| <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `src/crypto_op.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>crypto_op.rs - source</title><link rel="stylesheet" type="text/css" href="../../normalize.css"><link rel="stylesheet" type="text/css" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" type="text/css" href="../../light.css" id="themeStyle"><link rel="stylesheet" type="text/css" href="../../dark.css" disabled ><link rel="stylesheet" type="text/css" href="../../ayu.css" disabled ><script id="default-settings" ></script><script src="../../storage.js"></script><script src="../../crates.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="alternate icon" type="image/png" href="../../favicon-16x16.png"><link rel="alternate icon" type="image/png" href="../../favicon-32x32.png"><link rel="icon" type="image/svg+xml" href="../../favicon.svg"><style type="text/css">#crate-search{background-image:url("../../down-arrow.svg");}</style></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="sidebar-menu" role="button">☰</div><a href='../../optee_utee/index.html'><div class='logo-container rust-logo'><img src='../../rust-logo.png' alt='logo'></div></a></nav><div class="theme-picker"><button id="theme-picker" aria-label="Pick another theme!" aria-haspopup="menu" title="themes"><img width="18" height="18" alt="Pick another theme!" src="../../brush.svg"></button><div id="theme-choices" role="menu"></div></div><nav class="sub"><form class="search-form"><div class="search-container"><div><select id="crate-search"><option value="All crates">All crates</option></select><input class="search-input" name="search" disabled autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"></div><button type="button" id="help-button" title="help">?</button><a id="settings-menu" href="../../settings.html" title="settings"><img width="18" height="18" alt="Change settings" src="../../wheel.svg"></a></div></form></nav><section id="main" class="content"><div class="example-wrap"><pre class="line-numbers"><span id="1"> 1</span> |
| <span id="2"> 2</span> |
| <span id="3"> 3</span> |
| <span id="4"> 4</span> |
| <span id="5"> 5</span> |
| <span id="6"> 6</span> |
| <span id="7"> 7</span> |
| <span id="8"> 8</span> |
| <span id="9"> 9</span> |
| <span id="10"> 10</span> |
| <span id="11"> 11</span> |
| <span id="12"> 12</span> |
| <span id="13"> 13</span> |
| <span id="14"> 14</span> |
| <span id="15"> 15</span> |
| <span id="16"> 16</span> |
| <span id="17"> 17</span> |
| <span id="18"> 18</span> |
| <span id="19"> 19</span> |
| <span id="20"> 20</span> |
| <span id="21"> 21</span> |
| <span id="22"> 22</span> |
| <span id="23"> 23</span> |
| <span id="24"> 24</span> |
| <span id="25"> 25</span> |
| <span id="26"> 26</span> |
| <span id="27"> 27</span> |
| <span id="28"> 28</span> |
| <span id="29"> 29</span> |
| <span id="30"> 30</span> |
| <span id="31"> 31</span> |
| <span id="32"> 32</span> |
| <span id="33"> 33</span> |
| <span id="34"> 34</span> |
| <span id="35"> 35</span> |
| <span id="36"> 36</span> |
| <span id="37"> 37</span> |
| <span id="38"> 38</span> |
| <span id="39"> 39</span> |
| <span id="40"> 40</span> |
| <span id="41"> 41</span> |
| <span id="42"> 42</span> |
| <span id="43"> 43</span> |
| <span id="44"> 44</span> |
| <span id="45"> 45</span> |
| <span id="46"> 46</span> |
| <span id="47"> 47</span> |
| <span id="48"> 48</span> |
| <span id="49"> 49</span> |
| <span id="50"> 50</span> |
| <span id="51"> 51</span> |
| <span id="52"> 52</span> |
| <span id="53"> 53</span> |
| <span id="54"> 54</span> |
| <span id="55"> 55</span> |
| <span id="56"> 56</span> |
| <span id="57"> 57</span> |
| <span id="58"> 58</span> |
| <span id="59"> 59</span> |
| <span id="60"> 60</span> |
| <span id="61"> 61</span> |
| <span id="62"> 62</span> |
| <span id="63"> 63</span> |
| <span id="64"> 64</span> |
| <span id="65"> 65</span> |
| <span id="66"> 66</span> |
| <span id="67"> 67</span> |
| <span id="68"> 68</span> |
| <span id="69"> 69</span> |
| <span id="70"> 70</span> |
| <span id="71"> 71</span> |
| <span id="72"> 72</span> |
| <span id="73"> 73</span> |
| <span id="74"> 74</span> |
| <span id="75"> 75</span> |
| <span id="76"> 76</span> |
| <span id="77"> 77</span> |
| <span id="78"> 78</span> |
| <span id="79"> 79</span> |
| <span id="80"> 80</span> |
| <span id="81"> 81</span> |
| <span id="82"> 82</span> |
| <span id="83"> 83</span> |
| <span id="84"> 84</span> |
| <span id="85"> 85</span> |
| <span id="86"> 86</span> |
| <span id="87"> 87</span> |
| <span id="88"> 88</span> |
| <span id="89"> 89</span> |
| <span id="90"> 90</span> |
| <span id="91"> 91</span> |
| <span id="92"> 92</span> |
| <span id="93"> 93</span> |
| <span id="94"> 94</span> |
| <span id="95"> 95</span> |
| <span id="96"> 96</span> |
| <span id="97"> 97</span> |
| <span id="98"> 98</span> |
| <span id="99"> 99</span> |
| <span id="100"> 100</span> |
| <span id="101"> 101</span> |
| <span id="102"> 102</span> |
| <span id="103"> 103</span> |
| <span id="104"> 104</span> |
| <span id="105"> 105</span> |
| <span id="106"> 106</span> |
| <span id="107"> 107</span> |
| <span id="108"> 108</span> |
| <span id="109"> 109</span> |
| <span id="110"> 110</span> |
| <span id="111"> 111</span> |
| <span id="112"> 112</span> |
| <span id="113"> 113</span> |
| <span id="114"> 114</span> |
| <span id="115"> 115</span> |
| <span id="116"> 116</span> |
| <span id="117"> 117</span> |
| <span id="118"> 118</span> |
| <span id="119"> 119</span> |
| <span id="120"> 120</span> |
| <span id="121"> 121</span> |
| <span id="122"> 122</span> |
| <span id="123"> 123</span> |
| <span id="124"> 124</span> |
| <span id="125"> 125</span> |
| <span id="126"> 126</span> |
| <span id="127"> 127</span> |
| <span id="128"> 128</span> |
| <span id="129"> 129</span> |
| <span id="130"> 130</span> |
| <span id="131"> 131</span> |
| <span id="132"> 132</span> |
| <span id="133"> 133</span> |
| <span id="134"> 134</span> |
| <span id="135"> 135</span> |
| <span id="136"> 136</span> |
| <span id="137"> 137</span> |
| <span id="138"> 138</span> |
| <span id="139"> 139</span> |
| <span id="140"> 140</span> |
| <span id="141"> 141</span> |
| <span id="142"> 142</span> |
| <span id="143"> 143</span> |
| <span id="144"> 144</span> |
| <span id="145"> 145</span> |
| <span id="146"> 146</span> |
| <span id="147"> 147</span> |
| <span id="148"> 148</span> |
| <span id="149"> 149</span> |
| <span id="150"> 150</span> |
| <span id="151"> 151</span> |
| <span id="152"> 152</span> |
| <span id="153"> 153</span> |
| <span id="154"> 154</span> |
| <span id="155"> 155</span> |
| <span id="156"> 156</span> |
| <span id="157"> 157</span> |
| <span id="158"> 158</span> |
| <span id="159"> 159</span> |
| <span id="160"> 160</span> |
| <span id="161"> 161</span> |
| <span id="162"> 162</span> |
| <span id="163"> 163</span> |
| <span id="164"> 164</span> |
| <span id="165"> 165</span> |
| <span id="166"> 166</span> |
| <span id="167"> 167</span> |
| <span id="168"> 168</span> |
| <span id="169"> 169</span> |
| <span id="170"> 170</span> |
| <span id="171"> 171</span> |
| <span id="172"> 172</span> |
| <span id="173"> 173</span> |
| <span id="174"> 174</span> |
| <span id="175"> 175</span> |
| <span id="176"> 176</span> |
| <span id="177"> 177</span> |
| <span id="178"> 178</span> |
| <span id="179"> 179</span> |
| <span id="180"> 180</span> |
| <span id="181"> 181</span> |
| <span id="182"> 182</span> |
| <span id="183"> 183</span> |
| <span id="184"> 184</span> |
| <span id="185"> 185</span> |
| <span id="186"> 186</span> |
| <span id="187"> 187</span> |
| <span id="188"> 188</span> |
| <span id="189"> 189</span> |
| <span id="190"> 190</span> |
| <span id="191"> 191</span> |
| <span id="192"> 192</span> |
| <span id="193"> 193</span> |
| <span id="194"> 194</span> |
| <span id="195"> 195</span> |
| <span id="196"> 196</span> |
| <span id="197"> 197</span> |
| <span id="198"> 198</span> |
| <span id="199"> 199</span> |
| <span id="200"> 200</span> |
| <span id="201"> 201</span> |
| <span id="202"> 202</span> |
| <span id="203"> 203</span> |
| <span id="204"> 204</span> |
| <span id="205"> 205</span> |
| <span id="206"> 206</span> |
| <span id="207"> 207</span> |
| <span id="208"> 208</span> |
| <span id="209"> 209</span> |
| <span id="210"> 210</span> |
| <span id="211"> 211</span> |
| <span id="212"> 212</span> |
| <span id="213"> 213</span> |
| <span id="214"> 214</span> |
| <span id="215"> 215</span> |
| <span id="216"> 216</span> |
| <span id="217"> 217</span> |
| <span id="218"> 218</span> |
| <span id="219"> 219</span> |
| <span id="220"> 220</span> |
| <span id="221"> 221</span> |
| <span id="222"> 222</span> |
| <span id="223"> 223</span> |
| <span id="224"> 224</span> |
| <span id="225"> 225</span> |
| <span id="226"> 226</span> |
| <span id="227"> 227</span> |
| <span id="228"> 228</span> |
| <span id="229"> 229</span> |
| <span id="230"> 230</span> |
| <span id="231"> 231</span> |
| <span id="232"> 232</span> |
| <span id="233"> 233</span> |
| <span id="234"> 234</span> |
| <span id="235"> 235</span> |
| <span id="236"> 236</span> |
| <span id="237"> 237</span> |
| <span id="238"> 238</span> |
| <span id="239"> 239</span> |
| <span id="240"> 240</span> |
| <span id="241"> 241</span> |
| <span id="242"> 242</span> |
| <span id="243"> 243</span> |
| <span id="244"> 244</span> |
| <span id="245"> 245</span> |
| <span id="246"> 246</span> |
| <span id="247"> 247</span> |
| <span id="248"> 248</span> |
| <span id="249"> 249</span> |
| <span id="250"> 250</span> |
| <span id="251"> 251</span> |
| <span id="252"> 252</span> |
| <span id="253"> 253</span> |
| <span id="254"> 254</span> |
| <span id="255"> 255</span> |
| <span id="256"> 256</span> |
| <span id="257"> 257</span> |
| <span id="258"> 258</span> |
| <span id="259"> 259</span> |
| <span id="260"> 260</span> |
| <span id="261"> 261</span> |
| <span id="262"> 262</span> |
| <span id="263"> 263</span> |
| <span id="264"> 264</span> |
| <span id="265"> 265</span> |
| <span id="266"> 266</span> |
| <span id="267"> 267</span> |
| <span id="268"> 268</span> |
| <span id="269"> 269</span> |
| <span id="270"> 270</span> |
| <span id="271"> 271</span> |
| <span id="272"> 272</span> |
| <span id="273"> 273</span> |
| <span id="274"> 274</span> |
| <span id="275"> 275</span> |
| <span id="276"> 276</span> |
| <span id="277"> 277</span> |
| <span id="278"> 278</span> |
| <span id="279"> 279</span> |
| <span id="280"> 280</span> |
| <span id="281"> 281</span> |
| <span id="282"> 282</span> |
| <span id="283"> 283</span> |
| <span id="284"> 284</span> |
| <span id="285"> 285</span> |
| <span id="286"> 286</span> |
| <span id="287"> 287</span> |
| <span id="288"> 288</span> |
| <span id="289"> 289</span> |
| <span id="290"> 290</span> |
| <span id="291"> 291</span> |
| <span id="292"> 292</span> |
| <span id="293"> 293</span> |
| <span id="294"> 294</span> |
| <span id="295"> 295</span> |
| <span id="296"> 296</span> |
| <span id="297"> 297</span> |
| <span id="298"> 298</span> |
| <span id="299"> 299</span> |
| <span id="300"> 300</span> |
| <span id="301"> 301</span> |
| <span id="302"> 302</span> |
| <span id="303"> 303</span> |
| <span id="304"> 304</span> |
| <span id="305"> 305</span> |
| <span id="306"> 306</span> |
| <span id="307"> 307</span> |
| <span id="308"> 308</span> |
| <span id="309"> 309</span> |
| <span id="310"> 310</span> |
| <span id="311"> 311</span> |
| <span id="312"> 312</span> |
| <span id="313"> 313</span> |
| <span id="314"> 314</span> |
| <span id="315"> 315</span> |
| <span id="316"> 316</span> |
| <span id="317"> 317</span> |
| <span id="318"> 318</span> |
| <span id="319"> 319</span> |
| <span id="320"> 320</span> |
| <span id="321"> 321</span> |
| <span id="322"> 322</span> |
| <span id="323"> 323</span> |
| <span id="324"> 324</span> |
| <span id="325"> 325</span> |
| <span id="326"> 326</span> |
| <span id="327"> 327</span> |
| <span id="328"> 328</span> |
| <span id="329"> 329</span> |
| <span id="330"> 330</span> |
| <span id="331"> 331</span> |
| <span id="332"> 332</span> |
| <span id="333"> 333</span> |
| <span id="334"> 334</span> |
| <span id="335"> 335</span> |
| <span id="336"> 336</span> |
| <span id="337"> 337</span> |
| <span id="338"> 338</span> |
| <span id="339"> 339</span> |
| <span id="340"> 340</span> |
| <span id="341"> 341</span> |
| <span id="342"> 342</span> |
| <span id="343"> 343</span> |
| <span id="344"> 344</span> |
| <span id="345"> 345</span> |
| <span id="346"> 346</span> |
| <span id="347"> 347</span> |
| <span id="348"> 348</span> |
| <span id="349"> 349</span> |
| <span id="350"> 350</span> |
| <span id="351"> 351</span> |
| <span id="352"> 352</span> |
| <span id="353"> 353</span> |
| <span id="354"> 354</span> |
| <span id="355"> 355</span> |
| <span id="356"> 356</span> |
| <span id="357"> 357</span> |
| <span id="358"> 358</span> |
| <span id="359"> 359</span> |
| <span id="360"> 360</span> |
| <span id="361"> 361</span> |
| <span id="362"> 362</span> |
| <span id="363"> 363</span> |
| <span id="364"> 364</span> |
| <span id="365"> 365</span> |
| <span id="366"> 366</span> |
| <span id="367"> 367</span> |
| <span id="368"> 368</span> |
| <span id="369"> 369</span> |
| <span id="370"> 370</span> |
| <span id="371"> 371</span> |
| <span id="372"> 372</span> |
| <span id="373"> 373</span> |
| <span id="374"> 374</span> |
| <span id="375"> 375</span> |
| <span id="376"> 376</span> |
| <span id="377"> 377</span> |
| <span id="378"> 378</span> |
| <span id="379"> 379</span> |
| <span id="380"> 380</span> |
| <span id="381"> 381</span> |
| <span id="382"> 382</span> |
| <span id="383"> 383</span> |
| <span id="384"> 384</span> |
| <span id="385"> 385</span> |
| <span id="386"> 386</span> |
| <span id="387"> 387</span> |
| <span id="388"> 388</span> |
| <span id="389"> 389</span> |
| <span id="390"> 390</span> |
| <span id="391"> 391</span> |
| <span id="392"> 392</span> |
| <span id="393"> 393</span> |
| <span id="394"> 394</span> |
| <span id="395"> 395</span> |
| <span id="396"> 396</span> |
| <span id="397"> 397</span> |
| <span id="398"> 398</span> |
| <span id="399"> 399</span> |
| <span id="400"> 400</span> |
| <span id="401"> 401</span> |
| <span id="402"> 402</span> |
| <span id="403"> 403</span> |
| <span id="404"> 404</span> |
| <span id="405"> 405</span> |
| <span id="406"> 406</span> |
| <span id="407"> 407</span> |
| <span id="408"> 408</span> |
| <span id="409"> 409</span> |
| <span id="410"> 410</span> |
| <span id="411"> 411</span> |
| <span id="412"> 412</span> |
| <span id="413"> 413</span> |
| <span id="414"> 414</span> |
| <span id="415"> 415</span> |
| <span id="416"> 416</span> |
| <span id="417"> 417</span> |
| <span id="418"> 418</span> |
| <span id="419"> 419</span> |
| <span id="420"> 420</span> |
| <span id="421"> 421</span> |
| <span id="422"> 422</span> |
| <span id="423"> 423</span> |
| <span id="424"> 424</span> |
| <span id="425"> 425</span> |
| <span id="426"> 426</span> |
| <span id="427"> 427</span> |
| <span id="428"> 428</span> |
| <span id="429"> 429</span> |
| <span id="430"> 430</span> |
| <span id="431"> 431</span> |
| <span id="432"> 432</span> |
| <span id="433"> 433</span> |
| <span id="434"> 434</span> |
| <span id="435"> 435</span> |
| <span id="436"> 436</span> |
| <span id="437"> 437</span> |
| <span id="438"> 438</span> |
| <span id="439"> 439</span> |
| <span id="440"> 440</span> |
| <span id="441"> 441</span> |
| <span id="442"> 442</span> |
| <span id="443"> 443</span> |
| <span id="444"> 444</span> |
| <span id="445"> 445</span> |
| <span id="446"> 446</span> |
| <span id="447"> 447</span> |
| <span id="448"> 448</span> |
| <span id="449"> 449</span> |
| <span id="450"> 450</span> |
| <span id="451"> 451</span> |
| <span id="452"> 452</span> |
| <span id="453"> 453</span> |
| <span id="454"> 454</span> |
| <span id="455"> 455</span> |
| <span id="456"> 456</span> |
| <span id="457"> 457</span> |
| <span id="458"> 458</span> |
| <span id="459"> 459</span> |
| <span id="460"> 460</span> |
| <span id="461"> 461</span> |
| <span id="462"> 462</span> |
| <span id="463"> 463</span> |
| <span id="464"> 464</span> |
| <span id="465"> 465</span> |
| <span id="466"> 466</span> |
| <span id="467"> 467</span> |
| <span id="468"> 468</span> |
| <span id="469"> 469</span> |
| <span id="470"> 470</span> |
| <span id="471"> 471</span> |
| <span id="472"> 472</span> |
| <span id="473"> 473</span> |
| <span id="474"> 474</span> |
| <span id="475"> 475</span> |
| <span id="476"> 476</span> |
| <span id="477"> 477</span> |
| <span id="478"> 478</span> |
| <span id="479"> 479</span> |
| <span id="480"> 480</span> |
| <span id="481"> 481</span> |
| <span id="482"> 482</span> |
| <span id="483"> 483</span> |
| <span id="484"> 484</span> |
| <span id="485"> 485</span> |
| <span id="486"> 486</span> |
| <span id="487"> 487</span> |
| <span id="488"> 488</span> |
| <span id="489"> 489</span> |
| <span id="490"> 490</span> |
| <span id="491"> 491</span> |
| <span id="492"> 492</span> |
| <span id="493"> 493</span> |
| <span id="494"> 494</span> |
| <span id="495"> 495</span> |
| <span id="496"> 496</span> |
| <span id="497"> 497</span> |
| <span id="498"> 498</span> |
| <span id="499"> 499</span> |
| <span id="500"> 500</span> |
| <span id="501"> 501</span> |
| <span id="502"> 502</span> |
| <span id="503"> 503</span> |
| <span id="504"> 504</span> |
| <span id="505"> 505</span> |
| <span id="506"> 506</span> |
| <span id="507"> 507</span> |
| <span id="508"> 508</span> |
| <span id="509"> 509</span> |
| <span id="510"> 510</span> |
| <span id="511"> 511</span> |
| <span id="512"> 512</span> |
| <span id="513"> 513</span> |
| <span id="514"> 514</span> |
| <span id="515"> 515</span> |
| <span id="516"> 516</span> |
| <span id="517"> 517</span> |
| <span id="518"> 518</span> |
| <span id="519"> 519</span> |
| <span id="520"> 520</span> |
| <span id="521"> 521</span> |
| <span id="522"> 522</span> |
| <span id="523"> 523</span> |
| <span id="524"> 524</span> |
| <span id="525"> 525</span> |
| <span id="526"> 526</span> |
| <span id="527"> 527</span> |
| <span id="528"> 528</span> |
| <span id="529"> 529</span> |
| <span id="530"> 530</span> |
| <span id="531"> 531</span> |
| <span id="532"> 532</span> |
| <span id="533"> 533</span> |
| <span id="534"> 534</span> |
| <span id="535"> 535</span> |
| <span id="536"> 536</span> |
| <span id="537"> 537</span> |
| <span id="538"> 538</span> |
| <span id="539"> 539</span> |
| <span id="540"> 540</span> |
| <span id="541"> 541</span> |
| <span id="542"> 542</span> |
| <span id="543"> 543</span> |
| <span id="544"> 544</span> |
| <span id="545"> 545</span> |
| <span id="546"> 546</span> |
| <span id="547"> 547</span> |
| <span id="548"> 548</span> |
| <span id="549"> 549</span> |
| <span id="550"> 550</span> |
| <span id="551"> 551</span> |
| <span id="552"> 552</span> |
| <span id="553"> 553</span> |
| <span id="554"> 554</span> |
| <span id="555"> 555</span> |
| <span id="556"> 556</span> |
| <span id="557"> 557</span> |
| <span id="558"> 558</span> |
| <span id="559"> 559</span> |
| <span id="560"> 560</span> |
| <span id="561"> 561</span> |
| <span id="562"> 562</span> |
| <span id="563"> 563</span> |
| <span id="564"> 564</span> |
| <span id="565"> 565</span> |
| <span id="566"> 566</span> |
| <span id="567"> 567</span> |
| <span id="568"> 568</span> |
| <span id="569"> 569</span> |
| <span id="570"> 570</span> |
| <span id="571"> 571</span> |
| <span id="572"> 572</span> |
| <span id="573"> 573</span> |
| <span id="574"> 574</span> |
| <span id="575"> 575</span> |
| <span id="576"> 576</span> |
| <span id="577"> 577</span> |
| <span id="578"> 578</span> |
| <span id="579"> 579</span> |
| <span id="580"> 580</span> |
| <span id="581"> 581</span> |
| <span id="582"> 582</span> |
| <span id="583"> 583</span> |
| <span id="584"> 584</span> |
| <span id="585"> 585</span> |
| <span id="586"> 586</span> |
| <span id="587"> 587</span> |
| <span id="588"> 588</span> |
| <span id="589"> 589</span> |
| <span id="590"> 590</span> |
| <span id="591"> 591</span> |
| <span id="592"> 592</span> |
| <span id="593"> 593</span> |
| <span id="594"> 594</span> |
| <span id="595"> 595</span> |
| <span id="596"> 596</span> |
| <span id="597"> 597</span> |
| <span id="598"> 598</span> |
| <span id="599"> 599</span> |
| <span id="600"> 600</span> |
| <span id="601"> 601</span> |
| <span id="602"> 602</span> |
| <span id="603"> 603</span> |
| <span id="604"> 604</span> |
| <span id="605"> 605</span> |
| <span id="606"> 606</span> |
| <span id="607"> 607</span> |
| <span id="608"> 608</span> |
| <span id="609"> 609</span> |
| <span id="610"> 610</span> |
| <span id="611"> 611</span> |
| <span id="612"> 612</span> |
| <span id="613"> 613</span> |
| <span id="614"> 614</span> |
| <span id="615"> 615</span> |
| <span id="616"> 616</span> |
| <span id="617"> 617</span> |
| <span id="618"> 618</span> |
| <span id="619"> 619</span> |
| <span id="620"> 620</span> |
| <span id="621"> 621</span> |
| <span id="622"> 622</span> |
| <span id="623"> 623</span> |
| <span id="624"> 624</span> |
| <span id="625"> 625</span> |
| <span id="626"> 626</span> |
| <span id="627"> 627</span> |
| <span id="628"> 628</span> |
| <span id="629"> 629</span> |
| <span id="630"> 630</span> |
| <span id="631"> 631</span> |
| <span id="632"> 632</span> |
| <span id="633"> 633</span> |
| <span id="634"> 634</span> |
| <span id="635"> 635</span> |
| <span id="636"> 636</span> |
| <span id="637"> 637</span> |
| <span id="638"> 638</span> |
| <span id="639"> 639</span> |
| <span id="640"> 640</span> |
| <span id="641"> 641</span> |
| <span id="642"> 642</span> |
| <span id="643"> 643</span> |
| <span id="644"> 644</span> |
| <span id="645"> 645</span> |
| <span id="646"> 646</span> |
| <span id="647"> 647</span> |
| <span id="648"> 648</span> |
| <span id="649"> 649</span> |
| <span id="650"> 650</span> |
| <span id="651"> 651</span> |
| <span id="652"> 652</span> |
| <span id="653"> 653</span> |
| <span id="654"> 654</span> |
| <span id="655"> 655</span> |
| <span id="656"> 656</span> |
| <span id="657"> 657</span> |
| <span id="658"> 658</span> |
| <span id="659"> 659</span> |
| <span id="660"> 660</span> |
| <span id="661"> 661</span> |
| <span id="662"> 662</span> |
| <span id="663"> 663</span> |
| <span id="664"> 664</span> |
| <span id="665"> 665</span> |
| <span id="666"> 666</span> |
| <span id="667"> 667</span> |
| <span id="668"> 668</span> |
| <span id="669"> 669</span> |
| <span id="670"> 670</span> |
| <span id="671"> 671</span> |
| <span id="672"> 672</span> |
| <span id="673"> 673</span> |
| <span id="674"> 674</span> |
| <span id="675"> 675</span> |
| <span id="676"> 676</span> |
| <span id="677"> 677</span> |
| <span id="678"> 678</span> |
| <span id="679"> 679</span> |
| <span id="680"> 680</span> |
| <span id="681"> 681</span> |
| <span id="682"> 682</span> |
| <span id="683"> 683</span> |
| <span id="684"> 684</span> |
| <span id="685"> 685</span> |
| <span id="686"> 686</span> |
| <span id="687"> 687</span> |
| <span id="688"> 688</span> |
| <span id="689"> 689</span> |
| <span id="690"> 690</span> |
| <span id="691"> 691</span> |
| <span id="692"> 692</span> |
| <span id="693"> 693</span> |
| <span id="694"> 694</span> |
| <span id="695"> 695</span> |
| <span id="696"> 696</span> |
| <span id="697"> 697</span> |
| <span id="698"> 698</span> |
| <span id="699"> 699</span> |
| <span id="700"> 700</span> |
| <span id="701"> 701</span> |
| <span id="702"> 702</span> |
| <span id="703"> 703</span> |
| <span id="704"> 704</span> |
| <span id="705"> 705</span> |
| <span id="706"> 706</span> |
| <span id="707"> 707</span> |
| <span id="708"> 708</span> |
| <span id="709"> 709</span> |
| <span id="710"> 710</span> |
| <span id="711"> 711</span> |
| <span id="712"> 712</span> |
| <span id="713"> 713</span> |
| <span id="714"> 714</span> |
| <span id="715"> 715</span> |
| <span id="716"> 716</span> |
| <span id="717"> 717</span> |
| <span id="718"> 718</span> |
| <span id="719"> 719</span> |
| <span id="720"> 720</span> |
| <span id="721"> 721</span> |
| <span id="722"> 722</span> |
| <span id="723"> 723</span> |
| <span id="724"> 724</span> |
| <span id="725"> 725</span> |
| <span id="726"> 726</span> |
| <span id="727"> 727</span> |
| <span id="728"> 728</span> |
| <span id="729"> 729</span> |
| <span id="730"> 730</span> |
| <span id="731"> 731</span> |
| <span id="732"> 732</span> |
| <span id="733"> 733</span> |
| <span id="734"> 734</span> |
| <span id="735"> 735</span> |
| <span id="736"> 736</span> |
| <span id="737"> 737</span> |
| <span id="738"> 738</span> |
| <span id="739"> 739</span> |
| <span id="740"> 740</span> |
| <span id="741"> 741</span> |
| <span id="742"> 742</span> |
| <span id="743"> 743</span> |
| <span id="744"> 744</span> |
| <span id="745"> 745</span> |
| <span id="746"> 746</span> |
| <span id="747"> 747</span> |
| <span id="748"> 748</span> |
| <span id="749"> 749</span> |
| <span id="750"> 750</span> |
| <span id="751"> 751</span> |
| <span id="752"> 752</span> |
| <span id="753"> 753</span> |
| <span id="754"> 754</span> |
| <span id="755"> 755</span> |
| <span id="756"> 756</span> |
| <span id="757"> 757</span> |
| <span id="758"> 758</span> |
| <span id="759"> 759</span> |
| <span id="760"> 760</span> |
| <span id="761"> 761</span> |
| <span id="762"> 762</span> |
| <span id="763"> 763</span> |
| <span id="764"> 764</span> |
| <span id="765"> 765</span> |
| <span id="766"> 766</span> |
| <span id="767"> 767</span> |
| <span id="768"> 768</span> |
| <span id="769"> 769</span> |
| <span id="770"> 770</span> |
| <span id="771"> 771</span> |
| <span id="772"> 772</span> |
| <span id="773"> 773</span> |
| <span id="774"> 774</span> |
| <span id="775"> 775</span> |
| <span id="776"> 776</span> |
| <span id="777"> 777</span> |
| <span id="778"> 778</span> |
| <span id="779"> 779</span> |
| <span id="780"> 780</span> |
| <span id="781"> 781</span> |
| <span id="782"> 782</span> |
| <span id="783"> 783</span> |
| <span id="784"> 784</span> |
| <span id="785"> 785</span> |
| <span id="786"> 786</span> |
| <span id="787"> 787</span> |
| <span id="788"> 788</span> |
| <span id="789"> 789</span> |
| <span id="790"> 790</span> |
| <span id="791"> 791</span> |
| <span id="792"> 792</span> |
| <span id="793"> 793</span> |
| <span id="794"> 794</span> |
| <span id="795"> 795</span> |
| <span id="796"> 796</span> |
| <span id="797"> 797</span> |
| <span id="798"> 798</span> |
| <span id="799"> 799</span> |
| <span id="800"> 800</span> |
| <span id="801"> 801</span> |
| <span id="802"> 802</span> |
| <span id="803"> 803</span> |
| <span id="804"> 804</span> |
| <span id="805"> 805</span> |
| <span id="806"> 806</span> |
| <span id="807"> 807</span> |
| <span id="808"> 808</span> |
| <span id="809"> 809</span> |
| <span id="810"> 810</span> |
| <span id="811"> 811</span> |
| <span id="812"> 812</span> |
| <span id="813"> 813</span> |
| <span id="814"> 814</span> |
| <span id="815"> 815</span> |
| <span id="816"> 816</span> |
| <span id="817"> 817</span> |
| <span id="818"> 818</span> |
| <span id="819"> 819</span> |
| <span id="820"> 820</span> |
| <span id="821"> 821</span> |
| <span id="822"> 822</span> |
| <span id="823"> 823</span> |
| <span id="824"> 824</span> |
| <span id="825"> 825</span> |
| <span id="826"> 826</span> |
| <span id="827"> 827</span> |
| <span id="828"> 828</span> |
| <span id="829"> 829</span> |
| <span id="830"> 830</span> |
| <span id="831"> 831</span> |
| <span id="832"> 832</span> |
| <span id="833"> 833</span> |
| <span id="834"> 834</span> |
| <span id="835"> 835</span> |
| <span id="836"> 836</span> |
| <span id="837"> 837</span> |
| <span id="838"> 838</span> |
| <span id="839"> 839</span> |
| <span id="840"> 840</span> |
| <span id="841"> 841</span> |
| <span id="842"> 842</span> |
| <span id="843"> 843</span> |
| <span id="844"> 844</span> |
| <span id="845"> 845</span> |
| <span id="846"> 846</span> |
| <span id="847"> 847</span> |
| <span id="848"> 848</span> |
| <span id="849"> 849</span> |
| <span id="850"> 850</span> |
| <span id="851"> 851</span> |
| <span id="852"> 852</span> |
| <span id="853"> 853</span> |
| <span id="854"> 854</span> |
| <span id="855"> 855</span> |
| <span id="856"> 856</span> |
| <span id="857"> 857</span> |
| <span id="858"> 858</span> |
| <span id="859"> 859</span> |
| <span id="860"> 860</span> |
| <span id="861"> 861</span> |
| <span id="862"> 862</span> |
| <span id="863"> 863</span> |
| <span id="864"> 864</span> |
| <span id="865"> 865</span> |
| <span id="866"> 866</span> |
| <span id="867"> 867</span> |
| <span id="868"> 868</span> |
| <span id="869"> 869</span> |
| <span id="870"> 870</span> |
| <span id="871"> 871</span> |
| <span id="872"> 872</span> |
| <span id="873"> 873</span> |
| <span id="874"> 874</span> |
| <span id="875"> 875</span> |
| <span id="876"> 876</span> |
| <span id="877"> 877</span> |
| <span id="878"> 878</span> |
| <span id="879"> 879</span> |
| <span id="880"> 880</span> |
| <span id="881"> 881</span> |
| <span id="882"> 882</span> |
| <span id="883"> 883</span> |
| <span id="884"> 884</span> |
| <span id="885"> 885</span> |
| <span id="886"> 886</span> |
| <span id="887"> 887</span> |
| <span id="888"> 888</span> |
| <span id="889"> 889</span> |
| <span id="890"> 890</span> |
| <span id="891"> 891</span> |
| <span id="892"> 892</span> |
| <span id="893"> 893</span> |
| <span id="894"> 894</span> |
| <span id="895"> 895</span> |
| <span id="896"> 896</span> |
| <span id="897"> 897</span> |
| <span id="898"> 898</span> |
| <span id="899"> 899</span> |
| <span id="900"> 900</span> |
| <span id="901"> 901</span> |
| <span id="902"> 902</span> |
| <span id="903"> 903</span> |
| <span id="904"> 904</span> |
| <span id="905"> 905</span> |
| <span id="906"> 906</span> |
| <span id="907"> 907</span> |
| <span id="908"> 908</span> |
| <span id="909"> 909</span> |
| <span id="910"> 910</span> |
| <span id="911"> 911</span> |
| <span id="912"> 912</span> |
| <span id="913"> 913</span> |
| <span id="914"> 914</span> |
| <span id="915"> 915</span> |
| <span id="916"> 916</span> |
| <span id="917"> 917</span> |
| <span id="918"> 918</span> |
| <span id="919"> 919</span> |
| <span id="920"> 920</span> |
| <span id="921"> 921</span> |
| <span id="922"> 922</span> |
| <span id="923"> 923</span> |
| <span id="924"> 924</span> |
| <span id="925"> 925</span> |
| <span id="926"> 926</span> |
| <span id="927"> 927</span> |
| <span id="928"> 928</span> |
| <span id="929"> 929</span> |
| <span id="930"> 930</span> |
| <span id="931"> 931</span> |
| <span id="932"> 932</span> |
| <span id="933"> 933</span> |
| <span id="934"> 934</span> |
| <span id="935"> 935</span> |
| <span id="936"> 936</span> |
| <span id="937"> 937</span> |
| <span id="938"> 938</span> |
| <span id="939"> 939</span> |
| <span id="940"> 940</span> |
| <span id="941"> 941</span> |
| <span id="942"> 942</span> |
| <span id="943"> 943</span> |
| <span id="944"> 944</span> |
| <span id="945"> 945</span> |
| <span id="946"> 946</span> |
| <span id="947"> 947</span> |
| <span id="948"> 948</span> |
| <span id="949"> 949</span> |
| <span id="950"> 950</span> |
| <span id="951"> 951</span> |
| <span id="952"> 952</span> |
| <span id="953"> 953</span> |
| <span id="954"> 954</span> |
| <span id="955"> 955</span> |
| <span id="956"> 956</span> |
| <span id="957"> 957</span> |
| <span id="958"> 958</span> |
| <span id="959"> 959</span> |
| <span id="960"> 960</span> |
| <span id="961"> 961</span> |
| <span id="962"> 962</span> |
| <span id="963"> 963</span> |
| <span id="964"> 964</span> |
| <span id="965"> 965</span> |
| <span id="966"> 966</span> |
| <span id="967"> 967</span> |
| <span id="968"> 968</span> |
| <span id="969"> 969</span> |
| <span id="970"> 970</span> |
| <span id="971"> 971</span> |
| <span id="972"> 972</span> |
| <span id="973"> 973</span> |
| <span id="974"> 974</span> |
| <span id="975"> 975</span> |
| <span id="976"> 976</span> |
| <span id="977"> 977</span> |
| <span id="978"> 978</span> |
| <span id="979"> 979</span> |
| <span id="980"> 980</span> |
| <span id="981"> 981</span> |
| <span id="982"> 982</span> |
| <span id="983"> 983</span> |
| <span id="984"> 984</span> |
| <span id="985"> 985</span> |
| <span id="986"> 986</span> |
| <span id="987"> 987</span> |
| <span id="988"> 988</span> |
| <span id="989"> 989</span> |
| <span id="990"> 990</span> |
| <span id="991"> 991</span> |
| <span id="992"> 992</span> |
| <span id="993"> 993</span> |
| <span id="994"> 994</span> |
| <span id="995"> 995</span> |
| <span id="996"> 996</span> |
| <span id="997"> 997</span> |
| <span id="998"> 998</span> |
| <span id="999"> 999</span> |
| <span id="1000">1000</span> |
| <span id="1001">1001</span> |
| <span id="1002">1002</span> |
| <span id="1003">1003</span> |
| <span id="1004">1004</span> |
| <span id="1005">1005</span> |
| <span id="1006">1006</span> |
| <span id="1007">1007</span> |
| <span id="1008">1008</span> |
| <span id="1009">1009</span> |
| <span id="1010">1010</span> |
| <span id="1011">1011</span> |
| <span id="1012">1012</span> |
| <span id="1013">1013</span> |
| <span id="1014">1014</span> |
| <span id="1015">1015</span> |
| <span id="1016">1016</span> |
| <span id="1017">1017</span> |
| <span id="1018">1018</span> |
| <span id="1019">1019</span> |
| <span id="1020">1020</span> |
| <span id="1021">1021</span> |
| <span id="1022">1022</span> |
| <span id="1023">1023</span> |
| <span id="1024">1024</span> |
| <span id="1025">1025</span> |
| <span id="1026">1026</span> |
| <span id="1027">1027</span> |
| <span id="1028">1028</span> |
| <span id="1029">1029</span> |
| <span id="1030">1030</span> |
| <span id="1031">1031</span> |
| <span id="1032">1032</span> |
| <span id="1033">1033</span> |
| <span id="1034">1034</span> |
| <span id="1035">1035</span> |
| <span id="1036">1036</span> |
| <span id="1037">1037</span> |
| <span id="1038">1038</span> |
| <span id="1039">1039</span> |
| <span id="1040">1040</span> |
| <span id="1041">1041</span> |
| <span id="1042">1042</span> |
| <span id="1043">1043</span> |
| <span id="1044">1044</span> |
| <span id="1045">1045</span> |
| <span id="1046">1046</span> |
| <span id="1047">1047</span> |
| <span id="1048">1048</span> |
| <span id="1049">1049</span> |
| <span id="1050">1050</span> |
| <span id="1051">1051</span> |
| <span id="1052">1052</span> |
| <span id="1053">1053</span> |
| <span id="1054">1054</span> |
| <span id="1055">1055</span> |
| <span id="1056">1056</span> |
| <span id="1057">1057</span> |
| <span id="1058">1058</span> |
| <span id="1059">1059</span> |
| <span id="1060">1060</span> |
| <span id="1061">1061</span> |
| <span id="1062">1062</span> |
| <span id="1063">1063</span> |
| <span id="1064">1064</span> |
| <span id="1065">1065</span> |
| <span id="1066">1066</span> |
| <span id="1067">1067</span> |
| <span id="1068">1068</span> |
| <span id="1069">1069</span> |
| <span id="1070">1070</span> |
| <span id="1071">1071</span> |
| <span id="1072">1072</span> |
| <span id="1073">1073</span> |
| <span id="1074">1074</span> |
| <span id="1075">1075</span> |
| <span id="1076">1076</span> |
| <span id="1077">1077</span> |
| <span id="1078">1078</span> |
| <span id="1079">1079</span> |
| <span id="1080">1080</span> |
| <span id="1081">1081</span> |
| <span id="1082">1082</span> |
| <span id="1083">1083</span> |
| <span id="1084">1084</span> |
| <span id="1085">1085</span> |
| <span id="1086">1086</span> |
| <span id="1087">1087</span> |
| <span id="1088">1088</span> |
| <span id="1089">1089</span> |
| <span id="1090">1090</span> |
| <span id="1091">1091</span> |
| <span id="1092">1092</span> |
| <span id="1093">1093</span> |
| <span id="1094">1094</span> |
| <span id="1095">1095</span> |
| <span id="1096">1096</span> |
| <span id="1097">1097</span> |
| <span id="1098">1098</span> |
| <span id="1099">1099</span> |
| <span id="1100">1100</span> |
| <span id="1101">1101</span> |
| <span id="1102">1102</span> |
| <span id="1103">1103</span> |
| <span id="1104">1104</span> |
| <span id="1105">1105</span> |
| <span id="1106">1106</span> |
| <span id="1107">1107</span> |
| <span id="1108">1108</span> |
| <span id="1109">1109</span> |
| <span id="1110">1110</span> |
| <span id="1111">1111</span> |
| <span id="1112">1112</span> |
| <span id="1113">1113</span> |
| <span id="1114">1114</span> |
| <span id="1115">1115</span> |
| <span id="1116">1116</span> |
| <span id="1117">1117</span> |
| <span id="1118">1118</span> |
| <span id="1119">1119</span> |
| <span id="1120">1120</span> |
| <span id="1121">1121</span> |
| <span id="1122">1122</span> |
| <span id="1123">1123</span> |
| <span id="1124">1124</span> |
| <span id="1125">1125</span> |
| <span id="1126">1126</span> |
| <span id="1127">1127</span> |
| <span id="1128">1128</span> |
| <span id="1129">1129</span> |
| <span id="1130">1130</span> |
| <span id="1131">1131</span> |
| <span id="1132">1132</span> |
| <span id="1133">1133</span> |
| <span id="1134">1134</span> |
| <span id="1135">1135</span> |
| <span id="1136">1136</span> |
| <span id="1137">1137</span> |
| <span id="1138">1138</span> |
| <span id="1139">1139</span> |
| <span id="1140">1140</span> |
| <span id="1141">1141</span> |
| <span id="1142">1142</span> |
| <span id="1143">1143</span> |
| <span id="1144">1144</span> |
| <span id="1145">1145</span> |
| <span id="1146">1146</span> |
| <span id="1147">1147</span> |
| <span id="1148">1148</span> |
| <span id="1149">1149</span> |
| <span id="1150">1150</span> |
| <span id="1151">1151</span> |
| <span id="1152">1152</span> |
| <span id="1153">1153</span> |
| <span id="1154">1154</span> |
| <span id="1155">1155</span> |
| <span id="1156">1156</span> |
| <span id="1157">1157</span> |
| <span id="1158">1158</span> |
| <span id="1159">1159</span> |
| <span id="1160">1160</span> |
| <span id="1161">1161</span> |
| <span id="1162">1162</span> |
| <span id="1163">1163</span> |
| <span id="1164">1164</span> |
| <span id="1165">1165</span> |
| <span id="1166">1166</span> |
| <span id="1167">1167</span> |
| <span id="1168">1168</span> |
| <span id="1169">1169</span> |
| <span id="1170">1170</span> |
| <span id="1171">1171</span> |
| <span id="1172">1172</span> |
| <span id="1173">1173</span> |
| <span id="1174">1174</span> |
| <span id="1175">1175</span> |
| <span id="1176">1176</span> |
| <span id="1177">1177</span> |
| <span id="1178">1178</span> |
| <span id="1179">1179</span> |
| <span id="1180">1180</span> |
| <span id="1181">1181</span> |
| <span id="1182">1182</span> |
| <span id="1183">1183</span> |
| <span id="1184">1184</span> |
| <span id="1185">1185</span> |
| <span id="1186">1186</span> |
| <span id="1187">1187</span> |
| <span id="1188">1188</span> |
| <span id="1189">1189</span> |
| <span id="1190">1190</span> |
| <span id="1191">1191</span> |
| <span id="1192">1192</span> |
| <span id="1193">1193</span> |
| <span id="1194">1194</span> |
| <span id="1195">1195</span> |
| <span id="1196">1196</span> |
| <span id="1197">1197</span> |
| <span id="1198">1198</span> |
| <span id="1199">1199</span> |
| <span id="1200">1200</span> |
| <span id="1201">1201</span> |
| <span id="1202">1202</span> |
| <span id="1203">1203</span> |
| <span id="1204">1204</span> |
| <span id="1205">1205</span> |
| <span id="1206">1206</span> |
| <span id="1207">1207</span> |
| <span id="1208">1208</span> |
| <span id="1209">1209</span> |
| <span id="1210">1210</span> |
| <span id="1211">1211</span> |
| <span id="1212">1212</span> |
| <span id="1213">1213</span> |
| <span id="1214">1214</span> |
| <span id="1215">1215</span> |
| <span id="1216">1216</span> |
| <span id="1217">1217</span> |
| <span id="1218">1218</span> |
| <span id="1219">1219</span> |
| <span id="1220">1220</span> |
| <span id="1221">1221</span> |
| <span id="1222">1222</span> |
| <span id="1223">1223</span> |
| <span id="1224">1224</span> |
| <span id="1225">1225</span> |
| <span id="1226">1226</span> |
| <span id="1227">1227</span> |
| <span id="1228">1228</span> |
| <span id="1229">1229</span> |
| <span id="1230">1230</span> |
| <span id="1231">1231</span> |
| <span id="1232">1232</span> |
| <span id="1233">1233</span> |
| <span id="1234">1234</span> |
| <span id="1235">1235</span> |
| <span id="1236">1236</span> |
| <span id="1237">1237</span> |
| <span id="1238">1238</span> |
| <span id="1239">1239</span> |
| <span id="1240">1240</span> |
| <span id="1241">1241</span> |
| <span id="1242">1242</span> |
| <span id="1243">1243</span> |
| <span id="1244">1244</span> |
| <span id="1245">1245</span> |
| <span id="1246">1246</span> |
| <span id="1247">1247</span> |
| <span id="1248">1248</span> |
| <span id="1249">1249</span> |
| <span id="1250">1250</span> |
| <span id="1251">1251</span> |
| <span id="1252">1252</span> |
| <span id="1253">1253</span> |
| <span id="1254">1254</span> |
| <span id="1255">1255</span> |
| <span id="1256">1256</span> |
| <span id="1257">1257</span> |
| <span id="1258">1258</span> |
| <span id="1259">1259</span> |
| <span id="1260">1260</span> |
| <span id="1261">1261</span> |
| <span id="1262">1262</span> |
| <span id="1263">1263</span> |
| <span id="1264">1264</span> |
| <span id="1265">1265</span> |
| <span id="1266">1266</span> |
| <span id="1267">1267</span> |
| <span id="1268">1268</span> |
| <span id="1269">1269</span> |
| <span id="1270">1270</span> |
| <span id="1271">1271</span> |
| <span id="1272">1272</span> |
| <span id="1273">1273</span> |
| <span id="1274">1274</span> |
| <span id="1275">1275</span> |
| <span id="1276">1276</span> |
| <span id="1277">1277</span> |
| <span id="1278">1278</span> |
| <span id="1279">1279</span> |
| <span id="1280">1280</span> |
| <span id="1281">1281</span> |
| <span id="1282">1282</span> |
| <span id="1283">1283</span> |
| <span id="1284">1284</span> |
| <span id="1285">1285</span> |
| <span id="1286">1286</span> |
| <span id="1287">1287</span> |
| <span id="1288">1288</span> |
| <span id="1289">1289</span> |
| <span id="1290">1290</span> |
| <span id="1291">1291</span> |
| <span id="1292">1292</span> |
| <span id="1293">1293</span> |
| <span id="1294">1294</span> |
| <span id="1295">1295</span> |
| <span id="1296">1296</span> |
| <span id="1297">1297</span> |
| <span id="1298">1298</span> |
| <span id="1299">1299</span> |
| <span id="1300">1300</span> |
| <span id="1301">1301</span> |
| <span id="1302">1302</span> |
| <span id="1303">1303</span> |
| <span id="1304">1304</span> |
| <span id="1305">1305</span> |
| <span id="1306">1306</span> |
| <span id="1307">1307</span> |
| <span id="1308">1308</span> |
| <span id="1309">1309</span> |
| <span id="1310">1310</span> |
| <span id="1311">1311</span> |
| <span id="1312">1312</span> |
| <span id="1313">1313</span> |
| <span id="1314">1314</span> |
| <span id="1315">1315</span> |
| <span id="1316">1316</span> |
| <span id="1317">1317</span> |
| <span id="1318">1318</span> |
| <span id="1319">1319</span> |
| <span id="1320">1320</span> |
| <span id="1321">1321</span> |
| <span id="1322">1322</span> |
| <span id="1323">1323</span> |
| <span id="1324">1324</span> |
| <span id="1325">1325</span> |
| <span id="1326">1326</span> |
| <span id="1327">1327</span> |
| <span id="1328">1328</span> |
| <span id="1329">1329</span> |
| <span id="1330">1330</span> |
| <span id="1331">1331</span> |
| <span id="1332">1332</span> |
| <span id="1333">1333</span> |
| <span id="1334">1334</span> |
| <span id="1335">1335</span> |
| <span id="1336">1336</span> |
| <span id="1337">1337</span> |
| <span id="1338">1338</span> |
| <span id="1339">1339</span> |
| <span id="1340">1340</span> |
| <span id="1341">1341</span> |
| <span id="1342">1342</span> |
| <span id="1343">1343</span> |
| <span id="1344">1344</span> |
| <span id="1345">1345</span> |
| <span id="1346">1346</span> |
| <span id="1347">1347</span> |
| <span id="1348">1348</span> |
| <span id="1349">1349</span> |
| <span id="1350">1350</span> |
| <span id="1351">1351</span> |
| <span id="1352">1352</span> |
| <span id="1353">1353</span> |
| <span id="1354">1354</span> |
| <span id="1355">1355</span> |
| <span id="1356">1356</span> |
| <span id="1357">1357</span> |
| <span id="1358">1358</span> |
| <span id="1359">1359</span> |
| <span id="1360">1360</span> |
| <span id="1361">1361</span> |
| <span id="1362">1362</span> |
| <span id="1363">1363</span> |
| <span id="1364">1364</span> |
| <span id="1365">1365</span> |
| <span id="1366">1366</span> |
| <span id="1367">1367</span> |
| <span id="1368">1368</span> |
| <span id="1369">1369</span> |
| <span id="1370">1370</span> |
| <span id="1371">1371</span> |
| <span id="1372">1372</span> |
| <span id="1373">1373</span> |
| <span id="1374">1374</span> |
| <span id="1375">1375</span> |
| <span id="1376">1376</span> |
| <span id="1377">1377</span> |
| <span id="1378">1378</span> |
| <span id="1379">1379</span> |
| <span id="1380">1380</span> |
| <span id="1381">1381</span> |
| <span id="1382">1382</span> |
| <span id="1383">1383</span> |
| <span id="1384">1384</span> |
| <span id="1385">1385</span> |
| <span id="1386">1386</span> |
| <span id="1387">1387</span> |
| <span id="1388">1388</span> |
| <span id="1389">1389</span> |
| <span id="1390">1390</span> |
| <span id="1391">1391</span> |
| <span id="1392">1392</span> |
| <span id="1393">1393</span> |
| <span id="1394">1394</span> |
| <span id="1395">1395</span> |
| <span id="1396">1396</span> |
| <span id="1397">1397</span> |
| <span id="1398">1398</span> |
| <span id="1399">1399</span> |
| <span id="1400">1400</span> |
| <span id="1401">1401</span> |
| <span id="1402">1402</span> |
| <span id="1403">1403</span> |
| <span id="1404">1404</span> |
| <span id="1405">1405</span> |
| <span id="1406">1406</span> |
| <span id="1407">1407</span> |
| <span id="1408">1408</span> |
| <span id="1409">1409</span> |
| <span id="1410">1410</span> |
| <span id="1411">1411</span> |
| <span id="1412">1412</span> |
| <span id="1413">1413</span> |
| <span id="1414">1414</span> |
| <span id="1415">1415</span> |
| <span id="1416">1416</span> |
| <span id="1417">1417</span> |
| <span id="1418">1418</span> |
| <span id="1419">1419</span> |
| <span id="1420">1420</span> |
| <span id="1421">1421</span> |
| <span id="1422">1422</span> |
| <span id="1423">1423</span> |
| <span id="1424">1424</span> |
| <span id="1425">1425</span> |
| <span id="1426">1426</span> |
| <span id="1427">1427</span> |
| <span id="1428">1428</span> |
| <span id="1429">1429</span> |
| <span id="1430">1430</span> |
| <span id="1431">1431</span> |
| <span id="1432">1432</span> |
| <span id="1433">1433</span> |
| <span id="1434">1434</span> |
| <span id="1435">1435</span> |
| <span id="1436">1436</span> |
| <span id="1437">1437</span> |
| <span id="1438">1438</span> |
| <span id="1439">1439</span> |
| <span id="1440">1440</span> |
| <span id="1441">1441</span> |
| <span id="1442">1442</span> |
| <span id="1443">1443</span> |
| <span id="1444">1444</span> |
| <span id="1445">1445</span> |
| <span id="1446">1446</span> |
| <span id="1447">1447</span> |
| <span id="1448">1448</span> |
| <span id="1449">1449</span> |
| <span id="1450">1450</span> |
| <span id="1451">1451</span> |
| <span id="1452">1452</span> |
| <span id="1453">1453</span> |
| <span id="1454">1454</span> |
| <span id="1455">1455</span> |
| <span id="1456">1456</span> |
| <span id="1457">1457</span> |
| <span id="1458">1458</span> |
| <span id="1459">1459</span> |
| <span id="1460">1460</span> |
| <span id="1461">1461</span> |
| <span id="1462">1462</span> |
| <span id="1463">1463</span> |
| <span id="1464">1464</span> |
| <span id="1465">1465</span> |
| <span id="1466">1466</span> |
| <span id="1467">1467</span> |
| <span id="1468">1468</span> |
| <span id="1469">1469</span> |
| <span id="1470">1470</span> |
| <span id="1471">1471</span> |
| <span id="1472">1472</span> |
| <span id="1473">1473</span> |
| <span id="1474">1474</span> |
| <span id="1475">1475</span> |
| <span id="1476">1476</span> |
| <span id="1477">1477</span> |
| <span id="1478">1478</span> |
| <span id="1479">1479</span> |
| <span id="1480">1480</span> |
| <span id="1481">1481</span> |
| <span id="1482">1482</span> |
| <span id="1483">1483</span> |
| <span id="1484">1484</span> |
| <span id="1485">1485</span> |
| <span id="1486">1486</span> |
| <span id="1487">1487</span> |
| <span id="1488">1488</span> |
| <span id="1489">1489</span> |
| <span id="1490">1490</span> |
| <span id="1491">1491</span> |
| <span id="1492">1492</span> |
| <span id="1493">1493</span> |
| <span id="1494">1494</span> |
| <span id="1495">1495</span> |
| <span id="1496">1496</span> |
| <span id="1497">1497</span> |
| <span id="1498">1498</span> |
| <span id="1499">1499</span> |
| <span id="1500">1500</span> |
| <span id="1501">1501</span> |
| <span id="1502">1502</span> |
| <span id="1503">1503</span> |
| <span id="1504">1504</span> |
| <span id="1505">1505</span> |
| <span id="1506">1506</span> |
| <span id="1507">1507</span> |
| <span id="1508">1508</span> |
| <span id="1509">1509</span> |
| <span id="1510">1510</span> |
| <span id="1511">1511</span> |
| <span id="1512">1512</span> |
| <span id="1513">1513</span> |
| <span id="1514">1514</span> |
| <span id="1515">1515</span> |
| <span id="1516">1516</span> |
| <span id="1517">1517</span> |
| <span id="1518">1518</span> |
| <span id="1519">1519</span> |
| <span id="1520">1520</span> |
| <span id="1521">1521</span> |
| <span id="1522">1522</span> |
| <span id="1523">1523</span> |
| <span id="1524">1524</span> |
| <span id="1525">1525</span> |
| <span id="1526">1526</span> |
| <span id="1527">1527</span> |
| <span id="1528">1528</span> |
| <span id="1529">1529</span> |
| <span id="1530">1530</span> |
| <span id="1531">1531</span> |
| <span id="1532">1532</span> |
| <span id="1533">1533</span> |
| <span id="1534">1534</span> |
| <span id="1535">1535</span> |
| <span id="1536">1536</span> |
| <span id="1537">1537</span> |
| <span id="1538">1538</span> |
| <span id="1539">1539</span> |
| <span id="1540">1540</span> |
| <span id="1541">1541</span> |
| <span id="1542">1542</span> |
| <span id="1543">1543</span> |
| <span id="1544">1544</span> |
| <span id="1545">1545</span> |
| <span id="1546">1546</span> |
| <span id="1547">1547</span> |
| <span id="1548">1548</span> |
| <span id="1549">1549</span> |
| <span id="1550">1550</span> |
| <span id="1551">1551</span> |
| <span id="1552">1552</span> |
| <span id="1553">1553</span> |
| <span id="1554">1554</span> |
| <span id="1555">1555</span> |
| <span id="1556">1556</span> |
| <span id="1557">1557</span> |
| <span id="1558">1558</span> |
| <span id="1559">1559</span> |
| <span id="1560">1560</span> |
| <span id="1561">1561</span> |
| <span id="1562">1562</span> |
| <span id="1563">1563</span> |
| <span id="1564">1564</span> |
| <span id="1565">1565</span> |
| <span id="1566">1566</span> |
| <span id="1567">1567</span> |
| <span id="1568">1568</span> |
| <span id="1569">1569</span> |
| <span id="1570">1570</span> |
| <span id="1571">1571</span> |
| <span id="1572">1572</span> |
| <span id="1573">1573</span> |
| <span id="1574">1574</span> |
| <span id="1575">1575</span> |
| <span id="1576">1576</span> |
| <span id="1577">1577</span> |
| <span id="1578">1578</span> |
| <span id="1579">1579</span> |
| <span id="1580">1580</span> |
| <span id="1581">1581</span> |
| <span id="1582">1582</span> |
| <span id="1583">1583</span> |
| <span id="1584">1584</span> |
| <span id="1585">1585</span> |
| <span id="1586">1586</span> |
| <span id="1587">1587</span> |
| <span id="1588">1588</span> |
| <span id="1589">1589</span> |
| <span id="1590">1590</span> |
| <span id="1591">1591</span> |
| <span id="1592">1592</span> |
| <span id="1593">1593</span> |
| <span id="1594">1594</span> |
| <span id="1595">1595</span> |
| <span id="1596">1596</span> |
| <span id="1597">1597</span> |
| <span id="1598">1598</span> |
| <span id="1599">1599</span> |
| <span id="1600">1600</span> |
| <span id="1601">1601</span> |
| <span id="1602">1602</span> |
| <span id="1603">1603</span> |
| <span id="1604">1604</span> |
| <span id="1605">1605</span> |
| <span id="1606">1606</span> |
| <span id="1607">1607</span> |
| <span id="1608">1608</span> |
| <span id="1609">1609</span> |
| <span id="1610">1610</span> |
| <span id="1611">1611</span> |
| <span id="1612">1612</span> |
| <span id="1613">1613</span> |
| <span id="1614">1614</span> |
| <span id="1615">1615</span> |
| <span id="1616">1616</span> |
| <span id="1617">1617</span> |
| <span id="1618">1618</span> |
| <span id="1619">1619</span> |
| <span id="1620">1620</span> |
| <span id="1621">1621</span> |
| <span id="1622">1622</span> |
| <span id="1623">1623</span> |
| <span id="1624">1624</span> |
| <span id="1625">1625</span> |
| <span id="1626">1626</span> |
| <span id="1627">1627</span> |
| <span id="1628">1628</span> |
| <span id="1629">1629</span> |
| <span id="1630">1630</span> |
| <span id="1631">1631</span> |
| <span id="1632">1632</span> |
| <span id="1633">1633</span> |
| <span id="1634">1634</span> |
| <span id="1635">1635</span> |
| <span id="1636">1636</span> |
| <span id="1637">1637</span> |
| <span id="1638">1638</span> |
| <span id="1639">1639</span> |
| <span id="1640">1640</span> |
| <span id="1641">1641</span> |
| <span id="1642">1642</span> |
| <span id="1643">1643</span> |
| <span id="1644">1644</span> |
| <span id="1645">1645</span> |
| <span id="1646">1646</span> |
| <span id="1647">1647</span> |
| <span id="1648">1648</span> |
| <span id="1649">1649</span> |
| <span id="1650">1650</span> |
| <span id="1651">1651</span> |
| <span id="1652">1652</span> |
| <span id="1653">1653</span> |
| <span id="1654">1654</span> |
| <span id="1655">1655</span> |
| <span id="1656">1656</span> |
| <span id="1657">1657</span> |
| <span id="1658">1658</span> |
| <span id="1659">1659</span> |
| <span id="1660">1660</span> |
| <span id="1661">1661</span> |
| <span id="1662">1662</span> |
| <span id="1663">1663</span> |
| <span id="1664">1664</span> |
| <span id="1665">1665</span> |
| <span id="1666">1666</span> |
| <span id="1667">1667</span> |
| <span id="1668">1668</span> |
| <span id="1669">1669</span> |
| <span id="1670">1670</span> |
| <span id="1671">1671</span> |
| <span id="1672">1672</span> |
| <span id="1673">1673</span> |
| <span id="1674">1674</span> |
| <span id="1675">1675</span> |
| <span id="1676">1676</span> |
| <span id="1677">1677</span> |
| <span id="1678">1678</span> |
| <span id="1679">1679</span> |
| <span id="1680">1680</span> |
| <span id="1681">1681</span> |
| <span id="1682">1682</span> |
| <span id="1683">1683</span> |
| <span id="1684">1684</span> |
| <span id="1685">1685</span> |
| <span id="1686">1686</span> |
| <span id="1687">1687</span> |
| <span id="1688">1688</span> |
| <span id="1689">1689</span> |
| <span id="1690">1690</span> |
| <span id="1691">1691</span> |
| <span id="1692">1692</span> |
| <span id="1693">1693</span> |
| <span id="1694">1694</span> |
| <span id="1695">1695</span> |
| <span id="1696">1696</span> |
| <span id="1697">1697</span> |
| <span id="1698">1698</span> |
| <span id="1699">1699</span> |
| <span id="1700">1700</span> |
| <span id="1701">1701</span> |
| <span id="1702">1702</span> |
| <span id="1703">1703</span> |
| <span id="1704">1704</span> |
| <span id="1705">1705</span> |
| <span id="1706">1706</span> |
| <span id="1707">1707</span> |
| <span id="1708">1708</span> |
| <span id="1709">1709</span> |
| <span id="1710">1710</span> |
| <span id="1711">1711</span> |
| <span id="1712">1712</span> |
| <span id="1713">1713</span> |
| <span id="1714">1714</span> |
| <span id="1715">1715</span> |
| <span id="1716">1716</span> |
| <span id="1717">1717</span> |
| <span id="1718">1718</span> |
| <span id="1719">1719</span> |
| <span id="1720">1720</span> |
| <span id="1721">1721</span> |
| <span id="1722">1722</span> |
| <span id="1723">1723</span> |
| <span id="1724">1724</span> |
| <span id="1725">1725</span> |
| <span id="1726">1726</span> |
| <span id="1727">1727</span> |
| <span id="1728">1728</span> |
| <span id="1729">1729</span> |
| <span id="1730">1730</span> |
| <span id="1731">1731</span> |
| <span id="1732">1732</span> |
| <span id="1733">1733</span> |
| <span id="1734">1734</span> |
| <span id="1735">1735</span> |
| <span id="1736">1736</span> |
| <span id="1737">1737</span> |
| <span id="1738">1738</span> |
| <span id="1739">1739</span> |
| <span id="1740">1740</span> |
| <span id="1741">1741</span> |
| <span id="1742">1742</span> |
| <span id="1743">1743</span> |
| <span id="1744">1744</span> |
| <span id="1745">1745</span> |
| <span id="1746">1746</span> |
| <span id="1747">1747</span> |
| <span id="1748">1748</span> |
| <span id="1749">1749</span> |
| <span id="1750">1750</span> |
| <span id="1751">1751</span> |
| <span id="1752">1752</span> |
| <span id="1753">1753</span> |
| <span id="1754">1754</span> |
| <span id="1755">1755</span> |
| <span id="1756">1756</span> |
| <span id="1757">1757</span> |
| <span id="1758">1758</span> |
| <span id="1759">1759</span> |
| <span id="1760">1760</span> |
| <span id="1761">1761</span> |
| <span id="1762">1762</span> |
| <span id="1763">1763</span> |
| <span id="1764">1764</span> |
| <span id="1765">1765</span> |
| </pre><pre class="rust"><code><span class="comment">// Licensed to the Apache Software Foundation (ASF) under one</span> |
| <span class="comment">// or more contributor license agreements. See the NOTICE file</span> |
| <span class="comment">// distributed with this work for additional information</span> |
| <span class="comment">// regarding copyright ownership. The ASF licenses this file</span> |
| <span class="comment">// to you under the Apache License, Version 2.0 (the</span> |
| <span class="comment">// "License"); you may not use this file except in compliance</span> |
| <span class="comment">// with the License. You may obtain a copy of the License at</span> |
| <span class="comment">//</span> |
| <span class="comment">// http://www.apache.org/licenses/LICENSE-2.0</span> |
| <span class="comment">//</span> |
| <span class="comment">// Unless required by applicable law or agreed to in writing,</span> |
| <span class="comment">// software distributed under the License is distributed on an</span> |
| <span class="comment">// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</span> |
| <span class="comment">// KIND, either express or implied. See the License for the</span> |
| <span class="comment">// specific language governing permissions and limitations</span> |
| <span class="comment">// under the License.</span> |
| |
| <span class="kw">use</span> <span class="kw">crate</span>::{<span class="ident">Attribute</span>, <span class="ident">Error</span>, <span class="ident">ObjHandle</span>, <span class="prelude-ty">Result</span>, <span class="ident">TransientObject</span>}; |
| <span class="kw">use</span> <span class="ident">optee_utee_sys</span> <span class="kw">as</span> <span class="ident">raw</span>; |
| <span class="kw">use</span> <span class="ident">std</span>::{<span class="ident">mem</span>, <span class="ident">ptr</span>}; |
| |
| <span class="doccomment">/// Specify one of the available cryptographic operations.</span> |
| <span class="attribute">#[<span class="ident">repr</span>(<span class="ident">u32</span>)]</span> |
| <span class="kw">pub</span> <span class="kw">enum</span> <span class="ident">OperationMode</span> { |
| <span class="doccomment">/// Encryption mode</span> |
| <span class="ident">Encrypt</span> <span class="op">=</span> <span class="number">0</span>, |
| <span class="doccomment">/// Decryption mode</span> |
| <span class="ident">Decrypt</span> <span class="op">=</span> <span class="number">1</span>, |
| <span class="doccomment">/// Signature generation mode</span> |
| <span class="ident">Sign</span> <span class="op">=</span> <span class="number">2</span>, |
| <span class="doccomment">/// Signature verfication mode</span> |
| <span class="ident">Verify</span> <span class="op">=</span> <span class="number">3</span>, |
| <span class="doccomment">/// MAC mode</span> |
| <span class="ident">Mac</span> <span class="op">=</span> <span class="number">4</span>, |
| <span class="doccomment">/// Digest mode</span> |
| <span class="ident">Digest</span> <span class="op">=</span> <span class="number">5</span>, |
| <span class="doccomment">/// Key derivation mode</span> |
| <span class="ident">Derive</span> <span class="op">=</span> <span class="number">6</span>, |
| <span class="doccomment">/// Reserve for testing and validation</span> |
| <span class="ident">IllegalValue</span> <span class="op">=</span> <span class="number">0x7fffffff</span>, |
| } |
| |
| <span class="doccomment">/// Represent the information about a crypto information.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">OperationInfo</span> { |
| <span class="ident">raw</span>: <span class="ident">raw::TEE_OperationInfo</span>, |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OperationInfo</span> { |
| <span class="doccomment">/// Return the `OperationInfo` struct based on the raw struct `TEE_OperationInfo`.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// The raw structure contains following fields:</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `algorithm`: One of the algorithm of [AlgorithmId](AlgorithmId).</span> |
| <span class="doccomment">/// 2) `mode`: One of the mode of [OperationMode](OperationMode).</span> |
| <span class="doccomment">/// 3) `maxKeySize`: The maximum key sizes of different algorithms as defined in</span> |
| <span class="doccomment">/// [TransientObjectType](../object/enum.TransientObjectType.html).</span> |
| <span class="doccomment">/// 4) `operationClass`: One of the constants from [OperationConstant](OperationConstant).</span> |
| <span class="doccomment">/// 5) `keySize`:</span> |
| <span class="doccomment">/// 5.1) For an operation that makes no use of keys, 0.</span> |
| <span class="doccomment">/// 5.2) For an operation that uses a single key, the actual size of this key.</span> |
| <span class="doccomment">/// 5.3) For an operation that uses multiple keys, 0. (The actual value of `keySize` can be obtained from</span> |
| <span class="doccomment">/// [OperationInfoMultiple](OperationInfoMultiple)).</span> |
| <span class="doccomment">/// 6) `requiredKeyUsage`:</span> |
| <span class="doccomment">/// 6.1) For an operation that makes no use of keys, 0.</span> |
| <span class="doccomment">/// 6.2) For an operation that uses a single key, a bit vector that describes the necessary bits in the object</span> |
| <span class="doccomment">/// usage for `set_key` functions to succeed without panicking.</span> |
| <span class="doccomment">/// 6.3) For an operation that uses multiple keys, 0. (The actual value of `requiredKeyUsage` can be obtained from</span> |
| <span class="doccomment">/// [OperationInfoMultiple](OperationInfoMultiple).</span> |
| <span class="doccomment">/// 7) `digestLength`: For a [Mac](Mac), [AE](AE), or [Digest](Digest), describes the number of bytes in the digest or tag.</span> |
| <span class="doccomment">/// 8) `handleState`: A bit vector describing the current state of the operation. Contains one or more of the</span> |
| <span class="doccomment">/// [HandleFlag](../object/struct.HandleFlag.html).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">from_raw</span>(<span class="ident">raw</span>: <span class="ident">raw::TEE_OperationInfo</span>) <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span> { <span class="ident">raw</span> } |
| } |
| |
| <span class="doccomment">/// Return the `keySize` field of the raw structure `TEE_OperationInfo`.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">key_size</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">u32</span> { |
| <span class="self">self</span>.<span class="ident">raw</span>.<span class="ident">keySize</span> |
| } |
| |
| <span class="doccomment">/// Return the `maxDataSize` field of the raw structure `TEE_OperationInfo`.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">max_key_size</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">u32</span> { |
| <span class="self">self</span>.<span class="ident">raw</span>.<span class="ident">maxKeySize</span> |
| } |
| } |
| |
| <span class="doccomment">/// Every operation of [AE](AE), [Asymmetric](Asymmetric), [Cipher](Cipher),</span> |
| <span class="doccomment">/// [DeriveKey](DeriveKey), [Digest](Digest), [Mac](Mac) can be either one of the two states.</span> |
| <span class="attribute">#[<span class="ident">repr</span>(<span class="ident">u32</span>)]</span> |
| <span class="kw">pub</span> <span class="kw">enum</span> <span class="ident">OperationStates</span> { |
| <span class="doccomment">/// Nothing is going on.</span> |
| <span class="ident">Initial</span> <span class="op">=</span> <span class="number">0x00000000</span>, |
| <span class="doccomment">/// An operation is in progress.</span> |
| <span class="ident">Active</span> <span class="op">=</span> <span class="number">0x00000001</span>, |
| } |
| |
| <span class="doccomment">/// Define the supported crypto operation.</span> |
| <span class="kw">pub</span> <span class="kw">enum</span> <span class="ident">OperationConstant</span> { |
| <span class="doccomment">/// [Cipher](Cipher)</span> |
| <span class="ident">Cipher</span> <span class="op">=</span> <span class="number">1</span>, |
| <span class="doccomment">/// [Mac](Mac)</span> |
| <span class="ident">Mac</span> <span class="op">=</span> <span class="number">3</span>, |
| <span class="doccomment">/// [AE](AE)</span> |
| <span class="ident">Ae</span> <span class="op">=</span> <span class="number">4</span>, |
| <span class="doccomment">/// [Digest](Digest)</span> |
| <span class="ident">Digest</span> <span class="op">=</span> <span class="number">5</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric)</span> |
| <span class="ident">AsymmetricCipher</span> <span class="op">=</span> <span class="number">6</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric)</span> |
| <span class="ident">AsymmetricSignature</span> <span class="op">=</span> <span class="number">7</span>, |
| <span class="doccomment">/// [DeriveKey](DeriveKey)</span> |
| <span class="ident">KeyDerivation</span> <span class="op">=</span> <span class="number">8</span>, |
| } |
| |
| <span class="doccomment">/// Represent the information about a crypto information which uses multiple keys.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">OperationInfoMultiple</span> { |
| <span class="ident">raw</span>: <span class="kw-2">*</span><span class="kw-2">mut</span> <span class="ident">raw::TEE_OperationInfoMultiple</span>, |
| <span class="ident">size</span>: <span class="ident">usize</span>, |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OperationInfoMultiple</span> { |
| <span class="doccomment">/// Return the `OperationInfoMultiple` struct based on the raw struct `TEE_OperationInfo`.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// The raw structure contains following fields:</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `algorithm`: One of the algorithm of [AlgorithmId](AlgorithmId).</span> |
| <span class="doccomment">/// 2) `mode`: One of the mode of [OperationMode](OperationMode).</span> |
| <span class="doccomment">/// 3) `maxKeySize`: The maximum key sizes of different algorithms as defined in</span> |
| <span class="doccomment">/// [TransientObjectType](../object/enum.TransientObjectType.html).</span> |
| <span class="doccomment">/// 4) `operationClass`: One of the constants from [OperationConstant](OperationConstant).</span> |
| <span class="doccomment">/// 5) `digestLength`: For a [Mac](Mac), [AE](AE), or [Digest](Digest), describes the number of bytes in the digest or tag.</span> |
| <span class="doccomment">/// 6) `handleState`: A bit vector describing the current state of the operation. Contains one or more of the [HandleFlag](../object/struct.HandleFlag.html).</span> |
| <span class="doccomment">/// 7) `operationState`: Every operation has two states which are defined as</span> |
| <span class="doccomment">/// [OperationStates](OperationStates).</span> |
| <span class="doccomment">/// 8) `numberOfKeys`: This is set to the number of keys required by this operation. May be 0 for an operation which requires no keys.</span> |
| <span class="doccomment">/// 9) `keyInformation`: This array contains numberOfKeys entries, each of which defines the details for one key used by the operation,</span> |
| <span class="doccomment">/// in the order they are defined.</span> |
| <span class="doccomment">/// If the buffer is larger than required to support `numberOfKeys` entries, the additional space is not initialized or modified.</span> |
| <span class="doccomment">/// For each element:</span> |
| <span class="doccomment">/// 9.1) `keySize`: If a key is programmed in the operation, the actual size of this key, otherwise 0.</span> |
| <span class="doccomment">/// 9.2) `requiredKeyUsage`: A bit vector that describes the necessary bits in the object usage for `set_key` or `set_key_2` to succeed without panicking.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">from_raw</span>(<span class="ident">raw</span>: <span class="kw-2">*</span><span class="kw-2">mut</span> <span class="ident">raw::TEE_OperationInfoMultiple</span>, <span class="ident">size</span>: <span class="ident">usize</span>) <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span> { <span class="ident">raw</span>, <span class="ident">size</span> } |
| } |
| |
| <span class="doccomment">/// Return the raw struct `TEE_OperationInfoMultiple`.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">raw</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="kw-2">*</span><span class="kw-2">mut</span> <span class="ident">raw::TEE_OperationInfoMultiple</span> { |
| <span class="self">self</span>.<span class="ident">raw</span> |
| } |
| |
| <span class="doccomment">/// Return the `size` field of the raw structure `TEE_OperationInfoMultiple`.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">size</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">usize</span> { |
| <span class="self">self</span>.<span class="ident">size</span> |
| } |
| } |
| |
| <span class="doccomment">/// An opaque reference that identifies a particular cryptographic operation.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">OperationHandle</span> { |
| <span class="ident">raw</span>: <span class="kw-2">*</span><span class="kw-2">mut</span> <span class="ident">raw::TEE_OperationHandle</span>, |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OperationHandle</span> { |
| <span class="kw">fn</span> <span class="ident">from_raw</span>(<span class="ident">raw</span>: <span class="kw-2">*</span><span class="kw-2">mut</span> <span class="ident">raw::TEE_OperationHandle</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationHandle</span> { |
| <span class="self">Self</span> { <span class="ident">raw</span> } |
| } |
| |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span> { |
| <span class="kw">unsafe</span> { <span class="kw-2">*</span>(<span class="self">self</span>.<span class="ident">raw</span>) } |
| } |
| |
| <span class="kw">fn</span> <span class="ident">null</span>() <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="ident">OperationHandle::from_raw</span>(<span class="ident">ptr::null_mut</span>()) |
| } |
| |
| <span class="kw">fn</span> <span class="ident">allocate</span>(<span class="ident">algo</span>: <span class="ident">AlgorithmId</span>, <span class="ident">mode</span>: <span class="ident">OperationMode</span>, <span class="ident">max_key_size</span>: <span class="ident">usize</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="self">Self</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="ident">raw_handle</span>: <span class="kw-2">*</span><span class="kw-2">mut</span> <span class="ident">raw::TEE_OperationHandle</span> <span class="op">=</span> <span class="ident">Box::into_raw</span>(<span class="ident">Box::new</span>(<span class="ident">ptr::null_mut</span>())); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AllocateOperation</span>( |
| <span class="ident">raw_handle</span> <span class="kw">as</span> <span class="kw-2">*</span><span class="kw-2">mut</span> <span class="kw">_</span>, |
| <span class="ident">algo</span> <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">mode</span> <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">max_key_size</span> <span class="kw">as</span> <span class="ident">u32</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="ident"><span class="self">Self</span>::from_raw</span>(<span class="ident">raw_handle</span>)), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="kw">fn</span> <span class="ident">info</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationInfo</span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">raw_info</span>: <span class="ident">raw::TEE_OperationInfo</span> <span class="op">=</span> <span class="kw">unsafe</span> { <span class="ident">mem::zeroed</span>() }; |
| <span class="kw">unsafe</span> { <span class="ident">raw::TEE_GetOperationInfo</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">raw_info</span>) }; |
| <span class="ident">OperationInfo::from_raw</span>(<span class="ident">raw_info</span>) |
| } |
| |
| <span class="kw">fn</span> <span class="ident">info_multiple</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">info_buf</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">OperationInfoMultiple</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">tmp_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="number">0</span>; |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_GetOperationInfoMultiple</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">info_buf</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">tmp_size</span>) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="ident">OperationInfoMultiple::from_raw</span>( |
| <span class="ident">info_buf</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">tmp_size</span>, |
| )), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="kw">fn</span> <span class="ident">reset</span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>) { |
| <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_ResetOperation</span>(<span class="self">self</span>.<span class="ident">handle</span>()); |
| } |
| } |
| |
| <span class="kw">fn</span> <span class="ident">set_key</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">ObjHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">object</span>: <span class="kw-2">&</span><span class="ident">T</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="kw">match</span> <span class="kw">unsafe</span> { <span class="ident">raw::TEE_SetOperationKey</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">object</span>.<span class="ident">handle</span>()) } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="kw">return</span> <span class="prelude-val">Ok</span>(()), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="kw">fn</span> <span class="ident">copy</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">OpHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span><span class="ident">T</span>) { |
| <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_CopyOperation</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">src</span>.<span class="ident">handle</span>()); |
| } |
| } |
| } |
| |
| <span class="doccomment">/// determine whether a combination of algId and element is supported</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">is_algorithm_supported</span>(<span class="ident">alg_id</span>: <span class="ident">u32</span>, <span class="ident">element</span>: <span class="ident">u32</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="kw">match</span> <span class="kw">unsafe</span> { <span class="ident">raw::TEE_IsAlgorithmSupported</span>(<span class="ident">alg_id</span>, <span class="ident">element</span>) } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(()), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="comment">// free before check it's not null</span> |
| <span class="doccomment">/// Deallocate all resources associated with an operation handle. After this function is called,</span> |
| <span class="doccomment">/// the operation handle is no longer valid. All cryptographic material in the operation is destroyed.</span> |
| <span class="kw">impl</span> <span class="ident">Drop</span> <span class="kw">for</span> <span class="ident">OperationHandle</span> { |
| <span class="kw">fn</span> <span class="ident">drop</span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>) { |
| <span class="kw">unsafe</span> { |
| <span class="kw">if</span> <span class="self">self</span>.<span class="ident">raw</span> <span class="op">!</span><span class="op">=</span> <span class="ident">ptr::null_mut</span>() { |
| <span class="ident">raw::TEE_FreeOperation</span>(<span class="self">self</span>.<span class="ident">handle</span>()); |
| } |
| <span class="ident">Box::from_raw</span>(<span class="self">self</span>.<span class="ident">raw</span>); |
| } |
| } |
| } |
| |
| <span class="doccomment">/// A trait for a crypto operation to return its handle.</span> |
| <span class="kw">pub</span> <span class="kw">trait</span> <span class="ident">OpHandle</span> { |
| <span class="doccomment">/// Return the handle of an operation.</span> |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span>; |
| } |
| |
| <span class="doccomment">/// An operation for digest the message.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">Digest</span>(<span class="ident">OperationHandle</span>); |
| |
| <span class="kw">impl</span> <span class="ident">Digest</span> { |
| <span class="doccomment">/// Accumulate message data for hashing. The message does not have to be block aligned.</span> |
| <span class="doccomment">/// Subsequent calls to this function are possible. The operation may be in either</span> |
| <span class="doccomment">/// initial or active state and becomes active.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `chunk`: Chunk of data to be hashed</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the operation is not allocated with valid algorithms.</span> |
| <span class="doccomment">/// 2) if input data exceeds maximum length for algorithm.</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">update</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">chunk</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) { |
| <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_DigestUpdate</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">chunk</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, <span class="ident">chunk</span>.<span class="ident">len</span>()); |
| } |
| } |
| |
| <span class="doccomment">/// Finalize the message digest operation and produces the message hash. Afterwards the</span> |
| <span class="doccomment">/// Message Digest operation is reset to initial state and can be reused.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `chunk`: Last chunk of data to be hashed.</span> |
| <span class="doccomment">/// 2) `hash`: Output buffer filled with the message hash. This buffer should be large enough to</span> |
| <span class="doccomment">/// hold the hash message. The real used size is returned by this function.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// let chunk = [0u8;8];</span> |
| <span class="doccomment">/// let chunk = [1u8;8];</span> |
| <span class="doccomment">/// let hash = [0u8;32];</span> |
| <span class="doccomment">/// match Digest::allocate(AlgorithmId::Sha256) {</span> |
| <span class="doccomment">/// Ok(operation) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// operation.update(&chunk1);</span> |
| <span class="doccomment">/// match operation.do_final(&chunk2, hash) {</span> |
| <span class="doccomment">/// Ok(hash_len) => {</span> |
| <span class="doccomment">/// // ...</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If the `hash` is too small. Operation is not finalized for this error.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">/// 1) If the operation is not allocated with valid algorithms.</span> |
| <span class="doccomment">/// 2) if input data exceeds maximum length for algorithm.</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="comment">//hash size is dynamic changed so we returned it's updated size</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">do_final</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">chunk</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], <span class="ident">hash</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">usize</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">hash_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">hash</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_DigestDoFinal</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">chunk</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">chunk</span>.<span class="ident">len</span>(), |
| <span class="ident">hash</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">hash_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">hash_size</span>), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Create a Digest operation without any specific algorithm or other data.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">null</span>() <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span>(<span class="ident">OperationHandle::null</span>()) |
| } |
| |
| <span class="doccomment">/// Allocate a new cryptographic operation and sets the mode and algorithm type.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `algo`: One of the algorithms that support Digest as listed in</span> |
| <span class="doccomment">/// [AlgorithmId](AlgorithmId).</span> |
| <span class="doccomment">/// 2) `max_key_size`: The maximum key sizes of different algorithms as defined in</span> |
| <span class="doccomment">/// [TransientObjectType](../object/enum.TransientObjectType.html).</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// match Digest::allocate(AlgorithmId::Sha256) {</span> |
| <span class="doccomment">/// Ok(operation) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// // ...</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `OutOfMemory`: If not enough resources are available to allocate the object handle.</span> |
| <span class="doccomment">/// 2) `NotSupported`: If the key size is not supported or the object type is not supported.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the Implementation detects any error associated with this function which is not</span> |
| <span class="doccomment">/// explicitly associated with a defined return code for this function.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">allocate</span>(<span class="ident">algo</span>: <span class="ident">AlgorithmId</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="self">Self</span><span class="op">></span> { |
| <span class="kw">match</span> <span class="ident">OperationHandle::allocate</span>(<span class="ident">algo</span>, <span class="ident">OperationMode::Digest</span>, <span class="number">0</span>) { |
| <span class="prelude-val">Ok</span>(<span class="ident">handle</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="self">Self</span>(<span class="ident">handle</span>)), |
| <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">e</span>), |
| } |
| } |
| |
| <span class="doccomment">/// Return the characteristics of a Digest operation.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// match Digest::allocate(AlgorithmId::Md5, 128) {</span> |
| <span class="doccomment">/// Ok(operation) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// let info = operation.info();</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">/// 1) If the operation is not a valid opened operation.</span> |
| <span class="doccomment">/// 2) if the Implementation detecs any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationInfo</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info</span>() |
| } |
| |
| <span class="doccomment">/// Return the characteristics of a Digest operation with multiple keys.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `info_buf`: The buffer is supposed to save multiple keys, and its size should be large enough before passed in.</span> |
| <span class="doccomment">/// The number of keys about this operation can be calculated as: OperationInfoMultiple::size -</span> |
| <span class="doccomment">/// size_of([OperationInfoMultiple](OperationInfoMultiple)) / size_of ( raw::TEE_OperationInfoKey)+1.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// match Digest::allocate(AlgorithmId::Md5, 128) {</span> |
| <span class="doccomment">/// Ok(operation) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// let mut buffer = [0u32, 12];</span> |
| <span class="doccomment">/// match operation.info_multiple(&mut buffer) {</span> |
| <span class="doccomment">/// Ok(info_multiple) => {</span> |
| <span class="doccomment">/// // ...</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors:</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If the `info_buf` is not large enough to hold an</span> |
| <span class="doccomment">/// [OperationInfoMultiple](OperationInfoMultiple) and the corresponding keys.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics:</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If operation is not a valid opened object.</span> |
| <span class="doccomment">/// 2) If the Implementation detects any other error.</span> |
| <span class="comment">// Here the multiple info total size is not sure</span> |
| <span class="comment">// Passed in array is supposed to provide enough size for this struct</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info_multiple</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">info_buf</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">OperationInfoMultiple</span><span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info_multiple</span>(<span class="ident">info_buf</span>) |
| } |
| |
| <span class="doccomment">/// Reset the operation state to the state after initial [allocate](Digest::allocate) with the</span> |
| <span class="doccomment">/// add addition of any keys which were configured subsequent to this so that current operation</span> |
| <span class="doccomment">/// can be reused with the same keys.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If operation is not a valid opened object.</span> |
| <span class="doccomment">/// 2) If the key has not been set yet.</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">reset</span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">reset</span>() |
| } |
| |
| <span class="doccomment">/// Copy an operation state to another operation. This also copies the key material associated</span> |
| <span class="doccomment">/// with the source operation.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `src`: the source operation.</span> |
| <span class="doccomment">/// 1.1) If `src` has no key programmed, then the key of this operation is cleared. If there is a key</span> |
| <span class="doccomment">/// programmed in srcOperation, then the maximum key size of current SHALL be greater than or</span> |
| <span class="doccomment">/// equal to the actual key size of src.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// match Digest::allocate(AlgorithmId::Sha256) {</span> |
| <span class="doccomment">/// Ok(operation) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// match Digest::allocate(AlgorithmId::Sha256) {</span> |
| <span class="doccomment">/// Ok(operation2) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// // ...</span> |
| <span class="doccomment">/// operation.copy(operation2);</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the operation or source operation is not a valid opened operation.</span> |
| <span class="doccomment">/// 2) If the alogirhtm or mode differe in two perations.</span> |
| <span class="doccomment">/// 3) If `src` has akey and its size is greater than the maximum key size of the operation.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">copy</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">OpHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span><span class="ident">T</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">copy</span>(<span class="ident">src</span>) |
| } |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OpHandle</span> <span class="kw">for</span> <span class="ident">Digest</span> { |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">handle</span>() |
| } |
| } |
| |
| <span class="doccomment">/// An operation for conducting symmetric cipher encryption / decryption.</span> |
| <span class="doccomment">/// This operation defines the way to perform symmetric cipher operations, such as AES.</span> |
| <span class="doccomment">/// They cover both block ciphers and stream ciphers.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">Cipher</span>(<span class="ident">OperationHandle</span>); |
| |
| <span class="kw">impl</span> <span class="ident">Cipher</span> { |
| <span class="doccomment">/// Start the symmetric cipher operation. The function should be called after the</span> |
| <span class="doccomment">/// [set_key](Cipher::set_key) or [set_key_2](Cipher::set_key_2).</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// After called, if the operation is in active state, it is reset and then initialized.</span> |
| <span class="doccomment">/// If the operation is in initial state, it is moved to active state.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `iv`: buffer contains the operation Initialization Vector, which is used for:</span> |
| <span class="doccomment">/// 1.1) [AesCbcNopad](AlgorithmId::AesCbcNopad): IV;</span> |
| <span class="doccomment">/// 1.2) [AesCtr](AlgorithmId::AesCtr): Initial Counter Value;</span> |
| <span class="doccomment">/// 1.3) [AesCts](AlgorithmId::AesCts): IV;</span> |
| <span class="doccomment">/// 1.4) [AesXts](AlgorithmId::AesXts): Tweak Value;</span> |
| <span class="doccomment">/// 1.5) [AesCcm](AlgorithmId::AesCcm): Nonce Value;</span> |
| <span class="doccomment">/// 1.6) [AesGcm](AlgorithmId::AesGcm): Nonce Value;</span> |
| <span class="doccomment">/// 1.7) [AesCbcNopad](AlgorithmId::AesCbcNopad): IV.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `Cipher`.</span> |
| <span class="doccomment">/// 2) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 3) If the IV does not have the length required by the algorithm.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">init</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">iv</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) { |
| <span class="kw">unsafe</span> { <span class="ident">raw::TEE_CipherInit</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">iv</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, <span class="ident">iv</span>.<span class="ident">len</span>()) }; |
| } |
| |
| <span class="doccomment">/// Encrypt or decrypt the source data.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// Input data does not have to be a multiple of block size. Subsequent calls to this function are possible.</span> |
| <span class="doccomment">/// Unless one or more calls of this function have supplied sufficient input data, no output is generated.</span> |
| <span class="doccomment">/// The function should be called after the [init](Cipher::init).</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `src`: Input data buffer to be encrypted or decrypted.</span> |
| <span class="doccomment">/// 2) `dest`: Output buffer.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// let iv = [0u8, 16];</span> |
| <span class="doccomment">/// let key = [0u8, 16];</span> |
| <span class="doccomment">/// let src = [1u8; 4096];</span> |
| <span class="doccomment">/// let mut dest = [0u8; 4096];</span> |
| <span class="doccomment">/// match Cipher::allocate(AlgorithmId::AesCtr, 128) {</span> |
| <span class="doccomment">/// Ok(operation) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// match TransientObject::allocate(TransientObjectType::Aes, 128) {</span> |
| <span class="doccomment">/// Ok(object) =></span> |
| <span class="doccomment">/// {</span> |
| <span class="doccomment">/// let attr = AttributeMemref::from_ref(AttributeId::SecretValue, &key);</span> |
| <span class="doccomment">/// object.populate(&[attr.into()])?;</span> |
| <span class="doccomment">/// operation.set_key(&object)?;</span> |
| <span class="doccomment">/// operation.init(&iv);</span> |
| <span class="doccomment">/// operation.update(&src, &mut dest)?;</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If the output buffer is not large enough to contain the output.</span> |
| <span class="doccomment">/// In this case, the input is not fed into the algorithm.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `Cipher`.</span> |
| <span class="doccomment">/// 2) If the function is called before [init](Cipher::init) or after</span> |
| <span class="doccomment">/// [do_final](Cipher::do_final).</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">update</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], <span class="ident">dest</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">usize</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">dest_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">dest</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_CipherUpdate</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">src</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">src</span>.<span class="ident">len</span>(), |
| <span class="ident">dest</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">dest_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> { |
| <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">dest_size</span> <span class="kw">as</span> <span class="ident">usize</span>); |
| } |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Finalize the cipher operation, processing data that has not been processed by previous calls</span> |
| <span class="doccomment">/// to [update](Cipher::update) as well as data supplied in `src`. The operation handle can be reused or re-initialized.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `src`: Input data buffer to be encrypted or decrypted.</span> |
| <span class="doccomment">/// 2) `dest`: Output buffer.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If the output buffer is not large enough to contain the output.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `Cipher`.</span> |
| <span class="doccomment">/// 2) If the function is called before [init](Cipher::init).</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">do_final</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], <span class="ident">dest</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">usize</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">dest_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">dest</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_CipherDoFinal</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">src</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">src</span>.<span class="ident">len</span>(), |
| <span class="ident">dest</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">dest_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">dest_size</span> <span class="kw">as</span> <span class="ident">usize</span>), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Create a Cipher operation without any specific algorithm or other data.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">null</span>() <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span>(<span class="ident">OperationHandle::null</span>()) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::allocate](Digest::allocate).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">allocate</span>(<span class="ident">algo</span>: <span class="ident">AlgorithmId</span>, <span class="ident">mode</span>: <span class="ident">OperationMode</span>, <span class="ident">max_key_size</span>: <span class="ident">usize</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="self">Self</span><span class="op">></span> { |
| <span class="kw">match</span> <span class="ident">OperationHandle::allocate</span>(<span class="ident">algo</span>, <span class="ident">mode</span>, <span class="ident">max_key_size</span>) { |
| <span class="prelude-val">Ok</span>(<span class="ident">handle</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="self">Self</span>(<span class="ident">handle</span>)), |
| <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">e</span>), |
| } |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info](Digest::info).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationInfo</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info</span>() |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info_multiple](Digest::info_multiple).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info_multiple</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">info_buf</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">OperationInfoMultiple</span><span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info_multiple</span>(<span class="ident">info_buf</span>) |
| } |
| |
| <span class="doccomment">/// Program the key of Digest operation. That ids, it associates the operation with a key.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `object`: The object can either be a [Transient](../object/struct.TransientObject.html)</span> |
| <span class="doccomment">/// or [Persistent](../object/struct.PersistentObject.html). The key material is copied from</span> |
| <span class="doccomment">/// the key object handle into the operation. After the key has been set, there is no longer</span> |
| <span class="doccomment">/// any link between the operation and the key object. The object handle can be closed or reset</span> |
| <span class="doccomment">/// and this will not affect the operation. This copied material exists until the operation is</span> |
| <span class="doccomment">/// freed or another key is set into the operation.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `CorruptObject`: If the object is corrupt. The object handle is closed.</span> |
| <span class="doccomment">/// 2) `StorageNotAvailable`: If the object is stored in a storage area which is</span> |
| <span class="doccomment">/// currently inaccessible.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If operation is not a valid opened object.</span> |
| <span class="doccomment">/// 2) If object is not null and is not a valid key object.</span> |
| <span class="doccomment">/// 3) If object is not initialized.</span> |
| <span class="doccomment">/// 4) If the operation expect two keys as [AesXts](AlgorithmId::AesXts).</span> |
| <span class="doccomment">/// 5) If the type, size, or usage of object is not compatible with the algorithm, mode, or size of the operation.</span> |
| <span class="doccomment">/// 6) If operation is not in initial state.</span> |
| <span class="doccomment">/// 7) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 8) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">set_key</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">ObjHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">object</span>: <span class="kw-2">&</span><span class="ident">T</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">set_key</span>(<span class="ident">object</span>) |
| } |
| |
| <span class="doccomment">/// Initialize an expisting operation with two keys for [AesXts](AlgorithmId::AesXts).</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters:</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// object1 and object2 SHALL both be non-NULL or both NULL. object1 and object2 SHALL NOT refer to keys with</span> |
| <span class="doccomment">/// bitwise identical [SecretValue](../object/enum.AttributeId.html#variant.SecretValue) attributes.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `CorruptObject`: If the object1 is corrupt. The object handle is closed.</span> |
| <span class="doccomment">/// 2) `CorruptObject2`: If the object2 is corrupt. The object handle is closed.</span> |
| <span class="doccomment">/// 3) `StorageNotAvailable`: If the object1 is stored in a storage area which is</span> |
| <span class="doccomment">/// currently inaccessible.</span> |
| <span class="doccomment">/// 4) `StorageNotAvailable2`: If the object2 is stored in a storage area which is</span> |
| <span class="doccomment">/// currently inaccessible.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If operation is not a valid opened object.</span> |
| <span class="doccomment">/// 2) If object1 and object2 are not both null and object1 or object2 or both are not a valid key object.</span> |
| <span class="doccomment">/// 3) If object1 or object2 is not initialized.</span> |
| <span class="doccomment">/// 4) If the operation algorithm is not [AesXts](AlgorithmId::AesXts).</span> |
| <span class="doccomment">/// 5) If the type, size, or usage of any object is not compatible with the algorithm, mode, or size of the operation.</span> |
| <span class="doccomment">/// 6) If operation is not in initial state.</span> |
| <span class="doccomment">/// 7) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 8) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">set_key_2</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">ObjHandle</span>, <span class="ident">D</span>: <span class="ident">ObjHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">object1</span>: <span class="kw-2">&</span><span class="ident">T</span>, <span class="ident">object2</span>: <span class="kw-2">&</span><span class="ident">D</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_SetOperationKey2</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">object1</span>.<span class="ident">handle</span>(), <span class="ident">object2</span>.<span class="ident">handle</span>()) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="kw">return</span> <span class="prelude-val">Ok</span>(()), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::copy](Digest::copy).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">copy</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">OpHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span><span class="ident">T</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">copy</span>(<span class="ident">src</span>) |
| } |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OpHandle</span> <span class="kw">for</span> <span class="ident">Cipher</span> { |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">handle</span>() |
| } |
| } |
| |
| <span class="doccomment">/// An operation for performing MAC (Message Authentication Code) operations, such as `HMAC`</span> |
| <span class="doccomment">/// or `AES-CMAC` operations. This operation is not used for Authenticated Encryption algorithms,</span> |
| <span class="doccomment">/// which SHALL use the functions defined in [AE](AE).</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">Mac</span>(<span class="ident">OperationHandle</span>); |
| |
| <span class="kw">impl</span> <span class="ident">Mac</span> { |
| <span class="doccomment">/// Initialize a MAC opeartion. The The function should be called after the</span> |
| <span class="doccomment">/// [set_key](Mac::set_key).</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `iv`: Input buffer containing the operation Initialization Vector, if applicable</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `Mac`.</span> |
| <span class="doccomment">/// 2) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 3) If the Initialization Vector does not have the length required by the algorithm.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">init</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">iv</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) { |
| <span class="kw">unsafe</span> { <span class="ident">raw::TEE_MACInit</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">iv</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, <span class="ident">iv</span>.<span class="ident">len</span>()) }; |
| } |
| |
| <span class="doccomment">/// Accumulate data for a MAC calculation.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// Input data does not have to be a multiple of block size. Subsequent calls to this function are possible.</span> |
| <span class="doccomment">/// Unless one or more calls of this function have supplied sufficient input data, no output is generated.</span> |
| <span class="doccomment">/// The function should be called after the [init](Mac::init).</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `chunk`: Chunk of the message to be MACed.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `Mac`.</span> |
| <span class="doccomment">/// 2) If the function is called before [init](Mac::init) or after</span> |
| <span class="doccomment">/// [compute_final](Mac::compute_final) or after [compare_final](Mac::compare_final).</span> |
| <span class="doccomment">/// 3) If `chunk` excceds maximum length for algorithm.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">update</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">chunk</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) { |
| <span class="kw">unsafe</span> { <span class="ident">raw::TEE_MACUpdate</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">chunk</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, <span class="ident">chunk</span>.<span class="ident">len</span>()) }; |
| } |
| <span class="doccomment">/// Finalize the MAC operation with a last chunk of message, and computes the MAC.</span> |
| <span class="doccomment">/// Afterwards the operation handle can be reused or re-initialized with a new key.</span> |
| <span class="doccomment">/// The operation SHALL be in active state and moves to initial state afterwards.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters:</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// `message`: Input buffer containing a last message chunk to MAC</span> |
| <span class="doccomment">/// `mac`: Output buffer filled with the computed MAC, the size should be allocated enough for</span> |
| <span class="doccomment">/// containing the whole computed MAC</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// let mut key: [u8; 20] = [</span> |
| <span class="doccomment">/// 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,</span> |
| <span class="doccomment">/// 0x36, 0x37, 0x38, 0x39, 0x30,];</span> |
| <span class="doccomment">/// let mut out: [u8; 20] = [0u8; 20];</span> |
| <span class="doccomment">/// match Mac::allocate(AlgorithmId::HmacSha1, key.len() * 8) {</span> |
| <span class="doccomment">/// Err(e) => return Err(e),</span> |
| <span class="doccomment">/// Ok(mac) => {</span> |
| <span class="doccomment">/// match TransientObject::allocate(TransientObjectType::HmacSha1, key.len() * 8) {</span> |
| <span class="doccomment">/// Err(e) => return Err(e),</span> |
| <span class="doccomment">/// Ok(mut key_object) => {</span> |
| <span class="doccomment">/// let attr = Attribute::from_ref(AttributeId::SecretValue, &key);</span> |
| <span class="doccomment">/// key_object.populate(&[attr.into()])?;</span> |
| <span class="doccomment">/// mac.set_key(&key_object)?;</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// mac.init(&[0u8; 0]);</span> |
| <span class="doccomment">/// mac.update(&[0u8; 8]);</span> |
| <span class="doccomment">/// mac.compute_final(&[0u8; 0], &mut out)?;</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If the output buffer is not large enough to contain the output.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `Mac`.</span> |
| <span class="doccomment">/// 2) If the function is called before before [init](Mac::init) or after</span> |
| <span class="doccomment">/// [compute_final](Mac::compute_final) or after [compare_final](Mac::compare_final).</span> |
| <span class="doccomment">/// 3) If input data exceeds maximum length for algorithm.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">compute_final</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">message</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], <span class="ident">mac</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">usize</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">mac_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">mac</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_MACComputeFinal</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">message</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">message</span>.<span class="ident">len</span>(), |
| <span class="ident">mac</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">mac_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="ident">mac_size</span>), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Finalize the MAC operation and compares the MAC with the buffer passed to the function.</span> |
| <span class="doccomment">/// Afterwards the operation handle can be reused or re-initialized with a new key.</span> |
| <span class="doccomment">/// The operation SHALL be in active state and moves to initial state afterwards.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters:</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// `message`: Input buffer containing a last message chunk to MAC</span> |
| <span class="doccomment">/// `mac`: Input buffer containing the MAC to check</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `MacInvald`: If the computed MAC does not correspond to the value passed in `mac`.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `Mac`.</span> |
| <span class="doccomment">/// 2) If operation is not in active state.</span> |
| <span class="doccomment">/// 3) If input data exceeds maximum length for algorithm.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">compare_final</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">message</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], <span class="ident">mac</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_MACCompareFinal</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">message</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">message</span>.<span class="ident">len</span>(), |
| <span class="ident">mac</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">mac</span>.<span class="ident">len</span>(), |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(()), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Create a Mac operation without any specific algorithm or other data.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">null</span>() <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span>(<span class="ident">OperationHandle::null</span>()) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::allocate](Digest::allocate).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">allocate</span>(<span class="ident">algo</span>: <span class="ident">AlgorithmId</span>, <span class="ident">max_key_size</span>: <span class="ident">usize</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="self">Self</span><span class="op">></span> { |
| <span class="kw">match</span> <span class="ident">OperationHandle::allocate</span>(<span class="ident">algo</span>, <span class="ident">OperationMode::Mac</span>, <span class="ident">max_key_size</span>) { |
| <span class="prelude-val">Ok</span>(<span class="ident">handle</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="self">Self</span>(<span class="ident">handle</span>)), |
| <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">e</span>), |
| } |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info](Digest::info).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationInfo</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info</span>() |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info_multiple](Digest::info_multiple).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info_multiple</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">info_buf</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">OperationInfoMultiple</span><span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info_multiple</span>(<span class="ident">info_buf</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::reset](Digest::reset).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">reset</span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">reset</span>() |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Cipher::set_key](Cipher::set_key).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">set_key</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">ObjHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">object</span>: <span class="kw-2">&</span><span class="ident">T</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">set_key</span>(<span class="ident">object</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::copy](Digest::copy).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">copy</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">OpHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span><span class="ident">T</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">copy</span>(<span class="ident">src</span>) |
| } |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OpHandle</span> <span class="kw">for</span> <span class="ident">Mac</span> { |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">handle</span>() |
| } |
| } |
| |
| <span class="doccomment">/// An operation for conducting authenticated encryption / decryption.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">AE</span>(<span class="ident">OperationHandle</span>); |
| |
| <span class="kw">impl</span> <span class="ident">AE</span> { |
| <span class="doccomment">/// Initialize an AE opeartion.</span> |
| <span class="doccomment">/// The operation must be in the initial state and remains in the initial state afterwards.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `nonce`: The peration nonce or IV</span> |
| <span class="doccomment">/// 2) `tag_len`: Size in bits of the tag:</span> |
| <span class="doccomment">/// 2.1) for `AES-GCM`, can be 128, 120, 112, 104, or 96;</span> |
| <span class="doccomment">/// 2.2) for `AES-CCM`, can be 128, 112, 96, 80, 64, 48, or 32.</span> |
| <span class="doccomment">/// 3) `aad_len`: length in bytes of the AAD (Used only for AES-CCM. Ignored for AES-GCM).</span> |
| <span class="doccomment">/// 4) `pay_load_len`: Length in bytes of the payload (Used only for AES-CCM. Ignored for AES-GCM).</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `NotSupported`: If the `tag_len` is not supported by the algorithm.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `AE`.</span> |
| <span class="doccomment">/// 2) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 3) If the nonce length is not compatible with the length required by the algorithm.</span> |
| <span class="doccomment">/// 4) If operation is not in initial state.</span> |
| <span class="doccomment">/// 5) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 6) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">init</span>( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| <span class="ident">nonce</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], |
| <span class="ident">tag_len</span>: <span class="ident">usize</span>, |
| <span class="ident">aad_len</span>: <span class="ident">usize</span>, |
| <span class="ident">pay_load_len</span>: <span class="ident">usize</span>, |
| ) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AEInit</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">nonce</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">nonce</span>.<span class="ident">len</span>(), |
| <span class="ident">tag_len</span> <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">aad_len</span>, |
| <span class="ident">pay_load_len</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="kw">return</span> <span class="prelude-val">Ok</span>(()), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Feed a new chunk of Additional Authentication Data (AAD) to the AE operation.</span> |
| <span class="doccomment">/// Subsequent calls to this function are possible.</span> |
| <span class="doccomment">/// The operation SHALL be in initial state and remains in initial state afterwards.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `aad_data`: Input buffer containing the chunk of AAD.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `AE`.</span> |
| <span class="doccomment">/// 2) If the function is called before [init](AE::init) or has been finalized.</span> |
| <span class="doccomment">/// 3) For `AES-CCM`, if the `aad_data.len()` exceeds the requirement.</span> |
| <span class="doccomment">/// 4) If operation is not in initial state.</span> |
| <span class="doccomment">/// 5) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 6) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">update_aad</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">aad_data</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) { |
| <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AEUpdateAAD</span>(<span class="self">self</span>.<span class="ident">handle</span>(), <span class="ident">aad_data</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, <span class="ident">aad_data</span>.<span class="ident">len</span>()) |
| }; |
| } |
| |
| <span class="doccomment">/// Accumulate data for an Authentication Encryption operation.</span> |
| <span class="doccomment">/// Input data does not have to be a multiple of block size. Subsequent calls to this function are possible.</span> |
| <span class="doccomment">/// Unless one or more calls of this function have supplied sufficient input data, no output is generated.</span> |
| <span class="doccomment">/// The buffers `src` and `dest` SHALL be either completely disjoint or equal in their starting positions.</span> |
| <span class="doccomment">/// The operation may be in either initial or active state and enters active state afterwards if `src.len()` != 0.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `src`: Input data buffer to be encrypted or decrypted.</span> |
| <span class="doccomment">/// 2) `dest`: Output buffer.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// `ShortBuffer`: If the output buffer is not large enough to contain the output.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `AE`.</span> |
| <span class="doccomment">/// 2) If the function is called before [init](AE::init) or has been finalized.</span> |
| <span class="doccomment">/// 3) For `AES-CCM`, if the AAD length exceeds the requirement.</span> |
| <span class="doccomment">/// 4) For `AES-CCM`, if the payload length is exceeds the requirement.</span> |
| <span class="doccomment">/// 5) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 6) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">update</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], <span class="ident">dest</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">usize</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">dest_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">dest</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AEUpdate</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">src</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">src</span>.<span class="ident">len</span>(), |
| <span class="ident">dest</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">dest_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> { |
| <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">dest_size</span>); |
| } |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| <span class="doccomment">/// Process data that has not been processed by previous calls to [update](AE::update) as well as data supplied in `src`.</span> |
| <span class="doccomment">/// It completes the AE operation and computes the tag.</span> |
| <span class="doccomment">/// The buffers `src` and `dest` SHALL be either completely disjoint or equal in their starting positions.</span> |
| <span class="doccomment">/// The operation may be in either initial or active state and enters initial state afterwards.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `src`: Reference to final chunk of input data to be encrypted.</span> |
| <span class="doccomment">/// 2) `dest`: Output buffer. Can be omitted if the output is to be discarded, e.g. because it is known to be empty.</span> |
| <span class="doccomment">/// 3) `tag`: Output buffer filled with the computed tag.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// let key = [0xa5u8; 16];</span> |
| <span class="doccomment">/// let nonce = [0x00u8; 16];</span> |
| <span class="doccomment">/// let aad = [0xffu8; 16];</span> |
| <span class="doccomment">/// let clear1 = [0x5au8; 19];</span> |
| <span class="doccomment">/// let clear2 = [0xa5u8; 13];</span> |
| <span class="doccomment">/// let mut ciph1 = [0x00u8; 16];</span> |
| <span class="doccomment">/// let mut ciph2 = [0x00u8; 16];</span> |
| <span class="doccomment">/// let mut tag = [0x00u8; 16];</span> |
| <span class="doccomment">/// match AE::allocate(AlgorithmId::AesCcm, OperationMode::Encrypt, 128) {</span> |
| <span class="doccomment">/// Ok(operation) => {</span> |
| <span class="doccomment">/// match TransientObject::allocate(TransientObjectType::Aes, 128) {</span> |
| <span class="doccomment">/// Ok(key_object) => {</span> |
| <span class="doccomment">/// let attr = Attributememref::from_ref(Attributeid::SecretValue, &key);</span> |
| <span class="doccomment">/// key_object.populat(&[attr.into()])?;</span> |
| <span class="doccomment">/// operation.set_key(&key_object)?;</span> |
| <span class="doccomment">/// operation.init(&nonce, 128, 16, 32)?;</span> |
| <span class="doccomment">/// operation.update_aad(&aad);</span> |
| <span class="doccomment">/// operation.update(&clear1, &mut ciph1)?;</span> |
| <span class="doccomment">/// match operation.encrypt_final(&clear2, &mut ciph2) {</span> |
| <span class="doccomment">/// Ok((_ciph_len, _tag_len)) => {</span> |
| <span class="doccomment">/// // ...</span> |
| <span class="doccomment">/// Ok(()),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// `ShortBuffer`: If the output tag buffer is not large enough to contain the output.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `AE`.</span> |
| <span class="doccomment">/// 2) If the function is called before [init](AE::init) or has been finalized.</span> |
| <span class="doccomment">/// 3) If the required payload length is known but has not been provided.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="comment">// both dest and tag are updated with different size</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">encrypt_final</span>( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| <span class="ident">src</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], |
| <span class="ident">dest</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>], |
| <span class="ident">tag</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>], |
| ) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>(<span class="ident">usize</span>, <span class="ident">usize</span>)<span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">dest_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">dest</span>.<span class="ident">len</span>(); |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">tag_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">tag</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AEEncryptFinal</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">src</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">src</span>.<span class="ident">len</span>(), |
| <span class="ident">dest</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">dest_size</span>, |
| <span class="ident">tag</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">tag_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> { |
| <span class="kw">return</span> <span class="prelude-val">Ok</span>((<span class="ident">dest_size</span>, <span class="ident">tag_size</span>)); |
| } |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Process data that has not been processed by previous calls to [update](AE::update) as well as data supplied in `src`.</span> |
| <span class="doccomment">/// It completes the AE operation and computes the tag.</span> |
| <span class="doccomment">/// The buffers `src` and `dest` SHALL be either completely disjoint or equal in their starting positions.</span> |
| <span class="doccomment">/// The operation may be in either initial or active state and enters initial state afterwards.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `src`: Reference to final chunk of input data to be decrypted.</span> |
| <span class="doccomment">/// 2) `dest`: Output buffer. Can be omitted if the output is to be discarded, e.g. because it is known to be empty.</span> |
| <span class="doccomment">/// 3) `tag`: Input buffer containing the tag to compare.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// `ShortBuffer`: If the output buffer is not large enough to contain the output.</span> |
| <span class="doccomment">/// `MacInvalid`: If the computed tag does not match the supplied tag.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `AE`.</span> |
| <span class="doccomment">/// 2) If the function is called before [init](AE::init) or has been finalized.</span> |
| <span class="doccomment">/// 3) If the required payload length is known but has not been provided.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">decrypt_final</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], <span class="ident">dest</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>], <span class="ident">tag</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">usize</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">dest_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">dest</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AEDecryptFinal</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">src</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">src</span>.<span class="ident">len</span>(), |
| <span class="ident">dest</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">dest_size</span>, |
| <span class="ident">tag</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">tag</span>.<span class="ident">len</span>(), |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> { |
| <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">dest_size</span>); |
| } |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Create an AE operation without any specific algorithm or other data.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">null</span>() <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span>(<span class="ident">OperationHandle::null</span>()) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::allocate](Digest::allocate).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">allocate</span>(<span class="ident">algo</span>: <span class="ident">AlgorithmId</span>, <span class="ident">mode</span>: <span class="ident">OperationMode</span>, <span class="ident">max_key_size</span>: <span class="ident">usize</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="self">Self</span><span class="op">></span> { |
| <span class="kw">match</span> <span class="ident">OperationHandle::allocate</span>(<span class="ident">algo</span>, <span class="ident">mode</span>, <span class="ident">max_key_size</span>) { |
| <span class="prelude-val">Ok</span>(<span class="ident">handle</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="self">Self</span>(<span class="ident">handle</span>)), |
| <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">e</span>), |
| } |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info](Digest::info).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationInfo</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info</span>() |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info_multiple](Digest::info_multiple).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info_multiple</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">info_buf</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">OperationInfoMultiple</span><span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info_multiple</span>(<span class="ident">info_buf</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::reset](Digest::reset).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">reset</span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">reset</span>() |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Cipher::set_key](Cipher::set_key).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">set_key</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">ObjHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">object</span>: <span class="kw-2">&</span><span class="ident">T</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">set_key</span>(<span class="ident">object</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::copy](Digest::copy).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">copy</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">OpHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span><span class="ident">T</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">copy</span>(<span class="ident">src</span>) |
| } |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OpHandle</span> <span class="kw">for</span> <span class="ident">AE</span> { |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">handle</span>() |
| } |
| } |
| |
| <span class="doccomment">/// An operation for conducting asymmetric encryption /decryption or asymmetric sign / verify.</span> |
| <span class="doccomment">/// Note that asymmetric encryption is always “single-stage”,</span> |
| <span class="doccomment">/// which differs from [Cipher](Cipher) which are always “multi-stage”.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">Asymmetric</span>(<span class="ident">OperationHandle</span>); |
| |
| <span class="kw">impl</span> <span class="ident">Asymmetric</span> { |
| <span class="doccomment">/// Encrypt a message.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `params`: Optional operation parameters.</span> |
| <span class="doccomment">/// 2) `src`: Input plaintext buffer.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// let clear = [1u8; 8];</span> |
| <span class="doccomment">/// match TransientObject::allocate(TransientObjectType::RsaKeypair, 256) {</span> |
| <span class="doccomment">/// Ok(key) => {</span> |
| <span class="doccomment">/// key.generate_key(256, &[])?;</span> |
| <span class="doccomment">/// match Asymmetric::allocate(</span> |
| <span class="doccomment">/// AlgorithmId::RsaesPkcs1V15,</span> |
| <span class="doccomment">/// OperationMode::Encrypt,</span> |
| <span class="doccomment">/// 256) {</span> |
| <span class="doccomment">/// Ok(operation) => {</span> |
| <span class="doccomment">/// operation.set_key(&key)?;</span> |
| <span class="doccomment">/// match operation.encrypt(&[], &clear) {</span> |
| <span class="doccomment">/// Ok(ciph_text) => {</span> |
| <span class="doccomment">/// // Get cipher text as a vector</span> |
| <span class="doccomment">/// // ...</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If the output buffer is not large enough to hold the result.</span> |
| <span class="doccomment">/// 2) `BadParameters`: If the length of the input buffer is not consistent with the algorithm or key size.</span> |
| <span class="doccomment">/// 3) `CiphertextInvalid`: If there is an error in the packing used on the ciphertext.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for [Encrypt](OperationMode::Encrypt] of</span> |
| <span class="doccomment">/// `Asymmetric`.</span> |
| <span class="doccomment">/// 2) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="comment">// This function can update output size with short buffer error when buffer is too</span> |
| <span class="comment">// short, and example acipher utilizes this feature!</span> |
| <span class="comment">// Define this function as unsafe because we need to return Ok for short buffer error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">encrypt</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">params</span>: <span class="kw-2">&</span>[<span class="ident">Attribute</span>], <span class="ident">src</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">Vec</span><span class="op"><</span><span class="ident">u8</span><span class="op">></span><span class="op">></span> { |
| <span class="kw">let</span> <span class="ident">p</span>: <span class="ident">Vec</span><span class="op"><</span><span class="ident">raw::TEE_Attribute</span><span class="op">></span> <span class="op">=</span> <span class="ident">params</span>.<span class="ident">iter</span>().<span class="ident">map</span>(<span class="op">|</span><span class="ident">p</span><span class="op">|</span> <span class="ident">p</span>.<span class="ident">raw</span>()).<span class="ident">collect</span>(); |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">res_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="self">self</span>.<span class="ident">info</span>().<span class="ident">key_size</span>() <span class="kw">as</span> <span class="ident">usize</span>; |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">res_vec</span>: <span class="ident">Vec</span><span class="op"><</span><span class="ident">u8</span><span class="op">></span> <span class="op">=</span> <span class="macro">vec!</span>[<span class="number">0u8</span>; <span class="ident">res_size</span> <span class="kw">as</span> <span class="ident">usize</span>]; |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AsymmetricEncrypt</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">p</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">params</span>.<span class="ident">len</span>() <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">src</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">src</span>.<span class="ident">len</span>(), |
| <span class="ident">res_vec</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">res_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> { |
| <span class="ident">res_vec</span>.<span class="ident">truncate</span>(<span class="ident">res_size</span>); |
| <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">res_vec</span>); |
| } |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Decrypt a message.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `params`: Optional operation parameters.</span> |
| <span class="doccomment">/// 2) `src`: Input ciphertext buffer.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If the output buffer is not large enough to hold the result.</span> |
| <span class="doccomment">/// 2) `BadParameters`: If the length of the input buffer is not consistent with the algorithm or key size.</span> |
| <span class="doccomment">/// 3) `CiphertextInvalid`: If there is an error in the packing used on the ciphertext.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for [Decrypt](OperationMode::Decrypt] of</span> |
| <span class="doccomment">/// `Asymmetric`.</span> |
| <span class="doccomment">/// 2) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">decrypt</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">params</span>: <span class="kw-2">&</span>[<span class="ident">Attribute</span>], <span class="ident">src</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">Vec</span><span class="op"><</span><span class="ident">u8</span><span class="op">></span><span class="op">></span> { |
| <span class="kw">let</span> <span class="ident">p</span>: <span class="ident">Vec</span><span class="op"><</span><span class="ident">raw::TEE_Attribute</span><span class="op">></span> <span class="op">=</span> <span class="ident">params</span>.<span class="ident">iter</span>().<span class="ident">map</span>(<span class="op">|</span><span class="ident">p</span><span class="op">|</span> <span class="ident">p</span>.<span class="ident">raw</span>()).<span class="ident">collect</span>(); |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">res_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="self">self</span>.<span class="ident">info</span>().<span class="ident">key_size</span>() <span class="kw">as</span> <span class="ident">usize</span>; |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">res_vec</span>: <span class="ident">Vec</span><span class="op"><</span><span class="ident">u8</span><span class="op">></span> <span class="op">=</span> <span class="macro">vec!</span>[<span class="number">0u8</span>; <span class="ident">res_size</span> <span class="kw">as</span> <span class="ident">usize</span>]; |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AsymmetricDecrypt</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">p</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">params</span>.<span class="ident">len</span>() <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">src</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">src</span>.<span class="ident">len</span>(), |
| <span class="ident">res_vec</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">res_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> { |
| <span class="ident">res_vec</span>.<span class="ident">truncate</span>(<span class="ident">res_size</span> <span class="kw">as</span> <span class="ident">usize</span>); |
| <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">res_vec</span>); |
| } |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Sign a message digest.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `params`: Optional operation parameters.</span> |
| <span class="doccomment">/// 2) `digest`: Input buffer containing the input message digest.</span> |
| <span class="doccomment">/// 3) `signature`: Output buffer written with the signature of the digest.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `ShortBuffer`: If `signature` is not large enough to hold the result.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for [Sign](OperationMode::Sign] of</span> |
| <span class="doccomment">/// `Asymmetric`.</span> |
| <span class="doccomment">/// 2) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 3) If the mode is not set as [Sign](OperationMode::Sign].</span> |
| <span class="doccomment">/// 4) If `digest.len()` is not equal to the hash size of the algorithm.</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">sign_digest</span>( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| <span class="ident">params</span>: <span class="kw-2">&</span>[<span class="ident">Attribute</span>], |
| <span class="ident">digest</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], |
| <span class="ident">signature</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>], |
| ) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">usize</span><span class="op">></span> { |
| <span class="kw">let</span> <span class="ident">p</span>: <span class="ident">Vec</span><span class="op"><</span><span class="ident">raw::TEE_Attribute</span><span class="op">></span> <span class="op">=</span> <span class="ident">params</span>.<span class="ident">iter</span>().<span class="ident">map</span>(<span class="op">|</span><span class="ident">p</span><span class="op">|</span> <span class="ident">p</span>.<span class="ident">raw</span>()).<span class="ident">collect</span>(); |
| <span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">signature_size</span>: <span class="ident">usize</span> <span class="op">=</span> <span class="ident">signature</span>.<span class="ident">len</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AsymmetricSignDigest</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">p</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">params</span>.<span class="ident">len</span>() <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">digest</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">digest</span>.<span class="ident">len</span>(), |
| <span class="ident">signature</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">signature_size</span>, |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> { |
| <span class="kw">return</span> <span class="prelude-val">Ok</span>(<span class="ident">signature_size</span>); |
| } |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Verify a message digest.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `params`: Optional operation parameters.</span> |
| <span class="doccomment">/// 2) `digest`: Input buffer containing the input message digest.</span> |
| <span class="doccomment">/// 3) `signature`: Input buffer containing the signature to verify.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Errors</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `SignatureInvalid`: If the signature is invalid.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for [Verify](OperationMode::Verify] of</span> |
| <span class="doccomment">/// `Asymmetric`.</span> |
| <span class="doccomment">/// 2) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 3) If the mode is not set as [Verify](OperationMode::Verify].</span> |
| <span class="doccomment">/// 4) If `digest.len()` is not equal to the hash size of the algorithm.</span> |
| <span class="doccomment">/// 3) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 4) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">verify_digest</span>( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| <span class="ident">params</span>: <span class="kw-2">&</span>[<span class="ident">Attribute</span>], |
| <span class="ident">digest</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], |
| <span class="ident">signature</span>: <span class="kw-2">&</span>[<span class="ident">u8</span>], |
| ) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="kw">let</span> <span class="ident">p</span>: <span class="ident">Vec</span><span class="op"><</span><span class="ident">raw::TEE_Attribute</span><span class="op">></span> <span class="op">=</span> <span class="ident">params</span>.<span class="ident">iter</span>().<span class="ident">map</span>(<span class="op">|</span><span class="ident">p</span><span class="op">|</span> <span class="ident">p</span>.<span class="ident">raw</span>()).<span class="ident">collect</span>(); |
| <span class="kw">match</span> <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_AsymmetricVerifyDigest</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">p</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">params</span>.<span class="ident">len</span>() <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">digest</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">digest</span>.<span class="ident">len</span>(), |
| <span class="ident">signature</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">signature</span>.<span class="ident">len</span>(), |
| ) |
| } { |
| <span class="ident">raw::TEE_SUCCESS</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(()), |
| <span class="ident">code</span> <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">Error::from_raw_error</span>(<span class="ident">code</span>)), |
| } |
| } |
| |
| <span class="doccomment">/// Create an Asymmetric operation without any specific algorithm or other data.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">null</span>() <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span>(<span class="ident">OperationHandle::null</span>()) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::allocate](Digest::allocate).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">allocate</span>(<span class="ident">algo</span>: <span class="ident">AlgorithmId</span>, <span class="ident">mode</span>: <span class="ident">OperationMode</span>, <span class="ident">max_key_size</span>: <span class="ident">usize</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="self">Self</span><span class="op">></span> { |
| <span class="kw">match</span> <span class="ident">OperationHandle::allocate</span>(<span class="ident">algo</span>, <span class="ident">mode</span>, <span class="ident">max_key_size</span>) { |
| <span class="prelude-val">Ok</span>(<span class="ident">handle</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="self">Self</span>(<span class="ident">handle</span>)), |
| <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">e</span>), |
| } |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info](Digest::info).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationInfo</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info</span>() |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info_multiple](Digest::info_multiple).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info_multiple</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">info_buf</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">OperationInfoMultiple</span><span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info_multiple</span>(<span class="ident">info_buf</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Cipher::set_key](Cipher::set_key).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">set_key</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">ObjHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">object</span>: <span class="kw-2">&</span><span class="ident">T</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">set_key</span>(<span class="ident">object</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::copy](Digest::copy).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">copy</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">OpHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span><span class="ident">T</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">copy</span>(<span class="ident">src</span>) |
| } |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OpHandle</span> <span class="kw">for</span> <span class="ident">Asymmetric</span> { |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">handle</span>() |
| } |
| } |
| |
| <span class="doccomment">/// An operation for derive a shared key object.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">DeriveKey</span>(<span class="ident">OperationHandle</span>); |
| |
| <span class="kw">impl</span> <span class="ident">DeriveKey</span> { |
| <span class="doccomment">/// Take one of the Asymmetric Derivation Operation Algorithm that supports this operation as</span> |
| <span class="doccomment">/// defined in [AlgorithmId](AlgorithmId), and output a key object.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `params`: For algorithm [DhDeriveSharedSecret][AlgorithmId::DhDeriveSharedSecret],</span> |
| <span class="doccomment">/// [DhPublicValue](../object/enum.AttributeId.html#variant.DhPublicValue) is required as</span> |
| <span class="doccomment">/// the passed in attribute.</span> |
| <span class="doccomment">/// 2) `object`: An uninitialized transient object to be filled with the derived key.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// let attr_prime = AttributeMemref::from_ref(AttributeId::DhPrime, &[23u8]);</span> |
| <span class="doccomment">/// let attr_base = AttributeMemref::from_ref(AttributeId::DhBase, &[5u8]);</span> |
| <span class="doccomment">/// let mut public_1 = [0u8; 32];</span> |
| <span class="doccomment">/// match TransientObject::allocate(TransientObjectType::DhKeypair, 256) {</span> |
| <span class="doccomment">/// Ok(key_pair_1) => {</span> |
| <span class="doccomment">/// key_pair_1.generate_key(256, &[attr_prime.into(), attr_base.into()])?;</span> |
| <span class="doccomment">/// key_pair_1.ref_attribute(aTTRIBUTEiD::DhPublicValue, &mut public_1)?;</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// let attr_prime = AttributeMemref::from_ref(AttributeId::DhPrime, &[23u8]);</span> |
| <span class="doccomment">/// let attr_base = AttributeMemref::from_ref(AttributeId::DhBase, &[5u8]);</span> |
| <span class="doccomment">/// match TransientObject::allocate(TransientObjectType::DhKeypair, 256) {</span> |
| <span class="doccomment">/// Ok(key_pair_2) => {</span> |
| <span class="doccomment">/// key_pair_2.generate_key(256, &[attr_prime.into(), attr_base.into()])?;</span> |
| <span class="doccomment">/// match DeriveKey::allocate(AlgorithmId::DhDeriveSharedSecret, 256) {</span> |
| <span class="doccomment">/// Ok(operation) => {</span> |
| <span class="doccomment">/// operation.set_key(&key_pair_2)?;</span> |
| <span class="doccomment">/// match TransientObject::allocate(TransientObjectType::GenericSecret,</span> |
| <span class="doccomment">/// 256) {</span> |
| <span class="doccomment">/// // Derived key is saved as an transient object</span> |
| <span class="doccomment">/// Ok(derived_key) => {</span> |
| <span class="doccomment">/// let attr_public = AttributeMemref::from_ref(AttributeId::DhPublicValue, &public_1);</span> |
| <span class="doccomment">/// operation.derive(&[attr_public.into()], &mut derived_key);</span> |
| <span class="doccomment">/// // ...</span> |
| <span class="doccomment">/// Ok(())</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// Err(e) => Err(e),</span> |
| <span class="doccomment">/// }</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) If the algorithm is not a valid algorithm for `DeriveKey`.</span> |
| <span class="doccomment">/// 2) If the `object` is too small for generated value.</span> |
| <span class="doccomment">/// 3) If no key is programmed in the operation.</span> |
| <span class="doccomment">/// 4) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 5) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">derive</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">params</span>: <span class="kw-2">&</span>[<span class="ident">Attribute</span>], <span class="ident">object</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> <span class="ident">TransientObject</span>) { |
| <span class="kw">let</span> <span class="ident">p</span>: <span class="ident">Vec</span><span class="op"><</span><span class="ident">raw::TEE_Attribute</span><span class="op">></span> <span class="op">=</span> <span class="ident">params</span>.<span class="ident">iter</span>().<span class="ident">map</span>(<span class="op">|</span><span class="ident">p</span><span class="op">|</span> <span class="ident">p</span>.<span class="ident">raw</span>()).<span class="ident">collect</span>(); |
| <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_DeriveKey</span>( |
| <span class="self">self</span>.<span class="ident">handle</span>(), |
| <span class="ident">p</span>.<span class="ident">as_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, |
| <span class="ident">params</span>.<span class="ident">len</span>() <span class="kw">as</span> <span class="ident">u32</span>, |
| <span class="ident">object</span>.<span class="ident">handle</span>(), |
| ) |
| }; |
| } |
| |
| <span class="doccomment">/// Create a DeriveKey operation without any specific algorithm or other data.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">null</span>() <span class="op">-</span><span class="op">></span> <span class="self">Self</span> { |
| <span class="self">Self</span>(<span class="ident">OperationHandle::null</span>()) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::allocate](Digest::allocate).</span> |
| <span class="doccomment">/// Currently only supports [DhDeriveSharedSecret][AlgorithmId::DhDeriveSharedSecret] as</span> |
| <span class="doccomment">/// `algo`.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">allocate</span>(<span class="ident">algo</span>: <span class="ident">AlgorithmId</span>, <span class="ident">max_key_size</span>: <span class="ident">usize</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="self">Self</span><span class="op">></span> { |
| <span class="kw">match</span> <span class="ident">OperationHandle::allocate</span>(<span class="ident">algo</span>, <span class="ident">OperationMode::Derive</span>, <span class="ident">max_key_size</span>) { |
| <span class="prelude-val">Ok</span>(<span class="ident">handle</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Ok</span>(<span class="self">Self</span>(<span class="ident">handle</span>)), |
| <span class="prelude-val">Err</span>(<span class="ident">e</span>) <span class="op">=</span><span class="op">></span> <span class="prelude-val">Err</span>(<span class="ident">e</span>), |
| } |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info](Digest::info).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">OperationInfo</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info</span>() |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::info_multiple](Digest::info_multiple).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">info_multiple</span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">info_buf</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span><span class="ident">OperationInfoMultiple</span><span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">info_multiple</span>(<span class="ident">info_buf</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Cipher::set_key](Cipher::set_key).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">set_key</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">ObjHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="self">self</span>, <span class="ident">object</span>: <span class="kw-2">&</span><span class="ident">T</span>) <span class="op">-</span><span class="op">></span> <span class="prelude-ty">Result</span><span class="op"><</span>()<span class="op">></span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">set_key</span>(<span class="ident">object</span>) |
| } |
| |
| <span class="doccomment">/// Function usage is similar to [Digest::copy](Digest::copy).</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">copy</span><span class="op"><</span><span class="ident">T</span>: <span class="ident">OpHandle</span><span class="op">></span>(<span class="kw-2">&</span><span class="kw-2">mut</span> <span class="self">self</span>, <span class="ident">src</span>: <span class="kw-2">&</span><span class="ident">T</span>) { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">copy</span>(<span class="ident">src</span>) |
| } |
| } |
| |
| <span class="kw">impl</span> <span class="ident">OpHandle</span> <span class="kw">for</span> <span class="ident">DeriveKey</span> { |
| <span class="kw">fn</span> <span class="ident">handle</span>(<span class="kw-2">&</span><span class="self">self</span>) <span class="op">-</span><span class="op">></span> <span class="ident">raw::TEE_OperationHandle</span> { |
| <span class="self">self</span>.<span class="number">0</span>.<span class="ident">handle</span>() |
| } |
| } |
| |
| <span class="doccomment">/// An operation for generating random data.</span> |
| <span class="kw">pub</span> <span class="kw">struct</span> <span class="ident">Random</span>(); |
| |
| <span class="kw">impl</span> <span class="ident">Random</span> { |
| <span class="doccomment">/// Generate random data.</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Parameters</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) `res_buffer`: Reference to generated random data</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Example</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// ```no_run</span> |
| <span class="doccomment">/// let mut res = [0u8;16];</span> |
| <span class="doccomment">/// Random::generate(&mut res);</span> |
| <span class="doccomment">/// ```</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// # Panics</span> |
| <span class="doccomment">///</span> |
| <span class="doccomment">/// 1) Hardware or cryptographic algorithm failure.</span> |
| <span class="doccomment">/// 2) If the Implementation detects any other error.</span> |
| <span class="kw">pub</span> <span class="kw">fn</span> <span class="ident">generate</span>(<span class="ident">res_buffer</span>: <span class="kw-2">&</span><span class="kw-2">mut</span> [<span class="ident">u8</span>]) { |
| <span class="kw">unsafe</span> { |
| <span class="ident">raw::TEE_GenerateRandom</span>(<span class="ident">res_buffer</span>.<span class="ident">as_mut_ptr</span>() <span class="kw">as</span> <span class="kw">_</span>, <span class="ident">res_buffer</span>.<span class="ident">len</span>() <span class="kw">as</span> <span class="kw">_</span>); |
| } |
| } |
| } |
| |
| <span class="doccomment">/// Algorithms that can be allocated as an crypto operation.</span> |
| <span class="attribute">#[<span class="ident">repr</span>(<span class="ident">u32</span>)]</span> |
| <span class="kw">pub</span> <span class="kw">enum</span> <span class="ident">AlgorithmId</span> { |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">AesEcbNopad</span> <span class="op">=</span> <span class="number">0x10000010</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">AesCbcNopad</span> <span class="op">=</span> <span class="number">0x10000110</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">AesCtr</span> <span class="op">=</span> <span class="number">0x10000210</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">AesCts</span> <span class="op">=</span> <span class="number">0x10000310</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">AesXts</span> <span class="op">=</span> <span class="number">0x10000410</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">AesCbcMacNopad</span> <span class="op">=</span> <span class="number">0x30000110</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">AesCbcMacPkcs5</span> <span class="op">=</span> <span class="number">0x30000510</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">AesCmac</span> <span class="op">=</span> <span class="number">0x30000610</span>, |
| <span class="doccomment">/// [AE](AE) supported algorithm.</span> |
| <span class="ident">AesCcm</span> <span class="op">=</span> <span class="number">0x40000710</span>, |
| <span class="doccomment">/// [AE](AE) supported algorithm.</span> |
| <span class="ident">AesGcm</span> <span class="op">=</span> <span class="number">0x40000810</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">DesEcbNopad</span> <span class="op">=</span> <span class="number">0x10000011</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">DesCbcNopad</span> <span class="op">=</span> <span class="number">0x10000111</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">DesCbcMacNopad</span> <span class="op">=</span> <span class="number">0x30000111</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">DesCbcMacPkcs5</span> <span class="op">=</span> <span class="number">0x30000511</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">Des3EcbNopad</span> <span class="op">=</span> <span class="number">0x10000013</span>, |
| <span class="doccomment">/// [Cipher](Cipher) supported algorithm.</span> |
| <span class="ident">Des3CbcNopad</span> <span class="op">=</span> <span class="number">0x10000113</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">Des3CbcMacNopad</span> <span class="op">=</span> <span class="number">0x30000113</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">Des3CbcMacPkcs5</span> <span class="op">=</span> <span class="number">0x30000513</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1V15MD5</span> <span class="op">=</span> <span class="number">0x70001830</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1V15Sha1</span> <span class="op">=</span> <span class="number">0x70002830</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1V15Sha224</span> <span class="op">=</span> <span class="number">0x70003830</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1V15Sha256</span> <span class="op">=</span> <span class="number">0x70004830</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1V15Sha384</span> <span class="op">=</span> <span class="number">0x70005830</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1V15Sha512</span> <span class="op">=</span> <span class="number">0x70006830</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1V15MD5Sha1</span> <span class="op">=</span> <span class="number">0x7000F830</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1PssMgf1Sha1</span> <span class="op">=</span> <span class="number">0x70212930</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1PssMgf1Sha224</span> <span class="op">=</span> <span class="number">0x70313930</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1PssMgf1Sha256</span> <span class="op">=</span> <span class="number">0x70414930</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1PssMgf1Sha384</span> <span class="op">=</span> <span class="number">0x70515930</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">RsassaPkcs1PssMgf1Sha512</span> <span class="op">=</span> <span class="number">0x70616930</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Encrypt](OperationMode::Encrypt) or [Decrypt](OperationMode::Decrypt) mode.</span> |
| <span class="ident">RsaesPkcs1V15</span> <span class="op">=</span> <span class="number">0x60000130</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Encrypt](OperationMode::Encrypt) or [Decrypt](OperationMode::Decrypt) mode.</span> |
| <span class="ident">RsaesPkcs1OAepMgf1Sha1</span> <span class="op">=</span> <span class="number">0x60210230</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Encrypt](OperationMode::Encrypt) or [Decrypt](OperationMode::Decrypt) mode.</span> |
| <span class="ident">RsaesPkcs1OAepMgf1Sha224</span> <span class="op">=</span> <span class="number">0x60310230</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Encrypt](OperationMode::Encrypt) or [Decrypt](OperationMode::Decrypt) mode.</span> |
| <span class="ident">RsaesPkcs1OAepMgf1Sha256</span> <span class="op">=</span> <span class="number">0x60410230</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Encrypt](OperationMode::Encrypt) or [Decrypt](OperationMode::Decrypt) mode.</span> |
| <span class="ident">RsaesPkcs1OAepMgf1Sha384</span> <span class="op">=</span> <span class="number">0x60510230</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Encrypt](OperationMode::Encrypt) or [Decrypt](OperationMode::Decrypt) mode.</span> |
| <span class="ident">RsaesPkcs1OAepMgf1Sha512</span> <span class="op">=</span> <span class="number">0x60610230</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Encrypt](OperationMode::Encrypt) or [Decrypt](OperationMode::Decrypt) mode.</span> |
| <span class="ident">RsaNopad</span> <span class="op">=</span> <span class="number">0x60000030</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">DSASha1</span> <span class="op">=</span> <span class="number">0x70002131</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">DSASha224</span> <span class="op">=</span> <span class="number">0x70003131</span>, |
| <span class="doccomment">/// [Asymmetric](Asymmetric) supported algorithm, can be applied with</span> |
| <span class="doccomment">/// [Sign](OperationMode::Sign) or [Verify](OperationMode::Verify) mode.</span> |
| <span class="ident">DSASha256</span> <span class="op">=</span> <span class="number">0x70004131</span>, |
| <span class="doccomment">/// [DeriveKey](DeriveKey) supported algorithm.</span> |
| <span class="ident">DhDeriveSharedSecret</span> <span class="op">=</span> <span class="number">0x80000032</span>, |
| <span class="doccomment">/// [Digest](Digest) supported algorithm.</span> |
| <span class="ident">Md5</span> <span class="op">=</span> <span class="number">0x50000001</span>, |
| <span class="doccomment">/// [Digest](Digest) supported algorithm.</span> |
| <span class="ident">Sha1</span> <span class="op">=</span> <span class="number">0x50000002</span>, |
| <span class="doccomment">/// [Digest](Digest) supported algorithm.</span> |
| <span class="ident">Sha224</span> <span class="op">=</span> <span class="number">0x50000003</span>, |
| <span class="doccomment">/// [Digest](Digest) supported algorithm.</span> |
| <span class="ident">Sha256</span> <span class="op">=</span> <span class="number">0x50000004</span>, |
| <span class="doccomment">/// [Digest](Digest) supported algorithm.</span> |
| <span class="ident">Sha384</span> <span class="op">=</span> <span class="number">0x50000005</span>, |
| <span class="doccomment">/// [Digest](Digest) supported algorithm.</span> |
| <span class="ident">Sha512</span> <span class="op">=</span> <span class="number">0x50000006</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">Md5Sha1</span> <span class="op">=</span> <span class="number">0x5000000F</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">HmacMd5</span> <span class="op">=</span> <span class="number">0x30000001</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">HmacSha1</span> <span class="op">=</span> <span class="number">0x30000002</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">HmacSha224</span> <span class="op">=</span> <span class="number">0x30000003</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">HmacSha256</span> <span class="op">=</span> <span class="number">0x30000004</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">HmacSha384</span> <span class="op">=</span> <span class="number">0x30000005</span>, |
| <span class="doccomment">/// [Mac](Mac) supported algorithm.</span> |
| <span class="ident">HmacSha512</span> <span class="op">=</span> <span class="number">0x30000006</span>, |
| <span class="doccomment">/// Reserved for GlobalPlatform compliance test applications.</span> |
| <span class="ident">IllegalValue</span> <span class="op">=</span> <span class="number">0xefffffff</span>, |
| } |
| |
| <span class="doccomment">/// This specification defines support for optional cryptographic elements.</span> |
| <span class="attribute">#[<span class="ident">repr</span>(<span class="ident">u32</span>)]</span> |
| <span class="kw">pub</span> <span class="kw">enum</span> <span class="ident">ElementId</span> { |
| <span class="doccomment">/// Where algId fully defines the required support,</span> |
| <span class="doccomment">/// the special value TEE_CRYPTO_ELEMENT_NONE should be used</span> |
| <span class="ident">ElementNone</span> <span class="op">=</span> <span class="number">0x00000000</span>, |
| <span class="doccomment">/// Source: `NIST`, Generic: `Y`, Size: 192 bits</span> |
| <span class="ident">EccCurveNistP192</span> <span class="op">=</span> <span class="number">0x00000001</span>, |
| <span class="doccomment">/// Source: `NIST`, Generic: `Y`, Size: 224 bits</span> |
| <span class="ident">EccCurveNistP224</span> <span class="op">=</span> <span class="number">0x00000002</span>, |
| <span class="doccomment">/// Source: `NIST`, Generic: `Y`, Size: 256 bits</span> |
| <span class="ident">EccCurveNistP256</span> <span class="op">=</span> <span class="number">0x00000003</span>, |
| <span class="doccomment">/// Source: `NIST`, Generic: `Y`, Size: 384 bits</span> |
| <span class="ident">EccCurveNistP384</span> <span class="op">=</span> <span class="number">0x00000004</span>, |
| <span class="doccomment">/// Source: `NIST`, Generic: `Y`, Size: 521 bits</span> |
| <span class="ident">EccCurveNistP521</span> <span class="op">=</span> <span class="number">0x00000005</span>, |
| } |
| </code></pre></div> |
| </section><section id="search" class="content hidden"></section><div id="rustdoc-vars" data-root-path="../../" data-current-crate="optee_utee" data-search-index-js="../../search-index.js" data-search-js="../../search.js"></div> |
| <script src="../../main.js"></script><script src="../../source-script.js"></script><script src="../../source-files.js"></script> |
| </body></html> |