1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/crypto.h> 9 #include <crypto/crypto_impl.h> 10 #include <kernel/panic.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <utee_defines.h> 14 15 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 16 { 17 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 18 struct crypto_hash_ctx *c = NULL; 19 20 /* 21 * Use default cryptographic implement if no matching 22 * drvcrypt device. 23 */ 24 res = drvcrypt_hash_alloc_ctx(&c, algo); 25 26 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 27 switch (algo) { 28 case TEE_ALG_MD5: 29 res = crypto_md5_alloc_ctx(&c); 30 break; 31 case TEE_ALG_SHA1: 32 res = crypto_sha1_alloc_ctx(&c); 33 break; 34 case TEE_ALG_SHA224: 35 res = crypto_sha224_alloc_ctx(&c); 36 break; 37 case TEE_ALG_SHA256: 38 res = crypto_sha256_alloc_ctx(&c); 39 break; 40 case TEE_ALG_SHA384: 41 res = crypto_sha384_alloc_ctx(&c); 42 break; 43 case TEE_ALG_SHA512: 44 res = crypto_sha512_alloc_ctx(&c); 45 break; 46 default: 47 break; 48 } 49 } 50 51 if (!res) 52 *ctx = c; 53 54 return res; 55 } 56 57 static const struct crypto_hash_ops *hash_ops(void *ctx) 58 { 59 struct crypto_hash_ctx *c = ctx; 60 61 assert(c && c->ops); 62 63 return c->ops; 64 } 65 66 void crypto_hash_free_ctx(void *ctx) 67 { 68 if (ctx) 69 hash_ops(ctx)->free_ctx(ctx); 70 } 71 72 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 73 { 74 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 75 } 76 77 TEE_Result crypto_hash_init(void *ctx) 78 { 79 return hash_ops(ctx)->init(ctx); 80 } 81 82 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 83 { 84 return hash_ops(ctx)->update(ctx, data, len); 85 } 86 87 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 88 { 89 return hash_ops(ctx)->final(ctx, digest, len); 90 } 91 92 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 93 { 94 TEE_Result res = TEE_SUCCESS; 95 struct crypto_cipher_ctx *c = NULL; 96 97 switch (algo) { 98 case TEE_ALG_AES_ECB_NOPAD: 99 res = crypto_aes_ecb_alloc_ctx(&c); 100 break; 101 case TEE_ALG_AES_CBC_NOPAD: 102 res = crypto_aes_cbc_alloc_ctx(&c); 103 break; 104 case TEE_ALG_AES_CTR: 105 res = crypto_aes_ctr_alloc_ctx(&c); 106 break; 107 case TEE_ALG_AES_CTS: 108 res = crypto_aes_cts_alloc_ctx(&c); 109 break; 110 case TEE_ALG_AES_XTS: 111 res = crypto_aes_xts_alloc_ctx(&c); 112 break; 113 case TEE_ALG_DES_ECB_NOPAD: 114 res = crypto_des_ecb_alloc_ctx(&c); 115 break; 116 case TEE_ALG_DES3_ECB_NOPAD: 117 res = crypto_des3_ecb_alloc_ctx(&c); 118 break; 119 case TEE_ALG_DES_CBC_NOPAD: 120 res = crypto_des_cbc_alloc_ctx(&c); 121 break; 122 case TEE_ALG_DES3_CBC_NOPAD: 123 res = crypto_des3_cbc_alloc_ctx(&c); 124 break; 125 default: 126 return TEE_ERROR_NOT_IMPLEMENTED; 127 } 128 129 if (!res) 130 *ctx = c; 131 132 return res; 133 } 134 135 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 136 { 137 struct crypto_cipher_ctx *c = ctx; 138 139 assert(c && c->ops); 140 141 return c->ops; 142 } 143 144 void crypto_cipher_free_ctx(void *ctx) 145 { 146 if (ctx) 147 cipher_ops(ctx)->free_ctx(ctx); 148 } 149 150 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx) 151 { 152 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 153 } 154 155 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode, 156 const uint8_t *key1, size_t key1_len, 157 const uint8_t *key2, size_t key2_len, 158 const uint8_t *iv, size_t iv_len) 159 { 160 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 161 return TEE_ERROR_BAD_PARAMETERS; 162 163 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 164 iv, iv_len); 165 } 166 167 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused, 168 bool last_block, const uint8_t *data, 169 size_t len, uint8_t *dst) 170 { 171 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 172 } 173 174 void crypto_cipher_final(void *ctx) 175 { 176 cipher_ops(ctx)->final(ctx); 177 } 178 179 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 180 { 181 uint32_t class = TEE_ALG_GET_CLASS(algo); 182 183 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 184 class != TEE_OPERATION_AE) 185 return TEE_ERROR_BAD_PARAMETERS; 186 187 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 188 case TEE_MAIN_ALGO_AES: 189 *size = TEE_AES_BLOCK_SIZE; 190 return TEE_SUCCESS; 191 case TEE_MAIN_ALGO_DES: 192 case TEE_MAIN_ALGO_DES3: 193 *size = TEE_DES_BLOCK_SIZE; 194 return TEE_SUCCESS; 195 default: 196 return TEE_ERROR_NOT_SUPPORTED; 197 } 198 } 199 200 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 201 { 202 TEE_Result res = TEE_SUCCESS; 203 struct crypto_mac_ctx *c = NULL; 204 205 switch (algo) { 206 case TEE_ALG_HMAC_MD5: 207 res = crypto_hmac_md5_alloc_ctx(&c); 208 break; 209 case TEE_ALG_HMAC_SHA1: 210 res = crypto_hmac_sha1_alloc_ctx(&c); 211 break; 212 case TEE_ALG_HMAC_SHA224: 213 res = crypto_hmac_sha224_alloc_ctx(&c); 214 break; 215 case TEE_ALG_HMAC_SHA256: 216 res = crypto_hmac_sha256_alloc_ctx(&c); 217 break; 218 case TEE_ALG_HMAC_SHA384: 219 res = crypto_hmac_sha384_alloc_ctx(&c); 220 break; 221 case TEE_ALG_HMAC_SHA512: 222 res = crypto_hmac_sha512_alloc_ctx(&c); 223 break; 224 case TEE_ALG_AES_CBC_MAC_NOPAD: 225 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 226 break; 227 case TEE_ALG_AES_CBC_MAC_PKCS5: 228 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 229 break; 230 case TEE_ALG_DES_CBC_MAC_NOPAD: 231 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 232 break; 233 case TEE_ALG_DES_CBC_MAC_PKCS5: 234 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 235 break; 236 case TEE_ALG_DES3_CBC_MAC_NOPAD: 237 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 238 break; 239 case TEE_ALG_DES3_CBC_MAC_PKCS5: 240 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 241 break; 242 case TEE_ALG_AES_CMAC: 243 res = crypto_aes_cmac_alloc_ctx(&c); 244 break; 245 default: 246 return TEE_ERROR_NOT_SUPPORTED; 247 } 248 249 if (!res) 250 *ctx = c; 251 252 return res; 253 } 254 255 static const struct crypto_mac_ops *mac_ops(void *ctx) 256 { 257 struct crypto_mac_ctx *c = ctx; 258 259 assert(c && c->ops); 260 261 return c->ops; 262 } 263 264 void crypto_mac_free_ctx(void *ctx) 265 { 266 if (ctx) 267 mac_ops(ctx)->free_ctx(ctx); 268 } 269 270 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx) 271 { 272 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 273 } 274 275 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len) 276 { 277 return mac_ops(ctx)->init(ctx, key, len); 278 } 279 280 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len) 281 { 282 if (!len) 283 return TEE_SUCCESS; 284 285 return mac_ops(ctx)->update(ctx, data, len); 286 } 287 288 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len) 289 { 290 return mac_ops(ctx)->final(ctx, digest, digest_len); 291 } 292 293 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 294 { 295 TEE_Result res = TEE_SUCCESS; 296 struct crypto_authenc_ctx *c = NULL; 297 298 switch (algo) { 299 #if defined(CFG_CRYPTO_CCM) 300 case TEE_ALG_AES_CCM: 301 res = crypto_aes_ccm_alloc_ctx(&c); 302 break; 303 #endif 304 #if defined(CFG_CRYPTO_GCM) 305 case TEE_ALG_AES_GCM: 306 res = crypto_aes_gcm_alloc_ctx(&c); 307 break; 308 #endif 309 default: 310 return TEE_ERROR_NOT_IMPLEMENTED; 311 } 312 313 if (!res) 314 *ctx = c; 315 316 return res; 317 } 318 319 static const struct crypto_authenc_ops *ae_ops(void *ctx) 320 { 321 struct crypto_authenc_ctx *c = ctx; 322 323 assert(c && c->ops); 324 325 return c->ops; 326 } 327 328 TEE_Result crypto_authenc_init(void *ctx, uint32_t algo __unused, 329 TEE_OperationMode mode, 330 const uint8_t *key, size_t key_len, 331 const uint8_t *nonce, size_t nonce_len, 332 size_t tag_len, size_t aad_len, 333 size_t payload_len) 334 { 335 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 336 tag_len, aad_len, payload_len); 337 } 338 339 TEE_Result crypto_authenc_update_aad(void *ctx, uint32_t algo __unused, 340 TEE_OperationMode mode __unused, 341 const uint8_t *data, size_t len) 342 { 343 return ae_ops(ctx)->update_aad(ctx, data, len); 344 } 345 346 347 TEE_Result crypto_authenc_update_payload(void *ctx, uint32_t algo __unused, 348 TEE_OperationMode mode, 349 const uint8_t *src_data, 350 size_t src_len, uint8_t *dst_data, 351 size_t *dst_len) 352 { 353 if (*dst_len < src_len) 354 return TEE_ERROR_SHORT_BUFFER; 355 *dst_len = src_len; 356 357 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 358 dst_data); 359 } 360 361 TEE_Result crypto_authenc_enc_final(void *ctx, uint32_t algo __unused, 362 const uint8_t *src_data, size_t src_len, 363 uint8_t *dst_data, size_t *dst_len, 364 uint8_t *dst_tag, size_t *dst_tag_len) 365 { 366 if (*dst_len < src_len) 367 return TEE_ERROR_SHORT_BUFFER; 368 *dst_len = src_len; 369 370 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 371 dst_tag, dst_tag_len); 372 } 373 374 TEE_Result crypto_authenc_dec_final(void *ctx, uint32_t algo __unused, 375 const uint8_t *src_data, size_t src_len, 376 uint8_t *dst_data, size_t *dst_len, 377 const uint8_t *tag, size_t tag_len) 378 { 379 if (*dst_len < src_len) 380 return TEE_ERROR_SHORT_BUFFER; 381 *dst_len = src_len; 382 383 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 384 tag_len); 385 } 386 387 void crypto_authenc_final(void *ctx, uint32_t algo __unused) 388 { 389 ae_ops(ctx)->final(ctx); 390 } 391 392 void crypto_authenc_free_ctx(void *ctx, uint32_t algo __unused) 393 { 394 if (ctx) 395 ae_ops(ctx)->free_ctx(ctx); 396 } 397 398 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, 399 uint32_t algo __unused) 400 { 401 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 402 } 403 404 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 405 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 406 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 407 { 408 return NULL; 409 } 410 411 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 412 size_t fromsize __unused, 413 struct bignum *to __unused) 414 { 415 return TEE_ERROR_NOT_IMPLEMENTED; 416 } 417 418 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 419 { 420 return 0; 421 } 422 423 size_t crypto_bignum_num_bits(struct bignum *a __unused) 424 { 425 return 0; 426 } 427 428 /* 429 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 430 * enough to guarantee that the functions calling this function aren't 431 * called, but just in case add a panic() here to avoid unexpected 432 * behavoir. 433 */ 434 static void bignum_cant_happen(void) 435 { 436 volatile bool b = true; 437 438 /* Avoid warning about function does not return */ 439 if (b) 440 panic(); 441 } 442 443 void crypto_bignum_bn2bin(const struct bignum *from __unused, 444 uint8_t *to __unused) 445 { 446 bignum_cant_happen(); 447 } 448 449 void crypto_bignum_copy(struct bignum *to __unused, 450 const struct bignum *from __unused) 451 { 452 bignum_cant_happen(); 453 } 454 455 void crypto_bignum_free(struct bignum *a) 456 { 457 if (a) 458 panic(); 459 } 460 461 void crypto_bignum_clear(struct bignum *a __unused) 462 { 463 bignum_cant_happen(); 464 } 465 466 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 467 int32_t crypto_bignum_compare(struct bignum *a __unused, 468 struct bignum *b __unused) 469 { 470 bignum_cant_happen(); 471 return -1; 472 } 473 #endif 474 475 #if !defined(CFG_CRYPTO_RSA) 476 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 477 size_t key_size_bits __unused) 478 { 479 return TEE_ERROR_NOT_IMPLEMENTED; 480 } 481 482 TEE_Result 483 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 484 size_t key_size_bits __unused) 485 { 486 return TEE_ERROR_NOT_IMPLEMENTED; 487 } 488 489 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 490 { 491 } 492 493 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 494 size_t key_size __unused) 495 { 496 return TEE_ERROR_NOT_IMPLEMENTED; 497 } 498 499 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 500 const uint8_t *src __unused, 501 size_t src_len __unused, 502 uint8_t *dst __unused, 503 size_t *dst_len __unused) 504 { 505 return TEE_ERROR_NOT_IMPLEMENTED; 506 } 507 508 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 509 const uint8_t *src __unused, 510 size_t src_len __unused, 511 uint8_t *dst __unused, 512 size_t *dst_len __unused) 513 { 514 return TEE_ERROR_NOT_IMPLEMENTED; 515 } 516 517 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 518 struct rsa_keypair *key __unused, 519 const uint8_t *label __unused, 520 size_t label_len __unused, 521 const uint8_t *src __unused, 522 size_t src_len __unused, 523 uint8_t *dst __unused, 524 size_t *dst_len __unused) 525 { 526 return TEE_ERROR_NOT_IMPLEMENTED; 527 } 528 529 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 530 struct rsa_public_key *key __unused, 531 const uint8_t *label __unused, 532 size_t label_len __unused, 533 const uint8_t *src __unused, 534 size_t src_len __unused, 535 uint8_t *dst __unused, 536 size_t *dst_len __unused) 537 { 538 return TEE_ERROR_NOT_IMPLEMENTED; 539 } 540 541 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 542 struct rsa_keypair *key __unused, 543 int salt_len __unused, 544 const uint8_t *msg __unused, 545 size_t msg_len __unused, 546 uint8_t *sig __unused, 547 size_t *sig_len __unused) 548 { 549 return TEE_ERROR_NOT_IMPLEMENTED; 550 } 551 552 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 553 struct rsa_public_key *key __unused, 554 int salt_len __unused, 555 const uint8_t *msg __unused, 556 size_t msg_len __unused, 557 const uint8_t *sig __unused, 558 size_t sig_len __unused) 559 { 560 return TEE_ERROR_NOT_IMPLEMENTED; 561 } 562 #endif /*!CFG_CRYPTO_RSA*/ 563 564 #if !defined(CFG_CRYPTO_DSA) 565 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 566 size_t key_size_bits __unused) 567 { 568 return TEE_ERROR_NOT_IMPLEMENTED; 569 } 570 571 TEE_Result 572 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 573 size_t key_size_bits __unused) 574 { 575 return TEE_ERROR_NOT_IMPLEMENTED; 576 } 577 578 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 579 size_t key_size __unused) 580 { 581 return TEE_ERROR_NOT_IMPLEMENTED; 582 } 583 584 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 585 struct dsa_keypair *key __unused, 586 const uint8_t *msg __unused, 587 size_t msg_len __unused, 588 uint8_t *sig __unused, 589 size_t *sig_len __unused) 590 { 591 return TEE_ERROR_NOT_IMPLEMENTED; 592 } 593 594 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 595 struct dsa_public_key *key __unused, 596 const uint8_t *msg __unused, 597 size_t msg_len __unused, 598 const uint8_t *sig __unused, 599 size_t sig_len __unused) 600 { 601 return TEE_ERROR_NOT_IMPLEMENTED; 602 } 603 #endif /*!CFG_CRYPTO_DSA*/ 604 605 #if !defined(CFG_CRYPTO_DH) 606 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 607 size_t key_size_bits __unused) 608 { 609 return TEE_ERROR_NOT_IMPLEMENTED; 610 } 611 612 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 613 struct bignum *q __unused, 614 size_t xbits __unused) 615 { 616 return TEE_ERROR_NOT_IMPLEMENTED; 617 } 618 619 TEE_Result 620 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 621 struct bignum *public_key __unused, 622 struct bignum *secret __unused) 623 { 624 return TEE_ERROR_NOT_IMPLEMENTED; 625 } 626 #endif /*!CFG_CRYPTO_DH*/ 627 628 #if !defined(CFG_CRYPTO_ECC) 629 TEE_Result 630 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 631 size_t key_size_bits __unused) 632 { 633 return TEE_ERROR_NOT_IMPLEMENTED; 634 } 635 636 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 637 size_t key_size_bits __unused) 638 { 639 return TEE_ERROR_NOT_IMPLEMENTED; 640 } 641 642 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 643 { 644 } 645 646 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 647 { 648 return TEE_ERROR_NOT_IMPLEMENTED; 649 } 650 651 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 652 struct ecc_keypair *key __unused, 653 const uint8_t *msg __unused, 654 size_t msg_len __unused, 655 uint8_t *sig __unused, 656 size_t *sig_len __unused) 657 { 658 return TEE_ERROR_NOT_IMPLEMENTED; 659 } 660 661 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 662 struct ecc_public_key *key __unused, 663 const uint8_t *msg __unused, 664 size_t msg_len __unused, 665 const uint8_t *sig __unused, 666 size_t sig_len __unused) 667 { 668 return TEE_ERROR_NOT_IMPLEMENTED; 669 } 670 671 TEE_Result 672 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 673 struct ecc_public_key *public_key __unused, 674 void *secret __unused, 675 unsigned long *secret_len __unused) 676 { 677 return TEE_ERROR_NOT_IMPLEMENTED; 678 } 679 #endif /*!CFG_CRYPTO_ECC*/ 680