TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation,
TEE_ObjectHandle key)
{
uint32_t key_size = 0;
if (operation == TEE_HANDLE_NULL)
TEE_Panic(0);
/* No key for digests */
if (operation->info.operationClass == TEE_OPERATION_DIGEST)
TEE_Panic(0);
/* Two keys expected */
if ((operation->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) !=
0)
TEE_Panic(0);
if (key != TEE_HANDLE_NULL) {
TEE_ObjectInfo key_info;
TEE_GetObjectInfo(key, &key_info);
/* Supplied key has to meet required usage */
if ((key_info.objectUsage & operation->info.requiredKeyUsage) !=
operation->info.requiredKeyUsage) {
TEE_Panic(0);
}
if (operation->info.maxKeySize < key_info.objectSize)
TEE_Panic(0);
key_size = key_info.objectSize;
}
TEE_ResetTransientObject(operation->key1);
operation->info.handleState &= ~TEE_HANDLE_FLAG_KEY_SET;
if (key != TEE_HANDLE_NULL) {
TEE_CopyObjectAttributes(operation->key1, key);
operation->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
}
operation->info.keySize = key_size;
return TEE_SUCCESS;
}
static void __attribute__((unused)) pri_obj_data(TEE_ObjectHandle object)
{
void *data = NULL;
TEE_ObjectInfo info;
uint32_t cur_pos;
TEE_Result ret;
uint32_t count = 0;
if (object == NULL)
return;
TEE_GetObjectInfo(object, &info);
data = calloc(1, info.dataSize);
if (data == NULL) {
printf("Fail: pri_obj_data(mem)\n");
}
cur_pos = info.dataPosition;
ret = TEE_SeekObjectData(object, 0, TEE_DATA_SEEK_SET);
if (ret != TEE_SUCCESS) {
printf("Fail: pri_obj_data(seek beginning)\n");
goto err;
}
ret = TEE_ReadObjectData(object, data, info.dataSize, &count);
if (ret != TEE_SUCCESS || count != info.dataSize) {
printf("Fail: pri_obj_data(read)\n");
goto err;
}
ret = TEE_SeekObjectData(object, cur_pos, TEE_DATA_SEEK_SET);
if (ret != TEE_SUCCESS) {
printf("Fail: pri_obj_data(set back prev pos)\n");
goto err;
}
pri_void_buf(data, info.dataSize);
err:
free(data);
}
TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation,
TEE_ObjectHandle key1, TEE_ObjectHandle key2)
{
uint32_t key_size = 0;
if (operation == TEE_HANDLE_NULL)
TEE_Panic(0);
/* Two keys not expected */
if ((operation->info.handleState & TEE_HANDLE_FLAG_EXPECT_TWO_KEYS) ==
0)
TEE_Panic(0);
/* Either both keys are NULL or both are not NULL */
if ((key1 == TEE_HANDLE_NULL || key2 == TEE_HANDLE_NULL) &&
key1 != key2)
TEE_Panic(0);
if (key1 != TEE_HANDLE_NULL) {
TEE_ObjectInfo key_info1;
TEE_ObjectInfo key_info2;
TEE_GetObjectInfo(key1, &key_info1);
/* Supplied key has to meet required usage */
if ((key_info1.objectUsage & operation->info.
requiredKeyUsage) != operation->info.requiredKeyUsage) {
TEE_Panic(0);
}
TEE_GetObjectInfo(key2, &key_info2);
/* Supplied key has to meet required usage */
if ((key_info2.objectUsage & operation->info.
requiredKeyUsage) != operation->info.requiredKeyUsage) {
TEE_Panic(0);
}
/*
* AES-XTS (the only multi key algorithm supported, requires the
* keys to be of equal size.
*/
if (operation->info.algorithm == TEE_ALG_AES_XTS &&
key_info1.objectSize != key_info2.objectSize)
TEE_Panic(0);
if (operation->info.maxKeySize < key_info1.objectSize)
TEE_Panic(0);
/*
* Odd that only the size of one key should be reported while
* size of two key are used when allocating the operation.
*/
key_size = key_info1.objectSize;
}
TEE_ResetTransientObject(operation->key1);
TEE_ResetTransientObject(operation->key2);
operation->info.handleState &= ~TEE_HANDLE_FLAG_KEY_SET;
if (key1 != TEE_HANDLE_NULL) {
TEE_CopyObjectAttributes(operation->key1, key1);
TEE_CopyObjectAttributes(operation->key2, key2);
operation->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
}
operation->info.keySize = key_size;
return TEE_SUCCESS;
}
