From 4d91ea451c0982cf7a70e08881cbcb35ef3beea0 Mon Sep 17 00:00:00 2001 From: "kousuke.suzuki" Date: Wed, 19 Jun 2024 22:51:56 +0900 Subject: [PATCH] plat-rz: Add pta for rsip. Signed-off-by: kousuke.suzuki --- .../r_rsip_init.c => common/drivers/rsip.c} | 13 +- core/arch/arm/plat-rz/common/drivers/sub.mk | 5 +- core/arch/arm/plat-rz/common/hw_rng_rsip.c | 64 + .../common/pta/rsip/include/pta_rsip.h | 311 +++++ .../common/pta/rsip/include/pta_rsip_aes.h | 361 +++++ .../common/pta/rsip/include/pta_rsip_ecc.h | 69 + .../common/pta/rsip/include/pta_rsip_hmac.h | 111 ++ .../common/pta/rsip/include/pta_rsip_rsa.h | 309 +++++ .../common/pta/rsip/include/pta_rsip_sha.h | 127 ++ .../common/pta/rsip/include/r_rsip_api.h | 504 +++++++ .../arm/plat-rz/common/pta/rsip/pta_rsip.c | 704 ++++++++++ .../plat-rz/common/pta/rsip/pta_rsip_aes.c | 1203 +++++++++++++++++ .../plat-rz/common/pta/rsip/pta_rsip_ecc.c | 710 ++++++++++ .../plat-rz/common/pta/rsip/pta_rsip_hmac.c | 380 ++++++ .../plat-rz/common/pta/rsip/pta_rsip_rsa.c | 1114 +++++++++++++++ .../plat-rz/common/pta/rsip/pta_rsip_sha.c | 208 +++ core/arch/arm/plat-rz/common/pta/rsip/sub.mk | 9 + core/arch/arm/plat-rz/common/pta/sub.mk | 3 +- core/arch/arm/plat-rz/common/sub.mk | 1 + .../arm/plat-rz/g2l/pta/include/pta_sce_sha.h | 12 +- core/arch/arm/plat-rz/g3s/drivers/sub.mk | 1 - core/arch/arm/plat-rz/g3s/rzg3s_conf.mk | 8 +- core/arch/arm/plat-rz/g3s/rzg3s_config.h | 5 +- 23 files changed, 6216 insertions(+), 16 deletions(-) rename core/arch/arm/plat-rz/{g3s/drivers/r_rsip_init.c => common/drivers/rsip.c} (69%) create mode 100644 core/arch/arm/plat-rz/common/hw_rng_rsip.c create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip.h create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_aes.h create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_ecc.h create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_hmac.h create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_rsa.h create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_sha.h create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/include/r_rsip_api.h create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/pta_rsip.c create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_aes.c create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_ecc.c create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_hmac.c create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_rsa.c create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_sha.c create mode 100644 core/arch/arm/plat-rz/common/pta/rsip/sub.mk diff --git a/core/arch/arm/plat-rz/g3s/drivers/r_rsip_init.c b/core/arch/arm/plat-rz/common/drivers/rsip.c similarity index 69% rename from core/arch/arm/plat-rz/g3s/drivers/r_rsip_init.c rename to core/arch/arm/plat-rz/common/drivers/rsip.c index 35f1038e7..fa36d6ddb 100644 --- a/core/arch/arm/plat-rz/g3s/drivers/r_rsip_init.c +++ b/core/arch/arm/plat-rz/common/drivers/rsip.c @@ -12,11 +12,11 @@ #include #include -#define RSIP_BASE (0x11850000) -#define RSIP_SIZE (0x00010000) - register_phys_mem_pgdir(MEM_AREA_IO_SEC, RSIP_BASE, RSIP_SIZE); +rsip_cfg_t rsip_cfg; +rsip_instance_ctrl_t rsip_instance_ctrl; + volatile uint32_t * gp_sce; static TEE_Result RSIP_Init(void) @@ -25,6 +25,13 @@ static TEE_Result RSIP_Init(void) gp_sce = (uint32_t *) phys_to_virt_io(RSIP_BASE, RSIP_SIZE); + err = R_RSIP_Open(&rsip_instance_ctrl, &rsip_cfg); + if (FSP_SUCCESS != err) + { + EMSG("Failed to initialize RSIP (0x%08x).", err); + panic(); + } + return TEE_SUCCESS; } diff --git a/core/arch/arm/plat-rz/common/drivers/sub.mk b/core/arch/arm/plat-rz/common/drivers/sub.mk index 7694fd687..8eb6886d8 100644 --- a/core/arch/arm/plat-rz/common/drivers/sub.mk +++ b/core/arch/arm/plat-rz/common/drivers/sub.mk @@ -2,5 +2,8 @@ global-incdirs-y += . srcs-$(CFG_RZ_SCIF) += scif.c +srcs-$(CFG_RZ_RSIP) += rsip.c + subdirs-$(CFG_RZ_XSPI) += xspi -subdirs-$(CFG_RZ_RSIP) += r_rsip \ No newline at end of file + +subdirs-$(CFG_RZ_RSIP) += r_rsip diff --git a/core/arch/arm/plat-rz/common/hw_rng_rsip.c b/core/arch/arm/plat-rz/common/hw_rng_rsip.c new file mode 100644 index 000000000..42d809f57 --- /dev/null +++ b/core/arch/arm/plat-rz/common/hw_rng_rsip.c @@ -0,0 +1,64 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +extern rsip_instance_ctrl_t rsip_instance_ctrl; + +#define LOCAL_BUFFER_SIZE (16) + +static uint32_t buffer[LOCAL_BUFFER_SIZE / sizeof(uint32_t)]; + +static TEE_Result random_number_generator(uint32_t *rand, size_t size) +{ + fsp_err_t err; + + size_t n; + const size_t rand_sz = 4; + + assert(0 == (size % rand_sz)); + + for (n = 0; n < size; n += rand_sz) + { + err = R_RSIP_RandomNumberGenerate( + &rsip_instance_ctrl, + (uint8_t * const)&rand[n] + ); + switch (err) + { + case FSP_SUCCESS: + break; + default: + return TEE_ERROR_BUSY; + } + } + + return TEE_SUCCESS; +} + +TEE_Result hw_get_random_bytes(void *buf, size_t len) +{ + TEE_Result ret = TEE_SUCCESS; + + for(size_t i = 0; i < len; i += sizeof(buffer)) + { + if (TEE_SUCCESS != (ret = random_number_generator(buffer, ARRAY_SIZE(buffer)))) + { + return ret; + } + memcpy(buf + i, buffer, MIN(sizeof(buffer), len - i)); + } + + return ret; +} diff --git a/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip.h b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip.h new file mode 100644 index 000000000..ed2e3936c --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip.h @@ -0,0 +1,311 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ +#ifndef __PTA_RSIP_H +#define __PTA_RSIP_H + +#include + +#define PTA_RSIP_UUID \ + { 0xc0bcc4d4, 0x5b01, 0x46e7, \ + { 0xa1, 0x11, 0xc2, 0x9b, 0x28, 0xd8, 0x3d, 0xa0 } } + +#define WRAPPED_KEY_BYTE_SIZE_RSA_1024_PUBLIC_N 128U ///< RSA-1024 public key +#define WRAPPED_KEY_BYTE_SIZE_RSA_1024_PUBLIC_E 4U ///< RSA-1024 public key +#define WRAPPED_KEY_BYTE_SIZE_RSA_2048_PUBLIC_N 256U ///< RSA-2048 public key +#define WRAPPED_KEY_BYTE_SIZE_RSA_2048_PUBLIC_E 4U ///< RSA-2048 public key +#define WRAPPED_KEY_BYTE_SIZE_RSA_3072_PUBLIC_N 384U ///< RSA-3072 public key +#define WRAPPED_KEY_BYTE_SIZE_RSA_3072_PUBLIC_E 4U ///< RSA-3072 public key +#define WRAPPED_KEY_BYTE_SIZE_RSA_4096_PUBLIC_N 512U ///< RSA-4096 public key +#define WRAPPED_KEY_BYTE_SIZE_RSA_4096_PUBLIC_E 4U ///< RSA-4096 public key + +#define WRAPPED_KEY_BYTE_SIZE_ECC_secp192r1_PUBLIC_QX 24U ///< secp192r1 public key +#define WRAPPED_KEY_BYTE_SIZE_ECC_secp192r1_PUBLIC_QY 24U ///< secp192r1 public key +#define WRAPPED_KEY_BYTE_SIZE_ECC_secp224r1_PUBLIC_QX 28U ///< secp224r1 public key +#define WRAPPED_KEY_BYTE_SIZE_ECC_secp224r1_PUBLIC_QY 28U ///< secp224r1 public key +#define WRAPPED_KEY_BYTE_SIZE_ECC_secp256r1_PUBLIC_QX 32U ///< secp256r1 public key +#define WRAPPED_KEY_BYTE_SIZE_ECC_secp256r1_PUBLIC_QY 32U ///< secp256r1 public key +#define WRAPPED_KEY_BYTE_SIZE_ECC_BRAINPOOLP256R1_PUBLIC_QX 32U ///< brainpoolP256r1 public key +#define WRAPPED_KEY_BYTE_SIZE_ECC_BRAINPOOLP256R1_PUBLIC_QY 32U ///< brainpoolP256r1 public key + +/* + * [in/out] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + */ +#define PTA_CMD_AES128_WrappedKeyGenerate (0x00010000) +/* + * [in/out] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES256_WrappedKeyGenerate (0x00010100) +/* + * [in/out] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES128_XTS_WrappedKeyGenerate (0x00010200) +/* + * [in/out] memref[0] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_AES256_XTS_WrappedKeyGenerate (0x00010300) + +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:180byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:292byte) + */ +#define PTA_CMD_RSA1024_WrappedKeyPairGenerate (0x00011000) +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:308byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:548byte) + */ +#define PTA_CMD_RSA2048_WrappedKeyPairGenerate (0x00011100) +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:436byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:804byte) + */ +#define PTA_CMD_RSA3072_WrappedKeyPairGenerate (0x00011200) +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:564byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:1060byte) + */ +#define PTA_CMD_RSA4096_WrappedKeyPairGenerate (0x00011300) + +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_secp192r1_WrappedKeyPairGenerate (0x00012000) +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_secp224r1_WrappedKeyPairGenerate (0x00012100) +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_secp256r1_WrappedKeyPairGenerate (0x00012200) +/* + * [in/out] memref[0] : Wrapped Public key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Wrapped Private key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_BrainpoolP256r1_WrappedKeyPairGenerate (0x0001D000) + +/* + * [in/out] memref[0] : random data (16byte) + */ +#define PTA_CMD_RandomNumberGenerate (0x00014000) + +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (32byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:52byte) + */ +#define PTA_CMD_AES128_EncryptedKeyWrap (0x00015000) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES256_EncryptedKeyWrap (0x00015100) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES128_XTS_EncryptedKeyWrap (0x00015200) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (80byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_AES256_XTS_EncryptedKeyWrap (0x00015300) + +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (160byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:180byte) + */ +#define PTA_CMD_RSA1024_EncryptedPublicKeyWrap (0x00016000) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (272byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:292byte) + */ +#define PTA_CMD_RSA1024_EncryptedPrivateKeyWrap (0x00016010) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (288byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:308byte) + */ +#define PTA_CMD_RSA2048_EncryptedPublicKeyWrap (0x00016100) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (528byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:548byte) + */ +#define PTA_CMD_RSA2048_EncryptedPrivateKeyWrap (0x00016110) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (416byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:436byte) + */ +#define PTA_CMD_RSA3072_EncryptedPublicKeyWrap (0x00016300) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (784byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:804byte) + */ +#define PTA_CMD_RSA3072_EncryptedPrivateKeyWrap (0x00016310) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (544byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:564byte) + */ +#define PTA_CMD_RSA4096_EncryptedPublicKeyWrap (0x00016200) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (1040byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:1060byte) + */ +#define PTA_CMD_RSA4096_EncryptedPrivateKeyWrap (0x00016210) + +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (80byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECC_secp192r1_EncryptedPublicKeyWrap (0x00017000) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_secp192r1_EncryptedPrivateKeyWrap (0x00017010) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (80byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECC_secp224r1_EncryptedPublicKeyWrap (0x00017100) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_secp224r1_EncryptedPrivateKeyWrap (0x00017110) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (80byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECC_secp256r1_EncryptedPublicKeyWrap (0x00017200) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_secp256r1_EncryptedPrivateKeyWrap (0x00017210) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (80byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECC_BrainpoolP256r1_EncryptedPublicKeyWrap (0x00019000) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECC_BrainpoolP256r1_EncryptedPrivateKeyWrap (0x00019010) + +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA1_EncryptedKeyWrap (0x0001A000) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA224_EncryptedKeyWrap (0x0001A100) +/* + * [in] memref[0] : Initial vector (16byte) + * [in] memref[1] : Encrypted Key (48byte) + * [in] memref[2] : Key Update Key (16byte) + * [in/out] memref[3] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA256_EncryptedKeyWrap (0x0001A200) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:180byte) + * [in/out] memref[1] : Raw_N (128byte) + * [in/out] memref[2] : Raw_E (4byte) + */ +#define PTA_CMD_RSA_1024_Public_Key_Export (0x0001B000) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:308byte) + * [in/out] memref[1] : Raw_N (256byte) + * [in/out] memref[2] : Raw_E (4byte) + */ +#define PTA_CMD_RSA_2048_Public_Key_Export (0x0001B100) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:436byte) + * [in/out] memref[1] : Raw_N (384byte) + * [in/out] memref[2] : Raw_E (4byte) + */ +#define PTA_CMD_RSA_3072_Public_Key_Export (0x0001B200) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:564byte) + * [in/out] memref[1] : Raw_N (512byte) + * [in/out] memref[2] : Raw_E (4byte) + */ +#define PTA_CMD_RSA_4096_Public_Key_Export (0x0001B300) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Raw_Qx (32byte) + * [in/out] memref[2] : Raw_Qy (32byte) + */ +#define PTA_CMD_ECC_secp192r1_Public_Key_Export (0x0001C000) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Raw_Qx (32byte) + * [in/out] memref[2] : Raw_Qy (32byte) + */ +#define PTA_CMD_ECC_secp224r1_Public_Key_Export (0x0001C100) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Raw_Qx (32byte) + * [in/out] memref[2] : Raw_Qy (32byte) + */ +#define PTA_CMD_ECC_secp256r1_Public_Key_Export (0x0001C200) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:100byte) + * [in/out] memref[1] : Raw_Qx (32byte) + * [in/out] memref[2] : Raw_Qy (32byte) + */ +#define PTA_CMD_ECC_BrainpoolP256r1_Public_Key_Export (0x0001C300) + +#endif /* __PTA_RSIP_H */ \ No newline at end of file diff --git a/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_aes.h b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_aes.h new file mode 100644 index 000000000..7ea15273d --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_aes.h @@ -0,0 +1,361 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ +#ifndef __PTA_RSIP_AES_H +#define __PTA_RSIP_AES_H + +#include + +#define PTA_RSIP_AES_UUID \ + { 0xa28ddef1, 0xe546, 0x449b, \ + { 0xb0, 0x61, 0xbf, 0xc4, 0x74, 0xb4, 0x9a, 0x4e } } + +#define MAC_BYTE_SIZE (16) +#define AES_BLOCK_LEN (16) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + */ +#define PTA_CMD_AES128ECB_EncryptInit (0x00020001) +/* + * [in] memref[0] : Plain (length must be a multiple of 16) + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES128ECB_EncryptUpdate (0x00020002) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES128ECB_EncryptFinal (0x00020003) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + */ +#define PTA_CMD_AES128ECB_DecryptInit (0x00020011) +/* + * [in] memref[0] : Cipher (length must be a multiple of 16) + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES128ECB_DecryptUpdate (0x00020012) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES128ECB_DecryptFinal (0x00020013) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES256ECB_EncryptInit (0x00020101) +/* + * [in] memref[0] : Plain (length must be a multiple of 16) + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES256ECB_EncryptUpdate (0x00020102) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES256ECB_EncryptFinal (0x00020103) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES256ECB_DecryptInit (0x00020111) +/* + * [in] memref[0] : Cipher (length must be a multiple of 16) + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES256ECB_DecryptUpdate (0x00020112) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES256ECB_DecryptFinal (0x00020113) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128CBC_EncryptInit (0x00021001) +/* + * [in] memref[0] : Plain (length must be a multiple of 16) + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES128CBC_EncryptUpdate (0x00021002) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES128CBC_EncryptFinal (0x00021003) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128CBC_DecryptInit (0x00021011) +/* + * [in] memref[0] : Cipher (length must be a multiple of 16) + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES128CBC_DecryptUpdate (0x00021012) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES128CBC_DecryptFinal (0x00021013) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256CBC_EncryptInit (0x00021101) +/* + * [in] memref[0] : Plain (length must be a multiple of 16) + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES256CBC_EncryptUpdate (0x00021102) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES256CBC_EncryptFinal (0x00021103) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256CBC_DecryptInit (0x00021111) +/* + * [in] memref[0] : Cipher (length must be a multiple of 16) + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES256CBC_DecryptUpdate (0x00021112) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES256CBC_DecryptFinal (0x00021113) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128CTR_EncryptInit (0x00022001) +/* + * [in] memref[0] : Plain (length must be a multiple of 16) + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES128CTR_EncryptUpdate (0x00022002) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES128CTR_EncryptFinal (0x00022003) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128CTR_DecryptInit (0x00022011) +/* + * [in] memref[0] : Cipher (length must be a multiple of 16) + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES128CTR_DecryptUpdate (0x00022012) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES128CTR_DecryptFinal (0x00022013) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256CTR_EncryptInit (0x00022101) +/* + * [in] memref[0] : Plain (length must be a multiple of 16) + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES256CTR_EncryptUpdate (0x00022102) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES256CTR_EncryptFinal (0x00022103) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256CTR_DecryptInit (0x00022111) +/* + * [in] memref[0] : Cipher (length must be a multiple of 16) + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES256CTR_DecryptUpdate (0x00022112) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES256CTR_DecryptFinal (0x00022113) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + */ +#define PTA_CMD_AES128CMAC_GenerateInit (0x00023001) +/* + * [in] memref[0] : Message + */ +#define PTA_CMD_AES128CMAC_GenerateUpdate (0x00023002) +/* + * [in/out] memref[0] : MAC (16byte) + */ +#define PTA_CMD_AES128CMAC_GenerateFinal (0x00023003) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + */ +#define PTA_CMD_AES128CMAC_VerifyInit (0x00023011) +/* + * [in] memref[0] : Message + */ +#define PTA_CMD_AES128CMAC_VerifyUpdate (0x00023012) +/* + * [in] memref[0] : MAC (2 to 16byte) + */ +#define PTA_CMD_AES128CMAC_VerifyFinal (0x00023013) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES256CMAC_GenerateInit (0x00023101) +/* + * [in] memref[0] : Message + */ +#define PTA_CMD_AES256CMAC_GenerateUpdate (0x00023102) +/* + * [in/out] memref[0] : MAC (16byte) + */ +#define PTA_CMD_AES256CMAC_GenerateFinal (0x00023103) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_AES256CMAC_VerifyInit (0x00023111) +/* + * [in] memref[0] : Message + */ +#define PTA_CMD_AES256CMAC_VerifyUpdate (0x00023112) +/* + * [in] memref[0] : MAC (2 to 16byte) + */ +#define PTA_CMD_AES256CMAC_VerifyFinal (0x00023113) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128XTS_EncryptInit (0x00024001) +/* + * [in] memref[0] : Plain + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES128XTS_EncryptUpdate (0x00024002) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES128XTS_EncryptFinal (0x00024003) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128XTS_DecryptInit (0x00024011) +/* + * [in] memref[0] : Cipher + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES128XTS_DecryptUpdate (0x00024012) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES128XTS_DecryptFinal (0x00024013) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:100byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256XTS_EncryptInit (0x00024101) +/* + * [in] memref[0] : Plain + * [in/out] memref[1] : Cipher + */ +#define PTA_CMD_AES256XTS_EncryptUpdate (0x00024102) +/* + * [in/out] memref[0] : Cipher (32byte) + */ +#define PTA_CMD_AES256XTS_EncryptFinal (0x00024103) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:100byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256XTS_DecryptInit (0x00024111) +/* + * [in] memref[0] : Cipher + * [in/out] memref[1] : Plain + */ +#define PTA_CMD_AES256XTS_DecryptUpdate (0x00024112) +/* + * [in/out] memref[0] : Plain (32byte) + */ +#define PTA_CMD_AES256XTS_DecryptFinal (0x00024113) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128GCM_EncryptInit (0x00025001) +/* + * [in] memref[0] : Plain + * [in/out] memref[1] : Cipher + * [in] memref[2] : AAD + */ +#define PTA_CMD_AES128GCM_EncryptUpdate (0x00025002) +/* + * [in/out] memref[0] : Cipher + * [in/out] memref[1] : Tag (16byte) + */ +#define PTA_CMD_AES128GCM_EncryptFinal (0x00025003) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:52byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES128GCM_DecryptInit (0x00025011) +/* + * [in] memref[0] : Cipher + * [in/out] memref[1] : Plain + * [in] memref[2] : AAD + */ +#define PTA_CMD_AES128GCM_DecryptUpdate (0x00025012) +/* + * [in/out] memref[0] : Plain + * [in] memref[1] : Tag (1 to 16byte) + */ +#define PTA_CMD_AES128GCM_DecryptFinal (0x00025013) + +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256GCM_EncryptInit (0x00025101) +/* + * [in] memref[0] : Plain + * [in/out] memref[1] : Cipher + * [in] memref[2] : AAD + */ +#define PTA_CMD_AES256GCM_EncryptUpdate (0x00025102) +/* + * [in/out] memref[0] : Cipher + * [in/out] memref[1] : Tag (16byte) + */ +#define PTA_CMD_AES256GCM_EncryptFinal (0x00025103) +/* + * [in] memref[0] : Wrapped key (rsip_wrapped_key_t:68byte) + * [in] memref[1] : Initial vector (16byte) + */ +#define PTA_CMD_AES256GCM_DecryptInit (0x00025111) +/* + * [in] memref[0] : Cipher + * [in/out] memref[1] : Plain + * [in] memref[2] : AAD + */ +#define PTA_CMD_AES256GCM_DecryptUpdate (0x00025112) +/* + * [in/out] memref[0] : Plain + * [in] memref[1] : Tag (1 to 16byte) + */ +#define PTA_CMD_AES256GCM_DecryptFinal (0x00025113) + +#endif /* __PTA_RSIP_AES_H */ diff --git a/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_ecc.h b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_ecc.h new file mode 100644 index 000000000..286dbb581 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_ecc.h @@ -0,0 +1,69 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ +#ifndef __PTA_RSIP_ECC_H +#define __PTA_RSIP_ECC_H + +#include + +#define PTA_RSIP_ECC_UUID \ + { 0xf0dd12df, 0x3d26, 0x4bf2, \ + { 0x93, 0x77, 0x4e, 0x2c, 0x31, 0x82, 0xaf, 0x43 } } + +#define SIGNATURE_SIZE (64U) + +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (64byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECDSA_secp192r1_SignatureGenerate (0x00050000) + +/* + * [in] memref[0] : Signature (64byte) + * [in] memref[1] : Message + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECDSA_secp192r1_SignatureVerify (0x00050010) + +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (64byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECDSA_secp224r1_SignatureGenerate (0x00050100) +/* + * [in] memref[0] : Signature (64byte) + * [in] memref[1] : Message + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECDSA_secp224r1_SignatureVerify (0x00050110) + +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (64byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECDSA_secp256r1_SignatureGenerate (0x00050200) +/* + * [in] memref[0] : Signature (64byte) + * [in] memref[1] : Message + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECDSA_secp256r1_SignatureVerify (0x00050210) + +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (64byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_ECDSA_BrainpoolP256r1_SignatureGenerate (0x00052000) +/* + * [in] memref[0] : Signature (64byte) + * [in] memref[1] : Message + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:100byte) + */ +#define PTA_CMD_ECDSA_BrainpoolP256r1_SignatureVerify (0x00052010) + +#endif /* __PTA_RSIP_ECC_H */ diff --git a/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_hmac.h b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_hmac.h new file mode 100644 index 000000000..853d9c627 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_hmac.h @@ -0,0 +1,111 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ +#ifndef __PTA_RSIP_HMAC_H +#define __PTA_RSIP_HMAC_H + +#include + +#define PTA_RSIP_HMAC_UUID \ + { 0xb528d9ee, 0x98d3, 0x4890, \ + { 0xb0, 0xf2, 0xa7, 0x91, 0xc3, 0xd7, 0x92, 0x08 } } + +#define SHA1_MAC_SIZE (20U) +#define SHA224_MAC_SIZE (28U) +#define SHA256_MAC_SIZE (32U) + +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA1_GenerateInit (0x00060000) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_HMAC_SHA1_GenerateUpdate (0x00060001) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in/out] memref[1] : MAC (20byte) + */ +#define PTA_CMD_HMAC_SHA1_GenerateFinal (0x00060002) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA1_VerifyInit (0x00060010) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_HMAC_SHA1_VerifyUpdate (0x00060011) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : MAC (4 to 20byte) + */ +#define PTA_CMD_HMAC_SHA1_VerifyFinal (0x00060012) + +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA224_GenerateInit (0x00060100) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_HMAC_SHA224_GenerateUpdate (0x00060101) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in/out] memref[1] : MAC (28byte) + */ +#define PTA_CMD_HMAC_SHA224_GenerateFinal (0x00060102) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA224_VerifyInit (0x00060110) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_HMAC_SHA224_VerifyUpdate (0x00060111) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : MAC (4 to 28byte) + */ +#define PTA_CMD_HMAC_SHA224_VerifyFinal (0x00060112) + +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA256_GenerateInit (0x00060200) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_HMAC_SHA256_GenerateUpdate (0x00060201) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in/out] memref[1] : MAC (32byte) + */ +#define PTA_CMD_HMAC_SHA256_GenerateFinal (0x00060202) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:68byte) + */ +#define PTA_CMD_HMAC_SHA256_VerifyInit (0x00060210) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_HMAC_SHA256_VerifyUpdate (0x00060211) +/* + * [in/out] memref[0] : HMAC handler (rsip_hmac_handle_t) + * [in] memref[1] : MAC (4 to 32byte) + */ +#define PTA_CMD_HMAC_SHA256_VerifyFinal (0x00060212) + +#endif /* __PTA_RSIP_HMAC_H */ diff --git a/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_rsa.h b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_rsa.h new file mode 100644 index 000000000..a0846e6e0 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_rsa.h @@ -0,0 +1,309 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ +#ifndef __PTA_RSIP_RSA_H +#define __PTA_RSIP_RSA_H + +#include + +#define PTA_RSIP_RSA_UUID \ + { 0x38225144, 0xb347, 0x467e, \ + { 0x93, 0x7e, 0x1e, 0xf8, 0xff, 0x7e, 0x5a, 0xe1 } } + +#define SIGNATURE_BYTE_SIZE_RSA_1024 (128U) +#define SIGNATURE_BYTE_SIZE_RSA_2048 (256U) +#define SIGNATURE_BYTE_SIZE_RSA_3072 (384U) +#define SIGNATURE_BYTE_SIZE_RSA_4096 (512U) + +#define CIPHER_BYTE_SIZE_RSA_1024 (128U) +#define CIPHER_BYTE_SIZE_RSA_2048 (256U) +#define CIPHER_BYTE_SIZE_RSA_3072 (384U) +#define CIPHER_BYTE_SIZE_RSA_4096 (512U) + + +/* + * Signs message with RSASSA-PKCS1-v1_5. + * + * Hash function : SHA-256 + */ + +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (128byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:292byte) + */ +#define PTA_CMD_RSASSA_PKCS1024_SignatureGenerate (0x00040000) +/* + * [in] memref[0] : Signature (128byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:180byte) + */ +#define PTA_CMD_RSASSA_PKCS1024_SignatureVerify (0x00040010) +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (256byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:548byte) + */ +#define PTA_CMD_RSASSA_PKCS2048_SignatureGenerate (0x00040100) +/* + * [in] memref[0] : Signature (256byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:308byte) + */ +#define PTA_CMD_RSASSA_PKCS2048_SignatureVerify (0x00040110) +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (384byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:804byte) + */ +#define PTA_CMD_RSASSA_PKCS3072_SignatureGenerate (0x00040300) +/* + * [in] memref[0] : Signature (384byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:436byte) + */ +#define PTA_CMD_RSASSA_PKCS3072_SignatureVerify (0x00040310) +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (512byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:1060byte) + */ +#define PTA_CMD_RSASSA_PKCS4096_SignatureGenerate (0x00040200) +/* + * [in] memref[0] : Signature (512byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:564byte) + */ +#define PTA_CMD_RSASSA_PKCS4096_SignatureVerify (0x00040210) + + +/* + * Encrypts plaintext with RSAES-PKCS1-v1_5. + * + * mLen (plain_length) and k (RSA key length) must meet the following condition. + * + * mlen <= k - 11 + */ + +/* + * [in] memref[0] : Plain (size <= 117byte) + * [in/out] memref[1] : Cipher (size == 128byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:180byte) + */ +#define PTA_CMD_RSAES_PKCS1024_Encrypt (0x00041000) +/* + * [in] memref[0] : Cipher (size == 128byte) + * [in/out] memref[1] : Plain (size <= 117byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:292byte) + */ +#define PTA_CMD_RSAES_PKCS1024_Decrypt (0x00041010) +/* + * [in] memref[0] : Plain (size <= 245byte) + * [in/out] memref[1] : Cipher (size == 256byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:308byte) + */ +#define PTA_CMD_RSAES_PKCS2048_Encrypt (0x00041100) +/* + * [in] memref[0] : Cipher (size == 256byte) + * [in/out] memref[1] : Plain (size <= 245byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:548byte) + */ +#define PTA_CMD_RSAES_PKCS2048_Decrypt (0x00041110) +/* + * [in] memref[0] : Plain (size <= 373byte) + * [in/out] memref[1] : Cipher (size == 384byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:436byte) + */ +#define PTA_CMD_RSAES_PKCS3072_Encrypt (0x00041300) +/* + * [in] memref[0] : Cipher (size == 384byte) + * [in/out] memref[1] : Plain (size <= 373byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:804byte) + */ +#define PTA_CMD_RSAES_PKCS3072_Decrypt (0x00041310) +/* + * [in] memref[0] : Plain (size <= 501byte) + * [in/out] memref[1] : Cipher (size == 512byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:564byte) + */ +#define PTA_CMD_RSAES_PKCS4096_Encrypt (0x00041200) +/* + * [in] memref[0] : Cipher (size == 512byte) + * [in/out] memref[1] : Plain (size <= 501byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:1060byte) + */ +#define PTA_CMD_RSAES_PKCS4096_Decrypt (0x00041210) + + +/* + * Signs message with RSASSA-PSS. + * + * Hash function : SHA-256 + * Mask generation function : MGF1 with SHA-256 + * Salt length : 32byte (hash length of SHA-256) + */ + +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (128byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:292byte) + */ +#define PTA_CMD_RSASSA_PSS1024_SignatureGenerate (0x00042000) +/* + * [in] memref[0] : Signature (128byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:180byte) + */ +#define PTA_CMD_RSASSA_PSS1024_SignatureVerify (0x00042010) +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (256byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:548byte) + */ +#define PTA_CMD_RSASSA_PSS2048_SignatureGenerate (0x00042100) +/* + * [in] memref[0] : Signature (256byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:384byte) + */ +#define PTA_CMD_RSASSA_PSS2048_SignatureVerify (0x00042110) +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (384byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:804byte) + */ +#define PTA_CMD_RSASSA_PSS3072_SignatureGenerate (0x00042200) +/* + * [in] memref[0] : Signature (384byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:436byte) + */ +#define PTA_CMD_RSASSA_PSS3072_SignatureVerify (0x00042210) +/* + * [in] memref[0] : Message + * [in/out] memref[1] : Signature (512byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:1060byte) + */ +#define PTA_CMD_RSASSA_PSS4096_SignatureGenerate (0x00042300) +/* + * [in] memref[0] : Signature (512byte) + * [in] memref[1] : Wrapped key (rsip_wrapped_key_t:564byte) + */ +#define PTA_CMD_RSASSA_PSS4096_SignatureVerify (0x00042310) + +/* + * [in] memref[0] : Plain (128byte) + * [in/out] memref[1] : Cipher (128byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:180byte) + */ +#define PTA_CMD_RSA_1024_Encrypt (0x00043000) +/* + * [in] memref[0] : Cipher (128byte) + * [in/out] memref[1] : Plain (128byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:292byte) + */ +#define PTA_CMD_RSA_1024_Decrypt (0x00043010) +/* + * [in] memref[0] : Plain (256byte) + * [in/out] memref[1] : Cipher (256byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:308byte) + */ +#define PTA_CMD_RSA_2048_Encrypt (0x00043100) +/* + * [in] memref[0] : Cipher (256byte) + * [in/out] memref[1] : Plain (256byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:548byte) + */ +#define PTA_CMD_RSA_2048_Decrypt (0x00043110) +/* + * [in] memref[0] : Plain (384byte) + * [in/out] memref[1] : Cipher (384byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:436byte) + */ +#define PTA_CMD_RSA_3072_Encrypt (0x00043200) +/* + * [in] memref[0] : Cipher (384byte) + * [in/out] memref[1] : Plain (384byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:804byte) + */ +#define PTA_CMD_RSA_3072_Decrypt (0x00043210) +/* + * [in] memref[0] : Plain (512byte) + * [in/out] memref[1] : Cipher (512byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:564byte) + */ +#define PTA_CMD_RSA_4096_Encrypt (0x00043300) +/* + * [in] memref[0] : Cipher (512byte) + * [in/out] memref[1] : Plain (512byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:1060byte) + */ +#define PTA_CMD_RSA_4096_Decrypt (0x00043310) + + +/* + * Encrypts plaintext with RSAES-OAEP. + * + * Hash function : SHA-256 + * Mask generation function : MGF1 with SHA-256 + * + * mLen (plain_length), hLen (output length of hash_function), and k (RSA key length) + * must meet the following condition. + * + * mLen <= k - 2 hLen - 2 + */ + +/* + * [in] memref[0] : Plain (size <= 62byte) + * [in/out] memref[1] : Cipher (size == 128byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:180byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP1024_Encrypt (0x00044000) +/* + * [in] memref[0] : Cipher (size == 128byte) + * [in/out] memref[1] : Plain (size <= 62byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:292byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP1024_Decrypt (0x00044010) +/* + * [in] memref[0] : Plain (size <= 190byte) + * [in/out] memref[1] : Cipher (size == 256byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:308byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP2048_Encrypt (0x00044100) +/* + * [in] memref[0] : Cipher (size == 256byte) + * [in/out] memref[1] : Plain (size <= 190byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:548byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP2048_Decrypt (0x00044110) +/* + * [in] memref[0] : Plain (size <= 318byte) + * [in/out] memref[1] : Cipher (size == 384byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:436byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP3072_Encrypt (0x00044200) +/* + * [in] memref[0] : Cipher (size == 384byte) + * [in/out] memref[1] : Plain (size <= 318byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:804byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP3072_Decrypt (0x00044210) +/* + * [in] memref[0] : Plain (size <= 446byte) + * [in/out] memref[1] : Cipher (size == 512byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:564byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP4096_Encrypt (0x00044300) +/* + * [in] memref[0] : Cipher (size == 512byte) + * [in/out] memref[1] : Plain (size <= 446byte) + * [in] memref[2] : Wrapped key (rsip_wrapped_key_t:1060byte) + * [in] memref[3] : Label + */ +#define PTA_CMD_RSAES_OAEP4096_Decrypt (0x00044310) + + + +#endif /* __PTA_RSIP_RSA_H */ diff --git a/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_sha.h b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_sha.h new file mode 100644 index 000000000..c4d5f4c0c --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/include/pta_rsip_sha.h @@ -0,0 +1,127 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ +#ifndef __PTA_RSIP_SHA_H +#define __PTA_RSIP_SHA_H + +#include + +#define PTA_RSIP_SHA_UUID \ + { 0x8fa6b9c0, 0xb59f, 0x4762, \ + { 0x92, 0x46, 0x38, 0xdc, 0x66, 0x53, 0x57, 0x04 } } + +#define SHA1_HASH_SIZE (20U) +#define SHA224_HASH_SIZE (28U) +#define SHA256_HASH_SIZE (32U) +#define SHA384_HASH_SIZE (48U) +#define SHA512_HASH_SIZE (64U) +#define SHA512_224_HASH_SIZE (28U) +#define SHA512_256_HASH_SIZE (32U) + +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + */ +#define PTA_CMD_SHA1_Init (0x00030200) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_SHA1_Update (0x00030201) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in/out] memref[1] : Digest (20byte) + */ +#define PTA_CMD_SHA1_Final (0x00030202) + +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + */ +#define PTA_CMD_SHA224_Init (0x00030000) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_SHA224_Update (0x00030001) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in/out] memref[1] : Digest (28byte) + */ +#define PTA_CMD_SHA224_Final (0x00030002) + +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + */ +#define PTA_CMD_SHA256_Init (0x00030100) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_SHA256_Update (0x00030101) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in/out] memref[1] : Digest (32byte) + */ +#define PTA_CMD_SHA256_Final (0x00030102) + +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + */ +#define PTA_CMD_SHA384_Init (0x00030300) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_SHA384_Update (0x00030301) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in/out] memref[1] : Digest (48byte) + */ +#define PTA_CMD_SHA384_Final (0x00030302) + +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + */ +#define PTA_CMD_SHA512_Init (0x00030400) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_SHA512_Update (0x00030401) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in/out] memref[1] : Digest (64byte) + */ +#define PTA_CMD_SHA512_Final (0x00030402) + +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + */ +#define PTA_CMD_SHA512_224_Init (0x00030500) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_SHA512_224_Update (0x00030501) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in/out] memref[1] : Digest (28byte) + */ +#define PTA_CMD_SHA512_224_Final (0x00030502) + +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + */ +#define PTA_CMD_SHA512_256_Init (0x00030600) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in] memref[1] : Message + */ +#define PTA_CMD_SHA512_256_Update (0x00030601) +/* + * [in/out] memref[0] : SHA handler (rsip_sha_handle_t) + * [in/out] memref[1] : Digest (32byte) + */ +#define PTA_CMD_SHA512_256_Final (0x00030602) + +#endif /* __PTA_RSIP_SHA_H */ diff --git a/core/arch/arm/plat-rz/common/pta/rsip/include/r_rsip_api.h b/core/arch/arm/plat-rz/common/pta/rsip/include/r_rsip_api.h new file mode 100644 index 000000000..f1c4d6b70 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/include/r_rsip_api.h @@ -0,0 +1,504 @@ +/* ${REA_DISCLAIMER_PLACEHOLDER} */ + +/*******************************************************************************************************************//** + * @ingroup RENESAS_INTERFACES + * @defgroup RSIP_API RSIP Interface + * @brief Interface for Renesas Secure IP (RSIP) functions. + * + * @section RSIP_API_Summary Summary + * The RSIP interface provides RSIP functionality. + * + * The RSIP interface can be implemented by: + * - @ref RSIP + * + * @{ + **********************************************************************************************************************/ + +#ifndef R_RSIP_API_H +#define R_RSIP_API_H + +/*********************************************************************************************************************** + * Includes + **********************************************************************************************************************/ + +/* Register definitions, common services and error codes. */ +//#include "bsp_api.h" + +/* Common macro for FSP header files. There is also a corresponding FSP_FOOTER macro at the end of this file. */ +//FSP_HEADER + +/*********************************************************************************************************************** + * Macro definitions + **********************************************************************************************************************/ + +/* Return code */ +#define FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT (0x10100) ///< Hardware resource is busy +#define FSP_ERR_CRYPTO_RSIP_FATAL (0x10101) ///< Hardware fatal error or unexpected return +#define FSP_ERR_CRYPTO_RSIP_FAIL (0x10102) ///< Internal error +#define FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL (0x10103) ///< Input key type is illegal +#define FSP_ERR_CRYPTO_RSIP_AUTHENTICATION (0x10104) ///< Authentication failed + +/* Return code for SB-Lib */ +#define FSP_ERR_SB_INTERNAL_FAIL (0x00030000UL) ///< An internal failure +#define FSP_ERR_SB_INVALID_ARG (0x00030001UL) ///< An invalid argument was entered +#define FSP_ERR_SB_UNSUPPORTED_FUNCTION (0x00030002UL) ///< Unsupported function executed +#define FSP_ERR_SB_INVALID_ALIGNMENT (0x00030003UL) ///< Data entered with incorrect alignment +#define FSP_ERR_SB_MANI_INVALID_MAGIC (0x00031000UL) ///< An invalid magic number is set +#define FSP_ERR_SB_MANI_UNSUPPORTED_VERSION (0x00031001UL) ///< Unsupported version is set +#define FSP_ERR_SB_MANI_OUT_OF_RANGE_LEN (0x00031002UL) ///< Out of range TLV Length is set +#define FSP_ERR_SB_MANI_TLV_FIELD_ERR (0x00031003UL) ///< Missing required TLV field +#define FSP_ERR_SB_MANI_TLV_INVALID_LEN (0x00031004UL) ///< The length exceeding the end of the manifest is specified in length of the TLV field +#define FSP_ERR_SB_MANI_INVALID_IMAGE_LEN (0x00031005UL) ///< An invalid image length is set +#define FSP_ERR_SB_MANI_MISMATCH_SIGN_ALGORITHM (0x00031006UL) ///< There is a wrong combination of signature algorithms +#define FSP_ERR_SB_MANI_UNSUPPORTED_ALGORITHM (0x00031007UL) ///< An algorithm was specified that the manifest does not support +#define FSP_ERR_SB_CRYPTO_FAIL (0x00032000UL) ///< Cryptographic processing failure +#define FSP_ERR_SB_CRYPTO_AUTH_FAIL (0x00032001UL) ///< Verification failed +#define FSP_ERR_SB_CRYPTO_UNSUPPORTED_ALGORITHM (0x00032002UL) ///< Unsupported algorithm +#define FSP_ERR_SB_CRYPTO_RESOURCE_CONFLICT (0x00032003UL) ///< CryptoIP is in use. +#define FSP_ERR_SB_CRYPTO_PARAM_ERR (0x00032004UL) ///< Parameter error + +/* RSA salt length */ + +/** + * When signing, the salt length is set to @ref RSIP_RSA_SALT_LENGTH_MAX or @ref RSIP_RSA_SALT_LENGTH_HASH, + * whichever is shorter. When verifying, the salt length is detected automatically. + */ +#define RSIP_RSA_SALT_LENGTH_AUTO (-1) + +/** + * The salt length is set to the hash length. + */ +#define RSIP_RSA_SALT_LENGTH_HASH (-2) + +/** + * The salt length is set to emLen - hLen - 2, where emLen is the same as the key length and hLen is the hash length. + */ +#define RSIP_RSA_SALT_LENGTH_MAX (-3) + +/* For internal use */ +#define RSIP_BYTE_SIZE_SHA_MESSAGE_BUFFER (128U) // rsip_sha_handle_t, rsip_hmac_handle_t +#define RSIP_WORD_SIZE_SHA_INTERNAL_STATE (20U) // rsip_sha_handle_t, rsip_hmac_handle_t + +/*********************************************************************************************************************** + * Typedef definitions + **********************************************************************************************************************/ + +/** + * Key types + * @deprecated + * - The following member will be renamed in the next major update. + * - @ref RSIP_KEY_TYPE_ECC_secp192r1_PUBLIC to RSIP_KEY_TYPE_ECC_SECP192R1_PUBLIC + * - @ref RSIP_KEY_TYPE_ECC_secp192r1_PRIVATE to RSIP_KEY_TYPE_ECC_SECP192R1_PRIVATE + * - @ref RSIP_KEY_TYPE_ECC_secp224r1_PUBLIC to RSIP_KEY_TYPE_ECC_SECP224R1_PUBLIC + * - @ref RSIP_KEY_TYPE_ECC_secp224r1_PRIVATE to RSIP_KEY_TYPE_ECC_SECP224R1_PRIVATE + * - @ref RSIP_KEY_TYPE_ECC_secp256r1_PUBLIC to RSIP_KEY_TYPE_ECC_SECP256R1_PUBLIC + * - @ref RSIP_KEY_TYPE_ECC_secp256r1_PRIVATE to RSIP_KEY_TYPE_ECC_SECP256R1_PRIVATE + */ +typedef enum e_rsip_key_type +{ + RSIP_KEY_TYPE_INVALID, ///< Invalid key + + RSIP_KEY_TYPE_AES_128, ///< AES-128 + RSIP_KEY_TYPE_AES_256, ///< AES-256 + + RSIP_KEY_TYPE_AES_128_XTS, ///< AES-128-XTS + RSIP_KEY_TYPE_AES_256_XTS, ///< AES-256-XTS + + RSIP_KEY_TYPE_ECC_secp192r1_PUBLIC, ///< secp192r1 public key (also known as NIST P-192, prime192v1) + RSIP_KEY_TYPE_ECC_secp192r1_PRIVATE, ///< secp192r1 private key (also known as NIST P-192, prime192v1) + RSIP_KEY_TYPE_ECC_secp224r1_PUBLIC, ///< secp224r1 public key (also known as NIST P-224, prime224v1) + RSIP_KEY_TYPE_ECC_secp224r1_PRIVATE, ///< secp224r1 private key (also known as NIST P-224, prime224v1) + RSIP_KEY_TYPE_ECC_secp256r1_PUBLIC, ///< secp256r1 public key (also known as NIST P-256, prime256v1) + RSIP_KEY_TYPE_ECC_secp256r1_PRIVATE, ///< secp256r1 private key (also known as NIST P-256, prime256v1) + + RSIP_KEY_TYPE_HMAC_SHA1, ///< HMAC-SHA1 + RSIP_KEY_TYPE_HMAC_SHA224, ///< HMAC-SHA224 + RSIP_KEY_TYPE_HMAC_SHA256, ///< HMAC-SHA256 + + RSIP_KEY_TYPE_KEY_UPDATE_KEY, ///< KUK (Key Update Key) + + RSIP_KEY_TYPE_SECURE_BOOT_DECRYPTION, ///< Image decryption key for secure boot (supported devices only) + + RSIP_KEY_TYPE_RSA_1024_PUBLIC_ENHANCED, ///< RSA-1024 public key + RSIP_KEY_TYPE_RSA_1024_PRIVATE_ENHANCED, ///< RSA-1024 private key + RSIP_KEY_TYPE_RSA_2048_PUBLIC_ENHANCED, ///< RSA-2048 public key + RSIP_KEY_TYPE_RSA_2048_PRIVATE_ENHANCED, ///< RSA-2048 private key + RSIP_KEY_TYPE_RSA_3072_PUBLIC, ///< RSA-3072 public key + RSIP_KEY_TYPE_RSA_3072_PRIVATE, ///< RSA-3072 private key + RSIP_KEY_TYPE_RSA_4096_PUBLIC, ///< RSA-4096 public key + RSIP_KEY_TYPE_RSA_4096_PRIVATE, ///< RSA-4096 private key + + RSIP_KEY_TYPE_ECC_BRAINPOOLP256R1_PUBLIC, ///< brainpoolP256r1 public key + RSIP_KEY_TYPE_ECC_BRAINPOOLP256R1_PRIVATE, ///< brainpoolP256r1 private key + + RSIP_KEY_TYPE_NUM, // Number of key types + + RSIP_KEY_TYPE_MAKE_ENUM_LONG = 0xFFFFFFFFUL // Make this enum 32-bit data +} rsip_key_type_t; + +/** + * Key pair types + * @deprecated + * - The following member will be renamed in the next major update. + * - @ref RSIP_KEY_PAIR_TYPE_ECC_secp192r1 to RSIP_KEY_PAIR_TYPE_ECC_SECP192R1 + * - @ref RSIP_KEY_PAIR_TYPE_ECC_secp224r1 to RSIP_KEY_PAIR_TYPE_ECC_SECP224R1 + * - @ref RSIP_KEY_PAIR_TYPE_ECC_secp256r1 to RSIP_KEY_PAIR_TYPE_ECC_SECP256R1 + */ +typedef enum e_rsip_key_pair_type +{ + RSIP_KEY_PAIR_TYPE_INVALID, ///< Invalid key pair type + + RSIP_KEY_PAIR_TYPE_ECC_secp192r1, ///< secp192r1 key pair (also known as NIST P-192, prime192v1) + RSIP_KEY_PAIR_TYPE_ECC_secp224r1, ///< secp224r1 key pair (also known as NIST P-224, prime224v1) + RSIP_KEY_PAIR_TYPE_ECC_secp256r1, ///< secp256r1 key pair (also known as NIST P-256, prime256v1) + RSIP_KEY_PAIR_TYPE_ECC_BRAINPOOLP256R1, ///< brainpoolP256r1 key pair + + RSIP_KEY_PAIR_TYPE_RSA_1024, ///< RSA-1024 key pair + RSIP_KEY_PAIR_TYPE_RSA_2048, ///< RSA-2048 key pair + RSIP_KEY_PAIR_TYPE_RSA_3072, ///< RSA-3072 key pair + RSIP_KEY_PAIR_TYPE_RSA_4096, ///< RSA-4096 key pair + + RSIP_KEY_PAIR_TYPE_NUM // Number of key pair types +} rsip_key_pair_type_t; + +/** Block cipher modes of operation for AES */ +typedef enum e_rsip_aes_mode +{ + RSIP_AES_MODE_ECB, ///< ECB (Electronic codebook) + RSIP_AES_MODE_CBC, ///< CBC (Cipher block chaining) + RSIP_AES_MODE_CTR, ///< CTR (Counter) + RSIP_AES_MODE_XTS ///< XTS (XEX-based tweaked-codebook mode with ciphertext stealing) +} rsip_aes_mode_t; + +/** Hash type */ +typedef enum e_rsip_hash_type +{ + RSIP_HASH_TYPE_SHA1, ///< SHA-1 + RSIP_HASH_TYPE_SHA224, ///< SHA-224 + RSIP_HASH_TYPE_SHA256, ///< SHA-256 + RSIP_HASH_TYPE_SHA384, ///< SHA-384 + RSIP_HASH_TYPE_SHA512, ///< SHA-512 + RSIP_HASH_TYPE_SHA512_224, ///< SHA-512/224 + RSIP_HASH_TYPE_SHA512_256 ///< SHA-512/256 +} rsip_hash_type_t; + +/** MGF type */ +typedef enum e_rsip_mgf_type +{ + RSIP_MGF_TYPE_MGF1_SHA1 = RSIP_HASH_TYPE_SHA1, ///< MGF1 with SHA-1 + RSIP_MGF_TYPE_MGF1_SHA224 = RSIP_HASH_TYPE_SHA224, ///< MGF1 with SHA-224 + RSIP_MGF_TYPE_MGF1_SHA256 = RSIP_HASH_TYPE_SHA256, ///< MGF1 with SHA-256 + RSIP_MGF_TYPE_MGF1_SHA384 = RSIP_HASH_TYPE_SHA384, ///< MGF1 with SHA-384 + RSIP_MGF_TYPE_MGF1_SHA512 = RSIP_HASH_TYPE_SHA512, ///< MGF1 with SHA-512 + RSIP_MGF_TYPE_MGF1_SHA512_224 = RSIP_HASH_TYPE_SHA512_224, ///< MGF1 with SHA-512/224 + RSIP_MGF_TYPE_MGF1_SHA512_256 = RSIP_HASH_TYPE_SHA512_256 ///< MGF1 with SHA-512/256 +} rsip_mgf_type_t; + +/** Password type. This enumerated type is used only on specific devices. */ +typedef enum e_password_type +{ + RSIP_PASSWORD_TYPE_JTAG_DEBUG_AUTHENTICATION_LEVEL1, ///< JTAG debug authentication level 1 + RSIP_PASSWORD_TYPE_JTAG_DEBUG_AUTHENTICATION_LEVEL2, ///< JTAG debug authentication level 2 +} rsip_password_type_t; + +/* State that specifies functions that can be called next. This enum is private. */ +typedef enum e_rsip_user_handle_state +{ + RSIP_USER_HANDLE_STATE_INIT, // Init function can be called. + RSIP_USER_HANDLE_STATE_UPDATE_EMPTY, // Update and Final function can be called. No data has been entered yet. + RSIP_USER_HANDLE_STATE_UPDATE // Update and Final function can be called. Some data has been entered. +} rsip_user_handle_state_t; + +/** Wrapped key structure for all supported algorithms. The struct length of each algorithm is defined by RSIP_BYTE_SIZE_WRAPPED_KEY macro. */ +typedef struct st_rsip_wrapped_key +{ + rsip_key_type_t type; ///< type of wrapped key + uint8_t value[]; ///< variable length array to store the key value +} rsip_wrapped_key_t; + +/** + * Byte size of encrypted key + * @deprecated + * - The following member will be renamed in the next major update. + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp192r1_PUBLIC to RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_SECP192R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp192r1_PRIVATE to RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_SECP192R1_PRIVATE + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp224r1_PUBLIC to RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_SECP224R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp224r1_PRIVATE to RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_SECP224R1_PRIVATE + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PUBLIC to RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_SECP256R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PRIVATE to RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_SECP256R1_PRIVATE + * - The following member will be obsoleted in the next major update. + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_MAX + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_PUBLIC_MAX + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_PRIVATE_MAX + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_PUBLIC_MAX + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_PRIVATE_MAX + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_MAX + * - @ref RSIP_BYTE_SIZE_ENCRYPTED_KEY_MAX + */ +typedef enum e_rsip_byte_size_encrypted_key +{ + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_128 = 32U, ///< AES-128 + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_256 = 48U, ///< AES-256 + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_128_XTS = 48U, ///< AES-128-XTS + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_256_XTS = 80U, ///< AES-256-XTS + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp192r1_PUBLIC = 80U, ///< secp192r1 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp192r1_PRIVATE = 48U, ///< secp192r1 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp224r1_PUBLIC = 80U, ///< secp224r1 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp224r1_PRIVATE = 48U, ///< secp224r1 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PUBLIC = 80U, ///< secp256r1 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PRIVATE = 48U, ///< secp256r1 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_BRAINPOOLP256R1_PUBLIC = 80U, ///< brainpoolP256r1 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_BRAINPOOLP256R1_PRIVATE = 48U, ///< brainpoolP256r1 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_1024_PUBLIC_ENHANCED = 160U, ///< RSA-1024 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_1024_PRIVATE_ENHANCED = 272U, ///< RSA-1024 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_2048_PUBLIC_ENHANCED = 288U, ///< RSA-2048 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_2048_PRIVATE_ENHANCED = 528U, ///< RSA-2048 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_3072_PUBLIC = 416U, ///< RSA-3072 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_3072_PRIVATE = 784U, ///< RSA-3072 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_4096_PUBLIC = 544U, ///< RSA-4096 public key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_4096_PRIVATE = 1040U, ///< RSA-4096 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_SHA1 = 48U, ///< HMAC-SHA1 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_SHA224 = 48U, ///< HMAC-SHA224 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_SHA256 = 48U, ///< HMAC-SHA256 private key + RSIP_BYTE_SIZE_ENCRYPTED_KEY_KEY_UPDATE_KEY = 48U, ///< Key Update Key (KUK) + + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_MAX = + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_256_XTS, ///< Maximum length in AES keys + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_PUBLIC_MAX = + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PUBLIC, ///< Maximum length in ECC public keys + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_PRIVATE_MAX = + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PRIVATE, ///< Maximum length in ECC private keys + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_PUBLIC_MAX = + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_4096_PUBLIC, ///< Maximum length in RSA public keys + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_PRIVATE_MAX = + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_4096_PRIVATE, ///< Maximum length in RSA private keys + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_MAX = + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_SHA256, ///< Maximum length in HMAC keys + RSIP_BYTE_SIZE_ENCRYPTED_KEY_MAX = + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_PRIVATE_MAX, ///< Maximum length in all RSIP keys +} rsip_byte_size_encrypted_key_t; + +/** Byte size of wrapped key (value) + * @deprecated + * - The following member will be renamed in the next major update. + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp192r1_PUBLIC to RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_SECP192R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp192r1_PRIVATE to RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_SECP192R1_PRIVATE + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp224r1_PUBLIC to RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_SECP224R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp224r1_PRIVATE to RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_SECP224R1_PRIVATE + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PUBLIC to RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_SECP256R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PRIVATE to RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_SECP256R1_PRIVATE + * - The following member will be obsoleted in the next major update. + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_PUBLIC_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_PRIVATE_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_PUBLIC_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_PRIVATE_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_MAX + */ +typedef enum e_rsip_byte_size_wrapped_key_value +{ + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_128 = 48U, ///< AES-128 + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_256 = 64U, ///< AES-256 + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_128_XTS = 64U, ///< AES-128-XTS + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_256_XTS = 96U, ///< AES-256-XTS + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp192r1_PUBLIC = 96U, ///< secp192r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp192r1_PRIVATE = 64U, ///< secp192r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp224r1_PUBLIC = 96U, ///< secp224r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp224r1_PRIVATE = 64U, ///< secp224r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PUBLIC = 96U, ///< secp256r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PRIVATE = 64U, ///< secp256r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_BRAINPOOLP256R1_PUBLIC = 96U, ///< brainpoolP256r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_BRAINPOOLP256R1_PRIVATE = 64U, ///< brainpoolP256r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_1024_PUBLIC_ENHANCED = 176U, ///< RSA-1024 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_1024_PRIVATE_ENHANCED = 288U, ///< RSA-1024 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_2048_PUBLIC_ENHANCED = 304U, ///< RSA-2048 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_2048_PRIVATE_ENHANCED = 544U, ///< RSA-2048 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_3072_PUBLIC = 432U, ///< RSA-3072 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_3072_PRIVATE = 800U, ///< RSA-3072 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_4096_PUBLIC = 560U, ///< RSA-4096 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_4096_PRIVATE = 1056U, ///< RSA-4096 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_SHA1 = 64U, ///< HMAC-SHA1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_SHA224 = 64U, ///< HMAC-SHA224 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_SHA256 = 64U, ///< HMAC-SHA256 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_KEY_UPDATE_KEY = 64U, ///< Key Update Key (KUK) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_256_XTS, ///< Maximum length in AES keys + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_PUBLIC_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PUBLIC, ///< Maximum length in ECC public keys + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_PRIVATE_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PRIVATE, ///< Maximum length in ECC private keys + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_PUBLIC_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_4096_PUBLIC, ///< Maximum length in RSA public keys + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_PRIVATE_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_4096_PRIVATE, ///< Maximum length in RSA private keys + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_SHA256, ///< Maximum length in HMAC keys + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_PRIVATE_MAX, ///< Maximum length in all RSIP keys +} rsip_byte_size_wrapped_key_value_t; + +/** + * Byte size of wrapped key (header + value) + * @deprecated + * - The following member will be renamed in the next major update. + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PUBLIC to RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP192R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PRIVATE to RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP192R1_PRIVATE + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PUBLIC to RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP224R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PRIVATE to RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP224R1_PRIVATE + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PUBLIC to RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP256R1_PUBLIC + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PRIVATE to RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP256R1_PRIVATE + * - The following member will be obsoleted in the next major update. + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_AES_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_PUBLIC_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_PRIVATE_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_PUBLIC_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_PRIVATE_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_MAX + * - @ref RSIP_BYTE_SIZE_WRAPPED_KEY_MAX + */ +typedef enum e_rsip_byte_size_wrapped_key +{ + RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128 = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_128, ///< AES-128 + RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256 = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_256, ///< AES-256 + RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128_XTS = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_128_XTS, ///< AES-128-XTS + RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256_XTS = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_AES_256_XTS, ///< AES-256-XTS + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PUBLIC = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp192r1_PUBLIC, ///< secp192r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PRIVATE = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp192r1_PRIVATE, ///< secp192r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PUBLIC = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp224r1_PUBLIC, ///< secp224r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PRIVATE = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp224r1_PRIVATE, ///< secp224r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PUBLIC = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PUBLIC, ///< secp256r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PRIVATE = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_secp256r1_PRIVATE, ///< secp256r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PUBLIC = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_BRAINPOOLP256R1_PUBLIC, ///< brainpoolP256r1 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PRIVATE = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_ECC_BRAINPOOLP256R1_PRIVATE, ///< brainpoolP256r1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_1024_PUBLIC_ENHANCED, ///< RSA-1024 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_1024_PRIVATE_ENHANCED, ///< RSA-1024 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_2048_PUBLIC_ENHANCED, ///< RSA-2048 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_2048_PRIVATE_ENHANCED, ///< RSA-2048 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_3072_PUBLIC, ///< RSA-3072 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_3072_PRIVATE, ///< RSA-3072 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_4096_PUBLIC, ///< RSA-4096 public key + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_RSA_4096_PRIVATE, ///< RSA-4096 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA1 = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_SHA1, ///< HMAC-SHA1 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA224 = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_SHA224, ///< HMAC-SHA224 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA256 = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_HMAC_SHA256, ///< HMAC-SHA256 private key + RSIP_BYTE_SIZE_WRAPPED_KEY_KEY_UPDATE_KEY = + sizeof(rsip_wrapped_key_t) + + RSIP_BYTE_SIZE_WRAPPED_KEY_VALUE_KEY_UPDATE_KEY, ///< Key Update Key (KUK) + + RSIP_BYTE_SIZE_WRAPPED_KEY_AES_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256_XTS, ///< Maximum length in AES keys + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_PUBLIC_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PUBLIC, ///< Maximum length in ECC public keys + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_PRIVATE_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PRIVATE, ///< Maximum length in ECC private keys + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_PUBLIC_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC, ///< Maximum length in RSA public keys + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_PRIVATE_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE, ///< Maximum length in RSA private keys + RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA256, ///< Maximum length in HMAC keys + RSIP_BYTE_SIZE_WRAPPED_KEY_MAX = + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_PRIVATE_MAX, ///< Maximum length in all RSIP keys +} rsip_byte_size_wrapped_key_t; + +/** Working area for SHA cipher functions. DO NOT MODIFY. */ +typedef struct st_rsip_sha_handle +{ + rsip_hash_type_t type; // Hash type + uint8_t buffer[RSIP_BYTE_SIZE_SHA_MESSAGE_BUFFER]; // Stored message + uint32_t buffered_length; // Buffered message length + uint32_t total_length; // Total message length input to primitive + uint32_t block_size; // Block size + rsip_user_handle_state_t state; // Handle state + uint32_t internal_state[RSIP_WORD_SIZE_SHA_INTERNAL_STATE]; // Internal state +} rsip_sha_handle_t; + +/** Working area for HMAC cipher functions. DO NOT MODIFY. */ +typedef struct st_rsip_hmac_handle +{ + const void * p_primitive; // Pointer to primitive functions + uint8_t wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_MAX]; // Stored wrapped key + uint8_t buffer[RSIP_BYTE_SIZE_SHA_MESSAGE_BUFFER]; // Stored message + uint32_t buffered_length; // Buffered message length + uint32_t total_length; // Total message length input to primitive + uint32_t block_size; // Block size + rsip_user_handle_state_t state; // Handle state + uint32_t internal_state[RSIP_WORD_SIZE_SHA_INTERNAL_STATE]; // Internal state + bool is_generate; // true: generate, false: verify +} rsip_hmac_handle_t; + +/** RSIP Control block. Allocate an instance specific control block to pass into the API calls. + * @par Implemented as + * - rsip_instance_ctrl_t + */ +typedef void rsip_ctrl_t; + +/** User configuration structure, used in open function */ +typedef struct st_rsip_cfg +{ + void const * p_extend; ///< Hardware-dependent configuration +} rsip_cfg_t; + +/** This structure encompasses everything that is needed to use an instance of this interface. */ +typedef struct st_rsip_instance +{ + rsip_ctrl_t * p_ctrl; ///< Pointer to the control structure for this instance + rsip_cfg_t const * p_cfg; ///< Pointer to the configuration structure for this instance +} rsip_instance_t; + +/* Common macro for FSP header files. There is also a corresponding FSP_HEADER macro at the top of this file. */ +//FSP_FOOTER + +#endif /* R_RSIP_API_H */ + +/*******************************************************************************************************************//** + * @} (end addtogroup RSIP_API) + **********************************************************************************************************************/ diff --git a/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip.c b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip.c new file mode 100644 index 000000000..c7338c838 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip.c @@ -0,0 +1,704 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ + +#include + +#include +#include +#include + +#define PTA_NAME "rsip.pta" + +extern rsip_instance_ctrl_t rsip_instance_ctrl; + +static TEE_Result keygenerate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_key_type_t key_type, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (key_size > params[0].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_KeyGenerate(&rsip_instance_ctrl, key_type, wrapped_key); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_UNSUPPORTED: + return TEE_ERROR_NOT_SUPPORTED; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = key_size; + + return TEE_SUCCESS; +} + + +static TEE_Result keypairgenerate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_key_pair_type_t key_type, rsip_byte_size_wrapped_key_t pub_key_size, rsip_byte_size_wrapped_key_t pri_key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_pub_key; + rsip_wrapped_key_t * wrapped_pri_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_pri_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (pri_key_size > params[0].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_pub_key = (rsip_wrapped_key_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (pub_key_size > params[1].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_KeyPairGenerate(&rsip_instance_ctrl, key_type, wrapped_pub_key, wrapped_pri_key); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_UNSUPPORTED: + return TEE_ERROR_NOT_SUPPORTED; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = pri_key_size; + params[1].memref.size = pub_key_size; + + return TEE_SUCCESS; +} + + +static TEE_Result randomnumbergenerate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * random; + + const uint32_t random_length = 16; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + random = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RandomNumberGenerate(&rsip_instance_ctrl, random); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = random_length; + + return TEE_SUCCESS; +} + + +static TEE_Result keyimportwithkuk(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_key_type_t key_type, rsip_byte_size_encrypted_key_t enc_key_size, rsip_byte_size_wrapped_key_t wrap_key_size) +{ + fsp_err_t err; + + uint8_t * initial_vector; + uint8_t * encrypted_key; + rsip_wrapped_key_t * key_update_key; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + initial_vector = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + encrypted_key = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (enc_key_size > params[1].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + key_update_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (RSIP_BYTE_SIZE_WRAPPED_KEY_KEY_UPDATE_KEY != params[2].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[3].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[3].memref.buffer, uint32_t)) || (wrap_key_size > params[3].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_KeyImportWithKUK(&rsip_instance_ctrl, key_update_key, initial_vector, key_type, encrypted_key, wrapped_key); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[3].memref.size = wrap_key_size; + + return TEE_SUCCESS; +} + + +static TEE_Result rsapublickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t wrap_key_size, uint32_t key_size_n, uint32_t key_size_e) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + uint32_t *p_raw_public_key_n; + uint32_t *p_raw_public_key_e; + + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (wrap_key_size > params[0].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (key_size_n > params[1].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size_e > params[2].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RSAPublicKeyExport(wrapped_key, (uint8_t const ** const)&p_raw_public_key_n, + (uint8_t const ** const)&p_raw_public_key_e); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_BAD_STATE; + } + + memcpy(params[1].memref.buffer, p_raw_public_key_n, key_size_n); + memcpy(params[2].memref.buffer, p_raw_public_key_e, key_size_e); + params[1].memref.size = key_size_n; + params[2].memref.size = key_size_e; + + return TEE_SUCCESS; +} + +static TEE_Result eccpublickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t wrap_key_size, uint32_t key_size_qx, uint32_t key_size_qy) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + uint32_t *p_raw_public_key_qx; + uint32_t *p_raw_public_key_qy; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (wrap_key_size > params[0].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (key_size_qx > params[1].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size_qy > params[2].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_ECCPublicKeyExport(wrapped_key,(uint8_t const ** const)&p_raw_public_key_qx, + (uint8_t const ** const)&p_raw_public_key_qy); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_GENERIC; + } + + memcpy(params[1].memref.buffer, p_raw_public_key_qx, key_size_qx); + memcpy(params[2].memref.buffer, p_raw_public_key_qy, key_size_qy); + params[1].memref.size = key_size_qx; + params[2].memref.size = key_size_qy; + + + return TEE_SUCCESS; +} + +static TEE_Result keygenerate_aes128(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keygenerate(types, params, RSIP_KEY_TYPE_AES_128, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result keygenerate_aes256(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keygenerate(types, params, RSIP_KEY_TYPE_AES_256, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result keygenerate_aes128_xts(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keygenerate(types, params, RSIP_KEY_TYPE_AES_128_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128_XTS); +} + +static TEE_Result keygenerate_aes256_xts(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keygenerate(types, params, RSIP_KEY_TYPE_AES_256_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256_XTS); +} + +static TEE_Result keypairgenerate_rsa1024(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_RSA_1024, + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED); +} + +static TEE_Result keypairgenerate_rsa2048(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_RSA_2048, + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED); +} + +static TEE_Result keypairgenerate_rsa3072(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_RSA_3072, + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE); +} + +static TEE_Result keypairgenerate_rsa4096(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_RSA_4096, + RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE); +} + +static TEE_Result keypairgenerate_ecc_secp192r1(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_ECC_secp192r1, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PRIVATE); +} + +static TEE_Result keypairgenerate_ecc_secp224r1(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_ECC_secp224r1, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PRIVATE); +} + +static TEE_Result keypairgenerate_ecc_secp256r1(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_ECC_secp256r1, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PRIVATE); +} + +static TEE_Result keypairgenerate_brainpoolp256r1(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keypairgenerate(types, params, RSIP_KEY_PAIR_TYPE_ECC_BRAINPOOLP256R1, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PRIVATE); +} + + +static TEE_Result keyimportwithkuk_aes128(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_AES_128, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_128, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result keyimportwithkuk_aes256(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_AES_256, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_256, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result keyimportwithkuk_aes128_xts(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_AES_128_XTS, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_128_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128_XTS); +} + +static TEE_Result keyimportwithkuk_aes256_xts(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_AES_256_XTS, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_AES_256_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256_XTS); +} + +static TEE_Result keyimportwithkuk_rsa1024_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_1024_PUBLIC_ENHANCED, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_1024_PUBLIC_ENHANCED, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED); +} + +static TEE_Result keyimportwithkuk_rsa1024_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_1024_PRIVATE_ENHANCED, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_1024_PRIVATE_ENHANCED, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED); +} + +static TEE_Result keyimportwithkuk_rsa2048_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_2048_PUBLIC_ENHANCED, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_2048_PUBLIC_ENHANCED, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED); +} + +static TEE_Result keyimportwithkuk_rsa2048_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_2048_PRIVATE_ENHANCED, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_2048_PRIVATE_ENHANCED, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED); +} + +static TEE_Result keyimportwithkuk_rsa3072_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_3072_PUBLIC, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_3072_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC); +} + +static TEE_Result keyimportwithkuk_rsa3072_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_3072_PRIVATE, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_3072_PRIVATE, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE); +} + +static TEE_Result keyimportwithkuk_rsa4096_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_4096_PUBLIC, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_4096_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC); +} + +static TEE_Result keyimportwithkuk_rsa4096_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_RSA_4096_PRIVATE, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_RSA_4096_PRIVATE, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE); +} + +static TEE_Result keyimportwithkuk_secp192r1_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_secp192r1_PUBLIC, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp192r1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PUBLIC); +} + +static TEE_Result keyimportwithkuk_secp192r1_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_secp192r1_PRIVATE, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp192r1_PRIVATE, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PRIVATE); +} + +static TEE_Result keyimportwithkuk_secp224r1_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_secp224r1_PUBLIC, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp224r1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PUBLIC); +} + +static TEE_Result keyimportwithkuk_secp224r1_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_secp224r1_PRIVATE, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp224r1_PRIVATE, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PRIVATE); +} + +static TEE_Result keyimportwithkuk_secp256r1_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_secp256r1_PUBLIC, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PUBLIC); +} + +static TEE_Result keyimportwithkuk_secp256r1_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_secp256r1_PRIVATE, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_secp256r1_PRIVATE, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PRIVATE); +} + +static TEE_Result keyimportwithkuk_brainpoolp256r1_public(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_BRAINPOOLP256R1_PUBLIC, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_BRAINPOOLP256R1_PUBLIC, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PUBLIC); +} + +static TEE_Result keyimportwithkuk_brainpoolp256r1_private(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_ECC_BRAINPOOLP256R1_PRIVATE, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_BRAINPOOLP256R1_PRIVATE, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PRIVATE); +} + +static TEE_Result keyimportwithkuk_hmac_sha1(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_HMAC_SHA1, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_SHA1, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA1); +} + +static TEE_Result keyimportwithkuk_hmac_sha224(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_HMAC_SHA224, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_SHA224, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA224); +} + +static TEE_Result keyimportwithkuk_hmac_sha256(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return keyimportwithkuk(types, params, RSIP_KEY_TYPE_HMAC_SHA256, + RSIP_BYTE_SIZE_ENCRYPTED_KEY_HMAC_SHA256, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA256); +} + +static TEE_Result rsa1024publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsapublickeyexport(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED, + WRAPPED_KEY_BYTE_SIZE_RSA_1024_PUBLIC_N, WRAPPED_KEY_BYTE_SIZE_RSA_1024_PUBLIC_E); +} + +static TEE_Result rsa2048publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsapublickeyexport(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED, + WRAPPED_KEY_BYTE_SIZE_RSA_2048_PUBLIC_N, WRAPPED_KEY_BYTE_SIZE_RSA_2048_PUBLIC_E); +} + +static TEE_Result rsa3072publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsapublickeyexport(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC, + WRAPPED_KEY_BYTE_SIZE_RSA_3072_PUBLIC_N, WRAPPED_KEY_BYTE_SIZE_RSA_3072_PUBLIC_E); +} + +static TEE_Result rsa4096publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsapublickeyexport(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC, + WRAPPED_KEY_BYTE_SIZE_RSA_4096_PUBLIC_N, WRAPPED_KEY_BYTE_SIZE_RSA_4096_PUBLIC_E); +} + +static TEE_Result eccsecp192r1publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return eccpublickeyexport(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PUBLIC, + WRAPPED_KEY_BYTE_SIZE_ECC_secp192r1_PUBLIC_QX, WRAPPED_KEY_BYTE_SIZE_ECC_secp192r1_PUBLIC_QY); +} + +static TEE_Result eccsecp224r1publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return eccpublickeyexport(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PUBLIC, + WRAPPED_KEY_BYTE_SIZE_ECC_secp224r1_PUBLIC_QX, WRAPPED_KEY_BYTE_SIZE_ECC_secp224r1_PUBLIC_QY); +} + +static TEE_Result eccsecp256r1publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return eccpublickeyexport(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PUBLIC, + WRAPPED_KEY_BYTE_SIZE_ECC_secp256r1_PUBLIC_QX, WRAPPED_KEY_BYTE_SIZE_ECC_secp256r1_PUBLIC_QY); +} + +static TEE_Result eccbrainpoolp256r1publickeyexport(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return eccpublickeyexport(types, params, RSIP_BYTE_SIZE_ENCRYPTED_KEY_ECC_BRAINPOOLP256R1_PUBLIC, + WRAPPED_KEY_BYTE_SIZE_ECC_BRAINPOOLP256R1_PUBLIC_QX, WRAPPED_KEY_BYTE_SIZE_ECC_BRAINPOOLP256R1_PUBLIC_QY); +} + + +static TEE_Result invoke_command(void *session __unused, uint32_t cmd, + uint32_t ptypes, + TEE_Param params[TEE_NUM_PARAMS]) +{ + EMSG(PTA_NAME" command %#"PRIx32" ptypes %#"PRIx32, cmd, ptypes); + + switch (cmd) { + case PTA_CMD_AES128_WrappedKeyGenerate : + return keygenerate_aes128(ptypes, params); + case PTA_CMD_AES256_WrappedKeyGenerate : + return keygenerate_aes256(ptypes, params); + case PTA_CMD_AES128_XTS_WrappedKeyGenerate : + return keygenerate_aes128_xts(ptypes, params); + case PTA_CMD_AES256_XTS_WrappedKeyGenerate : + return keygenerate_aes256_xts(ptypes, params); + + case PTA_CMD_RSA1024_WrappedKeyPairGenerate : + return keypairgenerate_rsa1024(ptypes, params); + case PTA_CMD_RSA2048_WrappedKeyPairGenerate : + return keypairgenerate_rsa2048(ptypes, params); + case PTA_CMD_RSA3072_WrappedKeyPairGenerate : + return keypairgenerate_rsa3072(ptypes, params); + case PTA_CMD_RSA4096_WrappedKeyPairGenerate : + return keypairgenerate_rsa4096(ptypes, params); + case PTA_CMD_ECC_secp192r1_WrappedKeyPairGenerate : + return keypairgenerate_ecc_secp192r1(ptypes, params); + case PTA_CMD_ECC_secp224r1_WrappedKeyPairGenerate : + return keypairgenerate_ecc_secp224r1(ptypes, params); + case PTA_CMD_ECC_secp256r1_WrappedKeyPairGenerate : + return keypairgenerate_ecc_secp256r1(ptypes, params); + case PTA_CMD_ECC_BrainpoolP256r1_WrappedKeyPairGenerate : + return keypairgenerate_brainpoolp256r1(ptypes, params); + + case PTA_CMD_RandomNumberGenerate : + return randomnumbergenerate(ptypes, params); + + case PTA_CMD_AES128_EncryptedKeyWrap : + return keyimportwithkuk_aes128(ptypes, params); + case PTA_CMD_AES256_EncryptedKeyWrap : + return keyimportwithkuk_aes256(ptypes, params); + case PTA_CMD_AES128_XTS_EncryptedKeyWrap : + return keyimportwithkuk_aes128_xts(ptypes, params); + case PTA_CMD_AES256_XTS_EncryptedKeyWrap : + return keyimportwithkuk_aes256_xts(ptypes, params); + + case PTA_CMD_RSA1024_EncryptedPublicKeyWrap : + return keyimportwithkuk_rsa1024_public(ptypes, params); + case PTA_CMD_RSA1024_EncryptedPrivateKeyWrap : + return keyimportwithkuk_rsa1024_private(ptypes, params); + case PTA_CMD_RSA2048_EncryptedPublicKeyWrap : + return keyimportwithkuk_rsa2048_public(ptypes, params); + case PTA_CMD_RSA2048_EncryptedPrivateKeyWrap : + return keyimportwithkuk_rsa2048_private(ptypes, params); + case PTA_CMD_RSA3072_EncryptedPublicKeyWrap : + return keyimportwithkuk_rsa3072_public(ptypes, params); + case PTA_CMD_RSA3072_EncryptedPrivateKeyWrap : + return keyimportwithkuk_rsa3072_private(ptypes, params); + case PTA_CMD_RSA4096_EncryptedPublicKeyWrap : + return keyimportwithkuk_rsa4096_public(ptypes, params); + case PTA_CMD_RSA4096_EncryptedPrivateKeyWrap : + return keyimportwithkuk_rsa4096_private(ptypes, params); + + case PTA_CMD_ECC_secp192r1_EncryptedPublicKeyWrap : + return keyimportwithkuk_secp192r1_public(ptypes, params); + case PTA_CMD_ECC_secp224r1_EncryptedPublicKeyWrap : + return keyimportwithkuk_secp224r1_public(ptypes, params); + case PTA_CMD_ECC_secp256r1_EncryptedPublicKeyWrap : + return keyimportwithkuk_secp256r1_public(ptypes, params); + case PTA_CMD_ECC_BrainpoolP256r1_EncryptedPublicKeyWrap : + return keyimportwithkuk_brainpoolp256r1_public(ptypes, params); + + case PTA_CMD_ECC_secp192r1_EncryptedPrivateKeyWrap : + return keyimportwithkuk_secp192r1_private(ptypes, params); + case PTA_CMD_ECC_secp224r1_EncryptedPrivateKeyWrap : + return keyimportwithkuk_secp224r1_private(ptypes, params); + case PTA_CMD_ECC_secp256r1_EncryptedPrivateKeyWrap : + return keyimportwithkuk_secp256r1_private(ptypes, params); + case PTA_CMD_ECC_BrainpoolP256r1_EncryptedPrivateKeyWrap : + return keyimportwithkuk_brainpoolp256r1_private(ptypes, params); + + case PTA_CMD_HMAC_SHA1_EncryptedKeyWrap: + return keyimportwithkuk_hmac_sha1(ptypes, params); + case PTA_CMD_HMAC_SHA224_EncryptedKeyWrap: + return keyimportwithkuk_hmac_sha224(ptypes, params); + case PTA_CMD_HMAC_SHA256_EncryptedKeyWrap: + return keyimportwithkuk_hmac_sha256(ptypes, params); + + case PTA_CMD_RSA_1024_Public_Key_Export : + return rsa1024publickeyexport(ptypes, params); + case PTA_CMD_RSA_2048_Public_Key_Export : + return rsa2048publickeyexport(ptypes, params); + case PTA_CMD_RSA_3072_Public_Key_Export : + return rsa3072publickeyexport(ptypes, params); + case PTA_CMD_RSA_4096_Public_Key_Export : + return rsa4096publickeyexport(ptypes, params); + + case PTA_CMD_ECC_secp192r1_Public_Key_Export : + return eccsecp192r1publickeyexport(ptypes, params); + case PTA_CMD_ECC_secp224r1_Public_Key_Export : + return eccsecp224r1publickeyexport(ptypes, params); + case PTA_CMD_ECC_secp256r1_Public_Key_Export : + return eccsecp256r1publickeyexport(ptypes, params); + case PTA_CMD_ECC_BrainpoolP256r1_Public_Key_Export : + return eccbrainpoolp256r1publickeyexport(ptypes, params); + + default: + return TEE_ERROR_NOT_SUPPORTED; + } +} + +pseudo_ta_register(.uuid = PTA_RSIP_UUID, .name = PTA_NAME, + .flags = PTA_DEFAULT_FLAGS, + .invoke_command_entry_point = invoke_command); diff --git a/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_aes.c b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_aes.c new file mode 100644 index 000000000..84794fec9 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_aes.c @@ -0,0 +1,1203 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ + +#include + +#include +#include + +#define PTA_NAME "rsip_aes.pta" + +extern rsip_instance_ctrl_t rsip_instance_ctrl; + +static TEE_Result aes_cipher_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_aes_mode_t mode, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + uint8_t * initial_vector; + + initial_vector = (uint8_t *)params[1].memref.buffer; + if (mode != RSIP_AES_MODE_ECB) { + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("initial_vector err"); + return TEE_ERROR_BAD_PARAMETERS; + } + } else { + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (key_size > params[0].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_Cipher_EncryptInit(&rsip_instance_ctrl, mode, wrapped_key, initial_vector); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_cipher_encryptupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * plain; + uint8_t * cipher; + uint32_t plain_length; + uint32_t cipher_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[0].memref.buffer; + plain_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[1].memref.buffer; + cipher_length = (uint32_t)params[1].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (cipher_length < plain_length)) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_Cipher_EncryptUpdate(&rsip_instance_ctrl, plain, cipher, plain_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = plain_length; + + return TEE_SUCCESS; +} + +static TEE_Result aes_cipher_encryptfinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * cipher; + uint32_t cipher_length = 0; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[0].memref.buffer; + cipher_length = (uint32_t)params[0].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (AES_BLOCK_LEN > params[0].memref.size)) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_Cipher_EncryptFinal(&rsip_instance_ctrl, cipher, &cipher_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = cipher_length; + + return TEE_SUCCESS; +} + +static TEE_Result aes_cipher_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_aes_mode_t mode, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + uint8_t * initial_vector; + + initial_vector = (uint8_t *)params[1].memref.buffer; + if (mode != RSIP_AES_MODE_ECB) { + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("initial_vector err"); + return TEE_ERROR_BAD_PARAMETERS; + } + } else { + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (key_size > params[0].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_Cipher_DecryptInit(&rsip_instance_ctrl, mode, wrapped_key, initial_vector); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_cipher_decryptupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * cipher; + uint8_t * plain; + uint32_t cipher_length; + uint32_t plain_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[0].memref.buffer; + cipher_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[1].memref.buffer; + plain_length = (uint32_t)params[1].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (plain_length < cipher_length)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_Cipher_DecryptUpdate(&rsip_instance_ctrl, cipher, plain, cipher_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = cipher_length; + + return TEE_SUCCESS; +} + +static TEE_Result aes_cipher_decryptfinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * plain; + uint32_t plain_length = 0; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[0].memref.buffer; + plain_length = (uint32_t)params[0].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (AES_BLOCK_LEN > params[0].memref.size) ) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_Cipher_DecryptFinal(&rsip_instance_ctrl, plain, &plain_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = plain_length; + + return TEE_SUCCESS; +} + + +static TEE_Result aes_cmac_generateinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (key_size > params[0].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_CMAC_GenerateInit(&rsip_instance_ctrl, wrapped_key); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_cmac_generateupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * message; + uint32_t message_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_CMAC_GenerateUpdate(&rsip_instance_ctrl, message, message_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_cmac_generatefinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * mac; + uint32_t mac_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + mac = (uint8_t *)params[0].memref.buffer; + mac_length = params[0].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (MAC_BYTE_SIZE > mac_length)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_CMAC_GenerateFinal(&rsip_instance_ctrl, mac); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = RSIP_BYTE_SIZE_AES_BLOCK; + + return TEE_SUCCESS; +} + +static TEE_Result aes_cmac_verifyinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (key_size > params[0].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_CMAC_VerifyInit(&rsip_instance_ctrl, wrapped_key); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_cmac_verifyupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * message; + uint32_t message_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_CMAC_VerifyUpdate(&rsip_instance_ctrl, message, message_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_cmac_verifyfinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * mac; + uint32_t mac_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + mac = (uint8_t *)params[0].memref.buffer; + mac_length = params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("mac err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_CMAC_VerifyFinal(&rsip_instance_ctrl, mac, mac_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_AUTHENTICATION: + return TEE_ERROR_MAC_INVALID; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_gcm_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + uint8_t * initial_vector; + uint32_t initial_vector_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (key_size > params[0].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + initial_vector = (uint8_t *)params[1].memref.buffer; + initial_vector_length = params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_GCM_EncryptInit(&rsip_instance_ctrl, wrapped_key, initial_vector, initial_vector_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_gcm_encryptupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * plain; + uint8_t * cipher; + uint8_t * aad; + uint32_t plain_length; + uint32_t cipher_length; + uint32_t aad_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[0].memref.buffer; + plain_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[1].memref.buffer; + cipher_length = (uint32_t)params[1].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (cipher_length < plain_length)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + aad = (uint8_t *)params[2].memref.buffer; + aad_length = (uint32_t)params[2].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_GCM_EncryptUpdate(&rsip_instance_ctrl, plain, cipher, plain_length, aad, aad_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = plain_length; + + return TEE_SUCCESS; +} + +static TEE_Result aes_gcm_encryptfinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * cipher; + uint8_t * p_tag; + uint32_t remaining_length = 0; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (AES_BLOCK_LEN > params[0].memref.size)) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + p_tag = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (AES_BLOCK_LEN > params[1].memref.size)) { + EMSG("tag err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_GCM_EncryptFinal(&rsip_instance_ctrl, cipher, &remaining_length, p_tag); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = remaining_length; + params[1].memref.size = RSIP_BYTE_SIZE_AES_BLOCK; // tag size 16byte + + return TEE_SUCCESS; +} + + +static TEE_Result aes_gcm_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_wrapped_key_t * wrapped_key; + uint8_t * initial_vector; + uint32_t initial_vector_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (key_size > params[0].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + initial_vector = (uint8_t *)params[1].memref.buffer; + initial_vector_length = params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_GCM_DecryptInit(&rsip_instance_ctrl, wrapped_key, initial_vector, initial_vector_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result aes_gcm_decryptupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * cipher; + uint8_t * plain; + uint8_t * aad; + uint32_t cipher_length; + uint32_t plain_length; + uint32_t aad_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[0].memref.buffer; + cipher_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[1].memref.buffer; + plain_length = (uint32_t)params[1].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (plain_length < cipher_length)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + aad = (uint8_t *)params[2].memref.buffer; + aad_length = (uint32_t)params[2].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_GCM_DecryptUpdate(&rsip_instance_ctrl, cipher, plain, cipher_length, aad, aad_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = cipher_length; + + return TEE_SUCCESS; +} + +static TEE_Result aes_gcm_decryptfinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + uint8_t * plain; + uint8_t * p_tag; + uint32_t p_tag_length; + uint32_t remaining_length = 0; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[0].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) || (AES_BLOCK_LEN > params[0].memref.size)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + p_tag = (uint8_t *)params[1].memref.buffer; + p_tag_length = params[1].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (AES_BLOCK_LEN > params[1].memref.size)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_AES_GCM_DecryptFinal(&rsip_instance_ctrl, plain, &remaining_length, p_tag, p_tag_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_AUTHENTICATION: + return TEE_ERROR_MAC_INVALID; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[0].memref.size = remaining_length; + + return TEE_SUCCESS; +} + +static TEE_Result aes128ecb_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_ECB, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256ecb_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_ECB, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128cbc_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_CBC, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256cbc_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_CBC, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128ctr_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_CTR, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256ctr_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_CTR, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128xts_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128_XTS); +} + +static TEE_Result aes256xts_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_encryptinit(types, params, RSIP_AES_MODE_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256_XTS); +} + +static TEE_Result aes128ecb_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_ECB, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256ecb_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_ECB, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128cbc_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_CBC, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256cbc_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_CBC, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128ctr_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_CTR, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256ctr_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_CTR, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128xts_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128_XTS); +} + +static TEE_Result aes256xts_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cipher_decryptinit(types, params, RSIP_AES_MODE_XTS, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256_XTS); +} + +static TEE_Result aes128cmac_generateinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cmac_generateinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256cmac_generateinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cmac_generateinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128cmac_verifyinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cmac_verifyinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256cmac_verifyinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_cmac_verifyinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128gcm_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_gcm_encryptinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256gcm_encryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_gcm_encryptinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + +static TEE_Result aes128gcm_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_gcm_decryptinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128); +} + +static TEE_Result aes256gcm_decryptinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return aes_gcm_decryptinit(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256); +} + + +static TEE_Result invoke_command( + void *session __unused, + uint32_t cmd, + uint32_t ptypes, + TEE_Param params[TEE_NUM_PARAMS] + ) +{ + EMSG(PTA_NAME" command %#"PRIx32" ptypes %#"PRIx32, cmd, ptypes); + + switch (cmd) { + case PTA_CMD_AES128ECB_EncryptInit : + return aes128ecb_encryptinit(ptypes, params); + case PTA_CMD_AES256ECB_EncryptInit : + return aes256ecb_encryptinit(ptypes, params); + + case PTA_CMD_AES128CBC_EncryptInit : + return aes128cbc_encryptinit(ptypes, params); + case PTA_CMD_AES256CBC_EncryptInit : + return aes256cbc_encryptinit(ptypes, params); + + case PTA_CMD_AES128CTR_EncryptInit : + return aes128ctr_encryptinit(ptypes, params); + case PTA_CMD_AES256CTR_EncryptInit : + return aes256ctr_encryptinit(ptypes, params); + + case PTA_CMD_AES128XTS_EncryptInit : + return aes128xts_encryptinit(ptypes, params); + case PTA_CMD_AES256XTS_EncryptInit : + return aes256xts_encryptinit(ptypes, params); + + case PTA_CMD_AES128ECB_EncryptUpdate : + case PTA_CMD_AES256ECB_EncryptUpdate : + case PTA_CMD_AES128CBC_EncryptUpdate : + case PTA_CMD_AES256CBC_EncryptUpdate : + case PTA_CMD_AES128CTR_EncryptUpdate : + case PTA_CMD_AES256CTR_EncryptUpdate : + case PTA_CMD_AES128XTS_EncryptUpdate : + case PTA_CMD_AES256XTS_EncryptUpdate : + return aes_cipher_encryptupdate(ptypes, params); + + case PTA_CMD_AES128ECB_EncryptFinal : + case PTA_CMD_AES256ECB_EncryptFinal : + case PTA_CMD_AES128CBC_EncryptFinal : + case PTA_CMD_AES256CBC_EncryptFinal : + case PTA_CMD_AES128CTR_EncryptFinal : + case PTA_CMD_AES256CTR_EncryptFinal : + case PTA_CMD_AES128XTS_EncryptFinal : + case PTA_CMD_AES256XTS_EncryptFinal : + return aes_cipher_encryptfinal(ptypes, params); + + case PTA_CMD_AES128ECB_DecryptInit : + return aes128ecb_decryptinit(ptypes, params); + case PTA_CMD_AES256ECB_DecryptInit : + return aes256ecb_decryptinit(ptypes, params); + + case PTA_CMD_AES128CBC_DecryptInit : + return aes128cbc_decryptinit(ptypes, params); + case PTA_CMD_AES256CBC_DecryptInit : + return aes256cbc_decryptinit(ptypes, params); + + case PTA_CMD_AES128CTR_DecryptInit : + return aes128ctr_decryptinit(ptypes, params); + case PTA_CMD_AES256CTR_DecryptInit : + return aes256ctr_decryptinit(ptypes, params); + + case PTA_CMD_AES128XTS_DecryptInit : + return aes128xts_decryptinit(ptypes, params); + case PTA_CMD_AES256XTS_DecryptInit : + return aes256xts_decryptinit(ptypes, params); + + case PTA_CMD_AES128ECB_DecryptUpdate : + case PTA_CMD_AES256ECB_DecryptUpdate : + case PTA_CMD_AES128CBC_DecryptUpdate : + case PTA_CMD_AES256CBC_DecryptUpdate : + case PTA_CMD_AES128CTR_DecryptUpdate : + case PTA_CMD_AES256CTR_DecryptUpdate : + case PTA_CMD_AES128XTS_DecryptUpdate : + case PTA_CMD_AES256XTS_DecryptUpdate : + return aes_cipher_decryptupdate(ptypes, params); + case PTA_CMD_AES128ECB_DecryptFinal : + case PTA_CMD_AES256ECB_DecryptFinal : + case PTA_CMD_AES128CBC_DecryptFinal : + case PTA_CMD_AES256CBC_DecryptFinal : + case PTA_CMD_AES128CTR_DecryptFinal : + case PTA_CMD_AES256CTR_DecryptFinal : + case PTA_CMD_AES128XTS_DecryptFinal : + case PTA_CMD_AES256XTS_DecryptFinal : + return aes_cipher_decryptfinal(ptypes, params); + + case PTA_CMD_AES128CMAC_GenerateInit : + return aes128cmac_generateinit(ptypes, params); + case PTA_CMD_AES256CMAC_GenerateInit : + return aes256cmac_generateinit(ptypes, params); + case PTA_CMD_AES128CMAC_GenerateUpdate : + case PTA_CMD_AES256CMAC_GenerateUpdate : + return aes_cmac_generateupdate(ptypes, params); + case PTA_CMD_AES128CMAC_GenerateFinal : + case PTA_CMD_AES256CMAC_GenerateFinal : + return aes_cmac_generatefinal(ptypes, params); + case PTA_CMD_AES128CMAC_VerifyInit : + return aes128cmac_verifyinit(ptypes, params); + case PTA_CMD_AES256CMAC_VerifyInit : + return aes256cmac_verifyinit(ptypes, params); + case PTA_CMD_AES128CMAC_VerifyUpdate : + case PTA_CMD_AES256CMAC_VerifyUpdate : + return aes_cmac_verifyupdate(ptypes, params); + case PTA_CMD_AES128CMAC_VerifyFinal : + case PTA_CMD_AES256CMAC_VerifyFinal : + return aes_cmac_verifyfinal(ptypes, params); + + case PTA_CMD_AES128GCM_EncryptInit : + return aes128gcm_encryptinit(ptypes, params); + case PTA_CMD_AES256GCM_EncryptInit : + return aes256gcm_encryptinit(ptypes, params); + + case PTA_CMD_AES128GCM_EncryptUpdate: + case PTA_CMD_AES256GCM_EncryptUpdate: + return aes_gcm_encryptupdate(ptypes, params); + + case PTA_CMD_AES128GCM_EncryptFinal : + case PTA_CMD_AES256GCM_EncryptFinal : + return aes_gcm_encryptfinal(ptypes, params); + + case PTA_CMD_AES128GCM_DecryptInit : + return aes128gcm_decryptinit(ptypes, params); + case PTA_CMD_AES256GCM_DecryptInit : + return aes256gcm_decryptinit(ptypes, params); + + case PTA_CMD_AES128GCM_DecryptUpdate: + case PTA_CMD_AES256GCM_DecryptUpdate: + return aes_gcm_decryptupdate(ptypes, params); + + case PTA_CMD_AES128GCM_DecryptFinal : + case PTA_CMD_AES256GCM_DecryptFinal : + return aes_gcm_decryptfinal(ptypes, params); + + default: + return TEE_ERROR_NOT_SUPPORTED; + } +} + +pseudo_ta_register( + .uuid = PTA_RSIP_AES_UUID, + .name = PTA_NAME, + .flags = PTA_DEFAULT_FLAGS | TA_FLAG_DEVICE_ENUM, + .invoke_command_entry_point = invoke_command +); diff --git a/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_ecc.c b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_ecc.c new file mode 100644 index 000000000..82db38272 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_ecc.c @@ -0,0 +1,710 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ + +#include +#include + +#include +#include +#include + +#define PTA_NAME "rsip_ecc.pta" + +extern rsip_instance_ctrl_t rsip_instance_ctrl; + + +static TEE_Result generate_hash(uint8_t const *const message, uint32_t const message_length, + rsip_hash_type_t hash_type, uint8_t *digest) +{ + fsp_err_t err; + + err = R_RSIP_SHA_Compute(&rsip_instance_ctrl, hash_type, message, message_length, digest); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_secp192r1_sign(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *message; + uint32_t message_length; + uint8_t *signature; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + uint8_t sha1_digest[SHA1_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + memset(sha1_digest, 0, SHA1_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[1].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t) || (SIGNATURE_SIZE > params[1].memref.size)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA1, sha1_digest); + if (TEE_SUCCESS != result) { + return result; + } + + memcpy(&digest[8], sha1_digest, SHA1_HASH_SIZE); + + err = R_RSIP_ECDSA_Sign(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = SIGNATURE_SIZE; + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_secp224r1_sign(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *message; + uint32_t message_length; + uint8_t *signature; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + uint8_t sha224_digest[SHA224_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + memset(sha224_digest, 0, SHA224_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[1].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t) || (SIGNATURE_SIZE > params[1].memref.size)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA224, sha224_digest); + if (TEE_SUCCESS != result) { + return result; + } + + memcpy(&digest[4], sha224_digest, SHA224_HASH_SIZE); + + err = R_RSIP_ECDSA_Sign(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = SIGNATURE_SIZE; + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_secp256r1_sign(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *message; + uint32_t message_length; + uint8_t *signature; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[1].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t) || (SIGNATURE_SIZE > params[1].memref.size)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA256, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_ECDSA_Sign(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = SIGNATURE_SIZE; + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_brainpoolp256r1_sign(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *message; + uint32_t message_length; + uint8_t *signature; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[1].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t) || (SIGNATURE_SIZE > params[1].memref.size)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA256, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_ECDSA_Sign(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = SIGNATURE_SIZE; + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_secp192r1_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *signature; + uint8_t *message; + uint32_t message_length; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + uint8_t sha1_digest[SHA1_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + memset(sha1_digest, 0, SHA1_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA1, sha1_digest); + if (TEE_SUCCESS != result) { + return result; + } + + memcpy(&digest[8], sha1_digest, SHA1_HASH_SIZE); + + err = R_RSIP_ECDSA_Verify(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_secp224r1_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *signature; + uint8_t *message; + uint32_t message_length; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + uint8_t sha224_digest[SHA224_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + memset(sha224_digest, 0, SHA224_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA224, sha224_digest); + if (TEE_SUCCESS != result) { + return result; + } + + memcpy(&digest[4], sha224_digest, SHA224_HASH_SIZE); + + err = R_RSIP_ECDSA_Verify(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_secp256r1_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *signature; + uint8_t *message; + uint32_t message_length; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA256, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_ECDSA_Verify(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result ecdsa_brainpoolp256r1_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *signature; + uint8_t *message; + uint32_t message_length; + rsip_wrapped_key_t * wrapped_key; + + uint8_t digest[SHA256_HASH_SIZE]; + memset(digest, 0, SHA256_HASH_SIZE); + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, RSIP_HASH_TYPE_SHA256, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_ECDSA_Verify(&rsip_instance_ctrl, wrapped_key, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result invoke_command(void *session __unused, uint32_t cmd, + uint32_t ptypes, + TEE_Param params[TEE_NUM_PARAMS]) +{ + EMSG(PTA_NAME" command %#"PRIx32" ptypes %#"PRIx32, cmd, ptypes); + + switch (cmd) + { + case PTA_CMD_ECDSA_secp192r1_SignatureGenerate : + return ecdsa_secp192r1_sign(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PRIVATE); + case PTA_CMD_ECDSA_secp224r1_SignatureGenerate : + return ecdsa_secp224r1_sign(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PRIVATE); + case PTA_CMD_ECDSA_secp256r1_SignatureGenerate : + return ecdsa_secp256r1_sign(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PRIVATE); + case PTA_CMD_ECDSA_BrainpoolP256r1_SignatureGenerate : + return ecdsa_brainpoolp256r1_sign(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PRIVATE); + + case PTA_CMD_ECDSA_secp192r1_SignatureVerify : + return ecdsa_secp192r1_verify(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp192r1_PUBLIC); + case PTA_CMD_ECDSA_secp224r1_SignatureVerify : + return ecdsa_secp224r1_verify(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp224r1_PUBLIC); + case PTA_CMD_ECDSA_secp256r1_SignatureVerify : + return ecdsa_secp256r1_verify(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_secp256r1_PUBLIC); + case PTA_CMD_ECDSA_BrainpoolP256r1_SignatureVerify : + return ecdsa_brainpoolp256r1_verify(ptypes, params, + RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_BRAINPOOLP256R1_PUBLIC); + + default: + return TEE_ERROR_NOT_SUPPORTED; + } +} + +pseudo_ta_register(.uuid = PTA_RSIP_ECC_UUID, .name = PTA_NAME, + .flags = PTA_DEFAULT_FLAGS, + .invoke_command_entry_point = invoke_command); diff --git a/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_hmac.c b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_hmac.c new file mode 100644 index 000000000..6625494cf --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_hmac.c @@ -0,0 +1,380 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ + +#include + +#include +#include + +#define PTA_NAME "rsip_hmac.pta" + +extern rsip_instance_ctrl_t rsip_instance_ctrl; + + +static TEE_Result hmac_generateinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_hmac_handle_t * handle; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_hmac_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, rsip_hmac_handle_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[1].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t) || (key_size > params[1].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_HMAC_GenerateInit(&rsip_instance_ctrl, handle, wrapped_key); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_GENERIC; + } + + params[0].memref.size = sizeof(rsip_hmac_handle_t); + + return TEE_SUCCESS; +} + +static TEE_Result hmac_generateupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + rsip_hmac_handle_t * handle; + uint8_t * message; + uint32_t message_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_hmac_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, rsip_hmac_handle_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_HMAC_GenerateUpdate(&rsip_instance_ctrl, handle, message, message_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result hmac_generatefinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], uint32_t mac_size) +{ + fsp_err_t err; + + rsip_hmac_handle_t * handle; + uint8_t * mac; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_hmac_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, rsip_hmac_handle_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + mac = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (mac_size > params[1].memref.size)) { + EMSG("mac err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_HMAC_GenerateFinal(&rsip_instance_ctrl, handle, mac); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = mac_size; + + return TEE_SUCCESS; +} + +static TEE_Result hmac_verifyinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + rsip_hmac_handle_t * handle; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_hmac_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[1].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t) || (key_size > params[1].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_HMAC_VerifyInit(&rsip_instance_ctrl, handle, wrapped_key); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + default: + return TEE_ERROR_GENERIC; + } + + params[0].memref.size = sizeof(rsip_hmac_handle_t); + + return TEE_SUCCESS; +} + +static TEE_Result hmac_verifyupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + rsip_hmac_handle_t * handle; + uint8_t * message; + uint32_t message_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_hmac_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_HMAC_VerifyUpdate(&rsip_instance_ctrl, handle, message, message_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result hmac_verifyfinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + + rsip_hmac_handle_t * handle; + uint8_t * mac; + uint32_t mac_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_hmac_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + mac = (uint8_t *)params[1].memref.buffer; + mac_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("mac err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_HMAC_VerifyFinal(&rsip_instance_ctrl, handle, mac, mac_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + + +static TEE_Result invoke_command(void *session __unused, uint32_t cmd, + uint32_t ptypes, + TEE_Param params[TEE_NUM_PARAMS]) +{ + EMSG(PTA_NAME" command %#"PRIx32" ptypes %#"PRIx32, cmd, ptypes); + + switch (cmd) { + case PTA_CMD_HMAC_SHA1_GenerateInit : + return hmac_generateinit(ptypes, params, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA1); + case PTA_CMD_HMAC_SHA224_GenerateInit : + return hmac_generateinit(ptypes, params, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA224); + case PTA_CMD_HMAC_SHA256_GenerateInit : + return hmac_generateinit(ptypes, params, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA256); + + case PTA_CMD_HMAC_SHA1_GenerateUpdate : + case PTA_CMD_HMAC_SHA224_GenerateUpdate : + case PTA_CMD_HMAC_SHA256_GenerateUpdate : + return hmac_generateupdate(ptypes, params); + + case PTA_CMD_HMAC_SHA1_GenerateFinal : + return hmac_generatefinal(ptypes, params, SHA1_MAC_SIZE); + case PTA_CMD_HMAC_SHA224_GenerateFinal : + return hmac_generatefinal(ptypes, params, SHA224_MAC_SIZE); + case PTA_CMD_HMAC_SHA256_GenerateFinal : + return hmac_generatefinal(ptypes, params, SHA256_MAC_SIZE); + + case PTA_CMD_HMAC_SHA1_VerifyInit : + return hmac_verifyinit(ptypes, params, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA1); + case PTA_CMD_HMAC_SHA224_VerifyInit : + return hmac_verifyinit(ptypes, params, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA224); + case PTA_CMD_HMAC_SHA256_VerifyInit : + return hmac_verifyinit(ptypes, params, RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA256); + + case PTA_CMD_HMAC_SHA1_VerifyUpdate : + case PTA_CMD_HMAC_SHA224_VerifyUpdate : + case PTA_CMD_HMAC_SHA256_VerifyUpdate : + return hmac_verifyupdate(ptypes, params); + + case PTA_CMD_HMAC_SHA1_VerifyFinal : + case PTA_CMD_HMAC_SHA224_VerifyFinal : + case PTA_CMD_HMAC_SHA256_VerifyFinal : + return hmac_verifyfinal(ptypes, params); + default: + return TEE_ERROR_NOT_SUPPORTED; + } +} + +pseudo_ta_register(.uuid = PTA_RSIP_HMAC_UUID, .name = PTA_NAME, + .flags = PTA_DEFAULT_FLAGS, + .invoke_command_entry_point = invoke_command); diff --git a/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_rsa.c b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_rsa.c new file mode 100644 index 000000000..0379e8cb3 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_rsa.c @@ -0,0 +1,1114 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ + +#include + +#include +#include + +#define PTA_NAME "rsip_rsa.pta" + +extern rsip_instance_ctrl_t rsip_instance_ctrl; + +static const rsip_hash_type_t hash_type = RSIP_HASH_TYPE_SHA256; +static const rsip_mgf_type_t mgf_type = RSIP_MGF_TYPE_MGF1_SHA256; +static const int32_t salt_length = RSIP_RSA_SALT_LENGTH_HASH; + +static TEE_Result generate_hash(uint8_t const *const message, uint32_t const message_length, + rsip_hash_type_t *hash_type, uint8_t *digest) +{ + fsp_err_t err; + *hash_type = RSIP_HASH_TYPE_SHA256; + + err = R_RSIP_SHA_Compute(&rsip_instance_ctrl, *hash_type, message, message_length, digest); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result rsassa_pkcs1_v1_5_sign(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + uint32_t sig_size, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *message; + uint32_t message_length; + uint8_t *signature; + uint8_t digest[32]; + rsip_hash_type_t hash_type; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (sig_size > params[1].memref.size)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, &hash_type, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_RSASSA_PKCS1_V1_5_Sign(&rsip_instance_ctrl, wrapped_key, hash_type, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = sig_size; + + return TEE_SUCCESS; +} + + +static TEE_Result rsassa_pkcs1_v1_5_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *message; + uint32_t message_length; + uint8_t *signature; + uint8_t digest[32]; + rsip_hash_type_t hash_type; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, &hash_type, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_RSASSA_PKCS1_V1_5_Verify(&rsip_instance_ctrl, wrapped_key, hash_type, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result rsassa_pss_sign(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + uint32_t sig_size, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *message; + uint32_t message_length; + uint8_t *signature; + uint8_t digest[32]; + rsip_hash_type_t hash_type; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[0].memref.buffer; + message_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (sig_size > params[1].memref.size)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, &hash_type, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_RSASSA_PSS_Sign(&rsip_instance_ctrl, wrapped_key, hash_type, mgf_type, + salt_length, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = sig_size; + + return TEE_SUCCESS; +} + + +static TEE_Result rsassa_pss_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + TEE_Result result; + + uint8_t *signature; + uint8_t *message; + uint32_t message_length; + uint8_t digest[32]; + rsip_hash_type_t hash_type; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + signature = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("signature err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + result = generate_hash(message, message_length, &hash_type, digest); + if (TEE_SUCCESS != result) { + return result; + } + + err = R_RSIP_RSASSA_PSS_Verify(&rsip_instance_ctrl, wrapped_key, hash_type, mgf_type, + salt_length, digest, signature); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + + +static TEE_Result rsa_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + uint32_t cipher_size, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + uint8_t * plain; + uint8_t * cipher; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (cipher_size > params[1].memref.size) ) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RSA_Encrypt(&rsip_instance_ctrl, wrapped_key, plain, cipher); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = cipher_size; + + return TEE_SUCCESS; +} + + +static TEE_Result rsa_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + uint32_t plain_size, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + uint8_t * cipher; + uint8_t * plain; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (plain_size > params[1].memref.size)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RSA_Decrypt(&rsip_instance_ctrl, wrapped_key, cipher, plain); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = plain_size; + + return TEE_SUCCESS; +} + + +static TEE_Result rsaes_pkcs1_v1_5_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + uint32_t cipher_size, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + uint8_t *plain; + uint32_t plain_length; + uint8_t *cipher; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[0].memref.buffer; + plain_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (cipher_size > params[1].memref.size) ) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RSAES_PKCS1_V1_5_Encrypt(&rsip_instance_ctrl, wrapped_key, plain, plain_length, cipher); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = cipher_size; + + return TEE_SUCCESS; +} + + +static TEE_Result rsaes_pkcs1_v1_5_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + uint8_t *plain; + uint32_t plain_length; + uint32_t plain_buffer_length = 512; + uint8_t *cipher; + uint32_t cipher_length; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[0].memref.buffer; + cipher_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[1].memref.buffer; + plain_length = (uint32_t)params[1].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (plain_length < cipher_length)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RSAES_PKCS1_V1_5_Decrypt(&rsip_instance_ctrl, wrapped_key, cipher, plain, + &plain_length, plain_buffer_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = plain_length; + + return TEE_SUCCESS; +} + + +static TEE_Result rsaes_oaep_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], + uint32_t cipher_size, rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + uint8_t *plain; + uint32_t plain_length; + uint8_t *cipher; + uint8_t *label; + uint32_t label_length; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[0].memref.buffer; + plain_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[1].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (cipher_size > params[1].memref.size) ) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + label = (uint8_t *)params[3].memref.buffer; + label_length = (uint32_t)params[3].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[3].memref.buffer, uint32_t)) { + EMSG("label err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RSAES_OAEP_Encrypt(&rsip_instance_ctrl, wrapped_key, hash_type, mgf_type, + label, label_length, plain, plain_length, cipher); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = cipher_size; + + return TEE_SUCCESS; +} + + +static TEE_Result rsaes_oaep_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], rsip_byte_size_wrapped_key_t key_size) +{ + fsp_err_t err; + + uint8_t *plain; + uint32_t plain_length; + uint32_t plain_buffer_length = 512; + uint8_t *cipher; + uint32_t cipher_length; + uint8_t *label; + uint32_t label_length; + rsip_wrapped_key_t * wrapped_key; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_MEMREF_INPUT)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + cipher = (uint8_t *)params[0].memref.buffer; + cipher_length = (uint32_t)params[0].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, uint32_t)) { + EMSG("cipher err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + plain = (uint8_t *)params[1].memref.buffer; + plain_length = (uint32_t)params[1].memref.size; + if ((!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) || (plain_length < cipher_length)) { + EMSG("plain err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + wrapped_key = (rsip_wrapped_key_t *)params[2].memref.buffer; + if ((!IS_ALIGNED_WITH_TYPE(params[2].memref.buffer, uint32_t)) || (key_size > params[2].memref.size)) { + EMSG("key err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + label = (uint8_t *)params[3].memref.buffer; + label_length = (uint32_t)params[3].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[3].memref.buffer, uint32_t)) { + EMSG("label err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_RSAES_OAEP_Decrypt(&rsip_instance_ctrl, wrapped_key, hash_type, mgf_type, + label, label_length, cipher, plain, &plain_length, plain_buffer_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_NOT_ENABLED: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_INVALID_ARGUMENT: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_FAIL: + return TEE_ERROR_GENERIC; + case FSP_ERR_INVALID_SIZE: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = plain_length; + + return TEE_SUCCESS; +} + +static TEE_Result rsassa_pkcs1024_signaturegenerate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_1024, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED); +} + +static TEE_Result rsassa_pkcs2048_signaturegenerate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_2048, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED); +} + +static TEE_Result rsassa_pkcs3072_signaturegenerate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_3072, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE); +} + +static TEE_Result rsassa_pkcs4096_signaturegenerate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_4096, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE); +} + +static TEE_Result rsassa_pkcs1024_signatureverify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED); +} + +static TEE_Result rsassa_pkcs2048_signatureverify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED); +} + +static TEE_Result rsassa_pkcs3072_signatureverify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC); +} + +static TEE_Result rsassa_pkcs4096_signatureverify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pkcs1_v1_5_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC); +} + +static TEE_Result rsassa_pss1024_signature(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_1024, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED); +} + +static TEE_Result rsassa_pss2048_signature(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_2048, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED); +} + +static TEE_Result rsassa_pss3072_signature(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_3072, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE); +} + +static TEE_Result rsassa_pss4096_signature(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_sign(types, params, SIGNATURE_BYTE_SIZE_RSA_4096, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE); +} + +static TEE_Result rsassa_pss1024_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED); +} + +static TEE_Result rsassa_pss2048_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED); +} + +static TEE_Result rsassa_pss3072_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC); +} + +static TEE_Result rsassa_pss4096_verify(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsassa_pss_verify(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC); +} + + +static TEE_Result rsa_1024_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_1024, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED); +} + +static TEE_Result rsa_2048_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_2048, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED); +} + +static TEE_Result rsa_3072_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_3072, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC); +} + +static TEE_Result rsa_4096_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_4096, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC); +} + + +static TEE_Result rsa_1024_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_decrypt(types, params, CIPHER_BYTE_SIZE_RSA_1024, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED); +} + +static TEE_Result rsa_2048_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_decrypt(types, params, CIPHER_BYTE_SIZE_RSA_2048, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED); +} + +static TEE_Result rsa_3072_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_decrypt(types, params, CIPHER_BYTE_SIZE_RSA_3072, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE); +} + +static TEE_Result rsa_4096_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsa_decrypt(types, params, CIPHER_BYTE_SIZE_RSA_4096, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE); +} + +static TEE_Result rsaes_pkcs1024_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_pkcs1_v1_5_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_1024, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED); +} + +static TEE_Result rsaes_pkcs2048_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_pkcs1_v1_5_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_2048, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED); +} + +static TEE_Result rsaes_pkcs3072_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_pkcs1_v1_5_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_3072, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC); +} + +static TEE_Result rsaes_pkcs4096_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_pkcs1_v1_5_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_4096, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC); +} + + +static TEE_Result rsaes_pkcs1024_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS] +) +{ + return rsaes_pkcs1_v1_5_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED); +} + +static TEE_Result rsaes_pkcs2048_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS] +) +{ + return rsaes_pkcs1_v1_5_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED); +} + +static TEE_Result rsaes_pkcs3072_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS] +) +{ + return rsaes_pkcs1_v1_5_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE); +} + +static TEE_Result rsaes_pkcs4096_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS] +) +{ + return rsaes_pkcs1_v1_5_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE); +} + + +static TEE_Result rsaes_oaep1024_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_1024, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC_ENHANCED); +} + +static TEE_Result rsaes_oaep2048_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_2048, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC_ENHANCED); +} + +static TEE_Result rsaes_oaep3072_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_3072, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PUBLIC); +} + +static TEE_Result rsaes_oaep4096_encrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_encrypt(types, params, CIPHER_BYTE_SIZE_RSA_4096, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PUBLIC); +} + +static TEE_Result rsaes_oaep1024_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE_ENHANCED); +} + +static TEE_Result rsaes_oaep2048_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE_ENHANCED); +} + +static TEE_Result rsaes_oaep3072_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_3072_PRIVATE); +} + +static TEE_Result rsaes_oaep4096_decrypt(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + return rsaes_oaep_decrypt(types, params, RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_4096_PRIVATE); +} + + +static TEE_Result invoke_command(void *session __unused, uint32_t cmd, + uint32_t ptypes, + TEE_Param params[TEE_NUM_PARAMS]) +{ + EMSG(PTA_NAME" command %#"PRIx32" ptypes %#"PRIx32, cmd, ptypes); + + switch (cmd) { + case PTA_CMD_RSASSA_PKCS1024_SignatureGenerate : + return rsassa_pkcs1024_signaturegenerate(ptypes, params); + case PTA_CMD_RSASSA_PKCS2048_SignatureGenerate : + return rsassa_pkcs2048_signaturegenerate(ptypes, params); + case PTA_CMD_RSASSA_PKCS3072_SignatureGenerate : + return rsassa_pkcs3072_signaturegenerate(ptypes, params); + case PTA_CMD_RSASSA_PKCS4096_SignatureGenerate : + return rsassa_pkcs4096_signaturegenerate(ptypes, params); + + case PTA_CMD_RSASSA_PKCS1024_SignatureVerify : + return rsassa_pkcs1024_signatureverify(ptypes, params); + case PTA_CMD_RSASSA_PKCS2048_SignatureVerify : + return rsassa_pkcs2048_signatureverify(ptypes, params); + case PTA_CMD_RSASSA_PKCS3072_SignatureVerify : + return rsassa_pkcs3072_signatureverify(ptypes, params); + case PTA_CMD_RSASSA_PKCS4096_SignatureVerify : + return rsassa_pkcs4096_signatureverify(ptypes, params); + + case PTA_CMD_RSASSA_PSS1024_SignatureGenerate: + return rsassa_pss1024_signature(ptypes, params); + case PTA_CMD_RSASSA_PSS2048_SignatureGenerate: + return rsassa_pss2048_signature(ptypes, params); + case PTA_CMD_RSASSA_PSS3072_SignatureGenerate: + return rsassa_pss3072_signature(ptypes, params); + case PTA_CMD_RSASSA_PSS4096_SignatureGenerate: + return rsassa_pss4096_signature(ptypes, params); + + case PTA_CMD_RSASSA_PSS1024_SignatureVerify : + return rsassa_pss1024_verify(ptypes, params); + case PTA_CMD_RSASSA_PSS2048_SignatureVerify : + return rsassa_pss2048_verify(ptypes, params); + case PTA_CMD_RSASSA_PSS3072_SignatureVerify : + return rsassa_pss3072_verify(ptypes, params); + case PTA_CMD_RSASSA_PSS4096_SignatureVerify : + return rsassa_pss4096_verify(ptypes, params); + + + case PTA_CMD_RSA_1024_Encrypt : + return rsa_1024_encrypt(ptypes, params); + case PTA_CMD_RSA_2048_Encrypt : + return rsa_2048_encrypt(ptypes, params); + case PTA_CMD_RSA_3072_Encrypt : + return rsa_3072_encrypt(ptypes, params); + case PTA_CMD_RSA_4096_Encrypt : + return rsa_4096_encrypt(ptypes, params); + + case PTA_CMD_RSA_1024_Decrypt : + return rsa_1024_decrypt(ptypes, params); + case PTA_CMD_RSA_2048_Decrypt : + return rsa_2048_decrypt(ptypes, params); + case PTA_CMD_RSA_3072_Decrypt : + return rsa_3072_decrypt(ptypes, params); + case PTA_CMD_RSA_4096_Decrypt : + return rsa_4096_decrypt(ptypes, params); + + case PTA_CMD_RSAES_PKCS1024_Encrypt : + return rsaes_pkcs1024_encrypt(ptypes, params); + case PTA_CMD_RSAES_PKCS2048_Encrypt : + return rsaes_pkcs2048_encrypt(ptypes, params); + case PTA_CMD_RSAES_PKCS3072_Encrypt : + return rsaes_pkcs3072_encrypt(ptypes, params); + case PTA_CMD_RSAES_PKCS4096_Encrypt : + return rsaes_pkcs4096_encrypt(ptypes, params); + + case PTA_CMD_RSAES_PKCS1024_Decrypt : + return rsaes_pkcs1024_decrypt(ptypes, params); + case PTA_CMD_RSAES_PKCS2048_Decrypt : + return rsaes_pkcs2048_decrypt(ptypes, params); + case PTA_CMD_RSAES_PKCS3072_Decrypt : + return rsaes_pkcs3072_decrypt(ptypes, params); + case PTA_CMD_RSAES_PKCS4096_Decrypt : + return rsaes_pkcs4096_decrypt(ptypes, params); + + case PTA_CMD_RSAES_OAEP1024_Encrypt : + return rsaes_oaep1024_encrypt(ptypes, params); + case PTA_CMD_RSAES_OAEP2048_Encrypt : + return rsaes_oaep2048_encrypt(ptypes, params); + case PTA_CMD_RSAES_OAEP3072_Encrypt : + return rsaes_oaep3072_encrypt(ptypes, params); + case PTA_CMD_RSAES_OAEP4096_Encrypt : + return rsaes_oaep4096_encrypt(ptypes, params); + + case PTA_CMD_RSAES_OAEP1024_Decrypt : + return rsaes_oaep1024_decrypt(ptypes, params); + case PTA_CMD_RSAES_OAEP2048_Decrypt : + return rsaes_oaep2048_decrypt(ptypes, params); + case PTA_CMD_RSAES_OAEP3072_Decrypt : + return rsaes_oaep3072_decrypt(ptypes, params); + case PTA_CMD_RSAES_OAEP4096_Decrypt : + return rsaes_oaep4096_decrypt(ptypes, params); + + default: + return TEE_ERROR_NOT_SUPPORTED; + } +} + +pseudo_ta_register(.uuid = PTA_RSIP_RSA_UUID, .name = PTA_NAME, + .flags = PTA_DEFAULT_FLAGS, + .invoke_command_entry_point = invoke_command); diff --git a/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_sha.c b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_sha.c new file mode 100644 index 000000000..4b98e8042 --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/pta_rsip_sha.c @@ -0,0 +1,208 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2024, Renesas Electronics + */ + +#include + +#include +#include + +#define PTA_NAME "rsip_sha.pta" + +extern rsip_instance_ctrl_t rsip_instance_ctrl; + + +static TEE_Result sha_generateinit(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], rsip_hash_type_t const hash_type) +{ + fsp_err_t err; + rsip_sha_handle_t * handle; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_sha_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, rsip_sha_handle_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_SHA_GenerateInit(&rsip_instance_ctrl, handle, hash_type); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + default: + return TEE_ERROR_GENERIC; + } + + params[0].memref.size = sizeof(rsip_sha_handle_t); + + return TEE_SUCCESS; +} + +static TEE_Result sha_generateupdate(uint32_t types, TEE_Param params[TEE_NUM_PARAMS]) +{ + fsp_err_t err; + rsip_sha_handle_t * handle; + uint8_t * message; + uint32_t message_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INPUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_sha_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, rsip_sha_handle_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + message = (uint8_t *)params[1].memref.buffer; + message_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t)) { + EMSG("message err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_SHA_GenerateUpdate(&rsip_instance_ctrl, handle, message, message_length); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + return TEE_SUCCESS; +} + +static TEE_Result sha_generatefinal(uint32_t types, TEE_Param params[TEE_NUM_PARAMS], uint32_t hash_size) +{ + fsp_err_t err; + rsip_sha_handle_t * handle; + uint8_t * digest; + uint32_t digest_length; + + if (types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_MEMREF_INOUT, + TEE_PARAM_TYPE_NONE, + TEE_PARAM_TYPE_NONE)) { + return TEE_ERROR_BAD_PARAMETERS; + } + + handle = (rsip_sha_handle_t *)params[0].memref.buffer; + if (!IS_ALIGNED_WITH_TYPE(params[0].memref.buffer, rsip_sha_handle_t)) { + EMSG("handle err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + digest = (uint8_t *)params[1].memref.buffer; + digest_length = (uint32_t)params[1].memref.size; + if (!IS_ALIGNED_WITH_TYPE(params[1].memref.buffer, uint32_t) || (hash_size > digest_length)) { + EMSG("digest err"); + return TEE_ERROR_BAD_PARAMETERS; + } + + err = R_RSIP_SHA_GenerateFinal(&rsip_instance_ctrl, handle, digest); + switch ((uint32_t)err) + { + case FSP_SUCCESS: + break; + case FSP_ERR_ASSERTION: + return TEE_ERROR_BAD_PARAMETERS; + case FSP_ERR_NOT_OPEN: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_INVALID_STATE: + return TEE_ERROR_BAD_STATE; + case FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT: + return TEE_ERROR_ACCESS_CONFLICT; + case FSP_ERR_CRYPTO_RSIP_FATAL: + return TEE_ERROR_GENERIC; + default: + return TEE_ERROR_BAD_STATE; + } + + params[1].memref.size = hash_size; + + return TEE_SUCCESS; +} + + +static TEE_Result invoke_command(void *session __unused, uint32_t cmd, + uint32_t ptypes, + TEE_Param params[TEE_NUM_PARAMS]) +{ + EMSG(PTA_NAME" command %#"PRIx32" ptypes %#"PRIx32, cmd, ptypes); + + switch (cmd) { + case PTA_CMD_SHA1_Init : + return sha_generateinit(ptypes, params, RSIP_HASH_TYPE_SHA1); + case PTA_CMD_SHA224_Init : + return sha_generateinit(ptypes, params, RSIP_HASH_TYPE_SHA224); + case PTA_CMD_SHA256_Init : + return sha_generateinit(ptypes, params, RSIP_HASH_TYPE_SHA256); + case PTA_CMD_SHA384_Init : + return sha_generateinit(ptypes, params, RSIP_HASH_TYPE_SHA384); + case PTA_CMD_SHA512_Init : + return sha_generateinit(ptypes, params, RSIP_HASH_TYPE_SHA512); + case PTA_CMD_SHA512_224_Init : + return sha_generateinit(ptypes, params, RSIP_HASH_TYPE_SHA512_224); + case PTA_CMD_SHA512_256_Init : + return sha_generateinit(ptypes, params, RSIP_HASH_TYPE_SHA512_256); + + case PTA_CMD_SHA1_Update : + case PTA_CMD_SHA224_Update : + case PTA_CMD_SHA256_Update : + case PTA_CMD_SHA384_Update : + case PTA_CMD_SHA512_Update : + case PTA_CMD_SHA512_224_Update : + case PTA_CMD_SHA512_256_Update : + return sha_generateupdate(ptypes, params); + + case PTA_CMD_SHA1_Final : + return sha_generatefinal(ptypes, params, SHA1_HASH_SIZE); + case PTA_CMD_SHA224_Final : + return sha_generatefinal(ptypes, params, SHA224_HASH_SIZE); + case PTA_CMD_SHA256_Final : + return sha_generatefinal(ptypes, params, SHA256_HASH_SIZE); + case PTA_CMD_SHA384_Final : + return sha_generatefinal(ptypes, params, SHA384_HASH_SIZE); + case PTA_CMD_SHA512_Final : + return sha_generatefinal(ptypes, params, SHA512_HASH_SIZE); + case PTA_CMD_SHA512_224_Final : + return sha_generatefinal(ptypes, params, SHA512_224_HASH_SIZE); + case PTA_CMD_SHA512_256_Final : + return sha_generatefinal(ptypes, params, SHA512_256_HASH_SIZE); + + default: + return TEE_ERROR_NOT_SUPPORTED; + } +} + +pseudo_ta_register(.uuid = PTA_RSIP_SHA_UUID, .name = PTA_NAME, + .flags = PTA_DEFAULT_FLAGS, + .invoke_command_entry_point = invoke_command); diff --git a/core/arch/arm/plat-rz/common/pta/rsip/sub.mk b/core/arch/arm/plat-rz/common/pta/rsip/sub.mk new file mode 100644 index 000000000..d1541eecc --- /dev/null +++ b/core/arch/arm/plat-rz/common/pta/rsip/sub.mk @@ -0,0 +1,9 @@ +global-incdirs-y += include + +srcs-$(CFG_RZ_RSIP) += \ + pta_rsip.c \ + pta_rsip_aes.c \ + pta_rsip_rsa.c \ + pta_rsip_sha.c \ + pta_rsip_ecc.c \ + pta_rsip_hmac.c \ No newline at end of file diff --git a/core/arch/arm/plat-rz/common/pta/sub.mk b/core/arch/arm/plat-rz/common/pta/sub.mk index 1dd1a770c..3a6482a72 100644 --- a/core/arch/arm/plat-rz/common/pta/sub.mk +++ b/core/arch/arm/plat-rz/common/pta/sub.mk @@ -1,3 +1,4 @@ global-incdirs-y += include -srcs-y += pta_flash.c \ No newline at end of file +srcs-y += pta_flash.c +subdirs-$(CFG_RZ_RSIP) += rsip diff --git a/core/arch/arm/plat-rz/common/sub.mk b/core/arch/arm/plat-rz/common/sub.mk index 9739db44b..42b63310f 100644 --- a/core/arch/arm/plat-rz/common/sub.mk +++ b/core/arch/arm/plat-rz/common/sub.mk @@ -1,4 +1,5 @@ srcs-$(CFG_RZ_HUK) += huk.c +srcs-$(CFG_RZ_RSIP) += hw_rng_rsip.c subdirs-y += drivers subdirs-$(CFG_RZ_XSPI) += pta diff --git a/core/arch/arm/plat-rz/g2l/pta/include/pta_sce_sha.h b/core/arch/arm/plat-rz/g2l/pta/include/pta_sce_sha.h index 414bb53d1..0a2e1a375 100644 --- a/core/arch/arm/plat-rz/g2l/pta/include/pta_sce_sha.h +++ b/core/arch/arm/plat-rz/g2l/pta/include/pta_sce_sha.h @@ -12,35 +12,35 @@ { 0x94, 0xb5, 0xce, 0xcc, 0x5f, 0x48, 0x62, 0xe4 } } /* - * [in/out] memref[0] : AES handler (sce_sha_md5_handle_t) + * [in/out] memref[0] : SHA handler (sce_sha_md5_handle_t) */ #define PTA_CMD_SHA224_Init (0x00030000) /* - * [in/out] memref[0] : AES handler (sce_sha_md5_handle_t) + * [in/out] memref[0] : SHA handler (sce_sha_md5_handle_t) * [in] memref[1] : Message */ #define PTA_CMD_SHA224_Update (0x00030001) /* - * [in/out] memref[0] : AES handler (sce_sha_md5_handle_t) + * [in/out] memref[0] : SHA handler (sce_sha_md5_handle_t) * [in/out] memref[1] : Digest (28byte) */ #define PTA_CMD_SHA224_Final (0x00030002) /* - * [in/out] memref[0] : AES handler (sce_sha_md5_handle_t) + * [in/out] memref[0] : SHA handler (sce_sha_md5_handle_t) */ #define PTA_CMD_SHA256_Init (0x00030100) /* - * [in/out] memref[0] : AES handler (sce_sha_md5_handle_t) + * [in/out] memref[0] : SHA handler (sce_sha_md5_handle_t) * [in] memref[1] : Message */ #define PTA_CMD_SHA256_Update (0x00030101) /* - * [in/out] memref[0] : AES handler (sce_sha_md5_handle_t) + * [in/out] memref[0] : SHA handler (sce_sha_md5_handle_t) * [in/out] memref[1] : Digest (32byte) */ #define PTA_CMD_SHA256_Final (0x00030102) diff --git a/core/arch/arm/plat-rz/g3s/drivers/sub.mk b/core/arch/arm/plat-rz/g3s/drivers/sub.mk index 0b66ec217..fc90882e4 100644 --- a/core/arch/arm/plat-rz/g3s/drivers/sub.mk +++ b/core/arch/arm/plat-rz/g3s/drivers/sub.mk @@ -1,6 +1,5 @@ global-incdirs-y += . srcs-y += sflash.c -srcs-y += r_rsip_init.c subdirs-y += cpg diff --git a/core/arch/arm/plat-rz/g3s/rzg3s_conf.mk b/core/arch/arm/plat-rz/g3s/rzg3s_conf.mk index c4eaef1d9..3d3e12a68 100644 --- a/core/arch/arm/plat-rz/g3s/rzg3s_conf.mk +++ b/core/arch/arm/plat-rz/g3s/rzg3s_conf.mk @@ -12,7 +12,6 @@ $(call force,CFG_GIC,y) $(call force,CFG_ARM_GICV3,y) $(call force,CFG_RZ_HUK,y) $(call force,CFG_RZ_XSPI,y) -$(call force,CFG_RZ_RSIP,y) CFG_TEE_CORE_NB_CORE ?= 1 @@ -26,7 +25,10 @@ else $(call force,CFG_ARM32_core,y) endif -CFG_RZ_SCE ?= n ifeq ($(CFG_RZ_SCE),y) -CFG_WITH_SOFTWARE_PRNG ?= n +CFG_RZ_RSIP ?= y endif + +ifeq ($(CFG_RZ_RSIP),y) +CFG_WITH_SOFTWARE_PRNG ?= n +endif \ No newline at end of file diff --git a/core/arch/arm/plat-rz/g3s/rzg3s_config.h b/core/arch/arm/plat-rz/g3s/rzg3s_config.h index 186adc52f..3e28f0996 100644 --- a/core/arch/arm/plat-rz/g3s/rzg3s_config.h +++ b/core/arch/arm/plat-rz/g3s/rzg3s_config.h @@ -1,7 +1,7 @@ /* SPDX-License-Identifier: BSD-2-Clause */ /* * Copyright (c) 2016, GlobalLogic - * Copyright (c) 2023, Renesas Electronics + * Copyright (c) 2024, Renesas Electronics */ #ifndef RZG3S_CONFIG_H @@ -29,6 +29,9 @@ #define XSPI_BASE 0x10060000U #define XSPI_REG_SIZE 0x30000 +#define RSIP_BASE 0x11850000 +#define RSIP_SIZE 0x00010000 + #if defined(PLATFORM_FLAVOR_g3s_dev14_1) /* DDR 1Gbyte x1 */ #define NSEC_DDR_0_BASE 0x47E00000U