processing.c - OpenGrok history log for /optee

Revision	Date	Author	Comments
# 8c499324	03-Mar-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add function to set key data Earlier derive_key_by_symm_enc() was used to derive key by cipher operation and set the derived key value in the object attributes. Simplify it to just deriv ta: pkcs11: Add function to set key data Earlier derive_key_by_symm_enc() was used to derive key by cipher operation and set the derived key value in the object attributes. Simplify it to just derive the key and return the derived key value to calling function. Separate function is created to add this derived key value in the key object. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ...
# 7107ac10	03-Mar-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Remove check from entry_derive_key() Explicit checking for invalid mechanism is no longer required in entry_derive_key() as this is taken care of by call to check_mechanism_against_proce ta: pkcs11: Remove check from entry_derive_key() Explicit checking for invalid mechanism is no longer required in entry_derive_key() as this is taken care of by call to check_mechanism_against_processing(). Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ...
# 48799892	17-Feb-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add implementation for key derivation Add code for handling C_DeriveKey() for mechanisms : CKM_AES_ECB_ENCRYPT_DATA CKM_AES_CBC_ENCRYPT_DATA Reviewed-by: Etienne Carriere <etienne.carri ta: pkcs11: Add implementation for key derivation Add code for handling C_DeriveKey() for mechanisms : CKM_AES_ECB_ENCRYPT_DATA CKM_AES_CBC_ENCRYPT_DATA Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ...
# 2d0cd829	12-Feb-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Fix interpretation of CKA_VALUE_LEN for Generic Secrets PKCS#11 specification [1] section 2.6.3 states that - For CKM_GENERIC_SECRET_KEY_GEN mechanism, the ulMinKeySize and ulMaxKeySize ta: pkcs11: Fix interpretation of CKA_VALUE_LEN for Generic Secrets PKCS#11 specification [1] section 2.6.3 states that - For CKM_GENERIC_SECRET_KEY_GEN mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure specify the supported range of key sizes, in bits. Based on this, assumption was being made in the code that key length specified by CKA_VALUE_LEN for keys of type CKK_GENERIC_SECRET is also in bits. This assumption is not correct as per Section 2.6.2 in [1]. Special handling in code for CKK_GENERIC_SECRET for handling keysize in bits has been now removed. [1] - PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ...
# 4cfce748	21-Dec-2020	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add class_id in create_attributes_from_template() Add a parameter to pass pkcs11_class_id. The parameter will be used when attributes need to be created for a template supporting public ta: pkcs11: Add class_id in create_attributes_from_template() Add a parameter to pass pkcs11_class_id. The parameter will be used when attributes need to be created for a template supporting public or private class key. It is unused for now. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ...
# fa247a2a	10-Dec-2020	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add support for Key Generation Adds support of mechanisms PKCS11_CKM_GENERIC_SECRET_KEY_GEN, PKCS11_CKM_AES_KEY_GEN for key generation API. Co-developed-by: Etienne Carriere <etienne.ca ta: pkcs11: Add support for Key Generation Adds support of mechanisms PKCS11_CKM_GENERIC_SECRET_KEY_GEN, PKCS11_CKM_AES_KEY_GEN for key generation API. Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ...
# 5d5f504f	10-Dec-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: remove empty tee_release_ctr_operation() Remove function tee_release_ctr_operation() that is empty since the generic sequence already releases CTR operation extra context. Reviewed-by: ta: pkcs11: remove empty tee_release_ctr_operation() Remove function tee_release_ctr_operation() that is empty since the generic sequence already releases CTR operation extra context. Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> show more ...
# 2158ea6c	30-Nov-2020	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add support for big key sizes for HMAC hash Mechanisms Currently the support for maximum key size supported in HMAC hash functions is limited by the underlying Global TEE implementation. ta: pkcs11: Add support for big key sizes for HMAC hash Mechanisms Currently the support for maximum key size supported in HMAC hash functions is limited by the underlying Global TEE implementation. The RFC 2202 and 4231 specify some HMAC test vectors where key size is greater than the sizes as supported in current TEE implementation. For such key sizes, greater than the maximum key size supported by TEE, first hash the key and then use the resultant as the actual key to HMAC. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ...
# 3284d935	10-Nov-2020	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Remove unused function entry_verify_oneshot() entry_verify_oneshot() is currently not used in any of the flows. Hence remove it. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> ta: pkcs11: Remove unused function entry_verify_oneshot() entry_verify_oneshot() is currently not used in any of the flows. Hence remove it. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ricardo Salveti <ricardo@foundries.io> show more ...
# 689f4e5b	29-Oct-2020	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11 : add support for HMAC modes for Sign/Verify Add support for HMAC modes for hash functions - MD5, SHA1, SHA256, SHA224, SHA284 and SHA512 in Sign/Verify operations. PKCS#11 offers 2 HMAC ta: pkcs11 : add support for HMAC modes for Sign/Verify Add support for HMAC modes for hash functions - MD5, SHA1, SHA256, SHA224, SHA284 and SHA512 in Sign/Verify operations. PKCS#11 offers 2 HMAC methods for each hash function <h>, CKM_<h>_HMAC and CKM_<h>_HMAC_GENERAL. Fixed tag length of the output size of hash function i.e CKM_h_HMAC is currently supported. Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ricardo Salveti <ricardo@foundries.io> show more ...
# 512cbf1d	15-Jul-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: adds support for symmetric AES cipher modes Adds support for the AES modes ECB, CBC, CTR and CTS. Much infrastructure is added to handle mechanisms. Reviewed-by: Vesa Jääskeläinen <ves ta: pkcs11: adds support for symmetric AES cipher modes Adds support for the AES modes ECB, CBC, CTR and CTS. Much infrastructure is added to handle mechanisms. Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ...
12