DES CMAC implementation

CMAC is a Cipher-Based MAC that improves some of the security deficiencies
found in CBC-MAC. It is described in NIST SP800-38B as a mode of operation
for approved symmet

Add 3DES CMAC implementation

CMAC is a Cipher-Based MAC that improves some of the security deficiencies
found in CBC-MAC. It is described in NIST SP800-38B as a mode of operation
for approved symmetric block chipers, namely AES and TDEA.

CMAC has similar use cases and security guarantees as HMAC, with the
difference that it uses a different primitive (symmetric cipher instead
of hash function).
CMAC may be appropriate for information systems in which an approved block
cipher is more readily available than an approved hash function.

Commonly it is used for symmetric key diversification (ASC X9 TR 31-2018),
data integrity assurance (ICV).

CMAC is public domain.

OP-TEE core already supports for AES CMAC, but not TDEA CMAC. This commit
adds TDEA CMAC support.

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
[jf: wrap commit description at 75 characters]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: libmbedtls: add 3DES CMAC implementation

Add 3DES CMAC (NIST SP800-38B).

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Et

core: libmbedtls: add 3DES CMAC implementation

Add 3DES CMAC (NIST SP800-38B).

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
[jf: add commit description]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: add support for SM2 using MBed TLS

The SM2 algorithms (PKE, KEP and DSA) are currently implemented using
LibTomCrypt. They are automatically disabled when MBed TLS is selected
as the core cryp

core: add support for SM2 using MBed TLS

The SM2 algorithms (PKE, KEP and DSA) are currently implemented using
LibTomCrypt. They are automatically disabled when MBed TLS is selected
as the core crypto library (that is, when CFG_CRYPTOLIB_NAME=mbedtls
CFG_CRYPTOLIB_DIR=lib/libmbedtls).

This commit removes this restriction by porting the relevant files
(core/lib/libtomcrypt/sm2-{dsa,kep,pke}.c) over to the MBed TLS API in
lib/libmbedtls/core.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libmbedtls: add SM2 curve

When MBEDTLS_ECP_DP_SM2_ENABLED is set, adds support for the ECC curve
defined for the Chinese SM2 algorithm (G/MT 0003 Part 5, [1]).

Link: [1] http://www.gmbz.org.cn/uplo

libmbedtls: add SM2 curve

When MBEDTLS_ECP_DP_SM2_ENABLED is set, adds support for the ECC curve
defined for the Chinese SM2 algorithm (G/MT 0003 Part 5, [1]).

Link: [1] http://www.gmbz.org.cn/upload/2018-07-24/1532401863206085511.pdf
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: sockets: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <j

libutee: sockets: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: libmbedtls: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <j

core: libmbedtls: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: add a new API to interact with plugins from TA

This patch adds a new API to libutee to interact
with tee-supplicant plugins from TEE userspace.

Every user TA can use 'tee_invoke_supp_plugi

libutee: add a new API to interact with plugins from TA

This patch adds a new API to libutee to interact
with tee-supplicant plugins from TEE userspace.

Every user TA can use 'tee_invoke_supp_plugin()' to send any commands
to a plugin. The commands are predefined by the plugin developer.

See the https://github.com/linaro-swg/optee_examples
repo for an example of using plugins.

Signed-off-by: Aleksandr Anisimov <a.anisimov@omprussia.ru>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: core: fix copy of AES context

The mbedtls_aes_context type cannot generally be copied with a simple
assignment (dst = src) because it contains a pointer field ('rk') which
needs to point

libmbedtls: core: fix copy of AES context

The mbedtls_aes_context type cannot generally be copied with a simple
assignment (dst = src) because it contains a pointer field ('rk') which
needs to point to the 'buf' field. The current code is incorrect and
causes errors in xtest 4003 on all platforms that do not have
CFG_CRYPTO_WITH_CE=y. When CE is enabled, a different structure
mbedtls_aes_context from aes_alt.h is used and the copy is correct.

Introduce a helper function: mbed_copy_mbedtls_aes_context() to perform
the copy operation and use it when copying AES ECB, CBC and CTR
contexts.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: core: rename mbd_rand.h to mbed_helpers.h

mbd_rand.h contains only one helper function: mbd_rand(). Give it a more
generic name so that other functions may be added in subsequent commits

libmbedtls: core: rename mbd_rand.h to mbed_helpers.h

mbd_rand.h contains only one helper function: mbd_rand(). Give it a more
generic name so that other functions may be added in subsequent commits.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: sys/queue.h: add LIST_FOREACH_SAFE()

Import macro LIST_FOREACH_SAFE from FreeBSD.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@peng

libutils: sys/queue.h: add LIST_FOREACH_SAFE()

Import macro LIST_FOREACH_SAFE from FreeBSD.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

lib: libutils: ext/isoc: sub.mk: make sources path platform generic

The path to platform specific code is hard-coded. This commit
changes it to use defined variable. This is helpful in case
of porti

lib: libutils: ext/isoc: sub.mk: make sources path platform generic

The path to platform specific code is hard-coded. This commit
changes it to use defined variable. This is helpful in case
of porting OP-TEE OS to a new architecture such we make
maximum reuse of existing sources.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: pta: drop SDP PTA

Drop SDP PTA as it is not used anywhere and looks like isn't
maintained. When is CFG_SDP_PTA=y the build fails with
compile errors:

error: implicit declaration of function ‘

core: pta: drop SDP PTA

Drop SDP PTA as it is not used anywhere and looks like isn't
maintained. When is CFG_SDP_PTA=y the build fails with
compile errors:

error: implicit declaration of function ‘tee_ta_get_calling_session’;
did you mean ‘ts_get_calling_session’?
[-Werror=implicit-function-declaration]
...
error: ‘struct tee_ta_session’ has no member named ‘ctx’

Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: fix processing of DT_FINI_ARRAY

The code that is supposed to invoke the finalization functions in the
DT_FINI_ARRAY of a TA is broken. It mixes DT_INIT_ARRAY with
DT_FINI_ARRAYSZ. As a result, t

ta: fix processing of DT_FINI_ARRAY

The code that is supposed to invoke the finalization functions in the
DT_FINI_ARRAY of a TA is broken. It mixes DT_INIT_ARRAY with
DT_FINI_ARRAYSZ. As a result, the finalization functions are never
called and the TA may even crash on exit.

Fix the issue by replacing the erroneous DT_INIT_ARRAY with
DT_FINI_ARRAY.

Fixes: dd655cb9906c ("ldelf, ta: add support for DT_INIT_ARRAY and DT_FINI_ARRAY")
Reported-by: JY Ho <JY.Ho@mediatek.com>
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ldelf: implement separate syscalls for ldelf

Implements a separate syscall handler for ldelf to decouple it from user
TAs and enable using it for all TSs. The calling convention is the same
as

core: ldelf: implement separate syscalls for ldelf

Implements a separate syscall handler for ldelf to decouple it from user
TAs and enable using it for all TSs. The calling convention is the same
as for utee_* syscalls. To distinguish between the different SVCs, the
syscall handler pointer is updated before entering ldelf and restored
after returning. The step of opening a system PTA session and invoking
the commands there is eliminated, the necessary functionality is
implemented in the ldelf syscall functions.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

Reintroduce memalign() and friends

memalign() and friends where removed with the
commit 8cd8a6296974 ("Remove memalign()").

At the time memalign() was unused and a bit buggy. This new memalign()
is

Reintroduce memalign() and friends

memalign() and friends where removed with the
commit 8cd8a6296974 ("Remove memalign()").

At the time memalign() was unused and a bit buggy. This new memalign()
is believed to work correctly due to extensive testing. Recently
memalign() has been needed by certain drivers so it makes sense to add
it again.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutil: add hdr_size parameter to bget

Adds a hdr_size parameter to bget(), bgetz() and bgetr(). hdr_size must
be a multiple of BGET_HDR_QUANTUM. If hdr_size is larger than 0 the
buffer will be all

libutil: add hdr_size parameter to bget

Adds a hdr_size parameter to bget(), bgetz() and bgetr(). hdr_size must
be a multiple of BGET_HDR_QUANTUM. If hdr_size is larger than 0 the
buffer will be allocated so that the alignment constraints are fulfilled
after advancing hdr_size bytes into the returned buffer.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutil: add alignment parameter to bget

Adds alignment parameter to bget(), bgetz() and bgetr(). If alignment is
larger then 0 the returned buffer is guaranteed to have an address which
is a multip

libutil: add alignment parameter to bget

Adds alignment parameter to bget(), bgetz() and bgetr(). If alignment is
larger then 0 the returned buffer is guaranteed to have an address which
is a multiple of this value.

The algorithm is basically unchanged, in the way that the memory is
still allocated from the end of a free memory block. The difference is
in the core implementation in bget() where now alignment of the returned
memory is taken into account. If only allocating with the minimum
alignment the memory blocks are expected to be allocated in the same
pattern.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Introduce CFG_TA_BGET_TEST

Introduces CFG_TA_BGET_TEST which compiles the integrated bget test
suite together with the rest of bget. When enabled, the test entry point
is bget_main_test() in libutil

Introduce CFG_TA_BGET_TEST

Introduces CFG_TA_BGET_TEST which compiles the integrated bget test
suite together with the rest of bget. When enabled, the test entry point
is bget_main_test() in libutils.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Use barrier_read_cntpct() to read CNTPCT

Arm ARM quite clearly mentions [1] [2] that such reads must be preceded
by an ISB to forbid re-ordering.

[1] https://developer.arm.com/documentation/ddi0487

Use barrier_read_cntpct() to read CNTPCT

Arm ARM quite clearly mentions [1] [2] that such reads must be preceded
by an ISB to forbid re-ordering.

[1] https://developer.arm.com/documentation/ddi0487/fc/ page D13-2863
"Synchronization requirements for AArch64 System registers" and page
G8-6146 "Ordering of reads of System registers".
[2] https://developer.arm.com/documentation/ddi0406/cd/ page B3-1441
"Ordering of reads of system control registers"

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Olivier Deprez <Olivier.Deprez@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: add isb() and barrier_read_cntpct()

Adds isb() and barrier_read_cntpct() to arm_user_sysreg.h, the latter to be
used as a helper when reading CNTPCT.

Reviewed-by: Jerome Forissier <jerome@

libutee: add isb() and barrier_read_cntpct()

Adds isb() and barrier_read_cntpct() to arm_user_sysreg.h, the latter to be
used as a helper when reading CNTPCT.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: fix TEE_BigIntInit() memset()

The TEE_BigIntInit() supplied length is the number of words allocated
for the bigint, including headers. Prior to this patch it seems it was
assumed that lengt

libutee: fix TEE_BigIntInit() memset()

The TEE_BigIntInit() supplied length is the number of words allocated
for the bigint, including headers. Prior to this patch it seems it was
assumed that length was number of bits given the call to
TEE_BigIntSizeInU32(). With this patch correct this by removing the
TEE_BigIntSizeInU32() call.

Fixes: 062e3d01c039 ("ta: switch to to mbedtls for bignum")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_CopyOperation() copy info.digestLength

When copying an operation include info.digestLength in the copied fields
which is needed for the authenticated encryption algorithms AES-GCM and
A

libutee: TEE_CopyOperation() copy info.digestLength

When copying an operation include info.digestLength in the copied fields
which is needed for the authenticated encryption algorithms AES-GCM and
AES-CCM.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Suggested-by: Tony He <tony.he@armchina.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_CopyOperation() check operation mode

Adds a check in TEE_CopyOperation() to panic if operation mode doesn't
match in the source and destination operations.

Reviewed-by: Jerome Forissie

libutee: TEE_CopyOperation() check operation mode

Adds a check in TEE_CopyOperation() to panic if operation mode doesn't
match in the source and destination operations.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: user_ta_header.h: remove unused struct ta_func_head

struct ta_func_head is unused, remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.

libutee: user_ta_header.h: remove unused struct ta_func_head

struct ta_func_head is unused, remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: user_ta_header.h: remove unused property strings

user_ta_header.h defines a few macros with property names that are not
used anywhere and are not part of any specification. Remove them.

Si

libutee: user_ta_header.h: remove unused property strings

user_ta_header.h defines a few macros with property names that are not
used anywhere and are not part of any specification. Remove them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...