1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 * Copyright 2020 NXP 5 * Copyright 2021, SumUp Service GmbH 6 */ 7 8 #include <assert.h> 9 #include <compiler.h> 10 #include <crypto/crypto.h> 11 #include <crypto/crypto_impl.h> 12 #include <kernel/panic.h> 13 #include <stdlib.h> 14 #include <string.h> 15 #include <utee_defines.h> 16 17 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 18 { 19 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 20 struct crypto_hash_ctx *c = NULL; 21 22 /* 23 * Use default cryptographic implementation if no matching 24 * drvcrypt device. 25 */ 26 res = drvcrypt_hash_alloc_ctx(&c, algo); 27 28 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 29 switch (algo) { 30 case TEE_ALG_MD5: 31 res = crypto_md5_alloc_ctx(&c); 32 break; 33 case TEE_ALG_SHA1: 34 res = crypto_sha1_alloc_ctx(&c); 35 break; 36 case TEE_ALG_SHA224: 37 res = crypto_sha224_alloc_ctx(&c); 38 break; 39 case TEE_ALG_SHA256: 40 res = crypto_sha256_alloc_ctx(&c); 41 break; 42 case TEE_ALG_SHA384: 43 res = crypto_sha384_alloc_ctx(&c); 44 break; 45 case TEE_ALG_SHA512: 46 res = crypto_sha512_alloc_ctx(&c); 47 break; 48 case TEE_ALG_SM3: 49 res = crypto_sm3_alloc_ctx(&c); 50 break; 51 default: 52 break; 53 } 54 } 55 56 if (!res) 57 *ctx = c; 58 59 return res; 60 } 61 62 static const struct crypto_hash_ops *hash_ops(void *ctx) 63 { 64 struct crypto_hash_ctx *c = ctx; 65 66 assert(c && c->ops); 67 68 return c->ops; 69 } 70 71 void crypto_hash_free_ctx(void *ctx) 72 { 73 if (ctx) 74 hash_ops(ctx)->free_ctx(ctx); 75 } 76 77 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 78 { 79 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 80 } 81 82 TEE_Result crypto_hash_init(void *ctx) 83 { 84 return hash_ops(ctx)->init(ctx); 85 } 86 87 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 88 { 89 return hash_ops(ctx)->update(ctx, data, len); 90 } 91 92 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 93 { 94 return hash_ops(ctx)->final(ctx, digest, len); 95 } 96 97 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 98 { 99 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 100 struct crypto_cipher_ctx *c = NULL; 101 102 /* 103 * Use default cryptographic implementation if no matching 104 * drvcrypt device. 105 */ 106 res = drvcrypt_cipher_alloc_ctx(&c, algo); 107 108 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 109 switch (algo) { 110 case TEE_ALG_AES_ECB_NOPAD: 111 res = crypto_aes_ecb_alloc_ctx(&c); 112 break; 113 case TEE_ALG_AES_CBC_NOPAD: 114 res = crypto_aes_cbc_alloc_ctx(&c); 115 break; 116 case TEE_ALG_AES_CTR: 117 res = crypto_aes_ctr_alloc_ctx(&c); 118 break; 119 case TEE_ALG_AES_CTS: 120 res = crypto_aes_cts_alloc_ctx(&c); 121 break; 122 case TEE_ALG_AES_XTS: 123 res = crypto_aes_xts_alloc_ctx(&c); 124 break; 125 case TEE_ALG_DES_ECB_NOPAD: 126 res = crypto_des_ecb_alloc_ctx(&c); 127 break; 128 case TEE_ALG_DES3_ECB_NOPAD: 129 res = crypto_des3_ecb_alloc_ctx(&c); 130 break; 131 case TEE_ALG_DES_CBC_NOPAD: 132 res = crypto_des_cbc_alloc_ctx(&c); 133 break; 134 case TEE_ALG_DES3_CBC_NOPAD: 135 res = crypto_des3_cbc_alloc_ctx(&c); 136 break; 137 case TEE_ALG_SM4_ECB_NOPAD: 138 res = crypto_sm4_ecb_alloc_ctx(&c); 139 break; 140 case TEE_ALG_SM4_CBC_NOPAD: 141 res = crypto_sm4_cbc_alloc_ctx(&c); 142 break; 143 case TEE_ALG_SM4_CTR: 144 res = crypto_sm4_ctr_alloc_ctx(&c); 145 break; 146 case TEE_ALG_SM4_XTS: 147 res = crypto_sm4_xts_alloc_ctx(&c); 148 break; 149 default: 150 return TEE_ERROR_NOT_IMPLEMENTED; 151 } 152 } 153 154 if (!res) 155 *ctx = c; 156 157 return res; 158 } 159 160 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 161 { 162 struct crypto_cipher_ctx *c = ctx; 163 164 assert(c && c->ops); 165 166 return c->ops; 167 } 168 169 void crypto_cipher_free_ctx(void *ctx) 170 { 171 if (ctx) 172 cipher_ops(ctx)->free_ctx(ctx); 173 } 174 175 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx) 176 { 177 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 178 } 179 180 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode, 181 const uint8_t *key1, size_t key1_len, 182 const uint8_t *key2, size_t key2_len, 183 const uint8_t *iv, size_t iv_len) 184 { 185 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 186 return TEE_ERROR_BAD_PARAMETERS; 187 188 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 189 iv, iv_len); 190 } 191 192 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused, 193 bool last_block, const uint8_t *data, 194 size_t len, uint8_t *dst) 195 { 196 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 197 } 198 199 void crypto_cipher_final(void *ctx) 200 { 201 cipher_ops(ctx)->final(ctx); 202 } 203 204 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 205 { 206 uint32_t class = TEE_ALG_GET_CLASS(algo); 207 208 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 209 class != TEE_OPERATION_AE) 210 return TEE_ERROR_BAD_PARAMETERS; 211 212 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 213 case TEE_MAIN_ALGO_AES: 214 *size = TEE_AES_BLOCK_SIZE; 215 return TEE_SUCCESS; 216 case TEE_MAIN_ALGO_DES: 217 case TEE_MAIN_ALGO_DES3: 218 *size = TEE_DES_BLOCK_SIZE; 219 return TEE_SUCCESS; 220 case TEE_MAIN_ALGO_SM4: 221 *size = TEE_SM4_BLOCK_SIZE; 222 return TEE_SUCCESS; 223 default: 224 return TEE_ERROR_NOT_SUPPORTED; 225 } 226 } 227 228 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 229 { 230 TEE_Result res = TEE_SUCCESS; 231 struct crypto_mac_ctx *c = NULL; 232 233 /* 234 * Use default cryptographic implementation if no matching 235 * drvcrypt device. 236 */ 237 res = drvcrypt_mac_alloc_ctx(&c, algo); 238 239 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 240 switch (algo) { 241 case TEE_ALG_HMAC_MD5: 242 res = crypto_hmac_md5_alloc_ctx(&c); 243 break; 244 case TEE_ALG_HMAC_SHA1: 245 res = crypto_hmac_sha1_alloc_ctx(&c); 246 break; 247 case TEE_ALG_HMAC_SHA224: 248 res = crypto_hmac_sha224_alloc_ctx(&c); 249 break; 250 case TEE_ALG_HMAC_SHA256: 251 res = crypto_hmac_sha256_alloc_ctx(&c); 252 break; 253 case TEE_ALG_HMAC_SHA384: 254 res = crypto_hmac_sha384_alloc_ctx(&c); 255 break; 256 case TEE_ALG_HMAC_SHA512: 257 res = crypto_hmac_sha512_alloc_ctx(&c); 258 break; 259 case TEE_ALG_HMAC_SM3: 260 res = crypto_hmac_sm3_alloc_ctx(&c); 261 break; 262 case TEE_ALG_AES_CBC_MAC_NOPAD: 263 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 264 break; 265 case TEE_ALG_AES_CBC_MAC_PKCS5: 266 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 267 break; 268 case TEE_ALG_DES_CBC_MAC_NOPAD: 269 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 270 break; 271 case TEE_ALG_DES_CBC_MAC_PKCS5: 272 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 273 break; 274 case TEE_ALG_DES3_CBC_MAC_NOPAD: 275 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 276 break; 277 case TEE_ALG_DES3_CBC_MAC_PKCS5: 278 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 279 break; 280 case TEE_ALG_DES3_CMAC: 281 res = crypto_des3_cmac_alloc_ctx(&c); 282 break; 283 case TEE_ALG_AES_CMAC: 284 res = crypto_aes_cmac_alloc_ctx(&c); 285 break; 286 default: 287 return TEE_ERROR_NOT_SUPPORTED; 288 } 289 } 290 291 if (!res) 292 *ctx = c; 293 294 return res; 295 } 296 297 static const struct crypto_mac_ops *mac_ops(void *ctx) 298 { 299 struct crypto_mac_ctx *c = ctx; 300 301 assert(c && c->ops); 302 303 return c->ops; 304 } 305 306 void crypto_mac_free_ctx(void *ctx) 307 { 308 if (ctx) 309 mac_ops(ctx)->free_ctx(ctx); 310 } 311 312 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx) 313 { 314 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 315 } 316 317 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len) 318 { 319 return mac_ops(ctx)->init(ctx, key, len); 320 } 321 322 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len) 323 { 324 if (!len) 325 return TEE_SUCCESS; 326 327 return mac_ops(ctx)->update(ctx, data, len); 328 } 329 330 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len) 331 { 332 return mac_ops(ctx)->final(ctx, digest, digest_len); 333 } 334 335 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 336 { 337 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 338 struct crypto_authenc_ctx *c = NULL; 339 340 /* 341 * Use default authenc implementation if no matching 342 * drvcrypt device. 343 */ 344 res = drvcrypt_authenc_alloc_ctx(&c, algo); 345 346 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 347 switch (algo) { 348 #if defined(CFG_CRYPTO_CCM) 349 case TEE_ALG_AES_CCM: 350 res = crypto_aes_ccm_alloc_ctx(&c); 351 break; 352 #endif 353 #if defined(CFG_CRYPTO_GCM) 354 case TEE_ALG_AES_GCM: 355 res = crypto_aes_gcm_alloc_ctx(&c); 356 break; 357 #endif 358 default: 359 break; 360 } 361 } 362 363 if (!res) 364 *ctx = c; 365 366 return res; 367 } 368 369 static const struct crypto_authenc_ops *ae_ops(void *ctx) 370 { 371 struct crypto_authenc_ctx *c = ctx; 372 373 assert(c && c->ops); 374 375 return c->ops; 376 } 377 378 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode, 379 const uint8_t *key, size_t key_len, 380 const uint8_t *nonce, size_t nonce_len, 381 size_t tag_len, size_t aad_len, 382 size_t payload_len) 383 { 384 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 385 tag_len, aad_len, payload_len); 386 } 387 388 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused, 389 const uint8_t *data, size_t len) 390 { 391 return ae_ops(ctx)->update_aad(ctx, data, len); 392 } 393 394 395 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode, 396 const uint8_t *src_data, 397 size_t src_len, uint8_t *dst_data, 398 size_t *dst_len) 399 { 400 if (*dst_len < src_len) 401 return TEE_ERROR_SHORT_BUFFER; 402 *dst_len = src_len; 403 404 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 405 dst_data); 406 } 407 408 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data, 409 size_t src_len, uint8_t *dst_data, 410 size_t *dst_len, uint8_t *dst_tag, 411 size_t *dst_tag_len) 412 { 413 if (*dst_len < src_len) 414 return TEE_ERROR_SHORT_BUFFER; 415 *dst_len = src_len; 416 417 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 418 dst_tag, dst_tag_len); 419 } 420 421 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data, 422 size_t src_len, uint8_t *dst_data, 423 size_t *dst_len, const uint8_t *tag, 424 size_t tag_len) 425 { 426 if (*dst_len < src_len) 427 return TEE_ERROR_SHORT_BUFFER; 428 *dst_len = src_len; 429 430 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 431 tag_len); 432 } 433 434 void crypto_authenc_final(void *ctx) 435 { 436 ae_ops(ctx)->final(ctx); 437 } 438 439 void crypto_authenc_free_ctx(void *ctx) 440 { 441 if (ctx) 442 ae_ops(ctx)->free_ctx(ctx); 443 } 444 445 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx) 446 { 447 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 448 } 449 450 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 451 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 452 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 453 { 454 return NULL; 455 } 456 457 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 458 size_t fromsize __unused, 459 struct bignum *to __unused) 460 { 461 return TEE_ERROR_NOT_IMPLEMENTED; 462 } 463 464 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 465 { 466 return 0; 467 } 468 469 size_t crypto_bignum_num_bits(struct bignum *a __unused) 470 { 471 return 0; 472 } 473 474 /* 475 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 476 * enough to guarantee that the functions calling this function aren't 477 * called, but just in case add a panic() here to avoid unexpected 478 * behavoir. 479 */ 480 static void bignum_cant_happen(void) 481 { 482 volatile bool b = true; 483 484 /* Avoid warning about function does not return */ 485 if (b) 486 panic(); 487 } 488 489 void crypto_bignum_bn2bin(const struct bignum *from __unused, 490 uint8_t *to __unused) 491 { 492 bignum_cant_happen(); 493 } 494 495 void crypto_bignum_copy(struct bignum *to __unused, 496 const struct bignum *from __unused) 497 { 498 bignum_cant_happen(); 499 } 500 501 void crypto_bignum_free(struct bignum *a) 502 { 503 if (a) 504 panic(); 505 } 506 507 void crypto_bignum_clear(struct bignum *a __unused) 508 { 509 bignum_cant_happen(); 510 } 511 512 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 513 int32_t crypto_bignum_compare(struct bignum *a __unused, 514 struct bignum *b __unused) 515 { 516 bignum_cant_happen(); 517 return -1; 518 } 519 #endif 520 521 #if !defined(CFG_CRYPTO_RSA) 522 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 523 size_t key_size_bits __unused) 524 { 525 return TEE_ERROR_NOT_IMPLEMENTED; 526 } 527 528 TEE_Result 529 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 530 size_t key_size_bits __unused) 531 { 532 return TEE_ERROR_NOT_IMPLEMENTED; 533 } 534 535 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 536 { 537 } 538 539 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused) 540 { 541 } 542 543 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 544 size_t key_size __unused) 545 { 546 return TEE_ERROR_NOT_IMPLEMENTED; 547 } 548 549 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 550 const uint8_t *src __unused, 551 size_t src_len __unused, 552 uint8_t *dst __unused, 553 size_t *dst_len __unused) 554 { 555 return TEE_ERROR_NOT_IMPLEMENTED; 556 } 557 558 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 559 const uint8_t *src __unused, 560 size_t src_len __unused, 561 uint8_t *dst __unused, 562 size_t *dst_len __unused) 563 { 564 return TEE_ERROR_NOT_IMPLEMENTED; 565 } 566 567 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 568 struct rsa_keypair *key __unused, 569 const uint8_t *label __unused, 570 size_t label_len __unused, 571 const uint8_t *src __unused, 572 size_t src_len __unused, 573 uint8_t *dst __unused, 574 size_t *dst_len __unused) 575 { 576 return TEE_ERROR_NOT_IMPLEMENTED; 577 } 578 579 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 580 struct rsa_public_key *key __unused, 581 const uint8_t *label __unused, 582 size_t label_len __unused, 583 const uint8_t *src __unused, 584 size_t src_len __unused, 585 uint8_t *dst __unused, 586 size_t *dst_len __unused) 587 { 588 return TEE_ERROR_NOT_IMPLEMENTED; 589 } 590 591 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 592 struct rsa_keypair *key __unused, 593 int salt_len __unused, 594 const uint8_t *msg __unused, 595 size_t msg_len __unused, 596 uint8_t *sig __unused, 597 size_t *sig_len __unused) 598 { 599 return TEE_ERROR_NOT_IMPLEMENTED; 600 } 601 602 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 603 struct rsa_public_key *key __unused, 604 int salt_len __unused, 605 const uint8_t *msg __unused, 606 size_t msg_len __unused, 607 const uint8_t *sig __unused, 608 size_t sig_len __unused) 609 { 610 return TEE_ERROR_NOT_IMPLEMENTED; 611 } 612 #endif /*!CFG_CRYPTO_RSA*/ 613 614 #if !defined(CFG_CRYPTO_DSA) 615 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 616 size_t key_size_bits __unused) 617 { 618 return TEE_ERROR_NOT_IMPLEMENTED; 619 } 620 621 TEE_Result 622 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 623 size_t key_size_bits __unused) 624 { 625 return TEE_ERROR_NOT_IMPLEMENTED; 626 } 627 628 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 629 size_t key_size __unused) 630 { 631 return TEE_ERROR_NOT_IMPLEMENTED; 632 } 633 634 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 635 struct dsa_keypair *key __unused, 636 const uint8_t *msg __unused, 637 size_t msg_len __unused, 638 uint8_t *sig __unused, 639 size_t *sig_len __unused) 640 { 641 return TEE_ERROR_NOT_IMPLEMENTED; 642 } 643 644 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 645 struct dsa_public_key *key __unused, 646 const uint8_t *msg __unused, 647 size_t msg_len __unused, 648 const uint8_t *sig __unused, 649 size_t sig_len __unused) 650 { 651 return TEE_ERROR_NOT_IMPLEMENTED; 652 } 653 #endif /*!CFG_CRYPTO_DSA*/ 654 655 #if !defined(CFG_CRYPTO_DH) 656 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 657 size_t key_size_bits __unused) 658 { 659 return TEE_ERROR_NOT_IMPLEMENTED; 660 } 661 662 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 663 struct bignum *q __unused, 664 size_t xbits __unused, 665 size_t key_size __unused) 666 { 667 return TEE_ERROR_NOT_IMPLEMENTED; 668 } 669 670 TEE_Result 671 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 672 struct bignum *public_key __unused, 673 struct bignum *secret __unused) 674 { 675 return TEE_ERROR_NOT_IMPLEMENTED; 676 } 677 #endif /*!CFG_CRYPTO_DH*/ 678 679 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key, 680 uint32_t key_type, 681 size_t key_size_bits) 682 { 683 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 684 685 /* 686 * Use default cryptographic implementation if no matching 687 * drvcrypt device. 688 */ 689 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits); 690 if (res == TEE_ERROR_NOT_IMPLEMENTED) 691 res = crypto_asym_alloc_ecc_public_key(key, key_type, 692 key_size_bits); 693 694 return res; 695 } 696 697 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key, 698 uint32_t key_type, 699 size_t key_size_bits) 700 { 701 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 702 703 /* 704 * Use default cryptographic implementation if no matching 705 * drvcrypt device. 706 */ 707 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits); 708 if (res == TEE_ERROR_NOT_IMPLEMENTED) 709 res = crypto_asym_alloc_ecc_keypair(key, key_type, 710 key_size_bits); 711 712 return res; 713 } 714 715 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key) 716 { 717 assert(key->ops && key->ops->free); 718 719 key->ops->free(key); 720 } 721 722 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key, 723 size_t key_size_bits) 724 { 725 assert(key->ops && key->ops->generate); 726 727 return key->ops->generate(key, key_size_bits); 728 } 729 730 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key, 731 const uint8_t *msg, size_t msg_len, 732 uint8_t *sig, size_t *sig_len) 733 { 734 assert(key->ops); 735 736 if (!key->ops->sign) 737 return TEE_ERROR_NOT_IMPLEMENTED; 738 739 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len); 740 } 741 742 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key, 743 const uint8_t *msg, size_t msg_len, 744 const uint8_t *sig, size_t sig_len) 745 { 746 assert(key->ops); 747 748 if (!key->ops->verify) 749 return TEE_ERROR_NOT_IMPLEMENTED; 750 751 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len); 752 } 753 754 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key, 755 struct ecc_public_key *public_key, 756 void *secret, 757 unsigned long *secret_len) 758 { 759 assert(private_key->ops); 760 761 if (!private_key->ops->shared_secret) 762 return TEE_ERROR_NOT_IMPLEMENTED; 763 764 return private_key->ops->shared_secret(private_key, public_key, secret, 765 secret_len); 766 } 767 768 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key, 769 const uint8_t *src, size_t src_len, 770 uint8_t *dst, size_t *dst_len) 771 { 772 assert(key->ops); 773 774 if (!key->ops->decrypt) 775 return TEE_ERROR_NOT_IMPLEMENTED; 776 777 return key->ops->decrypt(key, src, src_len, dst, dst_len); 778 } 779 780 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key, 781 const uint8_t *src, size_t src_len, 782 uint8_t *dst, size_t *dst_len) 783 { 784 assert(key->ops); 785 786 if (!key->ops->encrypt) 787 return TEE_ERROR_NOT_IMPLEMENTED; 788 789 return key->ops->encrypt(key, src, src_len, dst, dst_len); 790 } 791 792 #if !defined(CFG_CRYPTO_SM2_KEP) 793 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused, 794 struct ecc_keypair *my_eph_key 795 __unused, 796 struct ecc_public_key *peer_key 797 __unused, 798 struct ecc_public_key *peer_eph_key 799 __unused, 800 struct sm2_kep_parms *p __unused) 801 { 802 return TEE_ERROR_NOT_IMPLEMENTED; 803 } 804 #endif 805 806 #if !defined(CFG_CRYPTO_X25519) 807 TEE_Result crypto_acipher_alloc_x25519_keypair(struct x25519_keypair *key 808 __unused, 809 size_t key_size_bits __unused) 810 { 811 return TEE_ERROR_NOT_IMPLEMENTED; 812 } 813 814 TEE_Result crypto_acipher_gen_x25519_key(struct x25519_keypair *key __unused, 815 size_t key_size __unused) 816 { 817 return TEE_ERROR_NOT_IMPLEMENTED; 818 } 819 820 TEE_Result crypto_acipher_x25519_shared_secret(struct x25519_keypair 821 *private_key __unused, 822 void *public_key __unused, 823 void *secret __unused, 824 unsigned long 825 *secret_len __unused) 826 { 827 return TEE_ERROR_NOT_IMPLEMENTED; 828 } 829 #endif 830 831 #if !defined(CFG_CRYPTO_ED25519) 832 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key 833 __unused, 834 size_t key_size_bits __unused) 835 { 836 return TEE_ERROR_NOT_IMPLEMENTED; 837 } 838 839 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key __unused, 840 size_t key_size __unused) 841 { 842 return TEE_ERROR_NOT_IMPLEMENTED; 843 } 844 845 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key __unused, 846 const uint8_t *msg __unused, 847 size_t msg_len __unused, 848 uint8_t *sig __unused, 849 size_t *sig_len __unused) 850 { 851 return TEE_ERROR_NOT_IMPLEMENTED; 852 } 853 854 TEE_Result crypto_acipher_ed25519_verify(struct ed25519_keypair *key __unused, 855 const uint8_t *msg __unused, 856 size_t msg_len __unused, 857 const uint8_t *sig __unused, 858 size_t sig_len __unused) 859 { 860 return TEE_ERROR_NOT_IMPLEMENTED; 861 } 862 863 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key __unused, 864 const uint8_t *msg __unused, 865 size_t msg_len __unused, 866 uint8_t *sig __unused, 867 size_t *sig_len __unused, 868 bool ph_flag __unused, 869 const uint8_t *ctx __unused, 870 size_t ctxlen __unused) 871 { 872 return TEE_ERROR_NOT_IMPLEMENTED; 873 } 874 875 TEE_Result crypto_acipher_ed25519ctx_verify(struct ed25519_keypair *key 876 __unused, 877 const uint8_t *msg __unused, 878 size_t msg_len __unused, 879 const uint8_t *sig __unused, 880 size_t sig_len __unused, 881 bool ph_flag __unused, 882 const uint8_t *ctx __unused, 883 size_t ctxlen __unused) 884 { 885 return TEE_ERROR_NOT_IMPLEMENTED; 886 } 887 #endif 888 889 __weak TEE_Result crypto_storage_obj_del(struct tee_obj *obj __unused) 890 { 891 return TEE_ERROR_NOT_IMPLEMENTED; 892 } 893