1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 * Copyright 2020 NXP 5 */ 6 7 #include <assert.h> 8 #include <compiler.h> 9 #include <crypto/crypto.h> 10 #include <crypto/crypto_impl.h> 11 #include <kernel/panic.h> 12 #include <stdlib.h> 13 #include <string.h> 14 #include <utee_defines.h> 15 16 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 17 { 18 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 19 struct crypto_hash_ctx *c = NULL; 20 21 /* 22 * Use default cryptographic implementation if no matching 23 * drvcrypt device. 24 */ 25 res = drvcrypt_hash_alloc_ctx(&c, algo); 26 27 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 28 switch (algo) { 29 case TEE_ALG_MD5: 30 res = crypto_md5_alloc_ctx(&c); 31 break; 32 case TEE_ALG_SHA1: 33 res = crypto_sha1_alloc_ctx(&c); 34 break; 35 case TEE_ALG_SHA224: 36 res = crypto_sha224_alloc_ctx(&c); 37 break; 38 case TEE_ALG_SHA256: 39 res = crypto_sha256_alloc_ctx(&c); 40 break; 41 case TEE_ALG_SHA384: 42 res = crypto_sha384_alloc_ctx(&c); 43 break; 44 case TEE_ALG_SHA512: 45 res = crypto_sha512_alloc_ctx(&c); 46 break; 47 case TEE_ALG_SM3: 48 res = crypto_sm3_alloc_ctx(&c); 49 break; 50 default: 51 break; 52 } 53 } 54 55 if (!res) 56 *ctx = c; 57 58 return res; 59 } 60 61 static const struct crypto_hash_ops *hash_ops(void *ctx) 62 { 63 struct crypto_hash_ctx *c = ctx; 64 65 assert(c && c->ops); 66 67 return c->ops; 68 } 69 70 void crypto_hash_free_ctx(void *ctx) 71 { 72 if (ctx) 73 hash_ops(ctx)->free_ctx(ctx); 74 } 75 76 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 77 { 78 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 79 } 80 81 TEE_Result crypto_hash_init(void *ctx) 82 { 83 return hash_ops(ctx)->init(ctx); 84 } 85 86 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 87 { 88 return hash_ops(ctx)->update(ctx, data, len); 89 } 90 91 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 92 { 93 return hash_ops(ctx)->final(ctx, digest, len); 94 } 95 96 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 97 { 98 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 99 struct crypto_cipher_ctx *c = NULL; 100 101 /* 102 * Use default cryptographic implementation if no matching 103 * drvcrypt device. 104 */ 105 res = drvcrypt_cipher_alloc_ctx(&c, algo); 106 107 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 108 switch (algo) { 109 case TEE_ALG_AES_ECB_NOPAD: 110 res = crypto_aes_ecb_alloc_ctx(&c); 111 break; 112 case TEE_ALG_AES_CBC_NOPAD: 113 res = crypto_aes_cbc_alloc_ctx(&c); 114 break; 115 case TEE_ALG_AES_CTR: 116 res = crypto_aes_ctr_alloc_ctx(&c); 117 break; 118 case TEE_ALG_AES_CTS: 119 res = crypto_aes_cts_alloc_ctx(&c); 120 break; 121 case TEE_ALG_AES_XTS: 122 res = crypto_aes_xts_alloc_ctx(&c); 123 break; 124 case TEE_ALG_DES_ECB_NOPAD: 125 res = crypto_des_ecb_alloc_ctx(&c); 126 break; 127 case TEE_ALG_DES3_ECB_NOPAD: 128 res = crypto_des3_ecb_alloc_ctx(&c); 129 break; 130 case TEE_ALG_DES_CBC_NOPAD: 131 res = crypto_des_cbc_alloc_ctx(&c); 132 break; 133 case TEE_ALG_DES3_CBC_NOPAD: 134 res = crypto_des3_cbc_alloc_ctx(&c); 135 break; 136 case TEE_ALG_SM4_ECB_NOPAD: 137 res = crypto_sm4_ecb_alloc_ctx(&c); 138 break; 139 case TEE_ALG_SM4_CBC_NOPAD: 140 res = crypto_sm4_cbc_alloc_ctx(&c); 141 break; 142 case TEE_ALG_SM4_CTR: 143 res = crypto_sm4_ctr_alloc_ctx(&c); 144 break; 145 default: 146 return TEE_ERROR_NOT_IMPLEMENTED; 147 } 148 } 149 150 if (!res) 151 *ctx = c; 152 153 return res; 154 } 155 156 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 157 { 158 struct crypto_cipher_ctx *c = ctx; 159 160 assert(c && c->ops); 161 162 return c->ops; 163 } 164 165 void crypto_cipher_free_ctx(void *ctx) 166 { 167 if (ctx) 168 cipher_ops(ctx)->free_ctx(ctx); 169 } 170 171 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx) 172 { 173 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 174 } 175 176 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode, 177 const uint8_t *key1, size_t key1_len, 178 const uint8_t *key2, size_t key2_len, 179 const uint8_t *iv, size_t iv_len) 180 { 181 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 182 return TEE_ERROR_BAD_PARAMETERS; 183 184 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 185 iv, iv_len); 186 } 187 188 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused, 189 bool last_block, const uint8_t *data, 190 size_t len, uint8_t *dst) 191 { 192 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 193 } 194 195 void crypto_cipher_final(void *ctx) 196 { 197 cipher_ops(ctx)->final(ctx); 198 } 199 200 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 201 { 202 uint32_t class = TEE_ALG_GET_CLASS(algo); 203 204 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 205 class != TEE_OPERATION_AE) 206 return TEE_ERROR_BAD_PARAMETERS; 207 208 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 209 case TEE_MAIN_ALGO_AES: 210 *size = TEE_AES_BLOCK_SIZE; 211 return TEE_SUCCESS; 212 case TEE_MAIN_ALGO_DES: 213 case TEE_MAIN_ALGO_DES3: 214 *size = TEE_DES_BLOCK_SIZE; 215 return TEE_SUCCESS; 216 case TEE_MAIN_ALGO_SM4: 217 *size = TEE_SM4_BLOCK_SIZE; 218 return TEE_SUCCESS; 219 default: 220 return TEE_ERROR_NOT_SUPPORTED; 221 } 222 } 223 224 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 225 { 226 TEE_Result res = TEE_SUCCESS; 227 struct crypto_mac_ctx *c = NULL; 228 229 /* 230 * Use default cryptographic implementation if no matching 231 * drvcrypt device. 232 */ 233 res = drvcrypt_mac_alloc_ctx(&c, algo); 234 235 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 236 switch (algo) { 237 case TEE_ALG_HMAC_MD5: 238 res = crypto_hmac_md5_alloc_ctx(&c); 239 break; 240 case TEE_ALG_HMAC_SHA1: 241 res = crypto_hmac_sha1_alloc_ctx(&c); 242 break; 243 case TEE_ALG_HMAC_SHA224: 244 res = crypto_hmac_sha224_alloc_ctx(&c); 245 break; 246 case TEE_ALG_HMAC_SHA256: 247 res = crypto_hmac_sha256_alloc_ctx(&c); 248 break; 249 case TEE_ALG_HMAC_SHA384: 250 res = crypto_hmac_sha384_alloc_ctx(&c); 251 break; 252 case TEE_ALG_HMAC_SHA512: 253 res = crypto_hmac_sha512_alloc_ctx(&c); 254 break; 255 case TEE_ALG_HMAC_SM3: 256 res = crypto_hmac_sm3_alloc_ctx(&c); 257 break; 258 case TEE_ALG_AES_CBC_MAC_NOPAD: 259 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 260 break; 261 case TEE_ALG_AES_CBC_MAC_PKCS5: 262 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 263 break; 264 case TEE_ALG_DES_CBC_MAC_NOPAD: 265 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 266 break; 267 case TEE_ALG_DES_CBC_MAC_PKCS5: 268 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 269 break; 270 case TEE_ALG_DES3_CBC_MAC_NOPAD: 271 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 272 break; 273 case TEE_ALG_DES3_CBC_MAC_PKCS5: 274 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 275 break; 276 case TEE_ALG_AES_CMAC: 277 res = crypto_aes_cmac_alloc_ctx(&c); 278 break; 279 default: 280 return TEE_ERROR_NOT_SUPPORTED; 281 } 282 } 283 284 if (!res) 285 *ctx = c; 286 287 return res; 288 } 289 290 static const struct crypto_mac_ops *mac_ops(void *ctx) 291 { 292 struct crypto_mac_ctx *c = ctx; 293 294 assert(c && c->ops); 295 296 return c->ops; 297 } 298 299 void crypto_mac_free_ctx(void *ctx) 300 { 301 if (ctx) 302 mac_ops(ctx)->free_ctx(ctx); 303 } 304 305 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx) 306 { 307 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 308 } 309 310 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len) 311 { 312 return mac_ops(ctx)->init(ctx, key, len); 313 } 314 315 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len) 316 { 317 if (!len) 318 return TEE_SUCCESS; 319 320 return mac_ops(ctx)->update(ctx, data, len); 321 } 322 323 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len) 324 { 325 return mac_ops(ctx)->final(ctx, digest, digest_len); 326 } 327 328 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 329 { 330 TEE_Result res = TEE_SUCCESS; 331 struct crypto_authenc_ctx *c = NULL; 332 333 switch (algo) { 334 #if defined(CFG_CRYPTO_CCM) 335 case TEE_ALG_AES_CCM: 336 res = crypto_aes_ccm_alloc_ctx(&c); 337 break; 338 #endif 339 #if defined(CFG_CRYPTO_GCM) 340 case TEE_ALG_AES_GCM: 341 res = crypto_aes_gcm_alloc_ctx(&c); 342 break; 343 #endif 344 default: 345 return TEE_ERROR_NOT_IMPLEMENTED; 346 } 347 348 if (!res) 349 *ctx = c; 350 351 return res; 352 } 353 354 static const struct crypto_authenc_ops *ae_ops(void *ctx) 355 { 356 struct crypto_authenc_ctx *c = ctx; 357 358 assert(c && c->ops); 359 360 return c->ops; 361 } 362 363 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode, 364 const uint8_t *key, size_t key_len, 365 const uint8_t *nonce, size_t nonce_len, 366 size_t tag_len, size_t aad_len, 367 size_t payload_len) 368 { 369 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 370 tag_len, aad_len, payload_len); 371 } 372 373 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused, 374 const uint8_t *data, size_t len) 375 { 376 return ae_ops(ctx)->update_aad(ctx, data, len); 377 } 378 379 380 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode, 381 const uint8_t *src_data, 382 size_t src_len, uint8_t *dst_data, 383 size_t *dst_len) 384 { 385 if (*dst_len < src_len) 386 return TEE_ERROR_SHORT_BUFFER; 387 *dst_len = src_len; 388 389 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 390 dst_data); 391 } 392 393 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data, 394 size_t src_len, uint8_t *dst_data, 395 size_t *dst_len, uint8_t *dst_tag, 396 size_t *dst_tag_len) 397 { 398 if (*dst_len < src_len) 399 return TEE_ERROR_SHORT_BUFFER; 400 *dst_len = src_len; 401 402 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 403 dst_tag, dst_tag_len); 404 } 405 406 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data, 407 size_t src_len, uint8_t *dst_data, 408 size_t *dst_len, const uint8_t *tag, 409 size_t tag_len) 410 { 411 if (*dst_len < src_len) 412 return TEE_ERROR_SHORT_BUFFER; 413 *dst_len = src_len; 414 415 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 416 tag_len); 417 } 418 419 void crypto_authenc_final(void *ctx) 420 { 421 ae_ops(ctx)->final(ctx); 422 } 423 424 void crypto_authenc_free_ctx(void *ctx) 425 { 426 if (ctx) 427 ae_ops(ctx)->free_ctx(ctx); 428 } 429 430 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx) 431 { 432 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 433 } 434 435 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 436 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 437 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 438 { 439 return NULL; 440 } 441 442 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 443 size_t fromsize __unused, 444 struct bignum *to __unused) 445 { 446 return TEE_ERROR_NOT_IMPLEMENTED; 447 } 448 449 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 450 { 451 return 0; 452 } 453 454 size_t crypto_bignum_num_bits(struct bignum *a __unused) 455 { 456 return 0; 457 } 458 459 /* 460 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 461 * enough to guarantee that the functions calling this function aren't 462 * called, but just in case add a panic() here to avoid unexpected 463 * behavoir. 464 */ 465 static void bignum_cant_happen(void) 466 { 467 volatile bool b = true; 468 469 /* Avoid warning about function does not return */ 470 if (b) 471 panic(); 472 } 473 474 void crypto_bignum_bn2bin(const struct bignum *from __unused, 475 uint8_t *to __unused) 476 { 477 bignum_cant_happen(); 478 } 479 480 void crypto_bignum_copy(struct bignum *to __unused, 481 const struct bignum *from __unused) 482 { 483 bignum_cant_happen(); 484 } 485 486 void crypto_bignum_free(struct bignum *a) 487 { 488 if (a) 489 panic(); 490 } 491 492 void crypto_bignum_clear(struct bignum *a __unused) 493 { 494 bignum_cant_happen(); 495 } 496 497 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 498 int32_t crypto_bignum_compare(struct bignum *a __unused, 499 struct bignum *b __unused) 500 { 501 bignum_cant_happen(); 502 return -1; 503 } 504 #endif 505 506 #if !defined(CFG_CRYPTO_RSA) 507 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 508 size_t key_size_bits __unused) 509 { 510 return TEE_ERROR_NOT_IMPLEMENTED; 511 } 512 513 TEE_Result 514 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 515 size_t key_size_bits __unused) 516 { 517 return TEE_ERROR_NOT_IMPLEMENTED; 518 } 519 520 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 521 { 522 } 523 524 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused) 525 { 526 } 527 528 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 529 size_t key_size __unused) 530 { 531 return TEE_ERROR_NOT_IMPLEMENTED; 532 } 533 534 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 535 const uint8_t *src __unused, 536 size_t src_len __unused, 537 uint8_t *dst __unused, 538 size_t *dst_len __unused) 539 { 540 return TEE_ERROR_NOT_IMPLEMENTED; 541 } 542 543 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 544 const uint8_t *src __unused, 545 size_t src_len __unused, 546 uint8_t *dst __unused, 547 size_t *dst_len __unused) 548 { 549 return TEE_ERROR_NOT_IMPLEMENTED; 550 } 551 552 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 553 struct rsa_keypair *key __unused, 554 const uint8_t *label __unused, 555 size_t label_len __unused, 556 const uint8_t *src __unused, 557 size_t src_len __unused, 558 uint8_t *dst __unused, 559 size_t *dst_len __unused) 560 { 561 return TEE_ERROR_NOT_IMPLEMENTED; 562 } 563 564 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 565 struct rsa_public_key *key __unused, 566 const uint8_t *label __unused, 567 size_t label_len __unused, 568 const uint8_t *src __unused, 569 size_t src_len __unused, 570 uint8_t *dst __unused, 571 size_t *dst_len __unused) 572 { 573 return TEE_ERROR_NOT_IMPLEMENTED; 574 } 575 576 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 577 struct rsa_keypair *key __unused, 578 int salt_len __unused, 579 const uint8_t *msg __unused, 580 size_t msg_len __unused, 581 uint8_t *sig __unused, 582 size_t *sig_len __unused) 583 { 584 return TEE_ERROR_NOT_IMPLEMENTED; 585 } 586 587 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 588 struct rsa_public_key *key __unused, 589 int salt_len __unused, 590 const uint8_t *msg __unused, 591 size_t msg_len __unused, 592 const uint8_t *sig __unused, 593 size_t sig_len __unused) 594 { 595 return TEE_ERROR_NOT_IMPLEMENTED; 596 } 597 #endif /*!CFG_CRYPTO_RSA*/ 598 599 #if !defined(CFG_CRYPTO_DSA) 600 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 601 size_t key_size_bits __unused) 602 { 603 return TEE_ERROR_NOT_IMPLEMENTED; 604 } 605 606 TEE_Result 607 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 608 size_t key_size_bits __unused) 609 { 610 return TEE_ERROR_NOT_IMPLEMENTED; 611 } 612 613 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 614 size_t key_size __unused) 615 { 616 return TEE_ERROR_NOT_IMPLEMENTED; 617 } 618 619 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 620 struct dsa_keypair *key __unused, 621 const uint8_t *msg __unused, 622 size_t msg_len __unused, 623 uint8_t *sig __unused, 624 size_t *sig_len __unused) 625 { 626 return TEE_ERROR_NOT_IMPLEMENTED; 627 } 628 629 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 630 struct dsa_public_key *key __unused, 631 const uint8_t *msg __unused, 632 size_t msg_len __unused, 633 const uint8_t *sig __unused, 634 size_t sig_len __unused) 635 { 636 return TEE_ERROR_NOT_IMPLEMENTED; 637 } 638 #endif /*!CFG_CRYPTO_DSA*/ 639 640 #if !defined(CFG_CRYPTO_DH) 641 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 642 size_t key_size_bits __unused) 643 { 644 return TEE_ERROR_NOT_IMPLEMENTED; 645 } 646 647 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 648 struct bignum *q __unused, 649 size_t xbits __unused, 650 size_t key_size __unused) 651 { 652 return TEE_ERROR_NOT_IMPLEMENTED; 653 } 654 655 TEE_Result 656 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 657 struct bignum *public_key __unused, 658 struct bignum *secret __unused) 659 { 660 return TEE_ERROR_NOT_IMPLEMENTED; 661 } 662 #endif /*!CFG_CRYPTO_DH*/ 663 664 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key, 665 uint32_t key_type, 666 size_t key_size_bits) 667 { 668 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 669 670 /* 671 * Use default cryptographic implementation if no matching 672 * drvcrypt device. 673 */ 674 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits); 675 if (res == TEE_ERROR_NOT_IMPLEMENTED) 676 res = crypto_asym_alloc_ecc_public_key(key, key_type, 677 key_size_bits); 678 679 return res; 680 } 681 682 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key, 683 uint32_t key_type, 684 size_t key_size_bits) 685 { 686 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 687 688 /* 689 * Use default cryptographic implementation if no matching 690 * drvcrypt device. 691 */ 692 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits); 693 if (res == TEE_ERROR_NOT_IMPLEMENTED) 694 res = crypto_asym_alloc_ecc_keypair(key, key_type, 695 key_size_bits); 696 697 return res; 698 } 699 700 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key) 701 { 702 assert(key->ops && key->ops->free); 703 704 key->ops->free(key); 705 } 706 707 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key, 708 size_t key_size_bits) 709 { 710 assert(key->ops && key->ops->generate); 711 712 return key->ops->generate(key, key_size_bits); 713 } 714 715 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key, 716 const uint8_t *msg, size_t msg_len, 717 uint8_t *sig, size_t *sig_len) 718 { 719 assert(key->ops); 720 721 if (!key->ops->sign) 722 return TEE_ERROR_NOT_IMPLEMENTED; 723 724 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len); 725 } 726 727 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key, 728 const uint8_t *msg, size_t msg_len, 729 const uint8_t *sig, size_t sig_len) 730 { 731 assert(key->ops); 732 733 if (!key->ops->verify) 734 return TEE_ERROR_NOT_IMPLEMENTED; 735 736 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len); 737 } 738 739 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key, 740 struct ecc_public_key *public_key, 741 void *secret, 742 unsigned long *secret_len) 743 { 744 assert(private_key->ops); 745 746 if (!private_key->ops->shared_secret) 747 return TEE_ERROR_NOT_IMPLEMENTED; 748 749 return private_key->ops->shared_secret(private_key, public_key, secret, 750 secret_len); 751 } 752 753 #if !defined(CFG_CRYPTO_SM2_PKE) 754 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key __unused, 755 const uint8_t *src __unused, 756 size_t src_len __unused, 757 uint8_t *dst __unused, 758 size_t *dst_len __unused) 759 { 760 return TEE_ERROR_NOT_IMPLEMENTED; 761 } 762 763 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key __unused, 764 const uint8_t *src __unused, 765 size_t src_len __unused, 766 uint8_t *dst __unused, 767 size_t *dst_len __unused) 768 { 769 return TEE_ERROR_NOT_IMPLEMENTED; 770 } 771 #endif /* !CFG_CRYPTO_SM2_PKE */ 772 773 #if !defined(CFG_CRYPTO_SM2_DSA) 774 TEE_Result crypto_acipher_sm2_dsa_sign(uint32_t algo __unused, 775 struct ecc_keypair *key __unused, 776 const uint8_t *msg __unused, 777 size_t msg_len __unused, 778 uint8_t *sig __unused, 779 size_t *sig_len __unused) 780 { 781 return TEE_ERROR_NOT_IMPLEMENTED; 782 } 783 784 TEE_Result crypto_acipher_sm2_dsa_verify(uint32_t algo __unused, 785 struct ecc_public_key *key __unused, 786 const uint8_t *msg __unused, 787 size_t msg_len __unused, 788 const uint8_t *sig __unused, 789 size_t sig_len __unused) 790 { 791 return TEE_ERROR_NOT_IMPLEMENTED; 792 } 793 #endif /* !CFG_CRYPTO_SM2_DSA */ 794 #if !defined(CFG_CRYPTO_SM2_KEP) 795 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused, 796 struct ecc_keypair *my_eph_key 797 __unused, 798 struct ecc_public_key *peer_key 799 __unused, 800 struct ecc_public_key *peer_eph_key 801 __unused, 802 struct sm2_kep_parms *p __unused) 803 { 804 return TEE_ERROR_NOT_IMPLEMENTED; 805 } 806 #endif 807