TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 0afe00c27774a8046cbf7e57cf16a9904aa033c1 / . / host / xtest / regression_4000.c
blob: 4f8c7134e7251982ee8bfd4941c14eaff91dd88d [file] [log] [blame]
Etienne Carriere9b7b70d2020-05-16 10:27:23 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2/*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame^]4 * Copyright (c) 2021, SumUp Services GmbH
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5 */
6
7#include <stdio.h>
8#include <string.h>
9#include <inttypes.h>
10#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]11#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]12
13#include "xtest_test.h"
14#include "xtest_helpers.h"
15
16#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]17#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]18#include <ta_crypt.h>
19#include <utee_defines.h>
20#include <util.h>
21
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]22#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]23#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]24
25#include <assert.h>
26
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]27static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
28 TEE_OperationHandle oph)
29{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]30 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]32 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]33
34 assert((uintptr_t)oph <= UINT32_MAX);
35 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
36 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
37 TEEC_NONE);
38 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
39 &ret_orig);
40 if (res != TEEC_SUCCESS) {
41 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
42 ret_orig);
43 }
44 return res;
45}
46
47static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
48 TEEC_Session *s,
49 TEE_OperationHandle dst_oph,
50 TEE_OperationHandle src_oph)
51{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]52 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]53 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]54 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]55
56 assert((uintptr_t)dst_oph <= UINT32_MAX);
57 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
58
59 assert((uintptr_t)src_oph <= UINT32_MAX);
60 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
61 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
62 TEEC_NONE);
63
64 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
65 &ret_orig);
66
67 if (res != TEEC_SUCCESS) {
68 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
69 ret_orig);
70 }
71 return res;
72}
73
74static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
75 TEE_OperationHandle oph,
76 const void *chunk,
77 size_t chunk_size)
78{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]79 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]80 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]81 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]82
83 assert((uintptr_t)oph <= UINT32_MAX);
84 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
85 op.params[1].tmpref.buffer = (void *)chunk;
86 op.params[1].tmpref.size = chunk_size;
87
88 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
89 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
90 TEEC_NONE);
91
92 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
93
94 if (res != TEEC_SUCCESS) {
95 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
96 ret_orig);
97 }
98
99 return res;
100}
101
102static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
103 TEE_OperationHandle oph,
104 const void *chunk,
105 size_t chunk_len, void *hash,
106 size_t *hash_len)
107{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]108 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]109 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]110 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]111
112 assert((uintptr_t)oph <= UINT32_MAX);
113 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
114
115 op.params[1].tmpref.buffer = (void *)chunk;
116 op.params[1].tmpref.size = chunk_len;
117
118 op.params[2].tmpref.buffer = (void *)hash;
119 op.params[2].tmpref.size = *hash_len;
120
121 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
122 TEEC_MEMREF_TEMP_INPUT,
123 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
124
125 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
126 &ret_orig);
127
128 if (res != TEEC_SUCCESS) {
129 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
130 ret_orig);
131 }
132
133 if (res == TEEC_SUCCESS)
134 *hash_len = op.params[2].tmpref.size;
135
136 return res;
137}
138
139static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
140 TEEC_Session *s,
141 TEE_OperationHandle oph,
142 TEE_ObjectHandle key1,
143 TEE_ObjectHandle key2)
144{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]145 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]146 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]147 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]148
149 assert((uintptr_t)oph <= UINT32_MAX);
150 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
151
152 assert((uintptr_t)key1 <= UINT32_MAX);
153 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
154
155 assert((uintptr_t)key2 <= UINT32_MAX);
156 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
157 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
158 TEEC_NONE, TEEC_NONE);
159
160 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
161 &ret_orig);
162
163 if (res != TEEC_SUCCESS) {
164 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
165 ret_orig);
166 }
167
168 return res;
169}
170
171static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
172 TEE_OperationHandle oph,
173 const void *iv, size_t iv_len)
174{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]175 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]176 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]177 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]178
179 assert((uintptr_t)oph <= UINT32_MAX);
180 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
181
182 if (iv != NULL) {
183 op.params[1].tmpref.buffer = (void *)iv;
184 op.params[1].tmpref.size = iv_len;
185 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
186 TEEC_MEMREF_TEMP_INPUT,
187 TEEC_NONE, TEEC_NONE);
188 } else {
189 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
190 TEEC_NONE, TEEC_NONE);
191 }
192
193 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
194
195 if (res != TEEC_SUCCESS) {
196 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
197 ret_orig);
198 }
199
200 return res;
201}
202
203static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
204 TEE_OperationHandle oph,
205 const void *chunk, size_t chunk_size)
206{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]207 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]208 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]209 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]210
211 assert((uintptr_t)oph <= UINT32_MAX);
212 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
213
214 op.params[1].tmpref.buffer = (void *)chunk;
215 op.params[1].tmpref.size = chunk_size;
216
217 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
218 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
219 TEEC_NONE);
220
221 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
222
223 if (res != TEEC_SUCCESS) {
224 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
225 ret_orig);
226 }
227
228 return res;
229}
230
231static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
232 TEEC_Session *s,
233 TEE_OperationHandle oph,
234 const void *chunk,
235 size_t chunk_len,
236 void *hash,
237 size_t *hash_len)
238{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]239 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]240 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]241 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]242
243 assert((uintptr_t)oph <= UINT32_MAX);
244 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
245
246 op.params[1].tmpref.buffer = (void *)chunk;
247 op.params[1].tmpref.size = chunk_len;
248
249 op.params[2].tmpref.buffer = (void *)hash;
250 op.params[2].tmpref.size = *hash_len;
251
252 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
253 TEEC_MEMREF_TEMP_INPUT,
254 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
255
256 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
257 &ret_orig);
258
259 if (res != TEEC_SUCCESS) {
260 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
261 ret_orig);
262 }
263
264 if (res == TEEC_SUCCESS)
265 *hash_len = op.params[2].tmpref.size;
266
267 return res;
268}
269
270static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
271 TEE_OperationHandle oph,
272 const void *iv, size_t iv_len)
273{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]274 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]275 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]276 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]277
278 assert((uintptr_t)oph <= UINT32_MAX);
279 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
280
281 if (iv != NULL) {
282 op.params[1].tmpref.buffer = (void *)iv;
283 op.params[1].tmpref.size = iv_len;
284
285 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
286 TEEC_MEMREF_TEMP_INPUT,
287 TEEC_NONE, TEEC_NONE);
288 } else {
289 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
290 TEEC_NONE, TEEC_NONE);
291 }
292
293 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
294
295 if (res != TEEC_SUCCESS) {
296 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
297 ret_orig);
298 }
299
300 return res;
301}
302
303static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
304 TEE_OperationHandle oph,
305 const void *src, size_t src_len,
306 void *dst, size_t *dst_len)
307{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]308 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]309 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]310 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]311
312 assert((uintptr_t)oph <= UINT32_MAX);
313 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
314
315 op.params[1].tmpref.buffer = (void *)src;
316 op.params[1].tmpref.size = src_len;
317
318 op.params[2].tmpref.buffer = dst;
319 op.params[2].tmpref.size = *dst_len;
320
321 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
322 TEEC_MEMREF_TEMP_INPUT,
323 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
324
325 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
326
327 if (res != TEEC_SUCCESS) {
328 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
329 ret_orig);
330 }
331
332 if (res == TEEC_SUCCESS)
333 *dst_len = op.params[2].tmpref.size;
334
335 return res;
336}
337
338static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
339 TEEC_Session *s,
340 TEE_OperationHandle oph,
341 const void *src,
342 size_t src_len,
343 void *dst,
344 size_t *dst_len)
345{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]346 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]347 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]348 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]349
350 assert((uintptr_t)oph <= UINT32_MAX);
351 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
352
353 op.params[1].tmpref.buffer = (void *)src;
354 op.params[1].tmpref.size = src_len;
355
356 op.params[2].tmpref.buffer = (void *)dst;
357 op.params[2].tmpref.size = *dst_len;
358
359 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
360 TEEC_MEMREF_TEMP_INPUT,
361 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
362
363 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
364 &ret_orig);
365
366 if (res != TEEC_SUCCESS) {
367 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
368 ret_orig);
369 }
370
371 if (res == TEEC_SUCCESS)
372 *dst_len = op.params[2].tmpref.size;
373
374 return res;
375}
376
377static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
378 TEEC_Session *s,
379 void *buf,
380 size_t blen)
381{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]382 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]383 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]384 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]385
386 op.params[0].tmpref.buffer = buf;
387 op.params[0].tmpref.size = blen;
388
389 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
390 TEEC_NONE, TEEC_NONE);
391
Joakim Bech81f97e32020-05-27 12:14:23 +0200[diff] [blame]392 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE, &op,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]393 &ret_orig);
394
395 if (res != TEEC_SUCCESS) {
396 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
397 ret_orig);
398 }
399
400 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
401 op.params[0].tmpref.size);
402 return res;
403}
404
405static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
406 TEE_OperationHandle oph,
407 const void *nonce, size_t nonce_len,
408 size_t tag_len, size_t aad_len,
409 size_t payload_len)
410{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]411 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]412 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]413 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]414
415 assert((uintptr_t)oph <= UINT32_MAX);
416 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
417 op.params[0].value.b = tag_len;
418
419 op.params[1].tmpref.buffer = (void *)nonce;
420 op.params[1].tmpref.size = nonce_len;
421
422 op.params[2].value.a = aad_len;
423 op.params[2].value.b = payload_len;
424
425 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
426 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]427 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]428
429 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
430
431 if (res != TEEC_SUCCESS) {
432 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
433 ret_orig);
434 }
435 return res;
436}
437
438static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
439 TEE_OperationHandle oph,
440 const void *aad, size_t aad_len)
441{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]442 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]443 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]444 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]445
446 assert((uintptr_t)oph <= UINT32_MAX);
447 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
448
449 op.params[1].tmpref.buffer = (void *)aad;
450 op.params[1].tmpref.size = aad_len;
451
452 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
453 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
454 TEEC_NONE);
455
456 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
457
458 if (res != TEEC_SUCCESS) {
459 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
460 ret_orig);
461 }
462
463 return res;
464}
465
466static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
467 TEEC_Session *s,
468 TEE_OperationHandle oph,
469 const void *src,
470 size_t src_len,
471 void *dst,
472 size_t *dst_len)
473{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]474 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]475 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]476 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]477
478 assert((uintptr_t)oph <= UINT32_MAX);
479 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
480
481 op.params[1].tmpref.buffer = (void *)src;
482 op.params[1].tmpref.size = src_len;
483
484 op.params[2].tmpref.buffer = (void *)dst;
485 op.params[2].tmpref.size = *dst_len;
486
487 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
488 TEEC_MEMREF_TEMP_INPUT,
489 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
490
491 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
492
493 if (res != TEEC_SUCCESS) {
494 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
495 ret_orig);
496 }
497
498 if (res == TEEC_SUCCESS)
499 *dst_len = op.params[2].tmpref.size;
500
501 return res;
502}
503
504static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
505 TEEC_Session *s,
506 TEE_OperationHandle oph,
507 const void *src,
508 size_t src_len, void *dst,
509 size_t *dst_len, void *tag,
510 size_t *tag_len)
511{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]512 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]513 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]514 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]515
516 assert((uintptr_t)oph <= UINT32_MAX);
517 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
518
519 op.params[1].tmpref.buffer = (void *)src;
520 op.params[1].tmpref.size = src_len;
521
522 op.params[2].tmpref.buffer = (void *)dst;
523 op.params[2].tmpref.size = *dst_len;
524
525 op.params[3].tmpref.buffer = (void *)tag;
526 op.params[3].tmpref.size = *tag_len;
527
528 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
529 TEEC_MEMREF_TEMP_INPUT,
530 TEEC_MEMREF_TEMP_OUTPUT,
531 TEEC_MEMREF_TEMP_OUTPUT);
532
533 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
534 &ret_orig);
535
536 if (res != TEEC_SUCCESS) {
537 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
538 ret_orig);
539 }
540
541 if (res == TEEC_SUCCESS) {
542 *dst_len = op.params[2].tmpref.size;
543 *tag_len = op.params[3].tmpref.size;
544 }
545
546 return res;
547}
548
549static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
550 TEEC_Session *s,
551 TEE_OperationHandle oph,
552 const void *src, size_t src_len,
553 void *dst, size_t *dst_len,
554 const void *tag, size_t tag_len)
555{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]556 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]557 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]558 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]559
560 assert((uintptr_t)oph <= UINT32_MAX);
561 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
562
563 op.params[1].tmpref.buffer = (void *)src;
564 op.params[1].tmpref.size = src_len;
565
566 op.params[2].tmpref.buffer = dst;
567 op.params[2].tmpref.size = *dst_len;
568
569 op.params[3].tmpref.buffer = (void *)tag;
570 op.params[3].tmpref.size = tag_len;
571
572 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
573 TEEC_MEMREF_TEMP_INPUT,
574 TEEC_MEMREF_TEMP_OUTPUT,
575 TEEC_MEMREF_TEMP_INPUT);
576
577 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
578 &ret_orig);
579
580 if (res != TEEC_SUCCESS) {
581 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
582 ret_orig);
583 }
584
585 if (res == TEEC_SUCCESS)
586 *dst_len = op.params[2].tmpref.size;
587
588 return res;
589}
590
591static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
592 TEEC_Session *s,
593 TEE_OperationHandle oph,
594 uint32_t cmd,
595 const TEE_Attribute *params,
596 uint32_t paramCount,
597 const void *src,
598 size_t src_len,
599 void *dst,
600 size_t *dst_len)
601{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]602 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]603 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]604 uint32_t ret_orig = 0;
605 uint8_t *buf = NULL;
606 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]607
608 res = pack_attrs(params, paramCount, &buf, &blen);
609 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
610 return res;
611
612 assert((uintptr_t)oph <= UINT32_MAX);
613 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
614
615 op.params[1].tmpref.buffer = buf;
616 op.params[1].tmpref.size = blen;
617
618 op.params[2].tmpref.buffer = (void *)src;
619 op.params[2].tmpref.size = src_len;
620
621 op.params[3].tmpref.buffer = dst;
622 op.params[3].tmpref.size = *dst_len;
623
624 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
625 TEEC_MEMREF_TEMP_INPUT,
626 TEEC_MEMREF_TEMP_INPUT,
627 TEEC_MEMREF_TEMP_OUTPUT);
628
629 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
630
631 if (res != TEEC_SUCCESS) {
632 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
633 ret_orig);
634 }
635
636 if (res == TEEC_SUCCESS)
637 *dst_len = op.params[3].tmpref.size;
638
639 free(buf);
640 return res;
641}
642
643static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
644 TEEC_Session *s,
645 TEE_OperationHandle oph,
646 const TEE_Attribute *params,
647 uint32_t paramCount,
648 const void *src,
649 size_t src_len,
650 void *dst,
651 size_t *dst_len)
652{
653 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
654 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
655 params, paramCount,
656 src, src_len, dst, dst_len);
657}
658
659static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
660 TEEC_Session *s,
661 TEE_OperationHandle oph,
662 const TEE_Attribute *params,
663 uint32_t paramCount,
664 const void *src,
665 size_t src_len,
666 void *dst,
667 size_t *dst_len)
668{
669 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
670 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
671 params, paramCount,
672 src, src_len, dst, dst_len);
673}
674
675static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
676 TEEC_Session *s,
677 TEE_OperationHandle oph,
678 const TEE_Attribute *params,
679 uint32_t paramCount,
680 const void *digest,
681 size_t digest_len,
682 void *signature,
683 size_t *signature_len)
684{
685 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
686 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
687 digest, digest_len, signature, signature_len);
688}
689
690static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
691 TEEC_Session *s,
692 TEE_OperationHandle oph,
693 const TEE_Attribute *params,
694 uint32_t paramCount,
695 const void *digest,
696 size_t digest_len,
697 const void *signature,
698 size_t signature_len)
699{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]700 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]701 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]702 uint32_t ret_orig = 0;
703 uint8_t *buf = NULL;
704 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]705
706 res = pack_attrs(params, paramCount, &buf, &blen);
707 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
708 return res;
709
710 assert((uintptr_t)oph <= UINT32_MAX);
711 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
712
713 op.params[1].tmpref.buffer = buf;
714 op.params[1].tmpref.size = blen;
715
716 op.params[2].tmpref.buffer = (void *)digest;
717 op.params[2].tmpref.size = digest_len;
718
719 op.params[3].tmpref.buffer = (void *)signature;
720 op.params[3].tmpref.size = signature_len;
721
722 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
723 TEEC_MEMREF_TEMP_INPUT,
724 TEEC_MEMREF_TEMP_INPUT,
725 TEEC_MEMREF_TEMP_INPUT);
726
727 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
728 &op, &ret_orig);
729
730 if (res != TEEC_SUCCESS) {
731 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
732 ret_orig);
733 }
734
735 free(buf);
736 return res;
737}
738
739static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
740 TEEC_Session *s,
741 TEE_ObjectHandle o,
742 uint32_t attr_id,
743 uint32_t *valuea,
744 uint32_t *valueb)
745{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]746 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]747 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]748 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]749
750 assert((uintptr_t)o <= UINT32_MAX);
751 op.params[0].value.a = (uint32_t)(uintptr_t)o;
752 op.params[0].value.b = attr_id;
753 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
754 TEEC_NONE, TEEC_NONE);
755
756 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
757 &op, &ret_orig);
758
759 if (res != TEEC_SUCCESS) {
760 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
761 ret_orig);
762 }
763
764 if (res == TEEC_SUCCESS) {
765 *valuea = op.params[1].value.a;
766 *valueb = op.params[1].value.b;
767 }
768
769 return res;
770}
771
772static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
773 TEEC_Session *s,
774 TEE_ObjectHandle o,
775 uint32_t key_size,
776 const TEE_Attribute *params,
777 uint32_t paramCount)
778{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]779 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]780 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]781 uint32_t ret_orig = 0;
782 uint8_t *buf = NULL;
783 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]784
785 res = pack_attrs(params, paramCount, &buf, &blen);
786 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
787 return res;
788
789 assert((uintptr_t)o <= UINT32_MAX);
790 op.params[0].value.a = (uint32_t)(uintptr_t)o;
791 op.params[0].value.b = key_size;
792
793 op.params[1].tmpref.buffer = buf;
794 op.params[1].tmpref.size = blen;
795
796 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
797 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
798 TEEC_NONE);
799
800 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
801
802 if (res != TEEC_SUCCESS) {
803 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
804 ret_orig);
805 }
806
807 free(buf);
808 return res;
809}
810
811static const uint8_t hash_data_md5_in1[] = {
812 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
813};
814
815static const uint8_t hash_data_md5_out1[] = {
816 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
817 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
818};
819
820static const uint8_t hash_data_sha1_in1[] = {
821 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
822};
823
824static const uint8_t hash_data_sha1_out1[] = {
825 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
826 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
827 0xc1, 0x5e, 0x7c, 0x9c
828};
829
830static const uint8_t hash_data_sha224_in1[] = {
831 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
832};
833
834static const uint8_t hash_data_sha224_out1[] = {
835 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
836 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
837 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
838 0x92, 0x49, 0xd8, 0x44
839};
840
841static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
842
843static const uint8_t hash_data_sha256_out1[] = {
844 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
845 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
846 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
847 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
848};
849
850static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
851
852static const uint8_t hash_data_sha256_out2[] = {
853 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
854 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
855 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
856 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
857};
858
859
860static const uint8_t hash_data_sha384_in1[] = {
861 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
862};
863
864static const uint8_t hash_data_sha384_out1[] = {
865 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
866 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
867 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
868 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
869 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
870 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
871};
872
873static const uint8_t hash_data_sha512_in1[] = {
874 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
875};
876
877static const uint8_t hash_data_sha512_out1[] = {
878 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
879 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
880 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
881 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
882 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
883 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
884 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
885 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
886};
887
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]888/*
889 * SM3
890 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]891 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]892 */
893static const uint8_t hash_data_sm3_a1_in[3] = "abc";
894
895static const uint8_t hash_data_sm3_a1_out[] = {
896 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
897 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
898 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
899 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
900};
901
902/*
903 * SM3
904 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]905 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]906 */
907static const uint8_t hash_data_sm3_a2_in[] = {
908 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
909 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
910 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
911 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
912 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
913 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
914 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
915 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
916};
917
918static const uint8_t hash_data_sm3_a2_out[] = {
919 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
920 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
921 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
922 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
923};
924
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]925struct xtest_hash_case {
926 uint32_t algo;
927 size_t in_incr;
928 const uint8_t *in;
929 size_t in_len;
930 const uint8_t *out;
931 size_t out_len;
932};
933
934#define XTEST_HASH_CASE(algo, in_incr, in, out) \
935 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
936
937static const struct xtest_hash_case hash_cases[] = {
938 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
939 hash_data_md5_out1),
940 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
941 hash_data_sha1_out1),
942 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
943 hash_data_sha224_out1),
944 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
945 hash_data_sha256_out1),
946 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
947 hash_data_sha256_out2),
948 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
949 hash_data_sha384_out1),
950 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
951 hash_data_sha512_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]952 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
953 hash_data_sm3_a1_out),
954 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
955 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]956};
957
958static void xtest_tee_test_4001(ADBG_Case_t *c)
959{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]960 TEEC_Session session = { };
961 uint32_t ret_orig = 0;
962 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]963
964 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
965 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
966 &ret_orig)))
967 return;
968
969
970 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]971 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
972 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
973 uint8_t out[64] = { };
974 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]975
Jerome Forissier87b00c02020-01-22 16:33:12 +0100[diff] [blame]976 if (hash_cases[n].algo == TEE_ALG_SM3 &&
977 !ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM3,
978 TEE_CRYPTO_ELEMENT_NONE)) {
979 Do_ADBG_Log("SM3 not supported: skip subcase");
980 continue;
981 }
982
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]983 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
984 (int)n, (unsigned int)hash_cases[n].algo);
985
986 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
987 ta_crypt_cmd_allocate_operation(c, &session, &op1,
988 hash_cases[n].algo,
989 TEE_MODE_DIGEST, 0)))
990 goto out;
991
992 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
993 ta_crypt_cmd_allocate_operation(c, &session, &op2,
994 hash_cases[n].algo,
995 TEE_MODE_DIGEST, 0)))
996 goto out;
997
998 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
999 ta_crypt_cmd_digest_update(c, &session, op1,
1000 hash_cases[n].in,
1001 hash_cases[n].in_incr)))
1002 goto out;
1003
1004 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1005 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1006 goto out;
1007
1008 out_size = sizeof(out);
1009 memset(out, 0, sizeof(out));
1010 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1011 ta_crypt_cmd_digest_do_final(c, &session, op2,
1012 hash_cases[n].in + hash_cases[n].in_incr,
1013 hash_cases[n].in_len - hash_cases[n].in_incr,
1014 out, &out_size)))
1015 goto out;
1016
1017 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1018 hash_cases[n].out_len, out, out_size);
1019
1020 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1021 ta_crypt_cmd_reset_operation(c, &session, op1)))
1022 goto out;
1023
1024 out_size = sizeof(out);
1025 memset(out, 0, sizeof(out));
1026 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1027 ta_crypt_cmd_digest_do_final(c, &session, op1,
1028 hash_cases[n].in,
1029 hash_cases[n].in_len, out,
1030 &out_size)))
1031 goto out;
1032
1033 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1034 hash_cases[n].out_len, out, out_size);
1035
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1036 /*
1037 * Invoke TEE_DigestDoFinal() a second time to check that state
1038 * was properly reset
1039 */
1040 out_size = sizeof(out);
1041 memset(out, 0, sizeof(out));
1042 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1043 ta_crypt_cmd_digest_do_final(c, &session, op1,
1044 hash_cases[n].in,
1045 hash_cases[n].in_len, out,
1046 &out_size)))
1047 goto out;
1048
1049 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1050 hash_cases[n].out_len, out, out_size);
1051
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1052 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1053 ta_crypt_cmd_free_operation(c, &session, op1)))
1054 goto out;
1055
1056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1057 ta_crypt_cmd_free_operation(c, &session, op2)))
1058 goto out;
1059
1060 Do_ADBG_EndSubCase(c, NULL);
1061 }
1062
1063out:
1064 TEEC_CloseSession(&session);
1065}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1066ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1067 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1068
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1069struct xtest_mac_case {
1070 uint32_t algo;
1071 uint32_t key_type;
1072 const uint8_t *key;
1073 size_t key_len;
1074 size_t in_incr;
1075 const uint8_t *in;
1076 size_t in_len;
1077 const uint8_t *out;
1078 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1079 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1080};
1081
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1082#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1083 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1084 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1085
1086#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1087 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1088 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1089
1090#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1091 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1092 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1093
1094#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1095 XTEST_MAC_CASE((algo), (key_type), \
1096 mac_cbc_ ## vect ## _key, (in_incr), \
1097 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1098
1099#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1100 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1101 mac_cmac_ ## vect ## _key, (in_incr), \
1102 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1103
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame^]1104#define XTEST_MAC_DES3_CMAC_CASE(vect, in_incr) \
1105 XTEST_MAC_CASE(TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, \
1106 mac_des3_cmac_ ## vect ## _key, (in_incr), \
1107 mac_des3_cmac_ ## vect ## _data, mac_des3_cmac_ ## vect ## _out)
1108
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1109static const struct xtest_mac_case mac_cases[] = {
1110 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1111 mac_data_md5_key1,
1112 4, mac_data_md5_in1, mac_data_md5_out1),
1113 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1114 mac_data_sha1_key1,
1115 5, mac_data_sha1_in1, mac_data_sha1_out1),
1116 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1117 mac_data_sha224_key1,
1118 8, mac_data_sha224_in1, mac_data_sha224_out1),
1119 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1120 mac_data_sha256_key1,
1121 1, mac_data_sha256_in1, mac_data_sha256_out1),
1122 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1123 mac_data_sha256_key2,
1124 7, mac_data_sha256_in2, mac_data_sha256_out2),
1125 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1126 mac_data_sha384_key1,
1127 11, mac_data_sha384_in1, mac_data_sha384_out1),
1128 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1129 mac_data_sha512_key1,
1130 13, mac_data_sha512_in1, mac_data_sha512_out1),
1131
1132 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1133 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1134 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1135 17),
1136 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1137 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1138 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1139 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1140 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1141 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1142 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1143 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1144
1145 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1146 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1147 ARRAY_SIZE(mac_cmac_vect1_out) },
1148 XTEST_MAC_CMAC_CASE(vect2, 9),
1149 XTEST_MAC_CMAC_CASE(vect3, 9),
1150 XTEST_MAC_CMAC_CASE(vect4, 9),
1151 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1152 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1153 ARRAY_SIZE(mac_cmac_vect5_out) },
1154 XTEST_MAC_CMAC_CASE(vect6, 9),
1155 XTEST_MAC_CMAC_CASE(vect7, 9),
1156 XTEST_MAC_CMAC_CASE(vect8, 9),
1157 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1158 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1159 ARRAY_SIZE(mac_cmac_vect9_out) },
1160 XTEST_MAC_CMAC_CASE(vect10, 9),
1161 XTEST_MAC_CMAC_CASE(vect11, 9),
1162 XTEST_MAC_CMAC_CASE(vect12, 9),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1163
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame^]1164 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect1_key,
1165 ARRAY_SIZE(mac_des3_cmac_vect1_key), 0, NULL, 0, mac_des3_cmac_vect1_out,
1166 ARRAY_SIZE(mac_des3_cmac_vect1_out) },
1167 XTEST_MAC_DES3_CMAC_CASE(vect2, 3),
1168 XTEST_MAC_DES3_CMAC_CASE(vect3, 9),
1169 XTEST_MAC_DES3_CMAC_CASE(vect4, 9),
1170 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect5_key,
1171 ARRAY_SIZE(mac_des3_cmac_vect5_key), 0, NULL, 0, mac_des3_cmac_vect5_out,
1172 ARRAY_SIZE(mac_des3_cmac_vect5_out) },
1173 XTEST_MAC_DES3_CMAC_CASE(vect6, 3),
1174 XTEST_MAC_DES3_CMAC_CASE(vect7, 5),
1175 XTEST_MAC_DES3_CMAC_CASE(vect8, 9),
1176
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1177 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1178 mac_data_sm3_d31_key,
1179 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1180 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1181 mac_data_sm3_d32_key,
1182 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1183};
1184
1185static void xtest_tee_test_4002(ADBG_Case_t *c)
1186{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1187 TEEC_Session session = { };
1188 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1189 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1190 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1191 uint8_t out[64] = { };
1192 size_t out_size = 0;
1193 uint32_t ret_orig = 0;
1194 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1195
1196 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1197 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1198 &ret_orig)))
1199 return;
1200
1201 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1202 TEE_Attribute key_attr = { };
1203 size_t key_size = 0;
1204 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1205
1206 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1207 (int)n, (unsigned int)mac_cases[n].algo);
1208
1209 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1210 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1211 key_attr.content.ref.length = mac_cases[n].key_len;
1212
1213 key_size = key_attr.content.ref.length * 8;
1214 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1215 mac_cases[n].key_type == TEE_TYPE_DES3)
1216 /* Exclude parity in bit size of key */
1217 key_size -= key_size / 8;
1218
1219 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1220 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1221 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1222 goto out;
1223
1224 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1225 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1226 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1227 goto out;
1228
1229 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1230 ta_crypt_cmd_allocate_transient_object(c, &session,
1231 mac_cases[n].key_type, key_size, &key_handle)))
1232 goto out;
1233
1234 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1235 ta_crypt_cmd_populate_transient_object(c, &session,
1236 key_handle, &key_attr, 1)))
1237 goto out;
1238
1239 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1240 ta_crypt_cmd_set_operation_key(c, &session, op1,
1241 key_handle)))
1242 goto out;
1243
1244 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1245 ta_crypt_cmd_free_transient_object(c, &session,
1246 key_handle)))
1247 goto out;
1248
1249 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1250 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1251 goto out;
1252
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1253 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1254 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1255 while (offs + mac_cases[n].in_incr <
1256 mac_cases[n].in_len) {
1257 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1258 ta_crypt_cmd_mac_update(c, &session,
1259 op1, mac_cases[n].in + offs,
1260 mac_cases[n].in_incr)))
1261 goto out;
1262 offs += mac_cases[n].in_incr;
1263 if (!mac_cases[n].multiple_incr)
1264 break;
1265 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1266 }
1267
1268 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1269 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1270 goto out;
1271
1272 out_size = sizeof(out);
1273 memset(out, 0, sizeof(out));
1274 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1275 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1276 mac_cases[n].in + offs,
1277 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1278 out, &out_size)))
1279 goto out;
1280
1281 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1282 mac_cases[n].out_len, out, out_size);
1283
1284 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1285 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1286 goto out;
1287
1288 out_size = sizeof(out);
1289 memset(out, 0, sizeof(out));
1290 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1291 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1292 mac_cases[n].in, mac_cases[n].in_len, out,
1293 &out_size)))
1294 goto out;
1295
1296 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1297 mac_cases[n].out_len, out, out_size);
1298
1299 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1300 ta_crypt_cmd_free_operation(c, &session, op1)))
1301 goto out;
1302
1303 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1304 ta_crypt_cmd_free_operation(c, &session, op2)))
1305 goto out;
1306
1307 Do_ADBG_EndSubCase(c, NULL);
1308 }
1309out:
1310 TEEC_CloseSession(&session);
1311}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1312ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1313 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1314
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1315static const uint8_t ciph_data_aes_key1[] = {
1316 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1317 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1318};
1319
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1320static const uint8_t ciph_data_aes_key2[] = {
1321 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1322 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1323};
1324
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1325static const uint8_t ciph_data_des_key1[] = {
1326 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1327};
1328
1329static const uint8_t ciph_data_des_key2[] = {
1330 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1331};
1332
1333
1334static const uint8_t ciph_data_des3_key1[] = {
1335 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1336 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1337 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1338};
1339
1340static const uint8_t ciph_data_des3_key2[] = {
1341 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1342 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1343 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1344};
1345
1346static const uint8_t ciph_data_des2_key1[] = {
1347 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1348 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1349};
1350
1351static const uint8_t ciph_data_in1[] = {
1352 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1353 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1354 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1355 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1356 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1357 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1358};
1359
1360static const uint8_t ciph_data_in3[] = {
1361 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1362 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1363 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1364 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1365 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1366 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1367};
1368
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1369static const uint8_t ciph_data_in4[] = {
1370 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1371 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1372 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1373 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1374 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1375 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1376 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1377 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1378};
1379
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1380static const uint8_t ciph_data_in5[] = {
1381 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1382 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1383 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1384 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1385 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1386 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1387 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1388 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1389 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1390 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1391 0x01, 0x01, 0x01
1392};
1393
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1394static const uint8_t ciph_data_128_iv1[] = {
1395 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1396 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1397};
1398
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1399static const uint8_t ciph_data_128_iv2[] = {
1400 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1401 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1402};
1403
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1404static const uint8_t ciph_data_64_iv1[] = {
1405 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1406};
1407
1408static const uint8_t ciph_data_in2[] = {
1409 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1410};
1411
1412static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1413 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1414 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1415 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1416 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1417 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1418 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1419};
1420
1421static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1422 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1423 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1424 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1425 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1426 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1427 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1428};
1429
1430static const uint8_t ciph_data_aes_ctr_out1[] = {
1431 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1432 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1433 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1434 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1435 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1436 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1437};
1438
1439static const uint8_t ciph_data_aes_ctr_out2[] = {
1440 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1441 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1442 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1443 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1444 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1445 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1446};
1447
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1448static const uint8_t ciph_data_aes_ctr_out4[] = {
1449 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1450 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1451 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1452 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1453 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1454 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1455 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1456 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1457};
1458
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1459static const uint8_t ciph_data_aes_ctr_out5[] = {
1460 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1461 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1462 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1463 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1464 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1465 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1466 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1467 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1468 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1469 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1470 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1471};
1472
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1473static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1474 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1475 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1476};
1477
1478static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1479 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1480 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1481};
1482
1483static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1484 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1485 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1486 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1487 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1488 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1489 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1490 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1491 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1492 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1493 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1494 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1495 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1496 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1497 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1498 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1499 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1500 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1501 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1502 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1503 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1504};
1505
1506static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1507 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1508 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1509 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1510 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1511 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1512 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1513 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1514 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1515 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1516 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1517 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1518 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1519 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1520 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1521 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1522 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1523 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1524 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1525 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1526 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1527};
1528
1529/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1530 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1531static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1532 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1533 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1534};
1535
1536static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1537 0x00
1538};
1539
1540static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1541 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1542 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1543 0x20
1544};
1545
1546static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1547 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1548 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1549 0x97
1550};
1551
1552#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1553#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1554static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1555 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1556 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1557 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1558 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1559};
1560
1561static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1562 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1563 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1564 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1565 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1566};
1567
1568#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1569#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1570static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1571 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1572 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1573 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1574 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1575};
1576
1577static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1578 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1579 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1580 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1581 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1582};
1583
1584#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
1585#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
1586static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
1587 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1588 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1589 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1590 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1591 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1592 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
1593};
1594
1595static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
1596 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1597 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1598 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
1599 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
1600 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1601 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
1602};
1603
1604#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
1605#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
1606static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
1607 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1608 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1609 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1610 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1611 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1612 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1613};
1614
1615static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
1616 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1617 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1618 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1619 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1620 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1621 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1622};
1623
1624#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
1625#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
1626static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
1627 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1628 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1629 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1630 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1631 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1632 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1633 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
1634 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
1635};
1636
1637static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
1638 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1639 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1640 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1641 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1642 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
1643 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
1644 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1645 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1646};
1647
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]1648/*
1649 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
1650 * 80 bytes of data, processed in two steps (32 + 48).
1651 */
1652
1653#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
1654
1655static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
1656 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
1657 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
1658};
1659
1660static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
1661 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
1662 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
1663 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
1664 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
1665 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
1666 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
1667 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
1668 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
1669 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
1670 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
1671};
1672
1673/*
1674 * Ciphertext was generated by an online tool for AES CBC.
1675 * Since the input size is a multiple of the block size, and the ciphertext
1676 * format is CS3, the output is the same as plain AES CBC with the last
1677 * two blocks swapped.
1678 */
1679static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
1680 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
1681 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
1682 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
1683 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
1684 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
1685 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
1686 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
1687 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
1688 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
1689 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
1690};
1691
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1692static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
1693 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
1694 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
1695 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
1696 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
1697 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
1698 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
1699};
1700
1701static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
1702 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
1703};
1704
1705static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
1706 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
1707 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
1708 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
1709 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
1710 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
1711 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
1712};
1713
1714static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
1715 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
1716 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
1717 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
1718 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
1719 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
1720 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
1721};
1722
1723static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
1724 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
1725 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
1726 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
1727 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
1728 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
1729 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
1730};
1731
1732static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
1733 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
1734 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
1735 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
1736 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
1737 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
1738 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
1739};
1740
1741static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
1742 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
1743 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
1744 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
1745 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
1746 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
1747 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
1748};
1749
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]1750/* SM4 ECB */
1751
1752static const uint8_t ciph_data_sm4_key1[] = {
1753 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1754 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1755};
1756
1757static const uint8_t ciph_data_sm4_in1[] = {
1758 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1759 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1760};
1761
1762static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
1763 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
1764 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
1765};
1766
1767/*
1768 * SM4 CBC
1769 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
1770 */
1771static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
1772 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1773 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1774};
1775
1776static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
1777 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1778 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1779};
1780
1781static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
1782 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1783 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1784 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1785 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1786};
1787
1788static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
1789 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
1790 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
1791 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
1792 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
1793};
1794
1795/*
1796 * SM4 CBC
1797 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
1798 */
1799static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
1800 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1801 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1802};
1803
1804static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
1805 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1806 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1807};
1808
1809static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
1810 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1811 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1812 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1813 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1814};
1815
1816static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
1817 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
1818 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
1819 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
1820 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
1821};
1822
1823/*
1824 * SM4 CTR
1825 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
1826 */
1827static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
1828 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1829 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1830};
1831
1832static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
1833 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1834 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1835};
1836
1837static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
1838 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1839 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1840 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1841 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1842 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1843 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1844 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1845 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1846};
1847
1848static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
1849 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
1850 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
1851 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
1852 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
1853 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
1854 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
1855 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
1856 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
1857};
1858
1859/*
1860 * SM4 CTR
1861 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
1862 */
1863static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
1864 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1865 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1866};
1867
1868static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
1869 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1870 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1871};
1872
1873static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
1874 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1875 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1876 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1877 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1878 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1879 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1880 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1881 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1882};
1883
1884static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
1885 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
1886 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
1887 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
1888 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
1889 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
1890 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
1891 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
1892 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
1893};
1894
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1895struct xtest_ciph_case {
1896 uint32_t algo;
1897 uint32_t mode;
1898 uint32_t key_type;
1899 const uint8_t *key1;
1900 size_t key1_len;
1901 const uint8_t *key2;
1902 size_t key2_len;
1903 const uint8_t *iv;
1904 size_t iv_len;
1905 size_t in_incr;
1906 const uint8_t *in;
1907 size_t in_len;
1908 const uint8_t *out;
1909 size_t out_len;
1910 size_t line;
1911};
1912
1913#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
1914 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1915 NULL, 0, NULL, 0, \
1916 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
1917 __LINE__ }, \
1918 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1919 NULL, 0, NULL, 0, \
1920 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
1921
1922#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
1923 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1924 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
1925 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
1926 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1927 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
1928 (ptx), ARRAY_SIZE(ptx), __LINE__ }
1929
1930#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
1931 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
1932 ciph_data_aes_xts_ ## vect ## _key1, \
1933 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
1934 ciph_data_aes_xts_ ## vect ## _key2, \
1935 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
1936 ciph_data_aes_xts_ ## vect ## _iv, \
1937 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
1938 (in_incr), \
1939 ciph_data_aes_xts_ ## vect ## _ptx, \
1940 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
1941 ciph_data_aes_xts_ ## vect ## _ctx, \
1942 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
1943 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
1944 ciph_data_aes_xts_ ## vect ## _key1, \
1945 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
1946 ciph_data_aes_xts_ ## vect ## _key2, \
1947 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
1948 ciph_data_aes_xts_ ## vect ## _iv, \
1949 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
1950 (in_incr), \
1951 ciph_data_aes_xts_ ## vect ## _ctx, \
1952 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
1953 ciph_data_aes_xts_ ## vect ## _ptx, \
1954 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
1955
1956#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
1957 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
1958 ciph_data_aes_cbc_ ## vect ## _key, \
1959 ciph_data_aes_cbc_ ## vect ## _iv, \
1960 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
1961 ciph_data_aes_cbc_ ## vect ## _ctx)
1962
1963#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
1964 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
1965 ciph_data_aes_cts_ ## vect ## _key, \
1966 ciph_data_aes_cts_ ## vect ## _iv, \
1967 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
1968 ciph_data_aes_cts_ ## vect ## _ctx)
1969
1970static const struct xtest_ciph_case ciph_cases[] = {
1971 /* AES */
1972 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
1973 ciph_data_aes_key1, 11, ciph_data_in1,
1974 ciph_data_aes_ecb_nopad_out1),
1975 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
1976 ciph_data_aes_key1, ciph_data_128_iv1, 11,
1977 ciph_data_in1,
1978 ciph_data_aes_cbc_nopad_out1),
1979 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1980 ciph_data_aes_key1, ciph_data_128_iv1, 13,
1981 ciph_data_in1,
1982 ciph_data_aes_ctr_out1),
1983 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1984 ciph_data_aes_key1, ciph_data_128_iv1, 13,
1985 ciph_data_in3,
1986 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]1987 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1988 ciph_data_aes_key1, ciph_data_128_iv1, 16,
1989 ciph_data_in3,
1990 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1991 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1992 ciph_data_aes_key1, ciph_data_128_iv1, 16,
1993 ciph_data_in4,
1994 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1995 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1996 ciph_data_aes_key2, ciph_data_128_iv2, 11,
1997 ciph_data_in5,
1998 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1999
2000 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2001 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2002
2003 /* AES-CTS */
2004 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2005 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2006 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2007 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2008 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2009 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2010 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2011 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2012
2013 /* DES */
2014 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2015 ciph_data_des_key1, 14, ciph_data_in1,
2016 ciph_data_des_ecb_nopad_out1),
2017 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2018 ciph_data_des_key2, 3, ciph_data_in2,
2019 ciph_data_des_ecb_nopad_out2),
2020 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2021 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2022 ciph_data_des_cbc_nopad_out1),
2023
2024 /* DES3 */
2025 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2026 ciph_data_des3_key1, 11, ciph_data_in1,
2027 ciph_data_des3_ecb_nopad_out1),
2028 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2029 ciph_data_des3_key2, 3, ciph_data_in2,
2030 ciph_data_des_ecb_nopad_out2),
2031 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2032 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2033 ciph_data_in1,
2034 ciph_data_des3_cbc_nopad_out1),
2035
2036 /* DES2 */
2037 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2038 ciph_data_des2_key1, 11, ciph_data_in1,
2039 ciph_data_des2_ecb_nopad_out1),
2040 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2041 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2042 ciph_data_in1,
2043 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2044
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2045 /* AES-XTS */
2046 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2047 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2048 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2049 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2050 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2051 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2052 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2053 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2054 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2055 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2056 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2057 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2058 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2059 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2060 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2061 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2062 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2063 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2064 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2065
2066 /* SM4 */
2067 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2068 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2069 ciph_data_sm4_ecb_nopad_out1),
2070 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2071 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2072 11, ciph_data_sm4_cbc_a221_in,
2073 ciph_data_sm4_cbc_a221_out),
2074 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2075 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2076 11, ciph_data_sm4_cbc_a222_in,
2077 ciph_data_sm4_cbc_a222_out),
2078 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2079 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2080 11, ciph_data_sm4_ctr_a251_in,
2081 ciph_data_sm4_ctr_a251_out),
2082 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2083 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2084 11, ciph_data_sm4_ctr_a252_in,
2085 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2086};
2087
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2088static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2089{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2090 TEEC_Session session = { };
2091 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2092 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2093 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2094 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2095 uint8_t out[2048] = { };
2096 size_t out_size = 0;
2097 size_t out_offs = 0;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2098 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2099 uint32_t ret_orig = 0;
2100 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2101
2102 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2103 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2104 &ret_orig)))
2105 return;
2106
2107 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2108 TEE_Attribute key_attr = { };
2109 size_t key_size = 0;
2110 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2111
Jerome Forissier817d99f2020-01-22 16:33:12 +0100[diff] [blame]2112 switch (ciph_cases[n].algo) {
2113 case TEE_ALG_SM4_CTR:
2114 case TEE_ALG_SM4_CBC_NOPAD:
2115 case TEE_ALG_SM4_ECB_NOPAD:
2116 if (!ta_crypt_cmd_is_algo_supported(c, &session,
2117 ciph_cases[n].algo, TEE_CRYPTO_ELEMENT_NONE)) {
2118 Do_ADBG_Log("SM4 not supported: skip subcase");
2119 continue;
2120 }
2121 break;
2122 default:
2123 break;
2124 }
2125
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2126 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2127 (int)n, (unsigned int)ciph_cases[n].algo,
2128 (int)ciph_cases[n].line);
2129
2130 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2131 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2132 key_attr.content.ref.length = ciph_cases[n].key1_len;
2133
2134 key_size = key_attr.content.ref.length * 8;
2135 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2136 ciph_cases[n].key_type == TEE_TYPE_DES3)
2137 /* Exclude parity in bit size of key */
2138 key_size -= key_size / 8;
2139
2140 op_key_size = key_size;
2141 if (ciph_cases[n].key2 != NULL)
2142 op_key_size *= 2;
2143
2144 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2145 ta_crypt_cmd_allocate_operation(c, &session, &op,
2146 ciph_cases[n].algo, ciph_cases[n].mode,
2147 op_key_size)))
2148 goto out;
2149
2150 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2151 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2152 ciph_cases[n].algo, ciph_cases[n].mode,
2153 op_key_size)))
2154 goto out;
2155
2156 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2157 ta_crypt_cmd_allocate_transient_object(c, &session,
2158 ciph_cases[n].key_type, key_size,
2159 &key1_handle)))
2160 goto out;
2161
2162 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2163 ta_crypt_cmd_populate_transient_object(c, &session,
2164 key1_handle, &key_attr, 1)))
2165 goto out;
2166
2167 if (ciph_cases[n].key2 != NULL) {
2168 key_attr.content.ref.buffer =
2169 (void *)ciph_cases[n].key2;
2170 key_attr.content.ref.length = ciph_cases[n].key2_len;
2171
2172 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2173 ta_crypt_cmd_allocate_transient_object(c,
2174 &session, ciph_cases[n].key_type,
2175 key_attr.content.ref.length * 8,
2176 &key2_handle)))
2177 goto out;
2178
2179 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2180 ta_crypt_cmd_populate_transient_object(c,
2181 &session, key2_handle, &key_attr, 1)))
2182 goto out;
2183
2184 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2185 ta_crypt_cmd_set_operation_key2(c, &session, op,
2186 key1_handle, key2_handle)))
2187 goto out;
2188 } else {
2189 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2190 ta_crypt_cmd_set_operation_key(c, &session, op,
2191 key1_handle)))
2192 goto out;
2193 }
2194
2195 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2196 ta_crypt_cmd_free_transient_object(c, &session,
2197 key1_handle)))
2198 goto out;
2199 key1_handle = TEE_HANDLE_NULL;
2200
2201 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2202 ta_crypt_cmd_free_transient_object(c, &session,
2203 key2_handle)))
2204 goto out;
2205 key2_handle = TEE_HANDLE_NULL;
2206
2207 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2208 ta_crypt_cmd_cipher_init(c, &session, op,
2209 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2210 goto out;
2211
2212 out_offs = 0;
2213 out_size = sizeof(out);
2214 memset(out, 0, sizeof(out));
2215 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2216 ta_crypt_cmd_cipher_update(c, &session, op,
2217 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2218 &out_size)))
2219 goto out;
2220
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2221 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2222 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2223 ciph_cases[n].in_incr);
2224
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2225 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2226 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2227 goto out;
2228
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2229 out_offs += out_size;
2230 out_size = sizeof(out) - out_offs;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2231 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2232
2233 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2234 ta_crypt_cmd_cipher_do_final(c, &session, op,
2235 ciph_cases[n].in + ciph_cases[n].in_incr,
2236 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2237 out + out_offs,
2238 &out_size)))
2239 goto out;
2240
2241 out_offs += out_size;
2242
2243 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2244 ciph_cases[n].out_len, out, out_offs);
2245
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2246 /* test on the copied op2 */
2247 out_size = sizeof(out) - out_offs2;
2248
2249 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2250 ta_crypt_cmd_cipher_do_final(c, &session, op2,
2251 ciph_cases[n].in + ciph_cases[n].in_incr,
2252 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2253 out + out_offs2,
2254 &out_size)))
2255 goto out;
2256
2257 out_offs2 += out_size;
2258
2259 ADBG_EXPECT_BUFFER(c, ciph_cases[n].out, ciph_cases[n].out_len,
2260 out, out_offs2);
2261
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2262 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2263 ta_crypt_cmd_free_operation(c, &session, op)))
2264 goto out;
2265
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2266 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2267 ta_crypt_cmd_free_operation(c, &session, op2)))
2268 goto out;
2269
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2270 Do_ADBG_EndSubCase(c, NULL);
2271 }
2272out:
2273 TEEC_CloseSession(&session);
2274}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2275ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2276 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2277
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2278static void xtest_tee_test_4004(ADBG_Case_t *c)
2279{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2280 TEEC_Session session = { };
2281 uint32_t ret_orig = 0;
2282 uint8_t buf1[45] = { };
2283 uint8_t buf2[45] = { };
2284 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2285
2286 Do_ADBG_BeginSubCase(c, "TEE get random");
2287 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2288 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2289 &ret_orig)))
2290 return;
2291
2292 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2293 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2294 sizeof(buf1))))
2295 goto out;
2296
2297 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2298 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2299
2300 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2301 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2302 sizeof(buf2))))
2303 goto out;
2304
2305 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2306 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2307
2308 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2309 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2310out:
2311 TEEC_CloseSession(&session);
2312 Do_ADBG_EndSubCase(c, "TEE get random");
2313}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2314ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2315 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2316
2317struct xtest_ae_case {
2318 uint32_t algo;
2319 uint32_t mode;
2320 uint32_t key_type;
2321 const uint8_t *key;
2322 size_t key_len;
2323 const uint8_t *nonce;
2324 size_t nonce_len;
2325 size_t aad_incr;
2326 const uint8_t *aad;
2327 size_t aad_len;
2328 size_t in_incr;
2329 const uint8_t *ptx;
2330 size_t ptx_len;
2331 const uint8_t *ctx;
2332 size_t ctx_len;
2333 const uint8_t *tag;
2334 size_t tag_len;
2335 size_t line;
2336};
2337
2338
2339#define ARRAY(a) a, ARRAY_SIZE(a)
2340#define NULL_ARRAY(a) NULL, 0
2341
2342#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2343 aad_array, ptx_array, ctx_array) \
2344 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2345 ARRAY(vect ## _nonce), (aad_incr), \
2346 aad_array(vect ## _aad), (in_incr), \
2347 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2348 ARRAY(vect ## _tag), \
2349 __LINE__ }, \
2350 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2351 ARRAY(vect ## _nonce), (aad_incr), \
2352 aad_array(vect ## _aad), (in_incr), \
2353 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2354 ARRAY(vect ## _tag), \
2355 __LINE__ }
2356
2357#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2358 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2359 in_incr, ARRAY, ARRAY, ARRAY)
2360
2361#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2362 aad_array, ptx_array, ctx_array) \
2363 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2364 in_incr, aad_array, ptx_array, ctx_array)
2365
2366
2367
2368static const struct xtest_ae_case ae_cases[] = {
2369 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2370 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2371 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2372
2373 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2374 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2375 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2376 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2377 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2378 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2379 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2380 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2381 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2382 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2383 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2384 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2385 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2386 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2387 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2388 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2389 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2390 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2391 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2392#ifdef CFG_GCM_NIST_VECTORS
2393#include "gcmDecrypt128.h"
2394#include "gcmDecrypt192.h"
2395#include "gcmDecrypt256.h"
2396#include "gcmEncryptExtIV128.h"
2397#include "gcmEncryptExtIV192.h"
2398#include "gcmEncryptExtIV256.h"
2399#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2400};
2401
2402static void xtest_tee_test_4005(ADBG_Case_t *c)
2403{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2404 TEEC_Session session = { };
2405 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2406 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2407 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2408 TEE_Attribute key_attr = { };
2409 uint8_t out[512] = { };
2410 size_t out_size = 0;
2411 size_t out_offs = 0;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2412 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2413 uint32_t ret_orig = 0;
2414 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2415
2416 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2417 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2418 &ret_orig)))
2419 return;
2420
2421 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2422 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2423 (int)n, (unsigned int)ae_cases[n].algo,
2424 (int)ae_cases[n].line);
2425
2426 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2427 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2428 key_attr.content.ref.length = ae_cases[n].key_len;
2429
2430 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2431 ta_crypt_cmd_allocate_operation(c, &session, &op,
2432 ae_cases[n].algo, ae_cases[n].mode,
2433 key_attr.content.ref.length * 8)))
2434 goto out;
2435
2436 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2437 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2438 ae_cases[n].algo, ae_cases[n].mode,
2439 key_attr.content.ref.length * 8)))
2440 goto out;
2441
2442 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2443 ta_crypt_cmd_allocate_transient_object(c, &session,
2444 ae_cases[n].key_type,
2445 key_attr.content.ref.length * 8,
2446 &key_handle)))
2447 goto out;
2448
2449 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2450 ta_crypt_cmd_populate_transient_object(c, &session,
2451 key_handle, &key_attr, 1)))
2452 goto out;
2453
2454 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2455 ta_crypt_cmd_set_operation_key(c, &session, op,
2456 key_handle)))
2457 goto out;
2458
2459 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2460 ta_crypt_cmd_free_transient_object(c, &session,
2461 key_handle)))
2462 goto out;
2463 key_handle = TEE_HANDLE_NULL;
2464
2465 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2466 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2467 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2468 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2469 goto out;
2470
2471 if (ae_cases[n].aad != NULL) {
2472 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2473 ta_crypt_cmd_ae_update_aad(c, &session, op,
2474 ae_cases[n].aad, ae_cases[n].aad_incr)))
2475 goto out;
2476
2477 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2478 ta_crypt_cmd_ae_update_aad(c, &session, op,
2479 ae_cases[n].aad + ae_cases[n].aad_incr,
2480 ae_cases [n].aad_len -
2481 ae_cases[n].aad_incr)))
2482 goto out;
2483 }
2484
2485 out_offs = 0;
2486 out_size = sizeof(out);
2487 memset(out, 0, sizeof(out));
2488 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2489 if (ae_cases[n].ptx != NULL) {
2490 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2491 ta_crypt_cmd_ae_update(c, &session, op,
2492 ae_cases[n].ptx,
2493 ae_cases[n].in_incr, out,
2494 &out_size)))
2495 goto out;
2496 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2497 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2498 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2499 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2500 }
2501 } else {
2502 if (ae_cases[n].ctx != NULL) {
2503 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2504 ta_crypt_cmd_ae_update(c, &session, op,
2505 ae_cases[n].ctx,
2506 ae_cases[n].in_incr, out,
2507 &out_size)))
2508 goto out;
2509 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2510 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2511 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2512 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2513 }
2514 }
2515
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2516 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2517 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2518 goto out;
2519
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2520 out_size = sizeof(out) - out_offs;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2521 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2522 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2523 uint8_t out_tag[64];
2524 size_t out_tag_len = MIN(sizeof(out_tag),
2525 ae_cases[n].tag_len);
2526
2527 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2528 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2529 ae_cases[n].ptx + ae_cases[n].in_incr,
2530 ae_cases[n].ptx_len -
2531 ae_cases[n].in_incr,
2532 out + out_offs,
2533 &out_size, out_tag, &out_tag_len)))
2534 goto out;
2535
2536 (void)ADBG_EXPECT_BUFFER(c,
2537 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2538 out_tag_len);
2539
2540 out_offs += out_size;
2541
2542 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2543 ae_cases[n].ctx_len, out, out_offs);
2544 } else {
2545 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2546 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2547 ae_cases[n].ctx + ae_cases[n].in_incr,
2548 ae_cases[n].ctx_len -
2549 ae_cases[n].in_incr,
2550 out + out_offs,
2551 &out_size, ae_cases[n].tag,
2552 ae_cases[n].tag_len)))
2553 goto out;
2554
2555 out_offs += out_size;
2556
2557 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2558 ae_cases[n].ptx_len, out, out_offs);
2559 }
2560
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2561 /* test on the copied op2 */
2562 out_size = sizeof(out) - out_offs2;
2563 memset(out + out_offs2, 0, out_size);
2564 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2565 uint8_t out_tag[64] = { 0 };
2566 size_t out_tag_len = MIN(sizeof(out_tag),
2567 ae_cases[n].tag_len);
2568
2569 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2570 ta_crypt_cmd_ae_encrypt_final(c, &session, op2,
2571 ae_cases[n].ptx + ae_cases[n].in_incr,
2572 ae_cases[n].ptx_len -
2573 ae_cases[n].in_incr,
2574 out + out_offs2,
2575 &out_size, out_tag, &out_tag_len)))
2576 goto out;
2577
2578 ADBG_EXPECT_BUFFER(c, ae_cases[n].tag,
2579 ae_cases[n].tag_len, out_tag,
2580 out_tag_len);
2581
2582 out_offs2 += out_size;
2583
2584 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2585 ae_cases[n].ctx_len, out, out_offs2);
2586 } else {
2587 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2588 ta_crypt_cmd_ae_decrypt_final(c, &session, op2,
2589 ae_cases[n].ctx + ae_cases[n].in_incr,
2590 ae_cases[n].ctx_len -
2591 ae_cases[n].in_incr,
2592 out + out_offs2,
2593 &out_size, ae_cases[n].tag,
2594 ae_cases[n].tag_len)))
2595 goto out;
2596
2597 out_offs2 += out_size;
2598
2599 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2600 ae_cases[n].ptx_len, out, out_offs2);
2601 }
2602
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2603 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2604 ta_crypt_cmd_free_operation(c, &session, op)))
2605 goto out;
2606
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2607 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2608 ta_crypt_cmd_free_operation(c, &session, op2)))
2609 goto out;
2610
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2611 Do_ADBG_EndSubCase(c, NULL);
2612 }
2613out:
2614 TEEC_CloseSession(&session);
2615}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2616ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
2617 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2618
2619struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2620 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2621 uint32_t algo;
2622 TEE_OperationMode mode;
2623
2624 union {
2625 struct {
2626 const uint8_t *modulus;
2627 size_t modulus_len;
2628
2629 const uint8_t *pub_exp;
2630 size_t pub_exp_len;
2631
2632 const uint8_t *priv_exp;
2633 size_t priv_exp_len;
2634
2635 const uint8_t *prime1; /* q */
2636 size_t prime1_len;
2637 const uint8_t *prime2; /* p */
2638 size_t prime2_len;
2639 const uint8_t *exp1; /* dp */
2640 size_t exp1_len;
2641 const uint8_t *exp2; /* dq */
2642 size_t exp2_len;
2643 const uint8_t *coeff; /* iq */
2644 size_t coeff_len;
2645
2646 int salt_len;
2647 } rsa;
2648 struct {
2649 const uint8_t *prime;
2650 size_t prime_len;
2651 const uint8_t *sub_prime;
2652 size_t sub_prime_len;
2653 const uint8_t *base;
2654 size_t base_len;
2655 const uint8_t *pub_val;
2656 size_t pub_val_len;
2657 const uint8_t *priv_val;
2658 size_t priv_val_len;
2659 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2660 struct {
2661 const uint8_t *private;
2662 size_t private_len;
2663 const uint8_t *public_x;
2664 size_t public_x_len;
2665 const uint8_t *public_y;
2666 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2667 } ecc;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2668 } params;
2669
2670 const uint8_t *ptx;
2671 size_t ptx_len;
2672 const uint8_t *ctx;
2673 size_t ctx_len;
2674 size_t line;
2675};
2676
2677#define WITHOUT_SALT(x) -1
2678#define WITH_SALT(x) x
2679
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2680#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2681 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2682 ARRAY(vect ## _ptx), \
2683 ARRAY(vect ## _out), \
2684 __LINE__ }
2685
2686#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2687 { .rsa = { \
2688 ARRAY(vect ## _modulus), \
2689 ARRAY(vect ## _pub_exp), \
2690 ARRAY(vect ## _priv_exp), \
2691 opt_crt_array(vect ## _prime1), \
2692 opt_crt_array(vect ## _prime2), \
2693 opt_crt_array(vect ## _exp1), \
2694 opt_crt_array(vect ## _exp2), \
2695 opt_crt_array(vect ## _coeff), \
2696 opt_salt(vect ## _salt_len) \
2697 } }
2698
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2699#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2700 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2701 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2702
2703#define XTEST_AC_DSA_UNION(vect) \
2704 { .dsa = { \
2705 ARRAY(vect ## _prime), \
2706 ARRAY(vect ## _sub_prime), \
2707 ARRAY(vect ## _base), \
2708 ARRAY(vect ## _pub_val), \
2709 ARRAY(vect ## _priv_val), \
2710 } }
2711
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2712#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2713 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2714
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2715#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2716 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2717 ARRAY(vect ## _private), \
2718 ARRAY(vect ## _public_x), \
2719 ARRAY(vect ## _public_y), \
2720 } }
2721
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2722#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2723 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2724
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2725static const struct xtest_ac_case xtest_ac_cases[] = {
2726 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2727 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2728 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2729 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2730 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2731 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2732 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2733 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2734 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2735 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2736 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2737 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2738 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2739 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2740 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2741 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2742 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2743 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2744 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2745 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2746 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2747 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2748 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2749 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2750 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2751 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2752 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2753 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2754 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2755 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2756 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2757 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2758 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2759 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2760 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2761 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2762 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2763 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2764 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2765 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2766 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2767
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2768 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2769 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2770 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2771 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2772
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]2773#ifdef CFG_CRYPTO_RSASSA_NA1
2774 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
2775 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2776 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
2777 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2778#endif
2779
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2780 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2781 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2782 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2783 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2784
2785 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2786 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2787 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2788 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2789
2790 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2791 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2792 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2793 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
2794
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2795 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2796 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2797 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2798 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2799 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2800
2801 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2802 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2803 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2804 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2805 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2806 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2807
2808 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2809 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2810 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2811 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2812 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2813 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2814
2815 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2816 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2817 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2818 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2819 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2820 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2821
2822 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2823 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2824 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2825 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2826 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2827 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
2828
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2829 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2830 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2831 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2832 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2833 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2834 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2835 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2836 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2837 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2838 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2839 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2840 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
2841
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2842 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2843 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2844 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2845 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2846 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2847 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2848 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2849 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2850 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2851 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2852 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2853 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2854 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2855 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2856 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2857 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2858 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2859 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
2860
2861 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2862 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2863 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2864 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2865 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2866 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2867 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2868 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2869 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2870 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2871 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2872 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2873 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2874 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2875 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2876 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2877 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2878 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2879 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2880 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2881 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2882 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2883 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2884 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2885 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2886 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2887 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2888 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2889 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2890 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2891 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2892 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2893 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2894 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2895 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2896 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2897 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2898 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2899 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2900 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2901 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2902 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2903 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2904 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2905 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
2906
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2907 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2908 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2909 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2910 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2911 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2912 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2913 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2914 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2915 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2916 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2917 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2918 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2919 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2920 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2921 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2922 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2923 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2924 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2925 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2926 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2927 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2928 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2929 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2930 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2931 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2932 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2933 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2934 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2935 ac_rsassa_vect15, ARRAY, WITH_SALT),
2936
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2937 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2938 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2939 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2940 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2941 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2942 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2943 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2944 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2945 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2946 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2947 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2948 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
2949
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2950 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2951 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2952 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2953 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2954 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2955 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2956 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2957 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2958 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2959 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2960 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2961 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2962 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2963 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2964 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2965 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2966 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2967 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
2968
2969 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]2970 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2971 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
2972 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2973 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
2974 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
2975 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
2976 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
2977 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
2978 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
2979 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
2980 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
2981 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
2982 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
2983 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
2984 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
2985 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
2986 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
2987 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
2988 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
2989 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
2990 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
2991 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
2992 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
2993 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
2994 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
2995 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
2996 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
2997 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
2998 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
2999 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3000 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3001 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3002 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3003 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3004 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3005 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3006 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3007 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3008 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3009 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3010 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3011 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3012 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3013 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3014 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3015 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3016 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3017 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3018 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3019 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3020 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3021 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3022 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3023 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3024 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3025 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3026 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3027 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3028 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3029 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3030 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3031 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3032 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3033 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3034 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3035 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3036 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3037 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3038 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3039 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3040 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3041 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3042 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3043 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3044 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3045 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3046 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3047 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3048 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3049 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3050 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3051 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3052 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3053 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3054 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3055 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3056 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3057 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3058 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3059 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3060 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3061 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3062 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3063 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3064 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3065 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3066 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3067 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3068 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3069 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3070 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3071 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3072 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3073 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3074 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3075 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3076 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3077 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3078 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3079 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3080 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3081 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3082 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3083 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3084 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3085 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3086 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3087 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3088 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3089 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3090 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3091 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3092 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3093 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3094 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3095 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3096 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3097 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3098 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3099 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3100 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3101 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3102 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3103 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3104 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3105 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3106 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3107 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3108 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3109 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3110 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3111 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3112 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3113 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3114 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3115 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3116 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3117 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3118 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3119 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3120 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3121 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3122 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3123 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3124 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3125 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3126 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3127 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3128 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3129 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3130 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3131 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3132 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3133 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3134 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3135 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3136 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3137 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3138 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3139 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3140 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3141 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3142 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3143 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3144 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3145 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3146 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3147 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3148 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3149 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3150 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3151 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3152 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3153 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3154 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3155 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3156 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3157 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3158 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3159 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3160 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3161 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3162 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3163 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3164 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3165 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3166 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3167 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3168 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3169 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3170
3171 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3172 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3173 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3174 nist_186_2_ecdsa_testvector_1),
3175 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3176 nist_186_2_ecdsa_testvector_1),
3177 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3178 nist_186_2_ecdsa_testvector_2),
3179 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3180 nist_186_2_ecdsa_testvector_2),
3181 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3182 nist_186_2_ecdsa_testvector_3),
3183 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3184 nist_186_2_ecdsa_testvector_3),
3185 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3186 nist_186_2_ecdsa_testvector_4),
3187 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3188 nist_186_2_ecdsa_testvector_4),
3189 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3190 nist_186_2_ecdsa_testvector_5),
3191 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3192 nist_186_2_ecdsa_testvector_5),
3193 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3194 nist_186_2_ecdsa_testvector_6),
3195 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3196 nist_186_2_ecdsa_testvector_6),
3197 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3198 nist_186_2_ecdsa_testvector_7),
3199 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3200 nist_186_2_ecdsa_testvector_7),
3201 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3202 nist_186_2_ecdsa_testvector_8),
3203 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3204 nist_186_2_ecdsa_testvector_8),
3205 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3206 nist_186_2_ecdsa_testvector_9),
3207 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3208 nist_186_2_ecdsa_testvector_9),
3209 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3210 nist_186_2_ecdsa_testvector_10),
3211 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3212 nist_186_2_ecdsa_testvector_10),
3213 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3214 nist_186_2_ecdsa_testvector_11),
3215 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3216 nist_186_2_ecdsa_testvector_11),
3217 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3218 nist_186_2_ecdsa_testvector_12),
3219 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3220 nist_186_2_ecdsa_testvector_12),
3221 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3222 nist_186_2_ecdsa_testvector_13),
3223 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3224 nist_186_2_ecdsa_testvector_13),
3225 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3226 nist_186_2_ecdsa_testvector_14),
3227 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3228 nist_186_2_ecdsa_testvector_14),
3229 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3230 nist_186_2_ecdsa_testvector_15),
3231 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3232 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3233 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3234 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3235 nist_186_2_ecdsa_testvector_16),
3236 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3237 nist_186_2_ecdsa_testvector_16),
3238 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3239 nist_186_2_ecdsa_testvector_17),
3240 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3241 nist_186_2_ecdsa_testvector_17),
3242 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3243 nist_186_2_ecdsa_testvector_18),
3244 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3245 nist_186_2_ecdsa_testvector_18),
3246 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3247 nist_186_2_ecdsa_testvector_19),
3248 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3249 nist_186_2_ecdsa_testvector_19),
3250 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3251 nist_186_2_ecdsa_testvector_20),
3252 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3253 nist_186_2_ecdsa_testvector_20),
3254 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3255 nist_186_2_ecdsa_testvector_21),
3256 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3257 nist_186_2_ecdsa_testvector_21),
3258 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3259 nist_186_2_ecdsa_testvector_22),
3260 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3261 nist_186_2_ecdsa_testvector_22),
3262 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3263 nist_186_2_ecdsa_testvector_23),
3264 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3265 nist_186_2_ecdsa_testvector_23),
3266 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3267 nist_186_2_ecdsa_testvector_24),
3268 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3269 nist_186_2_ecdsa_testvector_24),
3270 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3271 nist_186_2_ecdsa_testvector_25),
3272 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3273 nist_186_2_ecdsa_testvector_25),
3274 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3275 nist_186_2_ecdsa_testvector_26),
3276 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3277 nist_186_2_ecdsa_testvector_26),
3278 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3279 nist_186_2_ecdsa_testvector_27),
3280 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3281 nist_186_2_ecdsa_testvector_27),
3282 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3283 nist_186_2_ecdsa_testvector_28),
3284 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3285 nist_186_2_ecdsa_testvector_28),
3286 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3287 nist_186_2_ecdsa_testvector_29),
3288 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3289 nist_186_2_ecdsa_testvector_29),
3290 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3291 nist_186_2_ecdsa_testvector_30),
3292 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3293 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3294 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3295 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3296 nist_186_2_ecdsa_testvector_31),
3297 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3298 nist_186_2_ecdsa_testvector_31),
3299 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3300 nist_186_2_ecdsa_testvector_32),
3301 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3302 nist_186_2_ecdsa_testvector_32),
3303 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3304 nist_186_2_ecdsa_testvector_33),
3305 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3306 nist_186_2_ecdsa_testvector_33),
3307 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3308 nist_186_2_ecdsa_testvector_34),
3309 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3310 nist_186_2_ecdsa_testvector_34),
3311 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3312 nist_186_2_ecdsa_testvector_35),
3313 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3314 nist_186_2_ecdsa_testvector_35),
3315 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3316 nist_186_2_ecdsa_testvector_36),
3317 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3318 nist_186_2_ecdsa_testvector_36),
3319 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3320 nist_186_2_ecdsa_testvector_37),
3321 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3322 nist_186_2_ecdsa_testvector_37),
3323 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3324 nist_186_2_ecdsa_testvector_38),
3325 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3326 nist_186_2_ecdsa_testvector_38),
3327 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3328 nist_186_2_ecdsa_testvector_39),
3329 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3330 nist_186_2_ecdsa_testvector_39),
3331 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3332 nist_186_2_ecdsa_testvector_40),
3333 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3334 nist_186_2_ecdsa_testvector_40),
3335 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3336 nist_186_2_ecdsa_testvector_41),
3337 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3338 nist_186_2_ecdsa_testvector_41),
3339 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3340 nist_186_2_ecdsa_testvector_42),
3341 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3342 nist_186_2_ecdsa_testvector_42),
3343 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3344 nist_186_2_ecdsa_testvector_43),
3345 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3346 nist_186_2_ecdsa_testvector_43),
3347 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3348 nist_186_2_ecdsa_testvector_44),
3349 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3350 nist_186_2_ecdsa_testvector_44),
3351 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3352 nist_186_2_ecdsa_testvector_45),
3353 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3354 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3355 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3356 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3357 nist_186_2_ecdsa_testvector_46),
3358 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3359 nist_186_2_ecdsa_testvector_46),
3360 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3361 nist_186_2_ecdsa_testvector_47),
3362 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3363 nist_186_2_ecdsa_testvector_47),
3364 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3365 nist_186_2_ecdsa_testvector_48),
3366 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3367 nist_186_2_ecdsa_testvector_48),
3368 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3369 nist_186_2_ecdsa_testvector_49),
3370 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3371 nist_186_2_ecdsa_testvector_49),
3372 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3373 nist_186_2_ecdsa_testvector_50),
3374 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3375 nist_186_2_ecdsa_testvector_50),
3376 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3377 nist_186_2_ecdsa_testvector_51),
3378 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3379 nist_186_2_ecdsa_testvector_51),
3380 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3381 nist_186_2_ecdsa_testvector_52),
3382 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3383 nist_186_2_ecdsa_testvector_52),
3384 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3385 nist_186_2_ecdsa_testvector_53),
3386 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3387 nist_186_2_ecdsa_testvector_53),
3388 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3389 nist_186_2_ecdsa_testvector_54),
3390 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3391 nist_186_2_ecdsa_testvector_54),
3392 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3393 nist_186_2_ecdsa_testvector_55),
3394 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3395 nist_186_2_ecdsa_testvector_55),
3396 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3397 nist_186_2_ecdsa_testvector_56),
3398 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3399 nist_186_2_ecdsa_testvector_56),
3400 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3401 nist_186_2_ecdsa_testvector_57),
3402 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3403 nist_186_2_ecdsa_testvector_57),
3404 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3405 nist_186_2_ecdsa_testvector_58),
3406 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3407 nist_186_2_ecdsa_testvector_58),
3408 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3409 nist_186_2_ecdsa_testvector_59),
3410 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3411 nist_186_2_ecdsa_testvector_59),
3412 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3413 nist_186_2_ecdsa_testvector_60),
3414 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3415 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3416 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3417 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3418 nist_186_2_ecdsa_testvector_61),
3419 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3420 nist_186_2_ecdsa_testvector_61),
3421 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3422 nist_186_2_ecdsa_testvector_62),
3423 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3424 nist_186_2_ecdsa_testvector_62),
3425 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3426 nist_186_2_ecdsa_testvector_63),
3427 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3428 nist_186_2_ecdsa_testvector_63),
3429 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3430 nist_186_2_ecdsa_testvector_64),
3431 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3432 nist_186_2_ecdsa_testvector_64),
3433 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3434 nist_186_2_ecdsa_testvector_65),
3435 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3436 nist_186_2_ecdsa_testvector_65),
3437 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3438 nist_186_2_ecdsa_testvector_66),
3439 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3440 nist_186_2_ecdsa_testvector_66),
3441 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3442 nist_186_2_ecdsa_testvector_67),
3443 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3444 nist_186_2_ecdsa_testvector_67),
3445 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3446 nist_186_2_ecdsa_testvector_68),
3447 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3448 nist_186_2_ecdsa_testvector_68),
3449 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3450 nist_186_2_ecdsa_testvector_69),
3451 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3452 nist_186_2_ecdsa_testvector_69),
3453 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3454 nist_186_2_ecdsa_testvector_70),
3455 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3456 nist_186_2_ecdsa_testvector_70),
3457 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3458 nist_186_2_ecdsa_testvector_71),
3459 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3460 nist_186_2_ecdsa_testvector_71),
3461 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3462 nist_186_2_ecdsa_testvector_72),
3463 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3464 nist_186_2_ecdsa_testvector_72),
3465 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3466 nist_186_2_ecdsa_testvector_73),
3467 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3468 nist_186_2_ecdsa_testvector_73),
3469 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3470 nist_186_2_ecdsa_testvector_74),
3471 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3472 nist_186_2_ecdsa_testvector_74),
3473 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3474 nist_186_2_ecdsa_testvector_75),
3475 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3476 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3477 /* [K-163] - GP NOT SUPPORTED */
3478 /* [K-233] - GP NOT SUPPORTED */
3479 /* [K-283] - GP NOT SUPPORTED */
3480 /* [K-409] - GP NOT SUPPORTED */
3481 /* [K-571] - GP NOT SUPPORTED */
3482 /* [B-163] - GP NOT SUPPORTED */
3483 /* [B-233] - GP NOT SUPPORTED */
3484 /* [B-283] - GP NOT SUPPORTED */
3485 /* [B-409] - GP NOT SUPPORTED */
3486 /* [B-571] - GP NOT SUPPORTED */
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3487
3488 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3489 gmt_0003_part5_c2_sm2_testvector),
3490 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_DECRYPT,
3491 gmt_0003_part5_c2_sm2_testvector),
3492 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3493 sm2_testvector2),
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3494
3495 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_VERIFY,
3496 gmt_003_part5_a2),
3497 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_SIGN,
3498 gmt_003_part5_a2),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3499};
3500
3501static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3502 uint32_t max_key_size, uint32_t key_type,
3503 TEE_Attribute *attrs, size_t num_attrs,
3504 TEE_ObjectHandle *handle)
3505{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3506 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3507
3508 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3509 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3510 max_key_size, handle)))
3511 return false;
3512
3513 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3514 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3515 num_attrs)))
3516 return false;
3517
3518 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3519 uint8_t out[512] = { };
3520 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3521
3522 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3523 continue;
3524
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3525 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3526 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3527 attrs[n].attributeID, out, &out_size)))
3528 return false;
3529
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3530 if (out_size < attrs[n].content.ref.length) {
3531 memmove(out + (attrs[n].content.ref.length - out_size),
3532 out,
3533 attrs[n].content.ref.length);
3534 memset(out, 0, attrs[n].content.ref.length - out_size);
3535 out_size = attrs[n].content.ref.length;
3536 }
3537
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3538 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3539 attrs[n].content.ref.length, out, out_size))
3540 return false;
3541 }
3542
3543 return true;
3544}
3545
3546static void xtest_tee_test_4006(ADBG_Case_t *c)
3547{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3548 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3549 TEE_OperationHandle op = TEE_HANDLE_NULL;
3550 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3551 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3552 TEE_Attribute key_attrs[8] = { };
3553 TEE_Attribute algo_params[1] = { };
3554 size_t num_algo_params = 0;
3555 uint8_t out[512] = { };
3556 size_t out_size = 0;
3557 uint8_t out_enc[512] = { };
3558 size_t out_enc_size = 0;
3559 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3560 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3561 size_t max_key_size = 0;
3562 size_t num_key_attrs = 0;
3563 uint32_t ret_orig = 0;
3564 size_t n = 0;
3565 uint32_t curve = 0;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3566 uint32_t pub_key_type = 0;
3567 uint32_t priv_key_type = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3568 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3569
3570 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3571 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3572 &ret_orig)))
3573 return;
3574
3575 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3576 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3577
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3578 if (tv->level > level)
3579 continue;
3580
Jerome Forissier4b03e282020-01-22 16:33:12 +0100[diff] [blame]3581 if ((tv->algo == TEE_ALG_SM2_PKE ||
3582 tv->algo == TEE_ALG_SM2_DSA_SM3) &&
3583 !ta_crypt_cmd_is_algo_supported(c, &session, tv->algo,
3584 TEE_ECC_CURVE_SM2)) {
3585 Do_ADBG_Log("SM2 not supported: skip subcase");
3586 continue;
3587 }
3588
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3589 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3590 (int)n, (unsigned int)tv->algo,
3591 (int)tv->line);
3592
3593 /*
3594 * When signing or verifying we're working with the hash of
3595 * the payload.
3596 */
3597 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3598 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3599 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3600#if defined(CFG_CRYPTO_RSASSA_NA1)
3601 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3602 hash_algo = TEE_ALG_SHA256;
3603#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3604 else
3605 hash_algo = TEE_ALG_HASH_ALGO(
3606 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3607
3608 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3609 ta_crypt_cmd_allocate_operation(c, &session,
3610 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3611 goto out;
3612
3613 ptx_hash_size = sizeof(ptx_hash);
3614 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3615 ta_crypt_cmd_digest_do_final(c, & session, op,
3616 tv->ptx, tv->ptx_len, ptx_hash,
3617 &ptx_hash_size)))
3618 goto out;
3619
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3620 /*
3621 * When we use DSA algorithms, the size of the hash we
3622 * consider equals the min between the size of the
3623 * "subprime" in the key and the size of the hash
3624 */
3625 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3626 TEE_MAIN_ALGO_DSA) {
3627 if (tv->params.dsa.sub_prime_len <=
3628 ptx_hash_size)
3629 ptx_hash_size =
3630 tv->params.dsa.sub_prime_len;
3631 }
3632
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3633 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3634 ta_crypt_cmd_free_operation(c, &session, op)))
3635 goto out;
3636 }
3637
3638 num_algo_params = 0;
3639 num_key_attrs = 0;
3640 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3641 case TEE_MAIN_ALGO_RSA:
3642 if (tv->params.rsa.salt_len > 0) {
3643 algo_params[0].attributeID =
3644 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3645 algo_params[0].content.value.a =
3646 tv->params.rsa.salt_len;
3647 algo_params[0].content.value.b = 0;
3648 num_algo_params = 1;
3649 }
3650
3651 max_key_size = tv->params.rsa.modulus_len * 8;
3652
3653 xtest_add_attr(&num_key_attrs, key_attrs,
3654 TEE_ATTR_RSA_MODULUS,
3655 tv->params.rsa.modulus,
3656 tv->params.rsa.modulus_len);
3657 xtest_add_attr(&num_key_attrs, key_attrs,
3658 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3659 tv->params.rsa.pub_exp,
3660 tv->params.rsa.pub_exp_len);
3661
3662 if (!ADBG_EXPECT_TRUE(c,
3663 create_key(c, &session,
3664 max_key_size,
3665 TEE_TYPE_RSA_PUBLIC_KEY,
3666 key_attrs,
3667 num_key_attrs,
3668 &pub_key_handle)))
3669 goto out;
3670
3671 xtest_add_attr(&num_key_attrs, key_attrs,
3672 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3673 tv->params.rsa.priv_exp,
3674 tv->params.rsa.priv_exp_len);
3675
3676 if (tv->params.rsa.prime1_len != 0) {
3677 xtest_add_attr(&num_key_attrs, key_attrs,
3678 TEE_ATTR_RSA_PRIME1,
3679 tv->params.rsa.prime1,
3680 tv->params.rsa.prime1_len);
3681 }
3682
3683 if (tv->params.rsa.prime2_len != 0) {
3684 xtest_add_attr(&num_key_attrs, key_attrs,
3685 TEE_ATTR_RSA_PRIME2,
3686 tv->params.rsa.prime2,
3687 tv->params.rsa.prime2_len);
3688 }
3689
3690 if (tv->params.rsa.exp1_len != 0) {
3691 xtest_add_attr(&num_key_attrs, key_attrs,
3692 TEE_ATTR_RSA_EXPONENT1,
3693 tv->params.rsa.exp1,
3694 tv->params.rsa.exp1_len);
3695 }
3696
3697 if (tv->params.rsa.exp2_len != 0) {
3698 xtest_add_attr(&num_key_attrs, key_attrs,
3699 TEE_ATTR_RSA_EXPONENT2,
3700 tv->params.rsa.exp2,
3701 tv->params.rsa.exp2_len);
3702 }
3703
3704 if (tv->params.rsa.coeff_len != 0) {
3705 xtest_add_attr(&num_key_attrs, key_attrs,
3706 TEE_ATTR_RSA_COEFFICIENT,
3707 tv->params.rsa.coeff,
3708 tv->params.rsa.coeff_len);
3709 }
3710
3711 if (!ADBG_EXPECT_TRUE(c,
3712 create_key(c, &session,
3713 max_key_size,
3714 TEE_TYPE_RSA_KEYPAIR,
3715 key_attrs,
3716 num_key_attrs,
3717 &priv_key_handle)))
3718 goto out;
3719 break;
3720
3721 case TEE_MAIN_ALGO_DSA:
3722 max_key_size = tv->params.dsa.prime_len * 8;
3723
3724 xtest_add_attr(&num_key_attrs, key_attrs,
3725 TEE_ATTR_DSA_PRIME,
3726 tv->params.dsa.prime,
3727 tv->params.dsa.prime_len);
3728 xtest_add_attr(&num_key_attrs, key_attrs,
3729 TEE_ATTR_DSA_SUBPRIME,
3730 tv->params.dsa.sub_prime,
3731 tv->params.dsa.sub_prime_len);
3732 xtest_add_attr(&num_key_attrs, key_attrs,
3733 TEE_ATTR_DSA_BASE,
3734 tv->params.dsa.base,
3735 tv->params.dsa.base_len);
3736 xtest_add_attr(&num_key_attrs, key_attrs,
3737 TEE_ATTR_DSA_PUBLIC_VALUE,
3738 tv->params.dsa.pub_val,
3739 tv->params.dsa.pub_val_len);
3740
3741 if (!ADBG_EXPECT_TRUE(c,
3742 create_key(c, &session, max_key_size,
3743 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3744 num_key_attrs, &pub_key_handle)))
3745 goto out;
3746
3747 xtest_add_attr(&num_key_attrs, key_attrs,
3748 TEE_ATTR_DSA_PRIVATE_VALUE,
3749 tv->params.dsa.priv_val,
3750 tv->params.dsa.priv_val_len);
3751
3752 if (!ADBG_EXPECT_TRUE(c,
3753 create_key(c, &session, max_key_size,
3754 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3755 num_key_attrs, &priv_key_handle)))
3756 goto out;
3757 break;
3758
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3759 case TEE_MAIN_ALGO_ECDSA:
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3760 case TEE_MAIN_ALGO_SM2_PKE:
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3761 case TEE_MAIN_ALGO_SM2_DSA_SM3:
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3762 switch (tv->algo) {
3763 case TEE_ALG_ECDSA_P192:
3764 curve = TEE_ECC_CURVE_NIST_P192;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3765 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3766 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3767 break;
3768 case TEE_ALG_ECDSA_P224:
3769 curve = TEE_ECC_CURVE_NIST_P224;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3770 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3771 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3772 break;
3773 case TEE_ALG_ECDSA_P256:
3774 curve = TEE_ECC_CURVE_NIST_P256;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3775 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3776 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3777 break;
3778 case TEE_ALG_ECDSA_P384:
3779 curve = TEE_ECC_CURVE_NIST_P384;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3780 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3781 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3782 break;
3783 case TEE_ALG_ECDSA_P521:
3784 curve = TEE_ECC_CURVE_NIST_P521;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3785 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3786 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
3787 break;
3788 case TEE_ALG_SM2_PKE:
3789 curve = TEE_ECC_CURVE_SM2;
3790 pub_key_type = TEE_TYPE_SM2_PKE_PUBLIC_KEY;
3791 priv_key_type = TEE_TYPE_SM2_PKE_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3792 break;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3793 case TEE_ALG_SM2_DSA_SM3:
3794 curve = TEE_ECC_CURVE_SM2;
3795 pub_key_type = TEE_TYPE_SM2_DSA_PUBLIC_KEY;
3796 priv_key_type = TEE_TYPE_SM2_DSA_KEYPAIR;
3797 break;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3798 default:
3799 curve = 0xFF;
3800 break;
3801 }
3802
3803 if (tv->algo == TEE_ALG_ECDSA_P521)
3804 max_key_size = 521;
3805 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3806 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3807
3808 xtest_add_attr_value(&num_key_attrs, key_attrs,
3809 TEE_ATTR_ECC_CURVE, curve, 0);
3810 xtest_add_attr(&num_key_attrs, key_attrs,
3811 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3812 tv->params.ecc.public_x,
3813 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3814 xtest_add_attr(&num_key_attrs, key_attrs,
3815 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3816 tv->params.ecc.public_y,
3817 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3818
3819 if (!ADBG_EXPECT_TRUE(c,
3820 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3821 pub_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3822 num_key_attrs, &pub_key_handle)))
3823 goto out;
3824
3825 xtest_add_attr(&num_key_attrs, key_attrs,
3826 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3827 tv->params.ecc.private,
3828 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3829
3830 if (!ADBG_EXPECT_TRUE(c,
3831 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3832 priv_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3833 num_key_attrs, &priv_key_handle)))
3834 goto out;
3835 break;
3836
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3837 default:
3838 ADBG_EXPECT_TRUE(c, false);
3839 goto out;
3840 }
3841
3842 out_size = sizeof(out);
3843 memset(out, 0, sizeof(out));
3844 switch (tv->mode) {
3845 case TEE_MODE_ENCRYPT:
3846 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3847 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3848 &op, tv->algo, TEE_MODE_ENCRYPT,
3849 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3850 goto out;
3851
3852 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3853 ta_crypt_cmd_set_operation_key(c, &session, op,
3854 pub_key_handle)))
3855 goto out;
3856
3857 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3858 ta_crypt_cmd_free_transient_object(c, &session,
3859 pub_key_handle)))
3860 goto out;
3861 pub_key_handle = TEE_HANDLE_NULL;
3862
3863 out_enc_size = sizeof(out_enc);
3864 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3865 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3866 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3867 &out_enc_size)))
3868 goto out;
3869
3870 /*
3871 * A PS which is random is added when formatting the
3872 * message internally of the algorithm so we can't
3873 * verify against precomputed values, instead we use the
3874 * decrypt operation to see that output is correct.
3875 */
3876
3877 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3878 ta_crypt_cmd_free_operation(c, &session, op)))
3879 goto out;
3880
3881 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3882 ta_crypt_cmd_allocate_operation(c, &session,
3883 &op, tv->algo, TEE_MODE_DECRYPT,
3884 max_key_size)))
3885 goto out;
3886
3887 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3888 ta_crypt_cmd_set_operation_key(c, &session, op,
3889 priv_key_handle)))
3890 goto out;
3891
3892 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3893 ta_crypt_cmd_free_transient_object(c, &session,
3894 priv_key_handle)))
3895 goto out;
3896
3897 priv_key_handle = TEE_HANDLE_NULL;
3898
3899 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3900 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3901 NULL, 0, out_enc, out_enc_size, out,
3902 &out_size)))
3903 goto out;
3904
3905 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3906 out_size);
3907 break;
3908
3909 case TEE_MODE_DECRYPT:
3910 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3911 ta_crypt_cmd_allocate_operation(c, &session,
3912 &op, tv->algo, TEE_MODE_DECRYPT,
3913 max_key_size)))
3914 goto out;
3915
3916 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3917 ta_crypt_cmd_set_operation_key(c, &session, op,
3918 priv_key_handle)))
3919 goto out;
3920
3921 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3922 ta_crypt_cmd_free_transient_object(c, &session,
3923 priv_key_handle)))
3924 goto out;
3925
3926 priv_key_handle = TEE_HANDLE_NULL;
3927
3928 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3929 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3930 NULL, 0, tv->ctx, tv->ctx_len, out,
3931 &out_size)))
3932 goto out;
3933
3934 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3935 out_size);
3936 break;
3937
3938 case TEE_MODE_VERIFY:
3939 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3940 ta_crypt_cmd_allocate_operation(c, &session,
3941 &op, tv->algo, TEE_MODE_VERIFY,
3942 max_key_size)))
3943 goto out;
3944
3945 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3946 ta_crypt_cmd_set_operation_key(c, &session, op,
3947 pub_key_handle)))
3948 goto out;
3949
3950 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3951 ta_crypt_cmd_free_transient_object(c, &session,
3952 pub_key_handle)))
3953 goto out;
3954
3955 pub_key_handle = TEE_HANDLE_NULL;
3956
3957 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3958 ta_crypt_cmd_asymmetric_verify(c, &session, op,
3959 algo_params, num_algo_params, ptx_hash,
3960 ptx_hash_size, tv->ctx, tv->ctx_len)))
3961 goto out;
3962 break;
3963
3964 case TEE_MODE_SIGN:
3965 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3966 ta_crypt_cmd_allocate_operation(c, &session,
3967 &op, tv->algo, TEE_MODE_SIGN,
3968 max_key_size)))
3969 goto out;
3970
3971 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3972 ta_crypt_cmd_set_operation_key(c, &session, op,
3973 priv_key_handle)))
3974 goto out;
3975
3976 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3977 ta_crypt_cmd_free_transient_object(c, &session,
3978 priv_key_handle)))
3979 goto out;
3980
3981 priv_key_handle = TEE_HANDLE_NULL;
3982
3983 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3984 ta_crypt_cmd_asymmetric_sign(c, &session, op,
3985 algo_params, num_algo_params, ptx_hash,
3986 ptx_hash_size, out, &out_size)))
3987 goto out;
3988
3989 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
3990 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3991 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3992 tv->algo == TEE_ALG_DSA_SHA224 ||
3993 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3994 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3995 TEE_MAIN_ALGO_ECDSA ||
3996 tv->algo == TEE_ALG_SM2_DSA_SM3) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3997 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3998 ta_crypt_cmd_free_operation(c, &session,
3999 op)))
4000 goto out;
4001 /*
4002 * The salt or K is random so we can't verify
4003 * signing against precomputed values, instead
4004 * we use the verify operation to see that
4005 * output is correct.
4006 */
4007 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4008 ta_crypt_cmd_allocate_operation(c,
4009 &session, &op, tv->algo,
4010 TEE_MODE_VERIFY, max_key_size)))
4011 goto out;
4012
4013 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4014 ta_crypt_cmd_set_operation_key(c,
4015 &session, op, pub_key_handle)))
4016 goto out;
4017
4018 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4019 ta_crypt_cmd_free_transient_object(c,
4020 &session, pub_key_handle)))
4021 goto out;
4022
4023 pub_key_handle = TEE_HANDLE_NULL;
4024
4025 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4026 ta_crypt_cmd_asymmetric_verify(c,
4027 &session, op, algo_params,
4028 num_algo_params, ptx_hash,
4029 ptx_hash_size, out, out_size)))
4030 goto out;
4031 } else {
4032 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4033 tv->ctx_len, out,
4034 out_size);
4035 }
4036 break;
4037
4038 default:
4039 break;
4040 }
4041
4042 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4043 ta_crypt_cmd_free_operation(c, &session, op)))
4044 goto out;
4045
4046 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4047 ta_crypt_cmd_free_transient_object(c, &session,
4048 pub_key_handle)))
4049 goto out;
4050 pub_key_handle = TEE_HANDLE_NULL;
4051
4052 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4053 ta_crypt_cmd_free_transient_object(c, &session,
4054 priv_key_handle)))
4055 goto out;
4056
4057 priv_key_handle = TEE_HANDLE_NULL;
4058
4059 Do_ADBG_EndSubCase(c, NULL);
4060 }
4061out:
4062 TEEC_CloseSession(&session);
4063}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4064ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4065 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4066
4067#define KEY_ATTR(x, y) { #x, (x), y }
4068
4069struct key_attrs {
4070 const char *name;
4071 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4072 /*
4073 * When keysize_check != 0: size of attribute is checked
4074 * Expected value is key_size bits except for DH in which case it is
4075 * the value of keysize_check.
4076 */
4077 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4078};
4079
4080static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4081 TEE_ObjectHandle key, uint32_t key_size,
4082 struct key_attrs *attrs, size_t num_attrs)
4083{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4084 uint8_t out[2048] = { };
4085 size_t out_size = 0;
4086 size_t n = 0;
4087 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4088
4089 for (m = 0; m < num_attrs; m++) {
4090 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4091 out_size = sizeof(out);
4092 memset(out, 0, sizeof(out));
4093 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4094 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4095 key, attrs[m].attr, out, &out_size)))
4096 return false;
4097
4098 if (attrs[m].keysize_check)
Jerome Forissierfe94e562020-11-17 17:22:40 +0100[diff] [blame]4099 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, <=,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4100 key_size / 8);
4101
4102 if (out_size > 0) {
4103 /* Check that buffer isn't all zeroes */
4104 for (n = 0; n < out_size; n++)
4105 if (out[n] != 0)
4106 break;
4107 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4108 out_size))
4109 return false;
4110 }
4111 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4112 uint32_t a = 0;
4113 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4114
4115 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4116 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4117 attrs[m].attr, &a, &b)))
4118 return false;
4119 }
4120 }
4121 return true;
4122}
4123
4124static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4125 TEE_ObjectHandle key, uint32_t key_size)
4126{
4127 const struct key_attrs attrs[] = {
4128 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4129 };
4130
4131 return test_keygen_attributes(c, s, key, key_size,
4132 (struct key_attrs *)&attrs,
4133 ARRAY_SIZE(attrs));
4134}
4135
4136
4137static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4138 TEE_ObjectHandle key, uint32_t key_size)
4139{
4140 const struct key_attrs attrs[] = {
4141 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4142 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4143 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4144 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4145 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4146 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4147 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4148 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4149 };
4150
4151 return test_keygen_attributes(c, s, key, key_size,
4152 (struct key_attrs *)&attrs,
4153 ARRAY_SIZE(attrs));
4154}
4155
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4156static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4157 TEE_ObjectHandle key, uint32_t key_size)
4158{
4159 const struct key_attrs attrs[] = {
4160 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4161 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4162 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4163 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4164 };
4165
4166 return test_keygen_attributes(c, s, key, key_size,
4167 (struct key_attrs *)&attrs,
4168 ARRAY_SIZE(attrs));
4169}
4170
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4171static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4172 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4173{
4174 const struct key_attrs attrs[] = {
4175 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4176 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4177 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4178 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4179 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4180 };
4181
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4182 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4183 (struct key_attrs *)&attrs,
4184 ARRAY_SIZE(attrs));
4185}
4186
4187static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4188 TEE_ObjectHandle key, uint32_t key_size)
4189{
4190 const struct key_attrs attrs[] = {
4191 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4192 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4193 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4194 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4195 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4196 };
4197
4198 return test_keygen_attributes(c, s, key, key_size,
4199 (struct key_attrs *)&attrs,
4200 ARRAY_SIZE(attrs));
4201}
4202
4203static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4204 uint32_t key_type, uint32_t check_keysize,
4205 uint32_t key_size,
4206 TEE_Attribute *params, size_t param_count)
4207{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4208 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4209 bool ret_val = true;
4210
4211 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4212 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4213 &key)))
4214 return false;
4215
4216 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4217 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4218 param_count)))
4219 return false;
4220
4221 switch (key_type) {
4222 case TEE_TYPE_DES:
4223 case TEE_TYPE_DES3:
4224 ret_val = ADBG_EXPECT_TRUE(c,
4225 test_secret_value(c, s, key,
4226 key_size + key_size / 7));
4227 break;
4228 case TEE_TYPE_AES:
4229 case TEE_TYPE_HMAC_MD5:
4230 case TEE_TYPE_HMAC_SHA1:
4231 case TEE_TYPE_HMAC_SHA224:
4232 case TEE_TYPE_HMAC_SHA256:
4233 case TEE_TYPE_HMAC_SHA384:
4234 case TEE_TYPE_HMAC_SHA512:
4235 case TEE_TYPE_GENERIC_SECRET:
4236 ret_val = ADBG_EXPECT_TRUE(c,
4237 test_secret_value(c, s, key, key_size));
4238 break;
4239
4240 case TEE_TYPE_RSA_KEYPAIR:
4241 ret_val = ADBG_EXPECT_TRUE(c,
4242 test_rsa_key_pair(c, s, key, key_size));
4243 break;
4244
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4245 case TEE_TYPE_ECDSA_KEYPAIR:
4246 case TEE_TYPE_ECDH_KEYPAIR:
4247 ret_val = ADBG_EXPECT_TRUE(c,
4248 test_ecc_key_pair(c, s, key, key_size));
4249 break;
4250
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4251 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4252 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4253 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4254 break;
4255
4256 case TEE_TYPE_DSA_KEYPAIR:
4257 ret_val = ADBG_EXPECT_TRUE(c,
4258 test_dsa_key_pair(c, s, key, key_size));
4259 break;
4260
4261 default:
4262 ret_val = false;
4263 break;
4264 }
4265
4266 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4267 ta_crypt_cmd_free_transient_object(c, s, key)))
4268 return false;
4269
4270 return ret_val;
4271}
4272
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4273struct key_types_noparam {
4274 unsigned level;
4275 const char *name;
4276 uint32_t key_type;
4277 uint32_t quanta;
4278 uint32_t min_size;
4279 uint32_t max_size;
4280};
4281
4282static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4283 const struct key_types_noparam *key_types,
4284 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4285{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4286 size_t n = 0;
4287 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4288
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4289 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4290 uint32_t min_size = key_types[n].min_size;
4291 uint32_t max_size = key_types[n].max_size;
4292 uint32_t quanta = key_types[n].quanta;
4293
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4294 if (key_types[n].level > level)
4295 continue;
4296
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4297 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4298
4299 for (key_size = min_size; key_size <= max_size;
4300 key_size += quanta) {
4301 if (!ADBG_EXPECT_TRUE(c,
4302 generate_and_test_key(c, session, key_types
4303 [n].key_type, 1, key_size, NULL, 0)))
4304 break;
4305 }
4306
4307 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4308 }
4309}
4310
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4311static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4312{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4313 TEEC_Session session = { };
4314 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4315 static const struct key_types_noparam key_types[] = {
4316 { 0, "AES", TEE_TYPE_AES, 64, 128,
4317 256 /* valid sizes 128, 192, 256 */ },
4318 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4319 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4320 168 /* valid sizes 112, 168 */ },
4321 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4322 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4323 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4324 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4325 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4326 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4327 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4328 };
4329
4330 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4331 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4332 &ret_orig)))
4333 return;
4334
4335 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4336
4337 TEEC_CloseSession(&session);
4338}
4339ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4340 "Test TEE Internal API Generate Symmetric key");
4341
4342static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4343{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4344 TEEC_Session session = { };
4345 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4346 static const struct key_types_noparam key_types[] = {
4347 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4348 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4349 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4350 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4351 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4352 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4353 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4354 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4355 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4356 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4357 };
4358
4359 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4360 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4361 &ret_orig)))
4362 return;
4363
4364 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4365
4366 TEEC_CloseSession(&session);
4367}
4368ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4369 "Test TEE Internal API Generate RSA key");
4370
4371static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4372{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4373 TEEC_Session session = { };
4374 uint32_t ret_orig = 0;
4375 size_t n = 0;
4376 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4377 /*
4378 * Note that the key size parameter is not used when creating the keys
4379 * but specifying these sizes make it possible to test the expected size
4380 * of the private value. This also means that the keysize must match the
4381 * size of p or what is specified in private_bits or the equvivalent
4382 * size of the subprime parameter.
4383 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4384 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4385
4386#define XTEST_DH_GK_DATA(vect) \
4387 ARRAY(vect ## _p), \
4388 ARRAY(vect ## _g), \
4389 &vect ## _private_bits, \
4390 0, 0
4391#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4392 ARRAY(vect ## _p), \
4393 ARRAY(vect ## _g), \
4394 &vect ## _private_bits, \
4395 ARRAY(vect ## _subprime)
4396 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4397 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4398 uint32_t key_size;
4399 const uint8_t *p;
4400 size_t p_len;
4401 const uint8_t *g;
4402 size_t g_len;
4403 const uint32_t *private_bits;
4404 const uint8_t *subprime;
4405 size_t subprime_len;
4406 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4407 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4408 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4409 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4410 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4411 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4412 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4413 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4414 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4415 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4416 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4417 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4418 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4419 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4420 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4421 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4422 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4423 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4424 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4425 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4426 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4427 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4428 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4429 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4430 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4431 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4432 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4433 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4434 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4435 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4436 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4437 };
4438
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4439 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4440 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4441 &ret_orig)))
4442 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4443
4444 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4445 if (key_types[n].level > level)
4446 continue;
4447
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4448 Do_ADBG_BeginSubCase(c,
4449 "Generate DH key %d bits - Private bits = %d",
4450 key_types[n].key_size,
4451 *key_types[n].private_bits);
4452 param_count = 0;
4453
4454 xtest_add_attr(&param_count, params,
4455 TEE_ATTR_DH_PRIME,
4456 key_types[n].p, key_types[n].p_len);
4457
4458 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4459 key_types[n].g, key_types[n].g_len);
4460
4461 if (key_types[n].private_bits != 0) {
4462 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4463
4464 params[param_count].content.value.a =
4465 *key_types[n].private_bits;
4466
4467 params[param_count].content.value.b = 0;
4468 param_count++;
4469 }
4470
4471 if (key_types[n].subprime != 0) {
4472 xtest_add_attr(&param_count, params,
4473 TEE_ATTR_DH_SUBPRIME,
4474 key_types[n].subprime,
4475 key_types[n].subprime_len);
4476 }
4477
4478 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4479 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4480 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4481 key_types[n]. key_size, params, param_count)))
4482 break;
4483
4484 Do_ADBG_EndSubCase(c,
4485 "Generate DH key %d bits - Private bits = %d",
4486 key_types[n].key_size,
4487 *key_types[n].private_bits);
4488 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4489
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4490 TEEC_CloseSession(&session);
4491}
4492ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4493 "Test TEE Internal API Generate DH key");
4494
4495static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4496{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4497 TEEC_Session session = { };
4498 uint32_t ret_orig = 0;
4499 size_t n = 0;
4500 size_t param_count = 0;
4501 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4502
4503#define XTEST_DSA_GK_DATA(vect) \
4504 ARRAY(vect ## _p), \
4505 ARRAY(vect ## _g), \
4506 ARRAY(vect ## _q)
4507 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4508 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4509 uint32_t key_size;
4510 const uint8_t *prime;
4511 size_t prime_len;
4512 const uint8_t *base;
4513 size_t base_len;
4514 const uint8_t *sub_prime;
4515 size_t sub_prime_len;
4516 } key_types[] = {
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4517 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4518 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4519 { 0, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4520 { 0, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4521 { 0, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4522 { 0, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4523 { 0, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4524 { 0, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4525 { 0, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4526 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4527 };
4528
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4529 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4530 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4531 &ret_orig)))
4532 return;
4533
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4534 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4535 if (key_types[n].level > level)
4536 continue;
4537
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4538 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4539 key_types[n].key_size);
4540 param_count = 0;
4541
4542
4543 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4544 key_types[n].prime, key_types[n].prime_len);
4545
4546 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4547 key_types[n].sub_prime,
4548 key_types[n].sub_prime_len);
4549
4550 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4551 key_types[n].base, key_types[n].base_len);
4552
4553 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4554 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4555 1, key_types[n]. key_size, params,
4556 param_count)))
4557 break;
4558
4559 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4560 key_types[n].key_size);
4561 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4562
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4563 TEEC_CloseSession(&session);
4564}
4565ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4566 "Test TEE Internal API Generate DSA key");
4567
4568static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4569{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4570 TEEC_Session session = { };
4571 uint32_t ret_orig = 0;
4572 size_t n = 0;
4573 size_t param_count = 0;
4574 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4575
4576 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4577 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4578 const char *name;
4579 uint32_t algo;
4580 uint32_t curve;
4581 uint32_t key_size;
4582 } key_types[] = {
4583 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4584 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4585 192 },
4586 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4587 224 },
4588 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4589 256 },
4590 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4591 384 },
4592 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4593 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4594
4595 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4596 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4597 192 },
4598 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4599 224 },
4600 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4601 256 },
4602 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4603 384 },
4604 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4605 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4606 };
4607
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4608 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4609 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4610 &ret_orig)))
4611 return;
4612
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4613 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4614 if (key_types[n].level > level)
4615 continue;
4616
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4617 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4618 param_count = 0;
4619
4620 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4621 key_types[n].curve, 0);
4622
4623 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4624 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4625 0, key_types[n].key_size, params,
4626 param_count)))
4627 break;
4628
4629 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4630 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4631
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4632 TEEC_CloseSession(&session);
4633}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4634ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
4635 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4636
4637static void xtest_tee_test_4008(ADBG_Case_t *c)
4638{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4639 TEEC_Session session = { };
4640 uint32_t ret_orig = 0;
4641 TEE_OperationHandle op = TEE_HANDLE_NULL;
4642 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4643 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4644 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4645 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4646 uint8_t out[2048] = { };
4647 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4648
4649 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4650 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4651 &ret_orig)))
4652 return;
4653
4654 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4655
4656 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4657 ta_crypt_cmd_allocate_operation(c, &session, &op,
4658 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4659 derive_key_max_keysize)))
4660 goto out;
4661
4662 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4663 ta_crypt_cmd_allocate_transient_object(c, & session,
4664 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4665 &key_handle)))
4666 goto out;
4667
4668 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4669 ARRAY(derive_key_dh_prime));
4670
4671 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4672 ARRAY(derive_key_dh_base));
4673
4674 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4675 ARRAY(derive_key_dh_public_value));
4676
4677 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4678 ARRAY(derive_key_dh_private_value));
4679
4680 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4681 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4682 params, param_count)))
4683 goto out;
4684
4685 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4686 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4687 goto out;
4688
4689 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4690 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4691 goto out;
4692
4693 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4694 ta_crypt_cmd_allocate_transient_object(c, &session,
4695 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4696 &sv_handle)))
4697 goto out;
4698
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4699 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4700 param_count = 0;
4701
4702 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4703 ARRAY(derive_key_dh_public_value_2));
4704
4705 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4706 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4707 param_count)))
4708 goto out;
4709
4710 out_size = sizeof(out);
4711 memset(out, 0, sizeof(out));
4712 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4713 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4714 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4715 goto out;
4716
4717 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4718 sizeof(derive_key_dh_shared_secret), out,
4719 out_size))
4720 goto out;
4721
4722 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4723 ta_crypt_cmd_free_operation(c, &session, op)))
4724 goto out;
4725
4726 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4727 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4728 goto out;
4729out:
4730 Do_ADBG_EndSubCase(c, "Derive DH key success");
4731 TEEC_CloseSession(&session);
4732}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4733ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
4734 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4735
4736static void xtest_tee_test_4009(ADBG_Case_t *c)
4737{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4738 TEEC_Session session = { };
4739 uint32_t ret_orig = 0;
4740 TEE_OperationHandle op = TEE_HANDLE_NULL;
4741 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4742 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4743 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4744 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4745 uint8_t out[2048] = { };
4746 size_t out_size = 0;
4747 uint32_t size_bytes = 0;
4748 uint32_t i = 0;
Ruchika Gupta454b0b62020-10-30 13:23:19 +0530[diff] [blame]4749 struct derive_key_ecdh_t const *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4750
4751 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4752 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4753 &ret_orig)))
4754 return;
4755
4756 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4757 pt = &derive_key_ecdh[i];
4758
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]4759 if (pt->level > level)
4760 continue;
4761
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4762 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4763 pt->algo);
4764 size_bytes = (pt->keysize + 7) / 8;
4765 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4766 ta_crypt_cmd_allocate_operation(c, &session, &op,
4767 pt->algo,
4768 TEE_MODE_DERIVE, pt->keysize)))
4769 goto out;
4770
4771 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4772 ta_crypt_cmd_allocate_transient_object(c, & session,
4773 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4774 &key_handle)))
4775 goto out;
4776
4777 param_count = 0;
4778 xtest_add_attr_value(&param_count, params,
4779 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4780 xtest_add_attr(&param_count, params,
4781 TEE_ATTR_ECC_PRIVATE_VALUE,
4782 pt->private, size_bytes);
4783 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4784 * The public value is not used, but we should provide a valid
4785 * one to avoid rejection in case TEE_PopulateTransientObject()
4786 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4787 */
4788 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4789 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4790 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4791 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4792 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4793 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4794
4795 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4796 ta_crypt_cmd_populate_transient_object(c,
4797 &session,
4798 key_handle, params, param_count)))
4799 goto out;
4800
4801 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4802 ta_crypt_cmd_set_operation_key(c, &session, op,
4803 key_handle)))
4804 goto out;
4805
4806 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4807 ta_crypt_cmd_free_transient_object(c, & session,
4808 key_handle)))
4809 goto out;
4810
4811 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4812 ta_crypt_cmd_allocate_transient_object(c, &session,
4813 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4814 &sv_handle)))
4815 goto out;
4816
4817 /* reuse but reset params and param-count */
4818 param_count = 0;
4819
4820 xtest_add_attr(&param_count, params,
4821 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4822 pt->public_x, size_bytes);
4823 xtest_add_attr(&param_count, params,
4824 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4825 pt->public_y, size_bytes);
4826
4827 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4828 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4829 params, param_count)))
4830 goto out;
4831
4832 out_size = sizeof(out);
4833 memset(out, 0, sizeof(out));
4834 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4835 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4836 sv_handle,
4837 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4838 goto out;
4839
4840 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4841 out, out_size))
4842 goto out;
4843
4844 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4845 ta_crypt_cmd_free_operation(c, &session, op)))
4846 goto out;
4847
4848 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4849 ta_crypt_cmd_free_transient_object(c, &session,
4850 sv_handle)))
4851 goto out;
4852
4853 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4854 pt->algo);
4855 }
4856
4857 goto noerror;
4858
4859out:
4860 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4861
4862noerror:
4863 TEEC_CloseSession(&session);
4864}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4865ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
4866 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4867
4868static void xtest_tee_test_4010(ADBG_Case_t *c)
4869{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4870 TEEC_Session session = { };
4871 uint32_t ret_orig = 0;
4872 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4873 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
4874 static const TEE_Attribute attr = {
4875 .attributeID = TEE_ATTR_SECRET_VALUE,
4876 .content.ref.buffer = (void *)large_key,
4877 .content.ref.length = sizeof(large_key),
4878 };
4879
4880 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4881 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4882 &ret_orig)))
4883 return;
4884
4885 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4886 ta_crypt_cmd_allocate_transient_object(c, &session,
4887 TEE_TYPE_HMAC_SHA256, 1024, &o)))
4888 goto out;
4889
4890 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
4891 ta_crypt_cmd_populate_transient_object(c, &session, o,
4892 &attr, 1));
4893
4894out:
4895 TEEC_CloseSession(&session);
4896}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4897ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
4898 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4899
4900static void xtest_tee_test_4011(ADBG_Case_t *c)
4901{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4902 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4903 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4904 TEE_ObjectHandle key = TEE_HANDLE_NULL;
4905 TEE_OperationHandle ops = TEE_HANDLE_NULL;
4906 TEE_OperationHandle opv = TEE_HANDLE_NULL;
4907 TEE_OperationHandle ope = TEE_HANDLE_NULL;
4908 TEE_OperationHandle opd = TEE_HANDLE_NULL;
4909 uint32_t ret_orig = 0;
4910 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
4911 uint8_t out[1024] = { };
4912 uint8_t tmp[1024] = { };
4913 size_t out_size = 0;
4914 size_t tmp_size = 0;
4915 size_t n = 0;
4916 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4917 size_t i = 0;
4918
4919 /* Setup session, initialize message to sign, create a keypair */
4920 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
4921 &crypt_user_ta_uuid, NULL, &ret_orig)))
4922 return;
4923 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
4924 &s, in, sizeof(in))))
4925 goto out;
4926 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
4927 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
4928 goto out;
4929 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
4930 key, key_size, NULL, 0)))
4931 goto out;
4932
4933 /* Allocate operations for sign, verify, encrypt and decrypt */
4934 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4935 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
4936 key_size)))
4937 goto out;
4938 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4939 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
4940 key_size)))
4941 goto out;
4942 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4943 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
4944 goto out;
4945 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4946 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
4947 goto out;
4948
4949 /* Assign the keypair to all operations */
4950 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4951 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
4952 goto out;
4953 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4954 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
4955 goto out;
4956 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4957 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
4958 goto out;
4959 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4960 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
4961 goto out;
4962
4963 /*
4964 * The core of the test case is inspired by the one in libtomcrypt:
4965 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
4966 *
4967 * Testcase for Bleichenbacher attack
4968 *
4969 * (1) Create a valid signature
4970 * (2) Check that it can be verified
4971 * (3) Transform the package to fetch plain text (using the encrypt
4972 * operation in GP TEE Internal API)
4973 * (4) Forge the structure of PKCS#1-EMSA encoded data
4974 * (4.1) Search for start and end of the padding string
4975 * (4.2) Move the signature to the front of the padding string
4976 * (4.3) Zero the message until the end
4977 * (5) Transform the package back (using the decrypt operation in
4978 * GP TEE Internal API)
4979 * (6) The result should not be valid if the implementation is robust.
4980 */
4981
4982
4983 for (i = 0; i < 9; i++) {
4984 Do_ADBG_Log("Iteration %zu", i);
4985
4986 /* 1 */
4987 out_size = sizeof(out);
4988 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4989 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
4990 in, sizeof(in), out, &out_size)))
4991 goto out;
4992
4993 /* 2 */
4994 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4995 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
4996 in, sizeof(in), out, out_size)))
4997 goto out;
4998
4999 /* 3 */
5000 tmp_size = sizeof(tmp);
5001 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5002 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5003 out, out_size, tmp, &tmp_size)))
5004 goto out;
5005
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5006 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5007 goto out;
5008
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5009 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5010 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5011 if (tmp[n] == 0xff)
5012 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5013
5014 /* Shall find at least a padding start before buffer end */
5015 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5016 goto out;
5017
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5018 for (m = n + 1; m < tmp_size; m++)
5019 if (tmp[m] != 0xff)
5020 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5021
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5022 /* 4.2 */
5023 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5024
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5025 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5026 n = n + i + tmp_size - m;
Etienne Carriereacb81c42020-04-24 14:58:58 +0200[diff] [blame]5027
5028 /* Prevent overrun when zeroing buffer end */
5029 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <=, tmp_size))
5030 goto out;
5031
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5032 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5033
5034 /* 5 */
5035 out_size = sizeof(out);
5036 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5037 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5038 tmp, tmp_size, out, &out_size)))
5039 goto out;
5040
5041 /* 6 */
5042 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5043 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5044 in, sizeof(in), out, out_size)))
5045 goto out;
5046 }
5047
5048out:
5049 TEEC_CloseSession(&s);
5050}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5051ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5052 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5053
5054#ifdef CFG_SYSTEM_PTA
5055static void xtest_tee_test_4012(ADBG_Case_t *c)
5056{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5057 TEEC_Session session = { };
5058 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5059 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5060 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5061 uint8_t pool_input[32] = { };
5062 time_t t = 0;
5063 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5064
5065 t = time(NULL);
5066 tm_local = *localtime(&t);
5067
5068 memcpy((void *)pool_input, (void *)&tm_local,
5069 sizeof(pool_input) < sizeof(tm_local) ?
5070 sizeof(pool_input) : sizeof(tm_local));
5071
5072
5073 op.params[0].tmpref.buffer = pool_input;
5074 op.params[0].tmpref.size = sizeof(pool_input);
5075 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5076 TEEC_NONE,
5077 TEEC_NONE,
5078 TEEC_NONE);
5079 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5080 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5081 &ret_orig)))
5082 return;
5083
5084 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5085 TEEC_InvokeCommand(&session,
5086 TA_CRYPT_CMD_SEED_RNG_POOL,
5087 &op,
5088 &ret_orig));
5089 TEEC_CloseSession(&session);
5090}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5091ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5092 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5093
5094static void xtest_tee_test_4013(ADBG_Case_t *c)
5095{
5096 TEEC_Session session = { };
5097 uint32_t ret_orig = 0;
5098 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5099 uint8_t key[32] = { };
5100 uint8_t extra_data[32] = { };
5101
5102 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5103 TEEC_NONE,
5104 TEEC_NONE,
5105 TEEC_NONE);
5106 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5107 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5108 NULL, &ret_orig)))
5109 return;
5110
5111 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5112 TEEC_InvokeCommand(&session,
5113 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5114 &op,
5115 &ret_orig));
5116
5117 /* Negative test using non-secure memory */
5118 memset(&op, 0, sizeof(op));
5119 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5120 TEEC_MEMREF_TEMP_OUTPUT,
5121 TEEC_NONE,
5122 TEEC_NONE);
5123
5124 op.params[0].tmpref.buffer = extra_data;
5125 op.params[0].tmpref.size = sizeof(extra_data);
5126 op.params[1].tmpref.buffer = key;
5127 op.params[1].tmpref.size = sizeof(key);
5128 (void)ADBG_EXPECT_TEEC_RESULT(c,
5129 TEEC_ERROR_SECURITY,
5130 TEEC_InvokeCommand(&session,
5131 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5132 &op,
5133 &ret_orig));
5134
5135 TEEC_CloseSession(&session);
5136}
5137ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5138 "Test generation of device unique TA keys");
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5139
5140static void xtest_tee_test_4014(ADBG_Case_t *c)
5141{
5142 TEEC_Session session = { };
5143 uint32_t ret_orig = 0;
5144 TEE_OperationHandle op = TEE_HANDLE_NULL;
5145 TEE_ObjectHandle keyA = TEE_HANDLE_NULL;
5146 TEE_ObjectHandle eph_keyA = TEE_HANDLE_NULL;
5147 TEE_ObjectHandle keyB = TEE_HANDLE_NULL;
5148 TEE_ObjectHandle eph_keyB = TEE_HANDLE_NULL;
5149 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5150 TEE_Attribute params[9] = { };
5151 size_t param_count = 0;
5152 uint8_t out[128] = { };
5153 size_t out_size = 0;
5154 uint8_t conf_A[32] = { };
5155 uint8_t conf_B[32] = { };
5156
5157 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5158 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5159 &ret_orig)))
5160 return;
5161
5162 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM2_KEP,
5163 TEE_ECC_CURVE_SM2)) {
5164 Do_ADBG_Log("SM2 KEP not supported: skip subcase");
5165 goto out;
5166 }
5167
5168 Do_ADBG_BeginSubCase(c, "Initiator side");
5169
5170 /*
5171 * Key exchange protocol running on user A's side. A is initiator.
5172 */
5173
5174 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5175 ta_crypt_cmd_allocate_operation(c, &session, &op,
5176 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5177 goto out;
5178
5179 /* Allocate and initialize keypair of user A */
5180
5181 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5182 ta_crypt_cmd_allocate_transient_object(c, &session,
5183 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyA)))
5184 goto out;
5185
5186 param_count = 0;
5187
5188 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5189 TEE_ECC_CURVE_SM2, 0);
5190
5191 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5192 ARRAY(gmt_003_part5_b2_public_xA));
5193
5194 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5195 ARRAY(gmt_003_part5_b2_public_yA));
5196
5197 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5198 ARRAY(gmt_003_part5_b2_private_A));
5199
5200 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5201 ta_crypt_cmd_populate_transient_object(c, &session, keyA,
5202 params, param_count)))
5203 goto out;
5204
5205 /*
5206 * Allocate and set ephemeral key of user A. Note: it is a regular ECC
5207 * key -- we don't use the *_EPHEMERAL_* attributes flags which are
5208 * reserved for use in TEE_DeriveKey() to pass the ephermeral key of
5209 * user B.
5210 */
5211
5212 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5213 ta_crypt_cmd_allocate_transient_object(c, &session,
5214 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyA)))
5215 goto out;
5216
5217 param_count = 0;
5218
5219 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5220 TEE_ECC_CURVE_SM2, 0);
5221
5222 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5223 ARRAY(gmt_003_part5_b2_eph_public_xA));
5224
5225 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5226 ARRAY(gmt_003_part5_b2_eph_public_yA));
5227
5228 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5229 ARRAY(gmt_003_part5_b2_eph_private_A));
5230
5231 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5232 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyA,
5233 params, param_count)))
5234 goto out;
5235
5236 /* Associate user A keys with operation */
5237
5238 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5239 ta_crypt_cmd_set_operation_key2(c, &session, op, keyA,
5240 eph_keyA)))
5241 goto out;
5242
5243 /* Keys have been set, free key objects */
5244
5245 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5246 ta_crypt_cmd_free_transient_object(c, &session, keyA)))
5247 goto out;
5248
5249 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5250 ta_crypt_cmd_free_transient_object(c, &session, eph_keyA)))
5251 goto out;
5252
5253 /* Allocate output object */
5254
5255 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5256 ta_crypt_cmd_allocate_transient_object(c, &session,
5257 TEE_TYPE_GENERIC_SECRET,
5258 sizeof(gmt_003_part5_b2_shared_secret),
5259 &sv_handle)))
5260 goto out;
5261
5262 /* Set key derivation parameters: user A role, user B information */
5263
5264 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5265 params[0].content.value.a = 0; /* Initiator role */
5266 params[0].content.value.b = 0; /* Not used */
5267 param_count = 1;
5268
5269 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5270 ARRAY(gmt_003_part5_b2_public_xB));
5271
5272 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5273 ARRAY(gmt_003_part5_b2_public_yB));
5274
5275 xtest_add_attr(&param_count, params,
5276 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5277 ARRAY(gmt_003_part5_b2_eph_public_xB));
5278
5279 xtest_add_attr(&param_count, params,
5280 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5281 ARRAY(gmt_003_part5_b2_eph_public_yB));
5282
5283 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5284 ARRAY(gmt_003_part5_b2_id_A));
5285
5286 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5287 ARRAY(gmt_003_part5_b2_id_B));
5288
5289 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5290 ARRAY(gmt_003_part5_b2_conf_B));
5291
5292 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5293 ARRAY(conf_A));
5294
5295 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5296 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5297 param_count)))
5298 goto out;
5299
5300 out_size = sizeof(out);
5301 memset(out, 0, sizeof(out));
5302 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5303 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5304 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5305 goto out;
5306
5307 /* Check derived key */
5308 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5309 sizeof(gmt_003_part5_b2_shared_secret), out,
5310 out_size))
5311 goto out;
5312
5313 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5314 ta_crypt_cmd_free_operation(c, &session, op)))
5315 goto out;
5316
5317 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5318 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5319 goto out;
5320
5321 Do_ADBG_EndSubCase(c, "Initiator side");
5322
5323 Do_ADBG_BeginSubCase(c, "Responder side");
5324
5325 /*
5326 * Key derivation on user B's side
5327 */
5328
5329 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5330 ta_crypt_cmd_allocate_operation(c, &session, &op,
5331 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5332 goto out;
5333
5334 /* Allocate and initialize keypair of user B */
5335
5336 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5337 ta_crypt_cmd_allocate_transient_object(c, &session,
5338 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyB)))
5339 goto out;
5340
5341 param_count = 0;
5342
5343 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5344 TEE_ECC_CURVE_SM2, 0);
5345
5346 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5347 ARRAY(gmt_003_part5_b2_public_xB));
5348
5349 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5350 ARRAY(gmt_003_part5_b2_public_yB));
5351
5352 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5353 ARRAY(gmt_003_part5_b2_private_B));
5354
5355 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5356 ta_crypt_cmd_populate_transient_object(c, &session, keyB,
5357 params, param_count)))
5358 goto out;
5359
5360 /* Allocate and set ephemeral key of user B */
5361
5362 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5363 ta_crypt_cmd_allocate_transient_object(c, &session,
5364 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyB)))
5365 goto out;
5366
5367 param_count = 0;
5368
5369 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5370 TEE_ECC_CURVE_SM2, 0);
5371
5372 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5373 ARRAY(gmt_003_part5_b2_eph_public_xB));
5374
5375 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5376 ARRAY(gmt_003_part5_b2_eph_public_yB));
5377
5378 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5379 ARRAY(gmt_003_part5_b2_eph_private_B));
5380
5381 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5382 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyB,
5383 params, param_count)))
5384 goto out;
5385
5386 /* Associate user B keys with operation */
5387
5388 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5389 ta_crypt_cmd_set_operation_key2(c, &session, op, keyB,
5390 eph_keyB)))
5391 goto out;
5392
5393 /* Keys have been set, free key objects */
5394
5395 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5396 ta_crypt_cmd_free_transient_object(c, &session, keyB)))
5397 goto out;
5398
5399 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5400 ta_crypt_cmd_free_transient_object(c, &session, eph_keyB)))
5401 goto out;
5402
5403 /* Allocate output object */
5404
5405 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5406 ta_crypt_cmd_allocate_transient_object(c, &session,
5407 TEE_TYPE_GENERIC_SECRET,
5408 sizeof(gmt_003_part5_b2_shared_secret),
5409 &sv_handle)))
5410 goto out;
5411
5412 /* Set key derivation parameters: user B role, user A information */
5413
5414 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5415 params[0].content.value.a = 1; /* Responder role */
5416 params[0].content.value.b = 0; /* Not used */
5417 param_count = 1;
5418
5419 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5420 ARRAY(gmt_003_part5_b2_public_xA));
5421
5422 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5423 ARRAY(gmt_003_part5_b2_public_yA));
5424
5425 xtest_add_attr(&param_count, params,
5426 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5427 ARRAY(gmt_003_part5_b2_eph_public_xA));
5428
5429 xtest_add_attr(&param_count, params,
5430 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5431 ARRAY(gmt_003_part5_b2_eph_public_yA));
5432
5433 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5434 ARRAY(gmt_003_part5_b2_id_A));
5435
5436 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5437 ARRAY(gmt_003_part5_b2_id_B));
5438
5439 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5440 ARRAY(gmt_003_part5_b2_conf_A));
5441
5442 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5443 ARRAY(conf_B));
5444
5445 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5446 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5447 param_count)))
5448 goto out;
5449
5450 out_size = sizeof(out);
5451 memset(out, 0, sizeof(out));
5452 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5453 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5454 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5455 goto out;
5456
5457 /* Check derived key */
5458 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5459 sizeof(gmt_003_part5_b2_shared_secret), out,
5460 out_size))
5461 goto out;
5462
5463 Do_ADBG_EndSubCase(c, "Responder side");
5464
5465out:
5466 TEEC_CloseSession(&session);
5467}
5468ADBG_CASE_DEFINE(regression, 4014, xtest_tee_test_4014,
5469 "Test SM2 KEP (key derivation)");
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5470#endif /*CFG_SYSTEM_PTA*/