1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/aes-ccm.h> 9 #include <crypto/aes-gcm.h> 10 #include <crypto/crypto.h> 11 #include <kernel/panic.h> 12 #include <stdlib.h> 13 #include <string.h> 14 15 #if !defined(_CFG_CRYPTO_WITH_HASH) 16 TEE_Result crypto_hash_alloc_ctx(void **ctx __unused, uint32_t algo __unused) 17 { 18 return TEE_ERROR_NOT_IMPLEMENTED; 19 } 20 21 void crypto_hash_free_ctx(void *ctx __unused, uint32_t algo __unused) 22 { 23 assert(0); 24 } 25 26 void crypto_hash_copy_state(void *dst_ctx __unused, void *src_ctx __unused, 27 uint32_t algo __unused) 28 { 29 assert(0); 30 } 31 32 TEE_Result crypto_hash_init(void *ctx __unused, uint32_t algo __unused) 33 { 34 return TEE_ERROR_NOT_IMPLEMENTED; 35 } 36 TEE_Result crypto_hash_update(void *ctx __unused, uint32_t algo __unused, 37 const uint8_t *data __unused, size_t len __unused) 38 { 39 return TEE_ERROR_NOT_IMPLEMENTED; 40 } 41 TEE_Result crypto_hash_final(void *ctx __unused, uint32_t algo __unused, 42 uint8_t *digest __unused, size_t len __unused) 43 { 44 return TEE_ERROR_NOT_IMPLEMENTED; 45 } 46 #endif /*_CFG_CRYPTO_WITH_HASH*/ 47 48 #if !defined(_CFG_CRYPTO_WITH_CIPHER) 49 TEE_Result crypto_cipher_alloc_ctx(void **ctx __unused, uint32_t algo __unused) 50 { 51 return TEE_ERROR_NOT_IMPLEMENTED; 52 } 53 54 void crypto_cipher_free_ctx(void *ctx __unused, uint32_t algo __unused) 55 { 56 assert(0); 57 } 58 59 void crypto_cipher_copy_state(void *dst_ctx __unused, void *src_ctx __unused, 60 uint32_t algo __unused) 61 { 62 assert(0); 63 } 64 65 TEE_Result crypto_cipher_init(void *ctx __unused, uint32_t algo __unused, 66 TEE_OperationMode mode __unused, 67 const uint8_t *key1 __unused, 68 size_t key1_len __unused, 69 const uint8_t *key2 __unused, 70 size_t key2_len __unused, 71 const uint8_t *iv __unused, 72 size_t iv_len __unused) 73 { 74 return TEE_ERROR_NOT_IMPLEMENTED; 75 } 76 77 TEE_Result crypto_cipher_update(void *ctx __unused, uint32_t algo __unused, 78 TEE_OperationMode mode __unused, 79 bool last_block __unused, 80 const uint8_t *data __unused, 81 size_t len __unused, uint8_t *dst __unused) 82 { 83 return TEE_ERROR_NOT_IMPLEMENTED; 84 } 85 86 void crypto_cipher_final(void *ctx __unused, uint32_t algo __unused) 87 { 88 } 89 90 TEE_Result crypto_cipher_get_block_size(uint32_t algo __unused, 91 size_t *size __unused) 92 { 93 return TEE_ERROR_NOT_IMPLEMENTED; 94 } 95 #endif /*_CFG_CRYPTO_WITH_CIPHER*/ 96 97 #if !defined(_CFG_CRYPTO_WITH_MAC) 98 TEE_Result crypto_mac_alloc_ctx(void **ctx __unused, uint32_t algo __unused) 99 { 100 return TEE_ERROR_NOT_IMPLEMENTED; 101 } 102 103 void crypto_mac_free_ctx(void *ctx __unused, uint32_t algo __unused) 104 { 105 assert(0); 106 } 107 108 void crypto_mac_copy_state(void *dst_ctx __unused, void *src_ctx __unused, 109 uint32_t algo __unused) 110 { 111 assert(0); 112 } 113 114 TEE_Result crypto_mac_init(void *ctx __unused, uint32_t algo __unused, 115 const uint8_t *key __unused, size_t len __unused) 116 { 117 return TEE_ERROR_NOT_IMPLEMENTED; 118 } 119 120 TEE_Result crypto_mac_update(void *ctx __unused, uint32_t algo __unused, 121 const uint8_t *data __unused, size_t len __unused) 122 { 123 return TEE_ERROR_NOT_IMPLEMENTED; 124 } 125 126 TEE_Result crypto_mac_final(void *ctx __unused, uint32_t algo __unused, 127 uint8_t *digest __unused, 128 size_t digest_len __unused) 129 { 130 return TEE_ERROR_NOT_IMPLEMENTED; 131 } 132 #endif /*_CFG_CRYPTO_WITH_MAC*/ 133 134 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 135 { 136 switch (algo) { 137 #if defined(CFG_CRYPTO_CCM) 138 case TEE_ALG_AES_CCM: 139 return crypto_aes_ccm_alloc_ctx(ctx); 140 #endif 141 #if defined(CFG_CRYPTO_GCM) 142 case TEE_ALG_AES_GCM: 143 return crypto_aes_gcm_alloc_ctx(ctx); 144 #endif 145 default: 146 return TEE_ERROR_NOT_IMPLEMENTED; 147 } 148 } 149 150 void crypto_authenc_free_ctx(void *ctx, uint32_t algo) 151 { 152 switch (algo) { 153 #if defined(CFG_CRYPTO_CCM) 154 case TEE_ALG_AES_CCM: 155 crypto_aes_ccm_free_ctx(ctx); 156 break; 157 #endif 158 #if defined(CFG_CRYPTO_GCM) 159 case TEE_ALG_AES_GCM: 160 crypto_aes_gcm_free_ctx(ctx); 161 break; 162 #endif 163 default: 164 assert(0); 165 } 166 } 167 168 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo) 169 { 170 switch (algo) { 171 #if defined(CFG_CRYPTO_CCM) 172 case TEE_ALG_AES_CCM: 173 crypto_aes_ccm_copy_state(dst_ctx, src_ctx); 174 break; 175 #endif 176 #if defined(CFG_CRYPTO_GCM) 177 case TEE_ALG_AES_GCM: 178 crypto_aes_gcm_copy_state(dst_ctx, src_ctx); 179 break; 180 #endif 181 default: 182 assert(0); 183 } 184 } 185 186 TEE_Result crypto_authenc_init(void *ctx __maybe_unused, 187 uint32_t algo __maybe_unused, 188 TEE_OperationMode mode __maybe_unused, 189 const uint8_t *key __maybe_unused, 190 size_t key_len __maybe_unused, 191 const uint8_t *nonce __maybe_unused, 192 size_t nonce_len __maybe_unused, 193 size_t tag_len __maybe_unused, 194 size_t aad_len __maybe_unused, 195 size_t payload_len __maybe_unused) 196 { 197 switch (algo) { 198 #if defined(CFG_CRYPTO_CCM) 199 case TEE_ALG_AES_CCM: 200 return crypto_aes_ccm_init(ctx, mode, key, key_len, nonce, 201 nonce_len, tag_len, aad_len, 202 payload_len); 203 #endif 204 #if defined(CFG_CRYPTO_GCM) 205 case TEE_ALG_AES_GCM: 206 return crypto_aes_gcm_init(ctx, mode, key, key_len, nonce, 207 nonce_len, tag_len); 208 #endif 209 default: 210 return TEE_ERROR_NOT_IMPLEMENTED; 211 } 212 } 213 214 TEE_Result crypto_authenc_update_aad(void *ctx __maybe_unused, 215 uint32_t algo __maybe_unused, 216 TEE_OperationMode mode __unused, 217 const uint8_t *data __maybe_unused, 218 size_t len __maybe_unused) 219 { 220 switch (algo) { 221 #if defined(CFG_CRYPTO_CCM) 222 case TEE_ALG_AES_CCM: 223 return crypto_aes_ccm_update_aad(ctx, data, len); 224 #endif 225 #if defined(CFG_CRYPTO_GCM) 226 case TEE_ALG_AES_GCM: 227 return crypto_aes_gcm_update_aad(ctx, data, len); 228 #endif 229 default: 230 return TEE_ERROR_NOT_IMPLEMENTED; 231 } 232 } 233 234 TEE_Result crypto_authenc_update_payload(void *ctx __maybe_unused, 235 uint32_t algo __maybe_unused, 236 TEE_OperationMode mode __maybe_unused, 237 const uint8_t *src_data __maybe_unused, 238 size_t src_len __maybe_unused, 239 uint8_t *dst_data __maybe_unused, 240 size_t *dst_len __maybe_unused) 241 { 242 size_t dl = *dst_len; 243 244 *dst_len = src_len; 245 if (dl < src_len) 246 return TEE_ERROR_SHORT_BUFFER; 247 248 switch (algo) { 249 #if defined(CFG_CRYPTO_CCM) 250 case TEE_ALG_AES_CCM: 251 return crypto_aes_ccm_update_payload(ctx, mode, src_data, 252 src_len, dst_data); 253 #endif 254 #if defined(CFG_CRYPTO_GCM) 255 case TEE_ALG_AES_GCM: 256 return crypto_aes_gcm_update_payload(ctx, mode, src_data, 257 src_len, dst_data); 258 #endif 259 default: 260 return TEE_ERROR_NOT_IMPLEMENTED; 261 } 262 } 263 264 TEE_Result crypto_authenc_enc_final(void *ctx __maybe_unused, 265 uint32_t algo __maybe_unused, 266 const uint8_t *src_data __maybe_unused, 267 size_t src_len __maybe_unused, 268 uint8_t *dst_data __maybe_unused, 269 size_t *dst_len __maybe_unused, 270 uint8_t *dst_tag __maybe_unused, 271 size_t *dst_tag_len __maybe_unused) 272 { 273 size_t dl = *dst_len; 274 275 *dst_len = src_len; 276 if (dl < src_len) 277 return TEE_ERROR_SHORT_BUFFER; 278 279 switch (algo) { 280 #if defined(CFG_CRYPTO_CCM) 281 case TEE_ALG_AES_CCM: 282 return crypto_aes_ccm_enc_final(ctx, src_data, src_len, 283 dst_data, dst_tag, dst_tag_len); 284 #endif 285 #if defined(CFG_CRYPTO_GCM) 286 case TEE_ALG_AES_GCM: 287 return crypto_aes_gcm_enc_final(ctx, src_data, src_len, 288 dst_data, dst_tag, dst_tag_len); 289 #endif 290 default: 291 return TEE_ERROR_NOT_IMPLEMENTED; 292 } 293 } 294 295 TEE_Result crypto_authenc_dec_final(void *ctx __maybe_unused, 296 uint32_t algo __maybe_unused, 297 const uint8_t *src_data __maybe_unused, 298 size_t src_len __maybe_unused, 299 uint8_t *dst_data __maybe_unused, 300 size_t *dst_len __maybe_unused, 301 const uint8_t *tag __maybe_unused, 302 size_t tag_len __maybe_unused) 303 { 304 size_t dl = *dst_len; 305 306 *dst_len = src_len; 307 if (dl < src_len) 308 return TEE_ERROR_SHORT_BUFFER; 309 310 switch (algo) { 311 #if defined(CFG_CRYPTO_CCM) 312 case TEE_ALG_AES_CCM: 313 return crypto_aes_ccm_dec_final(ctx, src_data, src_len, 314 dst_data, tag, tag_len); 315 #endif 316 #if defined(CFG_CRYPTO_GCM) 317 case TEE_ALG_AES_GCM: 318 return crypto_aes_gcm_dec_final(ctx, src_data, src_len, 319 dst_data, tag, tag_len); 320 #endif 321 default: 322 return TEE_ERROR_NOT_IMPLEMENTED; 323 } 324 } 325 326 void crypto_authenc_final(void *ctx __maybe_unused, 327 uint32_t algo __maybe_unused) 328 { 329 switch (algo) { 330 #if defined(CFG_CRYPTO_CCM) 331 case TEE_ALG_AES_CCM: 332 crypto_aes_ccm_final(ctx); 333 break; 334 #endif 335 #if defined(CFG_CRYPTO_GCM) 336 case TEE_ALG_AES_GCM: 337 crypto_aes_gcm_final(ctx); 338 break; 339 #endif 340 default: 341 break; 342 } 343 } 344 345 #if !defined(_CFG_CRYPTO_WITH_ACIPHER) 346 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 347 { 348 return NULL; 349 } 350 351 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 352 size_t fromsize __unused, 353 struct bignum *to __unused) 354 { 355 return TEE_ERROR_NOT_IMPLEMENTED; 356 } 357 358 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 359 { 360 return 0; 361 } 362 363 size_t crypto_bignum_num_bits(struct bignum *a __unused) 364 { 365 return 0; 366 } 367 368 /* 369 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 370 * enough to guarantee that the functions calling this function aren't 371 * called, but just in case add a panic() here to avoid unexpected 372 * behavoir. 373 */ 374 static void bignum_cant_happen(void) 375 { 376 volatile bool b = true; 377 378 /* Avoid warning about function does not return */ 379 if (b) 380 panic(); 381 } 382 383 void crypto_bignum_bn2bin(const struct bignum *from __unused, 384 uint8_t *to __unused) 385 { 386 bignum_cant_happen(); 387 } 388 389 void crypto_bignum_copy(struct bignum *to __unused, 390 const struct bignum *from __unused) 391 { 392 bignum_cant_happen(); 393 } 394 395 void crypto_bignum_free(struct bignum *a) 396 { 397 if (a) 398 panic(); 399 } 400 401 void crypto_bignum_clear(struct bignum *a __unused) 402 { 403 bignum_cant_happen(); 404 } 405 406 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 407 int32_t crypto_bignum_compare(struct bignum *a __unused, 408 struct bignum *b __unused) 409 { 410 bignum_cant_happen(); 411 return -1; 412 } 413 #endif /*!_CFG_CRYPTO_WITH_ACIPHER*/ 414 415 #if !defined(CFG_CRYPTO_RSA) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 416 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 417 size_t key_size_bits __unused) 418 { 419 return TEE_ERROR_NOT_IMPLEMENTED; 420 } 421 422 TEE_Result 423 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 424 size_t key_size_bits __unused) 425 { 426 return TEE_ERROR_NOT_IMPLEMENTED; 427 } 428 429 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 430 { 431 } 432 433 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 434 size_t key_size __unused) 435 { 436 return TEE_ERROR_NOT_IMPLEMENTED; 437 } 438 439 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 440 const uint8_t *src __unused, 441 size_t src_len __unused, 442 uint8_t *dst __unused, 443 size_t *dst_len __unused) 444 { 445 return TEE_ERROR_NOT_IMPLEMENTED; 446 } 447 448 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 449 const uint8_t *src __unused, 450 size_t src_len __unused, 451 uint8_t *dst __unused, 452 size_t *dst_len __unused) 453 { 454 return TEE_ERROR_NOT_IMPLEMENTED; 455 } 456 457 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 458 struct rsa_keypair *key __unused, 459 const uint8_t *label __unused, 460 size_t label_len __unused, 461 const uint8_t *src __unused, 462 size_t src_len __unused, 463 uint8_t *dst __unused, 464 size_t *dst_len __unused) 465 { 466 return TEE_ERROR_NOT_IMPLEMENTED; 467 } 468 469 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 470 struct rsa_public_key *key __unused, 471 const uint8_t *label __unused, 472 size_t label_len __unused, 473 const uint8_t *src __unused, 474 size_t src_len __unused, 475 uint8_t *dst __unused, 476 size_t *dst_len __unused) 477 { 478 return TEE_ERROR_NOT_IMPLEMENTED; 479 } 480 481 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 482 struct rsa_keypair *key __unused, 483 int salt_len __unused, 484 const uint8_t *msg __unused, 485 size_t msg_len __unused, 486 uint8_t *sig __unused, 487 size_t *sig_len __unused) 488 { 489 return TEE_ERROR_NOT_IMPLEMENTED; 490 } 491 492 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 493 struct rsa_public_key *key __unused, 494 int salt_len __unused, 495 const uint8_t *msg __unused, 496 size_t msg_len __unused, 497 const uint8_t *sig __unused, 498 size_t sig_len __unused) 499 { 500 return TEE_ERROR_NOT_IMPLEMENTED; 501 } 502 #endif /*!CFG_CRYPTO_RSA || !_CFG_CRYPTO_WITH_ACIPHER*/ 503 504 #if !defined(CFG_CRYPTO_DSA) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 505 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 506 size_t key_size_bits __unused) 507 { 508 return TEE_ERROR_NOT_IMPLEMENTED; 509 } 510 511 TEE_Result 512 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 513 size_t key_size_bits __unused) 514 { 515 return TEE_ERROR_NOT_IMPLEMENTED; 516 } 517 518 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 519 size_t key_size __unused) 520 { 521 return TEE_ERROR_NOT_IMPLEMENTED; 522 } 523 524 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 525 struct dsa_keypair *key __unused, 526 const uint8_t *msg __unused, 527 size_t msg_len __unused, 528 uint8_t *sig __unused, 529 size_t *sig_len __unused) 530 { 531 return TEE_ERROR_NOT_IMPLEMENTED; 532 } 533 534 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 535 struct dsa_public_key *key __unused, 536 const uint8_t *msg __unused, 537 size_t msg_len __unused, 538 const uint8_t *sig __unused, 539 size_t sig_len __unused) 540 { 541 return TEE_ERROR_NOT_IMPLEMENTED; 542 } 543 #endif /*!CFG_CRYPTO_DSA || !_CFG_CRYPTO_WITH_ACIPHER*/ 544 545 #if !defined(CFG_CRYPTO_DH) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 546 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 547 size_t key_size_bits __unused) 548 { 549 return TEE_ERROR_NOT_IMPLEMENTED; 550 } 551 552 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 553 struct bignum *q __unused, 554 size_t xbits __unused) 555 { 556 return TEE_ERROR_NOT_IMPLEMENTED; 557 } 558 559 TEE_Result 560 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 561 struct bignum *public_key __unused, 562 struct bignum *secret __unused) 563 { 564 return TEE_ERROR_NOT_IMPLEMENTED; 565 } 566 #endif /*!CFG_CRYPTO_DH || !_CFG_CRYPTO_WITH_ACIPHER*/ 567 568 #if !defined(CFG_CRYPTO_ECC) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 569 TEE_Result 570 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 571 size_t key_size_bits __unused) 572 { 573 return TEE_ERROR_NOT_IMPLEMENTED; 574 } 575 576 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 577 size_t key_size_bits __unused) 578 { 579 return TEE_ERROR_NOT_IMPLEMENTED; 580 } 581 582 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 583 { 584 } 585 586 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 587 { 588 return TEE_ERROR_NOT_IMPLEMENTED; 589 } 590 591 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 592 struct ecc_keypair *key __unused, 593 const uint8_t *msg __unused, 594 size_t msg_len __unused, 595 uint8_t *sig __unused, 596 size_t *sig_len __unused) 597 { 598 return TEE_ERROR_NOT_IMPLEMENTED; 599 } 600 601 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 602 struct ecc_public_key *key __unused, 603 const uint8_t *msg __unused, 604 size_t msg_len __unused, 605 const uint8_t *sig __unused, 606 size_t sig_len __unused) 607 { 608 return TEE_ERROR_NOT_IMPLEMENTED; 609 } 610 611 TEE_Result 612 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 613 struct ecc_public_key *public_key __unused, 614 void *secret __unused, 615 unsigned long *secret_len __unused) 616 { 617 return TEE_ERROR_NOT_IMPLEMENTED; 618 } 619 #endif /*!CFG_CRYPTO_ECC || !_CFG_CRYPTO_WITH_ACIPHER*/ 620