1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (c) 2017, Linaro Limited
4 * Copyright 2020 NXP
5 * Copyright 2021, SumUp Service GmbH
6 */
7
8 #include <assert.h>
9 #include <compiler.h>
10 #include <crypto/crypto.h>
11 #include <crypto/crypto_impl.h>
12 #include <kernel/panic.h>
13 #include <stdlib.h>
14 #include <string.h>
15 #include <utee_defines.h>
16
crypto_hash_alloc_ctx(void ** ctx,uint32_t algo)17 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo)
18 {
19 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
20 struct crypto_hash_ctx *c = NULL;
21
22 /*
23 * Use default cryptographic implementation if no matching
24 * drvcrypt device.
25 */
26 res = drvcrypt_hash_alloc_ctx(&c, algo);
27
28 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
29 switch (algo) {
30 case TEE_ALG_MD5:
31 res = crypto_md5_alloc_ctx(&c);
32 break;
33 case TEE_ALG_SHA1:
34 res = crypto_sha1_alloc_ctx(&c);
35 break;
36 case TEE_ALG_SHA224:
37 res = crypto_sha224_alloc_ctx(&c);
38 break;
39 case TEE_ALG_SHA256:
40 res = crypto_sha256_alloc_ctx(&c);
41 break;
42 case TEE_ALG_SHA384:
43 res = crypto_sha384_alloc_ctx(&c);
44 break;
45 case TEE_ALG_SHA512:
46 res = crypto_sha512_alloc_ctx(&c);
47 break;
48 case TEE_ALG_SM3:
49 res = crypto_sm3_alloc_ctx(&c);
50 break;
51 default:
52 break;
53 }
54 }
55
56 if (!res)
57 *ctx = c;
58
59 return res;
60 }
61
hash_ops(void * ctx)62 static const struct crypto_hash_ops *hash_ops(void *ctx)
63 {
64 struct crypto_hash_ctx *c = ctx;
65
66 assert(c && c->ops);
67
68 return c->ops;
69 }
70
crypto_hash_free_ctx(void * ctx)71 void crypto_hash_free_ctx(void *ctx)
72 {
73 if (ctx)
74 hash_ops(ctx)->free_ctx(ctx);
75 }
76
crypto_hash_copy_state(void * dst_ctx,void * src_ctx)77 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx)
78 {
79 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
80 }
81
crypto_hash_init(void * ctx)82 TEE_Result crypto_hash_init(void *ctx)
83 {
84 return hash_ops(ctx)->init(ctx);
85 }
86
crypto_hash_update(void * ctx,const uint8_t * data,size_t len)87 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len)
88 {
89 return hash_ops(ctx)->update(ctx, data, len);
90 }
91
crypto_hash_final(void * ctx,uint8_t * digest,size_t len)92 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len)
93 {
94 return hash_ops(ctx)->final(ctx, digest, len);
95 }
96
crypto_cipher_alloc_ctx(void ** ctx,uint32_t algo)97 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo)
98 {
99 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
100 struct crypto_cipher_ctx *c = NULL;
101
102 /*
103 * Use default cryptographic implementation if no matching
104 * drvcrypt device.
105 */
106 res = drvcrypt_cipher_alloc_ctx(&c, algo);
107
108 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
109 switch (algo) {
110 case TEE_ALG_AES_ECB_NOPAD:
111 res = crypto_aes_ecb_alloc_ctx(&c);
112 break;
113 case TEE_ALG_AES_CBC_NOPAD:
114 res = crypto_aes_cbc_alloc_ctx(&c);
115 break;
116 case TEE_ALG_AES_CTR:
117 res = crypto_aes_ctr_alloc_ctx(&c);
118 break;
119 case TEE_ALG_AES_CTS:
120 res = crypto_aes_cts_alloc_ctx(&c);
121 break;
122 case TEE_ALG_AES_XTS:
123 res = crypto_aes_xts_alloc_ctx(&c);
124 break;
125 case TEE_ALG_DES_ECB_NOPAD:
126 res = crypto_des_ecb_alloc_ctx(&c);
127 break;
128 case TEE_ALG_DES3_ECB_NOPAD:
129 res = crypto_des3_ecb_alloc_ctx(&c);
130 break;
131 case TEE_ALG_DES_CBC_NOPAD:
132 res = crypto_des_cbc_alloc_ctx(&c);
133 break;
134 case TEE_ALG_DES3_CBC_NOPAD:
135 res = crypto_des3_cbc_alloc_ctx(&c);
136 break;
137 case TEE_ALG_SM4_ECB_NOPAD:
138 res = crypto_sm4_ecb_alloc_ctx(&c);
139 break;
140 case TEE_ALG_SM4_CBC_NOPAD:
141 res = crypto_sm4_cbc_alloc_ctx(&c);
142 break;
143 case TEE_ALG_SM4_CTR:
144 res = crypto_sm4_ctr_alloc_ctx(&c);
145 break;
146 case TEE_ALG_SM4_XTS:
147 res = crypto_sm4_xts_alloc_ctx(&c);
148 break;
149 default:
150 return TEE_ERROR_NOT_IMPLEMENTED;
151 }
152 }
153
154 if (!res)
155 *ctx = c;
156
157 return res;
158 }
159
cipher_ops(void * ctx)160 static const struct crypto_cipher_ops *cipher_ops(void *ctx)
161 {
162 struct crypto_cipher_ctx *c = ctx;
163
164 assert(c && c->ops);
165
166 return c->ops;
167 }
168
crypto_cipher_free_ctx(void * ctx)169 void crypto_cipher_free_ctx(void *ctx)
170 {
171 if (ctx)
172 cipher_ops(ctx)->free_ctx(ctx);
173 }
174
crypto_cipher_copy_state(void * dst_ctx,void * src_ctx)175 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx)
176 {
177 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
178 }
179
crypto_cipher_init(void * ctx,TEE_OperationMode mode,const uint8_t * key1,size_t key1_len,const uint8_t * key2,size_t key2_len,const uint8_t * iv,size_t iv_len)180 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode,
181 const uint8_t *key1, size_t key1_len,
182 const uint8_t *key2, size_t key2_len,
183 const uint8_t *iv, size_t iv_len)
184 {
185 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT)
186 return TEE_ERROR_BAD_PARAMETERS;
187
188 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len,
189 iv, iv_len);
190 }
191
crypto_cipher_update(void * ctx,TEE_OperationMode mode __unused,bool last_block,const uint8_t * data,size_t len,uint8_t * dst)192 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused,
193 bool last_block, const uint8_t *data,
194 size_t len, uint8_t *dst)
195 {
196 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst);
197 }
198
crypto_cipher_final(void * ctx)199 void crypto_cipher_final(void *ctx)
200 {
201 cipher_ops(ctx)->final(ctx);
202 }
203
crypto_cipher_get_block_size(uint32_t algo,size_t * size)204 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size)
205 {
206 uint32_t class = TEE_ALG_GET_CLASS(algo);
207
208 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC &&
209 class != TEE_OPERATION_AE)
210 return TEE_ERROR_BAD_PARAMETERS;
211
212 switch (TEE_ALG_GET_MAIN_ALG(algo)) {
213 case TEE_MAIN_ALGO_AES:
214 *size = TEE_AES_BLOCK_SIZE;
215 return TEE_SUCCESS;
216 case TEE_MAIN_ALGO_DES:
217 case TEE_MAIN_ALGO_DES3:
218 *size = TEE_DES_BLOCK_SIZE;
219 return TEE_SUCCESS;
220 case TEE_MAIN_ALGO_SM4:
221 *size = TEE_SM4_BLOCK_SIZE;
222 return TEE_SUCCESS;
223 default:
224 return TEE_ERROR_NOT_SUPPORTED;
225 }
226 }
227
crypto_mac_alloc_ctx(void ** ctx,uint32_t algo)228 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo)
229 {
230 TEE_Result res = TEE_SUCCESS;
231 struct crypto_mac_ctx *c = NULL;
232
233 /*
234 * Use default cryptographic implementation if no matching
235 * drvcrypt device.
236 */
237 res = drvcrypt_mac_alloc_ctx(&c, algo);
238
239 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
240 switch (algo) {
241 case TEE_ALG_HMAC_MD5:
242 res = crypto_hmac_md5_alloc_ctx(&c);
243 break;
244 case TEE_ALG_HMAC_SHA1:
245 res = crypto_hmac_sha1_alloc_ctx(&c);
246 break;
247 case TEE_ALG_HMAC_SHA224:
248 res = crypto_hmac_sha224_alloc_ctx(&c);
249 break;
250 case TEE_ALG_HMAC_SHA256:
251 res = crypto_hmac_sha256_alloc_ctx(&c);
252 break;
253 case TEE_ALG_HMAC_SHA384:
254 res = crypto_hmac_sha384_alloc_ctx(&c);
255 break;
256 case TEE_ALG_HMAC_SHA512:
257 res = crypto_hmac_sha512_alloc_ctx(&c);
258 break;
259 case TEE_ALG_HMAC_SM3:
260 res = crypto_hmac_sm3_alloc_ctx(&c);
261 break;
262 case TEE_ALG_AES_CBC_MAC_NOPAD:
263 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c);
264 break;
265 case TEE_ALG_AES_CBC_MAC_PKCS5:
266 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c);
267 break;
268 case TEE_ALG_DES_CBC_MAC_NOPAD:
269 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c);
270 break;
271 case TEE_ALG_DES_CBC_MAC_PKCS5:
272 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c);
273 break;
274 case TEE_ALG_DES3_CBC_MAC_NOPAD:
275 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c);
276 break;
277 case TEE_ALG_DES3_CBC_MAC_PKCS5:
278 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c);
279 break;
280 case TEE_ALG_DES3_CMAC:
281 res = crypto_des3_cmac_alloc_ctx(&c);
282 break;
283 case TEE_ALG_AES_CMAC:
284 res = crypto_aes_cmac_alloc_ctx(&c);
285 break;
286 default:
287 return TEE_ERROR_NOT_SUPPORTED;
288 }
289 }
290
291 if (!res)
292 *ctx = c;
293
294 return res;
295 }
296
mac_ops(void * ctx)297 static const struct crypto_mac_ops *mac_ops(void *ctx)
298 {
299 struct crypto_mac_ctx *c = ctx;
300
301 assert(c && c->ops);
302
303 return c->ops;
304 }
305
crypto_mac_free_ctx(void * ctx)306 void crypto_mac_free_ctx(void *ctx)
307 {
308 if (ctx)
309 mac_ops(ctx)->free_ctx(ctx);
310 }
311
crypto_mac_copy_state(void * dst_ctx,void * src_ctx)312 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx)
313 {
314 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
315 }
316
crypto_mac_init(void * ctx,const uint8_t * key,size_t len)317 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len)
318 {
319 return mac_ops(ctx)->init(ctx, key, len);
320 }
321
crypto_mac_update(void * ctx,const uint8_t * data,size_t len)322 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len)
323 {
324 if (!len)
325 return TEE_SUCCESS;
326
327 return mac_ops(ctx)->update(ctx, data, len);
328 }
329
crypto_mac_final(void * ctx,uint8_t * digest,size_t digest_len)330 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len)
331 {
332 return mac_ops(ctx)->final(ctx, digest, digest_len);
333 }
334
crypto_authenc_alloc_ctx(void ** ctx,uint32_t algo)335 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo)
336 {
337 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
338 struct crypto_authenc_ctx *c = NULL;
339
340 /*
341 * Use default authenc implementation if no matching
342 * drvcrypt device.
343 */
344 res = drvcrypt_authenc_alloc_ctx(&c, algo);
345
346 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
347 switch (algo) {
348 #if defined(CFG_CRYPTO_CCM)
349 case TEE_ALG_AES_CCM:
350 res = crypto_aes_ccm_alloc_ctx(&c);
351 break;
352 #endif
353 #if defined(CFG_CRYPTO_GCM)
354 case TEE_ALG_AES_GCM:
355 res = crypto_aes_gcm_alloc_ctx(&c);
356 break;
357 #endif
358 default:
359 break;
360 }
361 }
362
363 if (!res)
364 *ctx = c;
365
366 return res;
367 }
368
ae_ops(void * ctx)369 static const struct crypto_authenc_ops *ae_ops(void *ctx)
370 {
371 struct crypto_authenc_ctx *c = ctx;
372
373 assert(c && c->ops);
374
375 return c->ops;
376 }
377
crypto_authenc_init(void * ctx,TEE_OperationMode mode,const uint8_t * key,size_t key_len,const uint8_t * nonce,size_t nonce_len,size_t tag_len,size_t aad_len,size_t payload_len)378 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode,
379 const uint8_t *key, size_t key_len,
380 const uint8_t *nonce, size_t nonce_len,
381 size_t tag_len, size_t aad_len,
382 size_t payload_len)
383 {
384 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len,
385 tag_len, aad_len, payload_len);
386 }
387
crypto_authenc_update_aad(void * ctx,TEE_OperationMode mode __unused,const uint8_t * data,size_t len)388 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused,
389 const uint8_t *data, size_t len)
390 {
391 return ae_ops(ctx)->update_aad(ctx, data, len);
392 }
393
394
crypto_authenc_update_payload(void * ctx,TEE_OperationMode mode,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len)395 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode,
396 const uint8_t *src_data,
397 size_t src_len, uint8_t *dst_data,
398 size_t *dst_len)
399 {
400 if (*dst_len < src_len)
401 return TEE_ERROR_SHORT_BUFFER;
402 *dst_len = src_len;
403
404 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len,
405 dst_data);
406 }
407
crypto_authenc_enc_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,uint8_t * dst_tag,size_t * dst_tag_len)408 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data,
409 size_t src_len, uint8_t *dst_data,
410 size_t *dst_len, uint8_t *dst_tag,
411 size_t *dst_tag_len)
412 {
413 if (*dst_len < src_len)
414 return TEE_ERROR_SHORT_BUFFER;
415 *dst_len = src_len;
416
417 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data,
418 dst_tag, dst_tag_len);
419 }
420
crypto_authenc_dec_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,const uint8_t * tag,size_t tag_len)421 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data,
422 size_t src_len, uint8_t *dst_data,
423 size_t *dst_len, const uint8_t *tag,
424 size_t tag_len)
425 {
426 if (*dst_len < src_len)
427 return TEE_ERROR_SHORT_BUFFER;
428 *dst_len = src_len;
429
430 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag,
431 tag_len);
432 }
433
crypto_authenc_final(void * ctx)434 void crypto_authenc_final(void *ctx)
435 {
436 ae_ops(ctx)->final(ctx);
437 }
438
crypto_authenc_free_ctx(void * ctx)439 void crypto_authenc_free_ctx(void *ctx)
440 {
441 if (ctx)
442 ae_ops(ctx)->free_ctx(ctx);
443 }
444
crypto_authenc_copy_state(void * dst_ctx,void * src_ctx)445 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx)
446 {
447 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
448 }
449
450 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \
451 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC)
crypto_bignum_allocate(size_t size_bits __unused)452 struct bignum *crypto_bignum_allocate(size_t size_bits __unused)
453 {
454 return NULL;
455 }
456
crypto_bignum_bin2bn(const uint8_t * from __unused,size_t fromsize __unused,struct bignum * to __unused)457 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused,
458 size_t fromsize __unused,
459 struct bignum *to __unused)
460 {
461 return TEE_ERROR_NOT_IMPLEMENTED;
462 }
463
crypto_bignum_num_bytes(struct bignum * a __unused)464 size_t crypto_bignum_num_bytes(struct bignum *a __unused)
465 {
466 return 0;
467 }
468
crypto_bignum_num_bits(struct bignum * a __unused)469 size_t crypto_bignum_num_bits(struct bignum *a __unused)
470 {
471 return 0;
472 }
473
474 /*
475 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be
476 * enough to guarantee that the functions calling this function aren't
477 * called, but just in case add a panic() here to avoid unexpected
478 * behavoir.
479 */
bignum_cant_happen(void)480 static void bignum_cant_happen(void)
481 {
482 volatile bool b = true;
483
484 /* Avoid warning about function does not return */
485 if (b)
486 panic();
487 }
488
crypto_bignum_bn2bin(const struct bignum * from __unused,uint8_t * to __unused)489 void crypto_bignum_bn2bin(const struct bignum *from __unused,
490 uint8_t *to __unused)
491 {
492 bignum_cant_happen();
493 }
494
crypto_bignum_copy(struct bignum * to __unused,const struct bignum * from __unused)495 void crypto_bignum_copy(struct bignum *to __unused,
496 const struct bignum *from __unused)
497 {
498 bignum_cant_happen();
499 }
500
crypto_bignum_free(struct bignum * a)501 void crypto_bignum_free(struct bignum *a)
502 {
503 if (a)
504 panic();
505 }
506
crypto_bignum_clear(struct bignum * a __unused)507 void crypto_bignum_clear(struct bignum *a __unused)
508 {
509 bignum_cant_happen();
510 }
511
512 /* return -1 if a<b, 0 if a==b, +1 if a>b */
crypto_bignum_compare(struct bignum * a __unused,struct bignum * b __unused)513 int32_t crypto_bignum_compare(struct bignum *a __unused,
514 struct bignum *b __unused)
515 {
516 bignum_cant_happen();
517 return -1;
518 }
519 #endif
520
521 #if !defined(CFG_CRYPTO_RSA)
crypto_acipher_alloc_rsa_keypair(struct rsa_keypair * s __unused,size_t key_size_bits __unused)522 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused,
523 size_t key_size_bits __unused)
524 {
525 return TEE_ERROR_NOT_IMPLEMENTED;
526 }
527
528 TEE_Result
crypto_acipher_alloc_rsa_public_key(struct rsa_public_key * s __unused,size_t key_size_bits __unused)529 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused,
530 size_t key_size_bits __unused)
531 {
532 return TEE_ERROR_NOT_IMPLEMENTED;
533 }
534
crypto_acipher_free_rsa_public_key(struct rsa_public_key * s __unused)535 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused)
536 {
537 }
538
crypto_acipher_free_rsa_keypair(struct rsa_keypair * s __unused)539 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused)
540 {
541 }
542
crypto_acipher_gen_rsa_key(struct rsa_keypair * key __unused,size_t key_size __unused)543 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused,
544 size_t key_size __unused)
545 {
546 return TEE_ERROR_NOT_IMPLEMENTED;
547 }
548
crypto_acipher_rsanopad_decrypt(struct rsa_keypair * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)549 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused,
550 const uint8_t *src __unused,
551 size_t src_len __unused,
552 uint8_t *dst __unused,
553 size_t *dst_len __unused)
554 {
555 return TEE_ERROR_NOT_IMPLEMENTED;
556 }
557
crypto_acipher_rsanopad_encrypt(struct rsa_public_key * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)558 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused,
559 const uint8_t *src __unused,
560 size_t src_len __unused,
561 uint8_t *dst __unused,
562 size_t *dst_len __unused)
563 {
564 return TEE_ERROR_NOT_IMPLEMENTED;
565 }
566
crypto_acipher_rsaes_decrypt(uint32_t algo __unused,struct rsa_keypair * key __unused,const uint8_t * label __unused,size_t label_len __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)567 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused,
568 struct rsa_keypair *key __unused,
569 const uint8_t *label __unused,
570 size_t label_len __unused,
571 const uint8_t *src __unused,
572 size_t src_len __unused,
573 uint8_t *dst __unused,
574 size_t *dst_len __unused)
575 {
576 return TEE_ERROR_NOT_IMPLEMENTED;
577 }
578
crypto_acipher_rsaes_encrypt(uint32_t algo __unused,struct rsa_public_key * key __unused,const uint8_t * label __unused,size_t label_len __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)579 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused,
580 struct rsa_public_key *key __unused,
581 const uint8_t *label __unused,
582 size_t label_len __unused,
583 const uint8_t *src __unused,
584 size_t src_len __unused,
585 uint8_t *dst __unused,
586 size_t *dst_len __unused)
587 {
588 return TEE_ERROR_NOT_IMPLEMENTED;
589 }
590
crypto_acipher_rsassa_sign(uint32_t algo __unused,struct rsa_keypair * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)591 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused,
592 struct rsa_keypair *key __unused,
593 int salt_len __unused,
594 const uint8_t *msg __unused,
595 size_t msg_len __unused,
596 uint8_t *sig __unused,
597 size_t *sig_len __unused)
598 {
599 return TEE_ERROR_NOT_IMPLEMENTED;
600 }
601
crypto_acipher_rsassa_verify(uint32_t algo __unused,struct rsa_public_key * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)602 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused,
603 struct rsa_public_key *key __unused,
604 int salt_len __unused,
605 const uint8_t *msg __unused,
606 size_t msg_len __unused,
607 const uint8_t *sig __unused,
608 size_t sig_len __unused)
609 {
610 return TEE_ERROR_NOT_IMPLEMENTED;
611 }
612 #endif /*!CFG_CRYPTO_RSA*/
613
614 #if !defined(CFG_CRYPTO_DSA)
crypto_acipher_alloc_dsa_keypair(struct dsa_keypair * s __unused,size_t key_size_bits __unused)615 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused,
616 size_t key_size_bits __unused)
617 {
618 return TEE_ERROR_NOT_IMPLEMENTED;
619 }
620
621 TEE_Result
crypto_acipher_alloc_dsa_public_key(struct dsa_public_key * s __unused,size_t key_size_bits __unused)622 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused,
623 size_t key_size_bits __unused)
624 {
625 return TEE_ERROR_NOT_IMPLEMENTED;
626 }
627
crypto_acipher_gen_dsa_key(struct dsa_keypair * key __unused,size_t key_size __unused)628 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused,
629 size_t key_size __unused)
630 {
631 return TEE_ERROR_NOT_IMPLEMENTED;
632 }
633
crypto_acipher_dsa_sign(uint32_t algo __unused,struct dsa_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)634 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused,
635 struct dsa_keypair *key __unused,
636 const uint8_t *msg __unused,
637 size_t msg_len __unused,
638 uint8_t *sig __unused,
639 size_t *sig_len __unused)
640 {
641 return TEE_ERROR_NOT_IMPLEMENTED;
642 }
643
crypto_acipher_dsa_verify(uint32_t algo __unused,struct dsa_public_key * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)644 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused,
645 struct dsa_public_key *key __unused,
646 const uint8_t *msg __unused,
647 size_t msg_len __unused,
648 const uint8_t *sig __unused,
649 size_t sig_len __unused)
650 {
651 return TEE_ERROR_NOT_IMPLEMENTED;
652 }
653 #endif /*!CFG_CRYPTO_DSA*/
654
655 #if !defined(CFG_CRYPTO_DH)
crypto_acipher_alloc_dh_keypair(struct dh_keypair * s __unused,size_t key_size_bits __unused)656 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused,
657 size_t key_size_bits __unused)
658 {
659 return TEE_ERROR_NOT_IMPLEMENTED;
660 }
661
crypto_acipher_gen_dh_key(struct dh_keypair * key __unused,struct bignum * q __unused,size_t xbits __unused,size_t key_size __unused)662 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused,
663 struct bignum *q __unused,
664 size_t xbits __unused,
665 size_t key_size __unused)
666 {
667 return TEE_ERROR_NOT_IMPLEMENTED;
668 }
669
670 TEE_Result
crypto_acipher_dh_shared_secret(struct dh_keypair * private_key __unused,struct bignum * public_key __unused,struct bignum * secret __unused)671 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused,
672 struct bignum *public_key __unused,
673 struct bignum *secret __unused)
674 {
675 return TEE_ERROR_NOT_IMPLEMENTED;
676 }
677 #endif /*!CFG_CRYPTO_DH*/
678
crypto_acipher_alloc_ecc_public_key(struct ecc_public_key * key,uint32_t key_type,size_t key_size_bits)679 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key,
680 uint32_t key_type,
681 size_t key_size_bits)
682 {
683 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
684
685 /*
686 * Use default cryptographic implementation if no matching
687 * drvcrypt device.
688 */
689 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits);
690 if (res == TEE_ERROR_NOT_IMPLEMENTED)
691 res = crypto_asym_alloc_ecc_public_key(key, key_type,
692 key_size_bits);
693
694 return res;
695 }
696
crypto_acipher_alloc_ecc_keypair(struct ecc_keypair * key,uint32_t key_type,size_t key_size_bits)697 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key,
698 uint32_t key_type,
699 size_t key_size_bits)
700 {
701 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
702
703 /*
704 * Use default cryptographic implementation if no matching
705 * drvcrypt device.
706 */
707 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits);
708 if (res == TEE_ERROR_NOT_IMPLEMENTED)
709 res = crypto_asym_alloc_ecc_keypair(key, key_type,
710 key_size_bits);
711
712 return res;
713 }
714
crypto_acipher_free_ecc_public_key(struct ecc_public_key * key)715 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key)
716 {
717 assert(key->ops && key->ops->free);
718
719 key->ops->free(key);
720 }
721
crypto_acipher_gen_ecc_key(struct ecc_keypair * key,size_t key_size_bits)722 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key,
723 size_t key_size_bits)
724 {
725 assert(key->ops && key->ops->generate);
726
727 return key->ops->generate(key, key_size_bits);
728 }
729
crypto_acipher_ecc_sign(uint32_t algo,struct ecc_keypair * key,const uint8_t * msg,size_t msg_len,uint8_t * sig,size_t * sig_len)730 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key,
731 const uint8_t *msg, size_t msg_len,
732 uint8_t *sig, size_t *sig_len)
733 {
734 assert(key->ops);
735
736 if (!key->ops->sign)
737 return TEE_ERROR_NOT_IMPLEMENTED;
738
739 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len);
740 }
741
crypto_acipher_ecc_verify(uint32_t algo,struct ecc_public_key * key,const uint8_t * msg,size_t msg_len,const uint8_t * sig,size_t sig_len)742 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key,
743 const uint8_t *msg, size_t msg_len,
744 const uint8_t *sig, size_t sig_len)
745 {
746 assert(key->ops);
747
748 if (!key->ops->verify)
749 return TEE_ERROR_NOT_IMPLEMENTED;
750
751 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len);
752 }
753
crypto_acipher_ecc_shared_secret(struct ecc_keypair * private_key,struct ecc_public_key * public_key,void * secret,unsigned long * secret_len)754 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key,
755 struct ecc_public_key *public_key,
756 void *secret,
757 unsigned long *secret_len)
758 {
759 assert(private_key->ops);
760
761 if (!private_key->ops->shared_secret)
762 return TEE_ERROR_NOT_IMPLEMENTED;
763
764 return private_key->ops->shared_secret(private_key, public_key, secret,
765 secret_len);
766 }
767
crypto_acipher_sm2_pke_decrypt(struct ecc_keypair * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)768 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key,
769 const uint8_t *src, size_t src_len,
770 uint8_t *dst, size_t *dst_len)
771 {
772 assert(key->ops);
773
774 if (!key->ops->decrypt)
775 return TEE_ERROR_NOT_IMPLEMENTED;
776
777 return key->ops->decrypt(key, src, src_len, dst, dst_len);
778 }
779
crypto_acipher_sm2_pke_encrypt(struct ecc_public_key * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)780 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key,
781 const uint8_t *src, size_t src_len,
782 uint8_t *dst, size_t *dst_len)
783 {
784 assert(key->ops);
785
786 if (!key->ops->encrypt)
787 return TEE_ERROR_NOT_IMPLEMENTED;
788
789 return key->ops->encrypt(key, src, src_len, dst, dst_len);
790 }
791
792 #if !defined(CFG_CRYPTO_SM2_KEP)
crypto_acipher_sm2_kep_derive(struct ecc_keypair * my_key __unused,struct ecc_keypair * my_eph_key __unused,struct ecc_public_key * peer_key __unused,struct ecc_public_key * peer_eph_key __unused,struct sm2_kep_parms * p __unused)793 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused,
794 struct ecc_keypair *my_eph_key
795 __unused,
796 struct ecc_public_key *peer_key
797 __unused,
798 struct ecc_public_key *peer_eph_key
799 __unused,
800 struct sm2_kep_parms *p __unused)
801 {
802 return TEE_ERROR_NOT_IMPLEMENTED;
803 }
804 #endif
805
806 #if !defined(CFG_CRYPTO_X25519)
crypto_acipher_alloc_x25519_keypair(struct x25519_keypair * key __unused,size_t key_size_bits __unused)807 TEE_Result crypto_acipher_alloc_x25519_keypair(struct x25519_keypair *key
808 __unused,
809 size_t key_size_bits __unused)
810 {
811 return TEE_ERROR_NOT_IMPLEMENTED;
812 }
813
crypto_acipher_gen_x25519_key(struct x25519_keypair * key __unused,size_t key_size __unused)814 TEE_Result crypto_acipher_gen_x25519_key(struct x25519_keypair *key __unused,
815 size_t key_size __unused)
816 {
817 return TEE_ERROR_NOT_IMPLEMENTED;
818 }
819
crypto_acipher_x25519_shared_secret(struct x25519_keypair * private_key __unused,void * public_key __unused,void * secret __unused,unsigned long * secret_len __unused)820 TEE_Result crypto_acipher_x25519_shared_secret(struct x25519_keypair
821 *private_key __unused,
822 void *public_key __unused,
823 void *secret __unused,
824 unsigned long
825 *secret_len __unused)
826 {
827 return TEE_ERROR_NOT_IMPLEMENTED;
828 }
829 #endif
830
831 #if !defined(CFG_CRYPTO_ED25519)
crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair * key __unused,size_t key_size_bits __unused)832 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key
833 __unused,
834 size_t key_size_bits __unused)
835 {
836 return TEE_ERROR_NOT_IMPLEMENTED;
837 }
838
crypto_acipher_gen_ed25519_key(struct ed25519_keypair * key __unused,size_t key_size __unused)839 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key __unused,
840 size_t key_size __unused)
841 {
842 return TEE_ERROR_NOT_IMPLEMENTED;
843 }
844
crypto_acipher_ed25519_sign(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)845 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key __unused,
846 const uint8_t *msg __unused,
847 size_t msg_len __unused,
848 uint8_t *sig __unused,
849 size_t *sig_len __unused)
850 {
851 return TEE_ERROR_NOT_IMPLEMENTED;
852 }
853
crypto_acipher_ed25519_verify(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)854 TEE_Result crypto_acipher_ed25519_verify(struct ed25519_keypair *key __unused,
855 const uint8_t *msg __unused,
856 size_t msg_len __unused,
857 const uint8_t *sig __unused,
858 size_t sig_len __unused)
859 {
860 return TEE_ERROR_NOT_IMPLEMENTED;
861 }
862
crypto_acipher_ed25519ctx_sign(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused,bool ph_flag __unused,const uint8_t * ctx __unused,size_t ctxlen __unused)863 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key __unused,
864 const uint8_t *msg __unused,
865 size_t msg_len __unused,
866 uint8_t *sig __unused,
867 size_t *sig_len __unused,
868 bool ph_flag __unused,
869 const uint8_t *ctx __unused,
870 size_t ctxlen __unused)
871 {
872 return TEE_ERROR_NOT_IMPLEMENTED;
873 }
874
crypto_acipher_ed25519ctx_verify(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused,bool ph_flag __unused,const uint8_t * ctx __unused,size_t ctxlen __unused)875 TEE_Result crypto_acipher_ed25519ctx_verify(struct ed25519_keypair *key
876 __unused,
877 const uint8_t *msg __unused,
878 size_t msg_len __unused,
879 const uint8_t *sig __unused,
880 size_t sig_len __unused,
881 bool ph_flag __unused,
882 const uint8_t *ctx __unused,
883 size_t ctxlen __unused)
884 {
885 return TEE_ERROR_NOT_IMPLEMENTED;
886 }
887 #endif
888
crypto_storage_obj_del(struct tee_obj * obj __unused)889 __weak TEE_Result crypto_storage_obj_del(struct tee_obj *obj __unused)
890 {
891 return TEE_ERROR_NOT_IMPLEMENTED;
892 }
893