xref: /rk3399_ARM-atf/drivers/auth/crypto_mod.c (revision 61f72a34250d063da67f4fc2b0eb8c3fda3376be) 
1 /*
2  * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <assert.h>
8 #include <crypto_mod.h>
9 #include <debug.h>
10 
11 /* Variable exported by the crypto library through REGISTER_CRYPTO_LIB() */
12 
13 /*
14  * The crypto module is responsible for verifying digital signatures and hashes.
15  * It relies on a crypto library to perform the cryptographic operations.
16  *
17  * The crypto module itself does not impose any specific format on signatures,
18  * signature algorithm, keys or hashes, but most cryptographic libraries will
19  * take the parameters as the following DER encoded ASN.1 structures:
20  *
21  *     AlgorithmIdentifier ::= SEQUENCE  {
22  *         algorithm        OBJECT IDENTIFIER,
23  *         parameters       ANY DEFINED BY algorithm OPTIONAL
24  *     }
25  *
26  *     DigestInfo ::= SEQUENCE {
27  *         digestAlgorithm  AlgorithmIdentifier,
28  *         digest           OCTET STRING
29  *     }
30  *
31  *     SubjectPublicKeyInfo ::= SEQUENCE  {
32  *         algorithm        AlgorithmIdentifier,
33  *         subjectPublicKey BIT STRING
34  *     }
35  *
36  *     SignatureAlgorithm ::= AlgorithmIdentifier
37  *
38  *     SignatureValue ::= BIT STRING
39  */
40 
41 /*
42  * Perform some static checking and call the library initialization function
43  */
44 void crypto_mod_init(void)
45 {
46 	assert(crypto_lib_desc.name != NULL);
47 	assert(crypto_lib_desc.init != NULL);
48 	assert(crypto_lib_desc.verify_signature != NULL);
49 	assert(crypto_lib_desc.verify_hash != NULL);
50 
51 	/* Initialize the cryptographic library */
52 	crypto_lib_desc.init();
53 	INFO("Using crypto library '%s'\n", crypto_lib_desc.name);
54 }
55 
56 /*
57  * Function to verify a digital signature
58  *
59  * Parameters:
60  *
61  *   data_ptr, data_len: signed data
62  *   sig_ptr, sig_len: the digital signature
63  *   sig_alg_ptr, sig_alg_len: the digital signature algorithm
64  *   pk_ptr, pk_len: the public key
65  */
66 int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len,
67 				void *sig_ptr, unsigned int sig_len,
68 				void *sig_alg_ptr, unsigned int sig_alg_len,
69 				void *pk_ptr, unsigned int pk_len)
70 {
71 	assert(data_ptr != NULL);
72 	assert(data_len != 0);
73 	assert(sig_ptr != NULL);
74 	assert(sig_len != 0);
75 	assert(sig_alg_ptr != NULL);
76 	assert(sig_alg_len != 0);
77 	assert(pk_ptr != NULL);
78 	assert(pk_len != 0);
79 
80 	return crypto_lib_desc.verify_signature(data_ptr, data_len,
81 						sig_ptr, sig_len,
82 						sig_alg_ptr, sig_alg_len,
83 						pk_ptr, pk_len);
84 }
85 
86 /*
87  * Verify a hash by comparison
88  *
89  * Parameters:
90  *
91  *   data_ptr, data_len: data to be hashed
92  *   digest_info_ptr, digest_info_len: hash to be compared
93  */
94 int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len,
95 			   void *digest_info_ptr, unsigned int digest_info_len)
96 {
97 	assert(data_ptr != NULL);
98 	assert(data_len != 0);
99 	assert(digest_info_ptr != NULL);
100 	assert(digest_info_len != 0);
101 
102 	return crypto_lib_desc.verify_hash(data_ptr, data_len,
103 					   digest_info_ptr, digest_info_len);
104 }
105