diff --git a/Android.mk b/Android.mk index c88997cba..be900b4bd 100644 --- a/Android.mk +++ b/Android.mk @@ -109,9 +109,7 @@ LOCAL_C_INCLUDES += $(LOCAL_PATH)/host/xtest \ $(LOCAL_PATH)/ta/storage_benchmark/include \ $(LOCAL_PATH)/ta/concurrent/include \ $(LOCAL_PATH)/ta/concurrent_large/include \ - $(LOCAL_PATH)/ta/hash_perf/include \ - $(LOCAL_PATH)/ta/asym_cipher_perf/include \ - $(LOCAL_PATH)/ta/aes_perf/include \ + $(LOCAL_PATH)/ta/crypto_perf/include \ $(LOCAL_PATH)/ta/socket/include \ $(LOCAL_PATH)/ta/sdp_basic/include \ $(LOCAL_PATH)/ta/tpm_log_test/include \ diff --git a/host/xtest/Makefile b/host/xtest/Makefile index 892eb058e..a255ba86b 100644 --- a/host/xtest/Makefile +++ b/host/xtest/Makefile @@ -121,9 +121,7 @@ CFLAGS += -I../../ta/sims_keepalive/include CFLAGS += -I../../ta/storage_benchmark/include CFLAGS += -I../../ta/concurrent/include CFLAGS += -I../../ta/concurrent_large/include -CFLAGS += -I../../ta/hash_perf/include -CFLAGS += -I../../ta/asym_cipher_perf/include -CFLAGS += -I../../ta/aes_perf/include +CFLAGS += -I../../ta/crypto_perf/include CFLAGS += -I../../ta/socket/include CFLAGS += -I../../ta/sdp_basic/include CFLAGS += -I../../ta/tpm_log_test/include diff --git a/host/xtest/asym_cipher_perf.c b/host/xtest/asym_cipher_perf.c index 011d4b94f..7fdde3c17 100644 --- a/host/xtest/asym_cipher_perf.c +++ b/host/xtest/asym_cipher_perf.c @@ -15,7 +15,6 @@ #include #include #include -#include #include #include #include @@ -62,7 +61,7 @@ static void check_res(TEEC_Result res, const char *errmsg, uint32_t *orig) static void open_ta(void) { - TEEC_UUID uuid = TA_ASYM_CIPHER_PERF_UUID; + TEEC_UUID uuid = TA_CRYPTO_PERF_UUID; TEEC_Result res = TEEC_ERROR_GENERIC; uint32_t err_origin = 0; diff --git a/host/xtest/crypto_common.h b/host/xtest/crypto_common.h index 64448d4a4..7c42e0ef4 100644 --- a/host/xtest/crypto_common.h +++ b/host/xtest/crypto_common.h @@ -7,10 +7,7 @@ #ifndef XTEST_CRYPTO_COMMON_H #define XTEST_CRYPTO_COMMON_H -#include "ta_aes_perf.h" -#include "ta_hash_perf.h" -#include "ta_asym_cipher_perf.h" - +#include "ta_crypto_perf.h" #define AES_PERF_INPLACE 0 diff --git a/host/xtest/hash_perf.c b/host/xtest/hash_perf.c index 4838fbd44..989858286 100644 --- a/host/xtest/hash_perf.c +++ b/host/xtest/hash_perf.c @@ -53,7 +53,7 @@ static void check_res(TEEC_Result res, const char *errmsg, uint32_t *orig) static void open_ta(void) { TEEC_Result res = TEEC_ERROR_GENERIC; - TEEC_UUID uuid = TA_HASH_PERF_UUID; + TEEC_UUID uuid = TTA_CRYPTO_PERF_UUID; uint32_t err_origin = 0; res = TEEC_InitializeContext(NULL, &ctx); diff --git a/ta/CMakeLists.txt b/ta/CMakeLists.txt index 333697e06..cfd24e0ad 100644 --- a/ta/CMakeLists.txt +++ b/ta/CMakeLists.txt @@ -4,7 +4,6 @@ add_library(${PROJECT_NAME} INTERFACE) target_include_directories(${PROJECT_NAME} INTERFACE include - INTERFACE aes_perf/include INTERFACE concurrent/include INTERFACE concurrent_large/include INTERFACE create_fail_test/include @@ -13,8 +12,7 @@ target_include_directories(${PROJECT_NAME} INTERFACE os_test/include INTERFACE rpc_test/include INTERFACE sdp_basic/include - INTERFACE hash_perf/include - INTERFACE asym_cipher_perf/include + INTERFACE crypto_perf/include INTERFACE sims/include INTERFACE miss/include INTERFACE sims_keepalive/include diff --git a/ta/Makefile b/ta/Makefile index c7043745b..d85c9bc9a 100644 --- a/ta/Makefile +++ b/ta/Makefile @@ -28,9 +28,7 @@ TA_DIRS := create_fail_test \ concurrent \ concurrent_large \ storage_benchmark \ - hash_perf \ - aes_perf \ - asym_cipher_perf \ + crypto_perf \ socket \ supp_plugin \ large \ diff --git a/ta/aes_perf/include/ta_aes_perf.h b/ta/aes_perf/include/ta_aes_perf.h deleted file mode 100644 index 997d840e7..000000000 --- a/ta/aes_perf/include/ta_aes_perf.h +++ /dev/null @@ -1,38 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_AES_PERF_H -#define TA_AES_PERF_H - -#define TA_AES_PERF_UUID { 0xe626662e, 0xc0e2, 0x485c, \ - { 0xb8, 0xc8, 0x09, 0xfb, 0xce, 0x6e, 0xdf, 0x3d } } - -/* - * Commands implemented by the TA - */ - -#define TA_AES_PERF_CMD_PREPARE_KEY 0 -#define TA_AES_PERF_CMD_PROCESS 1 -#define TA_AES_PERF_CMD_PROCESS_SDP 2 - -/* - * Supported AES modes of operation - */ - -#define TA_AES_ECB 0 -#define TA_AES_CBC 1 -#define TA_AES_CTR 2 -#define TA_AES_XTS 3 -#define TA_AES_GCM 4 - -/* - * AES key sizes - */ -#define AES_128 128 -#define AES_192 192 -#define AES_256 256 - -#endif /* TA_AES_PERF_H */ diff --git a/ta/aes_perf/include/ta_aes_perf_priv.h b/ta/aes_perf/include/ta_aes_perf_priv.h deleted file mode 100644 index 1d144c3d9..000000000 --- a/ta/aes_perf/include/ta_aes_perf_priv.h +++ /dev/null @@ -1,16 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_EAS_PERF_PRIV_H -#define TA_EAS_PERF_PRIV_H - -#include - -TEE_Result cmd_prepare_key(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_process(uint32_t param_types, TEE_Param params[4], bool sdp); -void cmd_clean_res(void); - -#endif /* TA_EAS_PERF_PRIV_H */ diff --git a/ta/aes_perf/include/user_ta_header_defines.h b/ta/aes_perf/include/user_ta_header_defines.h deleted file mode 100644 index f84858f71..000000000 --- a/ta/aes_perf/include/user_ta_header_defines.h +++ /dev/null @@ -1,21 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef USER_TA_HEADER_DEFINES_H -#define USER_TA_HEADER_DEFINES_H - -#include "ta_aes_perf.h" - -#define TA_UUID TA_AES_PERF_UUID - -#define TA_FLAGS (TA_FLAG_USER_MODE | TA_FLAG_EXEC_DDR | \ - TA_FLAG_SECURE_DATA_PATH | \ - TA_FLAG_CACHE_MAINTENANCE) - -#define TA_STACK_SIZE (2 * 1024) -#define TA_DATA_SIZE (32 * 1024) - -#endif diff --git a/ta/aes_perf/ta_aes_perf.c b/ta/aes_perf/ta_aes_perf.c deleted file mode 100644 index b16d070c4..000000000 --- a/ta/aes_perf/ta_aes_perf.c +++ /dev/null @@ -1,291 +0,0 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include -#include -#include -#include -#include - -#include "ta_aes_perf.h" -#include "ta_aes_perf_priv.h" - -#define CHECK(res, name, action) do { \ - if ((res) != TEE_SUCCESS) { \ - DMSG(name ": 0x%08x", (res)); \ - action \ - } \ - } while(0) - -#define TAG_LEN 128 - -static uint8_t iv[] = { 0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7, - 0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF }; -static int use_iv; - -static TEE_OperationHandle crypto_op = NULL; -static uint32_t algo; - -static bool is_inbuf_a_secure_memref(TEE_Param *param) -{ - TEE_Result res = TEE_ERROR_GENERIC; - - /* - * Check secure attribute for the referenced buffer - * Trust core on validity of the memref size: test only 1st byte - * instead of the overall buffer, and if it's not secure, assume - * the buffer is nonsecure. - */ - res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | - TEE_MEMORY_ACCESS_READ | - TEE_MEMORY_ACCESS_SECURE, - param->memref.buffer, 1); - return (res == TEE_SUCCESS); -} - -static bool is_outbuf_a_secure_memref(TEE_Param *param) -{ - TEE_Result res = TEE_ERROR_GENERIC; - - /* - * Check secure attribute for the referenced buffer - * Trust core on validity of the memref size: test only 1st byte - * instead of the overall buffer, and if it's not secure, assume - * the buffer is nonsecure. - */ - res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | - TEE_MEMORY_ACCESS_WRITE | - TEE_MEMORY_ACCESS_SECURE, - param->memref.buffer, 1); - return (res == TEE_SUCCESS); -} - -#if defined(CFG_CACHE_API) -static TEE_Result flush_memref_buffer(TEE_Param *param) -{ - TEE_Result res = TEE_ERROR_GENERIC; - - res = TEE_CacheFlush(param->memref.buffer, - param->memref.size); - CHECK(res, "TEE_CacheFlush(in)", return res;); - return res; -} -#else -static __maybe_unused TEE_Result flush_memref_buffer(TEE_Param *param __unused) -{ - return TEE_SUCCESS; -} -#endif /* CFG_CACHE_API */ - -TEE_Result cmd_process(uint32_t param_types, - TEE_Param params[TEE_NUM_PARAMS], - bool use_sdp) -{ - TEE_Result res = TEE_ERROR_GENERIC; - int n = 0; - int unit = 0; - void *in = NULL; - void *out = NULL; - size_t insz = 0; - size_t outsz = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, - TEE_PARAM_TYPE_MEMREF_INOUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE); - bool secure_in = false; - bool secure_out = false; - TEE_Result (*do_update)(TEE_OperationHandle, const void *, size_t, - void *, size_t *) = NULL; - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - if (use_sdp) { - /* - * Whatever is expected as memory reference, it is mandatory - * for SDP aware trusted applications of safely indentify all - * memory reference parameters. Hence these tests must be part - * of the performance test setup. - */ - secure_in = is_inbuf_a_secure_memref(¶ms[0]); - secure_out = is_outbuf_a_secure_memref(¶ms[1]); - - /* - * We could invalidate only the caches. We prefer to flush - * them in case 2 sub-buffers are accessed by TAs from a single - * allocated SDP memory buffer, and those are not cache-aligned. - * Invalidating might cause data loss in cache lines. Hence - * rather flush them all before accessing (in read or write). - */ - if (secure_in) { - res = flush_memref_buffer(¶ms[0]); - CHECK(res, "pre-flush in memref param", return res;); - } - if (secure_out) { - res = flush_memref_buffer(¶ms[1]); - CHECK(res, "pre-flush out memref param", return res;); - } - } - - in = params[0].memref.buffer; - insz = params[0].memref.size; - out = params[1].memref.buffer; - outsz = params[1].memref.size; - n = params[2].value.a; - unit = params[2].value.b; - if (!unit) - unit = insz; - - if (algo == TEE_ALG_AES_GCM) - do_update = TEE_AEUpdate; - else - do_update = TEE_CipherUpdate; - - while (n--) { - uint32_t i = 0; - for (i = 0; i < insz / unit; i++) { - res = do_update(crypto_op, in, unit, out, &outsz); - CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); - in = (void *)((uintptr_t)in + unit); - out = (void *)((uintptr_t)out + unit); - } - if (insz % unit) { - res = do_update(crypto_op, in, insz % unit, out, &outsz); - CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); - } - } - - if (secure_out) { - /* intentionally flush output data from cache for SDP buffers */ - res = flush_memref_buffer(¶ms[1]); - CHECK(res, "post-flush out memref param", return res;); - } - - return TEE_SUCCESS; -} - -TEE_Result cmd_prepare_key(uint32_t param_types, TEE_Param params[4]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_ObjectHandle hkey = TEE_HANDLE_NULL; - TEE_ObjectHandle hkey2 = TEE_HANDLE_NULL; - TEE_Attribute attr = { }; - uint32_t mode = 0; - uint32_t op_keysize = 0; - uint32_t keysize = 0; - const uint8_t *ivp = NULL; - size_t ivlen = 0; - static uint8_t aes_key[] = { 0x00, 0x01, 0x02, 0x03, - 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, - 0x10, 0x11, 0x12, 0x13, - 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1A, 0x1B, - 0x1C, 0x1D, 0x1E, 0x1F }; - static uint8_t aes_key2[] = { 0x20, 0x21, 0x22, 0x23, - 0x24, 0x25, 0x26, 0x27, - 0x28, 0x29, 0x2A, 0x2B, - 0x2C, 0x2D, 0x2E, 0x2F, - 0x30, 0x31, 0x32, 0x33, - 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x3A, 0x3B, - 0x3C, 0x3D, 0x3E, 0x3F }; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - mode = params[0].value.a ? TEE_MODE_DECRYPT : TEE_MODE_ENCRYPT; - keysize = params[0].value.b; - op_keysize = keysize; - - switch (params[1].value.a) { - case TA_AES_ECB: - algo = TEE_ALG_AES_ECB_NOPAD; - use_iv = 0; - break; - case TA_AES_CBC: - algo = TEE_ALG_AES_CBC_NOPAD; - use_iv = 1; - break; - case TA_AES_CTR: - algo = TEE_ALG_AES_CTR; - use_iv = 1; - break; - case TA_AES_XTS: - algo = TEE_ALG_AES_XTS; - use_iv = 1; - op_keysize *= 2; - break; - case TA_AES_GCM: - algo = TEE_ALG_AES_GCM; - use_iv = 1; - break; - default: - return TEE_ERROR_BAD_PARAMETERS; - } - - cmd_clean_res(); - - res = TEE_AllocateOperation(&crypto_op, algo, mode, op_keysize); - CHECK(res, "TEE_AllocateOperation", return res;); - - res = TEE_AllocateTransientObject(TEE_TYPE_AES, keysize, &hkey); - CHECK(res, "TEE_AllocateTransientObject", return res;); - - attr.attributeID = TEE_ATTR_SECRET_VALUE; - attr.content.ref.buffer = aes_key; - attr.content.ref.length = keysize / 8; - - res = TEE_PopulateTransientObject(hkey, &attr, 1); - CHECK(res, "TEE_PopulateTransientObject", return res;); - - if (algo == TEE_ALG_AES_XTS) { - res = TEE_AllocateTransientObject(TEE_TYPE_AES, keysize, - &hkey2); - CHECK(res, "TEE_AllocateTransientObject", return res;); - - attr.content.ref.buffer = aes_key2; - - res = TEE_PopulateTransientObject(hkey2, &attr, 1); - CHECK(res, "TEE_PopulateTransientObject", return res;); - - res = TEE_SetOperationKey2(crypto_op, hkey, hkey2); - CHECK(res, "TEE_SetOperationKey2", return res;); - - TEE_FreeTransientObject(hkey2); - } else { - res = TEE_SetOperationKey(crypto_op, hkey); - CHECK(res, "TEE_SetOperationKey", return res;); - } - - TEE_FreeTransientObject(hkey); - - if (use_iv) { - ivp = iv; - ivlen = sizeof(iv); - } else { - ivp = NULL; - ivlen = 0; - } - - if (algo == TEE_ALG_AES_GCM) { - return TEE_AEInit(crypto_op, ivp, ivlen, TAG_LEN, 0, 0); - } else { - TEE_CipherInit(crypto_op, ivp, ivlen); - return TEE_SUCCESS; - } -} - -void cmd_clean_res(void) -{ - if (crypto_op) - TEE_FreeOperation(crypto_op); -} diff --git a/ta/aes_perf/ta_entry.c b/ta/aes_perf/ta_entry.c deleted file mode 100644 index be3ceefeb..000000000 --- a/ta/aes_perf/ta_entry.c +++ /dev/null @@ -1,71 +0,0 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include -#include - -#include "ta_aes_perf.h" -#include "ta_aes_perf_priv.h" - -/* - * Trusted Application Entry Points - */ - -/* Called each time a new instance is created */ -TEE_Result TA_CreateEntryPoint(void) -{ - return TEE_SUCCESS; -} - -/* Called each time an instance is destroyed */ -void TA_DestroyEntryPoint(void) -{ -} - -/* Called each time a session is opened */ -TEE_Result TA_OpenSessionEntryPoint(uint32_t nParamTypes, - TEE_Param pParams[4], - void **ppSessionContext) -{ - (void)nParamTypes; - (void)pParams; - (void)ppSessionContext; - return TEE_SUCCESS; -} - -/* Called each time a session is closed */ -void TA_CloseSessionEntryPoint(void *pSessionContext) -{ - (void)pSessionContext; - - cmd_clean_res(); -} - -/* Called when a command is invoked */ -TEE_Result TA_InvokeCommandEntryPoint(void *pSessionContext, - uint32_t nCommandID, uint32_t nParamTypes, - TEE_Param pParams[4]) -{ - (void)pSessionContext; - - switch (nCommandID) { - case TA_AES_PERF_CMD_PREPARE_KEY: - return cmd_prepare_key(nParamTypes, pParams); - - case TA_AES_PERF_CMD_PROCESS: - return cmd_process(nParamTypes, pParams, false); - case TA_AES_PERF_CMD_PROCESS_SDP: -#ifdef CFG_SECURE_DATA_PATH - return cmd_process(nParamTypes, pParams, true); -#else - EMSG("Invalid SDP commands: TA was built without SDP support"); - return TEE_ERROR_NOT_SUPPORTED; -#endif - - default: - return TEE_ERROR_BAD_PARAMETERS; - } -} diff --git a/ta/asym_cipher_perf/Android.mk b/ta/asym_cipher_perf/Android.mk deleted file mode 100644 index a7c62c828..000000000 --- a/ta/asym_cipher_perf/Android.mk +++ /dev/null @@ -1,4 +0,0 @@ -LOCAL_PATH := $(call my-dir) - -local_module := b448fcc1-ba8c-4132-9acf-2e056544f3c8.ta -include $(BUILD_OPTEE_MK) diff --git a/ta/asym_cipher_perf/Makefile b/ta/asym_cipher_perf/Makefile deleted file mode 100644 index 0445b71cc..000000000 --- a/ta/asym_cipher_perf/Makefile +++ /dev/null @@ -1,3 +0,0 @@ -BINARY = b448fcc1-ba8c-4132-9acf-2e056544f3c8 - -include ../ta_common.mk diff --git a/ta/asym_cipher_perf/include/ta_asym_cipher_perf_priv.h b/ta/asym_cipher_perf/include/ta_asym_cipher_perf_priv.h deleted file mode 100644 index a6c0bc874..000000000 --- a/ta/asym_cipher_perf/include/ta_asym_cipher_perf_priv.h +++ /dev/null @@ -1,21 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_ASYM_CIPHER_PERF_PRIV_H -#define TA_ASYM_CIPHER_PERF_PRIV_H - -#include - -TEE_Result cmd_process_keypair(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_process_rsa_ecc(uint32_t param_types, TEE_Param params[4]); - -TEE_Result cmd_prepare_obj(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_prepare_keypair(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_prepare_hash(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_prepare_enc_sign(uint32_t param_types, TEE_Param params[4]); -void cmd_clean_op(void); -void cmd_clean_obj(void); -#endif /* TA_ASYM_CIPHER_PERF_PRIV_H*/ diff --git a/ta/asym_cipher_perf/include/user_ta_header_defines.h b/ta/asym_cipher_perf/include/user_ta_header_defines.h deleted file mode 100644 index cee14de2a..000000000 --- a/ta/asym_cipher_perf/include/user_ta_header_defines.h +++ /dev/null @@ -1,19 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef USER_TA_ASYM_HEADER_DEFINES_H -#define USER_TA_ASYM_HEADER_DEFINES_H - -#include "ta_asym_cipher_perf.h" - -#define TA_UUID TA_ASYM_CIPHER_PERF_UUID - -#define TA_FLAGS 0 - -#define TA_STACK_SIZE (2 * 1024) -#define TA_DATA_SIZE (32 * 1024) - -#endif diff --git a/ta/asym_cipher_perf/sub.mk b/ta/asym_cipher_perf/sub.mk deleted file mode 100644 index 5353c38b9..000000000 --- a/ta/asym_cipher_perf/sub.mk +++ /dev/null @@ -1,3 +0,0 @@ -global-incdirs-y += include -srcs-y += ta_entry.c -srcs-y += ta_asym_cipher_perf.c diff --git a/ta/asym_cipher_perf/ta_asym_cipher_perf.c b/ta/asym_cipher_perf/ta_asym_cipher_perf.c deleted file mode 100644 index 93ac27f97..000000000 --- a/ta/asym_cipher_perf/ta_asym_cipher_perf.c +++ /dev/null @@ -1,506 +0,0 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2023, Huawei Technologies Co., Ltd - * All rights reserved. - */ - -#include -#include -#include -#include -#include -#include -#include - -#include "ta_asym_cipher_perf.h" -#include "ta_asym_cipher_perf_priv.h" - -struct attr_packed { - uint32_t id; - uint32_t a; - uint32_t b; -}; - -#define CHECK(res, name, action) do { \ - if ((res) != TEE_SUCCESS) { \ - printf(name ": 0x%08x", (res)); \ - action \ - } \ - } while(0) - -static TEE_OperationHandle crypto_op = NULL; -static TEE_OperationHandle crypto_op_enc_sign = NULL; -static TEE_ObjectHandle crypto_obj = TEE_HANDLE_NULL; -static uint32_t algo; - -static TEE_Result unpack_attrs(const uint8_t *buf, size_t blen, - TEE_Attribute **attrs, uint32_t *attr_count) -{ - TEE_Result res = TEE_SUCCESS; - TEE_Attribute *a = NULL; - const struct attr_packed *ap = NULL; - size_t num_attrs = 0; - const size_t num_attrs_size = sizeof(uint32_t); - - if (blen == 0) - goto out; - - if (((uintptr_t)buf & 0x3) != 0 || blen < num_attrs_size) - return TEE_ERROR_BAD_PARAMETERS; - num_attrs = *(uint32_t *) (void *)buf; - if ((blen - num_attrs_size) < (num_attrs * sizeof(*ap))) - return TEE_ERROR_BAD_PARAMETERS; - ap = (const struct attr_packed *)(const void *)(buf + num_attrs_size); - - if (num_attrs > 0) { - size_t n; - - a = TEE_Malloc(num_attrs * sizeof(TEE_Attribute), 0); - if (!a) - return TEE_ERROR_OUT_OF_MEMORY; - for (n = 0; n < num_attrs; n++) { - uintptr_t p; - - a[n].attributeID = ap[n].id; - if (ap[n].id & TEE_ATTR_FLAG_VALUE) { - a[n].content.value.a = ap[n].a; - a[n].content.value.b = ap[n].b; - continue; - } - - a[n].content.ref.length = ap[n].b; - p = (uintptr_t)ap[n].a; - if (p) { - if ((p + a[n].content.ref.length) > blen) { - res = TEE_ERROR_BAD_PARAMETERS; - goto out; - } - p += (uintptr_t)buf; - } - a[n].content.ref.buffer = (void *)p; - } - } - - res = TEE_SUCCESS; -out: - if (res == TEE_SUCCESS) { - *attrs = a; - *attr_count = num_attrs; - } else { - TEE_Free(a); - } - return res; -} - -static TEE_Result get_rsa_cipher_algo(uint32_t algo_type) -{ - switch (algo_type) { - case RSA_NOPAD: - algo = TEE_ALG_RSA_NOPAD; - break; - case RSAES_PKCS1_V1_5: - algo = TEE_ALG_RSAES_PKCS1_V1_5; - break; - case RSAES_PKCS1_OAEP_SHA1: - algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1; - break; - case RSAES_PKCS1_OAEP_SHA224: - algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224; - break; - case RSAES_PKCS1_OAEP_SHA256: - algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256; - break; - case RSAES_PKCS1_OAEP_SHA384: - algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384; - break; - case RSAES_PKCS1_OAEP_SHA512: - algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512; - break; - default: - printf("RSA enc or dec error algo_type\n"); - return TEE_ERROR_BAD_PARAMETERS; - } - - return 0; -} - -static TEE_Result get_rsa_hash_algo(uint32_t algo_type) -{ - switch (algo_type) { - case RSASSA_PKCS1_V1_5_SHA1: - algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA1; - break; - case RSASSA_PKCS1_V1_5_SHA224: - algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA224; - break; - case RSASSA_PKCS1_V1_5_SHA256: - algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA256; - break; - case RSASSA_PKCS1_V1_5_SHA384: - algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA384; - break; - case RSASSA_PKCS1_V1_5_SHA512: - algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA512; - break; - case RSASSA_PKCS1_PSS_MGF1_SHA1: - algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1; - break; - case RSASSA_PKCS1_PSS_MGF1_SHA224: - algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224; - break; - case RSASSA_PKCS1_PSS_MGF1_SHA256: - algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256; - break; - case RSASSA_PKCS1_PSS_MGF1_SHA384: - algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384; - break; - case RSASSA_PKCS1_PSS_MGF1_SHA512: - algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512; - break; - default: - printf("RSA sign or verify error algo_type\n"); - return TEE_ERROR_BAD_PARAMETERS; - } - - return 0; -} - -static TEE_Result get_ecdsa_hash_algo(uint32_t width_bits) -{ - switch (width_bits) { - case ECC_CURVE_192: - algo = __OPTEE_ALG_ECDSA_P192; - break; - case ECC_CURVE_224: - algo = __OPTEE_ALG_ECDSA_P224; - break; - case ECC_CURVE_256: - algo = __OPTEE_ALG_ECDSA_P256; - break; - case ECC_CURVE_384: - algo = __OPTEE_ALG_ECDSA_P384; - break; - case ECC_CURVE_521: - algo = __OPTEE_ALG_ECDSA_P521; - break; - default: - printf("ECDSA sign or verify error width_bits\n"); - return TEE_ERROR_BAD_PARAMETERS; - } - - return 0; -} - -static TEE_Result get_algo(uint32_t tee_type, uint32_t mode, - uint32_t width_bits, uint32_t algo_type) -{ - TEE_Result res = 0; - - if (tee_type == RSA) { - if (mode == MODE_ENCRYPT || mode == MODE_DECRYPT) { - res = get_rsa_cipher_algo(algo_type); - } else if (mode == MODE_SIGN || mode == MODE_VERIFY) { - res = get_rsa_hash_algo(algo_type); - } else { - printf("RSA error mode\n"); - res = TEE_ERROR_BAD_PARAMETERS; - } - } else if (tee_type == ECDSA) { - if (mode == MODE_SIGN || mode == MODE_VERIFY) { - res = get_ecdsa_hash_algo(width_bits); - } else { - printf("ECDSA error mode\n"); - res = TEE_ERROR_BAD_PARAMETERS; - } - } - - return res; -} - -static TEE_Result get_keypair_type(uint32_t value) -{ - switch (value) { - case DH: - return TEE_TYPE_DH_KEYPAIR; - case RSA: - return TEE_TYPE_RSA_KEYPAIR; - case ECDSA: - return TEE_TYPE_ECDSA_KEYPAIR; - case ECDH: - return TEE_TYPE_ECDH_KEYPAIR; - case X25519: - return TEE_TYPE_X25519_KEYPAIR; - default: - printf("The algo[%u] is err!\n", algo); - } - - return TEE_ERROR_BAD_PARAMETERS; -} - -TEE_Result cmd_process_keypair(uint32_t param_types, - TEE_Param params[TEE_NUM_PARAMS]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_Attribute *attrs = NULL; - uint32_t attr_count = 0; - int width_bits = 0; - int n = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_MEMREF_INOUT, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - res = unpack_attrs(params[1].memref.buffer, params[1].memref.size, - &attrs, &attr_count); - if (res != TEE_SUCCESS) - return res; - - width_bits = params[0].value.a; - n = params[0].value.b; - - while (n--) { - res = TEE_GenerateKey(crypto_obj, width_bits, attrs, attr_count); - CHECK(res, "TEE_GenerateKey", goto out;); - TEE_ResetTransientObject(crypto_obj); - } - -out: - TEE_Free(attrs); - return res; -} - -TEE_Result cmd_process_rsa_ecc(uint32_t param_types, - TEE_Param params[TEE_NUM_PARAMS]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - int n = 0; - - uint32_t mode = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_MEMREF_INPUT, - TEE_PARAM_TYPE_MEMREF_OUTPUT); - TEE_Attribute *attrs = NULL; - uint32_t attr_count = 0; - - TEE_Result (*do_asym)(TEE_OperationHandle, const TEE_Attribute *, - uint32_t, const void *, uint32_t, void *, - uint32_t *) = NULL; - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - res = unpack_attrs(params[0].memref.buffer, params[0].memref.size, - &attrs, &attr_count); - if (res != TEE_SUCCESS) - return res; - - n = params[1].value.a; - mode = params[1].value.b; - - if (mode == MODE_ENCRYPT) - do_asym = TEE_AsymmetricEncrypt; - else if (mode == MODE_DECRYPT) - do_asym = TEE_AsymmetricDecrypt; - else if (mode == MODE_SIGN) - do_asym = TEE_AsymmetricSignDigest; - - if (mode == MODE_VERIFY) { - while (n--) { - res = TEE_AsymmetricVerifyDigest(crypto_op, attrs, - attr_count, params[2].memref.buffer, - params[2].memref.size, params[3].memref.buffer, - params[3].memref.size); - CHECK(res, "TEE_AsymmetricEncrypt", goto out;); - } - } else { - while (n--) { - res = do_asym(crypto_op, attrs, attr_count, - params[2].memref.buffer, params[2].memref.size, - params[3].memref.buffer, ¶ms[3].memref.size); - - CHECK(res, "TEE_AsymmetricEncrypt", goto out;); - } - } - -out: - TEE_Free(attrs); - return res; -} - -TEE_Result cmd_prepare_obj(uint32_t param_types, TEE_Param params[4]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - uint32_t tee_type; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - tee_type = get_keypair_type(params[0].value.a); - if (tee_type == TEE_ERROR_BAD_PARAMETERS) - return TEE_ERROR_BAD_PARAMETERS; - - cmd_clean_obj(); - res = TEE_AllocateTransientObject(tee_type, params[0].value.b, - &crypto_obj); - CHECK(res, "TEE_AllocateTransientObject", return res;); - - return res; -} - -TEE_Result cmd_prepare_keypair(uint32_t param_types, TEE_Param params[4]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_Attribute *attrs = NULL; - uint32_t attr_count = 0; - uint32_t width_bits = 0; - uint32_t algo_type = 0; - uint32_t tee_type = 0; - uint32_t mode = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_MEMREF_INPUT, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - mode = params[0].value.b; - width_bits = params[0].value.a; - tee_type = params[1].value.a; - algo_type = params[1].value.b; - - if (get_algo(tee_type, mode, width_bits, algo_type)) - return TEE_ERROR_BAD_PARAMETERS; - - res = unpack_attrs(params[2].memref.buffer, params[2].memref.size, - &attrs, &attr_count); - if (res != TEE_SUCCESS) - return res; - - res = TEE_GenerateKey(crypto_obj, width_bits, attrs, attr_count); - CHECK(res, "TEE_GenerateKey", goto out;); - - cmd_clean_op(); - res = TEE_AllocateOperation(&crypto_op, algo, mode, width_bits); - CHECK(res, "TEE_AllocateOperation", goto out;); - - res = TEE_SetOperationKey(crypto_op, crypto_obj); - CHECK(res, "TEE_SetOperationKey", goto out;); - - if (mode == MODE_DECRYPT) { - res = TEE_AllocateOperation(&crypto_op_enc_sign, algo, - MODE_ENCRYPT, width_bits); - CHECK(res, "TEE_AllocateOperation", goto out;); - - res = TEE_SetOperationKey(crypto_op_enc_sign, crypto_obj); - CHECK(res, "TEE_SetOperationKey", goto out;); - } else if (mode == MODE_VERIFY) { - res = TEE_AllocateOperation(&crypto_op_enc_sign, algo, - MODE_SIGN, width_bits); - CHECK(res, "TEE_AllocateOperation", goto out;); - - res = TEE_SetOperationKey(crypto_op_enc_sign, crypto_obj); - CHECK(res, "TEE_SetOperationKey", goto out;); - } - -out: - TEE_Free(attrs); - - return res; -} - -TEE_Result cmd_prepare_hash(uint32_t param_types, TEE_Param params[4]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_OperationHandle hash_op = NULL; - uint32_t hash_algo = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_MEMREF_INPUT, - TEE_PARAM_TYPE_MEMREF_INOUT, - TEE_PARAM_TYPE_NONE); - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - if (params[0].value.a == ECDSA) - hash_algo = TEE_ALG_SHA1; - else - hash_algo = TEE_ALG_HASH_ALGO(TEE_ALG_GET_DIGEST_HASH(algo)); - - res = TEE_AllocateOperation(&hash_op, hash_algo, TEE_MODE_DIGEST, 0); - CHECK(res, "TEE_AllocateOperation", return res;); - - res = TEE_DigestDoFinal(hash_op, params[1].memref.buffer, - params[1].memref.size, params[2].memref.buffer, - ¶ms[2].memref.size); - CHECK(res, "TEE_DigestDoFinal", return res;); - - TEE_FreeOperation(hash_op); - - return res; -} - -TEE_Result cmd_prepare_enc_sign(uint32_t param_types, - TEE_Param params[TEE_NUM_PARAMS]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_Attribute *attrs = NULL; - uint32_t attr_count = 0; - uint32_t mode = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, - TEE_PARAM_TYPE_MEMREF_OUTPUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_MEMREF_INPUT); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - mode = params[2].value.a; - res = unpack_attrs(params[3].memref.buffer, params[3].memref.size, - &attrs, &attr_count); - if (res != TEE_SUCCESS) - return res; - - if (mode == MODE_DECRYPT) - res = TEE_AsymmetricEncrypt(crypto_op_enc_sign, NULL, 0, - params[0].memref.buffer, params[0].memref.size, - params[1].memref.buffer, ¶ms[1].memref.size); - else - res = TEE_AsymmetricSignDigest(crypto_op_enc_sign, attrs, - attr_count, - params[0].memref.buffer, - params[0].memref.size, - params[1].memref.buffer, - ¶ms[1].memref.size); - - TEE_Free(attrs); - CHECK(res, "TEE_AsymmetricEncrypt", return res;); - - return TEE_SUCCESS; -} - -void cmd_clean_obj(void) -{ - if (crypto_obj) - TEE_FreeTransientObject(crypto_obj); - crypto_obj = TEE_HANDLE_NULL; -} - -void cmd_clean_op(void) -{ - if (crypto_op) { - TEE_FreeOperation(crypto_op); - crypto_op = NULL; - } - if (crypto_op_enc_sign) { - TEE_FreeOperation(crypto_op_enc_sign); - crypto_op_enc_sign = NULL; - } -} diff --git a/ta/aes_perf/Android.mk b/ta/crypto_perf/Android.mk similarity index 96% rename from ta/aes_perf/Android.mk rename to ta/crypto_perf/Android.mk index 8fc8de6d3..0054d1a95 100644 --- a/ta/aes_perf/Android.mk +++ b/ta/crypto_perf/Android.mk @@ -1,4 +1,4 @@ -LOCAL_PATH := $(call my-dir) - -local_module := e626662e-c0e2-485c-b8c8-09fbce6edf3d.ta -include $(BUILD_OPTEE_MK) +LOCAL_PATH := $(call my-dir) + +local_module := e626662e-c0e2-485c-b8c8-09fbce6edf3d.ta +include $(BUILD_OPTEE_MK) diff --git a/ta/aes_perf/Makefile b/ta/crypto_perf/Makefile similarity index 94% rename from ta/aes_perf/Makefile rename to ta/crypto_perf/Makefile index 40388663a..f223a979d 100644 --- a/ta/aes_perf/Makefile +++ b/ta/crypto_perf/Makefile @@ -1,4 +1,4 @@ -BINARY = e626662e-c0e2-485c-b8c8-09fbce6edf3d - -include ../ta_common.mk - +BINARY = e626662e-c0e2-485c-b8c8-09fbce6edf3d + +include ../ta_common.mk + diff --git a/ta/asym_cipher_perf/include/ta_asym_cipher_perf.h b/ta/crypto_perf/include/ta_crypto_perf.h similarity index 50% rename from ta/asym_cipher_perf/include/ta_asym_cipher_perf.h rename to ta/crypto_perf/include/ta_crypto_perf.h index 3f9b884b6..3c90227c8 100644 --- a/ta/asym_cipher_perf/include/ta_asym_cipher_perf.h +++ b/ta/crypto_perf/include/ta_crypto_perf.h @@ -4,22 +4,66 @@ * All rights reserved. */ -#ifndef TA_ASYM_CIPHER_PERF_H -#define TA_ASYM_CIPHER_PERF_H +#ifndef TA_CRYPTO_PERF_H +#define TA_CRYPTO_PERF_H -#define TA_ASYM_CIPHER_PERF_UUID { 0xb448fcc1, 0xba8c, 0x4132, \ - { 0x9a, 0xcf, 0x2e, 0x05, 0x65, 0x44, 0xf3, 0xc8 } } +#define TA_CRYPTO_PERF_UUID { 0xe626662e, 0xc0e2, 0x485c, \ + { 0xb8, 0xc8, 0x09, 0xfb, 0xce, 0x6e, 0xdf, 0x3d } } /* * Commands implemented by the TA */ -#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_OBJ 0 -#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_HASH 1 -#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_KEYPAIR 2 -#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_ENC_SIGN 3 -#define TA_ASYM_CIPHER_PERF_CMD_PROCESS_GEN_KEYPAIR 4 -#define TA_ASYM_CIPHER_PERF_CMD_PROCESS 5 +#define TA_CIPHER_PERF_CMD_PREPARE_KEY 0 +#define TA_CIPHER_PERF_CMD_PROCESS 1 +#define TA_CIPHER_PERF_CMD_PROCESS_SDP 2 +#define TA_HASH_PERF_CMD_PREPARE_OP 3 +#define TA_HASH_PERF_CMD_PROCESS 4 +#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_OBJ 5 +#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_HASH 6 +#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_KEYPAIR 7 +#define TA_ASYM_CIPHER_PERF_CMD_PREPARE_ENC_SIGN 8 +#define TA_ASYM_CIPHER_PERF_CMD_PROCESS_GEN_KEYPAIR 9 +#define TA_ASYM_CIPHER_PERF_CMD_PROCESS 10 + +/* + * Supported AES modes of operation + */ + +#define TA_AES_ECB 0 +#define TA_AES_CBC 1 +#define TA_AES_CTR 2 +#define TA_AES_XTS 3 +#define TA_AES_GCM 4 + +#define TA_SM4_ECB 5 +#define TA_SM4_CBC 6 +#define TA_SM4_CTR 7 +#define TA_SM4_XTS 8 + +/* + * AES key sizes + */ +#define KEY_SIZE_128 128 +#define KEY_SIZE_192 192 +#define KEY_SIZE_256 256 + +/* + * Supported hash algorithms + */ + +#define TA_SHA_SHA1 0 +#define TA_SHA_SHA224 1 +#define TA_SHA_SHA256 2 +#define TA_SHA_SHA384 3 +#define TA_SHA_SHA512 4 +#define TA_SM3 5 +#define TA_HMAC_SHA1 6 +#define TA_HMAC_SHA224 7 +#define TA_HMAC_SHA256 8 +#define TA_HMAC_SHA384 9 +#define TA_HMAC_SHA512 10 +#define TA_HMAC_SM3 11 #define PKCS_V1_5_MIN 11 #define BITS_TO_BYTES(len) (((len) + 7) / 8) @@ -83,4 +127,4 @@ typedef enum { RSASSA_PKCS1_PSS_MGF1_SHA512 = 9, } RSA_Sign_Mode; -#endif /* TA_ASYM_CIPHER_PERF_H */ +#endif /* TA_CRYPTO_PERF_H */ diff --git a/ta/crypto_perf/include/ta_crypto_perf_priv.h b/ta/crypto_perf/include/ta_crypto_perf_priv.h new file mode 100644 index 000000000..42d05a600 --- /dev/null +++ b/ta/crypto_perf/include/ta_crypto_perf_priv.h @@ -0,0 +1,26 @@ +/* SPDX-License-Identifier: BSD-2-Clause */ +/* + * Copyright (c) 2015, Linaro Limited + * All rights reserved. + */ + +#ifndef TA_CRYPTO_PERF_PRIV_H +#define TA_CRYPTO_PERF_PRIV_H + +#include + +TEE_Result cmd_cipher_prepare_key(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_cipher_process(uint32_t param_types, TEE_Param params[4], + bool sdp); +TEE_Result cmd_hash_prepare_op(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_hash_process(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_asym_process_keypair(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_asym_process_rsa_ecc(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_asym_prepare_obj(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_asym_prepare_keypair(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_asym_prepare_hash(uint32_t param_types, TEE_Param params[4]); +TEE_Result cmd_asym_prepare_enc_sign(uint32_t param_types, TEE_Param params[4]); +void cmd_clean_obj(void); +void cmd_clean_res(void); + +#endif /* TA_CRYPTO_PERF_PRIV_H */ diff --git a/ta/hash_perf/include/user_ta_header_defines.h b/ta/crypto_perf/include/user_ta_header_defines.h similarity index 68% rename from ta/hash_perf/include/user_ta_header_defines.h rename to ta/crypto_perf/include/user_ta_header_defines.h index 494afc07b..017bda57c 100644 --- a/ta/hash_perf/include/user_ta_header_defines.h +++ b/ta/crypto_perf/include/user_ta_header_defines.h @@ -1,18 +1,19 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef USER_TA_HEADER_DEFINES_H -#define USER_TA_HEADER_DEFINES_H - -#include "ta_hash_perf.h" - -#define TA_UUID TA_HASH_PERF_UUID - -#define TA_FLAGS (TA_FLAG_USER_MODE | TA_FLAG_EXEC_DDR) -#define TA_STACK_SIZE (2 * 1024) -#define TA_DATA_SIZE (32 * 1024) - -#endif +/* SPDX-License-Identifier: BSD-2-Clause */ +/* + * Copyright (c) 2015, Linaro Limited + * All rights reserved. + */ + +#ifndef USER_TA_HEADER_DEFINES_H +#define USER_TA_HEADER_DEFINES_H + +#include "ta_crypto_perf.h" + +#define TA_UUID TA_CRYPTO_PERF_UUID + +#define TA_FLAGS 0 + +#define TA_STACK_SIZE (2 * 1024) +#define TA_DATA_SIZE (32 * 1024) + +#endif diff --git a/ta/aes_perf/sub.mk b/ta/crypto_perf/sub.mk similarity index 62% rename from ta/aes_perf/sub.mk rename to ta/crypto_perf/sub.mk index 8553db686..3def59d21 100644 --- a/ta/aes_perf/sub.mk +++ b/ta/crypto_perf/sub.mk @@ -1,3 +1,3 @@ -global-incdirs-y += include -srcs-y += ta_entry.c -srcs-y += ta_aes_perf.c +global-incdirs-y += include +srcs-y += ta_entry.c +srcs-y += ta_crypto_perf.c diff --git a/ta/crypto_perf/ta_crypto_perf.c b/ta/crypto_perf/ta_crypto_perf.c new file mode 100644 index 000000000..50a1712b7 --- /dev/null +++ b/ta/crypto_perf/ta_crypto_perf.c @@ -0,0 +1,965 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2015, Linaro Limited + * All rights reserved. + */ + +#include +#include +#include +#include +#include +#include + +#include "ta_crypto_perf.h" +#include "ta_crypto_perf_priv.h" + +#define CHECK(res, name, action) do { \ + if ((res) != TEE_SUCCESS) { \ + DMSG(name ": 0x%08x", (res)); \ + action \ + } \ + } while(0) + +#define TAG_LEN 128 + +static uint8_t iv[] = { 0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7, + 0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF }; +static int use_iv; + +static TEE_OperationHandle crypto_op = NULL; +static uint32_t algo; +static TEE_OperationHandle crypto_op_enc_sign = NULL; +static TEE_ObjectHandle crypto_obj = TEE_HANDLE_NULL; + +static bool is_inbuf_a_secure_memref(TEE_Param *param) +{ + TEE_Result res = TEE_ERROR_GENERIC; + + /* + * Check secure attribute for the referenced buffer + * Trust core on validity of the memref size: test only 1st byte + * instead of the overall buffer, and if it's not secure, assume + * the buffer is nonsecure. + */ + res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | + TEE_MEMORY_ACCESS_READ | + TEE_MEMORY_ACCESS_SECURE, + param->memref.buffer, 1); + return (res == TEE_SUCCESS); +} + +static bool is_outbuf_a_secure_memref(TEE_Param *param) +{ + TEE_Result res = TEE_ERROR_GENERIC; + + /* + * Check secure attribute for the referenced buffer + * Trust core on validity of the memref size: test only 1st byte + * instead of the overall buffer, and if it's not secure, assume + * the buffer is nonsecure. + */ + res = TEE_CheckMemoryAccessRights(TEE_MEMORY_ACCESS_ANY_OWNER | + TEE_MEMORY_ACCESS_WRITE | + TEE_MEMORY_ACCESS_SECURE, + param->memref.buffer, 1); + return (res == TEE_SUCCESS); +} + +#if defined(CFG_CACHE_API) +static TEE_Result flush_memref_buffer(TEE_Param *param) +{ + TEE_Result res = TEE_ERROR_GENERIC; + + res = TEE_CacheFlush(param->memref.buffer, + param->memref.size); + CHECK(res, "TEE_CacheFlush(in)", return res;); + return res; +} +#else +static __maybe_unused TEE_Result flush_memref_buffer(TEE_Param *param __unused) +{ + return TEE_SUCCESS; +} +#endif /* CFG_CACHE_API */ + +TEE_Result cmd_cipher_process(uint32_t param_types, + TEE_Param params[TEE_NUM_PARAMS], + bool use_sdp) +{ + TEE_Result res = TEE_ERROR_GENERIC; + int n = 0; + int unit = 0; + void *in = NULL; + void *out = NULL; + size_t insz = 0; + size_t outsz = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE); + bool secure_in = false; + bool secure_out = false; + TEE_Result (*do_update)(TEE_OperationHandle, const void *, size_t, + void *, size_t *) = NULL; + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + if (use_sdp) { + /* + * Whatever is expected as memory reference, it is mandatory + * for SDP aware trusted applications of safely indentify all + * memory reference parameters. Hence these tests must be part + * of the performance test setup. + */ + secure_in = is_inbuf_a_secure_memref(¶ms[0]); + secure_out = is_outbuf_a_secure_memref(¶ms[1]); + + /* + * We could invalidate only the caches. We prefer to flush + * them in case 2 sub-buffers are accessed by TAs from a single + * allocated SDP memory buffer, and those are not cache-aligned. + * Invalidating might cause data loss in cache lines. Hence + * rather flush them all before accessing (in read or write). + */ + if (secure_in) { + res = flush_memref_buffer(¶ms[0]); + CHECK(res, "pre-flush in memref param", return res;); + } + if (secure_out) { + res = flush_memref_buffer(¶ms[1]); + CHECK(res, "pre-flush out memref param", return res;); + } + } + + in = params[0].memref.buffer; + insz = params[0].memref.size; + out = params[1].memref.buffer; + outsz = params[1].memref.size; + n = params[2].value.a; + unit = params[2].value.b; + if (!unit) + unit = insz; + + if (algo == TEE_ALG_AES_GCM) + do_update = TEE_AEUpdate; + else + do_update = TEE_CipherUpdate; + + while (n--) { + uint32_t i = 0; + for (i = 0; i < insz / unit; i++) { + res = do_update(crypto_op, in, unit, out, &outsz); + CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); + in = (void *)((uintptr_t)in + unit); + out = (void *)((uintptr_t)out + unit); + } + if (insz % unit) { + res = do_update(crypto_op, in, insz % unit, out, &outsz); + CHECK(res, "TEE_CipherUpdate/TEE_AEUpdate", return res;); + } + } + + if (secure_out) { + /* intentionally flush output data from cache for SDP buffers */ + res = flush_memref_buffer(¶ms[1]); + CHECK(res, "post-flush out memref param", return res;); + } + + return TEE_SUCCESS; +} + +TEE_Result cmd_cipher_prepare_key(uint32_t param_types, TEE_Param params[4]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_ObjectHandle hkey = TEE_HANDLE_NULL; + TEE_ObjectHandle hkey2 = TEE_HANDLE_NULL; + TEE_ObjectType objectType; + TEE_Attribute attr = { }; + uint32_t mode = 0; + uint32_t op_keysize = 0; + uint32_t keysize = 0; + const uint8_t *ivp = NULL; + size_t ivlen = 0; + static uint8_t cipher_key[] = { 0x00, 0x01, 0x02, 0x03, + 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, + 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, + 0x1C, 0x1D, 0x1E, 0x1F }; + static uint8_t cipher_key2[] = { 0x20, 0x21, 0x22, 0x23, + 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2A, 0x2B, + 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, + 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3A, 0x3B, + 0x3C, 0x3D, 0x3E, 0x3F }; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + mode = params[0].value.a ? TEE_MODE_DECRYPT : TEE_MODE_ENCRYPT; + keysize = params[0].value.b; + op_keysize = keysize; + + switch (params[1].value.a) { + case TA_AES_ECB: + algo = TEE_ALG_AES_ECB_NOPAD; + objectType = TEE_TYPE_AES; + use_iv = 0; + break; + case TA_AES_CBC: + algo = TEE_ALG_AES_CBC_NOPAD; + objectType = TEE_TYPE_AES; + use_iv = 1; + break; + case TA_AES_CTR: + algo = TEE_ALG_AES_CTR; + objectType = TEE_TYPE_AES; + use_iv = 1; + break; + case TA_AES_XTS: + algo = TEE_ALG_AES_XTS; + objectType = TEE_TYPE_AES; + use_iv = 1; + op_keysize *= 2; + break; + case TA_AES_GCM: + algo = TEE_ALG_AES_GCM; + objectType = TEE_TYPE_AES; + use_iv = 1; + break; + case TA_SM4_ECB: + algo = TEE_ALG_SM4_ECB_NOPAD; + objectType = TEE_TYPE_SM4; + use_iv = 0; + break; + case TA_SM4_CBC: + algo = TEE_ALG_SM4_CBC_NOPAD; + objectType = TEE_TYPE_SM4; + use_iv = 1; + break; + case TA_SM4_CTR: + algo = TEE_ALG_SM4_CTR; + objectType = TEE_TYPE_SM4; + use_iv = 1; + break; + case TA_SM4_XTS: + algo = TEE_ALG_SM4_XTS; + objectType = TEE_TYPE_SM4; + use_iv = 1; + op_keysize *= 2; + break; + + default: + return TEE_ERROR_BAD_PARAMETERS; + } + + cmd_clean_res(); + + res = TEE_AllocateOperation(&crypto_op, algo, mode, op_keysize); + CHECK(res, "TEE_AllocateOperation", return res;); + + res = TEE_AllocateTransientObject(objectType, keysize, &hkey); + CHECK(res, "TEE_AllocateTransientObject", return res;); + + attr.attributeID = TEE_ATTR_SECRET_VALUE; + attr.content.ref.buffer = cipher_key; + attr.content.ref.length = keysize / 8; + + res = TEE_PopulateTransientObject(hkey, &attr, 1); + CHECK(res, "TEE_PopulateTransientObject", return res;); + + if (algo == TEE_ALG_AES_XTS || algo == TEE_ALG_SM4_XTS) { + res = TEE_AllocateTransientObject(objectType, keysize, + &hkey2); + CHECK(res, "TEE_AllocateTransientObject", return res;); + + attr.content.ref.buffer = cipher_key2; + + res = TEE_PopulateTransientObject(hkey2, &attr, 1); + CHECK(res, "TEE_PopulateTransientObject", return res;); + + res = TEE_SetOperationKey2(crypto_op, hkey, hkey2); + CHECK(res, "TEE_SetOperationKey2", return res;); + + TEE_FreeTransientObject(hkey2); + } else { + res = TEE_SetOperationKey(crypto_op, hkey); + CHECK(res, "TEE_SetOperationKey", return res;); + } + + TEE_FreeTransientObject(hkey); + + if (use_iv) { + ivp = iv; + ivlen = sizeof(iv); + } else { + ivp = NULL; + ivlen = 0; + } + + if (algo == TEE_ALG_AES_GCM) { + return TEE_AEInit(crypto_op, ivp, ivlen, TAG_LEN, 0, 0); + } else { + TEE_CipherInit(crypto_op, ivp, ivlen); + return TEE_SUCCESS; + } +} + +static bool is_mac(uint32_t hash_algo) +{ + switch (hash_algo) { + case TEE_ALG_HMAC_SHA1: + case TEE_ALG_HMAC_SHA224: + case TEE_ALG_HMAC_SHA256: + case TEE_ALG_HMAC_SHA384: + case TEE_ALG_HMAC_SHA512: + case TEE_ALG_HMAC_SM3: + return true; + default: + return false; + } +} + +TEE_Result cmd_hash_process(uint32_t param_types, TEE_Param params[4]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_OperationInfo info = { }; + int n = 0; + void *in = NULL; + void *out = NULL; + size_t insz = 0; + size_t outsz = 0; + uint32_t offset = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_OUTPUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + offset = params[2].value.b; + in = (uint8_t *)params[0].memref.buffer + offset; + insz = params[0].memref.size - offset; + out = params[1].memref.buffer; + outsz = params[1].memref.size; + n = params[2].value.a; + + TEE_GetOperationInfo(crypto_op, &info); + + if (is_mac(info.algorithm)) { + while (n--) { + TEE_MACInit(crypto_op, NULL, 0); + res = TEE_MACComputeFinal(crypto_op, in, insz, out, &outsz); + CHECK(res, "TEE_MACComputeFinal", return res;); + } + } else { + while (n--) { + res = TEE_DigestDoFinal(crypto_op, in, insz, out, &outsz); + CHECK(res, "TEE_DigestDoFinal", return res;); + } + } + + return TEE_SUCCESS; +} + +TEE_Result cmd_hash_prepare_op(uint32_t param_types, TEE_Param params[4]) +{ + TEE_ObjectHandle hkey = TEE_HANDLE_NULL; + TEE_Result res = TEE_ERROR_GENERIC; + TEE_Attribute attr = { }; + uint32_t key_type = TEE_TYPE_HMAC_SHA1; + uint32_t mac_key_size = 512; + uint32_t max_key_size = 0; + uint32_t hash_algo = 0; + static uint8_t mac_key[] = { + 0x00, 0x01, 0x02, 0x03, + 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, + 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, + 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23, + 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2A, 0x2B, + 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, + 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3A, 0x3B, + 0x3C, 0x3D, 0x3E, 0x3F + }; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + switch (params[0].value.a) { + case TA_SHA_SHA1: + hash_algo = TEE_ALG_SHA1; + break; + case TA_SHA_SHA224: + hash_algo = TEE_ALG_SHA224; + break; + case TA_SHA_SHA256: + hash_algo = TEE_ALG_SHA256; + break; + case TA_SHA_SHA384: + hash_algo = TEE_ALG_SHA384; + break; + case TA_SHA_SHA512: + hash_algo = TEE_ALG_SHA512; + break; + case TA_SM3: + hash_algo = TEE_ALG_SM3; + break; + case TA_HMAC_SHA1: + key_type = TEE_TYPE_HMAC_SHA1; + hash_algo = TEE_ALG_HMAC_SHA1; + max_key_size = 512; + break; + case TA_HMAC_SHA224: + key_type = TEE_TYPE_HMAC_SHA224; + hash_algo = TEE_ALG_HMAC_SHA224; + max_key_size = 512; + break; + case TA_HMAC_SHA256: + key_type = TEE_TYPE_HMAC_SHA256; + hash_algo = TEE_ALG_HMAC_SHA256; + max_key_size = 512; + break; + case TA_HMAC_SHA384: + key_type = TEE_TYPE_HMAC_SHA384; + hash_algo = TEE_ALG_HMAC_SHA384; + max_key_size = 1024; + break; + case TA_HMAC_SHA512: + key_type = TEE_TYPE_HMAC_SHA512; + hash_algo = TEE_ALG_HMAC_SHA512; + max_key_size = 1024; + break; + case TA_HMAC_SM3: + key_type = TEE_TYPE_HMAC_SM3; + hash_algo = TEE_ALG_HMAC_SM3; + max_key_size = 512; + break; + default: + return TEE_ERROR_BAD_PARAMETERS; + } + + if (crypto_op) + TEE_FreeOperation(crypto_op); + + if (is_mac(hash_algo)) { + res = TEE_AllocateOperation(&crypto_op, hash_algo, TEE_MODE_MAC, max_key_size); + CHECK(res, "TEE_AllocateOperation", return res;); + + res = TEE_AllocateTransientObject(key_type, max_key_size, &hkey); + CHECK(res, "TEE_AllocateTransientObject", return res;); + + attr.attributeID = TEE_ATTR_SECRET_VALUE; + attr.content.ref.buffer = mac_key; + attr.content.ref.length = mac_key_size / 8; + + res = TEE_PopulateTransientObject(hkey, &attr, 1); + CHECK(res, "TEE_PopulateTransientObject", return res;); + + res = TEE_SetOperationKey(crypto_op, hkey); + CHECK(res, "TEE_SetOperationKey", return res;); + + TEE_FreeTransientObject(hkey); + } else { + res = TEE_AllocateOperation(&crypto_op, hash_algo, TEE_MODE_DIGEST, 0); + CHECK(res, "TEE_AllocateOperation", return res;); + } + return TEE_SUCCESS; +} +struct attr_packed { + uint32_t id; + uint32_t a; + uint32_t b; +}; + +static TEE_Result unpack_attrs(const uint8_t *buf, size_t blen, + TEE_Attribute **attrs, uint32_t *attr_count) +{ + TEE_Result res = TEE_SUCCESS; + TEE_Attribute *a = NULL; + const struct attr_packed *ap = NULL; + size_t num_attrs = 0; + const size_t num_attrs_size = sizeof(uint32_t); + + if (blen == 0) + goto out; + + if (((uintptr_t)buf & 0x3) != 0 || blen < num_attrs_size) + return TEE_ERROR_BAD_PARAMETERS; + num_attrs = *(uint32_t *) (void *)buf; + if ((blen - num_attrs_size) < (num_attrs * sizeof(*ap))) + return TEE_ERROR_BAD_PARAMETERS; + ap = (const struct attr_packed *)(const void *)(buf + num_attrs_size); + + if (num_attrs > 0) { + size_t n; + + a = TEE_Malloc(num_attrs * sizeof(TEE_Attribute), 0); + if (!a) + return TEE_ERROR_OUT_OF_MEMORY; + for (n = 0; n < num_attrs; n++) { + uintptr_t p; + + a[n].attributeID = ap[n].id; + if (ap[n].id & TEE_ATTR_FLAG_VALUE) { + a[n].content.value.a = ap[n].a; + a[n].content.value.b = ap[n].b; + continue; + } + + a[n].content.ref.length = ap[n].b; + p = (uintptr_t)ap[n].a; + if (p) { + if ((p + a[n].content.ref.length) > blen) { + res = TEE_ERROR_BAD_PARAMETERS; + goto out; + } + p += (uintptr_t)buf; + } + a[n].content.ref.buffer = (void *)p; + } + } + + res = TEE_SUCCESS; +out: + if (res == TEE_SUCCESS) { + *attrs = a; + *attr_count = num_attrs; + } else { + TEE_Free(a); + } + return res; +} + +static TEE_Result get_rsa_cipher_algo(uint32_t algo_type) +{ + switch (algo_type) { + case RSA_NOPAD: + algo = TEE_ALG_RSA_NOPAD; + break; + case RSAES_PKCS1_V1_5: + algo = TEE_ALG_RSAES_PKCS1_V1_5; + break; + case RSAES_PKCS1_OAEP_SHA1: + algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1; + break; + case RSAES_PKCS1_OAEP_SHA224: + algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224; + break; + case RSAES_PKCS1_OAEP_SHA256: + algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256; + break; + case RSAES_PKCS1_OAEP_SHA384: + algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384; + break; + case RSAES_PKCS1_OAEP_SHA512: + algo = TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512; + break; + default: + printf("RSA enc or dec error algo_type\n"); + return TEE_ERROR_BAD_PARAMETERS; + } + + return 0; +} + +static TEE_Result get_rsa_hash_algo(uint32_t algo_type) +{ + switch (algo_type) { + case RSASSA_PKCS1_V1_5_SHA1: + algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA1; + break; + case RSASSA_PKCS1_V1_5_SHA224: + algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA224; + break; + case RSASSA_PKCS1_V1_5_SHA256: + algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA256; + break; + case RSASSA_PKCS1_V1_5_SHA384: + algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA384; + break; + case RSASSA_PKCS1_V1_5_SHA512: + algo = TEE_ALG_RSASSA_PKCS1_V1_5_SHA512; + break; + case RSASSA_PKCS1_PSS_MGF1_SHA1: + algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1; + break; + case RSASSA_PKCS1_PSS_MGF1_SHA224: + algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224; + break; + case RSASSA_PKCS1_PSS_MGF1_SHA256: + algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256; + break; + case RSASSA_PKCS1_PSS_MGF1_SHA384: + algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384; + break; + case RSASSA_PKCS1_PSS_MGF1_SHA512: + algo = TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512; + break; + default: + printf("RSA sign or verify error algo_type\n"); + return TEE_ERROR_BAD_PARAMETERS; + } + + return 0; +} + +static TEE_Result get_ecdsa_hash_algo(uint32_t width_bits) +{ + switch (width_bits) { + case ECC_CURVE_192: + algo = __OPTEE_ALG_ECDSA_P192; + break; + case ECC_CURVE_224: + algo = __OPTEE_ALG_ECDSA_P224; + break; + case ECC_CURVE_256: + algo = __OPTEE_ALG_ECDSA_P256; + break; + case ECC_CURVE_384: + algo = __OPTEE_ALG_ECDSA_P384; + break; + case ECC_CURVE_521: + algo = __OPTEE_ALG_ECDSA_P521; + break; + default: + printf("ECDSA sign or verify error width_bits\n"); + return TEE_ERROR_BAD_PARAMETERS; + } + + return 0; +} + +static TEE_Result get_algo(uint32_t tee_type, uint32_t mode, + uint32_t width_bits, uint32_t algo_type) +{ + TEE_Result res = 0; + + if (tee_type == RSA) { + if (mode == MODE_ENCRYPT || mode == MODE_DECRYPT) { + res = get_rsa_cipher_algo(algo_type); + } else if (mode == MODE_SIGN || mode == MODE_VERIFY) { + res = get_rsa_hash_algo(algo_type); + } else { + printf("RSA error mode\n"); + res = TEE_ERROR_BAD_PARAMETERS; + } + } else if (tee_type == ECDSA) { + if (mode == MODE_SIGN || mode == MODE_VERIFY) { + res = get_ecdsa_hash_algo(width_bits); + } else { + printf("ECDSA error mode\n"); + res = TEE_ERROR_BAD_PARAMETERS; + } + } + + return res; +} + +static TEE_Result get_keypair_type(uint32_t value) +{ + switch (value) { + case DH: + return TEE_TYPE_DH_KEYPAIR; + case RSA: + return TEE_TYPE_RSA_KEYPAIR; + case ECDSA: + return TEE_TYPE_ECDSA_KEYPAIR; + case ECDH: + return TEE_TYPE_ECDH_KEYPAIR; + case X25519: + return TEE_TYPE_X25519_KEYPAIR; + default: + printf("The algo[%u] is err!\n", algo); + } + + return TEE_ERROR_BAD_PARAMETERS; +} + +TEE_Result cmd_asym_process_keypair(uint32_t param_types, + TEE_Param params[TEE_NUM_PARAMS]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_Attribute *attrs = NULL; + uint32_t attr_count = 0; + int width_bits = 0; + int n = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + res = unpack_attrs(params[1].memref.buffer, params[1].memref.size, + &attrs, &attr_count); + if (res != TEE_SUCCESS) + return res; + + width_bits = params[0].value.a; + n = params[0].value.b; + + while (n--) { + res = TEE_GenerateKey(crypto_obj, width_bits, attrs, attr_count); + CHECK(res, "TEE_GenerateKey", goto out;); + TEE_ResetTransientObject(crypto_obj); + } + +out: + TEE_Free(attrs); + return res; +} + +TEE_Result cmd_asym_process_rsa_ecc(uint32_t param_types, + TEE_Param params[TEE_NUM_PARAMS]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + int n = 0; + + uint32_t mode = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_OUTPUT); + TEE_Attribute *attrs = NULL; + uint32_t attr_count = 0; + + TEE_Result (*do_asym)(TEE_OperationHandle, const TEE_Attribute *, + uint32_t, const void *, uint32_t, void *, + uint32_t *) = NULL; + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + res = unpack_attrs(params[0].memref.buffer, params[0].memref.size, + &attrs, &attr_count); + if (res != TEE_SUCCESS) + return res; + + n = params[1].value.a; + mode = params[1].value.b; + + if (mode == MODE_ENCRYPT) + do_asym = TEE_AsymmetricEncrypt; + else if (mode == MODE_DECRYPT) + do_asym = TEE_AsymmetricDecrypt; + else if (mode == MODE_SIGN) + do_asym = TEE_AsymmetricSignDigest; + + if (mode == MODE_VERIFY) { + while (n--) { + res = TEE_AsymmetricVerifyDigest(crypto_op, attrs, + attr_count, params[2].memref.buffer, + params[2].memref.size, params[3].memref.buffer, + params[3].memref.size); + CHECK(res, "TEE_AsymmetricEncrypt", goto out;); + } + } else { + while (n--) { + res = do_asym(crypto_op, attrs, attr_count, + params[2].memref.buffer, params[2].memref.size, + params[3].memref.buffer, ¶ms[3].memref.size); + + CHECK(res, "TEE_AsymmetricEncrypt", goto out;); + } + } + +out: + TEE_Free(attrs); + return res; +} + +TEE_Result cmd_asym_prepare_obj(uint32_t param_types, TEE_Param params[4]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + uint32_t tee_type; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + tee_type = get_keypair_type(params[0].value.a); + if (tee_type == TEE_ERROR_BAD_PARAMETERS) + return TEE_ERROR_BAD_PARAMETERS; + + cmd_clean_obj(); + res = TEE_AllocateTransientObject(tee_type, params[0].value.b, + &crypto_obj); + CHECK(res, "TEE_AllocateTransientObject", return res;); + + return res; +} + +TEE_Result cmd_asym_prepare_keypair(uint32_t param_types, TEE_Param params[4]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_Attribute *attrs = NULL; + uint32_t attr_count = 0; + uint32_t width_bits = 0; + uint32_t algo_type = 0; + uint32_t tee_type = 0; + uint32_t mode = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + mode = params[0].value.b; + width_bits = params[0].value.a; + tee_type = params[1].value.a; + algo_type = params[1].value.b; + + if (get_algo(tee_type, mode, width_bits, algo_type)) + return TEE_ERROR_BAD_PARAMETERS; + + res = unpack_attrs(params[2].memref.buffer, params[2].memref.size, + &attrs, &attr_count); + if (res != TEE_SUCCESS) + return res; + + res = TEE_GenerateKey(crypto_obj, width_bits, attrs, attr_count); + CHECK(res, "TEE_GenerateKey", goto out;); + + cmd_clean_res(); + res = TEE_AllocateOperation(&crypto_op, algo, mode, width_bits); + CHECK(res, "TEE_AllocateOperation", goto out;); + + res = TEE_SetOperationKey(crypto_op, crypto_obj); + CHECK(res, "TEE_SetOperationKey", goto out;); + + if (mode == MODE_DECRYPT) { + res = TEE_AllocateOperation(&crypto_op_enc_sign, algo, + MODE_ENCRYPT, width_bits); + CHECK(res, "TEE_AllocateOperation", goto out;); + + res = TEE_SetOperationKey(crypto_op_enc_sign, crypto_obj); + CHECK(res, "TEE_SetOperationKey", goto out;); + } else if (mode == MODE_VERIFY) { + res = TEE_AllocateOperation(&crypto_op_enc_sign, algo, + MODE_SIGN, width_bits); + CHECK(res, "TEE_AllocateOperation", goto out;); + + res = TEE_SetOperationKey(crypto_op_enc_sign, crypto_obj); + CHECK(res, "TEE_SetOperationKey", goto out;); + } + +out: + TEE_Free(attrs); + + return res; +} + +TEE_Result cmd_asym_prepare_hash(uint32_t param_types, TEE_Param params[4]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_OperationHandle hash_op = NULL; + uint32_t hash_algo = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE); + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + if (params[0].value.a == ECDSA) + hash_algo = TEE_ALG_SHA1; + else + hash_algo = TEE_ALG_HASH_ALGO(TEE_ALG_GET_DIGEST_HASH(algo)); + + res = TEE_AllocateOperation(&hash_op, hash_algo, TEE_MODE_DIGEST, 0); + CHECK(res, "TEE_AllocateOperation", return res;); + + res = TEE_DigestDoFinal(hash_op, params[1].memref.buffer, + params[1].memref.size, params[2].memref.buffer, + ¶ms[2].memref.size); + CHECK(res, "TEE_DigestDoFinal", return res;); + + TEE_FreeOperation(hash_op); + + return res; +} + +TEE_Result cmd_asym_prepare_enc_sign(uint32_t param_types, + TEE_Param params[TEE_NUM_PARAMS]) +{ + TEE_Result res = TEE_ERROR_GENERIC; + TEE_Attribute *attrs = NULL; + uint32_t attr_count = 0; + uint32_t mode = 0; + uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_OUTPUT, + TEE_PARAM_TYPE_VALUE_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT); + + if (param_types != exp_param_types) + return TEE_ERROR_BAD_PARAMETERS; + + mode = params[2].value.a; + res = unpack_attrs(params[3].memref.buffer, params[3].memref.size, + &attrs, &attr_count); + if (res != TEE_SUCCESS) + return res; + + if (mode == MODE_DECRYPT) + res = TEE_AsymmetricEncrypt(crypto_op_enc_sign, NULL, 0, + params[0].memref.buffer, params[0].memref.size, + params[1].memref.buffer, ¶ms[1].memref.size); + else + res = TEE_AsymmetricSignDigest(crypto_op_enc_sign, attrs, + attr_count, + params[0].memref.buffer, + params[0].memref.size, + params[1].memref.buffer, + ¶ms[1].memref.size); + + TEE_Free(attrs); + CHECK(res, "TEE_AsymmetricEncrypt", return res;); + + return TEE_SUCCESS; +} + +void cmd_clean_obj(void) +{ + if (crypto_obj) + TEE_FreeTransientObject(crypto_obj); + crypto_obj = TEE_HANDLE_NULL; +} + +void cmd_clean_res(void) +{ + if (crypto_op) + TEE_FreeOperation(crypto_op); + if (crypto_op_enc_sign) { + TEE_FreeOperation(crypto_op_enc_sign); + crypto_op_enc_sign = NULL; + } +} diff --git a/ta/asym_cipher_perf/ta_entry.c b/ta/crypto_perf/ta_entry.c similarity index 53% rename from ta/asym_cipher_perf/ta_entry.c rename to ta/crypto_perf/ta_entry.c index e46adcfaa..6158b7df4 100644 --- a/ta/asym_cipher_perf/ta_entry.c +++ b/ta/crypto_perf/ta_entry.c @@ -1,14 +1,14 @@ // SPDX-License-Identifier: BSD-2-Clause /* - * Copyright (c) 2023, Huawei Technologies Co., Ltd + * Copyright (c) 2015, Linaro Limited * All rights reserved. */ #include #include -#include "ta_asym_cipher_perf.h" -#include "ta_asym_cipher_perf_priv.h" +#include "ta_crypto_perf.h" +#include "ta_crypto_perf_priv.h" /* * Trusted Application Entry Points @@ -41,7 +41,7 @@ void TA_CloseSessionEntryPoint(void *pSessionContext) { (void)pSessionContext; - cmd_clean_op(); + cmd_clean_res(); cmd_clean_obj(); } @@ -53,18 +53,35 @@ TEE_Result TA_InvokeCommandEntryPoint(void *pSessionContext, (void)pSessionContext; switch (nCommandID) { + case TA_CIPHER_PERF_CMD_PREPARE_KEY: + return cmd_cipher_prepare_key(nParamTypes, pParams); + + case TA_CIPHER_PERF_CMD_PROCESS: + return cmd_cipher_process(nParamTypes, pParams, false); + case TA_CIPHER_PERF_CMD_PROCESS_SDP: +#ifdef CFG_SECURE_DATA_PATH + return cmd_cipher_process(nParamTypes, pParams, true); +#else + EMSG("Invalid SDP commands: TA was built without SDP support"); + return TEE_ERROR_NOT_SUPPORTED; +#endif + case TA_HASH_PERF_CMD_PREPARE_OP: + return cmd_hash_prepare_op(nParamTypes, pParams); + case TA_HASH_PERF_CMD_PROCESS: + return cmd_hash_process(nParamTypes, pParams); case TA_ASYM_CIPHER_PERF_CMD_PROCESS_GEN_KEYPAIR: - return cmd_process_keypair(nParamTypes, pParams); + return cmd_asym_process_keypair(nParamTypes, pParams); case TA_ASYM_CIPHER_PERF_CMD_PROCESS: - return cmd_process_rsa_ecc(nParamTypes, pParams); + return cmd_asym_process_rsa_ecc(nParamTypes, pParams); case TA_ASYM_CIPHER_PERF_CMD_PREPARE_KEYPAIR: - return cmd_prepare_keypair(nParamTypes, pParams); + return cmd_asym_prepare_keypair(nParamTypes, pParams); case TA_ASYM_CIPHER_PERF_CMD_PREPARE_HASH: - return cmd_prepare_hash(nParamTypes, pParams); + return cmd_asym_prepare_hash(nParamTypes, pParams); case TA_ASYM_CIPHER_PERF_CMD_PREPARE_OBJ: - return cmd_prepare_obj(nParamTypes, pParams); + return cmd_asym_prepare_obj(nParamTypes, pParams); case TA_ASYM_CIPHER_PERF_CMD_PREPARE_ENC_SIGN: - return cmd_prepare_enc_sign(nParamTypes, pParams); + return cmd_asym_prepare_enc_sign(nParamTypes, pParams); + default: return TEE_ERROR_BAD_PARAMETERS; } diff --git a/ta/hash_perf/Android.mk b/ta/hash_perf/Android.mk deleted file mode 100644 index 646909504..000000000 --- a/ta/hash_perf/Android.mk +++ /dev/null @@ -1,4 +0,0 @@ -LOCAL_PATH := $(call my-dir) - -local_module := 614789f2-39c0-4ebf-b235-92b32ac107ed.ta -include $(BUILD_OPTEE_MK) diff --git a/ta/hash_perf/Makefile b/ta/hash_perf/Makefile deleted file mode 100644 index c6e15a4ab..000000000 --- a/ta/hash_perf/Makefile +++ /dev/null @@ -1,3 +0,0 @@ -BINARY = 614789f2-39c0-4ebf-b235-92b32ac107ed -include ../ta_common.mk - diff --git a/ta/hash_perf/include/ta_hash_perf.h b/ta/hash_perf/include/ta_hash_perf.h deleted file mode 100644 index a13ffdfef..000000000 --- a/ta/hash_perf/include/ta_hash_perf.h +++ /dev/null @@ -1,37 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_HASH_PERF_H -#define TA_HASH_PERF_H - -#define TA_HASH_PERF_UUID { 0x614789f2, 0x39c0, 0x4ebf, \ - { 0xb2, 0x35, 0x92, 0xb3, 0x2a, 0xc1, 0x07, 0xed } } - -/* - * Commands implemented by the TA - */ - -#define TA_HASH_PERF_CMD_PREPARE_OP 0 -#define TA_HASH_PERF_CMD_PROCESS 1 - -/* - * Supported algorithms - */ - -#define TA_SHA_SHA1 0 -#define TA_SHA_SHA224 1 -#define TA_SHA_SHA256 2 -#define TA_SHA_SHA384 3 -#define TA_SHA_SHA512 4 -#define TA_SM3 5 -#define TA_HMAC_SHA1 6 -#define TA_HMAC_SHA224 7 -#define TA_HMAC_SHA256 8 -#define TA_HMAC_SHA384 9 -#define TA_HMAC_SHA512 10 -#define TA_HMAC_SM3 11 - -#endif /* TA_HASH_PERF_H */ diff --git a/ta/hash_perf/include/ta_hash_perf_priv.h b/ta/hash_perf/include/ta_hash_perf_priv.h deleted file mode 100644 index b9059b4ca..000000000 --- a/ta/hash_perf/include/ta_hash_perf_priv.h +++ /dev/null @@ -1,16 +0,0 @@ -/* SPDX-License-Identifier: BSD-2-Clause */ -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#ifndef TA_HASH_PERF_PRIV_H -#define TA_HASH_PERF_PRIV_H - -#include - -TEE_Result cmd_prepare_op(uint32_t param_types, TEE_Param params[4]); -TEE_Result cmd_process(uint32_t param_types, TEE_Param params[4]); -void cmd_clean_res(void); - -#endif /* TA_HASH_PERF_PRIV_H */ diff --git a/ta/hash_perf/sub.mk b/ta/hash_perf/sub.mk deleted file mode 100644 index d7d523663..000000000 --- a/ta/hash_perf/sub.mk +++ /dev/null @@ -1,3 +0,0 @@ -global-incdirs-y += include -srcs-y += ta_hash_perf.c -srcs-y += ta_entry.c diff --git a/ta/hash_perf/ta_entry.c b/ta/hash_perf/ta_entry.c deleted file mode 100644 index 167c7de18..000000000 --- a/ta/hash_perf/ta_entry.c +++ /dev/null @@ -1,63 +0,0 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include - -#include "ta_hash_perf.h" -#include "ta_hash_perf_priv.h" - -/* - * Trusted Application Entry Points - */ - -/* Called each time a new instance is created */ -TEE_Result TA_CreateEntryPoint(void) -{ - return TEE_SUCCESS; -} - -/* Called each time an instance is destroyed */ -void TA_DestroyEntryPoint(void) -{ -} - -/* Called each time a session is opened */ -TEE_Result TA_OpenSessionEntryPoint(uint32_t nParamTypes, - TEE_Param pParams[4], - void **ppSessionContext) -{ - (void)nParamTypes; - (void)pParams; - (void)ppSessionContext; - return TEE_SUCCESS; -} - -/* Called each time a session is closed */ -void TA_CloseSessionEntryPoint(void *pSessionContext) -{ - (void)pSessionContext; - - cmd_clean_res(); -} - -/* Called when a command is invoked */ -TEE_Result TA_InvokeCommandEntryPoint(void *pSessionContext, - uint32_t nCommandID, uint32_t nParamTypes, - TEE_Param pParams[4]) -{ - (void)pSessionContext; - - switch (nCommandID) { - case TA_HASH_PERF_CMD_PREPARE_OP: - return cmd_prepare_op(nParamTypes, pParams); - - case TA_HASH_PERF_CMD_PROCESS: - return cmd_process(nParamTypes, pParams); - - default: - return TEE_ERROR_BAD_PARAMETERS; - } -} diff --git a/ta/hash_perf/ta_hash_perf.c b/ta/hash_perf/ta_hash_perf.c deleted file mode 100644 index 302b87cd8..000000000 --- a/ta/hash_perf/ta_hash_perf.c +++ /dev/null @@ -1,202 +0,0 @@ -// SPDX-License-Identifier: BSD-2-Clause -/* - * Copyright (c) 2015, Linaro Limited - * All rights reserved. - */ - -#include -#include -#include -#include - -#include "ta_hash_perf.h" -#include "ta_hash_perf_priv.h" - -#define CHECK(res, name, action) do { \ - if ((res) != TEE_SUCCESS) { \ - DMSG(name ": %#08"PRIx32, (res));\ - action \ - } \ - } while(0) - -static TEE_OperationHandle digest_op; - -static bool is_mac(uint32_t algo) -{ - switch (algo) { - case TEE_ALG_HMAC_SHA1: - case TEE_ALG_HMAC_SHA224: - case TEE_ALG_HMAC_SHA256: - case TEE_ALG_HMAC_SHA384: - case TEE_ALG_HMAC_SHA512: - case TEE_ALG_HMAC_SM3: - return true; - default: - return false; - } -} - -TEE_Result cmd_process(uint32_t param_types, TEE_Param params[4]) -{ - TEE_Result res = TEE_ERROR_GENERIC; - TEE_OperationInfo info = { }; - int n = 0; - void *in = NULL; - void *out = NULL; - size_t insz = 0; - size_t outsz = 0; - uint32_t offset = 0; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, - TEE_PARAM_TYPE_MEMREF_OUTPUT, - TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - offset = params[2].value.b; - in = (uint8_t *)params[0].memref.buffer + offset; - insz = params[0].memref.size - offset; - out = params[1].memref.buffer; - outsz = params[1].memref.size; - n = params[2].value.a; - - TEE_GetOperationInfo(digest_op, &info); - - if (is_mac(info.algorithm)) { - while (n--) { - TEE_MACInit(digest_op, NULL, 0); - res = TEE_MACComputeFinal(digest_op, in, insz, out, &outsz); - CHECK(res, "TEE_MACComputeFinal", return res;); - } - } else { - while (n--) { - res = TEE_DigestDoFinal(digest_op, in, insz, out, &outsz); - CHECK(res, "TEE_DigestDoFinal", return res;); - } - } - - return TEE_SUCCESS; -} - -TEE_Result cmd_prepare_op(uint32_t param_types, TEE_Param params[4]) -{ - TEE_ObjectHandle hkey = TEE_HANDLE_NULL; - TEE_Result res = TEE_ERROR_GENERIC; - TEE_Attribute attr = { }; - uint32_t key_type = TEE_TYPE_HMAC_SHA1; - uint32_t mac_key_size = 512; - uint32_t max_key_size = 0; - uint32_t algo = 0; - static uint8_t mac_key[] = { - 0x00, 0x01, 0x02, 0x03, - 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, - 0x10, 0x11, 0x12, 0x13, - 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1A, 0x1B, - 0x1C, 0x1D, 0x1E, 0x1F, - 0x20, 0x21, 0x22, 0x23, - 0x24, 0x25, 0x26, 0x27, - 0x28, 0x29, 0x2A, 0x2B, - 0x2C, 0x2D, 0x2E, 0x2F, - 0x30, 0x31, 0x32, 0x33, - 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x3A, 0x3B, - 0x3C, 0x3D, 0x3E, 0x3F - }; - uint32_t exp_param_types = TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE, - TEE_PARAM_TYPE_NONE); - - if (param_types != exp_param_types) - return TEE_ERROR_BAD_PARAMETERS; - - switch (params[0].value.a) { - case TA_SHA_SHA1: - algo = TEE_ALG_SHA1; - break; - case TA_SHA_SHA224: - algo = TEE_ALG_SHA224; - break; - case TA_SHA_SHA256: - algo = TEE_ALG_SHA256; - break; - case TA_SHA_SHA384: - algo = TEE_ALG_SHA384; - break; - case TA_SHA_SHA512: - algo = TEE_ALG_SHA512; - break; - case TA_SM3: - algo = TEE_ALG_SM3; - break; - case TA_HMAC_SHA1: - key_type = TEE_TYPE_HMAC_SHA1; - algo = TEE_ALG_HMAC_SHA1; - max_key_size = 512; - break; - case TA_HMAC_SHA224: - key_type = TEE_TYPE_HMAC_SHA224; - algo = TEE_ALG_HMAC_SHA224; - max_key_size = 512; - break; - case TA_HMAC_SHA256: - key_type = TEE_TYPE_HMAC_SHA256; - algo = TEE_ALG_HMAC_SHA256; - max_key_size = 512; - break; - case TA_HMAC_SHA384: - key_type = TEE_TYPE_HMAC_SHA384; - algo = TEE_ALG_HMAC_SHA384; - max_key_size = 1024; - break; - case TA_HMAC_SHA512: - key_type = TEE_TYPE_HMAC_SHA512; - algo = TEE_ALG_HMAC_SHA512; - max_key_size = 1024; - break; - case TA_HMAC_SM3: - key_type = TEE_TYPE_HMAC_SM3; - algo = TEE_ALG_HMAC_SM3; - max_key_size = 512; - break; - default: - return TEE_ERROR_BAD_PARAMETERS; - } - - if (digest_op) - TEE_FreeOperation(digest_op); - - if (is_mac(algo)) { - res = TEE_AllocateOperation(&digest_op, algo, TEE_MODE_MAC, max_key_size); - CHECK(res, "TEE_AllocateOperation", return res;); - - res = TEE_AllocateTransientObject(key_type, max_key_size, &hkey); - CHECK(res, "TEE_AllocateTransientObject", return res;); - - attr.attributeID = TEE_ATTR_SECRET_VALUE; - attr.content.ref.buffer = mac_key; - attr.content.ref.length = mac_key_size / 8; - - res = TEE_PopulateTransientObject(hkey, &attr, 1); - CHECK(res, "TEE_PopulateTransientObject", return res;); - - res = TEE_SetOperationKey(digest_op, hkey); - CHECK(res, "TEE_SetOperationKey", return res;); - - TEE_FreeTransientObject(hkey); - } else { - res = TEE_AllocateOperation(&digest_op, algo, TEE_MODE_DIGEST, 0); - CHECK(res, "TEE_AllocateOperation", return res;); - } - return TEE_SUCCESS; -} - -void cmd_clean_res(void) -{ - if (digest_op) - TEE_FreeOperation(digest_op); -}