ta: pkcs11: factorize second operation handle

Factorize fields tee_hash_op_handle and tee_op_handle2 of
struct active_processing that both are used as second operation
handle for specific algorithm.

ta: pkcs11: factorize second operation handle

Factorize fields tee_hash_op_handle and tee_op_handle2 of
struct active_processing that both are used as second operation
handle for specific algorithm.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

ta: pkcs11: implement AES GCM operations

Implement AES GCM authenticated encryption and decryption.

AES GCM decryption requires that the output data is revealed only once
decryption is finalized an

ta: pkcs11: implement AES GCM operations

Implement AES GCM authenticated encryption and decryption.

AES GCM decryption requires that the output data is revealed only once
decryption is finalized and the MAC signature successfully verified.
For this operation, the AES GCM context references a dynamically
allocated data buffer to store output data as they are generated by
each call to TEE_AEUpdate().

AES GCM one-shot operation in the pkc11 TA is a bit specific in that
it requires an extra TEE operation handle to save the initialized
operation state in case of one shot processing request (C_Encrypt()
or C_Decrypt() cryptoki API functions) that queries the output buffer
size. GP TEE Internal Core API does not define a single API function
for such one shot operation that could be called to query the output
buffer size. We must first fully process the input data (TEE_AEUpdate())
before we can query the output buffer size with TEE_AEEncryptFinal() or
TEE_AEDecryptFinal(). Consequently we will need to process again the
input data when client provides a well sized output buffer as we are not
sure that input data will be the same. Therefore the implementation
allocates a 2nd operation handle, copy the operation state into after
it is initialized and use this context to restore this initial state in
case the one shot AE operation is returning PKCS11_CKR_BUFFER_TOO_SMALL.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Co-developed-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE

Add PKCS11_CKA_CHECK_VALUE as an optional attribute of symmetric
key and certificate objects . As per the PKCS#11 specification, key
c

ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE

Add PKCS11_CKA_CHECK_VALUE as an optional attribute of symmetric
key and certificate objects . As per the PKCS#11 specification, key
check value attribute is optional therefore add pkcs11 TA configuration
switch CFG_PKCS11_TA_CHECK_VALUE_ATTRIBUTE to embed or not the support.

When supported, as per the spec, the attribute can be either the
legitimate value recomputed by the PKCS#11 token or a zero-sized value
called a no-value for when client does not want the attribute to set
in an object.

This change adds the support for the pcks11 TA commands related to
Cryptoki API functions C_GenerateKey(), C_CreateObject(), C_CopyObject(),
C_SetAttributeValue(), C_UnwrapKey() and C_DeriveKey(). TA command
related to C_FindOjects() support the attribute without any change.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

Upgrade in-tree TAs to use latest version of TEE Internal Core API

Upgrades in-tree TAs to use latest version of TEE Internal Core API and
the compatibility flag is by default turned off.

Upgrading

Upgrade in-tree TAs to use latest version of TEE Internal Core API

Upgrades in-tree TAs to use latest version of TEE Internal Core API and
the compatibility flag is by default turned off.

Upgrading the TAs is basically a matter of replacing a few uint32_t
pointers with size_t pointers instead. This is done in as few places as
possible. So in particular the PKCS#11 TA might benefit from another
round of refactoring now that the contagious use of uint32_t as size
field is removed.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: save mechanism type on operation initialization

Sets session active processing mechanism type from init_symm_operation(),
init_asymm_operation() and init_disgest_operation() rather than

ta: pkcs11: save mechanism type on operation initialization

Sets session active processing mechanism type from init_symm_operation(),
init_asymm_operation() and init_disgest_operation() rather than from
their caller functions. No functional change.

Reviewed-by: Valerii Chubar <valerii_chubar@epam.com>
Reviewed-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Add RSA AES key wrap

The PKCS#11 Specification:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/
pkcs11-spec-v3.1-cs01.pdf

6.1.23 RSA AES KEY WRAP

The mechanism requires AES K

ta: pkcs11: Add RSA AES key wrap

The PKCS#11 Specification:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/
pkcs11-spec-v3.1-cs01.pdf

6.1.23 RSA AES KEY WRAP

The mechanism requires AES KWP mechanism CKM_AES_KEY_WRAP_KWP
which is not currently implemented in OP-TEE nor mentioned in
Global Platform specification.

Use the MBedTLS to wrap/unwrap the target key.

Signed-off-by: Valerii Chubar <valerii_chubar@epam.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Copy secret key data for wrapping

Currently the secret-key data is returned as a pointer to
the key attribute parameter. But the RSA private key
constitites of multiple parameters, some

ta: pkcs11: Copy secret key data for wrapping

Currently the secret-key data is returned as a pointer to
the key attribute parameter. But the RSA private key
constitites of multiple parameters, some memory has to be
allocated and populated. After the unwrapping an allocated
memory has to be freed. To generalise, return the secret
key value as a copy.

Signed-off-by: Valerii Chubar <valerii_chubar@epam.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: fix debug message

Minor mistake of printing key handle values after reset.

Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.o

ta: pkcs11: fix debug message

Minor mistake of printing key handle values after reset.

Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Fix key generation for Ed25519

The ECC curve is not an attribute of an Ed25519 key pair.
Remove it from the key generation attribute.

Add getting key size by using EC_POINT attribute.

ta: pkcs11: Fix key generation for Ed25519

The ECC curve is not an attribute of an Ed25519 key pair.
Remove it from the key generation attribute.

Add getting key size by using EC_POINT attribute.

Fixes: 03e07432b68f ("ta: pkcs11: Add Ed25519 support")
Signed-off-by: Valerii Chubar <valerii_chubar@epam.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Add Ed25519 support

Add functionality to generate, import keys, sign/verify for
ED25519, ED25519ctx and ED25519ph.

The values for the object identifies originates from:
https://www.rfc-

ta: pkcs11: Add Ed25519 support

Add functionality to generate, import keys, sign/verify for
ED25519, ED25519ctx and ED25519ph.

The values for the object identifies originates from:
https://www.rfc-editor.org/rfc/rfc8420.html
A.1. ASN.1 Object for Ed25519

The PKCS#11 Specification:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/
pkcs11-spec-v3.1-cs01.pdf

Signed-off-by: Valerii Chubar <valerii_chubar@epam.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: support for ECDH1_DERIVE

Add support for ECDH1_DERIVE operation.

Only the key derivation function CKD_NULL is supported: the raw shared
secret value is therefore generated without apply

ta: pkcs11: support for ECDH1_DERIVE

Add support for ECDH1_DERIVE operation.

Only the key derivation function CKD_NULL is supported: the raw shared
secret value is therefore generated without applying any key
derivation function.

Tested with pkcs11_tool -m ECDH1-DERIVE

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Co-developed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Add operation state in session

Add more operation states to take care of scenarios like failure
of an incremental (update) operation if a one-shot/final operation
has been started.

Sign

ta: pkcs11: Add operation state in session

Add more operation states to take care of scenarios like failure
of an incremental (update) operation if a one-shot/final operation
has been started.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Add support for RSA signing & verification

Add support for performing RSA signing & verification operations for:

- PKCS #1 v1.5 RSA with supplied hash value
- Multi stage MD5
- Multi st

ta: pkcs11: Add support for RSA signing & verification

Add support for performing RSA signing & verification operations for:

- PKCS #1 v1.5 RSA with supplied hash value
- Multi stage MD5
- Multi stage SHA-1
- Multi stage SHA-224
- Multi stage SHA-256
- Multi stage SHA-384
- Multi stage SHA-512

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1 RSA

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Add RSA key pair generation support

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1.4 PKCS #1 RSA key pair generatio

ta: pkcs11: Add RSA key pair generation support

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1.4 PKCS #1 RSA key pair generation

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit()

If C_EncryptInit()/C_DecryptInit() is called twice first starts the
operation and should inform caller that operation is already in p

ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit()

If C_EncryptInit()/C_DecryptInit() is called twice first starts the
operation and should inform caller that operation is already in progress
and keep the operation active until it is terminated with C_Encrypt()/
C_Decrypt() or by C_EncryptFinal()/C_DecryptFinal().

Specified in:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01
5.8 Encryption functions
C_EncryptInit
and
5.9 Decryption functions
C_DecryptInit

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Add access check on new object when deriving/unwrapping

Access check is also required on created attributes when
a new object is created when deriving/unwrapping keys.

Reviewed-by: Vesa

ta: pkcs11: Add access check on new object when deriving/unwrapping

Access check is also required on created attributes when
a new object is created when deriving/unwrapping keys.

Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Add implementation for unwrapping keys

Add implementation for handling C_UnwrapKey() for mechanisms :
CKM_AES_ECB
CKM_AES_CBC

Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.c

ta: pkcs11: Add implementation for unwrapping keys

Add implementation for handling C_UnwrapKey() for mechanisms :
CKM_AES_ECB
CKM_AES_CBC

Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Add implementation for wrapping keys

Add implementation for handling C_WrapKey() for mechanisms :
CKM_AES_ECB
CKM_AES_CBC

Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add implementation for wrapping keys

Add implementation for handling C_WrapKey() for mechanisms :
CKM_AES_ECB
CKM_AES_CBC

Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Add support for elliptic curve signing & verification

Add support for performing elliptic curve signing & verification
operations for:

- ECDSA with supplied hash value
- Multi stage SHA

ta: pkcs11: Add support for elliptic curve signing & verification

Add support for performing elliptic curve signing & verification
operations for:

- ECDSA with supplied hash value
- Multi stage SHA-1
- Multi stage SHA-224
- Multi stage SHA-256
- Multi stage SHA-384
- Multi stage SHA-512

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.3 Elliptic Curve

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: Add support for elliptic curve key pair generation

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01

2.3.5 Elliptic curve

ta: pkcs11: Add support for elliptic curve key pair generation

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01

2.3.5 Elliptic curve key pair generation

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Co-developed-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: Add generic support for key pair generation

This commit only adds common key pair generation support code.

Actual mechanism specific key pair generation codes are in their own
commits.

ta: pkcs11: Add generic support for key pair generation

This commit only adds common key pair generation support code.

Actual mechanism specific key pair generation codes are in their own
commits.

Specified in:
PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus
Errata 01

5.13 Key management functions
C_GenerateKeyPair

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: Add support for digest operations

Implements support for digest operations as specified in:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01
5.10 Me

ta: pkcs11: Add support for digest operations

Implements support for digest operations as specified in:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01
5.10 Message digesting functions

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: Add API for releasing active processing

When error condition is detected in Cryptoki API side in bad argument
processing add support for terminating active processing to comply
with the

ta: pkcs11: Add API for releasing active processing

When error condition is detected in Cryptoki API side in bad argument
processing add support for terminating active processing to comply
with the specification.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: Fix error code returned by entry_processing_key()

check_parent_attrs_against_processing() checks if the right attributes
are set in the key to be used for a cryptgraphic purpose. It retu

ta: pkcs11: Fix error code returned by entry_processing_key()

check_parent_attrs_against_processing() checks if the right attributes
are set in the key to be used for a cryptgraphic purpose. It returns
error - CKR_KEY_FUNCTION_NOT_PERMITTED if this is not the case.
For C_DeriveKey(), C_UnwrapKey(), CKR_KEY_FUNCTION_NOT_PERMITTED is not
specified in the error code list. So, for such errors return
CKR_KEY_TYPE_INCONSISTENT instead.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Rename entry_derive_key() to make it more generic

entry_derive_key() is renamed to entry_processing_key() and
parameter is added to pass processing information to it.
This is done becaus

ta: pkcs11: Rename entry_derive_key() to make it more generic

entry_derive_key() is renamed to entry_processing_key() and
parameter is added to pass processing information to it.
This is done because the flow for key derivation and key
unwrapping is very similar and this function can be reused.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...