1 // Licensed to the Apache Software Foundation (ASF) under one
2 // or more contributor license agreements. See the NOTICE file
3 // distributed with this work for additional information
4 // regarding copyright ownership. The ASF licenses this file
5 // to you under the Apache License, Version 2.0 (the
6 // "License"); you may not use this file except in compliance
7 // with the License. You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing,
12 // software distributed under the License is distributed on an
13 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14 // KIND, either express or implied. See the License for the
15 // specific language governing permissions and limitations
16 // under the License.
17
18 #![no_main]
19
20 use optee_utee::{
21 ta_close_session, ta_create, ta_destroy, ta_invoke_command, ta_open_session, trace_println,
22 };
23 use optee_utee::{AlgorithmId, DeriveKey};
24 use optee_utee::{AttributeId, AttributeMemref, TransientObject, TransientObjectType};
25 use optee_utee::{Error, ErrorKind, Parameters, Result};
26 use proto::{Command, KEY_SIZE};
27
28 pub struct DiffieHellman {
29 pub key: TransientObject,
30 }
31
32 impl Default for DiffieHellman {
default() -> Self33 fn default() -> Self {
34 Self {
35 key: TransientObject::null_object(),
36 }
37 }
38 }
39
40 #[ta_create]
create() -> Result<()>41 fn create() -> Result<()> {
42 trace_println!("[+] TA create");
43 Ok(())
44 }
45
46 #[ta_open_session]
open_session(_params: &mut Parameters, _sess_ctx: &mut DiffieHellman) -> Result<()>47 fn open_session(_params: &mut Parameters, _sess_ctx: &mut DiffieHellman) -> Result<()> {
48 trace_println!("[+] TA open session");
49 Ok(())
50 }
51
52 #[ta_close_session]
close_session(_sess_ctx: &mut DiffieHellman)53 fn close_session(_sess_ctx: &mut DiffieHellman) {
54 trace_println!("[+] TA close session");
55 }
56
57 #[ta_destroy]
destroy()58 fn destroy() {
59 trace_println!("[+] TA destroy");
60 }
61
generate_key(dh: &mut DiffieHellman, params: &mut Parameters) -> Result<()>62 fn generate_key(dh: &mut DiffieHellman, params: &mut Parameters) -> Result<()> {
63 let mut p0 = unsafe { params.0.as_memref().unwrap() };
64 let mut p1 = unsafe { params.1.as_value().unwrap() };
65 let mut p2 = unsafe { params.2.as_memref().unwrap() };
66 let mut p3 = unsafe { params.3.as_memref().unwrap() };
67
68 // Extract prime and base from parameters
69 let prime_base_vec = p0.buffer();
70 let prime_slice = &prime_base_vec[..KEY_SIZE/8];
71 let base_slice = &prime_base_vec[KEY_SIZE/8..];
72
73 let attr_prime = AttributeMemref::from_ref(AttributeId::DhPrime, prime_slice);
74 let attr_base = AttributeMemref::from_ref(AttributeId::DhBase, base_slice);
75
76 // Generate key pair
77 dh.key = TransientObject::allocate(TransientObjectType::DhKeypair, KEY_SIZE).unwrap();
78 let mut public_buffer = p2.buffer();
79 let mut private_buffer = p3.buffer();
80
81 dh.key
82 .generate_key(KEY_SIZE, &[attr_prime.into(), attr_base.into()])?;
83 let mut key_size = dh
84 .key
85 .ref_attribute(AttributeId::DhPublicValue, &mut public_buffer)
86 .unwrap();
87 p1.set_a(key_size as u32);
88 key_size = dh
89 .key
90 .ref_attribute(AttributeId::DhPrivateValue, &mut private_buffer)
91 .unwrap();
92 p1.set_b(key_size as u32);
93 Ok(())
94 }
95
derive_key(dh: &mut DiffieHellman, params: &mut Parameters) -> Result<()>96 fn derive_key(dh: &mut DiffieHellman, params: &mut Parameters) -> Result<()> {
97 let mut p0 = unsafe { params.0.as_memref().unwrap() };
98 let mut p1 = unsafe { params.1.as_memref().unwrap() };
99 let mut p2 = unsafe { params.2.as_value().unwrap() };
100
101 let received_public = AttributeMemref::from_ref(AttributeId::DhPublicValue, p0.buffer());
102
103 match DeriveKey::allocate(AlgorithmId::DhDeriveSharedSecret, KEY_SIZE) {
104 Err(e) => Err(e),
105 Ok(operation) => {
106 operation.set_key(&dh.key)?;
107 let mut derived_key =
108 TransientObject::allocate(TransientObjectType::GenericSecret, KEY_SIZE).unwrap();
109 operation.derive(&[received_public.into()], &mut derived_key);
110 let key_size = derived_key
111 .ref_attribute(AttributeId::SecretValue, p1.buffer())
112 .unwrap();
113 p2.set_a(key_size as u32);
114 Ok(())
115 }
116 }
117 }
118
119 #[ta_invoke_command]
invoke_command( sess_ctx: &mut DiffieHellman, cmd_id: u32, params: &mut Parameters, ) -> Result<()>120 fn invoke_command(
121 sess_ctx: &mut DiffieHellman,
122 cmd_id: u32,
123 params: &mut Parameters,
124 ) -> Result<()> {
125 trace_println!("[+] TA invoke command");
126 match Command::from(cmd_id) {
127 Command::GenerateKey => {
128 return generate_key(sess_ctx, params);
129 }
130 Command::DeriveKey => {
131 return derive_key(sess_ctx, params);
132 }
133 _ => Err(Error::new(ErrorKind::BadParameters)),
134 }
135 }
136
137 // TA configurations
138 const TA_FLAGS: u32 = 0;
139 const TA_DATA_SIZE: u32 = 32 * 1024;
140 const TA_STACK_SIZE: u32 = 2 * 1024;
141 const TA_VERSION: &[u8] = b"0.1\0";
142 const TA_DESCRIPTION: &[u8] = b"This is an example which serves DH related functions.\0";
143 const EXT_PROP_VALUE_1: &[u8] = b"DH TA\0";
144 const EXT_PROP_VALUE_2: u32 = 0x0010;
145 const TRACE_LEVEL: i32 = 4;
146 const TRACE_EXT_PREFIX: &[u8] = b"TA\0";
147 const TA_FRAMEWORK_STACK_SIZE: u32 = 2048;
148
149 include!(concat!(env!("OUT_DIR"), "/user_ta_header.rs"));
150