xref: /rk3399_ARM-atf/drivers/auth/crypto_mod.c (revision 3b94189a921c0ea2a410c7730dc9636d95f5aa86) 
105799ae0SJuan Castillo /*
2*3b94189aSRoberto Vargas  * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
305799ae0SJuan Castillo  *
482cb2c1aSdp-arm  * SPDX-License-Identifier: BSD-3-Clause
505799ae0SJuan Castillo  */
605799ae0SJuan Castillo 
705799ae0SJuan Castillo #include <assert.h>
805799ae0SJuan Castillo #include <crypto_mod.h>
905799ae0SJuan Castillo #include <debug.h>
1005799ae0SJuan Castillo 
1105799ae0SJuan Castillo /* Variable exported by the crypto library through REGISTER_CRYPTO_LIB() */
1205799ae0SJuan Castillo 
1305799ae0SJuan Castillo /*
1405799ae0SJuan Castillo  * The crypto module is responsible for verifying digital signatures and hashes.
1505799ae0SJuan Castillo  * It relies on a crypto library to perform the cryptographic operations.
1605799ae0SJuan Castillo  *
1705799ae0SJuan Castillo  * The crypto module itself does not impose any specific format on signatures,
1805799ae0SJuan Castillo  * signature algorithm, keys or hashes, but most cryptographic libraries will
1905799ae0SJuan Castillo  * take the parameters as the following DER encoded ASN.1 structures:
2005799ae0SJuan Castillo  *
2105799ae0SJuan Castillo  *     AlgorithmIdentifier ::= SEQUENCE  {
2205799ae0SJuan Castillo  *         algorithm        OBJECT IDENTIFIER,
2305799ae0SJuan Castillo  *         parameters       ANY DEFINED BY algorithm OPTIONAL
2405799ae0SJuan Castillo  *     }
2505799ae0SJuan Castillo  *
2605799ae0SJuan Castillo  *     DigestInfo ::= SEQUENCE {
2705799ae0SJuan Castillo  *         digestAlgorithm  AlgorithmIdentifier,
2805799ae0SJuan Castillo  *         digest           OCTET STRING
2905799ae0SJuan Castillo  *     }
3005799ae0SJuan Castillo  *
3105799ae0SJuan Castillo  *     SubjectPublicKeyInfo ::= SEQUENCE  {
3205799ae0SJuan Castillo  *         algorithm        AlgorithmIdentifier,
3305799ae0SJuan Castillo  *         subjectPublicKey BIT STRING
3405799ae0SJuan Castillo  *     }
3505799ae0SJuan Castillo  *
3605799ae0SJuan Castillo  *     SignatureAlgorithm ::= AlgorithmIdentifier
3705799ae0SJuan Castillo  *
3805799ae0SJuan Castillo  *     SignatureValue ::= BIT STRING
3905799ae0SJuan Castillo  */
4005799ae0SJuan Castillo 
4105799ae0SJuan Castillo /*
4205799ae0SJuan Castillo  * Perform some static checking and call the library initialization function
4305799ae0SJuan Castillo  */
4405799ae0SJuan Castillo void crypto_mod_init(void)
4505799ae0SJuan Castillo {
4605799ae0SJuan Castillo 	assert(crypto_lib_desc.name != NULL);
4705799ae0SJuan Castillo 	assert(crypto_lib_desc.init != NULL);
4805799ae0SJuan Castillo 	assert(crypto_lib_desc.verify_signature != NULL);
4905799ae0SJuan Castillo 	assert(crypto_lib_desc.verify_hash != NULL);
5005799ae0SJuan Castillo 
5105799ae0SJuan Castillo 	/* Initialize the cryptographic library */
5205799ae0SJuan Castillo 	crypto_lib_desc.init();
5305799ae0SJuan Castillo 	INFO("Using crypto library '%s'\n", crypto_lib_desc.name);
5405799ae0SJuan Castillo }
5505799ae0SJuan Castillo 
5605799ae0SJuan Castillo /*
5705799ae0SJuan Castillo  * Function to verify a digital signature
5805799ae0SJuan Castillo  *
5905799ae0SJuan Castillo  * Parameters:
6005799ae0SJuan Castillo  *
6105799ae0SJuan Castillo  *   data_ptr, data_len: signed data
6205799ae0SJuan Castillo  *   sig_ptr, sig_len: the digital signature
6305799ae0SJuan Castillo  *   sig_alg_ptr, sig_alg_len: the digital signature algorithm
6405799ae0SJuan Castillo  *   pk_ptr, pk_len: the public key
6505799ae0SJuan Castillo  */
6605799ae0SJuan Castillo int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len,
6705799ae0SJuan Castillo 				void *sig_ptr, unsigned int sig_len,
6805799ae0SJuan Castillo 				void *sig_alg_ptr, unsigned int sig_alg_len,
6905799ae0SJuan Castillo 				void *pk_ptr, unsigned int pk_len)
7005799ae0SJuan Castillo {
7105799ae0SJuan Castillo 	assert(data_ptr != NULL);
7205799ae0SJuan Castillo 	assert(data_len != 0);
7305799ae0SJuan Castillo 	assert(sig_ptr != NULL);
7405799ae0SJuan Castillo 	assert(sig_len != 0);
7505799ae0SJuan Castillo 	assert(sig_alg_ptr != NULL);
7605799ae0SJuan Castillo 	assert(sig_alg_len != 0);
7705799ae0SJuan Castillo 	assert(pk_ptr != NULL);
7805799ae0SJuan Castillo 	assert(pk_len != 0);
7905799ae0SJuan Castillo 
8005799ae0SJuan Castillo 	return crypto_lib_desc.verify_signature(data_ptr, data_len,
8105799ae0SJuan Castillo 						sig_ptr, sig_len,
8205799ae0SJuan Castillo 						sig_alg_ptr, sig_alg_len,
8305799ae0SJuan Castillo 						pk_ptr, pk_len);
8405799ae0SJuan Castillo }
8505799ae0SJuan Castillo 
8605799ae0SJuan Castillo /*
8705799ae0SJuan Castillo  * Verify a hash by comparison
8805799ae0SJuan Castillo  *
8905799ae0SJuan Castillo  * Parameters:
9005799ae0SJuan Castillo  *
9105799ae0SJuan Castillo  *   data_ptr, data_len: data to be hashed
9205799ae0SJuan Castillo  *   digest_info_ptr, digest_info_len: hash to be compared
9305799ae0SJuan Castillo  */
9405799ae0SJuan Castillo int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len,
9505799ae0SJuan Castillo 			   void *digest_info_ptr, unsigned int digest_info_len)
9605799ae0SJuan Castillo {
9705799ae0SJuan Castillo 	assert(data_ptr != NULL);
9805799ae0SJuan Castillo 	assert(data_len != 0);
9905799ae0SJuan Castillo 	assert(digest_info_ptr != NULL);
10005799ae0SJuan Castillo 	assert(digest_info_len != 0);
10105799ae0SJuan Castillo 
10205799ae0SJuan Castillo 	return crypto_lib_desc.verify_hash(data_ptr, data_len,
10305799ae0SJuan Castillo 					   digest_info_ptr, digest_info_len);
10405799ae0SJuan Castillo }
105