TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation, TEE_ObjectHandle key) { uint32_t key_size = 0; if (operation == TEE_HANDLE_NULL) TEE_Panic(0); /* No key for digests */ if (operation->info.operationClass == TEE_OPERATION_DIGEST) TEE_Panic(0); /* Two keys expected */ if ((operation->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) != 0) TEE_Panic(0); if (key != TEE_HANDLE_NULL) { TEE_ObjectInfo key_info; TEE_GetObjectInfo(key, &key_info); /* Supplied key has to meet required usage */ if ((key_info.objectUsage & operation->info.requiredKeyUsage) != operation->info.requiredKeyUsage) { TEE_Panic(0); } if (operation->info.maxKeySize < key_info.objectSize) TEE_Panic(0); key_size = key_info.objectSize; } TEE_ResetTransientObject(operation->key1); operation->info.handleState &= ~TEE_HANDLE_FLAG_KEY_SET; if (key != TEE_HANDLE_NULL) { TEE_CopyObjectAttributes(operation->key1, key); operation->info.handleState |= TEE_HANDLE_FLAG_KEY_SET; } operation->info.keySize = key_size; return TEE_SUCCESS; }
static void __attribute__((unused)) pri_obj_data(TEE_ObjectHandle object) { void *data = NULL; TEE_ObjectInfo info; uint32_t cur_pos; TEE_Result ret; uint32_t count = 0; if (object == NULL) return; TEE_GetObjectInfo(object, &info); data = calloc(1, info.dataSize); if (data == NULL) { printf("Fail: pri_obj_data(mem)\n"); } cur_pos = info.dataPosition; ret = TEE_SeekObjectData(object, 0, TEE_DATA_SEEK_SET); if (ret != TEE_SUCCESS) { printf("Fail: pri_obj_data(seek beginning)\n"); goto err; } ret = TEE_ReadObjectData(object, data, info.dataSize, &count); if (ret != TEE_SUCCESS || count != info.dataSize) { printf("Fail: pri_obj_data(read)\n"); goto err; } ret = TEE_SeekObjectData(object, cur_pos, TEE_DATA_SEEK_SET); if (ret != TEE_SUCCESS) { printf("Fail: pri_obj_data(set back prev pos)\n"); goto err; } pri_void_buf(data, info.dataSize); err: free(data); }
TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation, TEE_ObjectHandle key1, TEE_ObjectHandle key2) { uint32_t key_size = 0; if (operation == TEE_HANDLE_NULL) TEE_Panic(0); /* Two keys not expected */ if ((operation->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) == 0) TEE_Panic(0); /* Either both keys are NULL or both are not NULL */ if ((key1 == TEE_HANDLE_NULL || key2 == TEE_HANDLE_NULL) && key1 != key2) TEE_Panic(0); if (key1 != TEE_HANDLE_NULL) { TEE_ObjectInfo key_info1; TEE_ObjectInfo key_info2; TEE_GetObjectInfo(key1, &key_info1); /* Supplied key has to meet required usage */ if ((key_info1.objectUsage & operation->info. requiredKeyUsage) != operation->info.requiredKeyUsage) { TEE_Panic(0); } TEE_GetObjectInfo(key2, &key_info2); /* Supplied key has to meet required usage */ if ((key_info2.objectUsage & operation->info. requiredKeyUsage) != operation->info.requiredKeyUsage) { TEE_Panic(0); } /* * AES-XTS (the only multi key algorithm supported, requires the * keys to be of equal size. */ if (operation->info.algorithm == TEE_ALG_AES_XTS && key_info1.objectSize != key_info2.objectSize) TEE_Panic(0); if (operation->info.maxKeySize < key_info1.objectSize) TEE_Panic(0); /* * Odd that only the size of one key should be reported while * size of two key are used when allocating the operation. */ key_size = key_info1.objectSize; } TEE_ResetTransientObject(operation->key1); TEE_ResetTransientObject(operation->key2); operation->info.handleState &= ~TEE_HANDLE_FLAG_KEY_SET; if (key1 != TEE_HANDLE_NULL) { TEE_CopyObjectAttributes(operation->key1, key1); TEE_CopyObjectAttributes(operation->key2, key2); operation->info.handleState |= TEE_HANDLE_FLAG_KEY_SET; } operation->info.keySize = key_size; return TEE_SUCCESS; }