1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/aes-ccm.h> 9 #include <crypto/aes-gcm.h> 10 #include <crypto/crypto.h> 11 #include <kernel/panic.h> 12 #include <stdlib.h> 13 #include <string.h> 14 15 #if !defined(_CFG_CRYPTO_WITH_HASH) 16 TEE_Result crypto_hash_alloc_ctx(void **ctx __unused, uint32_t algo __unused) 17 { 18 return TEE_ERROR_NOT_IMPLEMENTED; 19 } 20 21 void crypto_hash_free_ctx(void *ctx, uint32_t algo __unused) 22 { 23 if (ctx) 24 assert(0); 25 } 26 27 void crypto_hash_copy_state(void *dst_ctx __unused, void *src_ctx __unused, 28 uint32_t algo __unused) 29 { 30 assert(0); 31 } 32 33 TEE_Result crypto_hash_init(void *ctx __unused, uint32_t algo __unused) 34 { 35 return TEE_ERROR_NOT_IMPLEMENTED; 36 } 37 TEE_Result crypto_hash_update(void *ctx __unused, uint32_t algo __unused, 38 const uint8_t *data __unused, size_t len __unused) 39 { 40 return TEE_ERROR_NOT_IMPLEMENTED; 41 } 42 TEE_Result crypto_hash_final(void *ctx __unused, uint32_t algo __unused, 43 uint8_t *digest __unused, size_t len __unused) 44 { 45 return TEE_ERROR_NOT_IMPLEMENTED; 46 } 47 #endif /*_CFG_CRYPTO_WITH_HASH*/ 48 49 #if !defined(_CFG_CRYPTO_WITH_CIPHER) 50 TEE_Result crypto_cipher_alloc_ctx(void **ctx __unused, uint32_t algo __unused) 51 { 52 return TEE_ERROR_NOT_IMPLEMENTED; 53 } 54 55 void crypto_cipher_free_ctx(void *ctx, uint32_t algo __unused) 56 { 57 if (ctx) 58 assert(0); 59 } 60 61 void crypto_cipher_copy_state(void *dst_ctx __unused, void *src_ctx __unused, 62 uint32_t algo __unused) 63 { 64 assert(0); 65 } 66 67 TEE_Result crypto_cipher_init(void *ctx __unused, uint32_t algo __unused, 68 TEE_OperationMode mode __unused, 69 const uint8_t *key1 __unused, 70 size_t key1_len __unused, 71 const uint8_t *key2 __unused, 72 size_t key2_len __unused, 73 const uint8_t *iv __unused, 74 size_t iv_len __unused) 75 { 76 return TEE_ERROR_NOT_IMPLEMENTED; 77 } 78 79 TEE_Result crypto_cipher_update(void *ctx __unused, uint32_t algo __unused, 80 TEE_OperationMode mode __unused, 81 bool last_block __unused, 82 const uint8_t *data __unused, 83 size_t len __unused, uint8_t *dst __unused) 84 { 85 return TEE_ERROR_NOT_IMPLEMENTED; 86 } 87 88 void crypto_cipher_final(void *ctx __unused, uint32_t algo __unused) 89 { 90 } 91 92 TEE_Result crypto_cipher_get_block_size(uint32_t algo __unused, 93 size_t *size __unused) 94 { 95 return TEE_ERROR_NOT_IMPLEMENTED; 96 } 97 #endif /*_CFG_CRYPTO_WITH_CIPHER*/ 98 99 #if !defined(_CFG_CRYPTO_WITH_MAC) 100 TEE_Result crypto_mac_alloc_ctx(void **ctx __unused, uint32_t algo __unused) 101 { 102 return TEE_ERROR_NOT_IMPLEMENTED; 103 } 104 105 void crypto_mac_free_ctx(void *ctx, uint32_t algo __unused) 106 { 107 if (ctx) 108 assert(0); 109 } 110 111 void crypto_mac_copy_state(void *dst_ctx __unused, void *src_ctx __unused, 112 uint32_t algo __unused) 113 { 114 assert(0); 115 } 116 117 TEE_Result crypto_mac_init(void *ctx __unused, uint32_t algo __unused, 118 const uint8_t *key __unused, size_t len __unused) 119 { 120 return TEE_ERROR_NOT_IMPLEMENTED; 121 } 122 123 TEE_Result crypto_mac_update(void *ctx __unused, uint32_t algo __unused, 124 const uint8_t *data __unused, size_t len __unused) 125 { 126 return TEE_ERROR_NOT_IMPLEMENTED; 127 } 128 129 TEE_Result crypto_mac_final(void *ctx __unused, uint32_t algo __unused, 130 uint8_t *digest __unused, 131 size_t digest_len __unused) 132 { 133 return TEE_ERROR_NOT_IMPLEMENTED; 134 } 135 #endif /*_CFG_CRYPTO_WITH_MAC*/ 136 137 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 138 { 139 switch (algo) { 140 #if defined(CFG_CRYPTO_CCM) 141 case TEE_ALG_AES_CCM: 142 return crypto_aes_ccm_alloc_ctx(ctx); 143 #endif 144 #if defined(CFG_CRYPTO_GCM) 145 case TEE_ALG_AES_GCM: 146 return crypto_aes_gcm_alloc_ctx(ctx); 147 #endif 148 default: 149 return TEE_ERROR_NOT_IMPLEMENTED; 150 } 151 } 152 153 void crypto_authenc_free_ctx(void *ctx, uint32_t algo) 154 { 155 switch (algo) { 156 #if defined(CFG_CRYPTO_CCM) 157 case TEE_ALG_AES_CCM: 158 crypto_aes_ccm_free_ctx(ctx); 159 break; 160 #endif 161 #if defined(CFG_CRYPTO_GCM) 162 case TEE_ALG_AES_GCM: 163 crypto_aes_gcm_free_ctx(ctx); 164 break; 165 #endif 166 default: 167 if (ctx) 168 assert(0); 169 } 170 } 171 172 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo) 173 { 174 switch (algo) { 175 #if defined(CFG_CRYPTO_CCM) 176 case TEE_ALG_AES_CCM: 177 crypto_aes_ccm_copy_state(dst_ctx, src_ctx); 178 break; 179 #endif 180 #if defined(CFG_CRYPTO_GCM) 181 case TEE_ALG_AES_GCM: 182 crypto_aes_gcm_copy_state(dst_ctx, src_ctx); 183 break; 184 #endif 185 default: 186 assert(0); 187 } 188 } 189 190 TEE_Result crypto_authenc_init(void *ctx __maybe_unused, 191 uint32_t algo __maybe_unused, 192 TEE_OperationMode mode __maybe_unused, 193 const uint8_t *key __maybe_unused, 194 size_t key_len __maybe_unused, 195 const uint8_t *nonce __maybe_unused, 196 size_t nonce_len __maybe_unused, 197 size_t tag_len __maybe_unused, 198 size_t aad_len __maybe_unused, 199 size_t payload_len __maybe_unused) 200 { 201 switch (algo) { 202 #if defined(CFG_CRYPTO_CCM) 203 case TEE_ALG_AES_CCM: 204 return crypto_aes_ccm_init(ctx, mode, key, key_len, nonce, 205 nonce_len, tag_len, aad_len, 206 payload_len); 207 #endif 208 #if defined(CFG_CRYPTO_GCM) 209 case TEE_ALG_AES_GCM: 210 return crypto_aes_gcm_init(ctx, mode, key, key_len, nonce, 211 nonce_len, tag_len); 212 #endif 213 default: 214 return TEE_ERROR_NOT_IMPLEMENTED; 215 } 216 } 217 218 TEE_Result crypto_authenc_update_aad(void *ctx __maybe_unused, 219 uint32_t algo __maybe_unused, 220 TEE_OperationMode mode __unused, 221 const uint8_t *data __maybe_unused, 222 size_t len __maybe_unused) 223 { 224 switch (algo) { 225 #if defined(CFG_CRYPTO_CCM) 226 case TEE_ALG_AES_CCM: 227 return crypto_aes_ccm_update_aad(ctx, data, len); 228 #endif 229 #if defined(CFG_CRYPTO_GCM) 230 case TEE_ALG_AES_GCM: 231 return crypto_aes_gcm_update_aad(ctx, data, len); 232 #endif 233 default: 234 return TEE_ERROR_NOT_IMPLEMENTED; 235 } 236 } 237 238 TEE_Result crypto_authenc_update_payload(void *ctx __maybe_unused, 239 uint32_t algo __maybe_unused, 240 TEE_OperationMode mode __maybe_unused, 241 const uint8_t *src_data __maybe_unused, 242 size_t src_len __maybe_unused, 243 uint8_t *dst_data __maybe_unused, 244 size_t *dst_len __maybe_unused) 245 { 246 size_t dl = *dst_len; 247 248 *dst_len = src_len; 249 if (dl < src_len) 250 return TEE_ERROR_SHORT_BUFFER; 251 252 switch (algo) { 253 #if defined(CFG_CRYPTO_CCM) 254 case TEE_ALG_AES_CCM: 255 return crypto_aes_ccm_update_payload(ctx, mode, src_data, 256 src_len, dst_data); 257 #endif 258 #if defined(CFG_CRYPTO_GCM) 259 case TEE_ALG_AES_GCM: 260 return crypto_aes_gcm_update_payload(ctx, mode, src_data, 261 src_len, dst_data); 262 #endif 263 default: 264 return TEE_ERROR_NOT_IMPLEMENTED; 265 } 266 } 267 268 TEE_Result crypto_authenc_enc_final(void *ctx __maybe_unused, 269 uint32_t algo __maybe_unused, 270 const uint8_t *src_data __maybe_unused, 271 size_t src_len __maybe_unused, 272 uint8_t *dst_data __maybe_unused, 273 size_t *dst_len __maybe_unused, 274 uint8_t *dst_tag __maybe_unused, 275 size_t *dst_tag_len __maybe_unused) 276 { 277 size_t dl = *dst_len; 278 279 *dst_len = src_len; 280 if (dl < src_len) 281 return TEE_ERROR_SHORT_BUFFER; 282 283 switch (algo) { 284 #if defined(CFG_CRYPTO_CCM) 285 case TEE_ALG_AES_CCM: 286 return crypto_aes_ccm_enc_final(ctx, src_data, src_len, 287 dst_data, dst_tag, dst_tag_len); 288 #endif 289 #if defined(CFG_CRYPTO_GCM) 290 case TEE_ALG_AES_GCM: 291 return crypto_aes_gcm_enc_final(ctx, src_data, src_len, 292 dst_data, dst_tag, dst_tag_len); 293 #endif 294 default: 295 return TEE_ERROR_NOT_IMPLEMENTED; 296 } 297 } 298 299 TEE_Result crypto_authenc_dec_final(void *ctx __maybe_unused, 300 uint32_t algo __maybe_unused, 301 const uint8_t *src_data __maybe_unused, 302 size_t src_len __maybe_unused, 303 uint8_t *dst_data __maybe_unused, 304 size_t *dst_len __maybe_unused, 305 const uint8_t *tag __maybe_unused, 306 size_t tag_len __maybe_unused) 307 { 308 size_t dl = *dst_len; 309 310 *dst_len = src_len; 311 if (dl < src_len) 312 return TEE_ERROR_SHORT_BUFFER; 313 314 switch (algo) { 315 #if defined(CFG_CRYPTO_CCM) 316 case TEE_ALG_AES_CCM: 317 return crypto_aes_ccm_dec_final(ctx, src_data, src_len, 318 dst_data, tag, tag_len); 319 #endif 320 #if defined(CFG_CRYPTO_GCM) 321 case TEE_ALG_AES_GCM: 322 return crypto_aes_gcm_dec_final(ctx, src_data, src_len, 323 dst_data, tag, tag_len); 324 #endif 325 default: 326 return TEE_ERROR_NOT_IMPLEMENTED; 327 } 328 } 329 330 void crypto_authenc_final(void *ctx __maybe_unused, 331 uint32_t algo __maybe_unused) 332 { 333 switch (algo) { 334 #if defined(CFG_CRYPTO_CCM) 335 case TEE_ALG_AES_CCM: 336 crypto_aes_ccm_final(ctx); 337 break; 338 #endif 339 #if defined(CFG_CRYPTO_GCM) 340 case TEE_ALG_AES_GCM: 341 crypto_aes_gcm_final(ctx); 342 break; 343 #endif 344 default: 345 break; 346 } 347 } 348 349 #if !defined(_CFG_CRYPTO_WITH_ACIPHER) 350 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 351 { 352 return NULL; 353 } 354 355 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 356 size_t fromsize __unused, 357 struct bignum *to __unused) 358 { 359 return TEE_ERROR_NOT_IMPLEMENTED; 360 } 361 362 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 363 { 364 return 0; 365 } 366 367 size_t crypto_bignum_num_bits(struct bignum *a __unused) 368 { 369 return 0; 370 } 371 372 /* 373 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 374 * enough to guarantee that the functions calling this function aren't 375 * called, but just in case add a panic() here to avoid unexpected 376 * behavoir. 377 */ 378 static void bignum_cant_happen(void) 379 { 380 volatile bool b = true; 381 382 /* Avoid warning about function does not return */ 383 if (b) 384 panic(); 385 } 386 387 void crypto_bignum_bn2bin(const struct bignum *from __unused, 388 uint8_t *to __unused) 389 { 390 bignum_cant_happen(); 391 } 392 393 void crypto_bignum_copy(struct bignum *to __unused, 394 const struct bignum *from __unused) 395 { 396 bignum_cant_happen(); 397 } 398 399 void crypto_bignum_free(struct bignum *a) 400 { 401 if (a) 402 panic(); 403 } 404 405 void crypto_bignum_clear(struct bignum *a __unused) 406 { 407 bignum_cant_happen(); 408 } 409 410 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 411 int32_t crypto_bignum_compare(struct bignum *a __unused, 412 struct bignum *b __unused) 413 { 414 bignum_cant_happen(); 415 return -1; 416 } 417 #endif /*!_CFG_CRYPTO_WITH_ACIPHER*/ 418 419 #if !defined(CFG_CRYPTO_RSA) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 420 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 421 size_t key_size_bits __unused) 422 { 423 return TEE_ERROR_NOT_IMPLEMENTED; 424 } 425 426 TEE_Result 427 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 428 size_t key_size_bits __unused) 429 { 430 return TEE_ERROR_NOT_IMPLEMENTED; 431 } 432 433 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 434 { 435 } 436 437 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 438 size_t key_size __unused) 439 { 440 return TEE_ERROR_NOT_IMPLEMENTED; 441 } 442 443 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 444 const uint8_t *src __unused, 445 size_t src_len __unused, 446 uint8_t *dst __unused, 447 size_t *dst_len __unused) 448 { 449 return TEE_ERROR_NOT_IMPLEMENTED; 450 } 451 452 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 453 const uint8_t *src __unused, 454 size_t src_len __unused, 455 uint8_t *dst __unused, 456 size_t *dst_len __unused) 457 { 458 return TEE_ERROR_NOT_IMPLEMENTED; 459 } 460 461 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 462 struct rsa_keypair *key __unused, 463 const uint8_t *label __unused, 464 size_t label_len __unused, 465 const uint8_t *src __unused, 466 size_t src_len __unused, 467 uint8_t *dst __unused, 468 size_t *dst_len __unused) 469 { 470 return TEE_ERROR_NOT_IMPLEMENTED; 471 } 472 473 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 474 struct rsa_public_key *key __unused, 475 const uint8_t *label __unused, 476 size_t label_len __unused, 477 const uint8_t *src __unused, 478 size_t src_len __unused, 479 uint8_t *dst __unused, 480 size_t *dst_len __unused) 481 { 482 return TEE_ERROR_NOT_IMPLEMENTED; 483 } 484 485 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 486 struct rsa_keypair *key __unused, 487 int salt_len __unused, 488 const uint8_t *msg __unused, 489 size_t msg_len __unused, 490 uint8_t *sig __unused, 491 size_t *sig_len __unused) 492 { 493 return TEE_ERROR_NOT_IMPLEMENTED; 494 } 495 496 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 497 struct rsa_public_key *key __unused, 498 int salt_len __unused, 499 const uint8_t *msg __unused, 500 size_t msg_len __unused, 501 const uint8_t *sig __unused, 502 size_t sig_len __unused) 503 { 504 return TEE_ERROR_NOT_IMPLEMENTED; 505 } 506 #endif /*!CFG_CRYPTO_RSA || !_CFG_CRYPTO_WITH_ACIPHER*/ 507 508 #if !defined(CFG_CRYPTO_DSA) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 509 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 510 size_t key_size_bits __unused) 511 { 512 return TEE_ERROR_NOT_IMPLEMENTED; 513 } 514 515 TEE_Result 516 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 517 size_t key_size_bits __unused) 518 { 519 return TEE_ERROR_NOT_IMPLEMENTED; 520 } 521 522 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 523 size_t key_size __unused) 524 { 525 return TEE_ERROR_NOT_IMPLEMENTED; 526 } 527 528 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 529 struct dsa_keypair *key __unused, 530 const uint8_t *msg __unused, 531 size_t msg_len __unused, 532 uint8_t *sig __unused, 533 size_t *sig_len __unused) 534 { 535 return TEE_ERROR_NOT_IMPLEMENTED; 536 } 537 538 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 539 struct dsa_public_key *key __unused, 540 const uint8_t *msg __unused, 541 size_t msg_len __unused, 542 const uint8_t *sig __unused, 543 size_t sig_len __unused) 544 { 545 return TEE_ERROR_NOT_IMPLEMENTED; 546 } 547 #endif /*!CFG_CRYPTO_DSA || !_CFG_CRYPTO_WITH_ACIPHER*/ 548 549 #if !defined(CFG_CRYPTO_DH) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 550 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 551 size_t key_size_bits __unused) 552 { 553 return TEE_ERROR_NOT_IMPLEMENTED; 554 } 555 556 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 557 struct bignum *q __unused, 558 size_t xbits __unused) 559 { 560 return TEE_ERROR_NOT_IMPLEMENTED; 561 } 562 563 TEE_Result 564 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 565 struct bignum *public_key __unused, 566 struct bignum *secret __unused) 567 { 568 return TEE_ERROR_NOT_IMPLEMENTED; 569 } 570 #endif /*!CFG_CRYPTO_DH || !_CFG_CRYPTO_WITH_ACIPHER*/ 571 572 #if !defined(CFG_CRYPTO_ECC) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 573 TEE_Result 574 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 575 size_t key_size_bits __unused) 576 { 577 return TEE_ERROR_NOT_IMPLEMENTED; 578 } 579 580 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 581 size_t key_size_bits __unused) 582 { 583 return TEE_ERROR_NOT_IMPLEMENTED; 584 } 585 586 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 587 { 588 } 589 590 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 591 { 592 return TEE_ERROR_NOT_IMPLEMENTED; 593 } 594 595 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 596 struct ecc_keypair *key __unused, 597 const uint8_t *msg __unused, 598 size_t msg_len __unused, 599 uint8_t *sig __unused, 600 size_t *sig_len __unused) 601 { 602 return TEE_ERROR_NOT_IMPLEMENTED; 603 } 604 605 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 606 struct ecc_public_key *key __unused, 607 const uint8_t *msg __unused, 608 size_t msg_len __unused, 609 const uint8_t *sig __unused, 610 size_t sig_len __unused) 611 { 612 return TEE_ERROR_NOT_IMPLEMENTED; 613 } 614 615 TEE_Result 616 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 617 struct ecc_public_key *public_key __unused, 618 void *secret __unused, 619 unsigned long *secret_len __unused) 620 { 621 return TEE_ERROR_NOT_IMPLEMENTED; 622 } 623 #endif /*!CFG_CRYPTO_ECC || !_CFG_CRYPTO_WITH_ACIPHER*/ 624