1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/crypto.h> 9 #include <crypto/crypto_impl.h> 10 #include <kernel/panic.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <utee_defines.h> 14 15 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 16 { 17 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED; 18 struct crypto_hash_ctx *c = NULL; 19 20 /* 21 * Use default cryptographic implement if no matching 22 * drvcrypt device. 23 */ 24 res = drvcrypt_hash_alloc_ctx(&c, algo); 25 26 if (res == TEE_ERROR_NOT_IMPLEMENTED) { 27 switch (algo) { 28 case TEE_ALG_MD5: 29 res = crypto_md5_alloc_ctx(&c); 30 break; 31 case TEE_ALG_SHA1: 32 res = crypto_sha1_alloc_ctx(&c); 33 break; 34 case TEE_ALG_SHA224: 35 res = crypto_sha224_alloc_ctx(&c); 36 break; 37 case TEE_ALG_SHA256: 38 res = crypto_sha256_alloc_ctx(&c); 39 break; 40 case TEE_ALG_SHA384: 41 res = crypto_sha384_alloc_ctx(&c); 42 break; 43 case TEE_ALG_SHA512: 44 res = crypto_sha512_alloc_ctx(&c); 45 break; 46 default: 47 break; 48 } 49 } 50 51 if (!res) 52 *ctx = c; 53 54 return res; 55 } 56 57 static const struct crypto_hash_ops *hash_ops(void *ctx) 58 { 59 struct crypto_hash_ctx *c = ctx; 60 61 assert(c && c->ops); 62 63 return c->ops; 64 } 65 66 void crypto_hash_free_ctx(void *ctx, uint32_t algo __unused) 67 { 68 if (ctx) 69 hash_ops(ctx)->free_ctx(ctx); 70 } 71 72 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx, 73 uint32_t algo __unused) 74 { 75 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 76 } 77 78 TEE_Result crypto_hash_init(void *ctx, uint32_t algo __unused) 79 { 80 return hash_ops(ctx)->init(ctx); 81 } 82 83 TEE_Result crypto_hash_update(void *ctx, uint32_t algo __unused, 84 const uint8_t *data, size_t len) 85 { 86 return hash_ops(ctx)->update(ctx, data, len); 87 } 88 89 TEE_Result crypto_hash_final(void *ctx, uint32_t algo __unused, 90 uint8_t *digest, size_t len) 91 { 92 return hash_ops(ctx)->final(ctx, digest, len); 93 } 94 95 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 96 { 97 TEE_Result res = TEE_SUCCESS; 98 struct crypto_cipher_ctx *c = NULL; 99 100 switch (algo) { 101 case TEE_ALG_AES_ECB_NOPAD: 102 res = crypto_aes_ecb_alloc_ctx(&c); 103 break; 104 case TEE_ALG_AES_CBC_NOPAD: 105 res = crypto_aes_cbc_alloc_ctx(&c); 106 break; 107 case TEE_ALG_AES_CTR: 108 res = crypto_aes_ctr_alloc_ctx(&c); 109 break; 110 case TEE_ALG_AES_CTS: 111 res = crypto_aes_cts_alloc_ctx(&c); 112 break; 113 case TEE_ALG_AES_XTS: 114 res = crypto_aes_xts_alloc_ctx(&c); 115 break; 116 case TEE_ALG_DES_ECB_NOPAD: 117 res = crypto_des_ecb_alloc_ctx(&c); 118 break; 119 case TEE_ALG_DES3_ECB_NOPAD: 120 res = crypto_des3_ecb_alloc_ctx(&c); 121 break; 122 case TEE_ALG_DES_CBC_NOPAD: 123 res = crypto_des_cbc_alloc_ctx(&c); 124 break; 125 case TEE_ALG_DES3_CBC_NOPAD: 126 res = crypto_des3_cbc_alloc_ctx(&c); 127 break; 128 default: 129 return TEE_ERROR_NOT_IMPLEMENTED; 130 } 131 132 if (!res) 133 *ctx = c; 134 135 return res; 136 } 137 138 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 139 { 140 struct crypto_cipher_ctx *c = ctx; 141 142 assert(c && c->ops); 143 144 return c->ops; 145 } 146 147 void crypto_cipher_free_ctx(void *ctx, uint32_t algo __unused) 148 { 149 if (ctx) 150 cipher_ops(ctx)->free_ctx(ctx); 151 } 152 153 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx, 154 uint32_t algo __unused) 155 { 156 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 157 } 158 159 TEE_Result crypto_cipher_init(void *ctx __unused, uint32_t algo __unused, 160 TEE_OperationMode mode, const uint8_t *key1, 161 size_t key1_len, const uint8_t *key2, 162 size_t key2_len, const uint8_t *iv, size_t iv_len) 163 { 164 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 165 return TEE_ERROR_BAD_PARAMETERS; 166 167 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 168 iv, iv_len); 169 } 170 171 TEE_Result crypto_cipher_update(void *ctx, uint32_t algo __unused, 172 TEE_OperationMode mode __unused, 173 bool last_block, const uint8_t *data, 174 size_t len, uint8_t *dst) 175 { 176 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 177 } 178 179 void crypto_cipher_final(void *ctx, uint32_t algo __unused) 180 { 181 cipher_ops(ctx)->final(ctx); 182 } 183 184 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 185 { 186 uint32_t class = TEE_ALG_GET_CLASS(algo); 187 188 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 189 class != TEE_OPERATION_AE) 190 return TEE_ERROR_BAD_PARAMETERS; 191 192 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 193 case TEE_MAIN_ALGO_AES: 194 *size = TEE_AES_BLOCK_SIZE; 195 return TEE_SUCCESS; 196 case TEE_MAIN_ALGO_DES: 197 case TEE_MAIN_ALGO_DES3: 198 *size = TEE_DES_BLOCK_SIZE; 199 return TEE_SUCCESS; 200 default: 201 return TEE_ERROR_NOT_SUPPORTED; 202 } 203 } 204 205 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 206 { 207 TEE_Result res = TEE_SUCCESS; 208 struct crypto_mac_ctx *c = NULL; 209 210 switch (algo) { 211 case TEE_ALG_HMAC_MD5: 212 res = crypto_hmac_md5_alloc_ctx(&c); 213 break; 214 case TEE_ALG_HMAC_SHA1: 215 res = crypto_hmac_sha1_alloc_ctx(&c); 216 break; 217 case TEE_ALG_HMAC_SHA224: 218 res = crypto_hmac_sha224_alloc_ctx(&c); 219 break; 220 case TEE_ALG_HMAC_SHA256: 221 res = crypto_hmac_sha256_alloc_ctx(&c); 222 break; 223 case TEE_ALG_HMAC_SHA384: 224 res = crypto_hmac_sha384_alloc_ctx(&c); 225 break; 226 case TEE_ALG_HMAC_SHA512: 227 res = crypto_hmac_sha512_alloc_ctx(&c); 228 break; 229 case TEE_ALG_AES_CBC_MAC_NOPAD: 230 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 231 break; 232 case TEE_ALG_AES_CBC_MAC_PKCS5: 233 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 234 break; 235 case TEE_ALG_DES_CBC_MAC_NOPAD: 236 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 237 break; 238 case TEE_ALG_DES_CBC_MAC_PKCS5: 239 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 240 break; 241 case TEE_ALG_DES3_CBC_MAC_NOPAD: 242 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 243 break; 244 case TEE_ALG_DES3_CBC_MAC_PKCS5: 245 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 246 break; 247 case TEE_ALG_AES_CMAC: 248 res = crypto_aes_cmac_alloc_ctx(&c); 249 break; 250 default: 251 return TEE_ERROR_NOT_SUPPORTED; 252 } 253 254 if (!res) 255 *ctx = c; 256 257 return res; 258 } 259 260 static const struct crypto_mac_ops *mac_ops(void *ctx) 261 { 262 struct crypto_mac_ctx *c = ctx; 263 264 assert(c && c->ops); 265 266 return c->ops; 267 } 268 269 void crypto_mac_free_ctx(void *ctx, uint32_t algo __unused) 270 { 271 if (ctx) 272 mac_ops(ctx)->free_ctx(ctx); 273 } 274 275 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo __unused) 276 { 277 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 278 } 279 280 TEE_Result crypto_mac_init(void *ctx, uint32_t algo __unused, 281 const uint8_t *key, size_t len) 282 { 283 return mac_ops(ctx)->init(ctx, key, len); 284 } 285 286 TEE_Result crypto_mac_update(void *ctx, uint32_t algo __unused, 287 const uint8_t *data, size_t len) 288 { 289 if (!len) 290 return TEE_SUCCESS; 291 292 return mac_ops(ctx)->update(ctx, data, len); 293 } 294 295 TEE_Result crypto_mac_final(void *ctx, uint32_t algo __unused, 296 uint8_t *digest, size_t digest_len) 297 { 298 return mac_ops(ctx)->final(ctx, digest, digest_len); 299 } 300 301 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 302 { 303 TEE_Result res = TEE_SUCCESS; 304 struct crypto_authenc_ctx *c = NULL; 305 306 switch (algo) { 307 #if defined(CFG_CRYPTO_CCM) 308 case TEE_ALG_AES_CCM: 309 res = crypto_aes_ccm_alloc_ctx(&c); 310 break; 311 #endif 312 #if defined(CFG_CRYPTO_GCM) 313 case TEE_ALG_AES_GCM: 314 res = crypto_aes_gcm_alloc_ctx(&c); 315 break; 316 #endif 317 default: 318 return TEE_ERROR_NOT_IMPLEMENTED; 319 } 320 321 if (!res) 322 *ctx = c; 323 324 return res; 325 } 326 327 static const struct crypto_authenc_ops *ae_ops(void *ctx) 328 { 329 struct crypto_authenc_ctx *c = ctx; 330 331 assert(c && c->ops); 332 333 return c->ops; 334 } 335 336 TEE_Result crypto_authenc_init(void *ctx, uint32_t algo __unused, 337 TEE_OperationMode mode, 338 const uint8_t *key, size_t key_len, 339 const uint8_t *nonce, size_t nonce_len, 340 size_t tag_len, size_t aad_len, 341 size_t payload_len) 342 { 343 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 344 tag_len, aad_len, payload_len); 345 } 346 347 TEE_Result crypto_authenc_update_aad(void *ctx, uint32_t algo __unused, 348 TEE_OperationMode mode __unused, 349 const uint8_t *data, size_t len) 350 { 351 return ae_ops(ctx)->update_aad(ctx, data, len); 352 } 353 354 355 TEE_Result crypto_authenc_update_payload(void *ctx, uint32_t algo __unused, 356 TEE_OperationMode mode, 357 const uint8_t *src_data, 358 size_t src_len, uint8_t *dst_data, 359 size_t *dst_len) 360 { 361 if (*dst_len < src_len) 362 return TEE_ERROR_SHORT_BUFFER; 363 *dst_len = src_len; 364 365 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 366 dst_data); 367 } 368 369 TEE_Result crypto_authenc_enc_final(void *ctx, uint32_t algo __unused, 370 const uint8_t *src_data, size_t src_len, 371 uint8_t *dst_data, size_t *dst_len, 372 uint8_t *dst_tag, size_t *dst_tag_len) 373 { 374 if (*dst_len < src_len) 375 return TEE_ERROR_SHORT_BUFFER; 376 *dst_len = src_len; 377 378 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 379 dst_tag, dst_tag_len); 380 } 381 382 TEE_Result crypto_authenc_dec_final(void *ctx, uint32_t algo __unused, 383 const uint8_t *src_data, size_t src_len, 384 uint8_t *dst_data, size_t *dst_len, 385 const uint8_t *tag, size_t tag_len) 386 { 387 if (*dst_len < src_len) 388 return TEE_ERROR_SHORT_BUFFER; 389 *dst_len = src_len; 390 391 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 392 tag_len); 393 } 394 395 void crypto_authenc_final(void *ctx, uint32_t algo __unused) 396 { 397 ae_ops(ctx)->final(ctx); 398 } 399 400 void crypto_authenc_free_ctx(void *ctx, uint32_t algo __unused) 401 { 402 if (ctx) 403 ae_ops(ctx)->free_ctx(ctx); 404 } 405 406 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, 407 uint32_t algo __unused) 408 { 409 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 410 } 411 412 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \ 413 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC) 414 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 415 { 416 return NULL; 417 } 418 419 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 420 size_t fromsize __unused, 421 struct bignum *to __unused) 422 { 423 return TEE_ERROR_NOT_IMPLEMENTED; 424 } 425 426 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 427 { 428 return 0; 429 } 430 431 size_t crypto_bignum_num_bits(struct bignum *a __unused) 432 { 433 return 0; 434 } 435 436 /* 437 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 438 * enough to guarantee that the functions calling this function aren't 439 * called, but just in case add a panic() here to avoid unexpected 440 * behavoir. 441 */ 442 static void bignum_cant_happen(void) 443 { 444 volatile bool b = true; 445 446 /* Avoid warning about function does not return */ 447 if (b) 448 panic(); 449 } 450 451 void crypto_bignum_bn2bin(const struct bignum *from __unused, 452 uint8_t *to __unused) 453 { 454 bignum_cant_happen(); 455 } 456 457 void crypto_bignum_copy(struct bignum *to __unused, 458 const struct bignum *from __unused) 459 { 460 bignum_cant_happen(); 461 } 462 463 void crypto_bignum_free(struct bignum *a) 464 { 465 if (a) 466 panic(); 467 } 468 469 void crypto_bignum_clear(struct bignum *a __unused) 470 { 471 bignum_cant_happen(); 472 } 473 474 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 475 int32_t crypto_bignum_compare(struct bignum *a __unused, 476 struct bignum *b __unused) 477 { 478 bignum_cant_happen(); 479 return -1; 480 } 481 #endif 482 483 #if !defined(CFG_CRYPTO_RSA) 484 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 485 size_t key_size_bits __unused) 486 { 487 return TEE_ERROR_NOT_IMPLEMENTED; 488 } 489 490 TEE_Result 491 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 492 size_t key_size_bits __unused) 493 { 494 return TEE_ERROR_NOT_IMPLEMENTED; 495 } 496 497 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 498 { 499 } 500 501 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 502 size_t key_size __unused) 503 { 504 return TEE_ERROR_NOT_IMPLEMENTED; 505 } 506 507 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 508 const uint8_t *src __unused, 509 size_t src_len __unused, 510 uint8_t *dst __unused, 511 size_t *dst_len __unused) 512 { 513 return TEE_ERROR_NOT_IMPLEMENTED; 514 } 515 516 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 517 const uint8_t *src __unused, 518 size_t src_len __unused, 519 uint8_t *dst __unused, 520 size_t *dst_len __unused) 521 { 522 return TEE_ERROR_NOT_IMPLEMENTED; 523 } 524 525 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 526 struct rsa_keypair *key __unused, 527 const uint8_t *label __unused, 528 size_t label_len __unused, 529 const uint8_t *src __unused, 530 size_t src_len __unused, 531 uint8_t *dst __unused, 532 size_t *dst_len __unused) 533 { 534 return TEE_ERROR_NOT_IMPLEMENTED; 535 } 536 537 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 538 struct rsa_public_key *key __unused, 539 const uint8_t *label __unused, 540 size_t label_len __unused, 541 const uint8_t *src __unused, 542 size_t src_len __unused, 543 uint8_t *dst __unused, 544 size_t *dst_len __unused) 545 { 546 return TEE_ERROR_NOT_IMPLEMENTED; 547 } 548 549 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 550 struct rsa_keypair *key __unused, 551 int salt_len __unused, 552 const uint8_t *msg __unused, 553 size_t msg_len __unused, 554 uint8_t *sig __unused, 555 size_t *sig_len __unused) 556 { 557 return TEE_ERROR_NOT_IMPLEMENTED; 558 } 559 560 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 561 struct rsa_public_key *key __unused, 562 int salt_len __unused, 563 const uint8_t *msg __unused, 564 size_t msg_len __unused, 565 const uint8_t *sig __unused, 566 size_t sig_len __unused) 567 { 568 return TEE_ERROR_NOT_IMPLEMENTED; 569 } 570 #endif /*!CFG_CRYPTO_RSA*/ 571 572 #if !defined(CFG_CRYPTO_DSA) 573 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 574 size_t key_size_bits __unused) 575 { 576 return TEE_ERROR_NOT_IMPLEMENTED; 577 } 578 579 TEE_Result 580 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 581 size_t key_size_bits __unused) 582 { 583 return TEE_ERROR_NOT_IMPLEMENTED; 584 } 585 586 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 587 size_t key_size __unused) 588 { 589 return TEE_ERROR_NOT_IMPLEMENTED; 590 } 591 592 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 593 struct dsa_keypair *key __unused, 594 const uint8_t *msg __unused, 595 size_t msg_len __unused, 596 uint8_t *sig __unused, 597 size_t *sig_len __unused) 598 { 599 return TEE_ERROR_NOT_IMPLEMENTED; 600 } 601 602 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 603 struct dsa_public_key *key __unused, 604 const uint8_t *msg __unused, 605 size_t msg_len __unused, 606 const uint8_t *sig __unused, 607 size_t sig_len __unused) 608 { 609 return TEE_ERROR_NOT_IMPLEMENTED; 610 } 611 #endif /*!CFG_CRYPTO_DSA*/ 612 613 #if !defined(CFG_CRYPTO_DH) 614 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 615 size_t key_size_bits __unused) 616 { 617 return TEE_ERROR_NOT_IMPLEMENTED; 618 } 619 620 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 621 struct bignum *q __unused, 622 size_t xbits __unused) 623 { 624 return TEE_ERROR_NOT_IMPLEMENTED; 625 } 626 627 TEE_Result 628 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 629 struct bignum *public_key __unused, 630 struct bignum *secret __unused) 631 { 632 return TEE_ERROR_NOT_IMPLEMENTED; 633 } 634 #endif /*!CFG_CRYPTO_DH*/ 635 636 #if !defined(CFG_CRYPTO_ECC) 637 TEE_Result 638 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 639 size_t key_size_bits __unused) 640 { 641 return TEE_ERROR_NOT_IMPLEMENTED; 642 } 643 644 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 645 size_t key_size_bits __unused) 646 { 647 return TEE_ERROR_NOT_IMPLEMENTED; 648 } 649 650 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 651 { 652 } 653 654 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 655 { 656 return TEE_ERROR_NOT_IMPLEMENTED; 657 } 658 659 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 660 struct ecc_keypair *key __unused, 661 const uint8_t *msg __unused, 662 size_t msg_len __unused, 663 uint8_t *sig __unused, 664 size_t *sig_len __unused) 665 { 666 return TEE_ERROR_NOT_IMPLEMENTED; 667 } 668 669 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 670 struct ecc_public_key *key __unused, 671 const uint8_t *msg __unused, 672 size_t msg_len __unused, 673 const uint8_t *sig __unused, 674 size_t sig_len __unused) 675 { 676 return TEE_ERROR_NOT_IMPLEMENTED; 677 } 678 679 TEE_Result 680 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 681 struct ecc_public_key *public_key __unused, 682 void *secret __unused, 683 unsigned long *secret_len __unused) 684 { 685 return TEE_ERROR_NOT_IMPLEMENTED; 686 } 687 #endif /*!CFG_CRYPTO_ECC*/ 688