1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 * Copyright 2020 NXP 5 * Copyright 2021, SumUp Service GmbH 6 */ 7 8 #include <assert.h> 9 #include <compiler.h> 10 #include <crypto/crypto.h> 11 #include <crypto/crypto_impl.h> 12 #include <kernel/panic.h> 13 #include <stdlib.h> 14 #include <string.h> 15 #include <utee_defines.h> 16 17 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 18 { 19 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 20 struct crypto_hash_ctx *c = NULL; 21 22 /* 23 * Use default cryptographic implementation if no matching 24 * drvcrypt device. 25 */ 26 res = drvcrypt_hash_alloc_ctx(&c, algo); 27 28 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 29 switch (algo) { 30 case TEE_ALG_MD5: 31 res = crypto_md5_alloc_ctx(&c); 32 break; 33 case TEE_ALG_SHA1: 34 res = crypto_sha1_alloc_ctx(&c); 35 break; 36 case TEE_ALG_SHA224: 37 res = crypto_sha224_alloc_ctx(&c); 38 break; 39 case TEE_ALG_SHA256: 40 res = crypto_sha256_alloc_ctx(&c); 41 break; 42 case TEE_ALG_SHA384: 43 res = crypto_sha384_alloc_ctx(&c); 44 break; 45 case TEE_ALG_SHA512: 46 res = crypto_sha512_alloc_ctx(&c); 47 break; 48 case TEE_ALG_SHA3_224: 49 res = crypto_sha3_224_alloc_ctx(&c); 50 break; 51 case TEE_ALG_SHA3_256: 52 res = crypto_sha3_256_alloc_ctx(&c); 53 break; 54 case TEE_ALG_SHA3_384: 55 res = crypto_sha3_384_alloc_ctx(&c); 56 break; 57 case TEE_ALG_SHA3_512: 58 res = crypto_sha3_512_alloc_ctx(&c); 59 break; 60 case TEE_ALG_SHAKE128: 61 res = crypto_shake128_alloc_ctx(&c); 62 break; 63 case TEE_ALG_SHAKE256: 64 res = crypto_shake256_alloc_ctx(&c); 65 break; 66 case TEE_ALG_SM3: 67 res = crypto_sm3_alloc_ctx(&c); 68 break; 69 default: 70 break; 71 } 72 } 73 74 if (!res) 75 *ctx = c; 76 77 return res; 78 } 79 80 static const struct crypto_hash_ops *hash_ops(void *ctx) 81 { 82 struct crypto_hash_ctx *c = ctx; 83 84 assert(c && c->ops); 85 86 return c->ops; 87 } 88 89 void crypto_hash_free_ctx(void *ctx) 90 { 91 if (ctx) 92 hash_ops(ctx)->free_ctx(ctx); 93 } 94 95 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 96 { 97 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 98 } 99 100 TEE_Result crypto_hash_init(void *ctx) 101 { 102 return hash_ops(ctx)->init(ctx); 103 } 104 105 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 106 { 107 return hash_ops(ctx)->update(ctx, data, len); 108 } 109 110 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 111 { 112 return hash_ops(ctx)->final(ctx, digest, len); 113 } 114 115 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 116 { 117 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 118 struct crypto_cipher_ctx *c = NULL; 119 120 /* 121 * Use default cryptographic implementation if no matching 122 * drvcrypt device. 123 */ 124 res = drvcrypt_cipher_alloc_ctx(&c, algo); 125 126 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 127 switch (algo) { 128 case TEE_ALG_AES_ECB_NOPAD: 129 res = crypto_aes_ecb_alloc_ctx(&c); 130 break; 131 case TEE_ALG_AES_CBC_NOPAD: 132 res = crypto_aes_cbc_alloc_ctx(&c); 133 break; 134 case TEE_ALG_AES_CTR: 135 res = crypto_aes_ctr_alloc_ctx(&c); 136 break; 137 case TEE_ALG_AES_CTS: 138 res = crypto_aes_cts_alloc_ctx(&c); 139 break; 140 case TEE_ALG_AES_XTS: 141 res = crypto_aes_xts_alloc_ctx(&c); 142 break; 143 case TEE_ALG_DES_ECB_NOPAD: 144 res = crypto_des_ecb_alloc_ctx(&c); 145 break; 146 case TEE_ALG_DES3_ECB_NOPAD: 147 res = crypto_des3_ecb_alloc_ctx(&c); 148 break; 149 case TEE_ALG_DES_CBC_NOPAD: 150 res = crypto_des_cbc_alloc_ctx(&c); 151 break; 152 case TEE_ALG_DES3_CBC_NOPAD: 153 res = crypto_des3_cbc_alloc_ctx(&c); 154 break; 155 case TEE_ALG_SM4_ECB_NOPAD: 156 res = crypto_sm4_ecb_alloc_ctx(&c); 157 break; 158 case TEE_ALG_SM4_CBC_NOPAD: 159 res = crypto_sm4_cbc_alloc_ctx(&c); 160 break; 161 case TEE_ALG_SM4_CTR: 162 res = crypto_sm4_ctr_alloc_ctx(&c); 163 break; 164 case TEE_ALG_SM4_XTS: 165 res = crypto_sm4_xts_alloc_ctx(&c); 166 break; 167 default: 168 return TEE_ERROR_NOT_IMPLEMENTED; 169 } 170 } 171 172 if (!res) 173 *ctx = c; 174 175 return res; 176 } 177 178 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 179 { 180 struct crypto_cipher_ctx *c = ctx; 181 182 assert(c && c->ops); 183 184 return c->ops; 185 } 186 187 void crypto_cipher_free_ctx(void *ctx) 188 { 189 if (ctx) 190 cipher_ops(ctx)->free_ctx(ctx); 191 } 192 193 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx) 194 { 195 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 196 } 197 198 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode, 199 const uint8_t *key1, size_t key1_len, 200 const uint8_t *key2, size_t key2_len, 201 const uint8_t *iv, size_t iv_len) 202 { 203 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 204 return TEE_ERROR_BAD_PARAMETERS; 205 206 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 207 iv, iv_len); 208 } 209 210 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused, 211 bool last_block, const uint8_t *data, 212 size_t len, uint8_t *dst) 213 { 214 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 215 } 216 217 void crypto_cipher_final(void *ctx) 218 { 219 cipher_ops(ctx)->final(ctx); 220 } 221 222 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 223 { 224 uint32_t class = TEE_ALG_GET_CLASS(algo); 225 226 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 227 class != TEE_OPERATION_AE) 228 return TEE_ERROR_BAD_PARAMETERS; 229 230 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 231 case TEE_MAIN_ALGO_AES: 232 *size = TEE_AES_BLOCK_SIZE; 233 return TEE_SUCCESS; 234 case TEE_MAIN_ALGO_DES: 235 case TEE_MAIN_ALGO_DES3: 236 *size = TEE_DES_BLOCK_SIZE; 237 return TEE_SUCCESS; 238 case TEE_MAIN_ALGO_SM4: 239 *size = TEE_SM4_BLOCK_SIZE; 240 return TEE_SUCCESS; 241 default: 242 return TEE_ERROR_NOT_SUPPORTED; 243 } 244 } 245 246 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 247 { 248 TEE_Result res = TEE_SUCCESS; 249 struct crypto_mac_ctx *c = NULL; 250 251 /* 252 * Use default cryptographic implementation if no matching 253 * drvcrypt device. 254 */ 255 res = drvcrypt_mac_alloc_ctx(&c, algo); 256 257 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 258 switch (algo) { 259 case TEE_ALG_HMAC_MD5: 260 res = crypto_hmac_md5_alloc_ctx(&c); 261 break; 262 case TEE_ALG_HMAC_SHA1: 263 res = crypto_hmac_sha1_alloc_ctx(&c); 264 break; 265 case TEE_ALG_HMAC_SHA224: 266 res = crypto_hmac_sha224_alloc_ctx(&c); 267 break; 268 case TEE_ALG_HMAC_SHA256: 269 res = crypto_hmac_sha256_alloc_ctx(&c); 270 break; 271 case TEE_ALG_HMAC_SHA384: 272 res = crypto_hmac_sha384_alloc_ctx(&c); 273 break; 274 case TEE_ALG_HMAC_SHA512: 275 res = crypto_hmac_sha512_alloc_ctx(&c); 276 break; 277 case TEE_ALG_HMAC_SHA3_224: 278 res = crypto_hmac_sha3_224_alloc_ctx(&c); 279 break; 280 case TEE_ALG_HMAC_SHA3_256: 281 res = crypto_hmac_sha3_256_alloc_ctx(&c); 282 break; 283 case TEE_ALG_HMAC_SHA3_384: 284 res = crypto_hmac_sha3_384_alloc_ctx(&c); 285 break; 286 case TEE_ALG_HMAC_SHA3_512: 287 res = crypto_hmac_sha3_512_alloc_ctx(&c); 288 break; 289 case TEE_ALG_HMAC_SM3: 290 res = crypto_hmac_sm3_alloc_ctx(&c); 291 break; 292 case TEE_ALG_AES_CBC_MAC_NOPAD: 293 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 294 break; 295 case TEE_ALG_AES_CBC_MAC_PKCS5: 296 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 297 break; 298 case TEE_ALG_DES_CBC_MAC_NOPAD: 299 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 300 break; 301 case TEE_ALG_DES_CBC_MAC_PKCS5: 302 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 303 break; 304 case TEE_ALG_DES3_CBC_MAC_NOPAD: 305 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 306 break; 307 case TEE_ALG_DES3_CBC_MAC_PKCS5: 308 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 309 break; 310 case TEE_ALG_DES3_CMAC: 311 res = crypto_des3_cmac_alloc_ctx(&c); 312 break; 313 case TEE_ALG_AES_CMAC: 314 res = crypto_aes_cmac_alloc_ctx(&c); 315 break; 316 default: 317 return TEE_ERROR_NOT_SUPPORTED; 318 } 319 } 320 321 if (!res) 322 *ctx = c; 323 324 return res; 325 } 326 327 static const struct crypto_mac_ops *mac_ops(void *ctx) 328 { 329 struct crypto_mac_ctx *c = ctx; 330 331 assert(c && c->ops); 332 333 return c->ops; 334 } 335 336 void crypto_mac_free_ctx(void *ctx) 337 { 338 if (ctx) 339 mac_ops(ctx)->free_ctx(ctx); 340 } 341 342 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx) 343 { 344 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 345 } 346 347 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len) 348 { 349 return mac_ops(ctx)->init(ctx, key, len); 350 } 351 352 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len) 353 { 354 if (!len) 355 return TEE_SUCCESS; 356 357 return mac_ops(ctx)->update(ctx, data, len); 358 } 359 360 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len) 361 { 362 return mac_ops(ctx)->final(ctx, digest, digest_len); 363 } 364 365 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 366 { 367 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 368 struct crypto_authenc_ctx *c = NULL; 369 370 /* 371 * Use default authenc implementation if no matching 372 * drvcrypt device. 373 */ 374 res = drvcrypt_authenc_alloc_ctx(&c, algo); 375 376 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 377 switch (algo) { 378 #if defined(CFG_CRYPTO_CCM) 379 case TEE_ALG_AES_CCM: 380 res = crypto_aes_ccm_alloc_ctx(&c); 381 break; 382 #endif 383 #if defined(CFG_CRYPTO_GCM) 384 case TEE_ALG_AES_GCM: 385 res = crypto_aes_gcm_alloc_ctx(&c); 386 break; 387 #endif 388 default: 389 break; 390 } 391 } 392 393 if (!res) 394 *ctx = c; 395 396 return res; 397 } 398 399 static const struct crypto_authenc_ops *ae_ops(void *ctx) 400 { 401 struct crypto_authenc_ctx *c = ctx; 402 403 assert(c && c->ops); 404 405 return c->ops; 406 } 407 408 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode, 409 const uint8_t *key, size_t key_len, 410 const uint8_t *nonce, size_t nonce_len, 411 size_t tag_len, size_t aad_len, 412 size_t payload_len) 413 { 414 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 415 tag_len, aad_len, payload_len); 416 } 417 418 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused, 419 const uint8_t *data, size_t len) 420 { 421 return ae_ops(ctx)->update_aad(ctx, data, len); 422 } 423 424 425 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode, 426 const uint8_t *src_data, 427 size_t src_len, uint8_t *dst_data, 428 size_t *dst_len) 429 { 430 if (*dst_len < src_len) 431 return TEE_ERROR_SHORT_BUFFER; 432 *dst_len = src_len; 433 434 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 435 dst_data); 436 } 437 438 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data, 439 size_t src_len, uint8_t *dst_data, 440 size_t *dst_len, uint8_t *dst_tag, 441 size_t *dst_tag_len) 442 { 443 if (*dst_len < src_len) 444 return TEE_ERROR_SHORT_BUFFER; 445 *dst_len = src_len; 446 447 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 448 dst_tag, dst_tag_len); 449 } 450 451 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data, 452 size_t src_len, uint8_t *dst_data, 453 size_t *dst_len, const uint8_t *tag, 454 size_t tag_len) 455 { 456 if (*dst_len < src_len) 457 return TEE_ERROR_SHORT_BUFFER; 458 *dst_len = src_len; 459 460 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 461 tag_len); 462 } 463 464 void crypto_authenc_final(void *ctx) 465 { 466 ae_ops(ctx)->final(ctx); 467 } 468 469 void crypto_authenc_free_ctx(void *ctx) 470 { 471 if (ctx) 472 ae_ops(ctx)->free_ctx(ctx); 473 } 474 475 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx) 476 { 477 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 478 } 479 480 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 481 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 482 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 483 { 484 return NULL; 485 } 486 487 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 488 size_t fromsize __unused, 489 struct bignum *to __unused) 490 { 491 return TEE_ERROR_NOT_IMPLEMENTED; 492 } 493 494 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 495 { 496 return 0; 497 } 498 499 size_t crypto_bignum_num_bits(struct bignum *a __unused) 500 { 501 return 0; 502 } 503 504 /* 505 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 506 * enough to guarantee that the functions calling this function aren't 507 * called, but just in case add a panic() here to avoid unexpected 508 * behavoir. 509 */ 510 static void bignum_cant_happen(void) 511 { 512 volatile bool b = true; 513 514 /* Avoid warning about function does not return */ 515 if (b) 516 panic(); 517 } 518 519 void crypto_bignum_bn2bin(const struct bignum *from __unused, 520 uint8_t *to __unused) 521 { 522 bignum_cant_happen(); 523 } 524 525 void crypto_bignum_copy(struct bignum *to __unused, 526 const struct bignum *from __unused) 527 { 528 bignum_cant_happen(); 529 } 530 531 void crypto_bignum_free(struct bignum **a) 532 { 533 if (a && *a) 534 panic(); 535 } 536 537 void crypto_bignum_clear(struct bignum *a __unused) 538 { 539 bignum_cant_happen(); 540 } 541 542 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 543 int32_t crypto_bignum_compare(struct bignum *a __unused, 544 struct bignum *b __unused) 545 { 546 bignum_cant_happen(); 547 return -1; 548 } 549 #endif 550 551 #if !defined(CFG_CRYPTO_RSA) 552 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 553 size_t key_size_bits __unused) 554 { 555 return TEE_ERROR_NOT_IMPLEMENTED; 556 } 557 558 TEE_Result 559 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 560 size_t key_size_bits __unused) 561 { 562 return TEE_ERROR_NOT_IMPLEMENTED; 563 } 564 565 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 566 { 567 } 568 569 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused) 570 { 571 } 572 573 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 574 size_t key_size __unused) 575 { 576 return TEE_ERROR_NOT_IMPLEMENTED; 577 } 578 579 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 580 const uint8_t *src __unused, 581 size_t src_len __unused, 582 uint8_t *dst __unused, 583 size_t *dst_len __unused) 584 { 585 return TEE_ERROR_NOT_IMPLEMENTED; 586 } 587 588 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 589 const uint8_t *src __unused, 590 size_t src_len __unused, 591 uint8_t *dst __unused, 592 size_t *dst_len __unused) 593 { 594 return TEE_ERROR_NOT_IMPLEMENTED; 595 } 596 597 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 598 struct rsa_keypair *key __unused, 599 const uint8_t *label __unused, 600 size_t label_len __unused, 601 const uint8_t *src __unused, 602 size_t src_len __unused, 603 uint8_t *dst __unused, 604 size_t *dst_len __unused) 605 { 606 return TEE_ERROR_NOT_IMPLEMENTED; 607 } 608 609 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 610 struct rsa_public_key *key __unused, 611 const uint8_t *label __unused, 612 size_t label_len __unused, 613 const uint8_t *src __unused, 614 size_t src_len __unused, 615 uint8_t *dst __unused, 616 size_t *dst_len __unused) 617 { 618 return TEE_ERROR_NOT_IMPLEMENTED; 619 } 620 621 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 622 struct rsa_keypair *key __unused, 623 int salt_len __unused, 624 const uint8_t *msg __unused, 625 size_t msg_len __unused, 626 uint8_t *sig __unused, 627 size_t *sig_len __unused) 628 { 629 return TEE_ERROR_NOT_IMPLEMENTED; 630 } 631 632 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 633 struct rsa_public_key *key __unused, 634 int salt_len __unused, 635 const uint8_t *msg __unused, 636 size_t msg_len __unused, 637 const uint8_t *sig __unused, 638 size_t sig_len __unused) 639 { 640 return TEE_ERROR_NOT_IMPLEMENTED; 641 } 642 #endif /*!CFG_CRYPTO_RSA*/ 643 644 #if !defined(CFG_CRYPTO_DSA) 645 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 646 size_t key_size_bits __unused) 647 { 648 return TEE_ERROR_NOT_IMPLEMENTED; 649 } 650 651 TEE_Result 652 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 653 size_t key_size_bits __unused) 654 { 655 return TEE_ERROR_NOT_IMPLEMENTED; 656 } 657 658 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 659 size_t key_size __unused) 660 { 661 return TEE_ERROR_NOT_IMPLEMENTED; 662 } 663 664 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 665 struct dsa_keypair *key __unused, 666 const uint8_t *msg __unused, 667 size_t msg_len __unused, 668 uint8_t *sig __unused, 669 size_t *sig_len __unused) 670 { 671 return TEE_ERROR_NOT_IMPLEMENTED; 672 } 673 674 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 675 struct dsa_public_key *key __unused, 676 const uint8_t *msg __unused, 677 size_t msg_len __unused, 678 const uint8_t *sig __unused, 679 size_t sig_len __unused) 680 { 681 return TEE_ERROR_NOT_IMPLEMENTED; 682 } 683 #endif /*!CFG_CRYPTO_DSA*/ 684 685 #if !defined(CFG_CRYPTO_DH) 686 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 687 size_t key_size_bits __unused) 688 { 689 return TEE_ERROR_NOT_IMPLEMENTED; 690 } 691 692 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 693 struct bignum *q __unused, 694 size_t xbits __unused, 695 size_t key_size __unused) 696 { 697 return TEE_ERROR_NOT_IMPLEMENTED; 698 } 699 700 TEE_Result 701 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 702 struct bignum *public_key __unused, 703 struct bignum *secret __unused) 704 { 705 return TEE_ERROR_NOT_IMPLEMENTED; 706 } 707 #endif /*!CFG_CRYPTO_DH*/ 708 709 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key, 710 uint32_t key_type, 711 size_t key_size_bits) 712 { 713 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 714 715 /* 716 * Use default cryptographic implementation if no matching 717 * drvcrypt device. 718 */ 719 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits); 720 if (res == TEE_ERROR_NOT_IMPLEMENTED) 721 res = crypto_asym_alloc_ecc_public_key(key, key_type, 722 key_size_bits); 723 724 return res; 725 } 726 727 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key, 728 uint32_t key_type, 729 size_t key_size_bits) 730 { 731 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 732 733 /* 734 * Use default cryptographic implementation if no matching 735 * drvcrypt device. 736 */ 737 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits); 738 if (res == TEE_ERROR_NOT_IMPLEMENTED) 739 res = crypto_asym_alloc_ecc_keypair(key, key_type, 740 key_size_bits); 741 742 return res; 743 } 744 745 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key) 746 { 747 assert(key->ops && key->ops->free); 748 749 key->ops->free(key); 750 } 751 752 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key, 753 size_t key_size_bits) 754 { 755 assert(key->ops && key->ops->generate); 756 757 return key->ops->generate(key, key_size_bits); 758 } 759 760 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key, 761 const uint8_t *msg, size_t msg_len, 762 uint8_t *sig, size_t *sig_len) 763 { 764 assert(key->ops); 765 766 if (!key->ops->sign) 767 return TEE_ERROR_NOT_IMPLEMENTED; 768 769 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len); 770 } 771 772 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key, 773 const uint8_t *msg, size_t msg_len, 774 const uint8_t *sig, size_t sig_len) 775 { 776 assert(key->ops); 777 778 if (!key->ops->verify) 779 return TEE_ERROR_NOT_IMPLEMENTED; 780 781 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len); 782 } 783 784 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key, 785 struct ecc_public_key *public_key, 786 void *secret, 787 unsigned long *secret_len) 788 { 789 assert(private_key->ops); 790 791 if (!private_key->ops->shared_secret) 792 return TEE_ERROR_NOT_IMPLEMENTED; 793 794 return private_key->ops->shared_secret(private_key, public_key, secret, 795 secret_len); 796 } 797 798 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key, 799 const uint8_t *src, size_t src_len, 800 uint8_t *dst, size_t *dst_len) 801 { 802 assert(key->ops); 803 804 if (!key->ops->decrypt) 805 return TEE_ERROR_NOT_IMPLEMENTED; 806 807 return key->ops->decrypt(key, src, src_len, dst, dst_len); 808 } 809 810 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key, 811 const uint8_t *src, size_t src_len, 812 uint8_t *dst, size_t *dst_len) 813 { 814 assert(key->ops); 815 816 if (!key->ops->encrypt) 817 return TEE_ERROR_NOT_IMPLEMENTED; 818 819 return key->ops->encrypt(key, src, src_len, dst, dst_len); 820 } 821 822 #if !defined(CFG_CRYPTO_SM2_KEP) 823 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused, 824 struct ecc_keypair *my_eph_key 825 __unused, 826 struct ecc_public_key *peer_key 827 __unused, 828 struct ecc_public_key *peer_eph_key 829 __unused, 830 struct sm2_kep_parms *p __unused) 831 { 832 return TEE_ERROR_NOT_IMPLEMENTED; 833 } 834 #endif 835 836 #if !defined(CFG_CRYPTO_X25519) 837 TEE_Result crypto_acipher_alloc_x25519_keypair(struct montgomery_keypair *key 838 __unused, 839 size_t key_size_bits __unused) 840 { 841 return TEE_ERROR_NOT_IMPLEMENTED; 842 } 843 844 TEE_Result crypto_acipher_gen_x25519_key(struct montgomery_keypair 845 *key __unused, 846 size_t key_size __unused) 847 { 848 return TEE_ERROR_NOT_IMPLEMENTED; 849 } 850 851 TEE_Result crypto_acipher_x25519_shared_secret(struct montgomery_keypair 852 *private_key __unused, 853 void *public_key __unused, 854 void *secret __unused, 855 unsigned long 856 *secret_len __unused) 857 { 858 return TEE_ERROR_NOT_IMPLEMENTED; 859 } 860 #endif 861 862 #if !defined(CFG_CRYPTO_X448) 863 TEE_Result crypto_acipher_alloc_x448_keypair(struct montgomery_keypair *key 864 __unused, 865 size_t key_size_bits __unused) 866 { 867 return TEE_ERROR_NOT_IMPLEMENTED; 868 } 869 870 TEE_Result crypto_acipher_gen_x448_key(struct montgomery_keypair *key __unused, 871 size_t key_size __unused) 872 { 873 return TEE_ERROR_NOT_IMPLEMENTED; 874 } 875 876 TEE_Result crypto_acipher_x448_shared_secret(struct montgomery_keypair 877 *private_key __unused, 878 void *public_key __unused, 879 void *secret __unused, 880 unsigned long 881 *secret_len __unused) 882 { 883 return TEE_ERROR_NOT_IMPLEMENTED; 884 } 885 #endif 886 887 #if !defined(CFG_CRYPTO_ED25519) 888 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key 889 __unused, 890 size_t key_size_bits __unused) 891 { 892 return TEE_ERROR_NOT_IMPLEMENTED; 893 } 894 895 TEE_Result 896 crypto_acipher_alloc_ed25519_public_key(struct ed25519_public_key *key __unused, 897 size_t key_size __unused) 898 { 899 return TEE_ERROR_NOT_IMPLEMENTED; 900 } 901 902 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key __unused, 903 size_t key_size __unused) 904 { 905 return TEE_ERROR_NOT_IMPLEMENTED; 906 } 907 908 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key __unused, 909 const uint8_t *msg __unused, 910 size_t msg_len __unused, 911 uint8_t *sig __unused, 912 size_t *sig_len __unused) 913 { 914 return TEE_ERROR_NOT_IMPLEMENTED; 915 } 916 917 TEE_Result 918 crypto_acipher_ed25519_verify(struct ed25519_public_key *key __unused, 919 const uint8_t *msg __unused, 920 size_t msg_len __unused, 921 const uint8_t *sig __unused, 922 size_t sig_len __unused) 923 { 924 return TEE_ERROR_NOT_IMPLEMENTED; 925 } 926 927 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key __unused, 928 const uint8_t *msg __unused, 929 size_t msg_len __unused, 930 uint8_t *sig __unused, 931 size_t *sig_len __unused, 932 bool ph_flag __unused, 933 const uint8_t *ctx __unused, 934 size_t ctxlen __unused) 935 { 936 return TEE_ERROR_NOT_IMPLEMENTED; 937 } 938 939 TEE_Result 940 crypto_acipher_ed25519ctx_verify(struct ed25519_public_key *key __unused, 941 const uint8_t *msg __unused, 942 size_t msg_len __unused, 943 const uint8_t *sig __unused, 944 size_t sig_len __unused, 945 bool ph_flag __unused, 946 const uint8_t *ctx __unused, 947 size_t ctxlen __unused) 948 { 949 return TEE_ERROR_NOT_IMPLEMENTED; 950 } 951 #endif 952 953 __weak TEE_Result crypto_storage_obj_del(struct tee_obj *obj __unused) 954 { 955 return TEE_ERROR_NOT_IMPLEMENTED; 956 } 957