1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/crypto.h> 9 #include <crypto/crypto_impl.h> 10 #include <kernel/panic.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <utee_defines.h> 14 15 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 16 { 17 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 18 struct crypto_hash_ctx *c = NULL; 19 20 /* 21 * Use default cryptographic implement if no matching 22 * drvcrypt device. 23 */ 24 res = drvcrypt_hash_alloc_ctx(&c, algo); 25 26 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 27 switch (algo) { 28 case TEE_ALG_MD5: 29 res = crypto_md5_alloc_ctx(&c); 30 break; 31 case TEE_ALG_SHA1: 32 res = crypto_sha1_alloc_ctx(&c); 33 break; 34 case TEE_ALG_SHA224: 35 res = crypto_sha224_alloc_ctx(&c); 36 break; 37 case TEE_ALG_SHA256: 38 res = crypto_sha256_alloc_ctx(&c); 39 break; 40 case TEE_ALG_SHA384: 41 res = crypto_sha384_alloc_ctx(&c); 42 break; 43 case TEE_ALG_SHA512: 44 res = crypto_sha512_alloc_ctx(&c); 45 break; 46 default: 47 break; 48 } 49 } 50 51 if (!res) 52 *ctx = c; 53 54 return res; 55 } 56 57 static const struct crypto_hash_ops *hash_ops(void *ctx) 58 { 59 struct crypto_hash_ctx *c = ctx; 60 61 assert(c && c->ops); 62 63 return c->ops; 64 } 65 66 void crypto_hash_free_ctx(void *ctx) 67 { 68 if (ctx) 69 hash_ops(ctx)->free_ctx(ctx); 70 } 71 72 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 73 { 74 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 75 } 76 77 TEE_Result crypto_hash_init(void *ctx) 78 { 79 return hash_ops(ctx)->init(ctx); 80 } 81 82 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 83 { 84 return hash_ops(ctx)->update(ctx, data, len); 85 } 86 87 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 88 { 89 return hash_ops(ctx)->final(ctx, digest, len); 90 } 91 92 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 93 { 94 TEE_Result res = TEE_SUCCESS; 95 struct crypto_cipher_ctx *c = NULL; 96 97 switch (algo) { 98 case TEE_ALG_AES_ECB_NOPAD: 99 res = crypto_aes_ecb_alloc_ctx(&c); 100 break; 101 case TEE_ALG_AES_CBC_NOPAD: 102 res = crypto_aes_cbc_alloc_ctx(&c); 103 break; 104 case TEE_ALG_AES_CTR: 105 res = crypto_aes_ctr_alloc_ctx(&c); 106 break; 107 case TEE_ALG_AES_CTS: 108 res = crypto_aes_cts_alloc_ctx(&c); 109 break; 110 case TEE_ALG_AES_XTS: 111 res = crypto_aes_xts_alloc_ctx(&c); 112 break; 113 case TEE_ALG_DES_ECB_NOPAD: 114 res = crypto_des_ecb_alloc_ctx(&c); 115 break; 116 case TEE_ALG_DES3_ECB_NOPAD: 117 res = crypto_des3_ecb_alloc_ctx(&c); 118 break; 119 case TEE_ALG_DES_CBC_NOPAD: 120 res = crypto_des_cbc_alloc_ctx(&c); 121 break; 122 case TEE_ALG_DES3_CBC_NOPAD: 123 res = crypto_des3_cbc_alloc_ctx(&c); 124 break; 125 default: 126 return TEE_ERROR_NOT_IMPLEMENTED; 127 } 128 129 if (!res) 130 *ctx = c; 131 132 return res; 133 } 134 135 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 136 { 137 struct crypto_cipher_ctx *c = ctx; 138 139 assert(c && c->ops); 140 141 return c->ops; 142 } 143 144 void crypto_cipher_free_ctx(void *ctx, uint32_t algo __unused) 145 { 146 if (ctx) 147 cipher_ops(ctx)->free_ctx(ctx); 148 } 149 150 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx, 151 uint32_t algo __unused) 152 { 153 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 154 } 155 156 TEE_Result crypto_cipher_init(void *ctx __unused, uint32_t algo __unused, 157 TEE_OperationMode mode, const uint8_t *key1, 158 size_t key1_len, const uint8_t *key2, 159 size_t key2_len, const uint8_t *iv, size_t iv_len) 160 { 161 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 162 return TEE_ERROR_BAD_PARAMETERS; 163 164 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 165 iv, iv_len); 166 } 167 168 TEE_Result crypto_cipher_update(void *ctx, uint32_t algo __unused, 169 TEE_OperationMode mode __unused, 170 bool last_block, const uint8_t *data, 171 size_t len, uint8_t *dst) 172 { 173 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 174 } 175 176 void crypto_cipher_final(void *ctx, uint32_t algo __unused) 177 { 178 cipher_ops(ctx)->final(ctx); 179 } 180 181 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 182 { 183 uint32_t class = TEE_ALG_GET_CLASS(algo); 184 185 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 186 class != TEE_OPERATION_AE) 187 return TEE_ERROR_BAD_PARAMETERS; 188 189 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 190 case TEE_MAIN_ALGO_AES: 191 *size = TEE_AES_BLOCK_SIZE; 192 return TEE_SUCCESS; 193 case TEE_MAIN_ALGO_DES: 194 case TEE_MAIN_ALGO_DES3: 195 *size = TEE_DES_BLOCK_SIZE; 196 return TEE_SUCCESS; 197 default: 198 return TEE_ERROR_NOT_SUPPORTED; 199 } 200 } 201 202 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 203 { 204 TEE_Result res = TEE_SUCCESS; 205 struct crypto_mac_ctx *c = NULL; 206 207 switch (algo) { 208 case TEE_ALG_HMAC_MD5: 209 res = crypto_hmac_md5_alloc_ctx(&c); 210 break; 211 case TEE_ALG_HMAC_SHA1: 212 res = crypto_hmac_sha1_alloc_ctx(&c); 213 break; 214 case TEE_ALG_HMAC_SHA224: 215 res = crypto_hmac_sha224_alloc_ctx(&c); 216 break; 217 case TEE_ALG_HMAC_SHA256: 218 res = crypto_hmac_sha256_alloc_ctx(&c); 219 break; 220 case TEE_ALG_HMAC_SHA384: 221 res = crypto_hmac_sha384_alloc_ctx(&c); 222 break; 223 case TEE_ALG_HMAC_SHA512: 224 res = crypto_hmac_sha512_alloc_ctx(&c); 225 break; 226 case TEE_ALG_AES_CBC_MAC_NOPAD: 227 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 228 break; 229 case TEE_ALG_AES_CBC_MAC_PKCS5: 230 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 231 break; 232 case TEE_ALG_DES_CBC_MAC_NOPAD: 233 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 234 break; 235 case TEE_ALG_DES_CBC_MAC_PKCS5: 236 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 237 break; 238 case TEE_ALG_DES3_CBC_MAC_NOPAD: 239 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 240 break; 241 case TEE_ALG_DES3_CBC_MAC_PKCS5: 242 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 243 break; 244 case TEE_ALG_AES_CMAC: 245 res = crypto_aes_cmac_alloc_ctx(&c); 246 break; 247 default: 248 return TEE_ERROR_NOT_SUPPORTED; 249 } 250 251 if (!res) 252 *ctx = c; 253 254 return res; 255 } 256 257 static const struct crypto_mac_ops *mac_ops(void *ctx) 258 { 259 struct crypto_mac_ctx *c = ctx; 260 261 assert(c && c->ops); 262 263 return c->ops; 264 } 265 266 void crypto_mac_free_ctx(void *ctx, uint32_t algo __unused) 267 { 268 if (ctx) 269 mac_ops(ctx)->free_ctx(ctx); 270 } 271 272 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo __unused) 273 { 274 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 275 } 276 277 TEE_Result crypto_mac_init(void *ctx, uint32_t algo __unused, 278 const uint8_t *key, size_t len) 279 { 280 return mac_ops(ctx)->init(ctx, key, len); 281 } 282 283 TEE_Result crypto_mac_update(void *ctx, uint32_t algo __unused, 284 const uint8_t *data, size_t len) 285 { 286 if (!len) 287 return TEE_SUCCESS; 288 289 return mac_ops(ctx)->update(ctx, data, len); 290 } 291 292 TEE_Result crypto_mac_final(void *ctx, uint32_t algo __unused, 293 uint8_t *digest, size_t digest_len) 294 { 295 return mac_ops(ctx)->final(ctx, digest, digest_len); 296 } 297 298 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 299 { 300 TEE_Result res = TEE_SUCCESS; 301 struct crypto_authenc_ctx *c = NULL; 302 303 switch (algo) { 304 #if defined(CFG_CRYPTO_CCM) 305 case TEE_ALG_AES_CCM: 306 res = crypto_aes_ccm_alloc_ctx(&c); 307 break; 308 #endif 309 #if defined(CFG_CRYPTO_GCM) 310 case TEE_ALG_AES_GCM: 311 res = crypto_aes_gcm_alloc_ctx(&c); 312 break; 313 #endif 314 default: 315 return TEE_ERROR_NOT_IMPLEMENTED; 316 } 317 318 if (!res) 319 *ctx = c; 320 321 return res; 322 } 323 324 static const struct crypto_authenc_ops *ae_ops(void *ctx) 325 { 326 struct crypto_authenc_ctx *c = ctx; 327 328 assert(c && c->ops); 329 330 return c->ops; 331 } 332 333 TEE_Result crypto_authenc_init(void *ctx, uint32_t algo __unused, 334 TEE_OperationMode mode, 335 const uint8_t *key, size_t key_len, 336 const uint8_t *nonce, size_t nonce_len, 337 size_t tag_len, size_t aad_len, 338 size_t payload_len) 339 { 340 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 341 tag_len, aad_len, payload_len); 342 } 343 344 TEE_Result crypto_authenc_update_aad(void *ctx, uint32_t algo __unused, 345 TEE_OperationMode mode __unused, 346 const uint8_t *data, size_t len) 347 { 348 return ae_ops(ctx)->update_aad(ctx, data, len); 349 } 350 351 352 TEE_Result crypto_authenc_update_payload(void *ctx, uint32_t algo __unused, 353 TEE_OperationMode mode, 354 const uint8_t *src_data, 355 size_t src_len, uint8_t *dst_data, 356 size_t *dst_len) 357 { 358 if (*dst_len < src_len) 359 return TEE_ERROR_SHORT_BUFFER; 360 *dst_len = src_len; 361 362 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 363 dst_data); 364 } 365 366 TEE_Result crypto_authenc_enc_final(void *ctx, uint32_t algo __unused, 367 const uint8_t *src_data, size_t src_len, 368 uint8_t *dst_data, size_t *dst_len, 369 uint8_t *dst_tag, size_t *dst_tag_len) 370 { 371 if (*dst_len < src_len) 372 return TEE_ERROR_SHORT_BUFFER; 373 *dst_len = src_len; 374 375 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 376 dst_tag, dst_tag_len); 377 } 378 379 TEE_Result crypto_authenc_dec_final(void *ctx, uint32_t algo __unused, 380 const uint8_t *src_data, size_t src_len, 381 uint8_t *dst_data, size_t *dst_len, 382 const uint8_t *tag, size_t tag_len) 383 { 384 if (*dst_len < src_len) 385 return TEE_ERROR_SHORT_BUFFER; 386 *dst_len = src_len; 387 388 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 389 tag_len); 390 } 391 392 void crypto_authenc_final(void *ctx, uint32_t algo __unused) 393 { 394 ae_ops(ctx)->final(ctx); 395 } 396 397 void crypto_authenc_free_ctx(void *ctx, uint32_t algo __unused) 398 { 399 if (ctx) 400 ae_ops(ctx)->free_ctx(ctx); 401 } 402 403 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, 404 uint32_t algo __unused) 405 { 406 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 407 } 408 409 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 410 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 411 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 412 { 413 return NULL; 414 } 415 416 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 417 size_t fromsize __unused, 418 struct bignum *to __unused) 419 { 420 return TEE_ERROR_NOT_IMPLEMENTED; 421 } 422 423 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 424 { 425 return 0; 426 } 427 428 size_t crypto_bignum_num_bits(struct bignum *a __unused) 429 { 430 return 0; 431 } 432 433 /* 434 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 435 * enough to guarantee that the functions calling this function aren't 436 * called, but just in case add a panic() here to avoid unexpected 437 * behavoir. 438 */ 439 static void bignum_cant_happen(void) 440 { 441 volatile bool b = true; 442 443 /* Avoid warning about function does not return */ 444 if (b) 445 panic(); 446 } 447 448 void crypto_bignum_bn2bin(const struct bignum *from __unused, 449 uint8_t *to __unused) 450 { 451 bignum_cant_happen(); 452 } 453 454 void crypto_bignum_copy(struct bignum *to __unused, 455 const struct bignum *from __unused) 456 { 457 bignum_cant_happen(); 458 } 459 460 void crypto_bignum_free(struct bignum *a) 461 { 462 if (a) 463 panic(); 464 } 465 466 void crypto_bignum_clear(struct bignum *a __unused) 467 { 468 bignum_cant_happen(); 469 } 470 471 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 472 int32_t crypto_bignum_compare(struct bignum *a __unused, 473 struct bignum *b __unused) 474 { 475 bignum_cant_happen(); 476 return -1; 477 } 478 #endif 479 480 #if !defined(CFG_CRYPTO_RSA) 481 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 482 size_t key_size_bits __unused) 483 { 484 return TEE_ERROR_NOT_IMPLEMENTED; 485 } 486 487 TEE_Result 488 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 489 size_t key_size_bits __unused) 490 { 491 return TEE_ERROR_NOT_IMPLEMENTED; 492 } 493 494 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 495 { 496 } 497 498 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 499 size_t key_size __unused) 500 { 501 return TEE_ERROR_NOT_IMPLEMENTED; 502 } 503 504 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 505 const uint8_t *src __unused, 506 size_t src_len __unused, 507 uint8_t *dst __unused, 508 size_t *dst_len __unused) 509 { 510 return TEE_ERROR_NOT_IMPLEMENTED; 511 } 512 513 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 514 const uint8_t *src __unused, 515 size_t src_len __unused, 516 uint8_t *dst __unused, 517 size_t *dst_len __unused) 518 { 519 return TEE_ERROR_NOT_IMPLEMENTED; 520 } 521 522 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 523 struct rsa_keypair *key __unused, 524 const uint8_t *label __unused, 525 size_t label_len __unused, 526 const uint8_t *src __unused, 527 size_t src_len __unused, 528 uint8_t *dst __unused, 529 size_t *dst_len __unused) 530 { 531 return TEE_ERROR_NOT_IMPLEMENTED; 532 } 533 534 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 535 struct rsa_public_key *key __unused, 536 const uint8_t *label __unused, 537 size_t label_len __unused, 538 const uint8_t *src __unused, 539 size_t src_len __unused, 540 uint8_t *dst __unused, 541 size_t *dst_len __unused) 542 { 543 return TEE_ERROR_NOT_IMPLEMENTED; 544 } 545 546 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 547 struct rsa_keypair *key __unused, 548 int salt_len __unused, 549 const uint8_t *msg __unused, 550 size_t msg_len __unused, 551 uint8_t *sig __unused, 552 size_t *sig_len __unused) 553 { 554 return TEE_ERROR_NOT_IMPLEMENTED; 555 } 556 557 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 558 struct rsa_public_key *key __unused, 559 int salt_len __unused, 560 const uint8_t *msg __unused, 561 size_t msg_len __unused, 562 const uint8_t *sig __unused, 563 size_t sig_len __unused) 564 { 565 return TEE_ERROR_NOT_IMPLEMENTED; 566 } 567 #endif /*!CFG_CRYPTO_RSA*/ 568 569 #if !defined(CFG_CRYPTO_DSA) 570 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 571 size_t key_size_bits __unused) 572 { 573 return TEE_ERROR_NOT_IMPLEMENTED; 574 } 575 576 TEE_Result 577 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 578 size_t key_size_bits __unused) 579 { 580 return TEE_ERROR_NOT_IMPLEMENTED; 581 } 582 583 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 584 size_t key_size __unused) 585 { 586 return TEE_ERROR_NOT_IMPLEMENTED; 587 } 588 589 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 590 struct dsa_keypair *key __unused, 591 const uint8_t *msg __unused, 592 size_t msg_len __unused, 593 uint8_t *sig __unused, 594 size_t *sig_len __unused) 595 { 596 return TEE_ERROR_NOT_IMPLEMENTED; 597 } 598 599 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 600 struct dsa_public_key *key __unused, 601 const uint8_t *msg __unused, 602 size_t msg_len __unused, 603 const uint8_t *sig __unused, 604 size_t sig_len __unused) 605 { 606 return TEE_ERROR_NOT_IMPLEMENTED; 607 } 608 #endif /*!CFG_CRYPTO_DSA*/ 609 610 #if !defined(CFG_CRYPTO_DH) 611 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 612 size_t key_size_bits __unused) 613 { 614 return TEE_ERROR_NOT_IMPLEMENTED; 615 } 616 617 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 618 struct bignum *q __unused, 619 size_t xbits __unused) 620 { 621 return TEE_ERROR_NOT_IMPLEMENTED; 622 } 623 624 TEE_Result 625 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 626 struct bignum *public_key __unused, 627 struct bignum *secret __unused) 628 { 629 return TEE_ERROR_NOT_IMPLEMENTED; 630 } 631 #endif /*!CFG_CRYPTO_DH*/ 632 633 #if !defined(CFG_CRYPTO_ECC) 634 TEE_Result 635 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 636 size_t key_size_bits __unused) 637 { 638 return TEE_ERROR_NOT_IMPLEMENTED; 639 } 640 641 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 642 size_t key_size_bits __unused) 643 { 644 return TEE_ERROR_NOT_IMPLEMENTED; 645 } 646 647 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 648 { 649 } 650 651 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 652 { 653 return TEE_ERROR_NOT_IMPLEMENTED; 654 } 655 656 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 657 struct ecc_keypair *key __unused, 658 const uint8_t *msg __unused, 659 size_t msg_len __unused, 660 uint8_t *sig __unused, 661 size_t *sig_len __unused) 662 { 663 return TEE_ERROR_NOT_IMPLEMENTED; 664 } 665 666 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 667 struct ecc_public_key *key __unused, 668 const uint8_t *msg __unused, 669 size_t msg_len __unused, 670 const uint8_t *sig __unused, 671 size_t sig_len __unused) 672 { 673 return TEE_ERROR_NOT_IMPLEMENTED; 674 } 675 676 TEE_Result 677 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 678 struct ecc_public_key *public_key __unused, 679 void *secret __unused, 680 unsigned long *secret_len __unused) 681 { 682 return TEE_ERROR_NOT_IMPLEMENTED; 683 } 684 #endif /*!CFG_CRYPTO_ECC*/ 685