1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/crypto.h> 9 #include <crypto/crypto_impl.h> 10 #include <kernel/panic.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <utee_defines.h> 14 15 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 16 { 17 TEE_Result res = TEE_SUCCESS; 18 struct crypto_hash_ctx *c = NULL; 19 20 switch (algo) { 21 case TEE_ALG_MD5: 22 res = crypto_md5_alloc_ctx(&c); 23 break; 24 case TEE_ALG_SHA1: 25 res = crypto_sha1_alloc_ctx(&c); 26 break; 27 case TEE_ALG_SHA224: 28 res = crypto_sha224_alloc_ctx(&c); 29 break; 30 case TEE_ALG_SHA256: 31 res = crypto_sha256_alloc_ctx(&c); 32 break; 33 case TEE_ALG_SHA384: 34 res = crypto_sha384_alloc_ctx(&c); 35 break; 36 case TEE_ALG_SHA512: 37 res = crypto_sha512_alloc_ctx(&c); 38 break; 39 default: 40 return TEE_ERROR_NOT_IMPLEMENTED; 41 } 42 43 if (!res) 44 *ctx = c; 45 46 return res; 47 } 48 49 static const struct crypto_hash_ops *hash_ops(void *ctx) 50 { 51 struct crypto_hash_ctx *c = ctx; 52 53 assert(c && c->ops); 54 55 return c->ops; 56 } 57 58 void crypto_hash_free_ctx(void *ctx, uint32_t algo __unused) 59 { 60 if (ctx) 61 hash_ops(ctx)->free_ctx(ctx); 62 } 63 64 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx, 65 uint32_t algo __unused) 66 { 67 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 68 } 69 70 TEE_Result crypto_hash_init(void *ctx, uint32_t algo __unused) 71 { 72 return hash_ops(ctx)->init(ctx); 73 } 74 75 TEE_Result crypto_hash_update(void *ctx, uint32_t algo __unused, 76 const uint8_t *data, size_t len) 77 { 78 return hash_ops(ctx)->update(ctx, data, len); 79 } 80 81 TEE_Result crypto_hash_final(void *ctx, uint32_t algo __unused, 82 uint8_t *digest, size_t len) 83 { 84 return hash_ops(ctx)->final(ctx, digest, len); 85 } 86 87 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 88 { 89 TEE_Result res = TEE_SUCCESS; 90 struct crypto_cipher_ctx *c = NULL; 91 92 switch (algo) { 93 case TEE_ALG_AES_ECB_NOPAD: 94 res = crypto_aes_ecb_alloc_ctx(&c); 95 break; 96 case TEE_ALG_AES_CBC_NOPAD: 97 res = crypto_aes_cbc_alloc_ctx(&c); 98 break; 99 case TEE_ALG_AES_CTR: 100 res = crypto_aes_ctr_alloc_ctx(&c); 101 break; 102 case TEE_ALG_AES_CTS: 103 res = crypto_aes_cts_alloc_ctx(&c); 104 break; 105 case TEE_ALG_AES_XTS: 106 res = crypto_aes_xts_alloc_ctx(&c); 107 break; 108 case TEE_ALG_DES_ECB_NOPAD: 109 res = crypto_des_ecb_alloc_ctx(&c); 110 break; 111 case TEE_ALG_DES3_ECB_NOPAD: 112 res = crypto_des3_ecb_alloc_ctx(&c); 113 break; 114 case TEE_ALG_DES_CBC_NOPAD: 115 res = crypto_des_cbc_alloc_ctx(&c); 116 break; 117 case TEE_ALG_DES3_CBC_NOPAD: 118 res = crypto_des3_cbc_alloc_ctx(&c); 119 break; 120 default: 121 return TEE_ERROR_NOT_IMPLEMENTED; 122 } 123 124 if (!res) 125 *ctx = c; 126 127 return res; 128 } 129 130 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 131 { 132 struct crypto_cipher_ctx *c = ctx; 133 134 assert(c && c->ops); 135 136 return c->ops; 137 } 138 139 void crypto_cipher_free_ctx(void *ctx, uint32_t algo __unused) 140 { 141 if (ctx) 142 cipher_ops(ctx)->free_ctx(ctx); 143 } 144 145 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx, 146 uint32_t algo __unused) 147 { 148 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 149 } 150 151 TEE_Result crypto_cipher_init(void *ctx __unused, uint32_t algo __unused, 152 TEE_OperationMode mode, const uint8_t *key1, 153 size_t key1_len, const uint8_t *key2, 154 size_t key2_len, const uint8_t *iv, size_t iv_len) 155 { 156 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 157 return TEE_ERROR_BAD_PARAMETERS; 158 159 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 160 iv, iv_len); 161 } 162 163 TEE_Result crypto_cipher_update(void *ctx, uint32_t algo __unused, 164 TEE_OperationMode mode __unused, 165 bool last_block, const uint8_t *data, 166 size_t len, uint8_t *dst) 167 { 168 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 169 } 170 171 void crypto_cipher_final(void *ctx, uint32_t algo __unused) 172 { 173 cipher_ops(ctx)->final(ctx); 174 } 175 176 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 177 { 178 uint32_t class = TEE_ALG_GET_CLASS(algo); 179 180 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 181 class != TEE_OPERATION_AE) 182 return TEE_ERROR_BAD_PARAMETERS; 183 184 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 185 case TEE_MAIN_ALGO_AES: 186 *size = TEE_AES_BLOCK_SIZE; 187 return TEE_SUCCESS; 188 case TEE_MAIN_ALGO_DES: 189 case TEE_MAIN_ALGO_DES3: 190 *size = TEE_DES_BLOCK_SIZE; 191 return TEE_SUCCESS; 192 default: 193 return TEE_ERROR_NOT_SUPPORTED; 194 } 195 } 196 197 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 198 { 199 TEE_Result res = TEE_SUCCESS; 200 struct crypto_mac_ctx *c = NULL; 201 202 switch (algo) { 203 case TEE_ALG_HMAC_MD5: 204 res = crypto_hmac_md5_alloc_ctx(&c); 205 break; 206 case TEE_ALG_HMAC_SHA1: 207 res = crypto_hmac_sha1_alloc_ctx(&c); 208 break; 209 case TEE_ALG_HMAC_SHA224: 210 res = crypto_hmac_sha224_alloc_ctx(&c); 211 break; 212 case TEE_ALG_HMAC_SHA256: 213 res = crypto_hmac_sha256_alloc_ctx(&c); 214 break; 215 case TEE_ALG_HMAC_SHA384: 216 res = crypto_hmac_sha384_alloc_ctx(&c); 217 break; 218 case TEE_ALG_HMAC_SHA512: 219 res = crypto_hmac_sha512_alloc_ctx(&c); 220 break; 221 case TEE_ALG_AES_CBC_MAC_NOPAD: 222 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 223 break; 224 case TEE_ALG_AES_CBC_MAC_PKCS5: 225 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 226 break; 227 case TEE_ALG_DES_CBC_MAC_NOPAD: 228 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 229 break; 230 case TEE_ALG_DES_CBC_MAC_PKCS5: 231 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 232 break; 233 case TEE_ALG_DES3_CBC_MAC_NOPAD: 234 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 235 break; 236 case TEE_ALG_DES3_CBC_MAC_PKCS5: 237 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 238 break; 239 case TEE_ALG_AES_CMAC: 240 res = crypto_aes_cmac_alloc_ctx(&c); 241 break; 242 default: 243 return TEE_ERROR_NOT_SUPPORTED; 244 } 245 246 if (!res) 247 *ctx = c; 248 249 return res; 250 } 251 252 static const struct crypto_mac_ops *mac_ops(void *ctx) 253 { 254 struct crypto_mac_ctx *c = ctx; 255 256 assert(c && c->ops); 257 258 return c->ops; 259 } 260 261 void crypto_mac_free_ctx(void *ctx, uint32_t algo __unused) 262 { 263 if (ctx) 264 mac_ops(ctx)->free_ctx(ctx); 265 } 266 267 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo __unused) 268 { 269 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 270 } 271 272 TEE_Result crypto_mac_init(void *ctx, uint32_t algo __unused, 273 const uint8_t *key, size_t len) 274 { 275 return mac_ops(ctx)->init(ctx, key, len); 276 } 277 278 TEE_Result crypto_mac_update(void *ctx, uint32_t algo __unused, 279 const uint8_t *data, size_t len) 280 { 281 if (!len) 282 return TEE_SUCCESS; 283 284 return mac_ops(ctx)->update(ctx, data, len); 285 } 286 287 TEE_Result crypto_mac_final(void *ctx, uint32_t algo __unused, 288 uint8_t *digest, size_t digest_len) 289 { 290 return mac_ops(ctx)->final(ctx, digest, digest_len); 291 } 292 293 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 294 { 295 TEE_Result res = TEE_SUCCESS; 296 struct crypto_authenc_ctx *c = NULL; 297 298 switch (algo) { 299 #if defined(CFG_CRYPTO_CCM) 300 case TEE_ALG_AES_CCM: 301 res = crypto_aes_ccm_alloc_ctx(&c); 302 break; 303 #endif 304 #if defined(CFG_CRYPTO_GCM) 305 case TEE_ALG_AES_GCM: 306 res = crypto_aes_gcm_alloc_ctx(&c); 307 break; 308 #endif 309 default: 310 return TEE_ERROR_NOT_IMPLEMENTED; 311 } 312 313 if (!res) 314 *ctx = c; 315 316 return res; 317 } 318 319 static const struct crypto_authenc_ops *ae_ops(void *ctx) 320 { 321 struct crypto_authenc_ctx *c = ctx; 322 323 assert(c && c->ops); 324 325 return c->ops; 326 } 327 328 TEE_Result crypto_authenc_init(void *ctx, uint32_t algo __unused, 329 TEE_OperationMode mode, 330 const uint8_t *key, size_t key_len, 331 const uint8_t *nonce, size_t nonce_len, 332 size_t tag_len, size_t aad_len, 333 size_t payload_len) 334 { 335 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 336 tag_len, aad_len, payload_len); 337 } 338 339 TEE_Result crypto_authenc_update_aad(void *ctx, uint32_t algo __unused, 340 TEE_OperationMode mode __unused, 341 const uint8_t *data, size_t len) 342 { 343 return ae_ops(ctx)->update_aad(ctx, data, len); 344 } 345 346 347 TEE_Result crypto_authenc_update_payload(void *ctx, uint32_t algo __unused, 348 TEE_OperationMode mode, 349 const uint8_t *src_data, 350 size_t src_len, uint8_t *dst_data, 351 size_t *dst_len) 352 { 353 if (*dst_len < src_len) 354 return TEE_ERROR_SHORT_BUFFER; 355 *dst_len = src_len; 356 357 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 358 dst_data); 359 } 360 361 TEE_Result crypto_authenc_enc_final(void *ctx, uint32_t algo __unused, 362 const uint8_t *src_data, size_t src_len, 363 uint8_t *dst_data, size_t *dst_len, 364 uint8_t *dst_tag, size_t *dst_tag_len) 365 { 366 if (*dst_len < src_len) 367 return TEE_ERROR_SHORT_BUFFER; 368 *dst_len = src_len; 369 370 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 371 dst_tag, dst_tag_len); 372 } 373 374 TEE_Result crypto_authenc_dec_final(void *ctx, uint32_t algo __unused, 375 const uint8_t *src_data, size_t src_len, 376 uint8_t *dst_data, size_t *dst_len, 377 const uint8_t *tag, size_t tag_len) 378 { 379 if (*dst_len < src_len) 380 return TEE_ERROR_SHORT_BUFFER; 381 *dst_len = src_len; 382 383 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 384 tag_len); 385 } 386 387 void crypto_authenc_final(void *ctx, uint32_t algo __unused) 388 { 389 ae_ops(ctx)->final(ctx); 390 } 391 392 void crypto_authenc_free_ctx(void *ctx, uint32_t algo __unused) 393 { 394 if (ctx) 395 ae_ops(ctx)->free_ctx(ctx); 396 } 397 398 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, 399 uint32_t algo __unused) 400 { 401 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 402 } 403 404 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 405 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 406 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 407 { 408 return NULL; 409 } 410 411 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 412 size_t fromsize __unused, 413 struct bignum *to __unused) 414 { 415 return TEE_ERROR_NOT_IMPLEMENTED; 416 } 417 418 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 419 { 420 return 0; 421 } 422 423 size_t crypto_bignum_num_bits(struct bignum *a __unused) 424 { 425 return 0; 426 } 427 428 /* 429 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 430 * enough to guarantee that the functions calling this function aren't 431 * called, but just in case add a panic() here to avoid unexpected 432 * behavoir. 433 */ 434 static void bignum_cant_happen(void) 435 { 436 volatile bool b = true; 437 438 /* Avoid warning about function does not return */ 439 if (b) 440 panic(); 441 } 442 443 void crypto_bignum_bn2bin(const struct bignum *from __unused, 444 uint8_t *to __unused) 445 { 446 bignum_cant_happen(); 447 } 448 449 void crypto_bignum_copy(struct bignum *to __unused, 450 const struct bignum *from __unused) 451 { 452 bignum_cant_happen(); 453 } 454 455 void crypto_bignum_free(struct bignum *a) 456 { 457 if (a) 458 panic(); 459 } 460 461 void crypto_bignum_clear(struct bignum *a __unused) 462 { 463 bignum_cant_happen(); 464 } 465 466 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 467 int32_t crypto_bignum_compare(struct bignum *a __unused, 468 struct bignum *b __unused) 469 { 470 bignum_cant_happen(); 471 return -1; 472 } 473 #endif 474 475 #if !defined(CFG_CRYPTO_RSA) 476 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 477 size_t key_size_bits __unused) 478 { 479 return TEE_ERROR_NOT_IMPLEMENTED; 480 } 481 482 TEE_Result 483 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 484 size_t key_size_bits __unused) 485 { 486 return TEE_ERROR_NOT_IMPLEMENTED; 487 } 488 489 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 490 { 491 } 492 493 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 494 size_t key_size __unused) 495 { 496 return TEE_ERROR_NOT_IMPLEMENTED; 497 } 498 499 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 500 const uint8_t *src __unused, 501 size_t src_len __unused, 502 uint8_t *dst __unused, 503 size_t *dst_len __unused) 504 { 505 return TEE_ERROR_NOT_IMPLEMENTED; 506 } 507 508 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 509 const uint8_t *src __unused, 510 size_t src_len __unused, 511 uint8_t *dst __unused, 512 size_t *dst_len __unused) 513 { 514 return TEE_ERROR_NOT_IMPLEMENTED; 515 } 516 517 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 518 struct rsa_keypair *key __unused, 519 const uint8_t *label __unused, 520 size_t label_len __unused, 521 const uint8_t *src __unused, 522 size_t src_len __unused, 523 uint8_t *dst __unused, 524 size_t *dst_len __unused) 525 { 526 return TEE_ERROR_NOT_IMPLEMENTED; 527 } 528 529 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 530 struct rsa_public_key *key __unused, 531 const uint8_t *label __unused, 532 size_t label_len __unused, 533 const uint8_t *src __unused, 534 size_t src_len __unused, 535 uint8_t *dst __unused, 536 size_t *dst_len __unused) 537 { 538 return TEE_ERROR_NOT_IMPLEMENTED; 539 } 540 541 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 542 struct rsa_keypair *key __unused, 543 int salt_len __unused, 544 const uint8_t *msg __unused, 545 size_t msg_len __unused, 546 uint8_t *sig __unused, 547 size_t *sig_len __unused) 548 { 549 return TEE_ERROR_NOT_IMPLEMENTED; 550 } 551 552 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 553 struct rsa_public_key *key __unused, 554 int salt_len __unused, 555 const uint8_t *msg __unused, 556 size_t msg_len __unused, 557 const uint8_t *sig __unused, 558 size_t sig_len __unused) 559 { 560 return TEE_ERROR_NOT_IMPLEMENTED; 561 } 562 #endif /*!CFG_CRYPTO_RSA*/ 563 564 #if !defined(CFG_CRYPTO_DSA) 565 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 566 size_t key_size_bits __unused) 567 { 568 return TEE_ERROR_NOT_IMPLEMENTED; 569 } 570 571 TEE_Result 572 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 573 size_t key_size_bits __unused) 574 { 575 return TEE_ERROR_NOT_IMPLEMENTED; 576 } 577 578 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 579 size_t key_size __unused) 580 { 581 return TEE_ERROR_NOT_IMPLEMENTED; 582 } 583 584 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 585 struct dsa_keypair *key __unused, 586 const uint8_t *msg __unused, 587 size_t msg_len __unused, 588 uint8_t *sig __unused, 589 size_t *sig_len __unused) 590 { 591 return TEE_ERROR_NOT_IMPLEMENTED; 592 } 593 594 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 595 struct dsa_public_key *key __unused, 596 const uint8_t *msg __unused, 597 size_t msg_len __unused, 598 const uint8_t *sig __unused, 599 size_t sig_len __unused) 600 { 601 return TEE_ERROR_NOT_IMPLEMENTED; 602 } 603 #endif /*!CFG_CRYPTO_DSA*/ 604 605 #if !defined(CFG_CRYPTO_DH) 606 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 607 size_t key_size_bits __unused) 608 { 609 return TEE_ERROR_NOT_IMPLEMENTED; 610 } 611 612 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 613 struct bignum *q __unused, 614 size_t xbits __unused) 615 { 616 return TEE_ERROR_NOT_IMPLEMENTED; 617 } 618 619 TEE_Result 620 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 621 struct bignum *public_key __unused, 622 struct bignum *secret __unused) 623 { 624 return TEE_ERROR_NOT_IMPLEMENTED; 625 } 626 #endif /*!CFG_CRYPTO_DH*/ 627 628 #if !defined(CFG_CRYPTO_ECC) 629 TEE_Result 630 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 631 size_t key_size_bits __unused) 632 { 633 return TEE_ERROR_NOT_IMPLEMENTED; 634 } 635 636 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 637 size_t key_size_bits __unused) 638 { 639 return TEE_ERROR_NOT_IMPLEMENTED; 640 } 641 642 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 643 { 644 } 645 646 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 647 { 648 return TEE_ERROR_NOT_IMPLEMENTED; 649 } 650 651 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 652 struct ecc_keypair *key __unused, 653 const uint8_t *msg __unused, 654 size_t msg_len __unused, 655 uint8_t *sig __unused, 656 size_t *sig_len __unused) 657 { 658 return TEE_ERROR_NOT_IMPLEMENTED; 659 } 660 661 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 662 struct ecc_public_key *key __unused, 663 const uint8_t *msg __unused, 664 size_t msg_len __unused, 665 const uint8_t *sig __unused, 666 size_t sig_len __unused) 667 { 668 return TEE_ERROR_NOT_IMPLEMENTED; 669 } 670 671 TEE_Result 672 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 673 struct ecc_public_key *public_key __unused, 674 void *secret __unused, 675 unsigned long *secret_len __unused) 676 { 677 return TEE_ERROR_NOT_IMPLEMENTED; 678 } 679 #endif /*!CFG_CRYPTO_ECC*/ 680