1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <compiler.h> 8 #include <crypto/crypto.h> 9 #include <crypto/crypto_impl.h> 10 #include <kernel/panic.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <utee_defines.h> 14 15 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo) 16 { 17 TEE_Result res = TEE_SUCCESS; 18 struct crypto_hash_ctx *c = NULL; 19 20 switch (algo) { 21 case TEE_ALG_MD5: 22 res = crypto_md5_alloc_ctx(&c); 23 break; 24 case TEE_ALG_SHA1: 25 res = crypto_sha1_alloc_ctx(&c); 26 break; 27 case TEE_ALG_SHA224: 28 res = crypto_sha224_alloc_ctx(&c); 29 break; 30 case TEE_ALG_SHA256: 31 res = crypto_sha256_alloc_ctx(&c); 32 break; 33 case TEE_ALG_SHA384: 34 res = crypto_sha384_alloc_ctx(&c); 35 break; 36 case TEE_ALG_SHA512: 37 res = crypto_sha512_alloc_ctx(&c); 38 break; 39 default: 40 return TEE_ERROR_NOT_IMPLEMENTED; 41 } 42 43 if (!res) 44 *ctx = c; 45 46 return res; 47 } 48 49 static const struct crypto_hash_ops *hash_ops(void *ctx) 50 { 51 struct crypto_hash_ctx *c = ctx; 52 53 assert(c && c->ops); 54 55 return c->ops; 56 } 57 58 void crypto_hash_free_ctx(void *ctx, uint32_t algo __unused) 59 { 60 if (ctx) 61 hash_ops(ctx)->free_ctx(ctx); 62 } 63 64 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx, 65 uint32_t algo __unused) 66 { 67 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 68 } 69 70 TEE_Result crypto_hash_init(void *ctx, uint32_t algo __unused) 71 { 72 return hash_ops(ctx)->init(ctx); 73 } 74 75 TEE_Result crypto_hash_update(void *ctx, uint32_t algo __unused, 76 const uint8_t *data, size_t len) 77 { 78 return hash_ops(ctx)->update(ctx, data, len); 79 } 80 81 TEE_Result crypto_hash_final(void *ctx, uint32_t algo __unused, 82 uint8_t *digest, size_t len) 83 { 84 return hash_ops(ctx)->final(ctx, digest, len); 85 } 86 87 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo) 88 { 89 TEE_Result res = TEE_SUCCESS; 90 struct crypto_cipher_ctx *c = NULL; 91 92 switch (algo) { 93 case TEE_ALG_AES_ECB_NOPAD: 94 res = crypto_aes_ecb_alloc_ctx(&c); 95 break; 96 case TEE_ALG_AES_CBC_NOPAD: 97 res = crypto_aes_cbc_alloc_ctx(&c); 98 break; 99 case TEE_ALG_AES_CTR: 100 res = crypto_aes_ctr_alloc_ctx(&c); 101 break; 102 case TEE_ALG_AES_CTS: 103 res = crypto_aes_cts_alloc_ctx(&c); 104 break; 105 case TEE_ALG_AES_XTS: 106 res = crypto_aes_xts_alloc_ctx(&c); 107 break; 108 case TEE_ALG_DES_ECB_NOPAD: 109 res = crypto_des_ecb_alloc_ctx(&c); 110 break; 111 case TEE_ALG_DES3_ECB_NOPAD: 112 res = crypto_des3_ecb_alloc_ctx(&c); 113 break; 114 case TEE_ALG_DES_CBC_NOPAD: 115 res = crypto_des_cbc_alloc_ctx(&c); 116 break; 117 case TEE_ALG_DES3_CBC_NOPAD: 118 res = crypto_des3_cbc_alloc_ctx(&c); 119 break; 120 default: 121 return TEE_ERROR_NOT_IMPLEMENTED; 122 } 123 124 if (!res) 125 *ctx = c; 126 127 return res; 128 } 129 130 static const struct crypto_cipher_ops *cipher_ops(void *ctx) 131 { 132 struct crypto_cipher_ctx *c = ctx; 133 134 assert(c && c->ops); 135 136 return c->ops; 137 } 138 139 void crypto_cipher_free_ctx(void *ctx, uint32_t algo __unused) 140 { 141 if (ctx) 142 cipher_ops(ctx)->free_ctx(ctx); 143 } 144 145 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx, 146 uint32_t algo __unused) 147 { 148 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 149 } 150 151 TEE_Result crypto_cipher_init(void *ctx __unused, uint32_t algo __unused, 152 TEE_OperationMode mode, const uint8_t *key1, 153 size_t key1_len, const uint8_t *key2, 154 size_t key2_len, const uint8_t *iv, size_t iv_len) 155 { 156 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT) 157 return TEE_ERROR_BAD_PARAMETERS; 158 159 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len, 160 iv, iv_len); 161 } 162 163 TEE_Result crypto_cipher_update(void *ctx, uint32_t algo __unused, 164 TEE_OperationMode mode __unused, 165 bool last_block, const uint8_t *data, 166 size_t len, uint8_t *dst) 167 { 168 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst); 169 } 170 171 void crypto_cipher_final(void *ctx, uint32_t algo __unused) 172 { 173 cipher_ops(ctx)->final(ctx); 174 } 175 176 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size) 177 { 178 uint32_t class = TEE_ALG_GET_CLASS(algo); 179 180 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC && 181 class != TEE_OPERATION_AE) 182 return TEE_ERROR_BAD_PARAMETERS; 183 184 switch (TEE_ALG_GET_MAIN_ALG(algo)) { 185 case TEE_MAIN_ALGO_AES: 186 *size = TEE_AES_BLOCK_SIZE; 187 return TEE_SUCCESS; 188 case TEE_MAIN_ALGO_DES: 189 case TEE_MAIN_ALGO_DES3: 190 *size = TEE_DES_BLOCK_SIZE; 191 return TEE_SUCCESS; 192 default: 193 return TEE_ERROR_NOT_SUPPORTED; 194 } 195 } 196 197 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo) 198 { 199 TEE_Result res = TEE_SUCCESS; 200 struct crypto_mac_ctx *c = NULL; 201 202 switch (algo) { 203 case TEE_ALG_HMAC_MD5: 204 res = crypto_hmac_md5_alloc_ctx(&c); 205 break; 206 case TEE_ALG_HMAC_SHA1: 207 res = crypto_hmac_sha1_alloc_ctx(&c); 208 break; 209 case TEE_ALG_HMAC_SHA224: 210 res = crypto_hmac_sha224_alloc_ctx(&c); 211 break; 212 case TEE_ALG_HMAC_SHA256: 213 res = crypto_hmac_sha256_alloc_ctx(&c); 214 break; 215 case TEE_ALG_HMAC_SHA384: 216 res = crypto_hmac_sha384_alloc_ctx(&c); 217 break; 218 case TEE_ALG_HMAC_SHA512: 219 res = crypto_hmac_sha512_alloc_ctx(&c); 220 break; 221 case TEE_ALG_AES_CBC_MAC_NOPAD: 222 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c); 223 break; 224 case TEE_ALG_AES_CBC_MAC_PKCS5: 225 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c); 226 break; 227 case TEE_ALG_DES_CBC_MAC_NOPAD: 228 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c); 229 break; 230 case TEE_ALG_DES_CBC_MAC_PKCS5: 231 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c); 232 break; 233 case TEE_ALG_DES3_CBC_MAC_NOPAD: 234 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c); 235 break; 236 case TEE_ALG_DES3_CBC_MAC_PKCS5: 237 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c); 238 break; 239 case TEE_ALG_AES_CMAC: 240 res = crypto_aes_cmac_alloc_ctx(&c); 241 break; 242 default: 243 return TEE_ERROR_NOT_SUPPORTED; 244 } 245 246 if (!res) 247 *ctx = c; 248 249 return res; 250 } 251 252 static const struct crypto_mac_ops *mac_ops(void *ctx) 253 { 254 struct crypto_mac_ctx *c = ctx; 255 256 assert(c && c->ops); 257 258 return c->ops; 259 } 260 261 void crypto_mac_free_ctx(void *ctx, uint32_t algo __unused) 262 { 263 if (ctx) 264 mac_ops(ctx)->free_ctx(ctx); 265 } 266 267 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo __unused) 268 { 269 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 270 } 271 272 TEE_Result crypto_mac_init(void *ctx, uint32_t algo __unused, 273 const uint8_t *key, size_t len) 274 { 275 return mac_ops(ctx)->init(ctx, key, len); 276 } 277 278 TEE_Result crypto_mac_update(void *ctx, uint32_t algo __unused, 279 const uint8_t *data, size_t len) 280 { 281 if (!len) 282 return TEE_SUCCESS; 283 284 return mac_ops(ctx)->update(ctx, data, len); 285 } 286 287 TEE_Result crypto_mac_final(void *ctx, uint32_t algo __unused, 288 uint8_t *digest, size_t digest_len) 289 { 290 return mac_ops(ctx)->final(ctx, digest, digest_len); 291 } 292 293 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo) 294 { 295 TEE_Result res = TEE_SUCCESS; 296 struct crypto_authenc_ctx *c = NULL; 297 298 switch (algo) { 299 #if defined(CFG_CRYPTO_CCM) 300 case TEE_ALG_AES_CCM: 301 res = crypto_aes_ccm_alloc_ctx(&c); 302 break; 303 #endif 304 #if defined(CFG_CRYPTO_GCM) 305 case TEE_ALG_AES_GCM: 306 res = crypto_aes_gcm_alloc_ctx(&c); 307 break; 308 #endif 309 default: 310 return TEE_ERROR_NOT_IMPLEMENTED; 311 } 312 313 if (!res) 314 *ctx = c; 315 316 return res; 317 } 318 319 static const struct crypto_authenc_ops *ae_ops(void *ctx) 320 { 321 struct crypto_authenc_ctx *c = ctx; 322 323 assert(c && c->ops); 324 325 return c->ops; 326 } 327 328 TEE_Result crypto_authenc_init(void *ctx, uint32_t algo __unused, 329 TEE_OperationMode mode, 330 const uint8_t *key, size_t key_len, 331 const uint8_t *nonce, size_t nonce_len, 332 size_t tag_len, size_t aad_len, 333 size_t payload_len) 334 { 335 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len, 336 tag_len, aad_len, payload_len); 337 } 338 339 TEE_Result crypto_authenc_update_aad(void *ctx, uint32_t algo __unused, 340 TEE_OperationMode mode __unused, 341 const uint8_t *data, size_t len) 342 { 343 return ae_ops(ctx)->update_aad(ctx, data, len); 344 } 345 346 347 TEE_Result crypto_authenc_update_payload(void *ctx, uint32_t algo __unused, 348 TEE_OperationMode mode, 349 const uint8_t *src_data, 350 size_t src_len, uint8_t *dst_data, 351 size_t *dst_len) 352 { 353 if (*dst_len < src_len) 354 return TEE_ERROR_SHORT_BUFFER; 355 *dst_len = src_len; 356 357 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len, 358 dst_data); 359 } 360 361 TEE_Result crypto_authenc_enc_final(void *ctx, uint32_t algo __unused, 362 const uint8_t *src_data, size_t src_len, 363 uint8_t *dst_data, size_t *dst_len, 364 uint8_t *dst_tag, size_t *dst_tag_len) 365 { 366 if (*dst_len < src_len) 367 return TEE_ERROR_SHORT_BUFFER; 368 *dst_len = src_len; 369 370 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data, 371 dst_tag, dst_tag_len); 372 } 373 374 TEE_Result crypto_authenc_dec_final(void *ctx, uint32_t algo __unused, 375 const uint8_t *src_data, size_t src_len, 376 uint8_t *dst_data, size_t *dst_len, 377 const uint8_t *tag, size_t tag_len) 378 { 379 if (*dst_len < src_len) 380 return TEE_ERROR_SHORT_BUFFER; 381 *dst_len = src_len; 382 383 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag, 384 tag_len); 385 } 386 387 void crypto_authenc_final(void *ctx, uint32_t algo __unused) 388 { 389 ae_ops(ctx)->final(ctx); 390 } 391 392 void crypto_authenc_free_ctx(void *ctx, uint32_t algo __unused) 393 { 394 if (ctx) 395 ae_ops(ctx)->free_ctx(ctx); 396 } 397 398 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx, 399 uint32_t algo __unused) 400 { 401 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx); 402 } 403 404 #if !defined(_CFG_CRYPTO_WITH_ACIPHER) 405 struct bignum *crypto_bignum_allocate(size_t size_bits __unused) 406 { 407 return NULL; 408 } 409 410 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused, 411 size_t fromsize __unused, 412 struct bignum *to __unused) 413 { 414 return TEE_ERROR_NOT_IMPLEMENTED; 415 } 416 417 size_t crypto_bignum_num_bytes(struct bignum *a __unused) 418 { 419 return 0; 420 } 421 422 size_t crypto_bignum_num_bits(struct bignum *a __unused) 423 { 424 return 0; 425 } 426 427 /* 428 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be 429 * enough to guarantee that the functions calling this function aren't 430 * called, but just in case add a panic() here to avoid unexpected 431 * behavoir. 432 */ 433 static void bignum_cant_happen(void) 434 { 435 volatile bool b = true; 436 437 /* Avoid warning about function does not return */ 438 if (b) 439 panic(); 440 } 441 442 void crypto_bignum_bn2bin(const struct bignum *from __unused, 443 uint8_t *to __unused) 444 { 445 bignum_cant_happen(); 446 } 447 448 void crypto_bignum_copy(struct bignum *to __unused, 449 const struct bignum *from __unused) 450 { 451 bignum_cant_happen(); 452 } 453 454 void crypto_bignum_free(struct bignum *a) 455 { 456 if (a) 457 panic(); 458 } 459 460 void crypto_bignum_clear(struct bignum *a __unused) 461 { 462 bignum_cant_happen(); 463 } 464 465 /* return -1 if a<b, 0 if a==b, +1 if a>b */ 466 int32_t crypto_bignum_compare(struct bignum *a __unused, 467 struct bignum *b __unused) 468 { 469 bignum_cant_happen(); 470 return -1; 471 } 472 #endif /*!_CFG_CRYPTO_WITH_ACIPHER*/ 473 474 #if !defined(CFG_CRYPTO_RSA) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 475 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused, 476 size_t key_size_bits __unused) 477 { 478 return TEE_ERROR_NOT_IMPLEMENTED; 479 } 480 481 TEE_Result 482 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused, 483 size_t key_size_bits __unused) 484 { 485 return TEE_ERROR_NOT_IMPLEMENTED; 486 } 487 488 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused) 489 { 490 } 491 492 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused, 493 size_t key_size __unused) 494 { 495 return TEE_ERROR_NOT_IMPLEMENTED; 496 } 497 498 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused, 499 const uint8_t *src __unused, 500 size_t src_len __unused, 501 uint8_t *dst __unused, 502 size_t *dst_len __unused) 503 { 504 return TEE_ERROR_NOT_IMPLEMENTED; 505 } 506 507 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused, 508 const uint8_t *src __unused, 509 size_t src_len __unused, 510 uint8_t *dst __unused, 511 size_t *dst_len __unused) 512 { 513 return TEE_ERROR_NOT_IMPLEMENTED; 514 } 515 516 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused, 517 struct rsa_keypair *key __unused, 518 const uint8_t *label __unused, 519 size_t label_len __unused, 520 const uint8_t *src __unused, 521 size_t src_len __unused, 522 uint8_t *dst __unused, 523 size_t *dst_len __unused) 524 { 525 return TEE_ERROR_NOT_IMPLEMENTED; 526 } 527 528 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused, 529 struct rsa_public_key *key __unused, 530 const uint8_t *label __unused, 531 size_t label_len __unused, 532 const uint8_t *src __unused, 533 size_t src_len __unused, 534 uint8_t *dst __unused, 535 size_t *dst_len __unused) 536 { 537 return TEE_ERROR_NOT_IMPLEMENTED; 538 } 539 540 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused, 541 struct rsa_keypair *key __unused, 542 int salt_len __unused, 543 const uint8_t *msg __unused, 544 size_t msg_len __unused, 545 uint8_t *sig __unused, 546 size_t *sig_len __unused) 547 { 548 return TEE_ERROR_NOT_IMPLEMENTED; 549 } 550 551 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused, 552 struct rsa_public_key *key __unused, 553 int salt_len __unused, 554 const uint8_t *msg __unused, 555 size_t msg_len __unused, 556 const uint8_t *sig __unused, 557 size_t sig_len __unused) 558 { 559 return TEE_ERROR_NOT_IMPLEMENTED; 560 } 561 #endif /*!CFG_CRYPTO_RSA || !_CFG_CRYPTO_WITH_ACIPHER*/ 562 563 #if !defined(CFG_CRYPTO_DSA) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 564 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused, 565 size_t key_size_bits __unused) 566 { 567 return TEE_ERROR_NOT_IMPLEMENTED; 568 } 569 570 TEE_Result 571 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused, 572 size_t key_size_bits __unused) 573 { 574 return TEE_ERROR_NOT_IMPLEMENTED; 575 } 576 577 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused, 578 size_t key_size __unused) 579 { 580 return TEE_ERROR_NOT_IMPLEMENTED; 581 } 582 583 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused, 584 struct dsa_keypair *key __unused, 585 const uint8_t *msg __unused, 586 size_t msg_len __unused, 587 uint8_t *sig __unused, 588 size_t *sig_len __unused) 589 { 590 return TEE_ERROR_NOT_IMPLEMENTED; 591 } 592 593 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused, 594 struct dsa_public_key *key __unused, 595 const uint8_t *msg __unused, 596 size_t msg_len __unused, 597 const uint8_t *sig __unused, 598 size_t sig_len __unused) 599 { 600 return TEE_ERROR_NOT_IMPLEMENTED; 601 } 602 #endif /*!CFG_CRYPTO_DSA || !_CFG_CRYPTO_WITH_ACIPHER*/ 603 604 #if !defined(CFG_CRYPTO_DH) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 605 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused, 606 size_t key_size_bits __unused) 607 { 608 return TEE_ERROR_NOT_IMPLEMENTED; 609 } 610 611 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused, 612 struct bignum *q __unused, 613 size_t xbits __unused) 614 { 615 return TEE_ERROR_NOT_IMPLEMENTED; 616 } 617 618 TEE_Result 619 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused, 620 struct bignum *public_key __unused, 621 struct bignum *secret __unused) 622 { 623 return TEE_ERROR_NOT_IMPLEMENTED; 624 } 625 #endif /*!CFG_CRYPTO_DH || !_CFG_CRYPTO_WITH_ACIPHER*/ 626 627 #if !defined(CFG_CRYPTO_ECC) || !defined(_CFG_CRYPTO_WITH_ACIPHER) 628 TEE_Result 629 crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *s __unused, 630 size_t key_size_bits __unused) 631 { 632 return TEE_ERROR_NOT_IMPLEMENTED; 633 } 634 635 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *s __unused, 636 size_t key_size_bits __unused) 637 { 638 return TEE_ERROR_NOT_IMPLEMENTED; 639 } 640 641 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *s __unused) 642 { 643 } 644 645 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key __unused) 646 { 647 return TEE_ERROR_NOT_IMPLEMENTED; 648 } 649 650 TEE_Result crypto_acipher_ecc_sign(uint32_t algo __unused, 651 struct ecc_keypair *key __unused, 652 const uint8_t *msg __unused, 653 size_t msg_len __unused, 654 uint8_t *sig __unused, 655 size_t *sig_len __unused) 656 { 657 return TEE_ERROR_NOT_IMPLEMENTED; 658 } 659 660 TEE_Result crypto_acipher_ecc_verify(uint32_t algo __unused, 661 struct ecc_public_key *key __unused, 662 const uint8_t *msg __unused, 663 size_t msg_len __unused, 664 const uint8_t *sig __unused, 665 size_t sig_len __unused) 666 { 667 return TEE_ERROR_NOT_IMPLEMENTED; 668 } 669 670 TEE_Result 671 crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key __unused, 672 struct ecc_public_key *public_key __unused, 673 void *secret __unused, 674 unsigned long *secret_len __unused) 675 { 676 return TEE_ERROR_NOT_IMPLEMENTED; 677 } 678 #endif /*!CFG_CRYPTO_ECC || !_CFG_CRYPTO_WITH_ACIPHER*/ 679