1 /*
2 * Copyright (C) 2022 Huawei Technologies Co., Ltd.
3 * Licensed under the Mulan PSL v2.
4 * You can use this software according to the terms and conditions of the Mulan PSL v2.
5 * You may obtain a copy of Mulan PSL v2 at:
6 * http://license.coscl.org.cn/MulanPSL2
7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
9 * PURPOSE.
10 * See the Mulan PSL v2 for more details.
11 */
12 #include "crypto_manager.h"
13 #include <stdio.h>
14 #include <securec.h>
15 #include <drv.h>
16 #include <mem_ops.h>
17 #include "tee_log.h"
18 #include "crypto_default_engine.h"
19 #include "tee_drv_client.h"
20 #include "crypto_mgr_syscall.h"
21 #include "tee_inner_uuid.h"
22 #include "tee_object_api.h"
23 #include "tee_mem_mgmt_api.h"
24 #include "crypto_mgr_syscall.h"
25 #include "crypto_hal.h"
26 #include "crypto_driver_adaptor_ops.h"
27 #include "tee_msg_type.h"
28
get_ctx_fd_handle(uint32_t alg_type,bool is_copy_ctx)29 int64_t get_ctx_fd_handle(uint32_t alg_type, bool is_copy_ctx)
30 {
31 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
32 if (is_copy_ctx)
33 return tee_drv_open(drv_name, &alg_type, sizeof(alg_type));
34 else
35 return tee_drv_open(drv_name, &alg_type, sizeof(alg_type) + TYPE_DRV_OPEN);
36 }
37
driver_ctx_buffer_prepare(const struct ctx_handle_t * src_ctx,struct ctx_handle_t * dest_ctx)38 int32_t driver_ctx_buffer_prepare(const struct ctx_handle_t *src_ctx, struct ctx_handle_t *dest_ctx)
39 {
40 (void)src_ctx;
41 if (dest_ctx == NULL)
42 return CRYPTO_BAD_PARAMETERS;
43
44 if (dest_ctx->fd > 0)
45 tee_drv_close(dest_ctx->fd);
46
47 dest_ctx->fd = get_ctx_fd_handle(dest_ctx->alg_type, true);
48 if (dest_ctx->fd <= 0) {
49 tloge("open fd failed\n");
50 return CRYPTO_BAD_PARAMETERS;
51 }
52
53 return CRYPTO_SUCCESS;
54 }
55
driver_alloc_ctx_handle(uint32_t alg_type,uint32_t engine,struct ctx_handle_t * ctx)56 struct ctx_handle_t *driver_alloc_ctx_handle(uint32_t alg_type, uint32_t engine, struct ctx_handle_t *ctx)
57 {
58 (void)engine;
59 if (ctx == NULL)
60 return NULL;
61
62 int64_t fd = get_ctx_fd_handle(alg_type, false);
63 if (fd <= 0) {
64 tloge("open fd failed\n");
65 goto error;
66 }
67 ctx->driver_ability = crypto_driver_get_driver_ability(fd);
68 ctx->fd = fd;
69 return ctx;
70
71 error:
72 if (fd > 0)
73 tee_drv_close(fd);
74
75 TEE_Free(ctx);
76 return NULL;
77 }
78
get_share_mem_size(const struct drv_memref_t * fill_data,uint32_t fill_data_count)79 static inline uint32_t get_share_mem_size(const struct drv_memref_t *fill_data, uint32_t fill_data_count)
80 {
81 uint32_t share_mem_size = 0;
82
83 for (uint32_t i = 0; i < fill_data_count; i++) {
84 if (fill_data[i].size > SHARE_MEMORY_MAX_SIZE) {
85 tloge("the %d fill data size is too big", i);
86 return INVALID_MEMORY_SIZE;
87 }
88
89 share_mem_size += fill_data[i].size;
90 }
91
92 share_mem_size += fill_data_count * sizeof(uint32_t);
93 return share_mem_size;
94 }
95
copy_to_shared_buf(const void * buf,uint32_t buf_size,uint8_t ** shared_buf,bool need_copy)96 static int32_t copy_to_shared_buf(const void *buf, uint32_t buf_size, uint8_t **shared_buf, bool need_copy)
97 {
98 if (buf_size != 0 && buf == NULL) {
99 tloge("copy buf size is not 0 but copy buf is NULL\n");
100 return CRYPTO_BAD_PARAMETERS;
101 }
102 if (memcpy_s(*shared_buf, sizeof(uint32_t), (void *)&buf_size, sizeof(uint32_t)) != EOK) {
103 tloge("copy buf size failed\n");
104 return CRYPTO_ERROR_SECURITY;
105 }
106
107 *shared_buf += sizeof(uint32_t);
108
109 if (buf_size == 0 || buf == NULL)
110 return CRYPTO_SUCCESS;
111
112 if (need_copy) {
113 if (memcpy_s(*shared_buf, buf_size, buf, buf_size) != EOK) {
114 tloge("copy buf failed\n");
115 return CRYPTO_ERROR_SECURITY;
116 }
117 }
118 *shared_buf += buf_size;
119 return CRYPTO_SUCCESS;
120 }
121
fill_share_mem(uint8_t * shared_buf,const struct drv_memref_t * fill_data,uint32_t fill_data_count)122 static inline int32_t fill_share_mem(uint8_t *shared_buf, const struct drv_memref_t *fill_data,
123 uint32_t fill_data_count)
124 {
125 for (uint32_t i = 0; i < fill_data_count; i++) {
126 int32_t ret = copy_to_shared_buf((void *)(uintptr_t)fill_data[i].buffer, fill_data[i].size,
127 &shared_buf, fill_data[i].need_copy);
128 if (ret != CRYPTO_SUCCESS) {
129 tloge("fill share memory failed! fill data No. = %d\n", i);
130 return ret;
131 }
132 }
133 return CRYPTO_SUCCESS;
134 }
135
prepare_ioctl_parameters(const struct drv_memref_t * data,uint32_t data_count,struct memref_t * share_mem,struct crypto_ioctl * ioctl_param,struct ctx_handle_t * ctx)136 static int32_t prepare_ioctl_parameters(const struct drv_memref_t *data, uint32_t data_count,
137 struct memref_t *share_mem, struct crypto_ioctl *ioctl_param, struct ctx_handle_t *ctx)
138 {
139 TEE_UUID uuid = CRYPTOMGR;
140 uint32_t size = get_share_mem_size(data, data_count);
141 if (size > SHARE_MEMORY_MAX_SIZE) {
142 tloge("share memory size is too long. size = %u\n", size);
143 return CRYPTO_OVERFLOW;
144 }
145
146 if (ctx->ctx_size < size) {
147 if (ctx->ctx_buffer != 0) {
148 (void)memset_s((void *)(uintptr_t)ctx->ctx_buffer, ctx->ctx_size, 0, ctx->ctx_size);
149 free_sharemem((void *)(uintptr_t)ctx->ctx_buffer, ctx->ctx_size);
150 }
151
152 share_mem->buffer = (uint64_t)(uintptr_t)alloc_sharemem_aux(&uuid, size);
153 if (share_mem->buffer == 0) {
154 tloge("alloc share memory failed\n");
155 return CRYPTO_OVERFLOW;
156 }
157 ctx->ctx_size = size;
158 ctx->ctx_buffer = share_mem->buffer;
159 } else {
160 share_mem->buffer = ctx->ctx_buffer;
161 }
162
163 int32_t ret = fill_share_mem((uint8_t *)(uintptr_t)share_mem->buffer, data, data_count);
164 if (ret != CRYPTO_SUCCESS) {
165 tloge("fill share memory failed. ret = %d\n", ret);
166 goto error;
167 }
168
169 share_mem->size = size;
170 ioctl_param->buf = share_mem->buffer;
171 ioctl_param->buf_len = size;
172 ioctl_param->total_nums = data_count;
173 return ret;
174
175 error:
176 (void)memset_s((void *)(uintptr_t)share_mem->buffer, size, 0, size);
177 free_sharemem((void *)(uintptr_t)share_mem->buffer, size);
178 ctx->ctx_size = 0;
179 ctx->ctx_buffer = 0;
180 share_mem->buffer = 0;
181 return ret;
182 }
183
copy_from_shared_buf(void * buf,uint32_t * buf_size,uint8_t ** shared_buf)184 static int32_t copy_from_shared_buf(void *buf, uint32_t *buf_size, uint8_t **shared_buf)
185 {
186 uint32_t original_size = *buf_size;
187
188 if (memcpy_s(buf_size, sizeof(uint32_t), *shared_buf, sizeof(uint32_t)) != EOK) {
189 tloge("copy buf size failed\n");
190 return CRYPTO_ERROR_SECURITY;
191 }
192
193 if (*buf_size > original_size) {
194 tloge("buf size is too big\n");
195 return CRYPTO_OVERFLOW;
196 }
197
198 *shared_buf += sizeof(uint32_t);
199
200 if (*buf_size == 0)
201 return CRYPTO_SUCCESS;
202
203 if (memcpy_s(buf, *buf_size, *shared_buf, *buf_size) != EOK) {
204 tloge("copy buf failed\n");
205 return CRYPTO_ERROR_SECURITY;
206 }
207
208 *shared_buf += *buf_size;
209 return CRYPTO_SUCCESS;
210 }
211
get_share_mem(uint8_t * shared_buf,struct drv_memref_t * get_data,uint32_t get_data_count)212 static inline int32_t get_share_mem(uint8_t *shared_buf, struct drv_memref_t *get_data, uint32_t get_data_count)
213 {
214 for (uint32_t i = 0; i < get_data_count; i++) {
215 int32_t ret = copy_from_shared_buf((void *)(uintptr_t)get_data[i].buffer, &(get_data[i].size), &shared_buf);
216 if (ret != CRYPTO_SUCCESS) {
217 tloge("get share memory failed! get data No. = %d\n", i);
218 return ret;
219 }
220 }
221 return CRYPTO_SUCCESS;
222 }
223
crypto_get_default_engine(uint32_t algorithm)224 uint32_t crypto_get_default_engine(uint32_t algorithm)
225 {
226 uint32_t i;
227 uint32_t count = sizeof(g_algorithm_engine) / sizeof(g_algorithm_engine[0]);
228 for (i = 0; i < count; i++) {
229 if (g_algorithm_engine[i].algorithm == algorithm)
230 return g_algorithm_engine[i].engine;
231 }
232 return SOFT_CRYPTO;
233 }
234
crypto_get_default_generate_key_engine(uint32_t algorithm)235 uint32_t crypto_get_default_generate_key_engine(uint32_t algorithm)
236 {
237 uint32_t i;
238 uint32_t count = sizeof(g_generate_key_engine) / sizeof(g_generate_key_engine[0]);
239 for (i = 0; i < count; i++) {
240 if (g_generate_key_engine[i].algorithm == algorithm)
241 return g_generate_key_engine[i].engine;
242 }
243 return SOFT_CRYPTO;
244 }
245
crypto_driver_get_driver_ability(int64_t fd)246 int32_t crypto_driver_get_driver_ability(int64_t fd)
247 {
248 uint32_t args = 0;
249 return tee_drv_ioctl(fd, IOCTRL_CRYPTO_GET_DRV_ABILITY, &args, sizeof(args));
250 }
251
crypto_driver_ctx_copy(const struct ctx_handle_t * src_ctx,struct ctx_handle_t * dest_ctx)252 int32_t crypto_driver_ctx_copy(const struct ctx_handle_t *src_ctx, struct ctx_handle_t *dest_ctx)
253 {
254 if (dest_ctx == NULL || src_ctx == NULL) {
255 tloge("dest_ctx is NULL\n");
256 return CRYPTO_BAD_PARAMETERS;
257 }
258
259 int32_t args = src_ctx->alg_type;
260
261 int32_t ret = tee_drv_ioctl(dest_ctx->fd, IOCTRL_CRYPTO_CTX_COPY, &args, sizeof(args));
262 if (ret != CRYPTO_SUCCESS) {
263 tloge("driver ioctl ctx copy failed. ret = %d\n", ret);
264 return ret;
265 }
266
267 return CRYPTO_SUCCESS;
268 }
269
crypto_driver_hash_init(struct ctx_handle_t * ctx)270 int32_t crypto_driver_hash_init(struct ctx_handle_t *ctx)
271 {
272 if (ctx == NULL) {
273 tloge("ctx is NULL\n");
274 return CRYPTO_BAD_PARAMETERS;
275 }
276
277 struct crypto_ioctl input = {0};
278
279 input.arg1 = ctx->alg_type;
280
281 int32_t ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_HASH_INIT, (void *)(&input), sizeof(input));
282 if (ret != CRYPTO_SUCCESS)
283 tloge("share buffer failed\n");
284
285 return ret;
286 }
287
crypto_driver_hash_update(struct ctx_handle_t * ctx,const struct memref_t * data_in)288 int32_t crypto_driver_hash_update(struct ctx_handle_t *ctx, const struct memref_t *data_in)
289 {
290 if (ctx == NULL || data_in == NULL) {
291 tloge("ctx or data_in is NULL\n");
292 return CRYPTO_BAD_PARAMETERS;
293 }
294
295 struct drv_memref_t fill_data[] = {
296 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true }
297 };
298 struct crypto_ioctl input = {0};
299 struct memref_t ioctl = { 0 };
300
301 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
302 if (ret != CRYPTO_SUCCESS) {
303 tloge("hash update prepare ioctl parameters failed. ret = %d\n", ret);
304 return ret;
305 }
306
307 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_HASH_UPDATE, (void *)(&input), sizeof(input));
308 if (ret != CRYPTO_SUCCESS)
309 tloge("driver ioctl hash update failed. ret = %d\n", ret);
310
311 return ret;
312 }
313
crypto_driver_hash_dofinal(struct ctx_handle_t * ctx,const struct memref_t * data_in,struct memref_t * data_out)314 int32_t crypto_driver_hash_dofinal(struct ctx_handle_t *ctx, const struct memref_t *data_in,
315 struct memref_t *data_out)
316 {
317 (void)data_in;
318 if (ctx == NULL || data_out == NULL) {
319 tloge("ctx or data_out is NULL\n");
320 return CRYPTO_BAD_PARAMETERS;
321 }
322
323 struct drv_memref_t fill_data[] = {
324 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false }
325 };
326 struct crypto_ioctl input = {0};
327 struct memref_t ioctl = { 0 };
328
329 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
330 if (ret != CRYPTO_SUCCESS) {
331 tloge("hash dofinal prepare ioctl parameters failed. ret = %d\n", ret);
332 return ret;
333 }
334
335 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_HASH_DOFINAL, (void *)(&input), sizeof(input));
336 if (ret != CRYPTO_SUCCESS) {
337 tloge("driver ioctl hash dofinal failed. ret = %d\n", ret);
338 goto end;
339 }
340
341 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
342 if (ret != CRYPTO_SUCCESS) {
343 tloge("hash dofinal get share mem failed. ret = %d\n", ret);
344 goto end;
345 }
346
347 data_out->size = fill_data[0].size;
348 end:
349 tee_crypto_free_sharemem(ctx);
350 return ret;
351 }
352
crypto_driver_hash(uint32_t alg_type,const struct memref_t * data_in,struct memref_t * data_out,uint32_t engine)353 int32_t crypto_driver_hash(uint32_t alg_type, const struct memref_t *data_in,
354 struct memref_t *data_out, uint32_t engine)
355 {
356 (void)engine;
357 struct ctx_handle_t ctx = { 0 };
358 if (data_in == NULL || data_out == NULL) {
359 tloge("data_in or data_out is NULL\n");
360 return CRYPTO_BAD_PARAMETERS;
361 }
362
363 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
364 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
365 if (fd <= 0) {
366 tloge("open fd failed\n");
367 return CRYPTO_OVERFLOW;
368 }
369
370 struct drv_memref_t fill_data[] = {
371 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
372 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true }
373 };
374 struct crypto_ioctl input = {0};
375 struct memref_t ioctl = { 0 };
376
377 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
378 if (ret != CRYPTO_SUCCESS) {
379 tloge("hash prepare ioctl parameters failed. ret = %d\n", ret);
380 goto end;
381 }
382
383 input.arg1 = alg_type;
384
385 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_HASH, (void *)(&input), sizeof(input));
386 if (ret != CRYPTO_SUCCESS) {
387 tloge("driver ioctl hash failed. ret = %d\n", ret);
388 goto end;
389 }
390
391 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
392 if (ret != CRYPTO_SUCCESS) {
393 tloge("hash get share mem failed. ret = %d\n", ret);
394 goto end;
395 }
396
397 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
398 end:
399 (void)tee_drv_close(fd);
400 tee_crypto_free_sharemem(&ctx);
401 return ret;
402 }
403
crypto_driver_hmac_init(struct ctx_handle_t * ctx,const struct symmerit_key_t * key)404 int32_t crypto_driver_hmac_init(struct ctx_handle_t *ctx, const struct symmerit_key_t *key)
405 {
406 if (ctx == NULL || key == NULL) {
407 tloge("ctx or key is NULL\n");
408 return CRYPTO_BAD_PARAMETERS;
409 }
410
411 struct drv_memref_t fill_data[] = {
412 { .buffer = key->key_buffer, .size = key->key_size, .need_copy = true },
413 };
414 struct crypto_ioctl input = {0};
415 struct memref_t ioctl = { 0 };
416
417 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
418 if (ret != CRYPTO_SUCCESS) {
419 tloge("hmac init prepare ioctl parameters failed. ret = %d\n", ret);
420 return ret;
421 }
422
423 input.arg1 = ctx->alg_type;
424 input.arg2 = key->key_type;
425
426 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_HMAC_INIT, (void *)(&input), sizeof(input));
427 if (ret != CRYPTO_SUCCESS) {
428 tloge("driver ioctl hmac initialize failed. ret = %d\n", ret);
429 goto end;
430 }
431
432 return ret;
433 end:
434 tee_crypto_free_sharemem(ctx);
435 return ret;
436 }
437
crypto_driver_hmac_update(struct ctx_handle_t * ctx,const struct memref_t * data_in)438 int32_t crypto_driver_hmac_update(struct ctx_handle_t *ctx, const struct memref_t *data_in)
439 {
440 if (ctx == NULL || data_in == NULL) {
441 tloge("ctx or key is NULL\n");
442 return CRYPTO_BAD_PARAMETERS;
443 }
444
445 struct drv_memref_t fill_data[] = {
446 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
447 };
448 struct crypto_ioctl input = {0};
449 struct memref_t ioctl = { 0 };
450
451 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
452 if (ret != CRYPTO_SUCCESS) {
453 tloge("hmac update prepare ioctl parameters failed. ret = %d\n", ret);
454 return ret;
455 }
456
457 input.arg1 = ctx->alg_type;
458
459 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_HMAC_UPDATE, (void *)(&input), sizeof(input));
460 if (ret != CRYPTO_SUCCESS) {
461 tloge("driver ioctl hmac update failed. ret = %d\n", ret);
462 goto end;
463 }
464
465 return ret;
466 end:
467 tee_crypto_free_sharemem(ctx);
468 return ret;
469 }
470
crypto_driver_hmac_dofinal(struct ctx_handle_t * ctx,const struct memref_t * data_in,struct memref_t * data_out)471 int32_t crypto_driver_hmac_dofinal(struct ctx_handle_t *ctx, const struct memref_t *data_in,
472 struct memref_t *data_out)
473 {
474 (void)data_in;
475 if (ctx == NULL || data_out == NULL) {
476 tloge("ctx or data_out is NULL\n");
477 return CRYPTO_BAD_PARAMETERS;
478 }
479
480 struct drv_memref_t fill_data[] = {
481 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
482 };
483 struct crypto_ioctl input = {0};
484 struct memref_t ioctl = { 0 };
485
486 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
487 if (ret != CRYPTO_SUCCESS) {
488 tloge("hmac dofinal prepare ioctl parameters failed. ret = %d\n", ret);
489 return ret;
490 }
491
492 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_HMAC_DOFINAL, (void *)(&input), sizeof(input));
493 if (ret != CRYPTO_SUCCESS) {
494 tloge("driver ioctl hmac dofinal failed. ret = %d\n", ret);
495 goto end;
496 }
497
498 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
499 if (ret != CRYPTO_SUCCESS) {
500 tloge("hmac dofinal get share mem failed. ret = %d\n", ret);
501 goto end;
502 }
503
504 data_out->size = fill_data[0].size;
505 end:
506 tee_crypto_free_sharemem(ctx);
507 return ret;
508 }
509
crypto_driver_hmac(uint32_t alg_type,const struct symmerit_key_t * key,const struct memref_t * data_in,struct memref_t * data_out,uint32_t engine)510 int32_t crypto_driver_hmac(uint32_t alg_type, const struct symmerit_key_t *key,
511 const struct memref_t *data_in, struct memref_t *data_out, uint32_t engine)
512 {
513 (void)engine;
514 struct ctx_handle_t ctx = { 0 };
515 if (key == NULL || data_in == NULL || data_out == NULL) {
516 tloge("key or data_in or data_out is NULL\n");
517 return CRYPTO_BAD_PARAMETERS;
518 }
519
520 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
521 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
522 if (fd <= 0) {
523 tloge("open fd failed\n");
524 return CRYPTO_OVERFLOW;
525 }
526
527 struct drv_memref_t fill_data[] = {
528 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
529 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
530 { .buffer = key->key_buffer, .size = key->key_size, .need_copy = true },
531 };
532 struct crypto_ioctl input = {0};
533 struct memref_t ioctl = { 0 };
534
535 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
536 if (ret != CRYPTO_SUCCESS) {
537 tloge("hmac prepare ioctl parameters failed. ret = %d\n", ret);
538 goto end;
539 }
540
541 input.arg1 = alg_type;
542 input.arg2 = key->key_type;
543
544 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_HMAC, (void *)(&input), sizeof(input));
545 if (ret != CRYPTO_SUCCESS) {
546 tloge("driver ioctl hmac failed. ret = %d\n", ret);
547 goto end;
548 }
549
550 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
551 if (ret != CRYPTO_SUCCESS) {
552 tloge("hmac get share mem failed. ret = %d\n", ret);
553 goto end;
554 }
555
556 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
557 end:
558 (void)tee_drv_close(fd);
559 tee_crypto_free_sharemem(&ctx);
560 return ret;
561 }
562
crypto_driver_cipher_init(struct ctx_handle_t * ctx,const struct symmerit_key_t * key,const struct memref_t * iv)563 int32_t crypto_driver_cipher_init(struct ctx_handle_t *ctx, const struct symmerit_key_t *key,
564 const struct memref_t *iv)
565 {
566 if (ctx == NULL || key == NULL) {
567 tloge("ctx or key is NULL\n");
568 return CRYPTO_BAD_PARAMETERS;
569 }
570
571 struct crypto_ioctl input = {0};
572 (void)memset_s(&input, sizeof(input), 0, sizeof(input));
573 errno_t rc;
574 input.data_size_1 = key->key_size;
575 rc = memcpy_s(input.data_1, sizeof(input.data_1), (void*)(uintptr_t)key->key_buffer, key->key_size);
576 if (rc != EOK) {
577 tloge("memcpy data in fail");
578 return rc;
579 }
580 if (iv != NULL) {
581 input.data_size_2 = iv->size;
582 rc = memcpy_s(input.data_2, sizeof(input.data_2), (void*)(uintptr_t)iv->buffer, iv->size);
583 if (rc != EOK) {
584 tloge("memcpy data in fail");
585 return rc;
586 }
587 }
588
589 input.arg1 = ctx->alg_type;
590 input.arg2 = ctx->driver_ability;
591 input.arg3 = ctx->direction;
592 input.arg4 = key->key_type;
593
594 uint32_t ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_CIPHER_INIT, (void *)(&input), sizeof(input));
595 if (ret != CRYPTO_SUCCESS)
596 tloge("driver ioctl cipher initialize failed. ret = %d\n", ret);
597
598 return ret;
599 }
600
crypto_driver_cipher_update(struct ctx_handle_t * ctx,const struct memref_t * data_in,struct memref_t * data_out)601 int32_t crypto_driver_cipher_update(struct ctx_handle_t *ctx, const struct memref_t *data_in,
602 struct memref_t *data_out)
603 {
604 if (ctx == NULL || data_in == NULL || data_out == NULL) {
605 tloge("ctx or data_in or data_out is NULL\n");
606 return CRYPTO_BAD_PARAMETERS;
607 }
608 struct crypto_ioctl input = {0};
609
610 struct drv_memref_t fill_data[] = {
611 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
612 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
613 };
614 struct memref_t ioctl = { 0 };
615
616 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
617 if (ret != CRYPTO_SUCCESS) {
618 tloge("cipher update prepare ioctl parameters failed. ret = %d\n", ret);
619 return ret;
620 }
621
622 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_CIPHER_UPDATE, (void *)(&input), sizeof(input));
623 if (ret != CRYPTO_SUCCESS) {
624 tloge("driver ioctl cipher update failed. ret = %d\n", ret);
625 goto end;
626 }
627
628 ret = get_share_mem((void *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
629 if (ret != CRYPTO_SUCCESS) {
630 tloge("cipher update get share mem failed. ret = %d\n", ret);
631 goto end;
632 }
633
634 data_out->size = fill_data[0].size;
635 return CRYPTO_SUCCESS;
636 end:
637 tee_crypto_free_sharemem(ctx);
638 return ret;
639 }
640
crypto_driver_cipher_dofinal(struct ctx_handle_t * ctx,const struct memref_t * data_in,struct memref_t * data_out)641 int32_t crypto_driver_cipher_dofinal(struct ctx_handle_t *ctx, const struct memref_t *data_in,
642 struct memref_t *data_out)
643 {
644 if (ctx == NULL || data_in == NULL || data_out == NULL) {
645 tloge("ctx or data_in or data_out is NULL\n");
646 return CRYPTO_BAD_PARAMETERS;
647 }
648
649 struct drv_memref_t fill_data[] = {
650 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
651 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
652 };
653 struct crypto_ioctl input = { 0 };
654 struct memref_t ioctl = { 0 };
655
656 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
657 if (ret != CRYPTO_SUCCESS) {
658 tloge("cipher dofinal prepare ioctl parameters failed. ret = %d\n", ret);
659 return ret;
660 }
661
662 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_CIPHER_DOFINAL, (void *)(&input), sizeof(input));
663 if (ret != CRYPTO_SUCCESS) {
664 tloge("driver ioctl cipher dofinal failed. ret = %d\n", ret);
665 goto end;
666 }
667
668 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
669 if (ret != CRYPTO_SUCCESS) {
670 tloge("cipher dofinal get share mem failed. ret = %d\n", ret);
671 goto end;
672 }
673
674 data_out->size = fill_data[0].size;
675 end:
676 tee_crypto_free_sharemem(ctx);
677 return ret;
678 }
679
crypto_driver_cipher(uint32_t alg_type,uint32_t direction,const struct symmerit_key_t * key,const struct memref_t * iv,const struct memref_t * data_in,struct memref_t * data_out,uint32_t engine)680 int32_t crypto_driver_cipher(uint32_t alg_type, uint32_t direction, const struct symmerit_key_t *key,
681 const struct memref_t *iv, const struct memref_t *data_in, struct memref_t *data_out, uint32_t engine)
682 {
683 (void)engine;
684 struct ctx_handle_t ctx = { 0 };
685 if (key == NULL || data_in == NULL || data_out == NULL)
686 return CRYPTO_BAD_PARAMETERS;
687
688 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
689 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
690 if (fd <= 0)
691 return CRYPTO_OVERFLOW;
692
693 struct drv_memref_t fill_data[] = {
694 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
695 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
696 { .buffer = key->key_buffer, .size = key->key_size, .need_copy = true },
697 { .buffer = 0, .size = 0, .need_copy = true },
698 };
699
700 if (iv != NULL) {
701 fill_data[CRYPTO_IV_OFFSET_3].buffer = iv->buffer;
702 fill_data[CRYPTO_IV_OFFSET_3].size = iv->size;
703 }
704
705 struct crypto_ioctl input = { 0 };
706 struct memref_t ioctl = { 0 };
707
708 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
709 if (ret != CRYPTO_SUCCESS) {
710 tloge("cipher prepare ioctl parameters failed. ret = %d\n", ret);
711 return ret;
712 }
713
714 input.arg1 = alg_type;
715 input.arg2 = direction;
716 input.arg3 = key->key_type;
717
718 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_CIPHER, (void *)(&input), sizeof(input));
719 if (ret != CRYPTO_SUCCESS) {
720 tloge("driver ioctl cipher failed. ret = %d\n", ret);
721 goto end;
722 }
723
724 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
725 if (ret != CRYPTO_SUCCESS) {
726 tloge("cipher get share mem failed. ret = %d\n", ret);
727 goto end;
728 }
729
730 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
731 end:
732 (void)tee_drv_close(fd);
733 tee_crypto_free_sharemem(&ctx);
734 return ret;
735 }
736
crypto_driver_ae_init(struct ctx_handle_t * ctx,const struct symmerit_key_t * key,const struct ae_init_data * ae_init_param)737 int32_t crypto_driver_ae_init(struct ctx_handle_t *ctx, const struct symmerit_key_t *key,
738 const struct ae_init_data *ae_init_param)
739 {
740 if (ctx == NULL || key == NULL || ae_init_param == NULL) {
741 tloge("ctx or key or ae_init_param is NULL\n");
742 return CRYPTO_BAD_PARAMETERS;
743 }
744
745 struct crypto_ioctl input = {0};
746 (void)memset_s(&input, sizeof(input), 0, sizeof(input));
747 errno_t rc;
748 input.data_size_1 = key->key_size;
749 rc = memcpy_s(input.data_1, sizeof(input.data_1), (void*)(uintptr_t)key->key_buffer, key->key_size);
750 if (rc != EOK) {
751 tloge("memcpy data in fail");
752 return rc;
753 }
754 input.data_size_2 = ae_init_param->nonce_len;
755 rc = memcpy_s(input.data_2, sizeof(input.data_2), (void*)(uintptr_t)ae_init_param->nonce, ae_init_param->nonce_len);
756 if (rc != EOK) {
757 tloge("memcpy data in fail");
758 return rc;
759 }
760
761 input.arg1 = ctx->alg_type;
762 input.arg2 = ctx->direction;
763 input.arg3 = key->key_type;
764 input.arg4 = ae_init_param->tag_len;
765 input.arg5 = ae_init_param->aad_len;
766 input.arg6 = ae_init_param->payload_len;
767
768 uint32_t ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_AE_INIT, (void *)(&input), sizeof(input));
769 if (ret != CRYPTO_SUCCESS)
770 tloge("driver ioctl ae initialize failed. ret = %d\n", ret);
771
772 return ret;
773 }
774
crypto_driver_ae_update_aad(struct ctx_handle_t * ctx,const struct memref_t * aad_data)775 int32_t crypto_driver_ae_update_aad(struct ctx_handle_t *ctx, const struct memref_t *aad_data)
776 {
777 if (ctx == NULL || aad_data == NULL) {
778 tloge("ctx or aad_data is NULL\n");
779 return CRYPTO_BAD_PARAMETERS;
780 }
781
782 struct crypto_ioctl input;
783 (void)memset_s(&input, sizeof(input), 0, sizeof(input));
784 errno_t rc;
785 input.data_size_1 = aad_data->size;
786 rc = memcpy_s(input.data_1, sizeof(input.data_1), (void*)(uintptr_t)aad_data->buffer, aad_data->size);
787 if (rc != EOK) {
788 tloge("memcpy data in fail");
789 return rc;
790 }
791
792 uint32_t ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_AE_UPDATE_AAD, (void *)(&input), sizeof(input));
793 if (ret != CRYPTO_SUCCESS)
794 tloge("driver ioctl ae update aad failed. ret = %d\n", ret);
795
796 return ret;
797 }
798
crypto_driver_ae_update(struct ctx_handle_t * ctx,const struct memref_t * data_in,struct memref_t * data_out)799 int32_t crypto_driver_ae_update(struct ctx_handle_t *ctx, const struct memref_t *data_in,
800 struct memref_t *data_out)
801 {
802 if (ctx == NULL || data_in == NULL || data_out == NULL) {
803 tloge("ctx or data_in or data_out is NULL\n");
804 return CRYPTO_BAD_PARAMETERS;
805 }
806
807 struct drv_memref_t fill_data[] = {
808 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
809 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true }
810 };
811 struct crypto_ioctl input = {0};
812 struct memref_t ioctl = { 0 };
813
814 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
815 if (ret != CRYPTO_SUCCESS) {
816 tloge("ae update prepare ioctl parameters failed. ret = %d\n", ret);
817 return ret;
818 }
819
820 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_AE_UPDATE, (void *)(&input), sizeof(input));
821 if (ret != CRYPTO_SUCCESS) {
822 tloge("driver ioctl ae update failed. ret = %d\n", ret);
823 goto end;
824 }
825
826 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
827 if (ret != CRYPTO_SUCCESS) {
828 tloge("ae update get share mem failed. ret = %d\n", ret);
829 goto end;
830 }
831
832 data_out->size = fill_data[0].size;
833 return CRYPTO_SUCCESS;
834 end:
835 tee_crypto_free_sharemem(ctx);
836 return ret;
837 }
838
crypto_driver_ae_enc_final(struct ctx_handle_t * ctx,const struct memref_t * data_in,struct memref_t * data_out,struct memref_t * tag_out)839 int32_t crypto_driver_ae_enc_final(struct ctx_handle_t *ctx, const struct memref_t *data_in,
840 struct memref_t *data_out, struct memref_t *tag_out)
841 {
842 if (ctx == NULL || data_in == NULL || data_out == NULL || tag_out == NULL) {
843 tloge("ctx or data_in or data_out or tag_out is NULL\n");
844 return CRYPTO_BAD_PARAMETERS;
845 }
846
847 struct drv_memref_t fill_data[] = {
848 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
849 { .buffer = tag_out->buffer, .size = tag_out->size, .need_copy = true },
850 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true }
851 };
852 struct crypto_ioctl input = {0};
853 struct memref_t ioctl = { 0 };
854
855 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
856 if (ret != CRYPTO_SUCCESS) {
857 tloge("ae enc final prepare ioctl parameters failed. ret = %d\n", ret);
858 return ret;
859 }
860
861 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_AE_ENC_FINAL, (void *)(&input), sizeof(input));
862 if (ret != CRYPTO_SUCCESS) {
863 tloge("driver ioctl ae enc final failed. ret = %d\n", ret);
864 goto end;
865 }
866
867 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_2);
868 if (ret != CRYPTO_SUCCESS) {
869 tloge("ae enc final get share mem failed. ret = %d\n", ret);
870 goto end;
871 }
872
873 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
874 tag_out->size = fill_data[CRYPTO_TAG_OUT_OFFSET_1].size;
875 end:
876 tee_crypto_free_sharemem(ctx);
877 return ret;
878 }
879
crypto_driver_ae_dec_final(struct ctx_handle_t * ctx,const struct memref_t * data_in,const struct memref_t * tag_in,struct memref_t * data_out)880 int32_t crypto_driver_ae_dec_final(struct ctx_handle_t *ctx, const struct memref_t *data_in,
881 const struct memref_t *tag_in, struct memref_t *data_out)
882 {
883 if (ctx == NULL || data_in == NULL || tag_in == NULL || data_out == NULL) {
884 tloge("ctx or data_in or tag_in or data_out is NULL\n");
885 return CRYPTO_BAD_PARAMETERS;
886 }
887
888 struct drv_memref_t fill_data[] = {
889 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
890 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
891 { .buffer = tag_in->buffer, .size = tag_in->size, .need_copy = true }
892 };
893 struct crypto_ioctl input = {0};
894 struct memref_t ioctl = { 0 };
895
896 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, ctx);
897 if (ret != CRYPTO_SUCCESS) {
898 tloge("ae dec final prepare ioctl parameters failed. ret = %d\n", ret);
899 return ret;
900 }
901
902 ret = tee_drv_ioctl(ctx->fd, IOCTRL_CRYPTO_AE_DEC_FINAL, (void *)(&input), sizeof(input));
903 if (ret != CRYPTO_SUCCESS) {
904 tloge("driver ioctl ae dec final failed. ret = %d\n", ret);
905 goto end;
906 }
907
908 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
909 if (ret != CRYPTO_SUCCESS) {
910 tloge("ae dec final get share mem failed. ret = %d\n", ret);
911 goto end;
912 }
913
914 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
915 end:
916 tee_crypto_free_sharemem(ctx);
917 return ret;
918 }
919
crypto_driver_rsa_generate_keypair(uint32_t key_size,const struct memref_t * e_value,bool crt_mode,struct rsa_priv_key_t * key_pair,uint32_t engine)920 int32_t crypto_driver_rsa_generate_keypair(uint32_t key_size, const struct memref_t *e_value, bool crt_mode,
921 struct rsa_priv_key_t *key_pair, uint32_t engine)
922 {
923 (void)engine;
924 struct ctx_handle_t ctx = { 0 };
925 if (key_pair == NULL) {
926 tloge("key_pair is NULL\n");
927 return CRYPTO_BAD_PARAMETERS;
928 }
929
930 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
931 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
932 if (fd <= 0) {
933 tloge("open fd failed\n");
934 return CRYPTO_OVERFLOW;
935 }
936
937 struct drv_memref_t fill_data[] = {
938 { .buffer = (uint64_t)(uintptr_t)key_pair, .size = sizeof(*key_pair), .need_copy = true },
939 { .buffer = 0, .size = 0, .need_copy = true },
940 };
941
942 if (e_value != NULL) {
943 fill_data[CRYPTO_E_VALUE_OFFSET_1].buffer = e_value->buffer;
944 fill_data[CRYPTO_E_VALUE_OFFSET_1].size = e_value->size;
945 }
946
947 struct crypto_ioctl input = {0};
948 struct memref_t ioctl = { 0 };
949
950 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
951 if (ret != CRYPTO_SUCCESS) {
952 tloge("rsa generate keypair prepare ioctl parameters failed. ret = %d\n", ret);
953 return ret;
954 }
955
956 input.arg1 = key_size;
957 input.arg2 = (uint32_t)crt_mode;
958
959 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_RSA_GENERATE_KEYPAIR, (void *)(&input), sizeof(input));
960 if (ret != CRYPTO_SUCCESS) {
961 tloge("driver ioctl rsa generate keypair failed. ret = %d\n", ret);
962 goto end;
963 }
964
965 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
966 if (ret != CRYPTO_SUCCESS)
967 tloge("rsa generate keypair get share mem failed. ret = %d\n", ret);
968
969 end:
970 (void)tee_drv_close(fd);
971 tee_crypto_free_sharemem(&ctx);
972 return ret;
973 }
974
975 #define DOUBLE_SIZE 2
get_attr_buf_size(const struct asymmetric_params_t * asymmetric_params)976 static uint32_t get_attr_buf_size(const struct asymmetric_params_t *asymmetric_params)
977 {
978 uint32_t attr_buf_size = 0;
979 struct crypto_attribute_t *attr = (struct crypto_attribute_t *)(uintptr_t)(asymmetric_params->attribute);
980
981 for (uint32_t i = 0; i < asymmetric_params->param_count; i++) {
982 attr_buf_size += sizeof(uint32_t);
983 if (TEE_ATTR_IS_BUFFER(attr->attribute_id)) {
984 attr_buf_size += (sizeof(uint32_t) + attr->content.ref.length);
985 } else {
986 attr_buf_size += DOUBLE_SIZE * sizeof(uint32_t);
987 tlogd("this is a value attribute\n");
988 }
989 attr++;
990 }
991 return attr_buf_size;
992 }
993
restore_attr_buff(uint8_t ** restore_buf,const struct crypto_attribute_t * attr)994 static int32_t restore_attr_buff(uint8_t **restore_buf, const struct crypto_attribute_t *attr)
995 {
996 if (attr->content.ref.buffer == 0 || attr->content.ref.length == 0) {
997 tloge("attribute buffer or length error! length = %d", attr->content.ref.length);
998 return CRYPTO_BAD_PARAMETERS;
999 }
1000
1001 if (memcpy_s(*restore_buf, sizeof(uint32_t), &(attr->content.ref.length), sizeof(uint32_t)) != EOK) {
1002 tloge("copy attribute buffer length fail");
1003 return CRYPTO_ERROR_SECURITY;
1004 }
1005
1006 *restore_buf += sizeof(uint32_t);
1007
1008 if (memcpy_s(*restore_buf, attr->content.ref.length, (void *)(uintptr_t)(attr->content.ref.buffer),
1009 attr->content.ref.length) != EOK) {
1010 tloge("copy attribute buffer fail");
1011 return CRYPTO_ERROR_SECURITY;
1012 }
1013
1014 *restore_buf += attr->content.ref.length;
1015 return CRYPTO_SUCCESS;
1016 }
1017
restore_attr_value(uint8_t ** restore_buf,const struct crypto_attribute_t * attr)1018 static int32_t restore_attr_value(uint8_t **restore_buf, const struct crypto_attribute_t *attr)
1019 {
1020 if (memcpy_s(*restore_buf, sizeof(uint32_t), &(attr->content.value.a), sizeof(uint32_t)) != EOK) {
1021 tloge("copy attribute value a fail");
1022 return CRYPTO_ERROR_SECURITY;
1023 }
1024
1025 *restore_buf += sizeof(uint32_t);
1026
1027 if (memcpy_s(*restore_buf, sizeof(uint32_t), &(attr->content.value.b), sizeof(uint32_t)) != EOK) {
1028 tloge("copy attribute value b fail");
1029 return CRYPTO_ERROR_SECURITY;
1030 }
1031
1032 *restore_buf += sizeof(uint32_t);
1033 return CRYPTO_SUCCESS;
1034 }
1035
restore_attrs(const struct asymmetric_params_t * asymmetric_params,uint8_t ** buf,uint32_t * buf_len)1036 static int32_t restore_attrs(const struct asymmetric_params_t *asymmetric_params, uint8_t **buf, uint32_t *buf_len)
1037 {
1038 if (asymmetric_params == NULL || asymmetric_params->param_count == 0 || asymmetric_params->attribute == 0) {
1039 *buf = NULL;
1040 *buf_len = 0;
1041 return CRYPTO_SUCCESS;
1042 }
1043
1044 uint32_t attr_len = get_attr_buf_size(asymmetric_params);
1045 uint8_t *attr_buf = (uint8_t *)TEE_Malloc(attr_len + sizeof(uint32_t), 0);
1046 if (attr_buf == NULL) {
1047 tloge("Failed to allocate memory for attribute\n");
1048 return CRYPTO_ERROR_OUT_OF_MEMORY;
1049 }
1050 int32_t ret;
1051 uint8_t *tmp_buf = attr_buf;
1052 if (memcpy_s(tmp_buf, sizeof(uint32_t), &(asymmetric_params->param_count), sizeof(uint32_t)) != EOK) {
1053 tloge("copy param count fail");
1054 ret = CRYPTO_ERROR_SECURITY;
1055 goto clean;
1056 }
1057 tmp_buf += sizeof(uint32_t);
1058
1059 struct crypto_attribute_t *attr = (struct crypto_attribute_t *)(uintptr_t)(asymmetric_params->attribute);
1060 for (uint32_t i = 0; i < asymmetric_params->param_count; i++) {
1061 if (memcpy_s(tmp_buf, sizeof(uint32_t), &(attr->attribute_id), sizeof(uint32_t)) != EOK) {
1062 tloge("copy attribute id fail");
1063 ret = CRYPTO_ERROR_SECURITY;
1064 goto clean;
1065 }
1066 tmp_buf += sizeof(uint32_t);
1067
1068 if (TEE_ATTR_IS_BUFFER(attr->attribute_id)) /* buffer attribute */
1069 ret = restore_attr_buff(&tmp_buf, attr);
1070 else
1071 ret = restore_attr_value(&tmp_buf, attr);
1072
1073 if (ret != CRYPTO_SUCCESS)
1074 goto clean;
1075
1076 attr++;
1077 }
1078 *buf = attr_buf;
1079 *buf_len = attr_len + sizeof(uint32_t);
1080 return CRYPTO_SUCCESS;
1081
1082 clean:
1083 TEE_Free(tmp_buf);
1084 *buf = NULL;
1085 *buf_len = 0;
1086
1087 return ret;
1088 }
1089
crypto_rsa_encrypt_ops(uint64_t fd,struct drv_memref_t * fill_data,uint32_t fill_data_count,uint32_t alg_type)1090 int32_t crypto_rsa_encrypt_ops(uint64_t fd, struct drv_memref_t *fill_data, uint32_t fill_data_count, uint32_t alg_type)
1091 {
1092 struct crypto_ioctl input = {0};
1093 struct memref_t ioctl = { 0 };
1094 struct ctx_handle_t ctx = { 0 };
1095
1096 input.arg1 = alg_type;
1097
1098 int32_t ret = prepare_ioctl_parameters(fill_data, fill_data_count, &ioctl, &input, &ctx);
1099 if (ret != CRYPTO_SUCCESS) {
1100 tloge("rsa encrypt prepare ioctl parameters failed. ret = %d\n", ret);
1101 return ret;
1102 }
1103
1104 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_RSA_ENCRYPT, (void *)(&input), sizeof(input));
1105 if (ret != CRYPTO_SUCCESS) {
1106 tloge("driver ioctl rsa encrypt failed. ret = %d\n", ret);
1107 goto end;
1108 }
1109
1110 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1111 if (ret != CRYPTO_SUCCESS) {
1112 tloge("rsa encrypt get share mem failed. ret = %d\n", ret);
1113 goto end;
1114 }
1115
1116 end:
1117 tee_crypto_free_sharemem(&ctx);
1118 return ret;
1119 }
1120
crypto_driver_rsa_encrypt(uint32_t alg_type,const struct rsa_pub_key_t * public_key,const struct asymmetric_params_t * rsa_params,const struct memref_t * data_in,struct memref_t * data_out,uint32_t engine)1121 int32_t crypto_driver_rsa_encrypt(uint32_t alg_type, const struct rsa_pub_key_t *public_key,
1122 const struct asymmetric_params_t *rsa_params, const struct memref_t *data_in,
1123 struct memref_t *data_out, uint32_t engine)
1124 {
1125 (void)engine;
1126 if (public_key == NULL || data_in == NULL || data_out == NULL) {
1127 tloge("public_key or data_in or data_out is NULL\n");
1128 return CRYPTO_BAD_PARAMETERS;
1129 }
1130
1131 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1132 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1133 if (fd <= 0) {
1134 tloge("open fd failed\n");
1135 return CRYPTO_OVERFLOW;
1136 }
1137
1138 uint8_t *attr_buf = NULL;
1139 uint32_t attr_buf_len = 0;
1140
1141 int32_t ret = restore_attrs(rsa_params, &attr_buf, &attr_buf_len);
1142 if (ret != CRYPTO_SUCCESS)
1143 goto end;
1144
1145 struct drv_memref_t fill_data[] = {
1146 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
1147 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
1148 { .buffer = (uint64_t)(uintptr_t)public_key, .size = sizeof(*public_key), .need_copy = true },
1149 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1150 };
1151
1152 ret = crypto_rsa_encrypt_ops(fd, fill_data, ARRAY_SIZE(fill_data), alg_type);
1153 if (ret != CRYPTO_SUCCESS) {
1154 tloge("crypto rsa encrypt ops failed. ret = %d", ret);
1155 goto end;
1156 }
1157
1158 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
1159 end:
1160 (void)tee_drv_close(fd);
1161 if (attr_buf != NULL)
1162 TEE_Free(attr_buf);
1163
1164 return ret;
1165 }
1166
crypto_rsa_decrypt_ops(uint64_t fd,struct drv_memref_t * fill_data,uint32_t fill_data_count,uint32_t alg_type)1167 int32_t crypto_rsa_decrypt_ops(uint64_t fd, struct drv_memref_t *fill_data, uint32_t fill_data_count, uint32_t alg_type)
1168 {
1169 struct crypto_ioctl input = {0};
1170 struct memref_t ioctl = { 0 };
1171 struct ctx_handle_t ctx = { 0 };
1172
1173 input.arg1 = alg_type;
1174
1175 int32_t ret = prepare_ioctl_parameters(fill_data, fill_data_count, &ioctl, &input, &ctx);
1176 if (ret != CRYPTO_SUCCESS) {
1177 tloge("rsa decrypt prepare ioctl parameters failed. ret = %d\n", ret);
1178 return ret;
1179 }
1180
1181 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_RSA_DECRYPT, (void *)(&input), sizeof(input));
1182 if (ret != CRYPTO_SUCCESS) {
1183 tloge("driver ioctl rsa decrypt failed. ret = %d\n", ret);
1184 goto end;
1185 }
1186
1187 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1188 if (ret != CRYPTO_SUCCESS) {
1189 tloge("rsa decrypt get share mem failed. ret = %d\n", ret);
1190 goto end;
1191 }
1192
1193 end:
1194 tee_crypto_free_sharemem(&ctx);
1195 return ret;
1196 }
1197
crypto_driver_rsa_decrypt(uint32_t alg_type,const struct rsa_priv_key_t * private_key,const struct asymmetric_params_t * rsa_params,const struct memref_t * data_in,struct memref_t * data_out,uint32_t engine)1198 int32_t crypto_driver_rsa_decrypt(uint32_t alg_type, const struct rsa_priv_key_t *private_key,
1199 const struct asymmetric_params_t *rsa_params, const struct memref_t *data_in, struct memref_t *data_out,
1200 uint32_t engine)
1201 {
1202 (void)engine;
1203 if (private_key == NULL || data_in == NULL || data_out == NULL) {
1204 tloge("private_key or data_in or data_out is NULL\n");
1205 return CRYPTO_BAD_PARAMETERS;
1206 }
1207
1208 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1209 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1210 if (fd <= 0) {
1211 tloge("open fd failed\n");
1212 return CRYPTO_OVERFLOW;
1213 }
1214
1215 uint8_t *attr_buf = NULL;
1216 uint32_t attr_buf_len = 0;
1217
1218 int32_t ret = restore_attrs(rsa_params, &attr_buf, &attr_buf_len);
1219 if (ret != CRYPTO_SUCCESS)
1220 goto end;
1221
1222 struct drv_memref_t fill_data[] = {
1223 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
1224 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
1225 { .buffer = (uint64_t)(uintptr_t)private_key, .size = sizeof(*private_key), .need_copy = true },
1226 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1227 };
1228
1229 ret = crypto_rsa_decrypt_ops(fd, fill_data, ARRAY_SIZE(fill_data), alg_type);
1230 if (ret != CRYPTO_SUCCESS) {
1231 tloge("crypto rsa decrypt ops failed. ret = %d", ret);
1232 goto end;
1233 }
1234
1235 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
1236 end:
1237 (void)tee_drv_close(fd);
1238 if (attr_buf != NULL)
1239 TEE_Free(attr_buf);
1240
1241 return ret;
1242 }
1243
crypto_rsa_sign_digest_ops(uint64_t fd,struct drv_memref_t * fill_data,uint32_t fill_data_count,uint32_t alg_type)1244 int32_t crypto_rsa_sign_digest_ops(uint64_t fd, struct drv_memref_t *fill_data,
1245 uint32_t fill_data_count, uint32_t alg_type)
1246 {
1247 struct crypto_ioctl input = {0};
1248 struct memref_t ioctl = { 0 };
1249 struct ctx_handle_t ctx = { 0 };
1250
1251 input.arg1 = alg_type;
1252
1253 int32_t ret = prepare_ioctl_parameters(fill_data, fill_data_count, &ioctl, &input, &ctx);
1254 if (ret != CRYPTO_SUCCESS) {
1255 tloge("rsa sign digest prepare ioctl parameters failed. ret = %d\n", ret);
1256 return ret;
1257 }
1258
1259 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_RSA_SIGN_DIGEST, (void *)(&input), sizeof(input));
1260 if (ret != CRYPTO_SUCCESS) {
1261 tloge("driver ioctl rsa sign digest failed. ret = %d\n", ret);
1262 goto end;
1263 }
1264
1265 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1266 if (ret != CRYPTO_SUCCESS) {
1267 tloge("rsa sign digest get share mem failed. ret = %d\n", ret);
1268 goto end;
1269 }
1270
1271 end:
1272 tee_crypto_free_sharemem(&ctx);
1273 return ret;
1274 }
1275
crypto_driver_rsa_sign_digest(uint32_t alg_type,const struct rsa_priv_key_t * private_key,const struct asymmetric_params_t * rsa_params,const struct memref_t * digest,struct memref_t * signature,uint32_t engine)1276 int32_t crypto_driver_rsa_sign_digest(uint32_t alg_type, const struct rsa_priv_key_t *private_key,
1277 const struct asymmetric_params_t *rsa_params,
1278 const struct memref_t *digest, struct memref_t *signature, uint32_t engine)
1279 {
1280 (void)engine;
1281 if (private_key == NULL || digest == NULL || signature == NULL) {
1282 tloge("private_key or digest or signature is NULL\n");
1283 return CRYPTO_BAD_PARAMETERS;
1284 }
1285
1286 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1287 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1288 if (fd <= 0) {
1289 tloge("open fd failed\n");
1290 return CRYPTO_OVERFLOW;
1291 }
1292
1293 uint8_t *attr_buf = NULL;
1294 uint32_t attr_buf_len = 0;
1295
1296 int32_t ret = restore_attrs(rsa_params, &attr_buf, &attr_buf_len);
1297 if (ret != CRYPTO_SUCCESS)
1298 goto end;
1299
1300 struct drv_memref_t fill_data[] = {
1301 { .buffer = signature->buffer, .size = signature->size, .need_copy = true },
1302 { .buffer = digest->buffer, .size = digest->size, .need_copy = true },
1303 { .buffer = (uint64_t)(uintptr_t)private_key, .size = sizeof(*private_key), .need_copy = true },
1304 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1305 };
1306
1307 ret = crypto_rsa_sign_digest_ops(fd, fill_data, ARRAY_SIZE(fill_data), alg_type);
1308 if (ret != CRYPTO_SUCCESS) {
1309 tloge("crypto rsa sign digest ops failed. ret = %d", ret);
1310 goto end;
1311 }
1312
1313 signature->size = fill_data[CRYPTO_SIGNATURE_OFFSET_0].size;
1314 end:
1315 (void)tee_drv_close(fd);
1316 if (attr_buf != NULL)
1317 TEE_Free(attr_buf);
1318
1319 return ret;
1320 }
1321
crypto_driver_rsa_verify_digest(uint32_t alg_type,const struct rsa_pub_key_t * public_key,const struct asymmetric_params_t * rsa_params,const struct memref_t * digest,const struct memref_t * signature,uint32_t engine)1322 int32_t crypto_driver_rsa_verify_digest(uint32_t alg_type, const struct rsa_pub_key_t *public_key,
1323 const struct asymmetric_params_t *rsa_params,
1324 const struct memref_t *digest, const struct memref_t *signature, uint32_t engine)
1325 {
1326 (void)engine;
1327 if (public_key == NULL || digest == NULL || signature == NULL) {
1328 tloge("public_key or digest or signature is NULL\n");
1329 return CRYPTO_BAD_PARAMETERS;
1330 }
1331
1332 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1333 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1334 if (fd <= 0) {
1335 tloge("open fd failed\n");
1336 return CRYPTO_OVERFLOW;
1337 }
1338
1339 uint8_t *attr_buf = NULL;
1340 uint32_t attr_buf_len = 0;
1341
1342 int32_t ret = restore_attrs(rsa_params, &attr_buf, &attr_buf_len);
1343 if (ret != CRYPTO_SUCCESS)
1344 goto end;
1345
1346 struct drv_memref_t fill_data[] = {
1347 { .buffer = signature->buffer, .size = signature->size, .need_copy = true },
1348 { .buffer = digest->buffer, .size = digest->size, .need_copy = true },
1349 { .buffer = (uint64_t)(uintptr_t)public_key, .size = sizeof(*public_key), .need_copy = true },
1350 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1351 };
1352 struct crypto_ioctl input = {0};
1353 struct memref_t ioctl = { 0 };
1354 struct ctx_handle_t ctx = { 0 };
1355
1356 ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
1357 if (ret != CRYPTO_SUCCESS) {
1358 tloge("rsa verify digest prepare ioctl parameters failed. ret = %d\n", ret);
1359 return ret;
1360 }
1361
1362 input.arg1 = alg_type;
1363
1364 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_RSA_VERIFY_DIGEST, (void *)(&input), sizeof(input));
1365 if (ret != CRYPTO_SUCCESS)
1366 tloge("driver ioctl rsa verify digest failed. ret = %d\n", ret);
1367
1368 end:
1369 (void)tee_drv_close(fd);
1370 tee_crypto_free_sharemem(&ctx);
1371 if (attr_buf != NULL)
1372 TEE_Free(attr_buf);
1373
1374 return ret;
1375 }
1376
crypto_driver_ecc_generate_keypair(uint32_t key_size,uint32_t curve,struct ecc_pub_key_t * public_key,struct ecc_priv_key_t * private_key,uint32_t engine)1377 int32_t crypto_driver_ecc_generate_keypair(uint32_t key_size, uint32_t curve,
1378 struct ecc_pub_key_t *public_key, struct ecc_priv_key_t *private_key, uint32_t engine)
1379 {
1380 (void)engine;
1381 if (public_key == NULL || private_key == NULL) {
1382 tloge("public_key or private_key is NULL\n");
1383 return CRYPTO_BAD_PARAMETERS;
1384 }
1385
1386 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1387 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1388 if (fd <= 0) {
1389 tloge("open fd failed\n");
1390 return CRYPTO_OVERFLOW;
1391 }
1392
1393 struct drv_memref_t fill_data[] = {
1394 { .buffer = (uint64_t)(uintptr_t)public_key, .size = sizeof(*public_key), .need_copy = true },
1395 { .buffer = (uint64_t)(uintptr_t)private_key, .size = sizeof(*private_key), .need_copy = true },
1396 };
1397
1398 struct crypto_ioctl input = {0};
1399 struct memref_t ioctl = { 0 };
1400 struct ctx_handle_t ctx = { 0 };
1401
1402 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
1403 if (ret != CRYPTO_SUCCESS) {
1404 tloge("ecc generate keypair prepare ioctl parameters failed. ret = %d\n", ret);
1405 return ret;
1406 }
1407
1408 input.arg1 = key_size;
1409 input.arg2 = curve;
1410
1411 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_ECC_GENERATE_KEYPAIR, (void *)(&input), sizeof(input));
1412 if (ret != CRYPTO_SUCCESS) {
1413 tloge("driver ioctl ecc generate keypair failed. ret = %d\n", ret);
1414 goto end;
1415 }
1416
1417 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_2);
1418 if (ret != CRYPTO_SUCCESS)
1419 tloge("ecc generate keypair get share mem failed. ret = %d\n", ret);
1420
1421 end:
1422 (void)tee_drv_close(fd);
1423 tee_crypto_free_sharemem(&ctx);
1424 return ret;
1425 }
1426
crypto_ecc_encrypt_ops(uint64_t fd,struct drv_memref_t * fill_data,uint32_t fill_data_count,uint32_t alg_type)1427 int32_t crypto_ecc_encrypt_ops(uint64_t fd, struct drv_memref_t *fill_data, uint32_t fill_data_count, uint32_t alg_type)
1428 {
1429 struct crypto_ioctl input = {0};
1430 struct memref_t ioctl = { 0 };
1431 struct ctx_handle_t ctx = { 0 };
1432
1433 input.arg1 = alg_type;
1434
1435 int32_t ret = prepare_ioctl_parameters(fill_data, fill_data_count, &ioctl, &input, &ctx);
1436 if (ret != CRYPTO_SUCCESS) {
1437 tloge("ecc encrypt prepare ioctl parameters failed. ret = %d\n", ret);
1438 return ret;
1439 }
1440
1441 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_ECC_ENCRYPT, (void *)(&input), sizeof(input));
1442 if (ret != CRYPTO_SUCCESS) {
1443 tloge("driver ioctl ecc encrypt failed. ret = %d\n", ret);
1444 goto end;
1445 }
1446
1447 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1448 if (ret != CRYPTO_SUCCESS) {
1449 tloge("ecc encrypt get share mem failed. ret = %d\n", ret);
1450 goto end;
1451 }
1452
1453 end:
1454 tee_crypto_free_sharemem(&ctx);
1455 return ret;
1456 }
1457
crypto_driver_ecc_encrypt(uint32_t alg_type,const struct ecc_pub_key_t * public_key,const struct asymmetric_params_t * ec_params,const struct memref_t * data_in,struct memref_t * data_out,uint32_t engine)1458 int32_t crypto_driver_ecc_encrypt(uint32_t alg_type, const struct ecc_pub_key_t *public_key,
1459 const struct asymmetric_params_t *ec_params,
1460 const struct memref_t *data_in, struct memref_t *data_out, uint32_t engine)
1461 {
1462 (void)engine;
1463 if (public_key == NULL || data_in == NULL || data_out == NULL) {
1464 tloge("public_key or data_in or data_out is NULL\n");
1465 return CRYPTO_BAD_PARAMETERS;
1466 }
1467
1468 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1469 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1470 if (fd <= 0) {
1471 tloge("open fd failed\n");
1472 return CRYPTO_OVERFLOW;
1473 }
1474
1475 uint8_t *attr_buf = NULL;
1476 uint32_t attr_buf_len = 0;
1477
1478 int32_t ret = restore_attrs(ec_params, &attr_buf, &attr_buf_len);
1479 if (ret != CRYPTO_SUCCESS)
1480 goto end;
1481
1482 struct drv_memref_t fill_data[] = {
1483 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
1484 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
1485 { .buffer = (uint64_t)(uintptr_t)public_key, .size = sizeof(*public_key), .need_copy = true },
1486 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1487 };
1488
1489 ret = crypto_ecc_encrypt_ops(fd, fill_data, ARRAY_SIZE(fill_data), alg_type);
1490 if (ret != CRYPTO_SUCCESS) {
1491 tloge("crypto ecc encrypt ops failed. ret = %d", ret);
1492 goto end;
1493 }
1494
1495 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
1496 end:
1497 (void)tee_drv_close(fd);
1498 if (attr_buf != NULL)
1499 TEE_Free(attr_buf);
1500
1501 return ret;
1502 }
1503
crypto_ecc_decrypt_ops(uint64_t fd,struct drv_memref_t * fill_data,uint32_t fill_data_count,uint32_t alg_type)1504 int32_t crypto_ecc_decrypt_ops(uint64_t fd, struct drv_memref_t *fill_data, uint32_t fill_data_count, uint32_t alg_type)
1505 {
1506 struct crypto_ioctl input = {0};
1507 struct memref_t ioctl = { 0 };
1508 struct ctx_handle_t ctx = { 0 };
1509
1510 input.arg1 = alg_type;
1511
1512 int32_t ret = prepare_ioctl_parameters(fill_data, fill_data_count, &ioctl, &input, &ctx);
1513 if (ret != CRYPTO_SUCCESS) {
1514 tloge("ecc decrypt prepare ioctl parameters failed. ret = %d\n", ret);
1515 return ret;
1516 }
1517
1518 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_ECC_DECRYPT, (void *)(&input), sizeof(input));
1519 if (ret != CRYPTO_SUCCESS) {
1520 tloge("driver ioctl ecc decrypt failed. ret = %d\n", ret);
1521 goto end;
1522 }
1523
1524 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1525 if (ret != CRYPTO_SUCCESS) {
1526 tloge("ecc decrypt get share mem failed. ret = %d\n", ret);
1527 goto end;
1528 }
1529
1530 end:
1531 tee_crypto_free_sharemem(&ctx);
1532 return ret;
1533 }
1534
crypto_driver_ecc_decrypt(uint32_t alg_type,const struct ecc_priv_key_t * private_key,const struct asymmetric_params_t * ec_params,const struct memref_t * data_in,struct memref_t * data_out,uint32_t engine)1535 int32_t crypto_driver_ecc_decrypt(uint32_t alg_type, const struct ecc_priv_key_t *private_key,
1536 const struct asymmetric_params_t *ec_params,
1537 const struct memref_t *data_in, struct memref_t *data_out, uint32_t engine)
1538 {
1539 (void)engine;
1540 if (private_key == NULL || data_in == NULL || data_out == NULL) {
1541 tloge("private_key or data_in or data_out is NULL\n");
1542 return CRYPTO_BAD_PARAMETERS;
1543 }
1544
1545 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1546 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1547 if (fd <= 0) {
1548 tloge("open fd failed\n");
1549 return CRYPTO_OVERFLOW;
1550 }
1551
1552 uint8_t *attr_buf = NULL;
1553 uint32_t attr_buf_len = 0;
1554
1555 int32_t ret = restore_attrs(ec_params, &attr_buf, &attr_buf_len);
1556 if (ret != CRYPTO_SUCCESS)
1557 goto end;
1558
1559 struct drv_memref_t fill_data[] = {
1560 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
1561 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
1562 { .buffer = (uint64_t)(uintptr_t)private_key, .size = sizeof(*private_key), .need_copy = true },
1563 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1564 };
1565
1566 ret = crypto_ecc_decrypt_ops(fd, fill_data, ARRAY_SIZE(fill_data), alg_type);
1567 if (ret != CRYPTO_SUCCESS) {
1568 tloge("crypto ecc decrypt ops failed. ret = %d", ret);
1569 goto end;
1570 }
1571
1572 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
1573 end:
1574 (void)tee_drv_close(fd);
1575 if (attr_buf != NULL)
1576 TEE_Free(attr_buf);
1577
1578 return ret;
1579 }
1580
crypto_ecc_sign_digest_ops(uint64_t fd,struct drv_memref_t * fill_data,uint32_t fill_data_count,uint32_t alg_type)1581 int32_t crypto_ecc_sign_digest_ops(uint64_t fd, struct drv_memref_t *fill_data,
1582 uint32_t fill_data_count, uint32_t alg_type)
1583 {
1584 struct crypto_ioctl input = {0};
1585 struct memref_t ioctl = { 0 };
1586 struct ctx_handle_t ctx = { 0 };
1587
1588 input.arg1 = alg_type;
1589
1590 int32_t ret = prepare_ioctl_parameters(fill_data, fill_data_count, &ioctl, &input, &ctx);
1591 if (ret != CRYPTO_SUCCESS) {
1592 tloge("ecc sign digest prepare ioctl parameters failed. ret = %d\n", ret);
1593 return ret;
1594 }
1595
1596 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_ECC_SIGN_DIGEST, (void *)(&input), sizeof(input));
1597 if (ret != CRYPTO_SUCCESS) {
1598 tloge("driver ioctl ecc sign digest failed. ret = %d\n", ret);
1599 goto end;
1600 }
1601
1602 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1603 if (ret != CRYPTO_SUCCESS) {
1604 tloge("ecc sign digest get share mem failed. ret = %d\n", ret);
1605 goto end;
1606 }
1607
1608 end:
1609 tee_crypto_free_sharemem(&ctx);
1610 return ret;
1611 }
1612
crypto_driver_ecc_sign_digest(uint32_t alg_type,const struct ecc_priv_key_t * private_key,const struct asymmetric_params_t * ec_params,const struct memref_t * digest,struct memref_t * signature,uint32_t engine)1613 int32_t crypto_driver_ecc_sign_digest(uint32_t alg_type, const struct ecc_priv_key_t *private_key,
1614 const struct asymmetric_params_t *ec_params,
1615 const struct memref_t *digest, struct memref_t *signature, uint32_t engine)
1616 {
1617 (void)engine;
1618 if (private_key == NULL || digest == NULL || signature == NULL) {
1619 tloge("private_key or digest or signature is NULL\n");
1620 return CRYPTO_BAD_PARAMETERS;
1621 }
1622
1623 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1624 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1625 if (fd <= 0) {
1626 tloge("open fd failed\n");
1627 return CRYPTO_OVERFLOW;
1628 }
1629
1630 uint8_t *attr_buf = NULL;
1631 uint32_t attr_buf_len = 0;
1632
1633 int32_t ret = restore_attrs(ec_params, &attr_buf, &attr_buf_len);
1634 if (ret != CRYPTO_SUCCESS)
1635 goto end;
1636
1637 struct drv_memref_t fill_data[] = {
1638 { .buffer = signature->buffer, .size = signature->size, .need_copy = true },
1639 { .buffer = digest->buffer, .size = digest->size, .need_copy = true },
1640 { .buffer = (uint64_t)(uintptr_t)private_key, .size = sizeof(*private_key), .need_copy = true },
1641 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1642 };
1643
1644 ret = crypto_ecc_sign_digest_ops(fd, fill_data, ARRAY_SIZE(fill_data), alg_type);
1645 if (ret != CRYPTO_SUCCESS) {
1646 tloge("crypto ecc sign digest ops failed. ret = %d", ret);
1647 goto end;
1648 }
1649
1650 signature->size = fill_data[CRYPTO_SIGNATURE_OFFSET_0].size;
1651 end:
1652 (void)tee_drv_close(fd);
1653 if (attr_buf != NULL)
1654 TEE_Free(attr_buf);
1655
1656 return ret;
1657 }
1658
crypto_driver_ecc_verify_digest(uint32_t alg_type,const struct ecc_pub_key_t * public_key,const struct asymmetric_params_t * ec_params,const struct memref_t * digest,const struct memref_t * signature,uint32_t engine)1659 int32_t crypto_driver_ecc_verify_digest(uint32_t alg_type, const struct ecc_pub_key_t *public_key,
1660 const struct asymmetric_params_t *ec_params,
1661 const struct memref_t *digest, const struct memref_t *signature, uint32_t engine)
1662 {
1663 (void)engine;
1664 if (public_key == NULL || digest == NULL || signature == NULL) {
1665 tloge("public_key or digest or signature is NULL\n");
1666 return CRYPTO_BAD_PARAMETERS;
1667 }
1668
1669 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1670 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1671 if (fd <= 0) {
1672 tloge("open fd failed\n");
1673 return CRYPTO_OVERFLOW;
1674 }
1675
1676 uint8_t *attr_buf = NULL;
1677 uint32_t attr_buf_len = 0;
1678
1679 int32_t ret = restore_attrs(ec_params, &attr_buf, &attr_buf_len);
1680 if (ret != CRYPTO_SUCCESS)
1681 goto end;
1682
1683 struct drv_memref_t fill_data[] = {
1684 { .buffer = signature->buffer, .size = signature->size, .need_copy = true },
1685 { .buffer = digest->buffer, .size = digest->size, .need_copy = true },
1686 { .buffer = (uint64_t)(uintptr_t)public_key, .size = sizeof(*public_key), .need_copy = true },
1687 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1688 };
1689 struct crypto_ioctl input = {0};
1690 struct memref_t ioctl = { 0 };
1691 struct ctx_handle_t ctx = { 0 };
1692
1693 ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
1694 if (ret != CRYPTO_SUCCESS) {
1695 tloge("ecc verify digest prepare ioctl parameters failed. ret = %d\n", ret);
1696 return ret;
1697 }
1698
1699 input.arg1 = alg_type;
1700
1701 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_ECC_VERIFY_DIGEST, (void *)(&input), sizeof(input));
1702 if (ret != CRYPTO_SUCCESS) {
1703 tloge("driver ioctl ecc verify digest failed. ret = %d\n", ret);
1704 goto end;
1705 }
1706
1707 end:
1708 (void)tee_drv_close(fd);
1709 tee_crypto_free_sharemem(&ctx);
1710 if (attr_buf != NULL)
1711 TEE_Free(attr_buf);
1712
1713 return ret;
1714 }
1715
crypto_ecdh_derive_key_ops(uint64_t fd,struct drv_memref_t * fill_data,uint32_t fill_data_count,uint32_t alg_type)1716 int32_t crypto_ecdh_derive_key_ops(uint64_t fd, struct drv_memref_t *fill_data,
1717 uint32_t fill_data_count, uint32_t alg_type)
1718 {
1719 struct crypto_ioctl input = {0};
1720 struct memref_t ioctl = { 0 };
1721 struct ctx_handle_t ctx = { 0 };
1722
1723 input.arg1 = alg_type;
1724
1725 int32_t ret = prepare_ioctl_parameters(fill_data, fill_data_count, &ioctl, &input, &ctx);
1726 if (ret != CRYPTO_SUCCESS) {
1727 tloge("ecdh derive key prepare ioctl parameters failed. ret = %d\n", ret);
1728 return ret;
1729 }
1730
1731 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_ECDH_DERIVE_KEY, (void *)(&input), sizeof(input));
1732 if (ret != CRYPTO_SUCCESS) {
1733 tloge("driver ioctl ecdh derive key failed. ret = %d\n", ret);
1734 goto end;
1735 }
1736
1737 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1738 if (ret != CRYPTO_SUCCESS) {
1739 tloge("ecdh derive key get share mem failed. ret = %d\n", ret);
1740 goto end;
1741 }
1742
1743 end:
1744 tee_crypto_free_sharemem(&ctx);
1745 return ret;
1746 }
1747
crypto_driver_ecdh_derive_key(uint32_t alg_type,const struct ecc_pub_key_t * client_key,const struct ecc_priv_key_t * server_key,const struct asymmetric_params_t * ec_params,struct memref_t * secret,uint32_t engine)1748 int32_t crypto_driver_ecdh_derive_key(uint32_t alg_type,
1749 const struct ecc_pub_key_t *client_key, const struct ecc_priv_key_t *server_key,
1750 const struct asymmetric_params_t *ec_params, struct memref_t *secret, uint32_t engine)
1751 {
1752 (void)engine;
1753 if (client_key == NULL || server_key == NULL || secret == NULL) {
1754 tloge("client_key or server_key or secret is NULL\n");
1755 return CRYPTO_BAD_PARAMETERS;
1756 }
1757
1758 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1759 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1760 if (fd <= 0) {
1761 tloge("open fd failed\n");
1762 return CRYPTO_OVERFLOW;
1763 }
1764
1765 uint8_t *attr_buf = NULL;
1766 uint32_t attr_buf_len = 0;
1767
1768 int32_t ret = restore_attrs(ec_params, &attr_buf, &attr_buf_len);
1769 if (ret != CRYPTO_SUCCESS)
1770 goto end;
1771
1772 struct drv_memref_t fill_data[] = {
1773 { .buffer = secret->buffer, .size = secret->size, .need_copy = true },
1774 { .buffer = (uint64_t)(uintptr_t)client_key, .size = sizeof(*client_key), .need_copy = true },
1775 { .buffer = (uint64_t)(uintptr_t)server_key, .size = sizeof(*server_key), .need_copy = true },
1776 { .buffer = (uint64_t)(uintptr_t)attr_buf, .size = attr_buf_len, .need_copy = true },
1777 };
1778
1779 ret = crypto_ecdh_derive_key_ops(fd, fill_data, ARRAY_SIZE(fill_data), alg_type);
1780 if (ret != CRYPTO_SUCCESS) {
1781 tloge("crypto ecdh derive key ops failed. ret = %d", ret);
1782 goto end;
1783 }
1784
1785 secret->size = fill_data[CRYPTO_SECRET_OFFSET_0].size;
1786 end:
1787 (void)tee_drv_close(fd);
1788 if (attr_buf != NULL)
1789 TEE_Free(attr_buf);
1790
1791 return ret;
1792 }
1793
crypto_driver_dh_generate_key(const struct dh_key_t * dh_generate_key_data,struct memref_t * pub_key,struct memref_t * priv_key,uint32_t engine)1794 int32_t crypto_driver_dh_generate_key(const struct dh_key_t *dh_generate_key_data,
1795 struct memref_t *pub_key, struct memref_t *priv_key, uint32_t engine)
1796 {
1797 (void)engine;
1798 if (dh_generate_key_data == NULL || pub_key == NULL || priv_key == NULL) {
1799 tloge("dh_generate_key_data or pub_key or priv_key is NULL\n");
1800 return CRYPTO_BAD_PARAMETERS;
1801 }
1802
1803 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1804 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1805 if (fd <= 0) {
1806 tloge("open fd failed\n");
1807 return CRYPTO_OVERFLOW;
1808 }
1809
1810 struct drv_memref_t fill_data[] = {
1811 { .buffer = pub_key->buffer, .size = pub_key->size, .need_copy = true },
1812 { .buffer = priv_key->buffer, .size = priv_key->size, .need_copy = true },
1813 { .buffer = dh_generate_key_data->prime, .size = dh_generate_key_data->prime_size, .need_copy = true },
1814 { .buffer = dh_generate_key_data->generator, .size = dh_generate_key_data->generator_size, .need_copy = true },
1815 { .buffer = dh_generate_key_data->dh_param.generate_key_t.q,
1816 .size = dh_generate_key_data->dh_param.generate_key_t.q_size, .need_copy = true },
1817 };
1818 struct crypto_ioctl input = {0};
1819 struct memref_t ioctl = { 0 };
1820 struct ctx_handle_t ctx = { 0 };
1821
1822 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
1823 if (ret != CRYPTO_SUCCESS) {
1824 tloge("dh generate key prepare ioctl parameters failed. ret = %d\n", ret);
1825 return ret;
1826 }
1827
1828 input.arg1 = dh_generate_key_data->dh_param.generate_key_t.l;
1829 input.arg2 = dh_generate_key_data->dh_param.generate_key_t.dh_mode;
1830
1831 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_DH_GENERATE_KEY, (void *)(&input), sizeof(input));
1832 if (ret != CRYPTO_SUCCESS) {
1833 tloge("driver ioctl dh generate key failed. ret = %d\n", ret);
1834 goto end;
1835 }
1836
1837 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_2);
1838 if (ret != CRYPTO_SUCCESS)
1839 tloge("dh generate key get share mem failed. ret = %d\n", ret);
1840
1841 end:
1842 (void)tee_drv_close(fd);
1843 tee_crypto_free_sharemem(&ctx);
1844 return ret;
1845 }
1846
crypto_driver_dh_derive_key(const struct dh_key_t * dh_derive_key_data,struct memref_t * secret,uint32_t engine)1847 int32_t crypto_driver_dh_derive_key(const struct dh_key_t *dh_derive_key_data,
1848 struct memref_t *secret, uint32_t engine)
1849 {
1850 (void)engine;
1851 if (dh_derive_key_data == NULL || secret == NULL) {
1852 tloge("dh_derive_key_data or secret is NULL\n");
1853 return CRYPTO_BAD_PARAMETERS;
1854 }
1855
1856 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1857 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1858 if (fd <= 0) {
1859 tloge("open fd failed\n");
1860 return CRYPTO_OVERFLOW;
1861 }
1862
1863 struct drv_memref_t fill_data[] = {
1864 { .buffer = secret->buffer, .size = secret->size, .need_copy = true },
1865 { .buffer = dh_derive_key_data->prime, .size = dh_derive_key_data->prime_size, .need_copy = true },
1866 { .buffer = dh_derive_key_data->generator, .size = dh_derive_key_data->generator_size, .need_copy = true },
1867 { .buffer = dh_derive_key_data->dh_param.derive_key_t.pub_key,
1868 .size = dh_derive_key_data->dh_param.derive_key_t.pub_key_size, .need_copy = true },
1869 { .buffer = dh_derive_key_data->dh_param.derive_key_t.priv_key,
1870 .size = dh_derive_key_data->dh_param.derive_key_t.priv_key_size, .need_copy = true },
1871 };
1872
1873 struct crypto_ioctl input = {0};
1874 struct memref_t ioctl = { 0 };
1875 struct ctx_handle_t ctx = { 0 };
1876
1877 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, &input, &ctx);
1878 if (ret != CRYPTO_SUCCESS) {
1879 tloge("dh derive key prepare ioctl parameters failed. ret = %d\n", ret);
1880 return ret;
1881 }
1882
1883 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_DH_DERIVE_KEY, (void *)(&input), sizeof(input));
1884 if (ret != CRYPTO_SUCCESS) {
1885 tloge("driver ioctl dh derive key failed. ret = %d\n", ret);
1886 goto end;
1887 }
1888
1889 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
1890 if (ret != CRYPTO_SUCCESS)
1891 tloge("dh derive key get share mem failed. ret = %d\n", ret);
1892
1893 end:
1894 (void)tee_drv_close(fd);
1895 tee_crypto_free_sharemem(&ctx);
1896 return ret;
1897 }
1898
crypto_get_buf_ops(uint32_t cmd_id,uint64_t fd,void * buffer,uint32_t size)1899 int32_t crypto_get_buf_ops(uint32_t cmd_id, uint64_t fd, void *buffer, uint32_t size)
1900 {
1901 int64_t ret;
1902 struct crypto_ioctl input = { 0 };
1903
1904 struct drv_memref_t fill_data[] = {
1905 { .buffer = (uint64_t)(uintptr_t)buffer, .size = size, .need_copy = true }
1906 };
1907
1908 uint32_t ioctl_size = size + sizeof(uint32_t);
1909 TEE_UUID uuid = CRYPTOMGR;
1910 uint8_t *ioctl_buf = alloc_sharemem_aux(&uuid, ioctl_size);
1911 if (ioctl_buf == NULL) {
1912 tloge("init alloc share mem failed\n");
1913 return CRYPTO_OVERFLOW;
1914 }
1915
1916 ret = fill_share_mem(ioctl_buf, fill_data, ARRAY_SIZE(fill_data));
1917 if (ret != CRYPTO_SUCCESS)
1918 goto end;
1919
1920 input.buf = (uint64_t)(uintptr_t)ioctl_buf;
1921 input.buf_len = ioctl_size;
1922 input.total_nums = ARRAY_SIZE(fill_data);
1923
1924 ret = tee_drv_ioctl(fd, cmd_id, (void *)(&input), sizeof(input));
1925 if (ret != CRYPTO_SUCCESS) {
1926 tloge("share buffer failed\n");
1927 goto end;
1928 }
1929
1930 ret = get_share_mem(ioctl_buf, fill_data, CRYPTO_PARAM_COUNT_1);
1931 if (ret != CRYPTO_SUCCESS)
1932 goto end;
1933
1934 end:
1935 if (ioctl_buf != NULL)
1936 free_sharemem(ioctl_buf, ioctl_size);
1937
1938 return ret;
1939 }
1940
crypto_driver_generate_random(void * buffer,uint32_t size,bool is_hw_rand)1941 int32_t crypto_driver_generate_random(void *buffer, uint32_t size, bool is_hw_rand)
1942 {
1943 (void)is_hw_rand;
1944 if (buffer == NULL || size == 0) {
1945 tloge("params is invalid");
1946 return CRYPTO_BAD_PARAMETERS;
1947 }
1948 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1949 int64_t fd = tee_drv_open(drv_name, NULL, 0);
1950 if (fd <= 0) {
1951 tloge("open fd failed\n");
1952 return CRYPTO_OVERFLOW;
1953 }
1954 int32_t ret = crypto_get_buf_ops(IOCTRL_CRYPTO_GENERATE_RANDOM, fd, buffer, size);
1955
1956 (void)tee_drv_close(fd);
1957 return ret;
1958 }
1959
crypto_driver_get_entropy(void * buffer,uint32_t size)1960 int32_t crypto_driver_get_entropy(void *buffer, uint32_t size)
1961 {
1962 #if !defined(CRYPTO_MGR_SERVER_ENABLE)
1963 return soft_random_get(buffer, size);
1964 #else
1965 if (buffer == NULL || size == 0) {
1966 tloge("params is invalid");
1967 return CRYPTO_BAD_PARAMETERS;
1968 }
1969 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
1970 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
1971 if (fd <= 0) {
1972 tloge("open fd failed\n");
1973 return CRYPTO_OVERFLOW;
1974 }
1975 int32_t ret = crypto_get_buf_ops(IOCTRL_CRYPTO_GET_ENTROPY, fd, buffer, size);
1976 if (ret != CRYPTO_SUCCESS)
1977 tloge("generate random failed");
1978
1979 (void)tee_drv_close(fd);
1980 return ret;
1981 #endif
1982 }
1983
crypto_root_key_ops(uint64_t fd,const struct memref_t * data_in,struct memref_t * data_out,struct crypto_ioctl * input)1984 static int32_t crypto_root_key_ops(uint64_t fd, const struct memref_t *data_in,
1985 struct memref_t *data_out, struct crypto_ioctl *input)
1986 {
1987 int32_t ret;
1988
1989 struct drv_memref_t fill_data[] = {
1990 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
1991 { .buffer = data_in->buffer, .size = data_in->size, .need_copy = true },
1992 };
1993
1994 uint32_t ioctl_size = data_out->size + data_in->size + ARRAY_SIZE(fill_data) * sizeof(uint32_t);
1995 TEE_UUID uuid = CRYPTOMGR;
1996 uint8_t *ioctl_buf = alloc_sharemem_aux(&uuid, ioctl_size);
1997 if (ioctl_buf == NULL) {
1998 tloge("root init alloc share mem failed\n");
1999 return CRYPTO_OVERFLOW;
2000 }
2001
2002 ret = fill_share_mem(ioctl_buf, fill_data, ARRAY_SIZE(fill_data));
2003 if (ret != CRYPTO_SUCCESS)
2004 goto end;
2005
2006 input->buf = (uint64_t)(uintptr_t)ioctl_buf;
2007 input->buf_len = ioctl_size;
2008 input->total_nums = ARRAY_SIZE(fill_data);
2009
2010 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_DERIVE_ROOT_KEY, (void *)(input), sizeof(*input));
2011 if (ret != CRYPTO_SUCCESS) {
2012 tloge("share buffer failed\n");
2013 goto end;
2014 }
2015
2016 ret = get_share_mem(ioctl_buf, fill_data, CRYPTO_PARAM_COUNT_1);
2017 if (ret != CRYPTO_SUCCESS)
2018 goto end;
2019 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
2020
2021 end:
2022 if (ioctl_buf != NULL)
2023 free_sharemem(ioctl_buf, ioctl_size);
2024
2025 return ret;
2026 }
2027
crypto_driver_derive_root_key(uint32_t derive_type,const struct memref_t * data_in,struct memref_t * data_out,uint32_t iter_num)2028 int32_t crypto_driver_derive_root_key(uint32_t derive_type,
2029 const struct memref_t *data_in, struct memref_t *data_out, uint32_t iter_num)
2030 {
2031 struct crypto_ioctl input = { 0 };
2032
2033 if (data_in == NULL || data_out == 0) {
2034 tloge("params is invalid");
2035 return CRYPTO_BAD_PARAMETERS;
2036 }
2037
2038 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
2039 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
2040 if (fd <= 0) {
2041 tloge("open fd failed\n");
2042 return CRYPTO_OVERFLOW;
2043 }
2044 input.arg1 = derive_type;
2045 input.arg2 = iter_num;
2046 int32_t ret = crypto_root_key_ops(fd, data_in, data_out, &input);
2047 if (ret != CRYPTO_SUCCESS)
2048 tloge("generate random failed");
2049
2050 (void)tee_drv_close(fd);
2051
2052 return ret;
2053 }
2054
crypto_pbkdf2_ops(uint64_t fd,const struct memref_t * password,const struct memref_t * salt,struct memref_t * data_out,struct crypto_ioctl * input)2055 static int32_t crypto_pbkdf2_ops(uint64_t fd, const struct memref_t *password,
2056 const struct memref_t *salt, struct memref_t *data_out, struct crypto_ioctl *input)
2057 {
2058 struct drv_memref_t fill_data[] = {
2059 { .buffer = data_out->buffer, .size = data_out->size, .need_copy = false },
2060 { .buffer = salt->buffer, .size = salt->size, .need_copy = true },
2061 { .buffer = password->buffer, .size = password->size, .need_copy = true }
2062 };
2063
2064 struct memref_t ioctl = { 0 };
2065 struct ctx_handle_t ctx = { 0 };
2066
2067 int32_t ret = prepare_ioctl_parameters(fill_data, ARRAY_SIZE(fill_data), &ioctl, input, &ctx);
2068 if (ret != CRYPTO_SUCCESS) {
2069 tloge("pbkdf2 prepare ioctl parameters failed. ret = %d\n", ret);
2070 return ret;
2071 }
2072
2073 ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_PBKDF2, (void *)(input), sizeof(*input));
2074 if (ret != CRYPTO_SUCCESS) {
2075 tloge("driver ioctl pbkdf2 failed. ret = %d\n", ret);
2076 goto end;
2077 }
2078
2079 ret = get_share_mem((uint8_t *)(uintptr_t)ioctl.buffer, fill_data, CRYPTO_PARAM_COUNT_1);
2080 if (ret != CRYPTO_SUCCESS) {
2081 tloge("driver ioctl pbkdf2 failed. ret = %d\n", ret);
2082 goto end;
2083 }
2084
2085 data_out->size = fill_data[CRYPTO_DATA_OUT_OFFSET_0].size;
2086 end:
2087 tee_crypto_free_sharemem(&ctx);
2088 return ret;
2089 }
2090
crypto_driver_pbkdf2(const struct memref_t * password,const struct memref_t * salt,uint32_t iterations,uint32_t digest_type,struct memref_t * data_out,uint32_t engine)2091 int32_t crypto_driver_pbkdf2(const struct memref_t *password, const struct memref_t *salt, uint32_t iterations,
2092 uint32_t digest_type, struct memref_t *data_out, uint32_t engine)
2093 {
2094 (void)engine;
2095 struct crypto_ioctl input = { 0 };
2096
2097 if (password == NULL || salt == NULL || data_out == NULL) {
2098 tloge("params is invalid");
2099 return CRYPTO_BAD_PARAMETERS;
2100 }
2101
2102 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
2103 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
2104 if (fd <= 0) {
2105 tloge("open fd failed\n");
2106 return CRYPTO_OVERFLOW;
2107 }
2108
2109 input.arg1 = iterations;
2110 input.arg2 = digest_type;
2111 int32_t ret = crypto_pbkdf2_ops(fd, password, salt, data_out, &input);
2112 if (ret != CRYPTO_SUCCESS)
2113 tloge("crypto pbkdf2 failed");
2114
2115 (void)tee_drv_close(fd);
2116
2117 return ret;
2118 }
2119
tee_crypto_check_alg_support(uint32_t alg_type)2120 int32_t tee_crypto_check_alg_support(uint32_t alg_type)
2121 {
2122 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
2123
2124 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
2125 if (fd <= 0) {
2126 tloge("open fd failed\n");
2127 return CRYPTO_OVERFLOW;
2128 }
2129
2130 int32_t ret = tee_drv_ioctl(fd, IOCTRL_CRYPTO_CHECK_ALG_SUPPORT, (void *)(&alg_type), sizeof(uint32_t));
2131 if (ret != CRYPTO_SUCCESS)
2132 tloge("check alg support failed\n");
2133
2134 (void)tee_drv_close(fd);
2135
2136 return ret;
2137 }
2138
tee_crypto_get_oemkey(void * buf,uint32_t size)2139 int32_t tee_crypto_get_oemkey(void *buf, uint32_t size)
2140 {
2141 const char *drv_name = TEE_CRYPTO_DRIVER_NAME;
2142
2143 uint64_t fd = tee_drv_open(drv_name, NULL, 0);
2144 if (fd <= 0) {
2145 tloge("open fd failed\n");
2146 return CRYPTO_OVERFLOW;
2147 }
2148
2149 int32_t ret = crypto_get_buf_ops(IOCTRL_CRYPTO_GET_OEMKEY, fd, buf, size);
2150 if (ret != CRYPTO_SUCCESS)
2151 tloge("get oemkey failed\n");
2152
2153 (void)tee_drv_close(fd);
2154
2155 return ret;
2156 }
2157