TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 2639388e80a780d0bc61010d15a7d1184ee23e64 / . / host / xtest / regression_4000.c
blob: 6f786e715efc92b0ab9dbe3685d673ab8fdfd18d [file] [log] [blame]
Etienne Carriere9b7b70d2020-05-16 10:27:23 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2/*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]4 * Copyright (c) 2021, SumUp Services GmbH
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5 */
6
7#include <stdio.h>
8#include <string.h>
9#include <inttypes.h>
10#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]11#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]12
13#include "xtest_test.h"
14#include "xtest_helpers.h"
15
16#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]17#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]18#include <ta_crypt.h>
19#include <utee_defines.h>
20#include <util.h>
21
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]22#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]23#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]24
25#include <assert.h>
26
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]27static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
28 TEE_OperationHandle oph)
29{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]30 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]32 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]33
34 assert((uintptr_t)oph <= UINT32_MAX);
35 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
36 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
37 TEEC_NONE);
38 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
39 &ret_orig);
40 if (res != TEEC_SUCCESS) {
41 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
42 ret_orig);
43 }
44 return res;
45}
46
47static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
48 TEEC_Session *s,
49 TEE_OperationHandle dst_oph,
50 TEE_OperationHandle src_oph)
51{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]52 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]53 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]54 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]55
56 assert((uintptr_t)dst_oph <= UINT32_MAX);
57 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
58
59 assert((uintptr_t)src_oph <= UINT32_MAX);
60 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
61 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
62 TEEC_NONE);
63
64 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
65 &ret_orig);
66
67 if (res != TEEC_SUCCESS) {
68 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
69 ret_orig);
70 }
71 return res;
72}
73
74static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
75 TEE_OperationHandle oph,
76 const void *chunk,
77 size_t chunk_size)
78{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]79 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]80 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]81 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]82
83 assert((uintptr_t)oph <= UINT32_MAX);
84 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
85 op.params[1].tmpref.buffer = (void *)chunk;
86 op.params[1].tmpref.size = chunk_size;
87
88 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
89 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
90 TEEC_NONE);
91
92 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
93
94 if (res != TEEC_SUCCESS) {
95 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
96 ret_orig);
97 }
98
99 return res;
100}
101
102static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
103 TEE_OperationHandle oph,
104 const void *chunk,
105 size_t chunk_len, void *hash,
106 size_t *hash_len)
107{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]108 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]109 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]110 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]111
112 assert((uintptr_t)oph <= UINT32_MAX);
113 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
114
115 op.params[1].tmpref.buffer = (void *)chunk;
116 op.params[1].tmpref.size = chunk_len;
117
118 op.params[2].tmpref.buffer = (void *)hash;
119 op.params[2].tmpref.size = *hash_len;
120
121 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
122 TEEC_MEMREF_TEMP_INPUT,
123 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
124
125 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
126 &ret_orig);
127
128 if (res != TEEC_SUCCESS) {
129 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
130 ret_orig);
131 }
132
133 if (res == TEEC_SUCCESS)
134 *hash_len = op.params[2].tmpref.size;
135
136 return res;
137}
138
139static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
140 TEEC_Session *s,
141 TEE_OperationHandle oph,
142 TEE_ObjectHandle key1,
143 TEE_ObjectHandle key2)
144{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]145 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]146 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]147 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]148
149 assert((uintptr_t)oph <= UINT32_MAX);
150 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
151
152 assert((uintptr_t)key1 <= UINT32_MAX);
153 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
154
155 assert((uintptr_t)key2 <= UINT32_MAX);
156 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
157 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
158 TEEC_NONE, TEEC_NONE);
159
160 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
161 &ret_orig);
162
163 if (res != TEEC_SUCCESS) {
164 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
165 ret_orig);
166 }
167
168 return res;
169}
170
171static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
172 TEE_OperationHandle oph,
173 const void *iv, size_t iv_len)
174{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]175 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]176 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]177 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]178
179 assert((uintptr_t)oph <= UINT32_MAX);
180 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
181
182 if (iv != NULL) {
183 op.params[1].tmpref.buffer = (void *)iv;
184 op.params[1].tmpref.size = iv_len;
185 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
186 TEEC_MEMREF_TEMP_INPUT,
187 TEEC_NONE, TEEC_NONE);
188 } else {
189 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
190 TEEC_NONE, TEEC_NONE);
191 }
192
193 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
194
195 if (res != TEEC_SUCCESS) {
196 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
197 ret_orig);
198 }
199
200 return res;
201}
202
203static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
204 TEE_OperationHandle oph,
205 const void *chunk, size_t chunk_size)
206{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]207 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]208 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]209 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]210
211 assert((uintptr_t)oph <= UINT32_MAX);
212 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
213
214 op.params[1].tmpref.buffer = (void *)chunk;
215 op.params[1].tmpref.size = chunk_size;
216
217 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
218 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
219 TEEC_NONE);
220
221 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
222
223 if (res != TEEC_SUCCESS) {
224 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
225 ret_orig);
226 }
227
228 return res;
229}
230
231static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
232 TEEC_Session *s,
233 TEE_OperationHandle oph,
234 const void *chunk,
235 size_t chunk_len,
236 void *hash,
237 size_t *hash_len)
238{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]239 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]240 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]241 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]242
243 assert((uintptr_t)oph <= UINT32_MAX);
244 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
245
246 op.params[1].tmpref.buffer = (void *)chunk;
247 op.params[1].tmpref.size = chunk_len;
248
249 op.params[2].tmpref.buffer = (void *)hash;
250 op.params[2].tmpref.size = *hash_len;
251
252 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
253 TEEC_MEMREF_TEMP_INPUT,
254 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
255
256 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
257 &ret_orig);
258
259 if (res != TEEC_SUCCESS) {
260 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
261 ret_orig);
262 }
263
264 if (res == TEEC_SUCCESS)
265 *hash_len = op.params[2].tmpref.size;
266
267 return res;
268}
269
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]270static TEEC_Result ta_crypt_cmd_mac_final_compare(ADBG_Case_t *c,
271 TEEC_Session *s,
272 TEE_OperationHandle oph,
273 const void *chunk,
274 size_t chunk_len,
275 const uint8_t *hash,
276 size_t hash_len)
277{
278 TEEC_Result res = TEEC_ERROR_GENERIC;
279 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
280 uint32_t ret_orig = 0;
281
282 assert((uintptr_t)oph <= UINT32_MAX);
283 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
284
285 op.params[1].tmpref.buffer = (void *)chunk;
286 op.params[1].tmpref.size = chunk_len;
287
288 op.params[2].tmpref.buffer = (void *)hash;
289 op.params[2].tmpref.size = hash_len;
290
291 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
292 TEEC_MEMREF_TEMP_INPUT,
293 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE);
294
295 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPARE, &op,
296 &ret_orig);
297
298 if (res != TEEC_SUCCESS) {
299 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
300 ret_orig);
301 }
302
303 return res;
304}
305
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]306static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
307 TEE_OperationHandle oph,
308 const void *iv, size_t iv_len)
309{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]310 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]311 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]312 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]313
314 assert((uintptr_t)oph <= UINT32_MAX);
315 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
316
317 if (iv != NULL) {
318 op.params[1].tmpref.buffer = (void *)iv;
319 op.params[1].tmpref.size = iv_len;
320
321 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
322 TEEC_MEMREF_TEMP_INPUT,
323 TEEC_NONE, TEEC_NONE);
324 } else {
325 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
326 TEEC_NONE, TEEC_NONE);
327 }
328
329 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
330
331 if (res != TEEC_SUCCESS) {
332 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
333 ret_orig);
334 }
335
336 return res;
337}
338
339static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
340 TEE_OperationHandle oph,
341 const void *src, size_t src_len,
342 void *dst, size_t *dst_len)
343{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]344 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]345 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]346 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]347
348 assert((uintptr_t)oph <= UINT32_MAX);
349 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
350
351 op.params[1].tmpref.buffer = (void *)src;
352 op.params[1].tmpref.size = src_len;
353
354 op.params[2].tmpref.buffer = dst;
355 op.params[2].tmpref.size = *dst_len;
356
357 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
358 TEEC_MEMREF_TEMP_INPUT,
359 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
360
361 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
362
363 if (res != TEEC_SUCCESS) {
364 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
365 ret_orig);
366 }
367
368 if (res == TEEC_SUCCESS)
369 *dst_len = op.params[2].tmpref.size;
370
371 return res;
372}
373
374static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
375 TEEC_Session *s,
376 TEE_OperationHandle oph,
377 const void *src,
378 size_t src_len,
379 void *dst,
380 size_t *dst_len)
381{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]382 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]383 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]384 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]385
386 assert((uintptr_t)oph <= UINT32_MAX);
387 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
388
389 op.params[1].tmpref.buffer = (void *)src;
390 op.params[1].tmpref.size = src_len;
391
392 op.params[2].tmpref.buffer = (void *)dst;
393 op.params[2].tmpref.size = *dst_len;
394
395 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
396 TEEC_MEMREF_TEMP_INPUT,
397 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
398
399 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
400 &ret_orig);
401
402 if (res != TEEC_SUCCESS) {
403 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
404 ret_orig);
405 }
406
407 if (res == TEEC_SUCCESS)
408 *dst_len = op.params[2].tmpref.size;
409
410 return res;
411}
412
413static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
414 TEEC_Session *s,
415 void *buf,
416 size_t blen)
417{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]418 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]419 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]420 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]421
422 op.params[0].tmpref.buffer = buf;
423 op.params[0].tmpref.size = blen;
424
425 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
426 TEEC_NONE, TEEC_NONE);
427
Joakim Bech81f97e32020-05-27 12:14:23 +0200[diff] [blame]428 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE, &op,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]429 &ret_orig);
430
431 if (res != TEEC_SUCCESS) {
432 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
433 ret_orig);
434 }
435
436 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
437 op.params[0].tmpref.size);
438 return res;
439}
440
441static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
442 TEE_OperationHandle oph,
443 const void *nonce, size_t nonce_len,
444 size_t tag_len, size_t aad_len,
445 size_t payload_len)
446{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]447 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]448 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]449 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]450
451 assert((uintptr_t)oph <= UINT32_MAX);
452 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
453 op.params[0].value.b = tag_len;
454
455 op.params[1].tmpref.buffer = (void *)nonce;
456 op.params[1].tmpref.size = nonce_len;
457
458 op.params[2].value.a = aad_len;
459 op.params[2].value.b = payload_len;
460
461 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
462 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]463 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]464
465 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
466
467 if (res != TEEC_SUCCESS) {
468 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
469 ret_orig);
470 }
471 return res;
472}
473
474static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
475 TEE_OperationHandle oph,
476 const void *aad, size_t aad_len)
477{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]478 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]479 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]480 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]481
482 assert((uintptr_t)oph <= UINT32_MAX);
483 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
484
485 op.params[1].tmpref.buffer = (void *)aad;
486 op.params[1].tmpref.size = aad_len;
487
488 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
489 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
490 TEEC_NONE);
491
492 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
493
494 if (res != TEEC_SUCCESS) {
495 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
496 ret_orig);
497 }
498
499 return res;
500}
501
502static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
503 TEEC_Session *s,
504 TEE_OperationHandle oph,
505 const void *src,
506 size_t src_len,
507 void *dst,
508 size_t *dst_len)
509{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]510 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]511 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]512 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]513
514 assert((uintptr_t)oph <= UINT32_MAX);
515 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
516
517 op.params[1].tmpref.buffer = (void *)src;
518 op.params[1].tmpref.size = src_len;
519
520 op.params[2].tmpref.buffer = (void *)dst;
521 op.params[2].tmpref.size = *dst_len;
522
523 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
524 TEEC_MEMREF_TEMP_INPUT,
525 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
526
527 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
528
529 if (res != TEEC_SUCCESS) {
530 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
531 ret_orig);
532 }
533
534 if (res == TEEC_SUCCESS)
535 *dst_len = op.params[2].tmpref.size;
536
537 return res;
538}
539
540static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
541 TEEC_Session *s,
542 TEE_OperationHandle oph,
543 const void *src,
544 size_t src_len, void *dst,
545 size_t *dst_len, void *tag,
546 size_t *tag_len)
547{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]548 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]549 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]550 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]551
552 assert((uintptr_t)oph <= UINT32_MAX);
553 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
554
555 op.params[1].tmpref.buffer = (void *)src;
556 op.params[1].tmpref.size = src_len;
557
558 op.params[2].tmpref.buffer = (void *)dst;
559 op.params[2].tmpref.size = *dst_len;
560
561 op.params[3].tmpref.buffer = (void *)tag;
562 op.params[3].tmpref.size = *tag_len;
563
564 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
565 TEEC_MEMREF_TEMP_INPUT,
566 TEEC_MEMREF_TEMP_OUTPUT,
567 TEEC_MEMREF_TEMP_OUTPUT);
568
569 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
570 &ret_orig);
571
572 if (res != TEEC_SUCCESS) {
573 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
574 ret_orig);
575 }
576
577 if (res == TEEC_SUCCESS) {
578 *dst_len = op.params[2].tmpref.size;
579 *tag_len = op.params[3].tmpref.size;
580 }
581
582 return res;
583}
584
585static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
586 TEEC_Session *s,
587 TEE_OperationHandle oph,
588 const void *src, size_t src_len,
589 void *dst, size_t *dst_len,
590 const void *tag, size_t tag_len)
591{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]592 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]593 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]594 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]595
596 assert((uintptr_t)oph <= UINT32_MAX);
597 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
598
599 op.params[1].tmpref.buffer = (void *)src;
600 op.params[1].tmpref.size = src_len;
601
602 op.params[2].tmpref.buffer = dst;
603 op.params[2].tmpref.size = *dst_len;
604
605 op.params[3].tmpref.buffer = (void *)tag;
606 op.params[3].tmpref.size = tag_len;
607
608 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
609 TEEC_MEMREF_TEMP_INPUT,
610 TEEC_MEMREF_TEMP_OUTPUT,
611 TEEC_MEMREF_TEMP_INPUT);
612
613 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
614 &ret_orig);
615
616 if (res != TEEC_SUCCESS) {
617 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
618 ret_orig);
619 }
620
621 if (res == TEEC_SUCCESS)
622 *dst_len = op.params[2].tmpref.size;
623
624 return res;
625}
626
627static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
628 TEEC_Session *s,
629 TEE_OperationHandle oph,
630 uint32_t cmd,
631 const TEE_Attribute *params,
632 uint32_t paramCount,
633 const void *src,
634 size_t src_len,
635 void *dst,
636 size_t *dst_len)
637{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]638 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]639 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]640 uint32_t ret_orig = 0;
641 uint8_t *buf = NULL;
642 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]643
644 res = pack_attrs(params, paramCount, &buf, &blen);
645 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
646 return res;
647
648 assert((uintptr_t)oph <= UINT32_MAX);
649 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
650
651 op.params[1].tmpref.buffer = buf;
652 op.params[1].tmpref.size = blen;
653
654 op.params[2].tmpref.buffer = (void *)src;
655 op.params[2].tmpref.size = src_len;
656
657 op.params[3].tmpref.buffer = dst;
658 op.params[3].tmpref.size = *dst_len;
659
660 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
661 TEEC_MEMREF_TEMP_INPUT,
662 TEEC_MEMREF_TEMP_INPUT,
663 TEEC_MEMREF_TEMP_OUTPUT);
664
665 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
666
667 if (res != TEEC_SUCCESS) {
668 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
669 ret_orig);
670 }
671
672 if (res == TEEC_SUCCESS)
673 *dst_len = op.params[3].tmpref.size;
674
675 free(buf);
676 return res;
677}
678
679static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
680 TEEC_Session *s,
681 TEE_OperationHandle oph,
682 const TEE_Attribute *params,
683 uint32_t paramCount,
684 const void *src,
685 size_t src_len,
686 void *dst,
687 size_t *dst_len)
688{
689 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
690 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
691 params, paramCount,
692 src, src_len, dst, dst_len);
693}
694
695static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
696 TEEC_Session *s,
697 TEE_OperationHandle oph,
698 const TEE_Attribute *params,
699 uint32_t paramCount,
700 const void *src,
701 size_t src_len,
702 void *dst,
703 size_t *dst_len)
704{
705 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
706 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
707 params, paramCount,
708 src, src_len, dst, dst_len);
709}
710
711static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
712 TEEC_Session *s,
713 TEE_OperationHandle oph,
714 const TEE_Attribute *params,
715 uint32_t paramCount,
716 const void *digest,
717 size_t digest_len,
718 void *signature,
719 size_t *signature_len)
720{
721 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
722 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
723 digest, digest_len, signature, signature_len);
724}
725
726static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
727 TEEC_Session *s,
728 TEE_OperationHandle oph,
729 const TEE_Attribute *params,
730 uint32_t paramCount,
731 const void *digest,
732 size_t digest_len,
733 const void *signature,
734 size_t signature_len)
735{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]736 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]737 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]738 uint32_t ret_orig = 0;
739 uint8_t *buf = NULL;
740 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]741
742 res = pack_attrs(params, paramCount, &buf, &blen);
743 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
744 return res;
745
746 assert((uintptr_t)oph <= UINT32_MAX);
747 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
748
749 op.params[1].tmpref.buffer = buf;
750 op.params[1].tmpref.size = blen;
751
752 op.params[2].tmpref.buffer = (void *)digest;
753 op.params[2].tmpref.size = digest_len;
754
755 op.params[3].tmpref.buffer = (void *)signature;
756 op.params[3].tmpref.size = signature_len;
757
758 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
759 TEEC_MEMREF_TEMP_INPUT,
760 TEEC_MEMREF_TEMP_INPUT,
761 TEEC_MEMREF_TEMP_INPUT);
762
763 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
764 &op, &ret_orig);
765
766 if (res != TEEC_SUCCESS) {
767 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
768 ret_orig);
769 }
770
771 free(buf);
772 return res;
773}
774
775static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
776 TEEC_Session *s,
777 TEE_ObjectHandle o,
778 uint32_t attr_id,
779 uint32_t *valuea,
780 uint32_t *valueb)
781{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]782 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]783 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]784 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]785
786 assert((uintptr_t)o <= UINT32_MAX);
787 op.params[0].value.a = (uint32_t)(uintptr_t)o;
788 op.params[0].value.b = attr_id;
789 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
790 TEEC_NONE, TEEC_NONE);
791
792 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
793 &op, &ret_orig);
794
795 if (res != TEEC_SUCCESS) {
796 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
797 ret_orig);
798 }
799
800 if (res == TEEC_SUCCESS) {
801 *valuea = op.params[1].value.a;
802 *valueb = op.params[1].value.b;
803 }
804
805 return res;
806}
807
808static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
809 TEEC_Session *s,
810 TEE_ObjectHandle o,
811 uint32_t key_size,
812 const TEE_Attribute *params,
813 uint32_t paramCount)
814{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]815 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]816 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]817 uint32_t ret_orig = 0;
818 uint8_t *buf = NULL;
819 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]820
821 res = pack_attrs(params, paramCount, &buf, &blen);
822 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
823 return res;
824
825 assert((uintptr_t)o <= UINT32_MAX);
826 op.params[0].value.a = (uint32_t)(uintptr_t)o;
827 op.params[0].value.b = key_size;
828
829 op.params[1].tmpref.buffer = buf;
830 op.params[1].tmpref.size = blen;
831
832 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
833 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
834 TEEC_NONE);
835
836 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
837
838 if (res != TEEC_SUCCESS) {
839 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
840 ret_orig);
841 }
842
843 free(buf);
844 return res;
845}
846
847static const uint8_t hash_data_md5_in1[] = {
848 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
849};
850
851static const uint8_t hash_data_md5_out1[] = {
852 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
853 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
854};
855
856static const uint8_t hash_data_sha1_in1[] = {
857 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
858};
859
860static const uint8_t hash_data_sha1_out1[] = {
861 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
862 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
863 0xc1, 0x5e, 0x7c, 0x9c
864};
865
866static const uint8_t hash_data_sha224_in1[] = {
867 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
868};
869
870static const uint8_t hash_data_sha224_out1[] = {
871 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
872 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
873 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
874 0x92, 0x49, 0xd8, 0x44
875};
876
877static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
878
879static const uint8_t hash_data_sha256_out1[] = {
880 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
881 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
882 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
883 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
884};
885
886static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
887
888static const uint8_t hash_data_sha256_out2[] = {
889 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
890 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
891 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
892 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
893};
894
895
896static const uint8_t hash_data_sha384_in1[] = {
897 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
898};
899
900static const uint8_t hash_data_sha384_out1[] = {
901 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
902 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
903 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
904 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
905 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
906 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
907};
908
909static const uint8_t hash_data_sha512_in1[] = {
910 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
911};
912
913static const uint8_t hash_data_sha512_out1[] = {
914 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
915 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
916 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
917 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
918 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
919 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
920 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
921 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
922};
923
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]924/*
925 * SM3
926 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]927 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]928 */
929static const uint8_t hash_data_sm3_a1_in[3] = "abc";
930
931static const uint8_t hash_data_sm3_a1_out[] = {
932 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
933 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
934 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
935 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
936};
937
938/*
939 * SM3
940 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]941 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]942 */
943static const uint8_t hash_data_sm3_a2_in[] = {
944 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
945 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
946 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
947 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
948 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
949 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
950 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
951 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
952};
953
954static const uint8_t hash_data_sm3_a2_out[] = {
955 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
956 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
957 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
958 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
959};
960
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]961struct xtest_hash_case {
962 uint32_t algo;
963 size_t in_incr;
964 const uint8_t *in;
965 size_t in_len;
966 const uint8_t *out;
967 size_t out_len;
968};
969
970#define XTEST_HASH_CASE(algo, in_incr, in, out) \
971 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
972
973static const struct xtest_hash_case hash_cases[] = {
974 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
975 hash_data_md5_out1),
976 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
977 hash_data_sha1_out1),
978 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
979 hash_data_sha224_out1),
980 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
981 hash_data_sha256_out1),
982 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
983 hash_data_sha256_out2),
984 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
985 hash_data_sha384_out1),
986 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
987 hash_data_sha512_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]988 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
989 hash_data_sm3_a1_out),
990 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
991 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]992};
993
994static void xtest_tee_test_4001(ADBG_Case_t *c)
995{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]996 TEEC_Session session = { };
997 uint32_t ret_orig = 0;
998 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]999
1000 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1001 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1002 &ret_orig)))
1003 return;
1004
1005
1006 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1007 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1008 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1009 uint8_t out[64] = { };
1010 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1011
Jerome Forissier87b00c02020-01-22 16:33:12 +0100[diff] [blame]1012 if (hash_cases[n].algo == TEE_ALG_SM3 &&
1013 !ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM3,
1014 TEE_CRYPTO_ELEMENT_NONE)) {
1015 Do_ADBG_Log("SM3 not supported: skip subcase");
1016 continue;
1017 }
1018
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1019 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
1020 (int)n, (unsigned int)hash_cases[n].algo);
1021
1022 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1023 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1024 hash_cases[n].algo,
1025 TEE_MODE_DIGEST, 0)))
1026 goto out;
1027
1028 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1029 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1030 hash_cases[n].algo,
1031 TEE_MODE_DIGEST, 0)))
1032 goto out;
1033
1034 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1035 ta_crypt_cmd_digest_update(c, &session, op1,
1036 hash_cases[n].in,
1037 hash_cases[n].in_incr)))
1038 goto out;
1039
1040 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1041 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1042 goto out;
1043
1044 out_size = sizeof(out);
1045 memset(out, 0, sizeof(out));
1046 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1047 ta_crypt_cmd_digest_do_final(c, &session, op2,
1048 hash_cases[n].in + hash_cases[n].in_incr,
1049 hash_cases[n].in_len - hash_cases[n].in_incr,
1050 out, &out_size)))
1051 goto out;
1052
1053 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1054 hash_cases[n].out_len, out, out_size);
1055
1056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1057 ta_crypt_cmd_reset_operation(c, &session, op1)))
1058 goto out;
1059
1060 out_size = sizeof(out);
1061 memset(out, 0, sizeof(out));
1062 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1063 ta_crypt_cmd_digest_do_final(c, &session, op1,
1064 hash_cases[n].in,
1065 hash_cases[n].in_len, out,
1066 &out_size)))
1067 goto out;
1068
1069 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1070 hash_cases[n].out_len, out, out_size);
1071
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1072 /*
1073 * Invoke TEE_DigestDoFinal() a second time to check that state
1074 * was properly reset
1075 */
1076 out_size = sizeof(out);
1077 memset(out, 0, sizeof(out));
1078 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1079 ta_crypt_cmd_digest_do_final(c, &session, op1,
1080 hash_cases[n].in,
1081 hash_cases[n].in_len, out,
1082 &out_size)))
1083 goto out;
1084
1085 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1086 hash_cases[n].out_len, out, out_size);
1087
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1088 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1089 ta_crypt_cmd_free_operation(c, &session, op1)))
1090 goto out;
1091
1092 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1093 ta_crypt_cmd_free_operation(c, &session, op2)))
1094 goto out;
1095
1096 Do_ADBG_EndSubCase(c, NULL);
1097 }
1098
1099out:
1100 TEEC_CloseSession(&session);
1101}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1102ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1103 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1104
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1105struct xtest_mac_case {
1106 uint32_t algo;
1107 uint32_t key_type;
1108 const uint8_t *key;
1109 size_t key_len;
1110 size_t in_incr;
1111 const uint8_t *in;
1112 size_t in_len;
1113 const uint8_t *out;
1114 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1115 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1116};
1117
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1118#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1119 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1120 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1121
1122#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1123 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1124 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1125
1126#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1127 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1128 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1129
1130#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1131 XTEST_MAC_CASE((algo), (key_type), \
1132 mac_cbc_ ## vect ## _key, (in_incr), \
1133 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1134
1135#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1136 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1137 mac_cmac_ ## vect ## _key, (in_incr), \
1138 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1139
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1140#define XTEST_MAC_DES3_CMAC_CASE(vect, in_incr) \
1141 XTEST_MAC_CASE(TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, \
1142 mac_des3_cmac_ ## vect ## _key, (in_incr), \
1143 mac_des3_cmac_ ## vect ## _data, mac_des3_cmac_ ## vect ## _out)
1144
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1145static const struct xtest_mac_case mac_cases[] = {
1146 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1147 mac_data_md5_key1,
1148 4, mac_data_md5_in1, mac_data_md5_out1),
1149 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1150 mac_data_sha1_key1,
1151 5, mac_data_sha1_in1, mac_data_sha1_out1),
1152 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1153 mac_data_sha224_key1,
1154 8, mac_data_sha224_in1, mac_data_sha224_out1),
1155 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1156 mac_data_sha256_key1,
1157 1, mac_data_sha256_in1, mac_data_sha256_out1),
1158 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1159 mac_data_sha256_key2,
1160 7, mac_data_sha256_in2, mac_data_sha256_out2),
1161 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1162 mac_data_sha384_key1,
1163 11, mac_data_sha384_in1, mac_data_sha384_out1),
1164 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1165 mac_data_sha512_key1,
1166 13, mac_data_sha512_in1, mac_data_sha512_out1),
1167
1168 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1169 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1170 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1171 17),
1172 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1173 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1174 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1175 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1176 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1177 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1178 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1179 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1180
1181 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1182 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1183 ARRAY_SIZE(mac_cmac_vect1_out) },
1184 XTEST_MAC_CMAC_CASE(vect2, 9),
1185 XTEST_MAC_CMAC_CASE(vect3, 9),
1186 XTEST_MAC_CMAC_CASE(vect4, 9),
1187 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1188 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1189 ARRAY_SIZE(mac_cmac_vect5_out) },
1190 XTEST_MAC_CMAC_CASE(vect6, 9),
1191 XTEST_MAC_CMAC_CASE(vect7, 9),
1192 XTEST_MAC_CMAC_CASE(vect8, 9),
1193 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1194 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1195 ARRAY_SIZE(mac_cmac_vect9_out) },
1196 XTEST_MAC_CMAC_CASE(vect10, 9),
1197 XTEST_MAC_CMAC_CASE(vect11, 9),
1198 XTEST_MAC_CMAC_CASE(vect12, 9),
Clement Faure21b347a2021-04-29 13:06:55 +0200[diff] [blame]1199 XTEST_MAC_CMAC_CASE(vect12, 16),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1200
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1201 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect1_key,
1202 ARRAY_SIZE(mac_des3_cmac_vect1_key), 0, NULL, 0, mac_des3_cmac_vect1_out,
1203 ARRAY_SIZE(mac_des3_cmac_vect1_out) },
1204 XTEST_MAC_DES3_CMAC_CASE(vect2, 3),
1205 XTEST_MAC_DES3_CMAC_CASE(vect3, 9),
1206 XTEST_MAC_DES3_CMAC_CASE(vect4, 9),
1207 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect5_key,
1208 ARRAY_SIZE(mac_des3_cmac_vect5_key), 0, NULL, 0, mac_des3_cmac_vect5_out,
1209 ARRAY_SIZE(mac_des3_cmac_vect5_out) },
1210 XTEST_MAC_DES3_CMAC_CASE(vect6, 3),
1211 XTEST_MAC_DES3_CMAC_CASE(vect7, 5),
1212 XTEST_MAC_DES3_CMAC_CASE(vect8, 9),
1213
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1214 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1215 mac_data_sm3_d31_key,
1216 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1217 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1218 mac_data_sm3_d32_key,
1219 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1220};
1221
1222static void xtest_tee_test_4002(ADBG_Case_t *c)
1223{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1224 TEEC_Session session = { };
1225 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1226 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1227 TEE_OperationHandle op3 = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1228 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1229 uint8_t out[64] = { };
1230 size_t out_size = 0;
1231 uint32_t ret_orig = 0;
1232 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1233
1234 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1235 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1236 &ret_orig)))
1237 return;
1238
1239 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1240 TEE_Attribute key_attr = { };
1241 size_t key_size = 0;
1242 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1243
1244 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1245 (int)n, (unsigned int)mac_cases[n].algo);
1246
1247 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1248 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1249 key_attr.content.ref.length = mac_cases[n].key_len;
1250
1251 key_size = key_attr.content.ref.length * 8;
1252 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1253 mac_cases[n].key_type == TEE_TYPE_DES3)
1254 /* Exclude parity in bit size of key */
1255 key_size -= key_size / 8;
1256
1257 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1258 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1259 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1260 goto out;
1261
1262 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1263 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1264 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1265 goto out;
1266
1267 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1268 ta_crypt_cmd_allocate_operation(c, &session, &op3,
1269 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1270 goto out;
1271
1272 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1273 ta_crypt_cmd_allocate_transient_object(c, &session,
1274 mac_cases[n].key_type, key_size, &key_handle)))
1275 goto out;
1276
1277 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1278 ta_crypt_cmd_populate_transient_object(c, &session,
1279 key_handle, &key_attr, 1)))
1280 goto out;
1281
1282 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1283 ta_crypt_cmd_set_operation_key(c, &session, op1,
1284 key_handle)))
1285 goto out;
1286
1287 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1288 ta_crypt_cmd_free_transient_object(c, &session,
1289 key_handle)))
1290 goto out;
1291
1292 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1293 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1294 goto out;
1295
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1296 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1297 ta_crypt_cmd_copy_operation(c, &session, op3, op1)))
1298 goto out;
1299
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1300 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1301 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1302 while (offs + mac_cases[n].in_incr <
1303 mac_cases[n].in_len) {
1304 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1305 ta_crypt_cmd_mac_update(c, &session,
1306 op1, mac_cases[n].in + offs,
1307 mac_cases[n].in_incr)))
1308 goto out;
1309 offs += mac_cases[n].in_incr;
1310 if (!mac_cases[n].multiple_incr)
1311 break;
1312 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1313 }
1314
1315 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1316 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1317 goto out;
1318
1319 out_size = sizeof(out);
1320 memset(out, 0, sizeof(out));
1321 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1322 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1323 mac_cases[n].in + offs,
1324 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1325 out, &out_size)))
1326 goto out;
1327
1328 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1329 mac_cases[n].out_len, out, out_size);
1330
1331 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1332 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1333 goto out;
1334
1335 out_size = sizeof(out);
1336 memset(out, 0, sizeof(out));
1337 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1338 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1339 mac_cases[n].in, mac_cases[n].in_len, out,
1340 &out_size)))
1341 goto out;
1342
1343 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1344 mac_cases[n].out_len, out, out_size);
1345
1346 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1347 ta_crypt_cmd_mac_final_compare(c, &session, op3,
1348 mac_cases[n].in, mac_cases[n].in_len,
1349 mac_cases[n].out, mac_cases[n].out_len)))
1350 goto out;
1351
1352 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1353 ta_crypt_cmd_free_operation(c, &session, op1)))
1354 goto out;
1355
1356 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1357 ta_crypt_cmd_free_operation(c, &session, op2)))
1358 goto out;
1359
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1360 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1361 ta_crypt_cmd_free_operation(c, &session, op3)))
1362 goto out;
1363
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1364 Do_ADBG_EndSubCase(c, NULL);
1365 }
1366out:
1367 TEEC_CloseSession(&session);
1368}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1369ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1370 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1371
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1372static const uint8_t ciph_data_aes_key1[] = {
1373 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1374 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1375};
1376
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1377static const uint8_t ciph_data_aes_key2[] = {
1378 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1379 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1380};
1381
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1382static const uint8_t ciph_data_des_key1[] = {
1383 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1384};
1385
1386static const uint8_t ciph_data_des_key2[] = {
1387 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1388};
1389
1390
1391static const uint8_t ciph_data_des3_key1[] = {
1392 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1393 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1394 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1395};
1396
1397static const uint8_t ciph_data_des3_key2[] = {
1398 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1399 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1400 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1401};
1402
1403static const uint8_t ciph_data_des2_key1[] = {
1404 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1405 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1406};
1407
1408static const uint8_t ciph_data_in1[] = {
1409 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1410 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1411 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1412 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1413 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1414 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1415};
1416
1417static const uint8_t ciph_data_in3[] = {
1418 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1419 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1420 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1421 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1422 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1423 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1424};
1425
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1426static const uint8_t ciph_data_in4[] = {
1427 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1428 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1429 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1430 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1431 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1432 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1433 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1434 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1435};
1436
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1437static const uint8_t ciph_data_in5[] = {
1438 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1439 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1440 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1441 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1442 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1443 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1444 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1445 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1446 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1447 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1448 0x01, 0x01, 0x01
1449};
1450
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1451static const uint8_t ciph_data_128_iv1[] = {
1452 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1453 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1454};
1455
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1456static const uint8_t ciph_data_128_iv2[] = {
1457 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1458 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1459};
1460
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1461static const uint8_t ciph_data_64_iv1[] = {
1462 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1463};
1464
1465static const uint8_t ciph_data_in2[] = {
1466 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1467};
1468
1469static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1470 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1471 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1472 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1473 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1474 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1475 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1476};
1477
1478static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1479 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1480 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1481 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1482 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1483 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1484 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1485};
1486
1487static const uint8_t ciph_data_aes_ctr_out1[] = {
1488 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1489 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1490 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1491 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1492 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1493 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1494};
1495
1496static const uint8_t ciph_data_aes_ctr_out2[] = {
1497 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1498 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1499 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1500 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1501 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1502 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1503};
1504
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1505static const uint8_t ciph_data_aes_ctr_out4[] = {
1506 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1507 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1508 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1509 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1510 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1511 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1512 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1513 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1514};
1515
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1516static const uint8_t ciph_data_aes_ctr_out5[] = {
1517 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1518 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1519 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1520 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1521 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1522 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1523 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1524 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1525 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1526 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1527 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1528};
1529
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1530static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1531 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1532 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1533};
1534
1535static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1536 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1537 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1538};
1539
1540static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1541 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1542 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1543 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1544 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1545 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1546 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1547 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1548 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1549 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1550 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1551 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1552 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1553 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1554 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1555 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1556 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1557 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1558 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1559 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1560 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1561};
1562
1563static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1564 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1565 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1566 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1567 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1568 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1569 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1570 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1571 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1572 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1573 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1574 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1575 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1576 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1577 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1578 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1579 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1580 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1581 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1582 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1583 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1584};
1585
1586/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1587 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1588static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1589 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1590 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1591};
1592
1593static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1594 0x00
1595};
1596
1597static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1598 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1599 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1600 0x20
1601};
1602
1603static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1604 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1605 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1606 0x97
1607};
1608
1609#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1610#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1611static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1612 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1613 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1614 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1615 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1616};
1617
1618static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1619 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1620 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1621 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1622 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1623};
1624
1625#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1626#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1627static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1628 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1629 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1630 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1631 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1632};
1633
1634static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1635 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1636 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1637 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1638 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1639};
1640
1641#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
1642#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
1643static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
1644 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1645 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1646 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1647 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1648 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1649 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
1650};
1651
1652static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
1653 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1654 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1655 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
1656 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
1657 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1658 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
1659};
1660
1661#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
1662#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
1663static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
1664 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1665 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1666 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1667 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1668 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1669 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1670};
1671
1672static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
1673 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1674 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1675 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1676 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1677 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1678 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1679};
1680
1681#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
1682#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
1683static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
1684 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1685 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1686 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1687 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1688 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1689 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1690 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
1691 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
1692};
1693
1694static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
1695 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1696 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1697 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1698 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1699 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
1700 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
1701 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1702 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1703};
1704
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]1705/*
1706 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
1707 * 80 bytes of data, processed in two steps (32 + 48).
1708 */
1709
1710#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
1711
1712static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
1713 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
1714 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
1715};
1716
1717static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
1718 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
1719 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
1720 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
1721 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
1722 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
1723 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
1724 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
1725 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
1726 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
1727 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
1728};
1729
1730/*
1731 * Ciphertext was generated by an online tool for AES CBC.
1732 * Since the input size is a multiple of the block size, and the ciphertext
1733 * format is CS3, the output is the same as plain AES CBC with the last
1734 * two blocks swapped.
1735 */
1736static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
1737 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
1738 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
1739 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
1740 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
1741 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
1742 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
1743 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
1744 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
1745 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
1746 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
1747};
1748
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1749static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
1750 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
1751 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
1752 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
1753 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
1754 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
1755 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
1756};
1757
1758static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
1759 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
1760};
1761
1762static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
1763 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
1764 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
1765 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
1766 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
1767 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
1768 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
1769};
1770
1771static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
1772 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
1773 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
1774 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
1775 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
1776 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
1777 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
1778};
1779
1780static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
1781 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
1782 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
1783 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
1784 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
1785 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
1786 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
1787};
1788
1789static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
1790 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
1791 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
1792 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
1793 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
1794 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
1795 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
1796};
1797
1798static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
1799 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
1800 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
1801 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
1802 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
1803 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
1804 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
1805};
1806
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]1807/* SM4 ECB */
1808
1809static const uint8_t ciph_data_sm4_key1[] = {
1810 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1811 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1812};
1813
1814static const uint8_t ciph_data_sm4_in1[] = {
1815 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1816 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1817};
1818
1819static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
1820 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
1821 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
1822};
1823
1824/*
1825 * SM4 CBC
1826 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
1827 */
1828static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
1829 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1830 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1831};
1832
1833static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
1834 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1835 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1836};
1837
1838static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
1839 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1840 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1841 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1842 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1843};
1844
1845static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
1846 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
1847 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
1848 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
1849 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
1850};
1851
1852/*
1853 * SM4 CBC
1854 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
1855 */
1856static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
1857 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1858 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1859};
1860
1861static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
1862 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1863 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1864};
1865
1866static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
1867 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1868 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1869 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1870 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1871};
1872
1873static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
1874 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
1875 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
1876 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
1877 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
1878};
1879
1880/*
1881 * SM4 CTR
1882 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
1883 */
1884static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
1885 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1886 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1887};
1888
1889static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
1890 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1891 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1892};
1893
1894static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
1895 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1896 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1897 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1898 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1899 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1900 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1901 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1902 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1903};
1904
1905static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
1906 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
1907 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
1908 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
1909 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
1910 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
1911 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
1912 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
1913 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
1914};
1915
1916/*
1917 * SM4 CTR
1918 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
1919 */
1920static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
1921 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1922 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1923};
1924
1925static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
1926 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1927 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1928};
1929
1930static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
1931 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1932 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1933 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1934 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1935 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1936 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1937 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1938 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1939};
1940
1941static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
1942 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
1943 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
1944 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
1945 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
1946 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
1947 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
1948 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
1949 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
1950};
1951
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1952struct xtest_ciph_case {
1953 uint32_t algo;
1954 uint32_t mode;
1955 uint32_t key_type;
1956 const uint8_t *key1;
1957 size_t key1_len;
1958 const uint8_t *key2;
1959 size_t key2_len;
1960 const uint8_t *iv;
1961 size_t iv_len;
1962 size_t in_incr;
1963 const uint8_t *in;
1964 size_t in_len;
1965 const uint8_t *out;
1966 size_t out_len;
1967 size_t line;
1968};
1969
1970#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
1971 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1972 NULL, 0, NULL, 0, \
1973 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
1974 __LINE__ }, \
1975 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1976 NULL, 0, NULL, 0, \
1977 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
1978
1979#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
1980 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1981 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
1982 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
1983 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1984 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
1985 (ptx), ARRAY_SIZE(ptx), __LINE__ }
1986
1987#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
1988 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
1989 ciph_data_aes_xts_ ## vect ## _key1, \
1990 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
1991 ciph_data_aes_xts_ ## vect ## _key2, \
1992 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
1993 ciph_data_aes_xts_ ## vect ## _iv, \
1994 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
1995 (in_incr), \
1996 ciph_data_aes_xts_ ## vect ## _ptx, \
1997 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
1998 ciph_data_aes_xts_ ## vect ## _ctx, \
1999 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2000 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2001 ciph_data_aes_xts_ ## vect ## _key1, \
2002 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2003 ciph_data_aes_xts_ ## vect ## _key2, \
2004 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2005 ciph_data_aes_xts_ ## vect ## _iv, \
2006 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2007 (in_incr), \
2008 ciph_data_aes_xts_ ## vect ## _ctx, \
2009 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2010 ciph_data_aes_xts_ ## vect ## _ptx, \
2011 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2012
2013#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2014 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2015 ciph_data_aes_cbc_ ## vect ## _key, \
2016 ciph_data_aes_cbc_ ## vect ## _iv, \
2017 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2018 ciph_data_aes_cbc_ ## vect ## _ctx)
2019
2020#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2021 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2022 ciph_data_aes_cts_ ## vect ## _key, \
2023 ciph_data_aes_cts_ ## vect ## _iv, \
2024 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2025 ciph_data_aes_cts_ ## vect ## _ctx)
2026
2027static const struct xtest_ciph_case ciph_cases[] = {
2028 /* AES */
2029 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2030 ciph_data_aes_key1, 11, ciph_data_in1,
2031 ciph_data_aes_ecb_nopad_out1),
2032 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2033 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2034 ciph_data_in1,
2035 ciph_data_aes_cbc_nopad_out1),
2036 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2037 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2038 ciph_data_in1,
2039 ciph_data_aes_ctr_out1),
2040 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2041 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2042 ciph_data_in3,
2043 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2044 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2045 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2046 ciph_data_in3,
2047 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2048 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2049 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2050 ciph_data_in4,
2051 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2052 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2053 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2054 ciph_data_in5,
2055 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2056
2057 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2058 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2059
2060 /* AES-CTS */
2061 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2062 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2063 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2064 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2065 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2066 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2067 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2068 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2069
2070 /* DES */
2071 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2072 ciph_data_des_key1, 14, ciph_data_in1,
2073 ciph_data_des_ecb_nopad_out1),
2074 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2075 ciph_data_des_key2, 3, ciph_data_in2,
2076 ciph_data_des_ecb_nopad_out2),
2077 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2078 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2079 ciph_data_des_cbc_nopad_out1),
2080
2081 /* DES3 */
2082 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2083 ciph_data_des3_key1, 11, ciph_data_in1,
2084 ciph_data_des3_ecb_nopad_out1),
2085 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2086 ciph_data_des3_key2, 3, ciph_data_in2,
2087 ciph_data_des_ecb_nopad_out2),
2088 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2089 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2090 ciph_data_in1,
2091 ciph_data_des3_cbc_nopad_out1),
2092
2093 /* DES2 */
2094 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2095 ciph_data_des2_key1, 11, ciph_data_in1,
2096 ciph_data_des2_ecb_nopad_out1),
2097 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2098 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2099 ciph_data_in1,
2100 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2101
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2102 /* AES-XTS */
2103 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2104 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2105 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2106 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2107 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2108 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2109 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2110 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2111 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2112 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2113 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2114 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2115 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2116 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2117 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2118 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2119 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2120 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2121 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2122
2123 /* SM4 */
2124 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2125 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2126 ciph_data_sm4_ecb_nopad_out1),
2127 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2128 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2129 11, ciph_data_sm4_cbc_a221_in,
2130 ciph_data_sm4_cbc_a221_out),
2131 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2132 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2133 11, ciph_data_sm4_cbc_a222_in,
2134 ciph_data_sm4_cbc_a222_out),
2135 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2136 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2137 11, ciph_data_sm4_ctr_a251_in,
2138 ciph_data_sm4_ctr_a251_out),
2139 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2140 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2141 11, ciph_data_sm4_ctr_a252_in,
2142 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2143};
2144
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2145static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2146{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2147 TEEC_Session session = { };
2148 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2149 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2150 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2151 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2152 uint8_t out[2048] = { };
2153 size_t out_size = 0;
2154 size_t out_offs = 0;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2155 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2156 uint32_t ret_orig = 0;
2157 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2158
2159 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2160 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2161 &ret_orig)))
2162 return;
2163
2164 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2165 TEE_Attribute key_attr = { };
2166 size_t key_size = 0;
2167 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2168
Jerome Forissier817d99f2020-01-22 16:33:12 +0100[diff] [blame]2169 switch (ciph_cases[n].algo) {
2170 case TEE_ALG_SM4_CTR:
2171 case TEE_ALG_SM4_CBC_NOPAD:
2172 case TEE_ALG_SM4_ECB_NOPAD:
2173 if (!ta_crypt_cmd_is_algo_supported(c, &session,
2174 ciph_cases[n].algo, TEE_CRYPTO_ELEMENT_NONE)) {
2175 Do_ADBG_Log("SM4 not supported: skip subcase");
2176 continue;
2177 }
2178 break;
2179 default:
2180 break;
2181 }
2182
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2183 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2184 (int)n, (unsigned int)ciph_cases[n].algo,
2185 (int)ciph_cases[n].line);
2186
2187 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2188 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2189 key_attr.content.ref.length = ciph_cases[n].key1_len;
2190
2191 key_size = key_attr.content.ref.length * 8;
2192 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2193 ciph_cases[n].key_type == TEE_TYPE_DES3)
2194 /* Exclude parity in bit size of key */
2195 key_size -= key_size / 8;
2196
2197 op_key_size = key_size;
2198 if (ciph_cases[n].key2 != NULL)
2199 op_key_size *= 2;
2200
2201 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2202 ta_crypt_cmd_allocate_operation(c, &session, &op,
2203 ciph_cases[n].algo, ciph_cases[n].mode,
2204 op_key_size)))
2205 goto out;
2206
2207 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2208 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2209 ciph_cases[n].algo, ciph_cases[n].mode,
2210 op_key_size)))
2211 goto out;
2212
2213 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2214 ta_crypt_cmd_allocate_transient_object(c, &session,
2215 ciph_cases[n].key_type, key_size,
2216 &key1_handle)))
2217 goto out;
2218
2219 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2220 ta_crypt_cmd_populate_transient_object(c, &session,
2221 key1_handle, &key_attr, 1)))
2222 goto out;
2223
2224 if (ciph_cases[n].key2 != NULL) {
2225 key_attr.content.ref.buffer =
2226 (void *)ciph_cases[n].key2;
2227 key_attr.content.ref.length = ciph_cases[n].key2_len;
2228
2229 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2230 ta_crypt_cmd_allocate_transient_object(c,
2231 &session, ciph_cases[n].key_type,
2232 key_attr.content.ref.length * 8,
2233 &key2_handle)))
2234 goto out;
2235
2236 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2237 ta_crypt_cmd_populate_transient_object(c,
2238 &session, key2_handle, &key_attr, 1)))
2239 goto out;
2240
2241 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2242 ta_crypt_cmd_set_operation_key2(c, &session, op,
2243 key1_handle, key2_handle)))
2244 goto out;
2245 } else {
2246 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2247 ta_crypt_cmd_set_operation_key(c, &session, op,
2248 key1_handle)))
2249 goto out;
2250 }
2251
2252 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2253 ta_crypt_cmd_free_transient_object(c, &session,
2254 key1_handle)))
2255 goto out;
2256 key1_handle = TEE_HANDLE_NULL;
2257
2258 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2259 ta_crypt_cmd_free_transient_object(c, &session,
2260 key2_handle)))
2261 goto out;
2262 key2_handle = TEE_HANDLE_NULL;
2263
2264 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2265 ta_crypt_cmd_cipher_init(c, &session, op,
2266 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2267 goto out;
2268
2269 out_offs = 0;
2270 out_size = sizeof(out);
2271 memset(out, 0, sizeof(out));
2272 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2273 ta_crypt_cmd_cipher_update(c, &session, op,
2274 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2275 &out_size)))
2276 goto out;
2277
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2278 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2279 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2280 ciph_cases[n].in_incr);
2281
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2282 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2283 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2284 goto out;
2285
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2286 out_offs += out_size;
2287 out_size = sizeof(out) - out_offs;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2288 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2289
2290 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2291 ta_crypt_cmd_cipher_do_final(c, &session, op,
2292 ciph_cases[n].in + ciph_cases[n].in_incr,
2293 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2294 out + out_offs,
2295 &out_size)))
2296 goto out;
2297
2298 out_offs += out_size;
2299
2300 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2301 ciph_cases[n].out_len, out, out_offs);
2302
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2303 /* test on the copied op2 */
2304 out_size = sizeof(out) - out_offs2;
2305
2306 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2307 ta_crypt_cmd_cipher_do_final(c, &session, op2,
2308 ciph_cases[n].in + ciph_cases[n].in_incr,
2309 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2310 out + out_offs2,
2311 &out_size)))
2312 goto out;
2313
2314 out_offs2 += out_size;
2315
2316 ADBG_EXPECT_BUFFER(c, ciph_cases[n].out, ciph_cases[n].out_len,
2317 out, out_offs2);
2318
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2319 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2320 ta_crypt_cmd_free_operation(c, &session, op)))
2321 goto out;
2322
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2323 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2324 ta_crypt_cmd_free_operation(c, &session, op2)))
2325 goto out;
2326
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2327 Do_ADBG_EndSubCase(c, NULL);
2328 }
2329out:
2330 TEEC_CloseSession(&session);
2331}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2332ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2333 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2334
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2335static void xtest_tee_test_4004(ADBG_Case_t *c)
2336{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2337 TEEC_Session session = { };
2338 uint32_t ret_orig = 0;
2339 uint8_t buf1[45] = { };
2340 uint8_t buf2[45] = { };
2341 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2342
2343 Do_ADBG_BeginSubCase(c, "TEE get random");
2344 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2345 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2346 &ret_orig)))
2347 return;
2348
2349 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2350 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2351 sizeof(buf1))))
2352 goto out;
2353
2354 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2355 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2356
2357 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2358 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2359 sizeof(buf2))))
2360 goto out;
2361
2362 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2363 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2364
2365 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2366 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2367out:
2368 TEEC_CloseSession(&session);
2369 Do_ADBG_EndSubCase(c, "TEE get random");
2370}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2371ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2372 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2373
2374struct xtest_ae_case {
2375 uint32_t algo;
2376 uint32_t mode;
2377 uint32_t key_type;
2378 const uint8_t *key;
2379 size_t key_len;
2380 const uint8_t *nonce;
2381 size_t nonce_len;
2382 size_t aad_incr;
2383 const uint8_t *aad;
2384 size_t aad_len;
2385 size_t in_incr;
2386 const uint8_t *ptx;
2387 size_t ptx_len;
2388 const uint8_t *ctx;
2389 size_t ctx_len;
2390 const uint8_t *tag;
2391 size_t tag_len;
2392 size_t line;
2393};
2394
2395
2396#define ARRAY(a) a, ARRAY_SIZE(a)
2397#define NULL_ARRAY(a) NULL, 0
2398
2399#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2400 aad_array, ptx_array, ctx_array) \
2401 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2402 ARRAY(vect ## _nonce), (aad_incr), \
2403 aad_array(vect ## _aad), (in_incr), \
2404 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2405 ARRAY(vect ## _tag), \
2406 __LINE__ }, \
2407 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2408 ARRAY(vect ## _nonce), (aad_incr), \
2409 aad_array(vect ## _aad), (in_incr), \
2410 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2411 ARRAY(vect ## _tag), \
2412 __LINE__ }
2413
2414#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2415 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2416 in_incr, ARRAY, ARRAY, ARRAY)
2417
2418#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2419 aad_array, ptx_array, ctx_array) \
2420 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2421 in_incr, aad_array, ptx_array, ctx_array)
2422
2423
2424
2425static const struct xtest_ae_case ae_cases[] = {
2426 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2427 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2428 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2429
2430 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2431 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2432 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2433 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2434 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2435 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2436 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2437 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2438 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2439 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2440 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2441 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2442 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2443 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2444 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2445 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2446 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2447 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2448 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2449#ifdef CFG_GCM_NIST_VECTORS
2450#include "gcmDecrypt128.h"
2451#include "gcmDecrypt192.h"
2452#include "gcmDecrypt256.h"
2453#include "gcmEncryptExtIV128.h"
2454#include "gcmEncryptExtIV192.h"
2455#include "gcmEncryptExtIV256.h"
2456#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2457};
2458
2459static void xtest_tee_test_4005(ADBG_Case_t *c)
2460{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2461 TEEC_Session session = { };
2462 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2463 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2464 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2465 TEE_Attribute key_attr = { };
2466 uint8_t out[512] = { };
2467 size_t out_size = 0;
2468 size_t out_offs = 0;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2469 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2470 uint32_t ret_orig = 0;
2471 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2472
2473 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2474 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2475 &ret_orig)))
2476 return;
2477
2478 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2479 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2480 (int)n, (unsigned int)ae_cases[n].algo,
2481 (int)ae_cases[n].line);
2482
2483 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2484 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2485 key_attr.content.ref.length = ae_cases[n].key_len;
2486
2487 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2488 ta_crypt_cmd_allocate_operation(c, &session, &op,
2489 ae_cases[n].algo, ae_cases[n].mode,
2490 key_attr.content.ref.length * 8)))
2491 goto out;
2492
2493 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2494 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2495 ae_cases[n].algo, ae_cases[n].mode,
2496 key_attr.content.ref.length * 8)))
2497 goto out;
2498
2499 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2500 ta_crypt_cmd_allocate_transient_object(c, &session,
2501 ae_cases[n].key_type,
2502 key_attr.content.ref.length * 8,
2503 &key_handle)))
2504 goto out;
2505
2506 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2507 ta_crypt_cmd_populate_transient_object(c, &session,
2508 key_handle, &key_attr, 1)))
2509 goto out;
2510
2511 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2512 ta_crypt_cmd_set_operation_key(c, &session, op,
2513 key_handle)))
2514 goto out;
2515
2516 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2517 ta_crypt_cmd_free_transient_object(c, &session,
2518 key_handle)))
2519 goto out;
2520 key_handle = TEE_HANDLE_NULL;
2521
2522 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2523 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2524 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2525 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2526 goto out;
2527
2528 if (ae_cases[n].aad != NULL) {
2529 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2530 ta_crypt_cmd_ae_update_aad(c, &session, op,
2531 ae_cases[n].aad, ae_cases[n].aad_incr)))
2532 goto out;
2533
2534 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2535 ta_crypt_cmd_ae_update_aad(c, &session, op,
2536 ae_cases[n].aad + ae_cases[n].aad_incr,
2537 ae_cases [n].aad_len -
2538 ae_cases[n].aad_incr)))
2539 goto out;
2540 }
2541
2542 out_offs = 0;
2543 out_size = sizeof(out);
2544 memset(out, 0, sizeof(out));
2545 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2546 if (ae_cases[n].ptx != NULL) {
2547 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2548 ta_crypt_cmd_ae_update(c, &session, op,
2549 ae_cases[n].ptx,
2550 ae_cases[n].in_incr, out,
2551 &out_size)))
2552 goto out;
2553 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2554 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2555 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2556 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2557 }
2558 } else {
2559 if (ae_cases[n].ctx != NULL) {
2560 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2561 ta_crypt_cmd_ae_update(c, &session, op,
2562 ae_cases[n].ctx,
2563 ae_cases[n].in_incr, out,
2564 &out_size)))
2565 goto out;
2566 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2567 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2568 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2569 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2570 }
2571 }
2572
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2573 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2574 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2575 goto out;
2576
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2577 out_size = sizeof(out) - out_offs;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2578 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2579 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2580 uint8_t out_tag[64];
2581 size_t out_tag_len = MIN(sizeof(out_tag),
2582 ae_cases[n].tag_len);
2583
2584 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2585 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2586 ae_cases[n].ptx + ae_cases[n].in_incr,
2587 ae_cases[n].ptx_len -
2588 ae_cases[n].in_incr,
2589 out + out_offs,
2590 &out_size, out_tag, &out_tag_len)))
2591 goto out;
2592
2593 (void)ADBG_EXPECT_BUFFER(c,
2594 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2595 out_tag_len);
2596
2597 out_offs += out_size;
2598
2599 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2600 ae_cases[n].ctx_len, out, out_offs);
2601 } else {
2602 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2603 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2604 ae_cases[n].ctx + ae_cases[n].in_incr,
2605 ae_cases[n].ctx_len -
2606 ae_cases[n].in_incr,
2607 out + out_offs,
2608 &out_size, ae_cases[n].tag,
2609 ae_cases[n].tag_len)))
2610 goto out;
2611
2612 out_offs += out_size;
2613
2614 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2615 ae_cases[n].ptx_len, out, out_offs);
2616 }
2617
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2618 /* test on the copied op2 */
2619 out_size = sizeof(out) - out_offs2;
2620 memset(out + out_offs2, 0, out_size);
2621 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2622 uint8_t out_tag[64] = { 0 };
2623 size_t out_tag_len = MIN(sizeof(out_tag),
2624 ae_cases[n].tag_len);
2625
2626 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2627 ta_crypt_cmd_ae_encrypt_final(c, &session, op2,
2628 ae_cases[n].ptx + ae_cases[n].in_incr,
2629 ae_cases[n].ptx_len -
2630 ae_cases[n].in_incr,
2631 out + out_offs2,
2632 &out_size, out_tag, &out_tag_len)))
2633 goto out;
2634
2635 ADBG_EXPECT_BUFFER(c, ae_cases[n].tag,
2636 ae_cases[n].tag_len, out_tag,
2637 out_tag_len);
2638
2639 out_offs2 += out_size;
2640
2641 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2642 ae_cases[n].ctx_len, out, out_offs2);
2643 } else {
2644 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2645 ta_crypt_cmd_ae_decrypt_final(c, &session, op2,
2646 ae_cases[n].ctx + ae_cases[n].in_incr,
2647 ae_cases[n].ctx_len -
2648 ae_cases[n].in_incr,
2649 out + out_offs2,
2650 &out_size, ae_cases[n].tag,
2651 ae_cases[n].tag_len)))
2652 goto out;
2653
2654 out_offs2 += out_size;
2655
2656 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2657 ae_cases[n].ptx_len, out, out_offs2);
2658 }
2659
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2660 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2661 ta_crypt_cmd_free_operation(c, &session, op)))
2662 goto out;
2663
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2664 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2665 ta_crypt_cmd_free_operation(c, &session, op2)))
2666 goto out;
2667
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2668 Do_ADBG_EndSubCase(c, NULL);
2669 }
2670out:
2671 TEEC_CloseSession(&session);
2672}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2673ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
2674 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2675
2676struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2677 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2678 uint32_t algo;
2679 TEE_OperationMode mode;
2680
2681 union {
2682 struct {
2683 const uint8_t *modulus;
2684 size_t modulus_len;
2685
2686 const uint8_t *pub_exp;
2687 size_t pub_exp_len;
2688
2689 const uint8_t *priv_exp;
2690 size_t priv_exp_len;
2691
2692 const uint8_t *prime1; /* q */
2693 size_t prime1_len;
2694 const uint8_t *prime2; /* p */
2695 size_t prime2_len;
2696 const uint8_t *exp1; /* dp */
2697 size_t exp1_len;
2698 const uint8_t *exp2; /* dq */
2699 size_t exp2_len;
2700 const uint8_t *coeff; /* iq */
2701 size_t coeff_len;
2702
2703 int salt_len;
2704 } rsa;
2705 struct {
2706 const uint8_t *prime;
2707 size_t prime_len;
2708 const uint8_t *sub_prime;
2709 size_t sub_prime_len;
2710 const uint8_t *base;
2711 size_t base_len;
2712 const uint8_t *pub_val;
2713 size_t pub_val_len;
2714 const uint8_t *priv_val;
2715 size_t priv_val_len;
2716 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2717 struct {
2718 const uint8_t *private;
2719 size_t private_len;
2720 const uint8_t *public_x;
2721 size_t public_x_len;
2722 const uint8_t *public_y;
2723 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2724 } ecc;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2725 } params;
2726
2727 const uint8_t *ptx;
2728 size_t ptx_len;
2729 const uint8_t *ctx;
2730 size_t ctx_len;
2731 size_t line;
2732};
2733
2734#define WITHOUT_SALT(x) -1
2735#define WITH_SALT(x) x
2736
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2737#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2738 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2739 ARRAY(vect ## _ptx), \
2740 ARRAY(vect ## _out), \
2741 __LINE__ }
2742
2743#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2744 { .rsa = { \
2745 ARRAY(vect ## _modulus), \
2746 ARRAY(vect ## _pub_exp), \
2747 ARRAY(vect ## _priv_exp), \
2748 opt_crt_array(vect ## _prime1), \
2749 opt_crt_array(vect ## _prime2), \
2750 opt_crt_array(vect ## _exp1), \
2751 opt_crt_array(vect ## _exp2), \
2752 opt_crt_array(vect ## _coeff), \
2753 opt_salt(vect ## _salt_len) \
2754 } }
2755
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2756#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2757 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2758 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2759
2760#define XTEST_AC_DSA_UNION(vect) \
2761 { .dsa = { \
2762 ARRAY(vect ## _prime), \
2763 ARRAY(vect ## _sub_prime), \
2764 ARRAY(vect ## _base), \
2765 ARRAY(vect ## _pub_val), \
2766 ARRAY(vect ## _priv_val), \
2767 } }
2768
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2769#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2770 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2771
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2772#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2773 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2774 ARRAY(vect ## _private), \
2775 ARRAY(vect ## _public_x), \
2776 ARRAY(vect ## _public_y), \
2777 } }
2778
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2779#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2780 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2781
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2782static const struct xtest_ac_case xtest_ac_cases[] = {
2783 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2784 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2785 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2786 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2787 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2788 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2789 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2790 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2791 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2792 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2793 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2794 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2795 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2796 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2797 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2798 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2799 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2800 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2801 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2802 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2803 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2804 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2805 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2806 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2807 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2808 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2809 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2810 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2811 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2812 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2813 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2814 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2815 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2816 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2817 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2818 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2819 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2820 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2821 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2822 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2823 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2824
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2825 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2826 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2827 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2828 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2829
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]2830#ifdef CFG_CRYPTO_RSASSA_NA1
2831 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
2832 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2833 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
2834 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2835#endif
2836
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2837 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2838 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2839 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2840 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2841
2842 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2843 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2844 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2845 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2846
2847 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2848 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2849 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2850 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
2851
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2852 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2853 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2854 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2855 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2856 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2857
2858 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2859 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2860 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2861 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2862 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2863 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2864
2865 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2866 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2867 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2868 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2869 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2870 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2871
2872 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2873 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2874 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2875 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2876 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2877 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2878
2879 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2880 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2881 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2882 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2883 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2884 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
2885
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2886 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2887 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2888 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2889 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2890 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2891 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2892 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2893 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2894 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2895 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2896 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2897 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
2898
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2899 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2900 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2901 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2902 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2903 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2904 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2905 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2906 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2907 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2908 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2909 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2910 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2911 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2912 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2913 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2914 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2915 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2916 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
2917
2918 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2919 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2920 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2921 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2922 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2923 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2924 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2925 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2926 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2927 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2928 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2929 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2930 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2931 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2932 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2933 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2934 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2935 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2936 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2937 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2938 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2939 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2940 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2941 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2942 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2943 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2944 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2945 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2946 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2947 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2948 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2949 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2950 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2951 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2952 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2953 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2954 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2955 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2956 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2957 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2958 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2959 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2960 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2961 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2962 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
2963
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2964 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2965 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2966 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2967 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2968 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2969 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2970 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2971 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2972 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2973 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2974 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2975 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2976 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2977 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2978 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2979 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2980 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2981 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2982 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2983 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2984 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2985 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2986 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2987 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2988 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2989 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2990 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2991 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2992 ac_rsassa_vect15, ARRAY, WITH_SALT),
2993
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2994 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2995 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2996 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2997 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2998 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2999 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3000 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3001 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3002 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3003 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3004 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3005 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3006
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3007 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3008 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3009 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3010 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3011 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3012 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3013 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3014 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3015 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3016 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3017 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3018 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3019 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3020 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3021 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3022 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3023 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3024 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3025
3026 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3027 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3028 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3029 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3030 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3031 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3032 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3033 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3034 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3035 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3036 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3037 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3038 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3039 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3040 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3041 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3042 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3043 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3044 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3045 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3046 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3047 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3048 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3049 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3050 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3051 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3052 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3053 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3054 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3055 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3056 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3057 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3058 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3059 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3060 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3061 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3062 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3063 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3064 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3065 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3066 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3067 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3068 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3069 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3070 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3071 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3072 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3073 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3074 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3075 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3076 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3077 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3078 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3079 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3080 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3081 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3082 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3083 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3084 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3085 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3086 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3087 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3088 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3089 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3090 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3091 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3092 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3093 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3094 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3095 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3096 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3097 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3098 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3099 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3100 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3101 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3102 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3103 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3104 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3105 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3106 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3107 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3108 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3109 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3110 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3111 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3112 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3113 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3114 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3115 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3116 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3117 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3118 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3119 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3120 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3121 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3122 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3123 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3124 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3125 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3126 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3127 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3128 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3129 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3130 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3131 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3132 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3133 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3134 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3135 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3136 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3137 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3138 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3139 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3140 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3141 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3142 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3143 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3144 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3145 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3146 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3147 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3148 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3149 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3150 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3151 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3152 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3153 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3154 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3155 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3156 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3157 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3158 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3159 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3160 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3161 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3162 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3163 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3164 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3165 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3166 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3167 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3168 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3169 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3170 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3171 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3172 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3173 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3174 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3175 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3176 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3177 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3178 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3179 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3180 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3181 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3182 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3183 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3184 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3185 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3186 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3187 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3188 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3189 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3190 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3191 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3192 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3193 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3194 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3195 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3196 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3197 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3198 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3199 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3200 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3201 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3202 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3203 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3204 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3205 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3206 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3207 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3208 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3209 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3210 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3211 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3212 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3213 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3214 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3215 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3216 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3217 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3218 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3219 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3220 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3221 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3222 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3223 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3224 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3225 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3226 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3227
3228 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3229 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3230 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3231 nist_186_2_ecdsa_testvector_1),
3232 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3233 nist_186_2_ecdsa_testvector_1),
3234 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3235 nist_186_2_ecdsa_testvector_2),
3236 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3237 nist_186_2_ecdsa_testvector_2),
3238 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3239 nist_186_2_ecdsa_testvector_3),
3240 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3241 nist_186_2_ecdsa_testvector_3),
3242 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3243 nist_186_2_ecdsa_testvector_4),
3244 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3245 nist_186_2_ecdsa_testvector_4),
3246 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3247 nist_186_2_ecdsa_testvector_5),
3248 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3249 nist_186_2_ecdsa_testvector_5),
3250 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3251 nist_186_2_ecdsa_testvector_6),
3252 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3253 nist_186_2_ecdsa_testvector_6),
3254 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3255 nist_186_2_ecdsa_testvector_7),
3256 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3257 nist_186_2_ecdsa_testvector_7),
3258 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3259 nist_186_2_ecdsa_testvector_8),
3260 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3261 nist_186_2_ecdsa_testvector_8),
3262 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3263 nist_186_2_ecdsa_testvector_9),
3264 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3265 nist_186_2_ecdsa_testvector_9),
3266 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3267 nist_186_2_ecdsa_testvector_10),
3268 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3269 nist_186_2_ecdsa_testvector_10),
3270 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3271 nist_186_2_ecdsa_testvector_11),
3272 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3273 nist_186_2_ecdsa_testvector_11),
3274 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3275 nist_186_2_ecdsa_testvector_12),
3276 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3277 nist_186_2_ecdsa_testvector_12),
3278 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3279 nist_186_2_ecdsa_testvector_13),
3280 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3281 nist_186_2_ecdsa_testvector_13),
3282 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3283 nist_186_2_ecdsa_testvector_14),
3284 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3285 nist_186_2_ecdsa_testvector_14),
3286 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3287 nist_186_2_ecdsa_testvector_15),
3288 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3289 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3290 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3291 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3292 nist_186_2_ecdsa_testvector_16),
3293 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3294 nist_186_2_ecdsa_testvector_16),
3295 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3296 nist_186_2_ecdsa_testvector_17),
3297 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3298 nist_186_2_ecdsa_testvector_17),
3299 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3300 nist_186_2_ecdsa_testvector_18),
3301 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3302 nist_186_2_ecdsa_testvector_18),
3303 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3304 nist_186_2_ecdsa_testvector_19),
3305 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3306 nist_186_2_ecdsa_testvector_19),
3307 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3308 nist_186_2_ecdsa_testvector_20),
3309 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3310 nist_186_2_ecdsa_testvector_20),
3311 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3312 nist_186_2_ecdsa_testvector_21),
3313 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3314 nist_186_2_ecdsa_testvector_21),
3315 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3316 nist_186_2_ecdsa_testvector_22),
3317 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3318 nist_186_2_ecdsa_testvector_22),
3319 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3320 nist_186_2_ecdsa_testvector_23),
3321 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3322 nist_186_2_ecdsa_testvector_23),
3323 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3324 nist_186_2_ecdsa_testvector_24),
3325 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3326 nist_186_2_ecdsa_testvector_24),
3327 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3328 nist_186_2_ecdsa_testvector_25),
3329 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3330 nist_186_2_ecdsa_testvector_25),
3331 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3332 nist_186_2_ecdsa_testvector_26),
3333 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3334 nist_186_2_ecdsa_testvector_26),
3335 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3336 nist_186_2_ecdsa_testvector_27),
3337 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3338 nist_186_2_ecdsa_testvector_27),
3339 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3340 nist_186_2_ecdsa_testvector_28),
3341 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3342 nist_186_2_ecdsa_testvector_28),
3343 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3344 nist_186_2_ecdsa_testvector_29),
3345 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3346 nist_186_2_ecdsa_testvector_29),
3347 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3348 nist_186_2_ecdsa_testvector_30),
3349 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3350 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3351 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3352 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3353 nist_186_2_ecdsa_testvector_31),
3354 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3355 nist_186_2_ecdsa_testvector_31),
3356 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3357 nist_186_2_ecdsa_testvector_32),
3358 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3359 nist_186_2_ecdsa_testvector_32),
3360 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3361 nist_186_2_ecdsa_testvector_33),
3362 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3363 nist_186_2_ecdsa_testvector_33),
3364 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3365 nist_186_2_ecdsa_testvector_34),
3366 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3367 nist_186_2_ecdsa_testvector_34),
3368 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3369 nist_186_2_ecdsa_testvector_35),
3370 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3371 nist_186_2_ecdsa_testvector_35),
3372 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3373 nist_186_2_ecdsa_testvector_36),
3374 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3375 nist_186_2_ecdsa_testvector_36),
3376 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3377 nist_186_2_ecdsa_testvector_37),
3378 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3379 nist_186_2_ecdsa_testvector_37),
3380 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3381 nist_186_2_ecdsa_testvector_38),
3382 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3383 nist_186_2_ecdsa_testvector_38),
3384 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3385 nist_186_2_ecdsa_testvector_39),
3386 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3387 nist_186_2_ecdsa_testvector_39),
3388 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3389 nist_186_2_ecdsa_testvector_40),
3390 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3391 nist_186_2_ecdsa_testvector_40),
3392 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3393 nist_186_2_ecdsa_testvector_41),
3394 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3395 nist_186_2_ecdsa_testvector_41),
3396 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3397 nist_186_2_ecdsa_testvector_42),
3398 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3399 nist_186_2_ecdsa_testvector_42),
3400 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3401 nist_186_2_ecdsa_testvector_43),
3402 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3403 nist_186_2_ecdsa_testvector_43),
3404 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3405 nist_186_2_ecdsa_testvector_44),
3406 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3407 nist_186_2_ecdsa_testvector_44),
3408 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3409 nist_186_2_ecdsa_testvector_45),
3410 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3411 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3412 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3413 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3414 nist_186_2_ecdsa_testvector_46),
3415 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3416 nist_186_2_ecdsa_testvector_46),
3417 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3418 nist_186_2_ecdsa_testvector_47),
3419 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3420 nist_186_2_ecdsa_testvector_47),
3421 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3422 nist_186_2_ecdsa_testvector_48),
3423 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3424 nist_186_2_ecdsa_testvector_48),
3425 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3426 nist_186_2_ecdsa_testvector_49),
3427 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3428 nist_186_2_ecdsa_testvector_49),
3429 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3430 nist_186_2_ecdsa_testvector_50),
3431 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3432 nist_186_2_ecdsa_testvector_50),
3433 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3434 nist_186_2_ecdsa_testvector_51),
3435 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3436 nist_186_2_ecdsa_testvector_51),
3437 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3438 nist_186_2_ecdsa_testvector_52),
3439 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3440 nist_186_2_ecdsa_testvector_52),
3441 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3442 nist_186_2_ecdsa_testvector_53),
3443 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3444 nist_186_2_ecdsa_testvector_53),
3445 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3446 nist_186_2_ecdsa_testvector_54),
3447 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3448 nist_186_2_ecdsa_testvector_54),
3449 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3450 nist_186_2_ecdsa_testvector_55),
3451 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3452 nist_186_2_ecdsa_testvector_55),
3453 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3454 nist_186_2_ecdsa_testvector_56),
3455 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3456 nist_186_2_ecdsa_testvector_56),
3457 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3458 nist_186_2_ecdsa_testvector_57),
3459 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3460 nist_186_2_ecdsa_testvector_57),
3461 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3462 nist_186_2_ecdsa_testvector_58),
3463 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3464 nist_186_2_ecdsa_testvector_58),
3465 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3466 nist_186_2_ecdsa_testvector_59),
3467 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3468 nist_186_2_ecdsa_testvector_59),
3469 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3470 nist_186_2_ecdsa_testvector_60),
3471 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3472 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3473 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3474 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3475 nist_186_2_ecdsa_testvector_61),
3476 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3477 nist_186_2_ecdsa_testvector_61),
3478 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3479 nist_186_2_ecdsa_testvector_62),
3480 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3481 nist_186_2_ecdsa_testvector_62),
3482 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3483 nist_186_2_ecdsa_testvector_63),
3484 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3485 nist_186_2_ecdsa_testvector_63),
3486 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3487 nist_186_2_ecdsa_testvector_64),
3488 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3489 nist_186_2_ecdsa_testvector_64),
3490 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3491 nist_186_2_ecdsa_testvector_65),
3492 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3493 nist_186_2_ecdsa_testvector_65),
3494 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3495 nist_186_2_ecdsa_testvector_66),
3496 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3497 nist_186_2_ecdsa_testvector_66),
3498 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3499 nist_186_2_ecdsa_testvector_67),
3500 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3501 nist_186_2_ecdsa_testvector_67),
3502 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3503 nist_186_2_ecdsa_testvector_68),
3504 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3505 nist_186_2_ecdsa_testvector_68),
3506 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3507 nist_186_2_ecdsa_testvector_69),
3508 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3509 nist_186_2_ecdsa_testvector_69),
3510 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3511 nist_186_2_ecdsa_testvector_70),
3512 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3513 nist_186_2_ecdsa_testvector_70),
3514 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3515 nist_186_2_ecdsa_testvector_71),
3516 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3517 nist_186_2_ecdsa_testvector_71),
3518 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3519 nist_186_2_ecdsa_testvector_72),
3520 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3521 nist_186_2_ecdsa_testvector_72),
3522 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3523 nist_186_2_ecdsa_testvector_73),
3524 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3525 nist_186_2_ecdsa_testvector_73),
3526 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3527 nist_186_2_ecdsa_testvector_74),
3528 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3529 nist_186_2_ecdsa_testvector_74),
3530 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3531 nist_186_2_ecdsa_testvector_75),
3532 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3533 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3534 /* [K-163] - GP NOT SUPPORTED */
3535 /* [K-233] - GP NOT SUPPORTED */
3536 /* [K-283] - GP NOT SUPPORTED */
3537 /* [K-409] - GP NOT SUPPORTED */
3538 /* [K-571] - GP NOT SUPPORTED */
3539 /* [B-163] - GP NOT SUPPORTED */
3540 /* [B-233] - GP NOT SUPPORTED */
3541 /* [B-283] - GP NOT SUPPORTED */
3542 /* [B-409] - GP NOT SUPPORTED */
3543 /* [B-571] - GP NOT SUPPORTED */
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3544
3545 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3546 gmt_0003_part5_c2_sm2_testvector),
3547 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_DECRYPT,
3548 gmt_0003_part5_c2_sm2_testvector),
3549 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3550 sm2_testvector2),
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3551
3552 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_VERIFY,
3553 gmt_003_part5_a2),
3554 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_SIGN,
3555 gmt_003_part5_a2),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3556};
3557
3558static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3559 uint32_t max_key_size, uint32_t key_type,
3560 TEE_Attribute *attrs, size_t num_attrs,
3561 TEE_ObjectHandle *handle)
3562{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3563 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3564
3565 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3566 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3567 max_key_size, handle)))
3568 return false;
3569
3570 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3571 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3572 num_attrs)))
3573 return false;
3574
3575 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3576 uint8_t out[512] = { };
3577 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3578
3579 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3580 continue;
3581
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3582 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3583 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3584 attrs[n].attributeID, out, &out_size)))
3585 return false;
3586
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3587 if (out_size < attrs[n].content.ref.length) {
3588 memmove(out + (attrs[n].content.ref.length - out_size),
3589 out,
3590 attrs[n].content.ref.length);
3591 memset(out, 0, attrs[n].content.ref.length - out_size);
3592 out_size = attrs[n].content.ref.length;
3593 }
3594
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3595 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3596 attrs[n].content.ref.length, out, out_size))
3597 return false;
3598 }
3599
3600 return true;
3601}
3602
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame^]3603#define XTEST_NO_CURVE 0xFFFFFFFF /* implementation-defined as per GP spec */
3604
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3605static void xtest_tee_test_4006(ADBG_Case_t *c)
3606{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3607 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3608 TEE_OperationHandle op = TEE_HANDLE_NULL;
3609 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3610 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3611 TEE_Attribute key_attrs[8] = { };
3612 TEE_Attribute algo_params[1] = { };
3613 size_t num_algo_params = 0;
3614 uint8_t out[512] = { };
3615 size_t out_size = 0;
3616 uint8_t out_enc[512] = { };
3617 size_t out_enc_size = 0;
3618 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3619 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3620 size_t max_key_size = 0;
3621 size_t num_key_attrs = 0;
3622 uint32_t ret_orig = 0;
3623 size_t n = 0;
3624 uint32_t curve = 0;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3625 uint32_t pub_key_type = 0;
3626 uint32_t priv_key_type = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3627 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3628
3629 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3630 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3631 &ret_orig)))
3632 return;
3633
3634 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3635 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3636
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3637 if (tv->level > level)
3638 continue;
3639
Jerome Forissier4b03e282020-01-22 16:33:12 +0100[diff] [blame]3640 if ((tv->algo == TEE_ALG_SM2_PKE ||
3641 tv->algo == TEE_ALG_SM2_DSA_SM3) &&
3642 !ta_crypt_cmd_is_algo_supported(c, &session, tv->algo,
3643 TEE_ECC_CURVE_SM2)) {
3644 Do_ADBG_Log("SM2 not supported: skip subcase");
3645 continue;
3646 }
3647
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3648 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3649 (int)n, (unsigned int)tv->algo,
3650 (int)tv->line);
3651
3652 /*
3653 * When signing or verifying we're working with the hash of
3654 * the payload.
3655 */
3656 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3657 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3658 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3659#if defined(CFG_CRYPTO_RSASSA_NA1)
3660 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3661 hash_algo = TEE_ALG_SHA256;
3662#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3663 else
3664 hash_algo = TEE_ALG_HASH_ALGO(
3665 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3666
3667 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3668 ta_crypt_cmd_allocate_operation(c, &session,
3669 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3670 goto out;
3671
3672 ptx_hash_size = sizeof(ptx_hash);
3673 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3674 ta_crypt_cmd_digest_do_final(c, & session, op,
3675 tv->ptx, tv->ptx_len, ptx_hash,
3676 &ptx_hash_size)))
3677 goto out;
3678
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3679 /*
3680 * When we use DSA algorithms, the size of the hash we
3681 * consider equals the min between the size of the
3682 * "subprime" in the key and the size of the hash
3683 */
3684 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3685 TEE_MAIN_ALGO_DSA) {
3686 if (tv->params.dsa.sub_prime_len <=
3687 ptx_hash_size)
3688 ptx_hash_size =
3689 tv->params.dsa.sub_prime_len;
3690 }
3691
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3692 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3693 ta_crypt_cmd_free_operation(c, &session, op)))
3694 goto out;
3695 }
3696
3697 num_algo_params = 0;
3698 num_key_attrs = 0;
3699 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3700 case TEE_MAIN_ALGO_RSA:
3701 if (tv->params.rsa.salt_len > 0) {
3702 algo_params[0].attributeID =
3703 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3704 algo_params[0].content.value.a =
3705 tv->params.rsa.salt_len;
3706 algo_params[0].content.value.b = 0;
3707 num_algo_params = 1;
3708 }
3709
3710 max_key_size = tv->params.rsa.modulus_len * 8;
3711
3712 xtest_add_attr(&num_key_attrs, key_attrs,
3713 TEE_ATTR_RSA_MODULUS,
3714 tv->params.rsa.modulus,
3715 tv->params.rsa.modulus_len);
3716 xtest_add_attr(&num_key_attrs, key_attrs,
3717 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3718 tv->params.rsa.pub_exp,
3719 tv->params.rsa.pub_exp_len);
3720
3721 if (!ADBG_EXPECT_TRUE(c,
3722 create_key(c, &session,
3723 max_key_size,
3724 TEE_TYPE_RSA_PUBLIC_KEY,
3725 key_attrs,
3726 num_key_attrs,
3727 &pub_key_handle)))
3728 goto out;
3729
3730 xtest_add_attr(&num_key_attrs, key_attrs,
3731 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3732 tv->params.rsa.priv_exp,
3733 tv->params.rsa.priv_exp_len);
3734
3735 if (tv->params.rsa.prime1_len != 0) {
3736 xtest_add_attr(&num_key_attrs, key_attrs,
3737 TEE_ATTR_RSA_PRIME1,
3738 tv->params.rsa.prime1,
3739 tv->params.rsa.prime1_len);
3740 }
3741
3742 if (tv->params.rsa.prime2_len != 0) {
3743 xtest_add_attr(&num_key_attrs, key_attrs,
3744 TEE_ATTR_RSA_PRIME2,
3745 tv->params.rsa.prime2,
3746 tv->params.rsa.prime2_len);
3747 }
3748
3749 if (tv->params.rsa.exp1_len != 0) {
3750 xtest_add_attr(&num_key_attrs, key_attrs,
3751 TEE_ATTR_RSA_EXPONENT1,
3752 tv->params.rsa.exp1,
3753 tv->params.rsa.exp1_len);
3754 }
3755
3756 if (tv->params.rsa.exp2_len != 0) {
3757 xtest_add_attr(&num_key_attrs, key_attrs,
3758 TEE_ATTR_RSA_EXPONENT2,
3759 tv->params.rsa.exp2,
3760 tv->params.rsa.exp2_len);
3761 }
3762
3763 if (tv->params.rsa.coeff_len != 0) {
3764 xtest_add_attr(&num_key_attrs, key_attrs,
3765 TEE_ATTR_RSA_COEFFICIENT,
3766 tv->params.rsa.coeff,
3767 tv->params.rsa.coeff_len);
3768 }
3769
3770 if (!ADBG_EXPECT_TRUE(c,
3771 create_key(c, &session,
3772 max_key_size,
3773 TEE_TYPE_RSA_KEYPAIR,
3774 key_attrs,
3775 num_key_attrs,
3776 &priv_key_handle)))
3777 goto out;
3778 break;
3779
3780 case TEE_MAIN_ALGO_DSA:
3781 max_key_size = tv->params.dsa.prime_len * 8;
3782
3783 xtest_add_attr(&num_key_attrs, key_attrs,
3784 TEE_ATTR_DSA_PRIME,
3785 tv->params.dsa.prime,
3786 tv->params.dsa.prime_len);
3787 xtest_add_attr(&num_key_attrs, key_attrs,
3788 TEE_ATTR_DSA_SUBPRIME,
3789 tv->params.dsa.sub_prime,
3790 tv->params.dsa.sub_prime_len);
3791 xtest_add_attr(&num_key_attrs, key_attrs,
3792 TEE_ATTR_DSA_BASE,
3793 tv->params.dsa.base,
3794 tv->params.dsa.base_len);
3795 xtest_add_attr(&num_key_attrs, key_attrs,
3796 TEE_ATTR_DSA_PUBLIC_VALUE,
3797 tv->params.dsa.pub_val,
3798 tv->params.dsa.pub_val_len);
3799
3800 if (!ADBG_EXPECT_TRUE(c,
3801 create_key(c, &session, max_key_size,
3802 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3803 num_key_attrs, &pub_key_handle)))
3804 goto out;
3805
3806 xtest_add_attr(&num_key_attrs, key_attrs,
3807 TEE_ATTR_DSA_PRIVATE_VALUE,
3808 tv->params.dsa.priv_val,
3809 tv->params.dsa.priv_val_len);
3810
3811 if (!ADBG_EXPECT_TRUE(c,
3812 create_key(c, &session, max_key_size,
3813 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3814 num_key_attrs, &priv_key_handle)))
3815 goto out;
3816 break;
3817
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3818 case TEE_MAIN_ALGO_ECDSA:
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3819 case TEE_MAIN_ALGO_SM2_PKE:
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3820 case TEE_MAIN_ALGO_SM2_DSA_SM3:
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3821 switch (tv->algo) {
3822 case TEE_ALG_ECDSA_P192:
3823 curve = TEE_ECC_CURVE_NIST_P192;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3824 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3825 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3826 break;
3827 case TEE_ALG_ECDSA_P224:
3828 curve = TEE_ECC_CURVE_NIST_P224;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3829 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3830 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3831 break;
3832 case TEE_ALG_ECDSA_P256:
3833 curve = TEE_ECC_CURVE_NIST_P256;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3834 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3835 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3836 break;
3837 case TEE_ALG_ECDSA_P384:
3838 curve = TEE_ECC_CURVE_NIST_P384;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3839 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3840 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3841 break;
3842 case TEE_ALG_ECDSA_P521:
3843 curve = TEE_ECC_CURVE_NIST_P521;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3844 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3845 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
3846 break;
3847 case TEE_ALG_SM2_PKE:
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame^]3848 curve = XTEST_NO_CURVE;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3849 pub_key_type = TEE_TYPE_SM2_PKE_PUBLIC_KEY;
3850 priv_key_type = TEE_TYPE_SM2_PKE_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3851 break;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3852 case TEE_ALG_SM2_DSA_SM3:
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame^]3853 curve = XTEST_NO_CURVE;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3854 pub_key_type = TEE_TYPE_SM2_DSA_PUBLIC_KEY;
3855 priv_key_type = TEE_TYPE_SM2_DSA_KEYPAIR;
3856 break;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3857 default:
3858 curve = 0xFF;
3859 break;
3860 }
3861
3862 if (tv->algo == TEE_ALG_ECDSA_P521)
3863 max_key_size = 521;
3864 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3865 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3866
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame^]3867 if (curve != XTEST_NO_CURVE)
3868 xtest_add_attr_value(&num_key_attrs, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3869 TEE_ATTR_ECC_CURVE, curve, 0);
3870 xtest_add_attr(&num_key_attrs, key_attrs,
3871 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3872 tv->params.ecc.public_x,
3873 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3874 xtest_add_attr(&num_key_attrs, key_attrs,
3875 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3876 tv->params.ecc.public_y,
3877 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3878
3879 if (!ADBG_EXPECT_TRUE(c,
3880 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3881 pub_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3882 num_key_attrs, &pub_key_handle)))
3883 goto out;
3884
3885 xtest_add_attr(&num_key_attrs, key_attrs,
3886 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3887 tv->params.ecc.private,
3888 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3889
3890 if (!ADBG_EXPECT_TRUE(c,
3891 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3892 priv_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3893 num_key_attrs, &priv_key_handle)))
3894 goto out;
3895 break;
3896
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3897 default:
3898 ADBG_EXPECT_TRUE(c, false);
3899 goto out;
3900 }
3901
3902 out_size = sizeof(out);
3903 memset(out, 0, sizeof(out));
3904 switch (tv->mode) {
3905 case TEE_MODE_ENCRYPT:
3906 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3907 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3908 &op, tv->algo, TEE_MODE_ENCRYPT,
3909 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3910 goto out;
3911
3912 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3913 ta_crypt_cmd_set_operation_key(c, &session, op,
3914 pub_key_handle)))
3915 goto out;
3916
3917 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3918 ta_crypt_cmd_free_transient_object(c, &session,
3919 pub_key_handle)))
3920 goto out;
3921 pub_key_handle = TEE_HANDLE_NULL;
3922
3923 out_enc_size = sizeof(out_enc);
3924 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3925 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3926 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3927 &out_enc_size)))
3928 goto out;
3929
3930 /*
3931 * A PS which is random is added when formatting the
3932 * message internally of the algorithm so we can't
3933 * verify against precomputed values, instead we use the
3934 * decrypt operation to see that output is correct.
3935 */
3936
3937 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3938 ta_crypt_cmd_free_operation(c, &session, op)))
3939 goto out;
3940
3941 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3942 ta_crypt_cmd_allocate_operation(c, &session,
3943 &op, tv->algo, TEE_MODE_DECRYPT,
3944 max_key_size)))
3945 goto out;
3946
3947 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3948 ta_crypt_cmd_set_operation_key(c, &session, op,
3949 priv_key_handle)))
3950 goto out;
3951
3952 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3953 ta_crypt_cmd_free_transient_object(c, &session,
3954 priv_key_handle)))
3955 goto out;
3956
3957 priv_key_handle = TEE_HANDLE_NULL;
3958
3959 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3960 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3961 NULL, 0, out_enc, out_enc_size, out,
3962 &out_size)))
3963 goto out;
3964
3965 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3966 out_size);
3967 break;
3968
3969 case TEE_MODE_DECRYPT:
3970 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3971 ta_crypt_cmd_allocate_operation(c, &session,
3972 &op, tv->algo, TEE_MODE_DECRYPT,
3973 max_key_size)))
3974 goto out;
3975
3976 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3977 ta_crypt_cmd_set_operation_key(c, &session, op,
3978 priv_key_handle)))
3979 goto out;
3980
3981 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3982 ta_crypt_cmd_free_transient_object(c, &session,
3983 priv_key_handle)))
3984 goto out;
3985
3986 priv_key_handle = TEE_HANDLE_NULL;
3987
3988 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3989 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3990 NULL, 0, tv->ctx, tv->ctx_len, out,
3991 &out_size)))
3992 goto out;
3993
3994 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3995 out_size);
3996 break;
3997
3998 case TEE_MODE_VERIFY:
3999 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4000 ta_crypt_cmd_allocate_operation(c, &session,
4001 &op, tv->algo, TEE_MODE_VERIFY,
4002 max_key_size)))
4003 goto out;
4004
4005 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4006 ta_crypt_cmd_set_operation_key(c, &session, op,
4007 pub_key_handle)))
4008 goto out;
4009
4010 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4011 ta_crypt_cmd_free_transient_object(c, &session,
4012 pub_key_handle)))
4013 goto out;
4014
4015 pub_key_handle = TEE_HANDLE_NULL;
4016
4017 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4018 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4019 algo_params, num_algo_params, ptx_hash,
4020 ptx_hash_size, tv->ctx, tv->ctx_len)))
4021 goto out;
4022 break;
4023
4024 case TEE_MODE_SIGN:
4025 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4026 ta_crypt_cmd_allocate_operation(c, &session,
4027 &op, tv->algo, TEE_MODE_SIGN,
4028 max_key_size)))
4029 goto out;
4030
4031 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4032 ta_crypt_cmd_set_operation_key(c, &session, op,
4033 priv_key_handle)))
4034 goto out;
4035
4036 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4037 ta_crypt_cmd_free_transient_object(c, &session,
4038 priv_key_handle)))
4039 goto out;
4040
4041 priv_key_handle = TEE_HANDLE_NULL;
4042
4043 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4044 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4045 algo_params, num_algo_params, ptx_hash,
4046 ptx_hash_size, out, &out_size)))
4047 goto out;
4048
4049 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4050 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4051 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4052 tv->algo == TEE_ALG_DSA_SHA224 ||
4053 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4054 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4055 TEE_MAIN_ALGO_ECDSA ||
4056 tv->algo == TEE_ALG_SM2_DSA_SM3) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4057 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4058 ta_crypt_cmd_free_operation(c, &session,
4059 op)))
4060 goto out;
4061 /*
4062 * The salt or K is random so we can't verify
4063 * signing against precomputed values, instead
4064 * we use the verify operation to see that
4065 * output is correct.
4066 */
4067 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4068 ta_crypt_cmd_allocate_operation(c,
4069 &session, &op, tv->algo,
4070 TEE_MODE_VERIFY, max_key_size)))
4071 goto out;
4072
4073 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4074 ta_crypt_cmd_set_operation_key(c,
4075 &session, op, pub_key_handle)))
4076 goto out;
4077
4078 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4079 ta_crypt_cmd_free_transient_object(c,
4080 &session, pub_key_handle)))
4081 goto out;
4082
4083 pub_key_handle = TEE_HANDLE_NULL;
4084
4085 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4086 ta_crypt_cmd_asymmetric_verify(c,
4087 &session, op, algo_params,
4088 num_algo_params, ptx_hash,
4089 ptx_hash_size, out, out_size)))
4090 goto out;
4091 } else {
4092 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4093 tv->ctx_len, out,
4094 out_size);
4095 }
4096 break;
4097
4098 default:
4099 break;
4100 }
4101
4102 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4103 ta_crypt_cmd_free_operation(c, &session, op)))
4104 goto out;
4105
4106 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4107 ta_crypt_cmd_free_transient_object(c, &session,
4108 pub_key_handle)))
4109 goto out;
4110 pub_key_handle = TEE_HANDLE_NULL;
4111
4112 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4113 ta_crypt_cmd_free_transient_object(c, &session,
4114 priv_key_handle)))
4115 goto out;
4116
4117 priv_key_handle = TEE_HANDLE_NULL;
4118
4119 Do_ADBG_EndSubCase(c, NULL);
4120 }
4121out:
4122 TEEC_CloseSession(&session);
4123}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4124ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4125 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4126
4127#define KEY_ATTR(x, y) { #x, (x), y }
4128
4129struct key_attrs {
4130 const char *name;
4131 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4132 /*
4133 * When keysize_check != 0: size of attribute is checked
4134 * Expected value is key_size bits except for DH in which case it is
4135 * the value of keysize_check.
4136 */
4137 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4138};
4139
4140static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4141 TEE_ObjectHandle key, uint32_t key_size,
4142 struct key_attrs *attrs, size_t num_attrs)
4143{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4144 uint8_t out[2048] = { };
4145 size_t out_size = 0;
4146 size_t n = 0;
4147 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4148
4149 for (m = 0; m < num_attrs; m++) {
4150 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4151 out_size = sizeof(out);
4152 memset(out, 0, sizeof(out));
4153 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4154 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4155 key, attrs[m].attr, out, &out_size)))
4156 return false;
4157
4158 if (attrs[m].keysize_check)
Jerome Forissierfe94e562020-11-17 17:22:40 +0100[diff] [blame]4159 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, <=,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4160 key_size / 8);
4161
4162 if (out_size > 0) {
4163 /* Check that buffer isn't all zeroes */
4164 for (n = 0; n < out_size; n++)
4165 if (out[n] != 0)
4166 break;
4167 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4168 out_size))
4169 return false;
4170 }
4171 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4172 uint32_t a = 0;
4173 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4174
4175 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4176 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4177 attrs[m].attr, &a, &b)))
4178 return false;
4179 }
4180 }
4181 return true;
4182}
4183
4184static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4185 TEE_ObjectHandle key, uint32_t key_size)
4186{
4187 const struct key_attrs attrs[] = {
4188 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4189 };
4190
4191 return test_keygen_attributes(c, s, key, key_size,
4192 (struct key_attrs *)&attrs,
4193 ARRAY_SIZE(attrs));
4194}
4195
4196
4197static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4198 TEE_ObjectHandle key, uint32_t key_size)
4199{
4200 const struct key_attrs attrs[] = {
4201 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4202 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4203 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4204 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4205 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4206 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4207 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4208 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4209 };
4210
4211 return test_keygen_attributes(c, s, key, key_size,
4212 (struct key_attrs *)&attrs,
4213 ARRAY_SIZE(attrs));
4214}
4215
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4216static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4217 TEE_ObjectHandle key, uint32_t key_size)
4218{
4219 const struct key_attrs attrs[] = {
4220 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4221 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4222 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4223 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4224 };
4225
4226 return test_keygen_attributes(c, s, key, key_size,
4227 (struct key_attrs *)&attrs,
4228 ARRAY_SIZE(attrs));
4229}
4230
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4231static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4232 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4233{
4234 const struct key_attrs attrs[] = {
4235 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4236 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4237 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4238 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4239 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4240 };
4241
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4242 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4243 (struct key_attrs *)&attrs,
4244 ARRAY_SIZE(attrs));
4245}
4246
4247static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4248 TEE_ObjectHandle key, uint32_t key_size)
4249{
4250 const struct key_attrs attrs[] = {
4251 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4252 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4253 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4254 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4255 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4256 };
4257
4258 return test_keygen_attributes(c, s, key, key_size,
4259 (struct key_attrs *)&attrs,
4260 ARRAY_SIZE(attrs));
4261}
4262
4263static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4264 uint32_t key_type, uint32_t check_keysize,
4265 uint32_t key_size,
4266 TEE_Attribute *params, size_t param_count)
4267{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4268 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4269 bool ret_val = true;
4270
4271 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4272 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4273 &key)))
4274 return false;
4275
4276 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4277 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4278 param_count)))
4279 return false;
4280
4281 switch (key_type) {
4282 case TEE_TYPE_DES:
4283 case TEE_TYPE_DES3:
4284 ret_val = ADBG_EXPECT_TRUE(c,
4285 test_secret_value(c, s, key,
4286 key_size + key_size / 7));
4287 break;
4288 case TEE_TYPE_AES:
4289 case TEE_TYPE_HMAC_MD5:
4290 case TEE_TYPE_HMAC_SHA1:
4291 case TEE_TYPE_HMAC_SHA224:
4292 case TEE_TYPE_HMAC_SHA256:
4293 case TEE_TYPE_HMAC_SHA384:
4294 case TEE_TYPE_HMAC_SHA512:
4295 case TEE_TYPE_GENERIC_SECRET:
4296 ret_val = ADBG_EXPECT_TRUE(c,
4297 test_secret_value(c, s, key, key_size));
4298 break;
4299
4300 case TEE_TYPE_RSA_KEYPAIR:
4301 ret_val = ADBG_EXPECT_TRUE(c,
4302 test_rsa_key_pair(c, s, key, key_size));
4303 break;
4304
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4305 case TEE_TYPE_ECDSA_KEYPAIR:
4306 case TEE_TYPE_ECDH_KEYPAIR:
4307 ret_val = ADBG_EXPECT_TRUE(c,
4308 test_ecc_key_pair(c, s, key, key_size));
4309 break;
4310
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4311 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4312 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4313 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4314 break;
4315
4316 case TEE_TYPE_DSA_KEYPAIR:
4317 ret_val = ADBG_EXPECT_TRUE(c,
4318 test_dsa_key_pair(c, s, key, key_size));
4319 break;
4320
4321 default:
4322 ret_val = false;
4323 break;
4324 }
4325
4326 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4327 ta_crypt_cmd_free_transient_object(c, s, key)))
4328 return false;
4329
4330 return ret_val;
4331}
4332
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4333struct key_types_noparam {
4334 unsigned level;
4335 const char *name;
4336 uint32_t key_type;
4337 uint32_t quanta;
4338 uint32_t min_size;
4339 uint32_t max_size;
4340};
4341
4342static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4343 const struct key_types_noparam *key_types,
4344 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4345{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4346 size_t n = 0;
4347 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4348
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4349 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4350 uint32_t min_size = key_types[n].min_size;
4351 uint32_t max_size = key_types[n].max_size;
4352 uint32_t quanta = key_types[n].quanta;
4353
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4354 if (key_types[n].level > level)
4355 continue;
4356
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4357 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4358
4359 for (key_size = min_size; key_size <= max_size;
4360 key_size += quanta) {
4361 if (!ADBG_EXPECT_TRUE(c,
4362 generate_and_test_key(c, session, key_types
4363 [n].key_type, 1, key_size, NULL, 0)))
4364 break;
4365 }
4366
4367 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4368 }
4369}
4370
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4371static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4372{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4373 TEEC_Session session = { };
4374 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4375 static const struct key_types_noparam key_types[] = {
4376 { 0, "AES", TEE_TYPE_AES, 64, 128,
4377 256 /* valid sizes 128, 192, 256 */ },
4378 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4379 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4380 168 /* valid sizes 112, 168 */ },
4381 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4382 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4383 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4384 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4385 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4386 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4387 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4388 };
4389
4390 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4391 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4392 &ret_orig)))
4393 return;
4394
4395 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4396
4397 TEEC_CloseSession(&session);
4398}
4399ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4400 "Test TEE Internal API Generate Symmetric key");
4401
4402static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4403{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4404 TEEC_Session session = { };
4405 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4406 static const struct key_types_noparam key_types[] = {
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4407#ifndef CFG_CRYPTO_SE05X
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4408 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4409 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4410#endif
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4411 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4412#ifndef CFG_CRYPTO_SE05X
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4413 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4414 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4415 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4416#endif
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4417 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4418 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4419 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4420 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4421 };
4422
4423 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4424 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4425 &ret_orig)))
4426 return;
4427
4428 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4429
4430 TEEC_CloseSession(&session);
4431}
4432ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4433 "Test TEE Internal API Generate RSA key");
4434
4435static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4436{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4437 TEEC_Session session = { };
4438 uint32_t ret_orig = 0;
4439 size_t n = 0;
4440 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4441 /*
4442 * Note that the key size parameter is not used when creating the keys
4443 * but specifying these sizes make it possible to test the expected size
4444 * of the private value. This also means that the keysize must match the
4445 * size of p or what is specified in private_bits or the equvivalent
4446 * size of the subprime parameter.
4447 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4448 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4449
4450#define XTEST_DH_GK_DATA(vect) \
4451 ARRAY(vect ## _p), \
4452 ARRAY(vect ## _g), \
4453 &vect ## _private_bits, \
4454 0, 0
4455#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4456 ARRAY(vect ## _p), \
4457 ARRAY(vect ## _g), \
4458 &vect ## _private_bits, \
4459 ARRAY(vect ## _subprime)
4460 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4461 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4462 uint32_t key_size;
4463 const uint8_t *p;
4464 size_t p_len;
4465 const uint8_t *g;
4466 size_t g_len;
4467 const uint32_t *private_bits;
4468 const uint8_t *subprime;
4469 size_t subprime_len;
4470 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4471 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4472 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4473 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4474 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4475 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4476 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4477 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4478 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4479 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4480 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4481 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4482 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4483 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4484 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4485 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4486 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4487 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4488 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4489 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4490 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4491 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4492 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4493 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4494 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4495 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4496 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4497 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4498 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4499 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4500 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4501 };
4502
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4503 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4504 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4505 &ret_orig)))
4506 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4507
4508 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4509 if (key_types[n].level > level)
4510 continue;
4511
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4512 Do_ADBG_BeginSubCase(c,
4513 "Generate DH key %d bits - Private bits = %d",
4514 key_types[n].key_size,
4515 *key_types[n].private_bits);
4516 param_count = 0;
4517
4518 xtest_add_attr(&param_count, params,
4519 TEE_ATTR_DH_PRIME,
4520 key_types[n].p, key_types[n].p_len);
4521
4522 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4523 key_types[n].g, key_types[n].g_len);
4524
4525 if (key_types[n].private_bits != 0) {
4526 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4527
4528 params[param_count].content.value.a =
4529 *key_types[n].private_bits;
4530
4531 params[param_count].content.value.b = 0;
4532 param_count++;
4533 }
4534
4535 if (key_types[n].subprime != 0) {
4536 xtest_add_attr(&param_count, params,
4537 TEE_ATTR_DH_SUBPRIME,
4538 key_types[n].subprime,
4539 key_types[n].subprime_len);
4540 }
4541
4542 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4543 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4544 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4545 key_types[n]. key_size, params, param_count)))
4546 break;
4547
4548 Do_ADBG_EndSubCase(c,
4549 "Generate DH key %d bits - Private bits = %d",
4550 key_types[n].key_size,
4551 *key_types[n].private_bits);
4552 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4553
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4554 TEEC_CloseSession(&session);
4555}
4556ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4557 "Test TEE Internal API Generate DH key");
4558
4559static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4560{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4561 TEEC_Session session = { };
4562 uint32_t ret_orig = 0;
4563 size_t n = 0;
4564 size_t param_count = 0;
4565 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4566
4567#define XTEST_DSA_GK_DATA(vect) \
4568 ARRAY(vect ## _p), \
4569 ARRAY(vect ## _g), \
4570 ARRAY(vect ## _q)
4571 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4572 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4573 uint32_t key_size;
4574 const uint8_t *prime;
4575 size_t prime_len;
4576 const uint8_t *base;
4577 size_t base_len;
4578 const uint8_t *sub_prime;
4579 size_t sub_prime_len;
4580 } key_types[] = {
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4581 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4582 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4583 { 0, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4584 { 0, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4585 { 0, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4586 { 0, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4587 { 0, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4588 { 0, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4589 { 0, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4590 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4591 };
4592
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4593 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4594 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4595 &ret_orig)))
4596 return;
4597
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4598 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4599 if (key_types[n].level > level)
4600 continue;
4601
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4602 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4603 key_types[n].key_size);
4604 param_count = 0;
4605
4606
4607 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4608 key_types[n].prime, key_types[n].prime_len);
4609
4610 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4611 key_types[n].sub_prime,
4612 key_types[n].sub_prime_len);
4613
4614 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4615 key_types[n].base, key_types[n].base_len);
4616
4617 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4618 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4619 1, key_types[n]. key_size, params,
4620 param_count)))
4621 break;
4622
4623 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4624 key_types[n].key_size);
4625 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4626
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4627 TEEC_CloseSession(&session);
4628}
4629ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4630 "Test TEE Internal API Generate DSA key");
4631
4632static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4633{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4634 TEEC_Session session = { };
4635 uint32_t ret_orig = 0;
4636 size_t n = 0;
4637 size_t param_count = 0;
4638 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4639
4640 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4641 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4642 const char *name;
4643 uint32_t algo;
4644 uint32_t curve;
4645 uint32_t key_size;
4646 } key_types[] = {
4647 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4648 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4649 192 },
4650 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4651 224 },
4652 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4653 256 },
4654 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4655 384 },
4656 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4657 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4658
4659 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4660 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4661 192 },
4662 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4663 224 },
4664 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4665 256 },
4666 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4667 384 },
4668 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4669 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4670 };
4671
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4672 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4673 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4674 &ret_orig)))
4675 return;
4676
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4677 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4678 if (key_types[n].level > level)
4679 continue;
4680
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4681 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4682 param_count = 0;
4683
4684 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4685 key_types[n].curve, 0);
4686
4687 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4688 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4689 0, key_types[n].key_size, params,
4690 param_count)))
4691 break;
4692
4693 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4694 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4695
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4696 TEEC_CloseSession(&session);
4697}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4698ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
4699 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4700
4701static void xtest_tee_test_4008(ADBG_Case_t *c)
4702{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4703 TEEC_Session session = { };
4704 uint32_t ret_orig = 0;
4705 TEE_OperationHandle op = TEE_HANDLE_NULL;
4706 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4707 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4708 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4709 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4710 uint8_t out[2048] = { };
4711 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4712
4713 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4714 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4715 &ret_orig)))
4716 return;
4717
4718 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4719
4720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4721 ta_crypt_cmd_allocate_operation(c, &session, &op,
4722 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4723 derive_key_max_keysize)))
4724 goto out;
4725
4726 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4727 ta_crypt_cmd_allocate_transient_object(c, & session,
4728 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4729 &key_handle)))
4730 goto out;
4731
4732 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4733 ARRAY(derive_key_dh_prime));
4734
4735 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4736 ARRAY(derive_key_dh_base));
4737
4738 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4739 ARRAY(derive_key_dh_public_value));
4740
4741 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4742 ARRAY(derive_key_dh_private_value));
4743
4744 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4745 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4746 params, param_count)))
4747 goto out;
4748
4749 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4750 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4751 goto out;
4752
4753 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4754 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4755 goto out;
4756
4757 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4758 ta_crypt_cmd_allocate_transient_object(c, &session,
4759 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4760 &sv_handle)))
4761 goto out;
4762
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4763 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4764 param_count = 0;
4765
4766 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4767 ARRAY(derive_key_dh_public_value_2));
4768
4769 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4770 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4771 param_count)))
4772 goto out;
4773
4774 out_size = sizeof(out);
4775 memset(out, 0, sizeof(out));
4776 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4777 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4778 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4779 goto out;
4780
4781 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4782 sizeof(derive_key_dh_shared_secret), out,
4783 out_size))
4784 goto out;
4785
4786 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4787 ta_crypt_cmd_free_operation(c, &session, op)))
4788 goto out;
4789
4790 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4791 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4792 goto out;
4793out:
4794 Do_ADBG_EndSubCase(c, "Derive DH key success");
4795 TEEC_CloseSession(&session);
4796}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4797ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
4798 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4799
4800static void xtest_tee_test_4009(ADBG_Case_t *c)
4801{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4802 TEEC_Session session = { };
4803 uint32_t ret_orig = 0;
4804 TEE_OperationHandle op = TEE_HANDLE_NULL;
4805 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4806 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4807 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4808 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4809 uint8_t out[2048] = { };
4810 size_t out_size = 0;
4811 uint32_t size_bytes = 0;
4812 uint32_t i = 0;
Ruchika Gupta454b0b62020-10-30 13:23:19 +0530[diff] [blame]4813 struct derive_key_ecdh_t const *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4814
4815 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4816 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4817 &ret_orig)))
4818 return;
4819
4820 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4821 pt = &derive_key_ecdh[i];
4822
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]4823 if (pt->level > level)
4824 continue;
4825
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4826 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4827 pt->algo);
4828 size_bytes = (pt->keysize + 7) / 8;
4829 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4830 ta_crypt_cmd_allocate_operation(c, &session, &op,
4831 pt->algo,
4832 TEE_MODE_DERIVE, pt->keysize)))
4833 goto out;
4834
4835 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4836 ta_crypt_cmd_allocate_transient_object(c, & session,
4837 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4838 &key_handle)))
4839 goto out;
4840
4841 param_count = 0;
4842 xtest_add_attr_value(&param_count, params,
4843 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4844 xtest_add_attr(&param_count, params,
4845 TEE_ATTR_ECC_PRIVATE_VALUE,
4846 pt->private, size_bytes);
4847 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4848 * The public value is not used, but we should provide a valid
4849 * one to avoid rejection in case TEE_PopulateTransientObject()
4850 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4851 */
4852 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4853 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4854 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4855 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4856 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4857 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4858
4859 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4860 ta_crypt_cmd_populate_transient_object(c,
4861 &session,
4862 key_handle, params, param_count)))
4863 goto out;
4864
4865 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4866 ta_crypt_cmd_set_operation_key(c, &session, op,
4867 key_handle)))
4868 goto out;
4869
4870 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4871 ta_crypt_cmd_free_transient_object(c, & session,
4872 key_handle)))
4873 goto out;
4874
4875 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4876 ta_crypt_cmd_allocate_transient_object(c, &session,
4877 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4878 &sv_handle)))
4879 goto out;
4880
4881 /* reuse but reset params and param-count */
4882 param_count = 0;
4883
4884 xtest_add_attr(&param_count, params,
4885 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4886 pt->public_x, size_bytes);
4887 xtest_add_attr(&param_count, params,
4888 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4889 pt->public_y, size_bytes);
4890
4891 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4892 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4893 params, param_count)))
4894 goto out;
4895
4896 out_size = sizeof(out);
4897 memset(out, 0, sizeof(out));
4898 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4899 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4900 sv_handle,
4901 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4902 goto out;
4903
4904 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4905 out, out_size))
4906 goto out;
4907
4908 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4909 ta_crypt_cmd_free_operation(c, &session, op)))
4910 goto out;
4911
4912 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4913 ta_crypt_cmd_free_transient_object(c, &session,
4914 sv_handle)))
4915 goto out;
4916
4917 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4918 pt->algo);
4919 }
4920
4921 goto noerror;
4922
4923out:
4924 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4925
4926noerror:
4927 TEEC_CloseSession(&session);
4928}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4929ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
4930 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4931
4932static void xtest_tee_test_4010(ADBG_Case_t *c)
4933{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4934 TEEC_Session session = { };
4935 uint32_t ret_orig = 0;
4936 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4937 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
4938 static const TEE_Attribute attr = {
4939 .attributeID = TEE_ATTR_SECRET_VALUE,
4940 .content.ref.buffer = (void *)large_key,
4941 .content.ref.length = sizeof(large_key),
4942 };
4943
4944 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4945 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4946 &ret_orig)))
4947 return;
4948
4949 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4950 ta_crypt_cmd_allocate_transient_object(c, &session,
4951 TEE_TYPE_HMAC_SHA256, 1024, &o)))
4952 goto out;
4953
4954 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
4955 ta_crypt_cmd_populate_transient_object(c, &session, o,
4956 &attr, 1));
4957
4958out:
4959 TEEC_CloseSession(&session);
4960}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4961ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
4962 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4963
4964static void xtest_tee_test_4011(ADBG_Case_t *c)
4965{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4966 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4967 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4968 TEE_ObjectHandle key = TEE_HANDLE_NULL;
4969 TEE_OperationHandle ops = TEE_HANDLE_NULL;
4970 TEE_OperationHandle opv = TEE_HANDLE_NULL;
4971 TEE_OperationHandle ope = TEE_HANDLE_NULL;
4972 TEE_OperationHandle opd = TEE_HANDLE_NULL;
4973 uint32_t ret_orig = 0;
4974 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
4975 uint8_t out[1024] = { };
4976 uint8_t tmp[1024] = { };
4977 size_t out_size = 0;
4978 size_t tmp_size = 0;
4979 size_t n = 0;
4980 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4981 size_t i = 0;
4982
4983 /* Setup session, initialize message to sign, create a keypair */
4984 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
4985 &crypt_user_ta_uuid, NULL, &ret_orig)))
4986 return;
4987 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
4988 &s, in, sizeof(in))))
4989 goto out;
4990 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
4991 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
4992 goto out;
4993 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
4994 key, key_size, NULL, 0)))
4995 goto out;
4996
4997 /* Allocate operations for sign, verify, encrypt and decrypt */
4998 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4999 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
5000 key_size)))
5001 goto out;
5002 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5003 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
5004 key_size)))
5005 goto out;
5006 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5007 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
5008 goto out;
5009 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5010 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
5011 goto out;
5012
5013 /* Assign the keypair to all operations */
5014 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5015 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
5016 goto out;
5017 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5018 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
5019 goto out;
5020 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5021 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
5022 goto out;
5023 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5024 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
5025 goto out;
5026
5027 /*
5028 * The core of the test case is inspired by the one in libtomcrypt:
5029 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
5030 *
5031 * Testcase for Bleichenbacher attack
5032 *
5033 * (1) Create a valid signature
5034 * (2) Check that it can be verified
5035 * (3) Transform the package to fetch plain text (using the encrypt
5036 * operation in GP TEE Internal API)
5037 * (4) Forge the structure of PKCS#1-EMSA encoded data
5038 * (4.1) Search for start and end of the padding string
5039 * (4.2) Move the signature to the front of the padding string
5040 * (4.3) Zero the message until the end
5041 * (5) Transform the package back (using the decrypt operation in
5042 * GP TEE Internal API)
5043 * (6) The result should not be valid if the implementation is robust.
5044 */
5045
5046
5047 for (i = 0; i < 9; i++) {
5048 Do_ADBG_Log("Iteration %zu", i);
5049
5050 /* 1 */
5051 out_size = sizeof(out);
5052 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5053 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5054 in, sizeof(in), out, &out_size)))
5055 goto out;
5056
5057 /* 2 */
5058 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5059 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5060 in, sizeof(in), out, out_size)))
5061 goto out;
5062
5063 /* 3 */
5064 tmp_size = sizeof(tmp);
5065 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5066 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5067 out, out_size, tmp, &tmp_size)))
5068 goto out;
5069
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5070 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5071 goto out;
5072
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5073 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5074 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5075 if (tmp[n] == 0xff)
5076 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5077
5078 /* Shall find at least a padding start before buffer end */
5079 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5080 goto out;
5081
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5082 for (m = n + 1; m < tmp_size; m++)
5083 if (tmp[m] != 0xff)
5084 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5085
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5086 /* 4.2 */
5087 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5088
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5089 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5090 n = n + i + tmp_size - m;
Etienne Carriereacb81c42020-04-24 14:58:58 +0200[diff] [blame]5091
5092 /* Prevent overrun when zeroing buffer end */
5093 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <=, tmp_size))
5094 goto out;
5095
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5096 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5097
5098 /* 5 */
5099 out_size = sizeof(out);
5100 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5101 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5102 tmp, tmp_size, out, &out_size)))
5103 goto out;
5104
5105 /* 6 */
5106 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5107 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5108 in, sizeof(in), out, out_size)))
5109 goto out;
5110 }
5111
5112out:
5113 TEEC_CloseSession(&s);
5114}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5115ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5116 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5117
5118#ifdef CFG_SYSTEM_PTA
5119static void xtest_tee_test_4012(ADBG_Case_t *c)
5120{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5121 TEEC_Session session = { };
5122 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5123 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5124 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5125 uint8_t pool_input[32] = { };
5126 time_t t = 0;
5127 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5128
5129 t = time(NULL);
5130 tm_local = *localtime(&t);
5131
5132 memcpy((void *)pool_input, (void *)&tm_local,
5133 sizeof(pool_input) < sizeof(tm_local) ?
5134 sizeof(pool_input) : sizeof(tm_local));
5135
5136
5137 op.params[0].tmpref.buffer = pool_input;
5138 op.params[0].tmpref.size = sizeof(pool_input);
5139 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5140 TEEC_NONE,
5141 TEEC_NONE,
5142 TEEC_NONE);
5143 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5144 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5145 &ret_orig)))
5146 return;
5147
5148 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5149 TEEC_InvokeCommand(&session,
5150 TA_CRYPT_CMD_SEED_RNG_POOL,
5151 &op,
5152 &ret_orig));
5153 TEEC_CloseSession(&session);
5154}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5155ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5156 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5157
5158static void xtest_tee_test_4013(ADBG_Case_t *c)
5159{
5160 TEEC_Session session = { };
5161 uint32_t ret_orig = 0;
5162 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5163 uint8_t key[32] = { };
5164 uint8_t extra_data[32] = { };
5165
5166 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5167 TEEC_NONE,
5168 TEEC_NONE,
5169 TEEC_NONE);
5170 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5171 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5172 NULL, &ret_orig)))
5173 return;
5174
5175 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5176 TEEC_InvokeCommand(&session,
5177 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5178 &op,
5179 &ret_orig));
5180
5181 /* Negative test using non-secure memory */
5182 memset(&op, 0, sizeof(op));
5183 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5184 TEEC_MEMREF_TEMP_OUTPUT,
5185 TEEC_NONE,
5186 TEEC_NONE);
5187
5188 op.params[0].tmpref.buffer = extra_data;
5189 op.params[0].tmpref.size = sizeof(extra_data);
5190 op.params[1].tmpref.buffer = key;
5191 op.params[1].tmpref.size = sizeof(key);
5192 (void)ADBG_EXPECT_TEEC_RESULT(c,
5193 TEEC_ERROR_SECURITY,
5194 TEEC_InvokeCommand(&session,
5195 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5196 &op,
5197 &ret_orig));
5198
5199 TEEC_CloseSession(&session);
5200}
5201ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5202 "Test generation of device unique TA keys");
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5203
5204static void xtest_tee_test_4014(ADBG_Case_t *c)
5205{
5206 TEEC_Session session = { };
5207 uint32_t ret_orig = 0;
5208 TEE_OperationHandle op = TEE_HANDLE_NULL;
5209 TEE_ObjectHandle keyA = TEE_HANDLE_NULL;
5210 TEE_ObjectHandle eph_keyA = TEE_HANDLE_NULL;
5211 TEE_ObjectHandle keyB = TEE_HANDLE_NULL;
5212 TEE_ObjectHandle eph_keyB = TEE_HANDLE_NULL;
5213 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5214 TEE_Attribute params[9] = { };
5215 size_t param_count = 0;
5216 uint8_t out[128] = { };
5217 size_t out_size = 0;
5218 uint8_t conf_A[32] = { };
5219 uint8_t conf_B[32] = { };
5220
5221 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5222 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5223 &ret_orig)))
5224 return;
5225
5226 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM2_KEP,
5227 TEE_ECC_CURVE_SM2)) {
5228 Do_ADBG_Log("SM2 KEP not supported: skip subcase");
5229 goto out;
5230 }
5231
5232 Do_ADBG_BeginSubCase(c, "Initiator side");
5233
5234 /*
5235 * Key exchange protocol running on user A's side. A is initiator.
5236 */
5237
5238 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5239 ta_crypt_cmd_allocate_operation(c, &session, &op,
5240 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5241 goto out;
5242
5243 /* Allocate and initialize keypair of user A */
5244
5245 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5246 ta_crypt_cmd_allocate_transient_object(c, &session,
5247 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyA)))
5248 goto out;
5249
5250 param_count = 0;
5251
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5252 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5253 ARRAY(gmt_003_part5_b2_public_xA));
5254
5255 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5256 ARRAY(gmt_003_part5_b2_public_yA));
5257
5258 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5259 ARRAY(gmt_003_part5_b2_private_A));
5260
5261 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5262 ta_crypt_cmd_populate_transient_object(c, &session, keyA,
5263 params, param_count)))
5264 goto out;
5265
5266 /*
5267 * Allocate and set ephemeral key of user A. Note: it is a regular ECC
5268 * key -- we don't use the *_EPHEMERAL_* attributes flags which are
5269 * reserved for use in TEE_DeriveKey() to pass the ephermeral key of
5270 * user B.
5271 */
5272
5273 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5274 ta_crypt_cmd_allocate_transient_object(c, &session,
5275 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyA)))
5276 goto out;
5277
5278 param_count = 0;
5279
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5280 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5281 ARRAY(gmt_003_part5_b2_eph_public_xA));
5282
5283 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5284 ARRAY(gmt_003_part5_b2_eph_public_yA));
5285
5286 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5287 ARRAY(gmt_003_part5_b2_eph_private_A));
5288
5289 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5290 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyA,
5291 params, param_count)))
5292 goto out;
5293
5294 /* Associate user A keys with operation */
5295
5296 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5297 ta_crypt_cmd_set_operation_key2(c, &session, op, keyA,
5298 eph_keyA)))
5299 goto out;
5300
5301 /* Keys have been set, free key objects */
5302
5303 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5304 ta_crypt_cmd_free_transient_object(c, &session, keyA)))
5305 goto out;
5306
5307 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5308 ta_crypt_cmd_free_transient_object(c, &session, eph_keyA)))
5309 goto out;
5310
5311 /* Allocate output object */
5312
5313 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5314 ta_crypt_cmd_allocate_transient_object(c, &session,
5315 TEE_TYPE_GENERIC_SECRET,
5316 sizeof(gmt_003_part5_b2_shared_secret),
5317 &sv_handle)))
5318 goto out;
5319
5320 /* Set key derivation parameters: user A role, user B information */
5321
5322 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5323 params[0].content.value.a = 0; /* Initiator role */
5324 params[0].content.value.b = 0; /* Not used */
5325 param_count = 1;
5326
5327 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5328 ARRAY(gmt_003_part5_b2_public_xB));
5329
5330 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5331 ARRAY(gmt_003_part5_b2_public_yB));
5332
5333 xtest_add_attr(&param_count, params,
5334 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5335 ARRAY(gmt_003_part5_b2_eph_public_xB));
5336
5337 xtest_add_attr(&param_count, params,
5338 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5339 ARRAY(gmt_003_part5_b2_eph_public_yB));
5340
5341 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5342 ARRAY(gmt_003_part5_b2_id_A));
5343
5344 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5345 ARRAY(gmt_003_part5_b2_id_B));
5346
5347 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5348 ARRAY(gmt_003_part5_b2_conf_B));
5349
5350 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5351 ARRAY(conf_A));
5352
5353 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5354 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5355 param_count)))
5356 goto out;
5357
5358 out_size = sizeof(out);
5359 memset(out, 0, sizeof(out));
5360 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5361 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5362 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5363 goto out;
5364
5365 /* Check derived key */
5366 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5367 sizeof(gmt_003_part5_b2_shared_secret), out,
5368 out_size))
5369 goto out;
5370
5371 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5372 ta_crypt_cmd_free_operation(c, &session, op)))
5373 goto out;
5374
5375 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5376 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5377 goto out;
5378
5379 Do_ADBG_EndSubCase(c, "Initiator side");
5380
5381 Do_ADBG_BeginSubCase(c, "Responder side");
5382
5383 /*
5384 * Key derivation on user B's side
5385 */
5386
5387 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5388 ta_crypt_cmd_allocate_operation(c, &session, &op,
5389 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5390 goto out;
5391
5392 /* Allocate and initialize keypair of user B */
5393
5394 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5395 ta_crypt_cmd_allocate_transient_object(c, &session,
5396 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyB)))
5397 goto out;
5398
5399 param_count = 0;
5400
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5401 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5402 ARRAY(gmt_003_part5_b2_public_xB));
5403
5404 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5405 ARRAY(gmt_003_part5_b2_public_yB));
5406
5407 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5408 ARRAY(gmt_003_part5_b2_private_B));
5409
5410 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5411 ta_crypt_cmd_populate_transient_object(c, &session, keyB,
5412 params, param_count)))
5413 goto out;
5414
5415 /* Allocate and set ephemeral key of user B */
5416
5417 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5418 ta_crypt_cmd_allocate_transient_object(c, &session,
5419 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyB)))
5420 goto out;
5421
5422 param_count = 0;
5423
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5424 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5425 ARRAY(gmt_003_part5_b2_eph_public_xB));
5426
5427 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5428 ARRAY(gmt_003_part5_b2_eph_public_yB));
5429
5430 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5431 ARRAY(gmt_003_part5_b2_eph_private_B));
5432
5433 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5434 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyB,
5435 params, param_count)))
5436 goto out;
5437
5438 /* Associate user B keys with operation */
5439
5440 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5441 ta_crypt_cmd_set_operation_key2(c, &session, op, keyB,
5442 eph_keyB)))
5443 goto out;
5444
5445 /* Keys have been set, free key objects */
5446
5447 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5448 ta_crypt_cmd_free_transient_object(c, &session, keyB)))
5449 goto out;
5450
5451 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5452 ta_crypt_cmd_free_transient_object(c, &session, eph_keyB)))
5453 goto out;
5454
5455 /* Allocate output object */
5456
5457 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5458 ta_crypt_cmd_allocate_transient_object(c, &session,
5459 TEE_TYPE_GENERIC_SECRET,
5460 sizeof(gmt_003_part5_b2_shared_secret),
5461 &sv_handle)))
5462 goto out;
5463
5464 /* Set key derivation parameters: user B role, user A information */
5465
5466 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5467 params[0].content.value.a = 1; /* Responder role */
5468 params[0].content.value.b = 0; /* Not used */
5469 param_count = 1;
5470
5471 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5472 ARRAY(gmt_003_part5_b2_public_xA));
5473
5474 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5475 ARRAY(gmt_003_part5_b2_public_yA));
5476
5477 xtest_add_attr(&param_count, params,
5478 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5479 ARRAY(gmt_003_part5_b2_eph_public_xA));
5480
5481 xtest_add_attr(&param_count, params,
5482 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5483 ARRAY(gmt_003_part5_b2_eph_public_yA));
5484
5485 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5486 ARRAY(gmt_003_part5_b2_id_A));
5487
5488 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5489 ARRAY(gmt_003_part5_b2_id_B));
5490
5491 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5492 ARRAY(gmt_003_part5_b2_conf_A));
5493
5494 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5495 ARRAY(conf_B));
5496
5497 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5498 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5499 param_count)))
5500 goto out;
5501
5502 out_size = sizeof(out);
5503 memset(out, 0, sizeof(out));
5504 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5505 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5506 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5507 goto out;
5508
5509 /* Check derived key */
5510 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5511 sizeof(gmt_003_part5_b2_shared_secret), out,
5512 out_size))
5513 goto out;
5514
5515 Do_ADBG_EndSubCase(c, "Responder side");
5516
5517out:
5518 TEEC_CloseSession(&session);
5519}
5520ADBG_CASE_DEFINE(regression, 4014, xtest_tee_test_4014,
5521 "Test SM2 KEP (key derivation)");
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5522#endif /*CFG_SYSTEM_PTA*/