1 /*
2 * Copyright (C) 2022 Huawei Technologies Co., Ltd.
3 * Licensed under the Mulan PSL v2.
4 * You can use this software according to the terms and conditions of the Mulan PSL v2.
5 * You may obtain a copy of Mulan PSL v2 at:
6 * http://license.coscl.org.cn/MulanPSL2
7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
9 * PURPOSE.
10 * See the Mulan PSL v2 for more details.
11 */
12 #include "tee_load_key_ops.h"
13 #include "tee_elf_verify.h"
14 #include "ta_load_key.h"
15 #include "ta_framework.h"
16 #include "tee_mem_mgmt_api.h"
17 #include "tee_log.h"
18 #include "crypto_inner_interface.h"
19 #include "tee_crypto_hal.h"
20 #include "ta_load_config.h"
21 #include <tee_crypto_signature_verify.h>
22 #include "securec.h"
23 #include "tee_elf_verify_openssl.h"
24
get_key_data(int32_t img_version,struct key_data * key_data)25 TEE_Result get_key_data(int32_t img_version, struct key_data *key_data)
26 {
27 TEE_Result ret;
28
29 switch (img_version) {
30 case TA_RSA2048_VERSION:
31 ret = get_ta_load_key(key_data);
32 break;
33 case CIPHER_LAYER_VERSION:
34 ret = get_ta_load_key(key_data);
35 break;
36 default:
37 tloge("Unsupported secure image version: %d\n", img_version);
38 return TEE_ERROR_BAD_PARAMETERS;
39 }
40
41 if (ret != TEE_SUCCESS)
42 tloge("get key failed for version:%d\n", img_version);
43
44 return ret;
45 }
46
get_ecies_key_data(int32_t img_version,enum ta_type type)47 const struct ecies_key_struct *get_ecies_key_data(int32_t img_version, enum ta_type type)
48 {
49 TEE_Result ret;
50 struct key_data key_data = {
51 .pro_type = ECIES_KEY,
52 .ta_type = type,
53 .key = NULL,
54 .key_len = 0,
55 };
56
57 ret = get_key_data(img_version, &key_data);
58 if (ret != TEE_SUCCESS) {
59 tloge("get ecies key failed for version:%d\n", img_version);
60 return NULL;
61 }
62
63 if (key_data.key_len != sizeof(struct ecies_key_struct)) {
64 tloge("ecies key len error\n");
65 return NULL;
66 }
67
68 return (struct ecies_key_struct *)key_data.key;
69 }
70
get_rsa_priv_aes_key(const struct ecies_key_struct * ecies_key_data,uint8_t * key_buff,uint32_t buff_size)71 TEE_Result get_rsa_priv_aes_key(const struct ecies_key_struct *ecies_key_data, uint8_t *key_buff,
72 uint32_t buff_size)
73 {
74 if (ecies_key_data == NULL)
75 return TEE_ERROR_BAD_PARAMETERS;
76 uint8_t oem_ecc_priv[ECIES_PRIV_LEN];
77 struct ecc_derive_data_st ecc_data = {0};
78
79 int ret = get_class_ecc_key(oem_ecc_priv, ECIES_PRIV_LEN);
80 if (ret != 0) {
81 tloge("OEM KEY get failed");
82 return TEE_ERROR_ITEM_NOT_FOUND;
83 }
84 ecc_data.ec1_priv = oem_ecc_priv;
85 ecc_data.ec1_len = sizeof(oem_ecc_priv);
86 ecc_data.ec2_pub = ecies_key_data->ecc_pub;
87 ecc_data.ec2_len = sizeof(ecies_key_data->ecc_pub);
88 ret = ecies_kem_decrypt(&ecc_data, key_buff, buff_size);
89 (void)memset_s(oem_ecc_priv, sizeof(oem_ecc_priv), 0, sizeof(oem_ecc_priv));
90 if (ret < 0) {
91 tloge("ECIES decryption failed");
92 return TEE_ERROR_GENERIC;
93 }
94 return TEE_SUCCESS;
95 }
96
aes_decrypt_rsa_private(const struct ecies_key_struct * ecies_data,const uint8_t * aes_key,uint32_t key_size,struct rsa_priv_key * priv)97 TEE_Result aes_decrypt_rsa_private(const struct ecies_key_struct *ecies_data, const uint8_t *aes_key,
98 uint32_t key_size, struct rsa_priv_key *priv)
99 {
100 (void)key_size;
101 if (ecies_data == NULL)
102 return TEE_ERROR_BAD_PARAMETERS;
103
104 int32_t ret = aes_cbc_256_decrypt(aes_key, ecies_data->iv, ecies_data->wrapped_rsa_priv_p,
105 ecies_data->wrapped_rsa_priv_p_len, priv->p);
106 bool con = (ret == -1 || ret > (int32_t)ecies_data->wrapped_rsa_priv_p_len);
107 if (con)
108 return TEE_ERROR_GENERIC;
109 priv->p_size = (uint32_t)ret;
110 ret = aes_cbc_256_decrypt(aes_key, ecies_data->iv, ecies_data->wrapped_rsa_priv_q,
111 ecies_data->wrapped_rsa_priv_q_len, priv->q);
112 con = (ret == -1 || ret > (int32_t)ecies_data->wrapped_rsa_priv_q_len);
113 if (con)
114 return TEE_ERROR_GENERIC;
115 priv->q_size = (uint32_t)ret;
116 ret = aes_cbc_256_decrypt(aes_key, ecies_data->iv, ecies_data->wrapped_rsa_priv_dq,
117 ecies_data->wrapped_rsa_priv_dq_len, priv->dq);
118 con = (ret == -1 || ret > (int32_t)ecies_data->wrapped_rsa_priv_dq_len);
119 if (con)
120 return TEE_ERROR_GENERIC;
121 priv->dq_size = (uint32_t)ret;
122 ret = aes_cbc_256_decrypt(aes_key, ecies_data->iv, ecies_data->wrapped_rsa_priv_dp,
123 ecies_data->wrapped_rsa_priv_dp_len, priv->dp);
124 con = (ret == -1 || ret > (int32_t)ecies_data->wrapped_rsa_priv_dp_len);
125 if (con)
126 return TEE_ERROR_GENERIC;
127 priv->dp_size = (uint32_t)ret;
128 ret = aes_cbc_256_decrypt(aes_key, ecies_data->iv, ecies_data->wrapped_rsa_priv_qinv,
129 ecies_data->wrapped_rsa_priv_qinv_len, priv->qinv);
130 con = (ret == -1 || ret > (int32_t)ecies_data->wrapped_rsa_priv_qinv_len);
131 if (con)
132 return TEE_ERROR_GENERIC;
133 priv->qinv_size = (uint32_t)ret;
134 ret = aes_cbc_256_decrypt(aes_key, ecies_data->iv, ecies_data->wrapped_rsa_pub_d,
135 ecies_data->wrapped_rsa_pub_d_len, priv->d);
136 con = (ret == -1 || ret > (int32_t)ecies_data->wrapped_rsa_pub_d_len);
137 if (con)
138 return TEE_ERROR_GENERIC;
139 priv->d_size = (uint32_t)ret;
140 ret = aes_cbc_256_decrypt(aes_key, ecies_data->iv, ecies_data->wrapped_rsa_pub_e,
141 sizeof(ecies_data->wrapped_rsa_pub_e), priv->e);
142 con = (ret == -1 || ret > (int32_t)sizeof(ecies_data->wrapped_rsa_pub_e));
143 if (con)
144 return TEE_ERROR_GENERIC;
145 priv->e_size = (uint32_t)ret;
146
147 return TEE_SUCCESS;
148 }
149