TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 0953bf0abb08fb98d24b7966001171a707fbb9b9 / . / host / xtest / regression_4000.c
blob: 205a226bcec76546e177132e4c0132f6b42ce9ef [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, STMicroelectronics International N.V.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14#include <stdio.h>
15#include <string.h>
16#include <inttypes.h>
17#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]18#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]19
20#include "xtest_test.h"
21#include "xtest_helpers.h"
22
23#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]24#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]25#include <ta_crypt.h>
26#include <utee_defines.h>
27#include <util.h>
28
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]29#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]30#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31
32#include <assert.h>
33
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]34static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
35 TEE_OperationHandle oph)
36{
37 TEEC_Result res;
38 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
39 uint32_t ret_orig;
40
41 assert((uintptr_t)oph <= UINT32_MAX);
42 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
43 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
44 TEEC_NONE);
45 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
46 &ret_orig);
47 if (res != TEEC_SUCCESS) {
48 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
49 ret_orig);
50 }
51 return res;
52}
53
54static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
55 TEEC_Session *s,
56 TEE_OperationHandle dst_oph,
57 TEE_OperationHandle src_oph)
58{
59 TEEC_Result res;
60 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
61 uint32_t ret_orig;
62
63 assert((uintptr_t)dst_oph <= UINT32_MAX);
64 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
65
66 assert((uintptr_t)src_oph <= UINT32_MAX);
67 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
68 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
69 TEEC_NONE);
70
71 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
72 &ret_orig);
73
74 if (res != TEEC_SUCCESS) {
75 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
76 ret_orig);
77 }
78 return res;
79}
80
81static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
82 TEE_OperationHandle oph,
83 const void *chunk,
84 size_t chunk_size)
85{
86 TEEC_Result res;
87 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
88 uint32_t ret_orig;
89
90 assert((uintptr_t)oph <= UINT32_MAX);
91 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
92 op.params[1].tmpref.buffer = (void *)chunk;
93 op.params[1].tmpref.size = chunk_size;
94
95 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
96 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
97 TEEC_NONE);
98
99 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
100
101 if (res != TEEC_SUCCESS) {
102 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
103 ret_orig);
104 }
105
106 return res;
107}
108
109static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
110 TEE_OperationHandle oph,
111 const void *chunk,
112 size_t chunk_len, void *hash,
113 size_t *hash_len)
114{
115 TEEC_Result res;
116 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
117 uint32_t ret_orig;
118
119 assert((uintptr_t)oph <= UINT32_MAX);
120 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
121
122 op.params[1].tmpref.buffer = (void *)chunk;
123 op.params[1].tmpref.size = chunk_len;
124
125 op.params[2].tmpref.buffer = (void *)hash;
126 op.params[2].tmpref.size = *hash_len;
127
128 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
129 TEEC_MEMREF_TEMP_INPUT,
130 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
131
132 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
133 &ret_orig);
134
135 if (res != TEEC_SUCCESS) {
136 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
137 ret_orig);
138 }
139
140 if (res == TEEC_SUCCESS)
141 *hash_len = op.params[2].tmpref.size;
142
143 return res;
144}
145
146static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
147 TEEC_Session *s,
148 TEE_OperationHandle oph,
149 TEE_ObjectHandle key1,
150 TEE_ObjectHandle key2)
151{
152 TEEC_Result res;
153 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
154 uint32_t ret_orig;
155
156 assert((uintptr_t)oph <= UINT32_MAX);
157 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
158
159 assert((uintptr_t)key1 <= UINT32_MAX);
160 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
161
162 assert((uintptr_t)key2 <= UINT32_MAX);
163 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
164 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
165 TEEC_NONE, TEEC_NONE);
166
167 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
168 &ret_orig);
169
170 if (res != TEEC_SUCCESS) {
171 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
172 ret_orig);
173 }
174
175 return res;
176}
177
178static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
179 TEE_OperationHandle oph,
180 const void *iv, size_t iv_len)
181{
182 TEEC_Result res;
183 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
184 uint32_t ret_orig;
185
186 assert((uintptr_t)oph <= UINT32_MAX);
187 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
188
189 if (iv != NULL) {
190 op.params[1].tmpref.buffer = (void *)iv;
191 op.params[1].tmpref.size = iv_len;
192 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
193 TEEC_MEMREF_TEMP_INPUT,
194 TEEC_NONE, TEEC_NONE);
195 } else {
196 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
197 TEEC_NONE, TEEC_NONE);
198 }
199
200 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
201
202 if (res != TEEC_SUCCESS) {
203 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
204 ret_orig);
205 }
206
207 return res;
208}
209
210static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
211 TEE_OperationHandle oph,
212 const void *chunk, size_t chunk_size)
213{
214 TEEC_Result res;
215 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
216 uint32_t ret_orig;
217
218 assert((uintptr_t)oph <= UINT32_MAX);
219 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
220
221 op.params[1].tmpref.buffer = (void *)chunk;
222 op.params[1].tmpref.size = chunk_size;
223
224 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
225 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
226 TEEC_NONE);
227
228 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
229
230 if (res != TEEC_SUCCESS) {
231 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
232 ret_orig);
233 }
234
235 return res;
236}
237
238static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
239 TEEC_Session *s,
240 TEE_OperationHandle oph,
241 const void *chunk,
242 size_t chunk_len,
243 void *hash,
244 size_t *hash_len)
245{
246 TEEC_Result res;
247 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
248 uint32_t ret_orig;
249
250 assert((uintptr_t)oph <= UINT32_MAX);
251 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
252
253 op.params[1].tmpref.buffer = (void *)chunk;
254 op.params[1].tmpref.size = chunk_len;
255
256 op.params[2].tmpref.buffer = (void *)hash;
257 op.params[2].tmpref.size = *hash_len;
258
259 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
260 TEEC_MEMREF_TEMP_INPUT,
261 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
262
263 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
264 &ret_orig);
265
266 if (res != TEEC_SUCCESS) {
267 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
268 ret_orig);
269 }
270
271 if (res == TEEC_SUCCESS)
272 *hash_len = op.params[2].tmpref.size;
273
274 return res;
275}
276
277static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
278 TEE_OperationHandle oph,
279 const void *iv, size_t iv_len)
280{
281 TEEC_Result res;
282 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
283 uint32_t ret_orig;
284
285 assert((uintptr_t)oph <= UINT32_MAX);
286 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
287
288 if (iv != NULL) {
289 op.params[1].tmpref.buffer = (void *)iv;
290 op.params[1].tmpref.size = iv_len;
291
292 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
293 TEEC_MEMREF_TEMP_INPUT,
294 TEEC_NONE, TEEC_NONE);
295 } else {
296 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
297 TEEC_NONE, TEEC_NONE);
298 }
299
300 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
301
302 if (res != TEEC_SUCCESS) {
303 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
304 ret_orig);
305 }
306
307 return res;
308}
309
310static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
311 TEE_OperationHandle oph,
312 const void *src, size_t src_len,
313 void *dst, size_t *dst_len)
314{
315 TEEC_Result res;
316 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
317 uint32_t ret_orig;
318
319 assert((uintptr_t)oph <= UINT32_MAX);
320 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
321
322 op.params[1].tmpref.buffer = (void *)src;
323 op.params[1].tmpref.size = src_len;
324
325 op.params[2].tmpref.buffer = dst;
326 op.params[2].tmpref.size = *dst_len;
327
328 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
329 TEEC_MEMREF_TEMP_INPUT,
330 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
331
332 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
333
334 if (res != TEEC_SUCCESS) {
335 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
336 ret_orig);
337 }
338
339 if (res == TEEC_SUCCESS)
340 *dst_len = op.params[2].tmpref.size;
341
342 return res;
343}
344
345static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
346 TEEC_Session *s,
347 TEE_OperationHandle oph,
348 const void *src,
349 size_t src_len,
350 void *dst,
351 size_t *dst_len)
352{
353 TEEC_Result res;
354 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
355 uint32_t ret_orig;
356
357 assert((uintptr_t)oph <= UINT32_MAX);
358 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
359
360 op.params[1].tmpref.buffer = (void *)src;
361 op.params[1].tmpref.size = src_len;
362
363 op.params[2].tmpref.buffer = (void *)dst;
364 op.params[2].tmpref.size = *dst_len;
365
366 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
367 TEEC_MEMREF_TEMP_INPUT,
368 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
369
370 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
371 &ret_orig);
372
373 if (res != TEEC_SUCCESS) {
374 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
375 ret_orig);
376 }
377
378 if (res == TEEC_SUCCESS)
379 *dst_len = op.params[2].tmpref.size;
380
381 return res;
382}
383
384static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
385 TEEC_Session *s,
386 void *buf,
387 size_t blen)
388{
389 TEEC_Result res;
390 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
391 uint32_t ret_orig;
392
393 op.params[0].tmpref.buffer = buf;
394 op.params[0].tmpref.size = blen;
395
396 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
397 TEEC_NONE, TEEC_NONE);
398
399 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENEREATE, &op,
400 &ret_orig);
401
402 if (res != TEEC_SUCCESS) {
403 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
404 ret_orig);
405 }
406
407 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
408 op.params[0].tmpref.size);
409 return res;
410}
411
412static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
413 TEE_OperationHandle oph,
414 const void *nonce, size_t nonce_len,
415 size_t tag_len, size_t aad_len,
416 size_t payload_len)
417{
418 TEEC_Result res;
419 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
420 uint32_t ret_orig;
421
422 assert((uintptr_t)oph <= UINT32_MAX);
423 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
424 op.params[0].value.b = tag_len;
425
426 op.params[1].tmpref.buffer = (void *)nonce;
427 op.params[1].tmpref.size = nonce_len;
428
429 op.params[2].value.a = aad_len;
430 op.params[2].value.b = payload_len;
431
432 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
433 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]434 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]435
436 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
437
438 if (res != TEEC_SUCCESS) {
439 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
440 ret_orig);
441 }
442 return res;
443}
444
445static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
446 TEE_OperationHandle oph,
447 const void *aad, size_t aad_len)
448{
449 TEEC_Result res;
450 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
451 uint32_t ret_orig;
452
453 assert((uintptr_t)oph <= UINT32_MAX);
454 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
455
456 op.params[1].tmpref.buffer = (void *)aad;
457 op.params[1].tmpref.size = aad_len;
458
459 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
460 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
461 TEEC_NONE);
462
463 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
464
465 if (res != TEEC_SUCCESS) {
466 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
467 ret_orig);
468 }
469
470 return res;
471}
472
473static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
474 TEEC_Session *s,
475 TEE_OperationHandle oph,
476 const void *src,
477 size_t src_len,
478 void *dst,
479 size_t *dst_len)
480{
481 TEEC_Result res;
482 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
483 uint32_t ret_orig;
484
485 assert((uintptr_t)oph <= UINT32_MAX);
486 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
487
488 op.params[1].tmpref.buffer = (void *)src;
489 op.params[1].tmpref.size = src_len;
490
491 op.params[2].tmpref.buffer = (void *)dst;
492 op.params[2].tmpref.size = *dst_len;
493
494 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
495 TEEC_MEMREF_TEMP_INPUT,
496 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
497
498 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
499
500 if (res != TEEC_SUCCESS) {
501 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
502 ret_orig);
503 }
504
505 if (res == TEEC_SUCCESS)
506 *dst_len = op.params[2].tmpref.size;
507
508 return res;
509}
510
511static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
512 TEEC_Session *s,
513 TEE_OperationHandle oph,
514 const void *src,
515 size_t src_len, void *dst,
516 size_t *dst_len, void *tag,
517 size_t *tag_len)
518{
519 TEEC_Result res;
520 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
521 uint32_t ret_orig;
522
523 assert((uintptr_t)oph <= UINT32_MAX);
524 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
525
526 op.params[1].tmpref.buffer = (void *)src;
527 op.params[1].tmpref.size = src_len;
528
529 op.params[2].tmpref.buffer = (void *)dst;
530 op.params[2].tmpref.size = *dst_len;
531
532 op.params[3].tmpref.buffer = (void *)tag;
533 op.params[3].tmpref.size = *tag_len;
534
535 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
536 TEEC_MEMREF_TEMP_INPUT,
537 TEEC_MEMREF_TEMP_OUTPUT,
538 TEEC_MEMREF_TEMP_OUTPUT);
539
540 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
541 &ret_orig);
542
543 if (res != TEEC_SUCCESS) {
544 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
545 ret_orig);
546 }
547
548 if (res == TEEC_SUCCESS) {
549 *dst_len = op.params[2].tmpref.size;
550 *tag_len = op.params[3].tmpref.size;
551 }
552
553 return res;
554}
555
556static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
557 TEEC_Session *s,
558 TEE_OperationHandle oph,
559 const void *src, size_t src_len,
560 void *dst, size_t *dst_len,
561 const void *tag, size_t tag_len)
562{
563 TEEC_Result res;
564 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
565 uint32_t ret_orig;
566
567 assert((uintptr_t)oph <= UINT32_MAX);
568 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
569
570 op.params[1].tmpref.buffer = (void *)src;
571 op.params[1].tmpref.size = src_len;
572
573 op.params[2].tmpref.buffer = dst;
574 op.params[2].tmpref.size = *dst_len;
575
576 op.params[3].tmpref.buffer = (void *)tag;
577 op.params[3].tmpref.size = tag_len;
578
579 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
580 TEEC_MEMREF_TEMP_INPUT,
581 TEEC_MEMREF_TEMP_OUTPUT,
582 TEEC_MEMREF_TEMP_INPUT);
583
584 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
585 &ret_orig);
586
587 if (res != TEEC_SUCCESS) {
588 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
589 ret_orig);
590 }
591
592 if (res == TEEC_SUCCESS)
593 *dst_len = op.params[2].tmpref.size;
594
595 return res;
596}
597
598static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
599 TEEC_Session *s,
600 TEE_OperationHandle oph,
601 uint32_t cmd,
602 const TEE_Attribute *params,
603 uint32_t paramCount,
604 const void *src,
605 size_t src_len,
606 void *dst,
607 size_t *dst_len)
608{
609 TEEC_Result res;
610 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
611 uint32_t ret_orig;
612 uint8_t *buf;
613 size_t blen;
614
615 res = pack_attrs(params, paramCount, &buf, &blen);
616 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
617 return res;
618
619 assert((uintptr_t)oph <= UINT32_MAX);
620 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
621
622 op.params[1].tmpref.buffer = buf;
623 op.params[1].tmpref.size = blen;
624
625 op.params[2].tmpref.buffer = (void *)src;
626 op.params[2].tmpref.size = src_len;
627
628 op.params[3].tmpref.buffer = dst;
629 op.params[3].tmpref.size = *dst_len;
630
631 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
632 TEEC_MEMREF_TEMP_INPUT,
633 TEEC_MEMREF_TEMP_INPUT,
634 TEEC_MEMREF_TEMP_OUTPUT);
635
636 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
637
638 if (res != TEEC_SUCCESS) {
639 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
640 ret_orig);
641 }
642
643 if (res == TEEC_SUCCESS)
644 *dst_len = op.params[3].tmpref.size;
645
646 free(buf);
647 return res;
648}
649
650static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
651 TEEC_Session *s,
652 TEE_OperationHandle oph,
653 const TEE_Attribute *params,
654 uint32_t paramCount,
655 const void *src,
656 size_t src_len,
657 void *dst,
658 size_t *dst_len)
659{
660 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
661 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
662 params, paramCount,
663 src, src_len, dst, dst_len);
664}
665
666static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
667 TEEC_Session *s,
668 TEE_OperationHandle oph,
669 const TEE_Attribute *params,
670 uint32_t paramCount,
671 const void *src,
672 size_t src_len,
673 void *dst,
674 size_t *dst_len)
675{
676 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
677 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
678 params, paramCount,
679 src, src_len, dst, dst_len);
680}
681
682static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
683 TEEC_Session *s,
684 TEE_OperationHandle oph,
685 const TEE_Attribute *params,
686 uint32_t paramCount,
687 const void *digest,
688 size_t digest_len,
689 void *signature,
690 size_t *signature_len)
691{
692 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
693 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
694 digest, digest_len, signature, signature_len);
695}
696
697static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
698 TEEC_Session *s,
699 TEE_OperationHandle oph,
700 const TEE_Attribute *params,
701 uint32_t paramCount,
702 const void *digest,
703 size_t digest_len,
704 const void *signature,
705 size_t signature_len)
706{
707 TEEC_Result res;
708 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
709 uint32_t ret_orig;
710 uint8_t *buf;
711 size_t blen;
712
713 res = pack_attrs(params, paramCount, &buf, &blen);
714 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
715 return res;
716
717 assert((uintptr_t)oph <= UINT32_MAX);
718 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
719
720 op.params[1].tmpref.buffer = buf;
721 op.params[1].tmpref.size = blen;
722
723 op.params[2].tmpref.buffer = (void *)digest;
724 op.params[2].tmpref.size = digest_len;
725
726 op.params[3].tmpref.buffer = (void *)signature;
727 op.params[3].tmpref.size = signature_len;
728
729 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
730 TEEC_MEMREF_TEMP_INPUT,
731 TEEC_MEMREF_TEMP_INPUT,
732 TEEC_MEMREF_TEMP_INPUT);
733
734 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
735 &op, &ret_orig);
736
737 if (res != TEEC_SUCCESS) {
738 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
739 ret_orig);
740 }
741
742 free(buf);
743 return res;
744}
745
746static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
747 TEEC_Session *s,
748 TEE_ObjectHandle o,
749 uint32_t attr_id,
750 uint32_t *valuea,
751 uint32_t *valueb)
752{
753 TEEC_Result res;
754 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
755 uint32_t ret_orig;
756
757 assert((uintptr_t)o <= UINT32_MAX);
758 op.params[0].value.a = (uint32_t)(uintptr_t)o;
759 op.params[0].value.b = attr_id;
760 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
761 TEEC_NONE, TEEC_NONE);
762
763 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
764 &op, &ret_orig);
765
766 if (res != TEEC_SUCCESS) {
767 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
768 ret_orig);
769 }
770
771 if (res == TEEC_SUCCESS) {
772 *valuea = op.params[1].value.a;
773 *valueb = op.params[1].value.b;
774 }
775
776 return res;
777}
778
779static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
780 TEEC_Session *s,
781 TEE_ObjectHandle o,
782 uint32_t key_size,
783 const TEE_Attribute *params,
784 uint32_t paramCount)
785{
786 TEEC_Result res;
787 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
788 uint32_t ret_orig;
789 uint8_t *buf;
790 size_t blen;
791
792 res = pack_attrs(params, paramCount, &buf, &blen);
793 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
794 return res;
795
796 assert((uintptr_t)o <= UINT32_MAX);
797 op.params[0].value.a = (uint32_t)(uintptr_t)o;
798 op.params[0].value.b = key_size;
799
800 op.params[1].tmpref.buffer = buf;
801 op.params[1].tmpref.size = blen;
802
803 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
804 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
805 TEEC_NONE);
806
807 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
808
809 if (res != TEEC_SUCCESS) {
810 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
811 ret_orig);
812 }
813
814 free(buf);
815 return res;
816}
817
818static const uint8_t hash_data_md5_in1[] = {
819 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
820};
821
822static const uint8_t hash_data_md5_out1[] = {
823 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
824 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
825};
826
827static const uint8_t hash_data_sha1_in1[] = {
828 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
829};
830
831static const uint8_t hash_data_sha1_out1[] = {
832 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
833 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
834 0xc1, 0x5e, 0x7c, 0x9c
835};
836
837static const uint8_t hash_data_sha224_in1[] = {
838 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
839};
840
841static const uint8_t hash_data_sha224_out1[] = {
842 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
843 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
844 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
845 0x92, 0x49, 0xd8, 0x44
846};
847
848static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
849
850static const uint8_t hash_data_sha256_out1[] = {
851 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
852 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
853 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
854 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
855};
856
857static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
858
859static const uint8_t hash_data_sha256_out2[] = {
860 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
861 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
862 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
863 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
864};
865
866
867static const uint8_t hash_data_sha384_in1[] = {
868 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
869};
870
871static const uint8_t hash_data_sha384_out1[] = {
872 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
873 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
874 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
875 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
876 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
877 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
878};
879
880static const uint8_t hash_data_sha512_in1[] = {
881 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
882};
883
884static const uint8_t hash_data_sha512_out1[] = {
885 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
886 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
887 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
888 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
889 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
890 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
891 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
892 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
893};
894
895struct xtest_hash_case {
896 uint32_t algo;
897 size_t in_incr;
898 const uint8_t *in;
899 size_t in_len;
900 const uint8_t *out;
901 size_t out_len;
902};
903
904#define XTEST_HASH_CASE(algo, in_incr, in, out) \
905 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
906
907static const struct xtest_hash_case hash_cases[] = {
908 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
909 hash_data_md5_out1),
910 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
911 hash_data_sha1_out1),
912 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
913 hash_data_sha224_out1),
914 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
915 hash_data_sha256_out1),
916 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
917 hash_data_sha256_out2),
918 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
919 hash_data_sha384_out1),
920 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
921 hash_data_sha512_out1),
922};
923
924static void xtest_tee_test_4001(ADBG_Case_t *c)
925{
926 TEEC_Session session = { 0 };
927 uint32_t ret_orig;
928 size_t n;
929
930 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
931 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
932 &ret_orig)))
933 return;
934
935
936 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
937 TEE_OperationHandle op1;
938 TEE_OperationHandle op2;
939 uint8_t out[64];
940 size_t out_size;
941
942 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
943 (int)n, (unsigned int)hash_cases[n].algo);
944
945 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
946 ta_crypt_cmd_allocate_operation(c, &session, &op1,
947 hash_cases[n].algo,
948 TEE_MODE_DIGEST, 0)))
949 goto out;
950
951 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
952 ta_crypt_cmd_allocate_operation(c, &session, &op2,
953 hash_cases[n].algo,
954 TEE_MODE_DIGEST, 0)))
955 goto out;
956
957 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
958 ta_crypt_cmd_digest_update(c, &session, op1,
959 hash_cases[n].in,
960 hash_cases[n].in_incr)))
961 goto out;
962
963 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
964 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
965 goto out;
966
967 out_size = sizeof(out);
968 memset(out, 0, sizeof(out));
969 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
970 ta_crypt_cmd_digest_do_final(c, &session, op2,
971 hash_cases[n].in + hash_cases[n].in_incr,
972 hash_cases[n].in_len - hash_cases[n].in_incr,
973 out, &out_size)))
974 goto out;
975
976 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
977 hash_cases[n].out_len, out, out_size);
978
979 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
980 ta_crypt_cmd_reset_operation(c, &session, op1)))
981 goto out;
982
983 out_size = sizeof(out);
984 memset(out, 0, sizeof(out));
985 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
986 ta_crypt_cmd_digest_do_final(c, &session, op1,
987 hash_cases[n].in,
988 hash_cases[n].in_len, out,
989 &out_size)))
990 goto out;
991
992 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
993 hash_cases[n].out_len, out, out_size);
994
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]995 /*
996 * Invoke TEE_DigestDoFinal() a second time to check that state
997 * was properly reset
998 */
999 out_size = sizeof(out);
1000 memset(out, 0, sizeof(out));
1001 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1002 ta_crypt_cmd_digest_do_final(c, &session, op1,
1003 hash_cases[n].in,
1004 hash_cases[n].in_len, out,
1005 &out_size)))
1006 goto out;
1007
1008 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1009 hash_cases[n].out_len, out, out_size);
1010
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1011 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1012 ta_crypt_cmd_free_operation(c, &session, op1)))
1013 goto out;
1014
1015 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1016 ta_crypt_cmd_free_operation(c, &session, op2)))
1017 goto out;
1018
1019 Do_ADBG_EndSubCase(c, NULL);
1020 }
1021
1022out:
1023 TEEC_CloseSession(&session);
1024}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1025ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1026 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1027
1028static const uint8_t mac_data_md5_key1[10] = {
1029 0x6B, 0x65, 0x79, /* key */
1030};
1031
1032static const uint8_t mac_data_md5_in1[] = {
1033 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1034 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1035 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1036 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1037 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1038 0x64, 0x6F, 0x67, /* dog */
1039};
1040
1041static const uint8_t mac_data_md5_out1[] = {
1042 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1043 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1044};
1045
1046
1047/* generated with scripts/digest_hmac.pl */
1048static const uint8_t mac_data_sha1_key1[10] = {
1049 0x6B, 0x65, 0x79, /* key */
1050};
1051
1052static const uint8_t mac_data_sha1_in1[] = {
1053 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1054 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1055 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1056 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1057 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1058 0x64, 0x6F, 0x67, /* dog */
1059};
1060
1061static const uint8_t mac_data_sha1_out1[] = {
1062 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1063 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1064 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1065};
1066
1067static const uint8_t mac_data_sha224_key1[24] = {
1068 0x6B, 0x65, 0x79, /* key */
1069};
1070
1071static const uint8_t mac_data_sha224_in1[] = {
1072 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1073 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1074 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1075 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1076 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1077 0x64, 0x6F, 0x67, /* dog */
1078};
1079
1080static const uint8_t mac_data_sha224_out1[] = {
1081 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1082 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1083 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1084 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1085};
1086
1087
1088static const uint8_t mac_data_sha256_key1[24] = {
1089 'Q', 'W', 'E', 'R', 'T', 'Y'
1090};
1091
1092static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1093
1094static const uint8_t mac_data_sha256_out1[] = {
1095 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1096 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1097 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1098 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1099};
1100
1101/* generated with scripts/digest_hmac.pl */
1102static const uint8_t mac_data_sha256_key2[24] = {
1103 0x6B, 0x65, 0x79, /* key */
1104};
1105
1106static const uint8_t mac_data_sha256_in2[] = {
1107 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1108 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1109 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1110 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1111 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1112 0x64, 0x6F, 0x67, /* dog */
1113};
1114
1115static const uint8_t mac_data_sha256_out2[] = {
1116 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1117 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1118 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1119 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1120};
1121
1122static const uint8_t mac_data_sha384_key1[32] = {
1123 0x6B, 0x65, 0x79, /* key */
1124};
1125
1126static const uint8_t mac_data_sha384_in1[] = {
1127 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1128 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1129 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1130 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1131 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1132 0x64, 0x6F, 0x67, /* dog */
1133};
1134
1135static const uint8_t mac_data_sha384_out1[] = {
1136 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1137 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1138 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1139 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1140 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1141 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1142};
1143
1144static const uint8_t mac_data_sha512_key1[32] = {
1145 0x6B, 0x65, 0x79, /* key */
1146};
1147
1148static const uint8_t mac_data_sha512_in1[] = {
1149 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1150 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1151 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1152 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1153 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1154 0x64, 0x6F, 0x67, /* dog */
1155};
1156
1157static const uint8_t mac_data_sha512_out1[] = {
1158 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1159 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1160 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1161 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1162 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1163 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1164 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1165 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1166};
1167
1168
1169/* AES-CBC-MAC */
1170static const uint8_t mac_cbc_vect1_key[] = {
1171 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1172 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1173};
1174
1175static const uint8_t mac_cbc_vect1_data[] = {
1176 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1177 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1178 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1179 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1180 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1181 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1182 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1183 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1184 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1185 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1186 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1187 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1188 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1189 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1190 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1191 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1192 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1193 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1194 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1195 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1196};
1197
1198static const uint8_t mac_cbc_vect1_out[] = {
1199 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1200 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1201};
1202
1203/* DES-CBC-MAC */
1204static const uint8_t mac_cbc_vect2_key[] = {
1205 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1206};
1207
1208#define mac_cbc_vect2_data mac_cbc_vect1_data
1209static const uint8_t mac_cbc_vect2_out[] = {
1210 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1211};
1212
1213/* DES3-CBC-MAC */
1214static const uint8_t mac_cbc_vect3_key[] = {
1215 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1216 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1217 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1218};
1219
1220#define mac_cbc_vect3_data mac_cbc_vect2_data
1221static const uint8_t mac_cbc_vect3_out[] = {
1222 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1223};
1224
1225/* AES-CBC-MAC PKCS#5 pad*/
1226static const uint8_t mac_cbc_vect4_key[] = {
1227 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1228 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1229 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1230 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1231};
1232
1233#define mac_cbc_vect4_data mac_cbc_vect1_data
1234static const uint8_t mac_cbc_vect4_out[] = {
1235 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1236 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1237};
1238
1239/* DES-CBC-MAC PKCS#5 pad*/
1240static const uint8_t mac_cbc_vect5_key[] = {
1241 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1242};
1243
1244#define mac_cbc_vect5_data mac_cbc_vect1_data
1245static const uint8_t mac_cbc_vect5_out[] = {
1246 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1247};
1248
1249/* DES3-CBC-MAC PKCS#5 pad*/
1250static const uint8_t mac_cbc_vect6_key[] = {
1251 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1252 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1253 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1254};
1255
1256#define mac_cbc_vect6_data mac_cbc_vect1_data
1257static const uint8_t mac_cbc_vect6_out[] = {
1258 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1259};
1260
1261/* AES-CBC-MAC PKCS#5 pad*/
1262#define mac_cbc_vect7_key mac_cbc_vect4_key
1263static const uint8_t mac_cbc_vect7_data[] = {
1264 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1265 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1266 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1267 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1268 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1269 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1270 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1271 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1272 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1273 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1274 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1275 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1276 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1277 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1278 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1279 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1280 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1281 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1282 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1283 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1284};
1285
1286static const uint8_t mac_cbc_vect7_out[] = {
1287 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1288 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1289};
1290
1291/* DES-CBC-MAC PKCS#5 pad*/
1292#define mac_cbc_vect8_key mac_cbc_vect5_key
1293#define mac_cbc_vect8_data mac_cbc_vect7_data
1294static const uint8_t mac_cbc_vect8_out[] = {
1295 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1296};
1297
1298/* DES3-CBC-MAC PKCS#5 pad*/
1299#define mac_cbc_vect9_key mac_cbc_vect6_key
1300#define mac_cbc_vect9_data mac_cbc_vect7_data
1301static const uint8_t mac_cbc_vect9_out[] = {
1302 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1303};
1304
1305/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1306 * DES3-CBC-MAC, with key size of 112bit
1307 * out obtained with:
1308 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1309 */
1310/* DES3-CBC-MAC PKCS#5 pad*/
1311static const uint8_t mac_cbc_vect10_key[] = {
1312 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1313 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1314};
1315#define mac_cbc_vect10_data mac_cbc_vect1_data
1316static const uint8_t mac_cbc_vect10_out[] = {
1317 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1318};
1319
1320
1321/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1322 * AES-CMAC
1323 * Test vectors from
1324 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1325 */
1326
1327/* AES-128 */
1328static const uint8_t mac_cmac_vect1_key[] = {
1329 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1330 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1331};
1332
1333static const uint8_t mac_cmac_vect1_out[] = {
1334 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1335 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1336};
1337
1338#define mac_cmac_vect2_key mac_cmac_vect1_key
1339static const uint8_t mac_cmac_vect2_data[] = {
1340 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1341 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1342};
1343
1344static const uint8_t mac_cmac_vect2_out[] = {
1345 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1346 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1347};
1348
1349#define mac_cmac_vect3_key mac_cmac_vect1_key
1350static const uint8_t mac_cmac_vect3_data[] = {
1351 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1352 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1353 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1354 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1355 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1356};
1357
1358static const uint8_t mac_cmac_vect3_out[] = {
1359 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1360 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1361};
1362
1363#define mac_cmac_vect4_key mac_cmac_vect1_key
1364static const uint8_t mac_cmac_vect4_data[] = {
1365 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1366 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1367 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1368 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1369 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1370 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1371 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1372 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1373};
1374
1375static const uint8_t mac_cmac_vect4_out[] = {
1376 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1377 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1378};
1379
1380/* AES-192 */
1381static const uint8_t mac_cmac_vect5_key[] = {
1382 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1383 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1384 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1385};
1386
1387static const uint8_t mac_cmac_vect5_out[] = {
1388 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1389 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1390};
1391
1392
1393#define mac_cmac_vect6_key mac_cmac_vect5_key
1394static const uint8_t mac_cmac_vect6_data[] = {
1395 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1396 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1397};
1398
1399static const uint8_t mac_cmac_vect6_out[] = {
1400 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1401 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1402};
1403
1404#define mac_cmac_vect7_key mac_cmac_vect5_key
1405static const uint8_t mac_cmac_vect7_data[] = {
1406 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1407 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1408 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1409 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1410 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1411};
1412
1413static const uint8_t mac_cmac_vect7_out[] = {
1414 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1415 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1416};
1417
1418#define mac_cmac_vect8_key mac_cmac_vect5_key
1419static const uint8_t mac_cmac_vect8_data[] = {
1420 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1421 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1422 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1423 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1424 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1425 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1426 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1427 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1428};
1429
1430static const uint8_t mac_cmac_vect8_out[] = {
1431 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1432 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1433};
1434
1435/* AES-256 */
1436static const uint8_t mac_cmac_vect9_key[] = {
1437 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1438 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1439 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1440 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1441};
1442
1443static const uint8_t mac_cmac_vect9_out[] = {
1444 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1445 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1446};
1447
1448#define mac_cmac_vect10_key mac_cmac_vect9_key
1449static const uint8_t mac_cmac_vect10_data[] = {
1450 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1451 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1452};
1453
1454static const uint8_t mac_cmac_vect10_out[] = {
1455 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1456 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1457};
1458
1459#define mac_cmac_vect11_key mac_cmac_vect9_key
1460static const uint8_t mac_cmac_vect11_data[] = {
1461 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1462 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1463 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1464 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1465 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1466};
1467
1468static const uint8_t mac_cmac_vect11_out[] = {
1469 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1470 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1471};
1472
1473#define mac_cmac_vect12_key mac_cmac_vect9_key
1474static const uint8_t mac_cmac_vect12_data[] = {
1475 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1476 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1477 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1478 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1479 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1480 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1481 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1482 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1483};
1484
1485static const uint8_t mac_cmac_vect12_out[] = {
1486 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1487 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1488};
1489
1490struct xtest_mac_case {
1491 uint32_t algo;
1492 uint32_t key_type;
1493 const uint8_t *key;
1494 size_t key_len;
1495 size_t in_incr;
1496 const uint8_t *in;
1497 size_t in_len;
1498 const uint8_t *out;
1499 size_t out_len;
1500};
1501
1502#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1503 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1504 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
1505
1506#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1507 XTEST_MAC_CASE((algo), (key_type), \
1508 mac_cbc_ ## vect ## _key, (in_incr), \
1509 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1510
1511#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1512 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1513 mac_cmac_ ## vect ## _key, (in_incr), \
1514 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1515
1516static const struct xtest_mac_case mac_cases[] = {
1517 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1518 mac_data_md5_key1,
1519 4, mac_data_md5_in1, mac_data_md5_out1),
1520 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1521 mac_data_sha1_key1,
1522 5, mac_data_sha1_in1, mac_data_sha1_out1),
1523 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1524 mac_data_sha224_key1,
1525 8, mac_data_sha224_in1, mac_data_sha224_out1),
1526 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1527 mac_data_sha256_key1,
1528 1, mac_data_sha256_in1, mac_data_sha256_out1),
1529 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1530 mac_data_sha256_key2,
1531 7, mac_data_sha256_in2, mac_data_sha256_out2),
1532 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1533 mac_data_sha384_key1,
1534 11, mac_data_sha384_in1, mac_data_sha384_out1),
1535 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1536 mac_data_sha512_key1,
1537 13, mac_data_sha512_in1, mac_data_sha512_out1),
1538
1539 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1540 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1541 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1542 17),
1543 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1544 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1545 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1546 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1547 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1548 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1549 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1550 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1551
1552 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1553 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1554 ARRAY_SIZE(mac_cmac_vect1_out) },
1555 XTEST_MAC_CMAC_CASE(vect2, 9),
1556 XTEST_MAC_CMAC_CASE(vect3, 9),
1557 XTEST_MAC_CMAC_CASE(vect4, 9),
1558 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1559 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1560 ARRAY_SIZE(mac_cmac_vect5_out) },
1561 XTEST_MAC_CMAC_CASE(vect6, 9),
1562 XTEST_MAC_CMAC_CASE(vect7, 9),
1563 XTEST_MAC_CMAC_CASE(vect8, 9),
1564 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1565 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1566 ARRAY_SIZE(mac_cmac_vect9_out) },
1567 XTEST_MAC_CMAC_CASE(vect10, 9),
1568 XTEST_MAC_CMAC_CASE(vect11, 9),
1569 XTEST_MAC_CMAC_CASE(vect12, 9),
1570};
1571
1572static void xtest_tee_test_4002(ADBG_Case_t *c)
1573{
1574 TEEC_Session session = { 0 };
1575 TEE_OperationHandle op1;
1576 TEE_OperationHandle op2;
1577 TEE_ObjectHandle key_handle;
1578 uint8_t out[64];
1579 size_t out_size;
1580 uint32_t ret_orig;
1581 size_t n;
1582
1583 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1584 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1585 &ret_orig)))
1586 return;
1587
1588 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
1589 TEE_Attribute key_attr;
1590 size_t key_size;
1591
1592 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1593 (int)n, (unsigned int)mac_cases[n].algo);
1594
1595 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1596 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1597 key_attr.content.ref.length = mac_cases[n].key_len;
1598
1599 key_size = key_attr.content.ref.length * 8;
1600 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1601 mac_cases[n].key_type == TEE_TYPE_DES3)
1602 /* Exclude parity in bit size of key */
1603 key_size -= key_size / 8;
1604
1605 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1606 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1607 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1608 goto out;
1609
1610 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1611 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1612 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1613 goto out;
1614
1615 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1616 ta_crypt_cmd_allocate_transient_object(c, &session,
1617 mac_cases[n].key_type, key_size, &key_handle)))
1618 goto out;
1619
1620 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1621 ta_crypt_cmd_populate_transient_object(c, &session,
1622 key_handle, &key_attr, 1)))
1623 goto out;
1624
1625 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1626 ta_crypt_cmd_set_operation_key(c, &session, op1,
1627 key_handle)))
1628 goto out;
1629
1630 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1631 ta_crypt_cmd_free_transient_object(c, &session,
1632 key_handle)))
1633 goto out;
1634
1635 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1636 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1637 goto out;
1638
1639 if (mac_cases[n].in != NULL) {
1640 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1641 ta_crypt_cmd_mac_update(c, &session, op1,
1642 mac_cases[n].in, mac_cases[n].in_incr)))
1643 goto out;
1644 }
1645
1646 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1647 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1648 goto out;
1649
1650 out_size = sizeof(out);
1651 memset(out, 0, sizeof(out));
1652 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1653 ta_crypt_cmd_mac_final_compute(c, &session, op2,
1654 mac_cases[n].in + mac_cases[n].in_incr,
1655 mac_cases [n].in_len - mac_cases[n].in_incr,
1656 out, &out_size)))
1657 goto out;
1658
1659 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1660 mac_cases[n].out_len, out, out_size);
1661
1662 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1663 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1664 goto out;
1665
1666 out_size = sizeof(out);
1667 memset(out, 0, sizeof(out));
1668 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1669 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1670 mac_cases[n].in, mac_cases[n].in_len, out,
1671 &out_size)))
1672 goto out;
1673
1674 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1675 mac_cases[n].out_len, out, out_size);
1676
1677 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1678 ta_crypt_cmd_free_operation(c, &session, op1)))
1679 goto out;
1680
1681 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1682 ta_crypt_cmd_free_operation(c, &session, op2)))
1683 goto out;
1684
1685 Do_ADBG_EndSubCase(c, NULL);
1686 }
1687out:
1688 TEEC_CloseSession(&session);
1689}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1690ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1691 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1692
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1693static const uint8_t ciph_data_aes_key1[] = {
1694 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1695 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1696};
1697
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1698static const uint8_t ciph_data_aes_key2[] = {
1699 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1700 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1701};
1702
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1703static const uint8_t ciph_data_des_key1[] = {
1704 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1705};
1706
1707static const uint8_t ciph_data_des_key2[] = {
1708 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1709};
1710
1711
1712static const uint8_t ciph_data_des3_key1[] = {
1713 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1714 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1715 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1716};
1717
1718static const uint8_t ciph_data_des3_key2[] = {
1719 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1720 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1721 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1722};
1723
1724static const uint8_t ciph_data_des2_key1[] = {
1725 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1726 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1727};
1728
1729static const uint8_t ciph_data_in1[] = {
1730 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1731 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1732 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1733 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1734 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1735 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1736};
1737
1738static const uint8_t ciph_data_in3[] = {
1739 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1740 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1741 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1742 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1743 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1744 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1745};
1746
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1747static const uint8_t ciph_data_in4[] = {
1748 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1749 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1750 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1751 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1752 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1753 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1754 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1755 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1756};
1757
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1758static const uint8_t ciph_data_in5[] = {
1759 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1760 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1761 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1762 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1763 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1764 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1765 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1766 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1767 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1768 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1769 0x01, 0x01, 0x01
1770};
1771
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1772static const uint8_t ciph_data_128_iv1[] = {
1773 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1774 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1775};
1776
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1777static const uint8_t ciph_data_128_iv2[] = {
1778 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1779 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1780};
1781
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1782static const uint8_t ciph_data_64_iv1[] = {
1783 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1784};
1785
1786static const uint8_t ciph_data_in2[] = {
1787 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1788};
1789
1790static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1791 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1792 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1793 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1794 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1795 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1796 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1797};
1798
1799static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1800 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1801 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1802 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1803 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1804 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1805 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1806};
1807
1808static const uint8_t ciph_data_aes_ctr_out1[] = {
1809 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1810 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1811 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1812 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1813 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1814 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1815};
1816
1817static const uint8_t ciph_data_aes_ctr_out2[] = {
1818 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1819 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1820 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1821 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1822 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1823 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1824};
1825
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1826static const uint8_t ciph_data_aes_ctr_out4[] = {
1827 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1828 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1829 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1830 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1831 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1832 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1833 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1834 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1835};
1836
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1837static const uint8_t ciph_data_aes_ctr_out5[] = {
1838 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1839 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1840 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1841 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1842 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1843 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1844 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1845 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1846 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1847 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1848 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1849};
1850
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1851static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1852 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1853 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1854};
1855
1856static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1857 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1858 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1859};
1860
1861static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1862 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1863 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1864 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1865 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1866 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1867 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1868 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1869 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1870 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1871 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1872 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1873 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1874 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1875 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1876 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1877 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1878 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1879 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1880 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1881 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1882};
1883
1884static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1885 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1886 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1887 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1888 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1889 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1890 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1891 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1892 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1893 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1894 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1895 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1896 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1897 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1898 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1899 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1900 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1901 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1902 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1903 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1904 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1905};
1906
1907/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1908 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1909static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1910 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1911 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1912};
1913
1914static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1915 0x00
1916};
1917
1918static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1919 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1920 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1921 0x20
1922};
1923
1924static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1925 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1926 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1927 0x97
1928};
1929
1930#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1931#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1932static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1933 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1934 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1935 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1936 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1937};
1938
1939static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1940 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1941 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1942 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1943 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1944};
1945
1946#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1947#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1948static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1949 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1950 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1951 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1952 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1953};
1954
1955static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1956 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1957 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1958 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1959 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1960};
1961
1962#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
1963#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
1964static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
1965 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1966 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1967 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1968 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1969 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1970 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
1971};
1972
1973static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
1974 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1975 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1976 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
1977 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
1978 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1979 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
1980};
1981
1982#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
1983#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
1984static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
1985 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1986 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1987 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1988 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1989 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1990 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1991};
1992
1993static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
1994 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1995 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1996 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1997 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1998 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1999 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2000};
2001
2002#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2003#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2004static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2005 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2006 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2007 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2008 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2009 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2010 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2011 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2012 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2013};
2014
2015static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2016 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2017 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2018 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2019 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2020 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2021 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2022 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2023 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2024};
2025
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2026/*
2027 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
2028 * 80 bytes of data, processed in two steps (32 + 48).
2029 */
2030
2031#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
2032
2033static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
2034 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
2035 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
2036};
2037
2038static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
2039 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
2040 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
2041 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
2042 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
2043 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
2044 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
2045 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
2046 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
2047 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
2048 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
2049};
2050
2051/*
2052 * Ciphertext was generated by an online tool for AES CBC.
2053 * Since the input size is a multiple of the block size, and the ciphertext
2054 * format is CS3, the output is the same as plain AES CBC with the last
2055 * two blocks swapped.
2056 */
2057static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
2058 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
2059 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
2060 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
2061 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
2062 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
2063 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
2064 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
2065 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
2066 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
2067 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
2068};
2069
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2070static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2071 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2072 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2073 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2074 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2075 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2076 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2077};
2078
2079static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2080 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2081};
2082
2083static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2084 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2085 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2086 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2087 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2088 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2089 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2090};
2091
2092static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2093 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2094 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2095 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2096 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2097 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2098 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2099};
2100
2101static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2102 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2103 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2104 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2105 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2106 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2107 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2108};
2109
2110static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2111 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2112 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2113 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2114 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2115 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2116 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2117};
2118
2119static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2120 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2121 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2122 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2123 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2124 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2125 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2126};
2127
2128struct xtest_ciph_case {
2129 uint32_t algo;
2130 uint32_t mode;
2131 uint32_t key_type;
2132 const uint8_t *key1;
2133 size_t key1_len;
2134 const uint8_t *key2;
2135 size_t key2_len;
2136 const uint8_t *iv;
2137 size_t iv_len;
2138 size_t in_incr;
2139 const uint8_t *in;
2140 size_t in_len;
2141 const uint8_t *out;
2142 size_t out_len;
2143 size_t line;
2144};
2145
2146#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2147 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2148 NULL, 0, NULL, 0, \
2149 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2150 __LINE__ }, \
2151 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2152 NULL, 0, NULL, 0, \
2153 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2154
2155#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2156 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2157 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2158 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2159 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2160 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2161 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2162
2163#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2164 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2165 ciph_data_aes_xts_ ## vect ## _key1, \
2166 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2167 ciph_data_aes_xts_ ## vect ## _key2, \
2168 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2169 ciph_data_aes_xts_ ## vect ## _iv, \
2170 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2171 (in_incr), \
2172 ciph_data_aes_xts_ ## vect ## _ptx, \
2173 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2174 ciph_data_aes_xts_ ## vect ## _ctx, \
2175 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2176 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2177 ciph_data_aes_xts_ ## vect ## _key1, \
2178 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2179 ciph_data_aes_xts_ ## vect ## _key2, \
2180 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2181 ciph_data_aes_xts_ ## vect ## _iv, \
2182 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2183 (in_incr), \
2184 ciph_data_aes_xts_ ## vect ## _ctx, \
2185 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2186 ciph_data_aes_xts_ ## vect ## _ptx, \
2187 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2188
2189#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2190 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2191 ciph_data_aes_cbc_ ## vect ## _key, \
2192 ciph_data_aes_cbc_ ## vect ## _iv, \
2193 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2194 ciph_data_aes_cbc_ ## vect ## _ctx)
2195
2196#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2197 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2198 ciph_data_aes_cts_ ## vect ## _key, \
2199 ciph_data_aes_cts_ ## vect ## _iv, \
2200 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2201 ciph_data_aes_cts_ ## vect ## _ctx)
2202
2203static const struct xtest_ciph_case ciph_cases[] = {
2204 /* AES */
2205 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2206 ciph_data_aes_key1, 11, ciph_data_in1,
2207 ciph_data_aes_ecb_nopad_out1),
2208 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2209 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2210 ciph_data_in1,
2211 ciph_data_aes_cbc_nopad_out1),
2212 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2213 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2214 ciph_data_in1,
2215 ciph_data_aes_ctr_out1),
2216 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2217 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2218 ciph_data_in3,
2219 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2220 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2221 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2222 ciph_data_in3,
2223 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2224 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2225 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2226 ciph_data_in4,
2227 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2228 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2229 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2230 ciph_data_in5,
2231 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2232
2233 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2234 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2235
2236 /* AES-CTS */
2237 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2238 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2239 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2240 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2241 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2242 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2243 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2244 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2245
2246 /* DES */
2247 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2248 ciph_data_des_key1, 14, ciph_data_in1,
2249 ciph_data_des_ecb_nopad_out1),
2250 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2251 ciph_data_des_key2, 3, ciph_data_in2,
2252 ciph_data_des_ecb_nopad_out2),
2253 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2254 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2255 ciph_data_des_cbc_nopad_out1),
2256
2257 /* DES3 */
2258 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2259 ciph_data_des3_key1, 11, ciph_data_in1,
2260 ciph_data_des3_ecb_nopad_out1),
2261 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2262 ciph_data_des3_key2, 3, ciph_data_in2,
2263 ciph_data_des_ecb_nopad_out2),
2264 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2265 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2266 ciph_data_in1,
2267 ciph_data_des3_cbc_nopad_out1),
2268
2269 /* DES2 */
2270 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2271 ciph_data_des2_key1, 11, ciph_data_in1,
2272 ciph_data_des2_ecb_nopad_out1),
2273 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2274 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2275 ciph_data_in1,
2276 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2277
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2278 /* AES-XTS */
2279 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2280 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2281 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2282 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2283 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2284 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2285 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2286 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2287 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2288 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2289 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2290 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2291 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2292 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2293 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2294 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2295 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2296 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2297 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
2298};
2299
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2300static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2301{
2302 TEEC_Session session = { 0 };
2303 TEE_OperationHandle op;
2304 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2305 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
2306 uint8_t out[2048];
2307 size_t out_size;
2308 size_t out_offs;
2309 uint32_t ret_orig;
2310 size_t n;
2311
2312 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2313 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2314 &ret_orig)))
2315 return;
2316
2317 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
2318 TEE_Attribute key_attr;
2319 size_t key_size;
2320 size_t op_key_size;
2321
2322
2323 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2324 (int)n, (unsigned int)ciph_cases[n].algo,
2325 (int)ciph_cases[n].line);
2326
2327 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2328 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2329 key_attr.content.ref.length = ciph_cases[n].key1_len;
2330
2331 key_size = key_attr.content.ref.length * 8;
2332 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2333 ciph_cases[n].key_type == TEE_TYPE_DES3)
2334 /* Exclude parity in bit size of key */
2335 key_size -= key_size / 8;
2336
2337 op_key_size = key_size;
2338 if (ciph_cases[n].key2 != NULL)
2339 op_key_size *= 2;
2340
2341 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2342 ta_crypt_cmd_allocate_operation(c, &session, &op,
2343 ciph_cases[n].algo, ciph_cases[n].mode,
2344 op_key_size)))
2345 goto out;
2346
2347 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2348 ta_crypt_cmd_allocate_transient_object(c, &session,
2349 ciph_cases[n].key_type, key_size,
2350 &key1_handle)))
2351 goto out;
2352
2353 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2354 ta_crypt_cmd_populate_transient_object(c, &session,
2355 key1_handle, &key_attr, 1)))
2356 goto out;
2357
2358 if (ciph_cases[n].key2 != NULL) {
2359 key_attr.content.ref.buffer =
2360 (void *)ciph_cases[n].key2;
2361 key_attr.content.ref.length = ciph_cases[n].key2_len;
2362
2363 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2364 ta_crypt_cmd_allocate_transient_object(c,
2365 &session, ciph_cases[n].key_type,
2366 key_attr.content.ref.length * 8,
2367 &key2_handle)))
2368 goto out;
2369
2370 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2371 ta_crypt_cmd_populate_transient_object(c,
2372 &session, key2_handle, &key_attr, 1)))
2373 goto out;
2374
2375 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2376 ta_crypt_cmd_set_operation_key2(c, &session, op,
2377 key1_handle, key2_handle)))
2378 goto out;
2379 } else {
2380 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2381 ta_crypt_cmd_set_operation_key(c, &session, op,
2382 key1_handle)))
2383 goto out;
2384 }
2385
2386 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2387 ta_crypt_cmd_free_transient_object(c, &session,
2388 key1_handle)))
2389 goto out;
2390 key1_handle = TEE_HANDLE_NULL;
2391
2392 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2393 ta_crypt_cmd_free_transient_object(c, &session,
2394 key2_handle)))
2395 goto out;
2396 key2_handle = TEE_HANDLE_NULL;
2397
2398 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2399 ta_crypt_cmd_cipher_init(c, &session, op,
2400 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2401 goto out;
2402
2403 out_offs = 0;
2404 out_size = sizeof(out);
2405 memset(out, 0, sizeof(out));
2406 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2407 ta_crypt_cmd_cipher_update(c, &session, op,
2408 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2409 &out_size)))
2410 goto out;
2411
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2412 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2413 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2414 ciph_cases[n].in_incr);
2415
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2416 out_offs += out_size;
2417 out_size = sizeof(out) - out_offs;
2418
2419 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2420 ta_crypt_cmd_cipher_do_final(c, &session, op,
2421 ciph_cases[n].in + ciph_cases[n].in_incr,
2422 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2423 out + out_offs,
2424 &out_size)))
2425 goto out;
2426
2427 out_offs += out_size;
2428
2429 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2430 ciph_cases[n].out_len, out, out_offs);
2431
2432 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2433 ta_crypt_cmd_free_operation(c, &session, op)))
2434 goto out;
2435
2436 Do_ADBG_EndSubCase(c, NULL);
2437 }
2438out:
2439 TEEC_CloseSession(&session);
2440}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2441ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2442 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2443
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2444static void xtest_tee_test_4004(ADBG_Case_t *c)
2445{
2446 TEEC_Session session = { 0 };
2447 uint32_t ret_orig;
2448 uint8_t buf1[45] = { 0 };
2449 uint8_t buf2[45] = { 0 };
2450 static const uint8_t zeros[45] = { 0 };
2451
2452 Do_ADBG_BeginSubCase(c, "TEE get random");
2453 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2454 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2455 &ret_orig)))
2456 return;
2457
2458 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2459 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2460 sizeof(buf1))))
2461 goto out;
2462
2463 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2464 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2465
2466 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2467 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2468 sizeof(buf2))))
2469 goto out;
2470
2471 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2472 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2473
2474 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2475 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2476out:
2477 TEEC_CloseSession(&session);
2478 Do_ADBG_EndSubCase(c, "TEE get random");
2479}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2480ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2481 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2482
2483struct xtest_ae_case {
2484 uint32_t algo;
2485 uint32_t mode;
2486 uint32_t key_type;
2487 const uint8_t *key;
2488 size_t key_len;
2489 const uint8_t *nonce;
2490 size_t nonce_len;
2491 size_t aad_incr;
2492 const uint8_t *aad;
2493 size_t aad_len;
2494 size_t in_incr;
2495 const uint8_t *ptx;
2496 size_t ptx_len;
2497 const uint8_t *ctx;
2498 size_t ctx_len;
2499 const uint8_t *tag;
2500 size_t tag_len;
2501 size_t line;
2502};
2503
2504
2505#define ARRAY(a) a, ARRAY_SIZE(a)
2506#define NULL_ARRAY(a) NULL, 0
2507
2508#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2509 aad_array, ptx_array, ctx_array) \
2510 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2511 ARRAY(vect ## _nonce), (aad_incr), \
2512 aad_array(vect ## _aad), (in_incr), \
2513 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2514 ARRAY(vect ## _tag), \
2515 __LINE__ }, \
2516 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2517 ARRAY(vect ## _nonce), (aad_incr), \
2518 aad_array(vect ## _aad), (in_incr), \
2519 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2520 ARRAY(vect ## _tag), \
2521 __LINE__ }
2522
2523#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2524 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2525 in_incr, ARRAY, ARRAY, ARRAY)
2526
2527#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2528 aad_array, ptx_array, ctx_array) \
2529 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2530 in_incr, aad_array, ptx_array, ctx_array)
2531
2532
2533
2534static const struct xtest_ae_case ae_cases[] = {
2535 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2536 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2537 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2538
2539 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2540 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2541 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2542 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2543 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2544 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2545 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2546 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2547 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2548 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2549 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2550 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2551 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2552 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2553 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2554 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2555 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2556 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2557 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2558#ifdef CFG_GCM_NIST_VECTORS
2559#include "gcmDecrypt128.h"
2560#include "gcmDecrypt192.h"
2561#include "gcmDecrypt256.h"
2562#include "gcmEncryptExtIV128.h"
2563#include "gcmEncryptExtIV192.h"
2564#include "gcmEncryptExtIV256.h"
2565#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2566};
2567
2568static void xtest_tee_test_4005(ADBG_Case_t *c)
2569{
2570 TEEC_Session session = { 0 };
2571 TEE_OperationHandle op;
2572 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
2573 TEE_Attribute key_attr;
2574 uint8_t out[512];
2575 size_t out_size;
2576 size_t out_offs;
2577 uint32_t ret_orig;
2578 size_t n;
2579
2580 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2581 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2582 &ret_orig)))
2583 return;
2584
2585 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2586 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2587 (int)n, (unsigned int)ae_cases[n].algo,
2588 (int)ae_cases[n].line);
2589
2590 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2591 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2592 key_attr.content.ref.length = ae_cases[n].key_len;
2593
2594 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2595 ta_crypt_cmd_allocate_operation(c, &session, &op,
2596 ae_cases[n].algo, ae_cases[n].mode,
2597 key_attr.content.ref.length * 8)))
2598 goto out;
2599
2600 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2601 ta_crypt_cmd_allocate_transient_object(c, &session,
2602 ae_cases[n].key_type,
2603 key_attr.content.ref.length * 8,
2604 &key_handle)))
2605 goto out;
2606
2607 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2608 ta_crypt_cmd_populate_transient_object(c, &session,
2609 key_handle, &key_attr, 1)))
2610 goto out;
2611
2612 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2613 ta_crypt_cmd_set_operation_key(c, &session, op,
2614 key_handle)))
2615 goto out;
2616
2617 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2618 ta_crypt_cmd_free_transient_object(c, &session,
2619 key_handle)))
2620 goto out;
2621 key_handle = TEE_HANDLE_NULL;
2622
2623 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2624 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2625 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2626 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2627 goto out;
2628
2629 if (ae_cases[n].aad != NULL) {
2630 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2631 ta_crypt_cmd_ae_update_aad(c, &session, op,
2632 ae_cases[n].aad, ae_cases[n].aad_incr)))
2633 goto out;
2634
2635 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2636 ta_crypt_cmd_ae_update_aad(c, &session, op,
2637 ae_cases[n].aad + ae_cases[n].aad_incr,
2638 ae_cases [n].aad_len -
2639 ae_cases[n].aad_incr)))
2640 goto out;
2641 }
2642
2643 out_offs = 0;
2644 out_size = sizeof(out);
2645 memset(out, 0, sizeof(out));
2646 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2647 if (ae_cases[n].ptx != NULL) {
2648 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2649 ta_crypt_cmd_ae_update(c, &session, op,
2650 ae_cases[n].ptx,
2651 ae_cases[n].in_incr, out,
2652 &out_size)))
2653 goto out;
2654 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2655 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2656 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2657 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2658 }
2659 } else {
2660 if (ae_cases[n].ctx != NULL) {
2661 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2662 ta_crypt_cmd_ae_update(c, &session, op,
2663 ae_cases[n].ctx,
2664 ae_cases[n].in_incr, out,
2665 &out_size)))
2666 goto out;
2667 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2668 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2669 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2670 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2671 }
2672 }
2673
2674 out_size = sizeof(out) - out_offs;
2675 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2676 uint8_t out_tag[64];
2677 size_t out_tag_len = MIN(sizeof(out_tag),
2678 ae_cases[n].tag_len);
2679
2680 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2681 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2682 ae_cases[n].ptx + ae_cases[n].in_incr,
2683 ae_cases[n].ptx_len -
2684 ae_cases[n].in_incr,
2685 out + out_offs,
2686 &out_size, out_tag, &out_tag_len)))
2687 goto out;
2688
2689 (void)ADBG_EXPECT_BUFFER(c,
2690 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2691 out_tag_len);
2692
2693 out_offs += out_size;
2694
2695 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2696 ae_cases[n].ctx_len, out, out_offs);
2697 } else {
2698 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2699 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2700 ae_cases[n].ctx + ae_cases[n].in_incr,
2701 ae_cases[n].ctx_len -
2702 ae_cases[n].in_incr,
2703 out + out_offs,
2704 &out_size, ae_cases[n].tag,
2705 ae_cases[n].tag_len)))
2706 goto out;
2707
2708 out_offs += out_size;
2709
2710 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2711 ae_cases[n].ptx_len, out, out_offs);
2712 }
2713
2714 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2715 ta_crypt_cmd_free_operation(c, &session, op)))
2716 goto out;
2717
2718 Do_ADBG_EndSubCase(c, NULL);
2719 }
2720out:
2721 TEEC_CloseSession(&session);
2722}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2723ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
2724 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2725
2726struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2727 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2728 uint32_t algo;
2729 TEE_OperationMode mode;
2730
2731 union {
2732 struct {
2733 const uint8_t *modulus;
2734 size_t modulus_len;
2735
2736 const uint8_t *pub_exp;
2737 size_t pub_exp_len;
2738
2739 const uint8_t *priv_exp;
2740 size_t priv_exp_len;
2741
2742 const uint8_t *prime1; /* q */
2743 size_t prime1_len;
2744 const uint8_t *prime2; /* p */
2745 size_t prime2_len;
2746 const uint8_t *exp1; /* dp */
2747 size_t exp1_len;
2748 const uint8_t *exp2; /* dq */
2749 size_t exp2_len;
2750 const uint8_t *coeff; /* iq */
2751 size_t coeff_len;
2752
2753 int salt_len;
2754 } rsa;
2755 struct {
2756 const uint8_t *prime;
2757 size_t prime_len;
2758 const uint8_t *sub_prime;
2759 size_t sub_prime_len;
2760 const uint8_t *base;
2761 size_t base_len;
2762 const uint8_t *pub_val;
2763 size_t pub_val_len;
2764 const uint8_t *priv_val;
2765 size_t priv_val_len;
2766 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2767 struct {
2768 const uint8_t *private;
2769 size_t private_len;
2770 const uint8_t *public_x;
2771 size_t public_x_len;
2772 const uint8_t *public_y;
2773 size_t public_y_len;
2774 } ecdsa;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2775 } params;
2776
2777 const uint8_t *ptx;
2778 size_t ptx_len;
2779 const uint8_t *ctx;
2780 size_t ctx_len;
2781 size_t line;
2782};
2783
2784#define WITHOUT_SALT(x) -1
2785#define WITH_SALT(x) x
2786
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2787#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2788 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2789 ARRAY(vect ## _ptx), \
2790 ARRAY(vect ## _out), \
2791 __LINE__ }
2792
2793#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2794 { .rsa = { \
2795 ARRAY(vect ## _modulus), \
2796 ARRAY(vect ## _pub_exp), \
2797 ARRAY(vect ## _priv_exp), \
2798 opt_crt_array(vect ## _prime1), \
2799 opt_crt_array(vect ## _prime2), \
2800 opt_crt_array(vect ## _exp1), \
2801 opt_crt_array(vect ## _exp2), \
2802 opt_crt_array(vect ## _coeff), \
2803 opt_salt(vect ## _salt_len) \
2804 } }
2805
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2806#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2807 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2808 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2809
2810#define XTEST_AC_DSA_UNION(vect) \
2811 { .dsa = { \
2812 ARRAY(vect ## _prime), \
2813 ARRAY(vect ## _sub_prime), \
2814 ARRAY(vect ## _base), \
2815 ARRAY(vect ## _pub_val), \
2816 ARRAY(vect ## _priv_val), \
2817 } }
2818
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2819#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2820 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2821
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2822#define XTEST_AC_ECDSA_UNION(vect) \
2823 { .ecdsa = { \
2824 ARRAY(vect ## _private), \
2825 ARRAY(vect ## _public_x), \
2826 ARRAY(vect ## _public_y), \
2827 } }
2828
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2829#define XTEST_AC_ECDSA_CASE(level, algo, mode, vect) \
2830 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2831
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2832static const struct xtest_ac_case xtest_ac_cases[] = {
2833 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2834 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2835 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2836 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2837 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2838 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2839 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2840 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2841 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2842 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2843 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2844 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2845 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2846 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2847 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2848 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2849 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2850 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2851 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2852 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2853 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2854 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2855 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2856 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2857 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2858 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2859 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2860 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2861 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2862 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2863 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2864 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2865 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2866 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2867 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2868 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2869 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2870 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2871 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2872 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2873 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2874
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2875 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2876 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2877 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2878 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2879
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]2880#ifdef CFG_CRYPTO_RSASSA_NA1
2881 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
2882 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2883 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
2884 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2885#endif
2886
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2887 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2888 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2889 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2890 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2891
2892 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2893 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2894 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2895 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2896
2897 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2898 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2899 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2900 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
2901
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2902 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2903 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2904 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2905 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2906 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2907
2908 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2909 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2910 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2911 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2912 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2913 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2914
2915 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2916 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2917 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2918 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2919 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2920 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2921
2922 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2923 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2924 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2925 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2926 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2927 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2928
2929 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2930 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2931 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2932 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2933 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2934 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
2935
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2936 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2937 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2938 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2939 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2940 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2941 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2942 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2943 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2944 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2945 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2946 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2947 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
2948
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2949 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2950 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2951 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2952 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2953 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2954 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2955 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2956 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2957 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2958 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2959 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2960 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2961 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2962 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2963 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2964 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2965 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2966 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
2967
2968 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2969 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2970 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2971 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2972 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2973 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2974 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2975 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2976 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2977 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2978 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2979 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2980 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2981 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2982 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2983 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2984 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2985 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2986 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2987 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2988 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2989 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2990 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2991 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2992 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2993 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2994 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2995 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2996 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2997 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2998 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2999 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3000 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3001 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3002 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3003 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3004 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3005 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3006 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3007 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3008 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3009 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3010 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3011 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3012 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3013
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3014 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3015 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3016 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3017 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3018 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3019 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3020 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3021 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3022 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3023 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3024 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3025 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3026 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3027 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3028 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3029 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3030 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3031 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3032 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3033 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3034 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3035 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3036 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3037 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3038 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3039 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3040 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3041 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3042 ac_rsassa_vect15, ARRAY, WITH_SALT),
3043
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3044 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3045 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3046 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3047 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3048 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3049 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3050 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3051 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3052 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3053 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3054 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3055 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3056
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3057 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3058 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3059 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3060 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3061 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3062 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3063 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3064 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3065 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3066 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3067 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3068 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3069 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3070 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3071 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3072 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3073 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3074 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3075
3076 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3077 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3078 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3079 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3080 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3081 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3082 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3083 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3084 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3085 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3086 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3087 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3088 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3089 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3090 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3091 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3092 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3093 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3094 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3095 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3096 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3097 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3098 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3099 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3100 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3101 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3102 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3103 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3104 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3105 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3106 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3107 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3108 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3109 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3110 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3111 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3112 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3113 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3114 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3115 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3116 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3117 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3118 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3119 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3120 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3121 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3122 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3123 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3124 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3125 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3126 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3127 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3128 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3129 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3130 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3131 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3132 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3133 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3134 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3135 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3136 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3137 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3138 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3139 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3140 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3141 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3142 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3143 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3144 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3145 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3146 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3147 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3148 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3149 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3150 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3151 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3152 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3153 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3154 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3155 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3156 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3157 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3158 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3159 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3160 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3161 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3162 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3163 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3164 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3165 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3166 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3167 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3168 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3169 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3170 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3171 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3172 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3173 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3174 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3175 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3176 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3177 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3178 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3179 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3180 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3181 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3182 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3183 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3184 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3185 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3186 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3187 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3188 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3189 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3190 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3191 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3192 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3193 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3194 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3195 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3196 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3197 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3198 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3199 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3200 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3201 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3202 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3203 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3204 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3205 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3206 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3207 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3208 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3209 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3210 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3211 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3212 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3213 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3214 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3215 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3216 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3217 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3218 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3219 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3220 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3221 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3222 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3223 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3224 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3225 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3226 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3227 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3228 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3229 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3230 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3231 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3232 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3233 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3234 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3235 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3236 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3237 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3238 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3239 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3240 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3241 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3242 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3243 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3244 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3245 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3246 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3247 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3248 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3249 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3250 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3251 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3252 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3253 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3254 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3255 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3256 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3257 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3258 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3259 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3260 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3261 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3262 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3263 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3264 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3265 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3266 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3267 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3268 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3269 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3270 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3271 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3272 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3273 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3274 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3275 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3276 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3277
3278 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3279 /* [P-192] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3280 XTEST_AC_ECDSA_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3281 nist_186_2_ecdsa_testvector_1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3282 XTEST_AC_ECDSA_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3283 nist_186_2_ecdsa_testvector_1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3284 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3285 nist_186_2_ecdsa_testvector_2),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3286 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3287 nist_186_2_ecdsa_testvector_2),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3288 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3289 nist_186_2_ecdsa_testvector_3),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3290 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3291 nist_186_2_ecdsa_testvector_3),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3292 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3293 nist_186_2_ecdsa_testvector_4),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3294 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3295 nist_186_2_ecdsa_testvector_4),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3296 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3297 nist_186_2_ecdsa_testvector_5),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3298 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3299 nist_186_2_ecdsa_testvector_5),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3300 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3301 nist_186_2_ecdsa_testvector_6),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3302 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3303 nist_186_2_ecdsa_testvector_6),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3304 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3305 nist_186_2_ecdsa_testvector_7),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3306 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3307 nist_186_2_ecdsa_testvector_7),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3308 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3309 nist_186_2_ecdsa_testvector_8),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3310 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3311 nist_186_2_ecdsa_testvector_8),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3312 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3313 nist_186_2_ecdsa_testvector_9),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3314 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3315 nist_186_2_ecdsa_testvector_9),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3316 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3317 nist_186_2_ecdsa_testvector_10),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3318 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3319 nist_186_2_ecdsa_testvector_10),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3320 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3321 nist_186_2_ecdsa_testvector_11),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3322 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3323 nist_186_2_ecdsa_testvector_11),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3324 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3325 nist_186_2_ecdsa_testvector_12),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3326 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3327 nist_186_2_ecdsa_testvector_12),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3328 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3329 nist_186_2_ecdsa_testvector_13),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3330 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3331 nist_186_2_ecdsa_testvector_13),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3332 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3333 nist_186_2_ecdsa_testvector_14),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3334 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3335 nist_186_2_ecdsa_testvector_14),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3336 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3337 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3338 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3339 nist_186_2_ecdsa_testvector_15),
3340 /* [P-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3341 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3342 nist_186_2_ecdsa_testvector_16),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3343 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3344 nist_186_2_ecdsa_testvector_16),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3345 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3346 nist_186_2_ecdsa_testvector_17),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3347 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3348 nist_186_2_ecdsa_testvector_17),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3349 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3350 nist_186_2_ecdsa_testvector_18),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3351 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3352 nist_186_2_ecdsa_testvector_18),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3353 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3354 nist_186_2_ecdsa_testvector_19),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3355 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3356 nist_186_2_ecdsa_testvector_19),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3357 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3358 nist_186_2_ecdsa_testvector_20),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3359 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3360 nist_186_2_ecdsa_testvector_20),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3361 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3362 nist_186_2_ecdsa_testvector_21),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3363 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3364 nist_186_2_ecdsa_testvector_21),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3365 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3366 nist_186_2_ecdsa_testvector_22),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3367 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3368 nist_186_2_ecdsa_testvector_22),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3369 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3370 nist_186_2_ecdsa_testvector_23),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3371 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3372 nist_186_2_ecdsa_testvector_23),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3373 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3374 nist_186_2_ecdsa_testvector_24),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3375 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3376 nist_186_2_ecdsa_testvector_24),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3377 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3378 nist_186_2_ecdsa_testvector_25),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3379 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3380 nist_186_2_ecdsa_testvector_25),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3381 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3382 nist_186_2_ecdsa_testvector_26),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3383 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3384 nist_186_2_ecdsa_testvector_26),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3385 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3386 nist_186_2_ecdsa_testvector_27),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3387 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3388 nist_186_2_ecdsa_testvector_27),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3389 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3390 nist_186_2_ecdsa_testvector_28),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3391 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3392 nist_186_2_ecdsa_testvector_28),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3393 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3394 nist_186_2_ecdsa_testvector_29),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3395 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3396 nist_186_2_ecdsa_testvector_29),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3397 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3398 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3399 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3400 nist_186_2_ecdsa_testvector_30),
3401 /* [P-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3402 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3403 nist_186_2_ecdsa_testvector_31),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3404 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3405 nist_186_2_ecdsa_testvector_31),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3406 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3407 nist_186_2_ecdsa_testvector_32),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3408 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3409 nist_186_2_ecdsa_testvector_32),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3410 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3411 nist_186_2_ecdsa_testvector_33),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3412 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3413 nist_186_2_ecdsa_testvector_33),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3414 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3415 nist_186_2_ecdsa_testvector_34),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3416 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3417 nist_186_2_ecdsa_testvector_34),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3418 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3419 nist_186_2_ecdsa_testvector_35),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3420 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3421 nist_186_2_ecdsa_testvector_35),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3422 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3423 nist_186_2_ecdsa_testvector_36),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3424 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3425 nist_186_2_ecdsa_testvector_36),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3426 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3427 nist_186_2_ecdsa_testvector_37),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3428 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3429 nist_186_2_ecdsa_testvector_37),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3430 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3431 nist_186_2_ecdsa_testvector_38),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3432 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3433 nist_186_2_ecdsa_testvector_38),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3434 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3435 nist_186_2_ecdsa_testvector_39),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3436 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3437 nist_186_2_ecdsa_testvector_39),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3438 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3439 nist_186_2_ecdsa_testvector_40),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3440 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3441 nist_186_2_ecdsa_testvector_40),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3442 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3443 nist_186_2_ecdsa_testvector_41),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3444 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3445 nist_186_2_ecdsa_testvector_41),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3446 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3447 nist_186_2_ecdsa_testvector_42),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3448 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3449 nist_186_2_ecdsa_testvector_42),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3450 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3451 nist_186_2_ecdsa_testvector_43),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3452 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3453 nist_186_2_ecdsa_testvector_43),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3454 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3455 nist_186_2_ecdsa_testvector_44),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3456 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3457 nist_186_2_ecdsa_testvector_44),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3458 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3459 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3460 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3461 nist_186_2_ecdsa_testvector_45),
3462 /* [P-384] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3463 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3464 nist_186_2_ecdsa_testvector_46),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3465 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3466 nist_186_2_ecdsa_testvector_46),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3467 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3468 nist_186_2_ecdsa_testvector_47),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3469 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3470 nist_186_2_ecdsa_testvector_47),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3471 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3472 nist_186_2_ecdsa_testvector_48),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3473 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3474 nist_186_2_ecdsa_testvector_48),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3475 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3476 nist_186_2_ecdsa_testvector_49),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3477 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3478 nist_186_2_ecdsa_testvector_49),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3479 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3480 nist_186_2_ecdsa_testvector_50),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3481 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3482 nist_186_2_ecdsa_testvector_50),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3483 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3484 nist_186_2_ecdsa_testvector_51),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3485 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3486 nist_186_2_ecdsa_testvector_51),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3487 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3488 nist_186_2_ecdsa_testvector_52),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3489 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3490 nist_186_2_ecdsa_testvector_52),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3491 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3492 nist_186_2_ecdsa_testvector_53),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3493 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3494 nist_186_2_ecdsa_testvector_53),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3495 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3496 nist_186_2_ecdsa_testvector_54),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3497 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3498 nist_186_2_ecdsa_testvector_54),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3499 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3500 nist_186_2_ecdsa_testvector_55),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3501 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3502 nist_186_2_ecdsa_testvector_55),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3503 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3504 nist_186_2_ecdsa_testvector_56),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3505 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3506 nist_186_2_ecdsa_testvector_56),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3507 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3508 nist_186_2_ecdsa_testvector_57),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3509 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3510 nist_186_2_ecdsa_testvector_57),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3511 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3512 nist_186_2_ecdsa_testvector_58),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3513 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3514 nist_186_2_ecdsa_testvector_58),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3515 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3516 nist_186_2_ecdsa_testvector_59),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3517 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3518 nist_186_2_ecdsa_testvector_59),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3519 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3520 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3521 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3522 nist_186_2_ecdsa_testvector_60),
3523 /* [P-521] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3524 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3525 nist_186_2_ecdsa_testvector_61),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3526 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3527 nist_186_2_ecdsa_testvector_61),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3528 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3529 nist_186_2_ecdsa_testvector_62),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3530 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3531 nist_186_2_ecdsa_testvector_62),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3532 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3533 nist_186_2_ecdsa_testvector_63),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3534 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3535 nist_186_2_ecdsa_testvector_63),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3536 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3537 nist_186_2_ecdsa_testvector_64),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3538 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3539 nist_186_2_ecdsa_testvector_64),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3540 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3541 nist_186_2_ecdsa_testvector_65),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3542 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3543 nist_186_2_ecdsa_testvector_65),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3544 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3545 nist_186_2_ecdsa_testvector_66),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3546 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3547 nist_186_2_ecdsa_testvector_66),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3548 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3549 nist_186_2_ecdsa_testvector_67),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3550 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3551 nist_186_2_ecdsa_testvector_67),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3552 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3553 nist_186_2_ecdsa_testvector_68),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3554 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3555 nist_186_2_ecdsa_testvector_68),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3556 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3557 nist_186_2_ecdsa_testvector_69),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3558 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3559 nist_186_2_ecdsa_testvector_69),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3560 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3561 nist_186_2_ecdsa_testvector_70),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3562 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3563 nist_186_2_ecdsa_testvector_70),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3564 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3565 nist_186_2_ecdsa_testvector_71),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3566 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3567 nist_186_2_ecdsa_testvector_71),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3568 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3569 nist_186_2_ecdsa_testvector_72),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3570 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3571 nist_186_2_ecdsa_testvector_72),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3572 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3573 nist_186_2_ecdsa_testvector_73),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3574 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3575 nist_186_2_ecdsa_testvector_73),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3576 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3577 nist_186_2_ecdsa_testvector_74),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3578 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3579 nist_186_2_ecdsa_testvector_74),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3580 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3581 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3582 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3583 nist_186_2_ecdsa_testvector_75),
3584 /* [K-163] - GP NOT SUPPORTED */
3585 /* [K-233] - GP NOT SUPPORTED */
3586 /* [K-283] - GP NOT SUPPORTED */
3587 /* [K-409] - GP NOT SUPPORTED */
3588 /* [K-571] - GP NOT SUPPORTED */
3589 /* [B-163] - GP NOT SUPPORTED */
3590 /* [B-233] - GP NOT SUPPORTED */
3591 /* [B-283] - GP NOT SUPPORTED */
3592 /* [B-409] - GP NOT SUPPORTED */
3593 /* [B-571] - GP NOT SUPPORTED */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3594};
3595
3596static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3597 uint32_t max_key_size, uint32_t key_type,
3598 TEE_Attribute *attrs, size_t num_attrs,
3599 TEE_ObjectHandle *handle)
3600{
3601 size_t n;
3602
3603 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3604 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3605 max_key_size, handle)))
3606 return false;
3607
3608 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3609 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3610 num_attrs)))
3611 return false;
3612
3613 for (n = 0; n < num_attrs; n++) {
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]3614 uint8_t out[512];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3615 size_t out_size;
3616
3617 out_size = sizeof(out);
3618 memset(out, 0, sizeof(out));
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3619
3620 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3621 continue;
3622
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3623 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3624 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3625 attrs[n].attributeID, out, &out_size)))
3626 return false;
3627
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3628 if (out_size < attrs[n].content.ref.length) {
3629 memmove(out + (attrs[n].content.ref.length - out_size),
3630 out,
3631 attrs[n].content.ref.length);
3632 memset(out, 0, attrs[n].content.ref.length - out_size);
3633 out_size = attrs[n].content.ref.length;
3634 }
3635
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3636 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3637 attrs[n].content.ref.length, out, out_size))
3638 return false;
3639 }
3640
3641 return true;
3642}
3643
3644static void xtest_tee_test_4006(ADBG_Case_t *c)
3645{
3646 TEEC_Session session = { 0 };
3647 TEE_OperationHandle op = TEE_HANDLE_NULL;
3648 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3649 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
3650 TEE_Attribute key_attrs[8];
3651 TEE_Attribute algo_params[1];
3652 size_t num_algo_params;
3653 uint8_t out[512];
3654 size_t out_size;
3655 uint8_t out_enc[512];
3656 size_t out_enc_size;
3657 uint8_t ptx_hash[TEE_MAX_HASH_SIZE];
3658 size_t ptx_hash_size;
3659 size_t max_key_size;
3660 size_t num_key_attrs;
3661 uint32_t ret_orig;
3662 size_t n;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3663 uint32_t curve;
3664 uint32_t hash_algo;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3665
3666 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3667 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3668 &ret_orig)))
3669 return;
3670
3671 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3672 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3673
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3674 if (tv->level > level)
3675 continue;
3676
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3677 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3678 (int)n, (unsigned int)tv->algo,
3679 (int)tv->line);
3680
3681 /*
3682 * When signing or verifying we're working with the hash of
3683 * the payload.
3684 */
3685 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3686 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3687 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3688#if defined(CFG_CRYPTO_RSASSA_NA1)
3689 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3690 hash_algo = TEE_ALG_SHA256;
3691#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3692 else
3693 hash_algo = TEE_ALG_HASH_ALGO(
3694 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3695
3696 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3697 ta_crypt_cmd_allocate_operation(c, &session,
3698 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3699 goto out;
3700
3701 ptx_hash_size = sizeof(ptx_hash);
3702 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3703 ta_crypt_cmd_digest_do_final(c, & session, op,
3704 tv->ptx, tv->ptx_len, ptx_hash,
3705 &ptx_hash_size)))
3706 goto out;
3707
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3708 /*
3709 * When we use DSA algorithms, the size of the hash we
3710 * consider equals the min between the size of the
3711 * "subprime" in the key and the size of the hash
3712 */
3713 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3714 TEE_MAIN_ALGO_DSA) {
3715 if (tv->params.dsa.sub_prime_len <=
3716 ptx_hash_size)
3717 ptx_hash_size =
3718 tv->params.dsa.sub_prime_len;
3719 }
3720
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3721 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3722 ta_crypt_cmd_free_operation(c, &session, op)))
3723 goto out;
3724 }
3725
3726 num_algo_params = 0;
3727 num_key_attrs = 0;
3728 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3729 case TEE_MAIN_ALGO_RSA:
3730 if (tv->params.rsa.salt_len > 0) {
3731 algo_params[0].attributeID =
3732 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3733 algo_params[0].content.value.a =
3734 tv->params.rsa.salt_len;
3735 algo_params[0].content.value.b = 0;
3736 num_algo_params = 1;
3737 }
3738
3739 max_key_size = tv->params.rsa.modulus_len * 8;
3740
3741 xtest_add_attr(&num_key_attrs, key_attrs,
3742 TEE_ATTR_RSA_MODULUS,
3743 tv->params.rsa.modulus,
3744 tv->params.rsa.modulus_len);
3745 xtest_add_attr(&num_key_attrs, key_attrs,
3746 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3747 tv->params.rsa.pub_exp,
3748 tv->params.rsa.pub_exp_len);
3749
3750 if (!ADBG_EXPECT_TRUE(c,
3751 create_key(c, &session,
3752 max_key_size,
3753 TEE_TYPE_RSA_PUBLIC_KEY,
3754 key_attrs,
3755 num_key_attrs,
3756 &pub_key_handle)))
3757 goto out;
3758
3759 xtest_add_attr(&num_key_attrs, key_attrs,
3760 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3761 tv->params.rsa.priv_exp,
3762 tv->params.rsa.priv_exp_len);
3763
3764 if (tv->params.rsa.prime1_len != 0) {
3765 xtest_add_attr(&num_key_attrs, key_attrs,
3766 TEE_ATTR_RSA_PRIME1,
3767 tv->params.rsa.prime1,
3768 tv->params.rsa.prime1_len);
3769 }
3770
3771 if (tv->params.rsa.prime2_len != 0) {
3772 xtest_add_attr(&num_key_attrs, key_attrs,
3773 TEE_ATTR_RSA_PRIME2,
3774 tv->params.rsa.prime2,
3775 tv->params.rsa.prime2_len);
3776 }
3777
3778 if (tv->params.rsa.exp1_len != 0) {
3779 xtest_add_attr(&num_key_attrs, key_attrs,
3780 TEE_ATTR_RSA_EXPONENT1,
3781 tv->params.rsa.exp1,
3782 tv->params.rsa.exp1_len);
3783 }
3784
3785 if (tv->params.rsa.exp2_len != 0) {
3786 xtest_add_attr(&num_key_attrs, key_attrs,
3787 TEE_ATTR_RSA_EXPONENT2,
3788 tv->params.rsa.exp2,
3789 tv->params.rsa.exp2_len);
3790 }
3791
3792 if (tv->params.rsa.coeff_len != 0) {
3793 xtest_add_attr(&num_key_attrs, key_attrs,
3794 TEE_ATTR_RSA_COEFFICIENT,
3795 tv->params.rsa.coeff,
3796 tv->params.rsa.coeff_len);
3797 }
3798
3799 if (!ADBG_EXPECT_TRUE(c,
3800 create_key(c, &session,
3801 max_key_size,
3802 TEE_TYPE_RSA_KEYPAIR,
3803 key_attrs,
3804 num_key_attrs,
3805 &priv_key_handle)))
3806 goto out;
3807 break;
3808
3809 case TEE_MAIN_ALGO_DSA:
3810 max_key_size = tv->params.dsa.prime_len * 8;
3811
3812 xtest_add_attr(&num_key_attrs, key_attrs,
3813 TEE_ATTR_DSA_PRIME,
3814 tv->params.dsa.prime,
3815 tv->params.dsa.prime_len);
3816 xtest_add_attr(&num_key_attrs, key_attrs,
3817 TEE_ATTR_DSA_SUBPRIME,
3818 tv->params.dsa.sub_prime,
3819 tv->params.dsa.sub_prime_len);
3820 xtest_add_attr(&num_key_attrs, key_attrs,
3821 TEE_ATTR_DSA_BASE,
3822 tv->params.dsa.base,
3823 tv->params.dsa.base_len);
3824 xtest_add_attr(&num_key_attrs, key_attrs,
3825 TEE_ATTR_DSA_PUBLIC_VALUE,
3826 tv->params.dsa.pub_val,
3827 tv->params.dsa.pub_val_len);
3828
3829 if (!ADBG_EXPECT_TRUE(c,
3830 create_key(c, &session, max_key_size,
3831 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3832 num_key_attrs, &pub_key_handle)))
3833 goto out;
3834
3835 xtest_add_attr(&num_key_attrs, key_attrs,
3836 TEE_ATTR_DSA_PRIVATE_VALUE,
3837 tv->params.dsa.priv_val,
3838 tv->params.dsa.priv_val_len);
3839
3840 if (!ADBG_EXPECT_TRUE(c,
3841 create_key(c, &session, max_key_size,
3842 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3843 num_key_attrs, &priv_key_handle)))
3844 goto out;
3845 break;
3846
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3847 case TEE_MAIN_ALGO_ECDSA:
3848 switch (tv->algo) {
3849 case TEE_ALG_ECDSA_P192:
3850 curve = TEE_ECC_CURVE_NIST_P192;
3851 break;
3852 case TEE_ALG_ECDSA_P224:
3853 curve = TEE_ECC_CURVE_NIST_P224;
3854 break;
3855 case TEE_ALG_ECDSA_P256:
3856 curve = TEE_ECC_CURVE_NIST_P256;
3857 break;
3858 case TEE_ALG_ECDSA_P384:
3859 curve = TEE_ECC_CURVE_NIST_P384;
3860 break;
3861 case TEE_ALG_ECDSA_P521:
3862 curve = TEE_ECC_CURVE_NIST_P521;
3863 break;
3864 default:
3865 curve = 0xFF;
3866 break;
3867 }
3868
3869 if (tv->algo == TEE_ALG_ECDSA_P521)
3870 max_key_size = 521;
3871 else
3872 max_key_size = tv->params.ecdsa.private_len * 8;
3873
3874 xtest_add_attr_value(&num_key_attrs, key_attrs,
3875 TEE_ATTR_ECC_CURVE, curve, 0);
3876 xtest_add_attr(&num_key_attrs, key_attrs,
3877 TEE_ATTR_ECC_PUBLIC_VALUE_X,
3878 tv->params.ecdsa.public_x,
3879 tv->params.ecdsa.public_x_len);
3880 xtest_add_attr(&num_key_attrs, key_attrs,
3881 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
3882 tv->params.ecdsa.public_y,
3883 tv->params.ecdsa.public_y_len);
3884
3885 if (!ADBG_EXPECT_TRUE(c,
3886 create_key(c, &session, max_key_size,
3887 TEE_TYPE_ECDSA_PUBLIC_KEY, key_attrs,
3888 num_key_attrs, &pub_key_handle)))
3889 goto out;
3890
3891 xtest_add_attr(&num_key_attrs, key_attrs,
3892 TEE_ATTR_ECC_PRIVATE_VALUE,
3893 tv->params.ecdsa.private,
3894 tv->params.ecdsa.private_len);
3895
3896 if (!ADBG_EXPECT_TRUE(c,
3897 create_key(c, &session, max_key_size,
3898 TEE_TYPE_ECDSA_KEYPAIR, key_attrs,
3899 num_key_attrs, &priv_key_handle)))
3900 goto out;
3901 break;
3902
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3903 default:
3904 ADBG_EXPECT_TRUE(c, false);
3905 goto out;
3906 }
3907
3908 out_size = sizeof(out);
3909 memset(out, 0, sizeof(out));
3910 switch (tv->mode) {
3911 case TEE_MODE_ENCRYPT:
3912 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3913 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3914 &op, tv->algo, TEE_MODE_ENCRYPT,
3915 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3916 goto out;
3917
3918 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3919 ta_crypt_cmd_set_operation_key(c, &session, op,
3920 pub_key_handle)))
3921 goto out;
3922
3923 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3924 ta_crypt_cmd_free_transient_object(c, &session,
3925 pub_key_handle)))
3926 goto out;
3927 pub_key_handle = TEE_HANDLE_NULL;
3928
3929 out_enc_size = sizeof(out_enc);
3930 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3931 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3932 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3933 &out_enc_size)))
3934 goto out;
3935
3936 /*
3937 * A PS which is random is added when formatting the
3938 * message internally of the algorithm so we can't
3939 * verify against precomputed values, instead we use the
3940 * decrypt operation to see that output is correct.
3941 */
3942
3943 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3944 ta_crypt_cmd_free_operation(c, &session, op)))
3945 goto out;
3946
3947 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3948 ta_crypt_cmd_allocate_operation(c, &session,
3949 &op, tv->algo, TEE_MODE_DECRYPT,
3950 max_key_size)))
3951 goto out;
3952
3953 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3954 ta_crypt_cmd_set_operation_key(c, &session, op,
3955 priv_key_handle)))
3956 goto out;
3957
3958 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3959 ta_crypt_cmd_free_transient_object(c, &session,
3960 priv_key_handle)))
3961 goto out;
3962
3963 priv_key_handle = TEE_HANDLE_NULL;
3964
3965 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3966 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3967 NULL, 0, out_enc, out_enc_size, out,
3968 &out_size)))
3969 goto out;
3970
3971 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3972 out_size);
3973 break;
3974
3975 case TEE_MODE_DECRYPT:
3976 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3977 ta_crypt_cmd_allocate_operation(c, &session,
3978 &op, tv->algo, TEE_MODE_DECRYPT,
3979 max_key_size)))
3980 goto out;
3981
3982 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3983 ta_crypt_cmd_set_operation_key(c, &session, op,
3984 priv_key_handle)))
3985 goto out;
3986
3987 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3988 ta_crypt_cmd_free_transient_object(c, &session,
3989 priv_key_handle)))
3990 goto out;
3991
3992 priv_key_handle = TEE_HANDLE_NULL;
3993
3994 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3995 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3996 NULL, 0, tv->ctx, tv->ctx_len, out,
3997 &out_size)))
3998 goto out;
3999
4000 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4001 out_size);
4002 break;
4003
4004 case TEE_MODE_VERIFY:
4005 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4006 ta_crypt_cmd_allocate_operation(c, &session,
4007 &op, tv->algo, TEE_MODE_VERIFY,
4008 max_key_size)))
4009 goto out;
4010
4011 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4012 ta_crypt_cmd_set_operation_key(c, &session, op,
4013 pub_key_handle)))
4014 goto out;
4015
4016 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4017 ta_crypt_cmd_free_transient_object(c, &session,
4018 pub_key_handle)))
4019 goto out;
4020
4021 pub_key_handle = TEE_HANDLE_NULL;
4022
4023 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4024 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4025 algo_params, num_algo_params, ptx_hash,
4026 ptx_hash_size, tv->ctx, tv->ctx_len)))
4027 goto out;
4028 break;
4029
4030 case TEE_MODE_SIGN:
4031 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4032 ta_crypt_cmd_allocate_operation(c, &session,
4033 &op, tv->algo, TEE_MODE_SIGN,
4034 max_key_size)))
4035 goto out;
4036
4037 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4038 ta_crypt_cmd_set_operation_key(c, &session, op,
4039 priv_key_handle)))
4040 goto out;
4041
4042 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4043 ta_crypt_cmd_free_transient_object(c, &session,
4044 priv_key_handle)))
4045 goto out;
4046
4047 priv_key_handle = TEE_HANDLE_NULL;
4048
4049 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4050 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4051 algo_params, num_algo_params, ptx_hash,
4052 ptx_hash_size, out, &out_size)))
4053 goto out;
4054
4055 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4056 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4057 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4058 tv->algo == TEE_ALG_DSA_SHA224 ||
4059 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4060 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
4061 TEE_MAIN_ALGO_ECDSA) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4062 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4063 ta_crypt_cmd_free_operation(c, &session,
4064 op)))
4065 goto out;
4066 /*
4067 * The salt or K is random so we can't verify
4068 * signing against precomputed values, instead
4069 * we use the verify operation to see that
4070 * output is correct.
4071 */
4072 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4073 ta_crypt_cmd_allocate_operation(c,
4074 &session, &op, tv->algo,
4075 TEE_MODE_VERIFY, max_key_size)))
4076 goto out;
4077
4078 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4079 ta_crypt_cmd_set_operation_key(c,
4080 &session, op, pub_key_handle)))
4081 goto out;
4082
4083 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4084 ta_crypt_cmd_free_transient_object(c,
4085 &session, pub_key_handle)))
4086 goto out;
4087
4088 pub_key_handle = TEE_HANDLE_NULL;
4089
4090 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4091 ta_crypt_cmd_asymmetric_verify(c,
4092 &session, op, algo_params,
4093 num_algo_params, ptx_hash,
4094 ptx_hash_size, out, out_size)))
4095 goto out;
4096 } else {
4097 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4098 tv->ctx_len, out,
4099 out_size);
4100 }
4101 break;
4102
4103 default:
4104 break;
4105 }
4106
4107 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4108 ta_crypt_cmd_free_operation(c, &session, op)))
4109 goto out;
4110
4111 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4112 ta_crypt_cmd_free_transient_object(c, &session,
4113 pub_key_handle)))
4114 goto out;
4115 pub_key_handle = TEE_HANDLE_NULL;
4116
4117 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4118 ta_crypt_cmd_free_transient_object(c, &session,
4119 priv_key_handle)))
4120 goto out;
4121
4122 priv_key_handle = TEE_HANDLE_NULL;
4123
4124 Do_ADBG_EndSubCase(c, NULL);
4125 }
4126out:
4127 TEEC_CloseSession(&session);
4128}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4129ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4130 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4131
4132#define KEY_ATTR(x, y) { #x, (x), y }
4133
4134struct key_attrs {
4135 const char *name;
4136 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4137 /*
4138 * When keysize_check != 0: size of attribute is checked
4139 * Expected value is key_size bits except for DH in which case it is
4140 * the value of keysize_check.
4141 */
4142 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4143};
4144
4145static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4146 TEE_ObjectHandle key, uint32_t key_size,
4147 struct key_attrs *attrs, size_t num_attrs)
4148{
4149 uint8_t out[2048];
4150 size_t out_size;
4151 size_t n;
4152 size_t m;
4153
4154 for (m = 0; m < num_attrs; m++) {
4155 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4156 out_size = sizeof(out);
4157 memset(out, 0, sizeof(out));
4158 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4159 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4160 key, attrs[m].attr, out, &out_size)))
4161 return false;
4162
4163 if (attrs[m].keysize_check)
4164 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
4165 key_size / 8);
4166
4167 if (out_size > 0) {
4168 /* Check that buffer isn't all zeroes */
4169 for (n = 0; n < out_size; n++)
4170 if (out[n] != 0)
4171 break;
4172 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4173 out_size))
4174 return false;
4175 }
4176 } else {
4177 uint32_t a;
4178 uint32_t b;
4179
4180 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4181 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4182 attrs[m].attr, &a, &b)))
4183 return false;
4184 }
4185 }
4186 return true;
4187}
4188
4189static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4190 TEE_ObjectHandle key, uint32_t key_size)
4191{
4192 const struct key_attrs attrs[] = {
4193 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4194 };
4195
4196 return test_keygen_attributes(c, s, key, key_size,
4197 (struct key_attrs *)&attrs,
4198 ARRAY_SIZE(attrs));
4199}
4200
4201
4202static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4203 TEE_ObjectHandle key, uint32_t key_size)
4204{
4205 const struct key_attrs attrs[] = {
4206 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4207 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4208 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4209 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4210 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4211 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4212 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4213 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4214 };
4215
4216 return test_keygen_attributes(c, s, key, key_size,
4217 (struct key_attrs *)&attrs,
4218 ARRAY_SIZE(attrs));
4219}
4220
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4221static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4222 TEE_ObjectHandle key, uint32_t key_size)
4223{
4224 const struct key_attrs attrs[] = {
4225 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4226 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4227 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4228 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4229 };
4230
4231 return test_keygen_attributes(c, s, key, key_size,
4232 (struct key_attrs *)&attrs,
4233 ARRAY_SIZE(attrs));
4234}
4235
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4236static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4237 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4238{
4239 const struct key_attrs attrs[] = {
4240 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4241 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4242 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4243 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4244 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4245 };
4246
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4247 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4248 (struct key_attrs *)&attrs,
4249 ARRAY_SIZE(attrs));
4250}
4251
4252static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4253 TEE_ObjectHandle key, uint32_t key_size)
4254{
4255 const struct key_attrs attrs[] = {
4256 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4257 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4258 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4259 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4260 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4261 };
4262
4263 return test_keygen_attributes(c, s, key, key_size,
4264 (struct key_attrs *)&attrs,
4265 ARRAY_SIZE(attrs));
4266}
4267
4268static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4269 uint32_t key_type, uint32_t check_keysize,
4270 uint32_t key_size,
4271 TEE_Attribute *params, size_t param_count)
4272{
4273 TEE_ObjectHandle key;
4274 bool ret_val = true;
4275
4276 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4277 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4278 &key)))
4279 return false;
4280
4281 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4282 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4283 param_count)))
4284 return false;
4285
4286 switch (key_type) {
4287 case TEE_TYPE_DES:
4288 case TEE_TYPE_DES3:
4289 ret_val = ADBG_EXPECT_TRUE(c,
4290 test_secret_value(c, s, key,
4291 key_size + key_size / 7));
4292 break;
4293 case TEE_TYPE_AES:
4294 case TEE_TYPE_HMAC_MD5:
4295 case TEE_TYPE_HMAC_SHA1:
4296 case TEE_TYPE_HMAC_SHA224:
4297 case TEE_TYPE_HMAC_SHA256:
4298 case TEE_TYPE_HMAC_SHA384:
4299 case TEE_TYPE_HMAC_SHA512:
4300 case TEE_TYPE_GENERIC_SECRET:
4301 ret_val = ADBG_EXPECT_TRUE(c,
4302 test_secret_value(c, s, key, key_size));
4303 break;
4304
4305 case TEE_TYPE_RSA_KEYPAIR:
4306 ret_val = ADBG_EXPECT_TRUE(c,
4307 test_rsa_key_pair(c, s, key, key_size));
4308 break;
4309
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4310 case TEE_TYPE_ECDSA_KEYPAIR:
4311 case TEE_TYPE_ECDH_KEYPAIR:
4312 ret_val = ADBG_EXPECT_TRUE(c,
4313 test_ecc_key_pair(c, s, key, key_size));
4314 break;
4315
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4316 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4317 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4318 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4319 break;
4320
4321 case TEE_TYPE_DSA_KEYPAIR:
4322 ret_val = ADBG_EXPECT_TRUE(c,
4323 test_dsa_key_pair(c, s, key, key_size));
4324 break;
4325
4326 default:
4327 ret_val = false;
4328 break;
4329 }
4330
4331 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4332 ta_crypt_cmd_free_transient_object(c, s, key)))
4333 return false;
4334
4335 return ret_val;
4336}
4337
4338static void xtest_test_keygen_noparams(ADBG_Case_t *c, TEEC_Session *session)
4339{
4340 size_t n;
4341 uint32_t key_size;
4342 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4343 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4344 const char *name;
4345 uint32_t key_type;
4346 uint32_t quanta;
4347 uint32_t min_size;
4348 uint32_t max_size;
4349 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4350 { 0, "AES", TEE_TYPE_AES, 64, 128,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4351 256 /* valid sizes 128, 192, 256 */ },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4352 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4353 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4354 168 /* valid sizes 112, 168 */ },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4355 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4356 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4357 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4358 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4359 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4360 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4361 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4362 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4363
4364 /* New tests added to check non-regression of issue #5398 */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4365 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4366 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4367 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4368 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4369 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4370 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4371 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4372 };
4373
4374 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4375 uint32_t min_size = key_types[n].min_size;
4376 uint32_t max_size = key_types[n].max_size;
4377 uint32_t quanta = key_types[n].quanta;
4378
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4379 if (key_types[n].level > level)
4380 continue;
4381
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4382 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4383
4384 for (key_size = min_size; key_size <= max_size;
4385 key_size += quanta) {
4386 if (!ADBG_EXPECT_TRUE(c,
4387 generate_and_test_key(c, session, key_types
4388 [n].key_type, 1, key_size, NULL, 0)))
4389 break;
4390 }
4391
4392 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4393 }
4394}
4395
4396static void xtest_test_keygen_dh(ADBG_Case_t *c, TEEC_Session *session)
4397{
4398 size_t n;
4399 size_t param_count;
4400 /*
4401 * Note that the key size parameter is not used when creating the keys
4402 * but specifying these sizes make it possible to test the expected size
4403 * of the private value. This also means that the keysize must match the
4404 * size of p or what is specified in private_bits or the equvivalent
4405 * size of the subprime parameter.
4406 */
4407 TEE_Attribute params[4];
4408
4409#define XTEST_DH_GK_DATA(vect) \
4410 ARRAY(vect ## _p), \
4411 ARRAY(vect ## _g), \
4412 &vect ## _private_bits, \
4413 0, 0
4414#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4415 ARRAY(vect ## _p), \
4416 ARRAY(vect ## _g), \
4417 &vect ## _private_bits, \
4418 ARRAY(vect ## _subprime)
4419 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4420 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4421 uint32_t key_size;
4422 const uint8_t *p;
4423 size_t p_len;
4424 const uint8_t *g;
4425 size_t g_len;
4426 const uint32_t *private_bits;
4427 const uint8_t *subprime;
4428 size_t subprime_len;
4429 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4430 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4431 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4432 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4433 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4434 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4435 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4436 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4437 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4438 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4439 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4440 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4441 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4442 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4443 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4444 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4445 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4446 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4447 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4448 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4449 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4450 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4451 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4452 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4453 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4454 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4455 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4456 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4457 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4458 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4459 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4460 };
4461
4462
4463 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4464 if (key_types[n].level > level)
4465 continue;
4466
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4467 Do_ADBG_BeginSubCase(c,
4468 "Generate DH key %d bits - Private bits = %d",
4469 key_types[n].key_size,
4470 *key_types[n].private_bits);
4471 param_count = 0;
4472
4473 xtest_add_attr(&param_count, params,
4474 TEE_ATTR_DH_PRIME,
4475 key_types[n].p, key_types[n].p_len);
4476
4477 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4478 key_types[n].g, key_types[n].g_len);
4479
4480 if (key_types[n].private_bits != 0) {
4481 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4482
4483 params[param_count].content.value.a =
4484 *key_types[n].private_bits;
4485
4486 params[param_count].content.value.b = 0;
4487 param_count++;
4488 }
4489
4490 if (key_types[n].subprime != 0) {
4491 xtest_add_attr(&param_count, params,
4492 TEE_ATTR_DH_SUBPRIME,
4493 key_types[n].subprime,
4494 key_types[n].subprime_len);
4495 }
4496
4497 if (!ADBG_EXPECT_TRUE(c,
4498 generate_and_test_key(c, session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4499 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4500 key_types[n]. key_size, params, param_count)))
4501 break;
4502
4503 Do_ADBG_EndSubCase(c,
4504 "Generate DH key %d bits - Private bits = %d",
4505 key_types[n].key_size,
4506 *key_types[n].private_bits);
4507 }
4508}
4509
4510static void xtest_test_keygen_dsa(ADBG_Case_t *c, TEEC_Session *session)
4511{
4512 size_t n;
4513 size_t param_count;
4514 TEE_Attribute params[4];
4515
4516#define XTEST_DSA_GK_DATA(vect) \
4517 ARRAY(vect ## _p), \
4518 ARRAY(vect ## _g), \
4519 ARRAY(vect ## _q)
4520 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4521 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4522 uint32_t key_size;
4523 const uint8_t *prime;
4524 size_t prime_len;
4525 const uint8_t *base;
4526 size_t base_len;
4527 const uint8_t *sub_prime;
4528 size_t sub_prime_len;
4529 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4530 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
4531 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
4532 { 1, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4533 { 1, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4534 { 1, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4535 { 1, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4536 { 1, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4537 { 1, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4538 { 1, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4539 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4540 };
4541
4542 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4543 if (key_types[n].level > level)
4544 continue;
4545
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4546 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4547 key_types[n].key_size);
4548 param_count = 0;
4549
4550
4551 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4552 key_types[n].prime, key_types[n].prime_len);
4553
4554 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4555 key_types[n].sub_prime,
4556 key_types[n].sub_prime_len);
4557
4558 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4559 key_types[n].base, key_types[n].base_len);
4560
4561 if (!ADBG_EXPECT_TRUE(c,
4562 generate_and_test_key(c, session, TEE_TYPE_DSA_KEYPAIR,
4563 1, key_types[n]. key_size, params,
4564 param_count)))
4565 break;
4566
4567 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4568 key_types[n].key_size);
4569 }
4570}
4571
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4572static void xtest_test_keygen_ecc(ADBG_Case_t *c, TEEC_Session *session)
4573{
4574 size_t n;
4575 size_t param_count;
4576 TEE_Attribute params[4];
4577
4578 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4579 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4580 const char *name;
4581 uint32_t algo;
4582 uint32_t curve;
4583 uint32_t key_size;
4584 } key_types[] = {
4585 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4586 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4587 192 },
4588 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4589 224 },
4590 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4591 256 },
4592 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4593 384 },
4594 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4595 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4596
4597 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4598 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4599 192 },
4600 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4601 224 },
4602 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4603 256 },
4604 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4605 384 },
4606 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4607 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4608 };
4609
4610 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4611 if (key_types[n].level > level)
4612 continue;
4613
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4614 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4615 param_count = 0;
4616
4617 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4618 key_types[n].curve, 0);
4619
4620 if (!ADBG_EXPECT_TRUE(c,
4621 generate_and_test_key(c, session, key_types[n].algo,
4622 0, key_types[n].key_size, params,
4623 param_count)))
4624 break;
4625
4626 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4627 }
4628}
4629
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4630static void xtest_tee_test_4007(ADBG_Case_t *c)
4631{
4632 TEEC_Session session = { 0 };
4633 uint32_t ret_orig;
4634
4635 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4636 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4637 &ret_orig)))
4638 return;
4639
4640 xtest_test_keygen_noparams(c, &session);
4641
4642 xtest_test_keygen_dh(c, &session);
4643
4644 xtest_test_keygen_dsa(c, &session);
4645
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4646 xtest_test_keygen_ecc (c, &session);
4647
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4648 TEEC_CloseSession(&session);
4649}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4650ADBG_CASE_DEFINE(regression, 4007, xtest_tee_test_4007,
4651 "Test TEE Internal API Generate key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4652
4653static void xtest_tee_test_4008(ADBG_Case_t *c)
4654{
4655 TEEC_Session session = { 0 };
4656 uint32_t ret_orig;
4657 TEE_OperationHandle op;
4658 TEE_ObjectHandle key_handle;
4659 TEE_ObjectHandle sv_handle;
4660 TEE_Attribute params[4];
4661 size_t param_count = 0;
4662 uint8_t out[2048];
4663 size_t out_size;
4664
4665 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4666 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4667 &ret_orig)))
4668 return;
4669
4670 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4671
4672 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4673 ta_crypt_cmd_allocate_operation(c, &session, &op,
4674 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4675 derive_key_max_keysize)))
4676 goto out;
4677
4678 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4679 ta_crypt_cmd_allocate_transient_object(c, & session,
4680 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4681 &key_handle)))
4682 goto out;
4683
4684 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4685 ARRAY(derive_key_dh_prime));
4686
4687 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4688 ARRAY(derive_key_dh_base));
4689
4690 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4691 ARRAY(derive_key_dh_public_value));
4692
4693 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4694 ARRAY(derive_key_dh_private_value));
4695
4696 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4697 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4698 params, param_count)))
4699 goto out;
4700
4701 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4702 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4703 goto out;
4704
4705 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4706 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4707 goto out;
4708
4709 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4710 ta_crypt_cmd_allocate_transient_object(c, &session,
4711 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4712 &sv_handle)))
4713 goto out;
4714
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4715 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4716 param_count = 0;
4717
4718 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4719 ARRAY(derive_key_dh_public_value_2));
4720
4721 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4722 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4723 param_count)))
4724 goto out;
4725
4726 out_size = sizeof(out);
4727 memset(out, 0, sizeof(out));
4728 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4729 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4730 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4731 goto out;
4732
4733 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4734 sizeof(derive_key_dh_shared_secret), out,
4735 out_size))
4736 goto out;
4737
4738 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4739 ta_crypt_cmd_free_operation(c, &session, op)))
4740 goto out;
4741
4742 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4743 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4744 goto out;
4745out:
4746 Do_ADBG_EndSubCase(c, "Derive DH key success");
4747 TEEC_CloseSession(&session);
4748}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4749ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
4750 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4751
4752static void xtest_tee_test_4009(ADBG_Case_t *c)
4753{
4754 TEEC_Session session = { 0 };
4755 uint32_t ret_orig;
4756 TEE_OperationHandle op;
4757 TEE_ObjectHandle key_handle;
4758 TEE_ObjectHandle sv_handle;
4759 TEE_Attribute params[4];
4760 size_t param_count = 0;
4761 uint8_t out[2048];
4762 size_t out_size;
4763 uint32_t size_bytes;
Peng Fane13ad9b2015-07-21 11:46:26 +0800[diff] [blame]4764 uint32_t i;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4765 struct derive_key_ecdh_t *pt;
4766
4767 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4768 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4769 &ret_orig)))
4770 return;
4771
4772 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4773 pt = &derive_key_ecdh[i];
4774
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]4775 if (pt->level > level)
4776 continue;
4777
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4778 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4779 pt->algo);
4780 size_bytes = (pt->keysize + 7) / 8;
4781 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4782 ta_crypt_cmd_allocate_operation(c, &session, &op,
4783 pt->algo,
4784 TEE_MODE_DERIVE, pt->keysize)))
4785 goto out;
4786
4787 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4788 ta_crypt_cmd_allocate_transient_object(c, & session,
4789 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4790 &key_handle)))
4791 goto out;
4792
4793 param_count = 0;
4794 xtest_add_attr_value(&param_count, params,
4795 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4796 xtest_add_attr(&param_count, params,
4797 TEE_ATTR_ECC_PRIVATE_VALUE,
4798 pt->private, size_bytes);
4799 /*
4800 * The public value is not used. This is why we provide
4801 * another buffer
4802 */
4803 xtest_add_attr(&param_count, params,
4804 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4805 pt->private, size_bytes);
4806 xtest_add_attr(&param_count, params,
4807 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4808 pt->private, size_bytes);
4809
4810 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4811 ta_crypt_cmd_populate_transient_object(c,
4812 &session,
4813 key_handle, params, param_count)))
4814 goto out;
4815
4816 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4817 ta_crypt_cmd_set_operation_key(c, &session, op,
4818 key_handle)))
4819 goto out;
4820
4821 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4822 ta_crypt_cmd_free_transient_object(c, & session,
4823 key_handle)))
4824 goto out;
4825
4826 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4827 ta_crypt_cmd_allocate_transient_object(c, &session,
4828 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4829 &sv_handle)))
4830 goto out;
4831
4832 /* reuse but reset params and param-count */
4833 param_count = 0;
4834
4835 xtest_add_attr(&param_count, params,
4836 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4837 pt->public_x, size_bytes);
4838 xtest_add_attr(&param_count, params,
4839 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4840 pt->public_y, size_bytes);
4841
4842 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4843 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4844 params, param_count)))
4845 goto out;
4846
4847 out_size = sizeof(out);
4848 memset(out, 0, sizeof(out));
4849 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4850 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4851 sv_handle,
4852 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4853 goto out;
4854
4855 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4856 out, out_size))
4857 goto out;
4858
4859 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4860 ta_crypt_cmd_free_operation(c, &session, op)))
4861 goto out;
4862
4863 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4864 ta_crypt_cmd_free_transient_object(c, &session,
4865 sv_handle)))
4866 goto out;
4867
4868 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4869 pt->algo);
4870 }
4871
4872 goto noerror;
4873
4874out:
4875 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4876
4877noerror:
4878 TEEC_CloseSession(&session);
4879}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4880ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
4881 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4882
4883static void xtest_tee_test_4010(ADBG_Case_t *c)
4884{
4885 TEEC_Session session = { 0 };
4886 uint32_t ret_orig;
4887 TEE_ObjectHandle o;
4888 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
4889 static const TEE_Attribute attr = {
4890 .attributeID = TEE_ATTR_SECRET_VALUE,
4891 .content.ref.buffer = (void *)large_key,
4892 .content.ref.length = sizeof(large_key),
4893 };
4894
4895 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4896 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4897 &ret_orig)))
4898 return;
4899
4900 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4901 ta_crypt_cmd_allocate_transient_object(c, &session,
4902 TEE_TYPE_HMAC_SHA256, 1024, &o)))
4903 goto out;
4904
4905 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
4906 ta_crypt_cmd_populate_transient_object(c, &session, o,
4907 &attr, 1));
4908
4909out:
4910 TEEC_CloseSession(&session);
4911}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4912ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
4913 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4914
4915static void xtest_tee_test_4011(ADBG_Case_t *c)
4916{
4917 TEEC_Session s = { 0 };
4918 size_t key_size = 512;
4919 TEE_ObjectHandle key;
4920 TEE_OperationHandle ops;
4921 TEE_OperationHandle opv;
4922 TEE_OperationHandle ope;
4923 TEE_OperationHandle opd;
4924 uint32_t ret_orig;
4925 uint8_t in[TEE_SHA1_HASH_SIZE];
4926 uint8_t out[1024];
4927 uint8_t tmp[1024];
4928 size_t out_size;
4929 size_t tmp_size;
4930 size_t n;
4931 size_t m;
4932 size_t i = 0;
4933
4934 /* Setup session, initialize message to sign, create a keypair */
4935 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
4936 &crypt_user_ta_uuid, NULL, &ret_orig)))
4937 return;
4938 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
4939 &s, in, sizeof(in))))
4940 goto out;
4941 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
4942 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
4943 goto out;
4944 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
4945 key, key_size, NULL, 0)))
4946 goto out;
4947
4948 /* Allocate operations for sign, verify, encrypt and decrypt */
4949 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4950 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
4951 key_size)))
4952 goto out;
4953 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4954 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
4955 key_size)))
4956 goto out;
4957 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4958 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
4959 goto out;
4960 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4961 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
4962 goto out;
4963
4964 /* Assign the keypair to all operations */
4965 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4966 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
4967 goto out;
4968 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4969 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
4970 goto out;
4971 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4972 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
4973 goto out;
4974 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4975 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
4976 goto out;
4977
4978 /*
4979 * The core of the test case is inspired by the one in libtomcrypt:
4980 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
4981 *
4982 * Testcase for Bleichenbacher attack
4983 *
4984 * (1) Create a valid signature
4985 * (2) Check that it can be verified
4986 * (3) Transform the package to fetch plain text (using the encrypt
4987 * operation in GP TEE Internal API)
4988 * (4) Forge the structure of PKCS#1-EMSA encoded data
4989 * (4.1) Search for start and end of the padding string
4990 * (4.2) Move the signature to the front of the padding string
4991 * (4.3) Zero the message until the end
4992 * (5) Transform the package back (using the decrypt operation in
4993 * GP TEE Internal API)
4994 * (6) The result should not be valid if the implementation is robust.
4995 */
4996
4997
4998 for (i = 0; i < 9; i++) {
4999 Do_ADBG_Log("Iteration %zu", i);
5000
5001 /* 1 */
5002 out_size = sizeof(out);
5003 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5004 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5005 in, sizeof(in), out, &out_size)))
5006 goto out;
5007
5008 /* 2 */
5009 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5010 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5011 in, sizeof(in), out, out_size)))
5012 goto out;
5013
5014 /* 3 */
5015 tmp_size = sizeof(tmp);
5016 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5017 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5018 out, out_size, tmp, &tmp_size)))
5019 goto out;
5020
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame^]5021 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5022 goto out;
5023
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5024 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame^]5025 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5026 if (tmp[n] == 0xff)
5027 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame^]5028
5029 /* Shall find at least a padding start before buffer end */
5030 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5031 goto out;
5032
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5033 for (m = n + 1; m < tmp_size; m++)
5034 if (tmp[m] != 0xff)
5035 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame^]5036
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5037 /* 4.2 */
5038 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame^]5039
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5040 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame^]5041 n = n + i + tmp_size - m;
5042 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5043
5044 /* 5 */
5045 out_size = sizeof(out);
5046 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5047 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5048 tmp, tmp_size, out, &out_size)))
5049 goto out;
5050
5051 /* 6 */
5052 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5053 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5054 in, sizeof(in), out, out_size)))
5055 goto out;
5056 }
5057
5058out:
5059 TEEC_CloseSession(&s);
5060}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5061ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5062 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5063
5064#ifdef CFG_SYSTEM_PTA
5065static void xtest_tee_test_4012(ADBG_Case_t *c)
5066{
5067 TEEC_Session session = { 0 };
5068 uint32_t ret_orig;
5069 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5070 /* Fortuna PRNG requires seed <= 32 bytes */
5071 uint8_t pool_input[32] = {};
5072 time_t t;
5073 struct tm tm_local;
5074
5075 t = time(NULL);
5076 tm_local = *localtime(&t);
5077
5078 memcpy((void *)pool_input, (void *)&tm_local,
5079 sizeof(pool_input) < sizeof(tm_local) ?
5080 sizeof(pool_input) : sizeof(tm_local));
5081
5082
5083 op.params[0].tmpref.buffer = pool_input;
5084 op.params[0].tmpref.size = sizeof(pool_input);
5085 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5086 TEEC_NONE,
5087 TEEC_NONE,
5088 TEEC_NONE);
5089 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5090 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5091 &ret_orig)))
5092 return;
5093
5094 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5095 TEEC_InvokeCommand(&session,
5096 TA_CRYPT_CMD_SEED_RNG_POOL,
5097 &op,
5098 &ret_orig));
5099 TEEC_CloseSession(&session);
5100}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5101ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5102 "Test seeding RNG entropy");
5103#endif /*CFG_SYSTEM_PTA*/