TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 47d9a0b2f438f0875e03b207c25234de690b27fb / . / host / xtest / xtest_10000.c
blob: bbec8610a353110770b8fee4c5d52dd011c0f2cc [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, Linaro Limited
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13#include "xtest_test.h"
14#include "xtest_helpers.h"
15
16#include <tee_api_types.h>
17#include <tee_api_defines_extensions.h>
18#include <utee_defines.h>
19#include <string.h>
20#include <enc_fs_key_manager_test.h>
21
22#define WITH_HKDF 1
23#define WITH_CONCAT_KDF 1
24#define WITH_PBKDF2 1
25
26static void xtest_tee_test_10001(ADBG_Case_t *c);
27static void xtest_tee_test_10002(ADBG_Case_t *c);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]28
29ADBG_CASE_DEFINE(XTEST_TEE_10001, xtest_tee_test_10001,
30 /* Title */
31 "Test TEE Internal API key derivation extensions",
32 /* Short description */
33 "Test non-standard cryptographic key derivation algorithms",
34 /* Requirement IDs */
35 "Linaro CARD-1661",
36 /* How to implement */
37 "Invoke key derivation functions with standard test vectors"
38 );
39
40ADBG_CASE_DEFINE(XTEST_TEE_10002, xtest_tee_test_10002,
41 /* Title */
42 "Secure Storage Key Manager API Self Test",
43 /* Short description */
44 "Test secure storage key manager functionality",
45 /* Requirement IDs */
46 "Linaro SWG-176",
47 /* How to implement */
48 "Invoke key manager self test function in test TA"
49 );
50
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]51/*
52 * HKDF test data from RFC 5869
53 */
54
55/* A.1 SHA-256 */
56
57static const uint8_t hkdf_a1_ikm[] = {
58 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
59 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
60 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
61};
62
63static const uint8_t hkdf_a1_salt[] = {
64 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
65 0x08, 0x09, 0x0a, 0x0b, 0x0c
66};
67
68static const uint8_t hkdf_a1_info[] = {
69 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
70 0xf8, 0xf9
71};
72
73static const uint8_t hkdf_a1_okm[] = {
74 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
75 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
76 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
77 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
78 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
79 0x58, 0x65
80};
81
82/* A.2 SHA-256 */
83static const uint8_t hkdf_a2_ikm[] = {
84 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
85 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
86 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
87 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
88 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
89 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
90 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
91 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
92 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
93 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
94};
95
96static const uint8_t hkdf_a2_salt[] = {
97 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
98 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
99 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
100 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
101 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
102 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
103 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
104 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
105 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
106 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf
107};
108
109static const uint8_t hkdf_a2_info[] = {
110 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
111 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
112 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
113 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
114 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
115 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
116 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
117 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
118 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
119 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
120};
121
122static const uint8_t hkdf_a2_okm[] = {
123 0xb1, 0x1e, 0x39, 0x8d, 0xc8, 0x03, 0x27, 0xa1,
124 0xc8, 0xe7, 0xf7, 0x8c, 0x59, 0x6a, 0x49, 0x34,
125 0x4f, 0x01, 0x2e, 0xda, 0x2d, 0x4e, 0xfa, 0xd8,
126 0xa0, 0x50, 0xcc, 0x4c, 0x19, 0xaf, 0xa9, 0x7c,
127 0x59, 0x04, 0x5a, 0x99, 0xca, 0xc7, 0x82, 0x72,
128 0x71, 0xcb, 0x41, 0xc6, 0x5e, 0x59, 0x0e, 0x09,
129 0xda, 0x32, 0x75, 0x60, 0x0c, 0x2f, 0x09, 0xb8,
130 0x36, 0x77, 0x93, 0xa9, 0xac, 0xa3, 0xdb, 0x71,
131 0xcc, 0x30, 0xc5, 0x81, 0x79, 0xec, 0x3e, 0x87,
132 0xc1, 0x4c, 0x01, 0xd5, 0xc1, 0xf3, 0x43, 0x4f,
133 0x1d, 0x87
134};
135
136/* A.3 SHA-256 */
137#define hkdf_a3_ikm hkdf_a1_ikm
138static const uint8_t hkdf_a3_salt[] = {};
139
140static const uint8_t hkdf_a3_info[] = {};
141
142static const uint8_t hkdf_a3_okm[] = {
143 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
144 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
145 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
146 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
147 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
148 0x96, 0xc8
149};
150
151/* A.4 SHA-1 */
152static const uint8_t hkdf_a4_ikm[] = {
153 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
154 0x0b, 0x0b, 0x0b
155};
156
157static const uint8_t hkdf_a4_salt[] = {
158 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
159 0x08, 0x09, 0x0a, 0x0b, 0x0c
160};
161
162static const uint8_t hkdf_a4_info[] = {
163 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
164 0xf8, 0xf9
165};
166
167static const uint8_t hkdf_a4_okm[] = {
168 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69,
169 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81,
170 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15,
171 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2,
172 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3,
173 0xf8, 0x96
174};
175
176/* A.5 SHA-1 */
177#define hkdf_a5_ikm hkdf_a2_ikm
178#define hkdf_a5_salt hkdf_a2_salt
179#define hkdf_a5_info hkdf_a2_info
180static const uint8_t hkdf_a5_okm[] = {
181 0x0b, 0xd7, 0x70, 0xa7, 0x4d, 0x11, 0x60, 0xf7,
182 0xc9, 0xf1, 0x2c, 0xd5, 0x91, 0x2a, 0x06, 0xeb,
183 0xff, 0x6a, 0xdc, 0xae, 0x89, 0x9d, 0x92, 0x19,
184 0x1f, 0xe4, 0x30, 0x56, 0x73, 0xba, 0x2f, 0xfe,
185 0x8f, 0xa3, 0xf1, 0xa4, 0xe5, 0xad, 0x79, 0xf3,
186 0xf3, 0x34, 0xb3, 0xb2, 0x02, 0xb2, 0x17, 0x3c,
187 0x48, 0x6e, 0xa3, 0x7c, 0xe3, 0xd3, 0x97, 0xed,
188 0x03, 0x4c, 0x7f, 0x9d, 0xfe, 0xb1, 0x5c, 0x5e,
189 0x92, 0x73, 0x36, 0xd0, 0x44, 0x1f, 0x4c, 0x43,
190 0x00, 0xe2, 0xcf, 0xf0, 0xd0, 0x90, 0x0b, 0x52,
191 0xd3, 0xb4
192};
193
194/* A.6 SHA-1 */
195#define hkdf_a6_ikm hkdf_a1_ikm
196static const uint8_t hkdf_a6_salt[] = {};
197
198static const uint8_t hkdf_a6_info[] = {};
199
200static const uint8_t hkdf_a6_okm[] = {
201 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61,
202 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06,
203 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06,
204 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0,
205 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3,
206 0x49, 0x18
207};
208
209/* A.7 SHA-1 */
210static const uint8_t hkdf_a7_ikm[] = {
211 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
212 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
213 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
214};
215
216static const uint8_t hkdf_a7_salt[] = {};
217
218static const uint8_t hkdf_a7_info[] = {};
219
220static const uint8_t hkdf_a7_okm[] = {
221 0x2c, 0x91, 0x11, 0x72, 0x04, 0xd7, 0x45, 0xf3,
222 0x50, 0x0d, 0x63, 0x6a, 0x62, 0xf6, 0x4f, 0x0a,
223 0xb3, 0xba, 0xe5, 0x48, 0xaa, 0x53, 0xd4, 0x23,
224 0xb0, 0xd1, 0xf2, 0x7e, 0xbb, 0xa6, 0xf5, 0xe5,
225 0x67, 0x3a, 0x08, 0x1d, 0x70, 0xcc, 0xe7, 0xac,
226 0xfc, 0x48
227};
228
229/*
230 * Concat KDF (NIST SP 800-56A R1)
231 *
232 * Test vector from:
233 * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-37
234 * appendix C
235 */
236static const uint8_t concat_kdf_1_z[] = {
237 158, 86, 217, 29, 129, 113, 53, 211,
238 114, 131, 66, 131, 191, 132, 38, 156,
239 251, 49, 110, 163, 218, 128, 106, 72,
240 246, 218, 167, 121, 140, 254, 144, 196
241};
242
243static const uint8_t concat_kdf_1_other_info[] = {
244 0, 0, 0, 7, 65, 49, 50, 56,
245 71, 67, 77, 0, 0, 0, 5, 65,
246 108, 105, 99, 101, 0, 0, 0, 3,
247 66, 111, 98, 0, 0, 0, 128
248};
249
250static const uint8_t concat_kdf_1_derived_key[] = {
251 86, 170, 141, 234, 248, 35, 109, 32,
252 92, 34, 40, 205, 113, 167, 16, 26
253};
254
255/*
256 * PKCS #5 2.0 / RFC 2898 Key Derivation Function 2 (PBKDF2)
257 * Test vectors from RFC 6070 https://www.ietf.org/rfc/rfc6070.txt
258 */
259
260/* 1 */
261static const uint8_t pbkdf2_1_password[] = {
262 'p', 'a', 's', 's', 'w', 'o', 'r', 'd'
263};
264
265static const uint8_t pbkdf2_1_salt[] = {
266 's', 'a', 'l', 't'
267};
268
269#define pbkdf2_1_iteration_count 1
270static const uint8_t pbkdf2_1_dkm[] = {
271 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
272 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
273 0x2f, 0xe0, 0x37, 0xa6
274};
275
276/* 2 */
277#define pbkdf2_2_password pbkdf2_1_password
278#define pbkdf2_2_salt pbkdf2_1_salt
279#define pbkdf2_2_iteration_count 2
280static const uint8_t pbkdf2_2_dkm[] = {
281 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
282 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
283 0xd8, 0xde, 0x89, 0x57
284};
285
286/* 3 */
287#define pbkdf2_3_password pbkdf2_1_password
288#define pbkdf2_3_salt pbkdf2_1_salt
289#define pbkdf2_3_iteration_count 4096
290static const uint8_t pbkdf2_3_dkm[] = {
291 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
292 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
293 0x65, 0xa4, 0x29, 0xc1
294};
295
296/* 4 */
297#define pbkdf2_4_password pbkdf2_1_password
298#define pbkdf2_4_salt pbkdf2_1_salt
299#define pbkdf2_4_iteration_count 16777216
300static const uint8_t pbkdf2_4_dkm[] = {
301 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
302 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
303 0x26, 0x34, 0xe9, 0x84
304};
305
306/* 5 */
307static const uint8_t pbkdf2_5_password[] = {
308 'p', 'a', 's', 's', 'w', 'o', 'r', 'd',
309 'P', 'A', 'S', 'S', 'W', 'O', 'R', 'D',
310 'p', 'a', 's', 's', 'w', 'o', 'r', 'd'
311};
312
313static const uint8_t pbkdf2_5_salt[] = {
314 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
315 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
316 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
317 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
318 's', 'a', 'l', 't'
319};
320
321#define pbkdf2_5_iteration_count 4096
322static const uint8_t pbkdf2_5_dkm[] = {
323 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
324 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
325 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
326 0x38
327};
328
329/* 6 */
330static const uint8_t pbkdf2_6_password[] = {
331 'p', 'a', 's', 's', '\0', 'w', 'o', 'r',
332 'd',
333};
334
335static const uint8_t pbkdf2_6_salt[] = {
336 's', 'a', '\0', 'l', 't'
337};
338
339#define pbkdf2_6_iteration_count 4096
340static const uint8_t pbkdf2_6_dkm[] = {
341 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
342 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3
343};
344
345#ifdef WITH_HKDF
346static void xtest_test_derivation_hkdf(ADBG_Case_t *c, TEEC_Session *session)
347{
348 size_t n;
349#define TEST_HKDF_DATA(section, algo, id, oeb /* omit empty bufs */) \
350 { \
351 section, algo, \
352 hkdf_##id##_ikm, sizeof(hkdf_##id##_ikm), \
353 (oeb && !sizeof(hkdf_##id##_salt)) ? NULL : hkdf_##id##_salt, sizeof(hkdf_##id##_salt), \
354 (oeb && !sizeof(hkdf_##id##_info)) ? NULL : hkdf_##id##_info, sizeof(hkdf_##id##_info), \
355 hkdf_##id##_okm, sizeof(hkdf_##id##_okm), \
356 }
357 static struct hkdf_case {
358 const char *subcase_name;
359 uint32_t algo;
360 const uint8_t *ikm;
361 size_t ikm_len;
362 const uint8_t *salt;
363 size_t salt_len;
364 const uint8_t *info;
365 size_t info_len;
366 const uint8_t *okm;
367 size_t okm_len;
368 } hkdf_cases[] = {
369 TEST_HKDF_DATA("A.1 (SHA-256)",
370 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a1, false),
371 TEST_HKDF_DATA("A.2 (SHA-256)",
372 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a2, false),
373 TEST_HKDF_DATA("A.3 (SHA-256) [1]",
374 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a3, false),
375 TEST_HKDF_DATA("A.3 (SHA-256) [2]",
376 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a3, true),
377 TEST_HKDF_DATA("A.4 (SHA-1)",
378 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a4, false),
379 TEST_HKDF_DATA("A.5 (SHA-1)",
380 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a5, false),
381 TEST_HKDF_DATA("A.6 (SHA-1) [1]",
382 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a6, false),
383 TEST_HKDF_DATA("A.6 (SHA-1) [2]",
384 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a6, true),
385 TEST_HKDF_DATA("A.7 (SHA-1) [1]",
386 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a7, false),
387 TEST_HKDF_DATA("A.7 (SHA-1) [2]",
388 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a7, true),
389 };
390 size_t max_size = 2048;
391
392 for (n = 0; n < sizeof(hkdf_cases) / sizeof(struct hkdf_case); n++) {
393 TEE_OperationHandle op;
394 TEE_ObjectHandle key_handle;
395 TEE_ObjectHandle sv_handle;
396 TEE_Attribute params[4];
397 size_t param_count = 0;
398 uint8_t out[2048];
399 size_t out_size;
400 const struct hkdf_case *hc = &hkdf_cases[n];
401
402 Do_ADBG_BeginSubCase(c, "HKDF RFC 5869 %s", hc->subcase_name);
403
404 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
405 ta_crypt_cmd_allocate_operation(c, session, &op,
406 hc->algo, TEE_MODE_DERIVE, max_size)))
407 goto out;
408
409 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
410 ta_crypt_cmd_allocate_transient_object(c, session,
411 TEE_TYPE_HKDF_IKM, max_size, &key_handle)))
412 goto out;
413
414 xtest_add_attr(&param_count, params, TEE_ATTR_HKDF_IKM, hc->ikm,
415 hc->ikm_len);
416
417 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
418 ta_crypt_cmd_populate_transient_object(c, session,
419 key_handle, params, param_count)))
420 goto out;
421
422 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
423 ta_crypt_cmd_set_operation_key(c, session, op,
424 key_handle)))
425 goto out;
426
427 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
428 ta_crypt_cmd_free_transient_object(c, session,
429 key_handle)))
430 goto out;
431
432 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
433 ta_crypt_cmd_allocate_transient_object(c, session,
434 TEE_TYPE_GENERIC_SECRET, hc->okm_len * 8,
435 &sv_handle)))
436 goto out;
437
438 param_count = 0;
439
440 if (hc->salt)
441 xtest_add_attr(&param_count, params, TEE_ATTR_HKDF_SALT,
442 hc->salt, hc->salt_len);
443 if (hc->info)
444 xtest_add_attr(&param_count, params, TEE_ATTR_HKDF_INFO,
445 hc->info, hc->info_len);
446
447 params[param_count].attributeID = TEE_ATTR_HKDF_OKM_LENGTH;
448 params[param_count].content.value.a = hc->okm_len;
449 params[param_count].content.value.b = 0;
450 param_count++;
451
452 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
453 ta_crypt_cmd_derive_key(c, session, op, sv_handle,
454 params, param_count)))
455 goto out;
456
457 out_size = sizeof(out);
458 memset(out, 0, sizeof(out));
459 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
460 ta_crypt_cmd_get_object_buffer_attribute(c, session,
461 sv_handle, TEE_ATTR_SECRET_VALUE, out,
462 &out_size)))
463 goto out;
464
465 if (!ADBG_EXPECT_BUFFER(c, hc->okm, hc->okm_len, out, out_size))
466 goto out;
467
468 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
469 ta_crypt_cmd_free_operation(c, session, op)))
470 goto out;
471
472 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
473 ta_crypt_cmd_free_transient_object(c, session,
474 sv_handle)))
475 goto out;
476 out:
477 Do_ADBG_EndSubCase(c, "HKDF RFC 5869 %s", hc->subcase_name);
478 }
479}
480#endif /* WITH_HKDF */
481
482#ifdef WITH_CONCAT_KDF
483static void xtest_test_derivation_concat_kdf(ADBG_Case_t *c, TEEC_Session *session)
484{
485 size_t n;
486#define TEST_CONCAT_KDF_DATA(name, algo, id, oeb /* omit empty bufs */) \
487 { \
488 name, algo, \
489 concat_kdf_##id##_z, sizeof(concat_kdf_##id##_z), \
490 (oeb && !sizeof(concat_kdf_##id##_other_info)) ? NULL \
491 : concat_kdf_##id##_other_info, \
492 sizeof(concat_kdf_##id##_other_info), \
493 concat_kdf_##id##_derived_key, sizeof(concat_kdf_##id##_derived_key), \
494 }
495 static struct concat_kdf_case {
496 const char *subcase_name;
497 uint32_t algo;
498 const uint8_t *shared_secret;
499 size_t shared_secret_len;
500 const uint8_t *other_info;
501 size_t other_info_len;
502 const uint8_t *derived_key;
503 size_t derived_key_len;
504 } concat_kdf_cases[] = {
505 TEST_CONCAT_KDF_DATA("JWA-37 C (SHA-256)",
506 TEE_ALG_CONCAT_KDF_SHA256_DERIVE_KEY, 1, false),
507 };
508 size_t max_size = 2048;
509
510 for (n = 0;
511 n < sizeof(concat_kdf_cases) / sizeof(struct concat_kdf_case);
512 n++) {
513 TEE_OperationHandle op;
514 TEE_ObjectHandle key_handle;
515 TEE_ObjectHandle sv_handle;
516 TEE_Attribute params[4];
517 size_t param_count = 0;
518 uint8_t out[2048];
519 size_t out_size;
520 const struct concat_kdf_case *cc = &concat_kdf_cases[n];
521
522 Do_ADBG_BeginSubCase(c, "Concat KDF %s", cc->subcase_name);
523
524 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
525 ta_crypt_cmd_allocate_operation(c, session, &op,
526 cc->algo, TEE_MODE_DERIVE, max_size)))
527 goto out;
528
529 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
530 ta_crypt_cmd_allocate_transient_object(c, session,
531 TEE_TYPE_CONCAT_KDF_Z, max_size, &key_handle)))
532 goto out;
533
534 xtest_add_attr(&param_count, params, TEE_ATTR_CONCAT_KDF_Z,
535 cc->shared_secret, cc->shared_secret_len);
536
537 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
538 ta_crypt_cmd_populate_transient_object(c, session,
539 key_handle, params, param_count)))
540 goto out;
541
542 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
543 ta_crypt_cmd_set_operation_key(c, session, op,
544 key_handle)))
545 goto out;
546
547 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
548 ta_crypt_cmd_free_transient_object(c, session,
549 key_handle)))
550 goto out;
551
552 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
553 ta_crypt_cmd_allocate_transient_object(c, session,
554 TEE_TYPE_GENERIC_SECRET, cc->derived_key_len *
555 8, &sv_handle)))
556 goto out;
557
558 param_count = 0;
559
560 if (cc->other_info)
561 xtest_add_attr(&param_count, params,
562 TEE_ATTR_CONCAT_KDF_OTHER_INFO,
563 cc->other_info, cc->other_info_len);
564
565 params[param_count].attributeID = TEE_ATTR_CONCAT_KDF_DKM_LENGTH;
566 params[param_count].content.value.a = cc->derived_key_len;
567 params[param_count].content.value.b = 0;
568 param_count++;
569
570 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
571 ta_crypt_cmd_derive_key(c, session, op, sv_handle,
572 params, param_count)))
573 goto out;
574
575 out_size = sizeof(out);
576 memset(out, 0, sizeof(out));
577 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
578 ta_crypt_cmd_get_object_buffer_attribute(c, session,
579 sv_handle, TEE_ATTR_SECRET_VALUE, out,
580 &out_size)))
581 goto out;
582
583 if (!ADBG_EXPECT_BUFFER(c, cc->derived_key, cc->derived_key_len,
584 out, out_size))
585 goto out;
586
587 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
588 ta_crypt_cmd_free_operation(c, session, op)))
589 goto out;
590
591 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
592 ta_crypt_cmd_free_transient_object(c, session,
593 sv_handle)))
594 goto out;
595out:
596 Do_ADBG_EndSubCase(c, "Concat KDF %s", cc->subcase_name);
597 }
598}
599#endif /* WITH_CONCAT_KDF */
600
601#ifdef WITH_PBKDF2
602static void xtest_test_derivation_pbkdf2(ADBG_Case_t *c, TEEC_Session *session)
603{
604 size_t n;
605#define TEST_PBKDF2_DATA(section, algo, id, oeb /* omit empty bufs */) \
606 { \
607 section, algo, \
608 pbkdf2_##id##_password, sizeof(pbkdf2_##id##_password), \
609 (oeb && !sizeof(pbkdf2_##id##_salt)) ? NULL : pbkdf2_##id##_salt, sizeof(pbkdf2_##id##_salt), \
610 pbkdf2_##id##_iteration_count, \
611 pbkdf2_##id##_dkm, sizeof(pbkdf2_##id##_dkm), \
612 }
613#define _TO_STR(n) #n
614#define TO_STR(n) _TO_STR(n)
615#define RFC6070_TEST(n) \
616 TEST_PBKDF2_DATA("RFC 6070 " TO_STR(n) " (HMAC-SHA1)", \
617 TEE_ALG_PBKDF2_HMAC_SHA1_DERIVE_KEY, n, false)
618 static struct pbkdf2_case {
619 const char *subcase_name;
620 uint32_t algo;
621 const uint8_t *password;
622 size_t password_len;
623 const uint8_t *salt;
624 size_t salt_len;
625 uint32_t iteration_count;
626 const uint8_t *dkm;
627 size_t dkm_len;
628 } pbkdf2_cases[] = {
629 RFC6070_TEST(1), RFC6070_TEST(2), RFC6070_TEST(3),
630#if 0
631 RFC6070_TEST(4), /* Lengthy! (3 min on my PC / QEMU) */
632#endif
633 RFC6070_TEST(5), RFC6070_TEST(6)
634 };
635 size_t max_size = 2048;
636
637 for (n = 0; n < sizeof(pbkdf2_cases) / sizeof(struct pbkdf2_case); n++) {
638 TEE_OperationHandle op;
639 TEE_ObjectHandle key_handle;
640 TEE_ObjectHandle sv_handle;
641 TEE_Attribute params[4];
642 size_t param_count = 0;
643 uint8_t out[2048];
644 size_t out_size;
645 const struct pbkdf2_case *pc = &pbkdf2_cases[n];
646
647 Do_ADBG_BeginSubCase(c, "PBKDF2 %s", pc->subcase_name);
648 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
649 ta_crypt_cmd_allocate_operation(c, session, &op,
650 pc->algo, TEE_MODE_DERIVE, max_size)))
651 goto out;
652
653 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
654 ta_crypt_cmd_allocate_transient_object(c, session,
655 TEE_TYPE_PBKDF2_PASSWORD, max_size,
656 &key_handle)))
657 goto out;
658
659 xtest_add_attr(&param_count, params, TEE_ATTR_PBKDF2_PASSWORD,
660 pc->password, pc->password_len);
661
662 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
663 ta_crypt_cmd_populate_transient_object(c, session,
664 key_handle, params, param_count)))
665 goto out;
666
667 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
668 ta_crypt_cmd_set_operation_key(c, session, op,
669 key_handle)))
670 goto out;
671
672 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
673 ta_crypt_cmd_free_transient_object(c, session,
674 key_handle)))
675 goto out;
676
677 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
678 ta_crypt_cmd_allocate_transient_object(c, session,
679 TEE_TYPE_GENERIC_SECRET, pc->dkm_len * 8,
680 &sv_handle)))
681 goto out;
682
683 param_count = 0;
684
685 if (pc->salt)
686 xtest_add_attr(&param_count, params,
687 TEE_ATTR_PBKDF2_SALT, pc->salt,
688 pc->salt_len);
689
690 params[param_count].attributeID = TEE_ATTR_PBKDF2_DKM_LENGTH;
691 params[param_count].content.value.a = pc->dkm_len;
692 params[param_count].content.value.b = 0;
693 param_count++;
694
695 params[param_count].attributeID =
696 TEE_ATTR_PBKDF2_ITERATION_COUNT;
697 params[param_count].content.value.a = pc->iteration_count;
698 params[param_count].content.value.b = 0;
699 param_count++;
700
701 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
702 ta_crypt_cmd_derive_key(c, session, op, sv_handle,
703 params, param_count)))
704 goto out;
705
706 out_size = sizeof(out);
707 memset(out, 0, sizeof(out));
708 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
709 ta_crypt_cmd_get_object_buffer_attribute(c, session,
710 sv_handle, TEE_ATTR_SECRET_VALUE, out, &out_size)))
711 goto out;
712
713 if (!ADBG_EXPECT_BUFFER(c, pc->dkm, pc->dkm_len, out, out_size))
714 goto out;
715
716 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
717 ta_crypt_cmd_free_operation(c, session, op)))
718 goto out;
719
720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
721 ta_crypt_cmd_free_transient_object(c, session,
722 sv_handle)))
723 goto out;
724out:
725 Do_ADBG_EndSubCase(c, "PBKDF2 %s", pc->subcase_name);
726 }
727}
728#endif /* WITH_PBKDF2 */
729
730static TEEC_Result enc_fs_km_self_test(TEEC_Session *sess)
731{
732 TEEC_Operation op;
733 TEEC_Result res;
734 uint32_t org;
735
736 memset(&op, 0, sizeof(op));
737 res = TEEC_InvokeCommand(sess, CMD_SELF_TESTS, &op, &org);
738 return res;
739}
740
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]741static void xtest_tee_test_10001(ADBG_Case_t *c)
742{
743 TEEC_Session session = { 0 };
744 uint32_t ret_orig;
745
746 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
747 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
748 &ret_orig)))
749 return;
750
751#ifdef WITH_HKDF
752 xtest_test_derivation_hkdf(c, &session);
753#endif
754#ifdef WITH_CONCAT_KDF
755 xtest_test_derivation_concat_kdf(c, &session);
756#endif
757#ifdef WITH_PBKDF2
758 xtest_test_derivation_pbkdf2(c, &session);
759#endif
760
761 TEEC_CloseSession(&session);
762}
763
764/* secure storage key manager self test */
765static void xtest_tee_test_10002(ADBG_Case_t *c)
766{
767 TEEC_Result res;
768 TEEC_Session sess;
769 uint32_t orig;
770
771 res = xtest_teec_open_session(&sess,
772 &enc_fs_key_manager_test_ta_uuid,
773 NULL, &orig);
774 if (res != TEEC_SUCCESS) {
775 Do_ADBG_Log("Ignore test due to TA does not exist");
776 return;
777 }
778
779 if (!ADBG_EXPECT_TEEC_SUCCESS(
780 c, enc_fs_km_self_test(&sess)))
781 goto exit;
782
783exit:
784 TEEC_CloseSession(&sess);
785}