Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 246ef1718067c9b12465760fa32b4730342217a4 / . / drivers / auth / mbedtls / mbedtls_crypto.c
blob: 33420fbbd1b0c59ca7f954b8c193a6ac1ba14e85 [file] [log] [blame]
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]1/*
Qixiang Xu1a1f2912017-11-09 13:56:29 +0800[diff] [blame]2 * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]3 *
dp-armfa3cf0b2017-05-03 09:38:09 +0100[diff] [blame]4 * SPDX-License-Identifier: BSD-3-Clause
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]5 */
6
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]7#include <stddef.h>
8#include <string.h>
9
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]10/* mbed TLS headers */
11#include <mbedtls/md.h>
12#include <mbedtls/memory_buffer_alloc.h>
13#include <mbedtls/oid.h>
14#include <mbedtls/platform.h>
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]15
Antonio Nino Diaze0f90632018-12-14 00:18:21 +0000[diff] [blame]16#include <common/debug.h>
17#include <drivers/auth/crypto_mod.h>
18#include <drivers/auth/mbedtls/mbedtls_common.h>
19#include <drivers/auth/mbedtls/mbedtls_config.h>
20
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]21#define LIB_NAME "mbed TLS"
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]22
23/*
24 * AlgorithmIdentifier ::= SEQUENCE {
25 * algorithm OBJECT IDENTIFIER,
26 * parameters ANY DEFINED BY algorithm OPTIONAL
27 * }
28 *
29 * SubjectPublicKeyInfo ::= SEQUENCE {
30 * algorithm AlgorithmIdentifier,
31 * subjectPublicKey BIT STRING
32 * }
33 *
34 * DigestInfo ::= SEQUENCE {
35 * digestAlgorithm AlgorithmIdentifier,
36 * digest OCTET STRING
37 * }
38 */
39
40/*
41 * Initialize the library and export the descriptor
42 */
43static void init(void)
44{
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]45 /* Initialize mbed TLS */
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]46 mbedtls_init();
47}
48
49/*
50 * Verify a signature.
51 *
52 * Parameters are passed using the DER encoding format following the ASN.1
53 * structures detailed above.
54 */
55static int verify_signature(void *data_ptr, unsigned int data_len,
56 void *sig_ptr, unsigned int sig_len,
57 void *sig_alg, unsigned int sig_alg_len,
58 void *pk_ptr, unsigned int pk_len)
59{
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]60 mbedtls_asn1_buf sig_oid, sig_params;
61 mbedtls_asn1_buf signature;
62 mbedtls_md_type_t md_alg;
63 mbedtls_pk_type_t pk_alg;
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]64 mbedtls_pk_context pk = {0};
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]65 int rc;
66 void *sig_opts = NULL;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]67 const mbedtls_md_info_t *md_info;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]68 unsigned char *p, *end;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]69 unsigned char hash[MBEDTLS_MD_MAX_SIZE];
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]70
71 /* Get pointers to signature OID and parameters */
72 p = (unsigned char *)sig_alg;
73 end = (unsigned char *)(p + sig_alg_len);
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]74 rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, &sig_params);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]75 if (rc != 0) {
76 return CRYPTO_ERR_SIGNATURE;
77 }
78
79 /* Get the actual signature algorithm (MD + PK) */
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]80 rc = mbedtls_x509_get_sig_alg(&sig_oid, &sig_params, &md_alg, &pk_alg, &sig_opts);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]81 if (rc != 0) {
82 return CRYPTO_ERR_SIGNATURE;
83 }
84
85 /* Parse the public key */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]86 mbedtls_pk_init(&pk);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]87 p = (unsigned char *)pk_ptr;
88 end = (unsigned char *)(p + pk_len);
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]89 rc = mbedtls_pk_parse_subpubkey(&p, end, &pk);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]90 if (rc != 0) {
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]91 rc = CRYPTO_ERR_SIGNATURE;
92 goto end2;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]93 }
94
95 /* Get the signature (bitstring) */
96 p = (unsigned char *)sig_ptr;
97 end = (unsigned char *)(p + sig_len);
98 signature.tag = *p;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]99 rc = mbedtls_asn1_get_bitstring_null(&p, end, &signature.len);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]100 if (rc != 0) {
101 rc = CRYPTO_ERR_SIGNATURE;
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]102 goto end1;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]103 }
104 signature.p = p;
105
106 /* Calculate the hash of the data */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]107 md_info = mbedtls_md_info_from_type(md_alg);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]108 if (md_info == NULL) {
109 rc = CRYPTO_ERR_SIGNATURE;
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]110 goto end1;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]111 }
112 p = (unsigned char *)data_ptr;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]113 rc = mbedtls_md(md_info, p, data_len, hash);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]114 if (rc != 0) {
115 rc = CRYPTO_ERR_SIGNATURE;
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]116 goto end1;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]117 }
118
119 /* Verify the signature */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]120 rc = mbedtls_pk_verify_ext(pk_alg, sig_opts, &pk, md_alg, hash,
121 mbedtls_md_get_size(md_info),
122 signature.p, signature.len);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]123 if (rc != 0) {
124 rc = CRYPTO_ERR_SIGNATURE;
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]125 goto end1;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]126 }
127
128 /* Signature verification success */
129 rc = CRYPTO_SUCCESS;
130
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]131end1:
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]132 mbedtls_pk_free(&pk);
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]133end2:
134 mbedtls_free(sig_opts);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]135 return rc;
136}
137
138/*
139 * Match a hash
140 *
141 * Digest info is passed in DER format following the ASN.1 structure detailed
142 * above.
143 */
144static int verify_hash(void *data_ptr, unsigned int data_len,
145 void *digest_info_ptr, unsigned int digest_info_len)
146{
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]147 mbedtls_asn1_buf hash_oid, params;
148 mbedtls_md_type_t md_alg;
149 const mbedtls_md_info_t *md_info;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]150 unsigned char *p, *end, *hash;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]151 unsigned char data_hash[MBEDTLS_MD_MAX_SIZE];
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]152 size_t len;
153 int rc;
154
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]155 /* Digest info should be an MBEDTLS_ASN1_SEQUENCE */
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]156 p = (unsigned char *)digest_info_ptr;
Sandrine Bailleuxdf8de2d2016-01-04 15:49:23 +0000[diff] [blame]157 end = p + digest_info_len;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]158 rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
159 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]160 if (rc != 0) {
161 return CRYPTO_ERR_HASH;
162 }
163
164 /* Get the hash algorithm */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]165 rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, &params);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]166 if (rc != 0) {
167 return CRYPTO_ERR_HASH;
168 }
169
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]170 rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]171 if (rc != 0) {
172 return CRYPTO_ERR_HASH;
173 }
174
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]175 md_info = mbedtls_md_info_from_type(md_alg);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]176 if (md_info == NULL) {
177 return CRYPTO_ERR_HASH;
178 }
179
180 /* Hash should be octet string type */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]181 rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]182 if (rc != 0) {
183 return CRYPTO_ERR_HASH;
184 }
185
186 /* Length of hash must match the algorithm's size */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]187 if (len != mbedtls_md_get_size(md_info)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]188 return CRYPTO_ERR_HASH;
189 }
190 hash = p;
191
192 /* Calculate the hash of the data */
193 p = (unsigned char *)data_ptr;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]194 rc = mbedtls_md(md_info, p, data_len, data_hash);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]195 if (rc != 0) {
196 return CRYPTO_ERR_HASH;
197 }
198
199 /* Compare values */
Antonio Nino Diaz0ca1afa2017-02-09 10:26:54 +0000[diff] [blame]200 rc = memcmp(data_hash, hash, mbedtls_md_get_size(md_info));
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]201 if (rc != 0) {
202 return CRYPTO_ERR_HASH;
203 }
204
205 return CRYPTO_SUCCESS;
206}
207
208/*
209 * Register crypto library descriptor
210 */
211REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash);