1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3  * Copyright (c) 2017, Linaro Limited
4  * Copyright 2020 NXP
5  * Copyright 2021, SumUp Service GmbH
6  */
7 
8 #include <assert.h>
9 #include <compiler.h>
10 #include <crypto/crypto.h>
11 #include <crypto/crypto_impl.h>
12 #include <kernel/panic.h>
13 #include <stdlib.h>
14 #include <string.h>
15 #include <utee_defines.h>
16 
crypto_hash_alloc_ctx(void ** ctx,uint32_t algo)17 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo)
18 {
19 	TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
20 	struct crypto_hash_ctx *c = NULL;
21 
22 	/*
23 	 * Use default cryptographic implementation if no matching
24 	 * drvcrypt device.
25 	 */
26 	res = drvcrypt_hash_alloc_ctx(&c, algo);
27 
28 	if (res == TEE_ERROR_NOT_IMPLEMENTED) {
29 		switch (algo) {
30 		case TEE_ALG_MD5:
31 			res = crypto_md5_alloc_ctx(&c);
32 			break;
33 		case TEE_ALG_SHA1:
34 			res = crypto_sha1_alloc_ctx(&c);
35 			break;
36 		case TEE_ALG_SHA224:
37 			res = crypto_sha224_alloc_ctx(&c);
38 			break;
39 		case TEE_ALG_SHA256:
40 			res = crypto_sha256_alloc_ctx(&c);
41 			break;
42 		case TEE_ALG_SHA384:
43 			res = crypto_sha384_alloc_ctx(&c);
44 			break;
45 		case TEE_ALG_SHA512:
46 			res = crypto_sha512_alloc_ctx(&c);
47 			break;
48 		case TEE_ALG_SM3:
49 			res = crypto_sm3_alloc_ctx(&c);
50 			break;
51 		default:
52 			break;
53 		}
54 	}
55 
56 	if (!res)
57 		*ctx = c;
58 
59 	return res;
60 }
61 
hash_ops(void * ctx)62 static const struct crypto_hash_ops *hash_ops(void *ctx)
63 {
64 	struct crypto_hash_ctx *c = ctx;
65 
66 	assert(c && c->ops);
67 
68 	return c->ops;
69 }
70 
crypto_hash_free_ctx(void * ctx)71 void crypto_hash_free_ctx(void *ctx)
72 {
73 	if (ctx)
74 		hash_ops(ctx)->free_ctx(ctx);
75 }
76 
crypto_hash_copy_state(void * dst_ctx,void * src_ctx)77 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx)
78 {
79 	hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
80 }
81 
crypto_hash_init(void * ctx)82 TEE_Result crypto_hash_init(void *ctx)
83 {
84 	return hash_ops(ctx)->init(ctx);
85 }
86 
crypto_hash_update(void * ctx,const uint8_t * data,size_t len)87 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len)
88 {
89 	return hash_ops(ctx)->update(ctx, data, len);
90 }
91 
crypto_hash_final(void * ctx,uint8_t * digest,size_t len)92 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len)
93 {
94 	return hash_ops(ctx)->final(ctx, digest, len);
95 }
96 
crypto_cipher_alloc_ctx(void ** ctx,uint32_t algo)97 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo)
98 {
99 	TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
100 	struct crypto_cipher_ctx *c = NULL;
101 
102 	/*
103 	 * Use default cryptographic implementation if no matching
104 	 * drvcrypt device.
105 	 */
106 	res = drvcrypt_cipher_alloc_ctx(&c, algo);
107 
108 	if (res == TEE_ERROR_NOT_IMPLEMENTED) {
109 		switch (algo) {
110 		case TEE_ALG_AES_ECB_NOPAD:
111 			res = crypto_aes_ecb_alloc_ctx(&c);
112 			break;
113 		case TEE_ALG_AES_CBC_NOPAD:
114 			res = crypto_aes_cbc_alloc_ctx(&c);
115 			break;
116 		case TEE_ALG_AES_CTR:
117 			res = crypto_aes_ctr_alloc_ctx(&c);
118 			break;
119 		case TEE_ALG_AES_CTS:
120 			res = crypto_aes_cts_alloc_ctx(&c);
121 			break;
122 		case TEE_ALG_AES_XTS:
123 			res = crypto_aes_xts_alloc_ctx(&c);
124 			break;
125 		case TEE_ALG_DES_ECB_NOPAD:
126 			res = crypto_des_ecb_alloc_ctx(&c);
127 			break;
128 		case TEE_ALG_DES3_ECB_NOPAD:
129 			res = crypto_des3_ecb_alloc_ctx(&c);
130 			break;
131 		case TEE_ALG_DES_CBC_NOPAD:
132 			res = crypto_des_cbc_alloc_ctx(&c);
133 			break;
134 		case TEE_ALG_DES3_CBC_NOPAD:
135 			res = crypto_des3_cbc_alloc_ctx(&c);
136 			break;
137 		case TEE_ALG_SM4_ECB_NOPAD:
138 			res = crypto_sm4_ecb_alloc_ctx(&c);
139 			break;
140 		case TEE_ALG_SM4_CBC_NOPAD:
141 			res = crypto_sm4_cbc_alloc_ctx(&c);
142 			break;
143 		case TEE_ALG_SM4_CTR:
144 			res = crypto_sm4_ctr_alloc_ctx(&c);
145 			break;
146 		case TEE_ALG_SM4_XTS:
147 			res = crypto_sm4_xts_alloc_ctx(&c);
148 			break;
149 		default:
150 			return TEE_ERROR_NOT_IMPLEMENTED;
151 		}
152 	}
153 
154 	if (!res)
155 		*ctx = c;
156 
157 	return res;
158 }
159 
cipher_ops(void * ctx)160 static const struct crypto_cipher_ops *cipher_ops(void *ctx)
161 {
162 	struct crypto_cipher_ctx *c = ctx;
163 
164 	assert(c && c->ops);
165 
166 	return c->ops;
167 }
168 
crypto_cipher_free_ctx(void * ctx)169 void crypto_cipher_free_ctx(void *ctx)
170 {
171 	if (ctx)
172 		cipher_ops(ctx)->free_ctx(ctx);
173 }
174 
crypto_cipher_copy_state(void * dst_ctx,void * src_ctx)175 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx)
176 {
177 	cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
178 }
179 
crypto_cipher_init(void * ctx,TEE_OperationMode mode,const uint8_t * key1,size_t key1_len,const uint8_t * key2,size_t key2_len,const uint8_t * iv,size_t iv_len)180 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode,
181 			      const uint8_t *key1, size_t key1_len,
182 			      const uint8_t *key2, size_t key2_len,
183 			      const uint8_t *iv, size_t iv_len)
184 {
185 	if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT)
186 		return TEE_ERROR_BAD_PARAMETERS;
187 
188 	return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len,
189 				     iv, iv_len);
190 }
191 
crypto_cipher_update(void * ctx,TEE_OperationMode mode __unused,bool last_block,const uint8_t * data,size_t len,uint8_t * dst)192 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused,
193 				bool last_block, const uint8_t *data,
194 				size_t len, uint8_t *dst)
195 {
196 	return cipher_ops(ctx)->update(ctx, last_block, data, len, dst);
197 }
198 
crypto_cipher_final(void * ctx)199 void crypto_cipher_final(void *ctx)
200 {
201 	cipher_ops(ctx)->final(ctx);
202 }
203 
crypto_cipher_get_block_size(uint32_t algo,size_t * size)204 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size)
205 {
206 	uint32_t class = TEE_ALG_GET_CLASS(algo);
207 
208 	if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC &&
209 	    class != TEE_OPERATION_AE)
210 		return TEE_ERROR_BAD_PARAMETERS;
211 
212 	switch (TEE_ALG_GET_MAIN_ALG(algo)) {
213 	case TEE_MAIN_ALGO_AES:
214 		*size = TEE_AES_BLOCK_SIZE;
215 		return TEE_SUCCESS;
216 	case TEE_MAIN_ALGO_DES:
217 	case TEE_MAIN_ALGO_DES3:
218 		*size = TEE_DES_BLOCK_SIZE;
219 		return TEE_SUCCESS;
220 	case TEE_MAIN_ALGO_SM4:
221 		*size = TEE_SM4_BLOCK_SIZE;
222 		return TEE_SUCCESS;
223 	default:
224 		return TEE_ERROR_NOT_SUPPORTED;
225 	}
226 }
227 
crypto_mac_alloc_ctx(void ** ctx,uint32_t algo)228 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo)
229 {
230 	TEE_Result res = TEE_SUCCESS;
231 	struct crypto_mac_ctx *c = NULL;
232 
233 	/*
234 	 * Use default cryptographic implementation if no matching
235 	 * drvcrypt device.
236 	 */
237 	res = drvcrypt_mac_alloc_ctx(&c, algo);
238 
239 	if (res == TEE_ERROR_NOT_IMPLEMENTED) {
240 		switch (algo) {
241 		case TEE_ALG_HMAC_MD5:
242 			res = crypto_hmac_md5_alloc_ctx(&c);
243 			break;
244 		case TEE_ALG_HMAC_SHA1:
245 			res = crypto_hmac_sha1_alloc_ctx(&c);
246 			break;
247 		case TEE_ALG_HMAC_SHA224:
248 			res = crypto_hmac_sha224_alloc_ctx(&c);
249 			break;
250 		case TEE_ALG_HMAC_SHA256:
251 			res = crypto_hmac_sha256_alloc_ctx(&c);
252 			break;
253 		case TEE_ALG_HMAC_SHA384:
254 			res = crypto_hmac_sha384_alloc_ctx(&c);
255 			break;
256 		case TEE_ALG_HMAC_SHA512:
257 			res = crypto_hmac_sha512_alloc_ctx(&c);
258 			break;
259 		case TEE_ALG_HMAC_SM3:
260 			res = crypto_hmac_sm3_alloc_ctx(&c);
261 			break;
262 		case TEE_ALG_AES_CBC_MAC_NOPAD:
263 			res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c);
264 			break;
265 		case TEE_ALG_AES_CBC_MAC_PKCS5:
266 			res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c);
267 			break;
268 		case TEE_ALG_DES_CBC_MAC_NOPAD:
269 			res = crypto_des_cbc_mac_nopad_alloc_ctx(&c);
270 			break;
271 		case TEE_ALG_DES_CBC_MAC_PKCS5:
272 			res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c);
273 			break;
274 		case TEE_ALG_DES3_CBC_MAC_NOPAD:
275 			res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c);
276 			break;
277 		case TEE_ALG_DES3_CBC_MAC_PKCS5:
278 			res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c);
279 			break;
280 		case TEE_ALG_DES3_CMAC:
281 			res = crypto_des3_cmac_alloc_ctx(&c);
282 			break;
283 		case TEE_ALG_AES_CMAC:
284 			res = crypto_aes_cmac_alloc_ctx(&c);
285 			break;
286 		default:
287 			return TEE_ERROR_NOT_SUPPORTED;
288 		}
289 	}
290 
291 	if (!res)
292 		*ctx = c;
293 
294 	return res;
295 }
296 
mac_ops(void * ctx)297 static const struct crypto_mac_ops *mac_ops(void *ctx)
298 {
299 	struct crypto_mac_ctx *c = ctx;
300 
301 	assert(c && c->ops);
302 
303 	return c->ops;
304 }
305 
crypto_mac_free_ctx(void * ctx)306 void crypto_mac_free_ctx(void *ctx)
307 {
308 	if (ctx)
309 		mac_ops(ctx)->free_ctx(ctx);
310 }
311 
crypto_mac_copy_state(void * dst_ctx,void * src_ctx)312 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx)
313 {
314 	mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
315 }
316 
crypto_mac_init(void * ctx,const uint8_t * key,size_t len)317 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len)
318 {
319 	return mac_ops(ctx)->init(ctx, key, len);
320 }
321 
crypto_mac_update(void * ctx,const uint8_t * data,size_t len)322 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len)
323 {
324 	if (!len)
325 		return TEE_SUCCESS;
326 
327 	return mac_ops(ctx)->update(ctx, data, len);
328 }
329 
crypto_mac_final(void * ctx,uint8_t * digest,size_t digest_len)330 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len)
331 {
332 	return mac_ops(ctx)->final(ctx, digest, digest_len);
333 }
334 
crypto_authenc_alloc_ctx(void ** ctx,uint32_t algo)335 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo)
336 {
337 	TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
338 	struct crypto_authenc_ctx *c = NULL;
339 
340 	/*
341 	 * Use default authenc implementation if no matching
342 	 * drvcrypt device.
343 	 */
344 	res = drvcrypt_authenc_alloc_ctx(&c, algo);
345 
346 	if (res == TEE_ERROR_NOT_IMPLEMENTED) {
347 		switch (algo) {
348 #if defined(CFG_CRYPTO_CCM)
349 		case TEE_ALG_AES_CCM:
350 			res = crypto_aes_ccm_alloc_ctx(&c);
351 			break;
352 #endif
353 #if defined(CFG_CRYPTO_GCM)
354 		case TEE_ALG_AES_GCM:
355 			res = crypto_aes_gcm_alloc_ctx(&c);
356 			break;
357 #endif
358 		default:
359 			break;
360 		}
361 	}
362 
363 	if (!res)
364 		*ctx = c;
365 
366 	return res;
367 }
368 
ae_ops(void * ctx)369 static const struct crypto_authenc_ops *ae_ops(void *ctx)
370 {
371 	struct crypto_authenc_ctx *c = ctx;
372 
373 	assert(c && c->ops);
374 
375 	return c->ops;
376 }
377 
crypto_authenc_init(void * ctx,TEE_OperationMode mode,const uint8_t * key,size_t key_len,const uint8_t * nonce,size_t nonce_len,size_t tag_len,size_t aad_len,size_t payload_len)378 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode,
379 			       const uint8_t *key, size_t key_len,
380 			       const uint8_t *nonce, size_t nonce_len,
381 			       size_t tag_len, size_t aad_len,
382 			       size_t payload_len)
383 {
384 	return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len,
385 				 tag_len, aad_len, payload_len);
386 }
387 
crypto_authenc_update_aad(void * ctx,TEE_OperationMode mode __unused,const uint8_t * data,size_t len)388 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused,
389 				     const uint8_t *data, size_t len)
390 {
391 	return ae_ops(ctx)->update_aad(ctx, data, len);
392 }
393 
394 
crypto_authenc_update_payload(void * ctx,TEE_OperationMode mode,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len)395 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode,
396 					 const uint8_t *src_data,
397 					 size_t src_len, uint8_t *dst_data,
398 					 size_t *dst_len)
399 {
400 	if (*dst_len < src_len)
401 		return TEE_ERROR_SHORT_BUFFER;
402 	*dst_len = src_len;
403 
404 	return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len,
405 					   dst_data);
406 }
407 
crypto_authenc_enc_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,uint8_t * dst_tag,size_t * dst_tag_len)408 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data,
409 				    size_t src_len, uint8_t *dst_data,
410 				    size_t *dst_len, uint8_t *dst_tag,
411 				    size_t *dst_tag_len)
412 {
413 	if (*dst_len < src_len)
414 		return TEE_ERROR_SHORT_BUFFER;
415 	*dst_len = src_len;
416 
417 	return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data,
418 				      dst_tag, dst_tag_len);
419 }
420 
crypto_authenc_dec_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,const uint8_t * tag,size_t tag_len)421 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data,
422 				    size_t src_len, uint8_t *dst_data,
423 				    size_t *dst_len, const uint8_t *tag,
424 				    size_t tag_len)
425 {
426 	if (*dst_len < src_len)
427 		return TEE_ERROR_SHORT_BUFFER;
428 	*dst_len = src_len;
429 
430 	return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag,
431 				      tag_len);
432 }
433 
crypto_authenc_final(void * ctx)434 void crypto_authenc_final(void *ctx)
435 {
436 	ae_ops(ctx)->final(ctx);
437 }
438 
crypto_authenc_free_ctx(void * ctx)439 void crypto_authenc_free_ctx(void *ctx)
440 {
441 	if (ctx)
442 		ae_ops(ctx)->free_ctx(ctx);
443 }
444 
crypto_authenc_copy_state(void * dst_ctx,void * src_ctx)445 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx)
446 {
447 	ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
448 }
449 
450 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \
451     !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC)
crypto_bignum_allocate(size_t size_bits __unused)452 struct bignum *crypto_bignum_allocate(size_t size_bits __unused)
453 {
454 	return NULL;
455 }
456 
crypto_bignum_bin2bn(const uint8_t * from __unused,size_t fromsize __unused,struct bignum * to __unused)457 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused,
458 				size_t fromsize __unused,
459 				struct bignum *to __unused)
460 {
461 	return TEE_ERROR_NOT_IMPLEMENTED;
462 }
463 
crypto_bignum_num_bytes(struct bignum * a __unused)464 size_t crypto_bignum_num_bytes(struct bignum *a __unused)
465 {
466 	return 0;
467 }
468 
crypto_bignum_num_bits(struct bignum * a __unused)469 size_t crypto_bignum_num_bits(struct bignum *a __unused)
470 {
471 	return 0;
472 }
473 
474 /*
475  * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be
476  * enough to guarantee that the functions calling this function aren't
477  * called, but just in case add a panic() here to avoid unexpected
478  * behavoir.
479  */
bignum_cant_happen(void)480 static void bignum_cant_happen(void)
481 {
482 	volatile bool b = true;
483 
484 	/* Avoid warning about function does not return */
485 	if (b)
486 		panic();
487 }
488 
crypto_bignum_bn2bin(const struct bignum * from __unused,uint8_t * to __unused)489 void crypto_bignum_bn2bin(const struct bignum *from __unused,
490 			  uint8_t *to __unused)
491 {
492 	bignum_cant_happen();
493 }
494 
crypto_bignum_copy(struct bignum * to __unused,const struct bignum * from __unused)495 void crypto_bignum_copy(struct bignum *to __unused,
496 			const struct bignum *from __unused)
497 {
498 	bignum_cant_happen();
499 }
500 
crypto_bignum_free(struct bignum * a)501 void crypto_bignum_free(struct bignum *a)
502 {
503 	if (a)
504 		panic();
505 }
506 
crypto_bignum_clear(struct bignum * a __unused)507 void crypto_bignum_clear(struct bignum *a __unused)
508 {
509 	bignum_cant_happen();
510 }
511 
512 /* return -1 if a<b, 0 if a==b, +1 if a>b */
crypto_bignum_compare(struct bignum * a __unused,struct bignum * b __unused)513 int32_t crypto_bignum_compare(struct bignum *a __unused,
514 			      struct bignum *b __unused)
515 {
516 	bignum_cant_happen();
517 	return -1;
518 }
519 #endif
520 
521 #if !defined(CFG_CRYPTO_RSA)
crypto_acipher_alloc_rsa_keypair(struct rsa_keypair * s __unused,size_t key_size_bits __unused)522 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused,
523 					    size_t key_size_bits __unused)
524 {
525 	return TEE_ERROR_NOT_IMPLEMENTED;
526 }
527 
528 TEE_Result
crypto_acipher_alloc_rsa_public_key(struct rsa_public_key * s __unused,size_t key_size_bits __unused)529 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused,
530 				    size_t key_size_bits __unused)
531 {
532 	return TEE_ERROR_NOT_IMPLEMENTED;
533 }
534 
crypto_acipher_free_rsa_public_key(struct rsa_public_key * s __unused)535 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused)
536 {
537 }
538 
crypto_acipher_free_rsa_keypair(struct rsa_keypair * s __unused)539 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused)
540 {
541 }
542 
crypto_acipher_gen_rsa_key(struct rsa_keypair * key __unused,size_t key_size __unused)543 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused,
544 				      size_t key_size __unused)
545 {
546 	return TEE_ERROR_NOT_IMPLEMENTED;
547 }
548 
crypto_acipher_rsanopad_decrypt(struct rsa_keypair * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)549 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused,
550 					   const uint8_t *src __unused,
551 					   size_t src_len __unused,
552 					   uint8_t *dst __unused,
553 					   size_t *dst_len __unused)
554 {
555 	return TEE_ERROR_NOT_IMPLEMENTED;
556 }
557 
crypto_acipher_rsanopad_encrypt(struct rsa_public_key * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)558 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused,
559 					   const uint8_t *src __unused,
560 					   size_t src_len __unused,
561 					   uint8_t *dst __unused,
562 					   size_t *dst_len __unused)
563 {
564 	return TEE_ERROR_NOT_IMPLEMENTED;
565 }
566 
crypto_acipher_rsaes_decrypt(uint32_t algo __unused,struct rsa_keypair * key __unused,const uint8_t * label __unused,size_t label_len __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)567 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused,
568 					struct rsa_keypair *key __unused,
569 					const uint8_t *label __unused,
570 					size_t label_len __unused,
571 					const uint8_t *src __unused,
572 					size_t src_len __unused,
573 					uint8_t *dst __unused,
574 					size_t *dst_len __unused)
575 {
576 	return TEE_ERROR_NOT_IMPLEMENTED;
577 }
578 
crypto_acipher_rsaes_encrypt(uint32_t algo __unused,struct rsa_public_key * key __unused,const uint8_t * label __unused,size_t label_len __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)579 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused,
580 					struct rsa_public_key *key __unused,
581 					const uint8_t *label __unused,
582 					size_t label_len __unused,
583 					const uint8_t *src __unused,
584 					size_t src_len __unused,
585 					uint8_t *dst __unused,
586 					size_t *dst_len __unused)
587 {
588 	return TEE_ERROR_NOT_IMPLEMENTED;
589 }
590 
crypto_acipher_rsassa_sign(uint32_t algo __unused,struct rsa_keypair * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)591 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused,
592 				      struct rsa_keypair *key __unused,
593 				      int salt_len __unused,
594 				      const uint8_t *msg __unused,
595 				      size_t msg_len __unused,
596 				      uint8_t *sig __unused,
597 				      size_t *sig_len __unused)
598 {
599 	return TEE_ERROR_NOT_IMPLEMENTED;
600 }
601 
crypto_acipher_rsassa_verify(uint32_t algo __unused,struct rsa_public_key * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)602 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused,
603 					struct rsa_public_key *key __unused,
604 					int salt_len __unused,
605 					const uint8_t *msg __unused,
606 					size_t msg_len __unused,
607 					const uint8_t *sig __unused,
608 					size_t sig_len __unused)
609 {
610 	return TEE_ERROR_NOT_IMPLEMENTED;
611 }
612 #endif /*!CFG_CRYPTO_RSA*/
613 
614 #if !defined(CFG_CRYPTO_DSA)
crypto_acipher_alloc_dsa_keypair(struct dsa_keypair * s __unused,size_t key_size_bits __unused)615 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused,
616 					    size_t key_size_bits __unused)
617 {
618 	return TEE_ERROR_NOT_IMPLEMENTED;
619 }
620 
621 TEE_Result
crypto_acipher_alloc_dsa_public_key(struct dsa_public_key * s __unused,size_t key_size_bits __unused)622 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused,
623 				    size_t key_size_bits __unused)
624 {
625 	return TEE_ERROR_NOT_IMPLEMENTED;
626 }
627 
crypto_acipher_gen_dsa_key(struct dsa_keypair * key __unused,size_t key_size __unused)628 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused,
629 				      size_t key_size __unused)
630 {
631 	return TEE_ERROR_NOT_IMPLEMENTED;
632 }
633 
crypto_acipher_dsa_sign(uint32_t algo __unused,struct dsa_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)634 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused,
635 				   struct dsa_keypair *key __unused,
636 				   const uint8_t *msg __unused,
637 				   size_t msg_len __unused,
638 				   uint8_t *sig __unused,
639 				   size_t *sig_len __unused)
640 {
641 	return TEE_ERROR_NOT_IMPLEMENTED;
642 }
643 
crypto_acipher_dsa_verify(uint32_t algo __unused,struct dsa_public_key * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)644 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused,
645 				     struct dsa_public_key *key __unused,
646 				     const uint8_t *msg __unused,
647 				     size_t msg_len __unused,
648 				     const uint8_t *sig __unused,
649 				     size_t sig_len __unused)
650 {
651 	return TEE_ERROR_NOT_IMPLEMENTED;
652 }
653 #endif /*!CFG_CRYPTO_DSA*/
654 
655 #if !defined(CFG_CRYPTO_DH)
crypto_acipher_alloc_dh_keypair(struct dh_keypair * s __unused,size_t key_size_bits __unused)656 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused,
657 					   size_t key_size_bits __unused)
658 {
659 	return TEE_ERROR_NOT_IMPLEMENTED;
660 }
661 
crypto_acipher_gen_dh_key(struct dh_keypair * key __unused,struct bignum * q __unused,size_t xbits __unused,size_t key_size __unused)662 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused,
663 				     struct bignum *q __unused,
664 				     size_t xbits __unused,
665 				     size_t key_size __unused)
666 {
667 	return TEE_ERROR_NOT_IMPLEMENTED;
668 }
669 
670 TEE_Result
crypto_acipher_dh_shared_secret(struct dh_keypair * private_key __unused,struct bignum * public_key __unused,struct bignum * secret __unused)671 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused,
672 				struct bignum *public_key __unused,
673 				struct bignum *secret __unused)
674 {
675 	return TEE_ERROR_NOT_IMPLEMENTED;
676 }
677 #endif /*!CFG_CRYPTO_DH*/
678 
crypto_acipher_alloc_ecc_public_key(struct ecc_public_key * key,uint32_t key_type,size_t key_size_bits)679 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key,
680 					       uint32_t key_type,
681 					       size_t key_size_bits)
682 {
683 	TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
684 
685 	/*
686 	 * Use default cryptographic implementation if no matching
687 	 * drvcrypt device.
688 	 */
689 	res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits);
690 	if (res == TEE_ERROR_NOT_IMPLEMENTED)
691 		res = crypto_asym_alloc_ecc_public_key(key, key_type,
692 						       key_size_bits);
693 
694 	return res;
695 }
696 
crypto_acipher_alloc_ecc_keypair(struct ecc_keypair * key,uint32_t key_type,size_t key_size_bits)697 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key,
698 					    uint32_t key_type,
699 					    size_t key_size_bits)
700 {
701 	TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
702 
703 	/*
704 	 * Use default cryptographic implementation if no matching
705 	 * drvcrypt device.
706 	 */
707 	res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits);
708 	if (res == TEE_ERROR_NOT_IMPLEMENTED)
709 		res = crypto_asym_alloc_ecc_keypair(key, key_type,
710 						    key_size_bits);
711 
712 	return res;
713 }
714 
crypto_acipher_free_ecc_public_key(struct ecc_public_key * key)715 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key)
716 {
717 	assert(key->ops && key->ops->free);
718 
719 	key->ops->free(key);
720 }
721 
crypto_acipher_gen_ecc_key(struct ecc_keypair * key,size_t key_size_bits)722 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key,
723 				      size_t key_size_bits)
724 {
725 	assert(key->ops && key->ops->generate);
726 
727 	return key->ops->generate(key, key_size_bits);
728 }
729 
crypto_acipher_ecc_sign(uint32_t algo,struct ecc_keypair * key,const uint8_t * msg,size_t msg_len,uint8_t * sig,size_t * sig_len)730 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key,
731 				   const uint8_t *msg, size_t msg_len,
732 				   uint8_t *sig, size_t *sig_len)
733 {
734 	assert(key->ops);
735 
736 	if (!key->ops->sign)
737 		return TEE_ERROR_NOT_IMPLEMENTED;
738 
739 	return key->ops->sign(algo, key, msg, msg_len, sig, sig_len);
740 }
741 
crypto_acipher_ecc_verify(uint32_t algo,struct ecc_public_key * key,const uint8_t * msg,size_t msg_len,const uint8_t * sig,size_t sig_len)742 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key,
743 				     const uint8_t *msg, size_t msg_len,
744 				     const uint8_t *sig, size_t sig_len)
745 {
746 	assert(key->ops);
747 
748 	if (!key->ops->verify)
749 		return TEE_ERROR_NOT_IMPLEMENTED;
750 
751 	return key->ops->verify(algo, key, msg, msg_len, sig, sig_len);
752 }
753 
crypto_acipher_ecc_shared_secret(struct ecc_keypair * private_key,struct ecc_public_key * public_key,void * secret,unsigned long * secret_len)754 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key,
755 					    struct ecc_public_key *public_key,
756 					    void *secret,
757 					    unsigned long *secret_len)
758 {
759 	assert(private_key->ops);
760 
761 	if (!private_key->ops->shared_secret)
762 		return TEE_ERROR_NOT_IMPLEMENTED;
763 
764 	return private_key->ops->shared_secret(private_key, public_key, secret,
765 					       secret_len);
766 }
767 
crypto_acipher_sm2_pke_decrypt(struct ecc_keypair * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)768 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key,
769 					  const uint8_t *src, size_t src_len,
770 					  uint8_t *dst, size_t *dst_len)
771 {
772 	assert(key->ops);
773 
774 	if (!key->ops->decrypt)
775 		return TEE_ERROR_NOT_IMPLEMENTED;
776 
777 	return key->ops->decrypt(key, src, src_len, dst, dst_len);
778 }
779 
crypto_acipher_sm2_pke_encrypt(struct ecc_public_key * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)780 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key,
781 					  const uint8_t *src, size_t src_len,
782 					  uint8_t *dst, size_t *dst_len)
783 {
784 	assert(key->ops);
785 
786 	if (!key->ops->encrypt)
787 		return TEE_ERROR_NOT_IMPLEMENTED;
788 
789 	return key->ops->encrypt(key, src, src_len, dst, dst_len);
790 }
791 
792 #if !defined(CFG_CRYPTO_SM2_KEP)
crypto_acipher_sm2_kep_derive(struct ecc_keypair * my_key __unused,struct ecc_keypair * my_eph_key __unused,struct ecc_public_key * peer_key __unused,struct ecc_public_key * peer_eph_key __unused,struct sm2_kep_parms * p __unused)793 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused,
794 					 struct ecc_keypair *my_eph_key
795 								__unused,
796 					 struct ecc_public_key *peer_key
797 								__unused,
798 					 struct ecc_public_key *peer_eph_key
799 								__unused,
800 					 struct sm2_kep_parms *p __unused)
801 {
802 	return TEE_ERROR_NOT_IMPLEMENTED;
803 }
804 #endif
805 
806 #if !defined(CFG_CRYPTO_X25519)
crypto_acipher_alloc_x25519_keypair(struct x25519_keypair * key __unused,size_t key_size_bits __unused)807 TEE_Result crypto_acipher_alloc_x25519_keypair(struct x25519_keypair *key
808 								__unused,
809 					       size_t key_size_bits __unused)
810 {
811 	return TEE_ERROR_NOT_IMPLEMENTED;
812 }
813 
crypto_acipher_gen_x25519_key(struct x25519_keypair * key __unused,size_t key_size __unused)814 TEE_Result crypto_acipher_gen_x25519_key(struct x25519_keypair *key __unused,
815 					 size_t key_size __unused)
816 {
817 	return TEE_ERROR_NOT_IMPLEMENTED;
818 }
819 
crypto_acipher_x25519_shared_secret(struct x25519_keypair * private_key __unused,void * public_key __unused,void * secret __unused,unsigned long * secret_len __unused)820 TEE_Result crypto_acipher_x25519_shared_secret(struct x25519_keypair
821 					       *private_key __unused,
822 					       void *public_key __unused,
823 					       void *secret __unused,
824 					       unsigned long
825 					       *secret_len __unused)
826 {
827 	return TEE_ERROR_NOT_IMPLEMENTED;
828 }
829 #endif
830 
831 #if !defined(CFG_CRYPTO_ED25519)
crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair * key __unused,size_t key_size_bits __unused)832 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key
833 								 __unused,
834 						size_t key_size_bits __unused)
835 {
836 	return TEE_ERROR_NOT_IMPLEMENTED;
837 }
838 
crypto_acipher_gen_ed25519_key(struct ed25519_keypair * key __unused,size_t key_size __unused)839 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key __unused,
840 					  size_t key_size __unused)
841 {
842 	return TEE_ERROR_NOT_IMPLEMENTED;
843 }
844 
crypto_acipher_ed25519_sign(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)845 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key __unused,
846 				       const uint8_t *msg __unused,
847 				       size_t msg_len __unused,
848 				       uint8_t *sig __unused,
849 				       size_t *sig_len __unused)
850 {
851 	return TEE_ERROR_NOT_IMPLEMENTED;
852 }
853 
crypto_acipher_ed25519_verify(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)854 TEE_Result crypto_acipher_ed25519_verify(struct ed25519_keypair *key __unused,
855 					 const uint8_t *msg __unused,
856 					 size_t msg_len __unused,
857 					 const uint8_t *sig __unused,
858 					 size_t sig_len __unused)
859 {
860 	return TEE_ERROR_NOT_IMPLEMENTED;
861 }
862 
crypto_acipher_ed25519ctx_sign(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused,bool ph_flag __unused,const uint8_t * ctx __unused,size_t ctxlen __unused)863 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key __unused,
864 					  const uint8_t *msg __unused,
865 					  size_t msg_len __unused,
866 					  uint8_t *sig __unused,
867 					  size_t *sig_len __unused,
868 					  bool ph_flag __unused,
869 					  const uint8_t *ctx __unused,
870 					  size_t ctxlen __unused)
871 {
872 	return TEE_ERROR_NOT_IMPLEMENTED;
873 }
874 
crypto_acipher_ed25519ctx_verify(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused,bool ph_flag __unused,const uint8_t * ctx __unused,size_t ctxlen __unused)875 TEE_Result crypto_acipher_ed25519ctx_verify(struct ed25519_keypair *key
876 							 __unused,
877 					    const uint8_t *msg __unused,
878 					    size_t msg_len __unused,
879 					    const uint8_t *sig __unused,
880 					    size_t sig_len __unused,
881 					    bool ph_flag __unused,
882 					    const uint8_t *ctx __unused,
883 					    size_t ctxlen __unused)
884 {
885 	return TEE_ERROR_NOT_IMPLEMENTED;
886 }
887 #endif
888 
crypto_storage_obj_del(struct tee_obj * obj __unused)889 __weak TEE_Result crypto_storage_obj_del(struct tee_obj *obj __unused)
890 {
891 	return TEE_ERROR_NOT_IMPLEMENTED;
892 }
893