1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2017-2020, Linaro Limited 4 */ 5 6 #ifndef PKCS11_TA_PROCESSING_H 7 #define PKCS11_TA_PROCESSING_H 8 9 #include <pkcs11_attributes.h> 10 #include <pkcs11_ta.h> 11 #include <tee_internal_api.h> 12 13 struct pkcs11_client; 14 struct pkcs11_session; 15 struct pkcs11_object; 16 struct active_processing; 17 18 /** 19 * RSA PSS processing context 20 * 21 * @hash_alg: Hash algorithm mechanism 22 * @mgf_type: Mask generator function 23 * @salt_len: Length of the salt in bytes 24 */ 25 struct rsa_pss_processing_ctx { 26 enum pkcs11_mechanism_id hash_alg; 27 enum pkcs11_mgf_id mgf_type; 28 uint32_t salt_len; 29 }; 30 31 /* 32 * Entry points from PKCS11 TA invocation commands 33 */ 34 35 enum pkcs11_rc entry_generate_secret(struct pkcs11_client *client, 36 uint32_t ptypes, TEE_Param *params); 37 38 enum pkcs11_rc entry_generate_key_pair(struct pkcs11_client *client, 39 uint32_t ptypes, TEE_Param *params); 40 41 enum pkcs11_rc entry_processing_init(struct pkcs11_client *client, 42 uint32_t ptypes, TEE_Param *params, 43 enum processing_func function); 44 45 enum pkcs11_rc entry_processing_step(struct pkcs11_client *client, 46 uint32_t ptypes, TEE_Param *params, 47 enum processing_func function, 48 enum processing_step step); 49 50 enum pkcs11_rc entry_processing_key(struct pkcs11_client *client, 51 uint32_t ptypes, TEE_Param *params, 52 enum processing_func function); 53 54 enum pkcs11_rc entry_release_active_processing(struct pkcs11_client *client, 55 uint32_t ptypes, 56 TEE_Param *params); 57 58 enum pkcs11_rc entry_wrap_key(struct pkcs11_client *client, 59 uint32_t ptypes, TEE_Param *params); 60 61 /* 62 * Util 63 */ 64 size_t get_object_key_bit_size(struct pkcs11_object *obj); 65 66 void release_active_processing(struct pkcs11_session *session); 67 68 enum pkcs11_rc alloc_get_tee_attribute_data(TEE_ObjectHandle tee_obj, 69 uint32_t attribute, 70 void **data, size_t *size); 71 72 enum pkcs11_rc tee2pkcs_add_attribute(struct obj_attrs **head, 73 uint32_t pkcs11_id, 74 TEE_ObjectHandle tee_obj, 75 uint32_t tee_id); 76 77 /* Asymmetric key operations util */ 78 bool processing_is_tee_asymm(uint32_t proc_id); 79 80 enum pkcs11_rc init_asymm_operation(struct pkcs11_session *session, 81 enum processing_func function, 82 struct pkcs11_attribute_head *proc_params, 83 struct pkcs11_object *obj); 84 85 enum pkcs11_rc step_asymm_operation(struct pkcs11_session *session, 86 enum processing_func function, 87 enum processing_step step, 88 uint32_t ptypes, TEE_Param *params); 89 90 /* 91 * Symmetric crypto algorithm specific functions 92 */ 93 bool processing_is_tee_symm(uint32_t proc_id); 94 95 enum pkcs11_rc init_symm_operation(struct pkcs11_session *session, 96 enum processing_func function, 97 struct pkcs11_attribute_head *proc_params, 98 struct pkcs11_object *key); 99 100 enum pkcs11_rc step_symm_operation(struct pkcs11_session *session, 101 enum processing_func function, 102 enum processing_step step, 103 uint32_t ptypes, TEE_Param *params); 104 105 enum pkcs11_rc tee_init_ctr_operation(struct active_processing *processing, 106 void *proc_params, size_t params_size); 107 108 enum pkcs11_rc derive_key_by_symm_enc(struct pkcs11_session *session, 109 void **out_buf, uint32_t *out_sz); 110 111 enum pkcs11_rc wrap_data_by_symm_enc(struct pkcs11_session *session, 112 void *data, uint32_t data_sz, 113 void *out_buf, uint32_t *out_sz); 114 115 enum pkcs11_rc unwrap_key_by_symm(struct pkcs11_session *session, void *data, 116 uint32_t data_sz, void **out_buf, 117 uint32_t *out_sz); 118 119 /* Digest specific functions */ 120 bool processing_is_tee_digest(enum pkcs11_mechanism_id mecha_id); 121 122 enum pkcs11_rc 123 init_digest_operation(struct pkcs11_session *session, 124 struct pkcs11_attribute_head *proc_params); 125 126 enum pkcs11_rc step_digest_operation(struct pkcs11_session *session, 127 enum processing_step step, 128 struct pkcs11_object *obj, 129 uint32_t ptypes, TEE_Param *params); 130 131 /* 132 * Elliptic curve crypto algorithm specific functions 133 */ 134 enum pkcs11_rc load_tee_ec_key_attrs(TEE_Attribute **tee_attrs, 135 size_t *tee_count, 136 struct pkcs11_object *obj); 137 138 size_t ec_params2tee_keysize(void *attr, size_t size); 139 140 uint32_t ec_params2tee_curve(void *attr, size_t size); 141 142 enum pkcs11_rc pkcs2tee_algo_ecdsa(uint32_t *tee_id, 143 struct pkcs11_attribute_head *proc_params, 144 struct pkcs11_object *obj); 145 146 enum pkcs11_rc generate_ec_keys(struct pkcs11_attribute_head *proc_params, 147 struct obj_attrs **pub_head, 148 struct obj_attrs **priv_head); 149 150 size_t ecdsa_get_input_max_byte_size(TEE_OperationHandle op); 151 152 /* 153 * RSA crypto algorithm specific functions 154 */ 155 enum pkcs11_rc load_tee_rsa_key_attrs(TEE_Attribute **tee_attrs, 156 size_t *tee_count, 157 struct pkcs11_object *obj); 158 159 enum pkcs11_rc 160 pkcs2tee_proc_params_rsa_pss(struct active_processing *proc, 161 struct pkcs11_attribute_head *proc_params); 162 163 enum pkcs11_rc pkcs2tee_validate_rsa_pss(struct active_processing *proc, 164 struct pkcs11_object *obj); 165 166 enum pkcs11_rc pkcs2tee_algo_rsa_pss(uint32_t *tee_id, 167 struct pkcs11_attribute_head *params); 168 169 enum pkcs11_rc generate_rsa_keys(struct pkcs11_attribute_head *proc_params, 170 struct obj_attrs **pub_head, 171 struct obj_attrs **priv_head); 172 173 size_t rsa_get_input_max_byte_size(TEE_OperationHandle op); 174 175 #endif /*PKCS11_TA_PROCESSING_H*/ 176