ta - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
9df68186	24-Aug-2021	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fix error code in asymmetric signature update sequence Correct return code in asymmetric update sequence when digest of the input data is updated on a multi-stage operation. Prior this c ta: pkcs11: fix error code in asymmetric signature update sequence Correct return code in asymmetric update sequence when digest of the input data is updated on a multi-stage operation. Prior this change, the implementation returned CKR_GENERAL_ERROR instead of CKR_OK because the expected success return value was loaded for that stage. Fixes: fb279d8b608e ("ta: pkcs11: Add support for elliptic curve signing & verification") Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... pkcs11/src/processing_asymm.c
2364aa69	29-Jul-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add operation state in session Add more operation states to take care of scenarios like failure of an incremental (update) operation if a one-shot/final operation has been started. Sign ta: pkcs11: Add operation state in session Add more operation states to take care of scenarios like failure of an incremental (update) operation if a one-shot/final operation has been started. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/pta/tests/invoke.c /optee_os/lib/libmbedtls/mbedtls/BUGS.md /optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/README.md /optee_os/lib/libmbedtls/mbedtls/SECURITY.md /optee_os/lib/libmbedtls/mbedtls/SUPPORT.md /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aria.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/blowfish.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chacha20.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chachapoly.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy_poll.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/memory_buffer_alloc.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/oid.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs11.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_time.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/psa_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/timing.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h /optee_os/lib/libmbedtls/mbedtls/library/aes.c /optee_os/lib/libmbedtls/mbedtls/library/aesni.c /optee_os/lib/libmbedtls/mbedtls/library/arc4.c /optee_os/lib/libmbedtls/mbedtls/library/aria.c /optee_os/lib/libmbedtls/mbedtls/library/asn1parse.c /optee_os/lib/libmbedtls/mbedtls/library/asn1write.c /optee_os/lib/libmbedtls/mbedtls/library/base64.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/blowfish.c /optee_os/lib/libmbedtls/mbedtls/library/camellia.c /optee_os/lib/libmbedtls/mbedtls/library/ccm.c /optee_os/lib/libmbedtls/mbedtls/library/certs.c /optee_os/lib/libmbedtls/mbedtls/library/chacha20.c /optee_os/lib/libmbedtls/mbedtls/library/chachapoly.c /optee_os/lib/libmbedtls/mbedtls/library/check_crypto_config.h /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/cmac.c /optee_os/lib/libmbedtls/mbedtls/library/common.h /optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/debug.c /optee_os/lib/libmbedtls/mbedtls/library/des.c /optee_os/lib/libmbedtls/mbedtls/library/dhm.c /optee_os/lib/libmbedtls/mbedtls/library/ecdh.c /optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c /optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c /optee_os/lib/libmbedtls/mbedtls/library/ecp.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/entropy.c /optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/gcm.c /optee_os/lib/libmbedtls/mbedtls/library/havege.c /optee_os/lib/libmbedtls/mbedtls/library/hkdf.c /optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/md.c /optee_os/lib/libmbedtls/mbedtls/library/md2.c /optee_os/lib/libmbedtls/mbedtls/library/md4.c /optee_os/lib/libmbedtls/mbedtls/library/md5.c /optee_os/lib/libmbedtls/mbedtls/library/memory_buffer_alloc.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c /optee_os/lib/libmbedtls/mbedtls/library/oid.c /optee_os/lib/libmbedtls/mbedtls/library/padlock.c /optee_os/lib/libmbedtls/mbedtls/library/pem.c /optee_os/lib/libmbedtls/mbedtls/library/pk.c /optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs11.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs12.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs5.c /optee_os/lib/libmbedtls/mbedtls/library/pkparse.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c /optee_os/lib/libmbedtls/mbedtls/library/platform.c /optee_os/lib/libmbedtls/mbedtls/library/platform_util.c /optee_os/lib/libmbedtls/mbedtls/library/poly1305.c /optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/rsa_internal.c /optee_os/lib/libmbedtls/mbedtls/library/sha1.c /optee_os/lib/libmbedtls/mbedtls/library/sha256.c /optee_os/lib/libmbedtls/mbedtls/library/sha512.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cache.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cli.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.h /optee_os/lib/libmbedtls/mbedtls/library/threading.c /optee_os/lib/libmbedtls/mbedtls/library/timing.c /optee_os/lib/libmbedtls/mbedtls/library/version.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509.c /optee_os/lib/libmbedtls/mbedtls/library/x509_create.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/lib/libmbedtls/mbedtls/library/xtea.c /optee_os/lib/libmbedtls/sub.mk pkcs11/src/pkcs11_attributes.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h pkcs11/src/processing.c
324b9e14	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Enforce that helpers are up to date During each build enforce that src/pkcs11-helpers.c is up to date. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etie ta: pkcs11: Enforce that helpers are up to date During each build enforce that src/pkcs11-helpers.c is up to date. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... pkcs11/user_ta.mk
f3cc23fe	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add missing PKCS11_CKR_ helpers Adds used but missing PKCS11_CKR_ helpers: - PKCS11_CKR_KEY_TYPE_INCONSISTENT - PKCS11_CKR_KEY_NOT_WRAPPABLE - PKCS11_CKR_KEY_UNEXTRACTABLE Signed-off-by ta: pkcs11: Add missing PKCS11_CKR_ helpers Adds used but missing PKCS11_CKR_ helpers: - PKCS11_CKR_KEY_TYPE_INCONSISTENT - PKCS11_CKR_KEY_NOT_WRAPPABLE - PKCS11_CKR_KEY_UNEXTRACTABLE Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... pkcs11/src/pkcs11_helpers.c
73124d51	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Sort PKCS11_CKR_ helper lines Sort PKCS11_CKR_ helper lines to match their order in pkcs11_ta.h. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Ca ta: pkcs11: Sort PKCS11_CKR_ helper lines Sort PKCS11_CKR_ helper lines to match their order in pkcs11_ta.h. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... pkcs11/src/pkcs11_helpers.c
5dfe80d6	18-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add script to verify that helpers are present Extracts list of symbols from include/pkcs11_ta.h and verifies that they are present in src/pkcs11_helpers.c or are not used. Signed-off-by ta: pkcs11: Add script to verify that helpers are present Extracts list of symbols from include/pkcs11_ta.h and verifies that they are present in src/pkcs11_helpers.c or are not used. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/MAINTAINERS /optee_os/scripts/checkpatch_inc.sh pkcs11/scripts/verify-helpers.sh
9cf1afce	09-Jan-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Fix RSA public key import Different requirements are in place when importing RSA public key vs. generaing a new RSA key pair. Specified in: PKCS #11 Cryptographic Token Interface Curren ta: pkcs11: Fix RSA public key import Different requirements are in place when importing RSA public key vs. generaing a new RSA key pair. Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.2 RSA public key objects and 2.1.4 PKCS #1 RSA key pair generation Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/src/pkcs11_attributes.c
f27310a5	06-Aug-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Correct return value for decryption with invalid ciphertext When invalid input data is provided for TEE_AsymmetricDecrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation ta: pkcs11: Correct return value for decryption with invalid ciphertext When invalid input data is provided for TEE_AsymmetricDecrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Decrypt()/C_DecryptFinal() should return in this case CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE. As it is hard to determine which case it is return matching error similar to encryption case. Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.9 Decryption functions C_Decrypt/C_DecryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/src/processing_asymm.c
6a6299fb	06-Aug-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Correct return value for encryption with invalid input When invalid input data is provided for TEE_AsymmetricEncrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for ta: pkcs11: Correct return value for encryption with invalid input When invalid input data is provided for TEE_AsymmetricEncrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Encrypt()/C_EncryptFinal() should return in this case CKR_DATA_LEN_RANGE. Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.8 Encryption functions C_Encrypt/C_EncryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/src/processing_asymm.c
dc8c77fc	06-Aug-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for RSA OAEP encryption & decryption Add support for performing PKCS #1 RSA OAEP encryption & decryption operations for: - MGF1 SHA-1 - MGF1 SHA-224 - MGF1 SHA-256 - MGF1 SH ta: pkcs11: Add support for RSA OAEP encryption & decryption Add support for performing PKCS #1 RSA OAEP encryption & decryption operations for: - MGF1 SHA-1 - MGF1 SHA-224 - MGF1 SHA-256 - MGF1 SHA-384 - MGF1 SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.8 PKCS #1 RSA OAEP Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/pkcs11_helpers.c pkcs11/src/processing.h pkcs11/src/processing_asymm.c pkcs11/src/processing_rsa.c pkcs11/src/token_capabilities.c
d9af50bc	14-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for RSA PSS signing & verification Add support for performing RSA PSS signing & verification operations for: - PKCS #1 RSA PSS with supplied hash value - Multi stage SHA-1 - ta: pkcs11: Add support for RSA PSS signing & verification Add support for performing RSA PSS signing & verification operations for: - PKCS #1 RSA PSS with supplied hash value - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.10 PKCS #1 RSA PSS Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing.h pkcs11/src/processing_asymm.c pkcs11/src/processing_rsa.c pkcs11/src/token_capabilities.c
0442c956	04-Jan-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for RSA signing & verification Add support for performing RSA signing & verification operations for: - PKCS #1 v1.5 RSA with supplied hash value - Multi stage MD5 - Multi st ta: pkcs11: Add support for RSA signing & verification Add support for performing RSA signing & verification operations for: - PKCS #1 v1.5 RSA with supplied hash value - Multi stage MD5 - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1 RSA Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_asymm.c pkcs11/src/processing_rsa.c pkcs11/src/token_capabilities.c
86922832	04-Jan-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add RSA key pair generation support Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.4 PKCS #1 RSA key pair generatio ta: pkcs11: Add RSA key pair generation support Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.4 PKCS #1 RSA key pair generation Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_rsa.c pkcs11/src/sub.mk pkcs11/src/token_capabilities.c
db28c542	14-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add elliptic curve mecha bits to bytes conversions Even thou not currently used by the code add support for EC bits to bytes conversions to mechanism_supported_key_sizes_bytes() as more ta: pkcs11: Add elliptic curve mecha bits to bytes conversions Even thou not currently used by the code add support for EC bits to bytes conversions to mechanism_supported_key_sizes_bytes() as more will be added for RSA. This is to help to keep it in sync with pkcs11_mechanism_supported_key_sizes(). Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/plat-totalcompute/conf.mk /optee_os/core/arch/arm/plat-totalcompute/platform_config.h /optee_os/core/arch/arm/plat-totalcompute/sub.mk /optee_os/core/arch/arm/plat-totalcompute/tc_spmc_pm.c /optee_os/core/mm/mobj.c /optee_os/mk/config.mk pkcs11/src/pkcs11_attributes.c pkcs11/src/token_capabilities.c
66594cdb	29-Jul-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Remove dual crypto operations from token capability We don't support dual cryptographic operations in current implemenetation. So remove it from token capability. Signed-off-by: Ruchika ta: pkcs11: Remove dual crypto operations from token capability We don't support dual cryptographic operations in current implemenetation. So remove it from token capability. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/src/persistent_token.c
8abbc8f7	17-Jul-2021	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit() If C_EncryptInit()/C_DecryptInit() is called twice first starts the operation and should inform caller that operation is already in p ta: pkcs11: Fix calling twice of C_EncryptInit()/C_DecryptInit() If C_EncryptInit()/C_DecryptInit() is called twice first starts the operation and should inform caller that operation is already in progress and keep the operation active until it is terminated with C_Encrypt()/ C_Decrypt() or by C_EncryptFinal()/C_DecryptFinal(). Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.8 Encryption functions C_EncryptInit and 5.9 Decryption functions C_DecryptInit Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... /optee_os/.azure-pipelines.yml /optee_os/CHANGELOG.md /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-ls/platform_config.h /optee_os/core/arch/arm/plat-marvell/conf.mk /optee_os/core/arch/arm/plat-marvell/main.c /optee_os/core/arch/arm/plat-marvell/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-totalcompute/conf.mk /optee_os/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts /optee_os/core/arch/arm/plat-totalcompute/main.c /optee_os/core/arch/arm/plat-totalcompute/platform_config.h /optee_os/core/arch/arm/plat-totalcompute/sub.mk /optee_os/core/arch/arm/plat-totalcompute/tc0_spmc_pm.c /optee_os/core/crypto.mk /optee_os/core/crypto/cbc-mac.c /optee_os/core/mm/vm.c /optee_os/lib/libunw/unwind_arm64.c /optee_os/mk/config.mk /optee_os/scripts/checkpatch_inc.sh pkcs11/src/processing.c
f5c0739c	22-Mar-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add access check on new object when deriving/unwrapping Access check is also required on created attributes when a new object is created when deriving/unwrapping keys. Reviewed-by: Vesa ta: pkcs11: Add access check on new object when deriving/unwrapping Access check is also required on created attributes when a new object is created when deriving/unwrapping keys. Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... pkcs11/src/processing.c
e3f0cb56	05-Jul-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add support for indirect templates Add support for handling indirect template - CKA_DERIVE_TEMPLATE and CKA_UNWRAP_TEMPLATE during key derivation/unwrapping. Reviewed-by: Vesa Jääskeläi ta: pkcs11: Add support for indirect templates Add support for handling indirect template - CKA_DERIVE_TEMPLATE and CKA_UNWRAP_TEMPLATE during key derivation/unwrapping. Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... pkcs11/src/attributes.c pkcs11/src/attributes.h pkcs11/src/pkcs11_attributes.c
3668310b	05-Jul-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add implementation for unwrapping keys Add implementation for handling C_UnwrapKey() for mechanisms : CKM_AES_ECB CKM_AES_CBC Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.c ta: pkcs11: Add implementation for unwrapping keys Add implementation for handling C_UnwrapKey() for mechanisms : CKM_AES_ECB CKM_AES_CBC Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... pkcs11/src/entry.c pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_symm.c
5f80f270	25-Feb-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add implementation for wrapping keys Add implementation for handling C_WrapKey() for mechanisms : CKM_AES_ECB CKM_AES_CBC Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> ta: pkcs11: Add implementation for wrapping keys Add implementation for handling C_WrapKey() for mechanisms : CKM_AES_ECB CKM_AES_CBC Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... pkcs11/src/entry.c pkcs11/src/pkcs11_attributes.c pkcs11/src/pkcs11_attributes.h pkcs11/src/pkcs11_helpers.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_symm.c pkcs11/src/token_capabilities.c
06b47dc4	25-Feb-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Add missing error codes Some error codes related with wrap, unwrap and random number API's were missing from the list. These have been added. Reviewed-by: Vesa Jääskeläinen <vesa.jaaske ta: pkcs11: Add missing error codes Some error codes related with wrap, unwrap and random number API's were missing from the list. These have been added. Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_helpers.c
b6030585	24-Feb-2021	Ruchika Gupta <ruchika.gupta@linaro.org>	ta: pkcs11: Allocate command ID's for wrapping/unwrapping keys Allocate command ID's for C_WrapKey() and C_UnwrapKey(). Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: E ta: pkcs11: Allocate command ID's for wrapping/unwrapping keys Allocate command ID's for C_WrapKey() and C_UnwrapKey(). Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> show more ... /optee_os/.azure-pipelines.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/include/kernel/boot.h /optee_os/core/arch/arm/include/kernel/stmm_sp.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/spmc_sp_handler.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c /optee_os/core/arch/arm/plat-imx/registers/imx6-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx6.h /optee_os/core/arch/arm/plat-imx/registers/imx8m-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx8m.h /optee_os/core/arch/arm/plat-ls/link.mk /optee_os/core/arch/arm/plat-marvell/conf.mk /optee_os/core/arch/arm/plat-marvell/main.c /optee_os/core/arch/arm/plat-marvell/otx2/core_pos.S /optee_os/core/arch/arm/plat-marvell/platform_config.h /optee_os/core/arch/arm/plat-marvell/sub.mk /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-rcar/core_pos_a64.S /optee_os/core/arch/arm/plat-rcar/hw_rng.c /optee_os/core/arch/arm/plat-rcar/main.c /optee_os/core/arch/arm/plat-rcar/platform_config.h /optee_os/core/arch/arm/plat-rcar/rcar.h /optee_os/core/arch/arm/plat-rcar/romapi.c /optee_os/core/arch/arm/plat-rcar/romapi.h /optee_os/core/arch/arm/plat-rcar/romapi_call.S /optee_os/core/arch/arm/plat-rcar/sub.mk /optee_os/core/arch/arm/plat-zynq7k/main.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher_mac.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg_dt.c /optee_os/core/drivers/crypto/caam/include/caam_utils_dmaobj.h /optee_os/core/drivers/crypto/caam/utils/utils_dmaobj.c /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h /optee_os/core/drivers/imx_i2c.c /optee_os/core/drivers/imx_rngb.c /optee_os/core/drivers/scif.c /optee_os/core/include/kernel/wait_queue.h /optee_os/core/include/mm/mobj.h /optee_os/core/include/signed_hdr.h /optee_os/core/kernel/dt.c /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/kernel/tpm.c /optee_os/core/kernel/user_ta.c /optee_os/core/kernel/wait_queue.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_pk.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_private.h /optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_make_key.c /optee_os/core/mm/fobj.c /optee_os/core/mm/mobj.c /optee_os/core/pta/hwrng.c /optee_os/core/pta/sub.mk /optee_os/core/tee/fs_dirfile.c /optee_os/core/tee/tadb.c /optee_os/core/tee/tee_ree_fs.c /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libutee/include/rng_pta_client.h /optee_os/lib/libutils/ext/include/compiler.h /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/mk/config.mk pkcs11/include/pkcs11_ta.h
fb279d8b	26-Dec-2020	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for elliptic curve signing & verification Add support for performing elliptic curve signing & verification operations for: - ECDSA with supplied hash value - Multi stage SHA ta: pkcs11: Add support for elliptic curve signing & verification Add support for performing elliptic curve signing & verification operations for: - ECDSA with supplied hash value - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.3 Elliptic Curve Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/pkcs11_helpers.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_asymm.c pkcs11/src/processing_ec.c pkcs11/src/sub.mk pkcs11/src/token_capabilities.c
02b16804	25-Dec-2020	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: Add support for elliptic curve key pair generation Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.3.5 Elliptic curve ta: pkcs11: Add support for elliptic curve key pair generation Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.3.5 Elliptic curve key pair generation Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Co-developed-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/pkcs11_attributes.c pkcs11/src/processing.c pkcs11/src/processing.h pkcs11/src/processing_ec.c pkcs11/src/sub.mk pkcs11/src/token_capabilities.c
1f5d4d23	25-Dec-2020	Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>	ta: pkcs11: scripts: Add script for generating EC curve parameters Initial supports for curves: - prime192v1 - secp224r1 - prime256v1 - secp384r1 - secp521r1 Acked-by: Etienne Carriere <etienne.ca ta: pkcs11: scripts: Add script for generating EC curve parameters Initial supports for curves: - prime192v1 - secp224r1 - prime256v1 - secp384r1 - secp521r1 Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... pkcs11/scripts/dump_ec_curve_params.sh
1 2 3 4 567 8 9 10 >>...20