1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2022, Technology Innovation Institute (TII) 4 * Copyright (c) 2022, EPAM Systems 5 */ 6 7 #include <crypto/crypto.h> 8 #include <stdlib.h> 9 #include <string.h> 10 #include <string_ext.h> 11 #include <tee_api_types.h> 12 #include <trace.h> 13 #include <utee_defines.h> 14 15 #include "acipher_helpers.h" 16 17 #define ED25519_KEY_SIZE UL(256) 18 19 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key, 20 size_t key_size) 21 { 22 if (!key || key_size != ED25519_KEY_SIZE) 23 return TEE_ERROR_BAD_PARAMETERS; 24 25 memset(key, 0, sizeof(*key)); 26 27 key->priv = calloc(1, key_size >> 3); 28 key->pub = calloc(1, key_size >> 3); 29 30 if (!key->priv || !key->pub) { 31 free(key->priv); 32 free(key->pub); 33 return TEE_ERROR_OUT_OF_MEMORY; 34 } 35 36 return TEE_SUCCESS; 37 } 38 39 TEE_Result 40 crypto_acipher_alloc_ed25519_public_key(struct ed25519_public_key *key, 41 size_t key_size) 42 { 43 if (!key || key_size != ED25519_KEY_SIZE) 44 return TEE_ERROR_BAD_PARAMETERS; 45 46 memset(key, 0, sizeof(*key)); 47 48 key->pub = calloc(1, key_size >> 3); 49 50 if (!key->pub) 51 return TEE_ERROR_OUT_OF_MEMORY; 52 53 return TEE_SUCCESS; 54 } 55 56 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key, 57 size_t key_size) 58 { 59 curve25519_key ltc_tmp_key = { }; 60 61 if (key_size != ED25519_KEY_SIZE) 62 return TEE_ERROR_BAD_PARAMETERS; 63 64 if (ed25519_make_key(NULL, find_prng("prng_crypto"), 65 <c_tmp_key) != CRYPT_OK) 66 return TEE_ERROR_BAD_PARAMETERS; 67 68 assert(key_size >= sizeof(ltc_tmp_key.pub) && 69 key_size >= sizeof(ltc_tmp_key.priv)); 70 71 memcpy(key->pub, ltc_tmp_key.pub, sizeof(ltc_tmp_key.pub)); 72 memcpy(key->priv, ltc_tmp_key.priv, sizeof(ltc_tmp_key.priv)); 73 memzero_explicit(<c_tmp_key, sizeof(ltc_tmp_key)); 74 75 return TEE_SUCCESS; 76 } 77 78 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key, 79 const uint8_t *msg, size_t msg_len, 80 uint8_t *sig, size_t *sig_len) 81 { 82 int err; 83 unsigned long siglen = 0; 84 curve25519_key private_key = { 85 .type = PK_PRIVATE, 86 .algo = LTC_OID_ED25519, 87 }; 88 89 if (!key || !sig_len) 90 return TEE_ERROR_BAD_PARAMETERS; 91 92 siglen = *sig_len; 93 94 memcpy(private_key.priv, key->priv, sizeof(private_key.priv)); 95 memcpy(private_key.pub, key->pub, sizeof(private_key.pub)); 96 97 err = ed25519_sign(msg, msg_len, sig, &siglen, &private_key); 98 99 memzero_explicit(&private_key, sizeof(private_key)); 100 101 if (err != CRYPT_OK) 102 return TEE_ERROR_BAD_PARAMETERS; 103 *sig_len = siglen; 104 return TEE_SUCCESS; 105 } 106 107 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key, 108 const uint8_t *msg, size_t msg_len, 109 uint8_t *sig, size_t *sig_len, 110 bool ph_flag, 111 const uint8_t *ctx, size_t ctxlen) 112 { 113 int err = CRYPT_ERROR; 114 unsigned long siglen = 0; 115 curve25519_key private_key = { 116 .type = PK_PRIVATE, 117 .algo = LTC_OID_ED25519, 118 }; 119 120 if (!key || !sig_len) 121 return TEE_ERROR_BAD_PARAMETERS; 122 123 siglen = *sig_len; 124 125 memcpy(private_key.priv, key->priv, sizeof(private_key.priv)); 126 memcpy(private_key.pub, key->pub, sizeof(private_key.pub)); 127 128 if (ph_flag) { 129 err = ed25519ph_sign(msg, msg_len, sig, &siglen, 130 ctx, ctxlen, &private_key); 131 } else { 132 err = ed25519ctx_sign(msg, msg_len, sig, &siglen, 133 ctx, ctxlen, &private_key); 134 } 135 136 memzero_explicit(&private_key, sizeof(private_key)); 137 138 if (err != CRYPT_OK) 139 return TEE_ERROR_BAD_PARAMETERS; 140 *sig_len = siglen; 141 return TEE_SUCCESS; 142 } 143 144 TEE_Result crypto_acipher_ed25519_verify(struct ed25519_public_key *key, 145 const uint8_t *msg, size_t msg_len, 146 const uint8_t *sig, size_t sig_len) 147 { 148 int stat = 0; 149 curve25519_key public_key = { 150 .type = PK_PUBLIC, 151 .algo = LTC_OID_ED25519, 152 }; 153 154 if (!key) 155 return TEE_ERROR_BAD_PARAMETERS; 156 157 memcpy(public_key.pub, key->pub, sizeof(public_key.pub)); 158 159 if (ed25519_verify(msg, msg_len, sig, sig_len, &stat, 160 &public_key) != CRYPT_OK) 161 return TEE_ERROR_BAD_PARAMETERS; 162 163 if (stat != 1) 164 return TEE_ERROR_SIGNATURE_INVALID; 165 166 return TEE_SUCCESS; 167 } 168 169 TEE_Result crypto_acipher_ed25519ctx_verify(struct ed25519_public_key *key, 170 const uint8_t *msg, size_t msg_len, 171 const uint8_t *sig, size_t sig_len, 172 bool ph_flag, 173 const uint8_t *ctx, size_t ctxlen) 174 { 175 int stat = 0; 176 curve25519_key public_key = { 177 .type = PK_PUBLIC, 178 .algo = LTC_OID_ED25519, 179 }; 180 181 if (!key) 182 return TEE_ERROR_BAD_PARAMETERS; 183 184 memcpy(public_key.pub, key->pub, sizeof(public_key.pub)); 185 186 if (ph_flag) { 187 if (ed25519ph_verify(msg, msg_len, sig, sig_len, ctx, ctxlen, 188 &stat, &public_key) != CRYPT_OK) 189 return TEE_ERROR_BAD_PARAMETERS; 190 } else { 191 if (ed25519ctx_verify(msg, msg_len, sig, sig_len, ctx, ctxlen, 192 &stat, &public_key) != CRYPT_OK) 193 return TEE_ERROR_BAD_PARAMETERS; 194 } 195 196 if (stat != 1) 197 return TEE_ERROR_SIGNATURE_INVALID; 198 199 return TEE_SUCCESS; 200 } 201