TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 25a57fe24e5bfc075ab7521c53099c9d685afe2a / . / host / xtest / xtest_10000.c
blob: cdaca1cc46a3c87aeb11965b24a4509210b87437 [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, Linaro Limited
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13#include "xtest_test.h"
14#include "xtest_helpers.h"
15
16#include <tee_api_types.h>
17#include <tee_api_defines_extensions.h>
18#include <utee_defines.h>
19#include <string.h>
20#include <enc_fs_key_manager_test.h>
21
22#define WITH_HKDF 1
23#define WITH_CONCAT_KDF 1
24#define WITH_PBKDF2 1
25
26static void xtest_tee_test_10001(ADBG_Case_t *c);
27static void xtest_tee_test_10002(ADBG_Case_t *c);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]28
29ADBG_CASE_DEFINE(XTEST_TEE_10001, xtest_tee_test_10001,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame^]30 "Test TEE Internal API key derivation extensions");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31ADBG_CASE_DEFINE(XTEST_TEE_10002, xtest_tee_test_10002,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame^]32 "Secure Storage Key Manager API Self Test");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]33
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]34/*
35 * HKDF test data from RFC 5869
36 */
37
38/* A.1 SHA-256 */
39
40static const uint8_t hkdf_a1_ikm[] = {
41 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
42 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
43 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
44};
45
46static const uint8_t hkdf_a1_salt[] = {
47 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
48 0x08, 0x09, 0x0a, 0x0b, 0x0c
49};
50
51static const uint8_t hkdf_a1_info[] = {
52 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
53 0xf8, 0xf9
54};
55
56static const uint8_t hkdf_a1_okm[] = {
57 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
58 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
59 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
60 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
61 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
62 0x58, 0x65
63};
64
65/* A.2 SHA-256 */
66static const uint8_t hkdf_a2_ikm[] = {
67 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
68 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
69 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
70 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
71 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
72 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
73 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
74 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
75 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
76 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
77};
78
79static const uint8_t hkdf_a2_salt[] = {
80 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
81 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
82 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
83 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
84 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
85 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
86 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
87 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
88 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
89 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf
90};
91
92static const uint8_t hkdf_a2_info[] = {
93 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
94 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
95 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
96 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
97 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
98 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
99 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
100 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
101 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
102 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
103};
104
105static const uint8_t hkdf_a2_okm[] = {
106 0xb1, 0x1e, 0x39, 0x8d, 0xc8, 0x03, 0x27, 0xa1,
107 0xc8, 0xe7, 0xf7, 0x8c, 0x59, 0x6a, 0x49, 0x34,
108 0x4f, 0x01, 0x2e, 0xda, 0x2d, 0x4e, 0xfa, 0xd8,
109 0xa0, 0x50, 0xcc, 0x4c, 0x19, 0xaf, 0xa9, 0x7c,
110 0x59, 0x04, 0x5a, 0x99, 0xca, 0xc7, 0x82, 0x72,
111 0x71, 0xcb, 0x41, 0xc6, 0x5e, 0x59, 0x0e, 0x09,
112 0xda, 0x32, 0x75, 0x60, 0x0c, 0x2f, 0x09, 0xb8,
113 0x36, 0x77, 0x93, 0xa9, 0xac, 0xa3, 0xdb, 0x71,
114 0xcc, 0x30, 0xc5, 0x81, 0x79, 0xec, 0x3e, 0x87,
115 0xc1, 0x4c, 0x01, 0xd5, 0xc1, 0xf3, 0x43, 0x4f,
116 0x1d, 0x87
117};
118
119/* A.3 SHA-256 */
120#define hkdf_a3_ikm hkdf_a1_ikm
121static const uint8_t hkdf_a3_salt[] = {};
122
123static const uint8_t hkdf_a3_info[] = {};
124
125static const uint8_t hkdf_a3_okm[] = {
126 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
127 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
128 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
129 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
130 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
131 0x96, 0xc8
132};
133
134/* A.4 SHA-1 */
135static const uint8_t hkdf_a4_ikm[] = {
136 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
137 0x0b, 0x0b, 0x0b
138};
139
140static const uint8_t hkdf_a4_salt[] = {
141 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
142 0x08, 0x09, 0x0a, 0x0b, 0x0c
143};
144
145static const uint8_t hkdf_a4_info[] = {
146 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
147 0xf8, 0xf9
148};
149
150static const uint8_t hkdf_a4_okm[] = {
151 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69,
152 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81,
153 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15,
154 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2,
155 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3,
156 0xf8, 0x96
157};
158
159/* A.5 SHA-1 */
160#define hkdf_a5_ikm hkdf_a2_ikm
161#define hkdf_a5_salt hkdf_a2_salt
162#define hkdf_a5_info hkdf_a2_info
163static const uint8_t hkdf_a5_okm[] = {
164 0x0b, 0xd7, 0x70, 0xa7, 0x4d, 0x11, 0x60, 0xf7,
165 0xc9, 0xf1, 0x2c, 0xd5, 0x91, 0x2a, 0x06, 0xeb,
166 0xff, 0x6a, 0xdc, 0xae, 0x89, 0x9d, 0x92, 0x19,
167 0x1f, 0xe4, 0x30, 0x56, 0x73, 0xba, 0x2f, 0xfe,
168 0x8f, 0xa3, 0xf1, 0xa4, 0xe5, 0xad, 0x79, 0xf3,
169 0xf3, 0x34, 0xb3, 0xb2, 0x02, 0xb2, 0x17, 0x3c,
170 0x48, 0x6e, 0xa3, 0x7c, 0xe3, 0xd3, 0x97, 0xed,
171 0x03, 0x4c, 0x7f, 0x9d, 0xfe, 0xb1, 0x5c, 0x5e,
172 0x92, 0x73, 0x36, 0xd0, 0x44, 0x1f, 0x4c, 0x43,
173 0x00, 0xe2, 0xcf, 0xf0, 0xd0, 0x90, 0x0b, 0x52,
174 0xd3, 0xb4
175};
176
177/* A.6 SHA-1 */
178#define hkdf_a6_ikm hkdf_a1_ikm
179static const uint8_t hkdf_a6_salt[] = {};
180
181static const uint8_t hkdf_a6_info[] = {};
182
183static const uint8_t hkdf_a6_okm[] = {
184 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61,
185 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06,
186 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06,
187 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0,
188 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3,
189 0x49, 0x18
190};
191
192/* A.7 SHA-1 */
193static const uint8_t hkdf_a7_ikm[] = {
194 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
195 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
196 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
197};
198
199static const uint8_t hkdf_a7_salt[] = {};
200
201static const uint8_t hkdf_a7_info[] = {};
202
203static const uint8_t hkdf_a7_okm[] = {
204 0x2c, 0x91, 0x11, 0x72, 0x04, 0xd7, 0x45, 0xf3,
205 0x50, 0x0d, 0x63, 0x6a, 0x62, 0xf6, 0x4f, 0x0a,
206 0xb3, 0xba, 0xe5, 0x48, 0xaa, 0x53, 0xd4, 0x23,
207 0xb0, 0xd1, 0xf2, 0x7e, 0xbb, 0xa6, 0xf5, 0xe5,
208 0x67, 0x3a, 0x08, 0x1d, 0x70, 0xcc, 0xe7, 0xac,
209 0xfc, 0x48
210};
211
212/*
213 * Concat KDF (NIST SP 800-56A R1)
214 *
215 * Test vector from:
216 * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-37
217 * appendix C
218 */
219static const uint8_t concat_kdf_1_z[] = {
220 158, 86, 217, 29, 129, 113, 53, 211,
221 114, 131, 66, 131, 191, 132, 38, 156,
222 251, 49, 110, 163, 218, 128, 106, 72,
223 246, 218, 167, 121, 140, 254, 144, 196
224};
225
226static const uint8_t concat_kdf_1_other_info[] = {
227 0, 0, 0, 7, 65, 49, 50, 56,
228 71, 67, 77, 0, 0, 0, 5, 65,
229 108, 105, 99, 101, 0, 0, 0, 3,
230 66, 111, 98, 0, 0, 0, 128
231};
232
233static const uint8_t concat_kdf_1_derived_key[] = {
234 86, 170, 141, 234, 248, 35, 109, 32,
235 92, 34, 40, 205, 113, 167, 16, 26
236};
237
238/*
239 * PKCS #5 2.0 / RFC 2898 Key Derivation Function 2 (PBKDF2)
240 * Test vectors from RFC 6070 https://www.ietf.org/rfc/rfc6070.txt
241 */
242
243/* 1 */
244static const uint8_t pbkdf2_1_password[] = {
245 'p', 'a', 's', 's', 'w', 'o', 'r', 'd'
246};
247
248static const uint8_t pbkdf2_1_salt[] = {
249 's', 'a', 'l', 't'
250};
251
252#define pbkdf2_1_iteration_count 1
253static const uint8_t pbkdf2_1_dkm[] = {
254 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
255 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
256 0x2f, 0xe0, 0x37, 0xa6
257};
258
259/* 2 */
260#define pbkdf2_2_password pbkdf2_1_password
261#define pbkdf2_2_salt pbkdf2_1_salt
262#define pbkdf2_2_iteration_count 2
263static const uint8_t pbkdf2_2_dkm[] = {
264 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
265 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
266 0xd8, 0xde, 0x89, 0x57
267};
268
269/* 3 */
270#define pbkdf2_3_password pbkdf2_1_password
271#define pbkdf2_3_salt pbkdf2_1_salt
272#define pbkdf2_3_iteration_count 4096
273static const uint8_t pbkdf2_3_dkm[] = {
274 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
275 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
276 0x65, 0xa4, 0x29, 0xc1
277};
278
279/* 4 */
280#define pbkdf2_4_password pbkdf2_1_password
281#define pbkdf2_4_salt pbkdf2_1_salt
282#define pbkdf2_4_iteration_count 16777216
283static const uint8_t pbkdf2_4_dkm[] = {
284 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
285 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
286 0x26, 0x34, 0xe9, 0x84
287};
288
289/* 5 */
290static const uint8_t pbkdf2_5_password[] = {
291 'p', 'a', 's', 's', 'w', 'o', 'r', 'd',
292 'P', 'A', 'S', 'S', 'W', 'O', 'R', 'D',
293 'p', 'a', 's', 's', 'w', 'o', 'r', 'd'
294};
295
296static const uint8_t pbkdf2_5_salt[] = {
297 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
298 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
299 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
300 's', 'a', 'l', 't', 'S', 'A', 'L', 'T',
301 's', 'a', 'l', 't'
302};
303
304#define pbkdf2_5_iteration_count 4096
305static const uint8_t pbkdf2_5_dkm[] = {
306 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
307 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
308 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
309 0x38
310};
311
312/* 6 */
313static const uint8_t pbkdf2_6_password[] = {
314 'p', 'a', 's', 's', '\0', 'w', 'o', 'r',
315 'd',
316};
317
318static const uint8_t pbkdf2_6_salt[] = {
319 's', 'a', '\0', 'l', 't'
320};
321
322#define pbkdf2_6_iteration_count 4096
323static const uint8_t pbkdf2_6_dkm[] = {
324 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
325 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3
326};
327
328#ifdef WITH_HKDF
329static void xtest_test_derivation_hkdf(ADBG_Case_t *c, TEEC_Session *session)
330{
331 size_t n;
332#define TEST_HKDF_DATA(section, algo, id, oeb /* omit empty bufs */) \
333 { \
334 section, algo, \
335 hkdf_##id##_ikm, sizeof(hkdf_##id##_ikm), \
336 (oeb && !sizeof(hkdf_##id##_salt)) ? NULL : hkdf_##id##_salt, sizeof(hkdf_##id##_salt), \
337 (oeb && !sizeof(hkdf_##id##_info)) ? NULL : hkdf_##id##_info, sizeof(hkdf_##id##_info), \
338 hkdf_##id##_okm, sizeof(hkdf_##id##_okm), \
339 }
340 static struct hkdf_case {
341 const char *subcase_name;
342 uint32_t algo;
343 const uint8_t *ikm;
344 size_t ikm_len;
345 const uint8_t *salt;
346 size_t salt_len;
347 const uint8_t *info;
348 size_t info_len;
349 const uint8_t *okm;
350 size_t okm_len;
351 } hkdf_cases[] = {
352 TEST_HKDF_DATA("A.1 (SHA-256)",
353 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a1, false),
354 TEST_HKDF_DATA("A.2 (SHA-256)",
355 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a2, false),
356 TEST_HKDF_DATA("A.3 (SHA-256) [1]",
357 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a3, false),
358 TEST_HKDF_DATA("A.3 (SHA-256) [2]",
359 TEE_ALG_HKDF_SHA256_DERIVE_KEY, a3, true),
360 TEST_HKDF_DATA("A.4 (SHA-1)",
361 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a4, false),
362 TEST_HKDF_DATA("A.5 (SHA-1)",
363 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a5, false),
364 TEST_HKDF_DATA("A.6 (SHA-1) [1]",
365 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a6, false),
366 TEST_HKDF_DATA("A.6 (SHA-1) [2]",
367 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a6, true),
368 TEST_HKDF_DATA("A.7 (SHA-1) [1]",
369 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a7, false),
370 TEST_HKDF_DATA("A.7 (SHA-1) [2]",
371 TEE_ALG_HKDF_SHA1_DERIVE_KEY, a7, true),
372 };
373 size_t max_size = 2048;
374
375 for (n = 0; n < sizeof(hkdf_cases) / sizeof(struct hkdf_case); n++) {
376 TEE_OperationHandle op;
377 TEE_ObjectHandle key_handle;
378 TEE_ObjectHandle sv_handle;
379 TEE_Attribute params[4];
380 size_t param_count = 0;
381 uint8_t out[2048];
382 size_t out_size;
383 const struct hkdf_case *hc = &hkdf_cases[n];
384
385 Do_ADBG_BeginSubCase(c, "HKDF RFC 5869 %s", hc->subcase_name);
386
387 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
388 ta_crypt_cmd_allocate_operation(c, session, &op,
389 hc->algo, TEE_MODE_DERIVE, max_size)))
390 goto out;
391
392 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
393 ta_crypt_cmd_allocate_transient_object(c, session,
394 TEE_TYPE_HKDF_IKM, max_size, &key_handle)))
395 goto out;
396
397 xtest_add_attr(&param_count, params, TEE_ATTR_HKDF_IKM, hc->ikm,
398 hc->ikm_len);
399
400 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
401 ta_crypt_cmd_populate_transient_object(c, session,
402 key_handle, params, param_count)))
403 goto out;
404
405 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
406 ta_crypt_cmd_set_operation_key(c, session, op,
407 key_handle)))
408 goto out;
409
410 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
411 ta_crypt_cmd_free_transient_object(c, session,
412 key_handle)))
413 goto out;
414
415 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
416 ta_crypt_cmd_allocate_transient_object(c, session,
417 TEE_TYPE_GENERIC_SECRET, hc->okm_len * 8,
418 &sv_handle)))
419 goto out;
420
421 param_count = 0;
422
423 if (hc->salt)
424 xtest_add_attr(&param_count, params, TEE_ATTR_HKDF_SALT,
425 hc->salt, hc->salt_len);
426 if (hc->info)
427 xtest_add_attr(&param_count, params, TEE_ATTR_HKDF_INFO,
428 hc->info, hc->info_len);
429
430 params[param_count].attributeID = TEE_ATTR_HKDF_OKM_LENGTH;
431 params[param_count].content.value.a = hc->okm_len;
432 params[param_count].content.value.b = 0;
433 param_count++;
434
435 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
436 ta_crypt_cmd_derive_key(c, session, op, sv_handle,
437 params, param_count)))
438 goto out;
439
440 out_size = sizeof(out);
441 memset(out, 0, sizeof(out));
442 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
443 ta_crypt_cmd_get_object_buffer_attribute(c, session,
444 sv_handle, TEE_ATTR_SECRET_VALUE, out,
445 &out_size)))
446 goto out;
447
448 if (!ADBG_EXPECT_BUFFER(c, hc->okm, hc->okm_len, out, out_size))
449 goto out;
450
451 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
452 ta_crypt_cmd_free_operation(c, session, op)))
453 goto out;
454
455 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
456 ta_crypt_cmd_free_transient_object(c, session,
457 sv_handle)))
458 goto out;
459 out:
460 Do_ADBG_EndSubCase(c, "HKDF RFC 5869 %s", hc->subcase_name);
461 }
462}
463#endif /* WITH_HKDF */
464
465#ifdef WITH_CONCAT_KDF
466static void xtest_test_derivation_concat_kdf(ADBG_Case_t *c, TEEC_Session *session)
467{
468 size_t n;
469#define TEST_CONCAT_KDF_DATA(name, algo, id, oeb /* omit empty bufs */) \
470 { \
471 name, algo, \
472 concat_kdf_##id##_z, sizeof(concat_kdf_##id##_z), \
473 (oeb && !sizeof(concat_kdf_##id##_other_info)) ? NULL \
474 : concat_kdf_##id##_other_info, \
475 sizeof(concat_kdf_##id##_other_info), \
476 concat_kdf_##id##_derived_key, sizeof(concat_kdf_##id##_derived_key), \
477 }
478 static struct concat_kdf_case {
479 const char *subcase_name;
480 uint32_t algo;
481 const uint8_t *shared_secret;
482 size_t shared_secret_len;
483 const uint8_t *other_info;
484 size_t other_info_len;
485 const uint8_t *derived_key;
486 size_t derived_key_len;
487 } concat_kdf_cases[] = {
488 TEST_CONCAT_KDF_DATA("JWA-37 C (SHA-256)",
489 TEE_ALG_CONCAT_KDF_SHA256_DERIVE_KEY, 1, false),
490 };
491 size_t max_size = 2048;
492
493 for (n = 0;
494 n < sizeof(concat_kdf_cases) / sizeof(struct concat_kdf_case);
495 n++) {
496 TEE_OperationHandle op;
497 TEE_ObjectHandle key_handle;
498 TEE_ObjectHandle sv_handle;
499 TEE_Attribute params[4];
500 size_t param_count = 0;
501 uint8_t out[2048];
502 size_t out_size;
503 const struct concat_kdf_case *cc = &concat_kdf_cases[n];
504
505 Do_ADBG_BeginSubCase(c, "Concat KDF %s", cc->subcase_name);
506
507 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
508 ta_crypt_cmd_allocate_operation(c, session, &op,
509 cc->algo, TEE_MODE_DERIVE, max_size)))
510 goto out;
511
512 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
513 ta_crypt_cmd_allocate_transient_object(c, session,
514 TEE_TYPE_CONCAT_KDF_Z, max_size, &key_handle)))
515 goto out;
516
517 xtest_add_attr(&param_count, params, TEE_ATTR_CONCAT_KDF_Z,
518 cc->shared_secret, cc->shared_secret_len);
519
520 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
521 ta_crypt_cmd_populate_transient_object(c, session,
522 key_handle, params, param_count)))
523 goto out;
524
525 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
526 ta_crypt_cmd_set_operation_key(c, session, op,
527 key_handle)))
528 goto out;
529
530 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
531 ta_crypt_cmd_free_transient_object(c, session,
532 key_handle)))
533 goto out;
534
535 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
536 ta_crypt_cmd_allocate_transient_object(c, session,
537 TEE_TYPE_GENERIC_SECRET, cc->derived_key_len *
538 8, &sv_handle)))
539 goto out;
540
541 param_count = 0;
542
543 if (cc->other_info)
544 xtest_add_attr(&param_count, params,
545 TEE_ATTR_CONCAT_KDF_OTHER_INFO,
546 cc->other_info, cc->other_info_len);
547
548 params[param_count].attributeID = TEE_ATTR_CONCAT_KDF_DKM_LENGTH;
549 params[param_count].content.value.a = cc->derived_key_len;
550 params[param_count].content.value.b = 0;
551 param_count++;
552
553 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
554 ta_crypt_cmd_derive_key(c, session, op, sv_handle,
555 params, param_count)))
556 goto out;
557
558 out_size = sizeof(out);
559 memset(out, 0, sizeof(out));
560 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
561 ta_crypt_cmd_get_object_buffer_attribute(c, session,
562 sv_handle, TEE_ATTR_SECRET_VALUE, out,
563 &out_size)))
564 goto out;
565
566 if (!ADBG_EXPECT_BUFFER(c, cc->derived_key, cc->derived_key_len,
567 out, out_size))
568 goto out;
569
570 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
571 ta_crypt_cmd_free_operation(c, session, op)))
572 goto out;
573
574 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
575 ta_crypt_cmd_free_transient_object(c, session,
576 sv_handle)))
577 goto out;
578out:
579 Do_ADBG_EndSubCase(c, "Concat KDF %s", cc->subcase_name);
580 }
581}
582#endif /* WITH_CONCAT_KDF */
583
584#ifdef WITH_PBKDF2
585static void xtest_test_derivation_pbkdf2(ADBG_Case_t *c, TEEC_Session *session)
586{
587 size_t n;
588#define TEST_PBKDF2_DATA(section, algo, id, oeb /* omit empty bufs */) \
589 { \
590 section, algo, \
591 pbkdf2_##id##_password, sizeof(pbkdf2_##id##_password), \
592 (oeb && !sizeof(pbkdf2_##id##_salt)) ? NULL : pbkdf2_##id##_salt, sizeof(pbkdf2_##id##_salt), \
593 pbkdf2_##id##_iteration_count, \
594 pbkdf2_##id##_dkm, sizeof(pbkdf2_##id##_dkm), \
595 }
596#define _TO_STR(n) #n
597#define TO_STR(n) _TO_STR(n)
598#define RFC6070_TEST(n) \
599 TEST_PBKDF2_DATA("RFC 6070 " TO_STR(n) " (HMAC-SHA1)", \
600 TEE_ALG_PBKDF2_HMAC_SHA1_DERIVE_KEY, n, false)
601 static struct pbkdf2_case {
602 const char *subcase_name;
603 uint32_t algo;
604 const uint8_t *password;
605 size_t password_len;
606 const uint8_t *salt;
607 size_t salt_len;
608 uint32_t iteration_count;
609 const uint8_t *dkm;
610 size_t dkm_len;
611 } pbkdf2_cases[] = {
612 RFC6070_TEST(1), RFC6070_TEST(2), RFC6070_TEST(3),
613#if 0
614 RFC6070_TEST(4), /* Lengthy! (3 min on my PC / QEMU) */
615#endif
616 RFC6070_TEST(5), RFC6070_TEST(6)
617 };
618 size_t max_size = 2048;
619
620 for (n = 0; n < sizeof(pbkdf2_cases) / sizeof(struct pbkdf2_case); n++) {
621 TEE_OperationHandle op;
622 TEE_ObjectHandle key_handle;
623 TEE_ObjectHandle sv_handle;
624 TEE_Attribute params[4];
625 size_t param_count = 0;
626 uint8_t out[2048];
627 size_t out_size;
628 const struct pbkdf2_case *pc = &pbkdf2_cases[n];
629
630 Do_ADBG_BeginSubCase(c, "PBKDF2 %s", pc->subcase_name);
631 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
632 ta_crypt_cmd_allocate_operation(c, session, &op,
633 pc->algo, TEE_MODE_DERIVE, max_size)))
634 goto out;
635
636 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
637 ta_crypt_cmd_allocate_transient_object(c, session,
638 TEE_TYPE_PBKDF2_PASSWORD, max_size,
639 &key_handle)))
640 goto out;
641
642 xtest_add_attr(&param_count, params, TEE_ATTR_PBKDF2_PASSWORD,
643 pc->password, pc->password_len);
644
645 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
646 ta_crypt_cmd_populate_transient_object(c, session,
647 key_handle, params, param_count)))
648 goto out;
649
650 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
651 ta_crypt_cmd_set_operation_key(c, session, op,
652 key_handle)))
653 goto out;
654
655 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
656 ta_crypt_cmd_free_transient_object(c, session,
657 key_handle)))
658 goto out;
659
660 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
661 ta_crypt_cmd_allocate_transient_object(c, session,
662 TEE_TYPE_GENERIC_SECRET, pc->dkm_len * 8,
663 &sv_handle)))
664 goto out;
665
666 param_count = 0;
667
668 if (pc->salt)
669 xtest_add_attr(&param_count, params,
670 TEE_ATTR_PBKDF2_SALT, pc->salt,
671 pc->salt_len);
672
673 params[param_count].attributeID = TEE_ATTR_PBKDF2_DKM_LENGTH;
674 params[param_count].content.value.a = pc->dkm_len;
675 params[param_count].content.value.b = 0;
676 param_count++;
677
678 params[param_count].attributeID =
679 TEE_ATTR_PBKDF2_ITERATION_COUNT;
680 params[param_count].content.value.a = pc->iteration_count;
681 params[param_count].content.value.b = 0;
682 param_count++;
683
684 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
685 ta_crypt_cmd_derive_key(c, session, op, sv_handle,
686 params, param_count)))
687 goto out;
688
689 out_size = sizeof(out);
690 memset(out, 0, sizeof(out));
691 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
692 ta_crypt_cmd_get_object_buffer_attribute(c, session,
693 sv_handle, TEE_ATTR_SECRET_VALUE, out, &out_size)))
694 goto out;
695
696 if (!ADBG_EXPECT_BUFFER(c, pc->dkm, pc->dkm_len, out, out_size))
697 goto out;
698
699 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
700 ta_crypt_cmd_free_operation(c, session, op)))
701 goto out;
702
703 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
704 ta_crypt_cmd_free_transient_object(c, session,
705 sv_handle)))
706 goto out;
707out:
708 Do_ADBG_EndSubCase(c, "PBKDF2 %s", pc->subcase_name);
709 }
710}
711#endif /* WITH_PBKDF2 */
712
713static TEEC_Result enc_fs_km_self_test(TEEC_Session *sess)
714{
715 TEEC_Operation op;
716 TEEC_Result res;
717 uint32_t org;
718
719 memset(&op, 0, sizeof(op));
720 res = TEEC_InvokeCommand(sess, CMD_SELF_TESTS, &op, &org);
721 return res;
722}
723
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]724static void xtest_tee_test_10001(ADBG_Case_t *c)
725{
726 TEEC_Session session = { 0 };
727 uint32_t ret_orig;
728
729 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
730 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
731 &ret_orig)))
732 return;
733
734#ifdef WITH_HKDF
735 xtest_test_derivation_hkdf(c, &session);
736#endif
737#ifdef WITH_CONCAT_KDF
738 xtest_test_derivation_concat_kdf(c, &session);
739#endif
740#ifdef WITH_PBKDF2
741 xtest_test_derivation_pbkdf2(c, &session);
742#endif
743
744 TEEC_CloseSession(&session);
745}
746
747/* secure storage key manager self test */
748static void xtest_tee_test_10002(ADBG_Case_t *c)
749{
750 TEEC_Result res;
751 TEEC_Session sess;
752 uint32_t orig;
753
754 res = xtest_teec_open_session(&sess,
755 &enc_fs_key_manager_test_ta_uuid,
756 NULL, &orig);
757 if (res != TEEC_SUCCESS) {
758 Do_ADBG_Log("Ignore test due to TA does not exist");
759 return;
760 }
761
762 if (!ADBG_EXPECT_TEEC_SUCCESS(
763 c, enc_fs_km_self_test(&sess)))
764 goto exit;
765
766exit:
767 TEEC_CloseSession(&sess);
768}