diff options
| author | Gabor Szekely <szvgabor@gmail.com> | 2018-09-14 14:37:58 +0000 |
|---|---|---|
| committer | Jérôme Forissier <jerome.forissier@linaro.org> | 2018-11-15 15:55:18 +0100 |
| commit | 6a2e0a9fe2b9b0591a007c6a672aaeaacaae79d5 (patch) | |
| tree | 040fcbbfb0e285128bc735497fa942afc9c320cf /lib/libutee | |
| parent | 56859c533dffc7dff37cd698041257f17daf0eb8 (diff) | |
utee: support prehashed RSA sign/ver without ASN.1
Add TEE Core Internal API extension TEE_ALG_RSASSA_PKCS1_V1_5 to
sign/verify pre-hashed PKCS#1 v1.5 EMSA without ASN.1 around the hash.
This relies on libtomcrypt LTC_PKCS_1_V1_5_NA1. The extension can be
turned on with CFG_CRYPTO_RSASSA_NA1.
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Gabor Szekely <szvgabor@gmail.com>
Diffstat (limited to 'lib/libutee')
| -rw-r--r-- | lib/libutee/include/tee_api_defines.h | 1 | ||||
| -rw-r--r-- | lib/libutee/include/tee_api_defines_extensions.h | 6 | ||||
| -rw-r--r-- | lib/libutee/tee_api_operations.c | 7 |
3 files changed, 14 insertions, 0 deletions
diff --git a/lib/libutee/include/tee_api_defines.h b/lib/libutee/include/tee_api_defines.h index ded5485c..c71108ad 100644 --- a/lib/libutee/include/tee_api_defines.h +++ b/lib/libutee/include/tee_api_defines.h @@ -112,6 +112,7 @@ #define TEE_OPERATION_ASYMMETRIC_CIPHER 6 #define TEE_OPERATION_ASYMMETRIC_SIGNATURE 7 #define TEE_OPERATION_KEY_DERIVATION 8 +#define TEE_OPERATION_EXTENSION 0xF #define TEE_OPERATION_STATE_INITIAL 0x00000000 #define TEE_OPERATION_STATE_ACTIVE 0x00000001 diff --git a/lib/libutee/include/tee_api_defines_extensions.h b/lib/libutee/include/tee_api_defines_extensions.h index 50ae7c91..3f96e8f9 100644 --- a/lib/libutee/include/tee_api_defines_extensions.h +++ b/lib/libutee/include/tee_api_defines_extensions.h @@ -57,6 +57,12 @@ #define TEE_ATTR_PBKDF2_DKM_LENGTH 0xF00004C2 /* + * PKCS#1 v1.5 RSASSA pre-hashed sign/verify + */ + +#define TEE_ALG_RSASSA_PKCS1_V1_5 0xF0000830 + +/* * Implementation-specific object storage constants */ diff --git a/lib/libutee/tee_api_operations.c b/lib/libutee/tee_api_operations.c index 42d47b66..ab642195 100644 --- a/lib/libutee/tee_api_operations.c +++ b/lib/libutee/tee_api_operations.c @@ -132,6 +132,9 @@ TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, return TEE_ERROR_NOT_SUPPORTED; break; +#if defined(CFG_CRYPTO_RSASSA_NA1) + case TEE_ALG_RSASSA_PKCS1_V1_5: +#endif case TEE_ALG_RSASSA_PKCS1_V1_5_MD5: case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1: case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224: @@ -253,6 +256,10 @@ TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, op->info.algorithm = algorithm; op->info.operationClass = TEE_ALG_GET_CLASS(algorithm); +#ifdef CFG_CRYPTO_RSASSA_NA1 + if (algorithm == TEE_ALG_RSASSA_PKCS1_V1_5) + op->info.operationClass = TEE_OPERATION_ASYMMETRIC_SIGNATURE; +#endif op->info.mode = mode; op->info.maxKeySize = maxKeySize; op->info.requiredKeyUsage = req_key_usage; |