1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (C) 2018, ARM Limited 4 * Copyright (C) 2019, Linaro Limited 5 */ 6 7 #include <assert.h> 8 #include <compiler.h> 9 #include <crypto/crypto_accel.h> 10 #include <crypto/crypto.h> 11 #include <crypto/crypto_impl.h> 12 #include <kernel/panic.h> 13 #include <mbedtls/md.h> 14 #include <mbedtls/platform_util.h> 15 #include <mbedtls/sha1.h> 16 #include <mbedtls/sha256.h> 17 #include <stdlib.h> 18 #include <string_ext.h> 19 #include <string.h> 20 #include <tee_api_types.h> 21 #include <utee_defines.h> 22 #include <util.h> 23 24 struct mbed_hash_ctx { 25 struct crypto_hash_ctx hash_ctx; 26 mbedtls_md_context_t md_ctx; 27 }; 28 29 static const struct crypto_hash_ops mbed_hash_ops; 30 31 static struct mbed_hash_ctx *to_hash_ctx(struct crypto_hash_ctx *ctx) 32 { 33 assert(ctx && ctx->ops == &mbed_hash_ops); 34 35 return container_of(ctx, struct mbed_hash_ctx, hash_ctx); 36 } 37 38 static TEE_Result mbed_hash_init(struct crypto_hash_ctx *ctx) 39 { 40 if (mbedtls_md_starts(&to_hash_ctx(ctx)->md_ctx)) 41 return TEE_ERROR_BAD_STATE; 42 43 return TEE_SUCCESS; 44 } 45 46 static TEE_Result mbed_hash_update(struct crypto_hash_ctx *ctx, 47 const uint8_t *data, size_t len) 48 { 49 if (mbedtls_md_update(&to_hash_ctx(ctx)->md_ctx, data, len)) 50 return TEE_ERROR_BAD_STATE; 51 52 return TEE_SUCCESS; 53 } 54 55 static TEE_Result mbed_hash_final(struct crypto_hash_ctx *ctx, uint8_t *digest, 56 size_t len) 57 { 58 struct mbed_hash_ctx *hc = to_hash_ctx(ctx); 59 size_t hash_size = mbedtls_md_get_size(hc->md_ctx.md_info); 60 uint8_t block_digest[TEE_MAX_HASH_SIZE] = { 0 }; 61 uint8_t *tmp_digest = NULL; 62 63 if (len == 0) 64 return TEE_ERROR_BAD_PARAMETERS; 65 66 if (hash_size > len) { 67 if (hash_size > sizeof(block_digest)) 68 return TEE_ERROR_BAD_STATE; 69 tmp_digest = block_digest; /* use a tempory buffer */ 70 } else { 71 tmp_digest = digest; 72 } 73 74 if (mbedtls_md_finish(&hc->md_ctx, tmp_digest)) 75 return TEE_ERROR_BAD_STATE; 76 77 if (hash_size > len) 78 memcpy(digest, tmp_digest, len); 79 80 return TEE_SUCCESS; 81 } 82 83 static void mbed_hash_free_ctx(struct crypto_hash_ctx *ctx) 84 { 85 struct mbed_hash_ctx *hc = to_hash_ctx(ctx); 86 87 mbedtls_md_free(&hc->md_ctx); 88 free(hc); 89 } 90 91 static void mbed_hash_copy_state(struct crypto_hash_ctx *dst_ctx, 92 struct crypto_hash_ctx *src_ctx) 93 { 94 struct mbed_hash_ctx *src = to_hash_ctx(src_ctx); 95 struct mbed_hash_ctx *dst = to_hash_ctx(dst_ctx); 96 97 if (mbedtls_md_clone(&dst->md_ctx, &src->md_ctx)) 98 panic(); 99 } 100 101 static const struct crypto_hash_ops mbed_hash_ops = { 102 .init = mbed_hash_init, 103 .update = mbed_hash_update, 104 .final = mbed_hash_final, 105 .free_ctx = mbed_hash_free_ctx, 106 .copy_state = mbed_hash_copy_state, 107 }; 108 109 static TEE_Result mbed_hash_alloc_ctx(struct crypto_hash_ctx **ctx_ret, 110 mbedtls_md_type_t md_type) 111 { 112 int mbed_res = 0; 113 struct mbed_hash_ctx *hc = NULL; 114 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); 115 116 if (!md_info) 117 return TEE_ERROR_NOT_SUPPORTED; 118 119 hc = calloc(1, sizeof(*hc)); 120 if (!hc) 121 return TEE_ERROR_OUT_OF_MEMORY; 122 123 hc->hash_ctx.ops = &mbed_hash_ops; 124 mbed_res = mbedtls_md_setup(&hc->md_ctx, md_info, 0); 125 if (mbed_res) { 126 free(hc); 127 if (mbed_res == MBEDTLS_ERR_MD_ALLOC_FAILED) 128 return TEE_ERROR_OUT_OF_MEMORY; 129 return TEE_ERROR_NOT_SUPPORTED; 130 } 131 132 *ctx_ret = &hc->hash_ctx; 133 134 return TEE_SUCCESS; 135 } 136 137 #if defined(CFG_CRYPTO_MD5) 138 TEE_Result crypto_md5_alloc_ctx(struct crypto_hash_ctx **ctx) 139 { 140 return mbed_hash_alloc_ctx(ctx, MBEDTLS_MD_MD5); 141 } 142 #endif 143 144 #if defined(CFG_CRYPTO_SHA1) 145 TEE_Result crypto_sha1_alloc_ctx(struct crypto_hash_ctx **ctx) 146 { 147 return mbed_hash_alloc_ctx(ctx, MBEDTLS_MD_SHA1); 148 } 149 #endif 150 151 #if defined(CFG_CRYPTO_SHA224) 152 TEE_Result crypto_sha224_alloc_ctx(struct crypto_hash_ctx **ctx) 153 { 154 return mbed_hash_alloc_ctx(ctx, MBEDTLS_MD_SHA224); 155 } 156 #endif 157 158 #if defined(CFG_CRYPTO_SHA256) 159 TEE_Result crypto_sha256_alloc_ctx(struct crypto_hash_ctx **ctx) 160 { 161 return mbed_hash_alloc_ctx(ctx, MBEDTLS_MD_SHA256); 162 } 163 #endif 164 165 #if defined(CFG_CRYPTO_SHA384) 166 TEE_Result crypto_sha384_alloc_ctx(struct crypto_hash_ctx **ctx) 167 { 168 return mbed_hash_alloc_ctx(ctx, MBEDTLS_MD_SHA384); 169 } 170 #endif 171 172 #if defined(CFG_CRYPTO_SHA512) 173 TEE_Result crypto_sha512_alloc_ctx(struct crypto_hash_ctx **ctx) 174 { 175 return mbed_hash_alloc_ctx(ctx, MBEDTLS_MD_SHA512); 176 } 177 #endif 178 179 #if defined(CFG_CRYPTO_SHA256) 180 TEE_Result hash_sha256_check(const uint8_t *hash, const uint8_t *data, 181 size_t data_size) 182 { 183 mbedtls_sha256_context hs; 184 uint8_t digest[TEE_SHA256_HASH_SIZE] = { 0 }; 185 186 memset(&hs, 0, sizeof(hs)); 187 mbedtls_sha256_init(&hs); 188 mbedtls_sha256_starts(&hs, 0); 189 mbedtls_sha256_update(&hs, data, data_size); 190 mbedtls_sha256_finish(&hs, digest); 191 mbedtls_sha256_free(&hs); 192 193 if (consttime_memcmp(digest, hash, sizeof(digest))) 194 return TEE_ERROR_SECURITY; 195 return TEE_SUCCESS; 196 } 197 #endif 198 199 #if defined(MBEDTLS_SHA1_PROCESS_ALT) 200 int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, 201 const unsigned char data[64]) 202 { 203 MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 204 MBEDTLS_ERR_SHA1_BAD_INPUT_DATA); 205 MBEDTLS_INTERNAL_VALIDATE_RET((const unsigned char *)data != NULL, 206 MBEDTLS_ERR_SHA1_BAD_INPUT_DATA); 207 208 crypto_accel_sha1_compress(ctx->state, data, 1); 209 210 return 0; 211 } 212 #endif /*MBEDTLS_SHA1_PROCESS_ALT*/ 213 214 #if defined(MBEDTLS_SHA256_PROCESS_ALT) 215 int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, 216 const unsigned char data[64]) 217 { 218 MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 219 MBEDTLS_ERR_SHA256_BAD_INPUT_DATA); 220 MBEDTLS_INTERNAL_VALIDATE_RET((const unsigned char *)data != NULL, 221 MBEDTLS_ERR_SHA256_BAD_INPUT_DATA); 222 223 crypto_accel_sha256_compress(ctx->state, data, 1); 224 225 return 0; 226 } 227 #endif /*MBEDTLS_SHA256_PROCESS_ALT*/ 228