1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
4 * All rights reserved.
5 */
6
7 #include <tee_internal_api.h>
8 #include "cryp_taf.h"
9
10 #define ASSERT_PARAM_TYPE(pt) \
11 do { \
12 if ((pt) != param_type) \
13 return TEE_ERROR_BAD_PARAMETERS; \
14 } while (0)
15
16 /* pointers in 32-bit fields passed as an offset to ta_head */
17 extern const void *ta_head;
18 #define VAL2HANDLE(v) (void *)(uintptr_t)(v == TEE_HANDLE_NULL ? v : v + (uintptr_t)&ta_head)
19 #define HANDLE2VAL(h) (uint32_t)(h == TEE_HANDLE_NULL ? (uintptr_t)h : (uintptr_t)((uintptr_t)h - (uintptr_t)&ta_head))
20
ta_entry_allocate_operation(uint32_t param_type,TEE_Param params[4])21 TEE_Result ta_entry_allocate_operation(uint32_t param_type, TEE_Param params[4])
22 {
23 TEE_Result res = TEE_ERROR_GENERIC;
24 TEE_OperationHandle op = TEE_HANDLE_NULL;
25
26 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
27 (TEE_PARAM_TYPE_VALUE_INOUT,
28 TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
29 TEE_PARAM_TYPE_NONE));
30
31 res = TEE_AllocateOperation(&op,
32 params[0].value.b, params[1].value.a,
33 params[1].value.b);
34 params[0].value.a = HANDLE2VAL(op);
35 return res;
36 }
37
ta_entry_free_operation(uint32_t param_type,TEE_Param params[4])38 TEE_Result ta_entry_free_operation(uint32_t param_type, TEE_Param params[4])
39 {
40 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
41
42 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
43 (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
44 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
45
46 TEE_FreeOperation(op);
47 return TEE_SUCCESS;
48 }
49
ta_entry_get_operation_info(uint32_t param_type,TEE_Param params[4])50 TEE_Result ta_entry_get_operation_info(uint32_t param_type, TEE_Param params[4])
51 {
52 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
53
54 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
55 (TEE_PARAM_TYPE_VALUE_INPUT,
56 TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE,
57 TEE_PARAM_TYPE_NONE));
58
59 if (params[1].memref.size < sizeof(TEE_OperationInfo))
60 return TEE_ERROR_SHORT_BUFFER;
61 params[1].memref.size = sizeof(TEE_OperationInfo);
62
63 TEE_GetOperationInfo(op, params[1].memref.buffer);
64 return TEE_SUCCESS;
65 }
66
ta_entry_reset_operation(uint32_t param_type,TEE_Param params[4])67 TEE_Result ta_entry_reset_operation(uint32_t param_type, TEE_Param params[4])
68 {
69 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
70
71 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
72 (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
73 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
74
75 TEE_ResetOperation(op);
76 return TEE_SUCCESS;
77 }
78
ta_entry_set_operation_key(uint32_t param_type,TEE_Param params[4])79 TEE_Result ta_entry_set_operation_key(uint32_t param_type, TEE_Param params[4])
80 {
81 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
82 TEE_ObjectHandle key = VAL2HANDLE(params[0].value.b);
83
84 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
85 (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
86 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
87
88 return TEE_SetOperationKey(op, key);
89 }
90
ta_entry_set_operation_key2(uint32_t param_type,TEE_Param params[4])91 TEE_Result ta_entry_set_operation_key2(uint32_t param_type, TEE_Param params[4])
92 {
93 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
94 TEE_ObjectHandle key1 = VAL2HANDLE(params[0].value.b);
95 TEE_ObjectHandle key2 = VAL2HANDLE(params[1].value.a);
96
97 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
98 (TEE_PARAM_TYPE_VALUE_INPUT,
99 TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
100 TEE_PARAM_TYPE_NONE));
101
102 return TEE_SetOperationKey2(op, key1, key2);
103 }
104
ta_entry_copy_operation(uint32_t param_type,TEE_Param params[4])105 TEE_Result ta_entry_copy_operation(uint32_t param_type, TEE_Param params[4])
106 {
107 TEE_OperationHandle dst = VAL2HANDLE(params[0].value.a);
108 TEE_OperationHandle src = VAL2HANDLE(params[0].value.b);
109
110 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
111 (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
112 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
113
114
115 TEE_CopyOperation(dst, src);
116 return TEE_SUCCESS;
117 }
118
ta_entry_digest_update(uint32_t param_type,TEE_Param params[4])119 TEE_Result ta_entry_digest_update(uint32_t param_type, TEE_Param params[4])
120 {
121 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
122
123 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
124 (TEE_PARAM_TYPE_VALUE_INPUT,
125 TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_NONE,
126 TEE_PARAM_TYPE_NONE));
127
128 TEE_DigestUpdate(op, params[1].memref.buffer, params[1].memref.size);
129 return TEE_SUCCESS;
130 }
131
ta_entry_digest_do_final(uint32_t param_type,TEE_Param params[4])132 TEE_Result ta_entry_digest_do_final(uint32_t param_type, TEE_Param params[4])
133 {
134 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
135
136 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
137 (TEE_PARAM_TYPE_VALUE_INPUT,
138 TEE_PARAM_TYPE_MEMREF_INPUT,
139 TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE));
140
141 return TEE_DigestDoFinal(op,
142 params[1].memref.buffer, params[1].memref.size,
143 params[2].memref.buffer, ¶ms[2].memref.size);
144 }
145
ta_entry_cipher_init(uint32_t param_type,TEE_Param params[4])146 TEE_Result ta_entry_cipher_init(uint32_t param_type, TEE_Param params[4])
147 {
148 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
149 void *buffer = NULL;
150 size_t size = 0;
151
152 if (param_type == TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT,
153 TEE_PARAM_TYPE_NONE,
154 TEE_PARAM_TYPE_NONE,
155 TEE_PARAM_TYPE_NONE)) {
156 buffer = NULL;
157 size = 0;
158 } else if (param_type == TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT,
159 TEE_PARAM_TYPE_MEMREF_INPUT,
160 TEE_PARAM_TYPE_NONE,
161 TEE_PARAM_TYPE_NONE)) {
162 buffer = params[1].memref.buffer;
163 size = params[1].memref.size;
164 } else
165 return TEE_ERROR_BAD_PARAMETERS;
166
167 TEE_CipherInit(op, buffer, size);
168 return TEE_SUCCESS;
169 }
170
ta_entry_cipher_update(uint32_t param_type,TEE_Param params[4])171 TEE_Result ta_entry_cipher_update(uint32_t param_type, TEE_Param params[4])
172 {
173 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
174
175 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
176 (TEE_PARAM_TYPE_VALUE_INPUT,
177 TEE_PARAM_TYPE_MEMREF_INPUT,
178 TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE));
179
180 return TEE_CipherUpdate(op,
181 params[1].memref.buffer, params[1].memref.size,
182 params[2].memref.buffer, ¶ms[2].memref.size);
183 }
184
ta_entry_cipher_do_final(uint32_t param_type,TEE_Param params[4])185 TEE_Result ta_entry_cipher_do_final(uint32_t param_type, TEE_Param params[4])
186 {
187 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
188
189 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
190 (TEE_PARAM_TYPE_VALUE_INPUT,
191 TEE_PARAM_TYPE_MEMREF_INPUT,
192 TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE));
193
194 return TEE_CipherDoFinal(op,
195 params[1].memref.buffer, params[1].memref.size,
196 params[2].memref.buffer, ¶ms[2].memref.size);
197 }
198
ta_entry_mac_init(uint32_t param_type,TEE_Param params[4])199 TEE_Result ta_entry_mac_init(uint32_t param_type, TEE_Param params[4])
200 {
201 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
202 void *buffer = NULL;
203 size_t size = 0;
204
205 if (param_type == TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT,
206 TEE_PARAM_TYPE_NONE,
207 TEE_PARAM_TYPE_NONE,
208 TEE_PARAM_TYPE_NONE)) {
209 buffer = NULL;
210 size = 0;
211 } else if (param_type == TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT,
212 TEE_PARAM_TYPE_MEMREF_INPUT,
213 TEE_PARAM_TYPE_NONE,
214 TEE_PARAM_TYPE_NONE)) {
215 buffer = params[1].memref.buffer;
216 size = params[1].memref.size;
217 } else
218 return TEE_ERROR_BAD_PARAMETERS;
219
220 TEE_MACInit(op, buffer, size);
221 return TEE_SUCCESS;
222 }
223
ta_entry_mac_update(uint32_t param_type,TEE_Param params[4])224 TEE_Result ta_entry_mac_update(uint32_t param_type, TEE_Param params[4])
225 {
226 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
227
228 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
229 (TEE_PARAM_TYPE_VALUE_INPUT,
230 TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_NONE,
231 TEE_PARAM_TYPE_NONE));
232
233 TEE_MACUpdate(op, params[1].memref.buffer, params[1].memref.size);
234 return TEE_SUCCESS;
235 }
236
ta_entry_mac_final_compute(uint32_t param_type,TEE_Param params[4])237 TEE_Result ta_entry_mac_final_compute(uint32_t param_type, TEE_Param params[4])
238 {
239 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
240
241 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
242 (TEE_PARAM_TYPE_VALUE_INPUT,
243 TEE_PARAM_TYPE_MEMREF_INPUT,
244 TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE));
245
246 return TEE_MACComputeFinal(op,
247 params[1].memref.buffer, params[1].memref.size,
248 params[2].memref.buffer, ¶ms[2].memref.size);
249 }
250
ta_entry_mac_final_compare(uint32_t param_type,TEE_Param params[4])251 TEE_Result ta_entry_mac_final_compare(uint32_t param_type, TEE_Param params[4])
252 {
253 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
254
255 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
256 (TEE_PARAM_TYPE_VALUE_INPUT,
257 TEE_PARAM_TYPE_MEMREF_INPUT,
258 TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_NONE));
259
260 return TEE_MACCompareFinal(op,
261 params[1].memref.buffer, params[1].memref.size,
262 params[2].memref.buffer, params[2].memref.size);
263 }
264
ta_entry_allocate_transient_object(uint32_t param_type,TEE_Param params[4])265 TEE_Result ta_entry_allocate_transient_object(uint32_t param_type,
266 TEE_Param params[4])
267 {
268 TEE_Result res = TEE_ERROR_GENERIC;
269 TEE_ObjectHandle o = TEE_HANDLE_NULL;
270
271 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
272 (TEE_PARAM_TYPE_VALUE_INPUT,
273 TEE_PARAM_TYPE_VALUE_OUTPUT, TEE_PARAM_TYPE_NONE,
274 TEE_PARAM_TYPE_NONE));
275
276 res = TEE_AllocateTransientObject(params[0].value.a, params[0].value.b,
277 &o);
278 if (res == TEE_SUCCESS)
279 params[1].value.a = HANDLE2VAL(o);
280 return res;
281 }
282
ta_entry_free_transient_object(uint32_t param_type,TEE_Param params[4])283 TEE_Result ta_entry_free_transient_object(uint32_t param_type,
284 TEE_Param params[4])
285 {
286 TEE_ObjectHandle o = VAL2HANDLE(params[0].value.a);
287
288 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
289 (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
290 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
291
292 TEE_FreeTransientObject(o);
293 return TEE_SUCCESS;
294 }
295
ta_entry_reset_transient_object(uint32_t param_type,TEE_Param params[4])296 TEE_Result ta_entry_reset_transient_object(uint32_t param_type,
297 TEE_Param params[4])
298 {
299 TEE_ObjectHandle o = VAL2HANDLE(params[0].value.a);
300
301 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
302 (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
303 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
304
305 TEE_ResetTransientObject(o);
306 return TEE_SUCCESS;
307 }
308
309 struct attr_packed {
310 uint32_t id;
311 uint32_t a;
312 uint32_t b;
313 };
314
unpack_attrs(const uint8_t * buf,size_t blen,TEE_Attribute ** attrs,uint32_t * attr_count)315 static TEE_Result unpack_attrs(const uint8_t *buf, size_t blen,
316 TEE_Attribute **attrs, uint32_t *attr_count)
317 {
318 TEE_Result res = TEE_SUCCESS;
319 TEE_Attribute *a = NULL;
320 const struct attr_packed *ap = NULL;
321 size_t num_attrs = 0;
322 const size_t num_attrs_size = sizeof(uint32_t);
323
324 if (blen == 0)
325 goto out;
326
327 if (((uintptr_t)buf & 0x3) != 0 || blen < num_attrs_size)
328 return TEE_ERROR_BAD_PARAMETERS;
329 num_attrs = *(uint32_t *) (void *)buf;
330 if ((blen - num_attrs_size) < (num_attrs * sizeof(*ap)))
331 return TEE_ERROR_BAD_PARAMETERS;
332 ap = (const struct attr_packed *)(const void *)(buf + num_attrs_size);
333
334 if (num_attrs > 0) {
335 size_t n;
336
337 a = TEE_Malloc(num_attrs * sizeof(TEE_Attribute), 0);
338 if (!a)
339 return TEE_ERROR_OUT_OF_MEMORY;
340 for (n = 0; n < num_attrs; n++) {
341 uintptr_t p;
342
343 a[n].attributeID = ap[n].id;
344 if (ap[n].id & TEE_ATTR_FLAG_VALUE) {
345 a[n].content.value.a = ap[n].a;
346 a[n].content.value.b = ap[n].b;
347 continue;
348 }
349
350 a[n].content.ref.length = ap[n].b;
351 p = (uintptr_t)ap[n].a;
352 if (p) {
353 if ((p + a[n].content.ref.length) > blen) {
354 res = TEE_ERROR_BAD_PARAMETERS;
355 goto out;
356 }
357 p += (uintptr_t)buf;
358 }
359 a[n].content.ref.buffer = (void *)p;
360 }
361 }
362
363 res = TEE_SUCCESS;
364 out:
365 if (res == TEE_SUCCESS) {
366 *attrs = a;
367 *attr_count = num_attrs;
368 } else {
369 TEE_Free(a);
370 }
371 return res;
372 }
373
ta_entry_populate_transient_object(uint32_t param_type,TEE_Param params[4])374 TEE_Result ta_entry_populate_transient_object(uint32_t param_type,
375 TEE_Param params[4])
376 {
377 TEE_Result res = TEE_ERROR_GENERIC;
378 TEE_Attribute *attrs = NULL;
379 uint32_t attr_count = 0;
380 TEE_ObjectHandle o = VAL2HANDLE(params[0].value.a);
381
382 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
383 (TEE_PARAM_TYPE_VALUE_INPUT,
384 TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_NONE,
385 TEE_PARAM_TYPE_NONE));
386
387 res = unpack_attrs(params[1].memref.buffer, params[1].memref.size,
388 &attrs, &attr_count);
389 if (res != TEE_SUCCESS)
390 return res;
391
392 res = TEE_PopulateTransientObject(o, attrs, attr_count);
393 TEE_Free(attrs);
394 return res;
395 }
396
ta_entry_copy_object_attributes(uint32_t param_type,TEE_Param params[4])397 TEE_Result ta_entry_copy_object_attributes(uint32_t param_type,
398 TEE_Param params[4])
399 {
400 TEE_ObjectHandle dst = VAL2HANDLE(params[0].value.a);
401 TEE_ObjectHandle src = VAL2HANDLE(params[0].value.b);
402
403 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
404 (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE,
405 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
406
407 return TEE_CopyObjectAttributes1(dst, src);
408 }
409
ta_entry_generate_key(uint32_t param_type,TEE_Param params[4])410 TEE_Result ta_entry_generate_key(uint32_t param_type, TEE_Param params[4])
411 {
412 TEE_ObjectHandle o = VAL2HANDLE(params[0].value.a);
413 TEE_Result res = TEE_ERROR_GENERIC;
414 TEE_Attribute *attrs = NULL;
415 uint32_t attr_count = 0;
416
417 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
418 (TEE_PARAM_TYPE_VALUE_INPUT,
419 TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_NONE,
420 TEE_PARAM_TYPE_NONE));
421
422 res = unpack_attrs(params[1].memref.buffer, params[1].memref.size,
423 &attrs, &attr_count);
424 if (res != TEE_SUCCESS)
425 return res;
426
427 res = TEE_GenerateKey(o, params[0].value.b, attrs, attr_count);
428 TEE_Free(attrs);
429 return res;
430 }
431
ta_entry_asymmetric_encrypt(uint32_t param_type,TEE_Param params[4])432 TEE_Result ta_entry_asymmetric_encrypt(uint32_t param_type, TEE_Param params[4])
433 {
434 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
435 TEE_Result res = TEE_ERROR_GENERIC;
436 TEE_Attribute *attrs = NULL;
437 uint32_t attr_count = 0;
438
439 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
440 (TEE_PARAM_TYPE_VALUE_INPUT,
441 TEE_PARAM_TYPE_MEMREF_INPUT,
442 TEE_PARAM_TYPE_MEMREF_INPUT,
443 TEE_PARAM_TYPE_MEMREF_OUTPUT));
444
445 res = unpack_attrs(params[1].memref.buffer, params[1].memref.size,
446 &attrs, &attr_count);
447 if (res != TEE_SUCCESS)
448 return res;
449
450 res = TEE_AsymmetricEncrypt(op, attrs, attr_count,
451 params[2].memref.buffer, params[2].memref.size,
452 params[3].memref.buffer, ¶ms[3].memref.size);
453 TEE_Free(attrs);
454 return res;
455 }
456
ta_entry_asymmetric_decrypt(uint32_t param_type,TEE_Param params[4])457 TEE_Result ta_entry_asymmetric_decrypt(uint32_t param_type, TEE_Param params[4])
458 {
459 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
460 TEE_Result res = TEE_ERROR_GENERIC;
461 TEE_Attribute *attrs = NULL;
462 uint32_t attr_count = 0;
463
464 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
465 (TEE_PARAM_TYPE_VALUE_INPUT,
466 TEE_PARAM_TYPE_MEMREF_INPUT,
467 TEE_PARAM_TYPE_MEMREF_INPUT,
468 TEE_PARAM_TYPE_MEMREF_OUTPUT));
469
470 res = unpack_attrs(params[1].memref.buffer, params[1].memref.size,
471 &attrs, &attr_count);
472 if (res != TEE_SUCCESS)
473 return res;
474
475 res = TEE_AsymmetricDecrypt(op, attrs, attr_count,
476 params[2].memref.buffer, params[2].memref.size,
477 params[3].memref.buffer, ¶ms[3].memref.size);
478 TEE_Free(attrs);
479 return res;
480 }
481
ta_entry_asymmetric_sign_digest(uint32_t param_type,TEE_Param params[4])482 TEE_Result ta_entry_asymmetric_sign_digest(uint32_t param_type,
483 TEE_Param params[4])
484 {
485 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
486 TEE_Result res = TEE_ERROR_GENERIC;
487 TEE_Attribute *attrs = NULL;
488 uint32_t attr_count = 0;
489
490 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
491 (TEE_PARAM_TYPE_VALUE_INPUT,
492 TEE_PARAM_TYPE_MEMREF_INPUT,
493 TEE_PARAM_TYPE_MEMREF_INPUT,
494 TEE_PARAM_TYPE_MEMREF_OUTPUT));
495
496 res = unpack_attrs(params[1].memref.buffer, params[1].memref.size,
497 &attrs, &attr_count);
498 if (res != TEE_SUCCESS)
499 return res;
500
501 res = TEE_AsymmetricSignDigest(op, attrs, attr_count,
502 params[2].memref.buffer, params[2].memref.size,
503 params[3].memref.buffer, ¶ms[3].memref.size);
504 TEE_Free(attrs);
505 return res;
506 }
507
ta_entry_asymmetric_verify_digest(uint32_t param_type,TEE_Param params[4])508 TEE_Result ta_entry_asymmetric_verify_digest(uint32_t param_type,
509 TEE_Param params[4])
510 {
511 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
512 TEE_Result res = TEE_ERROR_GENERIC;
513 TEE_Attribute *attrs = NULL;
514 uint32_t attr_count = 0;
515
516 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
517 (TEE_PARAM_TYPE_VALUE_INPUT,
518 TEE_PARAM_TYPE_MEMREF_INPUT,
519 TEE_PARAM_TYPE_MEMREF_INPUT,
520 TEE_PARAM_TYPE_MEMREF_INPUT));
521
522 res = unpack_attrs(params[1].memref.buffer, params[1].memref.size,
523 &attrs, &attr_count);
524 if (res != TEE_SUCCESS)
525 return res;
526
527 res = TEE_AsymmetricVerifyDigest(op, attrs, attr_count,
528 params[2].memref.buffer, params[2].memref.size,
529 params[3].memref.buffer, params[3].memref.size);
530 TEE_Free(attrs);
531 return res;
532 }
533
ta_entry_derive_key(uint32_t param_type,TEE_Param params[4])534 TEE_Result ta_entry_derive_key(uint32_t param_type, TEE_Param params[4])
535 {
536 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
537 TEE_ObjectHandle key = VAL2HANDLE(params[0].value.b);
538 TEE_Result res = TEE_ERROR_GENERIC;
539 TEE_Attribute *attrs = NULL;
540 uint32_t attr_count = 0;
541
542 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
543 (TEE_PARAM_TYPE_VALUE_INPUT,
544 TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_NONE,
545 TEE_PARAM_TYPE_NONE));
546
547 res = unpack_attrs(params[1].memref.buffer, params[1].memref.size,
548 &attrs, &attr_count);
549 if (res != TEE_SUCCESS)
550 return res;
551
552 TEE_DeriveKey(op, attrs, attr_count, key);
553 TEE_Free(attrs);
554 return TEE_SUCCESS;
555 }
556
ta_entry_random_number_generate(uint32_t param_type,TEE_Param params[4])557 TEE_Result ta_entry_random_number_generate(uint32_t param_type,
558 TEE_Param params[4])
559 {
560 void *buf = NULL;
561
562 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
563 (TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE,
564 TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE));
565
566 buf = TEE_Malloc(params[0].memref.size, 0);
567 if (!buf)
568 return TEE_ERROR_OUT_OF_MEMORY;
569
570 TEE_GenerateRandom(buf, params[0].memref.size);
571 TEE_MemMove(params[0].memref.buffer, buf, params[0].memref.size);
572 TEE_Free(buf);
573 return TEE_SUCCESS;
574 }
575
ta_entry_ae_init(uint32_t param_type,TEE_Param params[4])576 TEE_Result ta_entry_ae_init(uint32_t param_type, TEE_Param params[4])
577 {
578 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
579
580 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
581 (TEE_PARAM_TYPE_VALUE_INPUT,
582 TEE_PARAM_TYPE_MEMREF_INPUT,
583 TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_NONE));
584 return TEE_AEInit(op, params[1].memref.buffer, params[1].memref.size,
585 params[0].value.b * 8, /* tag_len in bits */
586 params[2].value.a, params[2].value.b);
587 }
588
ta_entry_ae_update_aad(uint32_t param_type,TEE_Param params[4])589 TEE_Result ta_entry_ae_update_aad(uint32_t param_type, TEE_Param params[4])
590 {
591 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
592
593 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
594 (TEE_PARAM_TYPE_VALUE_INPUT,
595 TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_NONE,
596 TEE_PARAM_TYPE_NONE));
597
598 TEE_AEUpdateAAD(op, params[1].memref.buffer, params[1].memref.size);
599 return TEE_SUCCESS;
600 }
601
ta_entry_ae_update(uint32_t param_type,TEE_Param params[4])602 TEE_Result ta_entry_ae_update(uint32_t param_type, TEE_Param params[4])
603 {
604 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
605
606 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
607 (TEE_PARAM_TYPE_VALUE_INPUT,
608 TEE_PARAM_TYPE_MEMREF_INPUT,
609 TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE));
610
611 TEE_AEUpdate(op, params[1].memref.buffer, params[1].memref.size,
612 params[2].memref.buffer, ¶ms[2].memref.size);
613 return TEE_SUCCESS;
614 }
615
ta_entry_ae_encrypt_final(uint32_t param_type,TEE_Param params[4])616 TEE_Result ta_entry_ae_encrypt_final(uint32_t param_type, TEE_Param params[4])
617 {
618 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
619 TEE_Result res = TEE_ERROR_OUT_OF_MEMORY;
620 void *b2 = NULL;
621 void *b3 = NULL;
622
623 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
624 (TEE_PARAM_TYPE_VALUE_INPUT,
625 TEE_PARAM_TYPE_MEMREF_INPUT,
626 TEE_PARAM_TYPE_MEMREF_OUTPUT,
627 TEE_PARAM_TYPE_MEMREF_OUTPUT));
628
629 b2 = TEE_Malloc(params[2].memref.size, 0);
630 b3 = TEE_Malloc(params[3].memref.size, 0);
631 if (!b2 || !b3)
632 goto out;
633
634 res = TEE_AEEncryptFinal(op, params[1].memref.buffer,
635 params[1].memref.size, b2,
636 ¶ms[2].memref.size, b3,
637 ¶ms[3].memref.size);
638 if (!res) {
639 TEE_MemMove(params[2].memref.buffer, b2, params[2].memref.size);
640 TEE_MemMove(params[3].memref.buffer, b3, params[3].memref.size);
641 }
642 out:
643 TEE_Free(b2);
644 TEE_Free(b3);
645 return res;
646 }
647
ta_entry_ae_decrypt_final(uint32_t param_type,TEE_Param params[4])648 TEE_Result ta_entry_ae_decrypt_final(uint32_t param_type, TEE_Param params[4])
649 {
650 TEE_OperationHandle op = VAL2HANDLE(params[0].value.a);
651 TEE_Result res = TEE_ERROR_OUT_OF_MEMORY;
652 void *b2 = NULL;
653 void *b3 = NULL;
654
655 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
656 (TEE_PARAM_TYPE_VALUE_INPUT,
657 TEE_PARAM_TYPE_MEMREF_INPUT,
658 TEE_PARAM_TYPE_MEMREF_OUTPUT,
659 TEE_PARAM_TYPE_MEMREF_INPUT));
660
661 b2 = TEE_Malloc(params[2].memref.size, 0);
662 b3 = TEE_Malloc(params[3].memref.size, 0);
663 if (!b2 || !b3)
664 goto out;
665
666 TEE_MemMove(b3, params[3].memref.buffer, params[3].memref.size);
667 res = TEE_AEDecryptFinal(op, params[1].memref.buffer,
668 params[1].memref.size, b2,
669 ¶ms[2].memref.size, b3,
670 params[3].memref.size);
671 if (!res)
672 TEE_MemMove(params[2].memref.buffer, b2, params[2].memref.size);
673 out:
674 TEE_Free(b2);
675 TEE_Free(b3);
676
677 return res;
678 }
679
ta_entry_get_object_buffer_attribute(uint32_t param_type,TEE_Param params[4])680 TEE_Result ta_entry_get_object_buffer_attribute(uint32_t param_type,
681 TEE_Param params[4])
682 {
683 TEE_ObjectHandle o = VAL2HANDLE(params[0].value.a);
684
685 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
686 (TEE_PARAM_TYPE_VALUE_INPUT,
687 TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE,
688 TEE_PARAM_TYPE_NONE));
689
690 return TEE_GetObjectBufferAttribute(o, params[0].value.b,
691 params[1].memref.buffer, ¶ms[1].memref.size);
692 }
693
ta_entry_get_object_value_attribute(uint32_t param_type,TEE_Param params[4])694 TEE_Result ta_entry_get_object_value_attribute(uint32_t param_type,
695 TEE_Param params[4])
696 {
697 TEE_ObjectHandle o = VAL2HANDLE(params[0].value.a);
698
699 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
700 (TEE_PARAM_TYPE_VALUE_INPUT,
701 TEE_PARAM_TYPE_VALUE_OUTPUT, TEE_PARAM_TYPE_NONE,
702 TEE_PARAM_TYPE_NONE));
703
704 return TEE_GetObjectValueAttribute(o, params[0].value.b,
705 ¶ms[1].value.a, ¶ms[1].value.b);
706 }
707
ta_entry_is_algo_supported(uint32_t param_type,TEE_Param params[TEE_NUM_PARAMS])708 TEE_Result ta_entry_is_algo_supported(uint32_t param_type,
709 TEE_Param params[TEE_NUM_PARAMS])
710 {
711 ASSERT_PARAM_TYPE(TEE_PARAM_TYPES
712 (TEE_PARAM_TYPE_VALUE_INPUT,
713 TEE_PARAM_TYPE_VALUE_OUTPUT, TEE_PARAM_TYPE_NONE,
714 TEE_PARAM_TYPE_NONE));
715
716 params[1].value.a = TEE_IsAlgorithmSupported(params[0].value.a,
717 params[0].value.b);
718
719 return TEE_SUCCESS;
720 }
721