1 /*
2 * Copyright (C) 2021 HiSilicon (Shanghai) Technologies CO., LIMITED.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 */
18
19 #include "hi_cipher_compat.h"
20 #include "hi_drv_compat.h"
21 #include "cryp_symc.h"
22 #include "securec.h"
23
24 /* max package numher of symc multi encrypt */
25 #define SYMC_MULTI_MAX_PKG 0x1000
26
27 #define RSA_PUBLIC_BUFFER_NUM 0x03
28 #define RSA_PRIVATE_BUFFER_NUM 0x07
29
30 #define MAX_CENC_SUB_SAMPLE 100
31
32 typedef hi_s32 (*hi_drv_func)(hi_void *param);
33
34 typedef struct {
35 const char *name;
36 hi_drv_func func;
37 hi_u32 cmd;
38 } crypto_dispatch_func;
39
40 typedef struct {
41 hi_u8 *buf;
42 hi_u32 buf_size;
43 hi_u32 offset;
44 } kapi_rsa_buf;
45
46 /* ****************************** API Code **************************** */
dispatch_symc_create_handle(hi_void * argp)47 static hi_s32 dispatch_symc_create_handle(hi_void *argp)
48 {
49 hi_s32 ret;
50 symc_create_t *symc_create = argp;
51
52 hi_log_func_enter();
53
54 /* allocate a aes channel */
55 ret = kapi_symc_create(&symc_create->id);
56 if (ret != HI_SUCCESS) {
57 hi_log_print_func_err(kapi_symc_create, ret);
58 return ret;
59 }
60
61 hi_log_func_exit();
62 return HI_SUCCESS;
63 }
64
dispatch_symc_destroy_handle(hi_void * argp)65 static hi_s32 dispatch_symc_destroy_handle(hi_void *argp)
66 {
67 hi_s32 ret;
68 symc_destroy_t *destroy = argp;
69
70 hi_log_func_enter();
71
72 ret = kapi_symc_destroy(destroy->id);
73 if (ret != HI_SUCCESS) {
74 hi_log_print_func_err(kapi_symc_destroy, ret);
75 return ret;
76 }
77
78 hi_log_func_exit();
79 return HI_SUCCESS;
80 }
81
dispatch_symc_cfg(hi_void * argp)82 static hi_s32 dispatch_symc_cfg(hi_void *argp)
83 {
84 hi_s32 ret;
85 symc_cfg_t *cfg = argp;
86
87 hi_log_func_enter();
88
89 ret = kapi_symc_cfg(cfg);
90 if (ret != HI_SUCCESS) {
91 hi_log_print_func_err(kapi_symc_cfg, ret);
92 return ret;
93 }
94
95 hi_log_func_exit();
96 return HI_SUCCESS;
97 }
98
dispatch_symc_encrypt(hi_void * argp)99 static hi_s32 dispatch_symc_encrypt(hi_void *argp)
100 {
101 hi_s32 ret;
102 symc_encrypt_t *encrypt = argp;
103
104 hi_log_func_enter();
105
106 if ((encrypt->operation == SYMC_OPERATION_ENCRYPT) || (encrypt->operation == SYMC_OPERATION_DECRYPT)) {
107 ret = cipher_check_mmz_phy_addr((hi_phys_addr_t)addr_u64(encrypt->in), encrypt->len);
108 if (ret != HI_SUCCESS) {
109 hi_log_print_func_err(cipher_check_mmz_phy_addr, ret);
110 return ret;
111 }
112
113 ret = cipher_check_mmz_phy_addr((hi_phys_addr_t)addr_u64(encrypt->out), encrypt->len);
114 if (ret != HI_SUCCESS) {
115 hi_log_print_func_err(cipher_check_mmz_phy_addr, ret);
116 return ret;
117 }
118
119 ret = kapi_symc_crypto(encrypt);
120 if (ret != HI_SUCCESS) {
121 hi_log_print_func_err(kapi_symc_crypto, ret);
122 return ret;
123 }
124 } else if ((encrypt->operation == SYMC_OPERATION_ENCRYPT_VIA) ||
125 (encrypt->operation == SYMC_OPERATION_DECRYPT_VIA)) {
126 ret = kapi_symc_crypto_via(encrypt, HI_TRUE);
127 if (ret != HI_SUCCESS) {
128 hi_log_print_func_err(kapi_symc_crypto_via, ret);
129 return ret;
130 }
131 } else {
132 hi_log_error("encrypt operation(0x%x) is unsupported.\n", encrypt->operation);
133 return HI_ERR_CIPHER_UNSUPPORTED;
134 }
135
136 hi_log_func_exit();
137 return HI_SUCCESS;
138 }
139
dispatch_symc_encrypt_multi(hi_void * argp)140 static hi_s32 dispatch_symc_encrypt_multi(hi_void *argp)
141 {
142 hi_s32 ret;
143 symc_encrypt_multi_t *encrypt_multi = argp;
144
145 hi_log_func_enter();
146
147 hi_log_debug("operation %u\n", encrypt_multi->operation);
148 ret = kapi_symc_crypto_multi(encrypt_multi->id,
149 addr_via(encrypt_multi->pack), encrypt_multi->pack_num, encrypt_multi->operation, HI_TRUE);
150 if (ret != HI_SUCCESS) {
151 hi_log_print_func_err(kapi_symc_crypto_multi, ret);
152 return ret;
153 }
154
155 hi_log_func_exit();
156 return HI_SUCCESS;
157 }
158
dispatch_symc_get_tag(hi_void * argp)159 static hi_s32 dispatch_symc_get_tag(hi_void *argp)
160 {
161 hi_s32 ret;
162 aead_tag_t *aead_tag = argp;
163
164 hi_log_func_enter();
165
166 ret = kapi_aead_get_tag(aead_tag->id, aead_tag->tag, &aead_tag->taglen);
167 if (ret != HI_SUCCESS) {
168 hi_log_print_func_err(kapi_aead_get_tag, ret);
169 return ret;
170 }
171
172 hi_log_func_exit();
173 return HI_SUCCESS;
174 }
175
dispatch_symc_get_cfg(hi_void * argp)176 static hi_s32 dispatch_symc_get_cfg(hi_void *argp)
177 {
178 hi_s32 ret;
179 symc_get_cfg_t *get_cfg = argp;
180
181 hi_log_func_enter();
182
183 ret = kapi_symc_get_cfg(get_cfg->id, &get_cfg->ctrl);
184 if (ret != HI_SUCCESS) {
185 hi_log_print_func_err(kapi_symc_get_cfg, ret);
186 return ret;
187 }
188
189 hi_log_func_exit();
190 return HI_SUCCESS;
191 }
192
dispatch_klad_key(hi_void * argp)193 static hi_s32 dispatch_klad_key(hi_void *argp)
194 {
195 hi_s32 ret;
196 klad_key_t *klad = argp;
197
198 hi_log_func_enter();
199
200 ret = kapi_symc_klad_encrypt_key(klad->keysel,
201 klad->target, klad->clear, klad->encrypt, sizeof(klad->clear));
202 if (ret != HI_SUCCESS) {
203 hi_log_print_func_err(kapi_symc_klad_encrypt_key, ret);
204 return ret;
205 }
206
207 hi_log_func_exit();
208 return HI_SUCCESS;
209 }
210
dispatch_hash_start(hi_void * argp)211 static hi_s32 dispatch_hash_start(hi_void *argp)
212 {
213 hi_s32 ret;
214 hash_start_t *start = argp;
215 hi_u8 *key = HI_NULL;
216
217 hi_log_func_enter();
218 hi_log_chk_param_return(start->type >= HI_CIPHER_HASH_TYPE_BUTT);
219
220 if (start->type == HI_CIPHER_HASH_TYPE_SM3) {
221 hi_log_error("Sm3 is unsupported.\n");
222 return HI_ERR_CIPHER_UNSUPPORTED;
223 }
224
225 if (start->type == HI_CIPHER_HASH_TYPE_HMAC_SHA1 ||
226 start->type == HI_CIPHER_HASH_TYPE_HMAC_SHA224 ||
227 start->type == HI_CIPHER_HASH_TYPE_HMAC_SHA256 ||
228 start->type == HI_CIPHER_HASH_TYPE_HMAC_SHA384 ||
229 start->type == HI_CIPHER_HASH_TYPE_HMAC_SHA512) {
230 hi_log_chk_param_return(start->keylen > MAX_MALLOC_BUF_SIZE);
231 hi_log_chk_param_return(addr_via(start->key) == HI_NULL);
232
233 key = (hi_u8 *)crypto_calloc(1, start->keylen);
234 if (key == HI_NULL) {
235 hi_log_print_err_code(HI_ERR_CIPHER_FAILED_MEM);
236 hi_log_print_func_err(crypto_calloc, HI_ERR_CIPHER_FAILED_MEM);
237 return HI_ERR_CIPHER_FAILED_MEM;
238 }
239
240 crypto_chk_err_goto(crypto_copy_from_user(key, start->keylen, addr_via(start->key), start->keylen));
241 }
242
243 crypto_chk_err_goto(kapi_hash_start(&start->id, start->type, key, start->keylen));
244
245 exit__:
246 if (key != HI_NULL) {
247 (hi_void)memset_s(key, start->keylen, 0, start->keylen);
248 crypto_free(key);
249 key = HI_NULL;
250 }
251
252 hi_log_func_exit();
253
254 return ret;
255 }
256
dispatch_hash_update(hi_void * argp)257 static hi_s32 dispatch_hash_update(hi_void *argp)
258 {
259 hi_s32 ret;
260 hash_update_t *update = argp;
261
262 hi_log_func_enter();
263
264 hi_log_chk_param_return(addr_via(update->input) == HI_NULL);
265
266 update->src = HASH_CHUNCK_SRC_USER;
267 ret = kapi_hash_update(update->id, addr_via(update->input), update->length, update->src);
268 if (ret != HI_SUCCESS) {
269 hi_log_print_func_err(kapi_hash_update, ret);
270 return ret;
271 }
272
273 hi_log_func_exit();
274 return HI_SUCCESS;
275 }
276
dispatch_hash_finish(hi_void * argp)277 static hi_s32 dispatch_hash_finish(hi_void *argp)
278 {
279 hi_s32 ret;
280 hash_finish_t *finish = argp;
281
282 hi_log_func_enter();
283
284 ret = kapi_hash_finish(finish->id, (hi_u8 *)finish->hash, sizeof(finish->hash), &finish->hashlen);
285 if (ret != HI_SUCCESS) {
286 hi_log_print_func_err(kapi_hash_finish, ret);
287 return ret;
288 }
289
290 hi_log_func_exit();
291 return HI_SUCCESS;
292 }
293
rsa_buf_chk_info_param(const rsa_info_t * rsa_info)294 static hi_s32 rsa_buf_chk_info_param(const rsa_info_t *rsa_info)
295 {
296 hi_log_chk_param_return(rsa_info == HI_NULL);
297 hi_log_chk_param_return(addr_via(rsa_info->in) == HI_NULL);
298 hi_log_chk_param_return(addr_via(rsa_info->out) == HI_NULL);
299
300 if (rsa_info->public == HI_FALSE) {
301 hi_log_chk_param_return((addr_via(rsa_info->d) == HI_NULL) &&
302 ((addr_via(rsa_info->p) == HI_NULL) ||
303 (addr_via(rsa_info->q) == HI_NULL) ||
304 (addr_via(rsa_info->dp) == HI_NULL) ||
305 (addr_via(rsa_info->dq) == HI_NULL) ||
306 (addr_via(rsa_info->qp) == HI_NULL)));
307 }
308
309 hi_log_chk_param_return(rsa_info->inlen > rsa_info->klen);
310 hi_log_chk_param_return(rsa_info->outlen > rsa_info->klen);
311 hi_log_chk_param_return(rsa_info->klen < RSA_KEY_BITWIDTH_1024);
312 hi_log_chk_param_return(rsa_info->klen > RSA_KEY_BITWIDTH_4096);
313
314 return HI_SUCCESS;
315 }
316
rsa_pub_alloc(cryp_rsa_key * key,const rsa_info_t * rsa_info,hi_u8 ** in,hi_u8 ** out)317 static hi_s32 rsa_pub_alloc(cryp_rsa_key *key, const rsa_info_t *rsa_info, hi_u8 **in, hi_u8 **out)
318 {
319 hi_s32 ret;
320 hi_u32 size;
321 hi_u8 *buf = HI_NULL;
322 hi_u32 klen = rsa_info->klen;
323
324 hi_log_chk_param_return(key->ca_type != HI_CIPHER_KEY_SRC_USER);
325
326 /* buffer size of key, input and output */
327 size = rsa_info->klen * RSA_PUBLIC_BUFFER_NUM;
328 buf = crypto_calloc(1, size);
329 if (buf == HI_NULL) {
330 hi_log_print_func_err(crypto_calloc, HI_ERR_CIPHER_FAILED_MEM);
331 return HI_ERR_CIPHER_FAILED_MEM;
332 }
333
334 key->n = buf;
335 buf += klen;
336 *in = buf;
337 buf += klen;
338 *out = buf;
339 buf += klen;
340 key->bufsize = size;
341
342 crypto_chk_err_goto(crypto_copy_from_user(key->n, klen, addr_via(rsa_info->n), klen));
343 crypto_chk_err_goto(crypto_copy_from_user(*in, klen, addr_via(rsa_info->in), klen));
344 key->e = rsa_info->e;
345
346 return HI_SUCCESS;
347
348 exit__:
349 if (key->n != HI_NULL) {
350 (hi_void)memset_s(key->n, key->bufsize, 0, key->bufsize);
351 crypto_free(key->n);
352 key->n = HI_NULL;
353 }
354
355 hi_log_error("error, copy rsa key from user failed\n");
356 hi_log_print_err_code(HI_ERR_CIPHER_FAILED_MEM);
357 return HI_ERR_CIPHER_FAILED_MEM;
358 }
359
rsa_private_set_key_param(cryp_rsa_key * key,kapi_rsa_buf * rsa_buf,hi_u32 klen,hi_u32 e)360 static hi_void rsa_private_set_key_param(cryp_rsa_key *key, kapi_rsa_buf *rsa_buf, hi_u32 klen, hi_u32 e)
361 {
362 hi_u8 *ptr = rsa_buf->buf;
363
364 key->n = ptr;
365 ptr += klen;
366 rsa_buf->offset += klen;
367
368 key->d = ptr;
369 ptr += klen;
370 rsa_buf->offset += klen;
371
372 key->p = ptr;
373 ptr += klen / MUL_VAL_2;
374 rsa_buf->offset += klen / MUL_VAL_2;
375
376 key->q = ptr;
377 ptr += klen / MUL_VAL_2;
378 rsa_buf->offset += klen / MUL_VAL_2;
379
380 key->dp = ptr;
381 ptr += klen / MUL_VAL_2;
382 rsa_buf->offset += klen / MUL_VAL_2;
383
384 key->dq = ptr;
385 ptr += klen / MUL_VAL_2;
386 rsa_buf->offset += klen / MUL_VAL_2;
387
388 key->qp = ptr;
389 ptr += klen / MUL_VAL_2;
390 rsa_buf->offset += klen / MUL_VAL_2;
391
392 key->e = e;
393 key->bufsize = rsa_buf->buf_size;
394 }
395
rsa_private_get_cfg(cryp_rsa_key * key,const rsa_info_t * rsa_info,hi_u8 ** in,hi_u8 ** out,hi_u8 * buf)396 static hi_s32 rsa_private_get_cfg(cryp_rsa_key *key,
397 const rsa_info_t *rsa_info, hi_u8 **in, hi_u8 **out, hi_u8 *buf)
398 {
399 hi_s32 ret;
400 hi_u8 *ptr = buf;
401 hi_u32 klen = rsa_info->klen;
402
403 if (addr_via(rsa_info->n) != HI_NULL) {
404 /* invalid user n, n is even number. */
405 crypto_chk_err_goto(crypto_copy_from_user(key->n, klen, addr_via(rsa_info->n), klen));
406 if ((key->ca_type == HI_CIPHER_KEY_SRC_USER) && ((key->n[klen - BOUND_VAL_1] & CRYPTO_NUM_1) == 0)) {
407 hi_log_error("invalid n, n is even number.\n");
408 goto exit__;
409 }
410 }
411
412 if (addr_via(rsa_info->d) != HI_NULL) {
413 crypto_chk_err_goto(crypto_copy_from_user(key->d, klen, addr_via(rsa_info->d), klen));
414 } else {
415 crypto_chk_err_goto(crypto_copy_from_user(
416 key->p, klen / MUL_VAL_2, addr_via(rsa_info->p), klen / MUL_VAL_2));
417 crypto_chk_err_goto(crypto_copy_from_user(
418 key->q, klen / MUL_VAL_2, addr_via(rsa_info->q), klen / MUL_VAL_2));
419 crypto_chk_err_goto(crypto_copy_from_user(
420 key->dp, klen / MUL_VAL_2, addr_via(rsa_info->dp), klen / MUL_VAL_2));
421 crypto_chk_err_goto(crypto_copy_from_user(
422 key->dq, klen / MUL_VAL_2, addr_via(rsa_info->dq), klen / MUL_VAL_2));
423 crypto_chk_err_goto(crypto_copy_from_user(
424 key->qp, klen / MUL_VAL_2, addr_via(rsa_info->qp), klen / MUL_VAL_2));
425 key->d = HI_NULL;
426 }
427
428 *in = ptr;
429 ptr += klen;
430 *out = ptr;
431 ptr += klen;
432
433 if (addr_via(rsa_info->in) != HI_NULL) {
434 crypto_chk_err_goto(crypto_copy_from_user(*in, klen, addr_via(rsa_info->in), rsa_info->inlen));
435 }
436
437 return HI_SUCCESS;
438 exit__:
439 return ret;
440 }
441
rsa_private_alloc(cryp_rsa_key * key,const rsa_info_t * rsa_info,hi_u8 ** in,hi_u8 ** out)442 static hi_s32 rsa_private_alloc(cryp_rsa_key *key, const rsa_info_t *rsa_info, hi_u8 **in, hi_u8 **out)
443 {
444 hi_s32 ret;
445 hi_u32 size;
446 hi_u8 *ptr = HI_NULL;
447 hi_u8 *buf = HI_NULL;
448 hi_u32 klen = rsa_info->klen;
449 kapi_rsa_buf rsa_buf;
450
451 /* n + d or n + p + q + dP + dQ + qp
452 * the length of n/d is klen,
453 * the length of p/q/dP/dQ/qp is klen/2,
454 * the length of input is klen
455 * the length of output is klen
456 */
457 hi_log_chk_param_return(key->ca_type > HI_CIPHER_KEY_SRC_BUTT);
458 (hi_void)memset_s(&rsa_buf, sizeof(rsa_buf), 0, sizeof(rsa_buf));
459
460 size = klen * RSA_PRIVATE_BUFFER_NUM;
461 buf = crypto_calloc(MUL_VAL_1, size);
462 if (buf == HI_NULL) {
463 hi_log_print_func_err(crypto_calloc, HI_ERR_CIPHER_FAILED_MEM);
464 return HI_ERR_CIPHER_FAILED_MEM;
465 }
466 ptr = buf;
467
468 rsa_buf.buf = buf;
469 rsa_buf.buf_size = size;
470 rsa_private_set_key_param(key, &rsa_buf, klen, rsa_info->e);
471
472 ptr += rsa_buf.offset; /* set buf for in and out */
473 crypto_chk_err_goto(rsa_private_get_cfg(key, rsa_info, in, out, ptr));
474 return HI_SUCCESS;
475
476 exit__:
477 if (buf != HI_NULL) {
478 (hi_void)memset_s(buf, size, 0, size);
479 crypto_free(buf);
480 buf = HI_NULL;
481 }
482
483 hi_log_error("error, copy rsa key from user failed\n");
484 hi_log_print_err_code(HI_ERR_CIPHER_FAILED_MEM);
485 return HI_ERR_CIPHER_FAILED_MEM;
486 }
487
rsa_alloc_buffer(cryp_rsa_key * key,const rsa_info_t * rsa_info,hi_u8 ** in,hi_u8 ** out)488 static hi_s32 rsa_alloc_buffer(cryp_rsa_key *key, const rsa_info_t *rsa_info, hi_u8 **in, hi_u8 **out)
489 {
490 hi_s32 ret;
491 hi_u32 klen;
492
493 hi_log_func_enter();
494
495 ret = rsa_buf_chk_info_param(rsa_info);
496 if (ret != HI_SUCCESS) {
497 hi_log_print_func_err(rsa_buf_chk_info_param, ret);
498 return ret;
499 }
500
501 (hi_void)memset_s(key, sizeof(cryp_rsa_key), 0, sizeof(cryp_rsa_key));
502
503 klen = rsa_info->klen;
504 key->klen = klen;
505 key->public = rsa_info->public;
506 key->ca_type = rsa_info->ca_type;
507
508 if (rsa_info->public) {
509 ret = rsa_pub_alloc(key, rsa_info, in, out);
510 if (ret != HI_SUCCESS) {
511 hi_log_print_func_err(rsa_pub_alloc, ret);
512 return ret;
513 }
514 } else {
515 ret = rsa_private_alloc(key, rsa_info, in, out);
516 if (ret != HI_SUCCESS) {
517 hi_log_print_func_err(rsa_private_alloc, ret);
518 return ret;
519 }
520 }
521
522 hi_log_func_exit();
523 return HI_SUCCESS;
524 }
525
rsa_free_buffer(cryp_rsa_key * key)526 static hi_void rsa_free_buffer(cryp_rsa_key *key)
527 {
528 hi_log_func_enter();
529
530 if (key->n != HI_NULL) {
531 (hi_void)memset_s(key->n, key->bufsize, 0, key->bufsize);
532 crypto_free(key->n);
533 key->n = HI_NULL;
534 }
535
536 hi_log_func_exit();
537 return;
538 }
539
dispatch_rsa_encrypt(hi_void * argp)540 static hi_s32 dispatch_rsa_encrypt(hi_void *argp)
541 {
542 hi_s32 ret;
543 rsa_info_t *rsa_info = (rsa_info_t *)argp;
544 cryp_rsa_key key;
545 cryp_rsa_crypt_data rsa;
546
547 hi_log_func_enter();
548
549 (hi_void)memset_s(&rsa, sizeof(rsa), 0, sizeof(rsa));
550 (hi_void)memset_s(&key, sizeof(cryp_rsa_key), 0, sizeof(cryp_rsa_key));
551
552 ret = rsa_alloc_buffer(&key, rsa_info, &rsa.in, &rsa.out);
553 if (ret != HI_SUCCESS) {
554 hi_log_print_func_err(rsa_alloc_buffer, ret);
555 return ret;
556 }
557 rsa.in_len = rsa_info->inlen;
558 rsa.out_len = rsa_info->outlen;
559 rsa.scheme = rsa_info->scheme;
560
561 ret = kapi_rsa_encrypt(&key, &rsa);
562 if (ret != HI_SUCCESS) {
563 rsa_free_buffer(&key);
564 hi_log_print_func_err(kapi_rsa_encrypt, ret);
565 return ret;
566 }
567
568 ret = crypto_copy_to_user(addr_via(rsa_info->out), rsa_info->outlen, rsa.out, rsa.out_len);
569 if (ret != HI_SUCCESS) {
570 rsa_free_buffer(&key);
571 hi_log_print_func_err(crypto_copy_to_user, ret);
572 return ret;
573 }
574
575 rsa_info->outlen = rsa.out_len;
576 rsa_free_buffer(&key);
577 hi_log_func_exit();
578 return HI_SUCCESS;
579 }
580
dispatch_rsa_decrypt(hi_void * argp)581 static hi_s32 dispatch_rsa_decrypt(hi_void *argp)
582 {
583 hi_s32 ret;
584 rsa_info_t *rsa_info = (rsa_info_t *)argp;
585 cryp_rsa_key key;
586 cryp_rsa_crypt_data rsa;
587
588 hi_log_func_enter();
589
590 (hi_void)memset_s(&rsa, sizeof(rsa), 0, sizeof(rsa));
591 (hi_void)memset_s(&key, sizeof(cryp_rsa_key), 0, sizeof(cryp_rsa_key));
592
593 ret = rsa_alloc_buffer(&key, rsa_info, &rsa.in, &rsa.out);
594 if (ret != HI_SUCCESS) {
595 hi_log_print_func_err(rsa_alloc_buffer, ret);
596 return ret;
597 }
598 rsa.in_len = rsa_info->inlen;
599 rsa.out_len = rsa_info->outlen;
600 rsa.scheme = rsa_info->scheme;
601
602 ret = kapi_rsa_decrypt(&key, &rsa);
603 if (ret != HI_SUCCESS) {
604 rsa_free_buffer(&key);
605 hi_log_print_func_err(kapi_rsa_decrypt, ret);
606 return ret;
607 }
608
609 ret = crypto_copy_to_user(addr_via(rsa_info->out), rsa_info->outlen, rsa.out, rsa.out_len);
610 if (ret != HI_SUCCESS) {
611 rsa_free_buffer(&key);
612 hi_log_print_func_err(crypto_copy_to_user, ret);
613 return ret;
614 }
615
616 rsa_info->outlen = rsa.out_len;
617 rsa_free_buffer(&key);
618 hi_log_func_exit();
619 return HI_SUCCESS;
620 }
621
dispatch_rsa_sign_hash(hi_void * argp)622 static hi_s32 dispatch_rsa_sign_hash(hi_void *argp)
623 {
624 hi_s32 ret;
625 rsa_info_t *rsa_info = (rsa_info_t *)argp;
626 cryp_rsa_key key;
627 cryp_rsa_sign_data rsa;
628
629 hi_log_func_enter();
630
631 (hi_void)memset_s(&rsa, sizeof(rsa), 0, sizeof(rsa));
632 (hi_void)memset_s(&key, sizeof(cryp_rsa_key), 0, sizeof(cryp_rsa_key));
633
634 ret = rsa_alloc_buffer(&key, rsa_info, &rsa.in, &rsa.out);
635 if (ret != HI_SUCCESS) {
636 hi_log_print_func_err(rsa_alloc_buffer, ret);
637 return ret;
638 }
639 rsa.in_len = rsa_info->inlen;
640 rsa.out_len = rsa_info->outlen;
641 rsa.scheme = rsa_info->scheme;
642
643 ret = kapi_rsa_sign_hash(&key, &rsa);
644 if (ret != HI_SUCCESS) {
645 rsa_free_buffer(&key);
646 hi_log_print_func_err(kapi_rsa_sign_hash, ret);
647 return ret;
648 }
649
650 ret = crypto_copy_to_user(addr_via(rsa_info->out), rsa_info->outlen, rsa.out, rsa.out_len);
651 if (ret != HI_SUCCESS) {
652 rsa_free_buffer(&key);
653 hi_log_print_func_err(crypto_copy_to_user, ret);
654 return ret;
655 }
656
657 rsa_info->outlen = rsa.out_len;
658 rsa_free_buffer(&key);
659 hi_log_func_exit();
660 return HI_SUCCESS;
661 }
662
dispatch_rsa_verify_hash(hi_void * argp)663 static hi_s32 dispatch_rsa_verify_hash(hi_void *argp)
664 {
665 hi_s32 ret;
666 rsa_info_t *rsa_info = (rsa_info_t *)argp;
667 cryp_rsa_key key;
668 cryp_rsa_sign_data rsa;
669
670 hi_log_func_enter();
671
672 (hi_void)memset_s(&rsa, sizeof(rsa), 0, sizeof(rsa));
673 (hi_void)memset_s(&key, sizeof(cryp_rsa_key), 0, sizeof(cryp_rsa_key));
674
675 ret = rsa_alloc_buffer(&key, rsa_info, &rsa.in, &rsa.out);
676 if (ret != HI_SUCCESS) {
677 hi_log_print_func_err(rsa_alloc_buffer, ret);
678 return ret;
679 }
680 rsa.in_len = rsa_info->inlen;
681 rsa.out_len = rsa_info->outlen;
682 rsa.scheme = rsa_info->scheme;
683
684 /* copy hash value from user */
685 ret = crypto_copy_from_user(rsa.out, rsa.out_len, addr_via(rsa_info->out), rsa_info->outlen);
686 if (ret != HI_SUCCESS) {
687 rsa_free_buffer(&key);
688 hi_log_print_func_err(crypto_copy_from_user, ret);
689 return ret;
690 }
691
692 ret = kapi_rsa_verify_hash(&key, &rsa);
693 if (ret != HI_SUCCESS) {
694 rsa_free_buffer(&key);
695 hi_log_print_func_err(kapi_rsa_verify_hash, ret);
696 return ret;
697 }
698
699 rsa_free_buffer(&key);
700 hi_log_func_exit();
701 return HI_SUCCESS;
702 }
703
rsa_exp_mod_alloc(cryp_rsa_exp_mod * cryp_mod,const rsa_bn_exp_mod_t * exp_mod)704 static hi_s32 rsa_exp_mod_alloc(cryp_rsa_exp_mod *cryp_mod, const rsa_bn_exp_mod_t *exp_mod)
705 {
706 hi_s32 ret;
707 hi_u8 *buf;
708 cryp_mod->length = exp_mod->length;
709
710 buf = crypto_calloc(MUL_VAL_4, cryp_mod->length); /* n, k, in, out, 4 groups */
711 if (buf == HI_NULL) {
712 hi_log_print_func_err(crypto_calloc, HI_ERR_CIPHER_FAILED_MEM);
713 return HI_ERR_CIPHER_FAILED_MEM;
714 }
715
716 cryp_mod->n = buf;
717 cryp_mod->k = buf + MUL_VAL_1 * cryp_mod->length;
718 cryp_mod->in = buf + MUL_VAL_2 * cryp_mod->length;
719 cryp_mod->out = buf + MUL_VAL_3 * cryp_mod->length;
720
721 crypto_chk_err_goto(crypto_copy_from_user(cryp_mod->n, cryp_mod->length,
722 addr_via_const(exp_mod->n), exp_mod->length));
723
724 crypto_chk_err_goto(crypto_copy_from_user(cryp_mod->k, cryp_mod->length,
725 addr_via_const(exp_mod->k), exp_mod->length));
726
727 crypto_chk_err_goto(crypto_copy_from_user(cryp_mod->in, cryp_mod->length,
728 addr_via_const(exp_mod->in), exp_mod->length));
729
730 return HI_SUCCESS;
731 exit__:
732
733 crypto_free(buf);
734 return ret;
735 }
736
rsa_exp_mod_free(cryp_rsa_exp_mod * cryp_mod)737 static hi_void rsa_exp_mod_free(cryp_rsa_exp_mod *cryp_mod)
738 {
739 if (cryp_mod != HI_NULL) {
740 crypto_free(cryp_mod->n);
741 cryp_mod->n = HI_NULL;
742 cryp_mod->k = HI_NULL;
743 cryp_mod->in = HI_NULL;
744 cryp_mod->out = HI_NULL;
745 }
746 }
747
dispatch_rsa_bn_exp_mod(hi_void * argp)748 static hi_s32 dispatch_rsa_bn_exp_mod(hi_void *argp)
749 {
750 hi_s32 ret;
751 rsa_bn_exp_mod_t *exp_mod = (rsa_bn_exp_mod_t *)argp;
752 cryp_rsa_exp_mod cryp_mod;
753
754 (hi_void)memset_s(&cryp_mod, sizeof(cryp_rsa_exp_mod), 0, sizeof(cryp_rsa_exp_mod));
755
756 hi_log_chk_param_return(exp_mod == HI_NULL);
757 hi_log_chk_param_return(addr_via_const(exp_mod->n) == HI_NULL);
758 hi_log_chk_param_return(addr_via_const(exp_mod->k) == HI_NULL);
759 hi_log_chk_param_return(addr_via_const(exp_mod->in) == HI_NULL);
760 hi_log_chk_param_return(addr_via(exp_mod->out) == HI_NULL);
761 hi_log_chk_param_return(exp_mod->length < RSA_KEY_BITWIDTH_1024);
762 hi_log_chk_param_return(exp_mod->length > RSA_KEY_BITWIDTH_4096);
763
764 ret = rsa_exp_mod_alloc(&cryp_mod, exp_mod);
765 if (ret != HI_SUCCESS) {
766 hi_log_print_func_err(rsa_exp_mod_alloc, ret);
767 return ret;
768 }
769
770 ret = kapi_rsa_bn_exp_mod(&cryp_mod);
771 if (ret != HI_SUCCESS) {
772 hi_log_print_func_err(kapi_rsa_bn_exp_mod, ret);
773 goto exit__;
774 }
775
776 crypto_chk_err_goto(crypto_copy_to_user(addr_via(exp_mod->out), cryp_mod.length,
777 cryp_mod.out, cryp_mod.length));
778
779 exit__:
780 rsa_exp_mod_free(&cryp_mod);
781 return ret;
782 }
783
dispatch_trng_get_random(hi_void * argp)784 static hi_s32 dispatch_trng_get_random(hi_void *argp)
785 {
786 trng_t *trng = (trng_t *)argp;
787 hi_s32 ret;
788
789 hi_log_func_enter();
790
791 ret = kapi_trng_get_random(&trng->randnum, trng->timeout);
792 if (ret != HI_SUCCESS) {
793 return ret;
794 }
795
796 hi_log_func_exit();
797 return HI_SUCCESS;
798 }
799
800 static crypto_dispatch_func g_dispatch_func[CRYPTO_CMD_COUNT] = {
801 {"CreateHandle", dispatch_symc_create_handle, CRYPTO_CMD_SYMC_CREATEHANDLE},
802 {"DestroyHandle", dispatch_symc_destroy_handle, CRYPTO_CMD_SYMC_DESTROYHANDLE},
803 {"ConfigChn", dispatch_symc_cfg, CRYPTO_CMD_SYMC_CONFIGHANDLE},
804 {"Encrypt", dispatch_symc_encrypt, CRYPTO_CMD_SYMC_ENCRYPT},
805 {"EncryptMulti", dispatch_symc_encrypt_multi, CRYPTO_CMD_SYMC_ENCRYPTMULTI},
806 {"GetTag", dispatch_symc_get_tag, CRYPTO_CMD_SYMC_GETTAG},
807 {"HashStart", dispatch_hash_start, CRYPTO_CMD_HASH_START},
808 {"HashUpdate", dispatch_hash_update, CRYPTO_CMD_HASH_UPDATE},
809 {"HashFinish", dispatch_hash_finish, CRYPTO_CMD_HASH_FINISH},
810 {"RsaEncrypt", dispatch_rsa_encrypt, CRYPTO_CMD_RSA_ENC},
811 {"RsaDecrypt", dispatch_rsa_decrypt, CRYPTO_CMD_RSA_DEC},
812 {"RsaSign", dispatch_rsa_sign_hash, CRYPTO_CMD_RSA_SIGN},
813 {"RsaVerify", dispatch_rsa_verify_hash, CRYPTO_CMD_RSA_VERIFY},
814 {"TRNG", dispatch_trng_get_random, CRYPTO_CMD_TRNG},
815 {"GetSymcConfig", dispatch_symc_get_cfg, CRYPTO_CMD_SYMC_GET_CONFIG},
816 {"KladKey", dispatch_klad_key, CRYPTO_CMD_KLAD_KEY},
817 {"KladKey", dispatch_rsa_bn_exp_mod, CRYPTO_CMD_BN_EXP_MOD},
818 };
819
crypto_ioctl(hi_u32 cmd,hi_void * argp)820 hi_s32 crypto_ioctl(hi_u32 cmd, hi_void *argp)
821 {
822 hi_u32 nr;
823 hi_s32 ret;
824
825 hi_log_func_enter();
826
827 nr = crypto_ioc_nr(cmd);
828 hi_log_chk_param_return(argp == HI_NULL);
829 hi_log_chk_param_return(nr >= CRYPTO_CMD_COUNT);
830 hi_log_chk_param_return(cmd != g_dispatch_func[nr].cmd);
831
832 hi_log_debug("cmd 0x%x, nr %u, size %u, local cmd 0x%x\n",
833 cmd, nr, crypto_ioc_size(cmd), g_dispatch_func[nr].cmd);
834
835 hi_log_info("Link Func NR %u, Name: %s\n", nr, g_dispatch_func[nr].name);
836 ret = g_dispatch_func[nr].func(argp);
837 if (ret != HI_SUCCESS) {
838 /* TRNG may be empty in FIFO, don't report error, try to read it again */
839 if (cmd != CRYPTO_CMD_TRNG) {
840 hi_log_error("error, call dispatch_fun fun failed!\n");
841 hi_log_print_func_err(crypto_dispatch_func, ret);
842 }
843 return ret;
844 }
845
846 hi_log_func_exit();
847 return HI_SUCCESS;
848 }
849
crypto_entry(hi_void)850 hi_s32 crypto_entry(hi_void)
851 {
852 hi_s32 ret;
853
854 hi_log_func_enter();
855
856 crypto_mem_init();
857
858 ret = module_addr_map();
859 if (ret != HI_SUCCESS) {
860 hi_log_error("module addr map failed\n");
861 hi_log_print_func_err(module_addr_map, ret);
862 return ret;
863 }
864
865 ret = kapi_symc_init();
866 if (ret != HI_SUCCESS) {
867 hi_log_error("kapi symc init failed\n");
868 hi_log_print_func_err(kapi_symc_init, ret);
869 goto error;
870 }
871
872 ret = kapi_hash_init();
873 if (ret != HI_SUCCESS) {
874 hi_log_error("kapi hash init failed\n");
875 hi_log_print_func_err(kapi_hash_init, ret);
876 goto error1;
877 }
878
879 ret = kapi_rsa_init();
880 if (ret != HI_SUCCESS) {
881 hi_log_error("kapi rsa init failed\n");
882 hi_log_print_func_err(kapi_rsa_init, ret);
883 goto error2;
884 }
885
886 ret = hi_drv_compat_init();
887 if (ret != HI_SUCCESS) {
888 hi_log_print_func_err(hi_drv_compat_init, ret);
889 goto error3;
890 }
891
892 hi_log_func_exit();
893 return HI_SUCCESS;
894
895 error3:
896 kapi_rsa_deinit();
897 error2:
898 kapi_hash_deinit();
899 error1:
900 kapi_symc_deinit();
901 error:
902 module_addr_unmap();
903
904 return ret;
905 }
906
crypto_exit(hi_void)907 hi_s32 crypto_exit(hi_void)
908 {
909 hi_s32 ret;
910
911 hi_log_func_enter();
912
913 ret = kapi_symc_deinit();
914 if (ret != HI_SUCCESS) {
915 hi_log_print_func_err(kapi_symc_deinit, ret);
916 return ret;
917 }
918
919 ret = kapi_hash_deinit();
920 if (ret != HI_SUCCESS) {
921 hi_log_print_func_err(kapi_hash_deinit, ret);
922 return ret;
923 }
924
925 ret = kapi_rsa_deinit();
926 if (ret != HI_SUCCESS) {
927 hi_log_print_func_err(kapi_rsa_deinit, ret);
928 return ret;
929 }
930
931 ret = hi_drv_compat_deinit();
932 if (ret != HI_SUCCESS) {
933 hi_log_print_func_err(hi_drv_compat_deinit, ret);
934 return ret;
935 }
936
937 ret = module_addr_unmap();
938 if (ret != HI_SUCCESS) {
939 hi_log_print_func_err(module_addr_unmap, ret);
940 return ret;
941 }
942
943 crypto_mem_deinit();
944
945 hi_log_func_exit();
946 return HI_SUCCESS;
947 }
948
949
crypto_release(hi_void)950 hi_s32 crypto_release(hi_void)
951 {
952 hi_s32 ret;
953
954 ret = kapi_symc_release();
955 if (ret != HI_SUCCESS) {
956 hi_log_print_func_err(kapi_symc_release, ret);
957 return ret;
958 }
959
960 ret = kapi_hash_release();
961 if (ret != HI_SUCCESS) {
962 hi_log_print_func_err(kapi_hash_release, ret);
963 return ret;
964 }
965
966 return HI_SUCCESS;
967 }
968