xref: /optee_os/ta/pkcs11/src/processing.h (revision 8fab4371e333936b8d965c1fa6f853774c2c0252) 
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3  * Copyright (c) 2017-2020, Linaro Limited
4  */
5 
6 #ifndef PKCS11_TA_PROCESSING_H
7 #define PKCS11_TA_PROCESSING_H
8 
9 #include <pkcs11_attributes.h>
10 #include <pkcs11_ta.h>
11 #include <tee_internal_api.h>
12 
13 struct pkcs11_client;
14 struct pkcs11_session;
15 struct pkcs11_object;
16 struct active_processing;
17 
18 /**
19  * RSA PSS processing context
20  *
21  * @hash_alg: Hash algorithm mechanism
22  * @mgf_type: Mask generator function
23  * @salt_len: Length of the salt in bytes
24  */
25 struct rsa_pss_processing_ctx {
26 	enum pkcs11_mechanism_id hash_alg;
27 	enum pkcs11_mgf_id mgf_type;
28 	uint32_t salt_len;
29 };
30 
31 /**
32  * RSA OAEP processing context
33  *
34  * @hash_alg: Hash algorithm mechanism
35  * @mgf_type: Mask generator function
36  * @source_type: Type of source.
37  * @source_data_len: Length of the source data.
38  * @source_data: Source data.
39  */
40 struct rsa_oaep_processing_ctx {
41 	enum pkcs11_mechanism_id hash_alg;
42 	enum pkcs11_mgf_id mgf_type;
43 	uint32_t source_type;
44 	uint32_t source_data_len;
45 	uint8_t source_data[];
46 };
47 
48 /**
49  * EDDSA processing context
50  *
51  * @flag: Prehash flag
52  * @ctx_len: Length of the context data
53  * @ctx: Context data
54  */
55 struct eddsa_processing_ctx {
56 	uint32_t flag;
57 	uint32_t ctx_len;
58 	uint8_t ctx[];
59 };
60 
61 /*
62  * Entry points from PKCS11 TA invocation commands
63  */
64 
65 enum pkcs11_rc entry_generate_secret(struct pkcs11_client *client,
66 				     uint32_t ptypes, TEE_Param *params);
67 
68 enum pkcs11_rc entry_generate_key_pair(struct pkcs11_client *client,
69 				       uint32_t ptypes, TEE_Param *params);
70 
71 enum pkcs11_rc entry_processing_init(struct pkcs11_client *client,
72 				     uint32_t ptypes, TEE_Param *params,
73 				     enum processing_func function);
74 
75 enum pkcs11_rc entry_processing_step(struct pkcs11_client *client,
76 				     uint32_t ptypes, TEE_Param *params,
77 				     enum processing_func function,
78 				     enum processing_step step);
79 
80 enum pkcs11_rc entry_processing_key(struct pkcs11_client *client,
81 				    uint32_t ptypes, TEE_Param *params,
82 				    enum processing_func function);
83 
84 enum pkcs11_rc entry_release_active_processing(struct pkcs11_client *client,
85 					       uint32_t ptypes,
86 					       TEE_Param *params);
87 
88 enum pkcs11_rc entry_wrap_key(struct pkcs11_client *client,
89 			      uint32_t ptypes, TEE_Param *params);
90 
91 /*
92  * Util
93  */
94 size_t get_object_key_bit_size(struct pkcs11_object *obj);
95 
96 void release_active_processing(struct pkcs11_session *session);
97 
98 enum pkcs11_rc alloc_get_tee_attribute_data(TEE_ObjectHandle tee_obj,
99 					    uint32_t attribute,
100 					    void **data, size_t *size);
101 
102 enum pkcs11_rc tee2pkcs_add_attribute(struct obj_attrs **head,
103 				      uint32_t pkcs11_id,
104 				      TEE_ObjectHandle tee_obj,
105 				      uint32_t tee_id);
106 
107 /* Asymmetric key operations util */
108 bool processing_is_tee_asymm(uint32_t proc_id);
109 
110 enum pkcs11_rc init_asymm_operation(struct pkcs11_session *session,
111 				    enum processing_func function,
112 				    struct pkcs11_attribute_head *proc_params,
113 				    struct pkcs11_object *obj);
114 
115 enum pkcs11_rc step_asymm_operation(struct pkcs11_session *session,
116 				    enum processing_func function,
117 				    enum processing_step step,
118 				    uint32_t ptypes, TEE_Param *params);
119 
120 /*
121  * Symmetric crypto algorithm specific functions
122  */
123 bool processing_is_tee_symm(uint32_t proc_id);
124 
125 enum pkcs11_rc init_symm_operation(struct pkcs11_session *session,
126 				   enum processing_func function,
127 				   struct pkcs11_attribute_head *proc_params,
128 				   struct pkcs11_object *key);
129 
130 enum pkcs11_rc step_symm_operation(struct pkcs11_session *session,
131 				   enum processing_func function,
132 				   enum processing_step step,
133 				   uint32_t ptypes, TEE_Param *params);
134 
135 enum pkcs11_rc tee_init_ctr_operation(struct active_processing *processing,
136 				      void *proc_params, size_t params_size);
137 
138 enum pkcs11_rc derive_key_by_symm_enc(struct pkcs11_session *session,
139 				      void **out_buf, uint32_t *out_sz);
140 
141 enum pkcs11_rc wrap_data_by_symm_enc(struct pkcs11_session *session,
142 				     void *data, uint32_t data_sz,
143 				     void *out_buf, uint32_t *out_sz);
144 
145 enum pkcs11_rc unwrap_key_by_symm(struct pkcs11_session *session, void *data,
146 				  uint32_t data_sz, void **out_buf,
147 				  uint32_t *out_sz);
148 
149 /* Digest specific functions */
150 bool processing_is_tee_digest(enum pkcs11_mechanism_id mecha_id);
151 
152 enum pkcs11_rc
153 init_digest_operation(struct pkcs11_session *session,
154 		      struct pkcs11_attribute_head *proc_params);
155 
156 enum pkcs11_rc step_digest_operation(struct pkcs11_session *session,
157 				     enum processing_step step,
158 				     struct pkcs11_object *obj,
159 				     uint32_t ptypes, TEE_Param *params);
160 
161 /*
162  * Elliptic curve crypto algorithm specific functions
163  */
164 enum pkcs11_rc load_tee_ec_key_attrs(TEE_Attribute **tee_attrs,
165 				     size_t *tee_count,
166 				     struct pkcs11_object *obj);
167 
168 enum pkcs11_rc load_tee_eddsa_key_attrs(TEE_Attribute **tee_attrs,
169 					size_t *tee_count,
170 					struct pkcs11_object *obj);
171 
172 size_t ec_params2tee_keysize(void *attr, size_t size);
173 
174 uint32_t ec_params2tee_curve(void *attr, size_t size);
175 
176 enum pkcs11_rc pkcs2tee_algo_ecdsa(uint32_t *tee_id,
177 				   struct pkcs11_attribute_head *proc_params,
178 				   struct pkcs11_object *obj);
179 
180 enum pkcs11_rc generate_ec_keys(struct pkcs11_attribute_head *proc_params,
181 				struct obj_attrs **pub_head,
182 				struct obj_attrs **priv_head);
183 
184 enum pkcs11_rc generate_eddsa_keys(struct pkcs11_attribute_head *proc_params,
185 				   struct obj_attrs **pub_head,
186 				   struct obj_attrs **priv_head);
187 
188 size_t ecdsa_get_input_max_byte_size(TEE_OperationHandle op);
189 
190 /*
191  * RSA crypto algorithm specific functions
192  */
193 enum pkcs11_rc load_tee_rsa_key_attrs(TEE_Attribute **tee_attrs,
194 				      size_t *tee_count,
195 				      struct pkcs11_object *obj);
196 
197 enum pkcs11_rc
198 pkcs2tee_proc_params_rsa_pss(struct active_processing *proc,
199 			     struct pkcs11_attribute_head *proc_params);
200 
201 enum pkcs11_rc pkcs2tee_validate_rsa_pss(struct active_processing *proc,
202 					 struct pkcs11_object *obj);
203 
204 enum pkcs11_rc pkcs2tee_algo_rsa_pss(uint32_t *tee_id,
205 				     struct pkcs11_attribute_head *params);
206 
207 enum pkcs11_rc
208 pkcs2tee_proc_params_rsa_oaep(struct active_processing *proc,
209 			      struct pkcs11_attribute_head *proc_params);
210 
211 enum pkcs11_rc
212 pkcs2tee_proc_params_eddsa(struct active_processing *proc,
213 			   struct pkcs11_attribute_head *proc_params);
214 
215 enum pkcs11_rc pkcs2tee_algo_rsa_oaep(uint32_t *tee_id, uint32_t *tee_hash_id,
216 				      struct pkcs11_attribute_head *params);
217 
218 enum pkcs11_rc generate_rsa_keys(struct pkcs11_attribute_head *proc_params,
219 				 struct obj_attrs **pub_head,
220 				 struct obj_attrs **priv_head);
221 
222 size_t rsa_get_input_max_byte_size(TEE_OperationHandle op);
223 
224 enum pkcs11_rc do_asymm_derivation(struct pkcs11_session *session,
225 				   struct pkcs11_attribute_head *proc_params,
226 				   struct obj_attrs **head);
227 
228 enum pkcs11_rc pkcs2tee_param_ecdh(struct pkcs11_attribute_head *proc_params,
229 				   void **pub_data, size_t *pub_size);
230 
231 enum pkcs11_rc pkcs2tee_algo_ecdh(uint32_t *tee_id,
232 				  struct pkcs11_attribute_head *proc_params,
233 				  struct pkcs11_object *obj);
234 
235 #endif /*PKCS11_TA_PROCESSING_H*/
236