1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (c) 2017, Linaro Limited
4 * Copyright 2020 NXP
5 * Copyright 2021, SumUp Service GmbH
6 */
7
8 #include <assert.h>
9 #include <compiler.h>
10 #include <crypto/crypto.h>
11 #include <crypto/crypto_impl.h>
12 #include <kernel/panic.h>
13 #include <stdlib.h>
14 #include <string.h>
15 #include <utee_defines.h>
16
crypto_hash_alloc_ctx(void ** ctx,uint32_t algo)17 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo)
18 {
19 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
20 struct crypto_hash_ctx *c = NULL;
21
22 /*
23 * Use default cryptographic implementation if no matching
24 * drvcrypt device.
25 */
26 res = drvcrypt_hash_alloc_ctx(&c, algo);
27
28 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
29 switch (algo) {
30 case TEE_ALG_MD5:
31 res = crypto_md5_alloc_ctx(&c);
32 break;
33 case TEE_ALG_SHA1:
34 res = crypto_sha1_alloc_ctx(&c);
35 break;
36 case TEE_ALG_SHA224:
37 res = crypto_sha224_alloc_ctx(&c);
38 break;
39 case TEE_ALG_SHA256:
40 res = crypto_sha256_alloc_ctx(&c);
41 break;
42 case TEE_ALG_SHA384:
43 res = crypto_sha384_alloc_ctx(&c);
44 break;
45 case TEE_ALG_SHA512:
46 res = crypto_sha512_alloc_ctx(&c);
47 break;
48 case TEE_ALG_SM3:
49 res = crypto_sm3_alloc_ctx(&c);
50 break;
51 default:
52 break;
53 }
54 }
55
56 if (!res)
57 *ctx = c;
58
59 return res;
60 }
61
hash_ops(void * ctx)62 static const struct crypto_hash_ops *hash_ops(void *ctx)
63 {
64 struct crypto_hash_ctx *c = ctx;
65
66 assert(c && c->ops);
67
68 return c->ops;
69 }
70
crypto_hash_free_ctx(void * ctx)71 void crypto_hash_free_ctx(void *ctx)
72 {
73 if (ctx)
74 hash_ops(ctx)->free_ctx(ctx);
75 }
76
crypto_hash_copy_state(void * dst_ctx,void * src_ctx)77 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx)
78 {
79 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
80 }
81
crypto_hash_init(void * ctx)82 TEE_Result crypto_hash_init(void *ctx)
83 {
84 return hash_ops(ctx)->init(ctx);
85 }
86
crypto_hash_update(void * ctx,const uint8_t * data,size_t len)87 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len)
88 {
89 return hash_ops(ctx)->update(ctx, data, len);
90 }
91
crypto_hash_final(void * ctx,uint8_t * digest,size_t len)92 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len)
93 {
94 return hash_ops(ctx)->final(ctx, digest, len);
95 }
96
crypto_cipher_alloc_ctx(void ** ctx,uint32_t algo)97 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo)
98 {
99 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
100 struct crypto_cipher_ctx *c = NULL;
101
102 /*
103 * Use default cryptographic implementation if no matching
104 * drvcrypt device.
105 */
106 res = drvcrypt_cipher_alloc_ctx(&c, algo);
107
108 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
109 switch (algo) {
110 case TEE_ALG_AES_ECB_NOPAD:
111 res = crypto_aes_ecb_alloc_ctx(&c);
112 break;
113 case TEE_ALG_AES_CBC_NOPAD:
114 res = crypto_aes_cbc_alloc_ctx(&c);
115 break;
116 case TEE_ALG_AES_CTR:
117 res = crypto_aes_ctr_alloc_ctx(&c);
118 break;
119 case TEE_ALG_AES_CTS:
120 res = crypto_aes_cts_alloc_ctx(&c);
121 break;
122 case TEE_ALG_AES_XTS:
123 res = crypto_aes_xts_alloc_ctx(&c);
124 break;
125 case TEE_ALG_DES_ECB_NOPAD:
126 res = crypto_des_ecb_alloc_ctx(&c);
127 break;
128 case TEE_ALG_DES3_ECB_NOPAD:
129 res = crypto_des3_ecb_alloc_ctx(&c);
130 break;
131 case TEE_ALG_DES_CBC_NOPAD:
132 res = crypto_des_cbc_alloc_ctx(&c);
133 break;
134 case TEE_ALG_DES3_CBC_NOPAD:
135 res = crypto_des3_cbc_alloc_ctx(&c);
136 break;
137 case TEE_ALG_SM4_ECB_NOPAD:
138 res = crypto_sm4_ecb_alloc_ctx(&c);
139 break;
140 case TEE_ALG_SM4_CBC_NOPAD:
141 res = crypto_sm4_cbc_alloc_ctx(&c);
142 break;
143 case TEE_ALG_SM4_CTR:
144 res = crypto_sm4_ctr_alloc_ctx(&c);
145 break;
146 default:
147 return TEE_ERROR_NOT_IMPLEMENTED;
148 }
149 }
150
151 if (!res)
152 *ctx = c;
153
154 return res;
155 }
156
cipher_ops(void * ctx)157 static const struct crypto_cipher_ops *cipher_ops(void *ctx)
158 {
159 struct crypto_cipher_ctx *c = ctx;
160
161 assert(c && c->ops);
162
163 return c->ops;
164 }
165
crypto_cipher_free_ctx(void * ctx)166 void crypto_cipher_free_ctx(void *ctx)
167 {
168 if (ctx)
169 cipher_ops(ctx)->free_ctx(ctx);
170 }
171
crypto_cipher_copy_state(void * dst_ctx,void * src_ctx)172 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx)
173 {
174 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
175 }
176
crypto_cipher_init(void * ctx,TEE_OperationMode mode,const uint8_t * key1,size_t key1_len,const uint8_t * key2,size_t key2_len,const uint8_t * iv,size_t iv_len)177 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode,
178 const uint8_t *key1, size_t key1_len,
179 const uint8_t *key2, size_t key2_len,
180 const uint8_t *iv, size_t iv_len)
181 {
182 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT)
183 return TEE_ERROR_BAD_PARAMETERS;
184
185 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len,
186 iv, iv_len);
187 }
188
crypto_cipher_update(void * ctx,TEE_OperationMode mode __unused,bool last_block,const uint8_t * data,size_t len,uint8_t * dst)189 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused,
190 bool last_block, const uint8_t *data,
191 size_t len, uint8_t *dst)
192 {
193 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst);
194 }
195
crypto_cipher_final(void * ctx)196 void crypto_cipher_final(void *ctx)
197 {
198 cipher_ops(ctx)->final(ctx);
199 }
200
crypto_cipher_get_block_size(uint32_t algo,size_t * size)201 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size)
202 {
203 uint32_t class = TEE_ALG_GET_CLASS(algo);
204
205 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC &&
206 class != TEE_OPERATION_AE)
207 return TEE_ERROR_BAD_PARAMETERS;
208
209 switch (TEE_ALG_GET_MAIN_ALG(algo)) {
210 case TEE_MAIN_ALGO_AES:
211 *size = TEE_AES_BLOCK_SIZE;
212 return TEE_SUCCESS;
213 case TEE_MAIN_ALGO_DES:
214 case TEE_MAIN_ALGO_DES3:
215 *size = TEE_DES_BLOCK_SIZE;
216 return TEE_SUCCESS;
217 case TEE_MAIN_ALGO_SM4:
218 *size = TEE_SM4_BLOCK_SIZE;
219 return TEE_SUCCESS;
220 default:
221 return TEE_ERROR_NOT_SUPPORTED;
222 }
223 }
224
crypto_mac_alloc_ctx(void ** ctx,uint32_t algo)225 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo)
226 {
227 TEE_Result res = TEE_SUCCESS;
228 struct crypto_mac_ctx *c = NULL;
229
230 /*
231 * Use default cryptographic implementation if no matching
232 * drvcrypt device.
233 */
234 res = drvcrypt_mac_alloc_ctx(&c, algo);
235
236 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
237 switch (algo) {
238 case TEE_ALG_HMAC_MD5:
239 res = crypto_hmac_md5_alloc_ctx(&c);
240 break;
241 case TEE_ALG_HMAC_SHA1:
242 res = crypto_hmac_sha1_alloc_ctx(&c);
243 break;
244 case TEE_ALG_HMAC_SHA224:
245 res = crypto_hmac_sha224_alloc_ctx(&c);
246 break;
247 case TEE_ALG_HMAC_SHA256:
248 res = crypto_hmac_sha256_alloc_ctx(&c);
249 break;
250 case TEE_ALG_HMAC_SHA384:
251 res = crypto_hmac_sha384_alloc_ctx(&c);
252 break;
253 case TEE_ALG_HMAC_SHA512:
254 res = crypto_hmac_sha512_alloc_ctx(&c);
255 break;
256 case TEE_ALG_HMAC_SM3:
257 res = crypto_hmac_sm3_alloc_ctx(&c);
258 break;
259 case TEE_ALG_AES_CBC_MAC_NOPAD:
260 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c);
261 break;
262 case TEE_ALG_AES_CBC_MAC_PKCS5:
263 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c);
264 break;
265 case TEE_ALG_DES_CBC_MAC_NOPAD:
266 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c);
267 break;
268 case TEE_ALG_DES_CBC_MAC_PKCS5:
269 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c);
270 break;
271 case TEE_ALG_DES3_CBC_MAC_NOPAD:
272 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c);
273 break;
274 case TEE_ALG_DES3_CBC_MAC_PKCS5:
275 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c);
276 break;
277 case TEE_ALG_DES3_CMAC:
278 res = crypto_des3_cmac_alloc_ctx(&c);
279 break;
280 case TEE_ALG_AES_CMAC:
281 res = crypto_aes_cmac_alloc_ctx(&c);
282 break;
283 default:
284 return TEE_ERROR_NOT_SUPPORTED;
285 }
286 }
287
288 if (!res)
289 *ctx = c;
290
291 return res;
292 }
293
mac_ops(void * ctx)294 static const struct crypto_mac_ops *mac_ops(void *ctx)
295 {
296 struct crypto_mac_ctx *c = ctx;
297
298 assert(c && c->ops);
299
300 return c->ops;
301 }
302
crypto_mac_free_ctx(void * ctx)303 void crypto_mac_free_ctx(void *ctx)
304 {
305 if (ctx)
306 mac_ops(ctx)->free_ctx(ctx);
307 }
308
crypto_mac_copy_state(void * dst_ctx,void * src_ctx)309 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx)
310 {
311 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
312 }
313
crypto_mac_init(void * ctx,const uint8_t * key,size_t len)314 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len)
315 {
316 return mac_ops(ctx)->init(ctx, key, len);
317 }
318
crypto_mac_update(void * ctx,const uint8_t * data,size_t len)319 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len)
320 {
321 if (!len)
322 return TEE_SUCCESS;
323
324 return mac_ops(ctx)->update(ctx, data, len);
325 }
326
crypto_mac_final(void * ctx,uint8_t * digest,size_t digest_len)327 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len)
328 {
329 return mac_ops(ctx)->final(ctx, digest, digest_len);
330 }
331
crypto_authenc_alloc_ctx(void ** ctx,uint32_t algo)332 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo)
333 {
334 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
335 struct crypto_authenc_ctx *c = NULL;
336
337 /*
338 * Use default authenc implementation if no matching
339 * drvcrypt device.
340 */
341 res = drvcrypt_authenc_alloc_ctx(&c, algo);
342
343 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
344 switch (algo) {
345 #if defined(CFG_CRYPTO_CCM)
346 case TEE_ALG_AES_CCM:
347 res = crypto_aes_ccm_alloc_ctx(&c);
348 break;
349 #endif
350 #if defined(CFG_CRYPTO_GCM)
351 case TEE_ALG_AES_GCM:
352 res = crypto_aes_gcm_alloc_ctx(&c);
353 break;
354 #endif
355 default:
356 break;
357 }
358 }
359
360 if (!res)
361 *ctx = c;
362
363 return res;
364 }
365
ae_ops(void * ctx)366 static const struct crypto_authenc_ops *ae_ops(void *ctx)
367 {
368 struct crypto_authenc_ctx *c = ctx;
369
370 assert(c && c->ops);
371
372 return c->ops;
373 }
374
crypto_authenc_init(void * ctx,TEE_OperationMode mode,const uint8_t * key,size_t key_len,const uint8_t * nonce,size_t nonce_len,size_t tag_len,size_t aad_len,size_t payload_len)375 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode,
376 const uint8_t *key, size_t key_len,
377 const uint8_t *nonce, size_t nonce_len,
378 size_t tag_len, size_t aad_len,
379 size_t payload_len)
380 {
381 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len,
382 tag_len, aad_len, payload_len);
383 }
384
crypto_authenc_update_aad(void * ctx,TEE_OperationMode mode __unused,const uint8_t * data,size_t len)385 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused,
386 const uint8_t *data, size_t len)
387 {
388 return ae_ops(ctx)->update_aad(ctx, data, len);
389 }
390
391
crypto_authenc_update_payload(void * ctx,TEE_OperationMode mode,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len)392 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode,
393 const uint8_t *src_data,
394 size_t src_len, uint8_t *dst_data,
395 size_t *dst_len)
396 {
397 if (*dst_len < src_len)
398 return TEE_ERROR_SHORT_BUFFER;
399 *dst_len = src_len;
400
401 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len,
402 dst_data);
403 }
404
crypto_authenc_enc_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,uint8_t * dst_tag,size_t * dst_tag_len)405 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data,
406 size_t src_len, uint8_t *dst_data,
407 size_t *dst_len, uint8_t *dst_tag,
408 size_t *dst_tag_len)
409 {
410 if (*dst_len < src_len)
411 return TEE_ERROR_SHORT_BUFFER;
412 *dst_len = src_len;
413
414 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data,
415 dst_tag, dst_tag_len);
416 }
417
crypto_authenc_dec_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,const uint8_t * tag,size_t tag_len)418 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data,
419 size_t src_len, uint8_t *dst_data,
420 size_t *dst_len, const uint8_t *tag,
421 size_t tag_len)
422 {
423 if (*dst_len < src_len)
424 return TEE_ERROR_SHORT_BUFFER;
425 *dst_len = src_len;
426
427 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag,
428 tag_len);
429 }
430
crypto_authenc_final(void * ctx)431 void crypto_authenc_final(void *ctx)
432 {
433 ae_ops(ctx)->final(ctx);
434 }
435
crypto_authenc_free_ctx(void * ctx)436 void crypto_authenc_free_ctx(void *ctx)
437 {
438 if (ctx)
439 ae_ops(ctx)->free_ctx(ctx);
440 }
441
crypto_authenc_copy_state(void * dst_ctx,void * src_ctx)442 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx)
443 {
444 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
445 }
446
447 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \
448 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC)
crypto_bignum_allocate(size_t size_bits __unused)449 struct bignum *crypto_bignum_allocate(size_t size_bits __unused)
450 {
451 return NULL;
452 }
453
crypto_bignum_bin2bn(const uint8_t * from __unused,size_t fromsize __unused,struct bignum * to __unused)454 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused,
455 size_t fromsize __unused,
456 struct bignum *to __unused)
457 {
458 return TEE_ERROR_NOT_IMPLEMENTED;
459 }
460
crypto_bignum_num_bytes(struct bignum * a __unused)461 size_t crypto_bignum_num_bytes(struct bignum *a __unused)
462 {
463 return 0;
464 }
465
crypto_bignum_num_bits(struct bignum * a __unused)466 size_t crypto_bignum_num_bits(struct bignum *a __unused)
467 {
468 return 0;
469 }
470
471 /*
472 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be
473 * enough to guarantee that the functions calling this function aren't
474 * called, but just in case add a panic() here to avoid unexpected
475 * behavoir.
476 */
bignum_cant_happen(void)477 static void bignum_cant_happen(void)
478 {
479 volatile bool b = true;
480
481 /* Avoid warning about function does not return */
482 if (b)
483 panic();
484 }
485
crypto_bignum_bn2bin(const struct bignum * from __unused,uint8_t * to __unused)486 void crypto_bignum_bn2bin(const struct bignum *from __unused,
487 uint8_t *to __unused)
488 {
489 bignum_cant_happen();
490 }
491
crypto_bignum_copy(struct bignum * to __unused,const struct bignum * from __unused)492 void crypto_bignum_copy(struct bignum *to __unused,
493 const struct bignum *from __unused)
494 {
495 bignum_cant_happen();
496 }
497
crypto_bignum_free(struct bignum * a)498 void crypto_bignum_free(struct bignum *a)
499 {
500 if (a)
501 panic();
502 }
503
crypto_bignum_clear(struct bignum * a __unused)504 void crypto_bignum_clear(struct bignum *a __unused)
505 {
506 bignum_cant_happen();
507 }
508
509 /* return -1 if a<b, 0 if a==b, +1 if a>b */
crypto_bignum_compare(struct bignum * a __unused,struct bignum * b __unused)510 int32_t crypto_bignum_compare(struct bignum *a __unused,
511 struct bignum *b __unused)
512 {
513 bignum_cant_happen();
514 return -1;
515 }
516 #endif
517
518 #if !defined(CFG_CRYPTO_RSA)
crypto_acipher_alloc_rsa_keypair(struct rsa_keypair * s __unused,size_t key_size_bits __unused)519 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused,
520 size_t key_size_bits __unused)
521 {
522 return TEE_ERROR_NOT_IMPLEMENTED;
523 }
524
525 TEE_Result
crypto_acipher_alloc_rsa_public_key(struct rsa_public_key * s __unused,size_t key_size_bits __unused)526 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused,
527 size_t key_size_bits __unused)
528 {
529 return TEE_ERROR_NOT_IMPLEMENTED;
530 }
531
crypto_acipher_free_rsa_public_key(struct rsa_public_key * s __unused)532 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused)
533 {
534 }
535
crypto_acipher_free_rsa_keypair(struct rsa_keypair * s __unused)536 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused)
537 {
538 }
539
crypto_acipher_gen_rsa_key(struct rsa_keypair * key __unused,size_t key_size __unused)540 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused,
541 size_t key_size __unused)
542 {
543 return TEE_ERROR_NOT_IMPLEMENTED;
544 }
545
crypto_acipher_rsanopad_decrypt(struct rsa_keypair * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)546 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused,
547 const uint8_t *src __unused,
548 size_t src_len __unused,
549 uint8_t *dst __unused,
550 size_t *dst_len __unused)
551 {
552 return TEE_ERROR_NOT_IMPLEMENTED;
553 }
554
crypto_acipher_rsanopad_encrypt(struct rsa_public_key * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)555 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused,
556 const uint8_t *src __unused,
557 size_t src_len __unused,
558 uint8_t *dst __unused,
559 size_t *dst_len __unused)
560 {
561 return TEE_ERROR_NOT_IMPLEMENTED;
562 }
563
crypto_acipher_rsaes_decrypt(uint32_t algo __unused,struct rsa_keypair * key __unused,const uint8_t * label __unused,size_t label_len __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)564 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused,
565 struct rsa_keypair *key __unused,
566 const uint8_t *label __unused,
567 size_t label_len __unused,
568 const uint8_t *src __unused,
569 size_t src_len __unused,
570 uint8_t *dst __unused,
571 size_t *dst_len __unused)
572 {
573 return TEE_ERROR_NOT_IMPLEMENTED;
574 }
575
crypto_acipher_rsaes_encrypt(uint32_t algo __unused,struct rsa_public_key * key __unused,const uint8_t * label __unused,size_t label_len __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)576 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused,
577 struct rsa_public_key *key __unused,
578 const uint8_t *label __unused,
579 size_t label_len __unused,
580 const uint8_t *src __unused,
581 size_t src_len __unused,
582 uint8_t *dst __unused,
583 size_t *dst_len __unused)
584 {
585 return TEE_ERROR_NOT_IMPLEMENTED;
586 }
587
crypto_acipher_rsassa_sign(uint32_t algo __unused,struct rsa_keypair * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)588 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused,
589 struct rsa_keypair *key __unused,
590 int salt_len __unused,
591 const uint8_t *msg __unused,
592 size_t msg_len __unused,
593 uint8_t *sig __unused,
594 size_t *sig_len __unused)
595 {
596 return TEE_ERROR_NOT_IMPLEMENTED;
597 }
598
crypto_acipher_rsassa_verify(uint32_t algo __unused,struct rsa_public_key * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)599 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused,
600 struct rsa_public_key *key __unused,
601 int salt_len __unused,
602 const uint8_t *msg __unused,
603 size_t msg_len __unused,
604 const uint8_t *sig __unused,
605 size_t sig_len __unused)
606 {
607 return TEE_ERROR_NOT_IMPLEMENTED;
608 }
609 #endif /*!CFG_CRYPTO_RSA*/
610
611 #if !defined(CFG_CRYPTO_DSA)
crypto_acipher_alloc_dsa_keypair(struct dsa_keypair * s __unused,size_t key_size_bits __unused)612 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused,
613 size_t key_size_bits __unused)
614 {
615 return TEE_ERROR_NOT_IMPLEMENTED;
616 }
617
618 TEE_Result
crypto_acipher_alloc_dsa_public_key(struct dsa_public_key * s __unused,size_t key_size_bits __unused)619 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused,
620 size_t key_size_bits __unused)
621 {
622 return TEE_ERROR_NOT_IMPLEMENTED;
623 }
624
crypto_acipher_gen_dsa_key(struct dsa_keypair * key __unused,size_t key_size __unused)625 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused,
626 size_t key_size __unused)
627 {
628 return TEE_ERROR_NOT_IMPLEMENTED;
629 }
630
crypto_acipher_dsa_sign(uint32_t algo __unused,struct dsa_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)631 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused,
632 struct dsa_keypair *key __unused,
633 const uint8_t *msg __unused,
634 size_t msg_len __unused,
635 uint8_t *sig __unused,
636 size_t *sig_len __unused)
637 {
638 return TEE_ERROR_NOT_IMPLEMENTED;
639 }
640
crypto_acipher_dsa_verify(uint32_t algo __unused,struct dsa_public_key * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)641 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused,
642 struct dsa_public_key *key __unused,
643 const uint8_t *msg __unused,
644 size_t msg_len __unused,
645 const uint8_t *sig __unused,
646 size_t sig_len __unused)
647 {
648 return TEE_ERROR_NOT_IMPLEMENTED;
649 }
650 #endif /*!CFG_CRYPTO_DSA*/
651
652 #if !defined(CFG_CRYPTO_DH)
crypto_acipher_alloc_dh_keypair(struct dh_keypair * s __unused,size_t key_size_bits __unused)653 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused,
654 size_t key_size_bits __unused)
655 {
656 return TEE_ERROR_NOT_IMPLEMENTED;
657 }
658
crypto_acipher_gen_dh_key(struct dh_keypair * key __unused,struct bignum * q __unused,size_t xbits __unused,size_t key_size __unused)659 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused,
660 struct bignum *q __unused,
661 size_t xbits __unused,
662 size_t key_size __unused)
663 {
664 return TEE_ERROR_NOT_IMPLEMENTED;
665 }
666
667 TEE_Result
crypto_acipher_dh_shared_secret(struct dh_keypair * private_key __unused,struct bignum * public_key __unused,struct bignum * secret __unused)668 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused,
669 struct bignum *public_key __unused,
670 struct bignum *secret __unused)
671 {
672 return TEE_ERROR_NOT_IMPLEMENTED;
673 }
674 #endif /*!CFG_CRYPTO_DH*/
675
crypto_acipher_alloc_ecc_public_key(struct ecc_public_key * key,uint32_t key_type,size_t key_size_bits)676 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key,
677 uint32_t key_type,
678 size_t key_size_bits)
679 {
680 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
681
682 /*
683 * Use default cryptographic implementation if no matching
684 * drvcrypt device.
685 */
686 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits);
687 if (res == TEE_ERROR_NOT_IMPLEMENTED)
688 res = crypto_asym_alloc_ecc_public_key(key, key_type,
689 key_size_bits);
690
691 return res;
692 }
693
crypto_acipher_alloc_ecc_keypair(struct ecc_keypair * key,uint32_t key_type,size_t key_size_bits)694 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key,
695 uint32_t key_type,
696 size_t key_size_bits)
697 {
698 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
699
700 /*
701 * Use default cryptographic implementation if no matching
702 * drvcrypt device.
703 */
704 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits);
705 if (res == TEE_ERROR_NOT_IMPLEMENTED)
706 res = crypto_asym_alloc_ecc_keypair(key, key_type,
707 key_size_bits);
708
709 return res;
710 }
711
crypto_acipher_free_ecc_public_key(struct ecc_public_key * key)712 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key)
713 {
714 assert(key->ops && key->ops->free);
715
716 key->ops->free(key);
717 }
718
crypto_acipher_gen_ecc_key(struct ecc_keypair * key,size_t key_size_bits)719 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key,
720 size_t key_size_bits)
721 {
722 assert(key->ops && key->ops->generate);
723
724 return key->ops->generate(key, key_size_bits);
725 }
726
crypto_acipher_ecc_sign(uint32_t algo,struct ecc_keypair * key,const uint8_t * msg,size_t msg_len,uint8_t * sig,size_t * sig_len)727 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key,
728 const uint8_t *msg, size_t msg_len,
729 uint8_t *sig, size_t *sig_len)
730 {
731 assert(key->ops);
732
733 if (!key->ops->sign)
734 return TEE_ERROR_NOT_IMPLEMENTED;
735
736 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len);
737 }
738
crypto_acipher_ecc_verify(uint32_t algo,struct ecc_public_key * key,const uint8_t * msg,size_t msg_len,const uint8_t * sig,size_t sig_len)739 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key,
740 const uint8_t *msg, size_t msg_len,
741 const uint8_t *sig, size_t sig_len)
742 {
743 assert(key->ops);
744
745 if (!key->ops->verify)
746 return TEE_ERROR_NOT_IMPLEMENTED;
747
748 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len);
749 }
750
crypto_acipher_ecc_shared_secret(struct ecc_keypair * private_key,struct ecc_public_key * public_key,void * secret,unsigned long * secret_len)751 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key,
752 struct ecc_public_key *public_key,
753 void *secret,
754 unsigned long *secret_len)
755 {
756 assert(private_key->ops);
757
758 if (!private_key->ops->shared_secret)
759 return TEE_ERROR_NOT_IMPLEMENTED;
760
761 return private_key->ops->shared_secret(private_key, public_key, secret,
762 secret_len);
763 }
764
crypto_acipher_sm2_pke_decrypt(struct ecc_keypair * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)765 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key,
766 const uint8_t *src, size_t src_len,
767 uint8_t *dst, size_t *dst_len)
768 {
769 assert(key->ops);
770
771 if (!key->ops->decrypt)
772 return TEE_ERROR_NOT_IMPLEMENTED;
773
774 return key->ops->decrypt(key, src, src_len, dst, dst_len);
775 }
776
crypto_acipher_sm2_pke_encrypt(struct ecc_public_key * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)777 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key,
778 const uint8_t *src, size_t src_len,
779 uint8_t *dst, size_t *dst_len)
780 {
781 assert(key->ops);
782
783 if (!key->ops->encrypt)
784 return TEE_ERROR_NOT_IMPLEMENTED;
785
786 return key->ops->encrypt(key, src, src_len, dst, dst_len);
787 }
788
789 #if !defined(CFG_CRYPTO_SM2_KEP)
crypto_acipher_sm2_kep_derive(struct ecc_keypair * my_key __unused,struct ecc_keypair * my_eph_key __unused,struct ecc_public_key * peer_key __unused,struct ecc_public_key * peer_eph_key __unused,struct sm2_kep_parms * p __unused)790 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused,
791 struct ecc_keypair *my_eph_key
792 __unused,
793 struct ecc_public_key *peer_key
794 __unused,
795 struct ecc_public_key *peer_eph_key
796 __unused,
797 struct sm2_kep_parms *p __unused)
798 {
799 return TEE_ERROR_NOT_IMPLEMENTED;
800 }
801 #endif
802
crypto_storage_obj_del(uint8_t * data __unused,size_t len __unused)803 __weak void crypto_storage_obj_del(uint8_t *data __unused, size_t len __unused)
804 {
805 }
806