| /* SPDX-License-Identifier: BSD-2-Clause */ |
| /* |
| * Copyright (c) 2014, STMicroelectronics International N.V. |
| * All rights reserved. |
| */ |
| |
| #ifndef TA_CRYPT_H |
| #define TA_CRYPT_H |
| |
| /* This UUID is generated with the ITU-T UUID generator at |
| http://www.itu.int/ITU-T/asn1/uuid.html */ |
| #define TA_CRYPT_UUID { 0xcb3e5ba0, 0xadf1, 0x11e0, \ |
| { 0x99, 0x8b, 0x00, 0x02, 0xa5, 0xd5, 0xc5, 0x1b } } |
| |
| #define TA_CRYPT_CMD_SHA224 1 |
| #define TA_CRYPT_CMD_SHA256 2 |
| #define TA_CRYPT_CMD_AES256ECB_ENC 3 |
| #define TA_CRYPT_CMD_AES256ECB_DEC 4 |
| |
| /* |
| * TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, |
| * uint32_t algorithm, uint32_t mode, uint32_t maxKeySize); |
| * in/out params[0].value.a = operation |
| * in/out params[0].value.b = algorithm |
| * in params[1].value.a = mode |
| * in params[2].value.b = maxKeySize |
| */ |
| #define TA_CRYPT_CMD_ALLOCATE_OPERATION 5 |
| |
| /* |
| * void TEE_FreeOperation(TEE_OperationHandle operation); |
| * in params[0].value.a = operation |
| */ |
| #define TA_CRYPT_CMD_FREE_OPERATION 6 |
| |
| /* |
| * void TEE_GetOperationInfo(TEE_OperationHandle operation, |
| * TEE_OperationInfo* operationInfo); |
| * in params[0].value.a = operation |
| * out params[1].memref = operationInfo |
| */ |
| #define TA_CRYPT_CMD_GET_OPERATION_INFO 7 |
| |
| /* |
| * void TEE_ResetOperation(TEE_OperationHandle operation); |
| * in params[0].value.a = operation |
| */ |
| #define TA_CRYPT_CMD_RESET_OPERATION 8 |
| |
| /* |
| * TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation, |
| * TEE_ObjectHandle key); |
| * in params[0].value.a = operation |
| * in params[0].value.b = key |
| */ |
| #define TA_CRYPT_CMD_SET_OPERATION_KEY 9 |
| |
| /* |
| * TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation, |
| * TEE_ObjectHandle key1, TEE_ObjectHandle key2); |
| * in params[0].value.a = operation |
| * in params[0].value.b = key1 |
| * in params[0].value.a = key2 |
| */ |
| #define TA_CRYPT_CMD_SET_OPERATION_KEY2 10 |
| |
| /* |
| * void TEE_CopyOperation(TEE_OperationHandle dstOperation, |
| * TEE_OperationHandle srcOperation); |
| * in params[0].value.a = dstOperation |
| * in params[0].value.b = srcOperation |
| */ |
| #define TA_CRYPT_CMD_COPY_OPERATION 11 |
| |
| /* |
| * void TEE_DigestUpdate(TEE_OperationHandle operation, |
| * void *chunk, size_t chunkSize); |
| * in params[0].value.a = operation |
| * in params[1].memref = chunk |
| */ |
| #define TA_CRYPT_CMD_DIGEST_UPDATE 12 |
| |
| /* |
| * TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, |
| * const void *chunk, size_t chunkLen, |
| * void *hash, size_t *hashLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = chunk |
| * out params[2].memref = hash |
| */ |
| #define TA_CRYPT_CMD_DIGEST_DO_FINAL 13 |
| |
| /* |
| * void TEE_CipherInit(TEE_OperationHandle operation, const void *IV, |
| * size_t IVLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = IV |
| */ |
| #define TA_CRYPT_CMD_CIPHER_INIT 14 |
| |
| /* |
| * TEE_Result TEE_CipherUpdate(TEE_OperationHandle operation, |
| * const void *srcData, size_t srcLen, |
| * void *destData, size_t *destLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = srcData |
| * out params[2].memref = dstData |
| */ |
| #define TA_CRYPT_CMD_CIPHER_UPDATE 15 |
| |
| /* |
| * TEE_Result TEE_CipherDoFinal(TEE_OperationHandle operation, |
| * const void *srcData, size_t srcLen, |
| * void *destData, size_t *destLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = srcData |
| * out params[2].memref = destData |
| */ |
| #define TA_CRYPT_CMD_CIPHER_DO_FINAL 16 |
| |
| /* |
| * void TEE_MACInit(TEE_OperationHandle operation, |
| * const void *IV, size_t IVLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = IV |
| */ |
| #define TA_CRYPT_CMD_MAC_INIT 17 |
| |
| /* |
| * void TEE_MACUpdate(TEE_OperationHandle operation, |
| * const void *chunk, size_t chunkSize); |
| * in params[0].value.a = operation |
| * in params[1].memref = chunk |
| */ |
| #define TA_CRYPT_CMD_MAC_UPDATE 18 |
| |
| /* |
| * TEE_Result TEE_MACFinalCompute(TEE_OperationHandle operation, |
| * const void *message, size_t messageLen, |
| * void *mac, size_t *macLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = message |
| * out params[2].memref = mac |
| */ |
| #define TA_CRYPT_CMD_MAC_FINAL_COMPUTE 19 |
| |
| /* |
| * TEE_Result TEE_MACFinalCompare(TEE_OperationHandle operation, |
| * const void *message, size_t messageLen, |
| * const void *mac, size_t *macLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = message |
| * in params[2].memref = mac |
| */ |
| #define TA_CRYPT_CMD_MAC_FINAL_COMPARE 20 |
| |
| /* |
| * TEE_Result TEE_AllocateTransientObject(TEE_ObjectType objectType, |
| * uint32_t maxObjectSize, TEE_ObjectHandle* object); |
| * in params[0].value.a = objectType |
| * in params[0].value.b = maxObjectSize |
| * out params[1].value.a = object; |
| */ |
| #define TA_CRYPT_CMD_ALLOCATE_TRANSIENT_OBJECT 21 |
| |
| /* |
| * void TEE_FreeTransientObject(TEE_ObjectHandle object); |
| * in params[0].value.a = object |
| */ |
| #define TA_CRYPT_CMD_FREE_TRANSIENT_OBJECT 22 |
| |
| /* |
| * void TEE_ResetTransientObject(TEE_ObjectHandle object); |
| * in params[0].value.a = object |
| */ |
| #define TA_CRYPT_CMD_RESET_TRANSIENT_OBJECT 23 |
| |
| /* |
| * TEE_Result TEE_PopulateTransientObject(TEE_ObjectHandle object, |
| * TEE_Attribute *attrs, uint32_t attrCount); |
| * in params[0].value.a = object |
| * in params[1].memref = attrs |
| */ |
| #define TA_CRYPT_CMD_POPULATE_TRANSIENT_OBJECT 24 |
| |
| /* |
| * void TEE_CopyObjectAttributes(TEE_ObjectHandle destObject, |
| * TEE_ObjectHandle srcObject); |
| * in params[0].value.a = destObject |
| * in params[0].value.b = srcObject |
| */ |
| #define TA_CRYPT_CMD_COPY_OBJECT_ATTRIBUTES 25 |
| |
| /* |
| * TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize, |
| * TEE_Attribute *params, uint32_t paramCount); |
| * in params[0].value.a = object |
| * in params[0].value.b = keySize |
| * in params[1].memref = params |
| */ |
| #define TA_CRYPT_CMD_GENERATE_KEY 26 |
| |
| /* |
| * TEE_Result TEE_AsymmetricEncrypt(TEE_OperationHandle operation, |
| * const TEE_Attribute *params, uint32_t paramCount, |
| * const void *srcData, size_t srcLen, void *destData, |
| * size_t *destLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = params |
| * in params[2].memref = srcData |
| * out params[3].memref = destData |
| */ |
| #define TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT 27 |
| |
| /* |
| * TEE_Result TEE_AsymmetricDecrypt(TEE_OperationHandle operation, |
| * const TEE_Attribute *params, uint32_t paramCount, |
| * const void *srcData, size_t srcLen, void *destData, |
| * size_t *destLen) |
| * in params[0].value.a = operation |
| * in params[1].memref = params |
| * in params[2].memref = srcData |
| * out params[3].memref = destData |
| */ |
| #define TA_CRYPT_CMD_ASYMMETRIC_DECRYPT 28 |
| |
| /* |
| * TEE_Result TEE_AsymmetricSignDigest(TEE_OperationHandle operation, |
| * const TEE_Attribute *params, uint32_t paramCount, |
| * const void *digest, size_t digestLen, void *signature, |
| * size_t *signatureLen) |
| * in params[0].value.a = operation |
| * in params[1].memref = params |
| * in params[2].memref = digest |
| * out params[3].memref = signature |
| */ |
| #define TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST 29 |
| |
| /* |
| * TEE_Result TEE_AsymmetricVerifyDigest(TEE_OperationHandle operation, |
| * const TEE_Attribute *params, uint32_t paramCount, |
| * const void *digest, size_t digestLen, const void *signature, |
| * size_t signatureLen) |
| * in params[0].value.a = operation |
| * in params[1].memref = params |
| * in params[2].memref = digest |
| * in params[3].memref = signature |
| */ |
| #define TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST 30 |
| |
| /* |
| * void TEE_DeriveKey(TEE_OperationHandle operation, |
| * const TEE_Attribute *params, uint32_t paramCount, |
| * TEE_ObjectHandle derivedKey) |
| * in params[0].value.a = operation |
| * in params[1].memref = params |
| * in params[0].value.b = derivedKey |
| */ |
| #define TA_CRYPT_CMD_DERIVE_KEY 31 |
| |
| /* |
| * void TEE_RandomNumberGenerate(void *randomBuffer, size_t randomBufferLen); |
| * out params[0].memref = randomBuffer |
| */ |
| #define TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE 32 |
| |
| /* |
| * TEE_Result TEE_AEInit(TEE_OperationHandle operation, |
| * const void* nonce, size_t nonceLen, |
| * uint32_t tagLen, uint32_t AADLen, uint32_t payloadLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = nonce |
| * in params[0].value.b = tagLen |
| * in params[2].value.a = AADLen |
| * in params[2].value.b = payloadLen |
| */ |
| #define TA_CRYPT_CMD_AE_INIT 33 |
| |
| /* |
| * void TEE_AEUpdateAAD(TEE_OperationHandle operation, |
| * void* AADdata, size_t AADdataLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = AADdata |
| */ |
| #define TA_CRYPT_CMD_AE_UPDATE_AAD 34 |
| |
| /* |
| * TEE_Result TEE_AEUpdate(TEE_OperationHandle operation, |
| * const void* srcData, size_t srcLen, |
| * void* destData, size_t *destLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = srcData |
| * out params[2].memref = destData |
| */ |
| #define TA_CRYPT_CMD_AE_UPDATE 35 |
| |
| /* |
| * TEE_Result TEE_AEEncryptFinal(TEE_OperationHandle operation, |
| * const void* srcData, size_t srcLen, |
| * void* destData, size_t* destLen, |
| * void* tag, size_t* tagLen); |
| * in params[0].value[0].a = operation |
| * in params[1].memref = srcData |
| * out params[2].memref = destData |
| * out params[3].memref = tag |
| */ |
| #define TA_CRYPT_CMD_AE_ENCRYPT_FINAL 36 |
| |
| /* |
| * TEE_Result TEE_AEDecryptFinal(TEE_OperationHandle operation, |
| * const void* srcData, size_t srcLen, |
| * void* destData, size_t *destLen, |
| * const void* tag, size_t tagLen); |
| * in params[0].value.a = operation |
| * in params[1].memref = srcData |
| * out params[2].memref = destData |
| * in params[3].memref = tag |
| */ |
| #define TA_CRYPT_CMD_AE_DECRYPT_FINAL 37 |
| |
| /* |
| * TEE_Result TEE_GetObjectBufferAttribute(TEE_ObjectHandle object, |
| * uint32_t attributeID, void* buffer, size_t* size); |
| * in params[0].value.a = object |
| * in params[0].value.b = attributeID |
| * out params[1].memrefs = buffer |
| */ |
| #define TA_CRYPT_CMD_GET_OBJECT_BUFFER_ATTRIBUTE 38 |
| |
| /* |
| * TEE_Result TEE_GetObjectValueAttribute(TEE_ObjectHandle object, |
| * uint32_t attributeID, void* buffer, size_t* size); |
| * in params[0].value.a = object |
| * in params[0].value.b = attributeID |
| * out params[1].value.a = value a |
| * out params[1].value.b = value b |
| */ |
| #define TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE 39 |
| |
| /* To set or get a global value */ |
| #define TA_CRYPT_CMD_SETGLOBAL 40 |
| #define TA_CRYPT_CMD_GETGLOBAL 41 |
| |
| /* If mbedtls is compiled with MBEDTLS_SELF_TEST, run the self tests */ |
| #define TA_CRYPT_CMD_MBEDTLS_SELF_TESTS 42 |
| |
| /* |
| * in params[0].memref = cert-chain |
| * in params[1].memref = trust-anchor-cert |
| */ |
| #define TA_CRYPT_CMD_MBEDTLS_CHECK_CERT 43 |
| |
| /* |
| * in params[0].memref = Certificate request in PKCS#10 format |
| * out params[1].memref = Signed certificate in X.509 format |
| * out params[2].memref = Certificate chain |
| */ |
| #define TA_CRYPT_CMD_MBEDTLS_SIGN_CERT 44 |
| |
| /* |
| * system pTA is used for adding entropy to RNG pool */ |
| #define TA_CRYPT_CMD_SEED_RNG_POOL 45 |
| |
| /* |
| * Testing arithmetical interface. |
| * |
| * Coding of signed 32-bit values: |
| * a int32_t with its bit pattern stored in a 32-bit value |
| */ |
| |
| #define TA_CRYPT_ARITH_INVALID_HANDLE 0xffffffff |
| |
| /* |
| * in params[0].value.a: Number of bits |
| * out params[1].value.b: Handle to bignum variable |
| */ |
| #define TA_CRYPT_CMD_ARITH_NEW_VAR 46 |
| |
| /* |
| * in params[0].value.a: Number of bits |
| * in params[0].value.b: Handle to bignum variable modulus |
| * out params[1].value.a: Handle to FMM context |
| */ |
| #define TA_CRYPT_CMD_ARITH_NEW_FMM_CTX 47 |
| |
| /* |
| * in params[0].value.a: Number of bits |
| * out params[1].value.a: Handle to FMM variable |
| */ |
| #define TA_CRYPT_CMD_ARITH_NEW_FMM_VAR 48 |
| |
| /* |
| * in params[0].value.a: Handle to bignum variable, FMM context, or |
| * FMM variable |
| */ |
| #define TA_CRYPT_CMD_ARITH_FREE_HANDLE 49 |
| |
| |
| /* |
| * in params[0].value.a: Handle to bignum variable |
| * in params[0].value.b: S32 representing the sign of the value |
| * in params[1].memref: octet string representing the value |
| */ |
| #define TA_CRYPT_CMD_ARITH_FROM_OCTET_STRING 50 |
| |
| /* |
| * in params[0].value.a: Handle to bignum variable |
| * in params[0].value.b: S32 representing the value |
| */ |
| #define TA_CRYPT_CMD_ARITH_FROM_S32 51 |
| |
| /* |
| * in params[0].value.a: Handle to bignum variable |
| * out params[1].value.a: S32 representing the sign of the value |
| * out params[2].memref: octet string representing the value |
| */ |
| #define TA_CRYPT_CMD_ARITH_GET_VALUE 52 |
| |
| /* |
| * in params[0].value.a: Handle to bignum variable |
| * out params[1].value.a: S32 the value |
| */ |
| #define TA_CRYPT_CMD_ARITH_GET_VALUE_S32 53 |
| |
| /* |
| * in params[0].value.a: Handle to bignum variable |
| * in params[0].value.b: Bit number |
| * out params[1].value.a: Bit value |
| */ |
| #define TA_CRYPT_CMD_ARITH_GET_BIT 54 |
| |
| /* |
| * in params[0].value.a: Handle to bignum variable |
| * out params[1].value.a: Bit count |
| */ |
| #define TA_CRYPT_CMD_ARITH_GET_BIT_COUNT 55 |
| |
| /* |
| * in params[0].value.a: handle op |
| * in params[0].value.b: number of bits |
| * in params[1].value.a: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_SHIFT_RIGHT 56 |
| |
| /* |
| * in params[0].value.a: handle op1 |
| * in params[0].value.b: handle op2 |
| * out params[1].value.a: result |
| */ |
| #define TA_CRYPT_CMD_ARITH_CMP 57 |
| |
| /* |
| * in params[0].value.a: handle op |
| * in params[0].value.b: S32 shortVal |
| * out params[1].value.a: result |
| */ |
| #define TA_CRYPT_CMD_ARITH_CMP_S32 58 |
| |
| /* |
| * in params[0].value.a: handle a |
| * in params[0].value.b: handle b |
| * in params[1].value.a: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_ADD 59 |
| |
| /* |
| * in params[0].value.a: handle a |
| * in params[0].value.b: handle b |
| * in params[1].value.a: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_SUB 60 |
| |
| /* |
| * in params[0].value.a: handle a |
| * in params[0].value.b: handle b |
| * in params[1].value.a: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_MUL 61 |
| |
| /* |
| * in params[0].value.a: handle a |
| * in params[0].value.b: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_NEG 62 |
| |
| /* |
| * in params[0].value.a: handle a |
| * in params[0].value.b: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_SQR 63 |
| |
| /* |
| * in params[0].value.a: handle op1 |
| * in params[0].value.b: handle op2 |
| * in params[1].value.a: handle result Q |
| * in params[1].value.b: handle result R |
| */ |
| #define TA_CRYPT_CMD_ARITH_DIV 64 |
| |
| /* |
| * in params[0].value.a: handle op |
| * in params[0].value.b: handle n |
| * in params[1].value.a: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_MOD 65 |
| |
| /* |
| * in params[0].value.a: handle op1 |
| * in params[0].value.b: handle op2 |
| * in params[1].value.a: handle n |
| * in params[1].value.b: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_ADDMOD 66 |
| |
| /* |
| * in params[0].value.a: handle op1 |
| * in params[0].value.b: handle op2 |
| * in params[1].value.a: handle n |
| * in params[1].value.b: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_SUBMOD 67 |
| |
| /* |
| * in params[0].value.a: handle op1 |
| * in params[0].value.b: handle op2 |
| * in params[1].value.a: handle n |
| * in params[1].value.b: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_MULMOD 68 |
| |
| /* |
| * in params[0].value.a: handle op |
| * in params[0].value.b: handle n |
| * in params[1].value.a: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_SQRMOD 69 |
| |
| /* |
| * in params[0].value.a: handle op |
| * in params[0].value.b: handle n |
| * in params[1].value.a: handle result |
| */ |
| #define TA_CRYPT_CMD_ARITH_INVMOD 70 |
| |
| /* |
| * in params[0].value.a: handle op |
| * in params[0].value.b: handle n |
| * in params[1].value.a: bool result |
| */ |
| #define TA_CRYPT_CMD_ARITH_IS_RELATIVE_PRIME 71 |
| |
| /* |
| * in params[0].value.a: handle op1 |
| * in params[0].value.b: handle op2 |
| * in params[1].value.a: handle result u |
| * in params[1].value.b: handle result v |
| * in params[2].value.a: handle result gcd |
| */ |
| #define TA_CRYPT_CMD_ARITH_COMPUTE_EGCD 72 |
| |
| /* |
| * in params[0].value.a: handle op |
| * in params[0].value.b: confidence level |
| * out params[1].value.a: S32 result |
| */ |
| #define TA_CRYPT_CMD_ARITH_IS_PRIME 73 |
| |
| /* |
| * in params[0].value.a: handle src |
| * in params[0].value.b: handle n |
| * in params[1].value.a: handle FMM context |
| * in params[1].value.b: handle result FMM variable |
| */ |
| #define TA_CRYPT_CMD_ARITH_TO_FMM 74 |
| |
| /* |
| * in params[0].value.a: handle FMM src |
| * in params[0].value.b: handle bigint n |
| * in params[1].value.a: handle FMM context |
| * in params[1].value.b: handle result bigint |
| */ |
| #define TA_CRYPT_CMD_ARITH_FROM_FMM 75 |
| |
| /* |
| * in params[0].value.a: handle FMM op1 |
| * in params[0].value.b: handle FMM op2 |
| * in params[1].value.a: handle bigint n |
| * in params[1].value.b: handle FMM context |
| * in params[2].value.a: handle FMM result |
| */ |
| #define TA_CRYPT_CMD_ARITH_COMPUTE_FMM 76 |
| |
| /* |
| * system PTA is used for deriving device and TA unique keys. This function in |
| * the "crypt" TA is testing the key derivation. |
| */ |
| #define TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY 77 |
| |
| /* |
| * system PTA is used for deriving device and TA unique keys. This function in |
| * the "crypt" TA is testing the key derivation. This function tries to derive |
| * keys by using shared memory buffers (something that shall fail). |
| * |
| * in params[0].memref.buffer Buffer for extra data |
| * in params[0].memref.size Size of extra data |
| * out params[1].memref.buffer Buffer for the derived key |
| * out params[1].memref.size Size of the derived key |
| */ |
| #define TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM 78 |
| |
| /* |
| * in params[0].value.a: algorithm |
| * in params[0].value.b: element |
| * out params[1].value.a: TEE_IsAlgorithmSupported() return status |
| */ |
| #define TA_CRYPT_CMD_IS_ALGO_SUPPORTED 79 |
| #endif /*TA_CRYPT_H */ |