History log of /optee_os/ta/pkcs11/src/ (Results 51 – 75 of 228)
Revision Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
dbc2184e08-Dec-2021 Ruchika Gupta <ruchika.gupta@linaro.org>

ta: pkcs11: Fix memory leak

When sanitizing indirect templates, obj2 was getting allocated
twice leading to memory leak.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne

ta: pkcs11: Fix memory leak

When sanitizing indirect templates, obj2 was getting allocated
twice leading to memory leak.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/5022

show more ...


/optee_os/core/arch/arm/dts/sama5d2.dtsi
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/plat-sam/conf.mk
/optee_os/core/arch/arm/plat-sam/platform_config.h
/optee_os/core/drivers/atmel_trng.c
/optee_os/core/drivers/crypto/se050/adaptors/utils/utils.c
/optee_os/core/drivers/crypto/stm32/stm32_cryp.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/kernel/dt.h
/optee_os/core/include/tee/tee_svc_storage.h
/optee_os/core/pta/tests/invoke.c
/optee_os/core/pta/tests/sub.mk
/optee_os/core/tee/sub.mk
/optee_os/core/tee/tee_fs_rpc.c
/optee_os/core/tee/tee_rpmb_fs.c
/optee_os/core/tee/tee_svc_storage.c
/optee_os/mk/config.mk
/optee_os/scripts/dump_ta_header.py
sanitize_object.c
/optee_os/ta/pkcs11/sub.mk
28eb53ac25-Nov-2021 Jorge Ramirez-Ortiz <jorge@foundries.io>

ta: pkcs11: remove unnecessary code

Remove unnecessary assignment.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>


/optee_os/.azure-pipelines.yml
/optee_os/.gitignore
/optee_os/core/arch/arm/dts/stm32mp157c-dk2.dts
/optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts
/optee_os/core/arch/arm/dts/stm32mp157c-ev1.dts
/optee_os/core/arch/arm/include/kernel/boot.h
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/tee_time.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/mm/tee_mm.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-mediatek/conf.mk
/optee_os/core/arch/arm/plat-mediatek/main.c
/optee_os/core/arch/arm/plat-rzn1/conf.mk
/optee_os/core/arch/arm/plat-rzn1/main.c
/optee_os/core/arch/arm/plat-rzn1/sm_platform_handler.c
/optee_os/core/arch/arm/plat-sam/conf.mk
/optee_os/core/arch/arm/plat-sam/sam_sfr.h
/optee_os/core/crypto/sub.mk
/optee_os/core/drivers/clk/clk_dt.c
/optee_os/core/drivers/clk/sam/at91_audio_pll.c
/optee_os/core/drivers/clk/sam/at91_clk.h
/optee_os/core/drivers/clk/sam/at91_generated.c
/optee_os/core/drivers/clk/sam/at91_h32mx.c
/optee_os/core/drivers/clk/sam/at91_i2s_mux.c
/optee_os/core/drivers/clk/sam/at91_main.c
/optee_os/core/drivers/clk/sam/at91_master.c
/optee_os/core/drivers/clk/sam/at91_peripheral.c
/optee_os/core/drivers/clk/sam/at91_pll.c
/optee_os/core/drivers/clk/sam/at91_plldiv.c
/optee_os/core/drivers/clk/sam/at91_pmc.c
/optee_os/core/drivers/clk/sam/at91_pmc.h
/optee_os/core/drivers/clk/sam/at91_programmable.c
/optee_os/core/drivers/clk/sam/at91_sckc.c
/optee_os/core/drivers/clk/sam/at91_system.c
/optee_os/core/drivers/clk/sam/at91_usb.c
/optee_os/core/drivers/clk/sam/at91_utmi.c
/optee_os/core/drivers/clk/sam/sama5d2_clk.c
/optee_os/core/drivers/clk/sam/sub.mk
/optee_os/core/drivers/clk/sub.mk
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg_dt.c
/optee_os/core/drivers/crypto/se050/adaptors/apis/apdu.c
/optee_os/core/drivers/crypto/se050/adaptors/include/se050_utils.h
/optee_os/core/drivers/crypto/se050/adaptors/utils/scp_config.c
/optee_os/core/drivers/crypto/se050/adaptors/utils/utils.c
/optee_os/core/drivers/crypto/se050/core/apdu.c
/optee_os/core/drivers/crypto/se050/core/ctr.c
/optee_os/core/drivers/crypto/se050/core/die_id.c
/optee_os/core/drivers/crypto/se050/core/ecc.c
/optee_os/core/drivers/crypto/se050/core/rsa.c
/optee_os/core/drivers/crypto/se050/core/scp03.c
/optee_os/core/drivers/crypto/se050/core/sub.mk
/optee_os/core/drivers/crypto/se050/crypto.mk
/optee_os/core/drivers/crypto/stm32/stm32_cryp.c
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/include/crypto/crypto_se.h
/optee_os/core/include/drivers/clk_dt.h
/optee_os/core/include/dt-bindings/clock/at91.h
/optee_os/core/include/initcall.h
/optee_os/core/include/kernel/dt.h
/optee_os/core/include/kernel/dt_driver.h
/optee_os/core/include/mm/tee_mm.h
/optee_os/core/kernel/console.c
/optee_os/core/kernel/dt_driver.c
/optee_os/core/kernel/huk_subkey.c
/optee_os/core/kernel/lockdep.c
/optee_os/core/kernel/wait_queue.c
/optee_os/core/lib/libtomcrypt/sha256_accel.c
/optee_os/core/lib/libtomcrypt/sub.mk
/optee_os/core/mm/fobj.c
/optee_os/core/mm/mobj.c
/optee_os/core/pta/apdu.c
/optee_os/core/pta/gprof.c
/optee_os/core/pta/scp03.c
/optee_os/core/pta/sub.mk
/optee_os/core/tee/entry_std.c
/optee_os/core/tee/socket.c
/optee_os/core/tee/tadb.c
/optee_os/core/tee/tee_fs_rpc.c
/optee_os/core/tee/tee_svc_cryp.c
/optee_os/lib/libmbedtls/sub.mk
/optee_os/lib/libutee/include/pta_apdu.h
/optee_os/lib/libutee/include/pta_scp03.h
/optee_os/lib/libutee/include/tee_api_defines_extensions.h
/optee_os/lib/libutee/tee_api_arith_mpi.c
/optee_os/lib/libutils/ext/include/util.h
/optee_os/mk/compile.mk
/optee_os/mk/config.mk
/optee_os/ta/avb/entry.c
/optee_os/ta/mk/build-user-ta.mk
object.c
a5ea52c208-Oct-2021 Elvira Khabirova <e.khabirova@omp.ru>

ta: pkcs11: fix a double-free

entry_processing_key() frees out_buf on error from
derive_key_by_symm_enc(). Before this change, that led to a double-free.

Fixes: 8c499324e457 ("ta: pkcs11: Add funct

ta: pkcs11: fix a double-free

entry_processing_key() frees out_buf on error from
derive_key_by_symm_enc(). Before this change, that led to a double-free.

Fixes: 8c499324e457 ("ta: pkcs11: Add function to set key data")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Elvira Khabirova <e.khabirova@omp.ru>

show more ...


processing_symm.c
b796403708-Oct-2021 Elvira Khabirova <e.khabirova@omp.ru>

ta: pkcs11: fix a memory leak

Before this change, entry_find_objects_init() leaked e.g. find_ctx.

Fixes: fa1ac7676f39 ("ta: pkcs11: Don't load objects that don't match the search during find")
Revi

ta: pkcs11: fix a memory leak

Before this change, entry_find_objects_init() leaked e.g. find_ctx.

Fixes: fa1ac7676f39 ("ta: pkcs11: Don't load objects that don't match the search during find")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Elvira Khabirova <e.khabirova@omp.ru>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/CHANGELOG.md
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/crypto/aes_armv8a_ce.c
/optee_os/core/arch/arm/dts/at91-sama5d27_som1.dtsi
/optee_os/core/arch/arm/dts/at91-sama5d27_som1_ek.dts
/optee_os/core/arch/arm/dts/at91-sama5d2_xplained.dts
/optee_os/core/arch/arm/dts/sama5d2-pinfunc.h
/optee_os/core/arch/arm/dts/sama5d2.dtsi
/optee_os/core/arch/arm/dts/stm32mp157a-dk1.dts
/optee_os/core/arch/arm/dts/stm32mp157c-dk2.dts
/optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts
/optee_os/core/arch/arm/dts/stm32mp157c-ev1.dts
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/include/kernel/secure_partition.h
/optee_os/core/arch/arm/include/kernel/thread_spmc.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/link_dummies_paged.c
/optee_os/core/arch/arm/kernel/secure_partition.c
/optee_os/core/arch/arm/kernel/spmc_sp_handler.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/kernel/virtualization.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/mm/mobj_ffa.c
/optee_os/core/arch/arm/plat-ls/main.c
/optee_os/core/arch/arm/plat-marvell/armada3700/hal_sec_perf.c
/optee_os/core/arch/arm/plat-marvell/armada7k8k/hal_sec_perf.c
/optee_os/core/arch/arm/plat-sam/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-totalcompute/conf.mk
/optee_os/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
/optee_os/core/arch/arm/plat-totalcompute/main.c
/optee_os/core/arch/arm/plat-totalcompute/platform_config.h
/optee_os/core/arch/arm/plat-zynqmp/conf.mk
/optee_os/core/arch/arm/plat-zynqmp/main.c
/optee_os/core/arch/arm/plat-zynqmp/platform_config.h
/optee_os/core/arch/arm/tee/cache.c
/optee_os/core/arch/arm/tee/entry_fast.c
/optee_os/core/crypto/aes-gcm-sw.c
/optee_os/core/crypto/crypto.c
/optee_os/core/drivers/bnxt/bnxt_fw.c
/optee_os/core/drivers/clk/clk.c
/optee_os/core/drivers/clk/clk_dt.c
/optee_os/core/drivers/clk/fixed_clk.c
/optee_os/core/drivers/clk/sub.mk
/optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c
/optee_os/core/drivers/crypto/caam/caam_pwr.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg_dt.c
/optee_os/core/drivers/crypto/crypto_api/acipher/dsa.c
/optee_os/core/drivers/crypto/crypto_api/acipher/ecc.c
/optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c
/optee_os/core/drivers/crypto/crypto_api/authenc/authenc.c
/optee_os/core/drivers/crypto/crypto_api/authenc/sub.mk
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_authenc.h
/optee_os/core/drivers/crypto/crypto_api/sub.mk
/optee_os/core/drivers/crypto/stm32/authenc.c
/optee_os/core/drivers/crypto/stm32/cipher.c
/optee_os/core/drivers/crypto/stm32/common.h
/optee_os/core/drivers/crypto/stm32/crypto.mk
/optee_os/core/drivers/crypto/stm32/stm32_cryp.c
/optee_os/core/drivers/crypto/stm32/stm32_cryp.h
/optee_os/core/drivers/crypto/stm32/sub.mk
/optee_os/core/drivers/crypto/sub.mk
/optee_os/core/drivers/gic.c
/optee_os/core/drivers/imx_lpuart.c
/optee_os/core/drivers/imx_mu.c
/optee_os/core/drivers/imx_ocotp.c
/optee_os/core/drivers/imx_uart.c
/optee_os/core/drivers/pl011.c
/optee_os/core/drivers/scmi-msg/clock.c
/optee_os/core/drivers/serial8250_uart.c
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/drivers/stm32_i2c.c
/optee_os/core/drivers/stm32_rng.c
/optee_os/core/drivers/stm32_uart.c
/optee_os/core/drivers/sub.mk
/optee_os/core/drivers/zynqmp_csu_aes.c
/optee_os/core/drivers/zynqmp_csu_puf.c
/optee_os/core/drivers/zynqmp_csudma.c
/optee_os/core/drivers/zynqmp_huk.c
/optee_os/core/drivers/zynqmp_pm.c
/optee_os/core/include/crypto/crypto_impl.h
/optee_os/core/include/crypto/internal_aes-gcm.h
/optee_os/core/include/drivers/clk.h
/optee_os/core/include/drivers/clk_dt.h
/optee_os/core/include/drivers/imx_mu.h
/optee_os/core/include/drivers/stm32_gpio.h
/optee_os/core/include/drivers/stm32_i2c.h
/optee_os/core/include/drivers/zynqmp_csu.h
/optee_os/core/include/drivers/zynqmp_csu_aes.h
/optee_os/core/include/drivers/zynqmp_csu_puf.h
/optee_os/core/include/drivers/zynqmp_csudma.h
/optee_os/core/include/drivers/zynqmp_efuse.h
/optee_os/core/include/drivers/zynqmp_pm.h
/optee_os/core/include/dt-bindings/clock/at91.h
/optee_os/core/include/dt-bindings/dma/at91.h
/optee_os/core/include/dt-bindings/iio/adc/at91-sama5d2_adc.h
/optee_os/core/include/dt-bindings/mfd/atmel-flexcom.h
/optee_os/core/include/dt-bindings/regulator/active-semi,8945a-regulator.h
/optee_os/core/include/initcall.h
/optee_os/core/include/kernel/dt.h
/optee_os/core/include/kernel/dt_driver.h
/optee_os/core/include/kernel/interrupt.h
/optee_os/core/include/kernel/pm.h
/optee_os/core/include/kernel/virtualization.h
/optee_os/core/kernel/console.c
/optee_os/core/kernel/dt.c
/optee_os/core/kernel/dt_driver.c
/optee_os/core/kernel/initcall.c
/optee_os/core/kernel/interrupt.c
/optee_os/core/kernel/pm.c
/optee_os/core/kernel/sub.mk
/optee_os/core/mm/fobj.c
/optee_os/core/pta/bcm/elog.c
/optee_os/core/pta/tests/fs_htree.c
/optee_os/core/tee/socket.c
/optee_os/core/tee/tadb.c
/optee_os/ldelf/ta_elf.c
/optee_os/lib/libmbedtls/core/rsa.c
/optee_os/lib/libutils/ext/include/util.h
/optee_os/mk/config.mk
/optee_os/scripts/pem_to_pub_c.py
/optee_os/scripts/sign_encrypt.py
/optee_os/ta/mk/ta_dev_kit.mk
object.c
/optee_os/ta/trusted_keys/entry.c
4137952d23-Jan-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add certificate object support

Adds support for:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01

4.6 Certificate objects
4.6.3 X.509 public key ce

ta: pkcs11: Add certificate object support

Adds support for:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01

4.6 Certificate objects
4.6.3 X.509 public key certificate objects

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/mk/config.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
attributes.h
object.c
pkcs11_attributes.c
pkcs11_helpers.c
pkcs11_helpers.h
sanitize_object.c
0ef6b14425-Sep-2021 Victor Chong <victor.chong@linaro.org>

ta: pkcs11: Add support for AES CMAC mechanisms

Add support for CKM_AES_CMAC* mechanisms.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linar

ta: pkcs11: Add support for AES CMAC mechanisms

Add support for CKM_AES_CMAC* mechanisms.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...


/optee_os/core/arch/arm/include/kernel/tz_ssvce_def.h
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/config/imx6sll.h
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-imx/imx-common.c
/optee_os/core/arch/arm/plat-imx/imx.h
/optee_os/core/arch/arm/plat-imx/imx_pl310.c
/optee_os/core/arch/arm/plat-imx/mmdc.c
/optee_os/core/arch/arm/plat-imx/registers/imx6.h
/optee_os/core/arch/arm/plat-imx/registers/imx7-crm.h
/optee_os/core/arch/arm/plat-imx/registers/imx7.h
/optee_os/core/arch/arm/plat-imx/registers/imx7ulp.h
/optee_os/core/arch/arm/plat-imx/registers/imx8m-crm.h
/optee_os/core/arch/arm/plat-imx/registers/imx8m.h
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-poplar/conf.mk
/optee_os/core/arch/arm/plat-sam/conf.mk
/optee_os/core/arch/arm/plat-sam/main.c
/optee_os/core/arch/arm/plat-sam/matrix.c
/optee_os/core/arch/arm/plat-sam/matrix.h
/optee_os/core/arch/arm/plat-sam/platform_config.h
/optee_os/core/arch/arm/plat-sam/sam_pl310.c
/optee_os/core/arch/arm/plat-sam/sam_sfr.h
/optee_os/core/arch/arm/plat-sam/sama5d2.h
/optee_os/core/arch/arm/plat-sam/sub.mk
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/drivers/crypto/caam/caam_jr.c
/optee_os/core/drivers/crypto/caam/caam_rng.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_rng.c
/optee_os/core/drivers/crypto/caam/hal/common/registers/rng_regs.h
/optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h
/optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx6.c
/optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7.c
/optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7ulp.c
/optee_os/core/drivers/crypto/caam/utils/utils_dmaobj.c
/optee_os/core/drivers/crypto/crypto_api/acipher/dsa.c
/optee_os/core/drivers/crypto/crypto_api/acipher/ecc.c
/optee_os/core/drivers/imx_ocotp.c
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/imx_ocotp.h
/optee_os/core/include/kernel/dt.h
/optee_os/core/kernel/dt.c
/optee_os/lib/libutils/isoc/bget_malloc.c
/optee_os/lib/libutils/isoc/include/malloc.h
/optee_os/mk/config.mk
/optee_os/ta/mk/ta_dev_kit.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
pkcs11_attributes.c
processing_symm.c
token_capabilities.c
70b6683b03-Jun-2021 Victor Chong <victor.chong@linaro.org>

ta: pkcs11: Add support for more HMAC mechanisms

Add support for *_GENERAL MD5 and SHA based HMAC mechanisms.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <et

ta: pkcs11: Add support for more HMAC mechanisms

Add support for *_GENERAL MD5 and SHA based HMAC mechanisms.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...


/optee_os/ta/pkcs11/include/pkcs11_ta.h
pkcs11_attributes.c
processing_symm.c
token_capabilities.c
42765f8212-Jul-2021 Victor Chong <victor.chong@linaro.org>

ta: pkcs11: Fix sign size comparison

The current check does not take into account input signature sizes that
are larger than the hash size, which are invalid and should return an
error. The input si

ta: pkcs11: Fix sign size comparison

The current check does not take into account input signature sizes that
are larger than the hash size, which are invalid and should return an
error. The input signature size can be less than the hash size, but not
for the mechanisms the function is currently used for. Change the check
to match exactly the hash size.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...


processing_symm.c
6f6d5e7502-Jun-2021 Victor Chong <victor.chong@linaro.org>

ta: pkcs11: Fix typo

Fix typo in comment.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta

ta: pkcs11: Fix typo

Fix typo in comment.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...


/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/kernel/tz_ssvce_def.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/mm/tee_pager.h
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/idle.c
/optee_os/core/arch/arm/kernel/kern.ld.S
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/tee_l2cc_mutex.c
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/kernel/virtualization.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_v7.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-bcm/bcm_elog.c
/optee_os/core/arch/arm/plat-bcm/main.c
/optee_os/core/arch/arm/plat-hikey/main.c
/optee_os/core/arch/arm/plat-hikey/spi_test.c
/optee_os/core/arch/arm/plat-hisilicon/psci.c
/optee_os/core/arch/arm/plat-imx/drivers/imx_caam.c
/optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c
/optee_os/core/arch/arm/plat-imx/drivers/imx_scu.c
/optee_os/core/arch/arm/plat-imx/drivers/tzc380.c
/optee_os/core/arch/arm/plat-imx/imx-common.c
/optee_os/core/arch/arm/plat-imx/imx_pl310.c
/optee_os/core/arch/arm/plat-imx/imx_src.c
/optee_os/core/arch/arm/plat-imx/main.c
/optee_os/core/arch/arm/plat-imx/mmdc.c
/optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c
/optee_os/core/arch/arm/plat-imx/pm/gpcv2.c
/optee_os/core/arch/arm/plat-imx/pm/imx7_suspend.c
/optee_os/core/arch/arm/plat-imx/pm/pm-imx7.c
/optee_os/core/arch/arm/plat-imx/pm/psci.c
/optee_os/core/arch/arm/plat-k3/main.c
/optee_os/core/arch/arm/plat-ls/main.c
/optee_os/core/arch/arm/plat-marvell/armada3700/hal_sec_perf.c
/optee_os/core/arch/arm/plat-marvell/armada7k8k/hal_sec_perf.c
/optee_os/core/arch/arm/plat-marvell/main.c
/optee_os/core/arch/arm/plat-mediatek/main.c
/optee_os/core/arch/arm/plat-rockchip/main.c
/optee_os/core/arch/arm/plat-rockchip/platform_px30.c
/optee_os/core/arch/arm/plat-rockchip/platform_rk322x.c
/optee_os/core/arch/arm/plat-rockchip/platform_rk3399.c
/optee_os/core/arch/arm/plat-rockchip/psci_rk322x.c
/optee_os/core/arch/arm/plat-rzn1/main.c
/optee_os/core/arch/arm/plat-rzn1/psci.c
/optee_os/core/arch/arm/plat-rzn1/sm_platform_handler.c
/optee_os/core/arch/arm/plat-sam/main.c
/optee_os/core/arch/arm/plat-sprd/main.c
/optee_os/core/arch/arm/plat-stm/main.c
/optee_os/core/arch/arm/plat-stm/rng_support.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/plat_tzc400.c
/optee_os/core/arch/arm/plat-stm32mp1/rng_seed.c
/optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c
/optee_os/core/arch/arm/plat-sunxi/main.c
/optee_os/core/arch/arm/plat-sunxi/psci.c
/optee_os/core/arch/arm/plat-synquacer/main.c
/optee_os/core/arch/arm/plat-synquacer/rng_pta.c
/optee_os/core/arch/arm/plat-ti/main.c
/optee_os/core/arch/arm/plat-ti/ti_pl310.c
/optee_os/core/arch/arm/plat-uniphier/main.c
/optee_os/core/arch/arm/plat-vexpress/main.c
/optee_os/core/arch/arm/plat-zynq7k/main.c
/optee_os/core/arch/arm/plat-zynqmp/main.c
/optee_os/core/arch/arm/sm/pm.c
/optee_os/core/drivers/amlogic_uart.c
/optee_os/core/drivers/atmel_uart.c
/optee_os/core/drivers/bcm_gpio.c
/optee_os/core/drivers/bcm_hwrng.c
/optee_os/core/drivers/bcm_sotp.c
/optee_os/core/drivers/bnxt/bnxt.c
/optee_os/core/drivers/bnxt/bnxt_fw.c
/optee_os/core/drivers/bnxt/bnxt_images.c
/optee_os/core/drivers/cdns_uart.c
/optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx6.c
/optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7.c
/optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7ulp.c
/optee_os/core/drivers/dra7_rng.c
/optee_os/core/drivers/hi16xx_rng.c
/optee_os/core/drivers/hi16xx_uart.c
/optee_os/core/drivers/imx/dcp/dcp.c
/optee_os/core/drivers/imx_lpuart.c
/optee_os/core/drivers/imx_snvs.c
/optee_os/core/drivers/imx_uart.c
/optee_os/core/drivers/imx_wdog.c
/optee_os/core/drivers/mvebu_uart.c
/optee_os/core/drivers/ns16550.c
/optee_os/core/drivers/pl011.c
/optee_os/core/drivers/scif.c
/optee_os/core/drivers/scmi-msg/clock.c
/optee_os/core/drivers/scmi-msg/smt.c
/optee_os/core/drivers/serial8250_uart.c
/optee_os/core/drivers/sp805_wdt.c
/optee_os/core/drivers/sprd_uart.c
/optee_os/core/drivers/stih_asc.c
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/drivers/stm32_i2c.c
/optee_os/core/drivers/stm32_rng.c
/optee_os/core/drivers/stm32_uart.c
/optee_os/core/drivers/tzc380.c
/optee_os/core/include/drivers/sp805_wdt.h
/optee_os/core/include/kernel/panic.h
/optee_os/core/include/mm/core_memprot.h
/optee_os/core/include/mm/vm.h
/optee_os/core/kernel/panic.c
/optee_os/core/kernel/ree_fs_ta.c
/optee_os/core/lib/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c
/optee_os/core/mm/fobj.c
/optee_os/core/mm/mobj.c
/optee_os/core/mm/vm.c
/optee_os/core/pta/bcm/elog.c
/optee_os/core/pta/tests/invoke.c
/optee_os/core/pta/tests/sub.mk
/optee_os/ldelf/ldelf.mk
/optee_os/lib/libutee/tee_api.c
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutils/isoc/bget_malloc.c
/optee_os/lib/libutils/isoc/include/malloc.h
/optee_os/mk/config.mk
/optee_os/ta/arch/arm/user_ta_header.c
/optee_os/ta/mk/build-user-ta.mk
/optee_os/ta/mk/ta_dev_kit.mk
processing_symm.c
/optee_os/ta/ta.mk
95636b3625-Aug-2021 Etienne Carriere <etienne.carriere@linaro.org>

ta: pkcs11: make heap size configurable

Add a configuration switch for the PKCS11 TA heap size defaulting
to 16kB as legacy.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-b

ta: pkcs11: make heap size configurable

Add a configuration switch for the PKCS11 TA heap size defaulting
to 16kB as legacy.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...


user_ta_header_defines.h
/optee_os/ta/pkcs11/sub.mk
edce837725-Aug-2021 Etienne Carriere <etienne.carriere@linaro.org>

ta: pkcs11: describe CFG_PKCS11_TA_TOKEN_COUNT

Add a default value and a description for PKCS11 TA config switch
CFG_PKCS11_TA_TOKEN_COUNT in ta/pkcs11/sub.mk.

Signed-off-by: Etienne Carriere <etie

ta: pkcs11: describe CFG_PKCS11_TA_TOKEN_COUNT

Add a default value and a description for PKCS11 TA config switch
CFG_PKCS11_TA_TOKEN_COUNT in ta/pkcs11/sub.mk.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...


/optee_os/mk/config.mk
pkcs11_token.c
/optee_os/ta/pkcs11/sub.mk
9df6818624-Aug-2021 Etienne Carriere <etienne.carriere@linaro.org>

ta: pkcs11: fix error code in asymmetric signature update sequence

Correct return code in asymmetric update sequence when digest of
the input data is updated on a multi-stage operation. Prior this
c

ta: pkcs11: fix error code in asymmetric signature update sequence

Correct return code in asymmetric update sequence when digest of
the input data is updated on a multi-stage operation. Prior this
change, the implementation returned CKR_GENERAL_ERROR instead of
CKR_OK because the expected success return value was loaded for
that stage.

Fixes: fb279d8b608e ("ta: pkcs11: Add support for elliptic curve signing & verification")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...


processing_asymm.c
2364aa6929-Jul-2021 Ruchika Gupta <ruchika.gupta@linaro.org>

ta: pkcs11: Add operation state in session

Add more operation states to take care of scenarios like failure
of an incremental (update) operation if a one-shot/final operation
has been started.

Sign

ta: pkcs11: Add operation state in session

Add more operation states to take care of scenarios like failure
of an incremental (update) operation if a one-shot/final operation
has been started.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/MAINTAINERS
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/lib/libtomcrypt/mpi_desc.c
/optee_os/core/pta/tests/invoke.c
/optee_os/lib/libmbedtls/mbedtls/BUGS.md
/optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md
/optee_os/lib/libmbedtls/mbedtls/ChangeLog
/optee_os/lib/libmbedtls/mbedtls/README.md
/optee_os/lib/libmbedtls/mbedtls/SECURITY.md
/optee_os/lib/libmbedtls/mbedtls/SUPPORT.md
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aria.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/blowfish.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chacha20.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chachapoly.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy_poll.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/memory_buffer_alloc.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/oid.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs11.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_time.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/psa_util.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/timing.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h
/optee_os/lib/libmbedtls/mbedtls/library/aes.c
/optee_os/lib/libmbedtls/mbedtls/library/aesni.c
/optee_os/lib/libmbedtls/mbedtls/library/arc4.c
/optee_os/lib/libmbedtls/mbedtls/library/aria.c
/optee_os/lib/libmbedtls/mbedtls/library/asn1parse.c
/optee_os/lib/libmbedtls/mbedtls/library/asn1write.c
/optee_os/lib/libmbedtls/mbedtls/library/base64.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum.c
/optee_os/lib/libmbedtls/mbedtls/library/blowfish.c
/optee_os/lib/libmbedtls/mbedtls/library/camellia.c
/optee_os/lib/libmbedtls/mbedtls/library/ccm.c
/optee_os/lib/libmbedtls/mbedtls/library/certs.c
/optee_os/lib/libmbedtls/mbedtls/library/chacha20.c
/optee_os/lib/libmbedtls/mbedtls/library/chachapoly.c
/optee_os/lib/libmbedtls/mbedtls/library/check_crypto_config.h
/optee_os/lib/libmbedtls/mbedtls/library/cipher.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c
/optee_os/lib/libmbedtls/mbedtls/library/cmac.c
/optee_os/lib/libmbedtls/mbedtls/library/common.h
/optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c
/optee_os/lib/libmbedtls/mbedtls/library/debug.c
/optee_os/lib/libmbedtls/mbedtls/library/des.c
/optee_os/lib/libmbedtls/mbedtls/library/dhm.c
/optee_os/lib/libmbedtls/mbedtls/library/ecdh.c
/optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c
/optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp_invasive.h
/optee_os/lib/libmbedtls/mbedtls/library/entropy.c
/optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c
/optee_os/lib/libmbedtls/mbedtls/library/error.c
/optee_os/lib/libmbedtls/mbedtls/library/gcm.c
/optee_os/lib/libmbedtls/mbedtls/library/havege.c
/optee_os/lib/libmbedtls/mbedtls/library/hkdf.c
/optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c
/optee_os/lib/libmbedtls/mbedtls/library/md.c
/optee_os/lib/libmbedtls/mbedtls/library/md2.c
/optee_os/lib/libmbedtls/mbedtls/library/md4.c
/optee_os/lib/libmbedtls/mbedtls/library/md5.c
/optee_os/lib/libmbedtls/mbedtls/library/memory_buffer_alloc.c
/optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c
/optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c
/optee_os/lib/libmbedtls/mbedtls/library/oid.c
/optee_os/lib/libmbedtls/mbedtls/library/padlock.c
/optee_os/lib/libmbedtls/mbedtls/library/pem.c
/optee_os/lib/libmbedtls/mbedtls/library/pk.c
/optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.c
/optee_os/lib/libmbedtls/mbedtls/library/pkcs11.c
/optee_os/lib/libmbedtls/mbedtls/library/pkcs12.c
/optee_os/lib/libmbedtls/mbedtls/library/pkcs5.c
/optee_os/lib/libmbedtls/mbedtls/library/pkparse.c
/optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c
/optee_os/lib/libmbedtls/mbedtls/library/platform.c
/optee_os/lib/libmbedtls/mbedtls/library/platform_util.c
/optee_os/lib/libmbedtls/mbedtls/library/poly1305.c
/optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c
/optee_os/lib/libmbedtls/mbedtls/library/rsa.c
/optee_os/lib/libmbedtls/mbedtls/library/rsa_internal.c
/optee_os/lib/libmbedtls/mbedtls/library/sha1.c
/optee_os/lib/libmbedtls/mbedtls/library/sha256.c
/optee_os/lib/libmbedtls/mbedtls/library/sha512.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_cache.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_cli.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_invasive.h
/optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.h
/optee_os/lib/libmbedtls/mbedtls/library/threading.c
/optee_os/lib/libmbedtls/mbedtls/library/timing.c
/optee_os/lib/libmbedtls/mbedtls/library/version.c
/optee_os/lib/libmbedtls/mbedtls/library/version_features.c
/optee_os/lib/libmbedtls/mbedtls/library/x509.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_create.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c
/optee_os/lib/libmbedtls/mbedtls/library/xtea.c
/optee_os/lib/libmbedtls/sub.mk
pkcs11_attributes.c
pkcs11_token.c
pkcs11_token.h
processing.c
/optee_os/ta/pkcs11/user_ta.mk
f3cc23fe18-Jul-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add missing PKCS11_CKR_ helpers

Adds used but missing PKCS11_CKR_ helpers:
- PKCS11_CKR_KEY_TYPE_INCONSISTENT
- PKCS11_CKR_KEY_NOT_WRAPPABLE
- PKCS11_CKR_KEY_UNEXTRACTABLE

Signed-off-by

ta: pkcs11: Add missing PKCS11_CKR_ helpers

Adds used but missing PKCS11_CKR_ helpers:
- PKCS11_CKR_KEY_TYPE_INCONSISTENT
- PKCS11_CKR_KEY_NOT_WRAPPABLE
- PKCS11_CKR_KEY_UNEXTRACTABLE

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


pkcs11_helpers.c
73124d5118-Jul-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Sort PKCS11_CKR_ helper lines

Sort PKCS11_CKR_ helper lines to match their order in pkcs11_ta.h.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Ca

ta: pkcs11: Sort PKCS11_CKR_ helper lines

Sort PKCS11_CKR_ helper lines to match their order in pkcs11_ta.h.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/MAINTAINERS
/optee_os/scripts/checkpatch_inc.sh
/optee_os/ta/pkcs11/scripts/verify-helpers.sh
pkcs11_helpers.c
9cf1afce09-Jan-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Fix RSA public key import

Different requirements are in place when importing RSA public key vs.
generaing a new RSA key pair.

Specified in:
PKCS #11 Cryptographic Token Interface Curren

ta: pkcs11: Fix RSA public key import

Different requirements are in place when importing RSA public key vs.
generaing a new RSA key pair.

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1.2 RSA public key objects
and
2.1.4 PKCS #1 RSA key pair generation

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


pkcs11_attributes.c
f27310a506-Aug-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Correct return value for decryption with invalid ciphertext

When invalid input data is provided for TEE_AsymmetricDecrypt() it will
fail with TEE_ERROR_BAD_PARAMETERS.

PCSK#11 operation

ta: pkcs11: Correct return value for decryption with invalid ciphertext

When invalid input data is provided for TEE_AsymmetricDecrypt() it will
fail with TEE_ERROR_BAD_PARAMETERS.

PCSK#11 operation for C_Decrypt()/C_DecryptFinal() should return in this
case CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE.

As it is hard to determine which case it is return matching error similar
to encryption case.

Specified in:
PKCS #11 Cryptographic Token Interface Base Specification
Version 2.40 Plus Errata 01
5.9 Decryption functions
C_Decrypt/C_DecryptFinal

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


processing_asymm.c
6a6299fb06-Aug-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Correct return value for encryption with invalid input

When invalid input data is provided for TEE_AsymmetricEncrypt() it will
fail with TEE_ERROR_BAD_PARAMETERS.

PCSK#11 operation for

ta: pkcs11: Correct return value for encryption with invalid input

When invalid input data is provided for TEE_AsymmetricEncrypt() it will
fail with TEE_ERROR_BAD_PARAMETERS.

PCSK#11 operation for C_Encrypt()/C_EncryptFinal() should return in this
case CKR_DATA_LEN_RANGE.

Specified in:
PKCS #11 Cryptographic Token Interface Base Specification
Version 2.40 Plus Errata 01
5.8 Encryption functions
C_Encrypt/C_EncryptFinal

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


processing_asymm.c
dc8c77fc06-Aug-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add support for RSA OAEP encryption & decryption

Add support for performing PKCS #1 RSA OAEP encryption & decryption
operations for:

- MGF1 SHA-1
- MGF1 SHA-224
- MGF1 SHA-256
- MGF1 SH

ta: pkcs11: Add support for RSA OAEP encryption & decryption

Add support for performing PKCS #1 RSA OAEP encryption & decryption
operations for:

- MGF1 SHA-1
- MGF1 SHA-224
- MGF1 SHA-256
- MGF1 SHA-384
- MGF1 SHA-512

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1.8 PKCS #1 RSA OAEP

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/ta/pkcs11/include/pkcs11_ta.h
pkcs11_attributes.c
pkcs11_helpers.c
processing.h
processing_asymm.c
processing_rsa.c
token_capabilities.c
d9af50bc14-Jul-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add support for RSA PSS signing & verification

Add support for performing RSA PSS signing & verification operations for:

- PKCS #1 RSA PSS with supplied hash value
- Multi stage SHA-1
-

ta: pkcs11: Add support for RSA PSS signing & verification

Add support for performing RSA PSS signing & verification operations for:

- PKCS #1 RSA PSS with supplied hash value
- Multi stage SHA-1
- Multi stage SHA-224
- Multi stage SHA-256
- Multi stage SHA-384
- Multi stage SHA-512

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1.10 PKCS #1 RSA PSS

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/ta/pkcs11/include/pkcs11_ta.h
pkcs11_attributes.c
processing.h
processing_asymm.c
processing_rsa.c
token_capabilities.c
0442c95604-Jan-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add support for RSA signing & verification

Add support for performing RSA signing & verification operations for:

- PKCS #1 v1.5 RSA with supplied hash value
- Multi stage MD5
- Multi st

ta: pkcs11: Add support for RSA signing & verification

Add support for performing RSA signing & verification operations for:

- PKCS #1 v1.5 RSA with supplied hash value
- Multi stage MD5
- Multi stage SHA-1
- Multi stage SHA-224
- Multi stage SHA-256
- Multi stage SHA-384
- Multi stage SHA-512

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1 RSA

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/ta/pkcs11/include/pkcs11_ta.h
pkcs11_attributes.c
processing.c
processing.h
processing_asymm.c
processing_rsa.c
token_capabilities.c
8692283204-Jan-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add RSA key pair generation support

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1.4 PKCS #1 RSA key pair generatio

ta: pkcs11: Add RSA key pair generation support

Specified in:
PKCS #11 Cryptographic Token Interface Current Mechanisms Specification
Version 2.40 Plus Errata 01
2.1.4 PKCS #1 RSA key pair generation

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/ta/pkcs11/include/pkcs11_ta.h
pkcs11_attributes.c
processing.c
processing.h
processing_rsa.c
sub.mk
token_capabilities.c
db28c54214-Jul-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Add elliptic curve mecha bits to bytes conversions

Even thou not currently used by the code add support for EC bits to bytes
conversions to mechanism_supported_key_sizes_bytes() as more

ta: pkcs11: Add elliptic curve mecha bits to bytes conversions

Even thou not currently used by the code add support for EC bits to bytes
conversions to mechanism_supported_key_sizes_bytes() as more will be added
for RSA.

This is to help to keep it in sync with
pkcs11_mechanism_supported_key_sizes().

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/virtualization.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/plat-totalcompute/conf.mk
/optee_os/core/arch/arm/plat-totalcompute/platform_config.h
/optee_os/core/arch/arm/plat-totalcompute/sub.mk
/optee_os/core/arch/arm/plat-totalcompute/tc_spmc_pm.c
/optee_os/core/mm/mobj.c
/optee_os/mk/config.mk
pkcs11_attributes.c
token_capabilities.c
66594cdb29-Jul-2021 Ruchika Gupta <ruchika.gupta@linaro.org>

ta: pkcs11: Remove dual crypto operations from token capability

We don't support dual cryptographic operations in current
implemenetation. So remove it from token capability.

Signed-off-by: Ruchika

ta: pkcs11: Remove dual crypto operations from token capability

We don't support dual cryptographic operations in current
implemenetation. So remove it from token capability.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...


persistent_token.c
8abbc8f717-Jul-2021 Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit()

If C_EncryptInit()/C_DecryptInit() is called twice first starts the
operation and should inform caller that operation is already in p

ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit()

If C_EncryptInit()/C_DecryptInit() is called twice first starts the
operation and should inform caller that operation is already in progress
and keep the operation active until it is terminated with C_Encrypt()/
C_Decrypt() or by C_EncryptFinal()/C_DecryptFinal().

Specified in:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01
5.8 Encryption functions
C_EncryptInit
and
5.9 Decryption functions
C_DecryptInit

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/CHANGELOG.md
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-ls/platform_config.h
/optee_os/core/arch/arm/plat-marvell/conf.mk
/optee_os/core/arch/arm/plat-marvell/main.c
/optee_os/core/arch/arm/plat-marvell/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-totalcompute/conf.mk
/optee_os/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
/optee_os/core/arch/arm/plat-totalcompute/main.c
/optee_os/core/arch/arm/plat-totalcompute/platform_config.h
/optee_os/core/arch/arm/plat-totalcompute/sub.mk
/optee_os/core/arch/arm/plat-totalcompute/tc0_spmc_pm.c
/optee_os/core/crypto.mk
/optee_os/core/crypto/cbc-mac.c
/optee_os/core/mm/vm.c
/optee_os/lib/libunw/unwind_arm64.c
/optee_os/mk/config.mk
/optee_os/scripts/checkpatch_inc.sh
processing.c

12345678910