1 /* 2 * Copyright (c) 2014, STMicroelectronics International N.V. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright notice, 9 * this list of conditions and the following disclaimer. 10 * 11 * 2. Redistributions in binary form must reproduce the above copyright notice, 12 * this list of conditions and the following disclaimer in the documentation 13 * and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 16 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 19 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 * POSSIBILITY OF SUCH DAMAGE. 26 */ 27 #include <stdlib.h> 28 #include <string.h> 29 #include <string_ext.h> 30 31 #include <tee_api.h> 32 #include <tee_api_defines_extensions.h> 33 #include <tee_internal_api_extensions.h> 34 #include <utee_syscalls.h> 35 #include <utee_defines.h> 36 #include <util.h> 37 38 struct __TEE_OperationHandle { 39 TEE_OperationInfo info; 40 TEE_ObjectHandle key1; 41 TEE_ObjectHandle key2; 42 uint8_t *buffer; /* buffer to collect complete blocks */ 43 bool buffer_two_blocks; /* True if two blocks need to be buffered */ 44 size_t block_size; /* Block size of cipher */ 45 size_t buffer_offs; /* Offset in buffer */ 46 uint32_t state; /* Handle to state in TEE Core */ 47 uint32_t ae_tag_len; /* 48 * tag_len in bytes for AE operation else unused 49 */ 50 }; 51 52 /* Cryptographic Operations API - Generic Operation Functions */ 53 54 TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, 55 uint32_t algorithm, uint32_t mode, 56 uint32_t maxKeySize) 57 { 58 TEE_Result res; 59 TEE_OperationHandle op = TEE_HANDLE_NULL; 60 uint32_t handle_state = 0; 61 size_t block_size = 1; 62 uint32_t req_key_usage; 63 bool with_private_key = false; 64 bool buffer_two_blocks = false; 65 66 if (operation == NULL) 67 TEE_Panic(0); 68 69 if (algorithm == TEE_ALG_AES_XTS) 70 handle_state = TEE_HANDLE_FLAG_EXPECT_TWO_KEYS; 71 72 /* Check algorithm max key size */ 73 switch (algorithm) { 74 case TEE_ALG_DSA_SHA1: 75 if (maxKeySize < 512) 76 return TEE_ERROR_NOT_SUPPORTED; 77 if (maxKeySize > 1024) 78 return TEE_ERROR_NOT_SUPPORTED; 79 if (maxKeySize % 64 != 0) 80 return TEE_ERROR_NOT_SUPPORTED; 81 break; 82 83 case TEE_ALG_DSA_SHA224: 84 if (maxKeySize != 2048) 85 return TEE_ERROR_NOT_SUPPORTED; 86 break; 87 88 case TEE_ALG_DSA_SHA256: 89 if (maxKeySize != 2048 && maxKeySize != 3072) 90 return TEE_ERROR_NOT_SUPPORTED; 91 break; 92 93 default: 94 break; 95 } 96 97 /* Check algorithm mode */ 98 switch (algorithm) { 99 case TEE_ALG_AES_CTS: 100 case TEE_ALG_AES_XTS: 101 buffer_two_blocks = true; 102 /*FALLTHROUGH*/ case TEE_ALG_AES_ECB_NOPAD: 103 case TEE_ALG_AES_CBC_NOPAD: 104 case TEE_ALG_AES_CTR: 105 case TEE_ALG_AES_CCM: 106 case TEE_ALG_AES_GCM: 107 case TEE_ALG_DES_ECB_NOPAD: 108 case TEE_ALG_DES_CBC_NOPAD: 109 case TEE_ALG_DES3_ECB_NOPAD: 110 case TEE_ALG_DES3_CBC_NOPAD: 111 if (TEE_ALG_GET_MAIN_ALG(algorithm) == TEE_MAIN_ALGO_AES) 112 block_size = TEE_AES_BLOCK_SIZE; 113 else 114 block_size = TEE_DES_BLOCK_SIZE; 115 116 if (mode == TEE_MODE_ENCRYPT) 117 req_key_usage = TEE_USAGE_ENCRYPT; 118 else if (mode == TEE_MODE_DECRYPT) 119 req_key_usage = TEE_USAGE_DECRYPT; 120 else 121 return TEE_ERROR_NOT_SUPPORTED; 122 break; 123 124 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5: 125 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1: 126 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224: 127 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256: 128 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384: 129 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512: 130 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1: 131 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224: 132 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256: 133 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384: 134 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512: 135 case TEE_ALG_DSA_SHA1: 136 case TEE_ALG_DSA_SHA224: 137 case TEE_ALG_DSA_SHA256: 138 if (mode == TEE_MODE_SIGN) { 139 with_private_key = true; 140 req_key_usage = TEE_USAGE_SIGN; 141 } else if (mode == TEE_MODE_VERIFY) { 142 req_key_usage = TEE_USAGE_VERIFY; 143 } else { 144 return TEE_ERROR_NOT_SUPPORTED; 145 } 146 break; 147 148 case TEE_ALG_RSAES_PKCS1_V1_5: 149 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1: 150 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224: 151 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256: 152 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384: 153 case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512: 154 if (mode == TEE_MODE_ENCRYPT) { 155 req_key_usage = TEE_USAGE_ENCRYPT; 156 } else if (mode == TEE_MODE_DECRYPT) { 157 with_private_key = true; 158 req_key_usage = TEE_USAGE_DECRYPT; 159 } else { 160 return TEE_ERROR_NOT_SUPPORTED; 161 } 162 break; 163 164 case TEE_ALG_RSA_NOPAD: 165 if (mode == TEE_MODE_ENCRYPT) { 166 req_key_usage = TEE_USAGE_ENCRYPT | TEE_USAGE_VERIFY; 167 } else if (mode == TEE_MODE_DECRYPT) { 168 with_private_key = true; 169 req_key_usage = TEE_USAGE_DECRYPT | TEE_USAGE_SIGN; 170 } else { 171 return TEE_ERROR_NOT_SUPPORTED; 172 } 173 break; 174 175 case TEE_ALG_DH_DERIVE_SHARED_SECRET: 176 case TEE_ALG_HKDF_MD5_DERIVE_KEY: 177 case TEE_ALG_HKDF_SHA1_DERIVE_KEY: 178 case TEE_ALG_HKDF_SHA224_DERIVE_KEY: 179 case TEE_ALG_HKDF_SHA256_DERIVE_KEY: 180 case TEE_ALG_HKDF_SHA384_DERIVE_KEY: 181 case TEE_ALG_HKDF_SHA512_DERIVE_KEY: 182 case TEE_ALG_CONCAT_KDF_SHA1_DERIVE_KEY: 183 case TEE_ALG_CONCAT_KDF_SHA224_DERIVE_KEY: 184 case TEE_ALG_CONCAT_KDF_SHA256_DERIVE_KEY: 185 case TEE_ALG_CONCAT_KDF_SHA384_DERIVE_KEY: 186 case TEE_ALG_CONCAT_KDF_SHA512_DERIVE_KEY: 187 case TEE_ALG_PBKDF2_HMAC_SHA1_DERIVE_KEY: 188 if (mode != TEE_MODE_DERIVE) 189 return TEE_ERROR_NOT_SUPPORTED; 190 with_private_key = true; 191 req_key_usage = TEE_USAGE_DERIVE; 192 break; 193 194 case TEE_ALG_MD5: 195 case TEE_ALG_SHA1: 196 case TEE_ALG_SHA224: 197 case TEE_ALG_SHA256: 198 case TEE_ALG_SHA384: 199 case TEE_ALG_SHA512: 200 if (mode != TEE_MODE_DIGEST) 201 return TEE_ERROR_NOT_SUPPORTED; 202 handle_state |= TEE_HANDLE_FLAG_KEY_SET; 203 req_key_usage = 0; 204 break; 205 206 case TEE_ALG_DES_CBC_MAC_NOPAD: 207 case TEE_ALG_AES_CBC_MAC_NOPAD: 208 case TEE_ALG_AES_CBC_MAC_PKCS5: 209 case TEE_ALG_AES_CMAC: 210 case TEE_ALG_DES_CBC_MAC_PKCS5: 211 case TEE_ALG_DES3_CBC_MAC_NOPAD: 212 case TEE_ALG_DES3_CBC_MAC_PKCS5: 213 case TEE_ALG_HMAC_MD5: 214 case TEE_ALG_HMAC_SHA1: 215 case TEE_ALG_HMAC_SHA224: 216 case TEE_ALG_HMAC_SHA256: 217 case TEE_ALG_HMAC_SHA384: 218 case TEE_ALG_HMAC_SHA512: 219 if (mode != TEE_MODE_MAC) 220 return TEE_ERROR_NOT_SUPPORTED; 221 req_key_usage = TEE_USAGE_MAC; 222 break; 223 224 default: 225 return TEE_ERROR_NOT_SUPPORTED; 226 } 227 228 op = TEE_Malloc(sizeof(*op), 0); 229 if (op == NULL) 230 return TEE_ERROR_OUT_OF_MEMORY; 231 232 op->info.algorithm = algorithm; 233 op->info.operationClass = TEE_ALG_GET_CLASS(algorithm); 234 op->info.mode = mode; 235 op->info.maxKeySize = maxKeySize; 236 op->info.requiredKeyUsage = req_key_usage; 237 op->info.handleState = handle_state; 238 239 if (block_size > 1) { 240 size_t buffer_size = block_size; 241 242 if (buffer_two_blocks) 243 buffer_size *= 2; 244 245 op->buffer = 246 TEE_Malloc(buffer_size, TEE_USER_MEM_HINT_NO_FILL_ZERO); 247 if (op->buffer == NULL) { 248 res = TEE_ERROR_OUT_OF_MEMORY; 249 goto out; 250 } 251 } 252 op->block_size = block_size; 253 op->buffer_two_blocks = buffer_two_blocks; 254 255 if (TEE_ALG_GET_CLASS(algorithm) != TEE_OPERATION_DIGEST) { 256 uint32_t mks = maxKeySize; 257 TEE_ObjectType key_type = TEE_ALG_GET_KEY_TYPE(algorithm, 258 with_private_key); 259 260 /* 261 * If two keys are expected the max key size is the sum of 262 * the size of both keys. 263 */ 264 if (op->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) 265 mks /= 2; 266 267 res = TEE_AllocateTransientObject(key_type, mks, &op->key1); 268 if (res != TEE_SUCCESS) 269 goto out; 270 271 if ((op->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) != 272 0) { 273 res = 274 TEE_AllocateTransientObject(key_type, mks, 275 &op->key2); 276 if (res != TEE_SUCCESS) 277 goto out; 278 } 279 } 280 281 res = utee_cryp_state_alloc(algorithm, mode, (uint32_t) op->key1, 282 (uint32_t) op->key2, &op->state); 283 if (res != TEE_SUCCESS) 284 goto out; 285 286 /* For multi-stage operation do an "init". */ 287 TEE_ResetOperation(op); 288 *operation = op; 289 290 out: 291 if (res != TEE_SUCCESS) { 292 TEE_FreeTransientObject(op->key1); 293 TEE_FreeTransientObject(op->key2); 294 TEE_FreeOperation(op); 295 } 296 297 return res; 298 } 299 300 void TEE_FreeOperation(TEE_OperationHandle operation) 301 { 302 if (operation != TEE_HANDLE_NULL) { 303 /* 304 * Note that keys should not be freed here, since they are 305 * claimed by the operation they will be freed by 306 * utee_cryp_state_free(). 307 */ 308 utee_cryp_state_free(operation->state); 309 TEE_Free(operation->buffer); 310 TEE_Free(operation); 311 } 312 } 313 314 void TEE_GetOperationInfo(TEE_OperationHandle operation, 315 TEE_OperationInfo *operationInfo) 316 { 317 if (operation == TEE_HANDLE_NULL) 318 TEE_Panic(0); 319 320 if (operationInfo == NULL) 321 TEE_Panic(0); 322 323 *operationInfo = operation->info; 324 } 325 326 void TEE_ResetOperation(TEE_OperationHandle operation) 327 { 328 TEE_Result res; 329 330 if (operation == TEE_HANDLE_NULL) 331 TEE_Panic(0); 332 if (operation->info.operationClass == TEE_OPERATION_DIGEST) { 333 res = utee_hash_init(operation->state, NULL, 0); 334 if (res != TEE_SUCCESS) 335 TEE_Panic(res); 336 } 337 operation->info.handleState &= ~TEE_HANDLE_FLAG_INITIALIZED; 338 } 339 340 TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation, 341 TEE_ObjectHandle key) 342 { 343 TEE_Result res; 344 uint32_t key_size = 0; 345 346 if (operation == TEE_HANDLE_NULL) 347 TEE_Panic(0); 348 349 /* No key for digests */ 350 if (operation->info.operationClass == TEE_OPERATION_DIGEST) 351 TEE_Panic(0); 352 353 /* Two keys expected */ 354 if ((operation->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) != 355 0) 356 TEE_Panic(0); 357 358 if (key != TEE_HANDLE_NULL) { 359 TEE_ObjectInfo key_info; 360 361 res = TEE_GetObjectInfo1(key, &key_info); 362 if (res != TEE_SUCCESS) 363 goto err; 364 365 /* Supplied key has to meet required usage */ 366 if ((key_info.objectUsage & operation->info.requiredKeyUsage) != 367 operation->info.requiredKeyUsage) { 368 TEE_Panic(0); 369 } 370 371 if (operation->info.maxKeySize < key_info.keySize) 372 TEE_Panic(0); 373 374 key_size = key_info.keySize; 375 } 376 377 TEE_ResetTransientObject(operation->key1); 378 operation->info.handleState &= ~TEE_HANDLE_FLAG_KEY_SET; 379 380 if (key != TEE_HANDLE_NULL) { 381 res = TEE_CopyObjectAttributes1(operation->key1, key); 382 if (res != TEE_SUCCESS) 383 goto err; 384 385 operation->info.handleState |= TEE_HANDLE_FLAG_KEY_SET; 386 } 387 388 operation->info.keySize = key_size; 389 390 goto out; 391 392 err: 393 if (res == TEE_ERROR_CORRUPT_OBJECT || 394 res == TEE_ERROR_STORAGE_NOT_AVAILABLE) 395 return res; 396 TEE_Panic(0); 397 out: 398 return TEE_SUCCESS; 399 } 400 401 TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation, 402 TEE_ObjectHandle key1, TEE_ObjectHandle key2) 403 { 404 TEE_Result res; 405 uint32_t key_size = 0; 406 407 if (operation == TEE_HANDLE_NULL) 408 TEE_Panic(0); 409 410 /* Two keys not expected */ 411 if ((operation->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) == 412 0) 413 TEE_Panic(0); 414 415 /* Either both keys are NULL or both are not NULL */ 416 if ((key1 == TEE_HANDLE_NULL || key2 == TEE_HANDLE_NULL) && 417 key1 != key2) 418 TEE_Panic(0); 419 420 if (key1 != TEE_HANDLE_NULL) { 421 TEE_ObjectInfo key_info1; 422 TEE_ObjectInfo key_info2; 423 424 res = TEE_GetObjectInfo1(key1, &key_info1); 425 if (res != TEE_SUCCESS) 426 goto err; 427 428 /* Supplied key has to meet required usage */ 429 if ((key_info1.objectUsage & operation->info. 430 requiredKeyUsage) != operation->info.requiredKeyUsage) { 431 TEE_Panic(0); 432 } 433 434 res = TEE_GetObjectInfo1(key2, &key_info2); 435 if (res != TEE_SUCCESS) { 436 if (res == TEE_ERROR_CORRUPT_OBJECT) 437 res = TEE_ERROR_CORRUPT_OBJECT_2; 438 goto err; 439 } 440 441 /* Supplied key has to meet required usage */ 442 if ((key_info2.objectUsage & operation->info. 443 requiredKeyUsage) != operation->info.requiredKeyUsage) { 444 TEE_Panic(0); 445 } 446 447 /* 448 * AES-XTS (the only multi key algorithm supported, requires the 449 * keys to be of equal size. 450 */ 451 if (operation->info.algorithm == TEE_ALG_AES_XTS && 452 key_info1.keySize != key_info2.keySize) 453 TEE_Panic(0); 454 455 if (operation->info.maxKeySize < key_info1.keySize) 456 TEE_Panic(0); 457 458 /* 459 * Odd that only the size of one key should be reported while 460 * size of two key are used when allocating the operation. 461 */ 462 key_size = key_info1.keySize; 463 } 464 465 TEE_ResetTransientObject(operation->key1); 466 TEE_ResetTransientObject(operation->key2); 467 operation->info.handleState &= ~TEE_HANDLE_FLAG_KEY_SET; 468 469 if (key1 != TEE_HANDLE_NULL) { 470 res = TEE_CopyObjectAttributes1(operation->key1, key1); 471 if (res != TEE_SUCCESS) 472 goto err; 473 474 res = TEE_CopyObjectAttributes1(operation->key2, key2); 475 if (res != TEE_SUCCESS) { 476 if (res == TEE_ERROR_CORRUPT_OBJECT) 477 res = TEE_ERROR_CORRUPT_OBJECT_2; 478 goto err; 479 } 480 481 operation->info.handleState |= TEE_HANDLE_FLAG_KEY_SET; 482 } 483 484 operation->info.keySize = key_size; 485 486 goto out; 487 488 err: 489 if (res == TEE_ERROR_CORRUPT_OBJECT || 490 res == TEE_ERROR_CORRUPT_OBJECT_2 || 491 res == TEE_ERROR_STORAGE_NOT_AVAILABLE || 492 res == TEE_ERROR_STORAGE_NOT_AVAILABLE_2) 493 return res; 494 TEE_Panic(0); 495 out: 496 return TEE_SUCCESS; 497 } 498 499 void TEE_CopyOperation(TEE_OperationHandle dst_op, TEE_OperationHandle src_op) 500 { 501 TEE_Result res; 502 503 if (dst_op == TEE_HANDLE_NULL || src_op == TEE_HANDLE_NULL) 504 TEE_Panic(0); 505 if (dst_op->info.algorithm != src_op->info.algorithm) 506 TEE_Panic(0); 507 if (src_op->info.operationClass != TEE_OPERATION_DIGEST) { 508 TEE_ObjectHandle key1 = TEE_HANDLE_NULL; 509 TEE_ObjectHandle key2 = TEE_HANDLE_NULL; 510 511 if (src_op->info.handleState & TEE_HANDLE_FLAG_KEY_SET) { 512 key1 = src_op->key1; 513 key2 = src_op->key2; 514 } 515 516 if ((src_op->info.handleState & 517 TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) == 0) { 518 TEE_SetOperationKey(dst_op, key1); 519 } else { 520 TEE_SetOperationKey2(dst_op, key1, key2); 521 } 522 } 523 dst_op->info.handleState = src_op->info.handleState; 524 dst_op->info.keySize = src_op->info.keySize; 525 526 if (dst_op->buffer_two_blocks != src_op->buffer_two_blocks || 527 dst_op->block_size != src_op->block_size) 528 TEE_Panic(0); 529 530 if (dst_op->buffer != NULL) { 531 if (src_op->buffer == NULL) 532 TEE_Panic(0); 533 534 memcpy(dst_op->buffer, src_op->buffer, src_op->buffer_offs); 535 dst_op->buffer_offs = src_op->buffer_offs; 536 } else if (src_op->buffer != NULL) { 537 TEE_Panic(0); 538 } 539 540 res = utee_cryp_state_copy(dst_op->state, src_op->state); 541 if (res != TEE_SUCCESS) 542 TEE_Panic(res); 543 } 544 545 /* Cryptographic Operations API - Message Digest Functions */ 546 547 void TEE_DigestUpdate(TEE_OperationHandle operation, 548 void *chunk, uint32_t chunkSize) 549 { 550 TEE_Result res = TEE_ERROR_GENERIC; 551 552 if (operation == TEE_HANDLE_NULL || 553 operation->info.operationClass != TEE_OPERATION_DIGEST) 554 TEE_Panic(0); 555 556 res = utee_hash_update(operation->state, chunk, chunkSize); 557 if (res != TEE_SUCCESS) 558 TEE_Panic(res); 559 } 560 561 TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, const void *chunk, 562 uint32_t chunkLen, void *hash, uint32_t *hashLen) 563 { 564 if ((operation == TEE_HANDLE_NULL) || (!chunk && chunkLen) || 565 !hash || !hashLen || 566 (operation->info.operationClass != TEE_OPERATION_DIGEST)) 567 TEE_Panic(0); 568 569 return utee_hash_final(operation->state, chunk, chunkLen, hash, 570 hashLen); 571 } 572 573 /* Cryptographic Operations API - Symmetric Cipher Functions */ 574 575 void TEE_CipherInit(TEE_OperationHandle operation, const void *IV, uint32_t IVLen) 576 { 577 TEE_Result res; 578 579 if (operation == TEE_HANDLE_NULL) 580 TEE_Panic(0); 581 if (operation->info.operationClass != TEE_OPERATION_CIPHER) 582 TEE_Panic(0); 583 res = utee_cipher_init(operation->state, IV, IVLen); 584 if (res != TEE_SUCCESS) 585 TEE_Panic(res); 586 operation->buffer_offs = 0; 587 operation->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED; 588 } 589 590 static TEE_Result tee_buffer_update( 591 TEE_OperationHandle op, 592 TEE_Result(*update_func) (uint32_t state, const void *src, 593 size_t slen, void *dst, uint32_t *dlen), 594 const void *src_data, size_t src_len, 595 void *dest_data, uint32_t *dest_len) 596 { 597 TEE_Result res; 598 const uint8_t *src = src_data; 599 size_t slen = src_len; 600 uint8_t *dst = dest_data; 601 size_t dlen = *dest_len; 602 size_t acc_dlen = 0; 603 uint32_t tmp_dlen; 604 size_t l; 605 size_t buffer_size; 606 size_t buffer_left; 607 608 if (op->buffer_two_blocks) { 609 buffer_size = op->block_size * 2; 610 buffer_left = 1; 611 } else { 612 buffer_size = op->block_size; 613 buffer_left = 0; 614 } 615 616 if (op->buffer_offs > 0) { 617 /* Fill up complete block */ 618 if (op->buffer_offs < op->block_size) 619 l = MIN(slen, op->block_size - op->buffer_offs); 620 else 621 l = MIN(slen, buffer_size - op->buffer_offs); 622 memcpy(op->buffer + op->buffer_offs, src, l); 623 op->buffer_offs += l; 624 src += l; 625 slen -= l; 626 if ((op->buffer_offs % op->block_size) != 0) 627 goto out; /* Nothing left to do */ 628 } 629 630 /* If we can feed from buffer */ 631 if ((op->buffer_offs > 0) && 632 ((op->buffer_offs + slen) >= (buffer_size + buffer_left))) { 633 l = ROUNDUP(op->buffer_offs + slen - buffer_size, 634 op->block_size); 635 l = MIN(op->buffer_offs, l); 636 tmp_dlen = dlen; 637 res = update_func(op->state, op->buffer, l, dst, &tmp_dlen); 638 if (res != TEE_SUCCESS) 639 TEE_Panic(res); 640 dst += tmp_dlen; 641 dlen -= tmp_dlen; 642 acc_dlen += tmp_dlen; 643 op->buffer_offs -= l; 644 if (op->buffer_offs > 0) { 645 /* 646 * Slen is small enough to be contained in rest buffer. 647 */ 648 memcpy(op->buffer, op->buffer + l, buffer_size - l); 649 memcpy(op->buffer + op->buffer_offs, src, slen); 650 op->buffer_offs += slen; 651 goto out; /* Nothing left to do */ 652 } 653 } 654 655 if (slen >= (buffer_size + buffer_left)) { 656 /* Buffer is empty, feed as much as possible from src */ 657 if (TEE_ALIGNMENT_IS_OK(src, uint32_t)) { 658 l = ROUNDUP(slen - buffer_size + 1, op->block_size); 659 660 tmp_dlen = dlen; 661 res = update_func(op->state, src, l, dst, &tmp_dlen); 662 if (res != TEE_SUCCESS) 663 TEE_Panic(res); 664 src += l; 665 slen -= l; 666 dst += tmp_dlen; 667 dlen -= tmp_dlen; 668 acc_dlen += tmp_dlen; 669 } else { 670 /* 671 * Supplied data isn't well aligned, we're forced to 672 * feed through the buffer. 673 */ 674 while (slen >= op->block_size) { 675 memcpy(op->buffer, src, op->block_size); 676 677 tmp_dlen = dlen; 678 res = 679 update_func(op->state, op->buffer, 680 op->block_size, dst, &tmp_dlen); 681 if (res != TEE_SUCCESS) 682 TEE_Panic(res); 683 src += op->block_size; 684 slen -= op->block_size; 685 dst += tmp_dlen; 686 dlen -= tmp_dlen; 687 acc_dlen += tmp_dlen; 688 } 689 } 690 } 691 692 /* Slen is small enough to be contained in buffer. */ 693 memcpy(op->buffer + op->buffer_offs, src, slen); 694 op->buffer_offs += slen; 695 696 out: 697 *dest_len = acc_dlen; 698 return TEE_SUCCESS; 699 } 700 701 TEE_Result TEE_CipherUpdate(TEE_OperationHandle op, const void *srcData, 702 uint32_t srcLen, void *destData, uint32_t *destLen) 703 { 704 size_t req_dlen; 705 706 if (op == TEE_HANDLE_NULL || (srcData == NULL && srcLen != 0) || 707 destLen == NULL || (destData == NULL && *destLen != 0)) 708 TEE_Panic(0); 709 if (op->info.operationClass != TEE_OPERATION_CIPHER) 710 TEE_Panic(0); 711 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 712 TEE_Panic(0); 713 714 /* Calculate required dlen */ 715 req_dlen = ((op->buffer_offs + srcLen) / op->block_size) * 716 op->block_size; 717 if (op->buffer_two_blocks) { 718 if (req_dlen > op->block_size * 2) 719 req_dlen -= op->block_size * 2; 720 else 721 req_dlen = 0; 722 } 723 /* 724 * Check that required destLen is big enough before starting to feed 725 * data to the algorithm. Errors during feeding of data are fatal as we 726 * can't restore sync with this API. 727 */ 728 if (*destLen < req_dlen) { 729 *destLen = req_dlen; 730 return TEE_ERROR_SHORT_BUFFER; 731 } 732 733 tee_buffer_update(op, utee_cipher_update, srcData, srcLen, destData, 734 destLen); 735 736 return TEE_SUCCESS; 737 } 738 739 TEE_Result TEE_CipherDoFinal(TEE_OperationHandle op, 740 const void *srcData, uint32_t srcLen, void *destData, 741 uint32_t *destLen) 742 { 743 TEE_Result res; 744 uint8_t *dst = destData; 745 size_t acc_dlen = 0; 746 uint32_t tmp_dlen; 747 size_t req_dlen; 748 749 if (op == TEE_HANDLE_NULL || (srcData == NULL && srcLen != 0) || 750 destLen == NULL || (destData == NULL && *destLen != 0)) 751 TEE_Panic(0); 752 if (op->info.operationClass != TEE_OPERATION_CIPHER) 753 TEE_Panic(0); 754 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 755 TEE_Panic(0); 756 757 /* 758 * Check that the final block doesn't require padding for those 759 * algorithms that requires client to supply padding. 760 */ 761 if (op->info.algorithm == TEE_ALG_AES_ECB_NOPAD || 762 op->info.algorithm == TEE_ALG_AES_CBC_NOPAD || 763 op->info.algorithm == TEE_ALG_DES_ECB_NOPAD || 764 op->info.algorithm == TEE_ALG_DES_CBC_NOPAD || 765 op->info.algorithm == TEE_ALG_DES3_ECB_NOPAD || 766 op->info.algorithm == TEE_ALG_DES3_CBC_NOPAD) { 767 if (((op->buffer_offs + srcLen) % op->block_size) != 0) 768 return TEE_ERROR_BAD_PARAMETERS; 769 } 770 771 /* 772 * Check that required destLen is big enough before starting to feed 773 * data to the algorithm. Errors during feeding of data are fatal as we 774 * can't restore sync with this API. 775 */ 776 req_dlen = op->buffer_offs + srcLen; 777 if (*destLen < req_dlen) { 778 *destLen = req_dlen; 779 return TEE_ERROR_SHORT_BUFFER; 780 } 781 782 tmp_dlen = *destLen - acc_dlen; 783 tee_buffer_update(op, utee_cipher_update, srcData, srcLen, dst, 784 &tmp_dlen); 785 dst += tmp_dlen; 786 acc_dlen += tmp_dlen; 787 788 tmp_dlen = *destLen - acc_dlen; 789 res = utee_cipher_final(op->state, op->buffer, op->buffer_offs, 790 dst, &tmp_dlen); 791 if (res != TEE_SUCCESS) 792 TEE_Panic(res); 793 acc_dlen += tmp_dlen; 794 795 op->info.handleState &= ~TEE_HANDLE_FLAG_INITIALIZED; 796 *destLen = acc_dlen; 797 return TEE_SUCCESS; 798 } 799 800 /* Cryptographic Operations API - MAC Functions */ 801 802 void TEE_MACInit(TEE_OperationHandle operation, const void *IV, uint32_t IVLen) 803 { 804 TEE_Result res; 805 806 if (operation == TEE_HANDLE_NULL) 807 TEE_Panic(0); 808 if (IV == NULL && IVLen != 0) 809 TEE_Panic(0); 810 if (operation->info.operationClass != TEE_OPERATION_MAC) 811 TEE_Panic(0); 812 res = utee_hash_init(operation->state, IV, IVLen); 813 if (res != TEE_SUCCESS) 814 TEE_Panic(res); 815 operation->buffer_offs = 0; 816 operation->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED; 817 } 818 819 void TEE_MACUpdate(TEE_OperationHandle op, const void *chunk, uint32_t chunkSize) 820 { 821 TEE_Result res; 822 823 if (op == TEE_HANDLE_NULL || (chunk == NULL && chunkSize != 0)) 824 TEE_Panic(0); 825 if (op->info.operationClass != TEE_OPERATION_MAC) 826 TEE_Panic(0); 827 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 828 TEE_Panic(0); 829 830 res = utee_hash_update(op->state, chunk, chunkSize); 831 if (res != TEE_SUCCESS) 832 TEE_Panic(res); 833 } 834 835 TEE_Result TEE_MACComputeFinal(TEE_OperationHandle op, 836 const void *message, uint32_t messageLen, 837 void *mac, uint32_t *macLen) 838 { 839 TEE_Result res; 840 841 if (op == TEE_HANDLE_NULL || (message == NULL && messageLen != 0) || 842 mac == NULL || macLen == NULL) 843 TEE_Panic(0); 844 if (op->info.operationClass != TEE_OPERATION_MAC) 845 TEE_Panic(0); 846 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 847 TEE_Panic(0); 848 849 res = utee_hash_final(op->state, message, messageLen, mac, macLen); 850 op->info.handleState &= ~TEE_HANDLE_FLAG_INITIALIZED; 851 return res; 852 } 853 854 TEE_Result TEE_MACCompareFinal(TEE_OperationHandle operation, 855 const void *message, uint32_t messageLen, 856 const void *mac, uint32_t macLen) 857 { 858 TEE_Result res; 859 uint8_t computed_mac[TEE_MAX_HASH_SIZE]; 860 uint32_t computed_mac_size = TEE_MAX_HASH_SIZE; 861 862 res = TEE_MACComputeFinal(operation, message, messageLen, computed_mac, 863 &computed_mac_size); 864 if (res != TEE_SUCCESS) 865 return res; 866 if (computed_mac_size != macLen) 867 return TEE_ERROR_MAC_INVALID; 868 if (buf_compare_ct(mac, computed_mac, computed_mac_size) != 0) 869 return TEE_ERROR_MAC_INVALID; 870 return TEE_SUCCESS; 871 } 872 873 /* Cryptographic Operations API - Authenticated Encryption Functions */ 874 875 TEE_Result TEE_AEInit(TEE_OperationHandle op, const void *nonce, 876 uint32_t nonceLen, uint32_t tagLen, uint32_t AADLen, 877 uint32_t payloadLen) 878 { 879 TEE_Result res; 880 881 if (op == TEE_HANDLE_NULL || nonce == NULL) 882 TEE_Panic(0); 883 if (op->info.operationClass != TEE_OPERATION_AE) 884 TEE_Panic(0); 885 886 /* 887 * AES-CCM tag len is specified by AES-CCM spec and handled in TEE Core 888 * in the implementation. But AES-GCM spec doesn't specify the tag len 889 * according to the same principle so we have to check here instead to 890 * be GP compliant. 891 */ 892 if (op->info.algorithm == TEE_ALG_AES_GCM) { 893 /* 894 * From GP spec: For AES-GCM, can be 128, 120, 112, 104, or 96 895 */ 896 if (tagLen < 96 || tagLen > 128 || (tagLen % 8 != 0)) 897 return TEE_ERROR_NOT_SUPPORTED; 898 } 899 900 res = utee_authenc_init(op->state, nonce, nonceLen, tagLen / 8, AADLen, 901 payloadLen); 902 if (res != TEE_SUCCESS) { 903 if (res != TEE_ERROR_NOT_SUPPORTED) 904 TEE_Panic(res); 905 return res; 906 } 907 op->ae_tag_len = tagLen / 8; 908 909 op->info.handleState |= TEE_HANDLE_FLAG_INITIALIZED; 910 return TEE_SUCCESS; 911 } 912 913 void TEE_AEUpdateAAD(TEE_OperationHandle op, const void *AADdata, 914 uint32_t AADdataLen) 915 { 916 TEE_Result res; 917 918 if (op == TEE_HANDLE_NULL || (AADdata == NULL && AADdataLen != 0)) 919 TEE_Panic(0); 920 if (op->info.operationClass != TEE_OPERATION_AE) 921 TEE_Panic(0); 922 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 923 TEE_Panic(0); 924 925 res = utee_authenc_update_aad(op->state, AADdata, AADdataLen); 926 if (res != TEE_SUCCESS) 927 TEE_Panic(res); 928 } 929 930 TEE_Result TEE_AEUpdate(TEE_OperationHandle op, const void *srcData, 931 uint32_t srcLen, void *destData, uint32_t *destLen) 932 { 933 size_t req_dlen; 934 935 if (op == TEE_HANDLE_NULL || (srcData == NULL && srcLen != 0) || 936 destLen == NULL || (destData == NULL && *destLen != 0)) 937 TEE_Panic(0); 938 if (op->info.operationClass != TEE_OPERATION_AE) 939 TEE_Panic(0); 940 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 941 TEE_Panic(0); 942 943 /* 944 * Check that required destLen is big enough before starting to feed 945 * data to the algorithm. Errors during feeding of data are fatal as we 946 * can't restore sync with this API. 947 */ 948 req_dlen = ROUNDDOWN(op->buffer_offs + srcLen, op->block_size); 949 if (*destLen < req_dlen) { 950 *destLen = req_dlen; 951 return TEE_ERROR_SHORT_BUFFER; 952 } 953 954 tee_buffer_update(op, utee_authenc_update_payload, srcData, srcLen, 955 destData, destLen); 956 957 return TEE_SUCCESS; 958 } 959 960 TEE_Result TEE_AEEncryptFinal(TEE_OperationHandle op, 961 const void *srcData, uint32_t srcLen, 962 void *destData, uint32_t *destLen, void *tag, 963 uint32_t *tagLen) 964 { 965 TEE_Result res; 966 uint8_t *dst = destData; 967 size_t acc_dlen = 0; 968 uint32_t tmp_dlen; 969 size_t req_dlen; 970 971 if (op == TEE_HANDLE_NULL || (srcData == NULL && srcLen != 0) || 972 destLen == NULL || (destData == NULL && *destLen != 0) || 973 tag == NULL || tagLen == NULL) 974 TEE_Panic(0); 975 if (op->info.operationClass != TEE_OPERATION_AE) 976 TEE_Panic(0); 977 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 978 TEE_Panic(0); 979 980 /* 981 * Check that required destLen is big enough before starting to feed 982 * data to the algorithm. Errors during feeding of data are fatal as we 983 * can't restore sync with this API. 984 */ 985 req_dlen = op->buffer_offs + srcLen; 986 if (*destLen < req_dlen) { 987 *destLen = req_dlen; 988 return TEE_ERROR_SHORT_BUFFER; 989 } 990 991 /* 992 * Need to check this before update_payload since sync would be lost if 993 * we return short buffer after that. 994 */ 995 if (*tagLen < op->ae_tag_len) { 996 *tagLen = op->ae_tag_len; 997 return TEE_ERROR_SHORT_BUFFER; 998 } 999 1000 tmp_dlen = *destLen - acc_dlen; 1001 tee_buffer_update(op, utee_authenc_update_payload, srcData, srcLen, 1002 dst, &tmp_dlen); 1003 dst += tmp_dlen; 1004 acc_dlen += tmp_dlen; 1005 1006 tmp_dlen = *destLen - acc_dlen; 1007 res = 1008 utee_authenc_enc_final(op->state, op->buffer, op->buffer_offs, dst, 1009 &tmp_dlen, tag, tagLen); 1010 if (res != TEE_SUCCESS) 1011 TEE_Panic(res); 1012 acc_dlen += tmp_dlen; 1013 1014 *destLen = acc_dlen; 1015 op->info.handleState &= ~TEE_HANDLE_FLAG_INITIALIZED; 1016 1017 return res; 1018 } 1019 1020 TEE_Result TEE_AEDecryptFinal(TEE_OperationHandle op, 1021 const void *srcData, uint32_t srcLen, 1022 void *destData, uint32_t *destLen, const void *tag, 1023 uint32_t tagLen) 1024 { 1025 TEE_Result res; 1026 uint8_t *dst = destData; 1027 size_t acc_dlen = 0; 1028 uint32_t tmp_dlen; 1029 size_t req_dlen; 1030 1031 if (op == TEE_HANDLE_NULL || (srcData == NULL && srcLen != 0) || 1032 destLen == NULL || (destData == NULL && *destLen != 0) || 1033 (tag == NULL && tagLen != 0)) 1034 TEE_Panic(0); 1035 if (op->info.operationClass != TEE_OPERATION_AE) 1036 TEE_Panic(0); 1037 if ((op->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) 1038 TEE_Panic(0); 1039 1040 /* 1041 * Check that required destLen is big enough before starting to feed 1042 * data to the algorithm. Errors during feeding of data are fatal as we 1043 * can't restore sync with this API. 1044 */ 1045 req_dlen = op->buffer_offs + srcLen; 1046 if (*destLen < req_dlen) { 1047 *destLen = req_dlen; 1048 return TEE_ERROR_SHORT_BUFFER; 1049 } 1050 1051 tmp_dlen = *destLen - acc_dlen; 1052 tee_buffer_update(op, utee_authenc_update_payload, srcData, srcLen, 1053 dst, &tmp_dlen); 1054 dst += tmp_dlen; 1055 acc_dlen += tmp_dlen; 1056 1057 tmp_dlen = *destLen - acc_dlen; 1058 res = 1059 utee_authenc_dec_final(op->state, op->buffer, op->buffer_offs, dst, 1060 &tmp_dlen, tag, tagLen); 1061 if (res != TEE_SUCCESS && res != TEE_ERROR_MAC_INVALID) 1062 TEE_Panic(res); 1063 /* Supplied tagLen should match what we initiated with */ 1064 if (tagLen != op->ae_tag_len) 1065 res = TEE_ERROR_MAC_INVALID; 1066 1067 acc_dlen += tmp_dlen; 1068 1069 *destLen = acc_dlen; 1070 op->info.handleState &= ~TEE_HANDLE_FLAG_INITIALIZED; 1071 1072 return res; 1073 } 1074 1075 /* Cryptographic Operations API - Asymmetric Functions */ 1076 1077 TEE_Result TEE_AsymmetricEncrypt(TEE_OperationHandle op, 1078 const TEE_Attribute *params, 1079 uint32_t paramCount, const void *srcData, 1080 uint32_t srcLen, void *destData, 1081 uint32_t *destLen) 1082 { 1083 TEE_Result res; 1084 1085 if (op == TEE_HANDLE_NULL || (srcData == NULL && srcLen != 0) || 1086 destLen == NULL || (destData == NULL && *destLen != 0)) 1087 TEE_Panic(0); 1088 if (paramCount != 0 && params == NULL) 1089 TEE_Panic(0); 1090 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_CIPHER) 1091 TEE_Panic(0); 1092 if (op->info.mode != TEE_MODE_ENCRYPT) 1093 TEE_Panic(0); 1094 1095 res = utee_asymm_operate(op->state, params, paramCount, srcData, srcLen, 1096 destData, destLen); 1097 if (res != TEE_SUCCESS && 1098 res != TEE_ERROR_SHORT_BUFFER && 1099 res != TEE_ERROR_BAD_PARAMETERS) 1100 TEE_Panic(res); 1101 return res; 1102 } 1103 1104 TEE_Result TEE_AsymmetricDecrypt(TEE_OperationHandle op, 1105 const TEE_Attribute *params, 1106 uint32_t paramCount, const void *srcData, 1107 uint32_t srcLen, void *destData, 1108 uint32_t *destLen) 1109 { 1110 TEE_Result res; 1111 1112 if (op == TEE_HANDLE_NULL || (srcData == NULL && srcLen != 0) || 1113 destLen == NULL || (destData == NULL && *destLen != 0)) 1114 TEE_Panic(0); 1115 if (paramCount != 0 && params == NULL) 1116 TEE_Panic(0); 1117 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_CIPHER) 1118 TEE_Panic(0); 1119 if (op->info.mode != TEE_MODE_DECRYPT) 1120 TEE_Panic(0); 1121 1122 res = utee_asymm_operate(op->state, params, paramCount, srcData, srcLen, 1123 destData, destLen); 1124 if (res != TEE_SUCCESS && 1125 res != TEE_ERROR_SHORT_BUFFER && 1126 res != TEE_ERROR_BAD_PARAMETERS) 1127 TEE_Panic(res); 1128 return res; 1129 } 1130 1131 TEE_Result TEE_AsymmetricSignDigest(TEE_OperationHandle op, 1132 const TEE_Attribute *params, 1133 uint32_t paramCount, const void *digest, 1134 uint32_t digestLen, void *signature, 1135 uint32_t *signatureLen) 1136 { 1137 TEE_Result res; 1138 1139 if (op == TEE_HANDLE_NULL || (digest == NULL && digestLen != 0) || 1140 signature == NULL || signatureLen == NULL) 1141 TEE_Panic(0); 1142 if (paramCount != 0 && params == NULL) 1143 TEE_Panic(0); 1144 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_SIGNATURE) 1145 TEE_Panic(0); 1146 if (op->info.mode != TEE_MODE_SIGN) 1147 TEE_Panic(0); 1148 1149 res = 1150 utee_asymm_operate(op->state, params, paramCount, digest, digestLen, 1151 signature, signatureLen); 1152 if (res != TEE_SUCCESS && res != TEE_ERROR_SHORT_BUFFER) 1153 TEE_Panic(res); 1154 return res; 1155 } 1156 1157 TEE_Result TEE_AsymmetricVerifyDigest(TEE_OperationHandle op, 1158 const TEE_Attribute *params, 1159 uint32_t paramCount, const void *digest, 1160 uint32_t digestLen, const void *signature, 1161 uint32_t signatureLen) 1162 { 1163 TEE_Result res; 1164 1165 if (op == TEE_HANDLE_NULL || (digest == NULL && digestLen != 0) || 1166 (signature == NULL && signatureLen != 0)) 1167 TEE_Panic(0); 1168 if (paramCount != 0 && params == NULL) 1169 TEE_Panic(0); 1170 if (op->info.operationClass != TEE_OPERATION_ASYMMETRIC_SIGNATURE) 1171 TEE_Panic(0); 1172 if (op->info.mode != TEE_MODE_VERIFY) 1173 TEE_Panic(0); 1174 1175 res = 1176 utee_asymm_verify(op->state, params, paramCount, digest, digestLen, 1177 signature, signatureLen); 1178 if (res != TEE_SUCCESS && res != TEE_ERROR_SIGNATURE_INVALID) 1179 TEE_Panic(res); 1180 return res; 1181 } 1182 1183 /* Cryptographic Operations API - Key Derivation Functions */ 1184 1185 void TEE_DeriveKey(TEE_OperationHandle operation, 1186 const TEE_Attribute *params, uint32_t paramCount, 1187 TEE_ObjectHandle derivedKey) 1188 { 1189 TEE_Result res; 1190 TEE_ObjectInfo key_info; 1191 1192 if (operation == TEE_HANDLE_NULL || derivedKey == 0) 1193 TEE_Panic(0); 1194 if (paramCount != 0 && params == NULL) 1195 TEE_Panic(0); 1196 if (TEE_ALG_GET_CLASS(operation->info.algorithm) != 1197 TEE_OPERATION_KEY_DERIVATION) 1198 TEE_Panic(0); 1199 1200 if (operation->info.operationClass != TEE_OPERATION_KEY_DERIVATION) 1201 TEE_Panic(0); 1202 if (operation->info.mode != TEE_MODE_DERIVE) 1203 TEE_Panic(0); 1204 if ((operation->info.handleState & TEE_HANDLE_FLAG_KEY_SET) == 0) 1205 TEE_Panic(0); 1206 1207 res = utee_cryp_obj_get_info((uint32_t) derivedKey, &key_info); 1208 if (res != TEE_SUCCESS) 1209 TEE_Panic(0); 1210 1211 if (key_info.objectType != TEE_TYPE_GENERIC_SECRET) 1212 TEE_Panic(0); 1213 if ((key_info.handleFlags & TEE_HANDLE_FLAG_INITIALIZED) != 0) 1214 TEE_Panic(0); 1215 1216 res = utee_cryp_derive_key(operation->state, params, paramCount, 1217 (uint32_t) derivedKey); 1218 if (res != TEE_SUCCESS) 1219 TEE_Panic(res); 1220 } 1221 1222 /* Cryptographic Operations API - Random Number Generation Functions */ 1223 1224 void TEE_GenerateRandom(void *randomBuffer, uint32_t randomBufferLen) 1225 { 1226 TEE_Result res; 1227 1228 res = utee_cryp_random_number_generate(randomBuffer, randomBufferLen); 1229 if (res != TEE_SUCCESS) 1230 TEE_Panic(res); 1231 } 1232