From b291c8ec30395c146c0160e6db20080d759a1e83 Mon Sep 17 00:00:00 2001
From: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Date: Tue, 31 Oct 2023 22:13:55 +0900
Subject: [PATCH] libutee: TEE_AllocateOperation(): maxKeySize of digests may
 take any value
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Commit [1] introduced a check to enforce the "maxKeySize" parameter of
digest operations to always be zero. This is a violation of the Global
Platform specification [2].

Revert commit [1] to allow maxKeySize to take any value for digest
operations.

[1] commit cf5c060cec76 ("libutee: TEE_AllocateOperation(): digest
    operations must have 0 max key size")
Link: https://github.com/OP-TEE/optee_os/commit/cf5c060cec76

[2] TEE Internal Core API Specification – Public Release v1.3.1,
    §6.2.1 TEE_AllocateOperation:

      The parameter maxKeySize SHALL be a valid value as defined in
      Table 5-9 for the algorithm, for algorithms referenced in Table
      5-9. For all other algorithms, the maxKeySize parameter may have
      any value.

CC: Jens Wiklander <jens.wiklander@linaro.org>
Fixes: cf5c060cec76 ("libutee: TEE_AllocateOperation(): digest operations must have 0 max key size")
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
---
 lib/libutee/tee_api_operations.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lib/libutee/tee_api_operations.c b/lib/libutee/tee_api_operations.c
index f44350da2f7..752425ae962 100644
--- a/lib/libutee/tee_api_operations.c
+++ b/lib/libutee/tee_api_operations.c
@@ -132,7 +132,7 @@ TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation,
 		break;
 	}
 
-	/* Check algorithm mode (and maxKeySize for digests) */
+	/* Check algorithm mode */
 	switch (algorithm) {
 	case TEE_ALG_AES_CTS:
 	case TEE_ALG_AES_XTS:
@@ -277,8 +277,6 @@ TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation,
 	case TEE_ALG_SM3:
 		if (mode != TEE_MODE_DIGEST)
 			return TEE_ERROR_NOT_SUPPORTED;
-		if (maxKeySize)
-			return TEE_ERROR_NOT_SUPPORTED;
 		/* v1.1: flags always set for digest operations */
 		handle_state |= TEE_HANDLE_FLAG_KEY_SET;
 		req_key_usage = 0;