1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (c) 2018-2021, Linaro Limited
4 */
5
6 #include <assert.h>
7 #include <pkcs11_ta.h>
8 #include <tee_api_defines.h>
9 #include <tee_internal_api.h>
10 #include <tee_internal_api_extensions.h>
11
12 #include "attributes.h"
13 #include "object.h"
14 #include "pkcs11_token.h"
15 #include "processing.h"
16
17 enum pkcs11_rc
pkcs2tee_proc_params_rsa_pss(struct active_processing * proc,struct pkcs11_attribute_head * proc_params)18 pkcs2tee_proc_params_rsa_pss(struct active_processing *proc,
19 struct pkcs11_attribute_head *proc_params)
20 {
21 struct serialargs args = { };
22 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
23 struct rsa_pss_processing_ctx *ctx = NULL;
24 uint32_t hash = 0;
25 uint32_t mgf = 0;
26 uint32_t salt_len = 0;
27
28 serialargs_init(&args, proc_params->data, proc_params->size);
29
30 rc = serialargs_get_u32(&args, &hash);
31 if (rc)
32 return rc;
33
34 rc = serialargs_get_u32(&args, &mgf);
35 if (rc)
36 return rc;
37
38 rc = serialargs_get_u32(&args, &salt_len);
39 if (rc)
40 return rc;
41
42 if (serialargs_remaining_bytes(&args))
43 return PKCS11_CKR_ARGUMENTS_BAD;
44
45 proc->extra_ctx = TEE_Malloc(sizeof(struct rsa_pss_processing_ctx),
46 TEE_USER_MEM_HINT_NO_FILL_ZERO);
47 if (!proc->extra_ctx)
48 return PKCS11_CKR_DEVICE_MEMORY;
49
50 ctx = proc->extra_ctx;
51
52 ctx->hash_alg = hash;
53 ctx->mgf_type = mgf;
54 ctx->salt_len = salt_len;
55
56 return PKCS11_CKR_OK;
57 }
58
pkcs2tee_validate_rsa_pss(struct active_processing * proc,struct pkcs11_object * obj)59 enum pkcs11_rc pkcs2tee_validate_rsa_pss(struct active_processing *proc,
60 struct pkcs11_object *obj)
61 {
62 struct rsa_pss_processing_ctx *rsa_pss_ctx = NULL;
63 size_t modulus_size = 0;
64 size_t hash_size = 0;
65 uint32_t k = 0;
66
67 rsa_pss_ctx = proc->extra_ctx;
68 assert(rsa_pss_ctx);
69
70 switch (rsa_pss_ctx->hash_alg) {
71 case PKCS11_CKM_SHA_1:
72 hash_size = TEE_ALG_GET_DIGEST_SIZE(TEE_ALG_SHA1);
73 break;
74 case PKCS11_CKM_SHA224:
75 hash_size = TEE_ALG_GET_DIGEST_SIZE(TEE_ALG_SHA224);
76 break;
77 case PKCS11_CKM_SHA256:
78 hash_size = TEE_ALG_GET_DIGEST_SIZE(TEE_ALG_SHA256);
79 break;
80 case PKCS11_CKM_SHA384:
81 hash_size = TEE_ALG_GET_DIGEST_SIZE(TEE_ALG_SHA384);
82 break;
83 case PKCS11_CKM_SHA512:
84 hash_size = TEE_ALG_GET_DIGEST_SIZE(TEE_ALG_SHA512);
85 break;
86 default:
87 assert(0);
88 break;
89 }
90
91 modulus_size = get_object_key_bit_size(obj);
92
93 /**
94 * The sLen field must be less than or equal to k*-2-hLen where
95 * hLen is the length in bytes of the hash value. k* is the
96 * length in bytes of the RSA modulus, except if the length in
97 * bits of the RSA modulus is one more than a multiple of 8, in
98 * which case k* is one less than the length in bytes of the
99 * RSA modulus.
100 */
101 if ((modulus_size % 8) == 1)
102 k = modulus_size / 8;
103 else
104 k = ROUNDUP(modulus_size, 8) / 8;
105
106 if (rsa_pss_ctx->salt_len > (k - 2 - hash_size))
107 return PKCS11_CKR_KEY_SIZE_RANGE;
108
109 return PKCS11_CKR_OK;
110 }
111
112 /*
113 * Check or set TEE algorithm identifier upon PKCS11 mechanism parameters
114 * @tee_id: Input and/or output TEE algorithm identifier
115 * @proc_params: PKCS11 processing parameters
116 */
pkcs2tee_algo_rsa_pss(uint32_t * tee_id,struct pkcs11_attribute_head * proc_params)117 enum pkcs11_rc pkcs2tee_algo_rsa_pss(uint32_t *tee_id,
118 struct pkcs11_attribute_head *proc_params)
119 {
120 struct serialargs args = { };
121 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
122 uint32_t hash = 0;
123 uint32_t mgf = 0;
124 uint32_t salt_len = 0;
125
126 serialargs_init(&args, proc_params->data, proc_params->size);
127
128 rc = serialargs_get_u32(&args, &hash);
129 if (rc)
130 return rc;
131
132 rc = serialargs_get_u32(&args, &mgf);
133 if (rc)
134 return rc;
135
136 rc = serialargs_get_u32(&args, &salt_len);
137 if (rc)
138 return rc;
139
140 if (serialargs_remaining_bytes(&args))
141 return PKCS11_CKR_ARGUMENTS_BAD;
142
143 if (proc_params->id == PKCS11_CKM_RSA_PKCS_PSS) {
144 if (hash == PKCS11_CKM_SHA_1 && mgf == PKCS11_CKG_MGF1_SHA1) {
145 *tee_id = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1;
146 return PKCS11_CKR_OK;
147 }
148 if (hash == PKCS11_CKM_SHA224 &&
149 mgf == PKCS11_CKG_MGF1_SHA224) {
150 *tee_id = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224;
151 return PKCS11_CKR_OK;
152 }
153 if (hash == PKCS11_CKM_SHA256 &&
154 mgf == PKCS11_CKG_MGF1_SHA256) {
155 *tee_id = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256;
156 return PKCS11_CKR_OK;
157 }
158 if (hash == PKCS11_CKM_SHA384 &&
159 mgf == PKCS11_CKG_MGF1_SHA384) {
160 *tee_id = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384;
161 return PKCS11_CKR_OK;
162 }
163 if (hash == PKCS11_CKM_SHA512 &&
164 mgf == PKCS11_CKG_MGF1_SHA512) {
165 *tee_id = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512;
166 return PKCS11_CKR_OK;
167 }
168 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
169 }
170
171 switch (*tee_id) {
172 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
173 if (hash != PKCS11_CKM_SHA_1 || mgf != PKCS11_CKG_MGF1_SHA1)
174 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
175 break;
176 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
177 if (hash != PKCS11_CKM_SHA224 || mgf != PKCS11_CKG_MGF1_SHA224)
178 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
179 break;
180 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
181 if (hash != PKCS11_CKM_SHA256 || mgf != PKCS11_CKG_MGF1_SHA256)
182 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
183 break;
184 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
185 if (hash != PKCS11_CKM_SHA384 || mgf != PKCS11_CKG_MGF1_SHA384)
186 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
187 break;
188 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
189 if (hash != PKCS11_CKM_SHA512 || mgf != PKCS11_CKG_MGF1_SHA512)
190 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
191 break;
192 default:
193 return PKCS11_CKR_GENERAL_ERROR;
194 }
195
196 return PKCS11_CKR_OK;
197 }
198
199 enum pkcs11_rc
pkcs2tee_proc_params_rsa_oaep(struct active_processing * proc,struct pkcs11_attribute_head * proc_params)200 pkcs2tee_proc_params_rsa_oaep(struct active_processing *proc,
201 struct pkcs11_attribute_head *proc_params)
202 {
203 struct serialargs args = { };
204 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
205 struct rsa_oaep_processing_ctx *ctx = NULL;
206 uint32_t hash = 0;
207 uint32_t mgf = 0;
208 uint32_t source_type = 0;
209 void *source_data = NULL;
210 uint32_t source_size = 0;
211
212 serialargs_init(&args, proc_params->data, proc_params->size);
213
214 rc = serialargs_get_u32(&args, &hash);
215 if (rc)
216 return rc;
217
218 rc = serialargs_get_u32(&args, &mgf);
219 if (rc)
220 return rc;
221
222 rc = serialargs_get_u32(&args, &source_type);
223 if (rc)
224 return rc;
225
226 rc = serialargs_get_u32(&args, &source_size);
227 if (rc)
228 return rc;
229
230 rc = serialargs_get_ptr(&args, &source_data, source_size);
231 if (rc)
232 return rc;
233
234 if (serialargs_remaining_bytes(&args))
235 return PKCS11_CKR_ARGUMENTS_BAD;
236
237 proc->extra_ctx = TEE_Malloc(sizeof(struct rsa_oaep_processing_ctx) +
238 source_size,
239 TEE_USER_MEM_HINT_NO_FILL_ZERO);
240 if (!proc->extra_ctx)
241 return PKCS11_CKR_DEVICE_MEMORY;
242
243 ctx = proc->extra_ctx;
244
245 ctx->hash_alg = hash;
246 ctx->mgf_type = mgf;
247 ctx->source_type = source_type;
248 ctx->source_data_len = source_size;
249 TEE_MemMove(ctx->source_data, source_data, source_size);
250
251 return PKCS11_CKR_OK;
252 }
253
254 enum pkcs11_rc
pkcs2tee_proc_params_rsa_aes_wrap(struct active_processing * proc,struct pkcs11_attribute_head * proc_params)255 pkcs2tee_proc_params_rsa_aes_wrap(struct active_processing *proc,
256 struct pkcs11_attribute_head *proc_params)
257 {
258 struct serialargs args = { };
259 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
260 struct rsa_aes_key_wrap_processing_ctx *ctx = NULL;
261 uint32_t aes_key_bits = 0;
262 uint32_t hash = 0;
263 uint32_t mgf = 0;
264 uint32_t source_type = 0;
265 void *source_data = NULL;
266 uint32_t source_size = 0;
267
268 serialargs_init(&args, proc_params->data, proc_params->size);
269
270 rc = serialargs_get_u32(&args, &aes_key_bits);
271 if (rc)
272 return rc;
273
274 rc = serialargs_get_u32(&args, &hash);
275 if (rc)
276 return rc;
277
278 rc = serialargs_get_u32(&args, &mgf);
279 if (rc)
280 return rc;
281
282 rc = serialargs_get_u32(&args, &source_type);
283 if (rc)
284 return rc;
285
286 rc = serialargs_get_u32(&args, &source_size);
287 if (rc)
288 return rc;
289
290 rc = serialargs_get_ptr(&args, &source_data, source_size);
291 if (rc)
292 return rc;
293
294 if (serialargs_remaining_bytes(&args))
295 return PKCS11_CKR_ARGUMENTS_BAD;
296
297 proc->extra_ctx =
298 TEE_Malloc(sizeof(struct rsa_aes_key_wrap_processing_ctx) +
299 source_size,
300 TEE_USER_MEM_HINT_NO_FILL_ZERO);
301 if (!proc->extra_ctx)
302 return PKCS11_CKR_DEVICE_MEMORY;
303
304 ctx = proc->extra_ctx;
305
306 ctx->aes_key_bits = aes_key_bits;
307 ctx->hash_alg = hash;
308 ctx->mgf_type = mgf;
309 ctx->source_type = source_type;
310 ctx->source_data_len = source_size;
311 TEE_MemMove(ctx->source_data, source_data, source_size);
312
313 return PKCS11_CKR_OK;
314 }
315
316 /*
317 * Set TEE RSA OAEP algorithm identifier upon PKCS11 mechanism parameters
318 * @tee_id: output TEE RSA OAEP algorithm identifier
319 * @tee_hash_id: output TEE hash algorithm identifier
320 * @proc_params: PKCS11 processing parameters
321 */
322 enum pkcs11_rc
pkcs2tee_algo_rsa_oaep(uint32_t * tee_id,uint32_t * tee_hash_id,struct pkcs11_attribute_head * proc_params)323 pkcs2tee_algo_rsa_oaep(uint32_t *tee_id, uint32_t *tee_hash_id,
324 struct pkcs11_attribute_head *proc_params)
325 {
326 struct serialargs args = { };
327 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
328 uint32_t hash = 0;
329 uint32_t mgf = 0;
330 uint32_t source_type = 0;
331 void *source_data = NULL;
332 uint32_t source_size = 0;
333
334 serialargs_init(&args, proc_params->data, proc_params->size);
335
336 rc = serialargs_get_u32(&args, &hash);
337 if (rc)
338 return rc;
339
340 rc = serialargs_get_u32(&args, &mgf);
341 if (rc)
342 return rc;
343
344 rc = serialargs_get_u32(&args, &source_type);
345 if (rc)
346 return rc;
347
348 rc = serialargs_get_u32(&args, &source_size);
349 if (rc)
350 return rc;
351
352 rc = serialargs_get_ptr(&args, &source_data, source_size);
353 if (rc)
354 return rc;
355
356 if (serialargs_remaining_bytes(&args))
357 return PKCS11_CKR_ARGUMENTS_BAD;
358
359 if (source_type != PKCS11_CKZ_DATA_SPECIFIED)
360 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
361
362 switch (proc_params->id) {
363 case PKCS11_CKM_RSA_PKCS_OAEP:
364 switch (hash) {
365 case PKCS11_CKM_SHA_1:
366 if (mgf != PKCS11_CKG_MGF1_SHA1)
367 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
368 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1;
369 *tee_hash_id = TEE_ALG_SHA1;
370 break;
371 case PKCS11_CKM_SHA224:
372 if (mgf != PKCS11_CKG_MGF1_SHA224)
373 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
374 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224;
375 *tee_hash_id = TEE_ALG_SHA224;
376 break;
377 case PKCS11_CKM_SHA256:
378 if (mgf != PKCS11_CKG_MGF1_SHA256)
379 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
380 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256;
381 *tee_hash_id = TEE_ALG_SHA256;
382 break;
383 case PKCS11_CKM_SHA384:
384 if (mgf != PKCS11_CKG_MGF1_SHA384)
385 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
386 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384;
387 *tee_hash_id = TEE_ALG_SHA384;
388 break;
389 case PKCS11_CKM_SHA512:
390 if (mgf != PKCS11_CKG_MGF1_SHA512)
391 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
392 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512;
393 *tee_hash_id = TEE_ALG_SHA512;
394 break;
395 default:
396 EMSG("Unexpected %#"PRIx32"/%s", hash,
397 id2str_proc(hash));
398
399 return PKCS11_CKR_GENERAL_ERROR;
400 }
401 break;
402 default:
403 EMSG("Unexpected mechanism %#"PRIx32"/%s", proc_params->id,
404 id2str_proc(proc_params->id));
405
406 return PKCS11_CKR_GENERAL_ERROR;
407 }
408
409 return PKCS11_CKR_OK;
410 }
411
412 enum pkcs11_rc
pkcs2tee_algo_rsa_aes_wrap(uint32_t * tee_id,uint32_t * tee_hash_id,struct pkcs11_attribute_head * proc_params)413 pkcs2tee_algo_rsa_aes_wrap(uint32_t *tee_id, uint32_t *tee_hash_id,
414 struct pkcs11_attribute_head *proc_params)
415 {
416 struct serialargs args = { };
417 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
418 uint32_t aes_key_bits = 0;
419 uint32_t hash = 0;
420 uint32_t mgf = 0;
421 uint32_t source_type = 0;
422 void *source_data = NULL;
423 uint32_t source_size = 0;
424
425 serialargs_init(&args, proc_params->data, proc_params->size);
426
427 rc = serialargs_get_u32(&args, &aes_key_bits);
428 if (rc)
429 return rc;
430
431 rc = serialargs_get_u32(&args, &hash);
432 if (rc)
433 return rc;
434
435 rc = serialargs_get_u32(&args, &mgf);
436 if (rc)
437 return rc;
438
439 rc = serialargs_get_u32(&args, &source_type);
440 if (rc)
441 return rc;
442
443 rc = serialargs_get_u32(&args, &source_size);
444 if (rc)
445 return rc;
446
447 rc = serialargs_get_ptr(&args, &source_data, source_size);
448 if (rc)
449 return rc;
450
451 if (serialargs_remaining_bytes(&args))
452 return PKCS11_CKR_ARGUMENTS_BAD;
453
454 if (source_type != PKCS11_CKZ_DATA_SPECIFIED)
455 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
456
457 switch (proc_params->id) {
458 case PKCS11_CKM_RSA_AES_KEY_WRAP:
459 switch (hash) {
460 case PKCS11_CKM_SHA_1:
461 if (mgf != PKCS11_CKG_MGF1_SHA1)
462 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
463 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1;
464 *tee_hash_id = TEE_ALG_SHA1;
465 break;
466 case PKCS11_CKM_SHA224:
467 if (mgf != PKCS11_CKG_MGF1_SHA224)
468 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
469 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224;
470 *tee_hash_id = TEE_ALG_SHA224;
471 break;
472 case PKCS11_CKM_SHA256:
473 if (mgf != PKCS11_CKG_MGF1_SHA256)
474 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
475 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256;
476 *tee_hash_id = TEE_ALG_SHA256;
477 break;
478 case PKCS11_CKM_SHA384:
479 if (mgf != PKCS11_CKG_MGF1_SHA384)
480 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
481 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384;
482 *tee_hash_id = TEE_ALG_SHA384;
483 break;
484 case PKCS11_CKM_SHA512:
485 if (mgf != PKCS11_CKG_MGF1_SHA512)
486 return PKCS11_CKR_MECHANISM_PARAM_INVALID;
487 *tee_id = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512;
488 *tee_hash_id = TEE_ALG_SHA512;
489 break;
490 default:
491 EMSG("Unexpected %#"PRIx32"/%s", hash,
492 id2str_proc(hash));
493
494 return PKCS11_CKR_GENERAL_ERROR;
495 }
496 break;
497 default:
498 EMSG("Unexpected mechanism %#"PRIx32"/%s", proc_params->id,
499 id2str_proc(proc_params->id));
500
501 return PKCS11_CKR_GENERAL_ERROR;
502 }
503
504 return PKCS11_CKR_OK;
505 }
506
load_tee_rsa_key_attrs(TEE_Attribute ** tee_attrs,size_t * tee_count,struct pkcs11_object * obj)507 enum pkcs11_rc load_tee_rsa_key_attrs(TEE_Attribute **tee_attrs,
508 size_t *tee_count,
509 struct pkcs11_object *obj)
510 {
511 TEE_Attribute *attrs = NULL;
512 size_t count = 0;
513 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
514 void *a_ptr = NULL;
515
516 assert(get_key_type(obj->attributes) == PKCS11_CKK_RSA);
517
518 switch (get_class(obj->attributes)) {
519 case PKCS11_CKO_PUBLIC_KEY:
520 attrs = TEE_Malloc(2 * sizeof(TEE_Attribute),
521 TEE_USER_MEM_HINT_NO_FILL_ZERO);
522 if (!attrs)
523 return PKCS11_CKR_DEVICE_MEMORY;
524
525 if (pkcs2tee_load_attr(&attrs[count], TEE_ATTR_RSA_MODULUS,
526 obj, PKCS11_CKA_MODULUS))
527 count++;
528
529 if (pkcs2tee_load_attr(&attrs[count],
530 TEE_ATTR_RSA_PUBLIC_EXPONENT, obj,
531 PKCS11_CKA_PUBLIC_EXPONENT))
532 count++;
533
534 if (count == 2)
535 rc = PKCS11_CKR_OK;
536
537 break;
538
539 case PKCS11_CKO_PRIVATE_KEY:
540 attrs = TEE_Malloc(8 * sizeof(TEE_Attribute),
541 TEE_USER_MEM_HINT_NO_FILL_ZERO);
542 if (!attrs)
543 return PKCS11_CKR_DEVICE_MEMORY;
544
545 if (pkcs2tee_load_attr(&attrs[count], TEE_ATTR_RSA_MODULUS,
546 obj, PKCS11_CKA_MODULUS))
547 count++;
548
549 if (pkcs2tee_load_attr(&attrs[count],
550 TEE_ATTR_RSA_PUBLIC_EXPONENT, obj,
551 PKCS11_CKA_PUBLIC_EXPONENT))
552 count++;
553
554 if (pkcs2tee_load_attr(&attrs[count],
555 TEE_ATTR_RSA_PRIVATE_EXPONENT, obj,
556 PKCS11_CKA_PRIVATE_EXPONENT))
557 count++;
558
559 if (count != 3)
560 break;
561
562 /* If pre-computed values are present load those */
563 rc = get_attribute_ptr(obj->attributes, PKCS11_CKA_PRIME_1,
564 &a_ptr, NULL);
565 if (rc != PKCS11_CKR_OK && rc != PKCS11_RV_NOT_FOUND)
566 break;
567 if (rc == PKCS11_RV_NOT_FOUND || !a_ptr) {
568 rc = PKCS11_CKR_OK;
569 break;
570 }
571
572 if (pkcs2tee_load_attr(&attrs[count], TEE_ATTR_RSA_PRIME1, obj,
573 PKCS11_CKA_PRIME_1))
574 count++;
575
576 if (pkcs2tee_load_attr(&attrs[count], TEE_ATTR_RSA_PRIME2, obj,
577 PKCS11_CKA_PRIME_2))
578 count++;
579
580 if (pkcs2tee_load_attr(&attrs[count], TEE_ATTR_RSA_EXPONENT1,
581 obj, PKCS11_CKA_EXPONENT_1))
582 count++;
583
584 if (pkcs2tee_load_attr(&attrs[count], TEE_ATTR_RSA_EXPONENT2,
585 obj, PKCS11_CKA_EXPONENT_2))
586 count++;
587
588 if (pkcs2tee_load_attr(&attrs[count], TEE_ATTR_RSA_COEFFICIENT,
589 obj, PKCS11_CKA_COEFFICIENT))
590 count++;
591
592 if (count == 8)
593 rc = PKCS11_CKR_OK;
594
595 break;
596
597 default:
598 assert(0);
599 break;
600 }
601
602 if (rc == PKCS11_CKR_OK) {
603 *tee_attrs = attrs;
604 *tee_count = count;
605 } else {
606 TEE_Free(attrs);
607 }
608
609 return rc;
610 }
611
tee2pkcs_rsa_attributes(struct obj_attrs ** pub_head,struct obj_attrs ** priv_head,TEE_ObjectHandle tee_obj)612 static enum pkcs11_rc tee2pkcs_rsa_attributes(struct obj_attrs **pub_head,
613 struct obj_attrs **priv_head,
614 TEE_ObjectHandle tee_obj)
615 {
616 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
617 void *a_ptr = NULL;
618
619 rc = tee2pkcs_add_attribute(pub_head, PKCS11_CKA_MODULUS, tee_obj,
620 TEE_ATTR_RSA_MODULUS);
621 if (rc)
622 goto out;
623
624 rc = get_attribute_ptr(*pub_head, PKCS11_CKA_PUBLIC_EXPONENT, &a_ptr,
625 NULL);
626 if (rc != PKCS11_CKR_OK && rc != PKCS11_RV_NOT_FOUND)
627 goto out;
628
629 if (rc == PKCS11_CKR_OK && !a_ptr) {
630 rc = remove_empty_attribute(pub_head,
631 PKCS11_CKA_PUBLIC_EXPONENT);
632 if (rc)
633 goto out;
634 rc = PKCS11_RV_NOT_FOUND;
635 }
636
637 if (rc == PKCS11_RV_NOT_FOUND) {
638 rc = tee2pkcs_add_attribute(pub_head,
639 PKCS11_CKA_PUBLIC_EXPONENT,
640 tee_obj,
641 TEE_ATTR_RSA_PUBLIC_EXPONENT);
642 if (rc)
643 goto out;
644 }
645
646 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_MODULUS, tee_obj,
647 TEE_ATTR_RSA_MODULUS);
648 if (rc)
649 goto out;
650
651 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_PUBLIC_EXPONENT,
652 tee_obj, TEE_ATTR_RSA_PUBLIC_EXPONENT);
653 if (rc)
654 goto out;
655
656 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_PRIVATE_EXPONENT,
657 tee_obj, TEE_ATTR_RSA_PRIVATE_EXPONENT);
658 if (rc)
659 goto out;
660
661 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_PRIME_1, tee_obj,
662 TEE_ATTR_RSA_PRIME1);
663 if (rc)
664 goto out;
665
666 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_PRIME_2, tee_obj,
667 TEE_ATTR_RSA_PRIME2);
668 if (rc)
669 goto out;
670
671 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_EXPONENT_1, tee_obj,
672 TEE_ATTR_RSA_EXPONENT1);
673 if (rc)
674 goto out;
675
676 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_EXPONENT_2, tee_obj,
677 TEE_ATTR_RSA_EXPONENT2);
678 if (rc)
679 goto out;
680
681 rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_COEFFICIENT, tee_obj,
682 TEE_ATTR_RSA_COEFFICIENT);
683 out:
684 return rc;
685 }
686
generate_rsa_keys(struct pkcs11_attribute_head * proc_params,struct obj_attrs ** pub_head,struct obj_attrs ** priv_head)687 enum pkcs11_rc generate_rsa_keys(struct pkcs11_attribute_head *proc_params,
688 struct obj_attrs **pub_head,
689 struct obj_attrs **priv_head)
690 {
691 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR;
692 void *a_ptr = NULL;
693 uint32_t a_size = 0;
694 TEE_ObjectHandle tee_obj = TEE_HANDLE_NULL;
695 TEE_Result res = TEE_ERROR_GENERIC;
696 uint32_t modulus_bits = 0;
697 TEE_Attribute tee_attrs[1] = { };
698 uint32_t tee_count = 0;
699
700 if (!proc_params || !*pub_head || !*priv_head)
701 return PKCS11_CKR_TEMPLATE_INCONSISTENT;
702
703 rc = get_attribute_ptr(*pub_head, PKCS11_CKA_MODULUS_BITS, &a_ptr,
704 &a_size);
705 if (rc != PKCS11_CKR_OK || a_size != sizeof(uint32_t))
706 return PKCS11_CKR_TEMPLATE_INCONSISTENT;
707
708 TEE_MemMove(&modulus_bits, a_ptr, sizeof(uint32_t));
709
710 rc = get_attribute_ptr(*pub_head, PKCS11_CKA_PUBLIC_EXPONENT, &a_ptr,
711 &a_size);
712 if (rc != PKCS11_CKR_OK && rc != PKCS11_RV_NOT_FOUND)
713 return rc;
714
715 if (rc == PKCS11_CKR_OK && a_ptr) {
716 TEE_InitRefAttribute(&tee_attrs[tee_count],
717 TEE_ATTR_RSA_PUBLIC_EXPONENT,
718 a_ptr, a_size);
719 tee_count++;
720 }
721
722 if (remove_empty_attribute(priv_head, PKCS11_CKA_MODULUS) ||
723 remove_empty_attribute(priv_head, PKCS11_CKA_PUBLIC_EXPONENT) ||
724 remove_empty_attribute(priv_head, PKCS11_CKA_PRIVATE_EXPONENT) ||
725 remove_empty_attribute(priv_head, PKCS11_CKA_PRIME_1) ||
726 remove_empty_attribute(priv_head, PKCS11_CKA_PRIME_2) ||
727 remove_empty_attribute(priv_head, PKCS11_CKA_EXPONENT_1) ||
728 remove_empty_attribute(priv_head, PKCS11_CKA_EXPONENT_2) ||
729 remove_empty_attribute(priv_head, PKCS11_CKA_COEFFICIENT)) {
730 EMSG("Unexpected attribute(s) found");
731 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT;
732 goto out;
733 }
734
735 /* Create an RSA TEE key */
736 res = TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, modulus_bits,
737 &tee_obj);
738 if (res) {
739 DMSG("TEE_AllocateTransientObject failed %#"PRIx32, res);
740
741 rc = tee2pkcs_error(res);
742 goto out;
743 }
744
745 res = TEE_RestrictObjectUsage1(tee_obj, TEE_USAGE_EXTRACTABLE);
746 if (res) {
747 DMSG("TEE_RestrictObjectUsage1 failed %#"PRIx32, res);
748
749 rc = tee2pkcs_error(res);
750 goto out;
751 }
752
753 res = TEE_GenerateKey(tee_obj, modulus_bits, tee_attrs, tee_count);
754 if (res) {
755 DMSG("TEE_GenerateKey failed %#"PRIx32, res);
756
757 rc = tee2pkcs_error(res);
758 goto out;
759 }
760
761 rc = tee2pkcs_rsa_attributes(pub_head, priv_head, tee_obj);
762
763 out:
764 if (tee_obj != TEE_HANDLE_NULL)
765 TEE_CloseObject(tee_obj);
766
767 return rc;
768 }
769
rsa_get_input_max_byte_size(TEE_OperationHandle op)770 size_t rsa_get_input_max_byte_size(TEE_OperationHandle op)
771 {
772 TEE_OperationInfo info = { };
773
774 TEE_GetOperationInfo(op, &info);
775
776 return info.maxKeySize / 8;
777 }
778