1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/crypto.h> 9 #include <crypto/crypto_impl.h> 10 #include <kernel/panic.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <utee_defines.h> 14 15 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 16 { 17 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 18 struct crypto_hash_ctx *c = NULL; 19 20 /* 21 * Use default cryptographic implement if no matching 22 * drvcrypt device. 23 */ 24 res = drvcrypt_hash_alloc_ctx(&c, algo); 25 26 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 27 switch (algo) { 28 case TEE_ALG_MD5: 29 res = crypto_md5_alloc_ctx(&c); 30 break; 31 case TEE_ALG_SHA1: 32 res = crypto_sha1_alloc_ctx(&c); 33 break; 34 case TEE_ALG_SHA224: 35 res = crypto_sha224_alloc_ctx(&c); 36 break; 37 case TEE_ALG_SHA256: 38 res = crypto_sha256_alloc_ctx(&c); 39 break; 40 case TEE_ALG_SHA384: 41 res = crypto_sha384_alloc_ctx(&c); 42 break; 43 case TEE_ALG_SHA512: 44 res = crypto_sha512_alloc_ctx(&c); 45 break; 46 default: 47 break; 48 } 49 } 50 51 if (!res) 52 *ctx = c; 53 54 return res; 55 } 56 57 static const struct crypto_hash_ops *hash_ops(void *ctx) 58 { 59 struct crypto_hash_ctx *c = ctx; 60 61 assert(c && c->ops); 62 63 return c->ops; 64 } 65 66 void crypto_hash_free_ctx(void *ctx) 67 { 68 if (ctx) 69 hash_ops(ctx)->free_ctx(ctx); 70 } 71 72 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 73 { 74 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 75 } 76 77 TEE_Result crypto_hash_init(void *ctx) 78 { 79 return hash_ops(ctx)->init(ctx); 80 } 81 82 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 83 { 84 return hash_ops(ctx)->update(ctx, data, len); 85 } 86 87 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 88 { 89 return hash_ops(ctx)->final(ctx, digest, len); 90 } 91 92 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 93 { 94 TEE_Result res = TEE_SUCCESS; 95 struct crypto_cipher_ctx *c = NULL; 96 97 switch (algo) { 98 case TEE_ALG_AES_ECB_NOPAD: 99 res = crypto_aes_ecb_alloc_ctx(&c); 100 break; 101 case TEE_ALG_AES_CBC_NOPAD: 102 res = crypto_aes_cbc_alloc_ctx(&c); 103 break; 104 case TEE_ALG_AES_CTR: 105 res = crypto_aes_ctr_alloc_ctx(&c); 106 break; 107 case TEE_ALG_AES_CTS: 108 res = crypto_aes_cts_alloc_ctx(&c); 109 break; 110 case TEE_ALG_AES_XTS: 111 res = crypto_aes_xts_alloc_ctx(&c); 112 break; 113 case TEE_ALG_DES_ECB_NOPAD: 114 res = crypto_des_ecb_alloc_ctx(&c); 115 break; 116 case TEE_ALG_DES3_ECB_NOPAD: 117 res = crypto_des3_ecb_alloc_ctx(&c); 118 break; 119 case TEE_ALG_DES_CBC_NOPAD: 120 res = crypto_des_cbc_alloc_ctx(&c); 121 break; 122 case TEE_ALG_DES3_CBC_NOPAD: 123 res = crypto_des3_cbc_alloc_ctx(&c); 124 break; 125 default: 126 return TEE_ERROR_NOT_IMPLEMENTED; 127 } 128 129 if (!res) 130 *ctx = c; 131 132 return res; 133 } 134 135 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 136 { 137 struct crypto_cipher_ctx *c = ctx; 138 139 assert(c && c->ops); 140 141 return c->ops; 142 } 143 144 void crypto_cipher_free_ctx(void *ctx) 145 { 146 if (ctx) 147 cipher_ops(ctx)->free_ctx(ctx); 148 } 149 150 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx) 151 { 152 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 153 } 154 155 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode, 156 const uint8_t *key1, size_t key1_len, 157 const uint8_t *key2, size_t key2_len, 158 const uint8_t *iv, size_t iv_len) 159 { 160 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 161 return TEE_ERROR_BAD_PARAMETERS; 162 163 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 164 iv, iv_len); 165 } 166 167 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused, 168 bool last_block, const uint8_t *data, 169 size_t len, uint8_t *dst) 170 { 171 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 172 } 173 174 void crypto_cipher_final(void *ctx) 175 { 176 cipher_ops(ctx)->final(ctx); 177 } 178 179 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 180 { 181 uint32_t class = TEE_ALG_GET_CLASS(algo); 182 183 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 184 class != TEE_OPERATION_AE) 185 return TEE_ERROR_BAD_PARAMETERS; 186 187 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 188 case TEE_MAIN_ALGO_AES: 189 *size = TEE_AES_BLOCK_SIZE; 190 return TEE_SUCCESS; 191 case TEE_MAIN_ALGO_DES: 192 case TEE_MAIN_ALGO_DES3: 193 *size = TEE_DES_BLOCK_SIZE; 194 return TEE_SUCCESS; 195 default: 196 return TEE_ERROR_NOT_SUPPORTED; 197 } 198 } 199 200 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 201 { 202 TEE_Result res = TEE_SUCCESS; 203 struct crypto_mac_ctx *c = NULL; 204 205 switch (algo) { 206 case TEE_ALG_HMAC_MD5: 207 res = crypto_hmac_md5_alloc_ctx(&c); 208 break; 209 case TEE_ALG_HMAC_SHA1: 210 res = crypto_hmac_sha1_alloc_ctx(&c); 211 break; 212 case TEE_ALG_HMAC_SHA224: 213 res = crypto_hmac_sha224_alloc_ctx(&c); 214 break; 215 case TEE_ALG_HMAC_SHA256: 216 res = crypto_hmac_sha256_alloc_ctx(&c); 217 break; 218 case TEE_ALG_HMAC_SHA384: 219 res = crypto_hmac_sha384_alloc_ctx(&c); 220 break; 221 case TEE_ALG_HMAC_SHA512: 222 res = crypto_hmac_sha512_alloc_ctx(&c); 223 break; 224 case TEE_ALG_AES_CBC_MAC_NOPAD: 225 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 226 break; 227 case TEE_ALG_AES_CBC_MAC_PKCS5: 228 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 229 break; 230 case TEE_ALG_DES_CBC_MAC_NOPAD: 231 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 232 break; 233 case TEE_ALG_DES_CBC_MAC_PKCS5: 234 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 235 break; 236 case TEE_ALG_DES3_CBC_MAC_NOPAD: 237 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 238 break; 239 case TEE_ALG_DES3_CBC_MAC_PKCS5: 240 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 241 break; 242 case TEE_ALG_AES_CMAC: 243 res = crypto_aes_cmac_alloc_ctx(&c); 244 break; 245 default: 246 return TEE_ERROR_NOT_SUPPORTED; 247 } 248 249 if (!res) 250 *ctx = c; 251 252 return res; 253 } 254 255 static const struct crypto_mac_ops *mac_ops(void *ctx) 256 { 257 struct crypto_mac_ctx *c = ctx; 258 259 assert(c && c->ops); 260 261 return c->ops; 262 } 263 264 void crypto_mac_free_ctx(void *ctx, uint32_t algo __unused) 265 { 266 if (ctx) 267 mac_ops(ctx)->free_ctx(ctx); 268 } 269 270 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo __unused) 271 { 272 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 273 } 274 275 TEE_Result crypto_mac_init(void *ctx, uint32_t algo __unused, 276 const uint8_t *key, size_t len) 277 { 278 return mac_ops(ctx)->init(ctx, key, len); 279 } 280 281 TEE_Result crypto_mac_update(void *ctx, uint32_t algo __unused, 282 const uint8_t *data, size_t len) 283 { 284 if (!len) 285 return TEE_SUCCESS; 286 287 return mac_ops(ctx)->update(ctx, data, len); 288 } 289 290 TEE_Result crypto_mac_final(void *ctx, uint32_t algo __unused, 291 uint8_t *digest, size_t digest_len) 292 { 293 return mac_ops(ctx)->final(ctx, digest, digest_len); 294 } 295 296 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 297 { 298 TEE_Result res = TEE_SUCCESS; 299 struct crypto_authenc_ctx *c = NULL; 300 301 switch (algo) { 302 #if defined(CFG_CRYPTO_CCM) 303 case TEE_ALG_AES_CCM: 304 res = crypto_aes_ccm_alloc_ctx(&c); 305 break; 306 #endif 307 #if defined(CFG_CRYPTO_GCM) 308 case TEE_ALG_AES_GCM: 309 res = crypto_aes_gcm_alloc_ctx(&c); 310 break; 311 #endif 312 default: 313 return TEE_ERROR_NOT_IMPLEMENTED; 314 } 315 316 if (!res) 317 *ctx = c; 318 319 return res; 320 } 321 322 static const struct crypto_authenc_ops *ae_ops(void *ctx) 323 { 324 struct crypto_authenc_ctx *c = ctx; 325 326 assert(c && c->ops); 327 328 return c->ops; 329 } 330 331 TEE_Result crypto_authenc_init(void *ctx, uint32_t algo __unused, 332 TEE_OperationMode mode, 333 const uint8_t *key, size_t key_len, 334 const uint8_t *nonce, size_t nonce_len, 335 size_t tag_len, size_t aad_len, 336 size_t payload_len) 337 { 338 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 339 tag_len, aad_len, payload_len); 340 } 341 342 TEE_Result crypto_authenc_update_aad(void *ctx, uint32_t algo __unused, 343 TEE_OperationMode mode __unused, 344 const uint8_t *data, size_t len) 345 { 346 return ae_ops(ctx)->update_aad(ctx, data, len); 347 } 348 349 350 TEE_Result crypto_authenc_update_payload(void *ctx, uint32_t algo __unused, 351 TEE_OperationMode mode, 352 const uint8_t *src_data, 353 size_t src_len, uint8_t *dst_data, 354 size_t *dst_len) 355 { 356 if (*dst_len < src_len) 357 return TEE_ERROR_SHORT_BUFFER; 358 *dst_len = src_len; 359 360 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 361 dst_data); 362 } 363 364 TEE_Result crypto_authenc_enc_final(void *ctx, uint32_t algo __unused, 365 const uint8_t *src_data, size_t src_len, 366 uint8_t *dst_data, size_t *dst_len, 367 uint8_t *dst_tag, size_t *dst_tag_len) 368 { 369 if (*dst_len < src_len) 370 return TEE_ERROR_SHORT_BUFFER; 371 *dst_len = src_len; 372 373 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 374 dst_tag, dst_tag_len); 375 } 376 377 TEE_Result crypto_authenc_dec_final(void *ctx, uint32_t algo __unused, 378 const uint8_t *src_data, size_t src_len, 379 uint8_t *dst_data, size_t *dst_len, 380 const uint8_t *tag, size_t tag_len) 381 { 382 if (*dst_len < src_len) 383 return TEE_ERROR_SHORT_BUFFER; 384 *dst_len = src_len; 385 386 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 387 tag_len); 388 } 389 390 void crypto_authenc_final(void *ctx, uint32_t algo __unused) 391 { 392 ae_ops(ctx)->final(ctx); 393 } 394 395 void crypto_authenc_free_ctx(void *ctx, uint32_t algo __unused) 396 { 397 if (ctx) 398 ae_ops(ctx)->free_ctx(ctx); 399 } 400 401 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, 402 uint32_t algo __unused) 403 { 404 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 405 } 406 407 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 408 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 409 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 410 { 411 return NULL; 412 } 413 414 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 415 size_t fromsize __unused, 416 struct bignum *to __unused) 417 { 418 return TEE_ERROR_NOT_IMPLEMENTED; 419 } 420 421 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 422 { 423 return 0; 424 } 425 426 size_t crypto_bignum_num_bits(struct bignum *a __unused) 427 { 428 return 0; 429 } 430 431 /* 432 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 433 * enough to guarantee that the functions calling this function aren't 434 * called, but just in case add a panic() here to avoid unexpected 435 * behavoir. 436 */ 437 static void bignum_cant_happen(void) 438 { 439 volatile bool b = true; 440 441 /* Avoid warning about function does not return */ 442 if (b) 443 panic(); 444 } 445 446 void crypto_bignum_bn2bin(const struct bignum *from __unused, 447 uint8_t *to __unused) 448 { 449 bignum_cant_happen(); 450 } 451 452 void crypto_bignum_copy(struct bignum *to __unused, 453 const struct bignum *from __unused) 454 { 455 bignum_cant_happen(); 456 } 457 458 void crypto_bignum_free(struct bignum *a) 459 { 460 if (a) 461 panic(); 462 } 463 464 void crypto_bignum_clear(struct bignum *a __unused) 465 { 466 bignum_cant_happen(); 467 } 468 469 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 470 int32_t crypto_bignum_compare(struct bignum *a __unused, 471 struct bignum *b __unused) 472 { 473 bignum_cant_happen(); 474 return -1; 475 } 476 #endif 477 478 #if !defined(CFG_CRYPTO_RSA) 479 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 480 size_t key_size_bits __unused) 481 { 482 return TEE_ERROR_NOT_IMPLEMENTED; 483 } 484 485 TEE_Result 486 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 487 size_t key_size_bits __unused) 488 { 489 return TEE_ERROR_NOT_IMPLEMENTED; 490 } 491 492 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 493 { 494 } 495 496 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 497 size_t key_size __unused) 498 { 499 return TEE_ERROR_NOT_IMPLEMENTED; 500 } 501 502 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 503 const uint8_t *src __unused, 504 size_t src_len __unused, 505 uint8_t *dst __unused, 506 size_t *dst_len __unused) 507 { 508 return TEE_ERROR_NOT_IMPLEMENTED; 509 } 510 511 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 512 const uint8_t *src __unused, 513 size_t src_len __unused, 514 uint8_t *dst __unused, 515 size_t *dst_len __unused) 516 { 517 return TEE_ERROR_NOT_IMPLEMENTED; 518 } 519 520 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 521 struct rsa_keypair *key __unused, 522 const uint8_t *label __unused, 523 size_t label_len __unused, 524 const uint8_t *src __unused, 525 size_t src_len __unused, 526 uint8_t *dst __unused, 527 size_t *dst_len __unused) 528 { 529 return TEE_ERROR_NOT_IMPLEMENTED; 530 } 531 532 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 533 struct rsa_public_key *key __unused, 534 const uint8_t *label __unused, 535 size_t label_len __unused, 536 const uint8_t *src __unused, 537 size_t src_len __unused, 538 uint8_t *dst __unused, 539 size_t *dst_len __unused) 540 { 541 return TEE_ERROR_NOT_IMPLEMENTED; 542 } 543 544 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 545 struct rsa_keypair *key __unused, 546 int salt_len __unused, 547 const uint8_t *msg __unused, 548 size_t msg_len __unused, 549 uint8_t *sig __unused, 550 size_t *sig_len __unused) 551 { 552 return TEE_ERROR_NOT_IMPLEMENTED; 553 } 554 555 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 556 struct rsa_public_key *key __unused, 557 int salt_len __unused, 558 const uint8_t *msg __unused, 559 size_t msg_len __unused, 560 const uint8_t *sig __unused, 561 size_t sig_len __unused) 562 { 563 return TEE_ERROR_NOT_IMPLEMENTED; 564 } 565 #endif /*!CFG_CRYPTO_RSA*/ 566 567 #if !defined(CFG_CRYPTO_DSA) 568 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 569 size_t key_size_bits __unused) 570 { 571 return TEE_ERROR_NOT_IMPLEMENTED; 572 } 573 574 TEE_Result 575 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 576 size_t key_size_bits __unused) 577 { 578 return TEE_ERROR_NOT_IMPLEMENTED; 579 } 580 581 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 582 size_t key_size __unused) 583 { 584 return TEE_ERROR_NOT_IMPLEMENTED; 585 } 586 587 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 588 struct dsa_keypair *key __unused, 589 const uint8_t *msg __unused, 590 size_t msg_len __unused, 591 uint8_t *sig __unused, 592 size_t *sig_len __unused) 593 { 594 return TEE_ERROR_NOT_IMPLEMENTED; 595 } 596 597 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 598 struct dsa_public_key *key __unused, 599 const uint8_t *msg __unused, 600 size_t msg_len __unused, 601 const uint8_t *sig __unused, 602 size_t sig_len __unused) 603 { 604 return TEE_ERROR_NOT_IMPLEMENTED; 605 } 606 #endif /*!CFG_CRYPTO_DSA*/ 607 608 #if !defined(CFG_CRYPTO_DH) 609 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 610 size_t key_size_bits __unused) 611 { 612 return TEE_ERROR_NOT_IMPLEMENTED; 613 } 614 615 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 616 struct bignum *q __unused, 617 size_t xbits __unused) 618 { 619 return TEE_ERROR_NOT_IMPLEMENTED; 620 } 621 622 TEE_Result 623 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 624 struct bignum *public_key __unused, 625 struct bignum *secret __unused) 626 { 627 return TEE_ERROR_NOT_IMPLEMENTED; 628 } 629 #endif /*!CFG_CRYPTO_DH*/ 630 631 #if !defined(CFG_CRYPTO_ECC) 632 TEE_Result 633 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 634 size_t key_size_bits __unused) 635 { 636 return TEE_ERROR_NOT_IMPLEMENTED; 637 } 638 639 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 640 size_t key_size_bits __unused) 641 { 642 return TEE_ERROR_NOT_IMPLEMENTED; 643 } 644 645 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 646 { 647 } 648 649 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 650 { 651 return TEE_ERROR_NOT_IMPLEMENTED; 652 } 653 654 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 655 struct ecc_keypair *key __unused, 656 const uint8_t *msg __unused, 657 size_t msg_len __unused, 658 uint8_t *sig __unused, 659 size_t *sig_len __unused) 660 { 661 return TEE_ERROR_NOT_IMPLEMENTED; 662 } 663 664 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 665 struct ecc_public_key *key __unused, 666 const uint8_t *msg __unused, 667 size_t msg_len __unused, 668 const uint8_t *sig __unused, 669 size_t sig_len __unused) 670 { 671 return TEE_ERROR_NOT_IMPLEMENTED; 672 } 673 674 TEE_Result 675 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 676 struct ecc_public_key *public_key __unused, 677 void *secret __unused, 678 unsigned long *secret_len __unused) 679 { 680 return TEE_ERROR_NOT_IMPLEMENTED; 681 } 682 #endif /*!CFG_CRYPTO_ECC*/ 683