TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 21b347a3d75fd52fd49130e75c962c5b56123d2f / . / host / xtest / regression_4000.c
blob: a6527c3b1b76cea987d136f12cf2d408242aae40 [file] [log] [blame]
Etienne Carriere9b7b70d2020-05-16 10:27:23 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2/*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]4 * Copyright (c) 2021, SumUp Services GmbH
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5 */
6
7#include <stdio.h>
8#include <string.h>
9#include <inttypes.h>
10#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]11#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]12
13#include "xtest_test.h"
14#include "xtest_helpers.h"
15
16#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]17#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]18#include <ta_crypt.h>
19#include <utee_defines.h>
20#include <util.h>
21
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]22#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]23#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]24
25#include <assert.h>
26
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]27static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
28 TEE_OperationHandle oph)
29{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]30 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]32 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]33
34 assert((uintptr_t)oph <= UINT32_MAX);
35 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
36 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
37 TEEC_NONE);
38 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
39 &ret_orig);
40 if (res != TEEC_SUCCESS) {
41 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
42 ret_orig);
43 }
44 return res;
45}
46
47static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
48 TEEC_Session *s,
49 TEE_OperationHandle dst_oph,
50 TEE_OperationHandle src_oph)
51{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]52 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]53 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]54 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]55
56 assert((uintptr_t)dst_oph <= UINT32_MAX);
57 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
58
59 assert((uintptr_t)src_oph <= UINT32_MAX);
60 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
61 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
62 TEEC_NONE);
63
64 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
65 &ret_orig);
66
67 if (res != TEEC_SUCCESS) {
68 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
69 ret_orig);
70 }
71 return res;
72}
73
74static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
75 TEE_OperationHandle oph,
76 const void *chunk,
77 size_t chunk_size)
78{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]79 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]80 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]81 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]82
83 assert((uintptr_t)oph <= UINT32_MAX);
84 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
85 op.params[1].tmpref.buffer = (void *)chunk;
86 op.params[1].tmpref.size = chunk_size;
87
88 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
89 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
90 TEEC_NONE);
91
92 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
93
94 if (res != TEEC_SUCCESS) {
95 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
96 ret_orig);
97 }
98
99 return res;
100}
101
102static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
103 TEE_OperationHandle oph,
104 const void *chunk,
105 size_t chunk_len, void *hash,
106 size_t *hash_len)
107{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]108 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]109 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]110 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]111
112 assert((uintptr_t)oph <= UINT32_MAX);
113 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
114
115 op.params[1].tmpref.buffer = (void *)chunk;
116 op.params[1].tmpref.size = chunk_len;
117
118 op.params[2].tmpref.buffer = (void *)hash;
119 op.params[2].tmpref.size = *hash_len;
120
121 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
122 TEEC_MEMREF_TEMP_INPUT,
123 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
124
125 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
126 &ret_orig);
127
128 if (res != TEEC_SUCCESS) {
129 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
130 ret_orig);
131 }
132
133 if (res == TEEC_SUCCESS)
134 *hash_len = op.params[2].tmpref.size;
135
136 return res;
137}
138
139static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
140 TEEC_Session *s,
141 TEE_OperationHandle oph,
142 TEE_ObjectHandle key1,
143 TEE_ObjectHandle key2)
144{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]145 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]146 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]147 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]148
149 assert((uintptr_t)oph <= UINT32_MAX);
150 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
151
152 assert((uintptr_t)key1 <= UINT32_MAX);
153 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
154
155 assert((uintptr_t)key2 <= UINT32_MAX);
156 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
157 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
158 TEEC_NONE, TEEC_NONE);
159
160 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
161 &ret_orig);
162
163 if (res != TEEC_SUCCESS) {
164 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
165 ret_orig);
166 }
167
168 return res;
169}
170
171static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
172 TEE_OperationHandle oph,
173 const void *iv, size_t iv_len)
174{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]175 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]176 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]177 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]178
179 assert((uintptr_t)oph <= UINT32_MAX);
180 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
181
182 if (iv != NULL) {
183 op.params[1].tmpref.buffer = (void *)iv;
184 op.params[1].tmpref.size = iv_len;
185 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
186 TEEC_MEMREF_TEMP_INPUT,
187 TEEC_NONE, TEEC_NONE);
188 } else {
189 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
190 TEEC_NONE, TEEC_NONE);
191 }
192
193 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
194
195 if (res != TEEC_SUCCESS) {
196 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
197 ret_orig);
198 }
199
200 return res;
201}
202
203static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
204 TEE_OperationHandle oph,
205 const void *chunk, size_t chunk_size)
206{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]207 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]208 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]209 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]210
211 assert((uintptr_t)oph <= UINT32_MAX);
212 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
213
214 op.params[1].tmpref.buffer = (void *)chunk;
215 op.params[1].tmpref.size = chunk_size;
216
217 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
218 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
219 TEEC_NONE);
220
221 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
222
223 if (res != TEEC_SUCCESS) {
224 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
225 ret_orig);
226 }
227
228 return res;
229}
230
231static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
232 TEEC_Session *s,
233 TEE_OperationHandle oph,
234 const void *chunk,
235 size_t chunk_len,
236 void *hash,
237 size_t *hash_len)
238{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]239 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]240 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]241 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]242
243 assert((uintptr_t)oph <= UINT32_MAX);
244 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
245
246 op.params[1].tmpref.buffer = (void *)chunk;
247 op.params[1].tmpref.size = chunk_len;
248
249 op.params[2].tmpref.buffer = (void *)hash;
250 op.params[2].tmpref.size = *hash_len;
251
252 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
253 TEEC_MEMREF_TEMP_INPUT,
254 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
255
256 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
257 &ret_orig);
258
259 if (res != TEEC_SUCCESS) {
260 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
261 ret_orig);
262 }
263
264 if (res == TEEC_SUCCESS)
265 *hash_len = op.params[2].tmpref.size;
266
267 return res;
268}
269
270static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
271 TEE_OperationHandle oph,
272 const void *iv, size_t iv_len)
273{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]274 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]275 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]276 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]277
278 assert((uintptr_t)oph <= UINT32_MAX);
279 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
280
281 if (iv != NULL) {
282 op.params[1].tmpref.buffer = (void *)iv;
283 op.params[1].tmpref.size = iv_len;
284
285 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
286 TEEC_MEMREF_TEMP_INPUT,
287 TEEC_NONE, TEEC_NONE);
288 } else {
289 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
290 TEEC_NONE, TEEC_NONE);
291 }
292
293 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
294
295 if (res != TEEC_SUCCESS) {
296 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
297 ret_orig);
298 }
299
300 return res;
301}
302
303static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
304 TEE_OperationHandle oph,
305 const void *src, size_t src_len,
306 void *dst, size_t *dst_len)
307{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]308 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]309 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]310 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]311
312 assert((uintptr_t)oph <= UINT32_MAX);
313 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
314
315 op.params[1].tmpref.buffer = (void *)src;
316 op.params[1].tmpref.size = src_len;
317
318 op.params[2].tmpref.buffer = dst;
319 op.params[2].tmpref.size = *dst_len;
320
321 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
322 TEEC_MEMREF_TEMP_INPUT,
323 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
324
325 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
326
327 if (res != TEEC_SUCCESS) {
328 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
329 ret_orig);
330 }
331
332 if (res == TEEC_SUCCESS)
333 *dst_len = op.params[2].tmpref.size;
334
335 return res;
336}
337
338static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
339 TEEC_Session *s,
340 TEE_OperationHandle oph,
341 const void *src,
342 size_t src_len,
343 void *dst,
344 size_t *dst_len)
345{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]346 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]347 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]348 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]349
350 assert((uintptr_t)oph <= UINT32_MAX);
351 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
352
353 op.params[1].tmpref.buffer = (void *)src;
354 op.params[1].tmpref.size = src_len;
355
356 op.params[2].tmpref.buffer = (void *)dst;
357 op.params[2].tmpref.size = *dst_len;
358
359 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
360 TEEC_MEMREF_TEMP_INPUT,
361 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
362
363 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
364 &ret_orig);
365
366 if (res != TEEC_SUCCESS) {
367 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
368 ret_orig);
369 }
370
371 if (res == TEEC_SUCCESS)
372 *dst_len = op.params[2].tmpref.size;
373
374 return res;
375}
376
377static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
378 TEEC_Session *s,
379 void *buf,
380 size_t blen)
381{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]382 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]383 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]384 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]385
386 op.params[0].tmpref.buffer = buf;
387 op.params[0].tmpref.size = blen;
388
389 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
390 TEEC_NONE, TEEC_NONE);
391
Joakim Bech81f97e32020-05-27 12:14:23 +0200[diff] [blame]392 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE, &op,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]393 &ret_orig);
394
395 if (res != TEEC_SUCCESS) {
396 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
397 ret_orig);
398 }
399
400 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
401 op.params[0].tmpref.size);
402 return res;
403}
404
405static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
406 TEE_OperationHandle oph,
407 const void *nonce, size_t nonce_len,
408 size_t tag_len, size_t aad_len,
409 size_t payload_len)
410{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]411 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]412 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]413 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]414
415 assert((uintptr_t)oph <= UINT32_MAX);
416 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
417 op.params[0].value.b = tag_len;
418
419 op.params[1].tmpref.buffer = (void *)nonce;
420 op.params[1].tmpref.size = nonce_len;
421
422 op.params[2].value.a = aad_len;
423 op.params[2].value.b = payload_len;
424
425 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
426 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]427 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]428
429 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
430
431 if (res != TEEC_SUCCESS) {
432 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
433 ret_orig);
434 }
435 return res;
436}
437
438static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
439 TEE_OperationHandle oph,
440 const void *aad, size_t aad_len)
441{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]442 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]443 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]444 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]445
446 assert((uintptr_t)oph <= UINT32_MAX);
447 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
448
449 op.params[1].tmpref.buffer = (void *)aad;
450 op.params[1].tmpref.size = aad_len;
451
452 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
453 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
454 TEEC_NONE);
455
456 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
457
458 if (res != TEEC_SUCCESS) {
459 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
460 ret_orig);
461 }
462
463 return res;
464}
465
466static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
467 TEEC_Session *s,
468 TEE_OperationHandle oph,
469 const void *src,
470 size_t src_len,
471 void *dst,
472 size_t *dst_len)
473{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]474 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]475 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]476 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]477
478 assert((uintptr_t)oph <= UINT32_MAX);
479 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
480
481 op.params[1].tmpref.buffer = (void *)src;
482 op.params[1].tmpref.size = src_len;
483
484 op.params[2].tmpref.buffer = (void *)dst;
485 op.params[2].tmpref.size = *dst_len;
486
487 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
488 TEEC_MEMREF_TEMP_INPUT,
489 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
490
491 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
492
493 if (res != TEEC_SUCCESS) {
494 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
495 ret_orig);
496 }
497
498 if (res == TEEC_SUCCESS)
499 *dst_len = op.params[2].tmpref.size;
500
501 return res;
502}
503
504static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
505 TEEC_Session *s,
506 TEE_OperationHandle oph,
507 const void *src,
508 size_t src_len, void *dst,
509 size_t *dst_len, void *tag,
510 size_t *tag_len)
511{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]512 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]513 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]514 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]515
516 assert((uintptr_t)oph <= UINT32_MAX);
517 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
518
519 op.params[1].tmpref.buffer = (void *)src;
520 op.params[1].tmpref.size = src_len;
521
522 op.params[2].tmpref.buffer = (void *)dst;
523 op.params[2].tmpref.size = *dst_len;
524
525 op.params[3].tmpref.buffer = (void *)tag;
526 op.params[3].tmpref.size = *tag_len;
527
528 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
529 TEEC_MEMREF_TEMP_INPUT,
530 TEEC_MEMREF_TEMP_OUTPUT,
531 TEEC_MEMREF_TEMP_OUTPUT);
532
533 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
534 &ret_orig);
535
536 if (res != TEEC_SUCCESS) {
537 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
538 ret_orig);
539 }
540
541 if (res == TEEC_SUCCESS) {
542 *dst_len = op.params[2].tmpref.size;
543 *tag_len = op.params[3].tmpref.size;
544 }
545
546 return res;
547}
548
549static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
550 TEEC_Session *s,
551 TEE_OperationHandle oph,
552 const void *src, size_t src_len,
553 void *dst, size_t *dst_len,
554 const void *tag, size_t tag_len)
555{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]556 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]557 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]558 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]559
560 assert((uintptr_t)oph <= UINT32_MAX);
561 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
562
563 op.params[1].tmpref.buffer = (void *)src;
564 op.params[1].tmpref.size = src_len;
565
566 op.params[2].tmpref.buffer = dst;
567 op.params[2].tmpref.size = *dst_len;
568
569 op.params[3].tmpref.buffer = (void *)tag;
570 op.params[3].tmpref.size = tag_len;
571
572 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
573 TEEC_MEMREF_TEMP_INPUT,
574 TEEC_MEMREF_TEMP_OUTPUT,
575 TEEC_MEMREF_TEMP_INPUT);
576
577 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
578 &ret_orig);
579
580 if (res != TEEC_SUCCESS) {
581 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
582 ret_orig);
583 }
584
585 if (res == TEEC_SUCCESS)
586 *dst_len = op.params[2].tmpref.size;
587
588 return res;
589}
590
591static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
592 TEEC_Session *s,
593 TEE_OperationHandle oph,
594 uint32_t cmd,
595 const TEE_Attribute *params,
596 uint32_t paramCount,
597 const void *src,
598 size_t src_len,
599 void *dst,
600 size_t *dst_len)
601{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]602 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]603 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]604 uint32_t ret_orig = 0;
605 uint8_t *buf = NULL;
606 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]607
608 res = pack_attrs(params, paramCount, &buf, &blen);
609 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
610 return res;
611
612 assert((uintptr_t)oph <= UINT32_MAX);
613 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
614
615 op.params[1].tmpref.buffer = buf;
616 op.params[1].tmpref.size = blen;
617
618 op.params[2].tmpref.buffer = (void *)src;
619 op.params[2].tmpref.size = src_len;
620
621 op.params[3].tmpref.buffer = dst;
622 op.params[3].tmpref.size = *dst_len;
623
624 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
625 TEEC_MEMREF_TEMP_INPUT,
626 TEEC_MEMREF_TEMP_INPUT,
627 TEEC_MEMREF_TEMP_OUTPUT);
628
629 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
630
631 if (res != TEEC_SUCCESS) {
632 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
633 ret_orig);
634 }
635
636 if (res == TEEC_SUCCESS)
637 *dst_len = op.params[3].tmpref.size;
638
639 free(buf);
640 return res;
641}
642
643static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
644 TEEC_Session *s,
645 TEE_OperationHandle oph,
646 const TEE_Attribute *params,
647 uint32_t paramCount,
648 const void *src,
649 size_t src_len,
650 void *dst,
651 size_t *dst_len)
652{
653 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
654 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
655 params, paramCount,
656 src, src_len, dst, dst_len);
657}
658
659static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
660 TEEC_Session *s,
661 TEE_OperationHandle oph,
662 const TEE_Attribute *params,
663 uint32_t paramCount,
664 const void *src,
665 size_t src_len,
666 void *dst,
667 size_t *dst_len)
668{
669 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
670 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
671 params, paramCount,
672 src, src_len, dst, dst_len);
673}
674
675static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
676 TEEC_Session *s,
677 TEE_OperationHandle oph,
678 const TEE_Attribute *params,
679 uint32_t paramCount,
680 const void *digest,
681 size_t digest_len,
682 void *signature,
683 size_t *signature_len)
684{
685 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
686 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
687 digest, digest_len, signature, signature_len);
688}
689
690static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
691 TEEC_Session *s,
692 TEE_OperationHandle oph,
693 const TEE_Attribute *params,
694 uint32_t paramCount,
695 const void *digest,
696 size_t digest_len,
697 const void *signature,
698 size_t signature_len)
699{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]700 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]701 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]702 uint32_t ret_orig = 0;
703 uint8_t *buf = NULL;
704 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]705
706 res = pack_attrs(params, paramCount, &buf, &blen);
707 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
708 return res;
709
710 assert((uintptr_t)oph <= UINT32_MAX);
711 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
712
713 op.params[1].tmpref.buffer = buf;
714 op.params[1].tmpref.size = blen;
715
716 op.params[2].tmpref.buffer = (void *)digest;
717 op.params[2].tmpref.size = digest_len;
718
719 op.params[3].tmpref.buffer = (void *)signature;
720 op.params[3].tmpref.size = signature_len;
721
722 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
723 TEEC_MEMREF_TEMP_INPUT,
724 TEEC_MEMREF_TEMP_INPUT,
725 TEEC_MEMREF_TEMP_INPUT);
726
727 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
728 &op, &ret_orig);
729
730 if (res != TEEC_SUCCESS) {
731 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
732 ret_orig);
733 }
734
735 free(buf);
736 return res;
737}
738
739static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
740 TEEC_Session *s,
741 TEE_ObjectHandle o,
742 uint32_t attr_id,
743 uint32_t *valuea,
744 uint32_t *valueb)
745{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]746 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]747 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]748 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]749
750 assert((uintptr_t)o <= UINT32_MAX);
751 op.params[0].value.a = (uint32_t)(uintptr_t)o;
752 op.params[0].value.b = attr_id;
753 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
754 TEEC_NONE, TEEC_NONE);
755
756 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
757 &op, &ret_orig);
758
759 if (res != TEEC_SUCCESS) {
760 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
761 ret_orig);
762 }
763
764 if (res == TEEC_SUCCESS) {
765 *valuea = op.params[1].value.a;
766 *valueb = op.params[1].value.b;
767 }
768
769 return res;
770}
771
772static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
773 TEEC_Session *s,
774 TEE_ObjectHandle o,
775 uint32_t key_size,
776 const TEE_Attribute *params,
777 uint32_t paramCount)
778{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]779 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]780 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]781 uint32_t ret_orig = 0;
782 uint8_t *buf = NULL;
783 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]784
785 res = pack_attrs(params, paramCount, &buf, &blen);
786 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
787 return res;
788
789 assert((uintptr_t)o <= UINT32_MAX);
790 op.params[0].value.a = (uint32_t)(uintptr_t)o;
791 op.params[0].value.b = key_size;
792
793 op.params[1].tmpref.buffer = buf;
794 op.params[1].tmpref.size = blen;
795
796 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
797 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
798 TEEC_NONE);
799
800 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
801
802 if (res != TEEC_SUCCESS) {
803 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
804 ret_orig);
805 }
806
807 free(buf);
808 return res;
809}
810
811static const uint8_t hash_data_md5_in1[] = {
812 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
813};
814
815static const uint8_t hash_data_md5_out1[] = {
816 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
817 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
818};
819
820static const uint8_t hash_data_sha1_in1[] = {
821 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
822};
823
824static const uint8_t hash_data_sha1_out1[] = {
825 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
826 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
827 0xc1, 0x5e, 0x7c, 0x9c
828};
829
830static const uint8_t hash_data_sha224_in1[] = {
831 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
832};
833
834static const uint8_t hash_data_sha224_out1[] = {
835 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
836 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
837 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
838 0x92, 0x49, 0xd8, 0x44
839};
840
841static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
842
843static const uint8_t hash_data_sha256_out1[] = {
844 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
845 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
846 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
847 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
848};
849
850static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
851
852static const uint8_t hash_data_sha256_out2[] = {
853 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
854 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
855 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
856 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
857};
858
859
860static const uint8_t hash_data_sha384_in1[] = {
861 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
862};
863
864static const uint8_t hash_data_sha384_out1[] = {
865 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
866 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
867 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
868 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
869 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
870 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
871};
872
873static const uint8_t hash_data_sha512_in1[] = {
874 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
875};
876
877static const uint8_t hash_data_sha512_out1[] = {
878 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
879 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
880 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
881 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
882 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
883 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
884 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
885 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
886};
887
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]888/*
889 * SM3
890 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]891 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]892 */
893static const uint8_t hash_data_sm3_a1_in[3] = "abc";
894
895static const uint8_t hash_data_sm3_a1_out[] = {
896 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
897 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
898 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
899 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
900};
901
902/*
903 * SM3
904 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]905 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]906 */
907static const uint8_t hash_data_sm3_a2_in[] = {
908 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
909 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
910 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
911 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
912 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
913 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
914 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
915 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
916};
917
918static const uint8_t hash_data_sm3_a2_out[] = {
919 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
920 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
921 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
922 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
923};
924
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]925struct xtest_hash_case {
926 uint32_t algo;
927 size_t in_incr;
928 const uint8_t *in;
929 size_t in_len;
930 const uint8_t *out;
931 size_t out_len;
932};
933
934#define XTEST_HASH_CASE(algo, in_incr, in, out) \
935 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
936
937static const struct xtest_hash_case hash_cases[] = {
938 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
939 hash_data_md5_out1),
940 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
941 hash_data_sha1_out1),
942 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
943 hash_data_sha224_out1),
944 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
945 hash_data_sha256_out1),
946 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
947 hash_data_sha256_out2),
948 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
949 hash_data_sha384_out1),
950 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
951 hash_data_sha512_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]952 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
953 hash_data_sm3_a1_out),
954 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
955 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]956};
957
958static void xtest_tee_test_4001(ADBG_Case_t *c)
959{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]960 TEEC_Session session = { };
961 uint32_t ret_orig = 0;
962 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]963
964 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
965 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
966 &ret_orig)))
967 return;
968
969
970 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]971 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
972 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
973 uint8_t out[64] = { };
974 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]975
Jerome Forissier87b00c02020-01-22 16:33:12 +0100[diff] [blame]976 if (hash_cases[n].algo == TEE_ALG_SM3 &&
977 !ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM3,
978 TEE_CRYPTO_ELEMENT_NONE)) {
979 Do_ADBG_Log("SM3 not supported: skip subcase");
980 continue;
981 }
982
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]983 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
984 (int)n, (unsigned int)hash_cases[n].algo);
985
986 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
987 ta_crypt_cmd_allocate_operation(c, &session, &op1,
988 hash_cases[n].algo,
989 TEE_MODE_DIGEST, 0)))
990 goto out;
991
992 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
993 ta_crypt_cmd_allocate_operation(c, &session, &op2,
994 hash_cases[n].algo,
995 TEE_MODE_DIGEST, 0)))
996 goto out;
997
998 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
999 ta_crypt_cmd_digest_update(c, &session, op1,
1000 hash_cases[n].in,
1001 hash_cases[n].in_incr)))
1002 goto out;
1003
1004 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1005 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1006 goto out;
1007
1008 out_size = sizeof(out);
1009 memset(out, 0, sizeof(out));
1010 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1011 ta_crypt_cmd_digest_do_final(c, &session, op2,
1012 hash_cases[n].in + hash_cases[n].in_incr,
1013 hash_cases[n].in_len - hash_cases[n].in_incr,
1014 out, &out_size)))
1015 goto out;
1016
1017 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1018 hash_cases[n].out_len, out, out_size);
1019
1020 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1021 ta_crypt_cmd_reset_operation(c, &session, op1)))
1022 goto out;
1023
1024 out_size = sizeof(out);
1025 memset(out, 0, sizeof(out));
1026 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1027 ta_crypt_cmd_digest_do_final(c, &session, op1,
1028 hash_cases[n].in,
1029 hash_cases[n].in_len, out,
1030 &out_size)))
1031 goto out;
1032
1033 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1034 hash_cases[n].out_len, out, out_size);
1035
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1036 /*
1037 * Invoke TEE_DigestDoFinal() a second time to check that state
1038 * was properly reset
1039 */
1040 out_size = sizeof(out);
1041 memset(out, 0, sizeof(out));
1042 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1043 ta_crypt_cmd_digest_do_final(c, &session, op1,
1044 hash_cases[n].in,
1045 hash_cases[n].in_len, out,
1046 &out_size)))
1047 goto out;
1048
1049 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1050 hash_cases[n].out_len, out, out_size);
1051
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1052 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1053 ta_crypt_cmd_free_operation(c, &session, op1)))
1054 goto out;
1055
1056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1057 ta_crypt_cmd_free_operation(c, &session, op2)))
1058 goto out;
1059
1060 Do_ADBG_EndSubCase(c, NULL);
1061 }
1062
1063out:
1064 TEEC_CloseSession(&session);
1065}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1066ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1067 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1068
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1069struct xtest_mac_case {
1070 uint32_t algo;
1071 uint32_t key_type;
1072 const uint8_t *key;
1073 size_t key_len;
1074 size_t in_incr;
1075 const uint8_t *in;
1076 size_t in_len;
1077 const uint8_t *out;
1078 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1079 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1080};
1081
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1082#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1083 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1084 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1085
1086#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1087 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1088 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1089
1090#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1091 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1092 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1093
1094#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1095 XTEST_MAC_CASE((algo), (key_type), \
1096 mac_cbc_ ## vect ## _key, (in_incr), \
1097 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1098
1099#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1100 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1101 mac_cmac_ ## vect ## _key, (in_incr), \
1102 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1103
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1104#define XTEST_MAC_DES3_CMAC_CASE(vect, in_incr) \
1105 XTEST_MAC_CASE(TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, \
1106 mac_des3_cmac_ ## vect ## _key, (in_incr), \
1107 mac_des3_cmac_ ## vect ## _data, mac_des3_cmac_ ## vect ## _out)
1108
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1109static const struct xtest_mac_case mac_cases[] = {
1110 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1111 mac_data_md5_key1,
1112 4, mac_data_md5_in1, mac_data_md5_out1),
1113 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1114 mac_data_sha1_key1,
1115 5, mac_data_sha1_in1, mac_data_sha1_out1),
1116 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1117 mac_data_sha224_key1,
1118 8, mac_data_sha224_in1, mac_data_sha224_out1),
1119 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1120 mac_data_sha256_key1,
1121 1, mac_data_sha256_in1, mac_data_sha256_out1),
1122 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1123 mac_data_sha256_key2,
1124 7, mac_data_sha256_in2, mac_data_sha256_out2),
1125 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1126 mac_data_sha384_key1,
1127 11, mac_data_sha384_in1, mac_data_sha384_out1),
1128 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1129 mac_data_sha512_key1,
1130 13, mac_data_sha512_in1, mac_data_sha512_out1),
1131
1132 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1133 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1134 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1135 17),
1136 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1137 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1138 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1139 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1140 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1141 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1142 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1143 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1144
1145 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1146 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1147 ARRAY_SIZE(mac_cmac_vect1_out) },
1148 XTEST_MAC_CMAC_CASE(vect2, 9),
1149 XTEST_MAC_CMAC_CASE(vect3, 9),
1150 XTEST_MAC_CMAC_CASE(vect4, 9),
1151 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1152 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1153 ARRAY_SIZE(mac_cmac_vect5_out) },
1154 XTEST_MAC_CMAC_CASE(vect6, 9),
1155 XTEST_MAC_CMAC_CASE(vect7, 9),
1156 XTEST_MAC_CMAC_CASE(vect8, 9),
1157 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1158 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1159 ARRAY_SIZE(mac_cmac_vect9_out) },
1160 XTEST_MAC_CMAC_CASE(vect10, 9),
1161 XTEST_MAC_CMAC_CASE(vect11, 9),
1162 XTEST_MAC_CMAC_CASE(vect12, 9),
Clement Faure21b347a2021-04-29 13:06:55 +0200[diff] [blame^]1163 XTEST_MAC_CMAC_CASE(vect12, 16),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1164
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1165 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect1_key,
1166 ARRAY_SIZE(mac_des3_cmac_vect1_key), 0, NULL, 0, mac_des3_cmac_vect1_out,
1167 ARRAY_SIZE(mac_des3_cmac_vect1_out) },
1168 XTEST_MAC_DES3_CMAC_CASE(vect2, 3),
1169 XTEST_MAC_DES3_CMAC_CASE(vect3, 9),
1170 XTEST_MAC_DES3_CMAC_CASE(vect4, 9),
1171 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect5_key,
1172 ARRAY_SIZE(mac_des3_cmac_vect5_key), 0, NULL, 0, mac_des3_cmac_vect5_out,
1173 ARRAY_SIZE(mac_des3_cmac_vect5_out) },
1174 XTEST_MAC_DES3_CMAC_CASE(vect6, 3),
1175 XTEST_MAC_DES3_CMAC_CASE(vect7, 5),
1176 XTEST_MAC_DES3_CMAC_CASE(vect8, 9),
1177
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1178 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1179 mac_data_sm3_d31_key,
1180 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1181 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1182 mac_data_sm3_d32_key,
1183 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1184};
1185
1186static void xtest_tee_test_4002(ADBG_Case_t *c)
1187{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1188 TEEC_Session session = { };
1189 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1190 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1191 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1192 uint8_t out[64] = { };
1193 size_t out_size = 0;
1194 uint32_t ret_orig = 0;
1195 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1196
1197 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1198 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1199 &ret_orig)))
1200 return;
1201
1202 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1203 TEE_Attribute key_attr = { };
1204 size_t key_size = 0;
1205 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1206
1207 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1208 (int)n, (unsigned int)mac_cases[n].algo);
1209
1210 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1211 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1212 key_attr.content.ref.length = mac_cases[n].key_len;
1213
1214 key_size = key_attr.content.ref.length * 8;
1215 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1216 mac_cases[n].key_type == TEE_TYPE_DES3)
1217 /* Exclude parity in bit size of key */
1218 key_size -= key_size / 8;
1219
1220 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1221 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1222 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1223 goto out;
1224
1225 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1226 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1227 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1228 goto out;
1229
1230 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1231 ta_crypt_cmd_allocate_transient_object(c, &session,
1232 mac_cases[n].key_type, key_size, &key_handle)))
1233 goto out;
1234
1235 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1236 ta_crypt_cmd_populate_transient_object(c, &session,
1237 key_handle, &key_attr, 1)))
1238 goto out;
1239
1240 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1241 ta_crypt_cmd_set_operation_key(c, &session, op1,
1242 key_handle)))
1243 goto out;
1244
1245 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1246 ta_crypt_cmd_free_transient_object(c, &session,
1247 key_handle)))
1248 goto out;
1249
1250 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1251 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1252 goto out;
1253
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1254 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1255 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1256 while (offs + mac_cases[n].in_incr <
1257 mac_cases[n].in_len) {
1258 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1259 ta_crypt_cmd_mac_update(c, &session,
1260 op1, mac_cases[n].in + offs,
1261 mac_cases[n].in_incr)))
1262 goto out;
1263 offs += mac_cases[n].in_incr;
1264 if (!mac_cases[n].multiple_incr)
1265 break;
1266 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1267 }
1268
1269 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1270 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1271 goto out;
1272
1273 out_size = sizeof(out);
1274 memset(out, 0, sizeof(out));
1275 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1276 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1277 mac_cases[n].in + offs,
1278 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1279 out, &out_size)))
1280 goto out;
1281
1282 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1283 mac_cases[n].out_len, out, out_size);
1284
1285 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1286 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1287 goto out;
1288
1289 out_size = sizeof(out);
1290 memset(out, 0, sizeof(out));
1291 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1292 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1293 mac_cases[n].in, mac_cases[n].in_len, out,
1294 &out_size)))
1295 goto out;
1296
1297 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1298 mac_cases[n].out_len, out, out_size);
1299
1300 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1301 ta_crypt_cmd_free_operation(c, &session, op1)))
1302 goto out;
1303
1304 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1305 ta_crypt_cmd_free_operation(c, &session, op2)))
1306 goto out;
1307
1308 Do_ADBG_EndSubCase(c, NULL);
1309 }
1310out:
1311 TEEC_CloseSession(&session);
1312}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1313ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1314 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1315
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1316static const uint8_t ciph_data_aes_key1[] = {
1317 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1318 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1319};
1320
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1321static const uint8_t ciph_data_aes_key2[] = {
1322 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1323 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1324};
1325
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1326static const uint8_t ciph_data_des_key1[] = {
1327 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1328};
1329
1330static const uint8_t ciph_data_des_key2[] = {
1331 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1332};
1333
1334
1335static const uint8_t ciph_data_des3_key1[] = {
1336 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1337 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1338 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1339};
1340
1341static const uint8_t ciph_data_des3_key2[] = {
1342 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1343 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1344 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1345};
1346
1347static const uint8_t ciph_data_des2_key1[] = {
1348 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1349 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1350};
1351
1352static const uint8_t ciph_data_in1[] = {
1353 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1354 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1355 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1356 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1357 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1358 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1359};
1360
1361static const uint8_t ciph_data_in3[] = {
1362 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1363 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1364 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1365 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1366 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1367 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1368};
1369
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1370static const uint8_t ciph_data_in4[] = {
1371 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1372 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1373 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1374 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1375 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1376 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1377 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1378 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1379};
1380
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1381static const uint8_t ciph_data_in5[] = {
1382 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1383 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1384 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1385 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1386 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1387 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1388 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1389 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1390 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1391 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1392 0x01, 0x01, 0x01
1393};
1394
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1395static const uint8_t ciph_data_128_iv1[] = {
1396 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1397 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1398};
1399
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1400static const uint8_t ciph_data_128_iv2[] = {
1401 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1402 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1403};
1404
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1405static const uint8_t ciph_data_64_iv1[] = {
1406 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1407};
1408
1409static const uint8_t ciph_data_in2[] = {
1410 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1411};
1412
1413static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1414 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1415 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1416 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1417 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1418 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1419 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1420};
1421
1422static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1423 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1424 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1425 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1426 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1427 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1428 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1429};
1430
1431static const uint8_t ciph_data_aes_ctr_out1[] = {
1432 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1433 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1434 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1435 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1436 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1437 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1438};
1439
1440static const uint8_t ciph_data_aes_ctr_out2[] = {
1441 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1442 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1443 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1444 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1445 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1446 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1447};
1448
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1449static const uint8_t ciph_data_aes_ctr_out4[] = {
1450 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1451 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1452 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1453 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1454 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1455 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1456 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1457 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1458};
1459
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1460static const uint8_t ciph_data_aes_ctr_out5[] = {
1461 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1462 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1463 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1464 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1465 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1466 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1467 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1468 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1469 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1470 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1471 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1472};
1473
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1474static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1475 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1476 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1477};
1478
1479static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1480 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1481 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1482};
1483
1484static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1485 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1486 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1487 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1488 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1489 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1490 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1491 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1492 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1493 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1494 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1495 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1496 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1497 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1498 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1499 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1500 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1501 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1502 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1503 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1504 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1505};
1506
1507static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1508 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1509 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1510 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1511 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1512 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1513 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1514 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1515 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1516 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1517 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1518 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1519 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1520 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1521 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1522 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1523 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1524 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1525 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1526 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1527 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1528};
1529
1530/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1531 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1532static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1533 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1534 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1535};
1536
1537static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1538 0x00
1539};
1540
1541static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1542 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1543 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1544 0x20
1545};
1546
1547static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1548 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1549 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1550 0x97
1551};
1552
1553#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1554#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1555static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1556 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1557 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1558 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1559 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1560};
1561
1562static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1563 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1564 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1565 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1566 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1567};
1568
1569#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1570#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1571static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1572 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1573 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1574 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1575 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1576};
1577
1578static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1579 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1580 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1581 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1582 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1583};
1584
1585#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
1586#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
1587static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
1588 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1589 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1590 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1591 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1592 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1593 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
1594};
1595
1596static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
1597 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1598 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1599 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
1600 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
1601 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1602 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
1603};
1604
1605#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
1606#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
1607static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
1608 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1609 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1610 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1611 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1612 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1613 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1614};
1615
1616static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
1617 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1618 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1619 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1620 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1621 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1622 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1623};
1624
1625#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
1626#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
1627static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
1628 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1629 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1630 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1631 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1632 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1633 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1634 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
1635 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
1636};
1637
1638static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
1639 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1640 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1641 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1642 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1643 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
1644 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
1645 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1646 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1647};
1648
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]1649/*
1650 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
1651 * 80 bytes of data, processed in two steps (32 + 48).
1652 */
1653
1654#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
1655
1656static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
1657 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
1658 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
1659};
1660
1661static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
1662 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
1663 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
1664 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
1665 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
1666 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
1667 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
1668 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
1669 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
1670 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
1671 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
1672};
1673
1674/*
1675 * Ciphertext was generated by an online tool for AES CBC.
1676 * Since the input size is a multiple of the block size, and the ciphertext
1677 * format is CS3, the output is the same as plain AES CBC with the last
1678 * two blocks swapped.
1679 */
1680static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
1681 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
1682 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
1683 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
1684 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
1685 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
1686 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
1687 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
1688 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
1689 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
1690 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
1691};
1692
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1693static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
1694 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
1695 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
1696 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
1697 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
1698 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
1699 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
1700};
1701
1702static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
1703 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
1704};
1705
1706static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
1707 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
1708 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
1709 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
1710 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
1711 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
1712 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
1713};
1714
1715static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
1716 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
1717 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
1718 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
1719 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
1720 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
1721 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
1722};
1723
1724static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
1725 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
1726 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
1727 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
1728 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
1729 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
1730 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
1731};
1732
1733static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
1734 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
1735 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
1736 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
1737 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
1738 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
1739 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
1740};
1741
1742static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
1743 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
1744 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
1745 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
1746 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
1747 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
1748 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
1749};
1750
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]1751/* SM4 ECB */
1752
1753static const uint8_t ciph_data_sm4_key1[] = {
1754 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1755 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1756};
1757
1758static const uint8_t ciph_data_sm4_in1[] = {
1759 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1760 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1761};
1762
1763static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
1764 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
1765 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
1766};
1767
1768/*
1769 * SM4 CBC
1770 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
1771 */
1772static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
1773 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1774 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1775};
1776
1777static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
1778 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1779 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1780};
1781
1782static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
1783 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1784 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1785 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1786 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1787};
1788
1789static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
1790 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
1791 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
1792 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
1793 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
1794};
1795
1796/*
1797 * SM4 CBC
1798 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
1799 */
1800static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
1801 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1802 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1803};
1804
1805static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
1806 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1807 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1808};
1809
1810static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
1811 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1812 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1813 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1814 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1815};
1816
1817static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
1818 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
1819 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
1820 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
1821 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
1822};
1823
1824/*
1825 * SM4 CTR
1826 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
1827 */
1828static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
1829 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1830 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1831};
1832
1833static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
1834 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1835 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1836};
1837
1838static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
1839 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1840 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1841 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1842 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1843 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1844 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1845 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1846 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1847};
1848
1849static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
1850 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
1851 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
1852 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
1853 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
1854 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
1855 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
1856 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
1857 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
1858};
1859
1860/*
1861 * SM4 CTR
1862 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
1863 */
1864static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
1865 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1866 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1867};
1868
1869static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
1870 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1871 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1872};
1873
1874static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
1875 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1876 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1877 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1878 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1879 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1880 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1881 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1882 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1883};
1884
1885static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
1886 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
1887 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
1888 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
1889 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
1890 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
1891 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
1892 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
1893 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
1894};
1895
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1896struct xtest_ciph_case {
1897 uint32_t algo;
1898 uint32_t mode;
1899 uint32_t key_type;
1900 const uint8_t *key1;
1901 size_t key1_len;
1902 const uint8_t *key2;
1903 size_t key2_len;
1904 const uint8_t *iv;
1905 size_t iv_len;
1906 size_t in_incr;
1907 const uint8_t *in;
1908 size_t in_len;
1909 const uint8_t *out;
1910 size_t out_len;
1911 size_t line;
1912};
1913
1914#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
1915 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1916 NULL, 0, NULL, 0, \
1917 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
1918 __LINE__ }, \
1919 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1920 NULL, 0, NULL, 0, \
1921 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
1922
1923#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
1924 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1925 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
1926 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
1927 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1928 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
1929 (ptx), ARRAY_SIZE(ptx), __LINE__ }
1930
1931#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
1932 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
1933 ciph_data_aes_xts_ ## vect ## _key1, \
1934 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
1935 ciph_data_aes_xts_ ## vect ## _key2, \
1936 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
1937 ciph_data_aes_xts_ ## vect ## _iv, \
1938 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
1939 (in_incr), \
1940 ciph_data_aes_xts_ ## vect ## _ptx, \
1941 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
1942 ciph_data_aes_xts_ ## vect ## _ctx, \
1943 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
1944 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
1945 ciph_data_aes_xts_ ## vect ## _key1, \
1946 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
1947 ciph_data_aes_xts_ ## vect ## _key2, \
1948 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
1949 ciph_data_aes_xts_ ## vect ## _iv, \
1950 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
1951 (in_incr), \
1952 ciph_data_aes_xts_ ## vect ## _ctx, \
1953 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
1954 ciph_data_aes_xts_ ## vect ## _ptx, \
1955 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
1956
1957#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
1958 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
1959 ciph_data_aes_cbc_ ## vect ## _key, \
1960 ciph_data_aes_cbc_ ## vect ## _iv, \
1961 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
1962 ciph_data_aes_cbc_ ## vect ## _ctx)
1963
1964#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
1965 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
1966 ciph_data_aes_cts_ ## vect ## _key, \
1967 ciph_data_aes_cts_ ## vect ## _iv, \
1968 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
1969 ciph_data_aes_cts_ ## vect ## _ctx)
1970
1971static const struct xtest_ciph_case ciph_cases[] = {
1972 /* AES */
1973 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
1974 ciph_data_aes_key1, 11, ciph_data_in1,
1975 ciph_data_aes_ecb_nopad_out1),
1976 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
1977 ciph_data_aes_key1, ciph_data_128_iv1, 11,
1978 ciph_data_in1,
1979 ciph_data_aes_cbc_nopad_out1),
1980 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1981 ciph_data_aes_key1, ciph_data_128_iv1, 13,
1982 ciph_data_in1,
1983 ciph_data_aes_ctr_out1),
1984 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1985 ciph_data_aes_key1, ciph_data_128_iv1, 13,
1986 ciph_data_in3,
1987 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]1988 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1989 ciph_data_aes_key1, ciph_data_128_iv1, 16,
1990 ciph_data_in3,
1991 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1992 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1993 ciph_data_aes_key1, ciph_data_128_iv1, 16,
1994 ciph_data_in4,
1995 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1996 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
1997 ciph_data_aes_key2, ciph_data_128_iv2, 11,
1998 ciph_data_in5,
1999 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2000
2001 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2002 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2003
2004 /* AES-CTS */
2005 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2006 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2007 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2008 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2009 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2010 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2011 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2012 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2013
2014 /* DES */
2015 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2016 ciph_data_des_key1, 14, ciph_data_in1,
2017 ciph_data_des_ecb_nopad_out1),
2018 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2019 ciph_data_des_key2, 3, ciph_data_in2,
2020 ciph_data_des_ecb_nopad_out2),
2021 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2022 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2023 ciph_data_des_cbc_nopad_out1),
2024
2025 /* DES3 */
2026 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2027 ciph_data_des3_key1, 11, ciph_data_in1,
2028 ciph_data_des3_ecb_nopad_out1),
2029 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2030 ciph_data_des3_key2, 3, ciph_data_in2,
2031 ciph_data_des_ecb_nopad_out2),
2032 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2033 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2034 ciph_data_in1,
2035 ciph_data_des3_cbc_nopad_out1),
2036
2037 /* DES2 */
2038 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2039 ciph_data_des2_key1, 11, ciph_data_in1,
2040 ciph_data_des2_ecb_nopad_out1),
2041 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2042 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2043 ciph_data_in1,
2044 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2045
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2046 /* AES-XTS */
2047 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2048 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2049 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2050 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2051 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2052 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2053 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2054 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2055 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2056 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2057 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2058 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2059 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2060 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2061 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2062 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2063 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2064 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2065 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2066
2067 /* SM4 */
2068 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2069 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2070 ciph_data_sm4_ecb_nopad_out1),
2071 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2072 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2073 11, ciph_data_sm4_cbc_a221_in,
2074 ciph_data_sm4_cbc_a221_out),
2075 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2076 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2077 11, ciph_data_sm4_cbc_a222_in,
2078 ciph_data_sm4_cbc_a222_out),
2079 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2080 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2081 11, ciph_data_sm4_ctr_a251_in,
2082 ciph_data_sm4_ctr_a251_out),
2083 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2084 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2085 11, ciph_data_sm4_ctr_a252_in,
2086 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2087};
2088
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2089static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2090{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2091 TEEC_Session session = { };
2092 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2093 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2094 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2095 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2096 uint8_t out[2048] = { };
2097 size_t out_size = 0;
2098 size_t out_offs = 0;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2099 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2100 uint32_t ret_orig = 0;
2101 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2102
2103 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2104 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2105 &ret_orig)))
2106 return;
2107
2108 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2109 TEE_Attribute key_attr = { };
2110 size_t key_size = 0;
2111 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2112
Jerome Forissier817d99f2020-01-22 16:33:12 +0100[diff] [blame]2113 switch (ciph_cases[n].algo) {
2114 case TEE_ALG_SM4_CTR:
2115 case TEE_ALG_SM4_CBC_NOPAD:
2116 case TEE_ALG_SM4_ECB_NOPAD:
2117 if (!ta_crypt_cmd_is_algo_supported(c, &session,
2118 ciph_cases[n].algo, TEE_CRYPTO_ELEMENT_NONE)) {
2119 Do_ADBG_Log("SM4 not supported: skip subcase");
2120 continue;
2121 }
2122 break;
2123 default:
2124 break;
2125 }
2126
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2127 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2128 (int)n, (unsigned int)ciph_cases[n].algo,
2129 (int)ciph_cases[n].line);
2130
2131 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2132 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2133 key_attr.content.ref.length = ciph_cases[n].key1_len;
2134
2135 key_size = key_attr.content.ref.length * 8;
2136 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2137 ciph_cases[n].key_type == TEE_TYPE_DES3)
2138 /* Exclude parity in bit size of key */
2139 key_size -= key_size / 8;
2140
2141 op_key_size = key_size;
2142 if (ciph_cases[n].key2 != NULL)
2143 op_key_size *= 2;
2144
2145 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2146 ta_crypt_cmd_allocate_operation(c, &session, &op,
2147 ciph_cases[n].algo, ciph_cases[n].mode,
2148 op_key_size)))
2149 goto out;
2150
2151 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2152 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2153 ciph_cases[n].algo, ciph_cases[n].mode,
2154 op_key_size)))
2155 goto out;
2156
2157 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2158 ta_crypt_cmd_allocate_transient_object(c, &session,
2159 ciph_cases[n].key_type, key_size,
2160 &key1_handle)))
2161 goto out;
2162
2163 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2164 ta_crypt_cmd_populate_transient_object(c, &session,
2165 key1_handle, &key_attr, 1)))
2166 goto out;
2167
2168 if (ciph_cases[n].key2 != NULL) {
2169 key_attr.content.ref.buffer =
2170 (void *)ciph_cases[n].key2;
2171 key_attr.content.ref.length = ciph_cases[n].key2_len;
2172
2173 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2174 ta_crypt_cmd_allocate_transient_object(c,
2175 &session, ciph_cases[n].key_type,
2176 key_attr.content.ref.length * 8,
2177 &key2_handle)))
2178 goto out;
2179
2180 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2181 ta_crypt_cmd_populate_transient_object(c,
2182 &session, key2_handle, &key_attr, 1)))
2183 goto out;
2184
2185 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2186 ta_crypt_cmd_set_operation_key2(c, &session, op,
2187 key1_handle, key2_handle)))
2188 goto out;
2189 } else {
2190 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2191 ta_crypt_cmd_set_operation_key(c, &session, op,
2192 key1_handle)))
2193 goto out;
2194 }
2195
2196 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2197 ta_crypt_cmd_free_transient_object(c, &session,
2198 key1_handle)))
2199 goto out;
2200 key1_handle = TEE_HANDLE_NULL;
2201
2202 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2203 ta_crypt_cmd_free_transient_object(c, &session,
2204 key2_handle)))
2205 goto out;
2206 key2_handle = TEE_HANDLE_NULL;
2207
2208 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2209 ta_crypt_cmd_cipher_init(c, &session, op,
2210 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2211 goto out;
2212
2213 out_offs = 0;
2214 out_size = sizeof(out);
2215 memset(out, 0, sizeof(out));
2216 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2217 ta_crypt_cmd_cipher_update(c, &session, op,
2218 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2219 &out_size)))
2220 goto out;
2221
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2222 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2223 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2224 ciph_cases[n].in_incr);
2225
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2226 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2227 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2228 goto out;
2229
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2230 out_offs += out_size;
2231 out_size = sizeof(out) - out_offs;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2232 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2233
2234 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2235 ta_crypt_cmd_cipher_do_final(c, &session, op,
2236 ciph_cases[n].in + ciph_cases[n].in_incr,
2237 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2238 out + out_offs,
2239 &out_size)))
2240 goto out;
2241
2242 out_offs += out_size;
2243
2244 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2245 ciph_cases[n].out_len, out, out_offs);
2246
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2247 /* test on the copied op2 */
2248 out_size = sizeof(out) - out_offs2;
2249
2250 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2251 ta_crypt_cmd_cipher_do_final(c, &session, op2,
2252 ciph_cases[n].in + ciph_cases[n].in_incr,
2253 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2254 out + out_offs2,
2255 &out_size)))
2256 goto out;
2257
2258 out_offs2 += out_size;
2259
2260 ADBG_EXPECT_BUFFER(c, ciph_cases[n].out, ciph_cases[n].out_len,
2261 out, out_offs2);
2262
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2263 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2264 ta_crypt_cmd_free_operation(c, &session, op)))
2265 goto out;
2266
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2267 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2268 ta_crypt_cmd_free_operation(c, &session, op2)))
2269 goto out;
2270
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2271 Do_ADBG_EndSubCase(c, NULL);
2272 }
2273out:
2274 TEEC_CloseSession(&session);
2275}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2276ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2277 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2278
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2279static void xtest_tee_test_4004(ADBG_Case_t *c)
2280{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2281 TEEC_Session session = { };
2282 uint32_t ret_orig = 0;
2283 uint8_t buf1[45] = { };
2284 uint8_t buf2[45] = { };
2285 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2286
2287 Do_ADBG_BeginSubCase(c, "TEE get random");
2288 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2289 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2290 &ret_orig)))
2291 return;
2292
2293 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2294 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2295 sizeof(buf1))))
2296 goto out;
2297
2298 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2299 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2300
2301 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2302 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2303 sizeof(buf2))))
2304 goto out;
2305
2306 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2307 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2308
2309 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2310 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2311out:
2312 TEEC_CloseSession(&session);
2313 Do_ADBG_EndSubCase(c, "TEE get random");
2314}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2315ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2316 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2317
2318struct xtest_ae_case {
2319 uint32_t algo;
2320 uint32_t mode;
2321 uint32_t key_type;
2322 const uint8_t *key;
2323 size_t key_len;
2324 const uint8_t *nonce;
2325 size_t nonce_len;
2326 size_t aad_incr;
2327 const uint8_t *aad;
2328 size_t aad_len;
2329 size_t in_incr;
2330 const uint8_t *ptx;
2331 size_t ptx_len;
2332 const uint8_t *ctx;
2333 size_t ctx_len;
2334 const uint8_t *tag;
2335 size_t tag_len;
2336 size_t line;
2337};
2338
2339
2340#define ARRAY(a) a, ARRAY_SIZE(a)
2341#define NULL_ARRAY(a) NULL, 0
2342
2343#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2344 aad_array, ptx_array, ctx_array) \
2345 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2346 ARRAY(vect ## _nonce), (aad_incr), \
2347 aad_array(vect ## _aad), (in_incr), \
2348 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2349 ARRAY(vect ## _tag), \
2350 __LINE__ }, \
2351 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2352 ARRAY(vect ## _nonce), (aad_incr), \
2353 aad_array(vect ## _aad), (in_incr), \
2354 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2355 ARRAY(vect ## _tag), \
2356 __LINE__ }
2357
2358#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2359 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2360 in_incr, ARRAY, ARRAY, ARRAY)
2361
2362#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2363 aad_array, ptx_array, ctx_array) \
2364 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2365 in_incr, aad_array, ptx_array, ctx_array)
2366
2367
2368
2369static const struct xtest_ae_case ae_cases[] = {
2370 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2371 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2372 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2373
2374 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2375 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2376 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2377 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2378 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2379 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2380 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2381 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2382 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2383 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2384 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2385 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2386 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2387 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2388 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2389 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2390 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2391 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2392 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2393#ifdef CFG_GCM_NIST_VECTORS
2394#include "gcmDecrypt128.h"
2395#include "gcmDecrypt192.h"
2396#include "gcmDecrypt256.h"
2397#include "gcmEncryptExtIV128.h"
2398#include "gcmEncryptExtIV192.h"
2399#include "gcmEncryptExtIV256.h"
2400#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2401};
2402
2403static void xtest_tee_test_4005(ADBG_Case_t *c)
2404{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2405 TEEC_Session session = { };
2406 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2407 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2408 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2409 TEE_Attribute key_attr = { };
2410 uint8_t out[512] = { };
2411 size_t out_size = 0;
2412 size_t out_offs = 0;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2413 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2414 uint32_t ret_orig = 0;
2415 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2416
2417 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2418 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2419 &ret_orig)))
2420 return;
2421
2422 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2423 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2424 (int)n, (unsigned int)ae_cases[n].algo,
2425 (int)ae_cases[n].line);
2426
2427 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2428 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2429 key_attr.content.ref.length = ae_cases[n].key_len;
2430
2431 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2432 ta_crypt_cmd_allocate_operation(c, &session, &op,
2433 ae_cases[n].algo, ae_cases[n].mode,
2434 key_attr.content.ref.length * 8)))
2435 goto out;
2436
2437 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2438 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2439 ae_cases[n].algo, ae_cases[n].mode,
2440 key_attr.content.ref.length * 8)))
2441 goto out;
2442
2443 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2444 ta_crypt_cmd_allocate_transient_object(c, &session,
2445 ae_cases[n].key_type,
2446 key_attr.content.ref.length * 8,
2447 &key_handle)))
2448 goto out;
2449
2450 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2451 ta_crypt_cmd_populate_transient_object(c, &session,
2452 key_handle, &key_attr, 1)))
2453 goto out;
2454
2455 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2456 ta_crypt_cmd_set_operation_key(c, &session, op,
2457 key_handle)))
2458 goto out;
2459
2460 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2461 ta_crypt_cmd_free_transient_object(c, &session,
2462 key_handle)))
2463 goto out;
2464 key_handle = TEE_HANDLE_NULL;
2465
2466 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2467 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2468 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2469 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2470 goto out;
2471
2472 if (ae_cases[n].aad != NULL) {
2473 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2474 ta_crypt_cmd_ae_update_aad(c, &session, op,
2475 ae_cases[n].aad, ae_cases[n].aad_incr)))
2476 goto out;
2477
2478 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2479 ta_crypt_cmd_ae_update_aad(c, &session, op,
2480 ae_cases[n].aad + ae_cases[n].aad_incr,
2481 ae_cases [n].aad_len -
2482 ae_cases[n].aad_incr)))
2483 goto out;
2484 }
2485
2486 out_offs = 0;
2487 out_size = sizeof(out);
2488 memset(out, 0, sizeof(out));
2489 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2490 if (ae_cases[n].ptx != NULL) {
2491 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2492 ta_crypt_cmd_ae_update(c, &session, op,
2493 ae_cases[n].ptx,
2494 ae_cases[n].in_incr, out,
2495 &out_size)))
2496 goto out;
2497 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2498 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2499 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2500 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2501 }
2502 } else {
2503 if (ae_cases[n].ctx != NULL) {
2504 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2505 ta_crypt_cmd_ae_update(c, &session, op,
2506 ae_cases[n].ctx,
2507 ae_cases[n].in_incr, out,
2508 &out_size)))
2509 goto out;
2510 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2511 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2512 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2513 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2514 }
2515 }
2516
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2517 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2518 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2519 goto out;
2520
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2521 out_size = sizeof(out) - out_offs;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2522 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2523 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2524 uint8_t out_tag[64];
2525 size_t out_tag_len = MIN(sizeof(out_tag),
2526 ae_cases[n].tag_len);
2527
2528 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2529 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2530 ae_cases[n].ptx + ae_cases[n].in_incr,
2531 ae_cases[n].ptx_len -
2532 ae_cases[n].in_incr,
2533 out + out_offs,
2534 &out_size, out_tag, &out_tag_len)))
2535 goto out;
2536
2537 (void)ADBG_EXPECT_BUFFER(c,
2538 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2539 out_tag_len);
2540
2541 out_offs += out_size;
2542
2543 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2544 ae_cases[n].ctx_len, out, out_offs);
2545 } else {
2546 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2547 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2548 ae_cases[n].ctx + ae_cases[n].in_incr,
2549 ae_cases[n].ctx_len -
2550 ae_cases[n].in_incr,
2551 out + out_offs,
2552 &out_size, ae_cases[n].tag,
2553 ae_cases[n].tag_len)))
2554 goto out;
2555
2556 out_offs += out_size;
2557
2558 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2559 ae_cases[n].ptx_len, out, out_offs);
2560 }
2561
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2562 /* test on the copied op2 */
2563 out_size = sizeof(out) - out_offs2;
2564 memset(out + out_offs2, 0, out_size);
2565 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2566 uint8_t out_tag[64] = { 0 };
2567 size_t out_tag_len = MIN(sizeof(out_tag),
2568 ae_cases[n].tag_len);
2569
2570 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2571 ta_crypt_cmd_ae_encrypt_final(c, &session, op2,
2572 ae_cases[n].ptx + ae_cases[n].in_incr,
2573 ae_cases[n].ptx_len -
2574 ae_cases[n].in_incr,
2575 out + out_offs2,
2576 &out_size, out_tag, &out_tag_len)))
2577 goto out;
2578
2579 ADBG_EXPECT_BUFFER(c, ae_cases[n].tag,
2580 ae_cases[n].tag_len, out_tag,
2581 out_tag_len);
2582
2583 out_offs2 += out_size;
2584
2585 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2586 ae_cases[n].ctx_len, out, out_offs2);
2587 } else {
2588 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2589 ta_crypt_cmd_ae_decrypt_final(c, &session, op2,
2590 ae_cases[n].ctx + ae_cases[n].in_incr,
2591 ae_cases[n].ctx_len -
2592 ae_cases[n].in_incr,
2593 out + out_offs2,
2594 &out_size, ae_cases[n].tag,
2595 ae_cases[n].tag_len)))
2596 goto out;
2597
2598 out_offs2 += out_size;
2599
2600 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2601 ae_cases[n].ptx_len, out, out_offs2);
2602 }
2603
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2604 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2605 ta_crypt_cmd_free_operation(c, &session, op)))
2606 goto out;
2607
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2608 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2609 ta_crypt_cmd_free_operation(c, &session, op2)))
2610 goto out;
2611
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2612 Do_ADBG_EndSubCase(c, NULL);
2613 }
2614out:
2615 TEEC_CloseSession(&session);
2616}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2617ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
2618 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2619
2620struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2621 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2622 uint32_t algo;
2623 TEE_OperationMode mode;
2624
2625 union {
2626 struct {
2627 const uint8_t *modulus;
2628 size_t modulus_len;
2629
2630 const uint8_t *pub_exp;
2631 size_t pub_exp_len;
2632
2633 const uint8_t *priv_exp;
2634 size_t priv_exp_len;
2635
2636 const uint8_t *prime1; /* q */
2637 size_t prime1_len;
2638 const uint8_t *prime2; /* p */
2639 size_t prime2_len;
2640 const uint8_t *exp1; /* dp */
2641 size_t exp1_len;
2642 const uint8_t *exp2; /* dq */
2643 size_t exp2_len;
2644 const uint8_t *coeff; /* iq */
2645 size_t coeff_len;
2646
2647 int salt_len;
2648 } rsa;
2649 struct {
2650 const uint8_t *prime;
2651 size_t prime_len;
2652 const uint8_t *sub_prime;
2653 size_t sub_prime_len;
2654 const uint8_t *base;
2655 size_t base_len;
2656 const uint8_t *pub_val;
2657 size_t pub_val_len;
2658 const uint8_t *priv_val;
2659 size_t priv_val_len;
2660 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2661 struct {
2662 const uint8_t *private;
2663 size_t private_len;
2664 const uint8_t *public_x;
2665 size_t public_x_len;
2666 const uint8_t *public_y;
2667 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2668 } ecc;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2669 } params;
2670
2671 const uint8_t *ptx;
2672 size_t ptx_len;
2673 const uint8_t *ctx;
2674 size_t ctx_len;
2675 size_t line;
2676};
2677
2678#define WITHOUT_SALT(x) -1
2679#define WITH_SALT(x) x
2680
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2681#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2682 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2683 ARRAY(vect ## _ptx), \
2684 ARRAY(vect ## _out), \
2685 __LINE__ }
2686
2687#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2688 { .rsa = { \
2689 ARRAY(vect ## _modulus), \
2690 ARRAY(vect ## _pub_exp), \
2691 ARRAY(vect ## _priv_exp), \
2692 opt_crt_array(vect ## _prime1), \
2693 opt_crt_array(vect ## _prime2), \
2694 opt_crt_array(vect ## _exp1), \
2695 opt_crt_array(vect ## _exp2), \
2696 opt_crt_array(vect ## _coeff), \
2697 opt_salt(vect ## _salt_len) \
2698 } }
2699
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2700#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2701 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2702 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2703
2704#define XTEST_AC_DSA_UNION(vect) \
2705 { .dsa = { \
2706 ARRAY(vect ## _prime), \
2707 ARRAY(vect ## _sub_prime), \
2708 ARRAY(vect ## _base), \
2709 ARRAY(vect ## _pub_val), \
2710 ARRAY(vect ## _priv_val), \
2711 } }
2712
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2713#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2714 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2715
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2716#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2717 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2718 ARRAY(vect ## _private), \
2719 ARRAY(vect ## _public_x), \
2720 ARRAY(vect ## _public_y), \
2721 } }
2722
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2723#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2724 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2725
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2726static const struct xtest_ac_case xtest_ac_cases[] = {
2727 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2728 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2729 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2730 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2731 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2732 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2733 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2734 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2735 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2736 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2737 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2738 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2739 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2740 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2741 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2742 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2743 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2744 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2745 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2746 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2747 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2748 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2749 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2750 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2751 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2752 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2753 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2754 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2755 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2756 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2757 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2758 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2759 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2760 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2761 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2762 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2763 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2764 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2765 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2766 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2767 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2768
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2769 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2770 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2771 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2772 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2773
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]2774#ifdef CFG_CRYPTO_RSASSA_NA1
2775 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
2776 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2777 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
2778 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2779#endif
2780
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2781 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2782 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2783 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2784 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2785
2786 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2787 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2788 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2789 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2790
2791 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2792 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2793 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2794 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
2795
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2796 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2797 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2798 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2799 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2800 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2801
2802 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2803 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2804 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2805 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2806 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2807 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2808
2809 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2810 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2811 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2812 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2813 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2814 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2815
2816 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2817 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2818 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2819 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2820 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2821 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2822
2823 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2824 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2825 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2826 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2827 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2828 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
2829
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2830 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2831 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2832 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2833 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2834 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2835 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2836 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2837 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2838 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2839 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2840 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2841 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
2842
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2843 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2844 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2845 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2846 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2847 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2848 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2849 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2850 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2851 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2852 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2853 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2854 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2855 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2856 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2857 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2858 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2859 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2860 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
2861
2862 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2863 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2864 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2865 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2866 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2867 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2868 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2869 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2870 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2871 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2872 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2873 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2874 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2875 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2876 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2877 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2878 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2879 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2880 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2881 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2882 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2883 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2884 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2885 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2886 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2887 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2888 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2889 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2890 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2891 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2892 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2893 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2894 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2895 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2896 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2897 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2898 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2899 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2900 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2901 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2902 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2903 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2904 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2905 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2906 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
2907
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2908 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2909 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2910 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2911 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2912 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2913 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2914 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2915 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2916 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2917 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2918 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2919 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2920 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2921 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2922 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2923 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2924 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2925 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2926 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2927 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2928 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2929 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2930 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2931 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2932 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2933 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2934 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2935 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2936 ac_rsassa_vect15, ARRAY, WITH_SALT),
2937
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2938 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2939 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2940 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2941 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2942 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2943 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2944 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2945 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2946 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2947 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2948 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2949 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
2950
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2951 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2952 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2953 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2954 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2955 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2956 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2957 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2958 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2959 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2960 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2961 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2962 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2963 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2964 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2965 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2966 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2967 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2968 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
2969
2970 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]2971 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2972 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
2973 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2974 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
2975 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
2976 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
2977 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
2978 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
2979 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
2980 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
2981 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
2982 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
2983 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
2984 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
2985 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
2986 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
2987 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
2988 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
2989 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
2990 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
2991 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
2992 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
2993 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
2994 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
2995 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
2996 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
2997 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
2998 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
2999 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3000 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3001 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3002 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3003 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3004 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3005 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3006 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3007 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3008 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3009 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3010 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3011 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3012 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3013 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3014 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3015 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3016 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3017 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3018 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3019 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3020 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3021 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3022 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3023 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3024 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3025 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3026 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3027 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3028 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3029 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3030 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3031 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3032 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3033 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3034 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3035 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3036 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3037 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3038 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3039 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3040 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3041 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3042 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3043 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3044 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3045 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3046 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3047 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3048 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3049 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3050 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3051 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3052 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3053 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3054 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3055 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3056 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3057 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3058 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3059 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3060 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3061 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3062 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3063 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3064 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3065 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3066 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3067 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3068 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3069 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3070 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3071 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3072 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3073 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3074 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3075 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3076 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3077 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3078 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3079 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3080 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3081 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3082 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3083 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3084 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3085 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3086 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3087 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3088 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3089 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3090 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3091 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3092 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3093 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3094 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3095 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3096 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3097 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3098 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3099 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3100 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3101 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3102 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3103 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3104 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3105 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3106 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3107 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3108 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3109 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3110 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3111 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3112 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3113 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3114 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3115 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3116 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3117 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3118 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3119 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3120 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3121 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3122 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3123 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3124 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3125 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3126 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3127 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3128 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3129 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3130 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3131 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3132 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3133 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3134 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3135 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3136 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3137 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3138 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3139 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3140 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3141 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3142 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3143 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3144 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3145 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3146 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3147 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3148 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3149 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3150 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3151 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3152 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3153 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3154 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3155 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3156 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3157 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3158 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3159 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3160 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3161 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3162 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3163 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3164 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3165 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3166 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3167 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3168 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3169 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3170 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3171
3172 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3173 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3174 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3175 nist_186_2_ecdsa_testvector_1),
3176 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3177 nist_186_2_ecdsa_testvector_1),
3178 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3179 nist_186_2_ecdsa_testvector_2),
3180 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3181 nist_186_2_ecdsa_testvector_2),
3182 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3183 nist_186_2_ecdsa_testvector_3),
3184 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3185 nist_186_2_ecdsa_testvector_3),
3186 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3187 nist_186_2_ecdsa_testvector_4),
3188 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3189 nist_186_2_ecdsa_testvector_4),
3190 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3191 nist_186_2_ecdsa_testvector_5),
3192 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3193 nist_186_2_ecdsa_testvector_5),
3194 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3195 nist_186_2_ecdsa_testvector_6),
3196 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3197 nist_186_2_ecdsa_testvector_6),
3198 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3199 nist_186_2_ecdsa_testvector_7),
3200 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3201 nist_186_2_ecdsa_testvector_7),
3202 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3203 nist_186_2_ecdsa_testvector_8),
3204 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3205 nist_186_2_ecdsa_testvector_8),
3206 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3207 nist_186_2_ecdsa_testvector_9),
3208 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3209 nist_186_2_ecdsa_testvector_9),
3210 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3211 nist_186_2_ecdsa_testvector_10),
3212 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3213 nist_186_2_ecdsa_testvector_10),
3214 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3215 nist_186_2_ecdsa_testvector_11),
3216 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3217 nist_186_2_ecdsa_testvector_11),
3218 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3219 nist_186_2_ecdsa_testvector_12),
3220 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3221 nist_186_2_ecdsa_testvector_12),
3222 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3223 nist_186_2_ecdsa_testvector_13),
3224 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3225 nist_186_2_ecdsa_testvector_13),
3226 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3227 nist_186_2_ecdsa_testvector_14),
3228 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3229 nist_186_2_ecdsa_testvector_14),
3230 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3231 nist_186_2_ecdsa_testvector_15),
3232 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3233 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3234 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3235 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3236 nist_186_2_ecdsa_testvector_16),
3237 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3238 nist_186_2_ecdsa_testvector_16),
3239 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3240 nist_186_2_ecdsa_testvector_17),
3241 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3242 nist_186_2_ecdsa_testvector_17),
3243 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3244 nist_186_2_ecdsa_testvector_18),
3245 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3246 nist_186_2_ecdsa_testvector_18),
3247 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3248 nist_186_2_ecdsa_testvector_19),
3249 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3250 nist_186_2_ecdsa_testvector_19),
3251 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3252 nist_186_2_ecdsa_testvector_20),
3253 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3254 nist_186_2_ecdsa_testvector_20),
3255 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3256 nist_186_2_ecdsa_testvector_21),
3257 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3258 nist_186_2_ecdsa_testvector_21),
3259 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3260 nist_186_2_ecdsa_testvector_22),
3261 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3262 nist_186_2_ecdsa_testvector_22),
3263 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3264 nist_186_2_ecdsa_testvector_23),
3265 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3266 nist_186_2_ecdsa_testvector_23),
3267 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3268 nist_186_2_ecdsa_testvector_24),
3269 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3270 nist_186_2_ecdsa_testvector_24),
3271 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3272 nist_186_2_ecdsa_testvector_25),
3273 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3274 nist_186_2_ecdsa_testvector_25),
3275 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3276 nist_186_2_ecdsa_testvector_26),
3277 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3278 nist_186_2_ecdsa_testvector_26),
3279 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3280 nist_186_2_ecdsa_testvector_27),
3281 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3282 nist_186_2_ecdsa_testvector_27),
3283 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3284 nist_186_2_ecdsa_testvector_28),
3285 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3286 nist_186_2_ecdsa_testvector_28),
3287 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3288 nist_186_2_ecdsa_testvector_29),
3289 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3290 nist_186_2_ecdsa_testvector_29),
3291 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3292 nist_186_2_ecdsa_testvector_30),
3293 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3294 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3295 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3296 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3297 nist_186_2_ecdsa_testvector_31),
3298 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3299 nist_186_2_ecdsa_testvector_31),
3300 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3301 nist_186_2_ecdsa_testvector_32),
3302 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3303 nist_186_2_ecdsa_testvector_32),
3304 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3305 nist_186_2_ecdsa_testvector_33),
3306 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3307 nist_186_2_ecdsa_testvector_33),
3308 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3309 nist_186_2_ecdsa_testvector_34),
3310 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3311 nist_186_2_ecdsa_testvector_34),
3312 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3313 nist_186_2_ecdsa_testvector_35),
3314 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3315 nist_186_2_ecdsa_testvector_35),
3316 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3317 nist_186_2_ecdsa_testvector_36),
3318 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3319 nist_186_2_ecdsa_testvector_36),
3320 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3321 nist_186_2_ecdsa_testvector_37),
3322 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3323 nist_186_2_ecdsa_testvector_37),
3324 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3325 nist_186_2_ecdsa_testvector_38),
3326 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3327 nist_186_2_ecdsa_testvector_38),
3328 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3329 nist_186_2_ecdsa_testvector_39),
3330 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3331 nist_186_2_ecdsa_testvector_39),
3332 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3333 nist_186_2_ecdsa_testvector_40),
3334 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3335 nist_186_2_ecdsa_testvector_40),
3336 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3337 nist_186_2_ecdsa_testvector_41),
3338 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3339 nist_186_2_ecdsa_testvector_41),
3340 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3341 nist_186_2_ecdsa_testvector_42),
3342 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3343 nist_186_2_ecdsa_testvector_42),
3344 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3345 nist_186_2_ecdsa_testvector_43),
3346 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3347 nist_186_2_ecdsa_testvector_43),
3348 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3349 nist_186_2_ecdsa_testvector_44),
3350 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3351 nist_186_2_ecdsa_testvector_44),
3352 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3353 nist_186_2_ecdsa_testvector_45),
3354 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3355 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3356 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3357 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3358 nist_186_2_ecdsa_testvector_46),
3359 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3360 nist_186_2_ecdsa_testvector_46),
3361 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3362 nist_186_2_ecdsa_testvector_47),
3363 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3364 nist_186_2_ecdsa_testvector_47),
3365 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3366 nist_186_2_ecdsa_testvector_48),
3367 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3368 nist_186_2_ecdsa_testvector_48),
3369 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3370 nist_186_2_ecdsa_testvector_49),
3371 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3372 nist_186_2_ecdsa_testvector_49),
3373 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3374 nist_186_2_ecdsa_testvector_50),
3375 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3376 nist_186_2_ecdsa_testvector_50),
3377 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3378 nist_186_2_ecdsa_testvector_51),
3379 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3380 nist_186_2_ecdsa_testvector_51),
3381 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3382 nist_186_2_ecdsa_testvector_52),
3383 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3384 nist_186_2_ecdsa_testvector_52),
3385 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3386 nist_186_2_ecdsa_testvector_53),
3387 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3388 nist_186_2_ecdsa_testvector_53),
3389 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3390 nist_186_2_ecdsa_testvector_54),
3391 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3392 nist_186_2_ecdsa_testvector_54),
3393 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3394 nist_186_2_ecdsa_testvector_55),
3395 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3396 nist_186_2_ecdsa_testvector_55),
3397 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3398 nist_186_2_ecdsa_testvector_56),
3399 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3400 nist_186_2_ecdsa_testvector_56),
3401 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3402 nist_186_2_ecdsa_testvector_57),
3403 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3404 nist_186_2_ecdsa_testvector_57),
3405 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3406 nist_186_2_ecdsa_testvector_58),
3407 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3408 nist_186_2_ecdsa_testvector_58),
3409 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3410 nist_186_2_ecdsa_testvector_59),
3411 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3412 nist_186_2_ecdsa_testvector_59),
3413 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3414 nist_186_2_ecdsa_testvector_60),
3415 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3416 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3417 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3418 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3419 nist_186_2_ecdsa_testvector_61),
3420 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3421 nist_186_2_ecdsa_testvector_61),
3422 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3423 nist_186_2_ecdsa_testvector_62),
3424 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3425 nist_186_2_ecdsa_testvector_62),
3426 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3427 nist_186_2_ecdsa_testvector_63),
3428 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3429 nist_186_2_ecdsa_testvector_63),
3430 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3431 nist_186_2_ecdsa_testvector_64),
3432 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3433 nist_186_2_ecdsa_testvector_64),
3434 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3435 nist_186_2_ecdsa_testvector_65),
3436 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3437 nist_186_2_ecdsa_testvector_65),
3438 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3439 nist_186_2_ecdsa_testvector_66),
3440 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3441 nist_186_2_ecdsa_testvector_66),
3442 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3443 nist_186_2_ecdsa_testvector_67),
3444 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3445 nist_186_2_ecdsa_testvector_67),
3446 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3447 nist_186_2_ecdsa_testvector_68),
3448 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3449 nist_186_2_ecdsa_testvector_68),
3450 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3451 nist_186_2_ecdsa_testvector_69),
3452 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3453 nist_186_2_ecdsa_testvector_69),
3454 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3455 nist_186_2_ecdsa_testvector_70),
3456 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3457 nist_186_2_ecdsa_testvector_70),
3458 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3459 nist_186_2_ecdsa_testvector_71),
3460 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3461 nist_186_2_ecdsa_testvector_71),
3462 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3463 nist_186_2_ecdsa_testvector_72),
3464 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3465 nist_186_2_ecdsa_testvector_72),
3466 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3467 nist_186_2_ecdsa_testvector_73),
3468 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3469 nist_186_2_ecdsa_testvector_73),
3470 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3471 nist_186_2_ecdsa_testvector_74),
3472 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3473 nist_186_2_ecdsa_testvector_74),
3474 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3475 nist_186_2_ecdsa_testvector_75),
3476 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3477 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3478 /* [K-163] - GP NOT SUPPORTED */
3479 /* [K-233] - GP NOT SUPPORTED */
3480 /* [K-283] - GP NOT SUPPORTED */
3481 /* [K-409] - GP NOT SUPPORTED */
3482 /* [K-571] - GP NOT SUPPORTED */
3483 /* [B-163] - GP NOT SUPPORTED */
3484 /* [B-233] - GP NOT SUPPORTED */
3485 /* [B-283] - GP NOT SUPPORTED */
3486 /* [B-409] - GP NOT SUPPORTED */
3487 /* [B-571] - GP NOT SUPPORTED */
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3488
3489 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3490 gmt_0003_part5_c2_sm2_testvector),
3491 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_DECRYPT,
3492 gmt_0003_part5_c2_sm2_testvector),
3493 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3494 sm2_testvector2),
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3495
3496 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_VERIFY,
3497 gmt_003_part5_a2),
3498 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_SIGN,
3499 gmt_003_part5_a2),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3500};
3501
3502static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3503 uint32_t max_key_size, uint32_t key_type,
3504 TEE_Attribute *attrs, size_t num_attrs,
3505 TEE_ObjectHandle *handle)
3506{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3507 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3508
3509 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3510 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3511 max_key_size, handle)))
3512 return false;
3513
3514 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3515 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3516 num_attrs)))
3517 return false;
3518
3519 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3520 uint8_t out[512] = { };
3521 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3522
3523 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3524 continue;
3525
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3526 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3527 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3528 attrs[n].attributeID, out, &out_size)))
3529 return false;
3530
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3531 if (out_size < attrs[n].content.ref.length) {
3532 memmove(out + (attrs[n].content.ref.length - out_size),
3533 out,
3534 attrs[n].content.ref.length);
3535 memset(out, 0, attrs[n].content.ref.length - out_size);
3536 out_size = attrs[n].content.ref.length;
3537 }
3538
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3539 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3540 attrs[n].content.ref.length, out, out_size))
3541 return false;
3542 }
3543
3544 return true;
3545}
3546
3547static void xtest_tee_test_4006(ADBG_Case_t *c)
3548{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3549 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3550 TEE_OperationHandle op = TEE_HANDLE_NULL;
3551 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3552 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3553 TEE_Attribute key_attrs[8] = { };
3554 TEE_Attribute algo_params[1] = { };
3555 size_t num_algo_params = 0;
3556 uint8_t out[512] = { };
3557 size_t out_size = 0;
3558 uint8_t out_enc[512] = { };
3559 size_t out_enc_size = 0;
3560 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3561 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3562 size_t max_key_size = 0;
3563 size_t num_key_attrs = 0;
3564 uint32_t ret_orig = 0;
3565 size_t n = 0;
3566 uint32_t curve = 0;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3567 uint32_t pub_key_type = 0;
3568 uint32_t priv_key_type = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3569 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3570
3571 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3572 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3573 &ret_orig)))
3574 return;
3575
3576 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3577 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3578
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3579 if (tv->level > level)
3580 continue;
3581
Jerome Forissier4b03e282020-01-22 16:33:12 +0100[diff] [blame]3582 if ((tv->algo == TEE_ALG_SM2_PKE ||
3583 tv->algo == TEE_ALG_SM2_DSA_SM3) &&
3584 !ta_crypt_cmd_is_algo_supported(c, &session, tv->algo,
3585 TEE_ECC_CURVE_SM2)) {
3586 Do_ADBG_Log("SM2 not supported: skip subcase");
3587 continue;
3588 }
3589
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3590 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3591 (int)n, (unsigned int)tv->algo,
3592 (int)tv->line);
3593
3594 /*
3595 * When signing or verifying we're working with the hash of
3596 * the payload.
3597 */
3598 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3599 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3600 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3601#if defined(CFG_CRYPTO_RSASSA_NA1)
3602 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3603 hash_algo = TEE_ALG_SHA256;
3604#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3605 else
3606 hash_algo = TEE_ALG_HASH_ALGO(
3607 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3608
3609 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3610 ta_crypt_cmd_allocate_operation(c, &session,
3611 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3612 goto out;
3613
3614 ptx_hash_size = sizeof(ptx_hash);
3615 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3616 ta_crypt_cmd_digest_do_final(c, & session, op,
3617 tv->ptx, tv->ptx_len, ptx_hash,
3618 &ptx_hash_size)))
3619 goto out;
3620
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3621 /*
3622 * When we use DSA algorithms, the size of the hash we
3623 * consider equals the min between the size of the
3624 * "subprime" in the key and the size of the hash
3625 */
3626 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3627 TEE_MAIN_ALGO_DSA) {
3628 if (tv->params.dsa.sub_prime_len <=
3629 ptx_hash_size)
3630 ptx_hash_size =
3631 tv->params.dsa.sub_prime_len;
3632 }
3633
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3634 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3635 ta_crypt_cmd_free_operation(c, &session, op)))
3636 goto out;
3637 }
3638
3639 num_algo_params = 0;
3640 num_key_attrs = 0;
3641 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3642 case TEE_MAIN_ALGO_RSA:
3643 if (tv->params.rsa.salt_len > 0) {
3644 algo_params[0].attributeID =
3645 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3646 algo_params[0].content.value.a =
3647 tv->params.rsa.salt_len;
3648 algo_params[0].content.value.b = 0;
3649 num_algo_params = 1;
3650 }
3651
3652 max_key_size = tv->params.rsa.modulus_len * 8;
3653
3654 xtest_add_attr(&num_key_attrs, key_attrs,
3655 TEE_ATTR_RSA_MODULUS,
3656 tv->params.rsa.modulus,
3657 tv->params.rsa.modulus_len);
3658 xtest_add_attr(&num_key_attrs, key_attrs,
3659 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3660 tv->params.rsa.pub_exp,
3661 tv->params.rsa.pub_exp_len);
3662
3663 if (!ADBG_EXPECT_TRUE(c,
3664 create_key(c, &session,
3665 max_key_size,
3666 TEE_TYPE_RSA_PUBLIC_KEY,
3667 key_attrs,
3668 num_key_attrs,
3669 &pub_key_handle)))
3670 goto out;
3671
3672 xtest_add_attr(&num_key_attrs, key_attrs,
3673 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3674 tv->params.rsa.priv_exp,
3675 tv->params.rsa.priv_exp_len);
3676
3677 if (tv->params.rsa.prime1_len != 0) {
3678 xtest_add_attr(&num_key_attrs, key_attrs,
3679 TEE_ATTR_RSA_PRIME1,
3680 tv->params.rsa.prime1,
3681 tv->params.rsa.prime1_len);
3682 }
3683
3684 if (tv->params.rsa.prime2_len != 0) {
3685 xtest_add_attr(&num_key_attrs, key_attrs,
3686 TEE_ATTR_RSA_PRIME2,
3687 tv->params.rsa.prime2,
3688 tv->params.rsa.prime2_len);
3689 }
3690
3691 if (tv->params.rsa.exp1_len != 0) {
3692 xtest_add_attr(&num_key_attrs, key_attrs,
3693 TEE_ATTR_RSA_EXPONENT1,
3694 tv->params.rsa.exp1,
3695 tv->params.rsa.exp1_len);
3696 }
3697
3698 if (tv->params.rsa.exp2_len != 0) {
3699 xtest_add_attr(&num_key_attrs, key_attrs,
3700 TEE_ATTR_RSA_EXPONENT2,
3701 tv->params.rsa.exp2,
3702 tv->params.rsa.exp2_len);
3703 }
3704
3705 if (tv->params.rsa.coeff_len != 0) {
3706 xtest_add_attr(&num_key_attrs, key_attrs,
3707 TEE_ATTR_RSA_COEFFICIENT,
3708 tv->params.rsa.coeff,
3709 tv->params.rsa.coeff_len);
3710 }
3711
3712 if (!ADBG_EXPECT_TRUE(c,
3713 create_key(c, &session,
3714 max_key_size,
3715 TEE_TYPE_RSA_KEYPAIR,
3716 key_attrs,
3717 num_key_attrs,
3718 &priv_key_handle)))
3719 goto out;
3720 break;
3721
3722 case TEE_MAIN_ALGO_DSA:
3723 max_key_size = tv->params.dsa.prime_len * 8;
3724
3725 xtest_add_attr(&num_key_attrs, key_attrs,
3726 TEE_ATTR_DSA_PRIME,
3727 tv->params.dsa.prime,
3728 tv->params.dsa.prime_len);
3729 xtest_add_attr(&num_key_attrs, key_attrs,
3730 TEE_ATTR_DSA_SUBPRIME,
3731 tv->params.dsa.sub_prime,
3732 tv->params.dsa.sub_prime_len);
3733 xtest_add_attr(&num_key_attrs, key_attrs,
3734 TEE_ATTR_DSA_BASE,
3735 tv->params.dsa.base,
3736 tv->params.dsa.base_len);
3737 xtest_add_attr(&num_key_attrs, key_attrs,
3738 TEE_ATTR_DSA_PUBLIC_VALUE,
3739 tv->params.dsa.pub_val,
3740 tv->params.dsa.pub_val_len);
3741
3742 if (!ADBG_EXPECT_TRUE(c,
3743 create_key(c, &session, max_key_size,
3744 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3745 num_key_attrs, &pub_key_handle)))
3746 goto out;
3747
3748 xtest_add_attr(&num_key_attrs, key_attrs,
3749 TEE_ATTR_DSA_PRIVATE_VALUE,
3750 tv->params.dsa.priv_val,
3751 tv->params.dsa.priv_val_len);
3752
3753 if (!ADBG_EXPECT_TRUE(c,
3754 create_key(c, &session, max_key_size,
3755 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3756 num_key_attrs, &priv_key_handle)))
3757 goto out;
3758 break;
3759
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3760 case TEE_MAIN_ALGO_ECDSA:
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3761 case TEE_MAIN_ALGO_SM2_PKE:
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3762 case TEE_MAIN_ALGO_SM2_DSA_SM3:
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3763 switch (tv->algo) {
3764 case TEE_ALG_ECDSA_P192:
3765 curve = TEE_ECC_CURVE_NIST_P192;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3766 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3767 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3768 break;
3769 case TEE_ALG_ECDSA_P224:
3770 curve = TEE_ECC_CURVE_NIST_P224;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3771 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3772 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3773 break;
3774 case TEE_ALG_ECDSA_P256:
3775 curve = TEE_ECC_CURVE_NIST_P256;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3776 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3777 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3778 break;
3779 case TEE_ALG_ECDSA_P384:
3780 curve = TEE_ECC_CURVE_NIST_P384;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3781 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3782 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3783 break;
3784 case TEE_ALG_ECDSA_P521:
3785 curve = TEE_ECC_CURVE_NIST_P521;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3786 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3787 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
3788 break;
3789 case TEE_ALG_SM2_PKE:
3790 curve = TEE_ECC_CURVE_SM2;
3791 pub_key_type = TEE_TYPE_SM2_PKE_PUBLIC_KEY;
3792 priv_key_type = TEE_TYPE_SM2_PKE_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3793 break;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3794 case TEE_ALG_SM2_DSA_SM3:
3795 curve = TEE_ECC_CURVE_SM2;
3796 pub_key_type = TEE_TYPE_SM2_DSA_PUBLIC_KEY;
3797 priv_key_type = TEE_TYPE_SM2_DSA_KEYPAIR;
3798 break;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3799 default:
3800 curve = 0xFF;
3801 break;
3802 }
3803
3804 if (tv->algo == TEE_ALG_ECDSA_P521)
3805 max_key_size = 521;
3806 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3807 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3808
3809 xtest_add_attr_value(&num_key_attrs, key_attrs,
3810 TEE_ATTR_ECC_CURVE, curve, 0);
3811 xtest_add_attr(&num_key_attrs, key_attrs,
3812 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3813 tv->params.ecc.public_x,
3814 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3815 xtest_add_attr(&num_key_attrs, key_attrs,
3816 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3817 tv->params.ecc.public_y,
3818 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3819
3820 if (!ADBG_EXPECT_TRUE(c,
3821 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3822 pub_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3823 num_key_attrs, &pub_key_handle)))
3824 goto out;
3825
3826 xtest_add_attr(&num_key_attrs, key_attrs,
3827 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3828 tv->params.ecc.private,
3829 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3830
3831 if (!ADBG_EXPECT_TRUE(c,
3832 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3833 priv_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3834 num_key_attrs, &priv_key_handle)))
3835 goto out;
3836 break;
3837
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3838 default:
3839 ADBG_EXPECT_TRUE(c, false);
3840 goto out;
3841 }
3842
3843 out_size = sizeof(out);
3844 memset(out, 0, sizeof(out));
3845 switch (tv->mode) {
3846 case TEE_MODE_ENCRYPT:
3847 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3848 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3849 &op, tv->algo, TEE_MODE_ENCRYPT,
3850 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3851 goto out;
3852
3853 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3854 ta_crypt_cmd_set_operation_key(c, &session, op,
3855 pub_key_handle)))
3856 goto out;
3857
3858 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3859 ta_crypt_cmd_free_transient_object(c, &session,
3860 pub_key_handle)))
3861 goto out;
3862 pub_key_handle = TEE_HANDLE_NULL;
3863
3864 out_enc_size = sizeof(out_enc);
3865 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3866 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3867 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3868 &out_enc_size)))
3869 goto out;
3870
3871 /*
3872 * A PS which is random is added when formatting the
3873 * message internally of the algorithm so we can't
3874 * verify against precomputed values, instead we use the
3875 * decrypt operation to see that output is correct.
3876 */
3877
3878 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3879 ta_crypt_cmd_free_operation(c, &session, op)))
3880 goto out;
3881
3882 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3883 ta_crypt_cmd_allocate_operation(c, &session,
3884 &op, tv->algo, TEE_MODE_DECRYPT,
3885 max_key_size)))
3886 goto out;
3887
3888 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3889 ta_crypt_cmd_set_operation_key(c, &session, op,
3890 priv_key_handle)))
3891 goto out;
3892
3893 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3894 ta_crypt_cmd_free_transient_object(c, &session,
3895 priv_key_handle)))
3896 goto out;
3897
3898 priv_key_handle = TEE_HANDLE_NULL;
3899
3900 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3901 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3902 NULL, 0, out_enc, out_enc_size, out,
3903 &out_size)))
3904 goto out;
3905
3906 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3907 out_size);
3908 break;
3909
3910 case TEE_MODE_DECRYPT:
3911 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3912 ta_crypt_cmd_allocate_operation(c, &session,
3913 &op, tv->algo, TEE_MODE_DECRYPT,
3914 max_key_size)))
3915 goto out;
3916
3917 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3918 ta_crypt_cmd_set_operation_key(c, &session, op,
3919 priv_key_handle)))
3920 goto out;
3921
3922 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3923 ta_crypt_cmd_free_transient_object(c, &session,
3924 priv_key_handle)))
3925 goto out;
3926
3927 priv_key_handle = TEE_HANDLE_NULL;
3928
3929 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3930 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3931 NULL, 0, tv->ctx, tv->ctx_len, out,
3932 &out_size)))
3933 goto out;
3934
3935 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3936 out_size);
3937 break;
3938
3939 case TEE_MODE_VERIFY:
3940 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3941 ta_crypt_cmd_allocate_operation(c, &session,
3942 &op, tv->algo, TEE_MODE_VERIFY,
3943 max_key_size)))
3944 goto out;
3945
3946 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3947 ta_crypt_cmd_set_operation_key(c, &session, op,
3948 pub_key_handle)))
3949 goto out;
3950
3951 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3952 ta_crypt_cmd_free_transient_object(c, &session,
3953 pub_key_handle)))
3954 goto out;
3955
3956 pub_key_handle = TEE_HANDLE_NULL;
3957
3958 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3959 ta_crypt_cmd_asymmetric_verify(c, &session, op,
3960 algo_params, num_algo_params, ptx_hash,
3961 ptx_hash_size, tv->ctx, tv->ctx_len)))
3962 goto out;
3963 break;
3964
3965 case TEE_MODE_SIGN:
3966 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3967 ta_crypt_cmd_allocate_operation(c, &session,
3968 &op, tv->algo, TEE_MODE_SIGN,
3969 max_key_size)))
3970 goto out;
3971
3972 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3973 ta_crypt_cmd_set_operation_key(c, &session, op,
3974 priv_key_handle)))
3975 goto out;
3976
3977 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3978 ta_crypt_cmd_free_transient_object(c, &session,
3979 priv_key_handle)))
3980 goto out;
3981
3982 priv_key_handle = TEE_HANDLE_NULL;
3983
3984 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3985 ta_crypt_cmd_asymmetric_sign(c, &session, op,
3986 algo_params, num_algo_params, ptx_hash,
3987 ptx_hash_size, out, &out_size)))
3988 goto out;
3989
3990 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
3991 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3992 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3993 tv->algo == TEE_ALG_DSA_SHA224 ||
3994 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3995 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3996 TEE_MAIN_ALGO_ECDSA ||
3997 tv->algo == TEE_ALG_SM2_DSA_SM3) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3998 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3999 ta_crypt_cmd_free_operation(c, &session,
4000 op)))
4001 goto out;
4002 /*
4003 * The salt or K is random so we can't verify
4004 * signing against precomputed values, instead
4005 * we use the verify operation to see that
4006 * output is correct.
4007 */
4008 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4009 ta_crypt_cmd_allocate_operation(c,
4010 &session, &op, tv->algo,
4011 TEE_MODE_VERIFY, max_key_size)))
4012 goto out;
4013
4014 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4015 ta_crypt_cmd_set_operation_key(c,
4016 &session, op, pub_key_handle)))
4017 goto out;
4018
4019 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4020 ta_crypt_cmd_free_transient_object(c,
4021 &session, pub_key_handle)))
4022 goto out;
4023
4024 pub_key_handle = TEE_HANDLE_NULL;
4025
4026 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4027 ta_crypt_cmd_asymmetric_verify(c,
4028 &session, op, algo_params,
4029 num_algo_params, ptx_hash,
4030 ptx_hash_size, out, out_size)))
4031 goto out;
4032 } else {
4033 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4034 tv->ctx_len, out,
4035 out_size);
4036 }
4037 break;
4038
4039 default:
4040 break;
4041 }
4042
4043 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4044 ta_crypt_cmd_free_operation(c, &session, op)))
4045 goto out;
4046
4047 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4048 ta_crypt_cmd_free_transient_object(c, &session,
4049 pub_key_handle)))
4050 goto out;
4051 pub_key_handle = TEE_HANDLE_NULL;
4052
4053 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4054 ta_crypt_cmd_free_transient_object(c, &session,
4055 priv_key_handle)))
4056 goto out;
4057
4058 priv_key_handle = TEE_HANDLE_NULL;
4059
4060 Do_ADBG_EndSubCase(c, NULL);
4061 }
4062out:
4063 TEEC_CloseSession(&session);
4064}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4065ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4066 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4067
4068#define KEY_ATTR(x, y) { #x, (x), y }
4069
4070struct key_attrs {
4071 const char *name;
4072 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4073 /*
4074 * When keysize_check != 0: size of attribute is checked
4075 * Expected value is key_size bits except for DH in which case it is
4076 * the value of keysize_check.
4077 */
4078 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4079};
4080
4081static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4082 TEE_ObjectHandle key, uint32_t key_size,
4083 struct key_attrs *attrs, size_t num_attrs)
4084{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4085 uint8_t out[2048] = { };
4086 size_t out_size = 0;
4087 size_t n = 0;
4088 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4089
4090 for (m = 0; m < num_attrs; m++) {
4091 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4092 out_size = sizeof(out);
4093 memset(out, 0, sizeof(out));
4094 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4095 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4096 key, attrs[m].attr, out, &out_size)))
4097 return false;
4098
4099 if (attrs[m].keysize_check)
Jerome Forissierfe94e562020-11-17 17:22:40 +0100[diff] [blame]4100 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, <=,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4101 key_size / 8);
4102
4103 if (out_size > 0) {
4104 /* Check that buffer isn't all zeroes */
4105 for (n = 0; n < out_size; n++)
4106 if (out[n] != 0)
4107 break;
4108 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4109 out_size))
4110 return false;
4111 }
4112 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4113 uint32_t a = 0;
4114 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4115
4116 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4117 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4118 attrs[m].attr, &a, &b)))
4119 return false;
4120 }
4121 }
4122 return true;
4123}
4124
4125static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4126 TEE_ObjectHandle key, uint32_t key_size)
4127{
4128 const struct key_attrs attrs[] = {
4129 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4130 };
4131
4132 return test_keygen_attributes(c, s, key, key_size,
4133 (struct key_attrs *)&attrs,
4134 ARRAY_SIZE(attrs));
4135}
4136
4137
4138static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4139 TEE_ObjectHandle key, uint32_t key_size)
4140{
4141 const struct key_attrs attrs[] = {
4142 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4143 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4144 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4145 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4146 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4147 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4148 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4149 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4150 };
4151
4152 return test_keygen_attributes(c, s, key, key_size,
4153 (struct key_attrs *)&attrs,
4154 ARRAY_SIZE(attrs));
4155}
4156
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4157static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4158 TEE_ObjectHandle key, uint32_t key_size)
4159{
4160 const struct key_attrs attrs[] = {
4161 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4162 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4163 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4164 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4165 };
4166
4167 return test_keygen_attributes(c, s, key, key_size,
4168 (struct key_attrs *)&attrs,
4169 ARRAY_SIZE(attrs));
4170}
4171
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4172static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4173 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4174{
4175 const struct key_attrs attrs[] = {
4176 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4177 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4178 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4179 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4180 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4181 };
4182
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4183 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4184 (struct key_attrs *)&attrs,
4185 ARRAY_SIZE(attrs));
4186}
4187
4188static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4189 TEE_ObjectHandle key, uint32_t key_size)
4190{
4191 const struct key_attrs attrs[] = {
4192 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4193 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4194 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4195 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4196 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4197 };
4198
4199 return test_keygen_attributes(c, s, key, key_size,
4200 (struct key_attrs *)&attrs,
4201 ARRAY_SIZE(attrs));
4202}
4203
4204static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4205 uint32_t key_type, uint32_t check_keysize,
4206 uint32_t key_size,
4207 TEE_Attribute *params, size_t param_count)
4208{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4209 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4210 bool ret_val = true;
4211
4212 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4213 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4214 &key)))
4215 return false;
4216
4217 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4218 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4219 param_count)))
4220 return false;
4221
4222 switch (key_type) {
4223 case TEE_TYPE_DES:
4224 case TEE_TYPE_DES3:
4225 ret_val = ADBG_EXPECT_TRUE(c,
4226 test_secret_value(c, s, key,
4227 key_size + key_size / 7));
4228 break;
4229 case TEE_TYPE_AES:
4230 case TEE_TYPE_HMAC_MD5:
4231 case TEE_TYPE_HMAC_SHA1:
4232 case TEE_TYPE_HMAC_SHA224:
4233 case TEE_TYPE_HMAC_SHA256:
4234 case TEE_TYPE_HMAC_SHA384:
4235 case TEE_TYPE_HMAC_SHA512:
4236 case TEE_TYPE_GENERIC_SECRET:
4237 ret_val = ADBG_EXPECT_TRUE(c,
4238 test_secret_value(c, s, key, key_size));
4239 break;
4240
4241 case TEE_TYPE_RSA_KEYPAIR:
4242 ret_val = ADBG_EXPECT_TRUE(c,
4243 test_rsa_key_pair(c, s, key, key_size));
4244 break;
4245
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4246 case TEE_TYPE_ECDSA_KEYPAIR:
4247 case TEE_TYPE_ECDH_KEYPAIR:
4248 ret_val = ADBG_EXPECT_TRUE(c,
4249 test_ecc_key_pair(c, s, key, key_size));
4250 break;
4251
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4252 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4253 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4254 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4255 break;
4256
4257 case TEE_TYPE_DSA_KEYPAIR:
4258 ret_val = ADBG_EXPECT_TRUE(c,
4259 test_dsa_key_pair(c, s, key, key_size));
4260 break;
4261
4262 default:
4263 ret_val = false;
4264 break;
4265 }
4266
4267 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4268 ta_crypt_cmd_free_transient_object(c, s, key)))
4269 return false;
4270
4271 return ret_val;
4272}
4273
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4274struct key_types_noparam {
4275 unsigned level;
4276 const char *name;
4277 uint32_t key_type;
4278 uint32_t quanta;
4279 uint32_t min_size;
4280 uint32_t max_size;
4281};
4282
4283static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4284 const struct key_types_noparam *key_types,
4285 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4286{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4287 size_t n = 0;
4288 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4289
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4290 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4291 uint32_t min_size = key_types[n].min_size;
4292 uint32_t max_size = key_types[n].max_size;
4293 uint32_t quanta = key_types[n].quanta;
4294
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4295 if (key_types[n].level > level)
4296 continue;
4297
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4298 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4299
4300 for (key_size = min_size; key_size <= max_size;
4301 key_size += quanta) {
4302 if (!ADBG_EXPECT_TRUE(c,
4303 generate_and_test_key(c, session, key_types
4304 [n].key_type, 1, key_size, NULL, 0)))
4305 break;
4306 }
4307
4308 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4309 }
4310}
4311
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4312static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4313{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4314 TEEC_Session session = { };
4315 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4316 static const struct key_types_noparam key_types[] = {
4317 { 0, "AES", TEE_TYPE_AES, 64, 128,
4318 256 /* valid sizes 128, 192, 256 */ },
4319 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4320 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4321 168 /* valid sizes 112, 168 */ },
4322 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4323 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4324 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4325 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4326 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4327 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4328 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4329 };
4330
4331 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4332 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4333 &ret_orig)))
4334 return;
4335
4336 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4337
4338 TEEC_CloseSession(&session);
4339}
4340ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4341 "Test TEE Internal API Generate Symmetric key");
4342
4343static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4344{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4345 TEEC_Session session = { };
4346 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4347 static const struct key_types_noparam key_types[] = {
4348 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4349 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4350 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4351 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4352 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4353 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4354 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4355 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4356 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4357 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4358 };
4359
4360 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4361 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4362 &ret_orig)))
4363 return;
4364
4365 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4366
4367 TEEC_CloseSession(&session);
4368}
4369ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4370 "Test TEE Internal API Generate RSA key");
4371
4372static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4373{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4374 TEEC_Session session = { };
4375 uint32_t ret_orig = 0;
4376 size_t n = 0;
4377 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4378 /*
4379 * Note that the key size parameter is not used when creating the keys
4380 * but specifying these sizes make it possible to test the expected size
4381 * of the private value. This also means that the keysize must match the
4382 * size of p or what is specified in private_bits or the equvivalent
4383 * size of the subprime parameter.
4384 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4385 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4386
4387#define XTEST_DH_GK_DATA(vect) \
4388 ARRAY(vect ## _p), \
4389 ARRAY(vect ## _g), \
4390 &vect ## _private_bits, \
4391 0, 0
4392#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4393 ARRAY(vect ## _p), \
4394 ARRAY(vect ## _g), \
4395 &vect ## _private_bits, \
4396 ARRAY(vect ## _subprime)
4397 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4398 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4399 uint32_t key_size;
4400 const uint8_t *p;
4401 size_t p_len;
4402 const uint8_t *g;
4403 size_t g_len;
4404 const uint32_t *private_bits;
4405 const uint8_t *subprime;
4406 size_t subprime_len;
4407 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4408 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4409 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4410 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4411 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4412 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4413 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4414 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4415 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4416 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4417 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4418 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4419 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4420 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4421 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4422 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4423 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4424 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4425 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4426 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4427 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4428 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4429 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4430 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4431 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4432 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4433 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4434 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4435 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4436 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4437 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4438 };
4439
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4440 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4441 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4442 &ret_orig)))
4443 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4444
4445 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4446 if (key_types[n].level > level)
4447 continue;
4448
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4449 Do_ADBG_BeginSubCase(c,
4450 "Generate DH key %d bits - Private bits = %d",
4451 key_types[n].key_size,
4452 *key_types[n].private_bits);
4453 param_count = 0;
4454
4455 xtest_add_attr(&param_count, params,
4456 TEE_ATTR_DH_PRIME,
4457 key_types[n].p, key_types[n].p_len);
4458
4459 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4460 key_types[n].g, key_types[n].g_len);
4461
4462 if (key_types[n].private_bits != 0) {
4463 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4464
4465 params[param_count].content.value.a =
4466 *key_types[n].private_bits;
4467
4468 params[param_count].content.value.b = 0;
4469 param_count++;
4470 }
4471
4472 if (key_types[n].subprime != 0) {
4473 xtest_add_attr(&param_count, params,
4474 TEE_ATTR_DH_SUBPRIME,
4475 key_types[n].subprime,
4476 key_types[n].subprime_len);
4477 }
4478
4479 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4480 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4481 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4482 key_types[n]. key_size, params, param_count)))
4483 break;
4484
4485 Do_ADBG_EndSubCase(c,
4486 "Generate DH key %d bits - Private bits = %d",
4487 key_types[n].key_size,
4488 *key_types[n].private_bits);
4489 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4490
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4491 TEEC_CloseSession(&session);
4492}
4493ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4494 "Test TEE Internal API Generate DH key");
4495
4496static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4497{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4498 TEEC_Session session = { };
4499 uint32_t ret_orig = 0;
4500 size_t n = 0;
4501 size_t param_count = 0;
4502 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4503
4504#define XTEST_DSA_GK_DATA(vect) \
4505 ARRAY(vect ## _p), \
4506 ARRAY(vect ## _g), \
4507 ARRAY(vect ## _q)
4508 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4509 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4510 uint32_t key_size;
4511 const uint8_t *prime;
4512 size_t prime_len;
4513 const uint8_t *base;
4514 size_t base_len;
4515 const uint8_t *sub_prime;
4516 size_t sub_prime_len;
4517 } key_types[] = {
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4518 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4519 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4520 { 0, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4521 { 0, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4522 { 0, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4523 { 0, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4524 { 0, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4525 { 0, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4526 { 0, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4527 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4528 };
4529
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4530 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4531 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4532 &ret_orig)))
4533 return;
4534
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4535 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4536 if (key_types[n].level > level)
4537 continue;
4538
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4539 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4540 key_types[n].key_size);
4541 param_count = 0;
4542
4543
4544 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4545 key_types[n].prime, key_types[n].prime_len);
4546
4547 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4548 key_types[n].sub_prime,
4549 key_types[n].sub_prime_len);
4550
4551 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4552 key_types[n].base, key_types[n].base_len);
4553
4554 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4555 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4556 1, key_types[n]. key_size, params,
4557 param_count)))
4558 break;
4559
4560 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4561 key_types[n].key_size);
4562 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4563
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4564 TEEC_CloseSession(&session);
4565}
4566ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4567 "Test TEE Internal API Generate DSA key");
4568
4569static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4570{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4571 TEEC_Session session = { };
4572 uint32_t ret_orig = 0;
4573 size_t n = 0;
4574 size_t param_count = 0;
4575 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4576
4577 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4578 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4579 const char *name;
4580 uint32_t algo;
4581 uint32_t curve;
4582 uint32_t key_size;
4583 } key_types[] = {
4584 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4585 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4586 192 },
4587 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4588 224 },
4589 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4590 256 },
4591 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4592 384 },
4593 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4594 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4595
4596 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4597 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4598 192 },
4599 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4600 224 },
4601 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4602 256 },
4603 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4604 384 },
4605 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4606 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4607 };
4608
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4609 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4610 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4611 &ret_orig)))
4612 return;
4613
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4614 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4615 if (key_types[n].level > level)
4616 continue;
4617
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4618 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4619 param_count = 0;
4620
4621 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4622 key_types[n].curve, 0);
4623
4624 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4625 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4626 0, key_types[n].key_size, params,
4627 param_count)))
4628 break;
4629
4630 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4631 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4632
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4633 TEEC_CloseSession(&session);
4634}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4635ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
4636 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4637
4638static void xtest_tee_test_4008(ADBG_Case_t *c)
4639{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4640 TEEC_Session session = { };
4641 uint32_t ret_orig = 0;
4642 TEE_OperationHandle op = TEE_HANDLE_NULL;
4643 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4644 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4645 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4646 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4647 uint8_t out[2048] = { };
4648 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4649
4650 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4651 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4652 &ret_orig)))
4653 return;
4654
4655 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4656
4657 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4658 ta_crypt_cmd_allocate_operation(c, &session, &op,
4659 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4660 derive_key_max_keysize)))
4661 goto out;
4662
4663 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4664 ta_crypt_cmd_allocate_transient_object(c, & session,
4665 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4666 &key_handle)))
4667 goto out;
4668
4669 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4670 ARRAY(derive_key_dh_prime));
4671
4672 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4673 ARRAY(derive_key_dh_base));
4674
4675 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4676 ARRAY(derive_key_dh_public_value));
4677
4678 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4679 ARRAY(derive_key_dh_private_value));
4680
4681 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4682 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4683 params, param_count)))
4684 goto out;
4685
4686 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4687 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4688 goto out;
4689
4690 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4691 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4692 goto out;
4693
4694 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4695 ta_crypt_cmd_allocate_transient_object(c, &session,
4696 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4697 &sv_handle)))
4698 goto out;
4699
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4700 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4701 param_count = 0;
4702
4703 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4704 ARRAY(derive_key_dh_public_value_2));
4705
4706 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4707 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4708 param_count)))
4709 goto out;
4710
4711 out_size = sizeof(out);
4712 memset(out, 0, sizeof(out));
4713 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4714 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4715 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4716 goto out;
4717
4718 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4719 sizeof(derive_key_dh_shared_secret), out,
4720 out_size))
4721 goto out;
4722
4723 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4724 ta_crypt_cmd_free_operation(c, &session, op)))
4725 goto out;
4726
4727 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4728 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4729 goto out;
4730out:
4731 Do_ADBG_EndSubCase(c, "Derive DH key success");
4732 TEEC_CloseSession(&session);
4733}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4734ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
4735 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4736
4737static void xtest_tee_test_4009(ADBG_Case_t *c)
4738{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4739 TEEC_Session session = { };
4740 uint32_t ret_orig = 0;
4741 TEE_OperationHandle op = TEE_HANDLE_NULL;
4742 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4743 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4744 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4745 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4746 uint8_t out[2048] = { };
4747 size_t out_size = 0;
4748 uint32_t size_bytes = 0;
4749 uint32_t i = 0;
Ruchika Gupta454b0b62020-10-30 13:23:19 +0530[diff] [blame]4750 struct derive_key_ecdh_t const *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4751
4752 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4753 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4754 &ret_orig)))
4755 return;
4756
4757 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4758 pt = &derive_key_ecdh[i];
4759
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]4760 if (pt->level > level)
4761 continue;
4762
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4763 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4764 pt->algo);
4765 size_bytes = (pt->keysize + 7) / 8;
4766 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4767 ta_crypt_cmd_allocate_operation(c, &session, &op,
4768 pt->algo,
4769 TEE_MODE_DERIVE, pt->keysize)))
4770 goto out;
4771
4772 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4773 ta_crypt_cmd_allocate_transient_object(c, & session,
4774 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4775 &key_handle)))
4776 goto out;
4777
4778 param_count = 0;
4779 xtest_add_attr_value(&param_count, params,
4780 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4781 xtest_add_attr(&param_count, params,
4782 TEE_ATTR_ECC_PRIVATE_VALUE,
4783 pt->private, size_bytes);
4784 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4785 * The public value is not used, but we should provide a valid
4786 * one to avoid rejection in case TEE_PopulateTransientObject()
4787 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4788 */
4789 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4790 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4791 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4792 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4793 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4794 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4795
4796 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4797 ta_crypt_cmd_populate_transient_object(c,
4798 &session,
4799 key_handle, params, param_count)))
4800 goto out;
4801
4802 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4803 ta_crypt_cmd_set_operation_key(c, &session, op,
4804 key_handle)))
4805 goto out;
4806
4807 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4808 ta_crypt_cmd_free_transient_object(c, & session,
4809 key_handle)))
4810 goto out;
4811
4812 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4813 ta_crypt_cmd_allocate_transient_object(c, &session,
4814 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4815 &sv_handle)))
4816 goto out;
4817
4818 /* reuse but reset params and param-count */
4819 param_count = 0;
4820
4821 xtest_add_attr(&param_count, params,
4822 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4823 pt->public_x, size_bytes);
4824 xtest_add_attr(&param_count, params,
4825 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4826 pt->public_y, size_bytes);
4827
4828 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4829 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4830 params, param_count)))
4831 goto out;
4832
4833 out_size = sizeof(out);
4834 memset(out, 0, sizeof(out));
4835 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4836 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4837 sv_handle,
4838 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4839 goto out;
4840
4841 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4842 out, out_size))
4843 goto out;
4844
4845 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4846 ta_crypt_cmd_free_operation(c, &session, op)))
4847 goto out;
4848
4849 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4850 ta_crypt_cmd_free_transient_object(c, &session,
4851 sv_handle)))
4852 goto out;
4853
4854 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4855 pt->algo);
4856 }
4857
4858 goto noerror;
4859
4860out:
4861 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4862
4863noerror:
4864 TEEC_CloseSession(&session);
4865}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4866ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
4867 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4868
4869static void xtest_tee_test_4010(ADBG_Case_t *c)
4870{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4871 TEEC_Session session = { };
4872 uint32_t ret_orig = 0;
4873 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4874 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
4875 static const TEE_Attribute attr = {
4876 .attributeID = TEE_ATTR_SECRET_VALUE,
4877 .content.ref.buffer = (void *)large_key,
4878 .content.ref.length = sizeof(large_key),
4879 };
4880
4881 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4882 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4883 &ret_orig)))
4884 return;
4885
4886 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4887 ta_crypt_cmd_allocate_transient_object(c, &session,
4888 TEE_TYPE_HMAC_SHA256, 1024, &o)))
4889 goto out;
4890
4891 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
4892 ta_crypt_cmd_populate_transient_object(c, &session, o,
4893 &attr, 1));
4894
4895out:
4896 TEEC_CloseSession(&session);
4897}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4898ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
4899 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4900
4901static void xtest_tee_test_4011(ADBG_Case_t *c)
4902{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4903 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4904 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4905 TEE_ObjectHandle key = TEE_HANDLE_NULL;
4906 TEE_OperationHandle ops = TEE_HANDLE_NULL;
4907 TEE_OperationHandle opv = TEE_HANDLE_NULL;
4908 TEE_OperationHandle ope = TEE_HANDLE_NULL;
4909 TEE_OperationHandle opd = TEE_HANDLE_NULL;
4910 uint32_t ret_orig = 0;
4911 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
4912 uint8_t out[1024] = { };
4913 uint8_t tmp[1024] = { };
4914 size_t out_size = 0;
4915 size_t tmp_size = 0;
4916 size_t n = 0;
4917 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4918 size_t i = 0;
4919
4920 /* Setup session, initialize message to sign, create a keypair */
4921 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
4922 &crypt_user_ta_uuid, NULL, &ret_orig)))
4923 return;
4924 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
4925 &s, in, sizeof(in))))
4926 goto out;
4927 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
4928 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
4929 goto out;
4930 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
4931 key, key_size, NULL, 0)))
4932 goto out;
4933
4934 /* Allocate operations for sign, verify, encrypt and decrypt */
4935 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4936 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
4937 key_size)))
4938 goto out;
4939 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4940 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
4941 key_size)))
4942 goto out;
4943 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4944 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
4945 goto out;
4946 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4947 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
4948 goto out;
4949
4950 /* Assign the keypair to all operations */
4951 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4952 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
4953 goto out;
4954 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4955 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
4956 goto out;
4957 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4958 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
4959 goto out;
4960 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4961 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
4962 goto out;
4963
4964 /*
4965 * The core of the test case is inspired by the one in libtomcrypt:
4966 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
4967 *
4968 * Testcase for Bleichenbacher attack
4969 *
4970 * (1) Create a valid signature
4971 * (2) Check that it can be verified
4972 * (3) Transform the package to fetch plain text (using the encrypt
4973 * operation in GP TEE Internal API)
4974 * (4) Forge the structure of PKCS#1-EMSA encoded data
4975 * (4.1) Search for start and end of the padding string
4976 * (4.2) Move the signature to the front of the padding string
4977 * (4.3) Zero the message until the end
4978 * (5) Transform the package back (using the decrypt operation in
4979 * GP TEE Internal API)
4980 * (6) The result should not be valid if the implementation is robust.
4981 */
4982
4983
4984 for (i = 0; i < 9; i++) {
4985 Do_ADBG_Log("Iteration %zu", i);
4986
4987 /* 1 */
4988 out_size = sizeof(out);
4989 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4990 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
4991 in, sizeof(in), out, &out_size)))
4992 goto out;
4993
4994 /* 2 */
4995 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4996 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
4997 in, sizeof(in), out, out_size)))
4998 goto out;
4999
5000 /* 3 */
5001 tmp_size = sizeof(tmp);
5002 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5003 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5004 out, out_size, tmp, &tmp_size)))
5005 goto out;
5006
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5007 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5008 goto out;
5009
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5010 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5011 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5012 if (tmp[n] == 0xff)
5013 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5014
5015 /* Shall find at least a padding start before buffer end */
5016 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5017 goto out;
5018
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5019 for (m = n + 1; m < tmp_size; m++)
5020 if (tmp[m] != 0xff)
5021 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5022
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5023 /* 4.2 */
5024 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5025
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5026 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5027 n = n + i + tmp_size - m;
Etienne Carriereacb81c42020-04-24 14:58:58 +0200[diff] [blame]5028
5029 /* Prevent overrun when zeroing buffer end */
5030 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <=, tmp_size))
5031 goto out;
5032
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5033 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5034
5035 /* 5 */
5036 out_size = sizeof(out);
5037 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5038 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5039 tmp, tmp_size, out, &out_size)))
5040 goto out;
5041
5042 /* 6 */
5043 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5044 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5045 in, sizeof(in), out, out_size)))
5046 goto out;
5047 }
5048
5049out:
5050 TEEC_CloseSession(&s);
5051}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5052ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5053 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5054
5055#ifdef CFG_SYSTEM_PTA
5056static void xtest_tee_test_4012(ADBG_Case_t *c)
5057{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5058 TEEC_Session session = { };
5059 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5060 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5061 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5062 uint8_t pool_input[32] = { };
5063 time_t t = 0;
5064 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5065
5066 t = time(NULL);
5067 tm_local = *localtime(&t);
5068
5069 memcpy((void *)pool_input, (void *)&tm_local,
5070 sizeof(pool_input) < sizeof(tm_local) ?
5071 sizeof(pool_input) : sizeof(tm_local));
5072
5073
5074 op.params[0].tmpref.buffer = pool_input;
5075 op.params[0].tmpref.size = sizeof(pool_input);
5076 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5077 TEEC_NONE,
5078 TEEC_NONE,
5079 TEEC_NONE);
5080 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5081 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5082 &ret_orig)))
5083 return;
5084
5085 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5086 TEEC_InvokeCommand(&session,
5087 TA_CRYPT_CMD_SEED_RNG_POOL,
5088 &op,
5089 &ret_orig));
5090 TEEC_CloseSession(&session);
5091}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5092ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5093 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5094
5095static void xtest_tee_test_4013(ADBG_Case_t *c)
5096{
5097 TEEC_Session session = { };
5098 uint32_t ret_orig = 0;
5099 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5100 uint8_t key[32] = { };
5101 uint8_t extra_data[32] = { };
5102
5103 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5104 TEEC_NONE,
5105 TEEC_NONE,
5106 TEEC_NONE);
5107 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5108 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5109 NULL, &ret_orig)))
5110 return;
5111
5112 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5113 TEEC_InvokeCommand(&session,
5114 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5115 &op,
5116 &ret_orig));
5117
5118 /* Negative test using non-secure memory */
5119 memset(&op, 0, sizeof(op));
5120 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5121 TEEC_MEMREF_TEMP_OUTPUT,
5122 TEEC_NONE,
5123 TEEC_NONE);
5124
5125 op.params[0].tmpref.buffer = extra_data;
5126 op.params[0].tmpref.size = sizeof(extra_data);
5127 op.params[1].tmpref.buffer = key;
5128 op.params[1].tmpref.size = sizeof(key);
5129 (void)ADBG_EXPECT_TEEC_RESULT(c,
5130 TEEC_ERROR_SECURITY,
5131 TEEC_InvokeCommand(&session,
5132 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5133 &op,
5134 &ret_orig));
5135
5136 TEEC_CloseSession(&session);
5137}
5138ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5139 "Test generation of device unique TA keys");
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5140
5141static void xtest_tee_test_4014(ADBG_Case_t *c)
5142{
5143 TEEC_Session session = { };
5144 uint32_t ret_orig = 0;
5145 TEE_OperationHandle op = TEE_HANDLE_NULL;
5146 TEE_ObjectHandle keyA = TEE_HANDLE_NULL;
5147 TEE_ObjectHandle eph_keyA = TEE_HANDLE_NULL;
5148 TEE_ObjectHandle keyB = TEE_HANDLE_NULL;
5149 TEE_ObjectHandle eph_keyB = TEE_HANDLE_NULL;
5150 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5151 TEE_Attribute params[9] = { };
5152 size_t param_count = 0;
5153 uint8_t out[128] = { };
5154 size_t out_size = 0;
5155 uint8_t conf_A[32] = { };
5156 uint8_t conf_B[32] = { };
5157
5158 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5159 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5160 &ret_orig)))
5161 return;
5162
5163 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM2_KEP,
5164 TEE_ECC_CURVE_SM2)) {
5165 Do_ADBG_Log("SM2 KEP not supported: skip subcase");
5166 goto out;
5167 }
5168
5169 Do_ADBG_BeginSubCase(c, "Initiator side");
5170
5171 /*
5172 * Key exchange protocol running on user A's side. A is initiator.
5173 */
5174
5175 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5176 ta_crypt_cmd_allocate_operation(c, &session, &op,
5177 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5178 goto out;
5179
5180 /* Allocate and initialize keypair of user A */
5181
5182 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5183 ta_crypt_cmd_allocate_transient_object(c, &session,
5184 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyA)))
5185 goto out;
5186
5187 param_count = 0;
5188
5189 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5190 TEE_ECC_CURVE_SM2, 0);
5191
5192 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5193 ARRAY(gmt_003_part5_b2_public_xA));
5194
5195 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5196 ARRAY(gmt_003_part5_b2_public_yA));
5197
5198 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5199 ARRAY(gmt_003_part5_b2_private_A));
5200
5201 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5202 ta_crypt_cmd_populate_transient_object(c, &session, keyA,
5203 params, param_count)))
5204 goto out;
5205
5206 /*
5207 * Allocate and set ephemeral key of user A. Note: it is a regular ECC
5208 * key -- we don't use the *_EPHEMERAL_* attributes flags which are
5209 * reserved for use in TEE_DeriveKey() to pass the ephermeral key of
5210 * user B.
5211 */
5212
5213 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5214 ta_crypt_cmd_allocate_transient_object(c, &session,
5215 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyA)))
5216 goto out;
5217
5218 param_count = 0;
5219
5220 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5221 TEE_ECC_CURVE_SM2, 0);
5222
5223 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5224 ARRAY(gmt_003_part5_b2_eph_public_xA));
5225
5226 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5227 ARRAY(gmt_003_part5_b2_eph_public_yA));
5228
5229 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5230 ARRAY(gmt_003_part5_b2_eph_private_A));
5231
5232 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5233 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyA,
5234 params, param_count)))
5235 goto out;
5236
5237 /* Associate user A keys with operation */
5238
5239 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5240 ta_crypt_cmd_set_operation_key2(c, &session, op, keyA,
5241 eph_keyA)))
5242 goto out;
5243
5244 /* Keys have been set, free key objects */
5245
5246 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5247 ta_crypt_cmd_free_transient_object(c, &session, keyA)))
5248 goto out;
5249
5250 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5251 ta_crypt_cmd_free_transient_object(c, &session, eph_keyA)))
5252 goto out;
5253
5254 /* Allocate output object */
5255
5256 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5257 ta_crypt_cmd_allocate_transient_object(c, &session,
5258 TEE_TYPE_GENERIC_SECRET,
5259 sizeof(gmt_003_part5_b2_shared_secret),
5260 &sv_handle)))
5261 goto out;
5262
5263 /* Set key derivation parameters: user A role, user B information */
5264
5265 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5266 params[0].content.value.a = 0; /* Initiator role */
5267 params[0].content.value.b = 0; /* Not used */
5268 param_count = 1;
5269
5270 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5271 ARRAY(gmt_003_part5_b2_public_xB));
5272
5273 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5274 ARRAY(gmt_003_part5_b2_public_yB));
5275
5276 xtest_add_attr(&param_count, params,
5277 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5278 ARRAY(gmt_003_part5_b2_eph_public_xB));
5279
5280 xtest_add_attr(&param_count, params,
5281 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5282 ARRAY(gmt_003_part5_b2_eph_public_yB));
5283
5284 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5285 ARRAY(gmt_003_part5_b2_id_A));
5286
5287 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5288 ARRAY(gmt_003_part5_b2_id_B));
5289
5290 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5291 ARRAY(gmt_003_part5_b2_conf_B));
5292
5293 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5294 ARRAY(conf_A));
5295
5296 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5297 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5298 param_count)))
5299 goto out;
5300
5301 out_size = sizeof(out);
5302 memset(out, 0, sizeof(out));
5303 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5304 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5305 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5306 goto out;
5307
5308 /* Check derived key */
5309 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5310 sizeof(gmt_003_part5_b2_shared_secret), out,
5311 out_size))
5312 goto out;
5313
5314 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5315 ta_crypt_cmd_free_operation(c, &session, op)))
5316 goto out;
5317
5318 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5319 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5320 goto out;
5321
5322 Do_ADBG_EndSubCase(c, "Initiator side");
5323
5324 Do_ADBG_BeginSubCase(c, "Responder side");
5325
5326 /*
5327 * Key derivation on user B's side
5328 */
5329
5330 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5331 ta_crypt_cmd_allocate_operation(c, &session, &op,
5332 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5333 goto out;
5334
5335 /* Allocate and initialize keypair of user B */
5336
5337 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5338 ta_crypt_cmd_allocate_transient_object(c, &session,
5339 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyB)))
5340 goto out;
5341
5342 param_count = 0;
5343
5344 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5345 TEE_ECC_CURVE_SM2, 0);
5346
5347 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5348 ARRAY(gmt_003_part5_b2_public_xB));
5349
5350 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5351 ARRAY(gmt_003_part5_b2_public_yB));
5352
5353 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5354 ARRAY(gmt_003_part5_b2_private_B));
5355
5356 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5357 ta_crypt_cmd_populate_transient_object(c, &session, keyB,
5358 params, param_count)))
5359 goto out;
5360
5361 /* Allocate and set ephemeral key of user B */
5362
5363 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5364 ta_crypt_cmd_allocate_transient_object(c, &session,
5365 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyB)))
5366 goto out;
5367
5368 param_count = 0;
5369
5370 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5371 TEE_ECC_CURVE_SM2, 0);
5372
5373 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5374 ARRAY(gmt_003_part5_b2_eph_public_xB));
5375
5376 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5377 ARRAY(gmt_003_part5_b2_eph_public_yB));
5378
5379 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5380 ARRAY(gmt_003_part5_b2_eph_private_B));
5381
5382 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5383 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyB,
5384 params, param_count)))
5385 goto out;
5386
5387 /* Associate user B keys with operation */
5388
5389 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5390 ta_crypt_cmd_set_operation_key2(c, &session, op, keyB,
5391 eph_keyB)))
5392 goto out;
5393
5394 /* Keys have been set, free key objects */
5395
5396 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5397 ta_crypt_cmd_free_transient_object(c, &session, keyB)))
5398 goto out;
5399
5400 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5401 ta_crypt_cmd_free_transient_object(c, &session, eph_keyB)))
5402 goto out;
5403
5404 /* Allocate output object */
5405
5406 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5407 ta_crypt_cmd_allocate_transient_object(c, &session,
5408 TEE_TYPE_GENERIC_SECRET,
5409 sizeof(gmt_003_part5_b2_shared_secret),
5410 &sv_handle)))
5411 goto out;
5412
5413 /* Set key derivation parameters: user B role, user A information */
5414
5415 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5416 params[0].content.value.a = 1; /* Responder role */
5417 params[0].content.value.b = 0; /* Not used */
5418 param_count = 1;
5419
5420 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5421 ARRAY(gmt_003_part5_b2_public_xA));
5422
5423 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5424 ARRAY(gmt_003_part5_b2_public_yA));
5425
5426 xtest_add_attr(&param_count, params,
5427 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5428 ARRAY(gmt_003_part5_b2_eph_public_xA));
5429
5430 xtest_add_attr(&param_count, params,
5431 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5432 ARRAY(gmt_003_part5_b2_eph_public_yA));
5433
5434 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5435 ARRAY(gmt_003_part5_b2_id_A));
5436
5437 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5438 ARRAY(gmt_003_part5_b2_id_B));
5439
5440 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5441 ARRAY(gmt_003_part5_b2_conf_A));
5442
5443 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5444 ARRAY(conf_B));
5445
5446 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5447 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5448 param_count)))
5449 goto out;
5450
5451 out_size = sizeof(out);
5452 memset(out, 0, sizeof(out));
5453 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5454 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5455 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5456 goto out;
5457
5458 /* Check derived key */
5459 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5460 sizeof(gmt_003_part5_b2_shared_secret), out,
5461 out_size))
5462 goto out;
5463
5464 Do_ADBG_EndSubCase(c, "Responder side");
5465
5466out:
5467 TEEC_CloseSession(&session);
5468}
5469ADBG_CASE_DEFINE(regression, 4014, xtest_tee_test_4014,
5470 "Test SM2 KEP (key derivation)");
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5471#endif /*CFG_SYSTEM_PTA*/