TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 366179c20ab9c49e49aaf2b754255458d428a47b / . / host / xtest / regression_4000.c
blob: b03c6ab2bfa0c7f0aa0226dac6dfb36316db6a2f [file] [log] [blame]
Etienne Carriere9b7b70d2020-05-16 10:27:23 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2/*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]4 * Copyright (c) 2021, SumUp Services GmbH
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5 */
6
7#include <stdio.h>
8#include <string.h>
9#include <inttypes.h>
10#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]11#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]12
13#include "xtest_test.h"
14#include "xtest_helpers.h"
15
16#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]17#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]18#include <ta_crypt.h>
19#include <utee_defines.h>
20#include <util.h>
21
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]22#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]23#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]24
25#include <assert.h>
26
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]27static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
28 TEE_OperationHandle oph)
29{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]30 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]32 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]33
34 assert((uintptr_t)oph <= UINT32_MAX);
35 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
36 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
37 TEEC_NONE);
38 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
39 &ret_orig);
40 if (res != TEEC_SUCCESS) {
41 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
42 ret_orig);
43 }
44 return res;
45}
46
47static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
48 TEEC_Session *s,
49 TEE_OperationHandle dst_oph,
50 TEE_OperationHandle src_oph)
51{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]52 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]53 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]54 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]55
56 assert((uintptr_t)dst_oph <= UINT32_MAX);
57 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
58
59 assert((uintptr_t)src_oph <= UINT32_MAX);
60 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
61 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
62 TEEC_NONE);
63
64 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
65 &ret_orig);
66
67 if (res != TEEC_SUCCESS) {
68 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
69 ret_orig);
70 }
71 return res;
72}
73
74static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
75 TEE_OperationHandle oph,
76 const void *chunk,
77 size_t chunk_size)
78{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]79 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]80 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]81 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]82
83 assert((uintptr_t)oph <= UINT32_MAX);
84 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
85 op.params[1].tmpref.buffer = (void *)chunk;
86 op.params[1].tmpref.size = chunk_size;
87
88 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
89 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
90 TEEC_NONE);
91
92 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
93
94 if (res != TEEC_SUCCESS) {
95 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
96 ret_orig);
97 }
98
99 return res;
100}
101
102static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
103 TEE_OperationHandle oph,
104 const void *chunk,
105 size_t chunk_len, void *hash,
106 size_t *hash_len)
107{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]108 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]109 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]110 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]111
112 assert((uintptr_t)oph <= UINT32_MAX);
113 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
114
115 op.params[1].tmpref.buffer = (void *)chunk;
116 op.params[1].tmpref.size = chunk_len;
117
118 op.params[2].tmpref.buffer = (void *)hash;
119 op.params[2].tmpref.size = *hash_len;
120
121 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
122 TEEC_MEMREF_TEMP_INPUT,
123 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
124
125 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
126 &ret_orig);
127
128 if (res != TEEC_SUCCESS) {
129 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
130 ret_orig);
131 }
132
133 if (res == TEEC_SUCCESS)
134 *hash_len = op.params[2].tmpref.size;
135
136 return res;
137}
138
139static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
140 TEEC_Session *s,
141 TEE_OperationHandle oph,
142 TEE_ObjectHandle key1,
143 TEE_ObjectHandle key2)
144{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]145 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]146 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]147 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]148
149 assert((uintptr_t)oph <= UINT32_MAX);
150 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
151
152 assert((uintptr_t)key1 <= UINT32_MAX);
153 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
154
155 assert((uintptr_t)key2 <= UINT32_MAX);
156 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
157 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
158 TEEC_NONE, TEEC_NONE);
159
160 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
161 &ret_orig);
162
163 if (res != TEEC_SUCCESS) {
164 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
165 ret_orig);
166 }
167
168 return res;
169}
170
171static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
172 TEE_OperationHandle oph,
173 const void *iv, size_t iv_len)
174{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]175 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]176 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]177 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]178
179 assert((uintptr_t)oph <= UINT32_MAX);
180 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
181
182 if (iv != NULL) {
183 op.params[1].tmpref.buffer = (void *)iv;
184 op.params[1].tmpref.size = iv_len;
185 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
186 TEEC_MEMREF_TEMP_INPUT,
187 TEEC_NONE, TEEC_NONE);
188 } else {
189 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
190 TEEC_NONE, TEEC_NONE);
191 }
192
193 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
194
195 if (res != TEEC_SUCCESS) {
196 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
197 ret_orig);
198 }
199
200 return res;
201}
202
203static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
204 TEE_OperationHandle oph,
205 const void *chunk, size_t chunk_size)
206{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]207 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]208 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]209 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]210
211 assert((uintptr_t)oph <= UINT32_MAX);
212 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
213
214 op.params[1].tmpref.buffer = (void *)chunk;
215 op.params[1].tmpref.size = chunk_size;
216
217 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
218 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
219 TEEC_NONE);
220
221 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
222
223 if (res != TEEC_SUCCESS) {
224 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
225 ret_orig);
226 }
227
228 return res;
229}
230
231static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
232 TEEC_Session *s,
233 TEE_OperationHandle oph,
234 const void *chunk,
235 size_t chunk_len,
236 void *hash,
237 size_t *hash_len)
238{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]239 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]240 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]241 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]242
243 assert((uintptr_t)oph <= UINT32_MAX);
244 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
245
246 op.params[1].tmpref.buffer = (void *)chunk;
247 op.params[1].tmpref.size = chunk_len;
248
249 op.params[2].tmpref.buffer = (void *)hash;
250 op.params[2].tmpref.size = *hash_len;
251
252 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
253 TEEC_MEMREF_TEMP_INPUT,
254 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
255
256 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
257 &ret_orig);
258
259 if (res != TEEC_SUCCESS) {
260 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
261 ret_orig);
262 }
263
264 if (res == TEEC_SUCCESS)
265 *hash_len = op.params[2].tmpref.size;
266
267 return res;
268}
269
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]270static TEEC_Result ta_crypt_cmd_mac_final_compare(ADBG_Case_t *c,
271 TEEC_Session *s,
272 TEE_OperationHandle oph,
273 const void *chunk,
274 size_t chunk_len,
275 const uint8_t *hash,
276 size_t hash_len)
277{
278 TEEC_Result res = TEEC_ERROR_GENERIC;
279 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
280 uint32_t ret_orig = 0;
281
282 assert((uintptr_t)oph <= UINT32_MAX);
283 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
284
285 op.params[1].tmpref.buffer = (void *)chunk;
286 op.params[1].tmpref.size = chunk_len;
287
288 op.params[2].tmpref.buffer = (void *)hash;
289 op.params[2].tmpref.size = hash_len;
290
291 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
292 TEEC_MEMREF_TEMP_INPUT,
293 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE);
294
295 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPARE, &op,
296 &ret_orig);
297
298 if (res != TEEC_SUCCESS) {
299 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
300 ret_orig);
301 }
302
303 return res;
304}
305
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]306static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
307 TEE_OperationHandle oph,
308 const void *iv, size_t iv_len)
309{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]310 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]311 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]312 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]313
314 assert((uintptr_t)oph <= UINT32_MAX);
315 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
316
317 if (iv != NULL) {
318 op.params[1].tmpref.buffer = (void *)iv;
319 op.params[1].tmpref.size = iv_len;
320
321 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
322 TEEC_MEMREF_TEMP_INPUT,
323 TEEC_NONE, TEEC_NONE);
324 } else {
325 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
326 TEEC_NONE, TEEC_NONE);
327 }
328
329 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
330
331 if (res != TEEC_SUCCESS) {
332 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
333 ret_orig);
334 }
335
336 return res;
337}
338
339static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
340 TEE_OperationHandle oph,
341 const void *src, size_t src_len,
342 void *dst, size_t *dst_len)
343{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]344 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]345 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]346 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]347
348 assert((uintptr_t)oph <= UINT32_MAX);
349 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
350
351 op.params[1].tmpref.buffer = (void *)src;
352 op.params[1].tmpref.size = src_len;
353
354 op.params[2].tmpref.buffer = dst;
355 op.params[2].tmpref.size = *dst_len;
356
357 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
358 TEEC_MEMREF_TEMP_INPUT,
359 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
360
361 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
362
363 if (res != TEEC_SUCCESS) {
364 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
365 ret_orig);
366 }
367
368 if (res == TEEC_SUCCESS)
369 *dst_len = op.params[2].tmpref.size;
370
371 return res;
372}
373
374static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
375 TEEC_Session *s,
376 TEE_OperationHandle oph,
377 const void *src,
378 size_t src_len,
379 void *dst,
380 size_t *dst_len)
381{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]382 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]383 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]384 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]385
386 assert((uintptr_t)oph <= UINT32_MAX);
387 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
388
389 op.params[1].tmpref.buffer = (void *)src;
390 op.params[1].tmpref.size = src_len;
391
392 op.params[2].tmpref.buffer = (void *)dst;
393 op.params[2].tmpref.size = *dst_len;
394
395 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
396 TEEC_MEMREF_TEMP_INPUT,
397 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
398
399 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
400 &ret_orig);
401
402 if (res != TEEC_SUCCESS) {
403 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
404 ret_orig);
405 }
406
407 if (res == TEEC_SUCCESS)
408 *dst_len = op.params[2].tmpref.size;
409
410 return res;
411}
412
413static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
414 TEEC_Session *s,
415 void *buf,
416 size_t blen)
417{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]418 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]419 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]420 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]421
422 op.params[0].tmpref.buffer = buf;
423 op.params[0].tmpref.size = blen;
424
425 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
426 TEEC_NONE, TEEC_NONE);
427
Joakim Bech81f97e32020-05-27 12:14:23 +0200[diff] [blame]428 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE, &op,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]429 &ret_orig);
430
431 if (res != TEEC_SUCCESS) {
432 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
433 ret_orig);
434 }
435
436 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
437 op.params[0].tmpref.size);
438 return res;
439}
440
441static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
442 TEE_OperationHandle oph,
443 const void *nonce, size_t nonce_len,
444 size_t tag_len, size_t aad_len,
445 size_t payload_len)
446{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]447 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]448 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]449 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]450
451 assert((uintptr_t)oph <= UINT32_MAX);
452 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
453 op.params[0].value.b = tag_len;
454
455 op.params[1].tmpref.buffer = (void *)nonce;
456 op.params[1].tmpref.size = nonce_len;
457
458 op.params[2].value.a = aad_len;
459 op.params[2].value.b = payload_len;
460
461 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
462 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]463 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]464
465 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
466
467 if (res != TEEC_SUCCESS) {
468 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
469 ret_orig);
470 }
471 return res;
472}
473
474static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
475 TEE_OperationHandle oph,
476 const void *aad, size_t aad_len)
477{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]478 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]479 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]480 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]481
482 assert((uintptr_t)oph <= UINT32_MAX);
483 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
484
485 op.params[1].tmpref.buffer = (void *)aad;
486 op.params[1].tmpref.size = aad_len;
487
488 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
489 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
490 TEEC_NONE);
491
492 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
493
494 if (res != TEEC_SUCCESS) {
495 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
496 ret_orig);
497 }
498
499 return res;
500}
501
502static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
503 TEEC_Session *s,
504 TEE_OperationHandle oph,
505 const void *src,
506 size_t src_len,
507 void *dst,
508 size_t *dst_len)
509{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]510 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]511 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]512 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]513
514 assert((uintptr_t)oph <= UINT32_MAX);
515 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
516
517 op.params[1].tmpref.buffer = (void *)src;
518 op.params[1].tmpref.size = src_len;
519
520 op.params[2].tmpref.buffer = (void *)dst;
521 op.params[2].tmpref.size = *dst_len;
522
523 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
524 TEEC_MEMREF_TEMP_INPUT,
525 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
526
527 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
528
529 if (res != TEEC_SUCCESS) {
530 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
531 ret_orig);
532 }
533
534 if (res == TEEC_SUCCESS)
535 *dst_len = op.params[2].tmpref.size;
536
537 return res;
538}
539
540static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
541 TEEC_Session *s,
542 TEE_OperationHandle oph,
543 const void *src,
544 size_t src_len, void *dst,
545 size_t *dst_len, void *tag,
546 size_t *tag_len)
547{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]548 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]549 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]550 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]551
552 assert((uintptr_t)oph <= UINT32_MAX);
553 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
554
555 op.params[1].tmpref.buffer = (void *)src;
556 op.params[1].tmpref.size = src_len;
557
558 op.params[2].tmpref.buffer = (void *)dst;
559 op.params[2].tmpref.size = *dst_len;
560
561 op.params[3].tmpref.buffer = (void *)tag;
562 op.params[3].tmpref.size = *tag_len;
563
564 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
565 TEEC_MEMREF_TEMP_INPUT,
566 TEEC_MEMREF_TEMP_OUTPUT,
567 TEEC_MEMREF_TEMP_OUTPUT);
568
569 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
570 &ret_orig);
571
572 if (res != TEEC_SUCCESS) {
573 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
574 ret_orig);
575 }
576
577 if (res == TEEC_SUCCESS) {
578 *dst_len = op.params[2].tmpref.size;
579 *tag_len = op.params[3].tmpref.size;
580 }
581
582 return res;
583}
584
585static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
586 TEEC_Session *s,
587 TEE_OperationHandle oph,
588 const void *src, size_t src_len,
589 void *dst, size_t *dst_len,
590 const void *tag, size_t tag_len)
591{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]592 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]593 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]594 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]595
596 assert((uintptr_t)oph <= UINT32_MAX);
597 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
598
599 op.params[1].tmpref.buffer = (void *)src;
600 op.params[1].tmpref.size = src_len;
601
602 op.params[2].tmpref.buffer = dst;
603 op.params[2].tmpref.size = *dst_len;
604
605 op.params[3].tmpref.buffer = (void *)tag;
606 op.params[3].tmpref.size = tag_len;
607
608 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
609 TEEC_MEMREF_TEMP_INPUT,
610 TEEC_MEMREF_TEMP_OUTPUT,
611 TEEC_MEMREF_TEMP_INPUT);
612
613 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
614 &ret_orig);
615
616 if (res != TEEC_SUCCESS) {
617 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
618 ret_orig);
619 }
620
621 if (res == TEEC_SUCCESS)
622 *dst_len = op.params[2].tmpref.size;
623
624 return res;
625}
626
627static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
628 TEEC_Session *s,
629 TEE_OperationHandle oph,
630 uint32_t cmd,
631 const TEE_Attribute *params,
632 uint32_t paramCount,
633 const void *src,
634 size_t src_len,
635 void *dst,
636 size_t *dst_len)
637{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]638 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]639 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]640 uint32_t ret_orig = 0;
641 uint8_t *buf = NULL;
642 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]643
644 res = pack_attrs(params, paramCount, &buf, &blen);
645 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
646 return res;
647
648 assert((uintptr_t)oph <= UINT32_MAX);
649 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
650
651 op.params[1].tmpref.buffer = buf;
652 op.params[1].tmpref.size = blen;
653
654 op.params[2].tmpref.buffer = (void *)src;
655 op.params[2].tmpref.size = src_len;
656
657 op.params[3].tmpref.buffer = dst;
658 op.params[3].tmpref.size = *dst_len;
659
660 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
661 TEEC_MEMREF_TEMP_INPUT,
662 TEEC_MEMREF_TEMP_INPUT,
663 TEEC_MEMREF_TEMP_OUTPUT);
664
665 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
666
667 if (res != TEEC_SUCCESS) {
668 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
669 ret_orig);
670 }
671
672 if (res == TEEC_SUCCESS)
673 *dst_len = op.params[3].tmpref.size;
674
675 free(buf);
676 return res;
677}
678
679static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
680 TEEC_Session *s,
681 TEE_OperationHandle oph,
682 const TEE_Attribute *params,
683 uint32_t paramCount,
684 const void *src,
685 size_t src_len,
686 void *dst,
687 size_t *dst_len)
688{
689 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
690 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
691 params, paramCount,
692 src, src_len, dst, dst_len);
693}
694
695static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
696 TEEC_Session *s,
697 TEE_OperationHandle oph,
698 const TEE_Attribute *params,
699 uint32_t paramCount,
700 const void *src,
701 size_t src_len,
702 void *dst,
703 size_t *dst_len)
704{
705 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
706 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
707 params, paramCount,
708 src, src_len, dst, dst_len);
709}
710
711static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
712 TEEC_Session *s,
713 TEE_OperationHandle oph,
714 const TEE_Attribute *params,
715 uint32_t paramCount,
716 const void *digest,
717 size_t digest_len,
718 void *signature,
719 size_t *signature_len)
720{
721 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
722 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
723 digest, digest_len, signature, signature_len);
724}
725
726static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
727 TEEC_Session *s,
728 TEE_OperationHandle oph,
729 const TEE_Attribute *params,
730 uint32_t paramCount,
731 const void *digest,
732 size_t digest_len,
733 const void *signature,
734 size_t signature_len)
735{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]736 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]737 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]738 uint32_t ret_orig = 0;
739 uint8_t *buf = NULL;
740 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]741
742 res = pack_attrs(params, paramCount, &buf, &blen);
743 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
744 return res;
745
746 assert((uintptr_t)oph <= UINT32_MAX);
747 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
748
749 op.params[1].tmpref.buffer = buf;
750 op.params[1].tmpref.size = blen;
751
752 op.params[2].tmpref.buffer = (void *)digest;
753 op.params[2].tmpref.size = digest_len;
754
755 op.params[3].tmpref.buffer = (void *)signature;
756 op.params[3].tmpref.size = signature_len;
757
758 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
759 TEEC_MEMREF_TEMP_INPUT,
760 TEEC_MEMREF_TEMP_INPUT,
761 TEEC_MEMREF_TEMP_INPUT);
762
763 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
764 &op, &ret_orig);
765
766 if (res != TEEC_SUCCESS) {
767 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
768 ret_orig);
769 }
770
771 free(buf);
772 return res;
773}
774
775static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
776 TEEC_Session *s,
777 TEE_ObjectHandle o,
778 uint32_t attr_id,
779 uint32_t *valuea,
780 uint32_t *valueb)
781{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]782 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]783 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]784 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]785
786 assert((uintptr_t)o <= UINT32_MAX);
787 op.params[0].value.a = (uint32_t)(uintptr_t)o;
788 op.params[0].value.b = attr_id;
789 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
790 TEEC_NONE, TEEC_NONE);
791
792 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
793 &op, &ret_orig);
794
795 if (res != TEEC_SUCCESS) {
796 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
797 ret_orig);
798 }
799
800 if (res == TEEC_SUCCESS) {
801 *valuea = op.params[1].value.a;
802 *valueb = op.params[1].value.b;
803 }
804
805 return res;
806}
807
808static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
809 TEEC_Session *s,
810 TEE_ObjectHandle o,
811 uint32_t key_size,
812 const TEE_Attribute *params,
813 uint32_t paramCount)
814{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]815 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]816 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]817 uint32_t ret_orig = 0;
818 uint8_t *buf = NULL;
819 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]820
821 res = pack_attrs(params, paramCount, &buf, &blen);
822 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
823 return res;
824
825 assert((uintptr_t)o <= UINT32_MAX);
826 op.params[0].value.a = (uint32_t)(uintptr_t)o;
827 op.params[0].value.b = key_size;
828
829 op.params[1].tmpref.buffer = buf;
830 op.params[1].tmpref.size = blen;
831
832 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
833 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
834 TEEC_NONE);
835
836 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
837
838 if (res != TEEC_SUCCESS) {
839 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
840 ret_orig);
841 }
842
843 free(buf);
844 return res;
845}
846
847static const uint8_t hash_data_md5_in1[] = {
848 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
849};
850
851static const uint8_t hash_data_md5_out1[] = {
852 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
853 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
854};
855
856static const uint8_t hash_data_sha1_in1[] = {
857 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
858};
859
860static const uint8_t hash_data_sha1_out1[] = {
861 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
862 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
863 0xc1, 0x5e, 0x7c, 0x9c
864};
865
866static const uint8_t hash_data_sha224_in1[] = {
867 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
868};
869
870static const uint8_t hash_data_sha224_out1[] = {
871 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
872 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
873 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
874 0x92, 0x49, 0xd8, 0x44
875};
876
877static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
878
879static const uint8_t hash_data_sha256_out1[] = {
880 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
881 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
882 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
883 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
884};
885
886static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
887
888static const uint8_t hash_data_sha256_out2[] = {
889 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
890 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
891 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
892 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
893};
894
895
896static const uint8_t hash_data_sha384_in1[] = {
897 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
898};
899
900static const uint8_t hash_data_sha384_out1[] = {
901 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
902 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
903 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
904 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
905 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
906 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
907};
908
909static const uint8_t hash_data_sha512_in1[] = {
910 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
911};
912
913static const uint8_t hash_data_sha512_out1[] = {
914 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
915 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
916 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
917 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
918 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
919 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
920 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
921 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
922};
923
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]924/*
925 * SM3
926 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]927 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]928 */
929static const uint8_t hash_data_sm3_a1_in[3] = "abc";
930
931static const uint8_t hash_data_sm3_a1_out[] = {
932 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
933 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
934 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
935 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
936};
937
938/*
939 * SM3
940 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]941 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]942 */
943static const uint8_t hash_data_sm3_a2_in[] = {
944 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
945 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
946 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
947 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
948 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
949 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
950 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
951 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
952};
953
954static const uint8_t hash_data_sm3_a2_out[] = {
955 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
956 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
957 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
958 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
959};
960
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]961struct xtest_hash_case {
962 uint32_t algo;
963 size_t in_incr;
964 const uint8_t *in;
965 size_t in_len;
966 const uint8_t *out;
967 size_t out_len;
968};
969
970#define XTEST_HASH_CASE(algo, in_incr, in, out) \
971 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
972
973static const struct xtest_hash_case hash_cases[] = {
974 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
975 hash_data_md5_out1),
976 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
977 hash_data_sha1_out1),
978 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
979 hash_data_sha224_out1),
980 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
981 hash_data_sha256_out1),
982 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
983 hash_data_sha256_out2),
984 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
985 hash_data_sha384_out1),
986 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
987 hash_data_sha512_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]988 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
989 hash_data_sm3_a1_out),
990 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
991 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]992};
993
994static void xtest_tee_test_4001(ADBG_Case_t *c)
995{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]996 TEEC_Session session = { };
997 uint32_t ret_orig = 0;
998 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]999
1000 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1001 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1002 &ret_orig)))
1003 return;
1004
1005
1006 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1007 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1008 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1009 uint8_t out[64] = { };
1010 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1011
Jerome Forissier87b00c02020-01-22 16:33:12 +0100[diff] [blame]1012 if (hash_cases[n].algo == TEE_ALG_SM3 &&
1013 !ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM3,
1014 TEE_CRYPTO_ELEMENT_NONE)) {
1015 Do_ADBG_Log("SM3 not supported: skip subcase");
1016 continue;
1017 }
1018
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1019 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
1020 (int)n, (unsigned int)hash_cases[n].algo);
1021
1022 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1023 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1024 hash_cases[n].algo,
1025 TEE_MODE_DIGEST, 0)))
1026 goto out;
1027
1028 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1029 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1030 hash_cases[n].algo,
1031 TEE_MODE_DIGEST, 0)))
1032 goto out;
1033
1034 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1035 ta_crypt_cmd_digest_update(c, &session, op1,
1036 hash_cases[n].in,
1037 hash_cases[n].in_incr)))
1038 goto out;
1039
1040 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1041 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1042 goto out;
1043
1044 out_size = sizeof(out);
1045 memset(out, 0, sizeof(out));
1046 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1047 ta_crypt_cmd_digest_do_final(c, &session, op2,
1048 hash_cases[n].in + hash_cases[n].in_incr,
1049 hash_cases[n].in_len - hash_cases[n].in_incr,
1050 out, &out_size)))
1051 goto out;
1052
1053 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1054 hash_cases[n].out_len, out, out_size);
1055
1056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1057 ta_crypt_cmd_reset_operation(c, &session, op1)))
1058 goto out;
1059
1060 out_size = sizeof(out);
1061 memset(out, 0, sizeof(out));
1062 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1063 ta_crypt_cmd_digest_do_final(c, &session, op1,
1064 hash_cases[n].in,
1065 hash_cases[n].in_len, out,
1066 &out_size)))
1067 goto out;
1068
1069 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1070 hash_cases[n].out_len, out, out_size);
1071
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1072 /*
1073 * Invoke TEE_DigestDoFinal() a second time to check that state
1074 * was properly reset
1075 */
1076 out_size = sizeof(out);
1077 memset(out, 0, sizeof(out));
1078 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1079 ta_crypt_cmd_digest_do_final(c, &session, op1,
1080 hash_cases[n].in,
1081 hash_cases[n].in_len, out,
1082 &out_size)))
1083 goto out;
1084
1085 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1086 hash_cases[n].out_len, out, out_size);
1087
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1088 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1089 ta_crypt_cmd_free_operation(c, &session, op1)))
1090 goto out;
1091
1092 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1093 ta_crypt_cmd_free_operation(c, &session, op2)))
1094 goto out;
1095
1096 Do_ADBG_EndSubCase(c, NULL);
1097 }
1098
1099out:
1100 TEEC_CloseSession(&session);
1101}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1102ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1103 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1104
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1105struct xtest_mac_case {
1106 uint32_t algo;
1107 uint32_t key_type;
1108 const uint8_t *key;
1109 size_t key_len;
1110 size_t in_incr;
1111 const uint8_t *in;
1112 size_t in_len;
1113 const uint8_t *out;
1114 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1115 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1116};
1117
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1118#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1119 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1120 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1121
1122#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1123 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1124 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1125
1126#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1127 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1128 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1129
1130#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1131 XTEST_MAC_CASE((algo), (key_type), \
1132 mac_cbc_ ## vect ## _key, (in_incr), \
1133 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1134
1135#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1136 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1137 mac_cmac_ ## vect ## _key, (in_incr), \
1138 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1139
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1140#define XTEST_MAC_DES3_CMAC_CASE(vect, in_incr) \
1141 XTEST_MAC_CASE(TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, \
1142 mac_des3_cmac_ ## vect ## _key, (in_incr), \
1143 mac_des3_cmac_ ## vect ## _data, mac_des3_cmac_ ## vect ## _out)
1144
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1145static const struct xtest_mac_case mac_cases[] = {
1146 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1147 mac_data_md5_key1,
1148 4, mac_data_md5_in1, mac_data_md5_out1),
1149 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1150 mac_data_sha1_key1,
1151 5, mac_data_sha1_in1, mac_data_sha1_out1),
1152 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1153 mac_data_sha224_key1,
1154 8, mac_data_sha224_in1, mac_data_sha224_out1),
1155 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1156 mac_data_sha256_key1,
1157 1, mac_data_sha256_in1, mac_data_sha256_out1),
1158 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1159 mac_data_sha256_key2,
1160 7, mac_data_sha256_in2, mac_data_sha256_out2),
1161 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1162 mac_data_sha384_key1,
1163 11, mac_data_sha384_in1, mac_data_sha384_out1),
1164 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1165 mac_data_sha512_key1,
1166 13, mac_data_sha512_in1, mac_data_sha512_out1),
1167
1168 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1169 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1170 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1171 17),
1172 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1173 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1174 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1175 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1176 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1177 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1178 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1179 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1180
1181 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1182 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1183 ARRAY_SIZE(mac_cmac_vect1_out) },
1184 XTEST_MAC_CMAC_CASE(vect2, 9),
1185 XTEST_MAC_CMAC_CASE(vect3, 9),
1186 XTEST_MAC_CMAC_CASE(vect4, 9),
1187 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1188 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1189 ARRAY_SIZE(mac_cmac_vect5_out) },
1190 XTEST_MAC_CMAC_CASE(vect6, 9),
1191 XTEST_MAC_CMAC_CASE(vect7, 9),
1192 XTEST_MAC_CMAC_CASE(vect8, 9),
1193 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1194 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1195 ARRAY_SIZE(mac_cmac_vect9_out) },
1196 XTEST_MAC_CMAC_CASE(vect10, 9),
1197 XTEST_MAC_CMAC_CASE(vect11, 9),
1198 XTEST_MAC_CMAC_CASE(vect12, 9),
Clement Faure21b347a2021-04-29 13:06:55 +0200[diff] [blame]1199 XTEST_MAC_CMAC_CASE(vect12, 16),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1200
Alexander Zakharov0afe00c2021-02-10 19:06:48 +0100[diff] [blame]1201 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect1_key,
1202 ARRAY_SIZE(mac_des3_cmac_vect1_key), 0, NULL, 0, mac_des3_cmac_vect1_out,
1203 ARRAY_SIZE(mac_des3_cmac_vect1_out) },
1204 XTEST_MAC_DES3_CMAC_CASE(vect2, 3),
1205 XTEST_MAC_DES3_CMAC_CASE(vect3, 9),
1206 XTEST_MAC_DES3_CMAC_CASE(vect4, 9),
1207 { TEE_ALG_DES3_CMAC, TEE_TYPE_DES3, mac_des3_cmac_vect5_key,
1208 ARRAY_SIZE(mac_des3_cmac_vect5_key), 0, NULL, 0, mac_des3_cmac_vect5_out,
1209 ARRAY_SIZE(mac_des3_cmac_vect5_out) },
1210 XTEST_MAC_DES3_CMAC_CASE(vect6, 3),
1211 XTEST_MAC_DES3_CMAC_CASE(vect7, 5),
1212 XTEST_MAC_DES3_CMAC_CASE(vect8, 9),
1213
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1214 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1215 mac_data_sm3_d31_key,
1216 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1217 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1218 mac_data_sm3_d32_key,
1219 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1220};
1221
1222static void xtest_tee_test_4002(ADBG_Case_t *c)
1223{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1224 TEEC_Session session = { };
1225 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1226 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1227 TEE_OperationHandle op3 = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1228 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1229 uint8_t out[64] = { };
1230 size_t out_size = 0;
1231 uint32_t ret_orig = 0;
1232 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1233
1234 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1235 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1236 &ret_orig)))
1237 return;
1238
1239 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1240 TEE_Attribute key_attr = { };
1241 size_t key_size = 0;
1242 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1243
1244 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1245 (int)n, (unsigned int)mac_cases[n].algo);
1246
1247 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1248 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1249 key_attr.content.ref.length = mac_cases[n].key_len;
1250
1251 key_size = key_attr.content.ref.length * 8;
1252 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1253 mac_cases[n].key_type == TEE_TYPE_DES3)
1254 /* Exclude parity in bit size of key */
1255 key_size -= key_size / 8;
1256
1257 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1258 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1259 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1260 goto out;
1261
1262 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1263 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1264 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1265 goto out;
1266
1267 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1268 ta_crypt_cmd_allocate_operation(c, &session, &op3,
1269 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1270 goto out;
1271
1272 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1273 ta_crypt_cmd_allocate_transient_object(c, &session,
1274 mac_cases[n].key_type, key_size, &key_handle)))
1275 goto out;
1276
1277 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1278 ta_crypt_cmd_populate_transient_object(c, &session,
1279 key_handle, &key_attr, 1)))
1280 goto out;
1281
1282 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1283 ta_crypt_cmd_set_operation_key(c, &session, op1,
1284 key_handle)))
1285 goto out;
1286
1287 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1288 ta_crypt_cmd_free_transient_object(c, &session,
1289 key_handle)))
1290 goto out;
1291
1292 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1293 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1294 goto out;
1295
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1296 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1297 ta_crypt_cmd_copy_operation(c, &session, op3, op1)))
1298 goto out;
1299
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1300 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1301 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1302 while (offs + mac_cases[n].in_incr <
1303 mac_cases[n].in_len) {
1304 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1305 ta_crypt_cmd_mac_update(c, &session,
1306 op1, mac_cases[n].in + offs,
1307 mac_cases[n].in_incr)))
1308 goto out;
1309 offs += mac_cases[n].in_incr;
1310 if (!mac_cases[n].multiple_incr)
1311 break;
1312 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1313 }
1314
1315 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1316 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1317 goto out;
1318
1319 out_size = sizeof(out);
1320 memset(out, 0, sizeof(out));
1321 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1322 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1323 mac_cases[n].in + offs,
1324 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1325 out, &out_size)))
1326 goto out;
1327
1328 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1329 mac_cases[n].out_len, out, out_size);
1330
1331 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1332 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1333 goto out;
1334
1335 out_size = sizeof(out);
1336 memset(out, 0, sizeof(out));
1337 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1338 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1339 mac_cases[n].in, mac_cases[n].in_len, out,
1340 &out_size)))
1341 goto out;
1342
1343 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1344 mac_cases[n].out_len, out, out_size);
1345
1346 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1347 ta_crypt_cmd_mac_final_compare(c, &session, op3,
1348 mac_cases[n].in, mac_cases[n].in_len,
1349 mac_cases[n].out, mac_cases[n].out_len)))
1350 goto out;
1351
1352 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1353 ta_crypt_cmd_free_operation(c, &session, op1)))
1354 goto out;
1355
1356 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1357 ta_crypt_cmd_free_operation(c, &session, op2)))
1358 goto out;
1359
Jerome Forissier4f419512021-07-07 14:56:10 +0200[diff] [blame]1360 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1361 ta_crypt_cmd_free_operation(c, &session, op3)))
1362 goto out;
1363
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1364 Do_ADBG_EndSubCase(c, NULL);
1365 }
1366out:
1367 TEEC_CloseSession(&session);
1368}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1369ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1370 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1371
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1372static const uint8_t ciph_data_aes_key1[] = {
1373 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1374 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1375};
1376
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1377static const uint8_t ciph_data_aes_key2[] = {
1378 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1379 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1380};
1381
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1382static const uint8_t ciph_data_des_key1[] = {
1383 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1384};
1385
1386static const uint8_t ciph_data_des_key2[] = {
1387 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1388};
1389
1390
1391static const uint8_t ciph_data_des3_key1[] = {
1392 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1393 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1394 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1395};
1396
1397static const uint8_t ciph_data_des3_key2[] = {
1398 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1399 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1400 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1401};
1402
1403static const uint8_t ciph_data_des2_key1[] = {
1404 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1405 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1406};
1407
1408static const uint8_t ciph_data_in1[] = {
1409 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1410 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1411 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1412 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1413 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1414 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1415};
1416
1417static const uint8_t ciph_data_in3[] = {
1418 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1419 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1420 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1421 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1422 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1423 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1424};
1425
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1426static const uint8_t ciph_data_in4[] = {
1427 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1428 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1429 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1430 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1431 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1432 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1433 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1434 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1435};
1436
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1437static const uint8_t ciph_data_in5[] = {
1438 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1439 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1440 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1441 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1442 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1443 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1444 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1445 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1446 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1447 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1448 0x01, 0x01, 0x01
1449};
1450
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1451static const uint8_t ciph_data_128_iv1[] = {
1452 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1453 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1454};
1455
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1456static const uint8_t ciph_data_128_iv2[] = {
1457 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1458 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1459};
1460
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1461static const uint8_t ciph_data_64_iv1[] = {
1462 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1463};
1464
1465static const uint8_t ciph_data_in2[] = {
1466 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1467};
1468
1469static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1470 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1471 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1472 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1473 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1474 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1475 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1476};
1477
1478static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1479 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1480 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1481 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1482 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1483 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1484 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1485};
1486
1487static const uint8_t ciph_data_aes_ctr_out1[] = {
1488 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1489 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1490 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1491 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1492 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1493 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1494};
1495
1496static const uint8_t ciph_data_aes_ctr_out2[] = {
1497 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1498 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1499 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1500 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1501 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1502 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1503};
1504
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1505static const uint8_t ciph_data_aes_ctr_out4[] = {
1506 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1507 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1508 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1509 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1510 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1511 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1512 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1513 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1514};
1515
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1516static const uint8_t ciph_data_aes_ctr_out5[] = {
1517 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1518 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1519 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1520 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1521 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1522 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1523 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1524 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1525 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1526 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1527 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1528};
1529
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1530static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1531 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1532 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1533};
1534
1535static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1536 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1537 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1538};
1539
1540static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1541 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1542 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1543 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1544 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1545 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1546 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1547 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1548 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1549 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1550 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1551 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1552 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1553 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1554 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1555 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1556 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1557 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1558 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1559 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1560 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1561};
1562
1563static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1564 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1565 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1566 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1567 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1568 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1569 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1570 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1571 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1572 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1573 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1574 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1575 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1576 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1577 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1578 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1579 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1580 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1581 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1582 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1583 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1584};
1585
1586/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1587 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1588static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1589 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1590 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1591};
1592
1593static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1594 0x00
1595};
1596
1597static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1598 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1599 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1600 0x20
1601};
1602
1603static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1604 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1605 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1606 0x97
1607};
1608
1609#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1610#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1611static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1612 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1613 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1614 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1615 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1616};
1617
1618static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1619 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1620 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1621 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1622 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1623};
1624
1625#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1626#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1627static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1628 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1629 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1630 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1631 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1632};
1633
1634static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1635 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1636 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1637 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1638 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1639};
1640
1641#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
1642#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
1643static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
1644 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1645 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1646 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1647 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1648 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1649 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
1650};
1651
1652static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
1653 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1654 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1655 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
1656 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
1657 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1658 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
1659};
1660
1661#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
1662#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
1663static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
1664 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1665 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1666 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1667 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1668 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1669 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1670};
1671
1672static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
1673 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1674 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1675 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1676 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1677 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1678 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1679};
1680
1681#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
1682#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
1683static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
1684 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1685 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1686 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1687 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1688 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1689 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
1690 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
1691 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
1692};
1693
1694static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
1695 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1696 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1697 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1698 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1699 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
1700 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
1701 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
1702 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
1703};
1704
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]1705/*
1706 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
1707 * 80 bytes of data, processed in two steps (32 + 48).
1708 */
1709
1710#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
1711
1712static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
1713 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
1714 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
1715};
1716
1717static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
1718 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
1719 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
1720 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
1721 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
1722 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
1723 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
1724 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
1725 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
1726 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
1727 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
1728};
1729
1730/*
1731 * Ciphertext was generated by an online tool for AES CBC.
1732 * Since the input size is a multiple of the block size, and the ciphertext
1733 * format is CS3, the output is the same as plain AES CBC with the last
1734 * two blocks swapped.
1735 */
1736static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
1737 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
1738 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
1739 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
1740 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
1741 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
1742 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
1743 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
1744 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
1745 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
1746 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
1747};
1748
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1749static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
1750 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
1751 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
1752 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
1753 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
1754 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
1755 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
1756};
1757
1758static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
1759 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
1760};
1761
1762static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
1763 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
1764 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
1765 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
1766 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
1767 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
1768 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
1769};
1770
1771static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
1772 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
1773 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
1774 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
1775 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
1776 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
1777 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
1778};
1779
1780static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
1781 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
1782 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
1783 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
1784 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
1785 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
1786 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
1787};
1788
1789static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
1790 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
1791 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
1792 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
1793 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
1794 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
1795 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
1796};
1797
1798static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
1799 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
1800 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
1801 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
1802 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
1803 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
1804 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
1805};
1806
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]1807/* SM4 ECB */
1808
1809static const uint8_t ciph_data_sm4_key1[] = {
1810 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1811 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1812};
1813
1814static const uint8_t ciph_data_sm4_in1[] = {
1815 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1816 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1817};
1818
1819static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
1820 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
1821 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
1822};
1823
1824/*
1825 * SM4 CBC
1826 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
1827 */
1828static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
1829 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1830 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1831};
1832
1833static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
1834 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1835 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1836};
1837
1838static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
1839 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1840 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1841 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1842 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1843};
1844
1845static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
1846 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
1847 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
1848 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
1849 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
1850};
1851
1852/*
1853 * SM4 CBC
1854 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
1855 */
1856static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
1857 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1858 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1859};
1860
1861static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
1862 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1863 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1864};
1865
1866static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
1867 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1868 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
1869 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
1870 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
1871};
1872
1873static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
1874 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
1875 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
1876 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
1877 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
1878};
1879
1880/*
1881 * SM4 CTR
1882 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
1883 */
1884static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
1885 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1886 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1887};
1888
1889static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
1890 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1891 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1892};
1893
1894static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
1895 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1896 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1897 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1898 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1899 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1900 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1901 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1902 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1903};
1904
1905static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
1906 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
1907 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
1908 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
1909 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
1910 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
1911 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
1912 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
1913 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
1914};
1915
1916/*
1917 * SM4 CTR
1918 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
1919 */
1920static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
1921 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
1922 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
1923};
1924
1925static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
1926 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1927 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1928};
1929
1930static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
1931 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1932 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1933 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
1934 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1935 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
1936 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1937 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1938 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
1939};
1940
1941static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
1942 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
1943 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
1944 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
1945 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
1946 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
1947 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
1948 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
1949 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
1950};
1951
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1952struct xtest_ciph_case {
1953 uint32_t algo;
1954 uint32_t mode;
1955 uint32_t key_type;
1956 const uint8_t *key1;
1957 size_t key1_len;
1958 const uint8_t *key2;
1959 size_t key2_len;
1960 const uint8_t *iv;
1961 size_t iv_len;
1962 size_t in_incr;
1963 const uint8_t *in;
1964 size_t in_len;
1965 const uint8_t *out;
1966 size_t out_len;
1967 size_t line;
1968};
1969
1970#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
1971 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1972 NULL, 0, NULL, 0, \
1973 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
1974 __LINE__ }, \
1975 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1976 NULL, 0, NULL, 0, \
1977 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
1978
1979#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
1980 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
1981 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
1982 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
1983 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
1984 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
1985 (ptx), ARRAY_SIZE(ptx), __LINE__ }
1986
1987#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
1988 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
1989 ciph_data_aes_xts_ ## vect ## _key1, \
1990 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
1991 ciph_data_aes_xts_ ## vect ## _key2, \
1992 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
1993 ciph_data_aes_xts_ ## vect ## _iv, \
1994 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
1995 (in_incr), \
1996 ciph_data_aes_xts_ ## vect ## _ptx, \
1997 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
1998 ciph_data_aes_xts_ ## vect ## _ctx, \
1999 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2000 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2001 ciph_data_aes_xts_ ## vect ## _key1, \
2002 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2003 ciph_data_aes_xts_ ## vect ## _key2, \
2004 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2005 ciph_data_aes_xts_ ## vect ## _iv, \
2006 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2007 (in_incr), \
2008 ciph_data_aes_xts_ ## vect ## _ctx, \
2009 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2010 ciph_data_aes_xts_ ## vect ## _ptx, \
2011 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2012
2013#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2014 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2015 ciph_data_aes_cbc_ ## vect ## _key, \
2016 ciph_data_aes_cbc_ ## vect ## _iv, \
2017 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2018 ciph_data_aes_cbc_ ## vect ## _ctx)
2019
2020#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2021 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2022 ciph_data_aes_cts_ ## vect ## _key, \
2023 ciph_data_aes_cts_ ## vect ## _iv, \
2024 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2025 ciph_data_aes_cts_ ## vect ## _ctx)
2026
2027static const struct xtest_ciph_case ciph_cases[] = {
2028 /* AES */
2029 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2030 ciph_data_aes_key1, 11, ciph_data_in1,
2031 ciph_data_aes_ecb_nopad_out1),
2032 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2033 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2034 ciph_data_in1,
2035 ciph_data_aes_cbc_nopad_out1),
2036 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2037 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2038 ciph_data_in1,
2039 ciph_data_aes_ctr_out1),
2040 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2041 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2042 ciph_data_in3,
2043 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2044 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2045 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2046 ciph_data_in3,
2047 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2048 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2049 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2050 ciph_data_in4,
2051 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2052 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2053 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2054 ciph_data_in5,
2055 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2056
2057 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2058 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2059
2060 /* AES-CTS */
2061 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2062 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2063 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2064 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2065 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2066 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2067 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2068 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2069
2070 /* DES */
2071 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2072 ciph_data_des_key1, 14, ciph_data_in1,
2073 ciph_data_des_ecb_nopad_out1),
2074 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2075 ciph_data_des_key2, 3, ciph_data_in2,
2076 ciph_data_des_ecb_nopad_out2),
2077 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2078 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2079 ciph_data_des_cbc_nopad_out1),
2080
2081 /* DES3 */
2082 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2083 ciph_data_des3_key1, 11, ciph_data_in1,
2084 ciph_data_des3_ecb_nopad_out1),
2085 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2086 ciph_data_des3_key2, 3, ciph_data_in2,
2087 ciph_data_des_ecb_nopad_out2),
2088 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2089 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2090 ciph_data_in1,
2091 ciph_data_des3_cbc_nopad_out1),
2092
2093 /* DES2 */
2094 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2095 ciph_data_des2_key1, 11, ciph_data_in1,
2096 ciph_data_des2_ecb_nopad_out1),
2097 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2098 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2099 ciph_data_in1,
2100 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2101
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2102 /* AES-XTS */
2103 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2104 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2105 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2106 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2107 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2108 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2109 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2110 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2111 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2112 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2113 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2114 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2115 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2116 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2117 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2118 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2119 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2120 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2121 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2122
2123 /* SM4 */
2124 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2125 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2126 ciph_data_sm4_ecb_nopad_out1),
2127 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2128 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2129 11, ciph_data_sm4_cbc_a221_in,
2130 ciph_data_sm4_cbc_a221_out),
2131 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2132 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2133 11, ciph_data_sm4_cbc_a222_in,
2134 ciph_data_sm4_cbc_a222_out),
2135 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2136 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2137 11, ciph_data_sm4_ctr_a251_in,
2138 ciph_data_sm4_ctr_a251_out),
2139 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2140 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2141 11, ciph_data_sm4_ctr_a252_in,
2142 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2143};
2144
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2145static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2146{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2147 TEEC_Session session = { };
2148 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2149 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2150 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2151 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2152 uint8_t out[2048] = { };
2153 size_t out_size = 0;
2154 size_t out_offs = 0;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2155 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2156 uint32_t ret_orig = 0;
2157 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2158
2159 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2160 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2161 &ret_orig)))
2162 return;
2163
2164 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2165 TEE_Attribute key_attr = { };
2166 size_t key_size = 0;
2167 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2168
Jerome Forissier817d99f2020-01-22 16:33:12 +0100[diff] [blame]2169 switch (ciph_cases[n].algo) {
2170 case TEE_ALG_SM4_CTR:
2171 case TEE_ALG_SM4_CBC_NOPAD:
2172 case TEE_ALG_SM4_ECB_NOPAD:
2173 if (!ta_crypt_cmd_is_algo_supported(c, &session,
2174 ciph_cases[n].algo, TEE_CRYPTO_ELEMENT_NONE)) {
2175 Do_ADBG_Log("SM4 not supported: skip subcase");
2176 continue;
2177 }
2178 break;
2179 default:
2180 break;
2181 }
2182
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2183 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2184 (int)n, (unsigned int)ciph_cases[n].algo,
2185 (int)ciph_cases[n].line);
2186
2187 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2188 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2189 key_attr.content.ref.length = ciph_cases[n].key1_len;
2190
2191 key_size = key_attr.content.ref.length * 8;
2192 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2193 ciph_cases[n].key_type == TEE_TYPE_DES3)
2194 /* Exclude parity in bit size of key */
2195 key_size -= key_size / 8;
2196
2197 op_key_size = key_size;
2198 if (ciph_cases[n].key2 != NULL)
2199 op_key_size *= 2;
2200
2201 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2202 ta_crypt_cmd_allocate_operation(c, &session, &op,
2203 ciph_cases[n].algo, ciph_cases[n].mode,
2204 op_key_size)))
2205 goto out;
2206
2207 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2208 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2209 ciph_cases[n].algo, ciph_cases[n].mode,
2210 op_key_size)))
2211 goto out;
2212
2213 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2214 ta_crypt_cmd_allocate_transient_object(c, &session,
2215 ciph_cases[n].key_type, key_size,
2216 &key1_handle)))
2217 goto out;
2218
2219 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2220 ta_crypt_cmd_populate_transient_object(c, &session,
2221 key1_handle, &key_attr, 1)))
2222 goto out;
2223
2224 if (ciph_cases[n].key2 != NULL) {
2225 key_attr.content.ref.buffer =
2226 (void *)ciph_cases[n].key2;
2227 key_attr.content.ref.length = ciph_cases[n].key2_len;
2228
2229 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2230 ta_crypt_cmd_allocate_transient_object(c,
2231 &session, ciph_cases[n].key_type,
2232 key_attr.content.ref.length * 8,
2233 &key2_handle)))
2234 goto out;
2235
2236 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2237 ta_crypt_cmd_populate_transient_object(c,
2238 &session, key2_handle, &key_attr, 1)))
2239 goto out;
2240
2241 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2242 ta_crypt_cmd_set_operation_key2(c, &session, op,
2243 key1_handle, key2_handle)))
2244 goto out;
2245 } else {
2246 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2247 ta_crypt_cmd_set_operation_key(c, &session, op,
2248 key1_handle)))
2249 goto out;
2250 }
2251
2252 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2253 ta_crypt_cmd_free_transient_object(c, &session,
2254 key1_handle)))
2255 goto out;
2256 key1_handle = TEE_HANDLE_NULL;
2257
2258 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2259 ta_crypt_cmd_free_transient_object(c, &session,
2260 key2_handle)))
2261 goto out;
2262 key2_handle = TEE_HANDLE_NULL;
2263
2264 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2265 ta_crypt_cmd_cipher_init(c, &session, op,
2266 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2267 goto out;
2268
2269 out_offs = 0;
2270 out_size = sizeof(out);
2271 memset(out, 0, sizeof(out));
2272 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2273 ta_crypt_cmd_cipher_update(c, &session, op,
2274 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2275 &out_size)))
2276 goto out;
2277
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2278 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2279 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2280 ciph_cases[n].in_incr);
2281
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2282 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2283 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2284 goto out;
2285
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2286 out_offs += out_size;
2287 out_size = sizeof(out) - out_offs;
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2288 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2289
2290 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2291 ta_crypt_cmd_cipher_do_final(c, &session, op,
2292 ciph_cases[n].in + ciph_cases[n].in_incr,
2293 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2294 out + out_offs,
2295 &out_size)))
2296 goto out;
2297
2298 out_offs += out_size;
2299
2300 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2301 ciph_cases[n].out_len, out, out_offs);
2302
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2303 /* test on the copied op2 */
2304 out_size = sizeof(out) - out_offs2;
2305
2306 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2307 ta_crypt_cmd_cipher_do_final(c, &session, op2,
2308 ciph_cases[n].in + ciph_cases[n].in_incr,
2309 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2310 out + out_offs2,
2311 &out_size)))
2312 goto out;
2313
2314 out_offs2 += out_size;
2315
2316 ADBG_EXPECT_BUFFER(c, ciph_cases[n].out, ciph_cases[n].out_len,
2317 out, out_offs2);
2318
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2319 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2320 ta_crypt_cmd_free_operation(c, &session, op)))
2321 goto out;
2322
Jens Wiklander93ff0a52020-12-14 12:45:02 +0100[diff] [blame]2323 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2324 ta_crypt_cmd_free_operation(c, &session, op2)))
2325 goto out;
2326
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2327 Do_ADBG_EndSubCase(c, NULL);
2328 }
2329out:
2330 TEEC_CloseSession(&session);
2331}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2332ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2333 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2334
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2335static void xtest_tee_test_4004(ADBG_Case_t *c)
2336{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2337 TEEC_Session session = { };
2338 uint32_t ret_orig = 0;
2339 uint8_t buf1[45] = { };
2340 uint8_t buf2[45] = { };
2341 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2342
2343 Do_ADBG_BeginSubCase(c, "TEE get random");
2344 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2345 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2346 &ret_orig)))
2347 return;
2348
2349 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2350 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2351 sizeof(buf1))))
2352 goto out;
2353
2354 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2355 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2356
2357 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2358 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2359 sizeof(buf2))))
2360 goto out;
2361
2362 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2363 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2364
2365 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2366 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2367out:
2368 TEEC_CloseSession(&session);
2369 Do_ADBG_EndSubCase(c, "TEE get random");
2370}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2371ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2372 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2373
2374struct xtest_ae_case {
2375 uint32_t algo;
2376 uint32_t mode;
2377 uint32_t key_type;
2378 const uint8_t *key;
2379 size_t key_len;
2380 const uint8_t *nonce;
2381 size_t nonce_len;
2382 size_t aad_incr;
2383 const uint8_t *aad;
2384 size_t aad_len;
2385 size_t in_incr;
2386 const uint8_t *ptx;
2387 size_t ptx_len;
2388 const uint8_t *ctx;
2389 size_t ctx_len;
2390 const uint8_t *tag;
2391 size_t tag_len;
2392 size_t line;
2393};
2394
2395
2396#define ARRAY(a) a, ARRAY_SIZE(a)
2397#define NULL_ARRAY(a) NULL, 0
2398
2399#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2400 aad_array, ptx_array, ctx_array) \
2401 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2402 ARRAY(vect ## _nonce), (aad_incr), \
2403 aad_array(vect ## _aad), (in_incr), \
2404 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2405 ARRAY(vect ## _tag), \
2406 __LINE__ }, \
2407 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2408 ARRAY(vect ## _nonce), (aad_incr), \
2409 aad_array(vect ## _aad), (in_incr), \
2410 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2411 ARRAY(vect ## _tag), \
2412 __LINE__ }
2413
2414#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2415 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2416 in_incr, ARRAY, ARRAY, ARRAY)
2417
2418#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2419 aad_array, ptx_array, ctx_array) \
2420 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2421 in_incr, aad_array, ptx_array, ctx_array)
2422
2423
2424
2425static const struct xtest_ae_case ae_cases[] = {
2426 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2427 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2428 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2429
2430 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2431 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2432 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2433 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2434 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2435 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2436 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2437 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2438 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2439 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2440 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2441 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2442 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2443 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2444 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2445 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2446 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2447 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2448 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2449#ifdef CFG_GCM_NIST_VECTORS
2450#include "gcmDecrypt128.h"
2451#include "gcmDecrypt192.h"
2452#include "gcmDecrypt256.h"
2453#include "gcmEncryptExtIV128.h"
2454#include "gcmEncryptExtIV192.h"
2455#include "gcmEncryptExtIV256.h"
2456#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2457};
2458
2459static void xtest_tee_test_4005(ADBG_Case_t *c)
2460{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2461 TEEC_Session session = { };
2462 TEE_OperationHandle op = TEE_HANDLE_NULL;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2463 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2464 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2465 TEE_Attribute key_attr = { };
2466 uint8_t out[512] = { };
2467 size_t out_size = 0;
2468 size_t out_offs = 0;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2469 size_t out_offs2 = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2470 uint32_t ret_orig = 0;
2471 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2472
2473 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2474 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2475 &ret_orig)))
2476 return;
2477
2478 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2479 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2480 (int)n, (unsigned int)ae_cases[n].algo,
2481 (int)ae_cases[n].line);
2482
2483 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2484 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2485 key_attr.content.ref.length = ae_cases[n].key_len;
2486
2487 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2488 ta_crypt_cmd_allocate_operation(c, &session, &op,
2489 ae_cases[n].algo, ae_cases[n].mode,
2490 key_attr.content.ref.length * 8)))
2491 goto out;
2492
2493 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2494 ta_crypt_cmd_allocate_operation(c, &session, &op2,
2495 ae_cases[n].algo, ae_cases[n].mode,
2496 key_attr.content.ref.length * 8)))
2497 goto out;
2498
2499 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2500 ta_crypt_cmd_allocate_transient_object(c, &session,
2501 ae_cases[n].key_type,
2502 key_attr.content.ref.length * 8,
2503 &key_handle)))
2504 goto out;
2505
2506 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2507 ta_crypt_cmd_populate_transient_object(c, &session,
2508 key_handle, &key_attr, 1)))
2509 goto out;
2510
2511 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2512 ta_crypt_cmd_set_operation_key(c, &session, op,
2513 key_handle)))
2514 goto out;
2515
2516 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2517 ta_crypt_cmd_free_transient_object(c, &session,
2518 key_handle)))
2519 goto out;
2520 key_handle = TEE_HANDLE_NULL;
2521
2522 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2523 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2524 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2525 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2526 goto out;
2527
2528 if (ae_cases[n].aad != NULL) {
2529 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2530 ta_crypt_cmd_ae_update_aad(c, &session, op,
2531 ae_cases[n].aad, ae_cases[n].aad_incr)))
2532 goto out;
2533
2534 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2535 ta_crypt_cmd_ae_update_aad(c, &session, op,
2536 ae_cases[n].aad + ae_cases[n].aad_incr,
2537 ae_cases [n].aad_len -
2538 ae_cases[n].aad_incr)))
2539 goto out;
2540 }
2541
2542 out_offs = 0;
2543 out_size = sizeof(out);
2544 memset(out, 0, sizeof(out));
2545 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2546 if (ae_cases[n].ptx != NULL) {
2547 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2548 ta_crypt_cmd_ae_update(c, &session, op,
2549 ae_cases[n].ptx,
2550 ae_cases[n].in_incr, out,
2551 &out_size)))
2552 goto out;
2553 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2554 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2555 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2556 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2557 }
2558 } else {
2559 if (ae_cases[n].ctx != NULL) {
2560 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2561 ta_crypt_cmd_ae_update(c, &session, op,
2562 ae_cases[n].ctx,
2563 ae_cases[n].in_incr, out,
2564 &out_size)))
2565 goto out;
2566 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2567 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2568 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2569 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2570 }
2571 }
2572
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2573 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2574 ta_crypt_cmd_copy_operation(c, &session, op2, op)))
2575 goto out;
2576
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2577 out_size = sizeof(out) - out_offs;
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2578 out_offs2 = out_offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2579 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2580 uint8_t out_tag[64];
2581 size_t out_tag_len = MIN(sizeof(out_tag),
2582 ae_cases[n].tag_len);
2583
2584 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2585 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2586 ae_cases[n].ptx + ae_cases[n].in_incr,
2587 ae_cases[n].ptx_len -
2588 ae_cases[n].in_incr,
2589 out + out_offs,
2590 &out_size, out_tag, &out_tag_len)))
2591 goto out;
2592
2593 (void)ADBG_EXPECT_BUFFER(c,
2594 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2595 out_tag_len);
2596
2597 out_offs += out_size;
2598
2599 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2600 ae_cases[n].ctx_len, out, out_offs);
2601 } else {
2602 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2603 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2604 ae_cases[n].ctx + ae_cases[n].in_incr,
2605 ae_cases[n].ctx_len -
2606 ae_cases[n].in_incr,
2607 out + out_offs,
2608 &out_size, ae_cases[n].tag,
2609 ae_cases[n].tag_len)))
2610 goto out;
2611
2612 out_offs += out_size;
2613
2614 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2615 ae_cases[n].ptx_len, out, out_offs);
2616 }
2617
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2618 /* test on the copied op2 */
2619 out_size = sizeof(out) - out_offs2;
2620 memset(out + out_offs2, 0, out_size);
2621 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2622 uint8_t out_tag[64] = { 0 };
2623 size_t out_tag_len = MIN(sizeof(out_tag),
2624 ae_cases[n].tag_len);
2625
2626 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2627 ta_crypt_cmd_ae_encrypt_final(c, &session, op2,
2628 ae_cases[n].ptx + ae_cases[n].in_incr,
2629 ae_cases[n].ptx_len -
2630 ae_cases[n].in_incr,
2631 out + out_offs2,
2632 &out_size, out_tag, &out_tag_len)))
2633 goto out;
2634
2635 ADBG_EXPECT_BUFFER(c, ae_cases[n].tag,
2636 ae_cases[n].tag_len, out_tag,
2637 out_tag_len);
2638
2639 out_offs2 += out_size;
2640
2641 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2642 ae_cases[n].ctx_len, out, out_offs2);
2643 } else {
2644 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2645 ta_crypt_cmd_ae_decrypt_final(c, &session, op2,
2646 ae_cases[n].ctx + ae_cases[n].in_incr,
2647 ae_cases[n].ctx_len -
2648 ae_cases[n].in_incr,
2649 out + out_offs2,
2650 &out_size, ae_cases[n].tag,
2651 ae_cases[n].tag_len)))
2652 goto out;
2653
2654 out_offs2 += out_size;
2655
2656 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2657 ae_cases[n].ptx_len, out, out_offs2);
2658 }
2659
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2660 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2661 ta_crypt_cmd_free_operation(c, &session, op)))
2662 goto out;
2663
Jens Wiklander7404c072020-12-15 08:06:32 +0100[diff] [blame]2664 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2665 ta_crypt_cmd_free_operation(c, &session, op2)))
2666 goto out;
2667
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2668 Do_ADBG_EndSubCase(c, NULL);
2669 }
2670out:
2671 TEEC_CloseSession(&session);
2672}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2673ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
2674 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2675
2676struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2677 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2678 uint32_t algo;
2679 TEE_OperationMode mode;
2680
2681 union {
2682 struct {
2683 const uint8_t *modulus;
2684 size_t modulus_len;
2685
2686 const uint8_t *pub_exp;
2687 size_t pub_exp_len;
2688
2689 const uint8_t *priv_exp;
2690 size_t priv_exp_len;
2691
2692 const uint8_t *prime1; /* q */
2693 size_t prime1_len;
2694 const uint8_t *prime2; /* p */
2695 size_t prime2_len;
2696 const uint8_t *exp1; /* dp */
2697 size_t exp1_len;
2698 const uint8_t *exp2; /* dq */
2699 size_t exp2_len;
2700 const uint8_t *coeff; /* iq */
2701 size_t coeff_len;
2702
2703 int salt_len;
2704 } rsa;
2705 struct {
2706 const uint8_t *prime;
2707 size_t prime_len;
2708 const uint8_t *sub_prime;
2709 size_t sub_prime_len;
2710 const uint8_t *base;
2711 size_t base_len;
2712 const uint8_t *pub_val;
2713 size_t pub_val_len;
2714 const uint8_t *priv_val;
2715 size_t priv_val_len;
2716 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2717 struct {
2718 const uint8_t *private;
2719 size_t private_len;
2720 const uint8_t *public_x;
2721 size_t public_x_len;
2722 const uint8_t *public_y;
2723 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2724 } ecc;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2725 } params;
2726
2727 const uint8_t *ptx;
2728 size_t ptx_len;
2729 const uint8_t *ctx;
2730 size_t ctx_len;
2731 size_t line;
2732};
2733
2734#define WITHOUT_SALT(x) -1
2735#define WITH_SALT(x) x
2736
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2737#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2738 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2739 ARRAY(vect ## _ptx), \
2740 ARRAY(vect ## _out), \
2741 __LINE__ }
2742
2743#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2744 { .rsa = { \
2745 ARRAY(vect ## _modulus), \
2746 ARRAY(vect ## _pub_exp), \
2747 ARRAY(vect ## _priv_exp), \
2748 opt_crt_array(vect ## _prime1), \
2749 opt_crt_array(vect ## _prime2), \
2750 opt_crt_array(vect ## _exp1), \
2751 opt_crt_array(vect ## _exp2), \
2752 opt_crt_array(vect ## _coeff), \
2753 opt_salt(vect ## _salt_len) \
2754 } }
2755
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2756#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2757 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2758 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2759
2760#define XTEST_AC_DSA_UNION(vect) \
2761 { .dsa = { \
2762 ARRAY(vect ## _prime), \
2763 ARRAY(vect ## _sub_prime), \
2764 ARRAY(vect ## _base), \
2765 ARRAY(vect ## _pub_val), \
2766 ARRAY(vect ## _priv_val), \
2767 } }
2768
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2769#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2770 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2771
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2772#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2773 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2774 ARRAY(vect ## _private), \
2775 ARRAY(vect ## _public_x), \
2776 ARRAY(vect ## _public_y), \
2777 } }
2778
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]2779#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2780 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2781
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2782static const struct xtest_ac_case xtest_ac_cases[] = {
2783 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2784 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2785 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2786 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2787 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2788 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2789 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2790 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2791 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2792 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2793 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2794 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2795 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2796 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2797 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2798 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2799 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2800 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2801 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2802 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2803 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2804 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2805 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2806 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2807 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2808 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2809 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2810 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2811 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2812 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2813 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2814 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2815 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2816 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2817 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2818 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2819 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2820 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2821 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2822 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2823 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2824
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2825 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2826 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2827 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2828 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2829
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]2830#ifdef CFG_CRYPTO_RSASSA_NA1
2831 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
2832 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2833 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
2834 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2835#endif
2836
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2837 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2838 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2839 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2840 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2841
2842 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2843 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2844 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2845 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2846
2847 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2848 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2849 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2850 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
2851
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2852 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2853 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2854 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2855 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2856 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2857
2858 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2859 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2860 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2861 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2862 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2863 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2864
2865 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2866 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2867 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2868 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2869 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2870 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2871
2872 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2873 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2874 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2875 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2876 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2877 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2878
2879 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2880 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2881 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2882 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2883 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2884 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
2885
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2886 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2887 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2888 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2889 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2890 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2891 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2892 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2893 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2894 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2895 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2896 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2897 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
2898
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2899 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2900 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2901 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2902 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2903 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2904 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2905 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2906 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2907 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2908 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2909 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2910 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2911 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2912 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2913 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2914 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2915 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2916 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
2917
2918 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2919 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2920 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2921 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2922 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2923 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2924 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2925 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2926 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2927 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2928 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2929 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2930 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2931 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2932 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2933 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2934 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2935 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2936 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2937 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2938 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2939 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2940 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2941 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2942 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2943 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2944 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2945 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2946 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2947 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2948 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2949 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2950 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2951 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2952 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2953 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2954 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2955 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2956 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2957 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2958 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2959 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2960 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2961 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2962 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
2963
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2964 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2965 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2966 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2967 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2968 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2969 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2970 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2971 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2972 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2973 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2974 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2975 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2976 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2977 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2978 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2979 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2980 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2981 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2982 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2983 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2984 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2985 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2986 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2987 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2988 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2989 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2990 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2991 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2992 ac_rsassa_vect15, ARRAY, WITH_SALT),
2993
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2994 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2995 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2996 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2997 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2998 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2999 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3000 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3001 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3002 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3003 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3004 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3005 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3006
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3007 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3008 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3009 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3010 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3011 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3012 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3013 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3014 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3015 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3016 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3017 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3018 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3019 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3020 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3021 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3022 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3023 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3024 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3025
3026 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3027 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3028 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3029 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3030 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3031 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3032 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3033 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3034 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3035 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3036 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3037 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3038 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3039 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3040 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3041 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3042 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3043 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3044 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3045 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3046 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3047 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3048 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3049 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3050 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3051 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3052 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3053 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3054 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3055 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3056 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3057 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3058 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3059 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3060 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3061 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3062 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3063 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3064 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3065 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3066 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3067 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3068 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3069 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3070 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3071 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3072 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3073 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3074 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3075 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3076 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3077 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3078 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3079 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3080 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3081 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3082 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3083 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3084 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3085 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3086 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3087 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3088 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3089 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3090 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3091 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3092 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3093 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3094 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3095 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3096 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3097 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3098 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3099 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3100 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3101 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3102 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3103 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3104 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3105 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3106 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3107 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3108 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3109 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3110 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3111 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3112 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3113 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3114 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3115 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3116 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3117 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3118 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3119 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3120 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3121 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3122 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3123 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3124 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3125 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3126 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3127 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3128 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3129 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3130 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3131 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3132 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3133 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3134 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3135 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3136 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3137 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3138 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3139 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3140 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3141 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3142 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3143 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3144 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3145 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3146 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3147 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3148 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3149 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3150 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3151 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3152 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3153 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3154 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3155 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3156 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3157 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3158 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3159 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3160 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3161 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3162 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3163 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3164 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3165 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3166 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3167 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3168 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3169 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3170 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3171 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3172 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3173 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3174 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3175 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3176 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3177 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3178 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3179 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3180 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3181 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3182 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3183 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3184 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3185 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3186 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3187 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3188 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3189 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3190 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3191 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3192 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3193 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3194 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3195 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3196 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3197 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3198 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3199 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3200 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3201 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3202 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3203 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3204 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3205 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3206 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3207 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3208 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3209 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3210 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3211 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3212 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3213 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3214 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3215 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3216 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3217 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3218 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3219 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3220 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3221 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3222 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3223 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3224 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3225 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3226 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3227
3228 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3229 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3230 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3231 nist_186_2_ecdsa_testvector_1),
3232 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3233 nist_186_2_ecdsa_testvector_1),
3234 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3235 nist_186_2_ecdsa_testvector_2),
3236 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3237 nist_186_2_ecdsa_testvector_2),
3238 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3239 nist_186_2_ecdsa_testvector_3),
3240 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3241 nist_186_2_ecdsa_testvector_3),
3242 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3243 nist_186_2_ecdsa_testvector_4),
3244 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3245 nist_186_2_ecdsa_testvector_4),
3246 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3247 nist_186_2_ecdsa_testvector_5),
3248 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3249 nist_186_2_ecdsa_testvector_5),
3250 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3251 nist_186_2_ecdsa_testvector_6),
3252 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3253 nist_186_2_ecdsa_testvector_6),
3254 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3255 nist_186_2_ecdsa_testvector_7),
3256 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3257 nist_186_2_ecdsa_testvector_7),
3258 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3259 nist_186_2_ecdsa_testvector_8),
3260 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3261 nist_186_2_ecdsa_testvector_8),
3262 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3263 nist_186_2_ecdsa_testvector_9),
3264 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3265 nist_186_2_ecdsa_testvector_9),
3266 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3267 nist_186_2_ecdsa_testvector_10),
3268 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3269 nist_186_2_ecdsa_testvector_10),
3270 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3271 nist_186_2_ecdsa_testvector_11),
3272 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3273 nist_186_2_ecdsa_testvector_11),
3274 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3275 nist_186_2_ecdsa_testvector_12),
3276 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3277 nist_186_2_ecdsa_testvector_12),
3278 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3279 nist_186_2_ecdsa_testvector_13),
3280 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3281 nist_186_2_ecdsa_testvector_13),
3282 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3283 nist_186_2_ecdsa_testvector_14),
3284 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3285 nist_186_2_ecdsa_testvector_14),
3286 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3287 nist_186_2_ecdsa_testvector_15),
3288 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3289 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3290 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3291 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3292 nist_186_2_ecdsa_testvector_16),
3293 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3294 nist_186_2_ecdsa_testvector_16),
3295 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3296 nist_186_2_ecdsa_testvector_17),
3297 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3298 nist_186_2_ecdsa_testvector_17),
3299 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3300 nist_186_2_ecdsa_testvector_18),
3301 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3302 nist_186_2_ecdsa_testvector_18),
3303 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3304 nist_186_2_ecdsa_testvector_19),
3305 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3306 nist_186_2_ecdsa_testvector_19),
3307 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3308 nist_186_2_ecdsa_testvector_20),
3309 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3310 nist_186_2_ecdsa_testvector_20),
3311 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3312 nist_186_2_ecdsa_testvector_21),
3313 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3314 nist_186_2_ecdsa_testvector_21),
3315 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3316 nist_186_2_ecdsa_testvector_22),
3317 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3318 nist_186_2_ecdsa_testvector_22),
3319 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3320 nist_186_2_ecdsa_testvector_23),
3321 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3322 nist_186_2_ecdsa_testvector_23),
3323 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3324 nist_186_2_ecdsa_testvector_24),
3325 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3326 nist_186_2_ecdsa_testvector_24),
3327 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3328 nist_186_2_ecdsa_testvector_25),
3329 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3330 nist_186_2_ecdsa_testvector_25),
3331 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3332 nist_186_2_ecdsa_testvector_26),
3333 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3334 nist_186_2_ecdsa_testvector_26),
3335 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3336 nist_186_2_ecdsa_testvector_27),
3337 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3338 nist_186_2_ecdsa_testvector_27),
3339 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3340 nist_186_2_ecdsa_testvector_28),
3341 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3342 nist_186_2_ecdsa_testvector_28),
3343 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3344 nist_186_2_ecdsa_testvector_29),
3345 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3346 nist_186_2_ecdsa_testvector_29),
3347 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3348 nist_186_2_ecdsa_testvector_30),
3349 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3350 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3351 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3352 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3353 nist_186_2_ecdsa_testvector_31),
3354 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3355 nist_186_2_ecdsa_testvector_31),
3356 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3357 nist_186_2_ecdsa_testvector_32),
3358 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3359 nist_186_2_ecdsa_testvector_32),
3360 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3361 nist_186_2_ecdsa_testvector_33),
3362 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3363 nist_186_2_ecdsa_testvector_33),
3364 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3365 nist_186_2_ecdsa_testvector_34),
3366 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3367 nist_186_2_ecdsa_testvector_34),
3368 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3369 nist_186_2_ecdsa_testvector_35),
3370 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3371 nist_186_2_ecdsa_testvector_35),
3372 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3373 nist_186_2_ecdsa_testvector_36),
3374 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3375 nist_186_2_ecdsa_testvector_36),
3376 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3377 nist_186_2_ecdsa_testvector_37),
3378 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3379 nist_186_2_ecdsa_testvector_37),
3380 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3381 nist_186_2_ecdsa_testvector_38),
3382 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3383 nist_186_2_ecdsa_testvector_38),
3384 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3385 nist_186_2_ecdsa_testvector_39),
3386 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3387 nist_186_2_ecdsa_testvector_39),
3388 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3389 nist_186_2_ecdsa_testvector_40),
3390 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3391 nist_186_2_ecdsa_testvector_40),
3392 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3393 nist_186_2_ecdsa_testvector_41),
3394 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3395 nist_186_2_ecdsa_testvector_41),
3396 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3397 nist_186_2_ecdsa_testvector_42),
3398 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3399 nist_186_2_ecdsa_testvector_42),
3400 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3401 nist_186_2_ecdsa_testvector_43),
3402 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3403 nist_186_2_ecdsa_testvector_43),
3404 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3405 nist_186_2_ecdsa_testvector_44),
3406 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3407 nist_186_2_ecdsa_testvector_44),
3408 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3409 nist_186_2_ecdsa_testvector_45),
3410 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3411 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3412 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3413 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3414 nist_186_2_ecdsa_testvector_46),
3415 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3416 nist_186_2_ecdsa_testvector_46),
3417 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3418 nist_186_2_ecdsa_testvector_47),
3419 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3420 nist_186_2_ecdsa_testvector_47),
3421 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3422 nist_186_2_ecdsa_testvector_48),
3423 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3424 nist_186_2_ecdsa_testvector_48),
3425 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3426 nist_186_2_ecdsa_testvector_49),
3427 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3428 nist_186_2_ecdsa_testvector_49),
3429 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3430 nist_186_2_ecdsa_testvector_50),
3431 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3432 nist_186_2_ecdsa_testvector_50),
3433 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3434 nist_186_2_ecdsa_testvector_51),
3435 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3436 nist_186_2_ecdsa_testvector_51),
3437 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3438 nist_186_2_ecdsa_testvector_52),
3439 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3440 nist_186_2_ecdsa_testvector_52),
3441 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3442 nist_186_2_ecdsa_testvector_53),
3443 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3444 nist_186_2_ecdsa_testvector_53),
3445 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3446 nist_186_2_ecdsa_testvector_54),
3447 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3448 nist_186_2_ecdsa_testvector_54),
3449 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3450 nist_186_2_ecdsa_testvector_55),
3451 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3452 nist_186_2_ecdsa_testvector_55),
3453 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3454 nist_186_2_ecdsa_testvector_56),
3455 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3456 nist_186_2_ecdsa_testvector_56),
3457 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3458 nist_186_2_ecdsa_testvector_57),
3459 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3460 nist_186_2_ecdsa_testvector_57),
3461 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3462 nist_186_2_ecdsa_testvector_58),
3463 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3464 nist_186_2_ecdsa_testvector_58),
3465 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3466 nist_186_2_ecdsa_testvector_59),
3467 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3468 nist_186_2_ecdsa_testvector_59),
3469 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3470 nist_186_2_ecdsa_testvector_60),
3471 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3472 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3473 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3474 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3475 nist_186_2_ecdsa_testvector_61),
3476 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3477 nist_186_2_ecdsa_testvector_61),
3478 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3479 nist_186_2_ecdsa_testvector_62),
3480 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3481 nist_186_2_ecdsa_testvector_62),
3482 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3483 nist_186_2_ecdsa_testvector_63),
3484 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3485 nist_186_2_ecdsa_testvector_63),
3486 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3487 nist_186_2_ecdsa_testvector_64),
3488 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3489 nist_186_2_ecdsa_testvector_64),
3490 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3491 nist_186_2_ecdsa_testvector_65),
3492 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3493 nist_186_2_ecdsa_testvector_65),
3494 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3495 nist_186_2_ecdsa_testvector_66),
3496 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3497 nist_186_2_ecdsa_testvector_66),
3498 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3499 nist_186_2_ecdsa_testvector_67),
3500 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3501 nist_186_2_ecdsa_testvector_67),
3502 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3503 nist_186_2_ecdsa_testvector_68),
3504 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3505 nist_186_2_ecdsa_testvector_68),
3506 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3507 nist_186_2_ecdsa_testvector_69),
3508 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3509 nist_186_2_ecdsa_testvector_69),
3510 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3511 nist_186_2_ecdsa_testvector_70),
3512 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3513 nist_186_2_ecdsa_testvector_70),
3514 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3515 nist_186_2_ecdsa_testvector_71),
3516 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3517 nist_186_2_ecdsa_testvector_71),
3518 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3519 nist_186_2_ecdsa_testvector_72),
3520 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3521 nist_186_2_ecdsa_testvector_72),
3522 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3523 nist_186_2_ecdsa_testvector_73),
3524 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3525 nist_186_2_ecdsa_testvector_73),
3526 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3527 nist_186_2_ecdsa_testvector_74),
3528 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3529 nist_186_2_ecdsa_testvector_74),
3530 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3531 nist_186_2_ecdsa_testvector_75),
3532 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3533 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3534 /* [K-163] - GP NOT SUPPORTED */
3535 /* [K-233] - GP NOT SUPPORTED */
3536 /* [K-283] - GP NOT SUPPORTED */
3537 /* [K-409] - GP NOT SUPPORTED */
3538 /* [K-571] - GP NOT SUPPORTED */
3539 /* [B-163] - GP NOT SUPPORTED */
3540 /* [B-233] - GP NOT SUPPORTED */
3541 /* [B-283] - GP NOT SUPPORTED */
3542 /* [B-409] - GP NOT SUPPORTED */
3543 /* [B-571] - GP NOT SUPPORTED */
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3544
3545 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3546 gmt_0003_part5_c2_sm2_testvector),
3547 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_DECRYPT,
3548 gmt_0003_part5_c2_sm2_testvector),
3549 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3550 sm2_testvector2),
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3551
3552 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_VERIFY,
3553 gmt_003_part5_a2),
3554 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_SIGN,
3555 gmt_003_part5_a2),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3556};
3557
3558static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3559 uint32_t max_key_size, uint32_t key_type,
3560 TEE_Attribute *attrs, size_t num_attrs,
3561 TEE_ObjectHandle *handle)
3562{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3563 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3564
3565 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3566 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3567 max_key_size, handle)))
3568 return false;
3569
3570 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3571 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3572 num_attrs)))
3573 return false;
3574
3575 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3576 uint8_t out[512] = { };
3577 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3578
3579 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3580 continue;
3581
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3582 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3583 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3584 attrs[n].attributeID, out, &out_size)))
3585 return false;
3586
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3587 if (out_size < attrs[n].content.ref.length) {
3588 memmove(out + (attrs[n].content.ref.length - out_size),
3589 out,
3590 attrs[n].content.ref.length);
3591 memset(out, 0, attrs[n].content.ref.length - out_size);
3592 out_size = attrs[n].content.ref.length;
3593 }
3594
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3595 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3596 attrs[n].content.ref.length, out, out_size))
3597 return false;
3598 }
3599
3600 return true;
3601}
3602
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]3603#define XTEST_NO_CURVE 0xFFFFFFFF /* implementation-defined as per GP spec */
3604
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3605static void xtest_tee_test_4006(ADBG_Case_t *c)
3606{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3607 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3608 TEE_OperationHandle op = TEE_HANDLE_NULL;
3609 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3610 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3611 TEE_Attribute key_attrs[8] = { };
3612 TEE_Attribute algo_params[1] = { };
3613 size_t num_algo_params = 0;
3614 uint8_t out[512] = { };
3615 size_t out_size = 0;
3616 uint8_t out_enc[512] = { };
3617 size_t out_enc_size = 0;
3618 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3619 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3620 size_t max_key_size = 0;
3621 size_t num_key_attrs = 0;
3622 uint32_t ret_orig = 0;
3623 size_t n = 0;
3624 uint32_t curve = 0;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3625 uint32_t pub_key_type = 0;
3626 uint32_t priv_key_type = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3627 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3628
3629 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3630 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3631 &ret_orig)))
3632 return;
3633
3634 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3635 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3636
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3637 if (tv->level > level)
3638 continue;
3639
Jerome Forissier4b03e282020-01-22 16:33:12 +0100[diff] [blame]3640 if ((tv->algo == TEE_ALG_SM2_PKE ||
3641 tv->algo == TEE_ALG_SM2_DSA_SM3) &&
3642 !ta_crypt_cmd_is_algo_supported(c, &session, tv->algo,
3643 TEE_ECC_CURVE_SM2)) {
3644 Do_ADBG_Log("SM2 not supported: skip subcase");
3645 continue;
3646 }
3647
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3648 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3649 (int)n, (unsigned int)tv->algo,
3650 (int)tv->line);
3651
3652 /*
3653 * When signing or verifying we're working with the hash of
3654 * the payload.
3655 */
3656 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3657 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3658 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3659#if defined(CFG_CRYPTO_RSASSA_NA1)
3660 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3661 hash_algo = TEE_ALG_SHA256;
3662#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3663 else
3664 hash_algo = TEE_ALG_HASH_ALGO(
3665 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3666
3667 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3668 ta_crypt_cmd_allocate_operation(c, &session,
3669 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3670 goto out;
3671
3672 ptx_hash_size = sizeof(ptx_hash);
3673 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3674 ta_crypt_cmd_digest_do_final(c, & session, op,
3675 tv->ptx, tv->ptx_len, ptx_hash,
3676 &ptx_hash_size)))
3677 goto out;
3678
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3679 /*
3680 * When we use DSA algorithms, the size of the hash we
3681 * consider equals the min between the size of the
3682 * "subprime" in the key and the size of the hash
3683 */
3684 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3685 TEE_MAIN_ALGO_DSA) {
3686 if (tv->params.dsa.sub_prime_len <=
3687 ptx_hash_size)
3688 ptx_hash_size =
3689 tv->params.dsa.sub_prime_len;
3690 }
3691
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3692 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3693 ta_crypt_cmd_free_operation(c, &session, op)))
3694 goto out;
3695 }
3696
3697 num_algo_params = 0;
3698 num_key_attrs = 0;
3699 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3700 case TEE_MAIN_ALGO_RSA:
3701 if (tv->params.rsa.salt_len > 0) {
3702 algo_params[0].attributeID =
3703 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3704 algo_params[0].content.value.a =
3705 tv->params.rsa.salt_len;
3706 algo_params[0].content.value.b = 0;
3707 num_algo_params = 1;
3708 }
3709
3710 max_key_size = tv->params.rsa.modulus_len * 8;
3711
3712 xtest_add_attr(&num_key_attrs, key_attrs,
3713 TEE_ATTR_RSA_MODULUS,
3714 tv->params.rsa.modulus,
3715 tv->params.rsa.modulus_len);
3716 xtest_add_attr(&num_key_attrs, key_attrs,
3717 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3718 tv->params.rsa.pub_exp,
3719 tv->params.rsa.pub_exp_len);
3720
3721 if (!ADBG_EXPECT_TRUE(c,
3722 create_key(c, &session,
3723 max_key_size,
3724 TEE_TYPE_RSA_PUBLIC_KEY,
3725 key_attrs,
3726 num_key_attrs,
3727 &pub_key_handle)))
3728 goto out;
3729
3730 xtest_add_attr(&num_key_attrs, key_attrs,
3731 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3732 tv->params.rsa.priv_exp,
3733 tv->params.rsa.priv_exp_len);
3734
3735 if (tv->params.rsa.prime1_len != 0) {
3736 xtest_add_attr(&num_key_attrs, key_attrs,
3737 TEE_ATTR_RSA_PRIME1,
3738 tv->params.rsa.prime1,
3739 tv->params.rsa.prime1_len);
3740 }
3741
3742 if (tv->params.rsa.prime2_len != 0) {
3743 xtest_add_attr(&num_key_attrs, key_attrs,
3744 TEE_ATTR_RSA_PRIME2,
3745 tv->params.rsa.prime2,
3746 tv->params.rsa.prime2_len);
3747 }
3748
3749 if (tv->params.rsa.exp1_len != 0) {
3750 xtest_add_attr(&num_key_attrs, key_attrs,
3751 TEE_ATTR_RSA_EXPONENT1,
3752 tv->params.rsa.exp1,
3753 tv->params.rsa.exp1_len);
3754 }
3755
3756 if (tv->params.rsa.exp2_len != 0) {
3757 xtest_add_attr(&num_key_attrs, key_attrs,
3758 TEE_ATTR_RSA_EXPONENT2,
3759 tv->params.rsa.exp2,
3760 tv->params.rsa.exp2_len);
3761 }
3762
3763 if (tv->params.rsa.coeff_len != 0) {
3764 xtest_add_attr(&num_key_attrs, key_attrs,
3765 TEE_ATTR_RSA_COEFFICIENT,
3766 tv->params.rsa.coeff,
3767 tv->params.rsa.coeff_len);
3768 }
3769
3770 if (!ADBG_EXPECT_TRUE(c,
3771 create_key(c, &session,
3772 max_key_size,
3773 TEE_TYPE_RSA_KEYPAIR,
3774 key_attrs,
3775 num_key_attrs,
3776 &priv_key_handle)))
3777 goto out;
3778 break;
3779
3780 case TEE_MAIN_ALGO_DSA:
3781 max_key_size = tv->params.dsa.prime_len * 8;
3782
3783 xtest_add_attr(&num_key_attrs, key_attrs,
3784 TEE_ATTR_DSA_PRIME,
3785 tv->params.dsa.prime,
3786 tv->params.dsa.prime_len);
3787 xtest_add_attr(&num_key_attrs, key_attrs,
3788 TEE_ATTR_DSA_SUBPRIME,
3789 tv->params.dsa.sub_prime,
3790 tv->params.dsa.sub_prime_len);
3791 xtest_add_attr(&num_key_attrs, key_attrs,
3792 TEE_ATTR_DSA_BASE,
3793 tv->params.dsa.base,
3794 tv->params.dsa.base_len);
3795 xtest_add_attr(&num_key_attrs, key_attrs,
3796 TEE_ATTR_DSA_PUBLIC_VALUE,
3797 tv->params.dsa.pub_val,
3798 tv->params.dsa.pub_val_len);
3799
3800 if (!ADBG_EXPECT_TRUE(c,
3801 create_key(c, &session, max_key_size,
3802 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3803 num_key_attrs, &pub_key_handle)))
3804 goto out;
3805
3806 xtest_add_attr(&num_key_attrs, key_attrs,
3807 TEE_ATTR_DSA_PRIVATE_VALUE,
3808 tv->params.dsa.priv_val,
3809 tv->params.dsa.priv_val_len);
3810
3811 if (!ADBG_EXPECT_TRUE(c,
3812 create_key(c, &session, max_key_size,
3813 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3814 num_key_attrs, &priv_key_handle)))
3815 goto out;
3816 break;
3817
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3818 case TEE_MAIN_ALGO_ECDSA:
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3819 case TEE_MAIN_ALGO_SM2_PKE:
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3820 case TEE_MAIN_ALGO_SM2_DSA_SM3:
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3821 switch (tv->algo) {
3822 case TEE_ALG_ECDSA_P192:
3823 curve = TEE_ECC_CURVE_NIST_P192;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3824 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3825 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3826 break;
3827 case TEE_ALG_ECDSA_P224:
3828 curve = TEE_ECC_CURVE_NIST_P224;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3829 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3830 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3831 break;
3832 case TEE_ALG_ECDSA_P256:
3833 curve = TEE_ECC_CURVE_NIST_P256;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3834 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3835 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3836 break;
3837 case TEE_ALG_ECDSA_P384:
3838 curve = TEE_ECC_CURVE_NIST_P384;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3839 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3840 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3841 break;
3842 case TEE_ALG_ECDSA_P521:
3843 curve = TEE_ECC_CURVE_NIST_P521;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3844 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
3845 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
3846 break;
3847 case TEE_ALG_SM2_PKE:
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]3848 curve = XTEST_NO_CURVE;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3849 pub_key_type = TEE_TYPE_SM2_PKE_PUBLIC_KEY;
3850 priv_key_type = TEE_TYPE_SM2_PKE_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3851 break;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3852 case TEE_ALG_SM2_DSA_SM3:
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]3853 curve = XTEST_NO_CURVE;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3854 pub_key_type = TEE_TYPE_SM2_DSA_PUBLIC_KEY;
3855 priv_key_type = TEE_TYPE_SM2_DSA_KEYPAIR;
3856 break;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3857 default:
3858 curve = 0xFF;
3859 break;
3860 }
3861
3862 if (tv->algo == TEE_ALG_ECDSA_P521)
3863 max_key_size = 521;
3864 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3865 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3866
Jerome Forissier26393882022-03-09 21:22:30 +0100[diff] [blame]3867 if (curve != XTEST_NO_CURVE)
3868 xtest_add_attr_value(&num_key_attrs, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3869 TEE_ATTR_ECC_CURVE, curve, 0);
3870 xtest_add_attr(&num_key_attrs, key_attrs,
3871 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3872 tv->params.ecc.public_x,
3873 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3874 xtest_add_attr(&num_key_attrs, key_attrs,
3875 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3876 tv->params.ecc.public_y,
3877 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3878
3879 if (!ADBG_EXPECT_TRUE(c,
3880 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3881 pub_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3882 num_key_attrs, &pub_key_handle)))
3883 goto out;
3884
3885 xtest_add_attr(&num_key_attrs, key_attrs,
3886 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3887 tv->params.ecc.private,
3888 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3889
3890 if (!ADBG_EXPECT_TRUE(c,
3891 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3892 priv_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3893 num_key_attrs, &priv_key_handle)))
3894 goto out;
3895 break;
3896
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3897 default:
3898 ADBG_EXPECT_TRUE(c, false);
3899 goto out;
3900 }
3901
3902 out_size = sizeof(out);
3903 memset(out, 0, sizeof(out));
3904 switch (tv->mode) {
3905 case TEE_MODE_ENCRYPT:
3906 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3907 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3908 &op, tv->algo, TEE_MODE_ENCRYPT,
3909 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3910 goto out;
3911
3912 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3913 ta_crypt_cmd_set_operation_key(c, &session, op,
3914 pub_key_handle)))
3915 goto out;
3916
3917 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3918 ta_crypt_cmd_free_transient_object(c, &session,
3919 pub_key_handle)))
3920 goto out;
3921 pub_key_handle = TEE_HANDLE_NULL;
3922
3923 out_enc_size = sizeof(out_enc);
3924 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3925 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3926 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3927 &out_enc_size)))
3928 goto out;
3929
3930 /*
3931 * A PS which is random is added when formatting the
3932 * message internally of the algorithm so we can't
3933 * verify against precomputed values, instead we use the
3934 * decrypt operation to see that output is correct.
3935 */
3936
3937 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3938 ta_crypt_cmd_free_operation(c, &session, op)))
3939 goto out;
3940
3941 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3942 ta_crypt_cmd_allocate_operation(c, &session,
3943 &op, tv->algo, TEE_MODE_DECRYPT,
3944 max_key_size)))
3945 goto out;
3946
3947 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3948 ta_crypt_cmd_set_operation_key(c, &session, op,
3949 priv_key_handle)))
3950 goto out;
3951
3952 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3953 ta_crypt_cmd_free_transient_object(c, &session,
3954 priv_key_handle)))
3955 goto out;
3956
3957 priv_key_handle = TEE_HANDLE_NULL;
3958
3959 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3960 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3961 NULL, 0, out_enc, out_enc_size, out,
3962 &out_size)))
3963 goto out;
3964
3965 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3966 out_size);
3967 break;
3968
3969 case TEE_MODE_DECRYPT:
3970 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3971 ta_crypt_cmd_allocate_operation(c, &session,
3972 &op, tv->algo, TEE_MODE_DECRYPT,
3973 max_key_size)))
3974 goto out;
3975
3976 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3977 ta_crypt_cmd_set_operation_key(c, &session, op,
3978 priv_key_handle)))
3979 goto out;
3980
3981 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3982 ta_crypt_cmd_free_transient_object(c, &session,
3983 priv_key_handle)))
3984 goto out;
3985
3986 priv_key_handle = TEE_HANDLE_NULL;
3987
3988 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3989 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3990 NULL, 0, tv->ctx, tv->ctx_len, out,
3991 &out_size)))
3992 goto out;
3993
3994 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3995 out_size);
3996 break;
3997
3998 case TEE_MODE_VERIFY:
3999 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4000 ta_crypt_cmd_allocate_operation(c, &session,
4001 &op, tv->algo, TEE_MODE_VERIFY,
4002 max_key_size)))
4003 goto out;
4004
4005 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4006 ta_crypt_cmd_set_operation_key(c, &session, op,
4007 pub_key_handle)))
4008 goto out;
4009
4010 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4011 ta_crypt_cmd_free_transient_object(c, &session,
4012 pub_key_handle)))
4013 goto out;
4014
4015 pub_key_handle = TEE_HANDLE_NULL;
4016
4017 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4018 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4019 algo_params, num_algo_params, ptx_hash,
4020 ptx_hash_size, tv->ctx, tv->ctx_len)))
4021 goto out;
4022 break;
4023
4024 case TEE_MODE_SIGN:
4025 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4026 ta_crypt_cmd_allocate_operation(c, &session,
4027 &op, tv->algo, TEE_MODE_SIGN,
4028 max_key_size)))
4029 goto out;
4030
4031 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4032 ta_crypt_cmd_set_operation_key(c, &session, op,
4033 priv_key_handle)))
4034 goto out;
4035
4036 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4037 ta_crypt_cmd_free_transient_object(c, &session,
4038 priv_key_handle)))
4039 goto out;
4040
4041 priv_key_handle = TEE_HANDLE_NULL;
4042
4043 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4044 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4045 algo_params, num_algo_params, ptx_hash,
4046 ptx_hash_size, out, &out_size)))
4047 goto out;
4048
4049 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4050 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4051 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4052 tv->algo == TEE_ALG_DSA_SHA224 ||
4053 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4054 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4055 TEE_MAIN_ALGO_ECDSA ||
4056 tv->algo == TEE_ALG_SM2_DSA_SM3) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4057 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4058 ta_crypt_cmd_free_operation(c, &session,
4059 op)))
4060 goto out;
4061 /*
4062 * The salt or K is random so we can't verify
4063 * signing against precomputed values, instead
4064 * we use the verify operation to see that
4065 * output is correct.
4066 */
4067 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4068 ta_crypt_cmd_allocate_operation(c,
4069 &session, &op, tv->algo,
4070 TEE_MODE_VERIFY, max_key_size)))
4071 goto out;
4072
4073 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4074 ta_crypt_cmd_set_operation_key(c,
4075 &session, op, pub_key_handle)))
4076 goto out;
4077
4078 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4079 ta_crypt_cmd_free_transient_object(c,
4080 &session, pub_key_handle)))
4081 goto out;
4082
4083 pub_key_handle = TEE_HANDLE_NULL;
4084
4085 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4086 ta_crypt_cmd_asymmetric_verify(c,
4087 &session, op, algo_params,
4088 num_algo_params, ptx_hash,
4089 ptx_hash_size, out, out_size)))
4090 goto out;
4091 } else {
4092 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4093 tv->ctx_len, out,
4094 out_size);
4095 }
4096 break;
4097
4098 default:
4099 break;
4100 }
4101
4102 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4103 ta_crypt_cmd_free_operation(c, &session, op)))
4104 goto out;
4105
4106 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4107 ta_crypt_cmd_free_transient_object(c, &session,
4108 pub_key_handle)))
4109 goto out;
4110 pub_key_handle = TEE_HANDLE_NULL;
4111
4112 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4113 ta_crypt_cmd_free_transient_object(c, &session,
4114 priv_key_handle)))
4115 goto out;
4116
4117 priv_key_handle = TEE_HANDLE_NULL;
4118
4119 Do_ADBG_EndSubCase(c, NULL);
4120 }
4121out:
4122 TEEC_CloseSession(&session);
4123}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4124ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4125 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4126
4127#define KEY_ATTR(x, y) { #x, (x), y }
4128
4129struct key_attrs {
4130 const char *name;
4131 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4132 /*
4133 * When keysize_check != 0: size of attribute is checked
4134 * Expected value is key_size bits except for DH in which case it is
4135 * the value of keysize_check.
4136 */
4137 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4138};
4139
4140static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4141 TEE_ObjectHandle key, uint32_t key_size,
4142 struct key_attrs *attrs, size_t num_attrs)
4143{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4144 uint8_t out[2048] = { };
4145 size_t out_size = 0;
4146 size_t n = 0;
4147 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4148
4149 for (m = 0; m < num_attrs; m++) {
4150 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4151 out_size = sizeof(out);
4152 memset(out, 0, sizeof(out));
4153 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4154 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4155 key, attrs[m].attr, out, &out_size)))
4156 return false;
4157
4158 if (attrs[m].keysize_check)
Jerome Forissierfe94e562020-11-17 17:22:40 +0100[diff] [blame]4159 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, <=,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4160 key_size / 8);
4161
4162 if (out_size > 0) {
4163 /* Check that buffer isn't all zeroes */
4164 for (n = 0; n < out_size; n++)
4165 if (out[n] != 0)
4166 break;
4167 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4168 out_size))
4169 return false;
4170 }
4171 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4172 uint32_t a = 0;
4173 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4174
4175 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4176 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4177 attrs[m].attr, &a, &b)))
4178 return false;
4179 }
4180 }
4181 return true;
4182}
4183
4184static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4185 TEE_ObjectHandle key, uint32_t key_size)
4186{
4187 const struct key_attrs attrs[] = {
4188 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4189 };
4190
4191 return test_keygen_attributes(c, s, key, key_size,
4192 (struct key_attrs *)&attrs,
4193 ARRAY_SIZE(attrs));
4194}
4195
4196
4197static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4198 TEE_ObjectHandle key, uint32_t key_size)
4199{
4200 const struct key_attrs attrs[] = {
4201 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4202 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4203 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4204 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4205 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4206 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4207 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4208 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4209 };
4210
4211 return test_keygen_attributes(c, s, key, key_size,
4212 (struct key_attrs *)&attrs,
4213 ARRAY_SIZE(attrs));
4214}
4215
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4216static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4217 TEE_ObjectHandle key, uint32_t key_size)
4218{
4219 const struct key_attrs attrs[] = {
4220 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4221 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4222 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4223 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4224 };
4225
4226 return test_keygen_attributes(c, s, key, key_size,
4227 (struct key_attrs *)&attrs,
4228 ARRAY_SIZE(attrs));
4229}
4230
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4231static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4232 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4233{
4234 const struct key_attrs attrs[] = {
4235 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4236 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4237 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4238 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4239 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4240 };
4241
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4242 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4243 (struct key_attrs *)&attrs,
4244 ARRAY_SIZE(attrs));
4245}
4246
4247static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4248 TEE_ObjectHandle key, uint32_t key_size)
4249{
4250 const struct key_attrs attrs[] = {
4251 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4252 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4253 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4254 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4255 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4256 };
4257
4258 return test_keygen_attributes(c, s, key, key_size,
4259 (struct key_attrs *)&attrs,
4260 ARRAY_SIZE(attrs));
4261}
4262
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4263static bool test_x25519_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4264 TEE_ObjectHandle key, uint32_t key_size)
4265{
4266 const struct key_attrs attrs[] = {
4267 KEY_ATTR(TEE_ATTR_X25519_PRIVATE_VALUE, false),
4268 KEY_ATTR(TEE_ATTR_X25519_PUBLIC_VALUE, false),
4269 };
4270
4271 return test_keygen_attributes(c, s, key, key_size,
4272 (struct key_attrs *)&attrs,
4273 ARRAY_SIZE(attrs));
4274}
4275
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4276static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4277 uint32_t key_type, uint32_t check_keysize,
4278 uint32_t key_size,
4279 TEE_Attribute *params, size_t param_count)
4280{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4281 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4282 bool ret_val = true;
4283
4284 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4285 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4286 &key)))
4287 return false;
4288
4289 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4290 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4291 param_count)))
4292 return false;
4293
4294 switch (key_type) {
4295 case TEE_TYPE_DES:
4296 case TEE_TYPE_DES3:
4297 ret_val = ADBG_EXPECT_TRUE(c,
4298 test_secret_value(c, s, key,
4299 key_size + key_size / 7));
4300 break;
4301 case TEE_TYPE_AES:
4302 case TEE_TYPE_HMAC_MD5:
4303 case TEE_TYPE_HMAC_SHA1:
4304 case TEE_TYPE_HMAC_SHA224:
4305 case TEE_TYPE_HMAC_SHA256:
4306 case TEE_TYPE_HMAC_SHA384:
4307 case TEE_TYPE_HMAC_SHA512:
4308 case TEE_TYPE_GENERIC_SECRET:
4309 ret_val = ADBG_EXPECT_TRUE(c,
4310 test_secret_value(c, s, key, key_size));
4311 break;
4312
4313 case TEE_TYPE_RSA_KEYPAIR:
4314 ret_val = ADBG_EXPECT_TRUE(c,
4315 test_rsa_key_pair(c, s, key, key_size));
4316 break;
4317
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4318 case TEE_TYPE_ECDSA_KEYPAIR:
4319 case TEE_TYPE_ECDH_KEYPAIR:
4320 ret_val = ADBG_EXPECT_TRUE(c,
4321 test_ecc_key_pair(c, s, key, key_size));
4322 break;
4323
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4324 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4325 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4326 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4327 break;
4328
4329 case TEE_TYPE_DSA_KEYPAIR:
4330 ret_val = ADBG_EXPECT_TRUE(c,
4331 test_dsa_key_pair(c, s, key, key_size));
4332 break;
4333
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4334 case TEE_TYPE_X25519_KEYPAIR:
4335 ret_val = ADBG_EXPECT_TRUE(c,
4336 test_x25519_key_pair(c, s, key, key_size));
4337 break;
4338
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4339 default:
4340 ret_val = false;
4341 break;
4342 }
4343
4344 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4345 ta_crypt_cmd_free_transient_object(c, s, key)))
4346 return false;
4347
4348 return ret_val;
4349}
4350
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4351struct key_types_noparam {
4352 unsigned level;
4353 const char *name;
4354 uint32_t key_type;
4355 uint32_t quanta;
4356 uint32_t min_size;
4357 uint32_t max_size;
4358};
4359
4360static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4361 const struct key_types_noparam *key_types,
4362 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4363{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4364 size_t n = 0;
4365 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4366
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4367 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4368 uint32_t min_size = key_types[n].min_size;
4369 uint32_t max_size = key_types[n].max_size;
4370 uint32_t quanta = key_types[n].quanta;
4371
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4372 if (key_types[n].level > level)
4373 continue;
4374
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4375 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4376
4377 for (key_size = min_size; key_size <= max_size;
4378 key_size += quanta) {
4379 if (!ADBG_EXPECT_TRUE(c,
4380 generate_and_test_key(c, session, key_types
4381 [n].key_type, 1, key_size, NULL, 0)))
4382 break;
4383 }
4384
4385 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4386 }
4387}
4388
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4389static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4390{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4391 TEEC_Session session = { };
4392 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4393 static const struct key_types_noparam key_types[] = {
4394 { 0, "AES", TEE_TYPE_AES, 64, 128,
4395 256 /* valid sizes 128, 192, 256 */ },
4396 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4397 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4398 168 /* valid sizes 112, 168 */ },
4399 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4400 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4401 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4402 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4403 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4404 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4405 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4406 };
4407
4408 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4409 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4410 &ret_orig)))
4411 return;
4412
4413 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4414
4415 TEEC_CloseSession(&session);
4416}
4417ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4418 "Test TEE Internal API Generate Symmetric key");
4419
4420static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4421{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4422 TEEC_Session session = { };
4423 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4424 static const struct key_types_noparam key_types[] = {
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4425#ifndef CFG_CRYPTO_SE05X
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4426 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4427 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4428#endif
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4429 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4430#ifndef CFG_CRYPTO_SE05X
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4431 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4432 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4433 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
Jorge Ramirez-Ortizb657ea42022-02-17 10:15:25 +0100[diff] [blame]4434#endif
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4435 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4436 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4437 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4438 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4439 };
4440
4441 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4442 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4443 &ret_orig)))
4444 return;
4445
4446 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4447
4448 TEEC_CloseSession(&session);
4449}
4450ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4451 "Test TEE Internal API Generate RSA key");
4452
4453static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4454{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4455 TEEC_Session session = { };
4456 uint32_t ret_orig = 0;
4457 size_t n = 0;
4458 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4459 /*
4460 * Note that the key size parameter is not used when creating the keys
4461 * but specifying these sizes make it possible to test the expected size
4462 * of the private value. This also means that the keysize must match the
4463 * size of p or what is specified in private_bits or the equvivalent
4464 * size of the subprime parameter.
4465 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4466 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4467
4468#define XTEST_DH_GK_DATA(vect) \
4469 ARRAY(vect ## _p), \
4470 ARRAY(vect ## _g), \
4471 &vect ## _private_bits, \
4472 0, 0
4473#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4474 ARRAY(vect ## _p), \
4475 ARRAY(vect ## _g), \
4476 &vect ## _private_bits, \
4477 ARRAY(vect ## _subprime)
4478 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4479 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4480 uint32_t key_size;
4481 const uint8_t *p;
4482 size_t p_len;
4483 const uint8_t *g;
4484 size_t g_len;
4485 const uint32_t *private_bits;
4486 const uint8_t *subprime;
4487 size_t subprime_len;
4488 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4489 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4490 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4491 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4492 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4493 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4494 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4495 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4496 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4497 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4498 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4499 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4500 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4501 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4502 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4503 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4504 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4505 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4506 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4507 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4508 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4509 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4510 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4511 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4512 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4513 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4514 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4515 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4516 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4517 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4518 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4519 };
4520
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4521 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4522 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4523 &ret_orig)))
4524 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4525
4526 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4527 if (key_types[n].level > level)
4528 continue;
4529
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4530 Do_ADBG_BeginSubCase(c,
4531 "Generate DH key %d bits - Private bits = %d",
4532 key_types[n].key_size,
4533 *key_types[n].private_bits);
4534 param_count = 0;
4535
4536 xtest_add_attr(&param_count, params,
4537 TEE_ATTR_DH_PRIME,
4538 key_types[n].p, key_types[n].p_len);
4539
4540 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4541 key_types[n].g, key_types[n].g_len);
4542
4543 if (key_types[n].private_bits != 0) {
4544 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4545
4546 params[param_count].content.value.a =
4547 *key_types[n].private_bits;
4548
4549 params[param_count].content.value.b = 0;
4550 param_count++;
4551 }
4552
4553 if (key_types[n].subprime != 0) {
4554 xtest_add_attr(&param_count, params,
4555 TEE_ATTR_DH_SUBPRIME,
4556 key_types[n].subprime,
4557 key_types[n].subprime_len);
4558 }
4559
4560 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4561 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4562 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4563 key_types[n]. key_size, params, param_count)))
4564 break;
4565
4566 Do_ADBG_EndSubCase(c,
4567 "Generate DH key %d bits - Private bits = %d",
4568 key_types[n].key_size,
4569 *key_types[n].private_bits);
4570 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4571
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4572 TEEC_CloseSession(&session);
4573}
4574ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4575 "Test TEE Internal API Generate DH key");
4576
4577static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4578{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4579 TEEC_Session session = { };
4580 uint32_t ret_orig = 0;
4581 size_t n = 0;
4582 size_t param_count = 0;
4583 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4584
4585#define XTEST_DSA_GK_DATA(vect) \
4586 ARRAY(vect ## _p), \
4587 ARRAY(vect ## _g), \
4588 ARRAY(vect ## _q)
4589 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4590 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4591 uint32_t key_size;
4592 const uint8_t *prime;
4593 size_t prime_len;
4594 const uint8_t *base;
4595 size_t base_len;
4596 const uint8_t *sub_prime;
4597 size_t sub_prime_len;
4598 } key_types[] = {
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4599 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4600 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4601 { 0, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4602 { 0, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4603 { 0, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4604 { 0, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4605 { 0, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4606 { 0, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4607 { 0, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4608 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4609 };
4610
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4611 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4612 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4613 &ret_orig)))
4614 return;
4615
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4616 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4617 if (key_types[n].level > level)
4618 continue;
4619
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4620 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4621 key_types[n].key_size);
4622 param_count = 0;
4623
4624
4625 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4626 key_types[n].prime, key_types[n].prime_len);
4627
4628 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4629 key_types[n].sub_prime,
4630 key_types[n].sub_prime_len);
4631
4632 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4633 key_types[n].base, key_types[n].base_len);
4634
4635 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4636 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4637 1, key_types[n]. key_size, params,
4638 param_count)))
4639 break;
4640
4641 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4642 key_types[n].key_size);
4643 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4644
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4645 TEEC_CloseSession(&session);
4646}
4647ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4648 "Test TEE Internal API Generate DSA key");
4649
4650static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4651{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4652 TEEC_Session session = { };
4653 uint32_t ret_orig = 0;
4654 size_t n = 0;
4655 size_t param_count = 0;
4656 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4657
4658 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4659 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4660 const char *name;
4661 uint32_t algo;
4662 uint32_t curve;
4663 uint32_t key_size;
4664 } key_types[] = {
4665 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4666 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4667 192 },
4668 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4669 224 },
4670 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4671 256 },
4672 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4673 384 },
4674 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4675 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4676
4677 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4678 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4679 192 },
4680 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4681 224 },
4682 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4683 256 },
4684 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4685 384 },
4686 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4687 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4688 };
4689
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4690 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4691 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4692 &ret_orig)))
4693 return;
4694
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4695 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4696 if (key_types[n].level > level)
4697 continue;
4698
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4699 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4700 param_count = 0;
4701
4702 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4703 key_types[n].curve, 0);
4704
4705 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4706 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4707 0, key_types[n].key_size, params,
4708 param_count)))
4709 break;
4710
4711 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4712 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4713
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4714 TEEC_CloseSession(&session);
4715}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4716ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
4717 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4718
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4719static void xtest_tee_test_4007_x25519(ADBG_Case_t *c)
4720{
4721 TEEC_Session session = { };
4722 uint32_t ret_orig = 0;
4723
4724 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4725 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
4726 NULL, &ret_orig)))
4727 return;
4728
Jerome Forissier366179c2022-06-28 10:12:58 +0200[diff] [blame^]4729 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_X25519,
4730 TEE_ECC_CURVE_25519)) {
4731 Do_ADBG_Log("X25519 not supported: skip subcase");
4732 goto out;
4733 }
4734
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4735 Do_ADBG_BeginSubCase(c, "Generate X25519 key");
4736
4737 if (!ADBG_EXPECT_TRUE(c,
4738 generate_and_test_key(c, &session,
4739 TEE_TYPE_X25519_KEYPAIR, 0, 256,
4740 NULL, 0)))
4741 return;
4742
4743 Do_ADBG_EndSubCase(c, "Generate X25519 key");
Jerome Forissier366179c2022-06-28 10:12:58 +0200[diff] [blame^]4744out:
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]4745 TEEC_CloseSession(&session);
4746}
4747ADBG_CASE_DEFINE(regression, 4007_x25519, xtest_tee_test_4007_x25519,
4748 "Test TEE Internal API Generate X25519 key");
4749
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4750static void xtest_tee_test_4008(ADBG_Case_t *c)
4751{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4752 TEEC_Session session = { };
4753 uint32_t ret_orig = 0;
4754 TEE_OperationHandle op = TEE_HANDLE_NULL;
4755 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4756 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4757 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4758 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4759 uint8_t out[2048] = { };
4760 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4761
4762 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4763 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4764 &ret_orig)))
4765 return;
4766
4767 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4768
4769 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4770 ta_crypt_cmd_allocate_operation(c, &session, &op,
4771 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4772 derive_key_max_keysize)))
4773 goto out;
4774
4775 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4776 ta_crypt_cmd_allocate_transient_object(c, & session,
4777 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4778 &key_handle)))
4779 goto out;
4780
4781 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4782 ARRAY(derive_key_dh_prime));
4783
4784 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4785 ARRAY(derive_key_dh_base));
4786
4787 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4788 ARRAY(derive_key_dh_public_value));
4789
4790 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4791 ARRAY(derive_key_dh_private_value));
4792
4793 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4794 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4795 params, param_count)))
4796 goto out;
4797
4798 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4799 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4800 goto out;
4801
4802 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4803 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4804 goto out;
4805
4806 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4807 ta_crypt_cmd_allocate_transient_object(c, &session,
4808 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4809 &sv_handle)))
4810 goto out;
4811
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4812 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4813 param_count = 0;
4814
4815 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4816 ARRAY(derive_key_dh_public_value_2));
4817
4818 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4819 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4820 param_count)))
4821 goto out;
4822
4823 out_size = sizeof(out);
4824 memset(out, 0, sizeof(out));
4825 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4826 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4827 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4828 goto out;
4829
4830 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4831 sizeof(derive_key_dh_shared_secret), out,
4832 out_size))
4833 goto out;
4834
4835 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4836 ta_crypt_cmd_free_operation(c, &session, op)))
4837 goto out;
4838
4839 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4840 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4841 goto out;
4842out:
4843 Do_ADBG_EndSubCase(c, "Derive DH key success");
4844 TEEC_CloseSession(&session);
4845}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4846ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
4847 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4848
4849static void xtest_tee_test_4009(ADBG_Case_t *c)
4850{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4851 TEEC_Session session = { };
4852 uint32_t ret_orig = 0;
4853 TEE_OperationHandle op = TEE_HANDLE_NULL;
4854 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4855 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4856 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4857 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4858 uint8_t out[2048] = { };
4859 size_t out_size = 0;
4860 uint32_t size_bytes = 0;
4861 uint32_t i = 0;
Ruchika Gupta454b0b62020-10-30 13:23:19 +0530[diff] [blame]4862 struct derive_key_ecdh_t const *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4863
4864 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4865 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4866 &ret_orig)))
4867 return;
4868
4869 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4870 pt = &derive_key_ecdh[i];
4871
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]4872 if (pt->level > level)
4873 continue;
4874
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4875 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4876 pt->algo);
4877 size_bytes = (pt->keysize + 7) / 8;
4878 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4879 ta_crypt_cmd_allocate_operation(c, &session, &op,
4880 pt->algo,
4881 TEE_MODE_DERIVE, pt->keysize)))
4882 goto out;
4883
4884 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4885 ta_crypt_cmd_allocate_transient_object(c, & session,
4886 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4887 &key_handle)))
4888 goto out;
4889
4890 param_count = 0;
4891 xtest_add_attr_value(&param_count, params,
4892 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4893 xtest_add_attr(&param_count, params,
4894 TEE_ATTR_ECC_PRIVATE_VALUE,
4895 pt->private, size_bytes);
4896 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4897 * The public value is not used, but we should provide a valid
4898 * one to avoid rejection in case TEE_PopulateTransientObject()
4899 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4900 */
4901 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4902 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4903 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4904 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]4905 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4906 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4907
4908 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4909 ta_crypt_cmd_populate_transient_object(c,
4910 &session,
4911 key_handle, params, param_count)))
4912 goto out;
4913
4914 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4915 ta_crypt_cmd_set_operation_key(c, &session, op,
4916 key_handle)))
4917 goto out;
4918
4919 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4920 ta_crypt_cmd_free_transient_object(c, & session,
4921 key_handle)))
4922 goto out;
4923
4924 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4925 ta_crypt_cmd_allocate_transient_object(c, &session,
4926 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4927 &sv_handle)))
4928 goto out;
4929
4930 /* reuse but reset params and param-count */
4931 param_count = 0;
4932
4933 xtest_add_attr(&param_count, params,
4934 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4935 pt->public_x, size_bytes);
4936 xtest_add_attr(&param_count, params,
4937 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4938 pt->public_y, size_bytes);
4939
4940 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4941 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4942 params, param_count)))
4943 goto out;
4944
4945 out_size = sizeof(out);
4946 memset(out, 0, sizeof(out));
4947 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4948 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4949 sv_handle,
4950 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4951 goto out;
4952
4953 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4954 out, out_size))
4955 goto out;
4956
4957 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4958 ta_crypt_cmd_free_operation(c, &session, op)))
4959 goto out;
4960
4961 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4962 ta_crypt_cmd_free_transient_object(c, &session,
4963 sv_handle)))
4964 goto out;
4965
4966 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4967 pt->algo);
4968 }
4969
4970 goto noerror;
4971
4972out:
4973 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4974
4975noerror:
4976 TEEC_CloseSession(&session);
4977}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4978ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
4979 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4980
4981static void xtest_tee_test_4010(ADBG_Case_t *c)
4982{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4983 TEEC_Session session = { };
4984 uint32_t ret_orig = 0;
4985 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4986 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
4987 static const TEE_Attribute attr = {
4988 .attributeID = TEE_ATTR_SECRET_VALUE,
4989 .content.ref.buffer = (void *)large_key,
4990 .content.ref.length = sizeof(large_key),
4991 };
4992
4993 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4994 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4995 &ret_orig)))
4996 return;
4997
4998 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4999 ta_crypt_cmd_allocate_transient_object(c, &session,
5000 TEE_TYPE_HMAC_SHA256, 1024, &o)))
5001 goto out;
5002
5003 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
5004 ta_crypt_cmd_populate_transient_object(c, &session, o,
5005 &attr, 1));
5006
5007out:
5008 TEEC_CloseSession(&session);
5009}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5010ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
5011 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5012
5013static void xtest_tee_test_4011(ADBG_Case_t *c)
5014{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5015 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5016 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5017 TEE_ObjectHandle key = TEE_HANDLE_NULL;
5018 TEE_OperationHandle ops = TEE_HANDLE_NULL;
5019 TEE_OperationHandle opv = TEE_HANDLE_NULL;
5020 TEE_OperationHandle ope = TEE_HANDLE_NULL;
5021 TEE_OperationHandle opd = TEE_HANDLE_NULL;
5022 uint32_t ret_orig = 0;
5023 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
5024 uint8_t out[1024] = { };
5025 uint8_t tmp[1024] = { };
5026 size_t out_size = 0;
5027 size_t tmp_size = 0;
5028 size_t n = 0;
5029 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5030 size_t i = 0;
5031
5032 /* Setup session, initialize message to sign, create a keypair */
5033 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
5034 &crypt_user_ta_uuid, NULL, &ret_orig)))
5035 return;
5036 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
5037 &s, in, sizeof(in))))
5038 goto out;
5039 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
5040 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
5041 goto out;
5042 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
5043 key, key_size, NULL, 0)))
5044 goto out;
5045
5046 /* Allocate operations for sign, verify, encrypt and decrypt */
5047 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5048 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
5049 key_size)))
5050 goto out;
5051 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5052 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
5053 key_size)))
5054 goto out;
5055 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5056 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
5057 goto out;
5058 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5059 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
5060 goto out;
5061
5062 /* Assign the keypair to all operations */
5063 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5064 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
5065 goto out;
5066 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5067 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
5068 goto out;
5069 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5070 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
5071 goto out;
5072 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5073 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
5074 goto out;
5075
5076 /*
5077 * The core of the test case is inspired by the one in libtomcrypt:
5078 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
5079 *
5080 * Testcase for Bleichenbacher attack
5081 *
5082 * (1) Create a valid signature
5083 * (2) Check that it can be verified
5084 * (3) Transform the package to fetch plain text (using the encrypt
5085 * operation in GP TEE Internal API)
5086 * (4) Forge the structure of PKCS#1-EMSA encoded data
5087 * (4.1) Search for start and end of the padding string
5088 * (4.2) Move the signature to the front of the padding string
5089 * (4.3) Zero the message until the end
5090 * (5) Transform the package back (using the decrypt operation in
5091 * GP TEE Internal API)
5092 * (6) The result should not be valid if the implementation is robust.
5093 */
5094
5095
5096 for (i = 0; i < 9; i++) {
5097 Do_ADBG_Log("Iteration %zu", i);
5098
5099 /* 1 */
5100 out_size = sizeof(out);
5101 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5102 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5103 in, sizeof(in), out, &out_size)))
5104 goto out;
5105
5106 /* 2 */
5107 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5108 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5109 in, sizeof(in), out, out_size)))
5110 goto out;
5111
5112 /* 3 */
5113 tmp_size = sizeof(tmp);
5114 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5115 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5116 out, out_size, tmp, &tmp_size)))
5117 goto out;
5118
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5119 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5120 goto out;
5121
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5122 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5123 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5124 if (tmp[n] == 0xff)
5125 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5126
5127 /* Shall find at least a padding start before buffer end */
5128 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5129 goto out;
5130
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5131 for (m = n + 1; m < tmp_size; m++)
5132 if (tmp[m] != 0xff)
5133 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5134
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5135 /* 4.2 */
5136 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5137
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5138 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5139 n = n + i + tmp_size - m;
Etienne Carriereacb81c42020-04-24 14:58:58 +0200[diff] [blame]5140
5141 /* Prevent overrun when zeroing buffer end */
5142 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <=, tmp_size))
5143 goto out;
5144
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5145 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5146
5147 /* 5 */
5148 out_size = sizeof(out);
5149 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5150 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5151 tmp, tmp_size, out, &out_size)))
5152 goto out;
5153
5154 /* 6 */
5155 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5156 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5157 in, sizeof(in), out, out_size)))
5158 goto out;
5159 }
5160
5161out:
5162 TEEC_CloseSession(&s);
5163}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5164ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5165 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5166
5167#ifdef CFG_SYSTEM_PTA
5168static void xtest_tee_test_4012(ADBG_Case_t *c)
5169{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5170 TEEC_Session session = { };
5171 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5172 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5173 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5174 uint8_t pool_input[32] = { };
5175 time_t t = 0;
5176 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5177
5178 t = time(NULL);
5179 tm_local = *localtime(&t);
5180
5181 memcpy((void *)pool_input, (void *)&tm_local,
5182 sizeof(pool_input) < sizeof(tm_local) ?
5183 sizeof(pool_input) : sizeof(tm_local));
5184
5185
5186 op.params[0].tmpref.buffer = pool_input;
5187 op.params[0].tmpref.size = sizeof(pool_input);
5188 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5189 TEEC_NONE,
5190 TEEC_NONE,
5191 TEEC_NONE);
5192 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5193 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5194 &ret_orig)))
5195 return;
5196
5197 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5198 TEEC_InvokeCommand(&session,
5199 TA_CRYPT_CMD_SEED_RNG_POOL,
5200 &op,
5201 &ret_orig));
5202 TEEC_CloseSession(&session);
5203}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5204ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5205 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5206
5207static void xtest_tee_test_4013(ADBG_Case_t *c)
5208{
5209 TEEC_Session session = { };
5210 uint32_t ret_orig = 0;
5211 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5212 uint8_t key[32] = { };
5213 uint8_t extra_data[32] = { };
5214
5215 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5216 TEEC_NONE,
5217 TEEC_NONE,
5218 TEEC_NONE);
5219 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5220 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5221 NULL, &ret_orig)))
5222 return;
5223
5224 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5225 TEEC_InvokeCommand(&session,
5226 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5227 &op,
5228 &ret_orig));
5229
5230 /* Negative test using non-secure memory */
5231 memset(&op, 0, sizeof(op));
5232 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5233 TEEC_MEMREF_TEMP_OUTPUT,
5234 TEEC_NONE,
5235 TEEC_NONE);
5236
5237 op.params[0].tmpref.buffer = extra_data;
5238 op.params[0].tmpref.size = sizeof(extra_data);
5239 op.params[1].tmpref.buffer = key;
5240 op.params[1].tmpref.size = sizeof(key);
5241 (void)ADBG_EXPECT_TEEC_RESULT(c,
5242 TEEC_ERROR_SECURITY,
5243 TEEC_InvokeCommand(&session,
5244 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5245 &op,
5246 &ret_orig));
5247
5248 TEEC_CloseSession(&session);
5249}
5250ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5251 "Test generation of device unique TA keys");
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5252
5253static void xtest_tee_test_4014(ADBG_Case_t *c)
5254{
5255 TEEC_Session session = { };
5256 uint32_t ret_orig = 0;
5257 TEE_OperationHandle op = TEE_HANDLE_NULL;
5258 TEE_ObjectHandle keyA = TEE_HANDLE_NULL;
5259 TEE_ObjectHandle eph_keyA = TEE_HANDLE_NULL;
5260 TEE_ObjectHandle keyB = TEE_HANDLE_NULL;
5261 TEE_ObjectHandle eph_keyB = TEE_HANDLE_NULL;
5262 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5263 TEE_Attribute params[9] = { };
5264 size_t param_count = 0;
5265 uint8_t out[128] = { };
5266 size_t out_size = 0;
5267 uint8_t conf_A[32] = { };
5268 uint8_t conf_B[32] = { };
5269
5270 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5271 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5272 &ret_orig)))
5273 return;
5274
5275 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM2_KEP,
5276 TEE_ECC_CURVE_SM2)) {
5277 Do_ADBG_Log("SM2 KEP not supported: skip subcase");
5278 goto out;
5279 }
5280
5281 Do_ADBG_BeginSubCase(c, "Initiator side");
5282
5283 /*
5284 * Key exchange protocol running on user A's side. A is initiator.
5285 */
5286
5287 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5288 ta_crypt_cmd_allocate_operation(c, &session, &op,
5289 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5290 goto out;
5291
5292 /* Allocate and initialize keypair of user A */
5293
5294 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5295 ta_crypt_cmd_allocate_transient_object(c, &session,
5296 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyA)))
5297 goto out;
5298
5299 param_count = 0;
5300
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5301 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5302 ARRAY(gmt_003_part5_b2_public_xA));
5303
5304 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5305 ARRAY(gmt_003_part5_b2_public_yA));
5306
5307 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5308 ARRAY(gmt_003_part5_b2_private_A));
5309
5310 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5311 ta_crypt_cmd_populate_transient_object(c, &session, keyA,
5312 params, param_count)))
5313 goto out;
5314
5315 /*
5316 * Allocate and set ephemeral key of user A. Note: it is a regular ECC
5317 * key -- we don't use the *_EPHEMERAL_* attributes flags which are
5318 * reserved for use in TEE_DeriveKey() to pass the ephermeral key of
5319 * user B.
5320 */
5321
5322 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5323 ta_crypt_cmd_allocate_transient_object(c, &session,
5324 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyA)))
5325 goto out;
5326
5327 param_count = 0;
5328
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5329 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5330 ARRAY(gmt_003_part5_b2_eph_public_xA));
5331
5332 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5333 ARRAY(gmt_003_part5_b2_eph_public_yA));
5334
5335 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5336 ARRAY(gmt_003_part5_b2_eph_private_A));
5337
5338 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5339 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyA,
5340 params, param_count)))
5341 goto out;
5342
5343 /* Associate user A keys with operation */
5344
5345 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5346 ta_crypt_cmd_set_operation_key2(c, &session, op, keyA,
5347 eph_keyA)))
5348 goto out;
5349
5350 /* Keys have been set, free key objects */
5351
5352 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5353 ta_crypt_cmd_free_transient_object(c, &session, keyA)))
5354 goto out;
5355
5356 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5357 ta_crypt_cmd_free_transient_object(c, &session, eph_keyA)))
5358 goto out;
5359
5360 /* Allocate output object */
5361
5362 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5363 ta_crypt_cmd_allocate_transient_object(c, &session,
5364 TEE_TYPE_GENERIC_SECRET,
5365 sizeof(gmt_003_part5_b2_shared_secret),
5366 &sv_handle)))
5367 goto out;
5368
5369 /* Set key derivation parameters: user A role, user B information */
5370
5371 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5372 params[0].content.value.a = 0; /* Initiator role */
5373 params[0].content.value.b = 0; /* Not used */
5374 param_count = 1;
5375
5376 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5377 ARRAY(gmt_003_part5_b2_public_xB));
5378
5379 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5380 ARRAY(gmt_003_part5_b2_public_yB));
5381
5382 xtest_add_attr(&param_count, params,
5383 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5384 ARRAY(gmt_003_part5_b2_eph_public_xB));
5385
5386 xtest_add_attr(&param_count, params,
5387 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5388 ARRAY(gmt_003_part5_b2_eph_public_yB));
5389
5390 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5391 ARRAY(gmt_003_part5_b2_id_A));
5392
5393 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5394 ARRAY(gmt_003_part5_b2_id_B));
5395
5396 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5397 ARRAY(gmt_003_part5_b2_conf_B));
5398
5399 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5400 ARRAY(conf_A));
5401
5402 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5403 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5404 param_count)))
5405 goto out;
5406
5407 out_size = sizeof(out);
5408 memset(out, 0, sizeof(out));
5409 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5410 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5411 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5412 goto out;
5413
5414 /* Check derived key */
5415 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5416 sizeof(gmt_003_part5_b2_shared_secret), out,
5417 out_size))
5418 goto out;
5419
5420 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5421 ta_crypt_cmd_free_operation(c, &session, op)))
5422 goto out;
5423
5424 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5425 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5426 goto out;
5427
5428 Do_ADBG_EndSubCase(c, "Initiator side");
5429
5430 Do_ADBG_BeginSubCase(c, "Responder side");
5431
5432 /*
5433 * Key derivation on user B's side
5434 */
5435
5436 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5437 ta_crypt_cmd_allocate_operation(c, &session, &op,
5438 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5439 goto out;
5440
5441 /* Allocate and initialize keypair of user B */
5442
5443 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5444 ta_crypt_cmd_allocate_transient_object(c, &session,
5445 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyB)))
5446 goto out;
5447
5448 param_count = 0;
5449
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5450 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5451 ARRAY(gmt_003_part5_b2_public_xB));
5452
5453 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5454 ARRAY(gmt_003_part5_b2_public_yB));
5455
5456 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5457 ARRAY(gmt_003_part5_b2_private_B));
5458
5459 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5460 ta_crypt_cmd_populate_transient_object(c, &session, keyB,
5461 params, param_count)))
5462 goto out;
5463
5464 /* Allocate and set ephemeral key of user B */
5465
5466 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5467 ta_crypt_cmd_allocate_transient_object(c, &session,
5468 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyB)))
5469 goto out;
5470
5471 param_count = 0;
5472
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5473 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5474 ARRAY(gmt_003_part5_b2_eph_public_xB));
5475
5476 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5477 ARRAY(gmt_003_part5_b2_eph_public_yB));
5478
5479 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5480 ARRAY(gmt_003_part5_b2_eph_private_B));
5481
5482 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5483 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyB,
5484 params, param_count)))
5485 goto out;
5486
5487 /* Associate user B keys with operation */
5488
5489 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5490 ta_crypt_cmd_set_operation_key2(c, &session, op, keyB,
5491 eph_keyB)))
5492 goto out;
5493
5494 /* Keys have been set, free key objects */
5495
5496 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5497 ta_crypt_cmd_free_transient_object(c, &session, keyB)))
5498 goto out;
5499
5500 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5501 ta_crypt_cmd_free_transient_object(c, &session, eph_keyB)))
5502 goto out;
5503
5504 /* Allocate output object */
5505
5506 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5507 ta_crypt_cmd_allocate_transient_object(c, &session,
5508 TEE_TYPE_GENERIC_SECRET,
5509 sizeof(gmt_003_part5_b2_shared_secret),
5510 &sv_handle)))
5511 goto out;
5512
5513 /* Set key derivation parameters: user B role, user A information */
5514
5515 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5516 params[0].content.value.a = 1; /* Responder role */
5517 params[0].content.value.b = 0; /* Not used */
5518 param_count = 1;
5519
5520 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5521 ARRAY(gmt_003_part5_b2_public_xA));
5522
5523 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5524 ARRAY(gmt_003_part5_b2_public_yA));
5525
5526 xtest_add_attr(&param_count, params,
5527 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5528 ARRAY(gmt_003_part5_b2_eph_public_xA));
5529
5530 xtest_add_attr(&param_count, params,
5531 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5532 ARRAY(gmt_003_part5_b2_eph_public_yA));
5533
5534 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5535 ARRAY(gmt_003_part5_b2_id_A));
5536
5537 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5538 ARRAY(gmt_003_part5_b2_id_B));
5539
5540 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5541 ARRAY(gmt_003_part5_b2_conf_A));
5542
5543 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5544 ARRAY(conf_B));
5545
5546 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5547 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5548 param_count)))
5549 goto out;
5550
5551 out_size = sizeof(out);
5552 memset(out, 0, sizeof(out));
5553 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5554 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5555 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5556 goto out;
5557
5558 /* Check derived key */
5559 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5560 sizeof(gmt_003_part5_b2_shared_secret), out,
5561 out_size))
5562 goto out;
5563
5564 Do_ADBG_EndSubCase(c, "Responder side");
5565
5566out:
5567 TEEC_CloseSession(&session);
5568}
5569ADBG_CASE_DEFINE(regression, 4014, xtest_tee_test_4014,
5570 "Test SM2 KEP (key derivation)");
Sohaib ul Hassan00b3f2c2022-04-11 08:45:08 +0300[diff] [blame]5571
5572static void xtest_tee_test_4015(ADBG_Case_t *c)
5573{
5574 TEEC_Session session = { };
5575 uint32_t ret_orig = 0;
5576 TEE_OperationHandle op = TEE_HANDLE_NULL;
5577 TEE_ObjectHandle key_alice = TEE_HANDLE_NULL;
5578 TEE_ObjectHandle key_bob = TEE_HANDLE_NULL;
5579 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5580 TEE_Attribute params[2] = { };
5581 size_t param_count = 0;
5582 uint8_t out[32] = { };
5583 size_t out_size = 0;
5584 char case_str[40] = "Alice side computes shared secret";
5585
5586 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5587 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5588 &ret_orig)))
5589 return;
5590
5591 Do_ADBG_BeginSubCase(c, "%s", case_str);
5592
5593 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_X25519,
5594 TEE_ECC_CURVE_25519)) {
5595 Do_ADBG_Log("X25519 not supported: skip subcase");
5596 goto out;
5597 }
5598
5599 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5600 ta_crypt_cmd_allocate_operation(c, &session, &op,
5601 TEE_ALG_X25519, TEE_MODE_DERIVE, 256)))
5602 goto out;
5603
5604 /* Allocate and initialize keypair of Alice */
5605 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5606 ta_crypt_cmd_allocate_transient_object(c, &session,
5607 TEE_TYPE_X25519_KEYPAIR, 256, &key_alice)))
5608 goto out;
5609
5610 param_count = 0;
5611
5612 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
5613 ARRAY(x25519_alice_public));
5614
5615 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PRIVATE_VALUE,
5616 ARRAY(x25519_alice_private));
5617
5618 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5619 ta_crypt_cmd_populate_transient_object(c, &session,
5620 key_alice, params, param_count)))
5621 goto out;
5622
5623 /* Associate Alices's keys with operation */
5624 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5625 ta_crypt_cmd_set_operation_key(c, &session, op,
5626 key_alice)))
5627 goto out;
5628
5629 /* Keys have been set, free key objects */
5630 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5631 ta_crypt_cmd_free_transient_object(c, &session,
5632 key_alice)))
5633 goto out;
5634
5635 /* Allocate shared secret output object */
5636 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5637 ta_crypt_cmd_allocate_transient_object(c, &session,
5638 TEE_TYPE_GENERIC_SECRET,
5639 sizeof(x25519_shared_secret), &sv_handle)))
5640 goto out;
5641
5642 /* Reset params */
5643 param_count = 0;
5644
5645 /* Set Bob's public key for Alice side */
5646 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
5647 ARRAY(x25519_bob_public));
5648
5649 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5650 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
5651 params, param_count)))
5652 goto out;
5653
5654 out_size = sizeof(out);
5655 memset(out, 0, sizeof(out));
5656 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5657 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
5658 sv_handle, TEE_ATTR_SECRET_VALUE, out,
5659 &out_size)))
5660 goto out;
5661
5662 /* Check derived key */
5663 if (!ADBG_EXPECT_BUFFER(c, x25519_shared_secret,
5664 sizeof(x25519_shared_secret), out,
5665 out_size))
5666 goto out;
5667
5668 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5669 ta_crypt_cmd_free_operation(c, &session, op)))
5670 goto out;
5671
5672 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5673 ta_crypt_cmd_free_transient_object(c, &session,
5674 sv_handle)))
5675 goto out;
5676
5677 Do_ADBG_EndSubCase(c, "%s", case_str);
5678
5679 strncpy(case_str, "Bob side computes shared secret",
5680 sizeof(case_str) - 1);
5681
5682 Do_ADBG_BeginSubCase(c, "%s", case_str);
5683
5684 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5685 ta_crypt_cmd_allocate_operation(c, &session, &op,
5686 TEE_ALG_X25519, TEE_MODE_DERIVE, 256)))
5687 goto out;
5688
5689 /* Allocate and initialize keypair of Bob */
5690 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5691 ta_crypt_cmd_allocate_transient_object(c, &session,
5692 TEE_TYPE_X25519_KEYPAIR, 256, &key_bob)))
5693 goto out;
5694
5695 /* Reset params */
5696 param_count = 0;
5697
5698 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
5699 ARRAY(x25519_bob_public));
5700
5701 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PRIVATE_VALUE,
5702 ARRAY(x25519_bob_private));
5703
5704 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5705 ta_crypt_cmd_populate_transient_object(c, &session,
5706 key_bob, params, param_count)))
5707 goto out;
5708
5709 /* Associate Bob's keys with operation */
5710 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5711 ta_crypt_cmd_set_operation_key(c, &session, op,
5712 key_bob)))
5713 goto out;
5714
5715 /* Keys have been set, free key objects */
5716 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5717 ta_crypt_cmd_free_transient_object(c, &session,
5718 key_bob)))
5719 goto out;
5720
5721 /* Allocate shared secret output object */
5722 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5723 ta_crypt_cmd_allocate_transient_object(c, &session,
5724 TEE_TYPE_GENERIC_SECRET,
5725 sizeof(x25519_shared_secret), &sv_handle)))
5726 goto out;
5727
5728 /* Reset params */
5729 param_count = 0;
5730
5731 /* Set Alice's public key for Bob side */
5732 xtest_add_attr(&param_count, params, TEE_ATTR_X25519_PUBLIC_VALUE,
5733 ARRAY(x25519_alice_public));
5734
5735 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5736 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
5737 params, param_count)))
5738 goto out;
5739
5740 out_size = sizeof(out);
5741 memset(out, 0, sizeof(out));
5742 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5743 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
5744 sv_handle, TEE_ATTR_SECRET_VALUE, out,
5745 &out_size)))
5746 goto out;
5747
5748 /* Check derived key */
5749 if (!ADBG_EXPECT_BUFFER(c, x25519_shared_secret,
5750 sizeof(x25519_shared_secret), out,
5751 out_size))
5752 goto out;
5753
5754 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5755 ta_crypt_cmd_free_operation(c, &session, op)))
5756 goto out;
5757
5758 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5759 ta_crypt_cmd_free_transient_object(c, &session,
5760 sv_handle)))
5761 goto out;
5762
5763out:
5764 Do_ADBG_EndSubCase(c, "%s", case_str);
5765 TEEC_CloseSession(&session);
5766}
5767ADBG_CASE_DEFINE(regression, 4015, xtest_tee_test_4015,
5768 "Test TEE Internal API Derive key X25519");
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5769#endif /*CFG_SYSTEM_PTA*/