1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (c) 2017, Linaro Limited
4 * Copyright 2020 NXP
5 * Copyright 2021, SumUp Service GmbH
6 */
7
8 #include <assert.h>
9 #include <compiler.h>
10 #include <crypto/crypto.h>
11 #include <crypto/crypto_impl.h>
12 #include <kernel/panic.h>
13 #include <stdlib.h>
14 #include <utee_defines.h>
15
crypto_hash_alloc_ctx(void ** ctx,uint32_t algo)16 TEE_Result crypto_hash_alloc_ctx(void **ctx, uint32_t algo)
17 {
18 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
19 struct crypto_hash_ctx *c = NULL;
20
21 /*
22 * Use default cryptographic implementation if no matching
23 * drvcrypt device.
24 */
25 res = drvcrypt_hash_alloc_ctx(&c, algo);
26
27 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
28 switch (algo) {
29 case TEE_ALG_MD5:
30 res = crypto_md5_alloc_ctx(&c);
31 break;
32 case TEE_ALG_SHA1:
33 res = crypto_sha1_alloc_ctx(&c);
34 break;
35 case TEE_ALG_SHA224:
36 res = crypto_sha224_alloc_ctx(&c);
37 break;
38 case TEE_ALG_SHA256:
39 res = crypto_sha256_alloc_ctx(&c);
40 break;
41 case TEE_ALG_SHA384:
42 res = crypto_sha384_alloc_ctx(&c);
43 break;
44 case TEE_ALG_SHA512:
45 res = crypto_sha512_alloc_ctx(&c);
46 break;
47 case TEE_ALG_SHA3_224:
48 res = crypto_sha3_224_alloc_ctx(&c);
49 break;
50 case TEE_ALG_SHA3_256:
51 res = crypto_sha3_256_alloc_ctx(&c);
52 break;
53 case TEE_ALG_SHA3_384:
54 res = crypto_sha3_384_alloc_ctx(&c);
55 break;
56 case TEE_ALG_SHA3_512:
57 res = crypto_sha3_512_alloc_ctx(&c);
58 break;
59 case TEE_ALG_SHAKE128:
60 res = crypto_shake128_alloc_ctx(&c);
61 break;
62 case TEE_ALG_SHAKE256:
63 res = crypto_shake256_alloc_ctx(&c);
64 break;
65 case TEE_ALG_SM3:
66 res = crypto_sm3_alloc_ctx(&c);
67 break;
68 default:
69 break;
70 }
71 }
72
73 if (!res)
74 *ctx = c;
75
76 return res;
77 }
78
hash_ops(void * ctx)79 static const struct crypto_hash_ops *hash_ops(void *ctx)
80 {
81 struct crypto_hash_ctx *c = ctx;
82
83 assert(c && c->ops);
84
85 return c->ops;
86 }
87
crypto_hash_free_ctx(void * ctx)88 void crypto_hash_free_ctx(void *ctx)
89 {
90 if (ctx)
91 hash_ops(ctx)->free_ctx(ctx);
92 }
93
crypto_hash_copy_state(void * dst_ctx,void * src_ctx)94 void crypto_hash_copy_state(void *dst_ctx, void *src_ctx)
95 {
96 hash_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
97 }
98
crypto_hash_init(void * ctx)99 TEE_Result crypto_hash_init(void *ctx)
100 {
101 return hash_ops(ctx)->init(ctx);
102 }
103
crypto_hash_update(void * ctx,const uint8_t * data,size_t len)104 TEE_Result crypto_hash_update(void *ctx, const uint8_t *data, size_t len)
105 {
106 return hash_ops(ctx)->update(ctx, data, len);
107 }
108
crypto_hash_final(void * ctx,uint8_t * digest,size_t len)109 TEE_Result crypto_hash_final(void *ctx, uint8_t *digest, size_t len)
110 {
111 return hash_ops(ctx)->final(ctx, digest, len);
112 }
113
crypto_cipher_alloc_ctx(void ** ctx,uint32_t algo)114 TEE_Result crypto_cipher_alloc_ctx(void **ctx, uint32_t algo)
115 {
116 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
117 struct crypto_cipher_ctx *c = NULL;
118
119 /*
120 * Use default cryptographic implementation if no matching
121 * drvcrypt device.
122 */
123 res = drvcrypt_cipher_alloc_ctx(&c, algo);
124
125 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
126 switch (algo) {
127 case TEE_ALG_AES_ECB_NOPAD:
128 res = crypto_aes_ecb_alloc_ctx(&c);
129 break;
130 case TEE_ALG_AES_CBC_NOPAD:
131 res = crypto_aes_cbc_alloc_ctx(&c);
132 break;
133 case TEE_ALG_AES_CTR:
134 res = crypto_aes_ctr_alloc_ctx(&c);
135 break;
136 case TEE_ALG_AES_CTS:
137 res = crypto_aes_cts_alloc_ctx(&c);
138 break;
139 case TEE_ALG_AES_XTS:
140 res = crypto_aes_xts_alloc_ctx(&c);
141 break;
142 case TEE_ALG_DES_ECB_NOPAD:
143 res = crypto_des_ecb_alloc_ctx(&c);
144 break;
145 case TEE_ALG_DES3_ECB_NOPAD:
146 res = crypto_des3_ecb_alloc_ctx(&c);
147 break;
148 case TEE_ALG_DES_CBC_NOPAD:
149 res = crypto_des_cbc_alloc_ctx(&c);
150 break;
151 case TEE_ALG_DES3_CBC_NOPAD:
152 res = crypto_des3_cbc_alloc_ctx(&c);
153 break;
154 case TEE_ALG_SM4_ECB_NOPAD:
155 res = crypto_sm4_ecb_alloc_ctx(&c);
156 break;
157 case TEE_ALG_SM4_CBC_NOPAD:
158 res = crypto_sm4_cbc_alloc_ctx(&c);
159 break;
160 case TEE_ALG_SM4_CTR:
161 res = crypto_sm4_ctr_alloc_ctx(&c);
162 break;
163 case TEE_ALG_SM4_XTS:
164 res = crypto_sm4_xts_alloc_ctx(&c);
165 break;
166 default:
167 return TEE_ERROR_NOT_IMPLEMENTED;
168 }
169 }
170
171 if (!res)
172 *ctx = c;
173
174 return res;
175 }
176
cipher_ops(void * ctx)177 static const struct crypto_cipher_ops *cipher_ops(void *ctx)
178 {
179 struct crypto_cipher_ctx *c = ctx;
180
181 assert(c && c->ops);
182
183 return c->ops;
184 }
185
crypto_cipher_free_ctx(void * ctx)186 void crypto_cipher_free_ctx(void *ctx)
187 {
188 if (ctx)
189 cipher_ops(ctx)->free_ctx(ctx);
190 }
191
crypto_cipher_copy_state(void * dst_ctx,void * src_ctx)192 void crypto_cipher_copy_state(void *dst_ctx, void *src_ctx)
193 {
194 cipher_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
195 }
196
crypto_cipher_init(void * ctx,TEE_OperationMode mode,const uint8_t * key1,size_t key1_len,const uint8_t * key2,size_t key2_len,const uint8_t * iv,size_t iv_len)197 TEE_Result crypto_cipher_init(void *ctx, TEE_OperationMode mode,
198 const uint8_t *key1, size_t key1_len,
199 const uint8_t *key2, size_t key2_len,
200 const uint8_t *iv, size_t iv_len)
201 {
202 if (mode != TEE_MODE_DECRYPT && mode != TEE_MODE_ENCRYPT)
203 return TEE_ERROR_BAD_PARAMETERS;
204
205 return cipher_ops(ctx)->init(ctx, mode, key1, key1_len, key2, key2_len,
206 iv, iv_len);
207 }
208
crypto_cipher_update(void * ctx,TEE_OperationMode mode __unused,bool last_block,const uint8_t * data,size_t len,uint8_t * dst)209 TEE_Result crypto_cipher_update(void *ctx, TEE_OperationMode mode __unused,
210 bool last_block, const uint8_t *data,
211 size_t len, uint8_t *dst)
212 {
213 return cipher_ops(ctx)->update(ctx, last_block, data, len, dst);
214 }
215
crypto_cipher_final(void * ctx)216 void crypto_cipher_final(void *ctx)
217 {
218 cipher_ops(ctx)->final(ctx);
219 }
220
crypto_cipher_get_block_size(uint32_t algo,size_t * size)221 TEE_Result crypto_cipher_get_block_size(uint32_t algo, size_t *size)
222 {
223 uint32_t class = TEE_ALG_GET_CLASS(algo);
224
225 if (class != TEE_OPERATION_CIPHER && class != TEE_OPERATION_MAC &&
226 class != TEE_OPERATION_AE)
227 return TEE_ERROR_BAD_PARAMETERS;
228
229 switch (TEE_ALG_GET_MAIN_ALG(algo)) {
230 case TEE_MAIN_ALGO_AES:
231 *size = TEE_AES_BLOCK_SIZE;
232 return TEE_SUCCESS;
233 case TEE_MAIN_ALGO_DES:
234 case TEE_MAIN_ALGO_DES3:
235 *size = TEE_DES_BLOCK_SIZE;
236 return TEE_SUCCESS;
237 case TEE_MAIN_ALGO_SM4:
238 *size = TEE_SM4_BLOCK_SIZE;
239 return TEE_SUCCESS;
240 default:
241 return TEE_ERROR_NOT_SUPPORTED;
242 }
243 }
244
crypto_mac_alloc_ctx(void ** ctx,uint32_t algo)245 TEE_Result crypto_mac_alloc_ctx(void **ctx, uint32_t algo)
246 {
247 TEE_Result res = TEE_SUCCESS;
248 struct crypto_mac_ctx *c = NULL;
249
250 /*
251 * Use default cryptographic implementation if no matching
252 * drvcrypt device.
253 */
254 res = drvcrypt_mac_alloc_ctx(&c, algo);
255
256 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
257 switch (algo) {
258 case TEE_ALG_HMAC_MD5:
259 res = crypto_hmac_md5_alloc_ctx(&c);
260 break;
261 case TEE_ALG_HMAC_SHA1:
262 res = crypto_hmac_sha1_alloc_ctx(&c);
263 break;
264 case TEE_ALG_HMAC_SHA224:
265 res = crypto_hmac_sha224_alloc_ctx(&c);
266 break;
267 case TEE_ALG_HMAC_SHA256:
268 res = crypto_hmac_sha256_alloc_ctx(&c);
269 break;
270 case TEE_ALG_HMAC_SHA384:
271 res = crypto_hmac_sha384_alloc_ctx(&c);
272 break;
273 case TEE_ALG_HMAC_SHA512:
274 res = crypto_hmac_sha512_alloc_ctx(&c);
275 break;
276 case TEE_ALG_HMAC_SHA3_224:
277 res = crypto_hmac_sha3_224_alloc_ctx(&c);
278 break;
279 case TEE_ALG_HMAC_SHA3_256:
280 res = crypto_hmac_sha3_256_alloc_ctx(&c);
281 break;
282 case TEE_ALG_HMAC_SHA3_384:
283 res = crypto_hmac_sha3_384_alloc_ctx(&c);
284 break;
285 case TEE_ALG_HMAC_SHA3_512:
286 res = crypto_hmac_sha3_512_alloc_ctx(&c);
287 break;
288 case TEE_ALG_HMAC_SM3:
289 res = crypto_hmac_sm3_alloc_ctx(&c);
290 break;
291 case TEE_ALG_AES_CBC_MAC_NOPAD:
292 res = crypto_aes_cbc_mac_nopad_alloc_ctx(&c);
293 break;
294 case TEE_ALG_AES_CBC_MAC_PKCS5:
295 res = crypto_aes_cbc_mac_pkcs5_alloc_ctx(&c);
296 break;
297 case TEE_ALG_DES_CBC_MAC_NOPAD:
298 res = crypto_des_cbc_mac_nopad_alloc_ctx(&c);
299 break;
300 case TEE_ALG_DES_CBC_MAC_PKCS5:
301 res = crypto_des_cbc_mac_pkcs5_alloc_ctx(&c);
302 break;
303 case TEE_ALG_DES3_CBC_MAC_NOPAD:
304 res = crypto_des3_cbc_mac_nopad_alloc_ctx(&c);
305 break;
306 case TEE_ALG_DES3_CBC_MAC_PKCS5:
307 res = crypto_des3_cbc_mac_pkcs5_alloc_ctx(&c);
308 break;
309 case TEE_ALG_DES3_CMAC:
310 res = crypto_des3_cmac_alloc_ctx(&c);
311 break;
312 case TEE_ALG_AES_CMAC:
313 res = crypto_aes_cmac_alloc_ctx(&c);
314 break;
315 default:
316 return TEE_ERROR_NOT_SUPPORTED;
317 }
318 }
319
320 if (!res)
321 *ctx = c;
322
323 return res;
324 }
325
mac_ops(void * ctx)326 static const struct crypto_mac_ops *mac_ops(void *ctx)
327 {
328 struct crypto_mac_ctx *c = ctx;
329
330 assert(c && c->ops);
331
332 return c->ops;
333 }
334
crypto_mac_free_ctx(void * ctx)335 void crypto_mac_free_ctx(void *ctx)
336 {
337 if (ctx)
338 mac_ops(ctx)->free_ctx(ctx);
339 }
340
crypto_mac_copy_state(void * dst_ctx,void * src_ctx)341 void crypto_mac_copy_state(void *dst_ctx, void *src_ctx)
342 {
343 mac_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
344 }
345
crypto_mac_init(void * ctx,const uint8_t * key,size_t len)346 TEE_Result crypto_mac_init(void *ctx, const uint8_t *key, size_t len)
347 {
348 return mac_ops(ctx)->init(ctx, key, len);
349 }
350
crypto_mac_update(void * ctx,const uint8_t * data,size_t len)351 TEE_Result crypto_mac_update(void *ctx, const uint8_t *data, size_t len)
352 {
353 if (!len)
354 return TEE_SUCCESS;
355
356 return mac_ops(ctx)->update(ctx, data, len);
357 }
358
crypto_mac_final(void * ctx,uint8_t * digest,size_t digest_len)359 TEE_Result crypto_mac_final(void *ctx, uint8_t *digest, size_t digest_len)
360 {
361 return mac_ops(ctx)->final(ctx, digest, digest_len);
362 }
363
crypto_authenc_alloc_ctx(void ** ctx,uint32_t algo)364 TEE_Result crypto_authenc_alloc_ctx(void **ctx, uint32_t algo)
365 {
366 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
367 struct crypto_authenc_ctx *c = NULL;
368
369 /*
370 * Use default authenc implementation if no matching
371 * drvcrypt device.
372 */
373 res = drvcrypt_authenc_alloc_ctx(&c, algo);
374
375 if (res == TEE_ERROR_NOT_IMPLEMENTED) {
376 switch (algo) {
377 #if defined(CFG_CRYPTO_CCM)
378 case TEE_ALG_AES_CCM:
379 res = crypto_aes_ccm_alloc_ctx(&c);
380 break;
381 #endif
382 #if defined(CFG_CRYPTO_GCM)
383 case TEE_ALG_AES_GCM:
384 res = crypto_aes_gcm_alloc_ctx(&c);
385 break;
386 #endif
387 default:
388 break;
389 }
390 }
391
392 if (!res)
393 *ctx = c;
394
395 return res;
396 }
397
ae_ops(void * ctx)398 static const struct crypto_authenc_ops *ae_ops(void *ctx)
399 {
400 struct crypto_authenc_ctx *c = ctx;
401
402 assert(c && c->ops);
403
404 return c->ops;
405 }
406
crypto_authenc_init(void * ctx,TEE_OperationMode mode,const uint8_t * key,size_t key_len,const uint8_t * nonce,size_t nonce_len,size_t tag_len,size_t aad_len,size_t payload_len)407 TEE_Result crypto_authenc_init(void *ctx, TEE_OperationMode mode,
408 const uint8_t *key, size_t key_len,
409 const uint8_t *nonce, size_t nonce_len,
410 size_t tag_len, size_t aad_len,
411 size_t payload_len)
412 {
413 return ae_ops(ctx)->init(ctx, mode, key, key_len, nonce, nonce_len,
414 tag_len, aad_len, payload_len);
415 }
416
crypto_authenc_update_aad(void * ctx,TEE_OperationMode mode __unused,const uint8_t * data,size_t len)417 TEE_Result crypto_authenc_update_aad(void *ctx, TEE_OperationMode mode __unused,
418 const uint8_t *data, size_t len)
419 {
420 return ae_ops(ctx)->update_aad(ctx, data, len);
421 }
422
423
crypto_authenc_update_payload(void * ctx,TEE_OperationMode mode,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len)424 TEE_Result crypto_authenc_update_payload(void *ctx, TEE_OperationMode mode,
425 const uint8_t *src_data,
426 size_t src_len, uint8_t *dst_data,
427 size_t *dst_len)
428 {
429 if (*dst_len < src_len)
430 return TEE_ERROR_SHORT_BUFFER;
431 *dst_len = src_len;
432
433 return ae_ops(ctx)->update_payload(ctx, mode, src_data, src_len,
434 dst_data);
435 }
436
crypto_authenc_enc_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,uint8_t * dst_tag,size_t * dst_tag_len)437 TEE_Result crypto_authenc_enc_final(void *ctx, const uint8_t *src_data,
438 size_t src_len, uint8_t *dst_data,
439 size_t *dst_len, uint8_t *dst_tag,
440 size_t *dst_tag_len)
441 {
442 if (*dst_len < src_len)
443 return TEE_ERROR_SHORT_BUFFER;
444 *dst_len = src_len;
445
446 return ae_ops(ctx)->enc_final(ctx, src_data, src_len, dst_data,
447 dst_tag, dst_tag_len);
448 }
449
crypto_authenc_dec_final(void * ctx,const uint8_t * src_data,size_t src_len,uint8_t * dst_data,size_t * dst_len,const uint8_t * tag,size_t tag_len)450 TEE_Result crypto_authenc_dec_final(void *ctx, const uint8_t *src_data,
451 size_t src_len, uint8_t *dst_data,
452 size_t *dst_len, const uint8_t *tag,
453 size_t tag_len)
454 {
455 if (*dst_len < src_len)
456 return TEE_ERROR_SHORT_BUFFER;
457 *dst_len = src_len;
458
459 return ae_ops(ctx)->dec_final(ctx, src_data, src_len, dst_data, tag,
460 tag_len);
461 }
462
crypto_authenc_final(void * ctx)463 void crypto_authenc_final(void *ctx)
464 {
465 ae_ops(ctx)->final(ctx);
466 }
467
crypto_authenc_free_ctx(void * ctx)468 void crypto_authenc_free_ctx(void *ctx)
469 {
470 if (ctx)
471 ae_ops(ctx)->free_ctx(ctx);
472 }
473
crypto_authenc_copy_state(void * dst_ctx,void * src_ctx)474 void crypto_authenc_copy_state(void *dst_ctx, void *src_ctx)
475 {
476 ae_ops(dst_ctx)->copy_state(dst_ctx, src_ctx);
477 }
478
479 #if !defined(CFG_CRYPTO_RSA) && !defined(CFG_CRYPTO_DSA) && \
480 !defined(CFG_CRYPTO_DH) && !defined(CFG_CRYPTO_ECC)
crypto_bignum_allocate(size_t size_bits __unused)481 struct bignum *crypto_bignum_allocate(size_t size_bits __unused)
482 {
483 return NULL;
484 }
485
crypto_bignum_bin2bn(const uint8_t * from __unused,size_t fromsize __unused,struct bignum * to __unused)486 TEE_Result crypto_bignum_bin2bn(const uint8_t *from __unused,
487 size_t fromsize __unused,
488 struct bignum *to __unused)
489 {
490 return TEE_ERROR_NOT_IMPLEMENTED;
491 }
492
crypto_bignum_num_bytes(struct bignum * a __unused)493 size_t crypto_bignum_num_bytes(struct bignum *a __unused)
494 {
495 return 0;
496 }
497
crypto_bignum_num_bits(struct bignum * a __unused)498 size_t crypto_bignum_num_bits(struct bignum *a __unused)
499 {
500 return 0;
501 }
502
503 /*
504 * crypto_bignum_allocate() and crypto_bignum_bin2bn() failing should be
505 * enough to guarantee that the functions calling this function aren't
506 * called, but just in case add a panic() here to avoid unexpected
507 * behavoir.
508 */
bignum_cant_happen(void)509 static void bignum_cant_happen(void)
510 {
511 volatile bool b = true;
512
513 /* Avoid warning about function does not return */
514 if (b)
515 panic();
516 }
517
crypto_bignum_bn2bin(const struct bignum * from __unused,uint8_t * to __unused)518 void crypto_bignum_bn2bin(const struct bignum *from __unused,
519 uint8_t *to __unused)
520 {
521 bignum_cant_happen();
522 }
523
crypto_bignum_copy(struct bignum * to __unused,const struct bignum * from __unused)524 void crypto_bignum_copy(struct bignum *to __unused,
525 const struct bignum *from __unused)
526 {
527 bignum_cant_happen();
528 }
529
crypto_bignum_free(struct bignum ** a)530 void crypto_bignum_free(struct bignum **a)
531 {
532 if (a && *a)
533 panic();
534 }
535
crypto_bignum_clear(struct bignum * a __unused)536 void crypto_bignum_clear(struct bignum *a __unused)
537 {
538 bignum_cant_happen();
539 }
540
541 /* return -1 if a<b, 0 if a==b, +1 if a>b */
crypto_bignum_compare(struct bignum * a __unused,struct bignum * b __unused)542 int32_t crypto_bignum_compare(struct bignum *a __unused,
543 struct bignum *b __unused)
544 {
545 bignum_cant_happen();
546 return -1;
547 }
548 #endif
549
550 #if !defined(CFG_CRYPTO_RSA)
crypto_acipher_alloc_rsa_keypair(struct rsa_keypair * s __unused,size_t key_size_bits __unused)551 TEE_Result crypto_acipher_alloc_rsa_keypair(struct rsa_keypair *s __unused,
552 size_t key_size_bits __unused)
553 {
554 return TEE_ERROR_NOT_IMPLEMENTED;
555 }
556
557 TEE_Result
crypto_acipher_alloc_rsa_public_key(struct rsa_public_key * s __unused,size_t key_size_bits __unused)558 crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s __unused,
559 size_t key_size_bits __unused)
560 {
561 return TEE_ERROR_NOT_IMPLEMENTED;
562 }
563
crypto_acipher_free_rsa_public_key(struct rsa_public_key * s __unused)564 void crypto_acipher_free_rsa_public_key(struct rsa_public_key *s __unused)
565 {
566 }
567
crypto_acipher_free_rsa_keypair(struct rsa_keypair * s __unused)568 void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s __unused)
569 {
570 }
571
crypto_acipher_gen_rsa_key(struct rsa_keypair * key __unused,size_t key_size __unused)572 TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key __unused,
573 size_t key_size __unused)
574 {
575 return TEE_ERROR_NOT_IMPLEMENTED;
576 }
577
crypto_acipher_rsanopad_decrypt(struct rsa_keypair * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)578 TEE_Result crypto_acipher_rsanopad_decrypt(struct rsa_keypair *key __unused,
579 const uint8_t *src __unused,
580 size_t src_len __unused,
581 uint8_t *dst __unused,
582 size_t *dst_len __unused)
583 {
584 return TEE_ERROR_NOT_IMPLEMENTED;
585 }
586
crypto_acipher_rsanopad_encrypt(struct rsa_public_key * key __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)587 TEE_Result crypto_acipher_rsanopad_encrypt(struct rsa_public_key *key __unused,
588 const uint8_t *src __unused,
589 size_t src_len __unused,
590 uint8_t *dst __unused,
591 size_t *dst_len __unused)
592 {
593 return TEE_ERROR_NOT_IMPLEMENTED;
594 }
595
crypto_acipher_rsaes_decrypt(uint32_t algo __unused,struct rsa_keypair * key __unused,const uint8_t * label __unused,size_t label_len __unused,uint32_t mgf_algo __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)596 TEE_Result crypto_acipher_rsaes_decrypt(uint32_t algo __unused,
597 struct rsa_keypair *key __unused,
598 const uint8_t *label __unused,
599 size_t label_len __unused,
600 uint32_t mgf_algo __unused,
601 const uint8_t *src __unused,
602 size_t src_len __unused,
603 uint8_t *dst __unused,
604 size_t *dst_len __unused)
605 {
606 return TEE_ERROR_NOT_IMPLEMENTED;
607 }
608
crypto_acipher_rsaes_encrypt(uint32_t algo __unused,struct rsa_public_key * key __unused,const uint8_t * label __unused,size_t label_len __unused,uint32_t mgf_algo __unused,const uint8_t * src __unused,size_t src_len __unused,uint8_t * dst __unused,size_t * dst_len __unused)609 TEE_Result crypto_acipher_rsaes_encrypt(uint32_t algo __unused,
610 struct rsa_public_key *key __unused,
611 const uint8_t *label __unused,
612 size_t label_len __unused,
613 uint32_t mgf_algo __unused,
614 const uint8_t *src __unused,
615 size_t src_len __unused,
616 uint8_t *dst __unused,
617 size_t *dst_len __unused)
618 {
619 return TEE_ERROR_NOT_IMPLEMENTED;
620 }
621
crypto_acipher_rsassa_sign(uint32_t algo __unused,struct rsa_keypair * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)622 TEE_Result crypto_acipher_rsassa_sign(uint32_t algo __unused,
623 struct rsa_keypair *key __unused,
624 int salt_len __unused,
625 const uint8_t *msg __unused,
626 size_t msg_len __unused,
627 uint8_t *sig __unused,
628 size_t *sig_len __unused)
629 {
630 return TEE_ERROR_NOT_IMPLEMENTED;
631 }
632
crypto_acipher_rsassa_verify(uint32_t algo __unused,struct rsa_public_key * key __unused,int salt_len __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)633 TEE_Result crypto_acipher_rsassa_verify(uint32_t algo __unused,
634 struct rsa_public_key *key __unused,
635 int salt_len __unused,
636 const uint8_t *msg __unused,
637 size_t msg_len __unused,
638 const uint8_t *sig __unused,
639 size_t sig_len __unused)
640 {
641 return TEE_ERROR_NOT_IMPLEMENTED;
642 }
643 #endif /*!CFG_CRYPTO_RSA*/
644
645 #if !defined(CFG_CRYPTO_DSA)
crypto_acipher_alloc_dsa_keypair(struct dsa_keypair * s __unused,size_t key_size_bits __unused)646 TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s __unused,
647 size_t key_size_bits __unused)
648 {
649 return TEE_ERROR_NOT_IMPLEMENTED;
650 }
651
652 TEE_Result
crypto_acipher_alloc_dsa_public_key(struct dsa_public_key * s __unused,size_t key_size_bits __unused)653 crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s __unused,
654 size_t key_size_bits __unused)
655 {
656 return TEE_ERROR_NOT_IMPLEMENTED;
657 }
658
crypto_acipher_gen_dsa_key(struct dsa_keypair * key __unused,size_t key_size __unused)659 TEE_Result crypto_acipher_gen_dsa_key(struct dsa_keypair *key __unused,
660 size_t key_size __unused)
661 {
662 return TEE_ERROR_NOT_IMPLEMENTED;
663 }
664
crypto_acipher_dsa_sign(uint32_t algo __unused,struct dsa_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)665 TEE_Result crypto_acipher_dsa_sign(uint32_t algo __unused,
666 struct dsa_keypair *key __unused,
667 const uint8_t *msg __unused,
668 size_t msg_len __unused,
669 uint8_t *sig __unused,
670 size_t *sig_len __unused)
671 {
672 return TEE_ERROR_NOT_IMPLEMENTED;
673 }
674
crypto_acipher_dsa_verify(uint32_t algo __unused,struct dsa_public_key * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)675 TEE_Result crypto_acipher_dsa_verify(uint32_t algo __unused,
676 struct dsa_public_key *key __unused,
677 const uint8_t *msg __unused,
678 size_t msg_len __unused,
679 const uint8_t *sig __unused,
680 size_t sig_len __unused)
681 {
682 return TEE_ERROR_NOT_IMPLEMENTED;
683 }
684 #endif /*!CFG_CRYPTO_DSA*/
685
686 #if !defined(CFG_CRYPTO_DH)
crypto_acipher_alloc_dh_keypair(struct dh_keypair * s __unused,size_t key_size_bits __unused)687 TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s __unused,
688 size_t key_size_bits __unused)
689 {
690 return TEE_ERROR_NOT_IMPLEMENTED;
691 }
692
crypto_acipher_gen_dh_key(struct dh_keypair * key __unused,struct bignum * q __unused,size_t xbits __unused,size_t key_size __unused)693 TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key __unused,
694 struct bignum *q __unused,
695 size_t xbits __unused,
696 size_t key_size __unused)
697 {
698 return TEE_ERROR_NOT_IMPLEMENTED;
699 }
700
701 TEE_Result
crypto_acipher_dh_shared_secret(struct dh_keypair * private_key __unused,struct bignum * public_key __unused,struct bignum * secret __unused)702 crypto_acipher_dh_shared_secret(struct dh_keypair *private_key __unused,
703 struct bignum *public_key __unused,
704 struct bignum *secret __unused)
705 {
706 return TEE_ERROR_NOT_IMPLEMENTED;
707 }
708 #endif /*!CFG_CRYPTO_DH*/
709
crypto_acipher_alloc_ecc_public_key(struct ecc_public_key * key,uint32_t key_type,size_t key_size_bits)710 TEE_Result crypto_acipher_alloc_ecc_public_key(struct ecc_public_key *key,
711 uint32_t key_type,
712 size_t key_size_bits)
713 {
714 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
715
716 /*
717 * Use default cryptographic implementation if no matching
718 * drvcrypt device.
719 */
720 res = drvcrypt_asym_alloc_ecc_public_key(key, key_type, key_size_bits);
721 if (res == TEE_ERROR_NOT_IMPLEMENTED)
722 res = crypto_asym_alloc_ecc_public_key(key, key_type,
723 key_size_bits);
724
725 return res;
726 }
727
crypto_acipher_alloc_ecc_keypair(struct ecc_keypair * key,uint32_t key_type,size_t key_size_bits)728 TEE_Result crypto_acipher_alloc_ecc_keypair(struct ecc_keypair *key,
729 uint32_t key_type,
730 size_t key_size_bits)
731 {
732 TEE_Result res = TEE_ERROR_NOT_IMPLEMENTED;
733
734 /*
735 * Use default cryptographic implementation if no matching
736 * drvcrypt device.
737 */
738 res = drvcrypt_asym_alloc_ecc_keypair(key, key_type, key_size_bits);
739 if (res == TEE_ERROR_NOT_IMPLEMENTED)
740 res = crypto_asym_alloc_ecc_keypair(key, key_type,
741 key_size_bits);
742
743 return res;
744 }
745
crypto_acipher_free_ecc_public_key(struct ecc_public_key * key)746 void crypto_acipher_free_ecc_public_key(struct ecc_public_key *key)
747 {
748 assert(key->ops && key->ops->free);
749
750 key->ops->free(key);
751 }
752
crypto_acipher_gen_ecc_key(struct ecc_keypair * key,size_t key_size_bits)753 TEE_Result crypto_acipher_gen_ecc_key(struct ecc_keypair *key,
754 size_t key_size_bits)
755 {
756 assert(key->ops && key->ops->generate);
757
758 return key->ops->generate(key, key_size_bits);
759 }
760
crypto_acipher_ecc_sign(uint32_t algo,struct ecc_keypair * key,const uint8_t * msg,size_t msg_len,uint8_t * sig,size_t * sig_len)761 TEE_Result crypto_acipher_ecc_sign(uint32_t algo, struct ecc_keypair *key,
762 const uint8_t *msg, size_t msg_len,
763 uint8_t *sig, size_t *sig_len)
764 {
765 assert(key->ops);
766
767 if (!key->ops->sign)
768 return TEE_ERROR_NOT_IMPLEMENTED;
769
770 return key->ops->sign(algo, key, msg, msg_len, sig, sig_len);
771 }
772
crypto_acipher_ecc_verify(uint32_t algo,struct ecc_public_key * key,const uint8_t * msg,size_t msg_len,const uint8_t * sig,size_t sig_len)773 TEE_Result crypto_acipher_ecc_verify(uint32_t algo, struct ecc_public_key *key,
774 const uint8_t *msg, size_t msg_len,
775 const uint8_t *sig, size_t sig_len)
776 {
777 assert(key->ops);
778
779 if (!key->ops->verify)
780 return TEE_ERROR_NOT_IMPLEMENTED;
781
782 return key->ops->verify(algo, key, msg, msg_len, sig, sig_len);
783 }
784
crypto_acipher_ecc_shared_secret(struct ecc_keypair * private_key,struct ecc_public_key * public_key,void * secret,unsigned long * secret_len)785 TEE_Result crypto_acipher_ecc_shared_secret(struct ecc_keypair *private_key,
786 struct ecc_public_key *public_key,
787 void *secret,
788 unsigned long *secret_len)
789 {
790 assert(private_key->ops);
791
792 if (!private_key->ops->shared_secret)
793 return TEE_ERROR_NOT_IMPLEMENTED;
794
795 return private_key->ops->shared_secret(private_key, public_key, secret,
796 secret_len);
797 }
798
crypto_acipher_sm2_pke_decrypt(struct ecc_keypair * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)799 TEE_Result crypto_acipher_sm2_pke_decrypt(struct ecc_keypair *key,
800 const uint8_t *src, size_t src_len,
801 uint8_t *dst, size_t *dst_len)
802 {
803 assert(key->ops);
804
805 if (!key->ops->decrypt)
806 return TEE_ERROR_NOT_IMPLEMENTED;
807
808 return key->ops->decrypt(key, src, src_len, dst, dst_len);
809 }
810
crypto_acipher_sm2_pke_encrypt(struct ecc_public_key * key,const uint8_t * src,size_t src_len,uint8_t * dst,size_t * dst_len)811 TEE_Result crypto_acipher_sm2_pke_encrypt(struct ecc_public_key *key,
812 const uint8_t *src, size_t src_len,
813 uint8_t *dst, size_t *dst_len)
814 {
815 assert(key->ops);
816
817 if (!key->ops->encrypt)
818 return TEE_ERROR_NOT_IMPLEMENTED;
819
820 return key->ops->encrypt(key, src, src_len, dst, dst_len);
821 }
822
823 #if !defined(CFG_CRYPTO_SM2_KEP)
crypto_acipher_sm2_kep_derive(struct ecc_keypair * my_key __unused,struct ecc_keypair * my_eph_key __unused,struct ecc_public_key * peer_key __unused,struct ecc_public_key * peer_eph_key __unused,struct sm2_kep_parms * p __unused)824 TEE_Result crypto_acipher_sm2_kep_derive(struct ecc_keypair *my_key __unused,
825 struct ecc_keypair *my_eph_key
826 __unused,
827 struct ecc_public_key *peer_key
828 __unused,
829 struct ecc_public_key *peer_eph_key
830 __unused,
831 struct sm2_kep_parms *p __unused)
832 {
833 return TEE_ERROR_NOT_IMPLEMENTED;
834 }
835 #endif
836
837 #if !defined(CFG_CRYPTO_X25519)
crypto_acipher_alloc_x25519_keypair(struct montgomery_keypair * key __unused,size_t key_size_bits __unused)838 TEE_Result crypto_acipher_alloc_x25519_keypair(struct montgomery_keypair *key
839 __unused,
840 size_t key_size_bits __unused)
841 {
842 return TEE_ERROR_NOT_IMPLEMENTED;
843 }
844
crypto_acipher_gen_x25519_key(struct montgomery_keypair * key __unused,size_t key_size __unused)845 TEE_Result crypto_acipher_gen_x25519_key(struct montgomery_keypair
846 *key __unused,
847 size_t key_size __unused)
848 {
849 return TEE_ERROR_NOT_IMPLEMENTED;
850 }
851
crypto_acipher_x25519_shared_secret(struct montgomery_keypair * private_key __unused,void * public_key __unused,void * secret __unused,unsigned long * secret_len __unused)852 TEE_Result crypto_acipher_x25519_shared_secret(struct montgomery_keypair
853 *private_key __unused,
854 void *public_key __unused,
855 void *secret __unused,
856 unsigned long
857 *secret_len __unused)
858 {
859 return TEE_ERROR_NOT_IMPLEMENTED;
860 }
861 #endif
862
863 #if !defined(CFG_CRYPTO_X448)
crypto_acipher_alloc_x448_keypair(struct montgomery_keypair * key __unused,size_t key_size_bits __unused)864 TEE_Result crypto_acipher_alloc_x448_keypair(struct montgomery_keypair *key
865 __unused,
866 size_t key_size_bits __unused)
867 {
868 return TEE_ERROR_NOT_IMPLEMENTED;
869 }
870
crypto_acipher_gen_x448_key(struct montgomery_keypair * key __unused,size_t key_size __unused)871 TEE_Result crypto_acipher_gen_x448_key(struct montgomery_keypair *key __unused,
872 size_t key_size __unused)
873 {
874 return TEE_ERROR_NOT_IMPLEMENTED;
875 }
876
crypto_acipher_x448_shared_secret(struct montgomery_keypair * private_key __unused,void * public_key __unused,void * secret __unused,unsigned long * secret_len __unused)877 TEE_Result crypto_acipher_x448_shared_secret(struct montgomery_keypair
878 *private_key __unused,
879 void *public_key __unused,
880 void *secret __unused,
881 unsigned long
882 *secret_len __unused)
883 {
884 return TEE_ERROR_NOT_IMPLEMENTED;
885 }
886 #endif
887
888 #if !defined(CFG_CRYPTO_ED25519)
crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair * key __unused,size_t key_size_bits __unused)889 TEE_Result crypto_acipher_alloc_ed25519_keypair(struct ed25519_keypair *key
890 __unused,
891 size_t key_size_bits __unused)
892 {
893 return TEE_ERROR_NOT_IMPLEMENTED;
894 }
895
896 TEE_Result
crypto_acipher_alloc_ed25519_public_key(struct ed25519_public_key * key __unused,size_t key_size __unused)897 crypto_acipher_alloc_ed25519_public_key(struct ed25519_public_key *key __unused,
898 size_t key_size __unused)
899 {
900 return TEE_ERROR_NOT_IMPLEMENTED;
901 }
902
crypto_acipher_gen_ed25519_key(struct ed25519_keypair * key __unused,size_t key_size __unused)903 TEE_Result crypto_acipher_gen_ed25519_key(struct ed25519_keypair *key __unused,
904 size_t key_size __unused)
905 {
906 return TEE_ERROR_NOT_IMPLEMENTED;
907 }
908
crypto_acipher_ed25519_sign(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused)909 TEE_Result crypto_acipher_ed25519_sign(struct ed25519_keypair *key __unused,
910 const uint8_t *msg __unused,
911 size_t msg_len __unused,
912 uint8_t *sig __unused,
913 size_t *sig_len __unused)
914 {
915 return TEE_ERROR_NOT_IMPLEMENTED;
916 }
917
918 TEE_Result
crypto_acipher_ed25519_verify(struct ed25519_public_key * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused)919 crypto_acipher_ed25519_verify(struct ed25519_public_key *key __unused,
920 const uint8_t *msg __unused,
921 size_t msg_len __unused,
922 const uint8_t *sig __unused,
923 size_t sig_len __unused)
924 {
925 return TEE_ERROR_NOT_IMPLEMENTED;
926 }
927
crypto_acipher_ed25519ctx_sign(struct ed25519_keypair * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,uint8_t * sig __unused,size_t * sig_len __unused,bool ph_flag __unused,const uint8_t * ctx __unused,size_t ctxlen __unused)928 TEE_Result crypto_acipher_ed25519ctx_sign(struct ed25519_keypair *key __unused,
929 const uint8_t *msg __unused,
930 size_t msg_len __unused,
931 uint8_t *sig __unused,
932 size_t *sig_len __unused,
933 bool ph_flag __unused,
934 const uint8_t *ctx __unused,
935 size_t ctxlen __unused)
936 {
937 return TEE_ERROR_NOT_IMPLEMENTED;
938 }
939
940 TEE_Result
crypto_acipher_ed25519ctx_verify(struct ed25519_public_key * key __unused,const uint8_t * msg __unused,size_t msg_len __unused,const uint8_t * sig __unused,size_t sig_len __unused,bool ph_flag __unused,const uint8_t * ctx __unused,size_t ctxlen __unused)941 crypto_acipher_ed25519ctx_verify(struct ed25519_public_key *key __unused,
942 const uint8_t *msg __unused,
943 size_t msg_len __unused,
944 const uint8_t *sig __unused,
945 size_t sig_len __unused,
946 bool ph_flag __unused,
947 const uint8_t *ctx __unused,
948 size_t ctxlen __unused)
949 {
950 return TEE_ERROR_NOT_IMPLEMENTED;
951 }
952 #endif
953
crypto_storage_obj_del(struct tee_obj * obj __unused)954 __weak TEE_Result crypto_storage_obj_del(struct tee_obj *obj __unused)
955 {
956 return TEE_ERROR_NOT_IMPLEMENTED;
957 }
958