1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2017-2020, Linaro Limited 4 */ 5 6 #ifndef PKCS11_TA_PROCESSING_H 7 #define PKCS11_TA_PROCESSING_H 8 9 #include <pkcs11_attributes.h> 10 #include <pkcs11_ta.h> 11 #include <tee_internal_api.h> 12 13 struct pkcs11_client; 14 struct pkcs11_session; 15 struct pkcs11_object; 16 struct active_processing; 17 18 /** 19 * RSA PSS processing context 20 * 21 * @hash_alg: Hash algorithm mechanism 22 * @mgf_type: Mask generator function 23 * @salt_len: Length of the salt in bytes 24 */ 25 struct rsa_pss_processing_ctx { 26 enum pkcs11_mechanism_id hash_alg; 27 enum pkcs11_mgf_id mgf_type; 28 uint32_t salt_len; 29 }; 30 31 /** 32 * RSA OAEP processing context 33 * 34 * @hash_alg: Hash algorithm mechanism 35 * @mgf_type: Mask generator function 36 * @source_type: Type of source. 37 * @source_data_len: Length of the source data. 38 * @source_data: Source data. 39 */ 40 struct rsa_oaep_processing_ctx { 41 enum pkcs11_mechanism_id hash_alg; 42 enum pkcs11_mgf_id mgf_type; 43 uint32_t source_type; 44 uint32_t source_data_len; 45 uint8_t source_data[]; 46 }; 47 48 /* 49 * Entry points from PKCS11 TA invocation commands 50 */ 51 52 enum pkcs11_rc entry_generate_secret(struct pkcs11_client *client, 53 uint32_t ptypes, TEE_Param *params); 54 55 enum pkcs11_rc entry_generate_key_pair(struct pkcs11_client *client, 56 uint32_t ptypes, TEE_Param *params); 57 58 enum pkcs11_rc entry_processing_init(struct pkcs11_client *client, 59 uint32_t ptypes, TEE_Param *params, 60 enum processing_func function); 61 62 enum pkcs11_rc entry_processing_step(struct pkcs11_client *client, 63 uint32_t ptypes, TEE_Param *params, 64 enum processing_func function, 65 enum processing_step step); 66 67 enum pkcs11_rc entry_processing_key(struct pkcs11_client *client, 68 uint32_t ptypes, TEE_Param *params, 69 enum processing_func function); 70 71 enum pkcs11_rc entry_release_active_processing(struct pkcs11_client *client, 72 uint32_t ptypes, 73 TEE_Param *params); 74 75 enum pkcs11_rc entry_wrap_key(struct pkcs11_client *client, 76 uint32_t ptypes, TEE_Param *params); 77 78 /* 79 * Util 80 */ 81 size_t get_object_key_bit_size(struct pkcs11_object *obj); 82 83 void release_active_processing(struct pkcs11_session *session); 84 85 enum pkcs11_rc alloc_get_tee_attribute_data(TEE_ObjectHandle tee_obj, 86 uint32_t attribute, 87 void **data, size_t *size); 88 89 enum pkcs11_rc tee2pkcs_add_attribute(struct obj_attrs **head, 90 uint32_t pkcs11_id, 91 TEE_ObjectHandle tee_obj, 92 uint32_t tee_id); 93 94 /* Asymmetric key operations util */ 95 bool processing_is_tee_asymm(uint32_t proc_id); 96 97 enum pkcs11_rc init_asymm_operation(struct pkcs11_session *session, 98 enum processing_func function, 99 struct pkcs11_attribute_head *proc_params, 100 struct pkcs11_object *obj); 101 102 enum pkcs11_rc step_asymm_operation(struct pkcs11_session *session, 103 enum processing_func function, 104 enum processing_step step, 105 uint32_t ptypes, TEE_Param *params); 106 107 /* 108 * Symmetric crypto algorithm specific functions 109 */ 110 bool processing_is_tee_symm(uint32_t proc_id); 111 112 enum pkcs11_rc init_symm_operation(struct pkcs11_session *session, 113 enum processing_func function, 114 struct pkcs11_attribute_head *proc_params, 115 struct pkcs11_object *key); 116 117 enum pkcs11_rc step_symm_operation(struct pkcs11_session *session, 118 enum processing_func function, 119 enum processing_step step, 120 uint32_t ptypes, TEE_Param *params); 121 122 enum pkcs11_rc tee_init_ctr_operation(struct active_processing *processing, 123 void *proc_params, size_t params_size); 124 125 enum pkcs11_rc derive_key_by_symm_enc(struct pkcs11_session *session, 126 void **out_buf, uint32_t *out_sz); 127 128 enum pkcs11_rc wrap_data_by_symm_enc(struct pkcs11_session *session, 129 void *data, uint32_t data_sz, 130 void *out_buf, uint32_t *out_sz); 131 132 enum pkcs11_rc unwrap_key_by_symm(struct pkcs11_session *session, void *data, 133 uint32_t data_sz, void **out_buf, 134 uint32_t *out_sz); 135 136 /* Digest specific functions */ 137 bool processing_is_tee_digest(enum pkcs11_mechanism_id mecha_id); 138 139 enum pkcs11_rc 140 init_digest_operation(struct pkcs11_session *session, 141 struct pkcs11_attribute_head *proc_params); 142 143 enum pkcs11_rc step_digest_operation(struct pkcs11_session *session, 144 enum processing_step step, 145 struct pkcs11_object *obj, 146 uint32_t ptypes, TEE_Param *params); 147 148 /* 149 * Elliptic curve crypto algorithm specific functions 150 */ 151 enum pkcs11_rc load_tee_ec_key_attrs(TEE_Attribute **tee_attrs, 152 size_t *tee_count, 153 struct pkcs11_object *obj); 154 155 size_t ec_params2tee_keysize(void *attr, size_t size); 156 157 uint32_t ec_params2tee_curve(void *attr, size_t size); 158 159 enum pkcs11_rc pkcs2tee_algo_ecdsa(uint32_t *tee_id, 160 struct pkcs11_attribute_head *proc_params, 161 struct pkcs11_object *obj); 162 163 enum pkcs11_rc generate_ec_keys(struct pkcs11_attribute_head *proc_params, 164 struct obj_attrs **pub_head, 165 struct obj_attrs **priv_head); 166 167 size_t ecdsa_get_input_max_byte_size(TEE_OperationHandle op); 168 169 /* 170 * RSA crypto algorithm specific functions 171 */ 172 enum pkcs11_rc load_tee_rsa_key_attrs(TEE_Attribute **tee_attrs, 173 size_t *tee_count, 174 struct pkcs11_object *obj); 175 176 enum pkcs11_rc 177 pkcs2tee_proc_params_rsa_pss(struct active_processing *proc, 178 struct pkcs11_attribute_head *proc_params); 179 180 enum pkcs11_rc pkcs2tee_validate_rsa_pss(struct active_processing *proc, 181 struct pkcs11_object *obj); 182 183 enum pkcs11_rc pkcs2tee_algo_rsa_pss(uint32_t *tee_id, 184 struct pkcs11_attribute_head *params); 185 186 enum pkcs11_rc 187 pkcs2tee_proc_params_rsa_oaep(struct active_processing *proc, 188 struct pkcs11_attribute_head *proc_params); 189 190 enum pkcs11_rc pkcs2tee_algo_rsa_oaep(uint32_t *tee_id, uint32_t *tee_hash_id, 191 struct pkcs11_attribute_head *params); 192 193 enum pkcs11_rc generate_rsa_keys(struct pkcs11_attribute_head *proc_params, 194 struct obj_attrs **pub_head, 195 struct obj_attrs **priv_head); 196 197 size_t rsa_get_input_max_byte_size(TEE_OperationHandle op); 198 199 #endif /*PKCS11_TA_PROCESSING_H*/ 200