1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 * Copyright 2020 NXP 5 * Copyright 2021, SumUp Service GmbH 6 */ 7 8 #include <assert.h> 9 #include <compiler.h> 10 #include <crypto/crypto.h> 11 #include <crypto/crypto_impl.h> 12 #include <kernel/panic.h> 13 #include <stdlib.h> 14 #include <string.h> 15 #include <utee_defines.h> 16 17 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 18 { 19 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 20 struct crypto_hash_ctx *c = NULL; 21 22 /* 23 * Use default cryptographic implementation if no matching 24 * drvcrypt device. 25 */ 26 res = drvcrypt_hash_alloc_ctx(&c, algo); 27 28 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 29 switch (algo) { 30 case TEE_ALG_MD5: 31 res = crypto_md5_alloc_ctx(&c); 32 break; 33 case TEE_ALG_SHA1: 34 res = crypto_sha1_alloc_ctx(&c); 35 break; 36 case TEE_ALG_SHA224: 37 res = crypto_sha224_alloc_ctx(&c); 38 break; 39 case TEE_ALG_SHA256: 40 res = crypto_sha256_alloc_ctx(&c); 41 break; 42 case TEE_ALG_SHA384: 43 res = crypto_sha384_alloc_ctx(&c); 44 break; 45 case TEE_ALG_SHA512: 46 res = crypto_sha512_alloc_ctx(&c); 47 break; 48 case TEE_ALG_SM3: 49 res = crypto_sm3_alloc_ctx(&c); 50 break; 51 default: 52 break; 53 } 54 } 55 56 if (!res) 57 *ctx = c; 58 59 return res; 60 } 61 62 static const struct crypto_hash_ops *hash_ops(void *ctx) 63 { 64 struct crypto_hash_ctx *c = ctx; 65 66 assert(c && c->ops); 67 68 return c->ops; 69 } 70 71 void crypto_hash_free_ctx(void *ctx) 72 { 73 if (ctx) 74 hash_ops(ctx)->free_ctx(ctx); 75 } 76 77 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 78 { 79 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 80 } 81 82 TEE_Result crypto_hash_init(void *ctx) 83 { 84 return hash_ops(ctx)->init(ctx); 85 } 86 87 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 88 { 89 return hash_ops(ctx)->update(ctx, data, len); 90 } 91 92 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 93 { 94 return hash_ops(ctx)->final(ctx, digest, len); 95 } 96 97 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 98 { 99 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 100 struct crypto_cipher_ctx *c = NULL; 101 102 /* 103 * Use default cryptographic implementation if no matching 104 * drvcrypt device. 105 */ 106 res = drvcrypt_cipher_alloc_ctx(&c, algo); 107 108 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 109 switch (algo) { 110 case TEE_ALG_AES_ECB_NOPAD: 111 res = crypto_aes_ecb_alloc_ctx(&c); 112 break; 113 case TEE_ALG_AES_CBC_NOPAD: 114 res = crypto_aes_cbc_alloc_ctx(&c); 115 break; 116 case TEE_ALG_AES_CTR: 117 res = crypto_aes_ctr_alloc_ctx(&c); 118 break; 119 case TEE_ALG_AES_CTS: 120 res = crypto_aes_cts_alloc_ctx(&c); 121 break; 122 case TEE_ALG_AES_XTS: 123 res = crypto_aes_xts_alloc_ctx(&c); 124 break; 125 case TEE_ALG_DES_ECB_NOPAD: 126 res = crypto_des_ecb_alloc_ctx(&c); 127 break; 128 case TEE_ALG_DES3_ECB_NOPAD: 129 res = crypto_des3_ecb_alloc_ctx(&c); 130 break; 131 case TEE_ALG_DES_CBC_NOPAD: 132 res = crypto_des_cbc_alloc_ctx(&c); 133 break; 134 case TEE_ALG_DES3_CBC_NOPAD: 135 res = crypto_des3_cbc_alloc_ctx(&c); 136 break; 137 case TEE_ALG_SM4_ECB_NOPAD: 138 res = crypto_sm4_ecb_alloc_ctx(&c); 139 break; 140 case TEE_ALG_SM4_CBC_NOPAD: 141 res = crypto_sm4_cbc_alloc_ctx(&c); 142 break; 143 case TEE_ALG_SM4_CTR: 144 res = crypto_sm4_ctr_alloc_ctx(&c); 145 break; 146 default: 147 return TEE_ERROR_NOT_IMPLEMENTED; 148 } 149 } 150 151 if (!res) 152 *ctx = c; 153 154 return res; 155 } 156 157 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 158 { 159 struct crypto_cipher_ctx *c = ctx; 160 161 assert(c && c->ops); 162 163 return c->ops; 164 } 165 166 void crypto_cipher_free_ctx(void *ctx) 167 { 168 if (ctx) 169 cipher_ops(ctx)->free_ctx(ctx); 170 } 171 172 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx) 173 { 174 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 175 } 176 177 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode, 178 const uint8_t *key1, size_t key1_len, 179 const uint8_t *key2, size_t key2_len, 180 const uint8_t *iv, size_t iv_len) 181 { 182 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 183 return TEE_ERROR_BAD_PARAMETERS; 184 185 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 186 iv, iv_len); 187 } 188 189 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused, 190 bool last_block, const uint8_t *data, 191 size_t len, uint8_t *dst) 192 { 193 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 194 } 195 196 void crypto_cipher_final(void *ctx) 197 { 198 cipher_ops(ctx)->final(ctx); 199 } 200 201 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 202 { 203 uint32_t class = TEE_ALG_GET_CLASS(algo); 204 205 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 206 class != TEE_OPERATION_AE) 207 return TEE_ERROR_BAD_PARAMETERS; 208 209 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 210 case TEE_MAIN_ALGO_AES: 211 *size = TEE_AES_BLOCK_SIZE; 212 return TEE_SUCCESS; 213 case TEE_MAIN_ALGO_DES: 214 case TEE_MAIN_ALGO_DES3: 215 *size = TEE_DES_BLOCK_SIZE; 216 return TEE_SUCCESS; 217 case TEE_MAIN_ALGO_SM4: 218 *size = TEE_SM4_BLOCK_SIZE; 219 return TEE_SUCCESS; 220 default: 221 return TEE_ERROR_NOT_SUPPORTED; 222 } 223 } 224 225 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 226 { 227 TEE_Result res = TEE_SUCCESS; 228 struct crypto_mac_ctx *c = NULL; 229 230 /* 231 * Use default cryptographic implementation if no matching 232 * drvcrypt device. 233 */ 234 res = drvcrypt_mac_alloc_ctx(&c, algo); 235 236 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 237 switch (algo) { 238 case TEE_ALG_HMAC_MD5: 239 res = crypto_hmac_md5_alloc_ctx(&c); 240 break; 241 case TEE_ALG_HMAC_SHA1: 242 res = crypto_hmac_sha1_alloc_ctx(&c); 243 break; 244 case TEE_ALG_HMAC_SHA224: 245 res = crypto_hmac_sha224_alloc_ctx(&c); 246 break; 247 case TEE_ALG_HMAC_SHA256: 248 res = crypto_hmac_sha256_alloc_ctx(&c); 249 break; 250 case TEE_ALG_HMAC_SHA384: 251 res = crypto_hmac_sha384_alloc_ctx(&c); 252 break; 253 case TEE_ALG_HMAC_SHA512: 254 res = crypto_hmac_sha512_alloc_ctx(&c); 255 break; 256 case TEE_ALG_HMAC_SM3: 257 res = crypto_hmac_sm3_alloc_ctx(&c); 258 break; 259 case TEE_ALG_AES_CBC_MAC_NOPAD: 260 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 261 break; 262 case TEE_ALG_AES_CBC_MAC_PKCS5: 263 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 264 break; 265 case TEE_ALG_DES_CBC_MAC_NOPAD: 266 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 267 break; 268 case TEE_ALG_DES_CBC_MAC_PKCS5: 269 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 270 break; 271 case TEE_ALG_DES3_CBC_MAC_NOPAD: 272 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 273 break; 274 case TEE_ALG_DES3_CBC_MAC_PKCS5: 275 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 276 break; 277 case TEE_ALG_DES3_CMAC: 278 res = crypto_des3_cmac_alloc_ctx(&c); 279 break; 280 case TEE_ALG_AES_CMAC: 281 res = crypto_aes_cmac_alloc_ctx(&c); 282 break; 283 default: 284 return TEE_ERROR_NOT_SUPPORTED; 285 } 286 } 287 288 if (!res) 289 *ctx = c; 290 291 return res; 292 } 293 294 static const struct crypto_mac_ops *mac_ops(void *ctx) 295 { 296 struct crypto_mac_ctx *c = ctx; 297 298 assert(c && c->ops); 299 300 return c->ops; 301 } 302 303 void crypto_mac_free_ctx(void *ctx) 304 { 305 if (ctx) 306 mac_ops(ctx)->free_ctx(ctx); 307 } 308 309 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx) 310 { 311 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 312 } 313 314 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len) 315 { 316 return mac_ops(ctx)->init(ctx, key, len); 317 } 318 319 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len) 320 { 321 if (!len) 322 return TEE_SUCCESS; 323 324 return mac_ops(ctx)->update(ctx, data, len); 325 } 326 327 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len) 328 { 329 return mac_ops(ctx)->final(ctx, digest, digest_len); 330 } 331 332 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 333 { 334 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 335 struct crypto_authenc_ctx *c = NULL; 336 337 /* 338 * Use default authenc implementation if no matching 339 * drvcrypt device. 340 */ 341 res = drvcrypt_authenc_alloc_ctx(&c, algo); 342 343 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 344 switch (algo) { 345 #if defined(CFG_CRYPTO_CCM) 346 case TEE_ALG_AES_CCM: 347 res = crypto_aes_ccm_alloc_ctx(&c); 348 break; 349 #endif 350 #if defined(CFG_CRYPTO_GCM) 351 case TEE_ALG_AES_GCM: 352 res = crypto_aes_gcm_alloc_ctx(&c); 353 break; 354 #endif 355 default: 356 break; 357 } 358 } 359 360 if (!res) 361 *ctx = c; 362 363 return res; 364 } 365 366 static const struct crypto_authenc_ops *ae_ops(void *ctx) 367 { 368 struct crypto_authenc_ctx *c = ctx; 369 370 assert(c && c->ops); 371 372 return c->ops; 373 } 374 375 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode, 376 const uint8_t *key, size_t key_len, 377 const uint8_t *nonce, size_t nonce_len, 378 size_t tag_len, size_t aad_len, 379 size_t payload_len) 380 { 381 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 382 tag_len, aad_len, payload_len); 383 } 384 385 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused, 386 const uint8_t *data, size_t len) 387 { 388 return ae_ops(ctx)->update_aad(ctx, data, len); 389 } 390 391 392 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode, 393 const uint8_t *src_data, 394 size_t src_len, uint8_t *dst_data, 395 size_t *dst_len) 396 { 397 if (*dst_len < src_len) 398 return TEE_ERROR_SHORT_BUFFER; 399 *dst_len = src_len; 400 401 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 402 dst_data); 403 } 404 405 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data, 406 size_t src_len, uint8_t *dst_data, 407 size_t *dst_len, uint8_t *dst_tag, 408 size_t *dst_tag_len) 409 { 410 if (*dst_len < src_len) 411 return TEE_ERROR_SHORT_BUFFER; 412 *dst_len = src_len; 413 414 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 415 dst_tag, dst_tag_len); 416 } 417 418 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data, 419 size_t src_len, uint8_t *dst_data, 420 size_t *dst_len, const uint8_t *tag, 421 size_t tag_len) 422 { 423 if (*dst_len < src_len) 424 return TEE_ERROR_SHORT_BUFFER; 425 *dst_len = src_len; 426 427 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 428 tag_len); 429 } 430 431 void crypto_authenc_final(void *ctx) 432 { 433 ae_ops(ctx)->final(ctx); 434 } 435 436 void crypto_authenc_free_ctx(void *ctx) 437 { 438 if (ctx) 439 ae_ops(ctx)->free_ctx(ctx); 440 } 441 442 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx) 443 { 444 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 445 } 446 447 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 448 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 449 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 450 { 451 return NULL; 452 } 453 454 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 455 size_t fromsize __unused, 456 struct bignum *to __unused) 457 { 458 return TEE_ERROR_NOT_IMPLEMENTED; 459 } 460 461 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 462 { 463 return 0; 464 } 465 466 size_t crypto_bignum_num_bits(struct bignum *a __unused) 467 { 468 return 0; 469 } 470 471 /* 472 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 473 * enough to guarantee that the functions calling this function aren't 474 * called, but just in case add a panic() here to avoid unexpected 475 * behavoir. 476 */ 477 static void bignum_cant_happen(void) 478 { 479 volatile bool b = true; 480 481 /* Avoid warning about function does not return */ 482 if (b) 483 panic(); 484 } 485 486 void crypto_bignum_bn2bin(const struct bignum *from __unused, 487 uint8_t *to __unused) 488 { 489 bignum_cant_happen(); 490 } 491 492 void crypto_bignum_copy(struct bignum *to __unused, 493 const struct bignum *from __unused) 494 { 495 bignum_cant_happen(); 496 } 497 498 void crypto_bignum_free(struct bignum *a) 499 { 500 if (a) 501 panic(); 502 } 503 504 void crypto_bignum_clear(struct bignum *a __unused) 505 { 506 bignum_cant_happen(); 507 } 508 509 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 510 int32_t crypto_bignum_compare(struct bignum *a __unused, 511 struct bignum *b __unused) 512 { 513 bignum_cant_happen(); 514 return -1; 515 } 516 #endif 517 518 #if !defined(CFG_CRYPTO_RSA) 519 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 520 size_t key_size_bits __unused) 521 { 522 return TEE_ERROR_NOT_IMPLEMENTED; 523 } 524 525 TEE_Result 526 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 527 size_t key_size_bits __unused) 528 { 529 return TEE_ERROR_NOT_IMPLEMENTED; 530 } 531 532 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 533 { 534 } 535 536 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused) 537 { 538 } 539 540 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 541 size_t key_size __unused) 542 { 543 return TEE_ERROR_NOT_IMPLEMENTED; 544 } 545 546 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 547 const uint8_t *src __unused, 548 size_t src_len __unused, 549 uint8_t *dst __unused, 550 size_t *dst_len __unused) 551 { 552 return TEE_ERROR_NOT_IMPLEMENTED; 553 } 554 555 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 556 const uint8_t *src __unused, 557 size_t src_len __unused, 558 uint8_t *dst __unused, 559 size_t *dst_len __unused) 560 { 561 return TEE_ERROR_NOT_IMPLEMENTED; 562 } 563 564 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 565 struct rsa_keypair *key __unused, 566 const uint8_t *label __unused, 567 size_t label_len __unused, 568 const uint8_t *src __unused, 569 size_t src_len __unused, 570 uint8_t *dst __unused, 571 size_t *dst_len __unused) 572 { 573 return TEE_ERROR_NOT_IMPLEMENTED; 574 } 575 576 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 577 struct rsa_public_key *key __unused, 578 const uint8_t *label __unused, 579 size_t label_len __unused, 580 const uint8_t *src __unused, 581 size_t src_len __unused, 582 uint8_t *dst __unused, 583 size_t *dst_len __unused) 584 { 585 return TEE_ERROR_NOT_IMPLEMENTED; 586 } 587 588 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 589 struct rsa_keypair *key __unused, 590 int salt_len __unused, 591 const uint8_t *msg __unused, 592 size_t msg_len __unused, 593 uint8_t *sig __unused, 594 size_t *sig_len __unused) 595 { 596 return TEE_ERROR_NOT_IMPLEMENTED; 597 } 598 599 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 600 struct rsa_public_key *key __unused, 601 int salt_len __unused, 602 const uint8_t *msg __unused, 603 size_t msg_len __unused, 604 const uint8_t *sig __unused, 605 size_t sig_len __unused) 606 { 607 return TEE_ERROR_NOT_IMPLEMENTED; 608 } 609 #endif /*!CFG_CRYPTO_RSA*/ 610 611 #if !defined(CFG_CRYPTO_DSA) 612 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 613 size_t key_size_bits __unused) 614 { 615 return TEE_ERROR_NOT_IMPLEMENTED; 616 } 617 618 TEE_Result 619 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 620 size_t key_size_bits __unused) 621 { 622 return TEE_ERROR_NOT_IMPLEMENTED; 623 } 624 625 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 626 size_t key_size __unused) 627 { 628 return TEE_ERROR_NOT_IMPLEMENTED; 629 } 630 631 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 632 struct dsa_keypair *key __unused, 633 const uint8_t *msg __unused, 634 size_t msg_len __unused, 635 uint8_t *sig __unused, 636 size_t *sig_len __unused) 637 { 638 return TEE_ERROR_NOT_IMPLEMENTED; 639 } 640 641 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 642 struct dsa_public_key *key __unused, 643 const uint8_t *msg __unused, 644 size_t msg_len __unused, 645 const uint8_t *sig __unused, 646 size_t sig_len __unused) 647 { 648 return TEE_ERROR_NOT_IMPLEMENTED; 649 } 650 #endif /*!CFG_CRYPTO_DSA*/ 651 652 #if !defined(CFG_CRYPTO_DH) 653 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 654 size_t key_size_bits __unused) 655 { 656 return TEE_ERROR_NOT_IMPLEMENTED; 657 } 658 659 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 660 struct bignum *q __unused, 661 size_t xbits __unused, 662 size_t key_size __unused) 663 { 664 return TEE_ERROR_NOT_IMPLEMENTED; 665 } 666 667 TEE_Result 668 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 669 struct bignum *public_key __unused, 670 struct bignum *secret __unused) 671 { 672 return TEE_ERROR_NOT_IMPLEMENTED; 673 } 674 #endif /*!CFG_CRYPTO_DH*/ 675 676 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key, 677 uint32_t key_type, 678 size_t key_size_bits) 679 { 680 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 681 682 /* 683 * Use default cryptographic implementation if no matching 684 * drvcrypt device. 685 */ 686 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits); 687 if (res == TEE_ERROR_NOT_IMPLEMENTED) 688 res = crypto_asym_alloc_ecc_public_key(key, key_type, 689 key_size_bits); 690 691 return res; 692 } 693 694 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key, 695 uint32_t key_type, 696 size_t key_size_bits) 697 { 698 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 699 700 /* 701 * Use default cryptographic implementation if no matching 702 * drvcrypt device. 703 */ 704 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits); 705 if (res == TEE_ERROR_NOT_IMPLEMENTED) 706 res = crypto_asym_alloc_ecc_keypair(key, key_type, 707 key_size_bits); 708 709 return res; 710 } 711 712 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key) 713 { 714 assert(key->ops && key->ops->free); 715 716 key->ops->free(key); 717 } 718 719 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key, 720 size_t key_size_bits) 721 { 722 assert(key->ops && key->ops->generate); 723 724 return key->ops->generate(key, key_size_bits); 725 } 726 727 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key, 728 const uint8_t *msg, size_t msg_len, 729 uint8_t *sig, size_t *sig_len) 730 { 731 assert(key->ops); 732 733 if (!key->ops->sign) 734 return TEE_ERROR_NOT_IMPLEMENTED; 735 736 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len); 737 } 738 739 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key, 740 const uint8_t *msg, size_t msg_len, 741 const uint8_t *sig, size_t sig_len) 742 { 743 assert(key->ops); 744 745 if (!key->ops->verify) 746 return TEE_ERROR_NOT_IMPLEMENTED; 747 748 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len); 749 } 750 751 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key, 752 struct ecc_public_key *public_key, 753 void *secret, 754 unsigned long *secret_len) 755 { 756 assert(private_key->ops); 757 758 if (!private_key->ops->shared_secret) 759 return TEE_ERROR_NOT_IMPLEMENTED; 760 761 return private_key->ops->shared_secret(private_key, public_key, secret, 762 secret_len); 763 } 764 765 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key, 766 const uint8_t *src, size_t src_len, 767 uint8_t *dst, size_t *dst_len) 768 { 769 assert(key->ops); 770 771 if (!key->ops->decrypt) 772 return TEE_ERROR_NOT_IMPLEMENTED; 773 774 return key->ops->decrypt(key, src, src_len, dst, dst_len); 775 } 776 777 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key, 778 const uint8_t *src, size_t src_len, 779 uint8_t *dst, size_t *dst_len) 780 { 781 assert(key->ops); 782 783 if (!key->ops->encrypt) 784 return TEE_ERROR_NOT_IMPLEMENTED; 785 786 return key->ops->encrypt(key, src, src_len, dst, dst_len); 787 } 788 789 #if !defined(CFG_CRYPTO_SM2_KEP) 790 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused, 791 struct ecc_keypair *my_eph_key 792 __unused, 793 struct ecc_public_key *peer_key 794 __unused, 795 struct ecc_public_key *peer_eph_key 796 __unused, 797 struct sm2_kep_parms *p __unused) 798 { 799 return TEE_ERROR_NOT_IMPLEMENTED; 800 } 801 #endif 802 803 #if !defined(CFG_CRYPTO_X25519) 804 TEE_Result crypto_acipher_alloc_x25519_keypair(struct x25519_keypair *key 805 __unused, 806 size_t key_size_bits __unused) 807 { 808 return TEE_ERROR_NOT_IMPLEMENTED; 809 } 810 811 TEE_Result crypto_acipher_gen_x25519_key(struct x25519_keypair *key __unused, 812 size_t key_size __unused) 813 { 814 return TEE_ERROR_NOT_IMPLEMENTED; 815 } 816 817 TEE_Result crypto_acipher_x25519_shared_secret(struct x25519_keypair 818 *private_key __unused, 819 void *public_key __unused, 820 void *secret __unused, 821 unsigned long 822 *secret_len __unused) 823 { 824 return TEE_ERROR_NOT_IMPLEMENTED; 825 } 826 #endif 827 828 #if !defined(CFG_CRYPTO_ED25519) 829 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key 830 __unused, 831 size_t key_size_bits __unused) 832 { 833 return TEE_ERROR_NOT_IMPLEMENTED; 834 } 835 836 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key __unused, 837 size_t key_size __unused) 838 { 839 return TEE_ERROR_NOT_IMPLEMENTED; 840 } 841 842 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key __unused, 843 const uint8_t *msg __unused, 844 size_t msg_len __unused, 845 uint8_t *sig __unused, 846 size_t *sig_len __unused) 847 { 848 return TEE_ERROR_NOT_IMPLEMENTED; 849 } 850 851 TEE_Result crypto_acipher_ed25519_verify(struct ed25519_keypair *key __unused, 852 const uint8_t *msg __unused, 853 size_t msg_len __unused, 854 const uint8_t *sig __unused, 855 size_t sig_len __unused) 856 { 857 return TEE_ERROR_NOT_IMPLEMENTED; 858 } 859 860 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key __unused, 861 const uint8_t *msg __unused, 862 size_t msg_len __unused, 863 uint8_t *sig __unused, 864 size_t *sig_len __unused, 865 bool ph_flag __unused, 866 const uint8_t *ctx __unused, 867 size_t ctxlen __unused) 868 { 869 return TEE_ERROR_NOT_IMPLEMENTED; 870 } 871 872 TEE_Result crypto_acipher_ed25519ctx_verify(struct ed25519_keypair *key 873 __unused, 874 const uint8_t *msg __unused, 875 size_t msg_len __unused, 876 const uint8_t *sig __unused, 877 size_t sig_len __unused, 878 bool ph_flag __unused, 879 const uint8_t *ctx __unused, 880 size_t ctxlen __unused) 881 { 882 return TEE_ERROR_NOT_IMPLEMENTED; 883 } 884 #endif 885 886 __weak TEE_Result crypto_storage_obj_del(struct tee_obj *obj __unused) 887 { 888 return TEE_ERROR_NOT_IMPLEMENTED; 889 } 890