1 /*
2 * Copyright (C) 2022 Huawei Technologies Co., Ltd.
3 * Licensed under the Mulan PSL v2.
4 * You can use this software according to the terms and conditions of the Mulan PSL v2.
5 * You may obtain a copy of Mulan PSL v2 at:
6 * http://license.coscl.org.cn/MulanPSL2
7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
9 * PURPOSE.
10 * See the Mulan PSL v2 for more details.
11 */
12 #include "tee_crypto_api.h"
13 #include <string.h>
14 #include <securec.h>
15 #include <tee_log.h>
16 #include <ta_framework.h>
17 #include <tee_ext_api.h>
18 #include <tee_obj.h>
19 #include <tee_property_inner.h>
20 #include <tee_object_api.h>
21 #include <crypto_inner_defines.h>
22 #include <crypto_alg_config.h>
23 #include <crypto_hal_rsa.h>
24 #include <crypto_hal_ec.h>
25 #include <crypto_hal.h>
26 #include <crypto_driver_adaptor.h>
27 #include <crypto_manager.h>
28 #include "tee_operation.h"
29 #include "tee_crypto_hal.h"
30 #ifdef OPENSSL_ENABLE
31 #include "openssl/crypto.h"
32 #endif
33
34 /* For GP compatible, we add some panic when there is some error, For common use, we need to disable this panic */
35 #ifndef GP_COMPATIBLE
36 #define TEE_Panic(x) \
37 do { \
38 } while (0)
39 #endif
40
crypto_lock_operation(TEE_OperationHandle operation)41 TEE_Result crypto_lock_operation(TEE_OperationHandle operation)
42 {
43 if (operation == NULL)
44 return TEE_ERROR_BAD_PARAMETERS;
45
46 int32_t ret = pthread_mutex_lock(&(operation->operation_lock));
47 if (ret != 0)
48 tloge("crypto api pthread mutex lock failed\n");
49 return (TEE_Result)ret;
50 }
51
crypto_unlock_operation(TEE_OperationHandle operation)52 void crypto_unlock_operation(TEE_OperationHandle operation)
53 {
54 if (operation == NULL)
55 return;
56
57 int32_t ret = pthread_mutex_unlock(&(operation->operation_lock));
58 if (ret != 0)
59 tloge("crypto api pthread mutex unlock failed\n");
60 }
61
crypto_lock_two_operation(TEE_OperationHandle op1,TEE_OperationHandle op2)62 TEE_Result crypto_lock_two_operation(TEE_OperationHandle op1, TEE_OperationHandle op2)
63 {
64 if (crypto_lock_operation(op1) != TEE_SUCCESS)
65 return TEE_ERROR_GENERIC;
66
67 if (crypto_lock_operation(op2) != TEE_SUCCESS) {
68 (void)pthread_mutex_unlock(&(op1->operation_lock));
69 return TEE_ERROR_GENERIC;
70 }
71
72 return TEE_SUCCESS;
73 }
crypyo_unlock_two_operation(TEE_OperationHandle op1,TEE_OperationHandle op2)74 void crypyo_unlock_two_operation(TEE_OperationHandle op1, TEE_OperationHandle op2)
75 {
76 if (op1 == NULL || op2 == NULL)
77 return;
78
79 if (pthread_mutex_unlock(&(op1->operation_lock)) != TEE_SUCCESS)
80 tloge("crypto api pthread_mutex_unlock op1 failed\n");
81 if (pthread_mutex_unlock(&(op2->operation_lock)) != TEE_SUCCESS)
82 tloge("crypto api pthread_mutex_unlock op2 failed\n");
83 }
84
85 struct algo_key_size_low_s {
86 uint32_t algo;
87 uint32_t min_key_size;
88 };
89
90 static const struct algo_key_size_low_s g_algo_low_lev_key_size_config[] = {
91 { TEE_ALG_RSASSA_PKCS1_V1_5_MD5, RSA_MIN_KEY_SIZE },
92 { TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, RSA_MIN_KEY_SIZE },
93 { TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, RSA_MIN_KEY_SIZE },
94 { TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, RSA_MIN_KEY_SIZE },
95 { TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, RSA_MIN_KEY_SIZE },
96 { TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, RSA_MIN_KEY_SIZE },
97 { TEE_ALG_RSASSA_PKCS1_PSS_MGF1_MD5, RSA_MIN_KEY_SIZE },
98 { TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, RSA_MIN_KEY_SIZE },
99 { TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, RSA_MIN_KEY_SIZE },
100 { TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, RSA_MIN_KEY_SIZE },
101 { TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, RSA_MIN_KEY_SIZE },
102 { TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, RSA_MIN_KEY_SIZE },
103 { TEE_ALG_RSAES_PKCS1_V1_5, RSA_MIN_KEY_SIZE },
104 { TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, RSA_MIN_KEY_SIZE },
105 { TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224, RSA_MIN_KEY_SIZE },
106 { TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256, RSA_MIN_KEY_SIZE },
107 { TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384, RSA_MIN_KEY_SIZE },
108 { TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512, RSA_MIN_KEY_SIZE },
109 { TEE_ALG_RSA_NOPAD, RSA_MIN_KEY_SIZE },
110 { TEE_ALG_DH_DERIVE_SHARED_SECRET, DH_MIN_KEY_SIZE },
111 { TEE_ALG_ECDSA_SHA1, ECDSA_MIN_KEY_SIZE },
112 { TEE_ALG_ECDSA_SHA224, ECDSA_MIN_KEY_SIZE },
113 { TEE_ALG_ECDSA_SHA256, ECDSA_MIN_KEY_SIZE },
114 { TEE_ALG_ECDSA_SHA384, ECDSA_MIN_KEY_SIZE },
115 { TEE_ALG_ECDSA_SHA512, ECDSA_MIN_KEY_SIZE },
116 { TEE_ALG_ECDH_DERIVE_SHARED_SECRET, ECDH_MIN_KEY_SIZE },
117 { TEE_ALG_ECDH_P224, ECDH_MIN_KEY_SIZE },
118 { TEE_ALG_ECDH_P256, ECDH_MIN_KEY_SIZE },
119 { TEE_ALG_ECDH_P384, ECDH_MIN_KEY_SIZE },
120 { TEE_ALG_ECDH_P521, ECDH_MIN_KEY_SIZE },
121 };
122
check_low_lev_key_size_for_alg(uint32_t algorithm,uint32_t key_size)123 static TEE_Result check_low_lev_key_size_for_alg(uint32_t algorithm, uint32_t key_size)
124 {
125 for (size_t index = 0; index < ELEM_NUM(g_algo_low_lev_key_size_config); index++) {
126 if (algorithm == g_algo_low_lev_key_size_config[index].algo) {
127 if (key_size >= g_algo_low_lev_key_size_config[index].min_key_size) {
128 return TEE_SUCCESS;
129 } else {
130 tloge("the key size is invalid\n");
131 return TEE_ERROR_NOT_SUPPORTED;
132 }
133 }
134 }
135 return TEE_SUCCESS;
136 }
137
check_valid_key_size_for_algorithm(uint32_t algorithm,uint32_t max_key_size)138 static TEE_Result check_valid_key_size_for_algorithm(uint32_t algorithm, uint32_t max_key_size)
139 {
140 uint32_t api_level = tee_get_ta_api_level();
141 if (api_level == API_LEVEL1_0)
142 return check_low_lev_key_size_for_alg(algorithm, max_key_size);
143
144 return crypto_check_keysize(algorithm, max_key_size);
145 }
146
147 struct error_code_t {
148 int32_t hal_err;
149 TEE_Result gp_err;
150 };
151
change_hal_ret_to_gp(int32_t error)152 TEE_Result change_hal_ret_to_gp(int32_t error)
153 {
154 struct error_code_t change_err[] = {
155 { CRYPTO_NOT_SUPPORTED, TEE_ERROR_NOT_SUPPORTED },
156 { CRYPTO_CIPHERTEXT_INVALID, TEE_ERROR_CIPHERTEXT_INVALID },
157 { CRYPTO_BAD_FORMAT, TEE_ERROR_BAD_FORMAT },
158 { CRYPTO_BAD_PARAMETERS, TEE_ERROR_BAD_PARAMETERS },
159 { CRYPTO_BAD_STATE, TEE_ERROR_BAD_STATE },
160 { CRYPTO_SHORT_BUFFER, TEE_ERROR_SHORT_BUFFER },
161 { CRYPTO_OVERFLOW, TEE_ERROR_OVERFLOW },
162 { CRYPTO_MAC_INVALID, TEE_ERROR_MAC_INVALID },
163 { CRYPTO_SIGNATURE_INVALID, TEE_ERROR_SIGNATURE_INVALID },
164 { CRYPTO_ERROR_SECURITY, TEE_ERROR_SECURITY },
165 { CRYPTO_ERROR_OUT_OF_MEMORY, TEE_ERROR_OUT_OF_MEMORY },
166 { CRYPTO_SUCCESS, TEE_SUCCESS },
167 };
168 for (uint32_t i = 0; i < ELEM_NUM(change_err); i++) {
169 if (error == change_err[i].hal_err)
170 return change_err[i].gp_err;
171 }
172 return error;
173 }
174
set_operation_hal_info(TEE_OperationHandle operation,uint32_t algorithm)175 static TEE_Result set_operation_hal_info(TEE_OperationHandle operation, uint32_t algorithm)
176 {
177 operation->hal_info = TEE_Malloc(sizeof(crypto_hal_info), 0);
178 if (operation->hal_info == NULL) {
179 tloge("Malloc memory failed for crypto hal info\n");
180 return TEE_ERROR_OUT_OF_MEMORY;
181 }
182
183 uint32_t engine = crypto_get_default_engine(algorithm);
184 return TEE_SetCryptoFlag(operation, engine);
185 }
186
crypto_get_output_length(uint32_t algorithm)187 size_t crypto_get_output_length(uint32_t algorithm)
188 {
189 for (uint32_t i = 0; i < ELEM_NUM(g_output_lower_limit); i++) {
190 if (g_output_lower_limit[i].algorithm == algorithm)
191 return g_output_lower_limit[i].output_lower_limit;
192 }
193
194 return 0;
195 }
196
check_allocate_param(TEE_OperationHandle * operation,uint32_t algorithm,uint32_t max_keysize)197 static TEE_Result check_allocate_param(TEE_OperationHandle *operation, uint32_t algorithm, uint32_t max_keysize)
198 {
199 bool check = (operation == NULL || max_keysize > TEE_MAX_KEY_SIZE_IN_BITS);
200 if (check) {
201 tloge("bad params");
202 return TEE_ERROR_BAD_PARAMETERS;
203 }
204
205 TEE_Result ret = check_valid_key_size_for_algorithm(algorithm, max_keysize);
206 if (ret != TEE_SUCCESS) {
207 if (ret == TEE_ERROR_BAD_PARAMETERS)
208 tloge("max_keysize 0x%x is wrong or not supported now\n", max_keysize);
209 else
210 tloge("algorithm 0x%x is incorrect or not supported\n", algorithm);
211 return TEE_ERROR_NOT_SUPPORTED;
212 }
213 uint32_t temp_key_size = max_keysize;
214 uint32_t api_level = tee_get_ta_api_level();
215 if (api_level == API_LEVEL1_0)
216 temp_key_size *= BIT_TO_BYTE;
217 ret = check_if_unsafe_alg(algorithm, temp_key_size);
218 if (ret != TEE_SUCCESS)
219 return ret;
220 return TEE_SUCCESS;
221 }
222
check_digest_alg_valid(uint32_t algorithm,TEE_OperationHandle operation_handle)223 static TEE_Result check_digest_alg_valid(uint32_t algorithm, TEE_OperationHandle operation_handle)
224 {
225 if (!crypto_check_alg_valid(algorithm, TEE_MODE_DIGEST)) {
226 tloge("TEE_MODE_DIGEST and algorithm are not match\n");
227 return TEE_ERROR_NOT_SUPPORTED;
228 }
229
230 if (tee_get_ta_api_level() > API_LEVEL1_0)
231 operation_handle->requiredKeyUsage = 0;
232 else
233 operation_handle->requiredKeyUsage = TEE_USAGE_MAC;
234 operation_handle->handleState |= (TEE_HANDLE_FLAG_KEY_SET | TEE_HANDLE_FLAG_INITIALIZED);
235 operation_handle->digestLength = crypto_get_output_length(algorithm);
236
237 return TEE_SUCCESS;
238 }
239
check_enc_dec_alg_valid(uint32_t algorithm,TEE_OperationHandle operation_handle,uint32_t mode)240 static TEE_Result check_enc_dec_alg_valid(uint32_t algorithm, TEE_OperationHandle operation_handle, uint32_t mode)
241 {
242 if (!crypto_check_alg_valid(algorithm, TEE_MODE_ENCRYPT)) {
243 tloge("TEE_MODE_ENCRYPT TEE_MODE_DECRYPT and algorithm are not match\n");
244 return TEE_ERROR_NOT_SUPPORTED;
245 }
246
247 operation_handle->publicKey = NULL;
248 operation_handle->privateKey = NULL;
249 if (mode == TEE_MODE_ENCRYPT)
250 operation_handle->requiredKeyUsage = TEE_USAGE_ENCRYPT;
251 if (mode == TEE_MODE_DECRYPT)
252 operation_handle->requiredKeyUsage = TEE_USAGE_DECRYPT;
253 if (algorithm == TEE_ALG_AES_XTS) {
254 operation_handle->handleState |= TEE_HANDLE_FLAG_EXPECT_TWO_KEYS;
255 if (tee_get_ta_api_level() > API_LEVEL1_0)
256 operation_handle->requiredKeyUsage = 0;
257 }
258 return TEE_SUCCESS;
259 }
260
check_sign_verify_alg_valid(uint32_t algorithm,TEE_OperationHandle operation_handle,uint32_t mode)261 static TEE_Result check_sign_verify_alg_valid(uint32_t algorithm, TEE_OperationHandle operation_handle, uint32_t mode)
262 {
263 if (!crypto_check_alg_valid(algorithm, TEE_MODE_SIGN)) {
264 tloge("TEE_MODE_SIGN TEE_MODE_VERIFY and algorithm are not match\n");
265 return TEE_ERROR_NOT_SUPPORTED;
266 }
267 operation_handle->publicKey = NULL;
268 operation_handle->privateKey = NULL;
269 if (mode == TEE_MODE_SIGN)
270 operation_handle->requiredKeyUsage = TEE_USAGE_SIGN;
271 if (mode == TEE_MODE_VERIFY)
272 operation_handle->requiredKeyUsage = TEE_USAGE_VERIFY;
273 return TEE_SUCCESS;
274 }
275
check_mac_alg_valid(uint32_t algorithm,TEE_OperationHandle operation_handle)276 static TEE_Result check_mac_alg_valid(uint32_t algorithm, TEE_OperationHandle operation_handle)
277 {
278 if (!crypto_check_alg_valid(algorithm, TEE_MODE_MAC)) {
279 tloge("TEE_MODE_MAC and algorithm are not match\n");
280 return TEE_ERROR_NOT_SUPPORTED;
281 }
282 operation_handle->requiredKeyUsage = TEE_USAGE_MAC;
283 operation_handle->digestLength = crypto_get_output_length(algorithm);
284 return TEE_SUCCESS;
285 }
286
check_derive_alg_valid(uint32_t algorithm,TEE_OperationHandle operation_handle)287 static TEE_Result check_derive_alg_valid(uint32_t algorithm, TEE_OperationHandle operation_handle)
288 {
289 if (!crypto_check_alg_valid(algorithm, TEE_MODE_DERIVE)) {
290 tloge("TEE_MODE_DERIVE and algorithm are not match\n");
291 return TEE_ERROR_NOT_SUPPORTED;
292 }
293 operation_handle->requiredKeyUsage = TEE_USAGE_DERIVE;
294 return TEE_SUCCESS;
295 }
296
check_algorithm_valid(uint32_t mode,uint32_t algorithm,TEE_OperationHandle operation_handle)297 static TEE_Result check_algorithm_valid(uint32_t mode, uint32_t algorithm, TEE_OperationHandle operation_handle)
298 {
299 TEE_Result ret;
300 switch (mode) {
301 case TEE_MODE_DIGEST:
302 ret = check_digest_alg_valid(algorithm, operation_handle);
303 break;
304 case TEE_MODE_DECRYPT:
305 case TEE_MODE_ENCRYPT:
306 ret = check_enc_dec_alg_valid(algorithm, operation_handle, mode);
307 break;
308 case TEE_MODE_SIGN:
309 case TEE_MODE_VERIFY:
310 ret = check_sign_verify_alg_valid(algorithm, operation_handle, mode);
311 break;
312 case TEE_MODE_MAC:
313 ret = check_mac_alg_valid(algorithm, operation_handle);
314 break;
315 case TEE_MODE_DERIVE:
316 ret = check_derive_alg_valid(algorithm, operation_handle);
317 break;
318 default:
319 tloge("The mode isn't supported\n");
320 return TEE_ERROR_NOT_SUPPORTED;
321 }
322 return ret;
323 }
324
TEE_AllocateOperation(TEE_OperationHandle * operation,uint32_t algorithm,uint32_t mode,uint32_t max_key_size)325 TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, uint32_t algorithm, uint32_t mode,
326 uint32_t max_key_size)
327 {
328 TEE_OperationHandle operation_handle = NULL;
329 TEE_Result ret = check_allocate_param(operation, algorithm, max_key_size);
330 if (ret != TEE_SUCCESS) {
331 tloge("params is invalid, ret = 0x%x\n", ret);
332 return ret;
333 }
334
335 operation_handle = TEE_Malloc(sizeof(*operation_handle), 0);
336 if (operation_handle == NULL) {
337 tloge("Allocate memory failed\n");
338 return TEE_ERROR_OUT_OF_MEMORY;
339 }
340
341 ret = check_algorithm_valid(mode, algorithm, operation_handle);
342 if (ret != TEE_SUCCESS) {
343 tloge("check algorithm failed, ret = 0x%x", ret);
344 TEE_Free(operation_handle);
345 return ret;
346 }
347
348 /* Once check algorithm valid, we will get operationClass successful */
349 operation_handle->operationClass = crypto_get_op_class(algorithm);
350
351 if (pthread_mutex_init(&operation_handle->operation_lock, NULL)) {
352 tloge("init lock failed\n");
353 ret = TEE_ERROR_GENERIC;
354 goto error;
355 }
356 ret = set_operation_hal_info(operation_handle, algorithm);
357 if (ret != TEE_SUCCESS) {
358 goto error;
359 }
360 ret = add_operation(operation_handle);
361 if (ret != TEE_SUCCESS) {
362 tloge("Add operation to global list failed!\n");
363 goto error;
364 }
365 operation_handle->algorithm = algorithm;
366 operation_handle->mode = mode;
367 operation_handle->maxKeySize = max_key_size;
368 *operation = operation_handle;
369 return TEE_SUCCESS;
370 error:
371 TEE_Free(operation_handle->hal_info);
372 operation_handle->hal_info = NULL;
373 TEE_Free(operation_handle);
374 operation_handle = NULL;
375 if (ret != TEE_ERROR_OUT_OF_MEMORY)
376 TEE_Panic(ret);
377 return ret;
378 }
379
sensitive_information_cleanup(void ** buff,uint32_t buff_size)380 static void sensitive_information_cleanup(void **buff, uint32_t buff_size)
381 {
382 if (*buff != NULL) {
383 errno_t rc = memset_s(*buff, buff_size, 0, buff_size);
384 if (rc != EOK)
385 tloge("Clear sensitive information failed, rc 0x%x\n", rc);
386 TEE_Free(*buff);
387 *buff = NULL;
388 }
389 }
390
reset_operation_key(TEE_OperationHandle operation)391 static TEE_Result reset_operation_key(TEE_OperationHandle operation)
392 {
393 if (operation == NULL) {
394 tloge("Operation handle is NULL");
395 return TEE_ERROR_BAD_PARAMETERS;
396 }
397
398 sensitive_information_cleanup(&operation->keyValue, operation->keySize);
399 sensitive_information_cleanup(&operation->keyValue2, operation->keySize2);
400
401 sensitive_information_cleanup(&operation->privateKey, operation->privateKeyLen);
402 if (operation->publicKey != NULL) {
403 TEE_Free(operation->publicKey);
404 operation->publicKey = NULL;
405 }
406
407 operation->keySize = 0;
408 operation->keySize2 = 0;
409 operation->publicKeyLen = 0;
410 operation->privateKeyLen = 0;
411 operation->handleState &= ~TEE_HANDLE_FLAG_KEY_SET;
412
413 return TEE_SUCCESS;
414 }
415
free_crypto_hal_info(TEE_OperationHandle operation)416 static void free_crypto_hal_info(TEE_OperationHandle operation)
417 {
418 crypto_hal_info *crypto_hal_data = (crypto_hal_info *)(operation->hal_info);
419
420 if (crypto_hal_data == NULL)
421 return;
422 TEE_Free(crypto_hal_data);
423 operation->hal_info = NULL;
424 return;
425 }
426
free_operation_ctx(TEE_OperationHandle operation)427 void free_operation_ctx(TEE_OperationHandle operation)
428 {
429 if (operation == NULL)
430 return;
431
432 tee_crypto_ctx_free(operation->crypto_ctxt);
433 operation->crypto_ctxt = NULL;
434 }
435
TEE_FreeOperation(TEE_OperationHandle operation)436 void TEE_FreeOperation(TEE_OperationHandle operation)
437 {
438 TEE_Result ret;
439 if (operation == NULL) {
440 tloge("Operation handle is NULL\n");
441 if (tee_get_ta_api_level() < API_LEVEL1_2)
442 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
443 return;
444 }
445 if (check_operation((const TEE_OperationHandle)operation) != TEE_SUCCESS) {
446 tloge("operation handle is invalid");
447 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
448 return;
449 }
450
451 if (crypto_lock_operation(operation) != TEE_SUCCESS)
452 return;
453
454 free_operation_ctx(operation);
455
456 TEE_Free(operation->IV);
457 operation->IV = NULL;
458
459 ret = reset_operation_key(operation);
460 if (ret != TEE_SUCCESS) {
461 tloge("reset_operation_key failed\n");
462 crypto_unlock_operation(operation);
463 TEE_Panic(ret);
464 }
465
466 free_crypto_hal_info(operation);
467
468 crypto_unlock_operation(operation);
469
470 if (pthread_mutex_destroy(&operation->operation_lock)) {
471 tloge("destroy mutex failed\n");
472 TEE_Panic(TEE_ERROR_GENERIC);
473 }
474 delete_operation((const TEE_OperationHandle)operation);
475 TEE_Free(operation);
476 #ifdef OPENSSL_ENABLE
477 tee_crypto_free_openssl_drbg();
478 #endif
479 }
480
get_operation_key_size_in_byte(uint32_t in_key_size,uint32_t algorithm,uint32_t * out_key_size)481 static void get_operation_key_size_in_byte(uint32_t in_key_size, uint32_t algorithm, uint32_t *out_key_size)
482 {
483 bool check = ((in_key_size == ECC_SPECIAL_KEY_LEN_IN_BYTE) && (algorithm == TEE_ALG_ECDSA_SHA512 ||
484 algorithm == TEE_ALG_ECDH_P521 || algorithm == TEE_ALG_ECDSA_P521 ||
485 algorithm == TEE_ALG_ECDH_DERIVE_SHARED_SECRET));
486
487 if (check)
488 *out_key_size = ECC_SPECIAL_KEY_LEN_IN_BITS;
489 else
490 *out_key_size = in_key_size * BIT_TO_BYTE;
491 }
492
TEE_GetOperationInfo(const TEE_OperationHandle operation,TEE_OperationInfo * operationInfo)493 void TEE_GetOperationInfo(const TEE_OperationHandle operation, TEE_OperationInfo *operationInfo)
494 {
495 bool check = (operation == NULL || operationInfo == NULL ||
496 (check_operation((const TEE_OperationHandle)operation) != TEE_SUCCESS));
497 if (check) {
498 tloge("bad params");
499 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
500 return;
501 }
502
503 if (crypto_lock_operation(operation) != TEE_SUCCESS)
504 return;
505
506 if (operation->keySize > (UINT32_MAX / BIT_TO_BYTE)) {
507 tloge("Operation key size is invalid\n");
508 crypto_unlock_operation(operation);
509 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
510 return;
511 }
512 operationInfo->algorithm = operation->algorithm;
513 operationInfo->mode = operation->mode;
514 operationInfo->operationClass = operation->operationClass;
515 operationInfo->digestLength = operation->digestLength;
516 operationInfo->maxKeySize = operation->maxKeySize;
517 if (tee_get_ta_api_level() == API_LEVEL1_0) {
518 operationInfo->keySize = operation->keySize;
519 } else {
520 if (operation->algorithm == TEE_ALG_AES_XTS)
521 operationInfo->keySize = 0;
522 else
523 get_operation_key_size_in_byte(operation->keySize, operation->algorithm, &(operationInfo->keySize));
524 }
525 operationInfo->requiredKeyUsage = operation->requiredKeyUsage;
526 operationInfo->handleState = operation->handleState;
527 crypto_unlock_operation(operation);
528 return;
529 }
530
TEE_ResetOperation(TEE_OperationHandle operation)531 void TEE_ResetOperation(TEE_OperationHandle operation)
532 {
533 bool check = (operation == NULL || (check_operation((const TEE_OperationHandle)operation) != TEE_SUCCESS));
534 if (check) {
535 tloge("bad params");
536 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
537 return;
538 }
539
540 if (crypto_lock_operation(operation) != TEE_SUCCESS)
541 return;
542 uint32_t api_level = tee_get_ta_api_level();
543 if (api_level >= API_LEVEL1_1_1) {
544 if ((operation->handleState & TEE_HANDLE_FLAG_KEY_SET) != TEE_HANDLE_FLAG_KEY_SET) {
545 tloge("Invalid operation key state for this operation\n");
546 crypto_unlock_operation(operation);
547 TEE_Panic(TEE_ERROR_BAD_STATE);
548 return;
549 }
550 }
551
552 free_operation_ctx(operation);
553
554 crypto_hal_info *crypto_hal_data = (crypto_hal_info *)(operation->hal_info);
555 if (crypto_hal_data == NULL) {
556 tloge("invalid params");
557 crypto_unlock_operation(operation);
558 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
559 return;
560 }
561 crypto_hal_data->digestalloc_flag = 0;
562
563 if (operation->operationClass != TEE_OPERATION_DIGEST)
564 operation->handleState &= ~TEE_HANDLE_FLAG_INITIALIZED;
565 crypto_unlock_operation(operation);
566 #ifdef OPENSSL_ENABLE
567 tee_crypto_free_openssl_drbg();
568 #endif
569 }
570
check_is_ec_key_pair_algorithm(uint32_t algorithm)571 static bool check_is_ec_key_pair_algorithm(uint32_t algorithm)
572 {
573 size_t i = 0;
574 uint32_t ec_algorithm_set[] = {
575 TEE_ALG_ECDSA_SHA1,
576 TEE_ALG_ECDSA_SHA224,
577 TEE_ALG_ECDSA_SHA256,
578 TEE_ALG_ECDSA_SHA384,
579 TEE_ALG_ECDSA_SHA512,
580 TEE_ALG_ECDH_DERIVE_SHARED_SECRET,
581 TEE_ALG_SM2_PKE,
582 TEE_ALG_SM2_DSA_SM3
583 };
584 size_t total_set_num = sizeof(ec_algorithm_set) / sizeof(ec_algorithm_set[0]);
585 for (; i < total_set_num; i++) {
586 if (ec_algorithm_set[i] == algorithm)
587 return true;
588 }
589
590 return false;
591 }
592
check_is_rsa_algorithm(uint32_t algorithm)593 static bool check_is_rsa_algorithm(uint32_t algorithm)
594 {
595 size_t i = 0;
596 uint32_t rsa_algorithm_set[] = {
597 TEE_ALG_RSASSA_PKCS1_V1_5_MD5,
598 TEE_ALG_RSASSA_PKCS1_V1_5_SHA1,
599 TEE_ALG_RSASSA_PKCS1_V1_5_SHA224,
600 TEE_ALG_RSASSA_PKCS1_V1_5_SHA256,
601 TEE_ALG_RSASSA_PKCS1_V1_5_SHA384,
602 TEE_ALG_RSASSA_PKCS1_V1_5_SHA512,
603 TEE_ALG_RSA_NOPAD,
604 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_MD5,
605 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
606 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
607 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
608 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
609 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
610 TEE_ALG_RSAES_PKCS1_V1_5,
611 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
612 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224,
613 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256,
614 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384,
615 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512
616 };
617 size_t total_set_num = sizeof(rsa_algorithm_set) / sizeof(rsa_algorithm_set[0]);
618 for (; i < total_set_num; i++) {
619 if (rsa_algorithm_set[i] == algorithm)
620 return true;
621 }
622
623 return false;
624 }
625
get_ecc_curve_from_alg(uint32_t algorithm)626 static uint32_t get_ecc_curve_from_alg(uint32_t algorithm)
627 {
628 switch (algorithm) {
629 case TEE_ALG_ECDSA_SHA1:
630 case TEE_ALG_ECDSA_SHA224:
631 case TEE_ALG_ECDSA_SHA256:
632 case TEE_ALG_ECDSA_SHA384:
633 case TEE_ALG_ECDSA_SHA512:
634 case TEE_ALG_ECDH_DERIVE_SHARED_SECRET:
635 return ECC_CURVE_NIST_P256;
636 case TEE_ALG_SM2_PKE:
637 case TEE_ALG_SM2_DSA_SM3:
638 return ECC_CURVE_SM2;
639 case TEE_ALG_X25519:
640 return ECC_CURVE_X25519;
641 case TEE_ALG_ED25519:
642 return ECC_CURVE_ED25519;
643 default:
644 return 0;
645 }
646 }
647
generate_ecc_keypair(TEE_OperationHandle operation,uint32_t engine)648 static TEE_Result generate_ecc_keypair(TEE_OperationHandle operation, uint32_t engine)
649 {
650 TEE_Result ret;
651 uint32_t curve = get_ecc_curve_from_alg(operation->algorithm);
652
653 struct ecc_priv_key_t *private = TEE_Malloc(sizeof(*private), 0);
654 if (private == NULL) {
655 tloge("malloc private failed");
656 return TEE_ERROR_SECURITY;
657 }
658
659 struct ecc_pub_key_t *public = TEE_Malloc(sizeof(*public), 0);
660 if (public == NULL) {
661 tloge("malloc public failed");
662 TEE_Free(private);
663 return TEE_ERROR_SECURITY;
664 }
665
666 int32_t rc = tee_crypto_ecc_generate_keypair(operation->keySize, curve, public,
667 private, engine);
668 if (rc != TEE_SUCCESS) {
669 tloge("generate rsa keypair failed");
670 ret = change_hal_ret_to_gp(rc);
671 goto free_key;
672 }
673
674 operation->privateKey = private;
675 operation->privateKeyLen = sizeof(*private);
676
677 operation->publicKey = public;
678 operation->publicKeyLen = sizeof(*public);
679
680 return TEE_SUCCESS;
681
682 free_key:
683 TEE_Free(public);
684 public = NULL;
685 (void)memset_s(private, sizeof(*private), 0, sizeof(*private));
686 TEE_Free(private);
687 private = NULL;
688 return ret;
689 }
690
copy_rsa_pub_key(TEE_OperationHandle operation,const struct rsa_priv_key_t * private_key)691 static TEE_Result copy_rsa_pub_key(TEE_OperationHandle operation, const struct rsa_priv_key_t *private_key)
692 {
693 struct rsa_pub_key_t *public_key = TEE_Malloc(sizeof(*public_key), 0);
694 if (public_key == NULL) {
695 tloge("malloc public failed");
696 return TEE_ERROR_SECURITY;
697 }
698
699 errno_t res = memcpy_s(public_key->n, RSA_EXPONENT_LEN, private_key->n, private_key->n_len);
700 if (res != EOK) {
701 tloge("copy key failed");
702 TEE_Free(public_key);
703 public_key = NULL;
704 return TEE_ERROR_SECURITY;
705 }
706 public_key->n_len = private_key->n_len;
707
708 res = memcpy_s(public_key->e, RSA_EXPONENT_LEN, private_key->e, private_key->e_len);
709 if (res != EOK) {
710 tloge("copy key failed");
711 TEE_Free(public_key);
712 public_key = NULL;
713 return TEE_ERROR_SECURITY;
714 }
715 public_key->e_len = private_key->e_len;
716
717 operation->publicKey = public_key;
718 operation->publicKeyLen = sizeof(*public_key);
719
720 return TEE_SUCCESS;
721 }
722
generate_rsa_keypair(TEE_OperationHandle operation,uint32_t engine)723 static TEE_Result generate_rsa_keypair(TEE_OperationHandle operation, uint32_t engine)
724 {
725 TEE_Result ret;
726 uint8_t key_e[] = { 0x01, 0x00, 0x01 }; /* default rsa exponent */
727 struct memref_t e_data = {0};
728 e_data.buffer = (uint64_t)(uintptr_t)key_e;
729 e_data.size = sizeof(key_e);
730 struct rsa_priv_key_t *private_key = TEE_Malloc(sizeof(*private_key), 0);
731 if (private_key == NULL) {
732 tloge("malloc private failed");
733 return TEE_ERROR_SECURITY;
734 }
735
736 int32_t rc = tee_crypto_rsa_generate_keypair(operation->keySize, &e_data, false,
737 private_key, engine);
738 if (rc != TEE_SUCCESS) {
739 tloge("generate rsa keypair failed");
740 ret = change_hal_ret_to_gp(rc);
741 goto free_key;
742 }
743
744 ret = copy_rsa_pub_key(operation, private_key);
745 if (ret != TEE_SUCCESS) {
746 tloge("copy rsa key failed");
747 goto free_key;
748 }
749
750 operation->privateKey = private_key;
751 operation->privateKeyLen = sizeof(*private_key);
752
753 return TEE_SUCCESS;
754
755 free_key:
756 (void)memset_s(private_key, sizeof(*private_key), 0, sizeof(*private_key));
757 TEE_Free(private_key);
758 private_key = NULL;
759 return ret;
760 }
761
TEE_GenKeyPair(TEE_OperationHandle operation,const TEE_ObjectHandle key)762 static TEE_Result TEE_GenKeyPair(TEE_OperationHandle operation, const TEE_ObjectHandle key)
763 {
764 (void)key;
765 crypto_hal_info *crypto_hal_data = (crypto_hal_info *)(operation->hal_info);
766 if (crypto_hal_data == NULL) {
767 tloge("invalid params");
768 return TEE_ERROR_BAD_PARAMETERS;
769 }
770 uint32_t engine = crypto_hal_data->crypto_flag;
771
772 /* 25519 not support keyobject is NULL */
773 if (check_is_ec_key_pair_algorithm(operation->algorithm))
774 return generate_ecc_keypair(operation, engine);
775 else if (check_is_rsa_algorithm(operation->algorithm))
776 return generate_rsa_keypair(operation, engine);
777 else
778 return TEE_ERROR_BAD_PARAMETERS;
779 }
780
get_attr_index_by_id(uint32_t id,const TEE_Attribute * attrs,uint32_t attr_count)781 int32_t get_attr_index_by_id(uint32_t id, const TEE_Attribute *attrs, uint32_t attr_count)
782 {
783 uint32_t i;
784 if (attrs == NULL)
785 return -1;
786 for (i = 0; i < attr_count; i++) {
787 if (id == attrs[i].attributeID)
788 return i;
789 }
790 return -1;
791 }
792
copy_single_key_from_object(const TEE_ObjectHandle object,uint32_t id,uint8_t * key,uint32_t * key_len)793 static TEE_Result copy_single_key_from_object(const TEE_ObjectHandle object,
794 uint32_t id, uint8_t *key, uint32_t *key_len)
795 {
796 int32_t index = get_attr_index_by_id(id, object->Attribute, object->attributesLen);
797 if (index < 0) {
798 tloge("invalid key, id = 0x%x", id);
799 return TEE_ERROR_BAD_PARAMETERS;
800 }
801
802 errno_t res = memcpy_s(key, *key_len,
803 object->Attribute[index].content.ref.buffer, object->Attribute[index].content.ref.length);
804 if (res != EOK) {
805 tloge("memcpy failed");
806 return TEE_ERROR_SECURITY;
807 }
808 *key_len = object->Attribute[index].content.ref.length;
809 return TEE_SUCCESS;
810 }
811
rsa_set_pub_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)812 static TEE_Result rsa_set_pub_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
813 {
814 TEE_Result ret;
815 struct rsa_pub_key_t *rsa_public_key = TEE_Malloc(sizeof(*rsa_public_key), 0);
816 if (rsa_public_key == NULL) {
817 tloge("malloc Failed");
818 return TEE_ERROR_OUT_OF_MEMORY;
819 }
820
821 rsa_public_key->n_len = RSA_MAX_KEY_SIZE;
822 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_MODULUS, rsa_public_key->n, &(rsa_public_key->n_len));
823 if (ret != TEE_SUCCESS) {
824 TEE_Free(rsa_public_key);
825 return ret;
826 }
827
828 rsa_public_key->e_len = RSA_EXPONENT_LEN;
829 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_PUBLIC_EXPONENT, rsa_public_key->e, &(rsa_public_key->e_len));
830 if (ret != TEE_SUCCESS) {
831 TEE_Free(rsa_public_key);
832 return ret;
833 }
834 operation->publicKey = rsa_public_key;
835 operation->publicKeyLen = sizeof(*rsa_public_key);
836 return TEE_SUCCESS;
837 }
838
get_ecc_domain(uint32_t curve)839 uint32_t get_ecc_domain(uint32_t curve)
840 {
841 switch (curve) {
842 case TEE_ECC_CURVE_NIST_P192:
843 return ECC_CURVE_NIST_P192;
844 case TEE_ECC_CURVE_NIST_P224:
845 return ECC_CURVE_NIST_P224;
846 case TEE_ECC_CURVE_NIST_P256:
847 return ECC_CURVE_NIST_P256;
848 case TEE_ECC_CURVE_NIST_P384:
849 return ECC_CURVE_NIST_P384;
850 case TEE_ECC_CURVE_NIST_P521:
851 return ECC_CURVE_NIST_P521;
852 case TEE_ECC_CURVE_SM2:
853 return ECC_CURVE_SM2;
854 default:
855 return 0;
856 }
857 }
858
get_sm2_domain(uint32_t curve)859 uint32_t get_sm2_domain(uint32_t curve)
860 {
861 if (curve == SM2_GROUP_NOSTANDARD_USER)
862 return SM2_GROUP_NOSTANDARD;
863 return ECC_CURVE_SM2;
864 }
ed25519_set_pub_key_hal(const TEE_ObjectHandle key,struct ecc_pub_key_t * ecc_pub_key)865 static TEE_Result ed25519_set_pub_key_hal(const TEE_ObjectHandle key, struct ecc_pub_key_t *ecc_pub_key)
866 {
867 TEE_Result ret = copy_single_key_from_object(key, TEE_ATTR_ED25519_PUBLIC_VALUE,
868 ecc_pub_key->x, &(ecc_pub_key->x_len));
869 if (ret != TEE_SUCCESS)
870 tloge("copy ec25519 pub key failed");
871 return ret;
872 }
873
x25519_set_pub_key_hal(const TEE_ObjectHandle key,struct ecc_pub_key_t * ecc_pub_key)874 static TEE_Result x25519_set_pub_key_hal(const TEE_ObjectHandle key, struct ecc_pub_key_t *ecc_pub_key)
875 {
876 TEE_Result ret = copy_single_key_from_object(key, TEE_ATTR_X25519_PUBLIC_VALUE,
877 ecc_pub_key->x, &(ecc_pub_key->x_len));
878 if (ret != TEE_SUCCESS)
879 tloge("copy x25519 pub key failed");
880 return ret;
881 }
882
ecc_set_pub_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)883 static TEE_Result ecc_set_pub_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
884 {
885 TEE_Result ret;
886 struct ecc_pub_key_t *ecc_pub_key = TEE_Malloc(sizeof(*ecc_pub_key), 0);
887 if (ecc_pub_key == NULL) {
888 tloge("malloc Failed");
889 return TEE_ERROR_OUT_OF_MEMORY;
890 }
891
892 ecc_pub_key->x_len = ECC_KEY_LEN;
893 ecc_pub_key->y_len = ECC_KEY_LEN;
894 if (operation->algorithm == TEE_ALG_ED25519) {
895 ecc_pub_key->domain_id = ECC_CURVE_ED25519;
896 ret = ed25519_set_pub_key_hal(key, ecc_pub_key);
897 } else if (operation->algorithm == TEE_ALG_X25519) {
898 ecc_pub_key->domain_id = ECC_CURVE_X25519;
899 ret = x25519_set_pub_key_hal(key, ecc_pub_key);
900 } else {
901 int32_t index = get_attr_index_by_id(TEE_ATTR_ECC_CURVE, key->Attribute, key->attributesLen);
902 if (index < 0) {
903 tloge("no ecc curve attr");
904 TEE_Free(ecc_pub_key);
905 return TEE_ERROR_BAD_PARAMETERS;
906 }
907 bool check = (operation->algorithm == TEE_ALG_SM2_PKE || operation->algorithm == TEE_ALG_SM2_DSA_SM3);
908 if (check)
909 ecc_pub_key->domain_id = get_sm2_domain(key->Attribute[index].content.value.a);
910 else
911 ecc_pub_key->domain_id = get_ecc_domain(key->Attribute[index].content.value.a);
912
913 ret = copy_single_key_from_object(key, TEE_ATTR_ECC_PUBLIC_VALUE_X, ecc_pub_key->x, &(ecc_pub_key->x_len));
914 if (ret != TEE_SUCCESS) {
915 TEE_Free(ecc_pub_key);
916 return ret;
917 }
918
919 ret = copy_single_key_from_object(key, TEE_ATTR_ECC_PUBLIC_VALUE_Y, ecc_pub_key->y, &(ecc_pub_key->y_len));
920 }
921 if (ret != TEE_SUCCESS) {
922 TEE_Free(ecc_pub_key);
923 return ret;
924 }
925
926 operation->publicKey = ecc_pub_key;
927 operation->publicKeyLen = sizeof(*ecc_pub_key);
928 return TEE_SUCCESS;
929 }
930
dh_set_public_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)931 static TEE_Result dh_set_public_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
932 {
933 int32_t index = get_attr_index_by_id(TEE_ATTR_DH_PUBLIC_VALUE, key->Attribute, key->attributesLen);
934 if (index < 0) {
935 tloge("invalid key");
936 return TEE_ERROR_BAD_PARAMETERS;
937 }
938
939 if (key->Attribute[index].content.ref.length > MALLOC_MAX_KEY_SIZE) {
940 tloge("key length is too large!");
941 return TEE_ERROR_BAD_PARAMETERS;
942 }
943 operation->publicKey = TEE_Malloc(key->Attribute[index].content.ref.length, 0);
944 if (operation->publicKey == NULL) {
945 tloge("malloc failed");
946 return TEE_ERROR_OUT_OF_MEMORY;
947 }
948 errno_t res = memcpy_s(operation->publicKey, key->Attribute[index].content.ref.length,
949 key->Attribute[index].content.ref.buffer, key->Attribute[index].content.ref.length);
950 if (res != EOK) {
951 tloge("memcpy failed");
952 TEE_Free(operation->publicKey);
953 operation->publicKey = NULL;
954 return TEE_ERROR_SECURITY;
955 }
956 operation->publicKeyLen = key->Attribute[index].content.ref.length;
957 return TEE_SUCCESS;
958 }
959
set_public_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)960 static TEE_Result set_public_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
961 {
962 switch (key->ObjectInfo->objectType) {
963 case TEE_TYPE_RSA_PUBLIC_KEY:
964 case TEE_TYPE_RSA_KEYPAIR:
965 return rsa_set_pub_key_hal(operation, key);
966 case TEE_TYPE_ECDSA_PUBLIC_KEY:
967 case TEE_TYPE_ECDSA_KEYPAIR:
968 case TEE_TYPE_ECDH_PUBLIC_KEY:
969 case TEE_TYPE_ECDH_KEYPAIR:
970 case TEE_TYPE_SM2_DSA_PUBLIC_KEY:
971 case TEE_TYPE_SM2_DSA_KEYPAIR:
972 case TEE_TYPE_SM2_PKE_PUBLIC_KEY:
973 case TEE_TYPE_SM2_PKE_KEYPAIR:
974 case TEE_TYPE_SM2_KEP_PUBLIC_KEY:
975 case TEE_TYPE_SM2_KEP_KEYPAIR:
976 case TEE_TYPE_ED25519_PUBLIC_KEY:
977 case TEE_TYPE_ED25519_KEYPAIR:
978 case TEE_TYPE_X25519_PUBLIC_KEY:
979 case TEE_TYPE_X25519_KEYPAIR:
980 return ecc_set_pub_key_hal(operation, key);
981 case TEE_TYPE_DH_KEYPAIR:
982 return dh_set_public_key_hal(operation, key);
983 default:
984 tloge("invalid key type");
985 return TEE_ERROR_NOT_SUPPORTED;
986 }
987 }
988
rsa_set_private_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)989 static TEE_Result rsa_set_private_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
990 {
991 TEE_Result ret;
992 struct rsa_priv_key_t *rsa_priv_key = TEE_Malloc(sizeof(*rsa_priv_key), 0);
993 if (rsa_priv_key == NULL) {
994 tloge("malloc failed");
995 return TEE_ERROR_OUT_OF_MEMORY;
996 }
997
998 rsa_priv_key->n_len = RSA_MAX_KEY_SIZE;
999 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_MODULUS, rsa_priv_key->n, &(rsa_priv_key->n_len));
1000 if (ret != TEE_SUCCESS) {
1001 (void)memset_s(rsa_priv_key, sizeof(*rsa_priv_key), 0x0, sizeof(*rsa_priv_key));
1002 TEE_Free(rsa_priv_key);
1003 return ret;
1004 }
1005
1006 rsa_priv_key->e_len = RSA_EXPONENT_LEN;
1007 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_PUBLIC_EXPONENT, rsa_priv_key->e, &(rsa_priv_key->e_len));
1008 if (ret != TEE_SUCCESS) {
1009 (void)memset_s(rsa_priv_key, sizeof(*rsa_priv_key), 0x0, sizeof(*rsa_priv_key));
1010 TEE_Free(rsa_priv_key);
1011 return ret;
1012 }
1013
1014 rsa_priv_key->d_len = RSA_MAX_KEY_SIZE;
1015 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_PRIVATE_EXPONENT, rsa_priv_key->d, &(rsa_priv_key->d_len));
1016 if (ret != TEE_SUCCESS) {
1017 (void)memset_s(rsa_priv_key, sizeof(*rsa_priv_key), 0x0, sizeof(*rsa_priv_key));
1018 TEE_Free(rsa_priv_key);
1019 return ret;
1020 }
1021
1022 operation->privateKey = rsa_priv_key;
1023 operation->privateKeyLen = sizeof(*rsa_priv_key);
1024 return TEE_SUCCESS;
1025 }
1026
1027 #define ED25519_KEY_LEN 64
ed25519_set_private_key_hal(const TEE_ObjectHandle key,struct ecc_priv_key_t * ecc_priv_key)1028 static TEE_Result ed25519_set_private_key_hal(const TEE_ObjectHandle key, struct ecc_priv_key_t *ecc_priv_key)
1029 {
1030 TEE_Result ret = copy_single_key_from_object(key, TEE_ATTR_ED25519_PRIVATE_VALUE, ecc_priv_key->r,
1031 &(ecc_priv_key->r_len));
1032 if (ret != TEE_SUCCESS) {
1033 tloge("copy ed25519 private key failed");
1034 return ret;
1035 }
1036 ecc_priv_key->domain_id = ECC_CURVE_ED25519;
1037
1038 /* BORINGSSL ED25519 private key is 64 bytes */
1039 if (ecc_priv_key->r_len == ED25519_KEY_LEN)
1040 return TEE_SUCCESS;
1041
1042 if (ecc_priv_key->r_len > ECC_KEY_LEN) {
1043 tloge("ecc private key is too large");
1044 return TEE_ERROR_BAD_PARAMETERS;
1045 }
1046 uint32_t temp_len = ECC_KEY_LEN - ecc_priv_key->r_len;
1047 ret = copy_single_key_from_object(key, TEE_ATTR_ED25519_PUBLIC_VALUE, ecc_priv_key->r + ecc_priv_key->r_len,
1048 &temp_len);
1049 if (ret != TEE_SUCCESS) {
1050 tloge("copy ed25519 public key failed");
1051 return TEE_ERROR_BAD_PARAMETERS;
1052 }
1053
1054 ecc_priv_key->r_len += temp_len;
1055 return TEE_SUCCESS;
1056 }
1057
ecc_set_private_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)1058 static TEE_Result ecc_set_private_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
1059 {
1060 TEE_Result ret;
1061 struct ecc_priv_key_t *ecc_priv_key = TEE_Malloc(sizeof(*ecc_priv_key), 0);
1062 if (ecc_priv_key == NULL) {
1063 tloge("malloc failed");
1064 return TEE_ERROR_OUT_OF_MEMORY;
1065 }
1066 ecc_priv_key->r_len = ECC_KEY_LEN;
1067
1068 if (operation->algorithm == TEE_ALG_ED25519) {
1069 ret = ed25519_set_private_key_hal(key, ecc_priv_key);
1070 } else if (operation->algorithm == TEE_ALG_X25519) {
1071 ecc_priv_key->domain_id = ECC_CURVE_X25519;
1072 ret = copy_single_key_from_object(key, TEE_ATTR_X25519_PRIVATE_VALUE, ecc_priv_key->r, &(ecc_priv_key->r_len));
1073 } else {
1074 ret = copy_single_key_from_object(key, TEE_ATTR_ECC_PRIVATE_VALUE, ecc_priv_key->r, &(ecc_priv_key->r_len));
1075 if (ret != TEE_SUCCESS) {
1076 (void)memset_s(ecc_priv_key, sizeof(*ecc_priv_key), 0x0, sizeof(*ecc_priv_key));
1077 TEE_Free(ecc_priv_key);
1078 return ret;
1079 }
1080 int32_t index = get_attr_index_by_id(TEE_ATTR_ECC_CURVE, key->Attribute, key->attributesLen);
1081 if (index < 0) {
1082 tloge("invalid key");
1083 (void)memset_s(ecc_priv_key, sizeof(*ecc_priv_key), 0x0, sizeof(*ecc_priv_key));
1084 TEE_Free(ecc_priv_key);
1085 return TEE_ERROR_BAD_PARAMETERS;
1086 }
1087 bool check = ((operation->algorithm == TEE_ALG_SM2_PKE || operation->algorithm == TEE_ALG_SM2_DSA_SM3) &&
1088 (key->Attribute[index].content.value.a == SM2_GROUP_NOSTANDARD_USER));
1089 if (check)
1090 ecc_priv_key->domain_id = get_sm2_domain(key->Attribute[index].content.value.a);
1091 else
1092 ecc_priv_key->domain_id = get_ecc_domain(key->Attribute[index].content.value.a);
1093 }
1094 if (ret != TEE_SUCCESS) {
1095 (void)memset_s(ecc_priv_key, sizeof(*ecc_priv_key), 0x0, sizeof(*ecc_priv_key));
1096 TEE_Free(ecc_priv_key);
1097 return ret;
1098 }
1099
1100 operation->privateKey = ecc_priv_key;
1101 operation->privateKeyLen = sizeof(*ecc_priv_key);
1102 return TEE_SUCCESS;
1103 }
1104
dh_set_private_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)1105 static TEE_Result dh_set_private_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
1106 {
1107 int32_t index = get_attr_index_by_id(TEE_ATTR_DH_PRIVATE_VALUE, key->Attribute, key->attributesLen);
1108 if (index < 0) {
1109 tloge("invalid key");
1110 return TEE_ERROR_BAD_PARAMETERS;
1111 }
1112
1113 if (key->Attribute[index].content.ref.length > MALLOC_MAX_KEY_SIZE) {
1114 tloge("key length is too large!");
1115 return TEE_ERROR_BAD_PARAMETERS;
1116 }
1117 operation->privateKey = TEE_Malloc(key->Attribute[index].content.ref.length, 0);
1118 if (operation->privateKey == NULL) {
1119 tloge("malloc failed");
1120 return TEE_ERROR_OUT_OF_MEMORY;
1121 }
1122 errno_t res = memcpy_s(operation->privateKey, key->Attribute[index].content.ref.length,
1123 key->Attribute[index].content.ref.buffer, key->Attribute[index].content.ref.length);
1124 if (res != EOK) {
1125 tloge("memcpy failed");
1126 TEE_Free(operation->privateKey);
1127 operation->privateKey = NULL;
1128 return TEE_ERROR_SECURITY;
1129 }
1130 operation->privateKeyLen = key->Attribute[index].content.ref.length;
1131 return TEE_SUCCESS;
1132 }
1133
set_private_key_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)1134 static TEE_Result set_private_key_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
1135 {
1136 switch (key->ObjectInfo->objectType) {
1137 case TEE_TYPE_RSA_KEYPAIR:
1138 return rsa_set_private_key_hal(operation, key);
1139 case TEE_TYPE_ECDSA_KEYPAIR:
1140 case TEE_TYPE_ECDH_KEYPAIR:
1141 case TEE_TYPE_ED25519_KEYPAIR:
1142 case TEE_TYPE_X25519_KEYPAIR:
1143 case TEE_TYPE_SM2_DSA_KEYPAIR:
1144 case TEE_TYPE_SM2_PKE_KEYPAIR:
1145 case TEE_TYPE_SM2_KEP_KEYPAIR:
1146 return ecc_set_private_key_hal(operation, key);
1147 case TEE_TYPE_DH_KEYPAIR:
1148 return dh_set_private_key_hal(operation, key);
1149 default:
1150 tloge("invalid key type");
1151 return TEE_ERROR_NOT_SUPPORTED;
1152 }
1153 }
1154
set_private_key_crt_hal(TEE_OperationHandle operation,const TEE_ObjectHandle key)1155 static TEE_Result set_private_key_crt_hal(TEE_OperationHandle operation, const TEE_ObjectHandle key)
1156 {
1157 TEE_Result ret;
1158 struct rsa_priv_key_t *rsa_priv_key = TEE_Malloc(sizeof(*rsa_priv_key), 0);
1159 if (rsa_priv_key == NULL) {
1160 tloge("malloc failed");
1161 return TEE_ERROR_OUT_OF_MEMORY;
1162 }
1163
1164 rsa_priv_key->n_len = RSA_MAX_KEY_SIZE;
1165 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_MODULUS, rsa_priv_key->n, &(rsa_priv_key->n_len));
1166 if (ret != TEE_SUCCESS)
1167 goto error;
1168
1169 rsa_priv_key->e_len = RSA_EXPONENT_LEN;
1170 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_PUBLIC_EXPONENT, rsa_priv_key->e, &(rsa_priv_key->e_len));
1171 if (ret != TEE_SUCCESS)
1172 goto error;
1173
1174 rsa_priv_key->p_len = RSA_MAX_KEY_SIZE_CRT;
1175 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_PRIME1, rsa_priv_key->p, &(rsa_priv_key->p_len));
1176 if (ret != TEE_SUCCESS)
1177 goto error;
1178
1179 rsa_priv_key->q_len = RSA_MAX_KEY_SIZE_CRT;
1180 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_PRIME2, rsa_priv_key->q, &(rsa_priv_key->q_len));
1181 if (ret != TEE_SUCCESS)
1182 goto error;
1183
1184 rsa_priv_key->dp_len = RSA_MAX_KEY_SIZE_CRT;
1185 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_EXPONENT1, rsa_priv_key->dp, &(rsa_priv_key->dp_len));
1186 if (ret != TEE_SUCCESS)
1187 goto error;
1188
1189 rsa_priv_key->dq_len = RSA_MAX_KEY_SIZE_CRT;
1190 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_EXPONENT2, rsa_priv_key->dq, &(rsa_priv_key->dq_len));
1191 if (ret != TEE_SUCCESS)
1192 goto error;
1193
1194 rsa_priv_key->qinv_len = RSA_MAX_KEY_SIZE_CRT;
1195 ret = copy_single_key_from_object(key, TEE_ATTR_RSA_COEFFICIENT, rsa_priv_key->qinv, &(rsa_priv_key->qinv_len));
1196 if (ret != TEE_SUCCESS)
1197 goto error;
1198
1199 rsa_priv_key->crt_mode = true;
1200 operation->privateKey = rsa_priv_key;
1201 operation->privateKeyLen = sizeof(*rsa_priv_key);
1202 return TEE_SUCCESS;
1203 error:
1204 (void)memset_s(rsa_priv_key, sizeof(*rsa_priv_key), 0x0, sizeof(*rsa_priv_key));
1205 TEE_Free(rsa_priv_key);
1206 return ret;
1207 }
1208
tee_keytype_and_attrilen_check(uint32_t attri_len,uint32_t obj_type)1209 static TEE_Result tee_keytype_and_attrilen_check(uint32_t attri_len, uint32_t obj_type)
1210 {
1211 uint32_t index = 0;
1212 crypto_uint2uint obj_type_to_attri_len[] = {
1213 { TEE_TYPE_ECDSA_PUBLIC_KEY, 3 }, /* ecsda public key attr count */
1214 { TEE_TYPE_ECDSA_KEYPAIR, 4 }, /* ecsda keypaie attr count */
1215 { TEE_TYPE_ECDH_PUBLIC_KEY, 3 }, /* ecdh public key attr count */
1216 { TEE_TYPE_ECDH_KEYPAIR, 4 }, /* ecdh keypaie attr count */
1217 { TEE_TYPE_RSA_PUBLIC_KEY, 2 }, /* rsa public key attr count */
1218 { TEE_TYPE_RSA_KEYPAIR, 3 }, /* rsa keypaie attr count */
1219 { TEE_TYPE_RSA_KEYPAIR, 8 }, /* rsa keypaie attr count crt mode */
1220 { TEE_TYPE_ED25519_KEYPAIR, 2 }, /* ed25519 keypaie attr count */
1221 { TEE_TYPE_ED25519_PUBLIC_KEY, 1 }, /* ed25519 public key attr count */
1222 { TEE_TYPE_X25519_KEYPAIR, 2 }, /* x25519 keypaie attr count */
1223 { TEE_TYPE_X25519_PUBLIC_KEY, 1 }, /* x25519 public key attr count */
1224 { TEE_TYPE_SM2_DSA_PUBLIC_KEY, 3 }, /* sm2 dsa public key attr count */
1225 { TEE_TYPE_SM2_DSA_KEYPAIR, 4 }, /* sm2 dsa keypaie key attr count */
1226 { TEE_TYPE_SM2_PKE_PUBLIC_KEY, 3 }, /* sm2 pke public key attr count */
1227 { TEE_TYPE_SM2_PKE_KEYPAIR, 4 }, /* sm2 pke keypaie key attr count */
1228 { TEE_TYPE_SM2_KEP_PUBLIC_KEY, 3 }, /* sm2 kep public key attr count */
1229 { TEE_TYPE_SM2_KEP_KEYPAIR, 4 }, /* sm2 kep keypaie key attr count */
1230 { TEE_TYPE_DH_KEYPAIR, 4 }, /* dh keypair attr new api level */
1231 { TEE_TYPE_DH_KEYPAIR, 6 }, /* dh keypair attr old api level */
1232 };
1233 for (; index < sizeof(obj_type_to_attri_len) / sizeof(crypto_uint2uint); index++) {
1234 if (obj_type == obj_type_to_attri_len[index].src && attri_len == obj_type_to_attri_len[index].dest)
1235 return TEE_SUCCESS;
1236 }
1237 tloge("invalid obj_type 0x%x or attri_len 0x%x\n", obj_type, attri_len);
1238 return TEE_ERROR_BAD_PARAMETERS;
1239 }
1240
is_no_need_set_private_key(const TEE_OperationHandle operation,const TEE_ObjectHandle key)1241 static bool is_no_need_set_private_key(const TEE_OperationHandle operation, const TEE_ObjectHandle key)
1242 {
1243 bool is_key_pair = false;
1244 uint32_t key_pair_type_set[] = {
1245 TEE_TYPE_RSA_KEYPAIR,
1246 TEE_TYPE_DH_KEYPAIR,
1247 TEE_TYPE_ECDSA_KEYPAIR,
1248 TEE_TYPE_ECDH_KEYPAIR,
1249 TEE_TYPE_ED25519_KEYPAIR,
1250 TEE_TYPE_X25519_KEYPAIR,
1251 TEE_TYPE_SM2_DSA_KEYPAIR,
1252 TEE_TYPE_SM2_PKE_KEYPAIR,
1253 TEE_TYPE_SM2_KEP_KEYPAIR,
1254 };
1255 for (uint32_t i = 0; i < ELEM_NUM(key_pair_type_set); i++) {
1256 if (key->ObjectInfo->objectType == key_pair_type_set[i]) {
1257 is_key_pair = true;
1258 break;
1259 }
1260 }
1261 if (!is_key_pair)
1262 return true;
1263 if ((operation->mode == TEE_MODE_ENCRYPT) || (operation->mode == TEE_MODE_VERIFY))
1264 return true;
1265 return false;
1266 }
1267
tee_get_asymmetric_keys(TEE_OperationHandle operation,const TEE_ObjectHandle key,uint32_t api_level)1268 static TEE_Result tee_get_asymmetric_keys(TEE_OperationHandle operation, const TEE_ObjectHandle key, uint32_t api_level)
1269 {
1270 TEE_Result ret;
1271
1272 operation->keySize = operation->maxKeySize;
1273 bool check = ((key->Attribute == NULL) || (key->attributesLen == 0));
1274 if (check) {
1275 if (api_level <= API_LEVEL1_0)
1276 return TEE_GenKeyPair(operation, key);
1277 tloge("The key info is invalid");
1278 return TEE_ERROR_BAD_PARAMETERS;
1279 }
1280 if (key->ObjectInfo == NULL) {
1281 tloge("key ObjectInfo is NULL!\n");
1282 return TEE_ERROR_BAD_PARAMETERS;
1283 }
1284
1285 ret = tee_keytype_and_attrilen_check(key->attributesLen, key->ObjectInfo->objectType);
1286 if (ret != TEE_SUCCESS)
1287 return ret;
1288
1289 ret = set_public_key_hal(operation, key);
1290 if (ret != TEE_SUCCESS) {
1291 tloge("GenPubKey is error ret = 0x%x\n", ret);
1292 return ret;
1293 }
1294
1295 if (is_no_need_set_private_key((const TEE_OperationHandle)operation, key))
1296 return TEE_SUCCESS;
1297
1298 if (key->CRTMode)
1299 ret = set_private_key_crt_hal(operation, key);
1300 else
1301 ret = set_private_key_hal(operation, key);
1302 if (ret != TEE_SUCCESS) {
1303 tloge("generate key is error\n");
1304 TEE_Free(operation->publicKey);
1305 operation->publicKey = NULL;
1306 operation->publicKeyLen = 0;
1307 return ret;
1308 }
1309 return ret;
1310 }
1311
set_operation_key_com_check(const TEE_OperationHandle operation,uint32_t api_level)1312 static TEE_Result set_operation_key_com_check(const TEE_OperationHandle operation, uint32_t api_level)
1313 {
1314 if (operation->mode == TEE_MODE_DIGEST) {
1315 tloge("Digest operation expects no key\n");
1316 return TEE_ERROR_BAD_PARAMETERS;
1317 }
1318
1319 if (api_level < API_LEVEL1_1_1)
1320 return TEE_SUCCESS;
1321
1322 if ((operation->handleState & TEE_HANDLE_FLAG_INITIALIZED) == TEE_HANDLE_FLAG_INITIALIZED) {
1323 tloge("Operation is not at initial state\n");
1324 return TEE_ERROR_BAD_STATE;
1325 }
1326
1327 return TEE_SUCCESS;
1328 }
1329
set_operation_key_state_check(const TEE_OperationHandle operation,uint32_t api_level)1330 static TEE_Result set_operation_key_state_check(const TEE_OperationHandle operation, uint32_t api_level)
1331 {
1332 if (operation->algorithm == TEE_ALG_AES_XTS) {
1333 tloge("This algorithm expects two keys\n");
1334 return TEE_ERROR_BAD_PARAMETERS;
1335 }
1336
1337 return set_operation_key_com_check(operation, api_level);
1338 }
1339
set_symmetric_operation_key(TEE_OperationHandle operation,const TEE_ObjectHandle key)1340 static TEE_Result set_symmetric_operation_key(TEE_OperationHandle operation, const TEE_ObjectHandle key)
1341 {
1342 errno_t rc;
1343
1344 bool check = (key->Attribute == NULL || key->Attribute->content.ref.length == 0 ||
1345 key->Attribute->content.ref.length > MAX_MALLOC_LEN);
1346 if (check) {
1347 tloge("key is invalid");
1348 return TEE_ERROR_BAD_PARAMETERS;
1349 }
1350
1351 operation->keyValue = TEE_Malloc(key->Attribute->content.ref.length, 0);
1352 if (operation->keyValue == NULL) {
1353 tloge("Failed to malloc memory for key value\n");
1354 return (TEE_ERROR_OUT_OF_MEMORY);
1355 }
1356
1357 rc = memcpy_s(operation->keyValue, key->Attribute->content.ref.length, key->Attribute->content.ref.buffer,
1358 key->Attribute->content.ref.length);
1359 if (rc != EOK) {
1360 tloge("memcpy_s failed, rc %x\n", rc);
1361 TEE_Free(operation->keyValue);
1362 operation->keyValue = NULL;
1363 return TEE_ERROR_SECURITY;
1364 }
1365 operation->keySize = key->Attribute->content.ref.length;
1366 return TEE_SUCCESS;
1367 }
1368
1369 #define SYMMETRIC_KEY_INDEX 0
1370 #define INVALID_KEY_INDEX (-1)
get_asymmetric_key_index(const TEE_ObjectHandle key)1371 static int32_t get_asymmetric_key_index(const TEE_ObjectHandle key)
1372 {
1373 bool check = (key == NULL || key->Attribute == NULL || key->attributesLen > MAX_ATTR_LEN);
1374 if (check)
1375 return INVALID_KEY_INDEX;
1376
1377 uint32_t asymmetric_attr_id_set[] = {
1378 TEE_ATTR_RSA_MODULUS,
1379 TEE_ATTR_DH_PUBLIC_VALUE,
1380 TEE_ATTR_ECC_PUBLIC_VALUE_X,
1381 TEE_ATTR_ED25519_PUBLIC_VALUE,
1382 TEE_ATTR_X25519_PUBLIC_VALUE
1383 };
1384 for (uint32_t i = 0; i < key->attributesLen; i++) {
1385 for (uint32_t j = 0; j < ELEM_NUM(asymmetric_attr_id_set); j++) {
1386 if (key->Attribute[i].attributeID == asymmetric_attr_id_set[j])
1387 return (int32_t)i;
1388 }
1389 }
1390
1391 return INVALID_KEY_INDEX;
1392 }
1393
set_asymmetric_operation_key_size(TEE_OperationHandle operation,const TEE_ObjectHandle key)1394 static TEE_Result set_asymmetric_operation_key_size(TEE_OperationHandle operation, const TEE_ObjectHandle key)
1395 {
1396 int32_t key_index = get_asymmetric_key_index(key);
1397 if (key_index == INVALID_KEY_INDEX) {
1398 tloge("The key index is invalid, set asym key size failed\n");
1399 return TEE_ERROR_BAD_PARAMETERS;
1400 }
1401 operation->keySize = key->Attribute[key_index].content.ref.length;
1402
1403 return TEE_SUCCESS;
1404 }
1405
set_asymmetric_operation_key(TEE_OperationHandle operation,const TEE_ObjectHandle key,uint32_t api_level)1406 static TEE_Result set_asymmetric_operation_key(TEE_OperationHandle operation, const TEE_ObjectHandle key,
1407 uint32_t api_level)
1408
1409 {
1410 TEE_Result ret;
1411
1412 ret = tee_get_asymmetric_keys(operation, key, api_level);
1413 if (ret != TEE_SUCCESS) {
1414 tloge("Set asym operation key failed, ret=0x%x\n", ret);
1415 return ret;
1416 }
1417 if (api_level == API_LEVEL1_0)
1418 return TEE_SUCCESS;
1419
1420 ret = set_asymmetric_operation_key_size(operation, key);
1421 if (ret != TEE_SUCCESS) {
1422 TEE_Free(operation->publicKey);
1423 operation->publicKey = NULL;
1424 operation->publicKeyLen = 0;
1425 (void)memset_s(operation->privateKey, operation->privateKeyLen, 0x0, operation->privateKeyLen);
1426 TEE_Free(operation->privateKey);
1427 operation->privateKey = NULL;
1428 operation->privateKeyLen = 0;
1429 }
1430 return ret;
1431 }
1432
1433 #define TEE_MODE_INVALID 0xFFFFFFFF
1434 struct obj_type_op_mode_config_s {
1435 uint32_t type;
1436 uint32_t mode[MAX_MODE_NUM];
1437 };
1438
1439 static const struct obj_type_op_mode_config_s g_type_mode_config[] = {
1440 { TEE_TYPE_RSA_PUBLIC_KEY, { TEE_MODE_VERIFY, TEE_MODE_ENCRYPT } },
1441 { TEE_TYPE_DSA_PUBLIC_KEY, { TEE_MODE_VERIFY, TEE_MODE_INVALID } },
1442 { TEE_TYPE_ECDSA_PUBLIC_KEY, { TEE_MODE_VERIFY, TEE_MODE_INVALID } },
1443 { TEE_TYPE_ED25519_PUBLIC_KEY, { TEE_MODE_VERIFY, TEE_MODE_INVALID } },
1444 { TEE_TYPE_ECDH_PUBLIC_KEY, { TEE_MODE_DERIVE, TEE_MODE_INVALID } },
1445 { TEE_TYPE_X25519_PUBLIC_KEY, { TEE_MODE_DERIVE, TEE_MODE_INVALID } },
1446 { TEE_TYPE_SM2_DSA_PUBLIC_KEY, { TEE_MODE_VERIFY, TEE_MODE_INVALID } },
1447 { TEE_TYPE_SM2_PKE_PUBLIC_KEY, { TEE_MODE_ENCRYPT, TEE_MODE_DECRYPT } },
1448 };
1449
operation_public_key_type_mode_check(uint32_t mode,uint32_t type)1450 static TEE_Result operation_public_key_type_mode_check(uint32_t mode, uint32_t type)
1451 {
1452 const struct obj_type_op_mode_config_s *config = NULL;
1453 uint32_t index;
1454
1455 for (index = 0; index < ELEM_NUM(g_type_mode_config); index++) {
1456 if (type == g_type_mode_config[index].type) {
1457 config = &g_type_mode_config[index];
1458 break;
1459 }
1460 }
1461
1462 if (config != NULL && mode != config->mode[0] && mode != config->mode[1])
1463 return TEE_ERROR_BAD_PARAMETERS;
1464
1465 return TEE_SUCCESS;
1466 }
1467
1468 #define TEE_ALG_ANY 0xFFFFFFFF
1469 #define TEE_ALG_NONE 0x00000000
1470 #define TEE_USAGE_NONE 0x00000000
1471 struct mode_usage_conf_s {
1472 uint32_t mode;
1473 uint32_t algo;
1474 uint32_t usage;
1475 };
1476
1477 static const struct mode_usage_conf_s g_mode_usage_conf[] = {
1478 { TEE_MODE_ENCRYPT, TEE_ALG_RSA_NOPAD, TEE_USAGE_ENCRYPT | TEE_USAGE_VERIFY },
1479 { TEE_MODE_DECRYPT, TEE_ALG_RSA_NOPAD, TEE_USAGE_DECRYPT | TEE_USAGE_SIGN },
1480 { TEE_MODE_ENCRYPT, TEE_ALG_ANY, TEE_USAGE_ENCRYPT },
1481 { TEE_MODE_DECRYPT, TEE_ALG_ANY, TEE_USAGE_DECRYPT },
1482 { TEE_MODE_SIGN, TEE_ALG_ANY, TEE_USAGE_SIGN },
1483 { TEE_MODE_VERIFY, TEE_ALG_ANY, TEE_USAGE_VERIFY },
1484 { TEE_MODE_MAC, TEE_ALG_ANY, TEE_USAGE_MAC },
1485 { TEE_MODE_DIGEST, TEE_ALG_NONE, TEE_USAGE_NONE },
1486 { TEE_MODE_DERIVE, TEE_ALG_ANY, TEE_USAGE_MAC },
1487 };
1488
1489 // Some special check for TEE_ALG_RSA_NOPAD required by GP specification
operation_mode_key_usage_check(uint32_t algorithm,uint32_t mode,uint32_t usage)1490 static TEE_Result operation_mode_key_usage_check(uint32_t algorithm, uint32_t mode, uint32_t usage)
1491 {
1492 const struct mode_usage_conf_s *config = NULL;
1493 uint32_t index;
1494
1495 for (index = 0; index < ELEM_NUM(g_mode_usage_conf); index++) {
1496 if (g_mode_usage_conf[index].mode == mode && (algorithm & g_mode_usage_conf[index].algo) == algorithm) {
1497 config = &g_mode_usage_conf[index];
1498 break;
1499 }
1500 }
1501
1502 if (config == NULL) {
1503 tloge("Failed to pass mode & algorithm usage check, algorithm: 0x%x, mode: 0x%x\n", algorithm, mode);
1504 return TEE_ERROR_BAD_PARAMETERS;
1505 }
1506
1507 if ((usage & config->usage) != config->usage) {
1508 tloge("Key usage is not compatible with operation mode & algorithm, algorithm: 0x%x, mode: 0x%x, usage: 0x%x\n",
1509 algorithm, mode, usage);
1510 return TEE_ERROR_BAD_PARAMETERS;
1511 }
1512
1513 return TEE_SUCCESS;
1514 }
1515
1516 enum OP_SYMMETRIC_TYPE {
1517 SYMMETRIC_OP = 0x1001,
1518 ASYMMETRIC_OP = 0x1002,
1519 NO_KEY_OP = 0x1003,
1520 INVALID_OP = 0xFFFF
1521 };
1522
1523 struct op_type_config_s {
1524 uint32_t op_class;
1525 uint32_t type;
1526 };
1527
1528 static const struct op_type_config_s g_operation_type_config[] = {
1529 { TEE_OPERATION_CIPHER, SYMMETRIC_OP },
1530 { TEE_OPERATION_MAC, SYMMETRIC_OP },
1531 { TEE_OPERATION_AE, SYMMETRIC_OP },
1532 { TEE_OPERATION_DIGEST, NO_KEY_OP },
1533 { TEE_OPERATION_ASYMMETRIC_CIPHER, ASYMMETRIC_OP },
1534 { TEE_OPERATION_ASYMMETRIC_SIGNATURE, ASYMMETRIC_OP },
1535 { TEE_OPERATION_KEY_DERIVATION, ASYMMETRIC_OP }
1536 };
1537
get_op_class_type(uint32_t op_class)1538 static uint32_t get_op_class_type(uint32_t op_class)
1539 {
1540 size_t index;
1541
1542 for (index = 0; index < ELEM_NUM(g_operation_type_config); index++) {
1543 if (op_class == g_operation_type_config[index].op_class)
1544 return g_operation_type_config[index].type;
1545 }
1546 return INVALID_OP;
1547 }
1548
check_object_key_size_valid(const TEE_OperationHandle operation,const TEE_ObjectHandle key,uint32_t type)1549 static TEE_Result check_object_key_size_valid(const TEE_OperationHandle operation, const TEE_ObjectHandle key,
1550 uint32_t type)
1551 {
1552 uint32_t key_size_in_bits;
1553
1554 if (key->Attribute == NULL) {
1555 tloge("The key attribute is NULL\n");
1556 return TEE_ERROR_BAD_PARAMETERS;
1557 }
1558 int32_t index = (type == SYMMETRIC_OP) ? SYMMETRIC_KEY_INDEX : get_asymmetric_key_index(key);
1559 if (index == INVALID_KEY_INDEX) {
1560 tloge("The key info is invalid\n");
1561 return TEE_ERROR_BAD_PARAMETERS;
1562 }
1563 if ((key->Attribute[index].content.ref.length * BIT_TO_BYTE) < key->Attribute[index].content.ref.length) {
1564 tloge("The key len is invalid\n");
1565 return TEE_ERROR_BAD_PARAMETERS;
1566 }
1567
1568 if ((key->Attribute[index].attributeID == TEE_ATTR_ECC_PUBLIC_VALUE_X) &&
1569 (key->Attribute[index].content.ref.length == ECC_SPECIAL_KEY_LEN_IN_BYTE))
1570 key_size_in_bits = ECC_SPECIAL_KEY_LEN_IN_BITS;
1571 else
1572 key_size_in_bits = key->Attribute[index].content.ref.length * BIT_TO_BYTE;
1573 if (key_size_in_bits > operation->maxKeySize) {
1574 tloge("The key size is invalid, object key size is %zu, operation key size is %u\n",
1575 key->Attribute[index].content.ref.length, operation->maxKeySize);
1576 return TEE_ERROR_BAD_PARAMETERS;
1577 }
1578 if (crypto_check_keysize(operation->algorithm, key_size_in_bits) != TEE_SUCCESS) {
1579 tloge("The object key size is invalid, object key size is %u\n", key_size_in_bits);
1580 return TEE_ERROR_BAD_PARAMETERS;
1581 }
1582
1583 return TEE_SUCCESS;
1584 }
1585
check_low_lev_key_size_valid(const TEE_OperationHandle operation,const TEE_ObjectHandle key,uint32_t type)1586 static TEE_Result check_low_lev_key_size_valid(const TEE_OperationHandle operation, const TEE_ObjectHandle key,
1587 uint32_t type)
1588 {
1589 uint32_t key_size_in_bits;
1590
1591 if (key->Attribute == NULL) {
1592 tloge("The key info is invalid\n");
1593 return TEE_ERROR_BAD_PARAMETERS;
1594 }
1595 int32_t index = (type == SYMMETRIC_OP) ? SYMMETRIC_KEY_INDEX : get_asymmetric_key_index(key);
1596 if (index == INVALID_KEY_INDEX) {
1597 tloge("The key info is invalid\n");
1598 return TEE_ERROR_BAD_PARAMETERS;
1599 }
1600
1601 key_size_in_bits = key->Attribute[index].content.ref.length;
1602 if (check_low_lev_key_size_for_alg(operation->algorithm, key_size_in_bits) != TEE_SUCCESS) {
1603 tloge("The object key size is invalid, object key size is %u\n", key_size_in_bits);
1604 return TEE_ERROR_BAD_PARAMETERS;
1605 }
1606
1607 return TEE_SUCCESS;
1608 }
1609
1610 /* Check the operation and key are compatible in mode, size, and usage */
set_operation_key_compatible_check(const TEE_OperationHandle operation,const TEE_ObjectHandle key,uint32_t api_level,uint32_t type)1611 static TEE_Result set_operation_key_compatible_check(const TEE_OperationHandle operation,
1612 const TEE_ObjectHandle key, uint32_t api_level, uint32_t type)
1613 {
1614 TEE_Result ret;
1615
1616 if (api_level == API_LEVEL1_0)
1617 return check_low_lev_key_size_valid(operation, key, type);
1618
1619 if (key->ObjectInfo == NULL) {
1620 tloge("No key object information found\n");
1621 return TEE_ERROR_BAD_PARAMETERS;
1622 }
1623
1624 if (check_object_key_size_valid(operation, key, type) != TEE_SUCCESS) {
1625 tloge("The key obj key size is invalid\n");
1626 return TEE_ERROR_BAD_PARAMETERS;
1627 }
1628
1629 /* The key object must be initialize */
1630 if ((key->ObjectInfo->handleFlags & TEE_HANDLE_FLAG_INITIALIZED) != TEE_HANDLE_FLAG_INITIALIZED) {
1631 tloge("Failed to pass key initialize state check, handleFlags: 0x%x\n", key->ObjectInfo->handleFlags);
1632 return TEE_ERROR_BAD_PARAMETERS;
1633 }
1634
1635 /* The key object usage must contain the operation mode */
1636 ret = operation_mode_key_usage_check(operation->algorithm, operation->mode, key->ObjectInfo->objectUsage);
1637 if (ret != TEE_SUCCESS)
1638 return TEE_ERROR_BAD_PARAMETERS;
1639
1640 /* The key object type must compatible with operation algorithm */
1641 if (!crypto_check_keytype_valid(operation->algorithm, key->ObjectInfo->objectType)) {
1642 tloge("Failed to pass algorithm & type check, algorithm: 0x%x, type: 0x%x\n", operation->algorithm,
1643 key->ObjectInfo->objectType);
1644 return TEE_ERROR_BAD_PARAMETERS;
1645 }
1646
1647 /* Check if operation mode is compatible for public key object type */
1648 ret = operation_public_key_type_mode_check(operation->mode, key->ObjectInfo->objectType);
1649 if (ret != TEE_SUCCESS) {
1650 tloge("Failed to pass public key & mode check, mode: 0x%x, type: 0x%x, ret: 0x%x\n", operation->mode,
1651 key->ObjectInfo->objectType, ret);
1652 return ret;
1653 }
1654
1655 return TEE_SUCCESS;
1656 }
1657
TEE_SetOperationKey(TEE_OperationHandle operation,const TEE_ObjectHandle key)1658 TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation, const TEE_ObjectHandle key)
1659 {
1660 bool check = (operation == NULL || check_operation((const TEE_OperationHandle)operation) != TEE_SUCCESS);
1661 if (check) {
1662 tloge("bad params");
1663 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
1664 return TEE_ERROR_BAD_PARAMETERS;
1665 }
1666
1667 if (crypto_lock_operation(operation) != TEE_SUCCESS)
1668 return TEE_ERROR_GENERIC;
1669
1670 uint32_t api_level = tee_get_ta_api_level();
1671 TEE_Result ret = set_operation_key_state_check(operation, api_level);
1672 if (ret != TEE_SUCCESS)
1673 goto exit;
1674
1675 ret = reset_operation_key(operation);
1676 if (ret != TEE_SUCCESS)
1677 goto exit;
1678
1679 if (key == NULL) {
1680 crypto_unlock_operation(operation);
1681 return TEE_SUCCESS;
1682 }
1683
1684 if ((api_level > API_LEVEL1_0) && (check_object(key) != TEE_SUCCESS)) {
1685 tloge("The key is invalid object\n");
1686 ret = TEE_ERROR_BAD_PARAMETERS;
1687 goto exit;
1688 }
1689
1690 uint32_t type = get_op_class_type(operation->operationClass);
1691 ret = set_operation_key_compatible_check(operation, key, api_level, type);
1692 if (ret != TEE_SUCCESS) {
1693 goto exit;
1694 }
1695 if (type == SYMMETRIC_OP) {
1696 ret = set_symmetric_operation_key(operation, key);
1697 } else if (type == ASYMMETRIC_OP) {
1698 ret = set_asymmetric_operation_key(operation, key, api_level);
1699 } else {
1700 tloge("invalid operationClass for this operation, operation class: 0x%x\n", operation->operationClass);
1701 ret = TEE_ERROR_BAD_PARAMETERS;
1702 }
1703
1704 if (ret != TEE_SUCCESS)
1705 goto exit;
1706 operation->handleState |= TEE_HANDLE_FLAG_KEY_SET;
1707 crypto_unlock_operation(operation);
1708 return TEE_SUCCESS;
1709 exit:
1710 crypto_unlock_operation(operation);
1711 TEE_Panic(ret);
1712 return ret;
1713 }
1714
check_operation_key_equal(const TEE_ObjectHandle key1,const TEE_ObjectHandle key2)1715 static TEE_Result check_operation_key_equal(const TEE_ObjectHandle key1, const TEE_ObjectHandle key2)
1716 {
1717 bool check = (key1->Attribute == NULL || key2->Attribute == NULL);
1718 if (check) {
1719 tloge("bad params");
1720 return TEE_ERROR_BAD_PARAMETERS;
1721 }
1722
1723 uint32_t api_level = tee_get_ta_api_level();
1724 if (api_level <= API_LEVEL1_1_1)
1725 return TEE_ERROR_GENERIC;
1726
1727 if (key1->Attribute->content.ref.length != key2->Attribute->content.ref.length)
1728 return TEE_ERROR_GENERIC;
1729
1730 if (key1->Attribute->content.ref.length == 0)
1731 return TEE_SUCCESS;
1732
1733 if (TEE_MemCompare(key1->Attribute->content.ref.buffer, key2->Attribute->content.ref.buffer,
1734 key1->Attribute->content.ref.length) != 0)
1735 return TEE_ERROR_GENERIC;
1736
1737 return TEE_SUCCESS;
1738 }
1739
copy_key_value_to_operation(TEE_OperationHandle operation,const TEE_ObjectHandle key1,const TEE_ObjectHandle key2)1740 static TEE_Result copy_key_value_to_operation(TEE_OperationHandle operation, const TEE_ObjectHandle key1,
1741 const TEE_ObjectHandle key2)
1742 {
1743 errno_t rc = memcpy_s(operation->keyValue, key1->Attribute->content.ref.length,
1744 key1->Attribute->content.ref.buffer, key1->Attribute->content.ref.length);
1745 if (rc != EOK) {
1746 tloge("memcpy_s failed, rc 0x%x\n", rc);
1747 return TEE_ERROR_SECURITY;
1748 }
1749 operation->keySize = key1->Attribute->content.ref.length;
1750
1751 rc = memcpy_s(operation->keyValue2, key2->Attribute->content.ref.length, key2->Attribute->content.ref.buffer,
1752 key2->Attribute->content.ref.length);
1753 if (rc != EOK) {
1754 tloge("memcpy_s failed, rc 0x%x\n", rc);
1755 return TEE_ERROR_SECURITY;
1756 }
1757 operation->keySize2 = key2->Attribute->content.ref.length;
1758 return TEE_SUCCESS;
1759 }
1760
set_operation_key_2(TEE_OperationHandle operation,const TEE_ObjectHandle key1,const TEE_ObjectHandle key2)1761 static TEE_Result set_operation_key_2(TEE_OperationHandle operation, const TEE_ObjectHandle key1,
1762 const TEE_ObjectHandle key2)
1763 {
1764 bool check = (operation == NULL || key1 == NULL || key2 == NULL || key1->Attribute == NULL ||
1765 key1->Attribute->content.ref.buffer == NULL || key2->Attribute == NULL ||
1766 key2->Attribute->content.ref.buffer == NULL);
1767 if (check) {
1768 tloge("bad params");
1769 return TEE_ERROR_BAD_PARAMETERS;
1770 }
1771
1772 if (key1->Attribute->content.ref.length <= 0) {
1773 tloge("Invalid first key value size\n");
1774 return (TEE_ERROR_BAD_PARAMETERS);
1775 }
1776
1777 if (key2->Attribute->content.ref.length <= 0) {
1778 tloge("Invalid second key value size\n");
1779 return TEE_ERROR_BAD_PARAMETERS;
1780 }
1781
1782 operation->keyValue = TEE_Malloc(key1->Attribute->content.ref.length, 0);
1783 if (operation->keyValue == NULL) {
1784 tloge("Failed to malloc buffer for first key value\n");
1785 return TEE_ERROR_OUT_OF_MEMORY;
1786 }
1787
1788 operation->keyValue2 = TEE_Malloc(key2->Attribute->content.ref.length, 0);
1789 if (operation->keyValue2 == NULL) {
1790 tloge("Failed to malloc buffer for second key value\n");
1791 TEE_Free(operation->keyValue);
1792 operation->keyValue = NULL;
1793 return TEE_ERROR_OUT_OF_MEMORY;
1794 }
1795 TEE_Result ret = copy_key_value_to_operation(operation, key1, key2);
1796 if (ret != TEE_SUCCESS) {
1797 sensitive_information_cleanup(&operation->keyValue, operation->keySize);
1798 TEE_Free(operation->keyValue);
1799 operation->keyValue = NULL;
1800 sensitive_information_cleanup(&operation->keyValue2, operation->keySize);
1801 TEE_Free(operation->keyValue2);
1802 operation->keyValue2 = NULL;
1803 }
1804
1805 operation->handleState |= TEE_HANDLE_FLAG_KEY_SET;
1806 return TEE_SUCCESS;
1807 }
1808
set_operation_key2_state_check(const TEE_OperationHandle operation,uint32_t api_level)1809 static TEE_Result set_operation_key2_state_check(const TEE_OperationHandle operation, uint32_t api_level)
1810 {
1811 if (operation->algorithm != TEE_ALG_AES_XTS) {
1812 tloge("The api only valid for TEE_ALG_AES_XTS , algorithm: 0x%x\n", operation->algorithm);
1813 return TEE_ERROR_BAD_PARAMETERS;
1814 }
1815
1816 return set_operation_key_com_check(operation, api_level);
1817 }
1818
check_two_keys_valid(const TEE_ObjectHandle key1,const TEE_ObjectHandle key2,uint32_t api_level)1819 static TEE_Result check_two_keys_valid(const TEE_ObjectHandle key1, const TEE_ObjectHandle key2, uint32_t api_level)
1820 {
1821 bool check = ((key1 == NULL) && (key2 == NULL));
1822 if (check)
1823 return TEE_SUCCESS;
1824
1825 check = ((key1 == NULL) || (key2 == NULL));
1826 if (check) {
1827 tloge("The key is invalid object\n");
1828 return TEE_ERROR_BAD_PARAMETERS;
1829 }
1830
1831 check = ((api_level > API_LEVEL1_0) && ((check_object(key1) != TEE_SUCCESS) ||
1832 (check_object(key2) != TEE_SUCCESS)));
1833 if (check) {
1834 tloge("The key is invalid object\n");
1835 return TEE_ERROR_BAD_PARAMETERS;
1836 }
1837
1838 check = ((key1->Attribute == NULL) || (key2->Attribute == NULL));
1839 if (check) {
1840 tloge("The key is invalid object\n");
1841 return TEE_ERROR_BAD_PARAMETERS;
1842 }
1843
1844 return TEE_SUCCESS;
1845 }
1846
TEE_SetOperationKey2(TEE_OperationHandle operation,const TEE_ObjectHandle key1,const TEE_ObjectHandle key2)1847 TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation, const TEE_ObjectHandle key1, const TEE_ObjectHandle key2)
1848 {
1849 bool check = (operation == NULL || check_operation((const TEE_OperationHandle)operation) != TEE_SUCCESS);
1850 if (check) {
1851 tloge("bad params");
1852 return TEE_ERROR_BAD_PARAMETERS;
1853 }
1854
1855 TEE_Result ret;
1856 uint32_t api_level = tee_get_ta_api_level();
1857 if (check_two_keys_valid(key1, key2, api_level) != TEE_SUCCESS) {
1858 tloge("The key is invalid object\n");
1859 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
1860 return TEE_ERROR_BAD_PARAMETERS;
1861 }
1862 if (crypto_lock_operation(operation) != TEE_SUCCESS)
1863 return TEE_ERROR_GENERIC;
1864
1865 /* Check the operation if in the suitable state */
1866 ret = set_operation_key2_state_check(operation, api_level);
1867 if (ret != TEE_SUCCESS)
1868 goto exit;
1869
1870 /* Clean up the operation key first */
1871 ret = reset_operation_key(operation);
1872 if (ret != TEE_SUCCESS)
1873 goto exit;
1874
1875 /* If key1 & key2 both NULL, clean up the operation key */
1876 if (key1 == NULL && key2 == NULL) {
1877 tlogd("Clear up the key1 & key2 in operation only\n");
1878 goto out;
1879 }
1880
1881 /* if key1 & key2 not NULL, they are not alllowed to be the same */
1882 ret = check_operation_key_equal(key1, key2);
1883 if (ret == TEE_SUCCESS) {
1884 tloge("There will be security problems if key1 and key2 are the same\n");
1885 ret = TEE_ERROR_SECURITY;
1886 goto exit;
1887 }
1888
1889 /* Check if key1 & key2 are compatible with operation */
1890 if (set_operation_key_compatible_check(operation, key1, api_level, SYMMETRIC_OP) != TEE_SUCCESS ||
1891 set_operation_key_compatible_check(operation, key2, api_level, SYMMETRIC_OP) != TEE_SUCCESS) {
1892 ret = TEE_ERROR_BAD_PARAMETERS;
1893 goto exit;
1894 }
1895
1896 /* Dump key1 & key2 to operation */
1897 ret = set_operation_key_2(operation, key1, key2);
1898 if (ret != TEE_SUCCESS)
1899 goto exit;
1900 out:
1901 crypto_unlock_operation(operation);
1902 return (TEE_SUCCESS);
1903 exit:
1904 crypto_unlock_operation(operation);
1905 TEE_Panic(ret);
1906 return (ret);
1907 }
1908
check_and_copy_hal_info(const TEE_OperationHandle dst_operation,const TEE_OperationHandle src_operation)1909 static TEE_Result check_and_copy_hal_info(const TEE_OperationHandle dst_operation,
1910 const TEE_OperationHandle src_operation)
1911 {
1912 bool check = ((dst_operation->hal_info == NULL) || (src_operation->hal_info == NULL));
1913 if (check) {
1914 tloge("Dest or src crypto hal data is NULL \n");
1915 return TEE_ERROR_GENERIC;
1916 }
1917
1918 check = ((dst_operation->mode != src_operation->mode) ||
1919 (dst_operation->algorithm != src_operation->algorithm));
1920 if (check) {
1921 tloge("mode or algorithm is not match\n");
1922 return TEE_ERROR_GENERIC;
1923 }
1924
1925 if (src_operation->keySize > dst_operation->maxKeySize) {
1926 tloge("src_operation->keySize > dst_operation->maxKeySize\n");
1927 return TEE_ERROR_GENERIC;
1928 }
1929
1930 crypto_hal_info *dst_crypto_hal_data = (crypto_hal_info *)(dst_operation->hal_info);
1931 crypto_hal_info *src_crypto_hal_data = (crypto_hal_info *)(src_operation->hal_info);
1932
1933 dst_crypto_hal_data->crypto_flag = src_crypto_hal_data->crypto_flag;
1934 dst_crypto_hal_data->digestalloc_flag = src_crypto_hal_data->digestalloc_flag;
1935 dst_crypto_hal_data->cipher_update_len = src_crypto_hal_data->cipher_update_len;
1936
1937 return TEE_SUCCESS;
1938 }
1939
1940 #define MAX_SYMMETRIC_BUF_SIZE 1024
copy_symmetric_buf_info(void ** dst_buf,uint32_t * dst_size,const void * src_buf,uint32_t src_size)1941 static TEE_Result copy_symmetric_buf_info(void **dst_buf, uint32_t *dst_size, const void *src_buf, uint32_t src_size)
1942 {
1943 TEE_Free(*dst_buf);
1944 *dst_buf = NULL;
1945 *dst_size = 0;
1946 bool is_need_copy = ((src_buf != NULL) && (src_size != 0) && (src_size <= MAX_SYMMETRIC_BUF_SIZE));
1947 if (!is_need_copy)
1948 return TEE_SUCCESS;
1949
1950 *dst_buf = TEE_Malloc(src_size, TEE_MALLOC_FILL_ZERO);
1951 if (*dst_buf == NULL) {
1952 tloge("dst_buf malloc failed\n");
1953 return TEE_ERROR_OUT_OF_MEMORY;
1954 }
1955 (void)memcpy_s(*dst_buf, src_size, src_buf, src_size);
1956 *dst_size = src_size;
1957
1958 return TEE_SUCCESS;
1959 }
1960
clear_key_info(uint8_t * key_buf,uint32_t key_size)1961 static void clear_key_info(uint8_t *key_buf, uint32_t key_size)
1962 {
1963 if (key_buf == NULL)
1964 return;
1965 errno_t rc = memset_s(key_buf, key_size, 0, key_size);
1966 if (rc != EOK)
1967 tloge("clear key info failed, rc=0x%x\n", rc);
1968 }
1969
copy_symmetric_key_iv(TEE_OperationHandle dst_operation,const TEE_OperationHandle src_operation)1970 static TEE_Result copy_symmetric_key_iv(TEE_OperationHandle dst_operation, const TEE_OperationHandle src_operation)
1971 {
1972 TEE_Result ret = copy_symmetric_buf_info(&dst_operation->keyValue, &dst_operation->keySize, src_operation->keyValue,
1973 src_operation->keySize);
1974 if (ret != TEE_SUCCESS) {
1975 tloge("Copy sym key info failed\n");
1976 return ret;
1977 }
1978 ret = copy_symmetric_buf_info(&dst_operation->keyValue2, &dst_operation->keySize2, src_operation->keyValue2,
1979 src_operation->keySize2);
1980 if (ret != TEE_SUCCESS) {
1981 tloge("Copy sym key2 info failed\n");
1982 clear_key_info(dst_operation->keyValue, dst_operation->keySize);
1983 TEE_Free(dst_operation->keyValue);
1984 dst_operation->keyValue = NULL;
1985 return ret;
1986 }
1987 ret = copy_symmetric_buf_info(&dst_operation->IV, &dst_operation->IVLen, src_operation->IV, src_operation->IVLen);
1988 if (ret != TEE_SUCCESS) {
1989 tloge("Copy sym iv info failed\n");
1990 clear_key_info(dst_operation->keyValue, dst_operation->keySize);
1991 TEE_Free(dst_operation->keyValue);
1992 dst_operation->keyValue = NULL;
1993 clear_key_info(dst_operation->keyValue2, dst_operation->keySize2);
1994 TEE_Free(dst_operation->keyValue2);
1995 dst_operation->keyValue2 = NULL;
1996 return ret;
1997 }
1998
1999 return TEE_SUCCESS;
2000 }
2001
clean_operation_key(TEE_OperationHandle operation)2002 static TEE_Result clean_operation_key(TEE_OperationHandle operation)
2003 {
2004 errno_t rc;
2005
2006 if (operation->publicKey != NULL && operation->publicKeyLen != 0) {
2007 rc = memset_s(operation->publicKey, operation->publicKeyLen, 0x0, operation->publicKeyLen);
2008 if (rc != EOK) {
2009 tloge("memset operation pub key failed\n");
2010 return TEE_ERROR_SECURITY;
2011 }
2012 TEE_Free(operation->publicKey);
2013 operation->publicKey = NULL;
2014 }
2015 if (operation->privateKey != NULL && operation->privateKeyLen != 0) {
2016 rc = memset_s(operation->privateKey, operation->privateKeyLen, 0x0, operation->privateKeyLen);
2017 if (rc != EOK) {
2018 tloge("memset operation prv key failed\n");
2019 return TEE_ERROR_SECURITY;
2020 }
2021 TEE_Free(operation->privateKey);
2022 operation->privateKey = NULL;
2023 }
2024
2025 return TEE_SUCCESS;
2026 }
2027
copy_crypto_keypair(TEE_OperationHandle dst_operation,const TEE_OperationHandle src_operation)2028 static TEE_Result copy_crypto_keypair(TEE_OperationHandle dst_operation, const TEE_OperationHandle src_operation)
2029 {
2030 TEE_Result ret;
2031
2032 ret = clean_operation_key(dst_operation);
2033 if (ret != TEE_SUCCESS) {
2034 tloge("clean operation key failed\n");
2035 return ret;
2036 }
2037
2038 if (src_operation->publicKey != NULL && src_operation->publicKeyLen != 0) {
2039 void *pub_key = TEE_Malloc(src_operation->publicKeyLen, 0);
2040 if (pub_key == NULL) {
2041 tloge("Malloc rsa pub key failed\n");
2042 return TEE_ERROR_OUT_OF_MEMORY;
2043 }
2044 (void)memcpy_s(pub_key, src_operation->publicKeyLen, src_operation->publicKey, src_operation->publicKeyLen);
2045 dst_operation->publicKey = pub_key;
2046 dst_operation->publicKeyLen = src_operation->publicKeyLen;
2047 }
2048 if (src_operation->privateKey != NULL && src_operation->privateKeyLen != 0) {
2049 void *prv_key = TEE_Malloc(src_operation->privateKeyLen, 0);
2050 if (prv_key == NULL) {
2051 tloge("Malloc rsa prv key failed\n");
2052 goto clean_pub_key;
2053 }
2054 (void)memcpy_s(prv_key, src_operation->privateKeyLen, src_operation->privateKey, src_operation->privateKeyLen);
2055 dst_operation->privateKey = prv_key;
2056 dst_operation->privateKeyLen = src_operation->privateKeyLen;
2057 }
2058
2059 return TEE_SUCCESS;
2060
2061 clean_pub_key:
2062 if (src_operation->publicKey != NULL && src_operation->publicKeyLen != 0 &&
2063 dst_operation->publicKey != NULL && dst_operation->publicKeyLen != 0) {
2064 (void)memset_s(dst_operation->publicKey, dst_operation->publicKeyLen, 0x0, dst_operation->publicKeyLen);
2065 TEE_Free(dst_operation->publicKey);
2066 dst_operation->publicKey = NULL;
2067 dst_operation->publicKeyLen = 0;
2068 }
2069
2070 return TEE_ERROR_OUT_OF_MEMORY;
2071 }
2072
copy_crypto_hal_ctx(TEE_OperationHandle dst_operation,const TEE_OperationHandle src_operation)2073 static TEE_Result copy_crypto_hal_ctx(TEE_OperationHandle dst_operation, const TEE_OperationHandle src_operation)
2074 {
2075 free_operation_ctx(dst_operation);
2076
2077 if (src_operation->crypto_ctxt == NULL)
2078 return TEE_SUCCESS;
2079
2080 dst_operation->crypto_ctxt = TEE_Malloc(sizeof(struct ctx_handle_t), 0);
2081 if (dst_operation->crypto_ctxt == NULL) {
2082 tloge("malloc destoperation ctx failed");
2083 return TEE_ERROR_OUT_OF_MEMORY;
2084 }
2085
2086 int32_t ret = tee_crypto_ctx_copy(src_operation->crypto_ctxt, dst_operation->crypto_ctxt);
2087 if (ret != TEE_SUCCESS) {
2088 TEE_Free(dst_operation->crypto_ctxt);
2089 dst_operation->crypto_ctxt = 0;
2090 }
2091 return change_hal_ret_to_gp(ret);
2092 }
2093
copy_crypto_hal_operation(TEE_OperationHandle dst_operation,const TEE_OperationHandle src_operation)2094 static TEE_Result copy_crypto_hal_operation(TEE_OperationHandle dst_operation, const TEE_OperationHandle src_operation)
2095 {
2096 TEE_Result ret;
2097
2098 ret = copy_crypto_keypair(dst_operation, src_operation);
2099 if (ret != TEE_SUCCESS)
2100 return ret;
2101
2102 ret = copy_crypto_hal_ctx(dst_operation, src_operation);
2103 if (ret != TEE_SUCCESS)
2104 goto clean_key;
2105
2106 return TEE_SUCCESS;
2107 clean_key:
2108 TEE_Free(dst_operation->publicKey);
2109 dst_operation->publicKey = NULL;
2110 dst_operation->publicKeyLen = 0;
2111
2112 (void)memset_s(dst_operation->privateKey, dst_operation->privateKeyLen, 0x0, dst_operation->privateKeyLen);
2113 TEE_Free(dst_operation->privateKey);
2114 dst_operation->privateKey = NULL;
2115 dst_operation->privateKeyLen = 0;
2116 return ret;
2117 }
2118
clear_all_info(TEE_OperationHandle dst_operation)2119 static void clear_all_info(TEE_OperationHandle dst_operation)
2120 {
2121 clear_key_info(dst_operation->keyValue, dst_operation->keySize);
2122 TEE_Free(dst_operation->keyValue);
2123 dst_operation->keyValue = NULL;
2124 clear_key_info(dst_operation->keyValue2, dst_operation->keySize2);
2125 TEE_Free(dst_operation->keyValue2);
2126 dst_operation->keyValue2 = NULL;
2127 TEE_Free(dst_operation->IV);
2128 dst_operation->IV = NULL;
2129 free_operation_ctx(dst_operation);
2130 }
2131
tee_copy_operation_check(TEE_OperationHandle dst_operation,const TEE_OperationHandle src_operation)2132 static TEE_Result tee_copy_operation_check(TEE_OperationHandle dst_operation, const TEE_OperationHandle src_operation)
2133 {
2134 if (dst_operation == NULL || src_operation == NULL) {
2135 tloge("operation is invalid");
2136 return TEE_ERROR_BAD_PARAMETERS;
2137 }
2138
2139 if (dst_operation == src_operation) {
2140 tloge("Src operation handle is equal to the dest handle\n");
2141 return TEE_ERROR_BAD_PARAMETERS;
2142 }
2143
2144 if (check_operation((const TEE_OperationHandle)src_operation) != TEE_SUCCESS) {
2145 tloge("Src operation handle is invalid handle\n");
2146 return TEE_ERROR_BAD_PARAMETERS;
2147 }
2148
2149 if (check_operation((const TEE_OperationHandle)dst_operation) != TEE_SUCCESS) {
2150 tloge("Dst operation handle is invalid handle\n");
2151 return TEE_ERROR_BAD_PARAMETERS;
2152 }
2153
2154 return TEE_SUCCESS;
2155 }
2156
TEE_CopyOperation(TEE_OperationHandle dst_operation,const TEE_OperationHandle src_operation)2157 void TEE_CopyOperation(TEE_OperationHandle dst_operation, const TEE_OperationHandle src_operation)
2158 {
2159 if (tee_copy_operation_check(dst_operation, src_operation) != TEE_SUCCESS) {
2160 tloge("tee copy operation check failed\n");
2161 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
2162 return;
2163 }
2164
2165 if (crypto_lock_two_operation(dst_operation, src_operation) != TEE_SUCCESS)
2166 return;
2167
2168 TEE_Result ret = check_and_copy_hal_info(dst_operation, src_operation);
2169 if (ret != TEE_SUCCESS) {
2170 tloge("Check copy operation failed\n");
2171 crypyo_unlock_two_operation(dst_operation, src_operation);
2172 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
2173 return;
2174 }
2175
2176 ret = copy_symmetric_key_iv(dst_operation, src_operation);
2177 if (ret != TEE_SUCCESS)
2178 goto error;
2179
2180 ret = copy_crypto_hal_operation(dst_operation, src_operation);
2181 if (ret != TEE_SUCCESS) {
2182 tloge("Copy sysmmetric key iv failed\n");
2183 goto error;
2184 }
2185
2186 dst_operation->operationClass = src_operation->operationClass;
2187 dst_operation->digestLength = src_operation->digestLength;
2188 dst_operation->requiredKeyUsage = src_operation->requiredKeyUsage;
2189 dst_operation->handleState = src_operation->handleState;
2190 dst_operation->keySize = src_operation->keySize;
2191 crypyo_unlock_two_operation(dst_operation, src_operation);
2192 return;
2193 error:
2194 clear_all_info(dst_operation);
2195 crypyo_unlock_two_operation(dst_operation, src_operation);
2196 TEE_Panic(TEE_ERROR_BAD_STATE);
2197 return;
2198 }
2199
2200 #define MAX_RANDOM_SIZE 0x100000
TEE_GenerateRandom(void * randomBuffer,size_t randomBufferLen)2201 void TEE_GenerateRandom(void *randomBuffer, size_t randomBufferLen)
2202 {
2203 if (randomBuffer == NULL || randomBufferLen == 0) {
2204 tloge("bad params");
2205 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
2206 return;
2207 }
2208
2209 if (randomBufferLen > MAX_RANDOM_SIZE) {
2210 tloge("this random size is too large!");
2211 return;
2212 }
2213 size_t left = 0;
2214 while (randomBufferLen > UINT16_MAX) {
2215 tee_crypto_generate_random(randomBuffer + left, UINT16_MAX, false);
2216 left += UINT16_MAX;
2217 randomBufferLen -= UINT16_MAX;
2218 }
2219 tee_crypto_generate_random(randomBuffer + left, randomBufferLen, false);
2220 #ifdef OPENSSL_ENABLE
2221 tee_crypto_free_openssl_drbg();
2222 #endif
2223 return;
2224 }
2225
set_operation_info(TEE_OperationInfoMultiple * operation_info,TEE_OperationHandle operation)2226 static void set_operation_info(TEE_OperationInfoMultiple *operation_info, TEE_OperationHandle operation)
2227 {
2228 operation_info->algorithm = operation->algorithm;
2229 operation_info->mode = operation->mode;
2230 operation_info->operationClass = operation->operationClass;
2231 operation_info->digestLength = operation->digestLength;
2232 operation_info->maxKeySize = operation->maxKeySize;
2233 operation_info->handleState = operation->handleState;
2234 }
2235
check_level(void)2236 static TEE_Result check_level(void)
2237 {
2238 uint32_t api_level = tee_get_ta_api_level();
2239 if (api_level <= API_LEVEL1_0) {
2240 tloge("in api level %u not support this function\n", api_level);
2241 return TEE_ERROR_NOT_SUPPORTED;
2242 }
2243 return TEE_SUCCESS;
2244 }
2245
clear_key(TEE_OperationInfoMultiple * opr_info_multiple,uint32_t num_of_keys)2246 static void clear_key(TEE_OperationInfoMultiple *opr_info_multiple, uint32_t num_of_keys)
2247 {
2248 for (uint32_t n = 0; n < num_of_keys; n++) {
2249 opr_info_multiple->keyInformation[n].keySize = 0;
2250 opr_info_multiple->keyInformation[n].requiredKeyUsage = 0;
2251 }
2252 }
2253
2254 #define XTS_KEY_NUM 2
TEE_GetOperationInfoMultiple(TEE_OperationHandle operation,TEE_OperationInfoMultiple * operationInfoMultiple,const size_t * operationSize)2255 TEE_Result TEE_GetOperationInfoMultiple(TEE_OperationHandle operation, TEE_OperationInfoMultiple *operationInfoMultiple,
2256 const size_t *operationSize)
2257 {
2258 if (check_level() != TEE_SUCCESS)
2259 return TEE_ERROR_NOT_SUPPORTED;
2260
2261 bool check = (operation == NULL || operationInfoMultiple == NULL || operationSize == NULL ||
2262 (check_operation((const TEE_OperationHandle)operation) != TEE_SUCCESS));
2263 if (check) {
2264 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
2265 return TEE_ERROR_BAD_PARAMETERS;
2266 }
2267
2268 uint32_t num_of_keys = (*operationSize - sizeof(TEE_OperationInfoMultiple)) / sizeof(TEE_OperationInfoKey);
2269 if (num_of_keys > XTS_KEY_NUM) {
2270 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
2271 return TEE_ERROR_BAD_PARAMETERS;
2272 }
2273
2274 if (crypto_lock_operation(operation) != TEE_SUCCESS)
2275 return TEE_ERROR_GENERIC;
2276
2277 /* Two keys flag (TEE_ALG_AES_XTS only) */
2278 if (((operation->handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) != 0) && (num_of_keys != XTS_KEY_NUM)) {
2279 crypto_unlock_operation(operation);
2280 return TEE_ERROR_SHORT_BUFFER;
2281 }
2282
2283 /* Clear */
2284 clear_key(operationInfoMultiple, num_of_keys);
2285
2286 if ((operation->keySize > (UINT32_MAX / BIT_TO_BYTE)) || (operation->keySize2 > (UINT32_MAX / BIT_TO_BYTE))) {
2287 tloge("Operation key size is invalid\n");
2288 TEE_Panic(TEE_ERROR_BAD_PARAMETERS);
2289 crypto_unlock_operation(operation);
2290 return TEE_ERROR_BAD_PARAMETERS;
2291 }
2292
2293 if (tee_get_ta_api_level() == API_LEVEL1_0)
2294 operationInfoMultiple->keyInformation[0].keySize = operation->keySize;
2295 else
2296 get_operation_key_size_in_byte(operation->keySize, operation->algorithm,
2297 &(operationInfoMultiple->keyInformation[0].keySize));
2298
2299 operationInfoMultiple->keyInformation[0].requiredKeyUsage = operation->requiredKeyUsage;
2300 if (num_of_keys == XTS_KEY_NUM) {
2301 operationInfoMultiple->keyInformation[1].keySize = operation->keySize2 * BIT_TO_BYTE;
2302 operationInfoMultiple->keyInformation[1].requiredKeyUsage = operation->requiredKeyUsage;
2303 }
2304
2305 /* No key */
2306 set_operation_info(operationInfoMultiple, operation);
2307 operationInfoMultiple->numberOfKeys = num_of_keys;
2308
2309 if ((operation->handleState & TEE_HANDLE_FLAG_INITIALIZED) == TEE_HANDLE_FLAG_INITIALIZED)
2310 operationInfoMultiple->operationState = TEE_OPERATION_STATE_ACTIVE;
2311 else
2312 operationInfoMultiple->operationState = TEE_OPERATION_STATE_INITIAL;
2313 crypto_unlock_operation(operation);
2314
2315 return TEE_SUCCESS;
2316 }
2317
TEE_IsAlgorithmSupported(uint32_t algId,uint32_t element)2318 TEE_Result TEE_IsAlgorithmSupported(uint32_t algId, uint32_t element)
2319 {
2320 uint32_t api_level = tee_get_ta_api_level();
2321 if (api_level <= API_LEVEL1_1_1) {
2322 tloge("in api level %u not support this function\n", api_level);
2323 return TEE_ERROR_NOT_SUPPORTED;
2324 }
2325 if (crypto_check_alg_supported(algId, element))
2326 return TEE_SUCCESS;
2327 return TEE_ERROR_NOT_SUPPORTED;
2328 }
2329