ta - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
70b6683b	03-Jun-2021	Victor Chong <victor.chong@linaro.org>	ta: pkcs11: Add support for more HMAC mechanisms Add support for _GENERAL MD5 and SHA based HMAC mechanisms. Signed-off-by: Victor Chong <victor.chong@linaro.org> Reviewed-by: Etienne Carriere <et ta: pkcs11: Add support for more HMAC mechanisms Add support for _GENERAL MD5 and SHA based HMAC mechanisms. Signed-off-by: Victor Chong <victor.chong@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing_symm.c pkcs11/src/token_capabilities.c
42765f82	12-Jul-2021	Victor Chong <victor.chong@linaro.org>	ta: pkcs11: Fix sign size comparison The current check does not take into account input signature sizes that are larger than the hash size, which are invalid and should return an error. The input si ta: pkcs11: Fix sign size comparison The current check does not take into account input signature sizes that are larger than the hash size, which are invalid and should return an error. The input signature size can be less than the hash size, but not for the mechanisms the function is currently used for. Change the check to match exactly the hash size. Signed-off-by: Victor Chong <victor.chong@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/src/processing_symm.c
6f6d5e75	02-Jun-2021	Victor Chong <victor.chong@linaro.org>	ta: pkcs11: Fix typo Fix typo in comment. Signed-off-by: Victor Chong <victor.chong@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ruchika Gupta <ruchika.gupta ta: pkcs11: Fix typo Fix typo in comment. Signed-off-by: Victor Chong <victor.chong@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... /optee_os/lib/libutee/tee_api_operations.c pkcs11/src/processing_symm.c
c46bd3e1	14-Sep-2021	Etienne Carriere <etienne.carriere@linaro.org>	libutils: bget_malloc: fix test in pool min size Requires at least 1 kB for the initial malloc memory pool. The rational is that the initial pool min size is not straightforward to compute as it dep libutils: bget_malloc: fix test in pool min size Requires at least 1 kB for the initial malloc memory pool. The rational is that the initial pool min size is not straightforward to compute as it depends on the internals of the BGET implementation. However, with a requirement of at least 1 kB in initial memory pool we'll have good margin while still being reasonable. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/pta/tests/sub.mk /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h arch/arm/user_ta_header.c
b59038ba	06-Sep-2021	Etienne Carriere <etienne.carriere@linaro.org>	ta: remove deprecated CFG_TA_DYNLINK Fully remove configuration switch CFG_TA_DYNLINK that is deprecated since 3.6.0, see commit d1911a85142d ("core: load TAs using ldelf"). Signed-off-by: Etienne ta: remove deprecated CFG_TA_DYNLINK Fully remove configuration switch CFG_TA_DYNLINK that is deprecated since 3.6.0, see commit d1911a85142d ("core: load TAs using ldelf"). Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/drivers/scmi-msg/clock.c /optee_os/core/lib/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c /optee_os/mk/config.mk ta.mk
19fdfcf6	31-Aug-2021	Etienne Carriere <etienne.carriere@linaro.org>	build: ldelf and TAs can rely on CFLAGS32/CFLAGS64 Defines arch-bits-$(sm) for ldelf and intree TAs sub components so that they can build using CFLAGS32 (or CFLAGS64) directives possibly passed by t build: ldelf and TAs can rely on CFLAGS32/CFLAGS64 Defines arch-bits-$(sm) for ldelf and intree TAs sub components so that they can build using CFLAGS32 (or CFLAGS64) directives possibly passed by the build environment. Defines arch-bits-ta_arm32 (resp. 64) in TA devkit to leverage CFLAGS32 (reps. CFLAGS64) directive passed by the build process. This change is needed for external package willing to pass specific directive to TA build sequence as toolchain's sysroot path. Adds an inline comment describing $(sm) value in the in tree TAs build instructions. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/tz_ssvce_def.h /optee_os/core/arch/arm/include/mm/tee_pager.h /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/idle.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/tee_l2cc_mutex.c /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-bcm/bcm_elog.c /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-hikey/main.c /optee_os/core/arch/arm/plat-hikey/spi_test.c /optee_os/core/arch/arm/plat-hisilicon/psci.c /optee_os/core/arch/arm/plat-imx/drivers/imx_caam.c /optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c /optee_os/core/arch/arm/plat-imx/drivers/imx_scu.c /optee_os/core/arch/arm/plat-imx/drivers/tzc380.c /optee_os/core/arch/arm/plat-imx/imx-common.c /optee_os/core/arch/arm/plat-imx/imx_pl310.c /optee_os/core/arch/arm/plat-imx/imx_src.c /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-imx/mmdc.c /optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c /optee_os/core/arch/arm/plat-imx/pm/gpcv2.c /optee_os/core/arch/arm/plat-imx/pm/imx7_suspend.c /optee_os/core/arch/arm/plat-imx/pm/pm-imx7.c /optee_os/core/arch/arm/plat-imx/pm/psci.c /optee_os/core/arch/arm/plat-k3/main.c /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-marvell/armada3700/hal_sec_perf.c /optee_os/core/arch/arm/plat-marvell/armada7k8k/hal_sec_perf.c /optee_os/core/arch/arm/plat-marvell/main.c /optee_os/core/arch/arm/plat-mediatek/main.c /optee_os/core/arch/arm/plat-rockchip/main.c /optee_os/core/arch/arm/plat-rockchip/platform_px30.c /optee_os/core/arch/arm/plat-rockchip/platform_rk322x.c /optee_os/core/arch/arm/plat-rockchip/platform_rk3399.c /optee_os/core/arch/arm/plat-rockchip/psci_rk322x.c /optee_os/core/arch/arm/plat-rzn1/main.c /optee_os/core/arch/arm/plat-rzn1/psci.c /optee_os/core/arch/arm/plat-rzn1/sm_platform_handler.c /optee_os/core/arch/arm/plat-sam/main.c /optee_os/core/arch/arm/plat-sprd/main.c /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-stm/rng_support.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/plat_tzc400.c /optee_os/core/arch/arm/plat-stm32mp1/rng_seed.c /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-sunxi/main.c /optee_os/core/arch/arm/plat-sunxi/psci.c /optee_os/core/arch/arm/plat-synquacer/main.c /optee_os/core/arch/arm/plat-synquacer/rng_pta.c /optee_os/core/arch/arm/plat-ti/main.c /optee_os/core/arch/arm/plat-ti/ti_pl310.c /optee_os/core/arch/arm/plat-uniphier/main.c /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/plat-zynq7k/main.c /optee_os/core/arch/arm/plat-zynqmp/main.c /optee_os/core/arch/arm/sm/pm.c /optee_os/core/drivers/amlogic_uart.c /optee_os/core/drivers/atmel_uart.c /optee_os/core/drivers/bcm_gpio.c /optee_os/core/drivers/bcm_hwrng.c /optee_os/core/drivers/bcm_sotp.c /optee_os/core/drivers/bnxt/bnxt.c /optee_os/core/drivers/bnxt/bnxt_fw.c /optee_os/core/drivers/bnxt/bnxt_images.c /optee_os/core/drivers/cdns_uart.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx6.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7ulp.c /optee_os/core/drivers/dra7_rng.c /optee_os/core/drivers/hi16xx_rng.c /optee_os/core/drivers/hi16xx_uart.c /optee_os/core/drivers/imx/dcp/dcp.c /optee_os/core/drivers/imx_lpuart.c /optee_os/core/drivers/imx_snvs.c /optee_os/core/drivers/imx_uart.c /optee_os/core/drivers/imx_wdog.c /optee_os/core/drivers/mvebu_uart.c /optee_os/core/drivers/ns16550.c /optee_os/core/drivers/pl011.c /optee_os/core/drivers/scif.c /optee_os/core/drivers/scmi-msg/smt.c /optee_os/core/drivers/serial8250_uart.c /optee_os/core/drivers/sp805_wdt.c /optee_os/core/drivers/sprd_uart.c /optee_os/core/drivers/stih_asc.c /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/stm32_uart.c /optee_os/core/drivers/tzc380.c /optee_os/core/include/drivers/sp805_wdt.h /optee_os/core/include/kernel/panic.h /optee_os/core/include/mm/core_memprot.h /optee_os/core/include/mm/vm.h /optee_os/core/kernel/panic.c /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/mm/fobj.c /optee_os/core/mm/mobj.c /optee_os/core/mm/vm.c /optee_os/core/pta/bcm/elog.c /optee_os/core/pta/tests/invoke.c /optee_os/ldelf/ldelf.mk /optee_os/mk/config.mk mk/build-user-ta.mk mk/ta_dev_kit.mk
95636b36	25-Aug-2021	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: make heap size configurable Add a configuration switch for the PKCS11 TA heap size defaulting to 16kB as legacy. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-b ta: pkcs11: make heap size configurable Add a configuration switch for the PKCS11 TA heap size defaulting to 16kB as legacy. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/src/user_ta_header_defines.h pkcs11/sub.mk
edce8377	25-Aug-2021	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: describe CFG_PKCS11_TA_TOKEN_COUNT Add a default value and a description for PKCS11 TA config switch CFG_PKCS11_TA_TOKEN_COUNT in ta/pkcs11/sub.mk. Signed-off-by: Etienne Carriere <etie ta: pkcs11: describe CFG_PKCS11_TA_TOKEN_COUNT Add a default value and a description for PKCS11 TA config switch CFG_PKCS11_TA_TOKEN_COUNT in ta/pkcs11/sub.mk. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/src/pkcs11_token.c pkcs11/sub.mk
06bc8d19	25-Aug-2021	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: move default config to ta sub.mk Move PKCS#11 TA default configuration settings from mk/config.mk to ta/pkcs11/sub.mk. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Revi ta: pkcs11: move default config to ta sub.mk Move PKCS#11 TA default configuration settings from mk/config.mk to ta/pkcs11/sub.mk. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... /optee_os/mk/config.mk pkcs11/sub.mk
9df68186	24-Aug-2021	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fix error code in asymmetric signature update sequence Correct return code in asymmetric update sequence when digest of the input data is updated on a multi-stage operation. Prior this c ta: pkcs11: fix error code in asymmetric signature update sequence Correct return code in asymmetric update sequence when digest of the input data is updated on a multi-stage operation. Prior this change, the implementation returned CKR_GENERAL_ERROR instead of CKR_OK because the expected success return value was loaded for that stage. Fixes: fb279d8b608e ("ta: pkcs11: Add support for elliptic curve signing & verification") Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... pkcs11/src/processing_asymm.c
2364aa69	29-Jul-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add operation state in session Add more operation states to take care of scenarios like failure of an incremental (update) operation if a one-shot/final operation has been started. Sign ta: pkcs11: Add operation state in session Add more operation states to take care of scenarios like failure of an incremental (update) operation if a one-shot/final operation has been started. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/pta/tests/invoke.c /optee_os/lib/libmbedtls/mbedtls/BUGS.md /optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/README.md /optee_os/lib/libmbedtls/mbedtls/SECURITY.md /optee_os/lib/libmbedtls/mbedtls/SUPPORT.md /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aria.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/blowfish.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chacha20.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chachapoly.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy_poll.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/memory_buffer_alloc.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/oid.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs11.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_time.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/psa_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/timing.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h /optee_os/lib/libmbedtls/mbedtls/library/aes.c /optee_os/lib/libmbedtls/mbedtls/library/aesni.c /optee_os/lib/libmbedtls/mbedtls/library/arc4.c /optee_os/lib/libmbedtls/mbedtls/library/aria.c /optee_os/lib/libmbedtls/mbedtls/library/asn1parse.c /optee_os/lib/libmbedtls/mbedtls/library/asn1write.c /optee_os/lib/libmbedtls/mbedtls/library/base64.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/blowfish.c /optee_os/lib/libmbedtls/mbedtls/library/camellia.c /optee_os/lib/libmbedtls/mbedtls/library/ccm.c /optee_os/lib/libmbedtls/mbedtls/library/certs.c /optee_os/lib/libmbedtls/mbedtls/library/chacha20.c /optee_os/lib/libmbedtls/mbedtls/library/chachapoly.c /optee_os/lib/libmbedtls/mbedtls/library/check_crypto_config.h /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/cmac.c /optee_os/lib/libmbedtls/mbedtls/library/common.h /optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/debug.c /optee_os/lib/libmbedtls/mbedtls/library/des.c /optee_os/lib/libmbedtls/mbedtls/library/dhm.c /optee_os/lib/libmbedtls/mbedtls/library/ecdh.c /optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c /optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c /optee_os/lib/libmbedtls/mbedtls/library/ecp.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/entropy.c /optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/gcm.c /optee_os/lib/libmbedtls/mbedtls/library/havege.c /optee_os/lib/libmbedtls/mbedtls/library/hkdf.c /optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/md.c /optee_os/lib/libmbedtls/mbedtls/library/md2.c /optee_os/lib/libmbedtls/mbedtls/library/md4.c /optee_os/lib/libmbedtls/mbedtls/library/md5.c /optee_os/lib/libmbedtls/mbedtls/library/memory_buffer_alloc.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c /optee_os/lib/libmbedtls/mbedtls/library/oid.c /optee_os/lib/libmbedtls/mbedtls/library/padlock.c /optee_os/lib/libmbedtls/mbedtls/library/pem.c /optee_os/lib/libmbedtls/mbedtls/library/pk.c /optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs11.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs12.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs5.c /optee_os/lib/libmbedtls/mbedtls/library/pkparse.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c /optee_os/lib/libmbedtls/mbedtls/library/platform.c /optee_os/lib/libmbedtls/mbedtls/library/platform_util.c /optee_os/lib/libmbedtls/mbedtls/library/poly1305.c /optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/rsa_internal.c /optee_os/lib/libmbedtls/mbedtls/library/sha1.c /optee_os/lib/libmbedtls/mbedtls/library/sha256.c /optee_os/lib/libmbedtls/mbedtls/library/sha512.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cache.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cli.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.h /optee_os/lib/libmbedtls/mbedtls/library/threading.c /optee_os/lib/libmbedtls/mbedtls/library/timing.c /optee_os/lib/libmbedtls/mbedtls/library/version.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509.c /optee_os/lib/libmbedtls/mbedtls/library/x509_create.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/lib/libmbedtls/mbedtls/library/xtea.c /optee_os/lib/libmbedtls/sub.mk pkcs11/src/pkcs11_attributes.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h pkcs11/src/processing.c
324b9e14	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Enforce that helpers are up to date During each build enforce that src/pkcs11-helpers.c is up to date. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etie ta: pkcs11: Enforce that helpers are up to date During each build enforce that src/pkcs11-helpers.c is up to date. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... pkcs11/user_ta.mk
f3cc23fe	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add missing PKCS11_CKR_ helpers Adds used but missing PKCS11_CKR_ helpers: - PKCS11_CKR_KEY_TYPE_INCONSISTENT - PKCS11_CKR_KEY_NOT_WRAPPABLE - PKCS11_CKR_KEY_UNEXTRACTABLE Signed-off-by ta: pkcs11: Add missing PKCS11_CKR_ helpers Adds used but missing PKCS11_CKR_ helpers: - PKCS11_CKR_KEY_TYPE_INCONSISTENT - PKCS11_CKR_KEY_NOT_WRAPPABLE - PKCS11_CKR_KEY_UNEXTRACTABLE Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... pkcs11/src/pkcs11_helpers.c
73124d51	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Sort PKCS11_CKR_ helper lines Sort PKCS11_CKR_ helper lines to match their order in pkcs11_ta.h. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Ca ta: pkcs11: Sort PKCS11_CKR_ helper lines Sort PKCS11_CKR_ helper lines to match their order in pkcs11_ta.h. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... pkcs11/src/pkcs11_helpers.c
5dfe80d6	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add script to verify that helpers are present Extracts list of symbols from include/pkcs11_ta.h and verifies that they are present in src/pkcs11_helpers.c or are not used. Signed-off-by ta: pkcs11: Add script to verify that helpers are present Extracts list of symbols from include/pkcs11_ta.h and verifies that they are present in src/pkcs11_helpers.c or are not used. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/MAINTAINERS /optee_os/scripts/checkpatch_inc.sh pkcs11/scripts/verify-helpers.sh
9cf1afce	09-Jan-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Fix RSA public key import Different requirements are in place when importing RSA public key vs. generaing a new RSA key pair. Specified in: PKCS #11 Cryptographic Token Interface Curren ta: pkcs11: Fix RSA public key import Different requirements are in place when importing RSA public key vs. generaing a new RSA key pair. Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.2 RSA public key objects and 2.1.4 PKCS #1 RSA key pair generation Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/src/pkcs11_attributes.c
f27310a5	06-Aug-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Correct return value for decryption with invalid ciphertext When invalid input data is provided for TEE_AsymmetricDecrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation ta: pkcs11: Correct return value for decryption with invalid ciphertext When invalid input data is provided for TEE_AsymmetricDecrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Decrypt()/C_DecryptFinal() should return in this case CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE. As it is hard to determine which case it is return matching error similar to encryption case. Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.9 Decryption functions C_Decrypt/C_DecryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/src/processing_asymm.c
6a6299fb	06-Aug-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Correct return value for encryption with invalid input When invalid input data is provided for TEE_AsymmetricEncrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for ta: pkcs11: Correct return value for encryption with invalid input When invalid input data is provided for TEE_AsymmetricEncrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Encrypt()/C_EncryptFinal() should return in this case CKR_DATA_LEN_RANGE. Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.8 Encryption functions C_Encrypt/C_EncryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/src/processing_asymm.c
dc8c77fc	06-Aug-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for RSA OAEP encryption & decryption Add support for performing PKCS #1 RSA OAEP encryption & decryption operations for: - MGF1 SHA-1 - MGF1 SHA-224 - MGF1 SHA-256 - MGF1 SH ta: pkcs11: Add support for RSA OAEP encryption & decryption Add support for performing PKCS #1 RSA OAEP encryption & decryption operations for: - MGF1 SHA-1 - MGF1 SHA-224 - MGF1 SHA-256 - MGF1 SHA-384 - MGF1 SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.8 PKCS #1 RSA OAEP Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/pkcs11_helpers.c pkcs11/src/processing.h pkcs11/src/processing_asymm.c pkcs11/src/processing_rsa.c pkcs11/src/token_capabilities.c
d9af50bc	14-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for RSA PSS signing & verification Add support for performing RSA PSS signing & verification operations for: - PKCS #1 RSA PSS with supplied hash value - Multi stage SHA-1 - ta: pkcs11: Add support for RSA PSS signing & verification Add support for performing RSA PSS signing & verification operations for: - PKCS #1 RSA PSS with supplied hash value - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.10 PKCS #1 RSA PSS Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing.h pkcs11/src/processing_asymm.c pkcs11/src/processing_rsa.c pkcs11/src/token_capabilities.c
0442c956	04-Jan-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for RSA signing & verification Add support for performing RSA signing & verification operations for: - PKCS #1 v1.5 RSA with supplied hash value - Multi stage MD5 - Multi st ta: pkcs11: Add support for RSA signing & verification Add support for performing RSA signing & verification operations for: - PKCS #1 v1.5 RSA with supplied hash value - Multi stage MD5 - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1 RSA Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_asymm.c pkcs11/src/processing_rsa.c pkcs11/src/token_capabilities.c
86922832	04-Jan-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add RSA key pair generation support Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.4 PKCS #1 RSA key pair generatio ta: pkcs11: Add RSA key pair generation support Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.4 PKCS #1 RSA key pair generation Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_rsa.c pkcs11/src/sub.mk pkcs11/src/token_capabilities.c
db28c542	14-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add elliptic curve mecha bits to bytes conversions Even thou not currently used by the code add support for EC bits to bytes conversions to mechanism_supported_key_sizes_bytes() as more ta: pkcs11: Add elliptic curve mecha bits to bytes conversions Even thou not currently used by the code add support for EC bits to bytes conversions to mechanism_supported_key_sizes_bytes() as more will be added for RSA. This is to help to keep it in sync with pkcs11_mechanism_supported_key_sizes(). Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/plat-totalcompute/conf.mk /optee_os/core/arch/arm/plat-totalcompute/platform_config.h /optee_os/core/arch/arm/plat-totalcompute/sub.mk /optee_os/core/arch/arm/plat-totalcompute/tc_spmc_pm.c /optee_os/core/mm/mobj.c /optee_os/mk/config.mk pkcs11/src/pkcs11_attributes.c pkcs11/src/token_capabilities.c
66594cdb	29-Jul-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Remove dual crypto operations from token capability We don't support dual cryptographic operations in current implemenetation. So remove it from token capability. Signed-off-by: Ruchika ta: pkcs11: Remove dual crypto operations from token capability We don't support dual cryptographic operations in current implemenetation. So remove it from token capability. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/src/persistent_token.c
8abbc8f7	17-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit() If C_EncryptInit()/C_DecryptInit() is called twice first starts the operation and should inform caller that operation is already in p ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit() If C_EncryptInit()/C_DecryptInit() is called twice first starts the operation and should inform caller that operation is already in progress and keep the operation active until it is terminated with C_Encrypt()/ C_Decrypt() or by C_EncryptFinal()/C_DecryptFinal(). Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.8 Encryption functions C_EncryptInit and 5.9 Decryption functions C_DecryptInit Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... /optee_os/.azure-pipelines.yml /optee_os/CHANGELOG.md /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-ls/platform_config.h /optee_os/core/arch/arm/plat-marvell/conf.mk /optee_os/core/arch/arm/plat-marvell/main.c /optee_os/core/arch/arm/plat-marvell/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-totalcompute/conf.mk /optee_os/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts /optee_os/core/arch/arm/plat-totalcompute/main.c /optee_os/core/arch/arm/plat-totalcompute/platform_config.h /optee_os/core/arch/arm/plat-totalcompute/sub.mk /optee_os/core/arch/arm/plat-totalcompute/tc0_spmc_pm.c /optee_os/core/crypto.mk /optee_os/core/crypto/cbc-mac.c /optee_os/core/mm/vm.c /optee_os/lib/libunw/unwind_arm64.c /optee_os/mk/config.mk /optee_os/scripts/checkpatch_inc.sh pkcs11/src/processing.c
1 2 3 4 567 8 9 10 >>...20