diff --git a/Android.mk b/Android.mk index 6ae873597..0ceb594c9 100644 --- a/Android.mk +++ b/Android.mk @@ -108,8 +108,7 @@ LOCAL_C_INCLUDES += $(LOCAL_PATH)/host/xtest \ $(LOCAL_PATH)/ta/storage_benchmark/include \ $(LOCAL_PATH)/ta/concurrent/include \ $(LOCAL_PATH)/ta/concurrent_large/include \ - $(LOCAL_PATH)/ta/hash_perf/include \ - $(LOCAL_PATH)/ta/aes_perf/include \ + $(LOCAL_PATH)/ta/crypto_perf/include \ $(LOCAL_PATH)/ta/socket/include \ $(LOCAL_PATH)/ta/sdp_basic/include \ $(LOCAL_PATH)/ta/tpm_log_test/include \ diff --git a/host/xtest/Makefile b/host/xtest/Makefile index 2ea2c34da..afa2a87ba 100644 --- a/host/xtest/Makefile +++ b/host/xtest/Makefile @@ -120,8 +120,7 @@ CFLAGS += -I../../ta/sims_keepalive/include CFLAGS += -I../../ta/storage_benchmark/include CFLAGS += -I../../ta/concurrent/include CFLAGS += -I../../ta/concurrent_large/include -CFLAGS += -I../../ta/hash_perf/include -CFLAGS += -I../../ta/aes_perf/include +CFLAGS += -I../../ta/crypto_perf/include CFLAGS += -I../../ta/socket/include CFLAGS += -I../../ta/sdp_basic/include CFLAGS += -I../../ta/tpm_log_test/include diff --git a/host/xtest/aes_perf.c b/host/xtest/aes_perf.c index d15e4bf8d..c2f381ed2 100644 --- a/host/xtest/aes_perf.c +++ b/host/xtest/aes_perf.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #include #include @@ -109,7 +109,7 @@ static void check_res(TEEC_Result res, const char *errmsg, uint32_t *orig) static void open_ta(void) { TEEC_Result res = TEEC_ERROR_GENERIC; - TEEC_UUID uuid = TA_AES_PERF_UUID; + TEEC_UUID uuid = TA_CRYPTO_PERF_UUID; uint32_t err_origin = 0; res = TEEC_InitializeContext(NULL, &ctx); @@ -354,7 +354,7 @@ static void prepare_key(int decrypt, int keysize, int mode) TEEC_Result res = TEEC_ERROR_GENERIC; uint32_t ret_origin = 0; TEEC_Operation op = TEEC_OPERATION_INITIALIZER; - uint32_t cmd = TA_AES_PERF_CMD_PREPARE_KEY; + uint32_t cmd = TA_CRYPTO_PERF_CMD_CIPHER_PREPARE_KEY; op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE); @@ -432,8 +432,8 @@ void aes_perf_run_test(int mode, int keysize, int decrypt, size_t size, size_t u TEEC_Operation op = TEEC_OPERATION_INITIALIZER; int n0 = n; double sd = 0; - uint32_t cmd = is_sdp_test ? TA_AES_PERF_CMD_PROCESS_SDP : - TA_AES_PERF_CMD_PROCESS; + uint32_t cmd = is_sdp_test ? TA_CRYPTO_PERF_CMD_CIPHER_PROCESS_SDP : + TA_CRYPTO_PERF_CMD_CIPHER_PROCESS; if (input_buffer == BUFFER_UNSPECIFIED) input_buffer = BUFFER_SHM_ALLOCATED; diff --git a/host/xtest/crypto_common.h b/host/xtest/crypto_common.h index 68debea2d..2b3915e09 100644 --- a/host/xtest/crypto_common.h +++ b/host/xtest/crypto_common.h @@ -7,9 +7,7 @@ #ifndef XTEST_CRYPTO_COMMON_H #define XTEST_CRYPTO_COMMON_H -#include "ta_aes_perf.h" -#include "ta_hash_perf.h" - +#include "ta_crypto_perf.h" #define AES_PERF_INPLACE 0 diff --git a/host/xtest/hash_perf.c b/host/xtest/hash_perf.c index 4838fbd44..32457f1ce 100644 --- a/host/xtest/hash_perf.c +++ b/host/xtest/hash_perf.c @@ -53,7 +53,7 @@ static void check_res(TEEC_Result res, const char *errmsg, uint32_t *orig) static void open_ta(void) { TEEC_Result res = TEEC_ERROR_GENERIC; - TEEC_UUID uuid = TA_HASH_PERF_UUID; + TEEC_UUID uuid = TA_CRYPTO_PERF_UUID; uint32_t err_origin = 0; res = TEEC_InitializeContext(NULL, &ctx); @@ -247,7 +247,7 @@ static uint64_t run_test_once(void *in, size_t size, int random_in, read_random(in, size); get_current_time(&t0); - res = TEEC_InvokeCommand(&sess, TA_HASH_PERF_CMD_PROCESS, op, + res = TEEC_InvokeCommand(&sess, TA_CRYPTO_PERF_CMD_HASH_PROCESS, op, &ret_origin); check_res(res, "TEEC_InvokeCommand", &ret_origin); get_current_time(&t1); @@ -264,7 +264,7 @@ static void prepare_op(int algo) op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE, TEEC_NONE); op.params[0].value.a = algo; - res = TEEC_InvokeCommand(&sess, TA_HASH_PERF_CMD_PREPARE_OP, &op, + res = TEEC_InvokeCommand(&sess, TA_CRYPTO_PERF_CMD_HASH_PREPARE_OP, &op, &ret_origin); check_res(res, "TEEC_InvokeCommand", &ret_origin); } diff --git a/host/xtest/xtest_main.c b/host/xtest/xtest_main.c index 5e907e263..bfc09886a 100644 --- a/host/xtest/xtest_main.c +++ b/host/xtest/xtest_main.c @@ -103,6 +103,7 @@ void usage(char *program) printf("\t--sha-perf [opts] Deprecated, same as --hash-perf\n"); printf("\t--hash-perf [opts] Hash performance testing tool (-h for usage)\n"); printf("\t--aes-perf [opts] AES performance testing tool (-h for usage)\n"); + printf("\t--asym-cipher-perf [opts] Aysmmetric cipher performance testing tool (-h for usage)\n"); #ifdef CFG_SECSTOR_TA_MGMT_PTA printf("\t--install-ta [directory or list of TAs]\n"); printf("\t Install TAs\n"); diff --git a/ta/CMakeLists.txt b/ta/CMakeLists.txt index 9301067ed..7d1316fe8 100644 --- a/ta/CMakeLists.txt +++ b/ta/CMakeLists.txt @@ -4,16 +4,15 @@ add_library(${PROJECT_NAME} INTERFACE) target_include_directories(${PROJECT_NAME} INTERFACE include - INTERFACE aes_perf/include INTERFACE concurrent/include INTERFACE concurrent_large/include INTERFACE create_fail_test/include INTERFACE crypt/include + INTERFACE crypto_perf/include INTERFACE enc_fs/include INTERFACE os_test/include INTERFACE rpc_test/include INTERFACE sdp_basic/include - INTERFACE hash_perf/include INTERFACE sims/include INTERFACE miss/include INTERFACE sims_keepalive/include diff --git a/ta/Makefile b/ta/Makefile index 33ed9494b..d85c9bc9a 100644 --- a/ta/Makefile +++ b/ta/Makefile @@ -28,8 +28,7 @@ TA_DIRS := create_fail_test \ concurrent \ concurrent_large \ storage_benchmark \ - hash_perf \ - aes_perf \ + crypto_perf \ socket \ supp_plugin \ large \ diff --git a/ta/aes_perf/Makefile b/ta/aes_perf/Makefile deleted file mode 100644 index 40388663a..000000000 --- a/ta/aes_perf/Makefile +++ /dev/null @@ -1,4 +0,0 @@ -BINARY = e626662e-c0e2-485c-b8c8-09fbce6edf3d - -include ../ta_common.mk - diff --git a/ta/aes_perf/include/ta_aes_perf.h b/ta/aes_perf/include/ta_aes_perf.h deleted file mode 100644 index 997d840e7..000000000 --- a/ta/aes_perf/include/ta_aes_perf.h +++ /dev/null @@ -1,38 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_AES_PERF_H -#define TA_AES_PERF_H - -#define TA_AES_PERF_UUID { 0xe626662e, 0xc0e2, 0x485c, \ - { 0xb8, 0xc8, 0x09, 0xfb, 0xce, 0x6e, 0xdf, 0x3d } } - -/* - * Commands implemented by the TA - */ - -#define TA_AES_PERF_CMD_PREPARE_KEY 0 -#define TA_AES_PERF_CMD_PROCESS 1 -#define TA_AES_PERF_CMD_PROCESS_SDP 2 - -/* - * Supported AES modes of operation - */ - -#define TA_AES_ECB 0 -#define TA_AES_CBC 1 -#define TA_AES_CTR 2 -#define TA_AES_XTS 3 -#define TA_AES_GCM 4 - -/* - * AES key sizes - */ -#define AES_128 128 -#define AES_192 192 -#define AES_256 256 - -#endif /* TA_AES_PERF_H */ diff --git a/ta/aes_perf/include/ta_aes_perf_priv.h b/ta/aes_perf/include/ta_aes_perf_priv.h deleted file mode 100644 index 1d144c3d9..000000000 --- a/ta/aes_perf/include/ta_aes_perf_priv.h +++ /dev/null @@ -1,16 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_EAS_PERF_PRIV_H -#define TA_EAS_PERF_PRIV_H - -#include - -TEE_Result cmd_prepare_key(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_process(uint32_t param_types, TEE_Param params[4], bool sdp); -void cmd_clean_res(void); - -#endif /* TA_EAS_PERF_PRIV_H */ diff --git a/ta/aes_perf/include/user_ta_header_defines.h b/ta/aes_perf/include/user_ta_header_defines.h deleted file mode 100644 index f84858f71..000000000 --- a/ta/aes_perf/include/user_ta_header_defines.h +++ /dev/null @@ -1,21 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef USER_TA_HEADER_DEFINES_H -#define USER_TA_HEADER_DEFINES_H - -#include "ta_aes_perf.h" - -#define TA_UUID TA_AES_PERF_UUID - -#define TA_FLAGS (TA_FLAG_USER_MODE | TA_FLAG_EXEC_DDR | \ - TA_FLAG_SECURE_DATA_PATH | \ - TA_FLAG_CACHE_MAINTENANCE) - -#define TA_STACK_SIZE (2 * 1024) -#define TA_DATA_SIZE (32 * 1024) - -#endif diff --git a/ta/aes_perf/Android.mk b/ta/crypto_perf/Android.mk similarity index 50% rename from ta/aes_perf/Android.mk rename to ta/crypto_perf/Android.mk index 8fc8de6d3..1763ae1d6 100644 --- a/ta/aes_perf/Android.mk +++ b/ta/crypto_perf/Android.mk @@ -1,4 +1,4 @@ LOCAL_PATH := $(call my-dir) -local_module := e626662e-c0e2-485c-b8c8-09fbce6edf3d.ta +local_module := 02a42f43-d8b7-4a57-aa4d-87bd9b5587cb.ta include $(BUILD_OPTEE_MK) diff --git a/ta/crypto_perf/Makefile b/ta/crypto_perf/Makefile new file mode 100644 index 000000000..830a53bc5 --- /dev/null +++ b/ta/crypto_perf/Makefile @@ -0,0 +1,4 @@ +BINARY = 02a42f43-d8b7-4a57-aa4d-87bd9b5587cb + +include ../ta_common.mk + diff --git a/ta/crypto_perf/include/ta_crypto_perf.h b/ta/crypto_perf/include/ta_crypto_perf.h new file mode 100644 index 000000000..ebbd05d66 --- /dev/null +++ b/ta/crypto_perf/include/ta_crypto_perf.h @@ -0,0 +1,75 @@ +/* SPDX-License-Identifier: BSD-2-Clause */ +/* + * Copyright (c) 2015, Linaro Limited + */ + +#ifndef TA_CRYPTO_PERF_H +#define TA_CRYPTO_PERF_H + +#define TA_CRYPTO_PERF_UUID { 0x02a42f43, 0xd8b7, 0x4a57, \ + { 0xaa, 0x4d, 0x87, 0xbd, 0x9b, 0x55, 0x87, 0xcb } } + +/* + * Commands implemented by the TA + */ + +#define TA_CRYPTO_PERF_CMD_CIPHER_PREPARE_KEY 0 +#define TA_CRYPTO_PERF_CMD_CIPHER_PROCESS 1 +#define TA_CRYPTO_PERF_CMD_CIPHER_PROCESS_SDP 2 +#define TA_CRYPTO_PERF_CMD_HASH_PREPARE_OP 3 +#define TA_CRYPTO_PERF_CMD_HASH_PROCESS 4 + +/* + * Supported AES modes of operation + */ + +#define TA_AES_ECB 0 +#define TA_AES_CBC 1 +#define TA_AES_CTR 2 +#define TA_AES_XTS 3 +#define TA_AES_GCM 4 + +#define TA_SM4_ECB 5 +#define TA_SM4_CBC 6 +#define TA_SM4_CTR 7 +#define TA_SM4_XTS 8 + +/* + * AES key sizes + */ +#define AES_128 128 +#define AES_192 192 +#define AES_256 256 + +/* + * Supported hash algorithms + */ + +#define TA_SHA_SHA1 0 +#define TA_SHA_SHA224 1 +#define TA_SHA_SHA256 2 +#define TA_SHA_SHA384 3 +#define TA_SHA_SHA512 4 +#define TA_SM3 5 +#define TA_HMAC_SHA1 6 +#define TA_HMAC_SHA224 7 +#define TA_HMAC_SHA256 8 +#define TA_HMAC_SHA384 9 +#define TA_HMAC_SHA512 10 +#define TA_HMAC_SM3 11 + +#define PKCS_V1_5_MIN 11 +#define BITS_TO_BYTES(len) (((len) + 7) / 8) +#define OAEP_HASH_LEN(hsz) ((hsz) * 2) +#define OAEP_OTHER_LEN 2 +#define PSS_OTHER_LEN 2 + +#define DERCODE_SHA1_LEN 15 +#define DERCODE_SHA_LEN 19 +#define SHA1_LEN 20 +#define SHA224_LEN 28 +#define SHA256_LEN 32 +#define SHA384_LEN 48 +#define SHA512_LEN 64 + +#endif /* TA_CRYPTO_PERF_H */ diff --git a/ta/crypto_perf/include/ta_crypto_perf_priv.h b/ta/crypto_perf/include/ta_crypto_perf_priv.h new file mode 100644 index 000000000..d2f6fbb41 --- /dev/null +++ b/ta/crypto_perf/include/ta_crypto_perf_priv.h @@ -0,0 +1,19 @@ +/* SPDX-License-Identifier: BSD-2-Clause */ +/* + * Copyright (c) 2015, Linaro Limited + */ + +#ifndef TA_CRYPTO_PERF_PRIV_H +#define TA_CRYPTO_PERF_PRIV_H + +#include + +TEE_Result cmd_cipher_prepare_key(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_cipher_process(uint32_t param_types, TEE_Param params[4], + bool sdp); +TEE_Result cmd_hash_prepare_op(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_hash_process(uint32_t param_types, TEE_Param params[4]); +void cmd_clean_obj(void); +void cmd_clean_res(void); + +#endif /* TA_CRYPTO_PERF_PRIV_H */ diff --git a/ta/hash_perf/include/user_ta_header_defines.h b/ta/crypto_perf/include/user_ta_header_defines.h similarity index 62% rename from ta/hash_perf/include/user_ta_header_defines.h rename to ta/crypto_perf/include/user_ta_header_defines.h index 494afc07b..70470db3a 100644 --- a/ta/hash_perf/include/user_ta_header_defines.h +++ b/ta/crypto_perf/include/user_ta_header_defines.h @@ -1,18 +1,18 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef USER_TA_HEADER_DEFINES_H -#define USER_TA_HEADER_DEFINES_H - -#include "ta_hash_perf.h" - -#define TA_UUID TA_HASH_PERF_UUID - -#define TA_FLAGS (TA_FLAG_USER_MODE | TA_FLAG_EXEC_DDR) -#define TA_STACK_SIZE (2 * 1024) -#define TA_DATA_SIZE (32 * 1024) - -#endif +/* SPDX-License-Identifier: BSD-2-Clause */ +/* + * Copyright (c) 2015, Linaro Limited + */ + +#ifndef USER_TA_HEADER_DEFINES_H +#define USER_TA_HEADER_DEFINES_H + +#include "ta_crypto_perf.h" + +#define TA_UUID TA_CRYPTO_PERF_UUID + +#define TA_FLAGS 0 + +#define TA_STACK_SIZE (2 * 1024) +#define TA_DATA_SIZE (32 * 1024) + +#endif diff --git a/ta/aes_perf/sub.mk b/ta/crypto_perf/sub.mk similarity index 62% rename from ta/aes_perf/sub.mk rename to ta/crypto_perf/sub.mk index 8553db686..3def59d21 100644 --- a/ta/aes_perf/sub.mk +++ b/ta/crypto_perf/sub.mk @@ -1,3 +1,3 @@ -global-incdirs-y += include -srcs-y += ta_entry.c -srcs-y += ta_aes_perf.c +global-incdirs-y += include +srcs-y += ta_entry.c +srcs-y += ta_crypto_perf.c diff --git a/ta/aes_perf/ta_aes_perf.c b/ta/crypto_perf/ta_crypto_perf.c similarity index 53% rename from ta/aes_perf/ta_aes_perf.c rename to ta/crypto_perf/ta_crypto_perf.c index b16d070c4..085dd6004 100644 --- a/ta/aes_perf/ta_aes_perf.c +++ b/ta/crypto_perf/ta_crypto_perf.c @@ -1,291 +1,496 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include -#include -#include -#include -#include - -#include "ta_aes_perf.h" -#include "ta_aes_perf_priv.h" - -#define CHECK(res, name, action) do { \ - if ((res) != TEE_SUCCESS) { \ - DMSG(name ": 0x%08x", (res)); \ - action \ - } \ - } while(0) - -#define TAG_LEN 128 - -static uint8_t iv[] = { 0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7, - 0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF }; -static int use_iv; - -static TEE_OperationHandle crypto_op = NULL; -static uint32_t algo; - -static bool is_inbuf_a_secure_memref(TEE_Param *param) -{ - TEE_Result res = TEE_ERROR_GENERIC; - - /* - * Check secure attribute for the referenced buffer - * Trust core on validity of the memref size: test only 1st byte - * instead of the overall buffer, and if it's not secure, assume - * the buffer is nonsecure. - */ - res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | - TEE_MEMORY_ACCESS_READ | - TEE_MEMORY_ACCESS_SECURE, - param->memref.buffer, 1); - return (res == TEE_SUCCESS); -} - -static bool is_outbuf_a_secure_memref(TEE_Param *param) -{ - TEE_Result res = TEE_ERROR_GENERIC; - - /* - * Check secure attribute for the referenced buffer - * Trust core on validity of the memref size: test only 1st byte - * instead of the overall buffer, and if it's not secure, assume - * the buffer is nonsecure. - */ - res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | - TEE_MEMORY_ACCESS_WRITE | - TEE_MEMORY_ACCESS_SECURE, - param->memref.buffer, 1); - return (res == TEE_SUCCESS); -} - -#if defined(CFG_CACHE_API) -static TEE_Result flush_memref_buffer(TEE_Param *param) -{ - TEE_Result res = TEE_ERROR_GENERIC; - - res = TEE_CacheFlush(param->memref.buffer, - param->memref.size); - CHECK(res, "TEE_CacheFlush(in)", return res;); - return res; -} -#else -static __maybe_unused TEE_Result flush_memref_buffer(TEE_Param *param __unused) -{ - return TEE_SUCCESS; -} -#endif /* CFG_CACHE_API */ - -TEE_Result cmd_process(uint32_t param_types, - TEE_Param params[TEE_NUM_PARAMS], - bool use_sdp) -{ - TEE_Result res = TEE_ERROR_GENERIC; - int n = 0; - int unit = 0; - void *in = NULL; - void *out = NULL; - size_t insz = 0; - size_t outsz = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, - TEE_PARAM_TYPE_MEMREF_INOUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE); - bool secure_in = false; - bool secure_out = false; - TEE_Result (*do_update)(TEE_OperationHandle, const void *, size_t, - void *, size_t *) = NULL; - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - if (use_sdp) { - /* - * Whatever is expected as memory reference, it is mandatory - * for SDP aware trusted applications of safely indentify all - * memory reference parameters. Hence these tests must be part - * of the performance test setup. - */ - secure_in = is_inbuf_a_secure_memref(¶ms[0]); - secure_out = is_outbuf_a_secure_memref(¶ms[1]); - - /* - * We could invalidate only the caches. We prefer to flush - * them in case 2 sub-buffers are accessed by TAs from a single - * allocated SDP memory buffer, and those are not cache-aligned. - * Invalidating might cause data loss in cache lines. Hence - * rather flush them all before accessing (in read or write). - */ - if (secure_in) { - res = flush_memref_buffer(¶ms[0]); - CHECK(res, "pre-flush in memref param", return res;); - } - if (secure_out) { - res = flush_memref_buffer(¶ms[1]); - CHECK(res, "pre-flush out memref param", return res;); - } - } - - in = params[0].memref.buffer; - insz = params[0].memref.size; - out = params[1].memref.buffer; - outsz = params[1].memref.size; - n = params[2].value.a; - unit = params[2].value.b; - if (!unit) - unit = insz; - - if (algo == TEE_ALG_AES_GCM) - do_update = TEE_AEUpdate; - else - do_update = TEE_CipherUpdate; - - while (n--) { - uint32_t i = 0; - for (i = 0; i < insz / unit; i++) { - res = do_update(crypto_op, in, unit, out, &outsz); - CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); - in = (void *)((uintptr_t)in + unit); - out = (void *)((uintptr_t)out + unit); - } - if (insz % unit) { - res = do_update(crypto_op, in, insz % unit, out, &outsz); - CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); - } - } - - if (secure_out) { - /* intentionally flush output data from cache for SDP buffers */ - res = flush_memref_buffer(¶ms[1]); - CHECK(res, "post-flush out memref param", return res;); - } - - return TEE_SUCCESS; -} - -TEE_Result cmd_prepare_key(uint32_t param_types, TEE_Param params[4]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_ObjectHandle hkey = TEE_HANDLE_NULL; - TEE_ObjectHandle hkey2 = TEE_HANDLE_NULL; - TEE_Attribute attr = { }; - uint32_t mode = 0; - uint32_t op_keysize = 0; - uint32_t keysize = 0; - const uint8_t *ivp = NULL; - size_t ivlen = 0; - static uint8_t aes_key[] = { 0x00, 0x01, 0x02, 0x03, - 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, - 0x10, 0x11, 0x12, 0x13, - 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1A, 0x1B, - 0x1C, 0x1D, 0x1E, 0x1F }; - static uint8_t aes_key2[] = { 0x20, 0x21, 0x22, 0x23, - 0x24, 0x25, 0x26, 0x27, - 0x28, 0x29, 0x2A, 0x2B, - 0x2C, 0x2D, 0x2E, 0x2F, - 0x30, 0x31, 0x32, 0x33, - 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x3A, 0x3B, - 0x3C, 0x3D, 0x3E, 0x3F }; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - mode = params[0].value.a ? TEE_MODE_DECRYPT : TEE_MODE_ENCRYPT; - keysize = params[0].value.b; - op_keysize = keysize; - - switch (params[1].value.a) { - case TA_AES_ECB: - algo = TEE_ALG_AES_ECB_NOPAD; - use_iv = 0; - break; - case TA_AES_CBC: - algo = TEE_ALG_AES_CBC_NOPAD; - use_iv = 1; - break; - case TA_AES_CTR: - algo = TEE_ALG_AES_CTR; - use_iv = 1; - break; - case TA_AES_XTS: - algo = TEE_ALG_AES_XTS; - use_iv = 1; - op_keysize *= 2; - break; - case TA_AES_GCM: - algo = TEE_ALG_AES_GCM; - use_iv = 1; - break; - default: - return TEE_ERROR_BAD_PARAMETERS; - } - - cmd_clean_res(); - - res = TEE_AllocateOperation(&crypto_op, algo, mode, op_keysize); - CHECK(res, "TEE_AllocateOperation", return res;); - - res = TEE_AllocateTransientObject(TEE_TYPE_AES, keysize, &hkey); - CHECK(res, "TEE_AllocateTransientObject", return res;); - - attr.attributeID = TEE_ATTR_SECRET_VALUE; - attr.content.ref.buffer = aes_key; - attr.content.ref.length = keysize / 8; - - res = TEE_PopulateTransientObject(hkey, &attr, 1); - CHECK(res, "TEE_PopulateTransientObject", return res;); - - if (algo == TEE_ALG_AES_XTS) { - res = TEE_AllocateTransientObject(TEE_TYPE_AES, keysize, - &hkey2); - CHECK(res, "TEE_AllocateTransientObject", return res;); - - attr.content.ref.buffer = aes_key2; - - res = TEE_PopulateTransientObject(hkey2, &attr, 1); - CHECK(res, "TEE_PopulateTransientObject", return res;); - - res = TEE_SetOperationKey2(crypto_op, hkey, hkey2); - CHECK(res, "TEE_SetOperationKey2", return res;); - - TEE_FreeTransientObject(hkey2); - } else { - res = TEE_SetOperationKey(crypto_op, hkey); - CHECK(res, "TEE_SetOperationKey", return res;); - } - - TEE_FreeTransientObject(hkey); - - if (use_iv) { - ivp = iv; - ivlen = sizeof(iv); - } else { - ivp = NULL; - ivlen = 0; - } - - if (algo == TEE_ALG_AES_GCM) { - return TEE_AEInit(crypto_op, ivp, ivlen, TAG_LEN, 0, 0); - } else { - TEE_CipherInit(crypto_op, ivp, ivlen); - return TEE_SUCCESS; - } -} - -void cmd_clean_res(void) -{ - if (crypto_op) - TEE_FreeOperation(crypto_op); -} +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2015, Linaro Limited + */ + +#include +#include +#include +#include +#include +#include +#include + +#include "ta_crypto_perf.h" +#include "ta_crypto_perf_priv.h" + +#define CHECK(res, name, action) do { \ + if ((res) != TEE_SUCCESS) { \ + DMSG(name ": 0x%08x", (res)); \ + action \ + } \ + } while(0) + +#define TAG_LEN 128 + +static uint8_t iv[] = { 0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7, + 0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF }; +static int use_iv; + +static TEE_OperationHandle crypto_op; +static uint32_t algo; +static TEE_OperationHandle crypto_op_enc_sign; +static TEE_ObjectHandle crypto_obj; + +static bool is_inbuf_a_secure_memref(TEE_Param *param) +{ + TEE_Result res = TEE_ERROR_GENERIC; + + /* + * Check secure attribute for the referenced buffer + * Trust core on validity of the memref size: test only 1st byte + * instead of the overall buffer, and if it's not secure, assume + * the buffer is nonsecure. + */ + res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | + TEE_MEMORY_ACCESS_READ | + TEE_MEMORY_ACCESS_SECURE, + param->memref.buffer, 1); + return (res == TEE_SUCCESS); +} + +static bool is_outbuf_a_secure_memref(TEE_Param *param) +{ + TEE_Result res = TEE_ERROR_GENERIC; + + /* + * Check secure attribute for the referenced buffer + * Trust core on validity of the memref size: test only 1st byte + * instead of the overall buffer, and if it's not secure, assume + * the buffer is nonsecure. + */ + res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | + TEE_MEMORY_ACCESS_WRITE | + TEE_MEMORY_ACCESS_SECURE, + param->memref.buffer, 1); + return (res == TEE_SUCCESS); +} + +#if defined(CFG_CACHE_API) +static TEE_Result flush_memref_buffer(TEE_Param *param) +{ + TEE_Result res = TEE_ERROR_GENERIC; + + res = TEE_CacheFlush(param->memref.buffer, + param->memref.size); + CHECK(res, "TEE_CacheFlush(in)", return res;); + return res; +} +#else +static __maybe_unused TEE_Result flush_memref_buffer(TEE_Param *param __unused) +{ + return TEE_SUCCESS; +} +#endif /* CFG_CACHE_API */ + +TEE_Result cmd_cipher_process(uint32_t param_types, + TEE_Param params[TEE_NUM_PARAMS], + bool use_sdp) +{ + TEE_Result res = TEE_ERROR_GENERIC; + int n = 0; + int unit = 0; + void *in = NULL; + void *out = NULL; + size_t insz = 0; + size_t outsz = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE); + bool secure_in = false; + bool secure_out = false; + TEE_Result (*do_update)(TEE_OperationHandle, const void *, size_t, + void *, size_t *) = NULL; + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + if (use_sdp) { + /* + * Whatever is expected as memory reference, it is mandatory + * for SDP aware trusted applications of safely indentify all + * memory reference parameters. Hence these tests must be part + * of the performance test setup. + */ + secure_in = is_inbuf_a_secure_memref(¶ms[0]); + secure_out = is_outbuf_a_secure_memref(¶ms[1]); + + /* + * We could invalidate only the caches. We prefer to flush + * them in case 2 sub-buffers are accessed by TAs from a single + * allocated SDP memory buffer, and those are not cache-aligned. + * Invalidating might cause data loss in cache lines. Hence + * rather flush them all before accessing (in read or write). + */ + if (secure_in) { + res = flush_memref_buffer(¶ms[0]); + CHECK(res, "pre-flush in memref param", return res;); + } + if (secure_out) { + res = flush_memref_buffer(¶ms[1]); + CHECK(res, "pre-flush out memref param", return res;); + } + } + + in = params[0].memref.buffer; + insz = params[0].memref.size; + out = params[1].memref.buffer; + outsz = params[1].memref.size; + n = params[2].value.a; + unit = params[2].value.b; + if (!unit) + unit = insz; + + if (algo == TEE_ALG_AES_GCM) + do_update = TEE_AEUpdate; + else + do_update = TEE_CipherUpdate; + + while (n--) { + uint32_t i = 0; + for (i = 0; i < insz / unit; i++) { + res = do_update(crypto_op, in, unit, out, &outsz); + CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); + in = (void *)((uintptr_t)in + unit); + out = (void *)((uintptr_t)out + unit); + } + if (insz % unit) { + res = do_update(crypto_op, in, insz % unit, out, &outsz); + CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); + } + } + + if (secure_out) { + /* intentionally flush output data from cache for SDP buffers */ + res = flush_memref_buffer(¶ms[1]); + CHECK(res, "post-flush out memref param", return res;); + } + + return TEE_SUCCESS; +} + +TEE_Result cmd_cipher_prepare_key(uint32_t param_types, TEE_Param params[4]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_ObjectHandle hkey = TEE_HANDLE_NULL; + TEE_ObjectHandle hkey2 = TEE_HANDLE_NULL; + TEE_ObjectType objectType; + TEE_Attribute attr = { }; + uint32_t mode = 0; + uint32_t op_keysize = 0; + uint32_t keysize = 0; + const uint8_t *ivp = NULL; + size_t ivlen = 0; + static uint8_t cipher_key[] = { 0x00, 0x01, 0x02, 0x03, + 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, + 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, + 0x1C, 0x1D, 0x1E, 0x1F }; + static uint8_t cipher_key2[] = { 0x20, 0x21, 0x22, 0x23, + 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2A, 0x2B, + 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, + 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3A, 0x3B, + 0x3C, 0x3D, 0x3E, 0x3F }; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + mode = params[0].value.a ? TEE_MODE_DECRYPT : TEE_MODE_ENCRYPT; + keysize = params[0].value.b; + op_keysize = keysize; + + switch (params[1].value.a) { + case TA_AES_ECB: + algo = TEE_ALG_AES_ECB_NOPAD; + objectType = TEE_TYPE_AES; + use_iv = 0; + break; + case TA_AES_CBC: + algo = TEE_ALG_AES_CBC_NOPAD; + objectType = TEE_TYPE_AES; + use_iv = 1; + break; + case TA_AES_CTR: + algo = TEE_ALG_AES_CTR; + objectType = TEE_TYPE_AES; + use_iv = 1; + break; + case TA_AES_XTS: + algo = TEE_ALG_AES_XTS; + objectType = TEE_TYPE_AES; + use_iv = 1; + op_keysize *= 2; + break; + case TA_AES_GCM: + algo = TEE_ALG_AES_GCM; + objectType = TEE_TYPE_AES; + use_iv = 1; + break; + case TA_SM4_ECB: + algo = TEE_ALG_SM4_ECB_NOPAD; + objectType = TEE_TYPE_SM4; + use_iv = 0; + break; + case TA_SM4_CBC: + algo = TEE_ALG_SM4_CBC_NOPAD; + objectType = TEE_TYPE_SM4; + use_iv = 1; + break; + case TA_SM4_CTR: + algo = TEE_ALG_SM4_CTR; + objectType = TEE_TYPE_SM4; + use_iv = 1; + break; + case TA_SM4_XTS: + algo = TEE_ALG_SM4_XTS; + objectType = TEE_TYPE_SM4; + use_iv = 1; + op_keysize *= 2; + break; + + default: + return TEE_ERROR_BAD_PARAMETERS; + } + + cmd_clean_res(); + + res = TEE_AllocateOperation(&crypto_op, algo, mode, op_keysize); + CHECK(res, "TEE_AllocateOperation", return res;); + + res = TEE_AllocateTransientObject(objectType, keysize, &hkey); + CHECK(res, "TEE_AllocateTransientObject", return res;); + + attr.attributeID = TEE_ATTR_SECRET_VALUE; + attr.content.ref.buffer = cipher_key; + attr.content.ref.length = keysize / 8; + + res = TEE_PopulateTransientObject(hkey, &attr, 1); + CHECK(res, "TEE_PopulateTransientObject", return res;); + + if (algo == TEE_ALG_AES_XTS || algo == TEE_ALG_SM4_XTS) { + res = TEE_AllocateTransientObject(objectType, keysize, + &hkey2); + CHECK(res, "TEE_AllocateTransientObject", return res;); + + attr.content.ref.buffer = cipher_key2; + + res = TEE_PopulateTransientObject(hkey2, &attr, 1); + CHECK(res, "TEE_PopulateTransientObject", return res;); + + res = TEE_SetOperationKey2(crypto_op, hkey, hkey2); + CHECK(res, "TEE_SetOperationKey2", return res;); + + TEE_FreeTransientObject(hkey2); + } else { + res = TEE_SetOperationKey(crypto_op, hkey); + CHECK(res, "TEE_SetOperationKey", return res;); + } + + TEE_FreeTransientObject(hkey); + + if (use_iv) { + ivp = iv; + ivlen = sizeof(iv); + } else { + ivp = NULL; + ivlen = 0; + } + + if (algo == TEE_ALG_AES_GCM) { + return TEE_AEInit(crypto_op, ivp, ivlen, TAG_LEN, 0, 0); + } else { + TEE_CipherInit(crypto_op, ivp, ivlen); + return TEE_SUCCESS; + } +} + +static bool is_mac(uint32_t hash_algo) +{ + switch (hash_algo) { + case TEE_ALG_HMAC_SHA1: + case TEE_ALG_HMAC_SHA224: + case TEE_ALG_HMAC_SHA256: + case TEE_ALG_HMAC_SHA384: + case TEE_ALG_HMAC_SHA512: + case TEE_ALG_HMAC_SM3: + return true; + default: + return false; + } +} + +TEE_Result cmd_hash_process(uint32_t param_types, TEE_Param params[4]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_OperationInfo info = { }; + int n = 0; + void *in = NULL; + void *out = NULL; + size_t insz = 0; + size_t outsz = 0; + uint32_t offset = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_OUTPUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + offset = params[2].value.b; + in = (uint8_t *)params[0].memref.buffer + offset; + insz = params[0].memref.size - offset; + out = params[1].memref.buffer; + outsz = params[1].memref.size; + n = params[2].value.a; + + TEE_GetOperationInfo(crypto_op, &info); + + if (is_mac(info.algorithm)) { + while (n--) { + TEE_MACInit(crypto_op, NULL, 0); + res = TEE_MACComputeFinal(crypto_op, in, insz, out, &outsz); + CHECK(res, "TEE_MACComputeFinal", return res;); + } + } else { + while (n--) { + res = TEE_DigestDoFinal(crypto_op, in, insz, out, &outsz); + CHECK(res, "TEE_DigestDoFinal", return res;); + } + } + + return TEE_SUCCESS; +} + +TEE_Result cmd_hash_prepare_op(uint32_t param_types, TEE_Param params[4]) +{ + TEE_ObjectHandle hkey = TEE_HANDLE_NULL; + TEE_Result res = TEE_ERROR_GENERIC; + TEE_Attribute attr = { }; + uint32_t key_type = TEE_TYPE_HMAC_SHA1; + uint32_t mac_key_size = 512; + uint32_t max_key_size = 0; + uint32_t hash_algo = 0; + static uint8_t mac_key[] = { + 0x00, 0x01, 0x02, 0x03, + 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, + 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, + 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23, + 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2A, 0x2B, + 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, + 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3A, 0x3B, + 0x3C, 0x3D, 0x3E, 0x3F + }; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + switch (params[0].value.a) { + case TA_SHA_SHA1: + hash_algo = TEE_ALG_SHA1; + break; + case TA_SHA_SHA224: + hash_algo = TEE_ALG_SHA224; + break; + case TA_SHA_SHA256: + hash_algo = TEE_ALG_SHA256; + break; + case TA_SHA_SHA384: + hash_algo = TEE_ALG_SHA384; + break; + case TA_SHA_SHA512: + hash_algo = TEE_ALG_SHA512; + break; + case TA_SM3: + hash_algo = TEE_ALG_SM3; + break; + case TA_HMAC_SHA1: + key_type = TEE_TYPE_HMAC_SHA1; + hash_algo = TEE_ALG_HMAC_SHA1; + max_key_size = 512; + break; + case TA_HMAC_SHA224: + key_type = TEE_TYPE_HMAC_SHA224; + hash_algo = TEE_ALG_HMAC_SHA224; + max_key_size = 512; + break; + case TA_HMAC_SHA256: + key_type = TEE_TYPE_HMAC_SHA256; + hash_algo = TEE_ALG_HMAC_SHA256; + max_key_size = 512; + break; + case TA_HMAC_SHA384: + key_type = TEE_TYPE_HMAC_SHA384; + hash_algo = TEE_ALG_HMAC_SHA384; + max_key_size = 1024; + break; + case TA_HMAC_SHA512: + key_type = TEE_TYPE_HMAC_SHA512; + hash_algo = TEE_ALG_HMAC_SHA512; + max_key_size = 1024; + break; + case TA_HMAC_SM3: + key_type = TEE_TYPE_HMAC_SM3; + hash_algo = TEE_ALG_HMAC_SM3; + max_key_size = 512; + break; + default: + return TEE_ERROR_BAD_PARAMETERS; + } + + if (crypto_op) + TEE_FreeOperation(crypto_op); + + if (is_mac(hash_algo)) { + res = TEE_AllocateOperation(&crypto_op, hash_algo, TEE_MODE_MAC, max_key_size); + CHECK(res, "TEE_AllocateOperation", return res;); + + res = TEE_AllocateTransientObject(key_type, max_key_size, &hkey); + CHECK(res, "TEE_AllocateTransientObject", return res;); + + attr.attributeID = TEE_ATTR_SECRET_VALUE; + attr.content.ref.buffer = mac_key; + attr.content.ref.length = mac_key_size / 8; + + res = TEE_PopulateTransientObject(hkey, &attr, 1); + CHECK(res, "TEE_PopulateTransientObject", return res;); + + res = TEE_SetOperationKey(crypto_op, hkey); + CHECK(res, "TEE_SetOperationKey", return res;); + + TEE_FreeTransientObject(hkey); + } else { + res = TEE_AllocateOperation(&crypto_op, hash_algo, TEE_MODE_DIGEST, 0); + CHECK(res, "TEE_AllocateOperation", return res;); + } + return TEE_SUCCESS; +} + +void cmd_clean_res(void) +{ + if (crypto_op) + TEE_FreeOperation(crypto_op); +} diff --git a/ta/aes_perf/ta_entry.c b/ta/crypto_perf/ta_entry.c similarity index 65% rename from ta/aes_perf/ta_entry.c rename to ta/crypto_perf/ta_entry.c index be3ceefeb..bef429d6e 100644 --- a/ta/aes_perf/ta_entry.c +++ b/ta/crypto_perf/ta_entry.c @@ -1,71 +1,76 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include -#include - -#include "ta_aes_perf.h" -#include "ta_aes_perf_priv.h" - -/* - * Trusted Application Entry Points - */ - -/* Called each time a new instance is created */ -TEE_Result TA_CreateEntryPoint(void) -{ - return TEE_SUCCESS; -} - -/* Called each time an instance is destroyed */ -void TA_DestroyEntryPoint(void) -{ -} - -/* Called each time a session is opened */ -TEE_Result TA_OpenSessionEntryPoint(uint32_t nParamTypes, - TEE_Param pParams[4], - void **ppSessionContext) -{ - (void)nParamTypes; - (void)pParams; - (void)ppSessionContext; - return TEE_SUCCESS; -} - -/* Called each time a session is closed */ -void TA_CloseSessionEntryPoint(void *pSessionContext) -{ - (void)pSessionContext; - - cmd_clean_res(); -} - -/* Called when a command is invoked */ -TEE_Result TA_InvokeCommandEntryPoint(void *pSessionContext, - uint32_t nCommandID, uint32_t nParamTypes, - TEE_Param pParams[4]) -{ - (void)pSessionContext; - - switch (nCommandID) { - case TA_AES_PERF_CMD_PREPARE_KEY: - return cmd_prepare_key(nParamTypes, pParams); - - case TA_AES_PERF_CMD_PROCESS: - return cmd_process(nParamTypes, pParams, false); - case TA_AES_PERF_CMD_PROCESS_SDP: -#ifdef CFG_SECURE_DATA_PATH - return cmd_process(nParamTypes, pParams, true); -#else - EMSG("Invalid SDP commands: TA was built without SDP support"); - return TEE_ERROR_NOT_SUPPORTED; -#endif - - default: - return TEE_ERROR_BAD_PARAMETERS; - } -} +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2015, Linaro Limited + + */ + +#include +#include + +#include "ta_crypto_perf.h" +#include "ta_crypto_perf_priv.h" + +/* + * Trusted Application Entry Points + */ + +/* Called each time a new instance is created */ +TEE_Result TA_CreateEntryPoint(void) +{ + return TEE_SUCCESS; +} + +/* Called each time an instance is destroyed */ +void TA_DestroyEntryPoint(void) +{ +} + +/* Called each time a session is opened */ +TEE_Result TA_OpenSessionEntryPoint(uint32_t nParamTypes, + TEE_Param pParams[4], + void **ppSessionContext) +{ + (void)nParamTypes; + (void)pParams; + (void)ppSessionContext; + return TEE_SUCCESS; +} + +/* Called each time a session is closed */ +void TA_CloseSessionEntryPoint(void *pSessionContext) +{ + (void)pSessionContext; + + cmd_clean_res(); + cmd_clean_obj(); +} + +/* Called when a command is invoked */ +TEE_Result TA_InvokeCommandEntryPoint(void *pSessionContext, + uint32_t nCommandID, uint32_t nParamTypes, + TEE_Param pParams[4]) +{ + (void)pSessionContext; + + switch (nCommandID) { + case TA_CRYPTO_PERF_CMD_CIPHER_PREPARE_KEY: + return cmd_cipher_prepare_key(nParamTypes, pParams); + + case TA_CRYPTO_PERF_CMD_CIPHER_PROCESS: + return cmd_cipher_process(nParamTypes, pParams, false); + case TA_CRYPTO_PERF_CMD_CIPHER_PROCESS_SDP: +#ifdef CFG_SECURE_DATA_PATH + return cmd_cipher_process(nParamTypes, pParams, true); +#else + EMSG("Invalid SDP commands: TA was built without SDP support"); + return TEE_ERROR_NOT_SUPPORTED; +#endif + case TA_CRYPTO_PERF_CMD_HASH_PREPARE_OP: + return cmd_hash_prepare_op(nParamTypes, pParams); + case TA_CRYPTO_PERF_CMD_HASH_PROCESS: + return cmd_hash_process(nParamTypes, pParams); + + default: + return TEE_ERROR_BAD_PARAMETERS; + } +} diff --git a/ta/hash_perf/Android.mk b/ta/hash_perf/Android.mk deleted file mode 100644 index 646909504..000000000 --- a/ta/hash_perf/Android.mk +++ /dev/null @@ -1,4 +0,0 @@ -LOCAL_PATH := $(call my-dir) - -local_module := 614789f2-39c0-4ebf-b235-92b32ac107ed.ta -include $(BUILD_OPTEE_MK) diff --git a/ta/hash_perf/Makefile b/ta/hash_perf/Makefile deleted file mode 100644 index c6e15a4ab..000000000 --- a/ta/hash_perf/Makefile +++ /dev/null @@ -1,3 +0,0 @@ -BINARY = 614789f2-39c0-4ebf-b235-92b32ac107ed -include ../ta_common.mk - diff --git a/ta/hash_perf/include/ta_hash_perf.h b/ta/hash_perf/include/ta_hash_perf.h deleted file mode 100644 index a13ffdfef..000000000 --- a/ta/hash_perf/include/ta_hash_perf.h +++ /dev/null @@ -1,37 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_HASH_PERF_H -#define TA_HASH_PERF_H - -#define TA_HASH_PERF_UUID { 0x614789f2, 0x39c0, 0x4ebf, \ - { 0xb2, 0x35, 0x92, 0xb3, 0x2a, 0xc1, 0x07, 0xed } } - -/* - * Commands implemented by the TA - */ - -#define TA_HASH_PERF_CMD_PREPARE_OP 0 -#define TA_HASH_PERF_CMD_PROCESS 1 - -/* - * Supported algorithms - */ - -#define TA_SHA_SHA1 0 -#define TA_SHA_SHA224 1 -#define TA_SHA_SHA256 2 -#define TA_SHA_SHA384 3 -#define TA_SHA_SHA512 4 -#define TA_SM3 5 -#define TA_HMAC_SHA1 6 -#define TA_HMAC_SHA224 7 -#define TA_HMAC_SHA256 8 -#define TA_HMAC_SHA384 9 -#define TA_HMAC_SHA512 10 -#define TA_HMAC_SM3 11 - -#endif /* TA_HASH_PERF_H */ diff --git a/ta/hash_perf/include/ta_hash_perf_priv.h b/ta/hash_perf/include/ta_hash_perf_priv.h deleted file mode 100644 index b9059b4ca..000000000 --- a/ta/hash_perf/include/ta_hash_perf_priv.h +++ /dev/null @@ -1,16 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_HASH_PERF_PRIV_H -#define TA_HASH_PERF_PRIV_H - -#include - -TEE_Result cmd_prepare_op(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_process(uint32_t param_types, TEE_Param params[4]); -void cmd_clean_res(void); - -#endif /* TA_HASH_PERF_PRIV_H */ diff --git a/ta/hash_perf/sub.mk b/ta/hash_perf/sub.mk deleted file mode 100644 index d7d523663..000000000 --- a/ta/hash_perf/sub.mk +++ /dev/null @@ -1,3 +0,0 @@ -global-incdirs-y += include -srcs-y += ta_hash_perf.c -srcs-y += ta_entry.c diff --git a/ta/hash_perf/ta_entry.c b/ta/hash_perf/ta_entry.c deleted file mode 100644 index 167c7de18..000000000 --- a/ta/hash_perf/ta_entry.c +++ /dev/null @@ -1,63 +0,0 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include - -#include "ta_hash_perf.h" -#include "ta_hash_perf_priv.h" - -/* - * Trusted Application Entry Points - */ - -/* Called each time a new instance is created */ -TEE_Result TA_CreateEntryPoint(void) -{ - return TEE_SUCCESS; -} - -/* Called each time an instance is destroyed */ -void TA_DestroyEntryPoint(void) -{ -} - -/* Called each time a session is opened */ -TEE_Result TA_OpenSessionEntryPoint(uint32_t nParamTypes, - TEE_Param pParams[4], - void **ppSessionContext) -{ - (void)nParamTypes; - (void)pParams; - (void)ppSessionContext; - return TEE_SUCCESS; -} - -/* Called each time a session is closed */ -void TA_CloseSessionEntryPoint(void *pSessionContext) -{ - (void)pSessionContext; - - cmd_clean_res(); -} - -/* Called when a command is invoked */ -TEE_Result TA_InvokeCommandEntryPoint(void *pSessionContext, - uint32_t nCommandID, uint32_t nParamTypes, - TEE_Param pParams[4]) -{ - (void)pSessionContext; - - switch (nCommandID) { - case TA_HASH_PERF_CMD_PREPARE_OP: - return cmd_prepare_op(nParamTypes, pParams); - - case TA_HASH_PERF_CMD_PROCESS: - return cmd_process(nParamTypes, pParams); - - default: - return TEE_ERROR_BAD_PARAMETERS; - } -} diff --git a/ta/hash_perf/ta_hash_perf.c b/ta/hash_perf/ta_hash_perf.c deleted file mode 100644 index 302b87cd8..000000000 --- a/ta/hash_perf/ta_hash_perf.c +++ /dev/null @@ -1,202 +0,0 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include -#include -#include -#include - -#include "ta_hash_perf.h" -#include "ta_hash_perf_priv.h" - -#define CHECK(res, name, action) do { \ - if ((res) != TEE_SUCCESS) { \ - DMSG(name ": %#08"PRIx32, (res));\ - action \ - } \ - } while(0) - -static TEE_OperationHandle digest_op; - -static bool is_mac(uint32_t algo) -{ - switch (algo) { - case TEE_ALG_HMAC_SHA1: - case TEE_ALG_HMAC_SHA224: - case TEE_ALG_HMAC_SHA256: - case TEE_ALG_HMAC_SHA384: - case TEE_ALG_HMAC_SHA512: - case TEE_ALG_HMAC_SM3: - return true; - default: - return false; - } -} - -TEE_Result cmd_process(uint32_t param_types, TEE_Param params[4]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_OperationInfo info = { }; - int n = 0; - void *in = NULL; - void *out = NULL; - size_t insz = 0; - size_t outsz = 0; - uint32_t offset = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, - TEE_PARAM_TYPE_MEMREF_OUTPUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - offset = params[2].value.b; - in = (uint8_t *)params[0].memref.buffer + offset; - insz = params[0].memref.size - offset; - out = params[1].memref.buffer; - outsz = params[1].memref.size; - n = params[2].value.a; - - TEE_GetOperationInfo(digest_op, &info); - - if (is_mac(info.algorithm)) { - while (n--) { - TEE_MACInit(digest_op, NULL, 0); - res = TEE_MACComputeFinal(digest_op, in, insz, out, &outsz); - CHECK(res, "TEE_MACComputeFinal", return res;); - } - } else { - while (n--) { - res = TEE_DigestDoFinal(digest_op, in, insz, out, &outsz); - CHECK(res, "TEE_DigestDoFinal", return res;); - } - } - - return TEE_SUCCESS; -} - -TEE_Result cmd_prepare_op(uint32_t param_types, TEE_Param params[4]) -{ - TEE_ObjectHandle hkey = TEE_HANDLE_NULL; - TEE_Result res = TEE_ERROR_GENERIC; - TEE_Attribute attr = { }; - uint32_t key_type = TEE_TYPE_HMAC_SHA1; - uint32_t mac_key_size = 512; - uint32_t max_key_size = 0; - uint32_t algo = 0; - static uint8_t mac_key[] = { - 0x00, 0x01, 0x02, 0x03, - 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, - 0x10, 0x11, 0x12, 0x13, - 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1A, 0x1B, - 0x1C, 0x1D, 0x1E, 0x1F, - 0x20, 0x21, 0x22, 0x23, - 0x24, 0x25, 0x26, 0x27, - 0x28, 0x29, 0x2A, 0x2B, - 0x2C, 0x2D, 0x2E, 0x2F, - 0x30, 0x31, 0x32, 0x33, - 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x3A, 0x3B, - 0x3C, 0x3D, 0x3E, 0x3F - }; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - switch (params[0].value.a) { - case TA_SHA_SHA1: - algo = TEE_ALG_SHA1; - break; - case TA_SHA_SHA224: - algo = TEE_ALG_SHA224; - break; - case TA_SHA_SHA256: - algo = TEE_ALG_SHA256; - break; - case TA_SHA_SHA384: - algo = TEE_ALG_SHA384; - break; - case TA_SHA_SHA512: - algo = TEE_ALG_SHA512; - break; - case TA_SM3: - algo = TEE_ALG_SM3; - break; - case TA_HMAC_SHA1: - key_type = TEE_TYPE_HMAC_SHA1; - algo = TEE_ALG_HMAC_SHA1; - max_key_size = 512; - break; - case TA_HMAC_SHA224: - key_type = TEE_TYPE_HMAC_SHA224; - algo = TEE_ALG_HMAC_SHA224; - max_key_size = 512; - break; - case TA_HMAC_SHA256: - key_type = TEE_TYPE_HMAC_SHA256; - algo = TEE_ALG_HMAC_SHA256; - max_key_size = 512; - break; - case TA_HMAC_SHA384: - key_type = TEE_TYPE_HMAC_SHA384; - algo = TEE_ALG_HMAC_SHA384; - max_key_size = 1024; - break; - case TA_HMAC_SHA512: - key_type = TEE_TYPE_HMAC_SHA512; - algo = TEE_ALG_HMAC_SHA512; - max_key_size = 1024; - break; - case TA_HMAC_SM3: - key_type = TEE_TYPE_HMAC_SM3; - algo = TEE_ALG_HMAC_SM3; - max_key_size = 512; - break; - default: - return TEE_ERROR_BAD_PARAMETERS; - } - - if (digest_op) - TEE_FreeOperation(digest_op); - - if (is_mac(algo)) { - res = TEE_AllocateOperation(&digest_op, algo, TEE_MODE_MAC, max_key_size); - CHECK(res, "TEE_AllocateOperation", return res;); - - res = TEE_AllocateTransientObject(key_type, max_key_size, &hkey); - CHECK(res, "TEE_AllocateTransientObject", return res;); - - attr.attributeID = TEE_ATTR_SECRET_VALUE; - attr.content.ref.buffer = mac_key; - attr.content.ref.length = mac_key_size / 8; - - res = TEE_PopulateTransientObject(hkey, &attr, 1); - CHECK(res, "TEE_PopulateTransientObject", return res;); - - res = TEE_SetOperationKey(digest_op, hkey); - CHECK(res, "TEE_SetOperationKey", return res;); - - TEE_FreeTransientObject(hkey); - } else { - res = TEE_AllocateOperation(&digest_op, algo, TEE_MODE_DIGEST, 0); - CHECK(res, "TEE_AllocateOperation", return res;); - } - return TEE_SUCCESS; -} - -void cmd_clean_res(void) -{ - if (digest_op) - TEE_FreeOperation(digest_op); -}