ECC: ECDH tests
Change-Id: If1df12e01274c8617badd5d6f955a1808cf3290d
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>
diff --git a/host/xtest/xtest_4000.c b/host/xtest/xtest_4000.c
index ed62448..0c1efb7 100644
--- a/host/xtest/xtest_4000.c
+++ b/host/xtest/xtest_4000.c
@@ -37,6 +37,7 @@
static void xtest_tee_test_4006(ADBG_Case_t *Case_p);
static void xtest_tee_test_4007(ADBG_Case_t *Case_p);
static void xtest_tee_test_4008(ADBG_Case_t *Case_p);
+static void xtest_tee_test_4009(ADBG_Case_t *Case_p);
ADBG_CASE_DEFINE(XTEST_TEE_4001, xtest_tee_test_4001,
/* Title */
@@ -137,6 +138,17 @@
"Description of how to implement ..."
);
+ADBG_CASE_DEFINE(XTEST_TEE_4009, xtest_tee_test_4009,
+ /* Title */
+ "Test TEE Internal API Derive key ECDH",
+ /* Short description */
+ "Short description ...",
+ /* Requirement IDs */
+ "TEE-??",
+ /* How to implement */
+ "Description of how to implement ..."
+ );
+
static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
TEEC_Session *s,
void *buf, size_t blen);
@@ -4201,7 +4213,7 @@
&sv_handle)))
goto out;
- /* resuse but reset params and param-count */
+ /* reuse but reset params and param-count */
param_count = 0;
xtest_add_attr(¶m_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
@@ -4235,3 +4247,129 @@
Do_ADBG_EndSubCase(c, "Derive DH key success");
TEEC_CloseSession(&session);
}
+
+static void xtest_tee_test_4009(ADBG_Case_t *c)
+{
+ TEEC_Session session = { 0 };
+ uint32_t ret_orig;
+ TEE_OperationHandle op;
+ TEE_ObjectHandle key_handle;
+ TEE_ObjectHandle sv_handle;
+ TEE_Attribute params[4];
+ size_t param_count = 0;
+ uint8_t out[2048];
+ size_t out_size;
+ uint32_t size_bytes;
+ int i;
+ struct derive_key_ecdh_t *pt;
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
+ &ret_orig)))
+ return;
+
+ for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
+ pt = &derive_key_ecdh[i];
+
+ Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
+ pt->algo);
+ size_bytes = (pt->keysize + 7) / 8;
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_allocate_operation(c, &session, &op,
+ pt->algo,
+ TEE_MODE_DERIVE, pt->keysize)))
+ goto out;
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_allocate_transient_object(c, & session,
+ TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
+ &key_handle)))
+ goto out;
+
+ param_count = 0;
+ xtest_add_attr_value(¶m_count, params,
+ TEE_ATTR_ECC_CURVE, pt->curve, 0);
+ xtest_add_attr(¶m_count, params,
+ TEE_ATTR_ECC_PRIVATE_VALUE,
+ pt->private, size_bytes);
+ /*
+ * The public value is not used. This is why we provide
+ * another buffer
+ */
+ xtest_add_attr(¶m_count, params,
+ TEE_ATTR_ECC_PUBLIC_VALUE_X,
+ pt->private, size_bytes);
+ xtest_add_attr(¶m_count, params,
+ TEE_ATTR_ECC_PUBLIC_VALUE_Y,
+ pt->private, size_bytes);
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_populate_transient_object(c,
+ &session,
+ key_handle, params, param_count)))
+ goto out;
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_set_operation_key(c, &session, op,
+ key_handle)))
+ goto out;
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_free_transient_object(c, & session,
+ key_handle)))
+ goto out;
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_allocate_transient_object(c, &session,
+ TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
+ &sv_handle)))
+ goto out;
+
+ /* reuse but reset params and param-count */
+ param_count = 0;
+
+ xtest_add_attr(¶m_count, params,
+ TEE_ATTR_ECC_PUBLIC_VALUE_X,
+ pt->public_x, size_bytes);
+ xtest_add_attr(¶m_count, params,
+ TEE_ATTR_ECC_PUBLIC_VALUE_Y,
+ pt->public_y, size_bytes);
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
+ params, param_count)))
+ goto out;
+
+ out_size = sizeof(out);
+ memset(out, 0, sizeof(out));
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_get_object_buffer_attribute(c, &session,
+ sv_handle,
+ TEE_ATTR_SECRET_VALUE, out, &out_size)))
+ goto out;
+
+ if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
+ out, out_size))
+ goto out;
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_free_operation(c, &session, op)))
+ goto out;
+
+ if (!ADBG_EXPECT_TEEC_SUCCESS(c,
+ ta_crypt_cmd_free_transient_object(c, &session,
+ sv_handle)))
+ goto out;
+
+ Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
+ pt->algo);
+ }
+
+ goto noerror;
+
+out:
+ Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
+
+noerror:
+ TEEC_CloseSession(&session);
+}
diff --git a/host/xtest/xtest_4000_data.h b/host/xtest/xtest_4000_data.h
index eb51176..c3bec00 100644
--- a/host/xtest/xtest_4000_data.h
+++ b/host/xtest/xtest_4000_data.h
@@ -6312,5 +6312,181 @@
static const uint32_t derive_key_max_keysize = 1024;
+/*
+ * ECDH testvectors have been taken from
+ * http://csrc.nist.gov/groups/STM/cavp/documents/components/ecccdhtestvectors.zip
+ */
+static const uint8_t derive_key_ecdh_192_public_x[] = {
+ 0x42, 0xea, 0x6d, 0xd9, 0x96, 0x9d, 0xd2, 0xa6, 0x1f, 0xea, 0x1a, 0xac,
+ 0x7f, 0x8e, 0x98, 0xed, 0xcc, 0x89, 0x6c, 0x6e, 0x55, 0x85, 0x7c, 0xc0
+};
+static const uint8_t derive_key_ecdh_192_public_y[] = {
+ 0xdf, 0xbe, 0x5d, 0x7c, 0x61, 0xfa, 0xc8, 0x8b, 0x11, 0x81, 0x1b, 0xde,
+ 0x32, 0x8e, 0x8a, 0x0d, 0x12, 0xbf, 0x01, 0xa9, 0xd2, 0x04, 0xb5, 0x23
+};
+static const uint8_t derive_key_ecdh_192_private[] = {
+ 0xf1, 0x7d, 0x3f, 0xea, 0x36, 0x7b, 0x74, 0xd3, 0x40, 0x85, 0x1c, 0xa4,
+ 0x27, 0x0d, 0xcb, 0x24, 0xc2, 0x71, 0xf4, 0x45, 0xbe, 0xd9, 0xd5, 0x27
+};
+static const uint8_t derive_key_ecdh_192_out[] = {
+ 0x80, 0x3d, 0x8a, 0xb2, 0xe5, 0xb6, 0xe6, 0xfc, 0xa7, 0x15, 0x73, 0x7c,
+ 0x3a, 0x82, 0xf7, 0xce, 0x3c, 0x78, 0x31, 0x24, 0xf6, 0xd5, 0x1c, 0xd0
+};
+
+static const uint8_t derive_key_ecdh_224_public_x[] = {
+ 0xaf, 0x33, 0xcd, 0x06, 0x29, 0xbc, 0x7e, 0x99, 0x63, 0x20, 0xa3, 0xf4,
+ 0x03, 0x68, 0xf7, 0x4d, 0xe8, 0x70, 0x4f, 0xa3, 0x7b, 0x8f, 0xab, 0x69,
+ 0xab, 0xaa, 0xe2, 0x80
+};
+static const uint8_t derive_key_ecdh_224_public_y[] = {
+ 0x88, 0x20, 0x92, 0xcc, 0xbb, 0xa7, 0x93, 0x0f, 0x41, 0x9a, 0x8a, 0x4f,
+ 0x9b, 0xb1, 0x69, 0x78, 0xbb, 0xc3, 0x83, 0x87, 0x29, 0x99, 0x25, 0x59,
+ 0xa6, 0xf2, 0xe2, 0xd7
+};
+static const uint8_t derive_key_ecdh_224_private[] = {
+ 0x83, 0x46, 0xa6, 0x0f, 0xc6, 0xf2, 0x93, 0xca, 0x5a, 0x0d, 0x2a, 0xf6,
+ 0x8b, 0xa7, 0x1d, 0x1d, 0xd3, 0x89, 0xe5, 0xe4, 0x08, 0x37, 0x94, 0x2d,
+ 0xf3, 0xe4, 0x3c, 0xbd
+};
+static const uint8_t derive_key_ecdh_224_out[] = {
+ 0x7d, 0x96, 0xf9, 0xa3, 0xbd, 0x3c, 0x05, 0xcf, 0x5c, 0xc3, 0x7f, 0xeb,
+ 0x8b, 0x9d, 0x52, 0x09, 0xd5, 0xc2, 0x59, 0x74, 0x64, 0xde, 0xc3, 0xe9,
+ 0x98, 0x37, 0x43, 0xe8
+};
+
+static const uint8_t derive_key_ecdh_256_public_x[] = {
+ 0x70, 0x0c, 0x48, 0xf7, 0x7f, 0x56, 0x58, 0x4c, 0x5c, 0xc6, 0x32, 0xca,
+ 0x65, 0x64, 0x0d, 0xb9, 0x1b, 0x6b, 0xac, 0xce, 0x3a, 0x4d, 0xf6, 0xb4,
+ 0x2c, 0xe7, 0xcc, 0x83, 0x88, 0x33, 0xd2, 0x87
+};
+static const uint8_t derive_key_ecdh_256_public_y[] = {
+ 0xdb, 0x71, 0xe5, 0x09, 0xe3, 0xfd, 0x9b, 0x06, 0x0d, 0xdb, 0x20, 0xba,
+ 0x5c, 0x51, 0xdc, 0xc5, 0x94, 0x8d, 0x46, 0xfb, 0xf6, 0x40, 0xdf, 0xe0,
+ 0x44, 0x17, 0x82, 0xca, 0xb8, 0x5f, 0xa4, 0xac
+};
+static const uint8_t derive_key_ecdh_256_private[] = {
+ 0x7d, 0x7d, 0xc5, 0xf7, 0x1e, 0xb2, 0x9d, 0xda, 0xf8, 0x0d, 0x62, 0x14,
+ 0x63, 0x2e, 0xea, 0xe0, 0x3d, 0x90, 0x58, 0xaf, 0x1f, 0xb6, 0xd2, 0x2e,
+ 0xd8, 0x0b, 0xad, 0xb6, 0x2b, 0xc1, 0xa5, 0x34
+};
+static const uint8_t derive_key_ecdh_256_out[] = {
+ 0x46, 0xfc, 0x62, 0x10, 0x64, 0x20, 0xff, 0x01, 0x2e, 0x54, 0xa4, 0x34,
+ 0xfb, 0xdd, 0x2d, 0x25, 0xcc, 0xc5, 0x85, 0x20, 0x60, 0x56, 0x1e, 0x68,
+ 0x04, 0x0d, 0xd7, 0x77, 0x89, 0x97, 0xbd, 0x7b
+};
+
+static const uint8_t derive_key_ecdh_384_public_x[] = {
+ 0xa7, 0xc7, 0x6b, 0x97, 0x0c, 0x3b, 0x5f, 0xe8, 0xb0, 0x5d, 0x28, 0x38,
+ 0xae, 0x04, 0xab, 0x47, 0x69, 0x7b, 0x9e, 0xaf, 0x52, 0xe7, 0x64, 0x59,
+ 0x2e, 0xfd, 0xa2, 0x7f, 0xe7, 0x51, 0x32, 0x72, 0x73, 0x44, 0x66, 0xb4,
+ 0x00, 0x09, 0x1a, 0xdb, 0xf2, 0xd6, 0x8c, 0x58, 0xe0, 0xc5, 0x00, 0x66
+};
+static const uint8_t derive_key_ecdh_384_public_y[] = {
+ 0xac, 0x68, 0xf1, 0x9f, 0x2e, 0x1c, 0xb8, 0x79, 0xae, 0xd4, 0x3a, 0x99,
+ 0x69, 0xb9, 0x1a, 0x08, 0x39, 0xc4, 0xc3, 0x8a, 0x49, 0x74, 0x9b, 0x66,
+ 0x1e, 0xfe, 0xdf, 0x24, 0x34, 0x51, 0x91, 0x5e, 0xd0, 0x90, 0x5a, 0x32,
+ 0xb0, 0x60, 0x99, 0x2b, 0x46, 0x8c, 0x64, 0x76, 0x6f, 0xc8, 0x43, 0x7a
+};
+static const uint8_t derive_key_ecdh_384_private[] = {
+ 0x3c, 0xc3, 0x12, 0x2a, 0x68, 0xf0, 0xd9, 0x50, 0x27, 0xad, 0x38, 0xc0,
+ 0x67, 0x91, 0x6b, 0xa0, 0xeb, 0x8c, 0x38, 0x89, 0x4d, 0x22, 0xe1, 0xb1,
+ 0x56, 0x18, 0xb6, 0x81, 0x8a, 0x66, 0x17, 0x74, 0xad, 0x46, 0x3b, 0x20,
+ 0x5d, 0xa8, 0x8c, 0xf6, 0x99, 0xab, 0x4d, 0x43, 0xc9, 0xcf, 0x98, 0xa1
+};
+static const uint8_t derive_key_ecdh_384_out[] = {
+ 0x5f, 0x9d, 0x29, 0xdc, 0x5e, 0x31, 0xa1, 0x63, 0x06, 0x03, 0x56, 0x21,
+ 0x36, 0x69, 0xc8, 0xce, 0x13, 0x2e, 0x22, 0xf5, 0x7c, 0x9a, 0x04, 0xf4,
+ 0x0b, 0xa7, 0xfc, 0xea, 0xd4, 0x93, 0xb4, 0x57, 0xe5, 0x62, 0x1e, 0x76,
+ 0x6c, 0x40, 0xa2, 0xe3, 0xd4, 0xd6, 0xa0, 0x4b, 0x25, 0xe5, 0x33, 0xf1
+};
+
+static const uint8_t derive_key_ecdh_521_public_x[] = {
+ 0x00, 0x68, 0x5a, 0x48, 0xe8, 0x6c, 0x79, 0xf0, 0xf0, 0x87, 0x5f, 0x7b,
+ 0xc1, 0x8d, 0x25, 0xeb, 0x5f, 0xc8, 0xc0, 0xb0, 0x7e, 0x5d, 0xa4, 0xf4,
+ 0x37, 0x0f, 0x3a, 0x94, 0x90, 0x34, 0x08, 0x54, 0x33, 0x4b, 0x1e, 0x1b,
+ 0x87, 0xfa, 0x39, 0x54, 0x64, 0xc6, 0x06, 0x26, 0x12, 0x4a, 0x4e, 0x70,
+ 0xd0, 0xf7, 0x85, 0x60, 0x1d, 0x37, 0xc0, 0x98, 0x70, 0xeb, 0xf1, 0x76,
+ 0x66, 0x68, 0x77, 0xa2, 0x04, 0x6d
+};
+static const uint8_t derive_key_ecdh_521_public_y[] = {
+ 0x01, 0xba, 0x52, 0xc5, 0x6f, 0xc8, 0x77, 0x6d, 0x9e, 0x8f, 0x5d, 0xb4,
+ 0xf0, 0xcc, 0x27, 0x63, 0x6d, 0x0b, 0x74, 0x1b, 0xbe, 0x05, 0x40, 0x06,
+ 0x97, 0x94, 0x2e, 0x80, 0xb7, 0x39, 0x88, 0x4a, 0x83, 0xbd, 0xe9, 0x9e,
+ 0x0f, 0x67, 0x16, 0x93, 0x9e, 0x63, 0x2b, 0xc8, 0x98, 0x6f, 0xa1, 0x8d,
+ 0xcc, 0xd4, 0x43, 0xa3, 0x48, 0xb6, 0xc3, 0xe5, 0x22, 0x49, 0x79, 0x55,
+ 0xa4, 0xf3, 0xc3, 0x02, 0xf6, 0x76
+};
+static const uint8_t derive_key_ecdh_521_private[] = {
+ 0x01, 0x7e, 0xec, 0xc0, 0x7a, 0xb4, 0xb3, 0x29, 0x06, 0x8f, 0xba, 0x65,
+ 0xe5, 0x6a, 0x1f, 0x88, 0x90, 0xaa, 0x93, 0x5e, 0x57, 0x13, 0x4a, 0xe0,
+ 0xff, 0xcc, 0xe8, 0x02, 0x73, 0x51, 0x51, 0xf4, 0xea, 0xc6, 0x56, 0x4f,
+ 0x6e, 0xe9, 0x97, 0x4c, 0x5e, 0x68, 0x87, 0xa1, 0xfe, 0xfe, 0xe5, 0x74,
+ 0x3a, 0xe2, 0x24, 0x1b, 0xfe, 0xb9, 0x5d, 0x5c, 0xe3, 0x1d, 0xdc, 0xb6,
+ 0xf9, 0xed, 0xb4, 0xd6, 0xfc, 0x47
+};
+static const uint8_t derive_key_ecdh_521_out[] = {
+ 0x00, 0x5f, 0xc7, 0x04, 0x77, 0xc3, 0xe6, 0x3b, 0xc3, 0x95, 0x4b, 0xd0,
+ 0xdf, 0x3e, 0xa0, 0xd1, 0xf4, 0x1e, 0xe2, 0x17, 0x46, 0xed, 0x95, 0xfc,
+ 0x5e, 0x1f, 0xdf, 0x90, 0x93, 0x0d, 0x5e, 0x13, 0x66, 0x72, 0xd7, 0x2c,
+ 0xc7, 0x70, 0x74, 0x2d, 0x17, 0x11, 0xc3, 0xc3, 0xa4, 0xc3, 0x34, 0xa0,
+ 0xad, 0x97, 0x59, 0x43, 0x6a, 0x4d, 0x3c, 0x5b, 0xf6, 0xe7, 0x4b, 0x95,
+ 0x78, 0xfa, 0xc1, 0x48, 0xc8, 0x31
+};
+
+static struct derive_key_ecdh_t {
+ uint32_t algo; /* TEE_ALG_ECDH_P192,... */
+ uint32_t curve; /* TEE_ECC_CURVE_NIST_P192,... */
+ uint32_t keysize; /* key size, in bits */
+ const uint8_t *public_x; /* public key - x == QCAVSx */
+ const uint8_t *public_y; /* public key - y == QCAVSy */
+ const uint8_t *private; /* private key == dIUT */
+ const uint8_t *out; /* expected result - ZIUT */
+} derive_key_ecdh[] = {
+ {
+ .algo = TEE_ALG_ECDH_P192,
+ .curve = TEE_ECC_CURVE_NIST_P192,
+ .keysize = 192,
+ .public_x = derive_key_ecdh_192_public_x,
+ .public_y = derive_key_ecdh_192_public_y,
+ .private = derive_key_ecdh_192_private,
+ .out = derive_key_ecdh_192_out,
+ },
+ {
+ .algo = TEE_ALG_ECDH_P224,
+ .curve = TEE_ECC_CURVE_NIST_P224,
+ .keysize = 224,
+ .public_x = derive_key_ecdh_224_public_x,
+ .public_y = derive_key_ecdh_224_public_y,
+ .private = derive_key_ecdh_224_private,
+ .out = derive_key_ecdh_224_out,
+ },
+ {
+ .algo = TEE_ALG_ECDH_P256,
+ .curve = TEE_ECC_CURVE_NIST_P256,
+ .keysize = 256,
+ .public_x = derive_key_ecdh_256_public_x,
+ .public_y = derive_key_ecdh_256_public_y,
+ .private = derive_key_ecdh_256_private,
+ .out = derive_key_ecdh_256_out,
+ },
+ {
+ .algo = TEE_ALG_ECDH_P384,
+ .curve = TEE_ECC_CURVE_NIST_P384,
+ .keysize = 384,
+ .public_x = derive_key_ecdh_384_public_x,
+ .public_y = derive_key_ecdh_384_public_y,
+ .private = derive_key_ecdh_384_private,
+ .out = derive_key_ecdh_384_out,
+ },
+ {
+ .algo = TEE_ALG_ECDH_P521,
+ .curve = TEE_ECC_CURVE_NIST_P521,
+ .keysize = 521,
+ .public_x = derive_key_ecdh_521_public_x,
+ .public_y = derive_key_ecdh_521_public_y,
+ .private = derive_key_ecdh_521_private,
+ .out = derive_key_ecdh_521_out,
+ },
+};
#endif /*XTEST_4000_DATA_H*/
diff --git a/host/xtest/xtest_main.c b/host/xtest/xtest_main.c
index 73e55e2..7fd9df8 100644
--- a/host/xtest/xtest_main.c
+++ b/host/xtest/xtest_main.c
@@ -42,6 +42,7 @@
ADBG_SUITE_ENTRY(XTEST_TEE_4006, NULL)
ADBG_SUITE_ENTRY(XTEST_TEE_4007, NULL)
ADBG_SUITE_ENTRY(XTEST_TEE_4008, NULL)
+ADBG_SUITE_ENTRY(XTEST_TEE_4009, NULL)
/* FVP ADBG_SUITE_ENTRY(XTEST_TEE_5006, NULL) */
#ifdef USER_SPACE
ADBG_SUITE_ENTRY(XTEST_TEE_6001, NULL)
diff --git a/host/xtest/xtest_test.h b/host/xtest/xtest_test.h
index 0bad613..77ec663 100644
--- a/host/xtest/xtest_test.h
+++ b/host/xtest/xtest_test.h
@@ -41,6 +41,7 @@
ADBG_CASE_DECLARE(XTEST_TEE_4006);
ADBG_CASE_DECLARE(XTEST_TEE_4007);
ADBG_CASE_DECLARE(XTEST_TEE_4008);
+ADBG_CASE_DECLARE(XTEST_TEE_4009);
ADBG_CASE_DECLARE(XTEST_TEE_5006);