tag 2f528f25bd347f7bc5bab7aba1006f47cf765354
tagger Jens Wiklander <jens.wiklander@linaro.org> Fri Jan 16 13:49:57 2026 +0100
object 934c7edb74a26e90f68024cf441073528444177f

4.9.0

commit 934c7edb74a26e90f68024cf441073528444177f
author Amey Avinash Raghatate <ameyavinash.raghatate@amd.com> Tue Dec 09 08:27:17 2025 +0000
committer Jens Wiklander <jens.wiklander@linaro.org> Mon Dec 29 17:12:43 2025 +0100
tree 3aaab0147b773a771028e9b17708a5c5f3f7a306
parent e217db37e9912d012b3bf2a6e3b7fe2dbdc3bffa

acipher: Add dynamic algorithm selection and decryption support

Add support for new RSA PKCS OAEP algorithms:
- TEE_ALG_RSAES_PKCS1_V1_5
- TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1
- TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224
- TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256
- TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384
- TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512

Also add support to select algorithm at runtime. The user can now run
the `optee_example_acipher <key_size> <string to encrypt> <algo name>`
command, and the specified algorithm will be used during
encryption/decryption.

The user can now invoke:
optee_example_acipher <key_size> <string to encrypt> <algo name>

Supported values for <key_size> are:
- 2048 bits
- 3072 bits
- 4096 bits

Supported values for <algo name> are:
- TA_ALG_PKCS1_V1_5
- TA_ALG_OAEP_MGF1_SHA1
- TA_ALG_OAEP_MGF1_SHA224
- TA_ALG_OAEP_MGF1_SHA256
- TA_ALG_OAEP_MGF1_SHA384
- TA_ALG_OAEP_MGF1_SHA512

If no algorithm is specified, TA_ALG_PKCS1_V1_5 is selected by default.

Based on the input, the corresponding algorithm is selected and used for
encryption/decryption operations. This enhancement improves flexibility
by allowing users to test different RSA modes using a single binary.

Signed-off-by: Amey Avinash Raghatate <ameyavinash.raghatate@amd.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>