Secure Microservice Support. More...

Typedefs
typedef struct M2MB_SECURE_MS_BUFFER_S *	M2MB_SECURE_MS_BUFFER
	Opaque Handle used for the m2mb_secure_ms_crypto_buffer_* calls.

Enumerations
enum	M2MB_SECURE_MS_IMPORT_TYPE_E { M2MB_SECURE_MS_IMPORT_PsK, M2MB_SECURE_MS_IMPORT_PuK, M2MB_SECURE_MS_IMPORT_PrK, M2MB_SECURE_MS_IMPORT_ECC_DP_P, M2MB_SECURE_MS_IMPORT_ECC_DP_A, M2MB_SECURE_MS_IMPORT_ECC_DP_B, M2MB_SECURE_MS_IMPORT_ECC_DP_G_XY, M2MB_SECURE_MS_IMPORT_ECC_DP_G_X, M2MB_SECURE_MS_IMPORT_ECC_DP_G_Y, M2MB_SECURE_MS_IMPORT_ECC_DP_N, M2MB_SECURE_MS_IMPORT_ECC_DP_H }
	Enumeration representing the type of the parameter that is going to be imported from the secure storage into the given context. More...

Functions
M2MB_RESULT_E	m2mb_secure_ms_crypto_alloc (UINT16 size, M2MB_SECURE_MS_BUFFER *bfr)
	Allocates TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_add_data (UINT8 *data, UINT32 length, M2MB_SECURE_MS_BUFFER bfr, UINT32 out_offset)
	Adds the data to the TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_add_key (UINT8 *key_blob, UINT32 length, M2MB_SECURE_MS_BUFFER bfr, UINT32 out_offset)
	Adds the key (as key_blob) to the TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_add_item (M2MB_SECURE_MS_HANDLE handle, M2MB_SECURE_MS_BUFFER bfr, UINT32 out_offset)
	Adds the secured item data to the TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_md (M2MB_CRYPTO_MD_ALG_E md_info, M2MB_SECURE_MS_BUFFER in_bfr, UINT32 in_offset, UINT32 length, M2MB_SECURE_MS_BUFFER out_bfr, UINT32 out_offset)
	Performs a MD operation on (part of) the TEE buffers. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_final (M2MB_CRYPTO_GEN_CONTEXT ctx, M2MB_SECURE_MS_BUFFER out_bfr, UINT32 out_offset)
	Performs the final operation and adds it to the TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_encrypt (M2MB_SECURE_MS_BUFFER in_bfr, UINT32 in_offset, UINT32 length, M2MB_CRYPTO_GEN_CONTEXT ctx, UINT8 *ivec, M2MB_SECURE_MS_BUFFER out_bfr, UINT32 out_offset)
	Encrypts (part of) the data in the input TEE buffer into the output TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_decrypt (M2MB_SECURE_MS_BUFFER in_bfr, UINT32 in_offset, UINT32 length, M2MB_CRYPTO_GEN_CONTEXT ctx, UINT8 *ivec, M2MB_SECURE_MS_BUFFER out_bfr, UINT32 out_offset)
	Decrypts (part of) the data in the input TEE buffer into the output TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_xor (M2MB_SECURE_MS_BUFFER in_bfr, UINT32 in_offset, UINT32 length, M2MB_SECURE_MS_BUFFER out_bfr, UINT32 out_offset)
	Performs a XOR operation between (part of) the TEE buffers. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_rotate (M2MB_SECURE_MS_BUFFER bfr, UINT32 num_of_bytes)
	Circular shift left of the data in the TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_write (M2MB_SECURE_MS_BUFFER bfr, UINT32 in_offset, UINT32 length, M2MB_SECURE_MS_HANDLE handle)
	Writes (part of) the TEE buffer to the Secure Storage. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_read (M2MB_SECURE_MS_BUFFER bfr, UINT32 offset, UINT32 max_len, UINT8 data, UINT32 act_len)
	Reads the TEE buffer from the Secure Storage. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_find (M2MB_SECURE_MS_BUFFER bfr, char str, UINT32 offset)
	Searches for a string within a TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_free (M2MB_SECURE_MS_BUFFER bfr)
	Free the TEE buffer. More...

M2MB_RESULT_E	m2mb_secure_ms_crypto_import (M2MB_SECURE_MS_HANDLE handle, M2MB_CRYPTO_GEN_CONTEXT ctx, M2MB_SECURE_MS_IMPORT_TYPE_E type)
	Import a stored secured item (e.g. key, domain parameters), into a given context. More...

M2MB_SECURE_MS_ERRNO_E	m2mb_secure_ms_crypto_errno (M2MB_SECURE_MS_BUFFER bfr)
	Return the last error obtained calling Secure MS Crypto functions. More...

Detailed Description

Secure Microservice Support.

m2m/m2m_common/m2mb_inc/m2mb_secure_ms_extend.h

Wrapper APIs for the CryptoLib (m2mb_crypto.h) that uses data from the secure data storage.

Note: Dependencies: m2mb_types.h m2mb_crypto.h m2mb_secure_ms.h

Author: Ian Levine

Date: 12/09/2017

Enumeration Type Documentation

◆ M2MB_SECURE_MS_IMPORT_TYPE_E

enum M2MB_SECURE_MS_IMPORT_TYPE_E

Enumeration representing the type of the parameter that is going to be imported from the secure storage into the given context.

Enumerator
M2MB_SECURE_MS_IMPORT_PsK	Symmetric Key.
M2MB_SECURE_MS_IMPORT_PuK	Public Key.
M2MB_SECURE_MS_IMPORT_PrK	Private Key.
M2MB_SECURE_MS_IMPORT_ECC_DP_P	Prime Number.
M2MB_SECURE_MS_IMPORT_ECC_DP_A	"a" constant in the ECC equation.
M2MB_SECURE_MS_IMPORT_ECC_DP_B	"b" constant in the ECC equation.
M2MB_SECURE_MS_IMPORT_ECC_DP_G_XY	"x"\|"y" coordinate of the base point.
M2MB_SECURE_MS_IMPORT_ECC_DP_G_X	"x" coordinate of the base point.
M2MB_SECURE_MS_IMPORT_ECC_DP_G_Y	"y" coordinate of the base point.
M2MB_SECURE_MS_IMPORT_ECC_DP_N	order of the base point.
M2MB_SECURE_MS_IMPORT_ECC_DP_H	Cofactor, must be <= 4 and preferably equals 1.

Function Documentation

◆ m2mb_secure_ms_crypto_add_data()

M2MB_RESULT_E m2mb_secure_ms_crypto_add_data	(	UINT8 *	data,
		UINT32	length,
		M2MB_SECURE_MS_BUFFER	bfr,
		UINT32	out_offset
	)

Adds the data to the TEE buffer.

Parameters

[in]	data	Data to add.
[in]	length	Data length.
[in]	bfr	The TEE Buffer Handle.
[in]	out_offset	The offset in the TEE Buffer Handle were the data is written.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

int main()
{
  M2MB_SECURE_MS_HANDLE pHandle;
  M2MB_RESULT_E ret  = M2MB_RESULT_SUCCESS;
  UINT32 size = 128;
  UINT8 tempBuff[128] = {0};
  M2MB_CRYPTO_AES_CONTEXT SKeyCtx = NULL;
  
  ret = m2mb_secure_ms_open( &pHandle, M2MB_SYSTEM_FILE_ID, 3, M2MB_SECURE_MS_CREATE );
  
  if( ret == M2MB_RESULT_SUCCESS )
  {
    M2MB_SECURE_MS_BUFFER Bfr;
    UINT8 IVec[M2MB_CRYPTO_AES_IV_SIZE] = { 0 };
   
    ret = m2mb_crypto_aes_init( &SKeyCtx );
    ret = m2mb_secure_ms_crypto_alloc( size, &Bfr );
    ret = m2mb_secure_ms_crypto_add_data( tempBuff, size, Bfr, 0 );
    ret = m2mb_secure_ms_crypto_decrypt( Bfr, 0, size, (M2MB_CRYPTO_GEN_CONTEXT)SKeyCtx, IVec, Bfr, 0 );
 
    if( ret == M2MB_RESULT_SUCCESS )
    {
      ret = m2mb_secure_ms_crypto_write( Bfr, 0, size, pHandle );
    }
    ret = m2mb_secure_ms_crypto_free( Bfr );
  
    ret = m2mb_secure_ms_close( pHandle );
  }
}

◆ m2mb_secure_ms_crypto_add_item()

M2MB_RESULT_E m2mb_secure_ms_crypto_add_item	(	M2MB_SECURE_MS_HANDLE	handle,
		M2MB_SECURE_MS_BUFFER	bfr,
		UINT32	out_offset
	)

Adds the secured item data to the TEE buffer.

This function adds the secured item data to the TEE buffer.

Parameters

[in]	handle	Secure data file handle
[in]	bfr	The TEE Buffer Handle.
[in]	out_offset	The offset in the TEE Buffer Handle were the data from the item is written.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The TEE buffer inherits the properties of item data. If trusted, remain trusted and cannot be read. The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

◆ m2mb_secure_ms_crypto_add_key()

M2MB_RESULT_E m2mb_secure_ms_crypto_add_key	(	UINT8 *	key_blob,
		UINT32	length,
		M2MB_SECURE_MS_BUFFER	bfr,
		UINT32	out_offset
	)

Adds the key (as key_blob) to the TEE buffer.

Uses a dedicated TEE function to export the key from the key_blob and then adds the key to the TEE buffer.

Parameters

[in]	key_blob	A key_blob, either exported by the m2mb_crypto_*_keyblob_export function or created using m2mb_crypto_ecdh_shared_key_derive.
[in]	length	key_blob length.
[in]	bfr	The TEE Buffer Handle.
[in]	out_offset	The offset in the TEE Buffer Handle were the data is written.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

◆ m2mb_secure_ms_crypto_alloc()

M2MB_RESULT_E m2mb_secure_ms_crypto_alloc	(	UINT16	size,
		M2MB_SECURE_MS_BUFFER *	bfr
	)

Allocates TEE buffer.

This function allocates a TEE buffer to be later used by m2mb_secure_ms_crypto_buffer_* functions. The buffer is zero initialized.

Parameters

[in]	size	Buffer size (in bytes) to allocate.
[out]	bfr	Pointer to a handle to be allocated by this function.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

int main()
{
  M2MB_SECURE_MS_HANDLE pHandle;
  M2MB_RESULT_E ret  = M2MB_RESULT_SUCCESS;
  UINT32 size = 128;
  UINT8 tempBuff[128] = {0};
  M2MB_CRYPTO_AES_CONTEXT SKeyCtx = NULL;
  
  ret = m2mb_secure_ms_open( &pHandle, M2MB_SYSTEM_FILE_ID, 3, M2MB_SECURE_MS_CREATE );
  
  if( ret == M2MB_RESULT_SUCCESS )
  {
    M2MB_SECURE_MS_BUFFER Bfr;
    UINT8 IVec[M2MB_CRYPTO_AES_IV_SIZE] = { 0 };
   
    ret = m2mb_crypto_aes_init( &SKeyCtx );
    ret = m2mb_secure_ms_crypto_alloc( size, &Bfr );
    ret = m2mb_secure_ms_crypto_add_data( tempBuff, size, Bfr, 0 );
    ret = m2mb_secure_ms_crypto_decrypt( Bfr, 0, size, (M2MB_CRYPTO_GEN_CONTEXT)SKeyCtx, IVec, Bfr, 0 );
 
    if( ret == M2MB_RESULT_SUCCESS )
    {
      ret = m2mb_secure_ms_crypto_write( Bfr, 0, size, pHandle );
    }
    ret = m2mb_secure_ms_crypto_free( Bfr );
  
    ret = m2mb_secure_ms_close( pHandle );
  }
}

◆ m2mb_secure_ms_crypto_decrypt()

M2MB_RESULT_E m2mb_secure_ms_crypto_decrypt	(	M2MB_SECURE_MS_BUFFER	in_bfr,
		UINT32	in_offset,
		UINT32	length,
		M2MB_CRYPTO_GEN_CONTEXT	ctx,
		UINT8 *	ivec,
		M2MB_SECURE_MS_BUFFER	out_bfr,
		UINT32	out_offset
	)

Decrypts (part of) the data in the input TEE buffer into the output TEE buffer.

Parameters

[in]	in_bfr	The TEE input Buffer Handle.
[in]	in_offset	Offset (in bytes) in the input buffer.
[in]	length	length (in bytes) of the data to decrypt.
[in]	ctx	A context previously initialized by m2mb_crypto_aes_init() or m2mb_crypto_des_init().
[in]	ivec	Initialization vector.
[in]	out_bfr	The TEE output Buffer Handle.
[in]	out_offset	Offset (in bytes) in the output buffer.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

int main()
{
  M2MB_SECURE_MS_HANDLE pHandle;
  M2MB_RESULT_E ret  = M2MB_RESULT_SUCCESS;
  UINT32 size = 128;
  UINT8 tempBuff[128] = {0};
  M2MB_CRYPTO_AES_CONTEXT SKeyCtx = NULL;
  
  ret = m2mb_secure_ms_open( &pHandle, M2MB_SYSTEM_FILE_ID, 3, M2MB_SECURE_MS_CREATE );
  
  if( ret == M2MB_RESULT_SUCCESS )
  {
    M2MB_SECURE_MS_BUFFER Bfr;
    UINT8 IVec[M2MB_CRYPTO_AES_IV_SIZE] = { 0 };
   
    ret = m2mb_crypto_aes_init( &SKeyCtx );
    ret = m2mb_secure_ms_crypto_alloc( size, &Bfr );
    ret = m2mb_secure_ms_crypto_add_data( tempBuff, size, Bfr, 0 );
    ret = m2mb_secure_ms_crypto_decrypt( Bfr, 0, size, (M2MB_CRYPTO_GEN_CONTEXT)SKeyCtx, IVec, Bfr, 0 );
 
    if( ret == M2MB_RESULT_SUCCESS )
    {
      ret = m2mb_secure_ms_crypto_write( Bfr, 0, size, pHandle );
    }
    ret = m2mb_secure_ms_crypto_free( Bfr );
  
    ret = m2mb_secure_ms_close( pHandle );
  }
}

◆ m2mb_secure_ms_crypto_encrypt()

M2MB_RESULT_E m2mb_secure_ms_crypto_encrypt	(	M2MB_SECURE_MS_BUFFER	in_bfr,
		UINT32	in_offset,
		UINT32	length,
		M2MB_CRYPTO_GEN_CONTEXT	ctx,
		UINT8 *	ivec,
		M2MB_SECURE_MS_BUFFER	out_bfr,
		UINT32	out_offset
	)

Encrypts (part of) the data in the input TEE buffer into the output TEE buffer.

Parameters

[in]	in_bfr	The TEE input Buffer Handle.
[in]	in_offset	Offset (in bytes) in the input buffer.
[in]	length	length (in bytes) of the data to encrypt.
[in]	ctx	A context previously initialized by m2mb_crypto_aes_init() or m2mb_crypto_des_init().
[in]	ivec	Initialization vector.
[in]	out_bfr	The TEE output Buffer Handle.
[in]	out_offset	Offset (in bytes) in the output buffer.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

◆ m2mb_secure_ms_crypto_errno()

M2MB_SECURE_MS_ERRNO_E m2mb_secure_ms_crypto_errno ( M2MB_SECURE_MS_BUFFER bfr )

Return the last error obtained calling Secure MS Crypto functions.

This function return last specific error number.

Parameters

[in] bfr The TEE Buffer Handle.

Returns: The error code of the last operation.

Note

Example

◆ m2mb_secure_ms_crypto_final()

M2MB_RESULT_E m2mb_secure_ms_crypto_final	(	M2MB_CRYPTO_GEN_CONTEXT	ctx,
		M2MB_SECURE_MS_BUFFER	out_bfr,
		UINT32	out_offset
	)

Performs the final operation and adds it to the TEE buffer.

This function performs the MD/CMAC/HMAC final operation and add the result to the TEE buffer.

Parameters

[in]	ctx	A context previously initialized by m2mb_crypto_*_init().
[in]	out_bfr	The TEE Buffer Handle.
[in]	out_offset	Offset (in bytes) in the TEE buffer.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

◆ m2mb_secure_ms_crypto_find()

M2MB_RESULT_E m2mb_secure_ms_crypto_find	(	M2MB_SECURE_MS_BUFFER	bfr,
		char *	str,
		UINT32 *	offset
	)

Searches for a string within a TEE buffer.

This function searches for a string within a TEE buffer. this is useful for decoding an *.INI file or an XML file.

Parameters

[in]	bfr	The TEE Buffer Handle.
[in]	str	String to search for.
[in,out]	offset	In - Offset from where to start the search. Out - Offset of the string in the buffer (0 if not found).

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

int main()
{
       INT32  fd;
       UINT32 size;
       void   *p;
       M2MB_SECURE_MS_BUFFER      bfr;
       char   str[80];
       UINT32 offset = 0;
       char   value[80];
 
       fd = m2mb_fs_open("Test.txt", M2MB_O_RDONLY);
       if (fd < 0) return;
 
       size = m2mb_fs_lseek(fd, 0, M2MB_SEEK_END);
       m2mb_fs_lseek(fd, 0, M2MB_SEEK_SET);
       p = m2mb_os_malloc(size);
       if (!p) return;
       if ((INT32)size > m2mb_fs_read(fd, p, size)) return;
       m2mb_fs_close(fd);
       
       if (M2MB_RESULT_SUCCESS != m2mb_secure_ms_crypto_alloc(size, &bfr)) return;
       if (M2MB_RESULT_SUCCESS != m2mb_secure_ms_crypto_add_data((UINT8 *)p, size, bfr, 0)) return;
       m2mb_os_free(p);
 
       strcpy( str, "test" );
       m2mb_secure_ms_crypto_find(bfr, str, &offset);
 
       m2mb_secure_ms_crypto_free(bfr);
}

◆ m2mb_secure_ms_crypto_free()

M2MB_RESULT_E m2mb_secure_ms_crypto_free ( M2MB_SECURE_MS_BUFFER bfr )

Free the TEE buffer.

This function De-allocates the TEE buffer.

Parameters

[in] bfr The TEE Buffer Handle.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

int main()
{
  M2MB_SECURE_MS_HANDLE pHandle;
  M2MB_RESULT_E ret  = M2MB_RESULT_SUCCESS;
  UINT32 size = 128;
  UINT8 tempBuff[128] = {0};
  M2MB_CRYPTO_AES_CONTEXT SKeyCtx = NULL;
  
  ret = m2mb_secure_ms_open( &pHandle, M2MB_SYSTEM_FILE_ID, 3, M2MB_SECURE_MS_CREATE );
  
  if( ret == M2MB_RESULT_SUCCESS )
  {
    M2MB_SECURE_MS_BUFFER Bfr;
    UINT8 IVec[M2MB_CRYPTO_AES_IV_SIZE] = { 0 };
   
    ret = m2mb_crypto_aes_init( &SKeyCtx );
    ret = m2mb_secure_ms_crypto_alloc( size, &Bfr );
    ret = m2mb_secure_ms_crypto_add_data( tempBuff, size, Bfr, 0 );
    ret = m2mb_secure_ms_crypto_decrypt( Bfr, 0, size, (M2MB_CRYPTO_GEN_CONTEXT)SKeyCtx, IVec, Bfr, 0 );
 
    if( ret == M2MB_RESULT_SUCCESS )
    {
      ret = m2mb_secure_ms_crypto_write( Bfr, 0, size, pHandle );
    }
    ret = m2mb_secure_ms_crypto_free( Bfr );
  
    ret = m2mb_secure_ms_close( pHandle );
  }
}

◆ m2mb_secure_ms_crypto_import()

M2MB_RESULT_E m2mb_secure_ms_crypto_import	(	M2MB_SECURE_MS_HANDLE	handle,
		M2MB_CRYPTO_GEN_CONTEXT	ctx,
		M2MB_SECURE_MS_IMPORT_TYPE_E	type
	)

Import a stored secured item (e.g. key, domain parameters), into a given context.

This function is a complementary function for the m2mb_crypto_* functions. It imports a stored secured item identified by its handle (e.g. key, domain parameters) to a given context.

Parameters

[in]	handle	Secure data file handle (stored secure item)
[in]	ctx	A context previously initialized by m2mb_crypto_*_init().
[in]	type	The type of the item to import (M2MB_SECURE_MS_IMPORT_TYPE_E).

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_errno().

Example

int main()
{
  M2MB_SECURE_MS_HANDLE pHandle;
  M2MB_RESULT_E ret  = M2MB_RESULT_SUCCESS;
  M2MB_CRYPTO_AES_CONTEXT aesCtx = NULL;
  
  ret = m2mb_crypto_aes_init( &aesCtx );
  if ( ret == M2MB_RESULT_SUCCESS )
  {
    ret = m2mb_secure_ms_open( &pHandle, M2MB_SYSTEM_FILE_ID, 3, M2MB_SECURE_MS_READ | M2MB_SECURE_MS_ADMIN );
    
    if( ret == M2MB_RESULT_SUCCESS )
    {
        ret  = m2mb_secure_ms_crypto_import( pHandle,(M2MB_CRYPTO_GEN_CONTEXT)aesCtx, M2MB_SECURE_MS_IMPORT_PsK);
      
        m2mb_secure_ms_close( pHandle );
    }
  }
}

◆ m2mb_secure_ms_crypto_md()

M2MB_RESULT_E m2mb_secure_ms_crypto_md	(	M2MB_CRYPTO_MD_ALG_E	md_info,
		M2MB_SECURE_MS_BUFFER	in_bfr,
		UINT32	in_offset,
		UINT32	length,
		M2MB_SECURE_MS_BUFFER	out_bfr,
		UINT32	out_offset
	)

Performs a MD operation on (part of) the TEE buffers.

This function performs a Message Digest operation on (part of) the TEE input buffer and stores the MD result in the output buffer.

Parameters

[in]	md_info	The message digest method to use.
[in]	in_bfr	The TEE 1st Buffer Handle.
[in]	in_offset	Offset (in bytes) in the 1st buffer.
[in]	length	length (in bytes) of the data to be digested.
[in,out]	out_bfr	The TEE 2nd Buffer Handle. For the XOR operation this is input and output, for all the rest only output.
[in]	out_offset	Offset (in bytes) in the 2nd buffer.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

◆ m2mb_secure_ms_crypto_read()

M2MB_RESULT_E m2mb_secure_ms_crypto_read	(	M2MB_SECURE_MS_BUFFER	bfr,
		UINT32	offset,
		UINT32	max_len,
		UINT8 *	data,
		UINT32 *	act_len
	)

Reads the TEE buffer from the Secure Storage.

This function Reads the TEE buffer from the Secure Storage. Note that the Trusted Data was zeroed by the Write function.

Parameters

[in]	bfr	The TEE Buffer Handle.
[in]	offset	Offset in the buffer.
[in]	max_len	The number of the maximum bytes to read.
[out]	data	Returned data. If NULL, "act_len" will return the buffer size.
[out]	act_len	The actual number of bytes returned.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno(). The TEE buffer inherits the properties of item data if its data has been added in the buffer. E.g data trusted remains trusted even using m2mb_secure_ms_crypto_read(). So data trusted can be never read

Example

◆ m2mb_secure_ms_crypto_rotate()

M2MB_RESULT_E m2mb_secure_ms_crypto_rotate	(	M2MB_SECURE_MS_BUFFER	bfr,
		UINT32	num_of_bytes
	)

Circular shift left of the data in the TEE buffer.

This function performs a left circular shift of the data in the TEE buffer.

Parameters

[in]	bfr	The TEE Buffer Handle.
[in]	num_of_bytes	The number of bytes for the left circular shift.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

◆ m2mb_secure_ms_crypto_write()

M2MB_RESULT_E m2mb_secure_ms_crypto_write	(	M2MB_SECURE_MS_BUFFER	bfr,
		UINT32	in_offset,
		UINT32	length,
		M2MB_SECURE_MS_HANDLE	handle
	)

Writes (part of) the TEE buffer to the Secure Storage.

This function Writes (part of) the TEE buffer to the Secure Storage. Data that is written is zeroed.

Parameters

[in]	bfr	The TEE Buffer Handle.
[in]	in_offset	Offset (in bytes) in the buffer of the relevant data.
[in]	length	length (in bytes) of the relevant data.
[in]	handle	Secure data file handle

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

int main()
{
  M2MB_SECURE_MS_HANDLE pHandle;
  M2MB_RESULT_E ret  = M2MB_RESULT_SUCCESS;
  UINT32 size = 128;
  UINT8 tempBuff[128] = {0};
  M2MB_CRYPTO_AES_CONTEXT SKeyCtx = NULL;
  
  ret = m2mb_secure_ms_open( &pHandle, M2MB_SYSTEM_FILE_ID, 3, M2MB_SECURE_MS_CREATE );
  
  if( ret == M2MB_RESULT_SUCCESS )
  {
    M2MB_SECURE_MS_BUFFER Bfr;
    UINT8 IVec[M2MB_CRYPTO_AES_IV_SIZE] = { 0 };
   
    ret = m2mb_crypto_aes_init( &SKeyCtx );
    ret = m2mb_secure_ms_crypto_alloc( size, &Bfr );
    ret = m2mb_secure_ms_crypto_add_data( tempBuff, size, Bfr, 0 );
    ret = m2mb_secure_ms_crypto_decrypt( Bfr, 0, size, (M2MB_CRYPTO_GEN_CONTEXT)SKeyCtx, IVec, Bfr, 0 );
 
    if( ret == M2MB_RESULT_SUCCESS )
    {
      ret = m2mb_secure_ms_crypto_write( Bfr, 0, size, pHandle );
    }
    ret = m2mb_secure_ms_crypto_free( Bfr );
  
    ret = m2mb_secure_ms_close( pHandle );
  }
}

◆ m2mb_secure_ms_crypto_xor()

M2MB_RESULT_E m2mb_secure_ms_crypto_xor	(	M2MB_SECURE_MS_BUFFER	in_bfr,
		UINT32	in_offset,
		UINT32	length,
		M2MB_SECURE_MS_BUFFER	out_bfr,
		UINT32	out_offset
	)

Performs a XOR operation between (part of) the TEE buffers.

This function performs a XOR operation between (part of) the TEE buffers.

Parameters

[in]	in_bfr	The TEE 1st Buffer Handle
[in]	in_offset	Offset (in bytes) in the 1st buffer.
[in]	length	length (in bytes) to XOR.
[in]	out_bfr	The TEE 2nd Buffer Handle.
[in]	out_offset	Offset (in bytes) in the 2nd buffer.

Returns: M2MB_RESULT_FAIL M2MB_RESULT_SUCCESS

Note: The specific error can be retrieved using m2mb_secure_ms_crypto_errno().

Example

Typedefs

Enumerations

Functions

Detailed Description

Enumeration Type Documentation

◆ M2MB_SECURE_MS_IMPORT_TYPE_E

Function Documentation

◆ m2mb_secure_ms_crypto_add_data()

◆ m2mb_secure_ms_crypto_add_item()

◆ m2mb_secure_ms_crypto_add_key()

◆ m2mb_secure_ms_crypto_alloc()

◆ m2mb_secure_ms_crypto_decrypt()

◆ m2mb_secure_ms_crypto_encrypt()

◆ m2mb_secure_ms_crypto_errno()

◆ m2mb_secure_ms_crypto_final()

◆ m2mb_secure_ms_crypto_find()

◆ m2mb_secure_ms_crypto_free()

◆ m2mb_secure_ms_crypto_import()

◆ m2mb_secure_ms_crypto_md()

◆ m2mb_secure_ms_crypto_read()

◆ m2mb_secure_ms_crypto_rotate()

◆ m2mb_secure_ms_crypto_write()

◆ m2mb_secure_ms_crypto_xor()