1
0
mirror of https://github.com/henrydcase/optee_eng.git synced 2024-11-28 01:51:20 +00:00

WIP: it works

This commit is contained in:
Henry Case 2021-01-14 13:36:38 +00:00
parent f0991899b0
commit 445f94f89b
3 changed files with 19 additions and 7 deletions

View File

@ -67,7 +67,7 @@ end:
} }
int OPTEE_ENG_evp_cb_sign( int OPTEE_ENG_evp_cb_sign(
EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *sigsz, EVP_MD_CTX *ctx, unsigned char *sig, size_t *sigsz,
const unsigned char *tb, size_t tbsz) { const unsigned char *tb, size_t tbsz) {
ENTRY; ENTRY;
@ -99,7 +99,7 @@ int OPTEE_ENG_evp_cb_sign(
goto end; goto end;
} }
pkey = EVP_PKEY_CTX_get0_pkey(ctx); //pkey = EVP_PKEY_CTX_get0_pkey(ctx);
TEST_NULL(pkey); TEST_NULL(pkey);
if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) { if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) {
@ -108,6 +108,7 @@ int OPTEE_ENG_evp_cb_sign(
goto end; goto end;
} }
#if 0
if (!EVP_PKEY_CTX_get_signature_md(ctx, &md) || if (!EVP_PKEY_CTX_get_signature_md(ctx, &md) ||
(md != EVP_sha256())) { (md != EVP_sha256())) {
// We only support ECDSA+P-256+SHA256 // We only support ECDSA+P-256+SHA256
@ -115,7 +116,7 @@ int OPTEE_ENG_evp_cb_sign(
ret = -2; ret = -2;
goto end; goto end;
} }
#endif
ec = EVP_PKEY_get1_EC_KEY(pkey); ec = EVP_PKEY_get1_EC_KEY(pkey);
TEST_NULL(ec); TEST_NULL(ec);
@ -230,10 +231,17 @@ EVP_PKEY* OPTEE_ENG_load_private_key(
uint8_t key_digest[32] = {0}; uint8_t key_digest[32] = {0};
int ret = 0; int ret = 0;
char key_path[2048] = {0};
const char *path = getenv("PRV_KEY");
memcpy(key_path, path, strlen(path));
key_path[strlen(path)] = '/';
memcpy(key_path+strlen(path)+1, key_name, strlen(key_name));
key_path[strlen(path)+strlen(key_name)+1] = '\0';
/* read key from file */ /* read key from file */
// OZAPTF // OZAPTF
TEST_OSSL( TEST_OSSL(
parse_key_from_file(getenv("PRV_KEY")), parse_key_from_file(key_path),
BAD_PARAMETERS); BAD_PARAMETERS);
// Calculate key-id used internally. It is a sha256 // Calculate key-id used internally. It is a sha256

View File

@ -12,7 +12,7 @@ EVP_PKEY* OPTEE_ENG_load_private_key(
void * callback_data); void * callback_data);
int OPTEE_ENG_evp_cb_sign( int OPTEE_ENG_evp_cb_sign(
EVP_PKEY_CTX * ctx, EVP_MD_CTX * ctx,
unsigned char * sig, unsigned char * sig,
size_t * sigsz, size_t * sigsz,
const unsigned char *tb, const unsigned char *tb,

View File

@ -15,7 +15,7 @@
#ifdef OPTEE_ENG_ENGINE_NAME #ifdef OPTEE_ENG_ENGINE_NAME
#undef OPTEE_ENG_ENGINE_NAME #undef OPTEE_ENG_ENGINE_NAME
#endif #endif
#define OPTEE_ENG_ENGINE_NAME "OpTEE OpenSSL ENGINE." #define OPTEE_ENG_ENGINE_NAME "OpTEE OpenSSL ENGINE (NO TEE VERSION)."
BIO *bio_err = NULL; BIO *bio_err = NULL;
static bool is_initialized = false; static bool is_initialized = false;
@ -113,7 +113,7 @@ static int OPTEE_ENG_pkey_meths(
EVP_PKEY_meth_copy(new_meth, orig_meth); EVP_PKEY_meth_copy(new_meth, orig_meth);
// Bind function pointers of PKEY and ASN1 methods // Bind function pointers of PKEY and ASN1 methods
EVP_PKEY_meth_set_sign(new_meth, 0, OPTEE_ENG_evp_cb_sign); EVP_PKEY_meth_set_digestsign(new_meth, OPTEE_ENG_evp_cb_sign);
*pmeth = new_meth; *pmeth = new_meth;
return 1; return 1;
} }
@ -129,11 +129,15 @@ static int OPTEE_ENG_bind(ENGINE *e, const char *id) {
return 0; return 0;
} }
/*
OZAPTF: locks
if (!OPENSSL_init_crypto( if (!OPENSSL_init_crypto(
OPENSSL_INIT_LOAD_CONFIG | OPENSSL_INIT_ENGINE_DYNAMIC, NULL)) { OPENSSL_INIT_LOAD_CONFIG | OPENSSL_INIT_ENGINE_DYNAMIC, NULL)) {
fprintf(stderr, "OPENSSL_init_crypto failed\n"); fprintf(stderr, "OPENSSL_init_crypto failed\n");
return 0; return 0;
} }
*/
NOP(id); NOP(id);
TEST_P(OPTEE_ENG_err_strings()); TEST_P(OPTEE_ENG_err_strings());