1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 * Copyright 2020 NXP 5 * Copyright 2021, SumUp Service GmbH 6 */ 7 8 #include <assert.h> 9 #include <compiler.h> 10 #include <crypto/crypto.h> 11 #include <crypto/crypto_impl.h> 12 #include <kernel/panic.h> 13 #include <stdlib.h> 14 #include <utee_defines.h> 15 16 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 17 { 18 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 19 struct crypto_hash_ctx *c = NULL; 20 21 /* 22 * Use default cryptographic implementation if no matching 23 * drvcrypt device. 24 */ 25 res = drvcrypt_hash_alloc_ctx(&c, algo); 26 27 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 28 switch (algo) { 29 case TEE_ALG_MD5: 30 res = crypto_md5_alloc_ctx(&c); 31 break; 32 case TEE_ALG_SHA1: 33 res = crypto_sha1_alloc_ctx(&c); 34 break; 35 case TEE_ALG_SHA224: 36 res = crypto_sha224_alloc_ctx(&c); 37 break; 38 case TEE_ALG_SHA256: 39 res = crypto_sha256_alloc_ctx(&c); 40 break; 41 case TEE_ALG_SHA384: 42 res = crypto_sha384_alloc_ctx(&c); 43 break; 44 case TEE_ALG_SHA512: 45 res = crypto_sha512_alloc_ctx(&c); 46 break; 47 case TEE_ALG_SHA3_224: 48 res = crypto_sha3_224_alloc_ctx(&c); 49 break; 50 case TEE_ALG_SHA3_256: 51 res = crypto_sha3_256_alloc_ctx(&c); 52 break; 53 case TEE_ALG_SHA3_384: 54 res = crypto_sha3_384_alloc_ctx(&c); 55 break; 56 case TEE_ALG_SHA3_512: 57 res = crypto_sha3_512_alloc_ctx(&c); 58 break; 59 case TEE_ALG_SHAKE128: 60 res = crypto_shake128_alloc_ctx(&c); 61 break; 62 case TEE_ALG_SHAKE256: 63 res = crypto_shake256_alloc_ctx(&c); 64 break; 65 case TEE_ALG_SM3: 66 res = crypto_sm3_alloc_ctx(&c); 67 break; 68 default: 69 break; 70 } 71 } 72 73 if (!res) 74 *ctx = c; 75 76 return res; 77 } 78 79 static const struct crypto_hash_ops *hash_ops(void *ctx) 80 { 81 struct crypto_hash_ctx *c = ctx; 82 83 assert(c && c->ops); 84 85 return c->ops; 86 } 87 88 void crypto_hash_free_ctx(void *ctx) 89 { 90 if (ctx) 91 hash_ops(ctx)->free_ctx(ctx); 92 } 93 94 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx) 95 { 96 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 97 } 98 99 TEE_Result crypto_hash_init(void *ctx) 100 { 101 return hash_ops(ctx)->init(ctx); 102 } 103 104 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len) 105 { 106 return hash_ops(ctx)->update(ctx, data, len); 107 } 108 109 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len) 110 { 111 return hash_ops(ctx)->final(ctx, digest, len); 112 } 113 114 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 115 { 116 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 117 struct crypto_cipher_ctx *c = NULL; 118 119 /* 120 * Use default cryptographic implementation if no matching 121 * drvcrypt device. 122 */ 123 res = drvcrypt_cipher_alloc_ctx(&c, algo); 124 125 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 126 switch (algo) { 127 case TEE_ALG_AES_ECB_NOPAD: 128 res = crypto_aes_ecb_alloc_ctx(&c); 129 break; 130 case TEE_ALG_AES_CBC_NOPAD: 131 res = crypto_aes_cbc_alloc_ctx(&c); 132 break; 133 case TEE_ALG_AES_CTR: 134 res = crypto_aes_ctr_alloc_ctx(&c); 135 break; 136 case TEE_ALG_AES_CTS: 137 res = crypto_aes_cts_alloc_ctx(&c); 138 break; 139 case TEE_ALG_AES_XTS: 140 res = crypto_aes_xts_alloc_ctx(&c); 141 break; 142 case TEE_ALG_DES_ECB_NOPAD: 143 res = crypto_des_ecb_alloc_ctx(&c); 144 break; 145 case TEE_ALG_DES3_ECB_NOPAD: 146 res = crypto_des3_ecb_alloc_ctx(&c); 147 break; 148 case TEE_ALG_DES_CBC_NOPAD: 149 res = crypto_des_cbc_alloc_ctx(&c); 150 break; 151 case TEE_ALG_DES3_CBC_NOPAD: 152 res = crypto_des3_cbc_alloc_ctx(&c); 153 break; 154 case TEE_ALG_SM4_ECB_NOPAD: 155 res = crypto_sm4_ecb_alloc_ctx(&c); 156 break; 157 case TEE_ALG_SM4_CBC_NOPAD: 158 res = crypto_sm4_cbc_alloc_ctx(&c); 159 break; 160 case TEE_ALG_SM4_CTR: 161 res = crypto_sm4_ctr_alloc_ctx(&c); 162 break; 163 case TEE_ALG_SM4_XTS: 164 res = crypto_sm4_xts_alloc_ctx(&c); 165 break; 166 default: 167 return TEE_ERROR_NOT_IMPLEMENTED; 168 } 169 } 170 171 if (!res) 172 *ctx = c; 173 174 return res; 175 } 176 177 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 178 { 179 struct crypto_cipher_ctx *c = ctx; 180 181 assert(c && c->ops); 182 183 return c->ops; 184 } 185 186 void crypto_cipher_free_ctx(void *ctx) 187 { 188 if (ctx) 189 cipher_ops(ctx)->free_ctx(ctx); 190 } 191 192 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx) 193 { 194 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 195 } 196 197 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode, 198 const uint8_t *key1, size_t key1_len, 199 const uint8_t *key2, size_t key2_len, 200 const uint8_t *iv, size_t iv_len) 201 { 202 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 203 return TEE_ERROR_BAD_PARAMETERS; 204 205 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 206 iv, iv_len); 207 } 208 209 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused, 210 bool last_block, const uint8_t *data, 211 size_t len, uint8_t *dst) 212 { 213 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 214 } 215 216 void crypto_cipher_final(void *ctx) 217 { 218 cipher_ops(ctx)->final(ctx); 219 } 220 221 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 222 { 223 uint32_t class = TEE_ALG_GET_CLASS(algo); 224 225 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 226 class != TEE_OPERATION_AE) 227 return TEE_ERROR_BAD_PARAMETERS; 228 229 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 230 case TEE_MAIN_ALGO_AES: 231 *size = TEE_AES_BLOCK_SIZE; 232 return TEE_SUCCESS; 233 case TEE_MAIN_ALGO_DES: 234 case TEE_MAIN_ALGO_DES3: 235 *size = TEE_DES_BLOCK_SIZE; 236 return TEE_SUCCESS; 237 case TEE_MAIN_ALGO_SM4: 238 *size = TEE_SM4_BLOCK_SIZE; 239 return TEE_SUCCESS; 240 default: 241 return TEE_ERROR_NOT_SUPPORTED; 242 } 243 } 244 245 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 246 { 247 TEE_Result res = TEE_SUCCESS; 248 struct crypto_mac_ctx *c = NULL; 249 250 /* 251 * Use default cryptographic implementation if no matching 252 * drvcrypt device. 253 */ 254 res = drvcrypt_mac_alloc_ctx(&c, algo); 255 256 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 257 switch (algo) { 258 case TEE_ALG_HMAC_MD5: 259 res = crypto_hmac_md5_alloc_ctx(&c); 260 break; 261 case TEE_ALG_HMAC_SHA1: 262 res = crypto_hmac_sha1_alloc_ctx(&c); 263 break; 264 case TEE_ALG_HMAC_SHA224: 265 res = crypto_hmac_sha224_alloc_ctx(&c); 266 break; 267 case TEE_ALG_HMAC_SHA256: 268 res = crypto_hmac_sha256_alloc_ctx(&c); 269 break; 270 case TEE_ALG_HMAC_SHA384: 271 res = crypto_hmac_sha384_alloc_ctx(&c); 272 break; 273 case TEE_ALG_HMAC_SHA512: 274 res = crypto_hmac_sha512_alloc_ctx(&c); 275 break; 276 case TEE_ALG_HMAC_SHA3_224: 277 res = crypto_hmac_sha3_224_alloc_ctx(&c); 278 break; 279 case TEE_ALG_HMAC_SHA3_256: 280 res = crypto_hmac_sha3_256_alloc_ctx(&c); 281 break; 282 case TEE_ALG_HMAC_SHA3_384: 283 res = crypto_hmac_sha3_384_alloc_ctx(&c); 284 break; 285 case TEE_ALG_HMAC_SHA3_512: 286 res = crypto_hmac_sha3_512_alloc_ctx(&c); 287 break; 288 case TEE_ALG_HMAC_SM3: 289 res = crypto_hmac_sm3_alloc_ctx(&c); 290 break; 291 case TEE_ALG_AES_CBC_MAC_NOPAD: 292 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 293 break; 294 case TEE_ALG_AES_CBC_MAC_PKCS5: 295 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 296 break; 297 case TEE_ALG_DES_CBC_MAC_NOPAD: 298 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 299 break; 300 case TEE_ALG_DES_CBC_MAC_PKCS5: 301 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 302 break; 303 case TEE_ALG_DES3_CBC_MAC_NOPAD: 304 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 305 break; 306 case TEE_ALG_DES3_CBC_MAC_PKCS5: 307 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 308 break; 309 case TEE_ALG_DES3_CMAC: 310 res = crypto_des3_cmac_alloc_ctx(&c); 311 break; 312 case TEE_ALG_AES_CMAC: 313 res = crypto_aes_cmac_alloc_ctx(&c); 314 break; 315 default: 316 return TEE_ERROR_NOT_SUPPORTED; 317 } 318 } 319 320 if (!res) 321 *ctx = c; 322 323 return res; 324 } 325 326 static const struct crypto_mac_ops *mac_ops(void *ctx) 327 { 328 struct crypto_mac_ctx *c = ctx; 329 330 assert(c && c->ops); 331 332 return c->ops; 333 } 334 335 void crypto_mac_free_ctx(void *ctx) 336 { 337 if (ctx) 338 mac_ops(ctx)->free_ctx(ctx); 339 } 340 341 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx) 342 { 343 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 344 } 345 346 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len) 347 { 348 return mac_ops(ctx)->init(ctx, key, len); 349 } 350 351 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len) 352 { 353 if (!len) 354 return TEE_SUCCESS; 355 356 return mac_ops(ctx)->update(ctx, data, len); 357 } 358 359 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len) 360 { 361 return mac_ops(ctx)->final(ctx, digest, digest_len); 362 } 363 364 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 365 { 366 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 367 struct crypto_authenc_ctx *c = NULL; 368 369 /* 370 * Use default authenc implementation if no matching 371 * drvcrypt device. 372 */ 373 res = drvcrypt_authenc_alloc_ctx(&c, algo); 374 375 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 376 switch (algo) { 377 #if defined(CFG_CRYPTO_CCM) 378 case TEE_ALG_AES_CCM: 379 res = crypto_aes_ccm_alloc_ctx(&c); 380 break; 381 #endif 382 #if defined(CFG_CRYPTO_GCM) 383 case TEE_ALG_AES_GCM: 384 res = crypto_aes_gcm_alloc_ctx(&c); 385 break; 386 #endif 387 default: 388 break; 389 } 390 } 391 392 if (!res) 393 *ctx = c; 394 395 return res; 396 } 397 398 static const struct crypto_authenc_ops *ae_ops(void *ctx) 399 { 400 struct crypto_authenc_ctx *c = ctx; 401 402 assert(c && c->ops); 403 404 return c->ops; 405 } 406 407 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode, 408 const uint8_t *key, size_t key_len, 409 const uint8_t *nonce, size_t nonce_len, 410 size_t tag_len, size_t aad_len, 411 size_t payload_len) 412 { 413 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 414 tag_len, aad_len, payload_len); 415 } 416 417 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused, 418 const uint8_t *data, size_t len) 419 { 420 return ae_ops(ctx)->update_aad(ctx, data, len); 421 } 422 423 424 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode, 425 const uint8_t *src_data, 426 size_t src_len, uint8_t *dst_data, 427 size_t *dst_len) 428 { 429 if (*dst_len < src_len) 430 return TEE_ERROR_SHORT_BUFFER; 431 *dst_len = src_len; 432 433 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 434 dst_data); 435 } 436 437 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data, 438 size_t src_len, uint8_t *dst_data, 439 size_t *dst_len, uint8_t *dst_tag, 440 size_t *dst_tag_len) 441 { 442 if (*dst_len < src_len) 443 return TEE_ERROR_SHORT_BUFFER; 444 *dst_len = src_len; 445 446 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 447 dst_tag, dst_tag_len); 448 } 449 450 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data, 451 size_t src_len, uint8_t *dst_data, 452 size_t *dst_len, const uint8_t *tag, 453 size_t tag_len) 454 { 455 if (*dst_len < src_len) 456 return TEE_ERROR_SHORT_BUFFER; 457 *dst_len = src_len; 458 459 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 460 tag_len); 461 } 462 463 void crypto_authenc_final(void *ctx) 464 { 465 ae_ops(ctx)->final(ctx); 466 } 467 468 void crypto_authenc_free_ctx(void *ctx) 469 { 470 if (ctx) 471 ae_ops(ctx)->free_ctx(ctx); 472 } 473 474 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx) 475 { 476 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 477 } 478 479 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 480 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 481 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 482 { 483 return NULL; 484 } 485 486 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 487 size_t fromsize __unused, 488 struct bignum *to __unused) 489 { 490 return TEE_ERROR_NOT_IMPLEMENTED; 491 } 492 493 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 494 { 495 return 0; 496 } 497 498 size_t crypto_bignum_num_bits(struct bignum *a __unused) 499 { 500 return 0; 501 } 502 503 /* 504 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 505 * enough to guarantee that the functions calling this function aren't 506 * called, but just in case add a panic() here to avoid unexpected 507 * behavoir. 508 */ 509 static void bignum_cant_happen(void) 510 { 511 volatile bool b = true; 512 513 /* Avoid warning about function does not return */ 514 if (b) 515 panic(); 516 } 517 518 void crypto_bignum_bn2bin(const struct bignum *from __unused, 519 uint8_t *to __unused) 520 { 521 bignum_cant_happen(); 522 } 523 524 void crypto_bignum_copy(struct bignum *to __unused, 525 const struct bignum *from __unused) 526 { 527 bignum_cant_happen(); 528 } 529 530 void crypto_bignum_free(struct bignum **a) 531 { 532 if (a && *a) 533 panic(); 534 } 535 536 void crypto_bignum_clear(struct bignum *a __unused) 537 { 538 bignum_cant_happen(); 539 } 540 541 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 542 int32_t crypto_bignum_compare(struct bignum *a __unused, 543 struct bignum *b __unused) 544 { 545 bignum_cant_happen(); 546 return -1; 547 } 548 #endif 549 550 #if !defined(CFG_CRYPTO_RSA) 551 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 552 size_t key_size_bits __unused) 553 { 554 return TEE_ERROR_NOT_IMPLEMENTED; 555 } 556 557 TEE_Result 558 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 559 size_t key_size_bits __unused) 560 { 561 return TEE_ERROR_NOT_IMPLEMENTED; 562 } 563 564 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 565 { 566 } 567 568 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused) 569 { 570 } 571 572 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 573 size_t key_size __unused) 574 { 575 return TEE_ERROR_NOT_IMPLEMENTED; 576 } 577 578 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 579 const uint8_t *src __unused, 580 size_t src_len __unused, 581 uint8_t *dst __unused, 582 size_t *dst_len __unused) 583 { 584 return TEE_ERROR_NOT_IMPLEMENTED; 585 } 586 587 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 588 const uint8_t *src __unused, 589 size_t src_len __unused, 590 uint8_t *dst __unused, 591 size_t *dst_len __unused) 592 { 593 return TEE_ERROR_NOT_IMPLEMENTED; 594 } 595 596 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 597 struct rsa_keypair *key __unused, 598 const uint8_t *label __unused, 599 size_t label_len __unused, 600 uint32_t mgf_algo __unused, 601 const uint8_t *src __unused, 602 size_t src_len __unused, 603 uint8_t *dst __unused, 604 size_t *dst_len __unused) 605 { 606 return TEE_ERROR_NOT_IMPLEMENTED; 607 } 608 609 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 610 struct rsa_public_key *key __unused, 611 const uint8_t *label __unused, 612 size_t label_len __unused, 613 uint32_t mgf_algo __unused, 614 const uint8_t *src __unused, 615 size_t src_len __unused, 616 uint8_t *dst __unused, 617 size_t *dst_len __unused) 618 { 619 return TEE_ERROR_NOT_IMPLEMENTED; 620 } 621 622 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 623 struct rsa_keypair *key __unused, 624 int salt_len __unused, 625 const uint8_t *msg __unused, 626 size_t msg_len __unused, 627 uint8_t *sig __unused, 628 size_t *sig_len __unused) 629 { 630 return TEE_ERROR_NOT_IMPLEMENTED; 631 } 632 633 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 634 struct rsa_public_key *key __unused, 635 int salt_len __unused, 636 const uint8_t *msg __unused, 637 size_t msg_len __unused, 638 const uint8_t *sig __unused, 639 size_t sig_len __unused) 640 { 641 return TEE_ERROR_NOT_IMPLEMENTED; 642 } 643 #endif /*!CFG_CRYPTO_RSA*/ 644 645 #if !defined(CFG_CRYPTO_DSA) 646 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 647 size_t key_size_bits __unused) 648 { 649 return TEE_ERROR_NOT_IMPLEMENTED; 650 } 651 652 TEE_Result 653 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 654 size_t key_size_bits __unused) 655 { 656 return TEE_ERROR_NOT_IMPLEMENTED; 657 } 658 659 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 660 size_t key_size __unused) 661 { 662 return TEE_ERROR_NOT_IMPLEMENTED; 663 } 664 665 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 666 struct dsa_keypair *key __unused, 667 const uint8_t *msg __unused, 668 size_t msg_len __unused, 669 uint8_t *sig __unused, 670 size_t *sig_len __unused) 671 { 672 return TEE_ERROR_NOT_IMPLEMENTED; 673 } 674 675 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 676 struct dsa_public_key *key __unused, 677 const uint8_t *msg __unused, 678 size_t msg_len __unused, 679 const uint8_t *sig __unused, 680 size_t sig_len __unused) 681 { 682 return TEE_ERROR_NOT_IMPLEMENTED; 683 } 684 #endif /*!CFG_CRYPTO_DSA*/ 685 686 #if !defined(CFG_CRYPTO_DH) 687 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 688 size_t key_size_bits __unused) 689 { 690 return TEE_ERROR_NOT_IMPLEMENTED; 691 } 692 693 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 694 struct bignum *q __unused, 695 size_t xbits __unused, 696 size_t key_size __unused) 697 { 698 return TEE_ERROR_NOT_IMPLEMENTED; 699 } 700 701 TEE_Result 702 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 703 struct bignum *public_key __unused, 704 struct bignum *secret __unused) 705 { 706 return TEE_ERROR_NOT_IMPLEMENTED; 707 } 708 #endif /*!CFG_CRYPTO_DH*/ 709 710 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key, 711 uint32_t key_type, 712 size_t key_size_bits) 713 { 714 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 715 716 /* 717 * Use default cryptographic implementation if no matching 718 * drvcrypt device. 719 */ 720 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits); 721 if (res == TEE_ERROR_NOT_IMPLEMENTED) 722 res = crypto_asym_alloc_ecc_public_key(key, key_type, 723 key_size_bits); 724 725 return res; 726 } 727 728 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key, 729 uint32_t key_type, 730 size_t key_size_bits) 731 { 732 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 733 734 /* 735 * Use default cryptographic implementation if no matching 736 * drvcrypt device. 737 */ 738 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits); 739 if (res == TEE_ERROR_NOT_IMPLEMENTED) 740 res = crypto_asym_alloc_ecc_keypair(key, key_type, 741 key_size_bits); 742 743 return res; 744 } 745 746 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key) 747 { 748 assert(key->ops && key->ops->free); 749 750 key->ops->free(key); 751 } 752 753 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key, 754 size_t key_size_bits) 755 { 756 assert(key->ops && key->ops->generate); 757 758 return key->ops->generate(key, key_size_bits); 759 } 760 761 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key, 762 const uint8_t *msg, size_t msg_len, 763 uint8_t *sig, size_t *sig_len) 764 { 765 assert(key->ops); 766 767 if (!key->ops->sign) 768 return TEE_ERROR_NOT_IMPLEMENTED; 769 770 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len); 771 } 772 773 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key, 774 const uint8_t *msg, size_t msg_len, 775 const uint8_t *sig, size_t sig_len) 776 { 777 assert(key->ops); 778 779 if (!key->ops->verify) 780 return TEE_ERROR_NOT_IMPLEMENTED; 781 782 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len); 783 } 784 785 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key, 786 struct ecc_public_key *public_key, 787 void *secret, 788 unsigned long *secret_len) 789 { 790 assert(private_key->ops); 791 792 if (!private_key->ops->shared_secret) 793 return TEE_ERROR_NOT_IMPLEMENTED; 794 795 return private_key->ops->shared_secret(private_key, public_key, secret, 796 secret_len); 797 } 798 799 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key, 800 const uint8_t *src, size_t src_len, 801 uint8_t *dst, size_t *dst_len) 802 { 803 assert(key->ops); 804 805 if (!key->ops->decrypt) 806 return TEE_ERROR_NOT_IMPLEMENTED; 807 808 return key->ops->decrypt(key, src, src_len, dst, dst_len); 809 } 810 811 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key, 812 const uint8_t *src, size_t src_len, 813 uint8_t *dst, size_t *dst_len) 814 { 815 assert(key->ops); 816 817 if (!key->ops->encrypt) 818 return TEE_ERROR_NOT_IMPLEMENTED; 819 820 return key->ops->encrypt(key, src, src_len, dst, dst_len); 821 } 822 823 #if !defined(CFG_CRYPTO_SM2_KEP) 824 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused, 825 struct ecc_keypair *my_eph_key 826 __unused, 827 struct ecc_public_key *peer_key 828 __unused, 829 struct ecc_public_key *peer_eph_key 830 __unused, 831 struct sm2_kep_parms *p __unused) 832 { 833 return TEE_ERROR_NOT_IMPLEMENTED; 834 } 835 #endif 836 837 #if !defined(CFG_CRYPTO_X25519) 838 TEE_Result crypto_acipher_alloc_x25519_keypair(struct montgomery_keypair *key 839 __unused, 840 size_t key_size_bits __unused) 841 { 842 return TEE_ERROR_NOT_IMPLEMENTED; 843 } 844 845 TEE_Result crypto_acipher_gen_x25519_key(struct montgomery_keypair 846 *key __unused, 847 size_t key_size __unused) 848 { 849 return TEE_ERROR_NOT_IMPLEMENTED; 850 } 851 852 TEE_Result crypto_acipher_x25519_shared_secret(struct montgomery_keypair 853 *private_key __unused, 854 void *public_key __unused, 855 void *secret __unused, 856 unsigned long 857 *secret_len __unused) 858 { 859 return TEE_ERROR_NOT_IMPLEMENTED; 860 } 861 #endif 862 863 #if !defined(CFG_CRYPTO_X448) 864 TEE_Result crypto_acipher_alloc_x448_keypair(struct montgomery_keypair *key 865 __unused, 866 size_t key_size_bits __unused) 867 { 868 return TEE_ERROR_NOT_IMPLEMENTED; 869 } 870 871 TEE_Result crypto_acipher_gen_x448_key(struct montgomery_keypair *key __unused, 872 size_t key_size __unused) 873 { 874 return TEE_ERROR_NOT_IMPLEMENTED; 875 } 876 877 TEE_Result crypto_acipher_x448_shared_secret(struct montgomery_keypair 878 *private_key __unused, 879 void *public_key __unused, 880 void *secret __unused, 881 unsigned long 882 *secret_len __unused) 883 { 884 return TEE_ERROR_NOT_IMPLEMENTED; 885 } 886 #endif 887 888 #if !defined(CFG_CRYPTO_ED25519) 889 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key 890 __unused, 891 size_t key_size_bits __unused) 892 { 893 return TEE_ERROR_NOT_IMPLEMENTED; 894 } 895 896 TEE_Result 897 crypto_acipher_alloc_ed25519_public_key(struct ed25519_public_key *key __unused, 898 size_t key_size __unused) 899 { 900 return TEE_ERROR_NOT_IMPLEMENTED; 901 } 902 903 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key __unused, 904 size_t key_size __unused) 905 { 906 return TEE_ERROR_NOT_IMPLEMENTED; 907 } 908 909 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key __unused, 910 const uint8_t *msg __unused, 911 size_t msg_len __unused, 912 uint8_t *sig __unused, 913 size_t *sig_len __unused) 914 { 915 return TEE_ERROR_NOT_IMPLEMENTED; 916 } 917 918 TEE_Result 919 crypto_acipher_ed25519_verify(struct ed25519_public_key *key __unused, 920 const uint8_t *msg __unused, 921 size_t msg_len __unused, 922 const uint8_t *sig __unused, 923 size_t sig_len __unused) 924 { 925 return TEE_ERROR_NOT_IMPLEMENTED; 926 } 927 928 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key __unused, 929 const uint8_t *msg __unused, 930 size_t msg_len __unused, 931 uint8_t *sig __unused, 932 size_t *sig_len __unused, 933 bool ph_flag __unused, 934 const uint8_t *ctx __unused, 935 size_t ctxlen __unused) 936 { 937 return TEE_ERROR_NOT_IMPLEMENTED; 938 } 939 940 TEE_Result 941 crypto_acipher_ed25519ctx_verify(struct ed25519_public_key *key __unused, 942 const uint8_t *msg __unused, 943 size_t msg_len __unused, 944 const uint8_t *sig __unused, 945 size_t sig_len __unused, 946 bool ph_flag __unused, 947 const uint8_t *ctx __unused, 948 size_t ctxlen __unused) 949 { 950 return TEE_ERROR_NOT_IMPLEMENTED; 951 } 952 #endif 953 954 __weak TEE_Result crypto_storage_obj_del(struct tee_obj *obj __unused) 955 { 956 return TEE_ERROR_NOT_IMPLEMENTED; 957 } 958