TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 16de19dc8555b2efb27c4ba72da009518e1771dc / . / host / xtest / regression_4000.c
blob: 505c9811ef8b546e4f1c12d4760fdbc8e6ba1a67 [file] [log] [blame]
Etienne Carriere9b7b70d2020-05-16 10:27:23 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2/*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]4 * Copyright (c) 2021, SumUp Services GmbH
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5 */
6
7#include <stdio.h>
8#include <string.h>
9#include <inttypes.h>
10#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]11#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]12
13#include "xtest_test.h"
14#include "xtest_helpers.h"
15
16#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]17#include <tee_api_defines_extensions.h>
Jens Wiklandercbd8fd12022-11-26 20:38:47 +0100[diff] [blame]18#include <tee_api_compat.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]19#include <ta_crypt.h>
20#include <utee_defines.h>
21#include <util.h>
22
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]23#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]24#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]25
26#include <assert.h>
27
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]28static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
29 TEE_OperationHandle oph)
30{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]31 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]32 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]33 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]34
35 assert((uintptr_t)oph <= UINT32_MAX);
36 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
37 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
38 TEEC_NONE);
39 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
40 &ret_orig);
41 if (res != TEEC_SUCCESS) {
42 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
43 ret_orig);
44 }
45 return res;
46}
47
48static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
49 TEEC_Session *s,
50 TEE_OperationHandle dst_oph,
51 TEE_OperationHandle src_oph)
52{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]53 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]54 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]55 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]56
57 assert((uintptr_t)dst_oph <= UINT32_MAX);
58 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
59
60 assert((uintptr_t)src_oph <= UINT32_MAX);
61 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
62 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
63 TEEC_NONE);
64
65 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
66 &ret_orig);
67
68 if (res != TEEC_SUCCESS) {
69 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
70 ret_orig);
71 }
72 return res;
73}
74
75static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
76 TEE_OperationHandle oph,
77 const void *chunk,
78 size_t chunk_size)
79{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]80 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]81 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]82 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]83
84 assert((uintptr_t)oph <= UINT32_MAX);
85 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
86 op.params[1].tmpref.buffer = (void *)chunk;
87 op.params[1].tmpref.size = chunk_size;
88
89 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
90 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
91 TEEC_NONE);
92
93 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
94
95 if (res != TEEC_SUCCESS) {
96 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
97 ret_orig);
98 }
99
100 return res;
101}
102
103static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
104 TEE_OperationHandle oph,
105 const void *chunk,
106 size_t chunk_len, void *hash,
107 size_t *hash_len)
108{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]109 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]110 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]111 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]112
113 assert((uintptr_t)oph <= UINT32_MAX);
114 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
115
116 op.params[1].tmpref.buffer = (void *)chunk;
117 op.params[1].tmpref.size = chunk_len;
118
119 op.params[2].tmpref.buffer = (void *)hash;
120 op.params[2].tmpref.size = *hash_len;
121
122 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
123 TEEC_MEMREF_TEMP_INPUT,
124 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
125
126 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
127 &ret_orig);
128
129 if (res != TEEC_SUCCESS) {
130 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
131 ret_orig);
132 }
133
134 if (res == TEEC_SUCCESS)
135 *hash_len = op.params[2].tmpref.size;
136
137 return res;
138}
139
Jens Wiklander92aded22022-12-07 09:43:56 +0100[diff] [blame]140static TEEC_Result ta_crypt_cmd_digest_extract(ADBG_Case_t *c, TEEC_Session *s,
141 TEE_OperationHandle oph,
142 void *hash, size_t *hash_len)
143{
144 TEEC_Result res = TEEC_ERROR_GENERIC;
145 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
146 uint32_t ret_orig = 0;
147
148 assert((uintptr_t)oph <= UINT32_MAX);
149 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
150
151 op.params[1].tmpref.buffer = (void *)hash;
152 op.params[1].tmpref.size = *hash_len;
153
154 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
155 TEEC_MEMREF_TEMP_OUTPUT,
156 TEEC_NONE, TEEC_NONE);
157
158 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_EXTRACT, &op,
159 &ret_orig);
160
161 if (res != TEEC_SUCCESS) {
162 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
163 ret_orig);
164 }
165
166 if (res == TEEC_SUCCESS)
167 *hash_len = op.params[1].tmpref.size;
168
169 return res;
170}
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]171static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
172 TEEC_Session *s,
173 TEE_OperationHandle oph,
174 TEE_ObjectHandle key1,
175 TEE_ObjectHandle key2)
176{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]177 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]178 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]179 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]180
181 assert((uintptr_t)oph <= UINT32_MAX);
182 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
183
184 assert((uintptr_t)key1 <= UINT32_MAX);
185 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
186
187 assert((uintptr_t)key2 <= UINT32_MAX);
188 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
189 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
190 TEEC_NONE, TEEC_NONE);
191
192 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
193 &ret_orig);
194
195 if (res != TEEC_SUCCESS) {
196 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
197 ret_orig);
198 }
199
200 return res;
201}
202
203static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
204 TEE_OperationHandle oph,
205 const void *iv, size_t iv_len)
206{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]207 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]208 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]209 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]210
211 assert((uintptr_t)oph <= UINT32_MAX);
212 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
213
214 if (iv != NULL) {
215 op.params[1].tmpref.buffer = (void *)iv;
216 op.params[1].tmpref.size = iv_len;
217 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
218 TEEC_MEMREF_TEMP_INPUT,
219 TEEC_NONE, TEEC_NONE);
220 } else {
221 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
222 TEEC_NONE, TEEC_NONE);
223 }
224
225 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
226
227 if (res != TEEC_SUCCESS) {
228 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
229 ret_orig);
230 }
231
232 return res;
233}
234
235static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
236 TEE_OperationHandle oph,
237 const void *chunk, size_t chunk_size)
238{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]239 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]240 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]241 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]242
243 assert((uintptr_t)oph <= UINT32_MAX);
244 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
245
246 op.params[1].tmpref.buffer = (void *)chunk;
247 op.params[1].tmpref.size = chunk_size;
248
249 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
250 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
251 TEEC_NONE);
252
253 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
254
255 if (res != TEEC_SUCCESS) {
256 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
257 ret_orig);
258 }
259
260 return res;
261}
262
263static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
264 TEEC_Session *s,
265 TEE_OperationHandle oph,
266 const void *chunk,
267 size_t chunk_len,
268 void *hash,
269 size_t *hash_len)
270{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]271 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]272 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]273 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]274
275 assert((uintptr_t)oph <= UINT32_MAX);
276 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
277
278 op.params[1].tmpref.buffer = (void *)chunk;
279 op.params[1].tmpref.size = chunk_len;
280
281 op.params[2].tmpref.buffer = (void *)hash;
282 op.params[2].tmpref.size = *hash_len;
283
284 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
285 TEEC_MEMREF_TEMP_INPUT,
286 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
287
288 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
289 &ret_orig);
290
291 if (res != TEEC_SUCCESS) {
292 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
293 ret_orig);
294 }
295
296 if (res == TEEC_SUCCESS)
297 *hash_len = op.params[2].tmpref.size;
298
299 return res;
300}
301
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]302static TEEC_Result ta_crypt_cmd_mac_final_compare(ADBG_Case_t *c,
303 TEEC_Session *s,
304 TEE_OperationHandle oph,
305 const void *chunk,
306 size_t chunk_len,
307 const uint8_t *hash,
308 size_t hash_len)
309{
310 TEEC_Result res = TEEC_ERROR_GENERIC;
311 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
312 uint32_t ret_orig = 0;
313
314 assert((uintptr_t)oph <= UINT32_MAX);
315 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
316
317 op.params[1].tmpref.buffer = (void *)chunk;
318 op.params[1].tmpref.size = chunk_len;
319
320 op.params[2].tmpref.buffer = (void *)hash;
321 op.params[2].tmpref.size = hash_len;
322
323 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
324 TEEC_MEMREF_TEMP_INPUT,
325 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE);
326
327 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPARE, &op,
328 &ret_orig);
329
330 if (res != TEEC_SUCCESS) {
331 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
332 ret_orig);
333 }
334
335 return res;
336}
337
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]338static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
339 TEE_OperationHandle oph,
340 const void *iv, size_t iv_len)
341{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]342 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]343 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]344 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]345
346 assert((uintptr_t)oph <= UINT32_MAX);
347 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
348
349 if (iv != NULL) {
350 op.params[1].tmpref.buffer = (void *)iv;
351 op.params[1].tmpref.size = iv_len;
352
353 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
354 TEEC_MEMREF_TEMP_INPUT,
355 TEEC_NONE, TEEC_NONE);
356 } else {
357 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
358 TEEC_NONE, TEEC_NONE);
359 }
360
361 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
362
363 if (res != TEEC_SUCCESS) {
364 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
365 ret_orig);
366 }
367
368 return res;
369}
370
371static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
372 TEE_OperationHandle oph,
373 const void *src, size_t src_len,
374 void *dst, size_t *dst_len)
375{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]376 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]377 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]378 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]379
380 assert((uintptr_t)oph <= UINT32_MAX);
381 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
382
383 op.params[1].tmpref.buffer = (void *)src;
384 op.params[1].tmpref.size = src_len;
385
386 op.params[2].tmpref.buffer = dst;
387 op.params[2].tmpref.size = *dst_len;
388
389 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
390 TEEC_MEMREF_TEMP_INPUT,
391 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
392
393 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
394
395 if (res != TEEC_SUCCESS) {
396 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
397 ret_orig);
398 }
399
400 if (res == TEEC_SUCCESS)
401 *dst_len = op.params[2].tmpref.size;
402
403 return res;
404}
405
406static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
407 TEEC_Session *s,
408 TEE_OperationHandle oph,
409 const void *src,
410 size_t src_len,
411 void *dst,
412 size_t *dst_len)
413{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]414 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]415 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]416 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]417
418 assert((uintptr_t)oph <= UINT32_MAX);
419 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
420
421 op.params[1].tmpref.buffer = (void *)src;
422 op.params[1].tmpref.size = src_len;
423
424 op.params[2].tmpref.buffer = (void *)dst;
425 op.params[2].tmpref.size = *dst_len;
426
427 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
428 TEEC_MEMREF_TEMP_INPUT,
429 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
430
431 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
432 &ret_orig);
433
434 if (res != TEEC_SUCCESS) {
435 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
436 ret_orig);
437 }
438
439 if (res == TEEC_SUCCESS)
440 *dst_len = op.params[2].tmpref.size;
441
442 return res;
443}
444
445static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
446 TEEC_Session *s,
447 void *buf,
448 size_t blen)
449{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]450 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]451 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]452 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]453
454 op.params[0].tmpref.buffer = buf;
455 op.params[0].tmpref.size = blen;
456
457 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
458 TEEC_NONE, TEEC_NONE);
459
Joakim Bech81f97e32020-05-27 12:14:23 +0200[diff] [blame]460 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE, &op,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]461 &ret_orig);
462
463 if (res != TEEC_SUCCESS) {
464 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
465 ret_orig);
466 }
467
468 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
469 op.params[0].tmpref.size);
470 return res;
471}
472
473static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
474 TEE_OperationHandle oph,
475 const void *nonce, size_t nonce_len,
476 size_t tag_len, size_t aad_len,
477 size_t payload_len)
478{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]479 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]480 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]481 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]482
483 assert((uintptr_t)oph <= UINT32_MAX);
484 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
485 op.params[0].value.b = tag_len;
486
487 op.params[1].tmpref.buffer = (void *)nonce;
488 op.params[1].tmpref.size = nonce_len;
489
490 op.params[2].value.a = aad_len;
491 op.params[2].value.b = payload_len;
492
493 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
494 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]495 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]496
497 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
498
499 if (res != TEEC_SUCCESS) {
500 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
501 ret_orig);
502 }
503 return res;
504}
505
506static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
507 TEE_OperationHandle oph,
508 const void *aad, size_t aad_len)
509{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]510 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]511 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]512 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]513
514 assert((uintptr_t)oph <= UINT32_MAX);
515 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
516
517 op.params[1].tmpref.buffer = (void *)aad;
518 op.params[1].tmpref.size = aad_len;
519
520 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
521 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
522 TEEC_NONE);
523
524 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
525
526 if (res != TEEC_SUCCESS) {
527 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
528 ret_orig);
529 }
530
531 return res;
532}
533
534static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
535 TEEC_Session *s,
536 TEE_OperationHandle oph,
537 const void *src,
538 size_t src_len,
539 void *dst,
540 size_t *dst_len)
541{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]542 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]543 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]544 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]545
546 assert((uintptr_t)oph <= UINT32_MAX);
547 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
548
549 op.params[1].tmpref.buffer = (void *)src;
550 op.params[1].tmpref.size = src_len;
551
552 op.params[2].tmpref.buffer = (void *)dst;
553 op.params[2].tmpref.size = *dst_len;
554
555 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
556 TEEC_MEMREF_TEMP_INPUT,
557 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
558
559 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
560
561 if (res != TEEC_SUCCESS) {
562 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
563 ret_orig);
564 }
565
566 if (res == TEEC_SUCCESS)
567 *dst_len = op.params[2].tmpref.size;
568
569 return res;
570}
571
572static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
573 TEEC_Session *s,
574 TEE_OperationHandle oph,
575 const void *src,
576 size_t src_len, void *dst,
577 size_t *dst_len, void *tag,
578 size_t *tag_len)
579{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]580 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]581 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]582 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]583
584 assert((uintptr_t)oph <= UINT32_MAX);
585 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
586
587 op.params[1].tmpref.buffer = (void *)src;
588 op.params[1].tmpref.size = src_len;
589
590 op.params[2].tmpref.buffer = (void *)dst;
591 op.params[2].tmpref.size = *dst_len;
592
593 op.params[3].tmpref.buffer = (void *)tag;
594 op.params[3].tmpref.size = *tag_len;
595
596 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
597 TEEC_MEMREF_TEMP_INPUT,
598 TEEC_MEMREF_TEMP_OUTPUT,
599 TEEC_MEMREF_TEMP_OUTPUT);
600
601 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
602 &ret_orig);
603
604 if (res != TEEC_SUCCESS) {
605 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
606 ret_orig);
607 }
608
609 if (res == TEEC_SUCCESS) {
610 *dst_len = op.params[2].tmpref.size;
611 *tag_len = op.params[3].tmpref.size;
612 }
613
614 return res;
615}
616
617static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
618 TEEC_Session *s,
619 TEE_OperationHandle oph,
620 const void *src, size_t src_len,
621 void *dst, size_t *dst_len,
622 const void *tag, size_t tag_len)
623{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]624 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]625 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]626 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]627
628 assert((uintptr_t)oph <= UINT32_MAX);
629 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
630
631 op.params[1].tmpref.buffer = (void *)src;
632 op.params[1].tmpref.size = src_len;
633
634 op.params[2].tmpref.buffer = dst;
635 op.params[2].tmpref.size = *dst_len;
636
637 op.params[3].tmpref.buffer = (void *)tag;
638 op.params[3].tmpref.size = tag_len;
639
640 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
641 TEEC_MEMREF_TEMP_INPUT,
642 TEEC_MEMREF_TEMP_OUTPUT,
643 TEEC_MEMREF_TEMP_INPUT);
644
645 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
646 &ret_orig);
647
648 if (res != TEEC_SUCCESS) {
649 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
650 ret_orig);
651 }
652
653 if (res == TEEC_SUCCESS)
654 *dst_len = op.params[2].tmpref.size;
655
656 return res;
657}
658
659static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
660 TEEC_Session *s,
661 TEE_OperationHandle oph,
662 uint32_t cmd,
663 const TEE_Attribute *params,
664 uint32_t paramCount,
665 const void *src,
666 size_t src_len,
667 void *dst,
668 size_t *dst_len)
669{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]670 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]671 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]672 uint32_t ret_orig = 0;
673 uint8_t *buf = NULL;
674 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]675
676 res = pack_attrs(params, paramCount, &buf, &blen);
677 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
678 return res;
679
680 assert((uintptr_t)oph <= UINT32_MAX);
681 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
682
683 op.params[1].tmpref.buffer = buf;
684 op.params[1].tmpref.size = blen;
685
686 op.params[2].tmpref.buffer = (void *)src;
687 op.params[2].tmpref.size = src_len;
688
689 op.params[3].tmpref.buffer = dst;
690 op.params[3].tmpref.size = *dst_len;
691
692 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
693 TEEC_MEMREF_TEMP_INPUT,
694 TEEC_MEMREF_TEMP_INPUT,
695 TEEC_MEMREF_TEMP_OUTPUT);
696
697 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
698
699 if (res != TEEC_SUCCESS) {
700 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
701 ret_orig);
702 }
703
704 if (res == TEEC_SUCCESS)
705 *dst_len = op.params[3].tmpref.size;
706
707 free(buf);
708 return res;
709}
710
711static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
712 TEEC_Session *s,
713 TEE_OperationHandle oph,
714 const TEE_Attribute *params,
715 uint32_t paramCount,
716 const void *src,
717 size_t src_len,
718 void *dst,
719 size_t *dst_len)
720{
721 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
722 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
723 params, paramCount,
724 src, src_len, dst, dst_len);
725}
726
727static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
728 TEEC_Session *s,
729 TEE_OperationHandle oph,
730 const TEE_Attribute *params,
731 uint32_t paramCount,
732 const void *src,
733 size_t src_len,
734 void *dst,
735 size_t *dst_len)
736{
737 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
738 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
739 params, paramCount,
740 src, src_len, dst, dst_len);
741}
742
743static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
744 TEEC_Session *s,
745 TEE_OperationHandle oph,
746 const TEE_Attribute *params,
747 uint32_t paramCount,
748 const void *digest,
749 size_t digest_len,
750 void *signature,
751 size_t *signature_len)
752{
753 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
754 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
755 digest, digest_len, signature, signature_len);
756}
757
758static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
759 TEEC_Session *s,
760 TEE_OperationHandle oph,
761 const TEE_Attribute *params,
762 uint32_t paramCount,
763 const void *digest,
764 size_t digest_len,
765 const void *signature,
766 size_t signature_len)
767{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]768 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]769 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]770 uint32_t ret_orig = 0;
771 uint8_t *buf = NULL;
772 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]773
774 res = pack_attrs(params, paramCount, &buf, &blen);
775 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
776 return res;
777
778 assert((uintptr_t)oph <= UINT32_MAX);
779 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
780
781 op.params[1].tmpref.buffer = buf;
782 op.params[1].tmpref.size = blen;
783
784 op.params[2].tmpref.buffer = (void *)digest;
785 op.params[2].tmpref.size = digest_len;
786
787 op.params[3].tmpref.buffer = (void *)signature;
788 op.params[3].tmpref.size = signature_len;
789
790 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
791 TEEC_MEMREF_TEMP_INPUT,
792 TEEC_MEMREF_TEMP_INPUT,
793 TEEC_MEMREF_TEMP_INPUT);
794
795 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
796 &op, &ret_orig);
797
798 if (res != TEEC_SUCCESS) {
799 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
800 ret_orig);
801 }
802
803 free(buf);
804 return res;
805}
806
807static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
808 TEEC_Session *s,
809 TEE_ObjectHandle o,
810 uint32_t attr_id,
811 uint32_t *valuea,
812 uint32_t *valueb)
813{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]814 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]815 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]816 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]817
818 assert((uintptr_t)o <= UINT32_MAX);
819 op.params[0].value.a = (uint32_t)(uintptr_t)o;
820 op.params[0].value.b = attr_id;
821 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
822 TEEC_NONE, TEEC_NONE);
823
824 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
825 &op, &ret_orig);
826
827 if (res != TEEC_SUCCESS) {
828 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
829 ret_orig);
830 }
831
832 if (res == TEEC_SUCCESS) {
833 *valuea = op.params[1].value.a;
834 *valueb = op.params[1].value.b;
835 }
836
837 return res;
838}
839
840static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
841 TEEC_Session *s,
842 TEE_ObjectHandle o,
843 uint32_t key_size,
844 const TEE_Attribute *params,
845 uint32_t paramCount)
846{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]847 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]848 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]849 uint32_t ret_orig = 0;
850 uint8_t *buf = NULL;
851 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]852
853 res = pack_attrs(params, paramCount, &buf, &blen);
854 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
855 return res;
856
857 assert((uintptr_t)o <= UINT32_MAX);
858 op.params[0].value.a = (uint32_t)(uintptr_t)o;
859 op.params[0].value.b = key_size;
860
861 op.params[1].tmpref.buffer = buf;
862 op.params[1].tmpref.size = blen;
863
864 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
865 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
866 TEEC_NONE);
867
868 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
869
870 if (res != TEEC_SUCCESS) {
871 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
872 ret_orig);
873 }
874
875 free(buf);
876 return res;
877}
878
879static const uint8_t hash_data_md5_in1[] = {
880 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
881};
882
883static const uint8_t hash_data_md5_out1[] = {
884 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
885 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
886};
887
888static const uint8_t hash_data_sha1_in1[] = {
889 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
890};
891
892static const uint8_t hash_data_sha1_out1[] = {
893 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
894 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
895 0xc1, 0x5e, 0x7c, 0x9c
896};
897
898static const uint8_t hash_data_sha224_in1[] = {
899 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
900};
901
902static const uint8_t hash_data_sha224_out1[] = {
903 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
904 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
905 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
906 0x92, 0x49, 0xd8, 0x44
907};
908
909static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
910
911static const uint8_t hash_data_sha256_out1[] = {
912 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
913 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
914 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
915 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
916};
917
918static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
919
920static const uint8_t hash_data_sha256_out2[] = {
921 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
922 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
923 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
924 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
925};
926
927
928static const uint8_t hash_data_sha384_in1[] = {
929 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
930};
931
932static const uint8_t hash_data_sha384_out1[] = {
933 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
934 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
935 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
936 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
937 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
938 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
939};
940
941static const uint8_t hash_data_sha512_in1[] = {
942 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
943};
944
945static const uint8_t hash_data_sha512_out1[] = {
946 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
947 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
948 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
949 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
950 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
951 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
952 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
953 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
954};
955
Jens Wiklander72967ae2022-12-07 08:07:43 +0100[diff] [blame]956/* SHA-3 vectors from https://www.di-mgt.com.au/sha_testvectors.html */
957#define hash_data_sha3_in1 hash_data_sha256_in1
958
959static const uint8_t hash_data_sha3_224_out1[] = {
960 0xe6, 0x42, 0x82, 0x4c, 0x3f, 0x8c, 0xf2, 0x4a,
961 0xd0, 0x92, 0x34, 0xee, 0x7d, 0x3c, 0x76, 0x6f,
962 0xc9, 0xa3, 0xa5, 0x16, 0x8d, 0x0c, 0x94, 0xad,
963 0x73, 0xb4, 0x6f, 0xdf
964};
965
966static const uint8_t hash_data_sha3_256_out1[] = {
967 0x3a, 0x98, 0x5d, 0xa7, 0x4f, 0xe2, 0x25, 0xb2,
968 0x04, 0x5c, 0x17, 0x2d, 0x6b, 0xd3, 0x90, 0xbd,
969 0x85, 0x5f, 0x08, 0x6e, 0x3e, 0x9d, 0x52, 0x5b,
970 0x46, 0xbf, 0xe2, 0x45, 0x11, 0x43, 0x15, 0x32
971};
972
973static const uint8_t hash_data_sha3_384_out1[] = {
974 0xec, 0x01, 0x49, 0x82, 0x88, 0x51, 0x6f, 0xc9,
975 0x26, 0x45, 0x9f, 0x58, 0xe2, 0xc6, 0xad, 0x8d,
976 0xf9, 0xb4, 0x73, 0xcb, 0x0f, 0xc0, 0x8c, 0x25,
977 0x96, 0xda, 0x7c, 0xf0, 0xe4, 0x9b, 0xe4, 0xb2,
978 0x98, 0xd8, 0x8c, 0xea, 0x92, 0x7a, 0xc7, 0xf5,
979 0x39, 0xf1, 0xed, 0xf2, 0x28, 0x37, 0x6d, 0x25
980};
981
982static const uint8_t hash_data_sha3_512_out1[] = {
983 0xb7, 0x51, 0x85, 0x0b, 0x1a, 0x57, 0x16, 0x8a,
984 0x56, 0x93, 0xcd, 0x92, 0x4b, 0x6b, 0x09, 0x6e,
985 0x08, 0xf6, 0x21, 0x82, 0x74, 0x44, 0xf7, 0x0d,
986 0x88, 0x4f, 0x5d, 0x02, 0x40, 0xd2, 0x71, 0x2e,
987 0x10, 0xe1, 0x16, 0xe9, 0x19, 0x2a, 0xf3, 0xc9,
988 0x1a, 0x7e, 0xc5, 0x76, 0x47, 0xe3, 0x93, 0x40,
989 0x57, 0x34, 0x0b, 0x4c, 0xf4, 0x08, 0xd5, 0xa5,
990 0x65, 0x92, 0xf8, 0x27, 0x4e, 0xec, 0x53, 0xf0
991};
992
993/*
994 * SHAKE output generated with:
995 * https://asecuritysite.com/hash/shake?m=abc&l=54
996 */
997static const uint8_t hash_data_shake128_out1[] = {
998 0x58, 0x81, 0x09, 0x2d, 0xd8, 0x18, 0xbf, 0x5c,
999 0xf8, 0xa3, 0xdd, 0xb7, 0x93, 0xfb, 0xcb, 0xa7,
1000 0x40, 0x97, 0xd5, 0xc5, 0x26, 0xa6, 0xd3, 0x5f,
1001 0x97, 0xb8, 0x33, 0x51, 0x94, 0x0f, 0x2c, 0xc8,
1002 0x44, 0xc5, 0x0a, 0xf3, 0x2a, 0xcd, 0x3f, 0x2c,
1003 0xdd, 0x06, 0x65, 0x68, 0x70, 0x6f, 0x50, 0x9b,
1004 0xc1, 0xbd, 0xde, 0x58, 0x29, 0x5d
1005};
1006
1007static const uint8_t hash_data_shake256_out1[] = {
1008 0x48, 0x33, 0x66, 0x60, 0x13, 0x60, 0xa8, 0x77,
1009 0x1c, 0x68, 0x63, 0x08, 0x0c, 0xc4, 0x11, 0x4d,
1010 0x8d, 0xb4, 0x45, 0x30, 0xf8, 0xf1, 0xe1, 0xee,
1011 0x4f, 0x94, 0xea, 0x37, 0xe7, 0x8b, 0x57, 0x39,
1012 0xd5, 0xa1, 0x5b, 0xef, 0x18, 0x6a, 0x53, 0x86,
1013 0xc7, 0x57, 0x44, 0xc0, 0x52, 0x7e, 0x1f, 0xaa,
1014 0x9f, 0x87, 0x26, 0xe4, 0x62, 0xa1
1015};
1016
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]1017/*
1018 * SM3
1019 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1020 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]1021 */
1022static const uint8_t hash_data_sm3_a1_in[3] = "abc";
1023
1024static const uint8_t hash_data_sm3_a1_out[] = {
1025 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
1026 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
1027 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
1028 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
1029};
1030
1031/*
1032 * SM3
1033 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1034 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]1035 */
1036static const uint8_t hash_data_sm3_a2_in[] = {
1037 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
1038 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
1039 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
1040 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
1041 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
1042 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
1043 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
1044 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
1045};
1046
1047static const uint8_t hash_data_sm3_a2_out[] = {
1048 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
1049 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
1050 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
1051 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
1052};
1053
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1054struct xtest_hash_case {
1055 uint32_t algo;
1056 size_t in_incr;
1057 const uint8_t *in;
1058 size_t in_len;
1059 const uint8_t *out;
1060 size_t out_len;
1061};
1062
1063#define XTEST_HASH_CASE(algo, in_incr, in, out) \
1064 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
1065
1066static const struct xtest_hash_case hash_cases[] = {
1067 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
1068 hash_data_md5_out1),
1069 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
1070 hash_data_sha1_out1),
1071 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
1072 hash_data_sha224_out1),
1073 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
1074 hash_data_sha256_out1),
1075 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
1076 hash_data_sha256_out2),
1077 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
1078 hash_data_sha384_out1),
1079 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
1080 hash_data_sha512_out1),
Jens Wiklander72967ae2022-12-07 08:07:43 +0100[diff] [blame]1081 XTEST_HASH_CASE(TEE_ALG_SHA3_224, 1, hash_data_sha3_in1,
1082 hash_data_sha3_224_out1),
1083 XTEST_HASH_CASE(TEE_ALG_SHA3_256, 1, hash_data_sha3_in1,
1084 hash_data_sha3_256_out1),
1085 XTEST_HASH_CASE(TEE_ALG_SHA3_384, 1, hash_data_sha3_in1,
1086 hash_data_sha3_384_out1),
1087 XTEST_HASH_CASE(TEE_ALG_SHA3_512, 1, hash_data_sha3_in1,
1088 hash_data_sha3_512_out1),
1089 XTEST_HASH_CASE(TEE_ALG_SHAKE128, 1, hash_data_sha3_in1,
1090 hash_data_shake128_out1),
1091 XTEST_HASH_CASE(TEE_ALG_SHAKE256, 1, hash_data_sha3_in1,
1092 hash_data_shake256_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]1093 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
1094 hash_data_sm3_a1_out),
1095 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
1096 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1097};
1098
1099static void xtest_tee_test_4001(ADBG_Case_t *c)
1100{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1101 TEEC_Session session = { };
1102 uint32_t ret_orig = 0;
1103 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1104
1105 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1106 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1107 &ret_orig)))
1108 return;
1109
1110
1111 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1112 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1113 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1114 uint8_t out[64] = { };
1115 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1116
Jerome Forissier87b00c02020-01-22 16:33:12 +0100[diff] [blame]1117 if (hash_cases[n].algo == TEE_ALG_SM3 &&
1118 !ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM3,
1119 TEE_CRYPTO_ELEMENT_NONE)) {
1120 Do_ADBG_Log("SM3 not supported: skip subcase");
1121 continue;
1122 }
1123
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1124 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
1125 (int)n, (unsigned int)hash_cases[n].algo);
1126
1127 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1128 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1129 hash_cases[n].algo,
1130 TEE_MODE_DIGEST, 0)))
1131 goto out;
1132
1133 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1134 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1135 hash_cases[n].algo,
1136 TEE_MODE_DIGEST, 0)))
1137 goto out;
1138
1139 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1140 ta_crypt_cmd_digest_update(c, &session, op1,
1141 hash_cases[n].in,
1142 hash_cases[n].in_incr)))
1143 goto out;
1144
1145 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1146 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1147 goto out;
1148
Jens Wiklander72967ae2022-12-07 08:07:43 +0100[diff] [blame]1149 out_size = hash_cases[n].out_len;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1150 memset(out, 0, sizeof(out));
1151 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1152 ta_crypt_cmd_digest_do_final(c, &session, op2,
1153 hash_cases[n].in + hash_cases[n].in_incr,
1154 hash_cases[n].in_len - hash_cases[n].in_incr,
1155 out, &out_size)))
1156 goto out;
1157
1158 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1159 hash_cases[n].out_len, out, out_size);
1160
1161 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1162 ta_crypt_cmd_reset_operation(c, &session, op1)))
1163 goto out;
1164
Jens Wiklander72967ae2022-12-07 08:07:43 +0100[diff] [blame]1165 out_size = hash_cases[n].out_len;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1166 memset(out, 0, sizeof(out));
1167 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1168 ta_crypt_cmd_digest_do_final(c, &session, op1,
1169 hash_cases[n].in,
1170 hash_cases[n].in_len, out,
1171 &out_size)))
1172 goto out;
1173
1174 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1175 hash_cases[n].out_len, out, out_size);
1176
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1177 /*
1178 * Invoke TEE_DigestDoFinal() a second time to check that state
1179 * was properly reset
1180 */
Jens Wiklander72967ae2022-12-07 08:07:43 +0100[diff] [blame]1181 out_size = hash_cases[n].out_len;
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1182 memset(out, 0, sizeof(out));
1183 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1184 ta_crypt_cmd_digest_do_final(c, &session, op1,
1185 hash_cases[n].in,
1186 hash_cases[n].in_len, out,
1187 &out_size)))
1188 goto out;
1189
1190 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1191 hash_cases[n].out_len, out, out_size);
1192
Jens Wiklander92aded22022-12-07 09:43:56 +0100[diff] [blame]1193 /*
1194 * Test that TEE_DigestExtract() and TEE_DigestDoFinal()
1195 * work together.
1196 */
1197
1198 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1199 ta_crypt_cmd_digest_update(c, &session, op1,
1200 hash_cases[n].in,
1201 hash_cases[n].in_len)))
1202 goto out;
1203
1204 out_size = hash_cases[n].in_incr;
1205 memset(out, 0, sizeof(out));
1206 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1207 ta_crypt_cmd_digest_extract(c, &session, op1,
1208 out, &out_size)))
1209 goto out;
1210 ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1211 hash_cases[n].in_incr, out, out_size);
1212
1213 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1214 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1215 goto out;
1216
1217 out_size = hash_cases[n].out_len - hash_cases[n].in_incr;
1218 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1219 ta_crypt_cmd_digest_do_final(c, &session, op1,
1220 NULL, 0, out, &out_size)))
1221 goto out;
1222 ADBG_EXPECT_BUFFER(c, hash_cases[n].out + hash_cases[n].in_incr,
1223 hash_cases[n].out_len -
1224 hash_cases[n].in_incr, out, out_size);
1225
1226 out_size = hash_cases[n].out_len - hash_cases[n].in_incr;
1227 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1228 ta_crypt_cmd_digest_extract(c, &session, op2,
1229 out, &out_size)))
1230 goto out;
1231 ADBG_EXPECT_BUFFER(c, hash_cases[n].out + hash_cases[n].in_incr,
1232 hash_cases[n].out_len -
1233 hash_cases[n].in_incr, out, out_size);
1234
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1235 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1236 ta_crypt_cmd_free_operation(c, &session, op1)))
1237 goto out;
1238
1239 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1240 ta_crypt_cmd_free_operation(c, &session, op2)))
1241 goto out;
1242
1243 Do_ADBG_EndSubCase(c, NULL);
1244 }
1245
1246out:
1247 TEEC_CloseSession(&session);
1248}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1249ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1250 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1251
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1252struct xtest_mac_case {
1253 uint32_t algo;
1254 uint32_t key_type;
1255 const uint8_t *key;
1256 size_t key_len;
1257 size_t in_incr;
1258 const uint8_t *in;
1259 size_t in_len;
1260 const uint8_t *out;
1261 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1262 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1263};
1264
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1265#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1266 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1267 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1268
1269#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1270 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1271 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1272
1273#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1274 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1275 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1276
1277#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1278 XTEST_MAC_CASE((algo), (key_type), \
1279 mac_cbc_ ## vect ## _key, (in_incr), \
1280 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1281
1282#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1283 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1284 mac_cmac_ ## vect ## _key, (in_incr), \
1285 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1286
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1287#define XTEST_MAC_DES3_CMAC_CASE(vect, in_incr) \
1288 XTEST_MAC_CASE(TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, \
1289 mac_des3_cmac_ ## vect ## _key, (in_incr), \
1290 mac_des3_cmac_ ## vect ## _data, mac_des3_cmac_ ## vect ## _out)
1291
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1292static const struct xtest_mac_case mac_cases[] = {
1293 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1294 mac_data_md5_key1,
1295 4, mac_data_md5_in1, mac_data_md5_out1),
1296 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1297 mac_data_sha1_key1,
1298 5, mac_data_sha1_in1, mac_data_sha1_out1),
1299 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1300 mac_data_sha224_key1,
1301 8, mac_data_sha224_in1, mac_data_sha224_out1),
1302 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1303 mac_data_sha256_key1,
1304 1, mac_data_sha256_in1, mac_data_sha256_out1),
1305 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1306 mac_data_sha256_key2,
1307 7, mac_data_sha256_in2, mac_data_sha256_out2),
1308 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1309 mac_data_sha384_key1,
1310 11, mac_data_sha384_in1, mac_data_sha384_out1),
1311 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1312 mac_data_sha512_key1,
1313 13, mac_data_sha512_in1, mac_data_sha512_out1),
Jens Wiklander16de19d2022-12-09 18:00:08 +0100[diff] [blame^]1314 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA3_224, TEE_TYPE_HMAC_SHA3_224,
1315 mac_data_sha3_224_key1,
1316 13, mac_data_sha3_224_in1, mac_data_sha3_224_out1),
1317 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA3_256, TEE_TYPE_HMAC_SHA3_256,
1318 mac_data_sha3_256_key1,
1319 13, mac_data_sha3_256_in1, mac_data_sha3_256_out1),
1320 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA3_384, TEE_TYPE_HMAC_SHA3_384,
1321 mac_data_sha3_384_key1,
1322 13, mac_data_sha3_384_in1, mac_data_sha3_384_out1),
1323 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA3_512, TEE_TYPE_HMAC_SHA3_512,
1324 mac_data_sha3_512_key1,
1325 13, mac_data_sha3_512_in1, mac_data_sha3_512_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1326
1327 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1328 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1329 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1330 17),
1331 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1332 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1333 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1334 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1335 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1336 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1337 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1338 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1339
1340 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1341 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1342 ARRAY_SIZE(mac_cmac_vect1_out) },
1343 XTEST_MAC_CMAC_CASE(vect2, 9),
1344 XTEST_MAC_CMAC_CASE(vect3, 9),
1345 XTEST_MAC_CMAC_CASE(vect4, 9),
1346 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1347 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1348 ARRAY_SIZE(mac_cmac_vect5_out) },
1349 XTEST_MAC_CMAC_CASE(vect6, 9),
1350 XTEST_MAC_CMAC_CASE(vect7, 9),
1351 XTEST_MAC_CMAC_CASE(vect8, 9),
1352 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1353 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1354 ARRAY_SIZE(mac_cmac_vect9_out) },
1355 XTEST_MAC_CMAC_CASE(vect10, 9),
1356 XTEST_MAC_CMAC_CASE(vect11, 9),
1357 XTEST_MAC_CMAC_CASE(vect12, 9),
Clement Faure21b347a2021-04-29 13:06:55 +0200[diff] [blame]1358 XTEST_MAC_CMAC_CASE(vect12, 16),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1359
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1360 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect1_key,
1361 ARRAY_SIZE(mac_des3_cmac_vect1_key), 0, NULL, 0, mac_des3_cmac_vect1_out,
1362 ARRAY_SIZE(mac_des3_cmac_vect1_out) },
1363 XTEST_MAC_DES3_CMAC_CASE(vect2, 3),
1364 XTEST_MAC_DES3_CMAC_CASE(vect3, 9),
1365 XTEST_MAC_DES3_CMAC_CASE(vect4, 9),
1366 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect5_key,
1367 ARRAY_SIZE(mac_des3_cmac_vect5_key), 0, NULL, 0, mac_des3_cmac_vect5_out,
1368 ARRAY_SIZE(mac_des3_cmac_vect5_out) },
1369 XTEST_MAC_DES3_CMAC_CASE(vect6, 3),
1370 XTEST_MAC_DES3_CMAC_CASE(vect7, 5),
1371 XTEST_MAC_DES3_CMAC_CASE(vect8, 9),
1372
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1373 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1374 mac_data_sm3_d31_key,
1375 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1376 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1377 mac_data_sm3_d32_key,
1378 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1379};
1380
1381static void xtest_tee_test_4002(ADBG_Case_t *c)
1382{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1383 TEEC_Session session = { };
1384 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1385 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1386 TEE_OperationHandle op3 = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1387 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1388 uint8_t out[64] = { };
1389 size_t out_size = 0;
1390 uint32_t ret_orig = 0;
1391 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1392
1393 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1394 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1395 &ret_orig)))
1396 return;
1397
1398 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1399 TEE_Attribute key_attr = { };
1400 size_t key_size = 0;
1401 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1402
1403 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1404 (int)n, (unsigned int)mac_cases[n].algo);
1405
1406 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1407 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1408 key_attr.content.ref.length = mac_cases[n].key_len;
1409
1410 key_size = key_attr.content.ref.length * 8;
1411 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1412 mac_cases[n].key_type == TEE_TYPE_DES3)
1413 /* Exclude parity in bit size of key */
1414 key_size -= key_size / 8;
1415
1416 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1417 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1418 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1419 goto out;
1420
1421 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1422 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1423 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1424 goto out;
1425
1426 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1427 ta_crypt_cmd_allocate_operation(c, &session, &op3,
1428 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1429 goto out;
1430
1431 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1432 ta_crypt_cmd_allocate_transient_object(c, &session,
1433 mac_cases[n].key_type, key_size, &key_handle)))
1434 goto out;
1435
1436 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1437 ta_crypt_cmd_populate_transient_object(c, &session,
1438 key_handle, &key_attr, 1)))
1439 goto out;
1440
1441 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1442 ta_crypt_cmd_set_operation_key(c, &session, op1,
1443 key_handle)))
1444 goto out;
1445
1446 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1447 ta_crypt_cmd_free_transient_object(c, &session,
1448 key_handle)))
1449 goto out;
1450
1451 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1452 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1453 goto out;
1454
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1455 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1456 ta_crypt_cmd_copy_operation(c, &session, op3, op1)))
1457 goto out;
1458
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1459 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1460 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1461 while (offs + mac_cases[n].in_incr <
1462 mac_cases[n].in_len) {
1463 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1464 ta_crypt_cmd_mac_update(c, &session,
1465 op1, mac_cases[n].in + offs,
1466 mac_cases[n].in_incr)))
1467 goto out;
1468 offs += mac_cases[n].in_incr;
1469 if (!mac_cases[n].multiple_incr)
1470 break;
1471 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1472 }
1473
1474 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1475 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1476 goto out;
1477
1478 out_size = sizeof(out);
1479 memset(out, 0, sizeof(out));
1480 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1481 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1482 mac_cases[n].in + offs,
1483 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1484 out, &out_size)))
1485 goto out;
1486
1487 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1488 mac_cases[n].out_len, out, out_size);
1489
1490 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1491 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1492 goto out;
1493
1494 out_size = sizeof(out);
1495 memset(out, 0, sizeof(out));
1496 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1497 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1498 mac_cases[n].in, mac_cases[n].in_len, out,
1499 &out_size)))
1500 goto out;
1501
1502 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1503 mac_cases[n].out_len, out, out_size);
1504
1505 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1506 ta_crypt_cmd_mac_final_compare(c, &session, op3,
1507 mac_cases[n].in, mac_cases[n].in_len,
1508 mac_cases[n].out, mac_cases[n].out_len)))
1509 goto out;
1510
1511 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1512 ta_crypt_cmd_free_operation(c, &session, op1)))
1513 goto out;
1514
1515 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1516 ta_crypt_cmd_free_operation(c, &session, op2)))
1517 goto out;
1518
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1519 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1520 ta_crypt_cmd_free_operation(c, &session, op3)))
1521 goto out;
1522
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1523 Do_ADBG_EndSubCase(c, NULL);
1524 }
1525out:
1526 TEEC_CloseSession(&session);
1527}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1528ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1529 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1530
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1531static const uint8_t ciph_data_aes_key1[] = {
1532 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1533 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1534};
1535
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1536static const uint8_t ciph_data_aes_key2[] = {
1537 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1538 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1539};
1540
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1541static const uint8_t ciph_data_des_key1[] = {
1542 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1543};
1544
1545static const uint8_t ciph_data_des_key2[] = {
1546 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1547};
1548
1549
1550static const uint8_t ciph_data_des3_key1[] = {
1551 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1552 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1553 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1554};
1555
1556static const uint8_t ciph_data_des3_key2[] = {
1557 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1558 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1559 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1560};
1561
1562static const uint8_t ciph_data_des2_key1[] = {
1563 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1564 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1565};
1566
1567static const uint8_t ciph_data_in1[] = {
1568 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1569 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1570 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1571 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1572 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1573 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1574};
1575
1576static const uint8_t ciph_data_in3[] = {
1577 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1578 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1579 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1580 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1581 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1582 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1583};
1584
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1585static const uint8_t ciph_data_in4[] = {
1586 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1587 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1588 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1589 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1590 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1591 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1592 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1593 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1594};
1595
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1596static const uint8_t ciph_data_in5[] = {
1597 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1598 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1599 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1600 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1601 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1602 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1603 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1604 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1605 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1606 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1607 0x01, 0x01, 0x01
1608};
1609
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1610static const uint8_t ciph_data_128_iv1[] = {
1611 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1612 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1613};
1614
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1615static const uint8_t ciph_data_128_iv2[] = {
1616 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1617 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1618};
1619
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1620static const uint8_t ciph_data_64_iv1[] = {
1621 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1622};
1623
1624static const uint8_t ciph_data_in2[] = {
1625 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1626};
1627
1628static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1629 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1630 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1631 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1632 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1633 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1634 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1635};
1636
1637static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1638 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1639 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1640 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1641 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1642 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1643 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1644};
1645
1646static const uint8_t ciph_data_aes_ctr_out1[] = {
1647 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1648 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1649 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1650 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1651 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1652 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1653};
1654
1655static const uint8_t ciph_data_aes_ctr_out2[] = {
1656 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1657 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1658 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1659 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1660 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1661 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1662};
1663
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1664static const uint8_t ciph_data_aes_ctr_out4[] = {
1665 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1666 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1667 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1668 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1669 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1670 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1671 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1672 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1673};
1674
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1675static const uint8_t ciph_data_aes_ctr_out5[] = {
1676 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1677 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1678 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1679 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1680 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1681 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1682 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1683 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1684 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1685 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1686 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1687};
1688
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1689static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1690 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1691 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1692};
1693
1694static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1695 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1696 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1697};
1698
1699static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1700 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1701 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1702 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1703 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1704 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1705 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1706 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1707 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1708 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1709 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1710 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1711 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1712 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1713 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1714 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1715 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1716 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1717 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1718 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1719 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1720};
1721
1722static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1723 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1724 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1725 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1726 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1727 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1728 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1729 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1730 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1731 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1732 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1733 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1734 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1735 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1736 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1737 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1738 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1739 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1740 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1741 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1742 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1743};
1744
1745/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1746 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1747static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1748 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1749 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1750};
1751
1752static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1753 0x00
1754};
1755
1756static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1757 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1758 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1759 0x20
1760};
1761
1762static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1763 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1764 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1765 0x97
1766};
1767
1768#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1769#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1770static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1771 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1772 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1773 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1774 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1775};
1776
1777static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1778 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1779 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1780 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1781 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1782};
1783
1784#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1785#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1786static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1787 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1788 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1789 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1790 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1791};
1792
1793static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1794 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1795 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1796 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1797 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1798};
1799
1800#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
1801#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
1802static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
1803 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1804 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1805 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1806 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1807 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1808 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
1809};
1810
1811static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
1812 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1813 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1814 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
1815 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
1816 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1817 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
1818};
1819
1820#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
1821#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
1822static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
1823 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1824 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1825 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1826 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1827 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1828 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1829};
1830
1831static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
1832 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1833 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1834 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1835 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1836 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1837 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1838};
1839
1840#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
1841#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
1842static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
1843 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1844 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1845 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1846 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1847 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1848 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1849 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
1850 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
1851};
1852
1853static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
1854 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1855 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1856 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1857 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1858 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
1859 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
1860 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1861 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1862};
1863
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]1864/*
1865 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
1866 * 80 bytes of data, processed in two steps (32 + 48).
1867 */
1868
1869#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
1870
1871static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
1872 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
1873 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
1874};
1875
1876static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
1877 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
1878 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
1879 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
1880 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
1881 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
1882 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
1883 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
1884 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
1885 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
1886 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
1887};
1888
1889/*
1890 * Ciphertext was generated by an online tool for AES CBC.
1891 * Since the input size is a multiple of the block size, and the ciphertext
1892 * format is CS3, the output is the same as plain AES CBC with the last
1893 * two blocks swapped.
1894 */
1895static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
1896 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
1897 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
1898 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
1899 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
1900 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
1901 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
1902 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
1903 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
1904 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
1905 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
1906};
1907
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1908static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
1909 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
1910 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
1911 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
1912 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
1913 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
1914 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
1915};
1916
1917static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
1918 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
1919};
1920
1921static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
1922 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
1923 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
1924 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
1925 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
1926 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
1927 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
1928};
1929
1930static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
1931 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
1932 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
1933 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
1934 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
1935 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
1936 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
1937};
1938
1939static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
1940 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
1941 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
1942 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
1943 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
1944 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
1945 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
1946};
1947
1948static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
1949 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
1950 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
1951 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
1952 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
1953 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
1954 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
1955};
1956
1957static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
1958 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
1959 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
1960 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
1961 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
1962 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
1963 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
1964};
1965
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]1966/* SM4 ECB */
1967
1968static const uint8_t ciph_data_sm4_key1[] = {
1969 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1970 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1971};
1972
1973static const uint8_t ciph_data_sm4_in1[] = {
1974 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1975 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1976};
1977
1978static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
1979 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
1980 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
1981};
1982
1983/*
1984 * SM4 CBC
1985 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
1986 */
1987static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
1988 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1989 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1990};
1991
1992static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
1993 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1994 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1995};
1996
1997static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
1998 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1999 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2000 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2001 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2002};
2003
2004static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
2005 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
2006 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
2007 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
2008 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
2009};
2010
2011/*
2012 * SM4 CBC
2013 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
2014 */
2015static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
2016 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2017 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2018};
2019
2020static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
2021 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2022 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2023};
2024
2025static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
2026 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2027 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2028 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2029 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2030};
2031
2032static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
2033 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
2034 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
2035 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
2036 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
2037};
2038
2039/*
2040 * SM4 CTR
2041 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
2042 */
2043static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
2044 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2045 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2046};
2047
2048static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
2049 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2050 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2051};
2052
2053static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
2054 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2055 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2056 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2057 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2058 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2059 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2060 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2061 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2062};
2063
2064static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
2065 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
2066 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
2067 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
2068 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
2069 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
2070 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
2071 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
2072 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
2073};
2074
2075/*
2076 * SM4 CTR
2077 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
2078 */
2079static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
2080 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2081 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2082};
2083
2084static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
2085 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2086 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2087};
2088
2089static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
2090 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2091 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2092 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2093 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2094 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2095 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2096 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2097 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2098};
2099
2100static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
2101 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
2102 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
2103 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
2104 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
2105 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
2106 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
2107 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
2108 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
2109};
2110
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2111struct xtest_ciph_case {
2112 uint32_t algo;
2113 uint32_t mode;
2114 uint32_t key_type;
2115 const uint8_t *key1;
2116 size_t key1_len;
2117 const uint8_t *key2;
2118 size_t key2_len;
2119 const uint8_t *iv;
2120 size_t iv_len;
2121 size_t in_incr;
2122 const uint8_t *in;
2123 size_t in_len;
2124 const uint8_t *out;
2125 size_t out_len;
2126 size_t line;
2127};
2128
2129#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2130 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2131 NULL, 0, NULL, 0, \
2132 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2133 __LINE__ }, \
2134 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2135 NULL, 0, NULL, 0, \
2136 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2137
2138#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2139 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2140 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2141 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2142 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2143 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2144 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2145
2146#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2147 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2148 ciph_data_aes_xts_ ## vect ## _key1, \
2149 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2150 ciph_data_aes_xts_ ## vect ## _key2, \
2151 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2152 ciph_data_aes_xts_ ## vect ## _iv, \
2153 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2154 (in_incr), \
2155 ciph_data_aes_xts_ ## vect ## _ptx, \
2156 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2157 ciph_data_aes_xts_ ## vect ## _ctx, \
2158 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2159 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2160 ciph_data_aes_xts_ ## vect ## _key1, \
2161 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2162 ciph_data_aes_xts_ ## vect ## _key2, \
2163 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2164 ciph_data_aes_xts_ ## vect ## _iv, \
2165 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2166 (in_incr), \
2167 ciph_data_aes_xts_ ## vect ## _ctx, \
2168 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2169 ciph_data_aes_xts_ ## vect ## _ptx, \
2170 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2171
2172#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2173 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2174 ciph_data_aes_cbc_ ## vect ## _key, \
2175 ciph_data_aes_cbc_ ## vect ## _iv, \
2176 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2177 ciph_data_aes_cbc_ ## vect ## _ctx)
2178
2179#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2180 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2181 ciph_data_aes_cts_ ## vect ## _key, \
2182 ciph_data_aes_cts_ ## vect ## _iv, \
2183 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2184 ciph_data_aes_cts_ ## vect ## _ctx)
2185
2186static const struct xtest_ciph_case ciph_cases[] = {
2187 /* AES */
2188 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2189 ciph_data_aes_key1, 11, ciph_data_in1,
2190 ciph_data_aes_ecb_nopad_out1),
2191 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2192 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2193 ciph_data_in1,
2194 ciph_data_aes_cbc_nopad_out1),
2195 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2196 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2197 ciph_data_in1,
2198 ciph_data_aes_ctr_out1),
2199 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2200 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2201 ciph_data_in3,
2202 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2203 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2204 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2205 ciph_data_in3,
2206 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2207 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2208 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2209 ciph_data_in4,
2210 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2211 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2212 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2213 ciph_data_in5,
2214 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2215
2216 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2217 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2218
2219 /* AES-CTS */
2220 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2221 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2222 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2223 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2224 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2225 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2226 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2227 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2228
2229 /* DES */
2230 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2231 ciph_data_des_key1, 14, ciph_data_in1,
2232 ciph_data_des_ecb_nopad_out1),
2233 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2234 ciph_data_des_key2, 3, ciph_data_in2,
2235 ciph_data_des_ecb_nopad_out2),
2236 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2237 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2238 ciph_data_des_cbc_nopad_out1),
2239
2240 /* DES3 */
2241 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2242 ciph_data_des3_key1, 11, ciph_data_in1,
2243 ciph_data_des3_ecb_nopad_out1),
2244 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2245 ciph_data_des3_key2, 3, ciph_data_in2,
2246 ciph_data_des_ecb_nopad_out2),
2247 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2248 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2249 ciph_data_in1,
2250 ciph_data_des3_cbc_nopad_out1),
2251
2252 /* DES2 */
2253 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2254 ciph_data_des2_key1, 11, ciph_data_in1,
2255 ciph_data_des2_ecb_nopad_out1),
2256 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2257 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2258 ciph_data_in1,
2259 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2260
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2261 /* AES-XTS */
2262 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2263 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2264 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2265 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2266 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2267 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2268 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2269 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2270 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2271 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2272 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2273 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2274 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2275 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2276 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2277 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2278 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2279 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2280 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2281
2282 /* SM4 */
2283 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2284 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2285 ciph_data_sm4_ecb_nopad_out1),
2286 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2287 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2288 11, ciph_data_sm4_cbc_a221_in,
2289 ciph_data_sm4_cbc_a221_out),
2290 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2291 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2292 11, ciph_data_sm4_cbc_a222_in,
2293 ciph_data_sm4_cbc_a222_out),
2294 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2295 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2296 11, ciph_data_sm4_ctr_a251_in,
2297 ciph_data_sm4_ctr_a251_out),
2298 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2299 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2300 11, ciph_data_sm4_ctr_a252_in,
2301 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2302};
2303
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2304static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2305{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2306 TEEC_Session session = { };
2307 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2308 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2309 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2310 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2311 uint8_t out[2048] = { };
2312 size_t out_size = 0;
2313 size_t out_offs = 0;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2314 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2315 uint32_t ret_orig = 0;
2316 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2317
2318 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2319 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2320 &ret_orig)))
2321 return;
2322
2323 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2324 TEE_Attribute key_attr = { };
2325 size_t key_size = 0;
2326 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2327
Jerome Forissier817d99f2020-01-22 16:33:12 +0100[diff] [blame]2328 switch (ciph_cases[n].algo) {
2329 case TEE_ALG_SM4_CTR:
2330 case TEE_ALG_SM4_CBC_NOPAD:
2331 case TEE_ALG_SM4_ECB_NOPAD:
2332 if (!ta_crypt_cmd_is_algo_supported(c, &session,
2333 ciph_cases[n].algo, TEE_CRYPTO_ELEMENT_NONE)) {
2334 Do_ADBG_Log("SM4 not supported: skip subcase");
2335 continue;
2336 }
2337 break;
2338 default:
2339 break;
2340 }
2341
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2342 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2343 (int)n, (unsigned int)ciph_cases[n].algo,
2344 (int)ciph_cases[n].line);
2345
2346 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2347 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2348 key_attr.content.ref.length = ciph_cases[n].key1_len;
2349
2350 key_size = key_attr.content.ref.length * 8;
2351 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2352 ciph_cases[n].key_type == TEE_TYPE_DES3)
2353 /* Exclude parity in bit size of key */
2354 key_size -= key_size / 8;
2355
2356 op_key_size = key_size;
2357 if (ciph_cases[n].key2 != NULL)
2358 op_key_size *= 2;
2359
2360 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2361 ta_crypt_cmd_allocate_operation(c, &session, &op,
2362 ciph_cases[n].algo, ciph_cases[n].mode,
2363 op_key_size)))
2364 goto out;
2365
2366 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2367 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2368 ciph_cases[n].algo, ciph_cases[n].mode,
2369 op_key_size)))
2370 goto out;
2371
2372 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2373 ta_crypt_cmd_allocate_transient_object(c, &session,
2374 ciph_cases[n].key_type, key_size,
2375 &key1_handle)))
2376 goto out;
2377
2378 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2379 ta_crypt_cmd_populate_transient_object(c, &session,
2380 key1_handle, &key_attr, 1)))
2381 goto out;
2382
2383 if (ciph_cases[n].key2 != NULL) {
2384 key_attr.content.ref.buffer =
2385 (void *)ciph_cases[n].key2;
2386 key_attr.content.ref.length = ciph_cases[n].key2_len;
2387
2388 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2389 ta_crypt_cmd_allocate_transient_object(c,
2390 &session, ciph_cases[n].key_type,
2391 key_attr.content.ref.length * 8,
2392 &key2_handle)))
2393 goto out;
2394
2395 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2396 ta_crypt_cmd_populate_transient_object(c,
2397 &session, key2_handle, &key_attr, 1)))
2398 goto out;
2399
2400 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2401 ta_crypt_cmd_set_operation_key2(c, &session, op,
2402 key1_handle, key2_handle)))
2403 goto out;
2404 } else {
2405 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2406 ta_crypt_cmd_set_operation_key(c, &session, op,
2407 key1_handle)))
2408 goto out;
2409 }
2410
2411 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2412 ta_crypt_cmd_free_transient_object(c, &session,
2413 key1_handle)))
2414 goto out;
2415 key1_handle = TEE_HANDLE_NULL;
2416
2417 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2418 ta_crypt_cmd_free_transient_object(c, &session,
2419 key2_handle)))
2420 goto out;
2421 key2_handle = TEE_HANDLE_NULL;
2422
2423 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2424 ta_crypt_cmd_cipher_init(c, &session, op,
2425 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2426 goto out;
2427
2428 out_offs = 0;
2429 out_size = sizeof(out);
2430 memset(out, 0, sizeof(out));
2431 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2432 ta_crypt_cmd_cipher_update(c, &session, op,
2433 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2434 &out_size)))
2435 goto out;
2436
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2437 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2438 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2439 ciph_cases[n].in_incr);
2440
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2441 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2442 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2443 goto out;
2444
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2445 out_offs += out_size;
2446 out_size = sizeof(out) - out_offs;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2447 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2448
2449 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2450 ta_crypt_cmd_cipher_do_final(c, &session, op,
2451 ciph_cases[n].in + ciph_cases[n].in_incr,
2452 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2453 out + out_offs,
2454 &out_size)))
2455 goto out;
2456
2457 out_offs += out_size;
2458
2459 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2460 ciph_cases[n].out_len, out, out_offs);
2461
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2462 /* test on the copied op2 */
2463 out_size = sizeof(out) - out_offs2;
2464
2465 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2466 ta_crypt_cmd_cipher_do_final(c, &session, op2,
2467 ciph_cases[n].in + ciph_cases[n].in_incr,
2468 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2469 out + out_offs2,
2470 &out_size)))
2471 goto out;
2472
2473 out_offs2 += out_size;
2474
2475 ADBG_EXPECT_BUFFER(c, ciph_cases[n].out, ciph_cases[n].out_len,
2476 out, out_offs2);
2477
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2478 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2479 ta_crypt_cmd_free_operation(c, &session, op)))
2480 goto out;
2481
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2482 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2483 ta_crypt_cmd_free_operation(c, &session, op2)))
2484 goto out;
2485
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2486 Do_ADBG_EndSubCase(c, NULL);
2487 }
2488out:
2489 TEEC_CloseSession(&session);
2490}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2491ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2492 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2493
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2494static void xtest_tee_test_4004(ADBG_Case_t *c)
2495{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2496 TEEC_Session session = { };
2497 uint32_t ret_orig = 0;
2498 uint8_t buf1[45] = { };
2499 uint8_t buf2[45] = { };
2500 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2501
2502 Do_ADBG_BeginSubCase(c, "TEE get random");
2503 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2504 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2505 &ret_orig)))
2506 return;
2507
2508 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2509 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2510 sizeof(buf1))))
2511 goto out;
2512
2513 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2514 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2515
2516 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2517 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2518 sizeof(buf2))))
2519 goto out;
2520
2521 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2522 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2523
2524 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2525 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2526out:
2527 TEEC_CloseSession(&session);
2528 Do_ADBG_EndSubCase(c, "TEE get random");
2529}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2530ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2531 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2532
2533struct xtest_ae_case {
2534 uint32_t algo;
2535 uint32_t mode;
2536 uint32_t key_type;
2537 const uint8_t *key;
2538 size_t key_len;
2539 const uint8_t *nonce;
2540 size_t nonce_len;
2541 size_t aad_incr;
2542 const uint8_t *aad;
2543 size_t aad_len;
2544 size_t in_incr;
2545 const uint8_t *ptx;
2546 size_t ptx_len;
2547 const uint8_t *ctx;
2548 size_t ctx_len;
2549 const uint8_t *tag;
2550 size_t tag_len;
2551 size_t line;
2552};
2553
2554
2555#define ARRAY(a) a, ARRAY_SIZE(a)
2556#define NULL_ARRAY(a) NULL, 0
2557
2558#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2559 aad_array, ptx_array, ctx_array) \
2560 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2561 ARRAY(vect ## _nonce), (aad_incr), \
2562 aad_array(vect ## _aad), (in_incr), \
2563 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2564 ARRAY(vect ## _tag), \
2565 __LINE__ }, \
2566 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2567 ARRAY(vect ## _nonce), (aad_incr), \
2568 aad_array(vect ## _aad), (in_incr), \
2569 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2570 ARRAY(vect ## _tag), \
2571 __LINE__ }
2572
2573#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2574 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2575 in_incr, ARRAY, ARRAY, ARRAY)
2576
2577#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2578 aad_array, ptx_array, ctx_array) \
2579 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2580 in_incr, aad_array, ptx_array, ctx_array)
2581
2582
2583
2584static const struct xtest_ae_case ae_cases[] = {
2585 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2586 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2587 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2588
2589 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2590 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2591 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2592 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2593 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2594 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2595 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2596 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2597 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2598 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2599 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2600 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2601 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2602 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2603 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2604 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2605 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2606 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2607 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2608#ifdef CFG_GCM_NIST_VECTORS
2609#include "gcmDecrypt128.h"
2610#include "gcmDecrypt192.h"
2611#include "gcmDecrypt256.h"
2612#include "gcmEncryptExtIV128.h"
2613#include "gcmEncryptExtIV192.h"
2614#include "gcmEncryptExtIV256.h"
2615#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2616};
2617
2618static void xtest_tee_test_4005(ADBG_Case_t *c)
2619{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2620 TEEC_Session session = { };
2621 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2622 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2623 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2624 TEE_Attribute key_attr = { };
2625 uint8_t out[512] = { };
2626 size_t out_size = 0;
2627 size_t out_offs = 0;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2628 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2629 uint32_t ret_orig = 0;
2630 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2631
2632 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2633 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2634 &ret_orig)))
2635 return;
2636
2637 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2638 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2639 (int)n, (unsigned int)ae_cases[n].algo,
2640 (int)ae_cases[n].line);
2641
2642 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2643 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2644 key_attr.content.ref.length = ae_cases[n].key_len;
2645
2646 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2647 ta_crypt_cmd_allocate_operation(c, &session, &op,
2648 ae_cases[n].algo, ae_cases[n].mode,
2649 key_attr.content.ref.length * 8)))
2650 goto out;
2651
2652 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2653 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2654 ae_cases[n].algo, ae_cases[n].mode,
2655 key_attr.content.ref.length * 8)))
2656 goto out;
2657
2658 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2659 ta_crypt_cmd_allocate_transient_object(c, &session,
2660 ae_cases[n].key_type,
2661 key_attr.content.ref.length * 8,
2662 &key_handle)))
2663 goto out;
2664
2665 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2666 ta_crypt_cmd_populate_transient_object(c, &session,
2667 key_handle, &key_attr, 1)))
2668 goto out;
2669
2670 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2671 ta_crypt_cmd_set_operation_key(c, &session, op,
2672 key_handle)))
2673 goto out;
2674
2675 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2676 ta_crypt_cmd_free_transient_object(c, &session,
2677 key_handle)))
2678 goto out;
2679 key_handle = TEE_HANDLE_NULL;
2680
2681 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2682 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2683 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2684 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2685 goto out;
2686
2687 if (ae_cases[n].aad != NULL) {
2688 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2689 ta_crypt_cmd_ae_update_aad(c, &session, op,
2690 ae_cases[n].aad, ae_cases[n].aad_incr)))
2691 goto out;
2692
2693 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2694 ta_crypt_cmd_ae_update_aad(c, &session, op,
2695 ae_cases[n].aad + ae_cases[n].aad_incr,
2696 ae_cases [n].aad_len -
2697 ae_cases[n].aad_incr)))
2698 goto out;
2699 }
2700
2701 out_offs = 0;
2702 out_size = sizeof(out);
2703 memset(out, 0, sizeof(out));
2704 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2705 if (ae_cases[n].ptx != NULL) {
2706 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2707 ta_crypt_cmd_ae_update(c, &session, op,
2708 ae_cases[n].ptx,
2709 ae_cases[n].in_incr, out,
2710 &out_size)))
2711 goto out;
2712 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2713 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2714 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2715 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2716 }
2717 } else {
2718 if (ae_cases[n].ctx != NULL) {
2719 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2720 ta_crypt_cmd_ae_update(c, &session, op,
2721 ae_cases[n].ctx,
2722 ae_cases[n].in_incr, out,
2723 &out_size)))
2724 goto out;
2725 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2726 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2727 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2728 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2729 }
2730 }
2731
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2732 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2733 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2734 goto out;
2735
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2736 out_size = sizeof(out) - out_offs;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2737 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2738 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2739 uint8_t out_tag[64];
2740 size_t out_tag_len = MIN(sizeof(out_tag),
2741 ae_cases[n].tag_len);
2742
2743 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2744 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2745 ae_cases[n].ptx + ae_cases[n].in_incr,
2746 ae_cases[n].ptx_len -
2747 ae_cases[n].in_incr,
2748 out + out_offs,
2749 &out_size, out_tag, &out_tag_len)))
2750 goto out;
2751
2752 (void)ADBG_EXPECT_BUFFER(c,
2753 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2754 out_tag_len);
2755
2756 out_offs += out_size;
2757
2758 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2759 ae_cases[n].ctx_len, out, out_offs);
2760 } else {
2761 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2762 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2763 ae_cases[n].ctx + ae_cases[n].in_incr,
2764 ae_cases[n].ctx_len -
2765 ae_cases[n].in_incr,
2766 out + out_offs,
2767 &out_size, ae_cases[n].tag,
2768 ae_cases[n].tag_len)))
2769 goto out;
2770
2771 out_offs += out_size;
2772
2773 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2774 ae_cases[n].ptx_len, out, out_offs);
2775 }
2776
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2777 /* test on the copied op2 */
2778 out_size = sizeof(out) - out_offs2;
2779 memset(out + out_offs2, 0, out_size);
2780 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2781 uint8_t out_tag[64] = { 0 };
2782 size_t out_tag_len = MIN(sizeof(out_tag),
2783 ae_cases[n].tag_len);
2784
2785 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2786 ta_crypt_cmd_ae_encrypt_final(c, &session, op2,
2787 ae_cases[n].ptx + ae_cases[n].in_incr,
2788 ae_cases[n].ptx_len -
2789 ae_cases[n].in_incr,
2790 out + out_offs2,
2791 &out_size, out_tag, &out_tag_len)))
2792 goto out;
2793
2794 ADBG_EXPECT_BUFFER(c, ae_cases[n].tag,
2795 ae_cases[n].tag_len, out_tag,
2796 out_tag_len);
2797
2798 out_offs2 += out_size;
2799
2800 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2801 ae_cases[n].ctx_len, out, out_offs2);
2802 } else {
2803 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2804 ta_crypt_cmd_ae_decrypt_final(c, &session, op2,
2805 ae_cases[n].ctx + ae_cases[n].in_incr,
2806 ae_cases[n].ctx_len -
2807 ae_cases[n].in_incr,
2808 out + out_offs2,
2809 &out_size, ae_cases[n].tag,
2810 ae_cases[n].tag_len)))
2811 goto out;
2812
2813 out_offs2 += out_size;
2814
2815 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2816 ae_cases[n].ptx_len, out, out_offs2);
2817 }
2818
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2819 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2820 ta_crypt_cmd_free_operation(c, &session, op)))
2821 goto out;
2822
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2823 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2824 ta_crypt_cmd_free_operation(c, &session, op2)))
2825 goto out;
2826
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2827 Do_ADBG_EndSubCase(c, NULL);
2828 }
2829out:
2830 TEEC_CloseSession(&session);
2831}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2832ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
2833 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2834
2835struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2836 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2837 uint32_t algo;
2838 TEE_OperationMode mode;
2839
2840 union {
2841 struct {
2842 const uint8_t *modulus;
2843 size_t modulus_len;
2844
2845 const uint8_t *pub_exp;
2846 size_t pub_exp_len;
2847
2848 const uint8_t *priv_exp;
2849 size_t priv_exp_len;
2850
2851 const uint8_t *prime1; /* q */
2852 size_t prime1_len;
2853 const uint8_t *prime2; /* p */
2854 size_t prime2_len;
2855 const uint8_t *exp1; /* dp */
2856 size_t exp1_len;
2857 const uint8_t *exp2; /* dq */
2858 size_t exp2_len;
2859 const uint8_t *coeff; /* iq */
2860 size_t coeff_len;
2861
2862 int salt_len;
2863 } rsa;
2864 struct {
2865 const uint8_t *prime;
2866 size_t prime_len;
2867 const uint8_t *sub_prime;
2868 size_t sub_prime_len;
2869 const uint8_t *base;
2870 size_t base_len;
2871 const uint8_t *pub_val;
2872 size_t pub_val_len;
2873 const uint8_t *priv_val;
2874 size_t priv_val_len;
2875 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2876 struct {
2877 const uint8_t *private;
2878 size_t private_len;
2879 const uint8_t *public_x;
2880 size_t public_x_len;
2881 const uint8_t *public_y;
2882 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2883 } ecc;
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]2884 struct {
2885 const uint8_t *private;
2886 size_t private_len;
2887 const uint8_t *public;
2888 size_t public_len;
2889 const uint8_t flag;
2890 const uint8_t *context;
2891 size_t context_len;
2892 } eddsa;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2893 } params;
2894
2895 const uint8_t *ptx;
2896 size_t ptx_len;
2897 const uint8_t *ctx;
2898 size_t ctx_len;
2899 size_t line;
2900};
2901
2902#define WITHOUT_SALT(x) -1
2903#define WITH_SALT(x) x
2904
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2905#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2906 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2907 ARRAY(vect ## _ptx), \
2908 ARRAY(vect ## _out), \
2909 __LINE__ }
2910
2911#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2912 { .rsa = { \
2913 ARRAY(vect ## _modulus), \
2914 ARRAY(vect ## _pub_exp), \
2915 ARRAY(vect ## _priv_exp), \
2916 opt_crt_array(vect ## _prime1), \
2917 opt_crt_array(vect ## _prime2), \
2918 opt_crt_array(vect ## _exp1), \
2919 opt_crt_array(vect ## _exp2), \
2920 opt_crt_array(vect ## _coeff), \
2921 opt_salt(vect ## _salt_len) \
2922 } }
2923
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2924#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2925 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2926 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2927
2928#define XTEST_AC_DSA_UNION(vect) \
2929 { .dsa = { \
2930 ARRAY(vect ## _prime), \
2931 ARRAY(vect ## _sub_prime), \
2932 ARRAY(vect ## _base), \
2933 ARRAY(vect ## _pub_val), \
2934 ARRAY(vect ## _priv_val), \
2935 } }
2936
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2937#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2938 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2939
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2940#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2941 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2942 ARRAY(vect ## _private), \
2943 ARRAY(vect ## _public_x), \
2944 ARRAY(vect ## _public_y), \
2945 } }
2946
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2947#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2948 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2949
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]2950#define XTEST_AC_EDDSA_UNION(vect, flag) \
2951 { .eddsa = { \
2952 ARRAY(vect ## _private), \
2953 ARRAY(vect ## _public), \
2954 flag, \
2955 } }
2956
2957#define XTEST_AC_EDDSA_CTX_UNION(vect, flag) \
2958 { .eddsa = { \
2959 ARRAY(vect ## _private), \
2960 ARRAY(vect ## _public), \
2961 flag, \
2962 ARRAY(vect ## _context), \
2963 } }
2964
2965#define XTEST_AC_EDDSA_CASE(level, algo, mode, vect, flag) \
2966 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_EDDSA_UNION(vect, flag))
2967
2968#define XTEST_AC_EDDSA_CTX_CASE(level, algo, mode, vect, flag) \
2969 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_EDDSA_CTX_UNION(vect, flag))
2970
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2971static const struct xtest_ac_case xtest_ac_cases[] = {
2972 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2973 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2974 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2975 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2976 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2977 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2978 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2979 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2980 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2981 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2982 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2983 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2984 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2985 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2986 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2987 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2988 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2989 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2990 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2991 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2992 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2993 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2994 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2995 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2996 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2997 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2998 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2999 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3000 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3001 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3002 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3003 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3004 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3005 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3006 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3007 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3008 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3009 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3010 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
3011 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3012 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3013
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3014 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3015 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3016 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3017 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3018
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3019#ifdef CFG_CRYPTO_RSASSA_NA1
3020 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
3021 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3022 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
3023 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3024#endif
3025
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3026 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3027 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3028 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3029 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3030
3031 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3032 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3033 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3034 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3035
3036 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3037 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3038 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3039 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3040
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3041 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3042 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3043 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3044 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3045 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3046
3047 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3048 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3049 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3050 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3051 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3052 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3053
3054 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3055 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3056 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3057 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3058 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3059 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3060
3061 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3062 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3063 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3064 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3065 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3066 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3067
3068 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3069 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3070 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3071 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3072 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3073 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3074
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3075 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3076 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3077 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3078 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3079 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3080 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3081 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3082 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3083 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3084 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3085 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3086 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3087
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3088 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3089 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3090 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3091 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3092 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3093 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3094 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3095 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3096 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3097 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3098 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3099 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3100 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3101 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3102 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3103 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3104 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3105 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3106
3107 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3108 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3109 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3110 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3111 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3112 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3113 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3114 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3115 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3116 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3117 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3118 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3119 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3120 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3121 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3122 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3123 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3124 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3125 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3126 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3127 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3128 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3129 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3130 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3131 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3132 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3133 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3134 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3135 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3136 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3137 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3138 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3139 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3140 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3141 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3142 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3143 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3144 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3145 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3146 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3147 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3148 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3149 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3150 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3151 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3152
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3153 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3154 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3155 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3156 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3157 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3158 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3159 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3160 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3161 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3162 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3163 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3164 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3165 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3166 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3167 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3168 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3169 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3170 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3171 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3172 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3173 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3174 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3175 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3176 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3177 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3178 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3179 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3180 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3181 ac_rsassa_vect15, ARRAY, WITH_SALT),
3182
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3183 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3184 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3185 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3186 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3187 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3188 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3189 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3190 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3191 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3192 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3193 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3194 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3195
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3196 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3197 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3198 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3199 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3200 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3201 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3202 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3203 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3204 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3205 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3206 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3207 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3208 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3209 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3210 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3211 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3212 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3213 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3214
3215 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3216 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3217 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3218 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3219 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3220 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3221 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3222 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3223 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3224 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3225 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3226 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3227 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3228 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3229 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3230 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3231 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3232 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3233 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3234 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3235 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3236 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3237 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3238 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3239 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3240 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3241 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3242 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3243 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3244 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3245 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3246 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3247 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3248 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3249 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3250 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3251 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3252 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3253 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3254 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3255 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3256 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3257 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3258 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3259 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3260 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3261 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3262 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3263 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3264 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3265 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3266 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3267 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3268 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3269 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3270 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3271 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3272 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3273 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3274 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3275 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3276 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3277 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3278 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3279 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3280 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3281 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3282 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3283 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3284 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3285 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3286 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3287 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3288 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3289 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3290 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3291 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3292 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3293 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3294 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3295 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3296 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3297 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3298 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3299 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3300 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3301 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3302 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3303 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3304 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3305 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3306 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3307 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3308 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3309 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3310 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3311 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3312 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3313 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3314 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3315 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3316 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3317 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3318 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3319 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3320 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3321 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3322 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3323 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3324 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3325 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3326 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3327 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3328 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3329 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3330 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3331 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3332 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3333 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3334 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3335 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3336 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3337 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3338 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3339 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3340 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3341 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3342 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3343 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3344 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3345 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3346 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3347 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3348 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3349 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3350 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3351 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3352 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3353 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3354 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3355 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3356 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3357 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3358 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3359 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3360 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3361 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3362 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3363 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3364 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3365 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3366 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3367 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3368 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3369 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3370 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3371 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3372 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3373 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3374 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3375 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3376 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3377 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3378 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3379 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3380 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3381 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3382 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3383 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3384 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3385 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3386 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3387 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3388 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3389 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3390 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3391 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3392 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3393 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3394 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3395 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3396 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3397 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3398 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3399 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3400 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3401 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3402 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3403 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3404 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3405 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3406 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3407 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3408 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3409 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3410 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3411 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3412 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3413 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3414 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3415 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3416
3417 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3418 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3419 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3420 nist_186_2_ecdsa_testvector_1),
3421 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3422 nist_186_2_ecdsa_testvector_1),
3423 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3424 nist_186_2_ecdsa_testvector_2),
3425 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3426 nist_186_2_ecdsa_testvector_2),
3427 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3428 nist_186_2_ecdsa_testvector_3),
3429 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3430 nist_186_2_ecdsa_testvector_3),
3431 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3432 nist_186_2_ecdsa_testvector_4),
3433 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3434 nist_186_2_ecdsa_testvector_4),
3435 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3436 nist_186_2_ecdsa_testvector_5),
3437 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3438 nist_186_2_ecdsa_testvector_5),
3439 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3440 nist_186_2_ecdsa_testvector_6),
3441 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3442 nist_186_2_ecdsa_testvector_6),
3443 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3444 nist_186_2_ecdsa_testvector_7),
3445 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3446 nist_186_2_ecdsa_testvector_7),
3447 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3448 nist_186_2_ecdsa_testvector_8),
3449 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3450 nist_186_2_ecdsa_testvector_8),
3451 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3452 nist_186_2_ecdsa_testvector_9),
3453 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3454 nist_186_2_ecdsa_testvector_9),
3455 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3456 nist_186_2_ecdsa_testvector_10),
3457 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3458 nist_186_2_ecdsa_testvector_10),
3459 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3460 nist_186_2_ecdsa_testvector_11),
3461 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3462 nist_186_2_ecdsa_testvector_11),
3463 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3464 nist_186_2_ecdsa_testvector_12),
3465 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3466 nist_186_2_ecdsa_testvector_12),
3467 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3468 nist_186_2_ecdsa_testvector_13),
3469 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3470 nist_186_2_ecdsa_testvector_13),
3471 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3472 nist_186_2_ecdsa_testvector_14),
3473 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3474 nist_186_2_ecdsa_testvector_14),
3475 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3476 nist_186_2_ecdsa_testvector_15),
3477 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3478 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3479 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3480 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3481 nist_186_2_ecdsa_testvector_16),
3482 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3483 nist_186_2_ecdsa_testvector_16),
3484 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3485 nist_186_2_ecdsa_testvector_17),
3486 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3487 nist_186_2_ecdsa_testvector_17),
3488 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3489 nist_186_2_ecdsa_testvector_18),
3490 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3491 nist_186_2_ecdsa_testvector_18),
3492 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3493 nist_186_2_ecdsa_testvector_19),
3494 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3495 nist_186_2_ecdsa_testvector_19),
3496 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3497 nist_186_2_ecdsa_testvector_20),
3498 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3499 nist_186_2_ecdsa_testvector_20),
3500 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3501 nist_186_2_ecdsa_testvector_21),
3502 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3503 nist_186_2_ecdsa_testvector_21),
3504 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3505 nist_186_2_ecdsa_testvector_22),
3506 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3507 nist_186_2_ecdsa_testvector_22),
3508 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3509 nist_186_2_ecdsa_testvector_23),
3510 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3511 nist_186_2_ecdsa_testvector_23),
3512 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3513 nist_186_2_ecdsa_testvector_24),
3514 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3515 nist_186_2_ecdsa_testvector_24),
3516 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3517 nist_186_2_ecdsa_testvector_25),
3518 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3519 nist_186_2_ecdsa_testvector_25),
3520 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3521 nist_186_2_ecdsa_testvector_26),
3522 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3523 nist_186_2_ecdsa_testvector_26),
3524 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3525 nist_186_2_ecdsa_testvector_27),
3526 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3527 nist_186_2_ecdsa_testvector_27),
3528 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3529 nist_186_2_ecdsa_testvector_28),
3530 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3531 nist_186_2_ecdsa_testvector_28),
3532 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3533 nist_186_2_ecdsa_testvector_29),
3534 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3535 nist_186_2_ecdsa_testvector_29),
3536 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3537 nist_186_2_ecdsa_testvector_30),
3538 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3539 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3540 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3541 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3542 nist_186_2_ecdsa_testvector_31),
3543 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3544 nist_186_2_ecdsa_testvector_31),
3545 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3546 nist_186_2_ecdsa_testvector_32),
3547 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3548 nist_186_2_ecdsa_testvector_32),
3549 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3550 nist_186_2_ecdsa_testvector_33),
3551 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3552 nist_186_2_ecdsa_testvector_33),
3553 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3554 nist_186_2_ecdsa_testvector_34),
3555 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3556 nist_186_2_ecdsa_testvector_34),
3557 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3558 nist_186_2_ecdsa_testvector_35),
3559 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3560 nist_186_2_ecdsa_testvector_35),
3561 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3562 nist_186_2_ecdsa_testvector_36),
3563 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3564 nist_186_2_ecdsa_testvector_36),
3565 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3566 nist_186_2_ecdsa_testvector_37),
3567 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3568 nist_186_2_ecdsa_testvector_37),
3569 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3570 nist_186_2_ecdsa_testvector_38),
3571 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3572 nist_186_2_ecdsa_testvector_38),
3573 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3574 nist_186_2_ecdsa_testvector_39),
3575 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3576 nist_186_2_ecdsa_testvector_39),
3577 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3578 nist_186_2_ecdsa_testvector_40),
3579 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3580 nist_186_2_ecdsa_testvector_40),
3581 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3582 nist_186_2_ecdsa_testvector_41),
3583 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3584 nist_186_2_ecdsa_testvector_41),
3585 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3586 nist_186_2_ecdsa_testvector_42),
3587 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3588 nist_186_2_ecdsa_testvector_42),
3589 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3590 nist_186_2_ecdsa_testvector_43),
3591 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3592 nist_186_2_ecdsa_testvector_43),
3593 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3594 nist_186_2_ecdsa_testvector_44),
3595 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3596 nist_186_2_ecdsa_testvector_44),
3597 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3598 nist_186_2_ecdsa_testvector_45),
3599 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3600 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3601 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3602 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3603 nist_186_2_ecdsa_testvector_46),
3604 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3605 nist_186_2_ecdsa_testvector_46),
3606 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3607 nist_186_2_ecdsa_testvector_47),
3608 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3609 nist_186_2_ecdsa_testvector_47),
3610 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3611 nist_186_2_ecdsa_testvector_48),
3612 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3613 nist_186_2_ecdsa_testvector_48),
3614 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3615 nist_186_2_ecdsa_testvector_49),
3616 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3617 nist_186_2_ecdsa_testvector_49),
3618 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3619 nist_186_2_ecdsa_testvector_50),
3620 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3621 nist_186_2_ecdsa_testvector_50),
3622 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3623 nist_186_2_ecdsa_testvector_51),
3624 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3625 nist_186_2_ecdsa_testvector_51),
3626 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3627 nist_186_2_ecdsa_testvector_52),
3628 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3629 nist_186_2_ecdsa_testvector_52),
3630 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3631 nist_186_2_ecdsa_testvector_53),
3632 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3633 nist_186_2_ecdsa_testvector_53),
3634 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3635 nist_186_2_ecdsa_testvector_54),
3636 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3637 nist_186_2_ecdsa_testvector_54),
3638 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3639 nist_186_2_ecdsa_testvector_55),
3640 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3641 nist_186_2_ecdsa_testvector_55),
3642 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3643 nist_186_2_ecdsa_testvector_56),
3644 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3645 nist_186_2_ecdsa_testvector_56),
3646 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3647 nist_186_2_ecdsa_testvector_57),
3648 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3649 nist_186_2_ecdsa_testvector_57),
3650 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3651 nist_186_2_ecdsa_testvector_58),
3652 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3653 nist_186_2_ecdsa_testvector_58),
3654 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3655 nist_186_2_ecdsa_testvector_59),
3656 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3657 nist_186_2_ecdsa_testvector_59),
3658 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3659 nist_186_2_ecdsa_testvector_60),
3660 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3661 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3662 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3663 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3664 nist_186_2_ecdsa_testvector_61),
3665 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3666 nist_186_2_ecdsa_testvector_61),
3667 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3668 nist_186_2_ecdsa_testvector_62),
3669 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3670 nist_186_2_ecdsa_testvector_62),
3671 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3672 nist_186_2_ecdsa_testvector_63),
3673 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3674 nist_186_2_ecdsa_testvector_63),
3675 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3676 nist_186_2_ecdsa_testvector_64),
3677 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3678 nist_186_2_ecdsa_testvector_64),
3679 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3680 nist_186_2_ecdsa_testvector_65),
3681 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3682 nist_186_2_ecdsa_testvector_65),
3683 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3684 nist_186_2_ecdsa_testvector_66),
3685 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3686 nist_186_2_ecdsa_testvector_66),
3687 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3688 nist_186_2_ecdsa_testvector_67),
3689 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3690 nist_186_2_ecdsa_testvector_67),
3691 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3692 nist_186_2_ecdsa_testvector_68),
3693 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3694 nist_186_2_ecdsa_testvector_68),
3695 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3696 nist_186_2_ecdsa_testvector_69),
3697 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3698 nist_186_2_ecdsa_testvector_69),
3699 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3700 nist_186_2_ecdsa_testvector_70),
3701 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3702 nist_186_2_ecdsa_testvector_70),
3703 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3704 nist_186_2_ecdsa_testvector_71),
3705 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3706 nist_186_2_ecdsa_testvector_71),
3707 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3708 nist_186_2_ecdsa_testvector_72),
3709 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3710 nist_186_2_ecdsa_testvector_72),
3711 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3712 nist_186_2_ecdsa_testvector_73),
3713 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3714 nist_186_2_ecdsa_testvector_73),
3715 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3716 nist_186_2_ecdsa_testvector_74),
3717 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3718 nist_186_2_ecdsa_testvector_74),
3719 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3720 nist_186_2_ecdsa_testvector_75),
3721 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3722 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3723 /* [K-163] - GP NOT SUPPORTED */
3724 /* [K-233] - GP NOT SUPPORTED */
3725 /* [K-283] - GP NOT SUPPORTED */
3726 /* [K-409] - GP NOT SUPPORTED */
3727 /* [K-571] - GP NOT SUPPORTED */
3728 /* [B-163] - GP NOT SUPPORTED */
3729 /* [B-233] - GP NOT SUPPORTED */
3730 /* [B-283] - GP NOT SUPPORTED */
3731 /* [B-409] - GP NOT SUPPORTED */
3732 /* [B-571] - GP NOT SUPPORTED */
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3733
3734 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3735 gmt_0003_part5_c2_sm2_testvector),
3736 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_DECRYPT,
3737 gmt_0003_part5_c2_sm2_testvector),
3738 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3739 sm2_testvector2),
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3740
3741 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_VERIFY,
3742 gmt_003_part5_a2),
3743 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_SIGN,
3744 gmt_003_part5_a2),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3745};
3746
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]3747static const struct xtest_ac_case xtest_ac_eddsa_cases[] = {
3748
3749 XTEST_AC_EDDSA_CASE(0, TEE_ALG_ED25519, TEE_MODE_SIGN,
3750 ed25519_rfc_8032_7_1, 0),
3751 XTEST_AC_EDDSA_CASE(0, TEE_ALG_ED25519, TEE_MODE_VERIFY,
3752 ed25519_rfc_8032_7_1, 0),
3753
3754 XTEST_AC_EDDSA_CTX_CASE(0, TEE_ALG_ED25519, TEE_MODE_SIGN,
3755 ed25519ctx_rfc_8032_7_2, 0),
3756 XTEST_AC_EDDSA_CTX_CASE(0, TEE_ALG_ED25519, TEE_MODE_VERIFY,
3757 ed25519ctx_rfc_8032_7_2, 0),
3758
3759 XTEST_AC_EDDSA_CASE(0, TEE_ALG_ED25519, TEE_MODE_SIGN,
3760 ed25519ph_rfc_8032_7_3, 1),
3761 XTEST_AC_EDDSA_CASE(0, TEE_ALG_ED25519, TEE_MODE_VERIFY,
3762 ed25519ph_rfc_8032_7_3, 1),
3763};
3764
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3765static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3766 uint32_t max_key_size, uint32_t key_type,
3767 TEE_Attribute *attrs, size_t num_attrs,
3768 TEE_ObjectHandle *handle)
3769{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3770 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3771
3772 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3773 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3774 max_key_size, handle)))
3775 return false;
3776
3777 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3778 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3779 num_attrs)))
3780 return false;
3781
3782 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3783 uint8_t out[512] = { };
3784 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3785
3786 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3787 continue;
3788
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3789 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3790 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3791 attrs[n].attributeID, out, &out_size)))
3792 return false;
3793
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3794 if (out_size < attrs[n].content.ref.length) {
3795 memmove(out + (attrs[n].content.ref.length - out_size),
3796 out,
3797 attrs[n].content.ref.length);
3798 memset(out, 0, attrs[n].content.ref.length - out_size);
3799 out_size = attrs[n].content.ref.length;
3800 }
3801
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3802 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3803 attrs[n].content.ref.length, out, out_size))
3804 return false;
3805 }
3806
3807 return true;
3808}
3809
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]3810#define XTEST_NO_CURVE 0xFFFFFFFF /* implementation-defined as per GP spec */
3811
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3812static void xtest_tee_test_4006(ADBG_Case_t *c)
3813{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3814 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3815 TEE_OperationHandle op = TEE_HANDLE_NULL;
3816 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3817 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3818 TEE_Attribute key_attrs[8] = { };
Jens Wiklander1f06b7d2022-12-02 21:49:57 +0100[diff] [blame]3819 TEE_Attribute algo_params[2] = { };
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3820 size_t num_algo_params = 0;
3821 uint8_t out[512] = { };
3822 size_t out_size = 0;
3823 uint8_t out_enc[512] = { };
3824 size_t out_enc_size = 0;
3825 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3826 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3827 size_t max_key_size = 0;
3828 size_t num_key_attrs = 0;
3829 uint32_t ret_orig = 0;
3830 size_t n = 0;
3831 uint32_t curve = 0;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3832 uint32_t pub_key_type = 0;
3833 uint32_t priv_key_type = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3834 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3835
3836 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3837 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3838 &ret_orig)))
3839 return;
3840
3841 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3842 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3843
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3844 if (tv->level > level)
3845 continue;
3846
Jerome Forissier4b03e282020-01-22 16:33:12 +0100[diff] [blame]3847 if ((tv->algo == TEE_ALG_SM2_PKE ||
3848 tv->algo == TEE_ALG_SM2_DSA_SM3) &&
3849 !ta_crypt_cmd_is_algo_supported(c, &session, tv->algo,
3850 TEE_ECC_CURVE_SM2)) {
3851 Do_ADBG_Log("SM2 not supported: skip subcase");
3852 continue;
3853 }
3854
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3855 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3856 (int)n, (unsigned int)tv->algo,
3857 (int)tv->line);
3858
3859 /*
3860 * When signing or verifying we're working with the hash of
3861 * the payload.
3862 */
3863 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3864 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3865 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3866#if defined(CFG_CRYPTO_RSASSA_NA1)
3867 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3868 hash_algo = TEE_ALG_SHA256;
3869#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3870 else
3871 hash_algo = TEE_ALG_HASH_ALGO(
3872 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3873
3874 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3875 ta_crypt_cmd_allocate_operation(c, &session,
3876 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3877 goto out;
3878
3879 ptx_hash_size = sizeof(ptx_hash);
3880 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3881 ta_crypt_cmd_digest_do_final(c, & session, op,
3882 tv->ptx, tv->ptx_len, ptx_hash,
3883 &ptx_hash_size)))
3884 goto out;
3885
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3886 /*
3887 * When we use DSA algorithms, the size of the hash we
3888 * consider equals the min between the size of the
3889 * "subprime" in the key and the size of the hash
3890 */
3891 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3892 TEE_MAIN_ALGO_DSA) {
3893 if (tv->params.dsa.sub_prime_len <=
3894 ptx_hash_size)
3895 ptx_hash_size =
3896 tv->params.dsa.sub_prime_len;
3897 }
3898
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3899 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3900 ta_crypt_cmd_free_operation(c, &session, op)))
3901 goto out;
3902 }
3903
3904 num_algo_params = 0;
3905 num_key_attrs = 0;
3906 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3907 case TEE_MAIN_ALGO_RSA:
3908 if (tv->params.rsa.salt_len > 0) {
3909 algo_params[0].attributeID =
3910 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3911 algo_params[0].content.value.a =
3912 tv->params.rsa.salt_len;
3913 algo_params[0].content.value.b = 0;
3914 num_algo_params = 1;
3915 }
3916
3917 max_key_size = tv->params.rsa.modulus_len * 8;
3918
3919 xtest_add_attr(&num_key_attrs, key_attrs,
3920 TEE_ATTR_RSA_MODULUS,
3921 tv->params.rsa.modulus,
3922 tv->params.rsa.modulus_len);
3923 xtest_add_attr(&num_key_attrs, key_attrs,
3924 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3925 tv->params.rsa.pub_exp,
3926 tv->params.rsa.pub_exp_len);
3927
3928 if (!ADBG_EXPECT_TRUE(c,
3929 create_key(c, &session,
3930 max_key_size,
3931 TEE_TYPE_RSA_PUBLIC_KEY,
3932 key_attrs,
3933 num_key_attrs,
3934 &pub_key_handle)))
3935 goto out;
3936
3937 xtest_add_attr(&num_key_attrs, key_attrs,
3938 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3939 tv->params.rsa.priv_exp,
3940 tv->params.rsa.priv_exp_len);
3941
3942 if (tv->params.rsa.prime1_len != 0) {
3943 xtest_add_attr(&num_key_attrs, key_attrs,
3944 TEE_ATTR_RSA_PRIME1,
3945 tv->params.rsa.prime1,
3946 tv->params.rsa.prime1_len);
3947 }
3948
3949 if (tv->params.rsa.prime2_len != 0) {
3950 xtest_add_attr(&num_key_attrs, key_attrs,
3951 TEE_ATTR_RSA_PRIME2,
3952 tv->params.rsa.prime2,
3953 tv->params.rsa.prime2_len);
3954 }
3955
3956 if (tv->params.rsa.exp1_len != 0) {
3957 xtest_add_attr(&num_key_attrs, key_attrs,
3958 TEE_ATTR_RSA_EXPONENT1,
3959 tv->params.rsa.exp1,
3960 tv->params.rsa.exp1_len);
3961 }
3962
3963 if (tv->params.rsa.exp2_len != 0) {
3964 xtest_add_attr(&num_key_attrs, key_attrs,
3965 TEE_ATTR_RSA_EXPONENT2,
3966 tv->params.rsa.exp2,
3967 tv->params.rsa.exp2_len);
3968 }
3969
3970 if (tv->params.rsa.coeff_len != 0) {
3971 xtest_add_attr(&num_key_attrs, key_attrs,
3972 TEE_ATTR_RSA_COEFFICIENT,
3973 tv->params.rsa.coeff,
3974 tv->params.rsa.coeff_len);
3975 }
3976
3977 if (!ADBG_EXPECT_TRUE(c,
3978 create_key(c, &session,
3979 max_key_size,
3980 TEE_TYPE_RSA_KEYPAIR,
3981 key_attrs,
3982 num_key_attrs,
3983 &priv_key_handle)))
3984 goto out;
3985 break;
3986
3987 case TEE_MAIN_ALGO_DSA:
3988 max_key_size = tv->params.dsa.prime_len * 8;
3989
3990 xtest_add_attr(&num_key_attrs, key_attrs,
3991 TEE_ATTR_DSA_PRIME,
3992 tv->params.dsa.prime,
3993 tv->params.dsa.prime_len);
3994 xtest_add_attr(&num_key_attrs, key_attrs,
3995 TEE_ATTR_DSA_SUBPRIME,
3996 tv->params.dsa.sub_prime,
3997 tv->params.dsa.sub_prime_len);
3998 xtest_add_attr(&num_key_attrs, key_attrs,
3999 TEE_ATTR_DSA_BASE,
4000 tv->params.dsa.base,
4001 tv->params.dsa.base_len);
4002 xtest_add_attr(&num_key_attrs, key_attrs,
4003 TEE_ATTR_DSA_PUBLIC_VALUE,
4004 tv->params.dsa.pub_val,
4005 tv->params.dsa.pub_val_len);
4006
4007 if (!ADBG_EXPECT_TRUE(c,
4008 create_key(c, &session, max_key_size,
4009 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
4010 num_key_attrs, &pub_key_handle)))
4011 goto out;
4012
4013 xtest_add_attr(&num_key_attrs, key_attrs,
4014 TEE_ATTR_DSA_PRIVATE_VALUE,
4015 tv->params.dsa.priv_val,
4016 tv->params.dsa.priv_val_len);
4017
4018 if (!ADBG_EXPECT_TRUE(c,
4019 create_key(c, &session, max_key_size,
4020 TEE_TYPE_DSA_KEYPAIR, key_attrs,
4021 num_key_attrs, &priv_key_handle)))
4022 goto out;
4023 break;
4024
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4025 case TEE_MAIN_ALGO_ECDSA:
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4026 case TEE_MAIN_ALGO_SM2_PKE:
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4027 case TEE_MAIN_ALGO_SM2_DSA_SM3:
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4028 switch (tv->algo) {
4029 case TEE_ALG_ECDSA_P192:
4030 curve = TEE_ECC_CURVE_NIST_P192;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4031 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4032 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4033 break;
4034 case TEE_ALG_ECDSA_P224:
4035 curve = TEE_ECC_CURVE_NIST_P224;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4036 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4037 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4038 break;
4039 case TEE_ALG_ECDSA_P256:
4040 curve = TEE_ECC_CURVE_NIST_P256;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4041 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4042 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4043 break;
4044 case TEE_ALG_ECDSA_P384:
4045 curve = TEE_ECC_CURVE_NIST_P384;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4046 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4047 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4048 break;
4049 case TEE_ALG_ECDSA_P521:
4050 curve = TEE_ECC_CURVE_NIST_P521;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4051 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4052 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
4053 break;
4054 case TEE_ALG_SM2_PKE:
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]4055 curve = XTEST_NO_CURVE;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4056 pub_key_type = TEE_TYPE_SM2_PKE_PUBLIC_KEY;
4057 priv_key_type = TEE_TYPE_SM2_PKE_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4058 break;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4059 case TEE_ALG_SM2_DSA_SM3:
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]4060 curve = XTEST_NO_CURVE;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4061 pub_key_type = TEE_TYPE_SM2_DSA_PUBLIC_KEY;
4062 priv_key_type = TEE_TYPE_SM2_DSA_KEYPAIR;
4063 break;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4064 default:
4065 curve = 0xFF;
4066 break;
4067 }
4068
4069 if (tv->algo == TEE_ALG_ECDSA_P521)
4070 max_key_size = 521;
4071 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4072 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4073
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]4074 if (curve != XTEST_NO_CURVE)
4075 xtest_add_attr_value(&num_key_attrs, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4076 TEE_ATTR_ECC_CURVE, curve, 0);
4077 xtest_add_attr(&num_key_attrs, key_attrs,
4078 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4079 tv->params.ecc.public_x,
4080 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4081 xtest_add_attr(&num_key_attrs, key_attrs,
4082 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4083 tv->params.ecc.public_y,
4084 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4085
4086 if (!ADBG_EXPECT_TRUE(c,
4087 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4088 pub_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4089 num_key_attrs, &pub_key_handle)))
4090 goto out;
4091
4092 xtest_add_attr(&num_key_attrs, key_attrs,
4093 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4094 tv->params.ecc.private,
4095 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4096
4097 if (!ADBG_EXPECT_TRUE(c,
4098 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4099 priv_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4100 num_key_attrs, &priv_key_handle)))
4101 goto out;
4102 break;
4103
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4104 default:
4105 ADBG_EXPECT_TRUE(c, false);
4106 goto out;
4107 }
4108
4109 out_size = sizeof(out);
4110 memset(out, 0, sizeof(out));
4111 switch (tv->mode) {
4112 case TEE_MODE_ENCRYPT:
4113 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4114 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4115 &op, tv->algo, TEE_MODE_ENCRYPT,
4116 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4117 goto out;
4118
4119 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4120 ta_crypt_cmd_set_operation_key(c, &session, op,
4121 pub_key_handle)))
4122 goto out;
4123
4124 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4125 ta_crypt_cmd_free_transient_object(c, &session,
4126 pub_key_handle)))
4127 goto out;
4128 pub_key_handle = TEE_HANDLE_NULL;
4129
Jens Wiklander1f06b7d2022-12-02 21:49:57 +0100[diff] [blame]4130 num_algo_params = 0;
4131 if (tv->algo == TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1) {
4132 algo_params[0].attributeID =
4133 TEE_ATTR_RSA_OAEP_MGF_HASH;
4134 algo_params[0].content.ref.length =
4135 sizeof(uint32_t);
4136 algo_params[0].content.ref.buffer =
4137 &(uint32_t){TEE_ALG_SHA1};
4138 num_algo_params = 1;
4139 }
4140
4141
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4142 out_enc_size = sizeof(out_enc);
4143 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4144 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
Jens Wiklander1f06b7d2022-12-02 21:49:57 +0100[diff] [blame]4145 algo_params, num_algo_params, tv->ptx,
4146 tv->ptx_len, out_enc, &out_enc_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4147 goto out;
4148
4149 /*
4150 * A PS which is random is added when formatting the
4151 * message internally of the algorithm so we can't
4152 * verify against precomputed values, instead we use the
4153 * decrypt operation to see that output is correct.
4154 */
4155
4156 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4157 ta_crypt_cmd_free_operation(c, &session, op)))
4158 goto out;
4159
4160 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4161 ta_crypt_cmd_allocate_operation(c, &session,
4162 &op, tv->algo, TEE_MODE_DECRYPT,
4163 max_key_size)))
4164 goto out;
4165
4166 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4167 ta_crypt_cmd_set_operation_key(c, &session, op,
4168 priv_key_handle)))
4169 goto out;
4170
4171 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4172 ta_crypt_cmd_free_transient_object(c, &session,
4173 priv_key_handle)))
4174 goto out;
4175
4176 priv_key_handle = TEE_HANDLE_NULL;
4177
4178 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4179 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4180 NULL, 0, out_enc, out_enc_size, out,
4181 &out_size)))
4182 goto out;
4183
4184 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4185 out_size);
4186 break;
4187
4188 case TEE_MODE_DECRYPT:
4189 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4190 ta_crypt_cmd_allocate_operation(c, &session,
4191 &op, tv->algo, TEE_MODE_DECRYPT,
4192 max_key_size)))
4193 goto out;
4194
4195 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4196 ta_crypt_cmd_set_operation_key(c, &session, op,
4197 priv_key_handle)))
4198 goto out;
4199
4200 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4201 ta_crypt_cmd_free_transient_object(c, &session,
4202 priv_key_handle)))
4203 goto out;
4204
4205 priv_key_handle = TEE_HANDLE_NULL;
4206
4207 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4208 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4209 NULL, 0, tv->ctx, tv->ctx_len, out,
4210 &out_size)))
4211 goto out;
4212
4213 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4214 out_size);
4215 break;
4216
4217 case TEE_MODE_VERIFY:
4218 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4219 ta_crypt_cmd_allocate_operation(c, &session,
4220 &op, tv->algo, TEE_MODE_VERIFY,
4221 max_key_size)))
4222 goto out;
4223
4224 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4225 ta_crypt_cmd_set_operation_key(c, &session, op,
4226 pub_key_handle)))
4227 goto out;
4228
4229 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4230 ta_crypt_cmd_free_transient_object(c, &session,
4231 pub_key_handle)))
4232 goto out;
4233
4234 pub_key_handle = TEE_HANDLE_NULL;
4235
4236 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4237 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4238 algo_params, num_algo_params, ptx_hash,
4239 ptx_hash_size, tv->ctx, tv->ctx_len)))
4240 goto out;
4241 break;
4242
4243 case TEE_MODE_SIGN:
4244 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4245 ta_crypt_cmd_allocate_operation(c, &session,
4246 &op, tv->algo, TEE_MODE_SIGN,
4247 max_key_size)))
4248 goto out;
4249
4250 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4251 ta_crypt_cmd_set_operation_key(c, &session, op,
4252 priv_key_handle)))
4253 goto out;
4254
4255 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4256 ta_crypt_cmd_free_transient_object(c, &session,
4257 priv_key_handle)))
4258 goto out;
4259
4260 priv_key_handle = TEE_HANDLE_NULL;
4261
4262 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4263 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4264 algo_params, num_algo_params, ptx_hash,
4265 ptx_hash_size, out, &out_size)))
4266 goto out;
4267
4268 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4269 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4270 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4271 tv->algo == TEE_ALG_DSA_SHA224 ||
4272 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4273 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4274 TEE_MAIN_ALGO_ECDSA ||
4275 tv->algo == TEE_ALG_SM2_DSA_SM3) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4276 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4277 ta_crypt_cmd_free_operation(c, &session,
4278 op)))
4279 goto out;
4280 /*
4281 * The salt or K is random so we can't verify
4282 * signing against precomputed values, instead
4283 * we use the verify operation to see that
4284 * output is correct.
4285 */
4286 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4287 ta_crypt_cmd_allocate_operation(c,
4288 &session, &op, tv->algo,
4289 TEE_MODE_VERIFY, max_key_size)))
4290 goto out;
4291
4292 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4293 ta_crypt_cmd_set_operation_key(c,
4294 &session, op, pub_key_handle)))
4295 goto out;
4296
4297 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4298 ta_crypt_cmd_free_transient_object(c,
4299 &session, pub_key_handle)))
4300 goto out;
4301
4302 pub_key_handle = TEE_HANDLE_NULL;
4303
4304 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4305 ta_crypt_cmd_asymmetric_verify(c,
4306 &session, op, algo_params,
4307 num_algo_params, ptx_hash,
4308 ptx_hash_size, out, out_size)))
4309 goto out;
4310 } else {
4311 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4312 tv->ctx_len, out,
4313 out_size);
4314 }
4315 break;
4316
4317 default:
4318 break;
4319 }
4320
4321 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4322 ta_crypt_cmd_free_operation(c, &session, op)))
4323 goto out;
4324
4325 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4326 ta_crypt_cmd_free_transient_object(c, &session,
4327 pub_key_handle)))
4328 goto out;
4329 pub_key_handle = TEE_HANDLE_NULL;
4330
4331 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4332 ta_crypt_cmd_free_transient_object(c, &session,
4333 priv_key_handle)))
4334 goto out;
4335
4336 priv_key_handle = TEE_HANDLE_NULL;
4337
4338 Do_ADBG_EndSubCase(c, NULL);
4339 }
4340out:
4341 TEEC_CloseSession(&session);
4342}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4343ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4344 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4345
4346#define KEY_ATTR(x, y) { #x, (x), y }
4347
4348struct key_attrs {
4349 const char *name;
4350 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4351 /*
4352 * When keysize_check != 0: size of attribute is checked
4353 * Expected value is key_size bits except for DH in which case it is
4354 * the value of keysize_check.
4355 */
4356 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4357};
4358
4359static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4360 TEE_ObjectHandle key, uint32_t key_size,
4361 struct key_attrs *attrs, size_t num_attrs)
4362{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4363 uint8_t out[2048] = { };
4364 size_t out_size = 0;
4365 size_t n = 0;
4366 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4367
4368 for (m = 0; m < num_attrs; m++) {
4369 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4370 out_size = sizeof(out);
4371 memset(out, 0, sizeof(out));
4372 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4373 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4374 key, attrs[m].attr, out, &out_size)))
4375 return false;
4376
4377 if (attrs[m].keysize_check)
Jerome Forissierfe94e562020-11-17 17:22:40 +0100[diff] [blame]4378 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, <=,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4379 key_size / 8);
4380
4381 if (out_size > 0) {
4382 /* Check that buffer isn't all zeroes */
4383 for (n = 0; n < out_size; n++)
4384 if (out[n] != 0)
4385 break;
4386 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4387 out_size))
4388 return false;
4389 }
4390 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4391 uint32_t a = 0;
4392 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4393
4394 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4395 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4396 attrs[m].attr, &a, &b)))
4397 return false;
4398 }
4399 }
4400 return true;
4401}
4402
4403static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4404 TEE_ObjectHandle key, uint32_t key_size)
4405{
4406 const struct key_attrs attrs[] = {
4407 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4408 };
4409
4410 return test_keygen_attributes(c, s, key, key_size,
4411 (struct key_attrs *)&attrs,
4412 ARRAY_SIZE(attrs));
4413}
4414
4415
4416static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4417 TEE_ObjectHandle key, uint32_t key_size)
4418{
4419 const struct key_attrs attrs[] = {
4420 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4421 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4422 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4423 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4424 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4425 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4426 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4427 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4428 };
4429
4430 return test_keygen_attributes(c, s, key, key_size,
4431 (struct key_attrs *)&attrs,
4432 ARRAY_SIZE(attrs));
4433}
4434
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4435static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4436 TEE_ObjectHandle key, uint32_t key_size)
4437{
4438 const struct key_attrs attrs[] = {
4439 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4440 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4441 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4442 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4443 };
4444
4445 return test_keygen_attributes(c, s, key, key_size,
4446 (struct key_attrs *)&attrs,
4447 ARRAY_SIZE(attrs));
4448}
4449
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4450static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4451 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4452{
4453 const struct key_attrs attrs[] = {
4454 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4455 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4456 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4457 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4458 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4459 };
4460
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4461 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4462 (struct key_attrs *)&attrs,
4463 ARRAY_SIZE(attrs));
4464}
4465
4466static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4467 TEE_ObjectHandle key, uint32_t key_size)
4468{
4469 const struct key_attrs attrs[] = {
4470 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4471 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4472 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4473 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4474 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4475 };
4476
4477 return test_keygen_attributes(c, s, key, key_size,
4478 (struct key_attrs *)&attrs,
4479 ARRAY_SIZE(attrs));
4480}
4481
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4482static bool test_x25519_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4483 TEE_ObjectHandle key, uint32_t key_size)
4484{
4485 const struct key_attrs attrs[] = {
4486 KEY_ATTR(TEE_ATTR_X25519_PRIVATE_VALUE, false),
4487 KEY_ATTR(TEE_ATTR_X25519_PUBLIC_VALUE, false),
4488 };
4489
4490 return test_keygen_attributes(c, s, key, key_size,
4491 (struct key_attrs *)&attrs,
4492 ARRAY_SIZE(attrs));
4493}
4494
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]4495static bool test_ed25519_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4496 TEE_ObjectHandle key, uint32_t key_size)
4497{
4498 const struct key_attrs attrs[] = {
4499 KEY_ATTR(TEE_ATTR_ED25519_PRIVATE_VALUE, false),
4500 KEY_ATTR(TEE_ATTR_ED25519_PUBLIC_VALUE, false),
4501 };
4502
4503 return test_keygen_attributes(c, s, key, key_size,
4504 (struct key_attrs *)&attrs,
4505 ARRAY_SIZE(attrs));
4506}
4507
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4508static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4509 uint32_t key_type, uint32_t check_keysize,
4510 uint32_t key_size,
4511 TEE_Attribute *params, size_t param_count)
4512{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4513 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4514 bool ret_val = true;
4515
4516 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4517 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4518 &key)))
4519 return false;
4520
4521 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4522 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4523 param_count)))
4524 return false;
4525
4526 switch (key_type) {
4527 case TEE_TYPE_DES:
4528 case TEE_TYPE_DES3:
4529 ret_val = ADBG_EXPECT_TRUE(c,
4530 test_secret_value(c, s, key,
4531 key_size + key_size / 7));
4532 break;
4533 case TEE_TYPE_AES:
4534 case TEE_TYPE_HMAC_MD5:
4535 case TEE_TYPE_HMAC_SHA1:
4536 case TEE_TYPE_HMAC_SHA224:
4537 case TEE_TYPE_HMAC_SHA256:
4538 case TEE_TYPE_HMAC_SHA384:
4539 case TEE_TYPE_HMAC_SHA512:
4540 case TEE_TYPE_GENERIC_SECRET:
4541 ret_val = ADBG_EXPECT_TRUE(c,
4542 test_secret_value(c, s, key, key_size));
4543 break;
4544
4545 case TEE_TYPE_RSA_KEYPAIR:
4546 ret_val = ADBG_EXPECT_TRUE(c,
4547 test_rsa_key_pair(c, s, key, key_size));
4548 break;
4549
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4550 case TEE_TYPE_ECDSA_KEYPAIR:
4551 case TEE_TYPE_ECDH_KEYPAIR:
4552 ret_val = ADBG_EXPECT_TRUE(c,
4553 test_ecc_key_pair(c, s, key, key_size));
4554 break;
4555
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4556 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4557 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4558 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4559 break;
4560
4561 case TEE_TYPE_DSA_KEYPAIR:
4562 ret_val = ADBG_EXPECT_TRUE(c,
4563 test_dsa_key_pair(c, s, key, key_size));
4564 break;
4565
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4566 case TEE_TYPE_X25519_KEYPAIR:
4567 ret_val = ADBG_EXPECT_TRUE(c,
4568 test_x25519_key_pair(c, s, key, key_size));
4569 break;
4570
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]4571 case TEE_TYPE_ED25519_KEYPAIR:
4572 ret_val = ADBG_EXPECT_TRUE(c,
4573 test_ed25519_key_pair(c, s, key, key_size));
4574 break;
4575
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4576 default:
4577 ret_val = false;
4578 break;
4579 }
4580
4581 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4582 ta_crypt_cmd_free_transient_object(c, s, key)))
4583 return false;
4584
4585 return ret_val;
4586}
4587
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4588struct key_types_noparam {
4589 unsigned level;
4590 const char *name;
4591 uint32_t key_type;
4592 uint32_t quanta;
4593 uint32_t min_size;
4594 uint32_t max_size;
4595};
4596
4597static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4598 const struct key_types_noparam *key_types,
4599 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4600{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4601 size_t n = 0;
4602 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4603
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4604 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4605 uint32_t min_size = key_types[n].min_size;
4606 uint32_t max_size = key_types[n].max_size;
4607 uint32_t quanta = key_types[n].quanta;
4608
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4609 if (key_types[n].level > level)
4610 continue;
4611
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4612 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4613
4614 for (key_size = min_size; key_size <= max_size;
4615 key_size += quanta) {
4616 if (!ADBG_EXPECT_TRUE(c,
4617 generate_and_test_key(c, session, key_types
4618 [n].key_type, 1, key_size, NULL, 0)))
4619 break;
4620 }
4621
4622 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4623 }
4624}
4625
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4626static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4627{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4628 TEEC_Session session = { };
4629 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4630 static const struct key_types_noparam key_types[] = {
4631 { 0, "AES", TEE_TYPE_AES, 64, 128,
4632 256 /* valid sizes 128, 192, 256 */ },
4633 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4634 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4635 168 /* valid sizes 112, 168 */ },
4636 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4637 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4638 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4639 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4640 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4641 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4642 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4643 };
4644
4645 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4646 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4647 &ret_orig)))
4648 return;
4649
4650 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4651
4652 TEEC_CloseSession(&session);
4653}
4654ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4655 "Test TEE Internal API Generate Symmetric key");
4656
4657static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4658{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4659 TEEC_Session session = { };
4660 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4661 static const struct key_types_noparam key_types[] = {
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4662#ifndef CFG_CRYPTO_SE05X
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4663 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4664 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4665#endif
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4666 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4667#ifndef CFG_CRYPTO_SE05X
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4668 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4669 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4670 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4671#endif
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4672 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4673 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4674 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4675 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4676 };
4677
4678 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4679 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4680 &ret_orig)))
4681 return;
4682
4683 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4684
4685 TEEC_CloseSession(&session);
4686}
4687ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4688 "Test TEE Internal API Generate RSA key");
4689
4690static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4691{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4692 TEEC_Session session = { };
4693 uint32_t ret_orig = 0;
4694 size_t n = 0;
4695 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4696 /*
4697 * Note that the key size parameter is not used when creating the keys
4698 * but specifying these sizes make it possible to test the expected size
4699 * of the private value. This also means that the keysize must match the
4700 * size of p or what is specified in private_bits or the equvivalent
4701 * size of the subprime parameter.
4702 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4703 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4704
4705#define XTEST_DH_GK_DATA(vect) \
4706 ARRAY(vect ## _p), \
4707 ARRAY(vect ## _g), \
4708 &vect ## _private_bits, \
4709 0, 0
4710#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4711 ARRAY(vect ## _p), \
4712 ARRAY(vect ## _g), \
4713 &vect ## _private_bits, \
4714 ARRAY(vect ## _subprime)
4715 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4716 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4717 uint32_t key_size;
4718 const uint8_t *p;
4719 size_t p_len;
4720 const uint8_t *g;
4721 size_t g_len;
4722 const uint32_t *private_bits;
4723 const uint8_t *subprime;
4724 size_t subprime_len;
4725 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4726 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4727 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4728 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4729 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4730 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4731 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4732 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4733 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4734 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4735 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4736 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4737 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4738 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4739 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4740 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4741 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4742 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4743 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4744 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4745 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4746 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4747 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4748 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4749 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4750 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4751 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4752 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4753 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4754 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4755 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4756 };
4757
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4758 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4759 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4760 &ret_orig)))
4761 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4762
4763 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4764 if (key_types[n].level > level)
4765 continue;
4766
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4767 Do_ADBG_BeginSubCase(c,
4768 "Generate DH key %d bits - Private bits = %d",
4769 key_types[n].key_size,
4770 *key_types[n].private_bits);
4771 param_count = 0;
4772
4773 xtest_add_attr(&param_count, params,
4774 TEE_ATTR_DH_PRIME,
4775 key_types[n].p, key_types[n].p_len);
4776
4777 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4778 key_types[n].g, key_types[n].g_len);
4779
4780 if (key_types[n].private_bits != 0) {
4781 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4782
4783 params[param_count].content.value.a =
4784 *key_types[n].private_bits;
4785
4786 params[param_count].content.value.b = 0;
4787 param_count++;
4788 }
4789
4790 if (key_types[n].subprime != 0) {
4791 xtest_add_attr(&param_count, params,
4792 TEE_ATTR_DH_SUBPRIME,
4793 key_types[n].subprime,
4794 key_types[n].subprime_len);
4795 }
4796
4797 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4798 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4799 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4800 key_types[n]. key_size, params, param_count)))
4801 break;
4802
4803 Do_ADBG_EndSubCase(c,
4804 "Generate DH key %d bits - Private bits = %d",
4805 key_types[n].key_size,
4806 *key_types[n].private_bits);
4807 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4808
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4809 TEEC_CloseSession(&session);
4810}
4811ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4812 "Test TEE Internal API Generate DH key");
4813
4814static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4815{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4816 TEEC_Session session = { };
4817 uint32_t ret_orig = 0;
4818 size_t n = 0;
4819 size_t param_count = 0;
4820 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4821
4822#define XTEST_DSA_GK_DATA(vect) \
4823 ARRAY(vect ## _p), \
4824 ARRAY(vect ## _g), \
4825 ARRAY(vect ## _q)
4826 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4827 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4828 uint32_t key_size;
4829 const uint8_t *prime;
4830 size_t prime_len;
4831 const uint8_t *base;
4832 size_t base_len;
4833 const uint8_t *sub_prime;
4834 size_t sub_prime_len;
4835 } key_types[] = {
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4836 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4837 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4838 { 0, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4839 { 0, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4840 { 0, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4841 { 0, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4842 { 0, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4843 { 0, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4844 { 0, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4845 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4846 };
4847
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4848 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4849 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4850 &ret_orig)))
4851 return;
4852
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4853 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4854 if (key_types[n].level > level)
4855 continue;
4856
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4857 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4858 key_types[n].key_size);
4859 param_count = 0;
4860
4861
4862 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4863 key_types[n].prime, key_types[n].prime_len);
4864
4865 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4866 key_types[n].sub_prime,
4867 key_types[n].sub_prime_len);
4868
4869 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4870 key_types[n].base, key_types[n].base_len);
4871
4872 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4873 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4874 1, key_types[n]. key_size, params,
4875 param_count)))
4876 break;
4877
4878 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4879 key_types[n].key_size);
4880 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4881
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4882 TEEC_CloseSession(&session);
4883}
4884ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4885 "Test TEE Internal API Generate DSA key");
4886
4887static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4888{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4889 TEEC_Session session = { };
4890 uint32_t ret_orig = 0;
4891 size_t n = 0;
4892 size_t param_count = 0;
4893 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4894
4895 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4896 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4897 const char *name;
4898 uint32_t algo;
4899 uint32_t curve;
4900 uint32_t key_size;
4901 } key_types[] = {
4902 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4903 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4904 192 },
4905 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4906 224 },
4907 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4908 256 },
4909 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4910 384 },
4911 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4912 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4913
4914 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4915 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4916 192 },
4917 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4918 224 },
4919 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4920 256 },
4921 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4922 384 },
4923 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4924 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4925 };
4926
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4927 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4928 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4929 &ret_orig)))
4930 return;
4931
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4932 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4933 if (key_types[n].level > level)
4934 continue;
4935
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4936 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4937 param_count = 0;
4938
4939 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4940 key_types[n].curve, 0);
4941
4942 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4943 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4944 0, key_types[n].key_size, params,
4945 param_count)))
4946 break;
4947
4948 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4949 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4950
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4951 TEEC_CloseSession(&session);
4952}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4953ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
4954 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4955
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4956static void xtest_tee_test_4007_x25519(ADBG_Case_t *c)
4957{
4958 TEEC_Session session = { };
4959 uint32_t ret_orig = 0;
4960
4961 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4962 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
4963 NULL, &ret_orig)))
4964 return;
4965
Jerome Forissier366179c2022-06-28 10:12:58 +0200[diff] [blame]4966 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_X25519,
4967 TEE_ECC_CURVE_25519)) {
4968 Do_ADBG_Log("X25519 not supported: skip subcase");
4969 goto out;
4970 }
4971
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4972 Do_ADBG_BeginSubCase(c, "Generate X25519 key");
4973
4974 if (!ADBG_EXPECT_TRUE(c,
4975 generate_and_test_key(c, &session,
4976 TEE_TYPE_X25519_KEYPAIR, 0, 256,
4977 NULL, 0)))
4978 return;
4979
4980 Do_ADBG_EndSubCase(c, "Generate X25519 key");
Jerome Forissier366179c2022-06-28 10:12:58 +0200[diff] [blame]4981out:
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4982 TEEC_CloseSession(&session);
4983}
4984ADBG_CASE_DEFINE(regression, 4007_x25519, xtest_tee_test_4007_x25519,
4985 "Test TEE Internal API Generate X25519 key");
4986
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]4987
4988static void xtest_tee_test_4007_ed25519(ADBG_Case_t *c)
4989{
4990 TEEC_Session session = { };
4991 uint32_t ret_orig = 0;
4992
4993 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4994 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
4995 NULL, &ret_orig)))
4996 return;
4997
4998 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_ED25519,
4999 TEE_ECC_CURVE_25519)) {
5000 Do_ADBG_Log("ED25519 not supported: skip subcase");
5001 goto out;
5002 }
5003
5004 Do_ADBG_BeginSubCase(c, "Generate Ed25519 key");
5005
5006 ADBG_EXPECT_TRUE(c, generate_and_test_key(c, &session,
5007 TEE_TYPE_ED25519_KEYPAIR,
5008 0, 256, NULL, 0));
5009
5010 Do_ADBG_EndSubCase(c, "Generate Ed25519 key");
5011out:
5012 TEEC_CloseSession(&session);
5013}
5014ADBG_CASE_DEFINE(regression, 4007_ed25519, xtest_tee_test_4007_ed25519,
5015 "Test TEE Internal API Generate ed25519 key");
5016
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5017static void xtest_tee_test_4008(ADBG_Case_t *c)
5018{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5019 TEEC_Session session = { };
5020 uint32_t ret_orig = 0;
5021 TEE_OperationHandle op = TEE_HANDLE_NULL;
5022 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
5023 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5024 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5025 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5026 uint8_t out[2048] = { };
5027 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5028
5029 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5030 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5031 &ret_orig)))
5032 return;
5033
5034 Do_ADBG_BeginSubCase(c, "Derive DH key success");
5035
5036 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5037 ta_crypt_cmd_allocate_operation(c, &session, &op,
5038 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
5039 derive_key_max_keysize)))
5040 goto out;
5041
5042 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5043 ta_crypt_cmd_allocate_transient_object(c, & session,
5044 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
5045 &key_handle)))
5046 goto out;
5047
5048 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
5049 ARRAY(derive_key_dh_prime));
5050
5051 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
5052 ARRAY(derive_key_dh_base));
5053
5054 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5055 ARRAY(derive_key_dh_public_value));
5056
5057 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
5058 ARRAY(derive_key_dh_private_value));
5059
5060 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5061 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
5062 params, param_count)))
5063 goto out;
5064
5065 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5066 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
5067 goto out;
5068
5069 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5070 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
5071 goto out;
5072
5073 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5074 ta_crypt_cmd_allocate_transient_object(c, &session,
5075 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
5076 &sv_handle)))
5077 goto out;
5078
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5079 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5080 param_count = 0;
5081
5082 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5083 ARRAY(derive_key_dh_public_value_2));
5084
5085 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5086 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5087 param_count)))
5088 goto out;
5089
5090 out_size = sizeof(out);
5091 memset(out, 0, sizeof(out));
5092 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5093 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5094 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5095 goto out;
5096
5097 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
5098 sizeof(derive_key_dh_shared_secret), out,
5099 out_size))
5100 goto out;
5101
5102 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5103 ta_crypt_cmd_free_operation(c, &session, op)))
5104 goto out;
5105
5106 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5107 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5108 goto out;
5109out:
5110 Do_ADBG_EndSubCase(c, "Derive DH key success");
5111 TEEC_CloseSession(&session);
5112}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5113ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
5114 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5115
5116static void xtest_tee_test_4009(ADBG_Case_t *c)
5117{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5118 TEEC_Session session = { };
5119 uint32_t ret_orig = 0;
5120 TEE_OperationHandle op = TEE_HANDLE_NULL;
5121 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
5122 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5123 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5124 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5125 uint8_t out[2048] = { };
5126 size_t out_size = 0;
5127 uint32_t size_bytes = 0;
5128 uint32_t i = 0;
Ruchika Gupta454b0b62020-10-30 13:23:19 +0530[diff] [blame]5129 struct derive_key_ecdh_t const *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5130
5131 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5132 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5133 &ret_orig)))
5134 return;
5135
5136 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
5137 pt = &derive_key_ecdh[i];
5138
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]5139 if (pt->level > level)
5140 continue;
5141
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5142 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
5143 pt->algo);
5144 size_bytes = (pt->keysize + 7) / 8;
5145 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5146 ta_crypt_cmd_allocate_operation(c, &session, &op,
5147 pt->algo,
5148 TEE_MODE_DERIVE, pt->keysize)))
5149 goto out;
5150
5151 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5152 ta_crypt_cmd_allocate_transient_object(c, & session,
5153 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
5154 &key_handle)))
5155 goto out;
5156
5157 param_count = 0;
5158 xtest_add_attr_value(&param_count, params,
5159 TEE_ATTR_ECC_CURVE, pt->curve, 0);
5160 xtest_add_attr(&param_count, params,
5161 TEE_ATTR_ECC_PRIVATE_VALUE,
5162 pt->private, size_bytes);
5163 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5164 * The public value is not used, but we should provide a valid
5165 * one to avoid rejection in case TEE_PopulateTransientObject()
5166 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5167 */
5168 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5169 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5170 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5171 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5172 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5173 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5174
5175 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5176 ta_crypt_cmd_populate_transient_object(c,
5177 &session,
5178 key_handle, params, param_count)))
5179 goto out;
5180
5181 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5182 ta_crypt_cmd_set_operation_key(c, &session, op,
5183 key_handle)))
5184 goto out;
5185
5186 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5187 ta_crypt_cmd_free_transient_object(c, & session,
5188 key_handle)))
5189 goto out;
5190
5191 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5192 ta_crypt_cmd_allocate_transient_object(c, &session,
5193 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
5194 &sv_handle)))
5195 goto out;
5196
5197 /* reuse but reset params and param-count */
5198 param_count = 0;
5199
5200 xtest_add_attr(&param_count, params,
5201 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5202 pt->public_x, size_bytes);
5203 xtest_add_attr(&param_count, params,
5204 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5205 pt->public_y, size_bytes);
5206
5207 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5208 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
5209 params, param_count)))
5210 goto out;
5211
5212 out_size = sizeof(out);
5213 memset(out, 0, sizeof(out));
5214 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5215 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
5216 sv_handle,
5217 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5218 goto out;
5219
5220 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
5221 out, out_size))
5222 goto out;
5223
5224 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5225 ta_crypt_cmd_free_operation(c, &session, op)))
5226 goto out;
5227
5228 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5229 ta_crypt_cmd_free_transient_object(c, &session,
5230 sv_handle)))
5231 goto out;
5232
5233 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
5234 pt->algo);
5235 }
5236
5237 goto noerror;
5238
5239out:
5240 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
5241
5242noerror:
5243 TEEC_CloseSession(&session);
5244}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5245ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
5246 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5247
5248static void xtest_tee_test_4010(ADBG_Case_t *c)
5249{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5250 TEEC_Session session = { };
5251 uint32_t ret_orig = 0;
5252 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5253 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
5254 static const TEE_Attribute attr = {
5255 .attributeID = TEE_ATTR_SECRET_VALUE,
5256 .content.ref.buffer = (void *)large_key,
5257 .content.ref.length = sizeof(large_key),
5258 };
5259
5260 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5261 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5262 &ret_orig)))
5263 return;
5264
5265 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5266 ta_crypt_cmd_allocate_transient_object(c, &session,
5267 TEE_TYPE_HMAC_SHA256, 1024, &o)))
5268 goto out;
5269
5270 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
5271 ta_crypt_cmd_populate_transient_object(c, &session, o,
5272 &attr, 1));
5273
5274out:
5275 TEEC_CloseSession(&session);
5276}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5277ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
5278 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5279
5280static void xtest_tee_test_4011(ADBG_Case_t *c)
5281{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5282 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5283 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5284 TEE_ObjectHandle key = TEE_HANDLE_NULL;
5285 TEE_OperationHandle ops = TEE_HANDLE_NULL;
5286 TEE_OperationHandle opv = TEE_HANDLE_NULL;
5287 TEE_OperationHandle ope = TEE_HANDLE_NULL;
5288 TEE_OperationHandle opd = TEE_HANDLE_NULL;
5289 uint32_t ret_orig = 0;
5290 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
5291 uint8_t out[1024] = { };
5292 uint8_t tmp[1024] = { };
5293 size_t out_size = 0;
5294 size_t tmp_size = 0;
5295 size_t n = 0;
5296 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5297 size_t i = 0;
5298
5299 /* Setup session, initialize message to sign, create a keypair */
5300 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
5301 &crypt_user_ta_uuid, NULL, &ret_orig)))
5302 return;
5303 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
5304 &s, in, sizeof(in))))
5305 goto out;
5306 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
5307 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
5308 goto out;
5309 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
5310 key, key_size, NULL, 0)))
5311 goto out;
5312
5313 /* Allocate operations for sign, verify, encrypt and decrypt */
5314 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5315 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
5316 key_size)))
5317 goto out;
5318 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5319 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
5320 key_size)))
5321 goto out;
5322 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5323 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
5324 goto out;
5325 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5326 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
5327 goto out;
5328
5329 /* Assign the keypair to all operations */
5330 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5331 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
5332 goto out;
5333 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5334 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
5335 goto out;
5336 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5337 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
5338 goto out;
5339 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5340 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
5341 goto out;
5342
5343 /*
5344 * The core of the test case is inspired by the one in libtomcrypt:
5345 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
5346 *
5347 * Testcase for Bleichenbacher attack
5348 *
5349 * (1) Create a valid signature
5350 * (2) Check that it can be verified
5351 * (3) Transform the package to fetch plain text (using the encrypt
5352 * operation in GP TEE Internal API)
5353 * (4) Forge the structure of PKCS#1-EMSA encoded data
5354 * (4.1) Search for start and end of the padding string
5355 * (4.2) Move the signature to the front of the padding string
5356 * (4.3) Zero the message until the end
5357 * (5) Transform the package back (using the decrypt operation in
5358 * GP TEE Internal API)
5359 * (6) The result should not be valid if the implementation is robust.
5360 */
5361
5362
5363 for (i = 0; i < 9; i++) {
5364 Do_ADBG_Log("Iteration %zu", i);
5365
5366 /* 1 */
5367 out_size = sizeof(out);
5368 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5369 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5370 in, sizeof(in), out, &out_size)))
5371 goto out;
5372
5373 /* 2 */
5374 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5375 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5376 in, sizeof(in), out, out_size)))
5377 goto out;
5378
5379 /* 3 */
5380 tmp_size = sizeof(tmp);
5381 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5382 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5383 out, out_size, tmp, &tmp_size)))
5384 goto out;
5385
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5386 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5387 goto out;
5388
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5389 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5390 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5391 if (tmp[n] == 0xff)
5392 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5393
5394 /* Shall find at least a padding start before buffer end */
5395 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5396 goto out;
5397
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5398 for (m = n + 1; m < tmp_size; m++)
5399 if (tmp[m] != 0xff)
5400 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5401
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5402 /* 4.2 */
5403 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5404
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5405 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5406 n = n + i + tmp_size - m;
Etienne Carriereacb81c42020-04-24 14:58:58 +0200[diff] [blame]5407
5408 /* Prevent overrun when zeroing buffer end */
5409 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <=, tmp_size))
5410 goto out;
5411
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5412 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5413
5414 /* 5 */
5415 out_size = sizeof(out);
5416 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5417 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5418 tmp, tmp_size, out, &out_size)))
5419 goto out;
5420
5421 /* 6 */
5422 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5423 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5424 in, sizeof(in), out, out_size)))
5425 goto out;
5426 }
5427
5428out:
5429 TEEC_CloseSession(&s);
5430}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5431ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5432 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5433
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5434static void xtest_tee_test_4012(ADBG_Case_t *c)
5435{
Jens Wiklanderc44350d2022-12-02 20:56:49 +0100[diff] [blame]5436 TEEC_Result res = TEEC_SUCCESS;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5437 TEEC_Session session = { };
5438 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5439 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5440 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5441 uint8_t pool_input[32] = { };
5442 time_t t = 0;
5443 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5444
5445 t = time(NULL);
5446 tm_local = *localtime(&t);
5447
5448 memcpy((void *)pool_input, (void *)&tm_local,
5449 sizeof(pool_input) < sizeof(tm_local) ?
5450 sizeof(pool_input) : sizeof(tm_local));
5451
5452
5453 op.params[0].tmpref.buffer = pool_input;
5454 op.params[0].tmpref.size = sizeof(pool_input);
5455 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5456 TEEC_NONE,
5457 TEEC_NONE,
5458 TEEC_NONE);
5459 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5460 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5461 &ret_orig)))
5462 return;
5463
Jens Wiklanderc44350d2022-12-02 20:56:49 +0100[diff] [blame]5464 res = TEEC_InvokeCommand(&session, TA_CRYPT_CMD_SEED_RNG_POOL,
5465 &op, &ret_orig);
5466 if (res == TEEC_ERROR_ITEM_NOT_FOUND &&
5467 ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, ret_orig,
5468 TEEC_ORIGIN_TRUSTED_APP))
5469 Do_ADBG_Log("System PTA not available, skipping test 4012");
5470 else
5471 ADBG_EXPECT_TEEC_SUCCESS(c, res);
5472
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5473 TEEC_CloseSession(&session);
5474}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5475ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5476 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5477
5478static void xtest_tee_test_4013(ADBG_Case_t *c)
5479{
Jens Wiklanderc44350d2022-12-02 20:56:49 +0100[diff] [blame]5480 TEEC_Result res = TEEC_SUCCESS;
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5481 TEEC_Session session = { };
5482 uint32_t ret_orig = 0;
5483 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5484 uint8_t key[32] = { };
5485 uint8_t extra_data[32] = { };
5486
5487 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5488 TEEC_NONE,
5489 TEEC_NONE,
5490 TEEC_NONE);
5491 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5492 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5493 NULL, &ret_orig)))
5494 return;
5495
Jens Wiklanderc44350d2022-12-02 20:56:49 +0100[diff] [blame]5496 res = TEEC_InvokeCommand(&session, TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5497 &op, &ret_orig);
5498 if (res == TEEC_ERROR_ITEM_NOT_FOUND &&
5499 ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, ret_orig,
5500 TEEC_ORIGIN_TRUSTED_APP)) {
5501 Do_ADBG_Log("System PTA not available, skipping test 4013");
5502 goto out;
5503 }
5504 ADBG_EXPECT_TEEC_SUCCESS(c, res);
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5505
5506 /* Negative test using non-secure memory */
5507 memset(&op, 0, sizeof(op));
5508 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5509 TEEC_MEMREF_TEMP_OUTPUT,
5510 TEEC_NONE,
5511 TEEC_NONE);
5512
5513 op.params[0].tmpref.buffer = extra_data;
5514 op.params[0].tmpref.size = sizeof(extra_data);
5515 op.params[1].tmpref.buffer = key;
5516 op.params[1].tmpref.size = sizeof(key);
5517 (void)ADBG_EXPECT_TEEC_RESULT(c,
5518 TEEC_ERROR_SECURITY,
5519 TEEC_InvokeCommand(&session,
5520 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5521 &op,
5522 &ret_orig));
5523
Jens Wiklanderc44350d2022-12-02 20:56:49 +0100[diff] [blame]5524out:
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5525 TEEC_CloseSession(&session);
5526}
5527ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5528 "Test generation of device unique TA keys");
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5529
5530static void xtest_tee_test_4014(ADBG_Case_t *c)
5531{
5532 TEEC_Session session = { };
5533 uint32_t ret_orig = 0;
5534 TEE_OperationHandle op = TEE_HANDLE_NULL;
5535 TEE_ObjectHandle keyA = TEE_HANDLE_NULL;
5536 TEE_ObjectHandle eph_keyA = TEE_HANDLE_NULL;
5537 TEE_ObjectHandle keyB = TEE_HANDLE_NULL;
5538 TEE_ObjectHandle eph_keyB = TEE_HANDLE_NULL;
5539 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5540 TEE_Attribute params[9] = { };
5541 size_t param_count = 0;
5542 uint8_t out[128] = { };
5543 size_t out_size = 0;
5544 uint8_t conf_A[32] = { };
5545 uint8_t conf_B[32] = { };
5546
5547 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5548 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5549 &ret_orig)))
5550 return;
5551
5552 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM2_KEP,
5553 TEE_ECC_CURVE_SM2)) {
5554 Do_ADBG_Log("SM2 KEP not supported: skip subcase");
5555 goto out;
5556 }
5557
5558 Do_ADBG_BeginSubCase(c, "Initiator side");
5559
5560 /*
5561 * Key exchange protocol running on user A's side. A is initiator.
5562 */
5563
5564 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5565 ta_crypt_cmd_allocate_operation(c, &session, &op,
5566 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5567 goto out;
5568
5569 /* Allocate and initialize keypair of user A */
5570
5571 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5572 ta_crypt_cmd_allocate_transient_object(c, &session,
5573 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyA)))
5574 goto out;
5575
5576 param_count = 0;
5577
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5578 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5579 ARRAY(gmt_003_part5_b2_public_xA));
5580
5581 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5582 ARRAY(gmt_003_part5_b2_public_yA));
5583
5584 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5585 ARRAY(gmt_003_part5_b2_private_A));
5586
5587 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5588 ta_crypt_cmd_populate_transient_object(c, &session, keyA,
5589 params, param_count)))
5590 goto out;
5591
5592 /*
5593 * Allocate and set ephemeral key of user A. Note: it is a regular ECC
5594 * key -- we don't use the *_EPHEMERAL_* attributes flags which are
5595 * reserved for use in TEE_DeriveKey() to pass the ephermeral key of
5596 * user B.
5597 */
5598
5599 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5600 ta_crypt_cmd_allocate_transient_object(c, &session,
5601 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyA)))
5602 goto out;
5603
5604 param_count = 0;
5605
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5606 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5607 ARRAY(gmt_003_part5_b2_eph_public_xA));
5608
5609 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5610 ARRAY(gmt_003_part5_b2_eph_public_yA));
5611
5612 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5613 ARRAY(gmt_003_part5_b2_eph_private_A));
5614
5615 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5616 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyA,
5617 params, param_count)))
5618 goto out;
5619
5620 /* Associate user A keys with operation */
5621
5622 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5623 ta_crypt_cmd_set_operation_key2(c, &session, op, keyA,
5624 eph_keyA)))
5625 goto out;
5626
5627 /* Keys have been set, free key objects */
5628
5629 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5630 ta_crypt_cmd_free_transient_object(c, &session, keyA)))
5631 goto out;
5632
5633 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5634 ta_crypt_cmd_free_transient_object(c, &session, eph_keyA)))
5635 goto out;
5636
5637 /* Allocate output object */
5638
5639 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5640 ta_crypt_cmd_allocate_transient_object(c, &session,
5641 TEE_TYPE_GENERIC_SECRET,
5642 sizeof(gmt_003_part5_b2_shared_secret),
5643 &sv_handle)))
5644 goto out;
5645
5646 /* Set key derivation parameters: user A role, user B information */
5647
5648 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5649 params[0].content.value.a = 0; /* Initiator role */
5650 params[0].content.value.b = 0; /* Not used */
5651 param_count = 1;
5652
5653 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5654 ARRAY(gmt_003_part5_b2_public_xB));
5655
5656 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5657 ARRAY(gmt_003_part5_b2_public_yB));
5658
5659 xtest_add_attr(&param_count, params,
5660 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5661 ARRAY(gmt_003_part5_b2_eph_public_xB));
5662
5663 xtest_add_attr(&param_count, params,
5664 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5665 ARRAY(gmt_003_part5_b2_eph_public_yB));
5666
5667 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5668 ARRAY(gmt_003_part5_b2_id_A));
5669
5670 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5671 ARRAY(gmt_003_part5_b2_id_B));
5672
5673 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5674 ARRAY(gmt_003_part5_b2_conf_B));
5675
5676 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5677 ARRAY(conf_A));
5678
5679 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5680 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5681 param_count)))
5682 goto out;
5683
5684 out_size = sizeof(out);
5685 memset(out, 0, sizeof(out));
5686 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5687 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5688 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5689 goto out;
5690
5691 /* Check derived key */
5692 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5693 sizeof(gmt_003_part5_b2_shared_secret), out,
5694 out_size))
5695 goto out;
5696
5697 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5698 ta_crypt_cmd_free_operation(c, &session, op)))
5699 goto out;
5700
5701 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5702 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5703 goto out;
5704
5705 Do_ADBG_EndSubCase(c, "Initiator side");
5706
5707 Do_ADBG_BeginSubCase(c, "Responder side");
5708
5709 /*
5710 * Key derivation on user B's side
5711 */
5712
5713 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5714 ta_crypt_cmd_allocate_operation(c, &session, &op,
5715 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5716 goto out;
5717
5718 /* Allocate and initialize keypair of user B */
5719
5720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5721 ta_crypt_cmd_allocate_transient_object(c, &session,
5722 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyB)))
5723 goto out;
5724
5725 param_count = 0;
5726
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5727 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5728 ARRAY(gmt_003_part5_b2_public_xB));
5729
5730 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5731 ARRAY(gmt_003_part5_b2_public_yB));
5732
5733 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5734 ARRAY(gmt_003_part5_b2_private_B));
5735
5736 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5737 ta_crypt_cmd_populate_transient_object(c, &session, keyB,
5738 params, param_count)))
5739 goto out;
5740
5741 /* Allocate and set ephemeral key of user B */
5742
5743 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5744 ta_crypt_cmd_allocate_transient_object(c, &session,
5745 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyB)))
5746 goto out;
5747
5748 param_count = 0;
5749
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5750 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5751 ARRAY(gmt_003_part5_b2_eph_public_xB));
5752
5753 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5754 ARRAY(gmt_003_part5_b2_eph_public_yB));
5755
5756 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5757 ARRAY(gmt_003_part5_b2_eph_private_B));
5758
5759 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5760 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyB,
5761 params, param_count)))
5762 goto out;
5763
5764 /* Associate user B keys with operation */
5765
5766 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5767 ta_crypt_cmd_set_operation_key2(c, &session, op, keyB,
5768 eph_keyB)))
5769 goto out;
5770
5771 /* Keys have been set, free key objects */
5772
5773 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5774 ta_crypt_cmd_free_transient_object(c, &session, keyB)))
5775 goto out;
5776
5777 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5778 ta_crypt_cmd_free_transient_object(c, &session, eph_keyB)))
5779 goto out;
5780
5781 /* Allocate output object */
5782
5783 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5784 ta_crypt_cmd_allocate_transient_object(c, &session,
5785 TEE_TYPE_GENERIC_SECRET,
5786 sizeof(gmt_003_part5_b2_shared_secret),
5787 &sv_handle)))
5788 goto out;
5789
5790 /* Set key derivation parameters: user B role, user A information */
5791
5792 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5793 params[0].content.value.a = 1; /* Responder role */
5794 params[0].content.value.b = 0; /* Not used */
5795 param_count = 1;
5796
5797 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5798 ARRAY(gmt_003_part5_b2_public_xA));
5799
5800 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5801 ARRAY(gmt_003_part5_b2_public_yA));
5802
5803 xtest_add_attr(&param_count, params,
5804 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5805 ARRAY(gmt_003_part5_b2_eph_public_xA));
5806
5807 xtest_add_attr(&param_count, params,
5808 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5809 ARRAY(gmt_003_part5_b2_eph_public_yA));
5810
5811 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5812 ARRAY(gmt_003_part5_b2_id_A));
5813
5814 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5815 ARRAY(gmt_003_part5_b2_id_B));
5816
5817 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5818 ARRAY(gmt_003_part5_b2_conf_A));
5819
5820 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5821 ARRAY(conf_B));
5822
5823 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5824 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5825 param_count)))
5826 goto out;
5827
5828 out_size = sizeof(out);
5829 memset(out, 0, sizeof(out));
5830 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5831 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5832 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5833 goto out;
5834
5835 /* Check derived key */
5836 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5837 sizeof(gmt_003_part5_b2_shared_secret), out,
5838 out_size))
5839 goto out;
5840
5841 Do_ADBG_EndSubCase(c, "Responder side");
5842
5843out:
5844 TEEC_CloseSession(&session);
5845}
5846ADBG_CASE_DEFINE(regression, 4014, xtest_tee_test_4014,
5847 "Test SM2 KEP (key derivation)");
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]5848
5849static void xtest_tee_test_4015(ADBG_Case_t *c)
5850{
5851 TEEC_Session session = { };
5852 uint32_t ret_orig = 0;
5853 TEE_OperationHandle op = TEE_HANDLE_NULL;
5854 TEE_ObjectHandle key_alice = TEE_HANDLE_NULL;
5855 TEE_ObjectHandle key_bob = TEE_HANDLE_NULL;
5856 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5857 TEE_Attribute params[2] = { };
5858 size_t param_count = 0;
5859 uint8_t out[32] = { };
5860 size_t out_size = 0;
5861 char case_str[40] = "Alice side computes shared secret";
5862
5863 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5864 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5865 &ret_orig)))
5866 return;
5867
5868 Do_ADBG_BeginSubCase(c, "%s", case_str);
5869
5870 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_X25519,
5871 TEE_ECC_CURVE_25519)) {
5872 Do_ADBG_Log("X25519 not supported: skip subcase");
5873 goto out;
5874 }
5875
5876 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5877 ta_crypt_cmd_allocate_operation(c, &session, &op,
5878 TEE_ALG_X25519, TEE_MODE_DERIVE, 256)))
5879 goto out;
5880
5881 /* Allocate and initialize keypair of Alice */
5882 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5883 ta_crypt_cmd_allocate_transient_object(c, &session,
5884 TEE_TYPE_X25519_KEYPAIR, 256, &key_alice)))
5885 goto out;
5886
5887 param_count = 0;
5888
5889 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
5890 ARRAY(x25519_alice_public));
5891
5892 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PRIVATE_VALUE,
5893 ARRAY(x25519_alice_private));
5894
5895 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5896 ta_crypt_cmd_populate_transient_object(c, &session,
5897 key_alice, params, param_count)))
5898 goto out;
5899
5900 /* Associate Alices's keys with operation */
5901 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5902 ta_crypt_cmd_set_operation_key(c, &session, op,
5903 key_alice)))
5904 goto out;
5905
5906 /* Keys have been set, free key objects */
5907 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5908 ta_crypt_cmd_free_transient_object(c, &session,
5909 key_alice)))
5910 goto out;
5911
5912 /* Allocate shared secret output object */
5913 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5914 ta_crypt_cmd_allocate_transient_object(c, &session,
5915 TEE_TYPE_GENERIC_SECRET,
5916 sizeof(x25519_shared_secret), &sv_handle)))
5917 goto out;
5918
5919 /* Reset params */
5920 param_count = 0;
5921
5922 /* Set Bob's public key for Alice side */
5923 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
5924 ARRAY(x25519_bob_public));
5925
5926 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5927 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
5928 params, param_count)))
5929 goto out;
5930
5931 out_size = sizeof(out);
5932 memset(out, 0, sizeof(out));
5933 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5934 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
5935 sv_handle, TEE_ATTR_SECRET_VALUE, out,
5936 &out_size)))
5937 goto out;
5938
5939 /* Check derived key */
5940 if (!ADBG_EXPECT_BUFFER(c, x25519_shared_secret,
5941 sizeof(x25519_shared_secret), out,
5942 out_size))
5943 goto out;
5944
5945 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5946 ta_crypt_cmd_free_operation(c, &session, op)))
5947 goto out;
5948
5949 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5950 ta_crypt_cmd_free_transient_object(c, &session,
5951 sv_handle)))
5952 goto out;
5953
5954 Do_ADBG_EndSubCase(c, "%s", case_str);
5955
5956 strncpy(case_str, "Bob side computes shared secret",
5957 sizeof(case_str) - 1);
5958
5959 Do_ADBG_BeginSubCase(c, "%s", case_str);
5960
5961 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5962 ta_crypt_cmd_allocate_operation(c, &session, &op,
5963 TEE_ALG_X25519, TEE_MODE_DERIVE, 256)))
5964 goto out;
5965
5966 /* Allocate and initialize keypair of Bob */
5967 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5968 ta_crypt_cmd_allocate_transient_object(c, &session,
5969 TEE_TYPE_X25519_KEYPAIR, 256, &key_bob)))
5970 goto out;
5971
5972 /* Reset params */
5973 param_count = 0;
5974
5975 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
5976 ARRAY(x25519_bob_public));
5977
5978 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PRIVATE_VALUE,
5979 ARRAY(x25519_bob_private));
5980
5981 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5982 ta_crypt_cmd_populate_transient_object(c, &session,
5983 key_bob, params, param_count)))
5984 goto out;
5985
5986 /* Associate Bob's keys with operation */
5987 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5988 ta_crypt_cmd_set_operation_key(c, &session, op,
5989 key_bob)))
5990 goto out;
5991
5992 /* Keys have been set, free key objects */
5993 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5994 ta_crypt_cmd_free_transient_object(c, &session,
5995 key_bob)))
5996 goto out;
5997
5998 /* Allocate shared secret output object */
5999 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6000 ta_crypt_cmd_allocate_transient_object(c, &session,
6001 TEE_TYPE_GENERIC_SECRET,
6002 sizeof(x25519_shared_secret), &sv_handle)))
6003 goto out;
6004
6005 /* Reset params */
6006 param_count = 0;
6007
6008 /* Set Alice's public key for Bob side */
6009 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
6010 ARRAY(x25519_alice_public));
6011
6012 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6013 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
6014 params, param_count)))
6015 goto out;
6016
6017 out_size = sizeof(out);
6018 memset(out, 0, sizeof(out));
6019 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6020 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
6021 sv_handle, TEE_ATTR_SECRET_VALUE, out,
6022 &out_size)))
6023 goto out;
6024
6025 /* Check derived key */
6026 if (!ADBG_EXPECT_BUFFER(c, x25519_shared_secret,
6027 sizeof(x25519_shared_secret), out,
6028 out_size))
6029 goto out;
6030
6031 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6032 ta_crypt_cmd_free_operation(c, &session, op)))
6033 goto out;
6034
6035 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6036 ta_crypt_cmd_free_transient_object(c, &session,
6037 sv_handle)))
6038 goto out;
6039
6040out:
6041 Do_ADBG_EndSubCase(c, "%s", case_str);
6042 TEEC_CloseSession(&session);
6043}
6044ADBG_CASE_DEFINE(regression, 4015, xtest_tee_test_4015,
6045 "Test TEE Internal API Derive key X25519");
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]6046
6047static void xtest_tee_test_4016_ed25519(ADBG_Case_t *c)
6048{
6049 TEEC_Session session = { };
6050 TEE_OperationHandle op = TEE_HANDLE_NULL;
6051 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
6052 TEE_Attribute key_attrs[2] = { };
6053 size_t num_key_attrs = 0;
6054 TEE_Attribute attrs[2] = { };
6055 size_t num_attrs = 0;
6056 uint8_t out[64] = { };
6057 size_t out_size = sizeof(out);
6058 size_t n = 0;
6059 uint32_t ret_orig = 0;
6060 size_t max_key_size = 0;
6061
6062 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6063 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
6064 NULL, &ret_orig)))
6065 return;
6066
6067 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_ED25519,
6068 TEE_ECC_CURVE_25519)) {
6069 Do_ADBG_Log("ED25519 not supported: skip subcase");
6070 goto out;
6071 }
6072
6073 for (n = 0; n < ARRAY_SIZE(xtest_ac_eddsa_cases); n++) {
6074 const struct xtest_ac_case *tv = xtest_ac_eddsa_cases + n;
6075
6076 if (tv->algo != TEE_ALG_ED25519)
6077 continue;
6078
6079 num_attrs = 0;
6080 num_key_attrs = 0;
6081 max_key_size = tv->params.eddsa.private_len * 8;
6082
6083 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6084 ta_crypt_cmd_allocate_operation(c, &session, &op,
6085 TEE_ALG_ED25519, tv->mode, max_key_size)))
6086 goto out;
6087
6088 xtest_add_attr(&num_key_attrs, key_attrs,
6089 TEE_ATTR_ED25519_PUBLIC_VALUE,
6090 tv->params.eddsa.public,
6091 tv->params.eddsa.public_len);
6092
6093 if (tv->params.eddsa.flag == 1)
Jens Wiklander7596bd32022-12-02 15:43:37 +0100[diff] [blame]6094 xtest_add_attr_value(&num_attrs, attrs,
6095 TEE_ATTR_EDDSA_PREHASH, 1, 0);
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]6096
6097 if (tv->params.eddsa.context_len > 0)
6098 xtest_add_attr(&num_attrs, attrs, TEE_ATTR_EDDSA_CTX,
6099 tv->params.eddsa.context,
6100 tv->params.eddsa.context_len);
6101
6102 switch (tv->mode) {
6103 case TEE_MODE_SIGN:
6104 xtest_add_attr(&num_key_attrs, key_attrs,
6105 TEE_ATTR_ED25519_PRIVATE_VALUE,
6106 tv->params.eddsa.private,
6107 tv->params.eddsa.private_len);
6108
6109 if (!ADBG_EXPECT_TRUE(c,
6110 create_key(c, &session, max_key_size,
6111 TEE_TYPE_ED25519_KEYPAIR,
6112 key_attrs, num_key_attrs,
6113 &key_handle)))
6114 goto out;
6115
6116 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6117 ta_crypt_cmd_set_operation_key(c,
6118 &session, op, key_handle)))
6119 goto out;
6120
6121 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6122 ta_crypt_cmd_asymmetric_sign(c,
6123 &session, op,
6124 attrs, num_attrs, tv->ptx,
6125 tv->ptx_len, out, &out_size)))
6126 goto out;
6127
6128 ADBG_EXPECT_BUFFER(c, tv->ctx, tv->ctx_len, out, out_size);
6129
6130 break;
6131
6132 case TEE_MODE_VERIFY:
6133 if (!ADBG_EXPECT_TRUE(c,
6134 create_key(c, &session, max_key_size,
6135 TEE_TYPE_ED25519_PUBLIC_KEY,
6136 key_attrs, num_key_attrs,
6137 &key_handle)))
6138 goto out;
6139
6140 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6141 ta_crypt_cmd_set_operation_key(c,
6142 &session, op, key_handle)))
6143 goto out;
6144
6145 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6146 ta_crypt_cmd_asymmetric_verify(c, &session, op,
6147 attrs, num_attrs,
6148 tv->ptx,
6149 tv->ptx_len,
6150 tv->ctx,
6151 tv->ctx_len)))
6152 goto out;
6153 break;
6154
6155 default:
6156 break;
6157 }
6158
6159 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
6160 ta_crypt_cmd_free_operation(c, &session, op)))
6161 goto out;
6162 }
6163out:
6164 TEEC_CloseSession(&session);
6165}
Jens Wiklander7b70ff82022-12-02 20:59:32 +0100[diff] [blame]6166ADBG_CASE_DEFINE(regression, 4016, xtest_tee_test_4016_ed25519,
Valerii Chubarab9863c2022-08-12 07:42:29 +0000[diff] [blame]6167 "Test TEE Internal API ED25519 sign/verify");