TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 3dec744ea65174c71d46c7f38b8154eaa25eddc8 / . / host / xtest / regression_4000.c
blob: 14763676660cfc5236b8d2ee6d702d44805e6e05 [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, STMicroelectronics International N.V.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14#include <stdio.h>
15#include <string.h>
16#include <inttypes.h>
17#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]18#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]19
20#include "xtest_test.h"
21#include "xtest_helpers.h"
22
23#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]24#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]25#include <ta_crypt.h>
26#include <utee_defines.h>
27#include <util.h>
28
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]29#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]30#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31
32#include <assert.h>
33
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]34static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
35 TEE_OperationHandle oph)
36{
37 TEEC_Result res;
38 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
39 uint32_t ret_orig;
40
41 assert((uintptr_t)oph <= UINT32_MAX);
42 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
43 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
44 TEEC_NONE);
45 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
46 &ret_orig);
47 if (res != TEEC_SUCCESS) {
48 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
49 ret_orig);
50 }
51 return res;
52}
53
54static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
55 TEEC_Session *s,
56 TEE_OperationHandle dst_oph,
57 TEE_OperationHandle src_oph)
58{
59 TEEC_Result res;
60 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
61 uint32_t ret_orig;
62
63 assert((uintptr_t)dst_oph <= UINT32_MAX);
64 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
65
66 assert((uintptr_t)src_oph <= UINT32_MAX);
67 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
68 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
69 TEEC_NONE);
70
71 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
72 &ret_orig);
73
74 if (res != TEEC_SUCCESS) {
75 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
76 ret_orig);
77 }
78 return res;
79}
80
81static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
82 TEE_OperationHandle oph,
83 const void *chunk,
84 size_t chunk_size)
85{
86 TEEC_Result res;
87 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
88 uint32_t ret_orig;
89
90 assert((uintptr_t)oph <= UINT32_MAX);
91 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
92 op.params[1].tmpref.buffer = (void *)chunk;
93 op.params[1].tmpref.size = chunk_size;
94
95 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
96 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
97 TEEC_NONE);
98
99 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
100
101 if (res != TEEC_SUCCESS) {
102 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
103 ret_orig);
104 }
105
106 return res;
107}
108
109static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
110 TEE_OperationHandle oph,
111 const void *chunk,
112 size_t chunk_len, void *hash,
113 size_t *hash_len)
114{
115 TEEC_Result res;
116 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
117 uint32_t ret_orig;
118
119 assert((uintptr_t)oph <= UINT32_MAX);
120 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
121
122 op.params[1].tmpref.buffer = (void *)chunk;
123 op.params[1].tmpref.size = chunk_len;
124
125 op.params[2].tmpref.buffer = (void *)hash;
126 op.params[2].tmpref.size = *hash_len;
127
128 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
129 TEEC_MEMREF_TEMP_INPUT,
130 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
131
132 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
133 &ret_orig);
134
135 if (res != TEEC_SUCCESS) {
136 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
137 ret_orig);
138 }
139
140 if (res == TEEC_SUCCESS)
141 *hash_len = op.params[2].tmpref.size;
142
143 return res;
144}
145
146static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
147 TEEC_Session *s,
148 TEE_OperationHandle oph,
149 TEE_ObjectHandle key1,
150 TEE_ObjectHandle key2)
151{
152 TEEC_Result res;
153 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
154 uint32_t ret_orig;
155
156 assert((uintptr_t)oph <= UINT32_MAX);
157 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
158
159 assert((uintptr_t)key1 <= UINT32_MAX);
160 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
161
162 assert((uintptr_t)key2 <= UINT32_MAX);
163 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
164 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
165 TEEC_NONE, TEEC_NONE);
166
167 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
168 &ret_orig);
169
170 if (res != TEEC_SUCCESS) {
171 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
172 ret_orig);
173 }
174
175 return res;
176}
177
178static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
179 TEE_OperationHandle oph,
180 const void *iv, size_t iv_len)
181{
182 TEEC_Result res;
183 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
184 uint32_t ret_orig;
185
186 assert((uintptr_t)oph <= UINT32_MAX);
187 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
188
189 if (iv != NULL) {
190 op.params[1].tmpref.buffer = (void *)iv;
191 op.params[1].tmpref.size = iv_len;
192 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
193 TEEC_MEMREF_TEMP_INPUT,
194 TEEC_NONE, TEEC_NONE);
195 } else {
196 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
197 TEEC_NONE, TEEC_NONE);
198 }
199
200 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
201
202 if (res != TEEC_SUCCESS) {
203 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
204 ret_orig);
205 }
206
207 return res;
208}
209
210static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
211 TEE_OperationHandle oph,
212 const void *chunk, size_t chunk_size)
213{
214 TEEC_Result res;
215 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
216 uint32_t ret_orig;
217
218 assert((uintptr_t)oph <= UINT32_MAX);
219 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
220
221 op.params[1].tmpref.buffer = (void *)chunk;
222 op.params[1].tmpref.size = chunk_size;
223
224 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
225 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
226 TEEC_NONE);
227
228 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
229
230 if (res != TEEC_SUCCESS) {
231 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
232 ret_orig);
233 }
234
235 return res;
236}
237
238static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
239 TEEC_Session *s,
240 TEE_OperationHandle oph,
241 const void *chunk,
242 size_t chunk_len,
243 void *hash,
244 size_t *hash_len)
245{
246 TEEC_Result res;
247 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
248 uint32_t ret_orig;
249
250 assert((uintptr_t)oph <= UINT32_MAX);
251 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
252
253 op.params[1].tmpref.buffer = (void *)chunk;
254 op.params[1].tmpref.size = chunk_len;
255
256 op.params[2].tmpref.buffer = (void *)hash;
257 op.params[2].tmpref.size = *hash_len;
258
259 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
260 TEEC_MEMREF_TEMP_INPUT,
261 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
262
263 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
264 &ret_orig);
265
266 if (res != TEEC_SUCCESS) {
267 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
268 ret_orig);
269 }
270
271 if (res == TEEC_SUCCESS)
272 *hash_len = op.params[2].tmpref.size;
273
274 return res;
275}
276
277static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
278 TEE_OperationHandle oph,
279 const void *iv, size_t iv_len)
280{
281 TEEC_Result res;
282 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
283 uint32_t ret_orig;
284
285 assert((uintptr_t)oph <= UINT32_MAX);
286 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
287
288 if (iv != NULL) {
289 op.params[1].tmpref.buffer = (void *)iv;
290 op.params[1].tmpref.size = iv_len;
291
292 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
293 TEEC_MEMREF_TEMP_INPUT,
294 TEEC_NONE, TEEC_NONE);
295 } else {
296 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
297 TEEC_NONE, TEEC_NONE);
298 }
299
300 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
301
302 if (res != TEEC_SUCCESS) {
303 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
304 ret_orig);
305 }
306
307 return res;
308}
309
310static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
311 TEE_OperationHandle oph,
312 const void *src, size_t src_len,
313 void *dst, size_t *dst_len)
314{
315 TEEC_Result res;
316 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
317 uint32_t ret_orig;
318
319 assert((uintptr_t)oph <= UINT32_MAX);
320 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
321
322 op.params[1].tmpref.buffer = (void *)src;
323 op.params[1].tmpref.size = src_len;
324
325 op.params[2].tmpref.buffer = dst;
326 op.params[2].tmpref.size = *dst_len;
327
328 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
329 TEEC_MEMREF_TEMP_INPUT,
330 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
331
332 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
333
334 if (res != TEEC_SUCCESS) {
335 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
336 ret_orig);
337 }
338
339 if (res == TEEC_SUCCESS)
340 *dst_len = op.params[2].tmpref.size;
341
342 return res;
343}
344
345static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
346 TEEC_Session *s,
347 TEE_OperationHandle oph,
348 const void *src,
349 size_t src_len,
350 void *dst,
351 size_t *dst_len)
352{
353 TEEC_Result res;
354 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
355 uint32_t ret_orig;
356
357 assert((uintptr_t)oph <= UINT32_MAX);
358 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
359
360 op.params[1].tmpref.buffer = (void *)src;
361 op.params[1].tmpref.size = src_len;
362
363 op.params[2].tmpref.buffer = (void *)dst;
364 op.params[2].tmpref.size = *dst_len;
365
366 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
367 TEEC_MEMREF_TEMP_INPUT,
368 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
369
370 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
371 &ret_orig);
372
373 if (res != TEEC_SUCCESS) {
374 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
375 ret_orig);
376 }
377
378 if (res == TEEC_SUCCESS)
379 *dst_len = op.params[2].tmpref.size;
380
381 return res;
382}
383
384static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
385 TEEC_Session *s,
386 void *buf,
387 size_t blen)
388{
389 TEEC_Result res;
390 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
391 uint32_t ret_orig;
392
393 op.params[0].tmpref.buffer = buf;
394 op.params[0].tmpref.size = blen;
395
396 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
397 TEEC_NONE, TEEC_NONE);
398
399 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENEREATE, &op,
400 &ret_orig);
401
402 if (res != TEEC_SUCCESS) {
403 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
404 ret_orig);
405 }
406
407 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
408 op.params[0].tmpref.size);
409 return res;
410}
411
412static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
413 TEE_OperationHandle oph,
414 const void *nonce, size_t nonce_len,
415 size_t tag_len, size_t aad_len,
416 size_t payload_len)
417{
418 TEEC_Result res;
419 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
420 uint32_t ret_orig;
421
422 assert((uintptr_t)oph <= UINT32_MAX);
423 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
424 op.params[0].value.b = tag_len;
425
426 op.params[1].tmpref.buffer = (void *)nonce;
427 op.params[1].tmpref.size = nonce_len;
428
429 op.params[2].value.a = aad_len;
430 op.params[2].value.b = payload_len;
431
432 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
433 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]434 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]435
436 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
437
438 if (res != TEEC_SUCCESS) {
439 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
440 ret_orig);
441 }
442 return res;
443}
444
445static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
446 TEE_OperationHandle oph,
447 const void *aad, size_t aad_len)
448{
449 TEEC_Result res;
450 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
451 uint32_t ret_orig;
452
453 assert((uintptr_t)oph <= UINT32_MAX);
454 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
455
456 op.params[1].tmpref.buffer = (void *)aad;
457 op.params[1].tmpref.size = aad_len;
458
459 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
460 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
461 TEEC_NONE);
462
463 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
464
465 if (res != TEEC_SUCCESS) {
466 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
467 ret_orig);
468 }
469
470 return res;
471}
472
473static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
474 TEEC_Session *s,
475 TEE_OperationHandle oph,
476 const void *src,
477 size_t src_len,
478 void *dst,
479 size_t *dst_len)
480{
481 TEEC_Result res;
482 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
483 uint32_t ret_orig;
484
485 assert((uintptr_t)oph <= UINT32_MAX);
486 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
487
488 op.params[1].tmpref.buffer = (void *)src;
489 op.params[1].tmpref.size = src_len;
490
491 op.params[2].tmpref.buffer = (void *)dst;
492 op.params[2].tmpref.size = *dst_len;
493
494 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
495 TEEC_MEMREF_TEMP_INPUT,
496 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
497
498 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
499
500 if (res != TEEC_SUCCESS) {
501 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
502 ret_orig);
503 }
504
505 if (res == TEEC_SUCCESS)
506 *dst_len = op.params[2].tmpref.size;
507
508 return res;
509}
510
511static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
512 TEEC_Session *s,
513 TEE_OperationHandle oph,
514 const void *src,
515 size_t src_len, void *dst,
516 size_t *dst_len, void *tag,
517 size_t *tag_len)
518{
519 TEEC_Result res;
520 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
521 uint32_t ret_orig;
522
523 assert((uintptr_t)oph <= UINT32_MAX);
524 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
525
526 op.params[1].tmpref.buffer = (void *)src;
527 op.params[1].tmpref.size = src_len;
528
529 op.params[2].tmpref.buffer = (void *)dst;
530 op.params[2].tmpref.size = *dst_len;
531
532 op.params[3].tmpref.buffer = (void *)tag;
533 op.params[3].tmpref.size = *tag_len;
534
535 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
536 TEEC_MEMREF_TEMP_INPUT,
537 TEEC_MEMREF_TEMP_OUTPUT,
538 TEEC_MEMREF_TEMP_OUTPUT);
539
540 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
541 &ret_orig);
542
543 if (res != TEEC_SUCCESS) {
544 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
545 ret_orig);
546 }
547
548 if (res == TEEC_SUCCESS) {
549 *dst_len = op.params[2].tmpref.size;
550 *tag_len = op.params[3].tmpref.size;
551 }
552
553 return res;
554}
555
556static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
557 TEEC_Session *s,
558 TEE_OperationHandle oph,
559 const void *src, size_t src_len,
560 void *dst, size_t *dst_len,
561 const void *tag, size_t tag_len)
562{
563 TEEC_Result res;
564 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
565 uint32_t ret_orig;
566
567 assert((uintptr_t)oph <= UINT32_MAX);
568 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
569
570 op.params[1].tmpref.buffer = (void *)src;
571 op.params[1].tmpref.size = src_len;
572
573 op.params[2].tmpref.buffer = dst;
574 op.params[2].tmpref.size = *dst_len;
575
576 op.params[3].tmpref.buffer = (void *)tag;
577 op.params[3].tmpref.size = tag_len;
578
579 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
580 TEEC_MEMREF_TEMP_INPUT,
581 TEEC_MEMREF_TEMP_OUTPUT,
582 TEEC_MEMREF_TEMP_INPUT);
583
584 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
585 &ret_orig);
586
587 if (res != TEEC_SUCCESS) {
588 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
589 ret_orig);
590 }
591
592 if (res == TEEC_SUCCESS)
593 *dst_len = op.params[2].tmpref.size;
594
595 return res;
596}
597
598static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
599 TEEC_Session *s,
600 TEE_OperationHandle oph,
601 uint32_t cmd,
602 const TEE_Attribute *params,
603 uint32_t paramCount,
604 const void *src,
605 size_t src_len,
606 void *dst,
607 size_t *dst_len)
608{
609 TEEC_Result res;
610 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
611 uint32_t ret_orig;
612 uint8_t *buf;
613 size_t blen;
614
615 res = pack_attrs(params, paramCount, &buf, &blen);
616 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
617 return res;
618
619 assert((uintptr_t)oph <= UINT32_MAX);
620 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
621
622 op.params[1].tmpref.buffer = buf;
623 op.params[1].tmpref.size = blen;
624
625 op.params[2].tmpref.buffer = (void *)src;
626 op.params[2].tmpref.size = src_len;
627
628 op.params[3].tmpref.buffer = dst;
629 op.params[3].tmpref.size = *dst_len;
630
631 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
632 TEEC_MEMREF_TEMP_INPUT,
633 TEEC_MEMREF_TEMP_INPUT,
634 TEEC_MEMREF_TEMP_OUTPUT);
635
636 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
637
638 if (res != TEEC_SUCCESS) {
639 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
640 ret_orig);
641 }
642
643 if (res == TEEC_SUCCESS)
644 *dst_len = op.params[3].tmpref.size;
645
646 free(buf);
647 return res;
648}
649
650static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
651 TEEC_Session *s,
652 TEE_OperationHandle oph,
653 const TEE_Attribute *params,
654 uint32_t paramCount,
655 const void *src,
656 size_t src_len,
657 void *dst,
658 size_t *dst_len)
659{
660 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
661 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
662 params, paramCount,
663 src, src_len, dst, dst_len);
664}
665
666static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
667 TEEC_Session *s,
668 TEE_OperationHandle oph,
669 const TEE_Attribute *params,
670 uint32_t paramCount,
671 const void *src,
672 size_t src_len,
673 void *dst,
674 size_t *dst_len)
675{
676 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
677 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
678 params, paramCount,
679 src, src_len, dst, dst_len);
680}
681
682static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
683 TEEC_Session *s,
684 TEE_OperationHandle oph,
685 const TEE_Attribute *params,
686 uint32_t paramCount,
687 const void *digest,
688 size_t digest_len,
689 void *signature,
690 size_t *signature_len)
691{
692 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
693 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
694 digest, digest_len, signature, signature_len);
695}
696
697static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
698 TEEC_Session *s,
699 TEE_OperationHandle oph,
700 const TEE_Attribute *params,
701 uint32_t paramCount,
702 const void *digest,
703 size_t digest_len,
704 const void *signature,
705 size_t signature_len)
706{
707 TEEC_Result res;
708 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
709 uint32_t ret_orig;
710 uint8_t *buf;
711 size_t blen;
712
713 res = pack_attrs(params, paramCount, &buf, &blen);
714 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
715 return res;
716
717 assert((uintptr_t)oph <= UINT32_MAX);
718 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
719
720 op.params[1].tmpref.buffer = buf;
721 op.params[1].tmpref.size = blen;
722
723 op.params[2].tmpref.buffer = (void *)digest;
724 op.params[2].tmpref.size = digest_len;
725
726 op.params[3].tmpref.buffer = (void *)signature;
727 op.params[3].tmpref.size = signature_len;
728
729 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
730 TEEC_MEMREF_TEMP_INPUT,
731 TEEC_MEMREF_TEMP_INPUT,
732 TEEC_MEMREF_TEMP_INPUT);
733
734 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
735 &op, &ret_orig);
736
737 if (res != TEEC_SUCCESS) {
738 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
739 ret_orig);
740 }
741
742 free(buf);
743 return res;
744}
745
746static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
747 TEEC_Session *s,
748 TEE_ObjectHandle o,
749 uint32_t attr_id,
750 uint32_t *valuea,
751 uint32_t *valueb)
752{
753 TEEC_Result res;
754 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
755 uint32_t ret_orig;
756
757 assert((uintptr_t)o <= UINT32_MAX);
758 op.params[0].value.a = (uint32_t)(uintptr_t)o;
759 op.params[0].value.b = attr_id;
760 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
761 TEEC_NONE, TEEC_NONE);
762
763 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
764 &op, &ret_orig);
765
766 if (res != TEEC_SUCCESS) {
767 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
768 ret_orig);
769 }
770
771 if (res == TEEC_SUCCESS) {
772 *valuea = op.params[1].value.a;
773 *valueb = op.params[1].value.b;
774 }
775
776 return res;
777}
778
779static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
780 TEEC_Session *s,
781 TEE_ObjectHandle o,
782 uint32_t key_size,
783 const TEE_Attribute *params,
784 uint32_t paramCount)
785{
786 TEEC_Result res;
787 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
788 uint32_t ret_orig;
789 uint8_t *buf;
790 size_t blen;
791
792 res = pack_attrs(params, paramCount, &buf, &blen);
793 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
794 return res;
795
796 assert((uintptr_t)o <= UINT32_MAX);
797 op.params[0].value.a = (uint32_t)(uintptr_t)o;
798 op.params[0].value.b = key_size;
799
800 op.params[1].tmpref.buffer = buf;
801 op.params[1].tmpref.size = blen;
802
803 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
804 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
805 TEEC_NONE);
806
807 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
808
809 if (res != TEEC_SUCCESS) {
810 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
811 ret_orig);
812 }
813
814 free(buf);
815 return res;
816}
817
818static const uint8_t hash_data_md5_in1[] = {
819 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
820};
821
822static const uint8_t hash_data_md5_out1[] = {
823 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
824 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
825};
826
827static const uint8_t hash_data_sha1_in1[] = {
828 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
829};
830
831static const uint8_t hash_data_sha1_out1[] = {
832 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
833 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
834 0xc1, 0x5e, 0x7c, 0x9c
835};
836
837static const uint8_t hash_data_sha224_in1[] = {
838 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
839};
840
841static const uint8_t hash_data_sha224_out1[] = {
842 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
843 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
844 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
845 0x92, 0x49, 0xd8, 0x44
846};
847
848static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
849
850static const uint8_t hash_data_sha256_out1[] = {
851 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
852 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
853 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
854 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
855};
856
857static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
858
859static const uint8_t hash_data_sha256_out2[] = {
860 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
861 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
862 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
863 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
864};
865
866
867static const uint8_t hash_data_sha384_in1[] = {
868 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
869};
870
871static const uint8_t hash_data_sha384_out1[] = {
872 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
873 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
874 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
875 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
876 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
877 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
878};
879
880static const uint8_t hash_data_sha512_in1[] = {
881 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
882};
883
884static const uint8_t hash_data_sha512_out1[] = {
885 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
886 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
887 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
888 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
889 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
890 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
891 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
892 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
893};
894
895struct xtest_hash_case {
896 uint32_t algo;
897 size_t in_incr;
898 const uint8_t *in;
899 size_t in_len;
900 const uint8_t *out;
901 size_t out_len;
902};
903
904#define XTEST_HASH_CASE(algo, in_incr, in, out) \
905 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
906
907static const struct xtest_hash_case hash_cases[] = {
908 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
909 hash_data_md5_out1),
910 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
911 hash_data_sha1_out1),
912 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
913 hash_data_sha224_out1),
914 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
915 hash_data_sha256_out1),
916 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
917 hash_data_sha256_out2),
918 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
919 hash_data_sha384_out1),
920 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
921 hash_data_sha512_out1),
922};
923
924static void xtest_tee_test_4001(ADBG_Case_t *c)
925{
926 TEEC_Session session = { 0 };
927 uint32_t ret_orig;
928 size_t n;
929
930 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
931 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
932 &ret_orig)))
933 return;
934
935
936 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
937 TEE_OperationHandle op1;
938 TEE_OperationHandle op2;
939 uint8_t out[64];
940 size_t out_size;
941
942 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
943 (int)n, (unsigned int)hash_cases[n].algo);
944
945 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
946 ta_crypt_cmd_allocate_operation(c, &session, &op1,
947 hash_cases[n].algo,
948 TEE_MODE_DIGEST, 0)))
949 goto out;
950
951 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
952 ta_crypt_cmd_allocate_operation(c, &session, &op2,
953 hash_cases[n].algo,
954 TEE_MODE_DIGEST, 0)))
955 goto out;
956
957 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
958 ta_crypt_cmd_digest_update(c, &session, op1,
959 hash_cases[n].in,
960 hash_cases[n].in_incr)))
961 goto out;
962
963 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
964 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
965 goto out;
966
967 out_size = sizeof(out);
968 memset(out, 0, sizeof(out));
969 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
970 ta_crypt_cmd_digest_do_final(c, &session, op2,
971 hash_cases[n].in + hash_cases[n].in_incr,
972 hash_cases[n].in_len - hash_cases[n].in_incr,
973 out, &out_size)))
974 goto out;
975
976 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
977 hash_cases[n].out_len, out, out_size);
978
979 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
980 ta_crypt_cmd_reset_operation(c, &session, op1)))
981 goto out;
982
983 out_size = sizeof(out);
984 memset(out, 0, sizeof(out));
985 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
986 ta_crypt_cmd_digest_do_final(c, &session, op1,
987 hash_cases[n].in,
988 hash_cases[n].in_len, out,
989 &out_size)))
990 goto out;
991
992 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
993 hash_cases[n].out_len, out, out_size);
994
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]995 /*
996 * Invoke TEE_DigestDoFinal() a second time to check that state
997 * was properly reset
998 */
999 out_size = sizeof(out);
1000 memset(out, 0, sizeof(out));
1001 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1002 ta_crypt_cmd_digest_do_final(c, &session, op1,
1003 hash_cases[n].in,
1004 hash_cases[n].in_len, out,
1005 &out_size)))
1006 goto out;
1007
1008 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1009 hash_cases[n].out_len, out, out_size);
1010
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1011 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1012 ta_crypt_cmd_free_operation(c, &session, op1)))
1013 goto out;
1014
1015 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1016 ta_crypt_cmd_free_operation(c, &session, op2)))
1017 goto out;
1018
1019 Do_ADBG_EndSubCase(c, NULL);
1020 }
1021
1022out:
1023 TEEC_CloseSession(&session);
1024}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1025ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1026 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1027
1028static const uint8_t mac_data_md5_key1[10] = {
1029 0x6B, 0x65, 0x79, /* key */
1030};
1031
1032static const uint8_t mac_data_md5_in1[] = {
1033 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1034 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1035 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1036 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1037 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1038 0x64, 0x6F, 0x67, /* dog */
1039};
1040
1041static const uint8_t mac_data_md5_out1[] = {
1042 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1043 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1044};
1045
1046
1047/* generated with scripts/digest_hmac.pl */
1048static const uint8_t mac_data_sha1_key1[10] = {
1049 0x6B, 0x65, 0x79, /* key */
1050};
1051
1052static const uint8_t mac_data_sha1_in1[] = {
1053 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1054 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1055 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1056 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1057 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1058 0x64, 0x6F, 0x67, /* dog */
1059};
1060
1061static const uint8_t mac_data_sha1_out1[] = {
1062 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1063 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1064 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1065};
1066
1067static const uint8_t mac_data_sha224_key1[24] = {
1068 0x6B, 0x65, 0x79, /* key */
1069};
1070
1071static const uint8_t mac_data_sha224_in1[] = {
1072 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1073 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1074 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1075 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1076 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1077 0x64, 0x6F, 0x67, /* dog */
1078};
1079
1080static const uint8_t mac_data_sha224_out1[] = {
1081 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1082 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1083 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1084 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1085};
1086
1087
1088static const uint8_t mac_data_sha256_key1[24] = {
1089 'Q', 'W', 'E', 'R', 'T', 'Y'
1090};
1091
1092static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1093
1094static const uint8_t mac_data_sha256_out1[] = {
1095 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1096 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1097 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1098 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1099};
1100
1101/* generated with scripts/digest_hmac.pl */
1102static const uint8_t mac_data_sha256_key2[24] = {
1103 0x6B, 0x65, 0x79, /* key */
1104};
1105
1106static const uint8_t mac_data_sha256_in2[] = {
1107 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1108 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1109 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1110 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1111 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1112 0x64, 0x6F, 0x67, /* dog */
1113};
1114
1115static const uint8_t mac_data_sha256_out2[] = {
1116 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1117 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1118 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1119 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1120};
1121
1122static const uint8_t mac_data_sha384_key1[32] = {
1123 0x6B, 0x65, 0x79, /* key */
1124};
1125
1126static const uint8_t mac_data_sha384_in1[] = {
1127 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1128 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1129 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1130 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1131 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1132 0x64, 0x6F, 0x67, /* dog */
1133};
1134
1135static const uint8_t mac_data_sha384_out1[] = {
1136 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1137 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1138 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1139 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1140 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1141 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1142};
1143
1144static const uint8_t mac_data_sha512_key1[32] = {
1145 0x6B, 0x65, 0x79, /* key */
1146};
1147
1148static const uint8_t mac_data_sha512_in1[] = {
1149 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1150 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1151 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1152 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1153 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1154 0x64, 0x6F, 0x67, /* dog */
1155};
1156
1157static const uint8_t mac_data_sha512_out1[] = {
1158 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1159 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1160 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1161 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1162 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1163 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1164 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1165 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1166};
1167
1168
1169/* AES-CBC-MAC */
1170static const uint8_t mac_cbc_vect1_key[] = {
1171 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1172 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1173};
1174
1175static const uint8_t mac_cbc_vect1_data[] = {
1176 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1177 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1178 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1179 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1180 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1181 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1182 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1183 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1184 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1185 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1186 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1187 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1188 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1189 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1190 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1191 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1192 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1193 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1194 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1195 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1196};
1197
1198static const uint8_t mac_cbc_vect1_out[] = {
1199 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1200 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1201};
1202
1203/* DES-CBC-MAC */
1204static const uint8_t mac_cbc_vect2_key[] = {
1205 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1206};
1207
1208#define mac_cbc_vect2_data mac_cbc_vect1_data
1209static const uint8_t mac_cbc_vect2_out[] = {
1210 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1211};
1212
1213/* DES3-CBC-MAC */
1214static const uint8_t mac_cbc_vect3_key[] = {
1215 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1216 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1217 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1218};
1219
1220#define mac_cbc_vect3_data mac_cbc_vect2_data
1221static const uint8_t mac_cbc_vect3_out[] = {
1222 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1223};
1224
1225/* AES-CBC-MAC PKCS#5 pad*/
1226static const uint8_t mac_cbc_vect4_key[] = {
1227 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1228 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1229 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1230 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1231};
1232
1233#define mac_cbc_vect4_data mac_cbc_vect1_data
1234static const uint8_t mac_cbc_vect4_out[] = {
1235 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1236 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1237};
1238
1239/* DES-CBC-MAC PKCS#5 pad*/
1240static const uint8_t mac_cbc_vect5_key[] = {
1241 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1242};
1243
1244#define mac_cbc_vect5_data mac_cbc_vect1_data
1245static const uint8_t mac_cbc_vect5_out[] = {
1246 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1247};
1248
1249/* DES3-CBC-MAC PKCS#5 pad*/
1250static const uint8_t mac_cbc_vect6_key[] = {
1251 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1252 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1253 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1254};
1255
1256#define mac_cbc_vect6_data mac_cbc_vect1_data
1257static const uint8_t mac_cbc_vect6_out[] = {
1258 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1259};
1260
1261/* AES-CBC-MAC PKCS#5 pad*/
1262#define mac_cbc_vect7_key mac_cbc_vect4_key
1263static const uint8_t mac_cbc_vect7_data[] = {
1264 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1265 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1266 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1267 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1268 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1269 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1270 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1271 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1272 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1273 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1274 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1275 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1276 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1277 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1278 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1279 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1280 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1281 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1282 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1283 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1284};
1285
1286static const uint8_t mac_cbc_vect7_out[] = {
1287 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1288 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1289};
1290
1291/* DES-CBC-MAC PKCS#5 pad*/
1292#define mac_cbc_vect8_key mac_cbc_vect5_key
1293#define mac_cbc_vect8_data mac_cbc_vect7_data
1294static const uint8_t mac_cbc_vect8_out[] = {
1295 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1296};
1297
1298/* DES3-CBC-MAC PKCS#5 pad*/
1299#define mac_cbc_vect9_key mac_cbc_vect6_key
1300#define mac_cbc_vect9_data mac_cbc_vect7_data
1301static const uint8_t mac_cbc_vect9_out[] = {
1302 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1303};
1304
1305/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1306 * DES3-CBC-MAC, with key size of 112bit
1307 * out obtained with:
1308 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1309 */
1310/* DES3-CBC-MAC PKCS#5 pad*/
1311static const uint8_t mac_cbc_vect10_key[] = {
1312 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1313 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1314};
1315#define mac_cbc_vect10_data mac_cbc_vect1_data
1316static const uint8_t mac_cbc_vect10_out[] = {
1317 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1318};
1319
1320
1321/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1322 * AES-CMAC
1323 * Test vectors from
1324 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1325 */
1326
1327/* AES-128 */
1328static const uint8_t mac_cmac_vect1_key[] = {
1329 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1330 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1331};
1332
1333static const uint8_t mac_cmac_vect1_out[] = {
1334 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1335 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1336};
1337
1338#define mac_cmac_vect2_key mac_cmac_vect1_key
1339static const uint8_t mac_cmac_vect2_data[] = {
1340 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1341 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1342};
1343
1344static const uint8_t mac_cmac_vect2_out[] = {
1345 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1346 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1347};
1348
1349#define mac_cmac_vect3_key mac_cmac_vect1_key
1350static const uint8_t mac_cmac_vect3_data[] = {
1351 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1352 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1353 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1354 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1355 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1356};
1357
1358static const uint8_t mac_cmac_vect3_out[] = {
1359 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1360 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1361};
1362
1363#define mac_cmac_vect4_key mac_cmac_vect1_key
1364static const uint8_t mac_cmac_vect4_data[] = {
1365 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1366 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1367 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1368 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1369 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1370 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1371 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1372 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1373};
1374
1375static const uint8_t mac_cmac_vect4_out[] = {
1376 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1377 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1378};
1379
1380/* AES-192 */
1381static const uint8_t mac_cmac_vect5_key[] = {
1382 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1383 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1384 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1385};
1386
1387static const uint8_t mac_cmac_vect5_out[] = {
1388 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1389 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1390};
1391
1392
1393#define mac_cmac_vect6_key mac_cmac_vect5_key
1394static const uint8_t mac_cmac_vect6_data[] = {
1395 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1396 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1397};
1398
1399static const uint8_t mac_cmac_vect6_out[] = {
1400 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1401 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1402};
1403
1404#define mac_cmac_vect7_key mac_cmac_vect5_key
1405static const uint8_t mac_cmac_vect7_data[] = {
1406 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1407 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1408 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1409 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1410 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1411};
1412
1413static const uint8_t mac_cmac_vect7_out[] = {
1414 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1415 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1416};
1417
1418#define mac_cmac_vect8_key mac_cmac_vect5_key
1419static const uint8_t mac_cmac_vect8_data[] = {
1420 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1421 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1422 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1423 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1424 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1425 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1426 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1427 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1428};
1429
1430static const uint8_t mac_cmac_vect8_out[] = {
1431 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1432 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1433};
1434
1435/* AES-256 */
1436static const uint8_t mac_cmac_vect9_key[] = {
1437 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1438 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1439 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1440 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1441};
1442
1443static const uint8_t mac_cmac_vect9_out[] = {
1444 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1445 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1446};
1447
1448#define mac_cmac_vect10_key mac_cmac_vect9_key
1449static const uint8_t mac_cmac_vect10_data[] = {
1450 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1451 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1452};
1453
1454static const uint8_t mac_cmac_vect10_out[] = {
1455 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1456 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1457};
1458
1459#define mac_cmac_vect11_key mac_cmac_vect9_key
1460static const uint8_t mac_cmac_vect11_data[] = {
1461 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1462 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1463 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1464 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1465 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1466};
1467
1468static const uint8_t mac_cmac_vect11_out[] = {
1469 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1470 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1471};
1472
1473#define mac_cmac_vect12_key mac_cmac_vect9_key
1474static const uint8_t mac_cmac_vect12_data[] = {
1475 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1476 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1477 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1478 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1479 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1480 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1481 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1482 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1483};
1484
1485static const uint8_t mac_cmac_vect12_out[] = {
1486 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1487 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1488};
1489
1490struct xtest_mac_case {
1491 uint32_t algo;
1492 uint32_t key_type;
1493 const uint8_t *key;
1494 size_t key_len;
1495 size_t in_incr;
1496 const uint8_t *in;
1497 size_t in_len;
1498 const uint8_t *out;
1499 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame^]1500 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1501};
1502
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame^]1503#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1504 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame^]1505 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1506
1507#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1508 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1509 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1510
1511#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1512 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1513 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1514
1515#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1516 XTEST_MAC_CASE((algo), (key_type), \
1517 mac_cbc_ ## vect ## _key, (in_incr), \
1518 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1519
1520#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1521 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1522 mac_cmac_ ## vect ## _key, (in_incr), \
1523 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1524
1525static const struct xtest_mac_case mac_cases[] = {
1526 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1527 mac_data_md5_key1,
1528 4, mac_data_md5_in1, mac_data_md5_out1),
1529 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1530 mac_data_sha1_key1,
1531 5, mac_data_sha1_in1, mac_data_sha1_out1),
1532 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1533 mac_data_sha224_key1,
1534 8, mac_data_sha224_in1, mac_data_sha224_out1),
1535 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1536 mac_data_sha256_key1,
1537 1, mac_data_sha256_in1, mac_data_sha256_out1),
1538 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1539 mac_data_sha256_key2,
1540 7, mac_data_sha256_in2, mac_data_sha256_out2),
1541 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1542 mac_data_sha384_key1,
1543 11, mac_data_sha384_in1, mac_data_sha384_out1),
1544 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1545 mac_data_sha512_key1,
1546 13, mac_data_sha512_in1, mac_data_sha512_out1),
1547
1548 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1549 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1550 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1551 17),
1552 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1553 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1554 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1555 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1556 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1557 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1558 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1559 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1560
1561 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1562 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1563 ARRAY_SIZE(mac_cmac_vect1_out) },
1564 XTEST_MAC_CMAC_CASE(vect2, 9),
1565 XTEST_MAC_CMAC_CASE(vect3, 9),
1566 XTEST_MAC_CMAC_CASE(vect4, 9),
1567 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1568 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1569 ARRAY_SIZE(mac_cmac_vect5_out) },
1570 XTEST_MAC_CMAC_CASE(vect6, 9),
1571 XTEST_MAC_CMAC_CASE(vect7, 9),
1572 XTEST_MAC_CMAC_CASE(vect8, 9),
1573 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1574 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1575 ARRAY_SIZE(mac_cmac_vect9_out) },
1576 XTEST_MAC_CMAC_CASE(vect10, 9),
1577 XTEST_MAC_CMAC_CASE(vect11, 9),
1578 XTEST_MAC_CMAC_CASE(vect12, 9),
1579};
1580
1581static void xtest_tee_test_4002(ADBG_Case_t *c)
1582{
1583 TEEC_Session session = { 0 };
1584 TEE_OperationHandle op1;
1585 TEE_OperationHandle op2;
1586 TEE_ObjectHandle key_handle;
1587 uint8_t out[64];
1588 size_t out_size;
1589 uint32_t ret_orig;
1590 size_t n;
1591
1592 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1593 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1594 &ret_orig)))
1595 return;
1596
1597 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
1598 TEE_Attribute key_attr;
1599 size_t key_size;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame^]1600 size_t offs;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1601
1602 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1603 (int)n, (unsigned int)mac_cases[n].algo);
1604
1605 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1606 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1607 key_attr.content.ref.length = mac_cases[n].key_len;
1608
1609 key_size = key_attr.content.ref.length * 8;
1610 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1611 mac_cases[n].key_type == TEE_TYPE_DES3)
1612 /* Exclude parity in bit size of key */
1613 key_size -= key_size / 8;
1614
1615 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1616 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1617 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1618 goto out;
1619
1620 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1621 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1622 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1623 goto out;
1624
1625 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1626 ta_crypt_cmd_allocate_transient_object(c, &session,
1627 mac_cases[n].key_type, key_size, &key_handle)))
1628 goto out;
1629
1630 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1631 ta_crypt_cmd_populate_transient_object(c, &session,
1632 key_handle, &key_attr, 1)))
1633 goto out;
1634
1635 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1636 ta_crypt_cmd_set_operation_key(c, &session, op1,
1637 key_handle)))
1638 goto out;
1639
1640 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1641 ta_crypt_cmd_free_transient_object(c, &session,
1642 key_handle)))
1643 goto out;
1644
1645 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1646 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1647 goto out;
1648
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame^]1649 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1650 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame^]1651 while (offs + mac_cases[n].in_incr <
1652 mac_cases[n].in_len) {
1653 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1654 ta_crypt_cmd_mac_update(c, &session,
1655 op1, mac_cases[n].in + offs,
1656 mac_cases[n].in_incr)))
1657 goto out;
1658 offs += mac_cases[n].in_incr;
1659 if (!mac_cases[n].multiple_incr)
1660 break;
1661 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1662 }
1663
1664 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1665 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1666 goto out;
1667
1668 out_size = sizeof(out);
1669 memset(out, 0, sizeof(out));
1670 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1671 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame^]1672 mac_cases[n].in + offs,
1673 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1674 out, &out_size)))
1675 goto out;
1676
1677 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1678 mac_cases[n].out_len, out, out_size);
1679
1680 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1681 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1682 goto out;
1683
1684 out_size = sizeof(out);
1685 memset(out, 0, sizeof(out));
1686 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1687 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1688 mac_cases[n].in, mac_cases[n].in_len, out,
1689 &out_size)))
1690 goto out;
1691
1692 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1693 mac_cases[n].out_len, out, out_size);
1694
1695 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1696 ta_crypt_cmd_free_operation(c, &session, op1)))
1697 goto out;
1698
1699 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1700 ta_crypt_cmd_free_operation(c, &session, op2)))
1701 goto out;
1702
1703 Do_ADBG_EndSubCase(c, NULL);
1704 }
1705out:
1706 TEEC_CloseSession(&session);
1707}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1708ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1709 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1710
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1711static const uint8_t ciph_data_aes_key1[] = {
1712 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1713 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1714};
1715
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1716static const uint8_t ciph_data_aes_key2[] = {
1717 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1718 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1719};
1720
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1721static const uint8_t ciph_data_des_key1[] = {
1722 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1723};
1724
1725static const uint8_t ciph_data_des_key2[] = {
1726 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1727};
1728
1729
1730static const uint8_t ciph_data_des3_key1[] = {
1731 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1732 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1733 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1734};
1735
1736static const uint8_t ciph_data_des3_key2[] = {
1737 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1738 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1739 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1740};
1741
1742static const uint8_t ciph_data_des2_key1[] = {
1743 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1744 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1745};
1746
1747static const uint8_t ciph_data_in1[] = {
1748 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1749 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1750 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1751 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1752 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1753 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1754};
1755
1756static const uint8_t ciph_data_in3[] = {
1757 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1758 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1759 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1760 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1761 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1762 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1763};
1764
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1765static const uint8_t ciph_data_in4[] = {
1766 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1767 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1768 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1769 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1770 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1771 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1772 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1773 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1774};
1775
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1776static const uint8_t ciph_data_in5[] = {
1777 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1778 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1779 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1780 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1781 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1782 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1783 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1784 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1785 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1786 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1787 0x01, 0x01, 0x01
1788};
1789
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1790static const uint8_t ciph_data_128_iv1[] = {
1791 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1792 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1793};
1794
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1795static const uint8_t ciph_data_128_iv2[] = {
1796 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1797 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1798};
1799
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1800static const uint8_t ciph_data_64_iv1[] = {
1801 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1802};
1803
1804static const uint8_t ciph_data_in2[] = {
1805 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1806};
1807
1808static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1809 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1810 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1811 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1812 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1813 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1814 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1815};
1816
1817static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1818 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1819 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1820 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1821 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1822 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1823 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1824};
1825
1826static const uint8_t ciph_data_aes_ctr_out1[] = {
1827 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1828 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1829 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1830 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1831 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1832 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1833};
1834
1835static const uint8_t ciph_data_aes_ctr_out2[] = {
1836 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1837 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1838 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1839 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1840 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1841 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1842};
1843
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1844static const uint8_t ciph_data_aes_ctr_out4[] = {
1845 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1846 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1847 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1848 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1849 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1850 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1851 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1852 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1853};
1854
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1855static const uint8_t ciph_data_aes_ctr_out5[] = {
1856 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1857 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1858 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1859 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1860 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1861 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1862 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1863 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1864 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1865 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1866 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1867};
1868
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1869static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1870 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1871 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1872};
1873
1874static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1875 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1876 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1877};
1878
1879static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1880 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1881 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1882 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1883 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1884 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1885 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1886 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1887 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1888 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1889 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1890 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1891 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1892 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1893 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1894 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1895 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1896 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1897 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1898 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1899 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1900};
1901
1902static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1903 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1904 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1905 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1906 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1907 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1908 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1909 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1910 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1911 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1912 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1913 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1914 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1915 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1916 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1917 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1918 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1919 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1920 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1921 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1922 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1923};
1924
1925/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1926 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1927static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1928 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1929 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1930};
1931
1932static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1933 0x00
1934};
1935
1936static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1937 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1938 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1939 0x20
1940};
1941
1942static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1943 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1944 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1945 0x97
1946};
1947
1948#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1949#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1950static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1951 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1952 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1953 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1954 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1955};
1956
1957static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1958 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1959 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1960 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1961 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1962};
1963
1964#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1965#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1966static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1967 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1968 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1969 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1970 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1971};
1972
1973static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1974 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1975 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1976 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1977 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1978};
1979
1980#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
1981#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
1982static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
1983 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1984 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1985 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1986 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1987 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
1988 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
1989};
1990
1991static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
1992 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1993 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
1994 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
1995 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
1996 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1997 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
1998};
1999
2000#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
2001#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
2002static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
2003 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2004 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2005 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2006 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2007 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2008 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2009};
2010
2011static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
2012 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2013 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2014 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2015 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2016 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2017 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2018};
2019
2020#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2021#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2022static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2023 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2024 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2025 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2026 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2027 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2028 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2029 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2030 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2031};
2032
2033static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2034 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2035 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2036 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2037 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2038 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2039 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2040 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2041 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2042};
2043
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2044/*
2045 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
2046 * 80 bytes of data, processed in two steps (32 + 48).
2047 */
2048
2049#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
2050
2051static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
2052 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
2053 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
2054};
2055
2056static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
2057 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
2058 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
2059 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
2060 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
2061 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
2062 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
2063 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
2064 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
2065 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
2066 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
2067};
2068
2069/*
2070 * Ciphertext was generated by an online tool for AES CBC.
2071 * Since the input size is a multiple of the block size, and the ciphertext
2072 * format is CS3, the output is the same as plain AES CBC with the last
2073 * two blocks swapped.
2074 */
2075static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
2076 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
2077 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
2078 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
2079 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
2080 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
2081 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
2082 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
2083 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
2084 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
2085 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
2086};
2087
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2088static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2089 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2090 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2091 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2092 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2093 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2094 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2095};
2096
2097static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2098 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2099};
2100
2101static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2102 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2103 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2104 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2105 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2106 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2107 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2108};
2109
2110static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2111 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2112 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2113 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2114 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2115 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2116 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2117};
2118
2119static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2120 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2121 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2122 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2123 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2124 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2125 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2126};
2127
2128static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2129 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2130 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2131 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2132 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2133 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2134 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2135};
2136
2137static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2138 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2139 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2140 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2141 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2142 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2143 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2144};
2145
2146struct xtest_ciph_case {
2147 uint32_t algo;
2148 uint32_t mode;
2149 uint32_t key_type;
2150 const uint8_t *key1;
2151 size_t key1_len;
2152 const uint8_t *key2;
2153 size_t key2_len;
2154 const uint8_t *iv;
2155 size_t iv_len;
2156 size_t in_incr;
2157 const uint8_t *in;
2158 size_t in_len;
2159 const uint8_t *out;
2160 size_t out_len;
2161 size_t line;
2162};
2163
2164#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2165 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2166 NULL, 0, NULL, 0, \
2167 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2168 __LINE__ }, \
2169 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2170 NULL, 0, NULL, 0, \
2171 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2172
2173#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2174 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2175 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2176 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2177 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2178 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2179 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2180
2181#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2182 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2183 ciph_data_aes_xts_ ## vect ## _key1, \
2184 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2185 ciph_data_aes_xts_ ## vect ## _key2, \
2186 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2187 ciph_data_aes_xts_ ## vect ## _iv, \
2188 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2189 (in_incr), \
2190 ciph_data_aes_xts_ ## vect ## _ptx, \
2191 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2192 ciph_data_aes_xts_ ## vect ## _ctx, \
2193 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2194 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2195 ciph_data_aes_xts_ ## vect ## _key1, \
2196 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2197 ciph_data_aes_xts_ ## vect ## _key2, \
2198 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2199 ciph_data_aes_xts_ ## vect ## _iv, \
2200 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2201 (in_incr), \
2202 ciph_data_aes_xts_ ## vect ## _ctx, \
2203 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2204 ciph_data_aes_xts_ ## vect ## _ptx, \
2205 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2206
2207#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2208 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2209 ciph_data_aes_cbc_ ## vect ## _key, \
2210 ciph_data_aes_cbc_ ## vect ## _iv, \
2211 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2212 ciph_data_aes_cbc_ ## vect ## _ctx)
2213
2214#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2215 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2216 ciph_data_aes_cts_ ## vect ## _key, \
2217 ciph_data_aes_cts_ ## vect ## _iv, \
2218 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2219 ciph_data_aes_cts_ ## vect ## _ctx)
2220
2221static const struct xtest_ciph_case ciph_cases[] = {
2222 /* AES */
2223 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2224 ciph_data_aes_key1, 11, ciph_data_in1,
2225 ciph_data_aes_ecb_nopad_out1),
2226 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2227 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2228 ciph_data_in1,
2229 ciph_data_aes_cbc_nopad_out1),
2230 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2231 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2232 ciph_data_in1,
2233 ciph_data_aes_ctr_out1),
2234 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2235 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2236 ciph_data_in3,
2237 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2238 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2239 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2240 ciph_data_in3,
2241 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2242 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2243 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2244 ciph_data_in4,
2245 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2246 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2247 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2248 ciph_data_in5,
2249 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2250
2251 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2252 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2253
2254 /* AES-CTS */
2255 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2256 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2257 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2258 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2259 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2260 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2261 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2262 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2263
2264 /* DES */
2265 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2266 ciph_data_des_key1, 14, ciph_data_in1,
2267 ciph_data_des_ecb_nopad_out1),
2268 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2269 ciph_data_des_key2, 3, ciph_data_in2,
2270 ciph_data_des_ecb_nopad_out2),
2271 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2272 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2273 ciph_data_des_cbc_nopad_out1),
2274
2275 /* DES3 */
2276 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2277 ciph_data_des3_key1, 11, ciph_data_in1,
2278 ciph_data_des3_ecb_nopad_out1),
2279 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2280 ciph_data_des3_key2, 3, ciph_data_in2,
2281 ciph_data_des_ecb_nopad_out2),
2282 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2283 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2284 ciph_data_in1,
2285 ciph_data_des3_cbc_nopad_out1),
2286
2287 /* DES2 */
2288 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2289 ciph_data_des2_key1, 11, ciph_data_in1,
2290 ciph_data_des2_ecb_nopad_out1),
2291 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2292 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2293 ciph_data_in1,
2294 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2295
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2296 /* AES-XTS */
2297 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2298 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2299 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2300 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2301 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2302 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2303 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2304 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2305 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2306 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2307 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2308 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2309 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2310 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2311 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2312 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2313 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2314 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2315 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
2316};
2317
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2318static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2319{
2320 TEEC_Session session = { 0 };
2321 TEE_OperationHandle op;
2322 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2323 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
2324 uint8_t out[2048];
2325 size_t out_size;
2326 size_t out_offs;
2327 uint32_t ret_orig;
2328 size_t n;
2329
2330 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2331 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2332 &ret_orig)))
2333 return;
2334
2335 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
2336 TEE_Attribute key_attr;
2337 size_t key_size;
2338 size_t op_key_size;
2339
2340
2341 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2342 (int)n, (unsigned int)ciph_cases[n].algo,
2343 (int)ciph_cases[n].line);
2344
2345 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2346 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2347 key_attr.content.ref.length = ciph_cases[n].key1_len;
2348
2349 key_size = key_attr.content.ref.length * 8;
2350 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2351 ciph_cases[n].key_type == TEE_TYPE_DES3)
2352 /* Exclude parity in bit size of key */
2353 key_size -= key_size / 8;
2354
2355 op_key_size = key_size;
2356 if (ciph_cases[n].key2 != NULL)
2357 op_key_size *= 2;
2358
2359 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2360 ta_crypt_cmd_allocate_operation(c, &session, &op,
2361 ciph_cases[n].algo, ciph_cases[n].mode,
2362 op_key_size)))
2363 goto out;
2364
2365 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2366 ta_crypt_cmd_allocate_transient_object(c, &session,
2367 ciph_cases[n].key_type, key_size,
2368 &key1_handle)))
2369 goto out;
2370
2371 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2372 ta_crypt_cmd_populate_transient_object(c, &session,
2373 key1_handle, &key_attr, 1)))
2374 goto out;
2375
2376 if (ciph_cases[n].key2 != NULL) {
2377 key_attr.content.ref.buffer =
2378 (void *)ciph_cases[n].key2;
2379 key_attr.content.ref.length = ciph_cases[n].key2_len;
2380
2381 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2382 ta_crypt_cmd_allocate_transient_object(c,
2383 &session, ciph_cases[n].key_type,
2384 key_attr.content.ref.length * 8,
2385 &key2_handle)))
2386 goto out;
2387
2388 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2389 ta_crypt_cmd_populate_transient_object(c,
2390 &session, key2_handle, &key_attr, 1)))
2391 goto out;
2392
2393 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2394 ta_crypt_cmd_set_operation_key2(c, &session, op,
2395 key1_handle, key2_handle)))
2396 goto out;
2397 } else {
2398 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2399 ta_crypt_cmd_set_operation_key(c, &session, op,
2400 key1_handle)))
2401 goto out;
2402 }
2403
2404 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2405 ta_crypt_cmd_free_transient_object(c, &session,
2406 key1_handle)))
2407 goto out;
2408 key1_handle = TEE_HANDLE_NULL;
2409
2410 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2411 ta_crypt_cmd_free_transient_object(c, &session,
2412 key2_handle)))
2413 goto out;
2414 key2_handle = TEE_HANDLE_NULL;
2415
2416 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2417 ta_crypt_cmd_cipher_init(c, &session, op,
2418 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2419 goto out;
2420
2421 out_offs = 0;
2422 out_size = sizeof(out);
2423 memset(out, 0, sizeof(out));
2424 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2425 ta_crypt_cmd_cipher_update(c, &session, op,
2426 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2427 &out_size)))
2428 goto out;
2429
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2430 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2431 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2432 ciph_cases[n].in_incr);
2433
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2434 out_offs += out_size;
2435 out_size = sizeof(out) - out_offs;
2436
2437 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2438 ta_crypt_cmd_cipher_do_final(c, &session, op,
2439 ciph_cases[n].in + ciph_cases[n].in_incr,
2440 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2441 out + out_offs,
2442 &out_size)))
2443 goto out;
2444
2445 out_offs += out_size;
2446
2447 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2448 ciph_cases[n].out_len, out, out_offs);
2449
2450 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2451 ta_crypt_cmd_free_operation(c, &session, op)))
2452 goto out;
2453
2454 Do_ADBG_EndSubCase(c, NULL);
2455 }
2456out:
2457 TEEC_CloseSession(&session);
2458}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2459ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2460 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2461
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2462static void xtest_tee_test_4004(ADBG_Case_t *c)
2463{
2464 TEEC_Session session = { 0 };
2465 uint32_t ret_orig;
2466 uint8_t buf1[45] = { 0 };
2467 uint8_t buf2[45] = { 0 };
2468 static const uint8_t zeros[45] = { 0 };
2469
2470 Do_ADBG_BeginSubCase(c, "TEE get random");
2471 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2472 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2473 &ret_orig)))
2474 return;
2475
2476 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2477 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2478 sizeof(buf1))))
2479 goto out;
2480
2481 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2482 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2483
2484 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2485 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2486 sizeof(buf2))))
2487 goto out;
2488
2489 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2490 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2491
2492 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2493 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2494out:
2495 TEEC_CloseSession(&session);
2496 Do_ADBG_EndSubCase(c, "TEE get random");
2497}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2498ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2499 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2500
2501struct xtest_ae_case {
2502 uint32_t algo;
2503 uint32_t mode;
2504 uint32_t key_type;
2505 const uint8_t *key;
2506 size_t key_len;
2507 const uint8_t *nonce;
2508 size_t nonce_len;
2509 size_t aad_incr;
2510 const uint8_t *aad;
2511 size_t aad_len;
2512 size_t in_incr;
2513 const uint8_t *ptx;
2514 size_t ptx_len;
2515 const uint8_t *ctx;
2516 size_t ctx_len;
2517 const uint8_t *tag;
2518 size_t tag_len;
2519 size_t line;
2520};
2521
2522
2523#define ARRAY(a) a, ARRAY_SIZE(a)
2524#define NULL_ARRAY(a) NULL, 0
2525
2526#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2527 aad_array, ptx_array, ctx_array) \
2528 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2529 ARRAY(vect ## _nonce), (aad_incr), \
2530 aad_array(vect ## _aad), (in_incr), \
2531 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2532 ARRAY(vect ## _tag), \
2533 __LINE__ }, \
2534 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2535 ARRAY(vect ## _nonce), (aad_incr), \
2536 aad_array(vect ## _aad), (in_incr), \
2537 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2538 ARRAY(vect ## _tag), \
2539 __LINE__ }
2540
2541#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2542 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2543 in_incr, ARRAY, ARRAY, ARRAY)
2544
2545#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2546 aad_array, ptx_array, ctx_array) \
2547 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2548 in_incr, aad_array, ptx_array, ctx_array)
2549
2550
2551
2552static const struct xtest_ae_case ae_cases[] = {
2553 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2554 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2555 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2556
2557 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2558 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2559 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2560 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2561 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2562 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2563 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2564 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2565 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2566 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2567 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2568 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2569 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2570 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2571 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2572 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2573 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2574 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2575 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2576#ifdef CFG_GCM_NIST_VECTORS
2577#include "gcmDecrypt128.h"
2578#include "gcmDecrypt192.h"
2579#include "gcmDecrypt256.h"
2580#include "gcmEncryptExtIV128.h"
2581#include "gcmEncryptExtIV192.h"
2582#include "gcmEncryptExtIV256.h"
2583#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2584};
2585
2586static void xtest_tee_test_4005(ADBG_Case_t *c)
2587{
2588 TEEC_Session session = { 0 };
2589 TEE_OperationHandle op;
2590 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
2591 TEE_Attribute key_attr;
2592 uint8_t out[512];
2593 size_t out_size;
2594 size_t out_offs;
2595 uint32_t ret_orig;
2596 size_t n;
2597
2598 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2599 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2600 &ret_orig)))
2601 return;
2602
2603 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2604 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2605 (int)n, (unsigned int)ae_cases[n].algo,
2606 (int)ae_cases[n].line);
2607
2608 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2609 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2610 key_attr.content.ref.length = ae_cases[n].key_len;
2611
2612 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2613 ta_crypt_cmd_allocate_operation(c, &session, &op,
2614 ae_cases[n].algo, ae_cases[n].mode,
2615 key_attr.content.ref.length * 8)))
2616 goto out;
2617
2618 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2619 ta_crypt_cmd_allocate_transient_object(c, &session,
2620 ae_cases[n].key_type,
2621 key_attr.content.ref.length * 8,
2622 &key_handle)))
2623 goto out;
2624
2625 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2626 ta_crypt_cmd_populate_transient_object(c, &session,
2627 key_handle, &key_attr, 1)))
2628 goto out;
2629
2630 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2631 ta_crypt_cmd_set_operation_key(c, &session, op,
2632 key_handle)))
2633 goto out;
2634
2635 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2636 ta_crypt_cmd_free_transient_object(c, &session,
2637 key_handle)))
2638 goto out;
2639 key_handle = TEE_HANDLE_NULL;
2640
2641 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2642 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2643 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2644 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2645 goto out;
2646
2647 if (ae_cases[n].aad != NULL) {
2648 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2649 ta_crypt_cmd_ae_update_aad(c, &session, op,
2650 ae_cases[n].aad, ae_cases[n].aad_incr)))
2651 goto out;
2652
2653 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2654 ta_crypt_cmd_ae_update_aad(c, &session, op,
2655 ae_cases[n].aad + ae_cases[n].aad_incr,
2656 ae_cases [n].aad_len -
2657 ae_cases[n].aad_incr)))
2658 goto out;
2659 }
2660
2661 out_offs = 0;
2662 out_size = sizeof(out);
2663 memset(out, 0, sizeof(out));
2664 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2665 if (ae_cases[n].ptx != NULL) {
2666 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2667 ta_crypt_cmd_ae_update(c, &session, op,
2668 ae_cases[n].ptx,
2669 ae_cases[n].in_incr, out,
2670 &out_size)))
2671 goto out;
2672 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2673 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2674 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2675 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2676 }
2677 } else {
2678 if (ae_cases[n].ctx != NULL) {
2679 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2680 ta_crypt_cmd_ae_update(c, &session, op,
2681 ae_cases[n].ctx,
2682 ae_cases[n].in_incr, out,
2683 &out_size)))
2684 goto out;
2685 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2686 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2687 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2688 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2689 }
2690 }
2691
2692 out_size = sizeof(out) - out_offs;
2693 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2694 uint8_t out_tag[64];
2695 size_t out_tag_len = MIN(sizeof(out_tag),
2696 ae_cases[n].tag_len);
2697
2698 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2699 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2700 ae_cases[n].ptx + ae_cases[n].in_incr,
2701 ae_cases[n].ptx_len -
2702 ae_cases[n].in_incr,
2703 out + out_offs,
2704 &out_size, out_tag, &out_tag_len)))
2705 goto out;
2706
2707 (void)ADBG_EXPECT_BUFFER(c,
2708 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2709 out_tag_len);
2710
2711 out_offs += out_size;
2712
2713 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2714 ae_cases[n].ctx_len, out, out_offs);
2715 } else {
2716 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2717 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2718 ae_cases[n].ctx + ae_cases[n].in_incr,
2719 ae_cases[n].ctx_len -
2720 ae_cases[n].in_incr,
2721 out + out_offs,
2722 &out_size, ae_cases[n].tag,
2723 ae_cases[n].tag_len)))
2724 goto out;
2725
2726 out_offs += out_size;
2727
2728 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2729 ae_cases[n].ptx_len, out, out_offs);
2730 }
2731
2732 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2733 ta_crypt_cmd_free_operation(c, &session, op)))
2734 goto out;
2735
2736 Do_ADBG_EndSubCase(c, NULL);
2737 }
2738out:
2739 TEEC_CloseSession(&session);
2740}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2741ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
2742 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2743
2744struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2745 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2746 uint32_t algo;
2747 TEE_OperationMode mode;
2748
2749 union {
2750 struct {
2751 const uint8_t *modulus;
2752 size_t modulus_len;
2753
2754 const uint8_t *pub_exp;
2755 size_t pub_exp_len;
2756
2757 const uint8_t *priv_exp;
2758 size_t priv_exp_len;
2759
2760 const uint8_t *prime1; /* q */
2761 size_t prime1_len;
2762 const uint8_t *prime2; /* p */
2763 size_t prime2_len;
2764 const uint8_t *exp1; /* dp */
2765 size_t exp1_len;
2766 const uint8_t *exp2; /* dq */
2767 size_t exp2_len;
2768 const uint8_t *coeff; /* iq */
2769 size_t coeff_len;
2770
2771 int salt_len;
2772 } rsa;
2773 struct {
2774 const uint8_t *prime;
2775 size_t prime_len;
2776 const uint8_t *sub_prime;
2777 size_t sub_prime_len;
2778 const uint8_t *base;
2779 size_t base_len;
2780 const uint8_t *pub_val;
2781 size_t pub_val_len;
2782 const uint8_t *priv_val;
2783 size_t priv_val_len;
2784 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2785 struct {
2786 const uint8_t *private;
2787 size_t private_len;
2788 const uint8_t *public_x;
2789 size_t public_x_len;
2790 const uint8_t *public_y;
2791 size_t public_y_len;
2792 } ecdsa;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2793 } params;
2794
2795 const uint8_t *ptx;
2796 size_t ptx_len;
2797 const uint8_t *ctx;
2798 size_t ctx_len;
2799 size_t line;
2800};
2801
2802#define WITHOUT_SALT(x) -1
2803#define WITH_SALT(x) x
2804
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2805#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2806 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2807 ARRAY(vect ## _ptx), \
2808 ARRAY(vect ## _out), \
2809 __LINE__ }
2810
2811#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2812 { .rsa = { \
2813 ARRAY(vect ## _modulus), \
2814 ARRAY(vect ## _pub_exp), \
2815 ARRAY(vect ## _priv_exp), \
2816 opt_crt_array(vect ## _prime1), \
2817 opt_crt_array(vect ## _prime2), \
2818 opt_crt_array(vect ## _exp1), \
2819 opt_crt_array(vect ## _exp2), \
2820 opt_crt_array(vect ## _coeff), \
2821 opt_salt(vect ## _salt_len) \
2822 } }
2823
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2824#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2825 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2826 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2827
2828#define XTEST_AC_DSA_UNION(vect) \
2829 { .dsa = { \
2830 ARRAY(vect ## _prime), \
2831 ARRAY(vect ## _sub_prime), \
2832 ARRAY(vect ## _base), \
2833 ARRAY(vect ## _pub_val), \
2834 ARRAY(vect ## _priv_val), \
2835 } }
2836
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2837#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2838 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2839
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2840#define XTEST_AC_ECDSA_UNION(vect) \
2841 { .ecdsa = { \
2842 ARRAY(vect ## _private), \
2843 ARRAY(vect ## _public_x), \
2844 ARRAY(vect ## _public_y), \
2845 } }
2846
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2847#define XTEST_AC_ECDSA_CASE(level, algo, mode, vect) \
2848 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2849
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2850static const struct xtest_ac_case xtest_ac_cases[] = {
2851 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2852 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2853 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2854 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2855 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2856 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2857 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2858 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2859 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2860 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2861 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2862 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2863 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2864 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2865 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2866 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2867 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2868 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2869 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2870 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2871 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2872 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2873 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2874 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2875 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2876 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2877 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2878 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2879 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2880 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2881 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2882 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2883 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2884 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2885 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2886 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2887 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2888 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2889 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2890 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2891 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2892
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2893 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2894 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2895 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2896 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2897
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]2898#ifdef CFG_CRYPTO_RSASSA_NA1
2899 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
2900 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2901 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
2902 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
2903#endif
2904
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2905 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2906 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2907 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2908 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2909
2910 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2911 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2912 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2913 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2914
2915 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2916 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2917 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2918 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
2919
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2920 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2921 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2922 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2923 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2924 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2925
2926 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2927 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2928 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2929 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2930 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2931 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2932
2933 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2934 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2935 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2936 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2937 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2938 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2939
2940 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2941 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2942 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2943 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2944 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2945 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2946
2947 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2948 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2949 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2950 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2951 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2952 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
2953
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2954 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2955 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2956 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2957 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2958 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2959 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2960 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2961 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2962 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2963 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2964 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2965 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
2966
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2967 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2968 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2969 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2970 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2971 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2972 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2973 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2974 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2975 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2976 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2977 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2978 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2979 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2980 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2981 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2982 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2983 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2984 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
2985
2986 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2987 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2988 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2989 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2990 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2991 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2992 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2993 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2994 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2995 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2996 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2997 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2998 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2999 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3000 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3001 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3002 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3003 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3004 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3005 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3006 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3007 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3008 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3009 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3010 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3011 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3012 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3013 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3014 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3015 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3016 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3017 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3018 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3019 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3020 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3021 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3022 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3023 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3024 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3025 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3026 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3027 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3028 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3029 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3030 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3031
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3032 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3033 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3034 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3035 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3036 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3037 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3038 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3039 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3040 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3041 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3042 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3043 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3044 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3045 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3046 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3047 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3048 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3049 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3050 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3051 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3052 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3053 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3054 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3055 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3056 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3057 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3058 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3059 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3060 ac_rsassa_vect15, ARRAY, WITH_SALT),
3061
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3062 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3063 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3064 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3065 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3066 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3067 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3068 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3069 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3070 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3071 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3072 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3073 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3074
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3075 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3076 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3077 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3078 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3079 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3080 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3081 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3082 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3083 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3084 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3085 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3086 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3087 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3088 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3089 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3090 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3091 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3092 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3093
3094 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3095 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3096 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3097 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3098 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3099 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3100 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3101 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3102 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3103 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3104 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3105 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3106 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3107 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3108 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3109 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3110 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3111 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3112 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3113 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3114 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3115 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3116 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3117 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3118 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3119 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3120 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3121 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3122 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3123 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3124 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3125 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3126 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3127 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3128 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3129 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3130 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3131 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3132 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3133 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3134 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3135 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3136 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3137 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3138 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3139 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3140 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3141 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3142 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3143 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3144 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3145 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3146 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3147 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3148 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3149 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3150 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3151 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3152 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3153 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3154 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3155 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3156 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3157 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3158 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3159 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3160 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3161 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3162 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3163 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3164 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3165 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3166 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3167 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3168 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3169 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3170 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3171 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3172 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3173 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3174 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3175 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3176 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3177 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3178 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3179 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3180 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3181 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3182 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3183 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3184 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3185 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3186 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3187 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3188 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3189 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3190 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3191 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3192 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3193 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3194 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3195 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3196 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3197 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3198 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3199 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3200 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3201 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3202 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3203 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3204 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3205 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3206 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3207 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3208 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3209 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3210 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3211 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3212 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3213 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3214 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3215 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3216 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3217 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3218 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3219 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3220 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3221 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3222 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3223 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3224 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3225 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3226 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3227 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3228 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3229 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3230 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3231 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3232 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3233 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3234 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3235 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3236 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3237 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3238 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3239 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3240 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3241 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3242 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3243 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3244 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3245 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3246 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3247 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3248 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3249 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3250 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3251 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3252 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3253 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3254 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3255 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3256 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3257 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3258 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3259 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3260 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3261 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3262 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3263 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3264 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3265 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3266 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3267 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3268 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3269 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3270 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3271 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3272 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3273 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3274 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3275 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3276 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3277 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3278 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3279 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3280 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3281 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3282 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3283 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3284 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3285 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3286 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3287 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3288 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3289 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3290 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3291 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3292 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3293 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3294 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3295
3296 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3297 /* [P-192] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3298 XTEST_AC_ECDSA_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3299 nist_186_2_ecdsa_testvector_1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3300 XTEST_AC_ECDSA_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3301 nist_186_2_ecdsa_testvector_1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3302 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3303 nist_186_2_ecdsa_testvector_2),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3304 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3305 nist_186_2_ecdsa_testvector_2),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3306 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3307 nist_186_2_ecdsa_testvector_3),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3308 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3309 nist_186_2_ecdsa_testvector_3),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3310 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3311 nist_186_2_ecdsa_testvector_4),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3312 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3313 nist_186_2_ecdsa_testvector_4),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3314 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3315 nist_186_2_ecdsa_testvector_5),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3316 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3317 nist_186_2_ecdsa_testvector_5),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3318 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3319 nist_186_2_ecdsa_testvector_6),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3320 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3321 nist_186_2_ecdsa_testvector_6),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3322 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3323 nist_186_2_ecdsa_testvector_7),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3324 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3325 nist_186_2_ecdsa_testvector_7),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3326 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3327 nist_186_2_ecdsa_testvector_8),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3328 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3329 nist_186_2_ecdsa_testvector_8),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3330 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3331 nist_186_2_ecdsa_testvector_9),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3332 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3333 nist_186_2_ecdsa_testvector_9),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3334 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3335 nist_186_2_ecdsa_testvector_10),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3336 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3337 nist_186_2_ecdsa_testvector_10),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3338 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3339 nist_186_2_ecdsa_testvector_11),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3340 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3341 nist_186_2_ecdsa_testvector_11),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3342 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3343 nist_186_2_ecdsa_testvector_12),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3344 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3345 nist_186_2_ecdsa_testvector_12),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3346 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3347 nist_186_2_ecdsa_testvector_13),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3348 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3349 nist_186_2_ecdsa_testvector_13),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3350 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3351 nist_186_2_ecdsa_testvector_14),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3352 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3353 nist_186_2_ecdsa_testvector_14),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3354 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3355 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3356 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3357 nist_186_2_ecdsa_testvector_15),
3358 /* [P-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3359 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3360 nist_186_2_ecdsa_testvector_16),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3361 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3362 nist_186_2_ecdsa_testvector_16),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3363 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3364 nist_186_2_ecdsa_testvector_17),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3365 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3366 nist_186_2_ecdsa_testvector_17),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3367 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3368 nist_186_2_ecdsa_testvector_18),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3369 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3370 nist_186_2_ecdsa_testvector_18),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3371 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3372 nist_186_2_ecdsa_testvector_19),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3373 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3374 nist_186_2_ecdsa_testvector_19),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3375 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3376 nist_186_2_ecdsa_testvector_20),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3377 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3378 nist_186_2_ecdsa_testvector_20),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3379 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3380 nist_186_2_ecdsa_testvector_21),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3381 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3382 nist_186_2_ecdsa_testvector_21),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3383 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3384 nist_186_2_ecdsa_testvector_22),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3385 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3386 nist_186_2_ecdsa_testvector_22),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3387 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3388 nist_186_2_ecdsa_testvector_23),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3389 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3390 nist_186_2_ecdsa_testvector_23),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3391 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3392 nist_186_2_ecdsa_testvector_24),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3393 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3394 nist_186_2_ecdsa_testvector_24),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3395 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3396 nist_186_2_ecdsa_testvector_25),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3397 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3398 nist_186_2_ecdsa_testvector_25),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3399 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3400 nist_186_2_ecdsa_testvector_26),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3401 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3402 nist_186_2_ecdsa_testvector_26),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3403 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3404 nist_186_2_ecdsa_testvector_27),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3405 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3406 nist_186_2_ecdsa_testvector_27),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3407 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3408 nist_186_2_ecdsa_testvector_28),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3409 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3410 nist_186_2_ecdsa_testvector_28),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3411 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3412 nist_186_2_ecdsa_testvector_29),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3413 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3414 nist_186_2_ecdsa_testvector_29),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3415 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3416 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3417 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3418 nist_186_2_ecdsa_testvector_30),
3419 /* [P-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3420 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3421 nist_186_2_ecdsa_testvector_31),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3422 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3423 nist_186_2_ecdsa_testvector_31),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3424 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3425 nist_186_2_ecdsa_testvector_32),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3426 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3427 nist_186_2_ecdsa_testvector_32),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3428 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3429 nist_186_2_ecdsa_testvector_33),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3430 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3431 nist_186_2_ecdsa_testvector_33),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3432 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3433 nist_186_2_ecdsa_testvector_34),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3434 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3435 nist_186_2_ecdsa_testvector_34),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3436 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3437 nist_186_2_ecdsa_testvector_35),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3438 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3439 nist_186_2_ecdsa_testvector_35),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3440 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3441 nist_186_2_ecdsa_testvector_36),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3442 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3443 nist_186_2_ecdsa_testvector_36),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3444 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3445 nist_186_2_ecdsa_testvector_37),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3446 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3447 nist_186_2_ecdsa_testvector_37),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3448 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3449 nist_186_2_ecdsa_testvector_38),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3450 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3451 nist_186_2_ecdsa_testvector_38),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3452 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3453 nist_186_2_ecdsa_testvector_39),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3454 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3455 nist_186_2_ecdsa_testvector_39),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3456 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3457 nist_186_2_ecdsa_testvector_40),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3458 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3459 nist_186_2_ecdsa_testvector_40),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3460 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3461 nist_186_2_ecdsa_testvector_41),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3462 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3463 nist_186_2_ecdsa_testvector_41),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3464 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3465 nist_186_2_ecdsa_testvector_42),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3466 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3467 nist_186_2_ecdsa_testvector_42),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3468 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3469 nist_186_2_ecdsa_testvector_43),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3470 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3471 nist_186_2_ecdsa_testvector_43),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3472 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3473 nist_186_2_ecdsa_testvector_44),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3474 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3475 nist_186_2_ecdsa_testvector_44),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3476 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3477 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3478 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3479 nist_186_2_ecdsa_testvector_45),
3480 /* [P-384] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3481 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3482 nist_186_2_ecdsa_testvector_46),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3483 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3484 nist_186_2_ecdsa_testvector_46),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3485 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3486 nist_186_2_ecdsa_testvector_47),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3487 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3488 nist_186_2_ecdsa_testvector_47),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3489 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3490 nist_186_2_ecdsa_testvector_48),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3491 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3492 nist_186_2_ecdsa_testvector_48),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3493 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3494 nist_186_2_ecdsa_testvector_49),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3495 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3496 nist_186_2_ecdsa_testvector_49),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3497 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3498 nist_186_2_ecdsa_testvector_50),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3499 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3500 nist_186_2_ecdsa_testvector_50),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3501 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3502 nist_186_2_ecdsa_testvector_51),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3503 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3504 nist_186_2_ecdsa_testvector_51),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3505 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3506 nist_186_2_ecdsa_testvector_52),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3507 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3508 nist_186_2_ecdsa_testvector_52),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3509 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3510 nist_186_2_ecdsa_testvector_53),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3511 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3512 nist_186_2_ecdsa_testvector_53),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3513 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3514 nist_186_2_ecdsa_testvector_54),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3515 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3516 nist_186_2_ecdsa_testvector_54),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3517 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3518 nist_186_2_ecdsa_testvector_55),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3519 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3520 nist_186_2_ecdsa_testvector_55),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3521 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3522 nist_186_2_ecdsa_testvector_56),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3523 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3524 nist_186_2_ecdsa_testvector_56),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3525 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3526 nist_186_2_ecdsa_testvector_57),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3527 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3528 nist_186_2_ecdsa_testvector_57),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3529 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3530 nist_186_2_ecdsa_testvector_58),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3531 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3532 nist_186_2_ecdsa_testvector_58),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3533 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3534 nist_186_2_ecdsa_testvector_59),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3535 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3536 nist_186_2_ecdsa_testvector_59),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3537 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3538 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3539 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3540 nist_186_2_ecdsa_testvector_60),
3541 /* [P-521] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3542 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3543 nist_186_2_ecdsa_testvector_61),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3544 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3545 nist_186_2_ecdsa_testvector_61),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3546 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3547 nist_186_2_ecdsa_testvector_62),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3548 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3549 nist_186_2_ecdsa_testvector_62),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3550 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3551 nist_186_2_ecdsa_testvector_63),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3552 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3553 nist_186_2_ecdsa_testvector_63),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3554 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3555 nist_186_2_ecdsa_testvector_64),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3556 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3557 nist_186_2_ecdsa_testvector_64),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3558 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3559 nist_186_2_ecdsa_testvector_65),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3560 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3561 nist_186_2_ecdsa_testvector_65),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3562 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3563 nist_186_2_ecdsa_testvector_66),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3564 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3565 nist_186_2_ecdsa_testvector_66),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3566 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3567 nist_186_2_ecdsa_testvector_67),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3568 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3569 nist_186_2_ecdsa_testvector_67),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3570 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3571 nist_186_2_ecdsa_testvector_68),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3572 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3573 nist_186_2_ecdsa_testvector_68),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3574 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3575 nist_186_2_ecdsa_testvector_69),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3576 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3577 nist_186_2_ecdsa_testvector_69),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3578 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3579 nist_186_2_ecdsa_testvector_70),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3580 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3581 nist_186_2_ecdsa_testvector_70),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3582 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3583 nist_186_2_ecdsa_testvector_71),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3584 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3585 nist_186_2_ecdsa_testvector_71),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3586 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3587 nist_186_2_ecdsa_testvector_72),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3588 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3589 nist_186_2_ecdsa_testvector_72),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3590 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3591 nist_186_2_ecdsa_testvector_73),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3592 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3593 nist_186_2_ecdsa_testvector_73),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3594 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3595 nist_186_2_ecdsa_testvector_74),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3596 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3597 nist_186_2_ecdsa_testvector_74),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3598 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3599 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3600 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3601 nist_186_2_ecdsa_testvector_75),
3602 /* [K-163] - GP NOT SUPPORTED */
3603 /* [K-233] - GP NOT SUPPORTED */
3604 /* [K-283] - GP NOT SUPPORTED */
3605 /* [K-409] - GP NOT SUPPORTED */
3606 /* [K-571] - GP NOT SUPPORTED */
3607 /* [B-163] - GP NOT SUPPORTED */
3608 /* [B-233] - GP NOT SUPPORTED */
3609 /* [B-283] - GP NOT SUPPORTED */
3610 /* [B-409] - GP NOT SUPPORTED */
3611 /* [B-571] - GP NOT SUPPORTED */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3612};
3613
3614static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3615 uint32_t max_key_size, uint32_t key_type,
3616 TEE_Attribute *attrs, size_t num_attrs,
3617 TEE_ObjectHandle *handle)
3618{
3619 size_t n;
3620
3621 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3622 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3623 max_key_size, handle)))
3624 return false;
3625
3626 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3627 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3628 num_attrs)))
3629 return false;
3630
3631 for (n = 0; n < num_attrs; n++) {
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]3632 uint8_t out[512];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3633 size_t out_size;
3634
3635 out_size = sizeof(out);
3636 memset(out, 0, sizeof(out));
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3637
3638 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3639 continue;
3640
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3641 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3642 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3643 attrs[n].attributeID, out, &out_size)))
3644 return false;
3645
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3646 if (out_size < attrs[n].content.ref.length) {
3647 memmove(out + (attrs[n].content.ref.length - out_size),
3648 out,
3649 attrs[n].content.ref.length);
3650 memset(out, 0, attrs[n].content.ref.length - out_size);
3651 out_size = attrs[n].content.ref.length;
3652 }
3653
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3654 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3655 attrs[n].content.ref.length, out, out_size))
3656 return false;
3657 }
3658
3659 return true;
3660}
3661
3662static void xtest_tee_test_4006(ADBG_Case_t *c)
3663{
3664 TEEC_Session session = { 0 };
3665 TEE_OperationHandle op = TEE_HANDLE_NULL;
3666 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3667 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
3668 TEE_Attribute key_attrs[8];
3669 TEE_Attribute algo_params[1];
3670 size_t num_algo_params;
3671 uint8_t out[512];
3672 size_t out_size;
3673 uint8_t out_enc[512];
3674 size_t out_enc_size;
3675 uint8_t ptx_hash[TEE_MAX_HASH_SIZE];
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3676 size_t ptx_hash_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3677 size_t max_key_size;
3678 size_t num_key_attrs;
3679 uint32_t ret_orig;
3680 size_t n;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3681 uint32_t curve;
3682 uint32_t hash_algo;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3683
3684 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3685 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3686 &ret_orig)))
3687 return;
3688
3689 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3690 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3691
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3692 if (tv->level > level)
3693 continue;
3694
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3695 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3696 (int)n, (unsigned int)tv->algo,
3697 (int)tv->line);
3698
3699 /*
3700 * When signing or verifying we're working with the hash of
3701 * the payload.
3702 */
3703 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3704 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3705 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3706#if defined(CFG_CRYPTO_RSASSA_NA1)
3707 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3708 hash_algo = TEE_ALG_SHA256;
3709#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3710 else
3711 hash_algo = TEE_ALG_HASH_ALGO(
3712 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3713
3714 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3715 ta_crypt_cmd_allocate_operation(c, &session,
3716 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3717 goto out;
3718
3719 ptx_hash_size = sizeof(ptx_hash);
3720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3721 ta_crypt_cmd_digest_do_final(c, & session, op,
3722 tv->ptx, tv->ptx_len, ptx_hash,
3723 &ptx_hash_size)))
3724 goto out;
3725
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3726 /*
3727 * When we use DSA algorithms, the size of the hash we
3728 * consider equals the min between the size of the
3729 * "subprime" in the key and the size of the hash
3730 */
3731 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3732 TEE_MAIN_ALGO_DSA) {
3733 if (tv->params.dsa.sub_prime_len <=
3734 ptx_hash_size)
3735 ptx_hash_size =
3736 tv->params.dsa.sub_prime_len;
3737 }
3738
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3739 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3740 ta_crypt_cmd_free_operation(c, &session, op)))
3741 goto out;
3742 }
3743
3744 num_algo_params = 0;
3745 num_key_attrs = 0;
3746 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3747 case TEE_MAIN_ALGO_RSA:
3748 if (tv->params.rsa.salt_len > 0) {
3749 algo_params[0].attributeID =
3750 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3751 algo_params[0].content.value.a =
3752 tv->params.rsa.salt_len;
3753 algo_params[0].content.value.b = 0;
3754 num_algo_params = 1;
3755 }
3756
3757 max_key_size = tv->params.rsa.modulus_len * 8;
3758
3759 xtest_add_attr(&num_key_attrs, key_attrs,
3760 TEE_ATTR_RSA_MODULUS,
3761 tv->params.rsa.modulus,
3762 tv->params.rsa.modulus_len);
3763 xtest_add_attr(&num_key_attrs, key_attrs,
3764 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3765 tv->params.rsa.pub_exp,
3766 tv->params.rsa.pub_exp_len);
3767
3768 if (!ADBG_EXPECT_TRUE(c,
3769 create_key(c, &session,
3770 max_key_size,
3771 TEE_TYPE_RSA_PUBLIC_KEY,
3772 key_attrs,
3773 num_key_attrs,
3774 &pub_key_handle)))
3775 goto out;
3776
3777 xtest_add_attr(&num_key_attrs, key_attrs,
3778 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3779 tv->params.rsa.priv_exp,
3780 tv->params.rsa.priv_exp_len);
3781
3782 if (tv->params.rsa.prime1_len != 0) {
3783 xtest_add_attr(&num_key_attrs, key_attrs,
3784 TEE_ATTR_RSA_PRIME1,
3785 tv->params.rsa.prime1,
3786 tv->params.rsa.prime1_len);
3787 }
3788
3789 if (tv->params.rsa.prime2_len != 0) {
3790 xtest_add_attr(&num_key_attrs, key_attrs,
3791 TEE_ATTR_RSA_PRIME2,
3792 tv->params.rsa.prime2,
3793 tv->params.rsa.prime2_len);
3794 }
3795
3796 if (tv->params.rsa.exp1_len != 0) {
3797 xtest_add_attr(&num_key_attrs, key_attrs,
3798 TEE_ATTR_RSA_EXPONENT1,
3799 tv->params.rsa.exp1,
3800 tv->params.rsa.exp1_len);
3801 }
3802
3803 if (tv->params.rsa.exp2_len != 0) {
3804 xtest_add_attr(&num_key_attrs, key_attrs,
3805 TEE_ATTR_RSA_EXPONENT2,
3806 tv->params.rsa.exp2,
3807 tv->params.rsa.exp2_len);
3808 }
3809
3810 if (tv->params.rsa.coeff_len != 0) {
3811 xtest_add_attr(&num_key_attrs, key_attrs,
3812 TEE_ATTR_RSA_COEFFICIENT,
3813 tv->params.rsa.coeff,
3814 tv->params.rsa.coeff_len);
3815 }
3816
3817 if (!ADBG_EXPECT_TRUE(c,
3818 create_key(c, &session,
3819 max_key_size,
3820 TEE_TYPE_RSA_KEYPAIR,
3821 key_attrs,
3822 num_key_attrs,
3823 &priv_key_handle)))
3824 goto out;
3825 break;
3826
3827 case TEE_MAIN_ALGO_DSA:
3828 max_key_size = tv->params.dsa.prime_len * 8;
3829
3830 xtest_add_attr(&num_key_attrs, key_attrs,
3831 TEE_ATTR_DSA_PRIME,
3832 tv->params.dsa.prime,
3833 tv->params.dsa.prime_len);
3834 xtest_add_attr(&num_key_attrs, key_attrs,
3835 TEE_ATTR_DSA_SUBPRIME,
3836 tv->params.dsa.sub_prime,
3837 tv->params.dsa.sub_prime_len);
3838 xtest_add_attr(&num_key_attrs, key_attrs,
3839 TEE_ATTR_DSA_BASE,
3840 tv->params.dsa.base,
3841 tv->params.dsa.base_len);
3842 xtest_add_attr(&num_key_attrs, key_attrs,
3843 TEE_ATTR_DSA_PUBLIC_VALUE,
3844 tv->params.dsa.pub_val,
3845 tv->params.dsa.pub_val_len);
3846
3847 if (!ADBG_EXPECT_TRUE(c,
3848 create_key(c, &session, max_key_size,
3849 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3850 num_key_attrs, &pub_key_handle)))
3851 goto out;
3852
3853 xtest_add_attr(&num_key_attrs, key_attrs,
3854 TEE_ATTR_DSA_PRIVATE_VALUE,
3855 tv->params.dsa.priv_val,
3856 tv->params.dsa.priv_val_len);
3857
3858 if (!ADBG_EXPECT_TRUE(c,
3859 create_key(c, &session, max_key_size,
3860 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3861 num_key_attrs, &priv_key_handle)))
3862 goto out;
3863 break;
3864
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3865 case TEE_MAIN_ALGO_ECDSA:
3866 switch (tv->algo) {
3867 case TEE_ALG_ECDSA_P192:
3868 curve = TEE_ECC_CURVE_NIST_P192;
3869 break;
3870 case TEE_ALG_ECDSA_P224:
3871 curve = TEE_ECC_CURVE_NIST_P224;
3872 break;
3873 case TEE_ALG_ECDSA_P256:
3874 curve = TEE_ECC_CURVE_NIST_P256;
3875 break;
3876 case TEE_ALG_ECDSA_P384:
3877 curve = TEE_ECC_CURVE_NIST_P384;
3878 break;
3879 case TEE_ALG_ECDSA_P521:
3880 curve = TEE_ECC_CURVE_NIST_P521;
3881 break;
3882 default:
3883 curve = 0xFF;
3884 break;
3885 }
3886
3887 if (tv->algo == TEE_ALG_ECDSA_P521)
3888 max_key_size = 521;
3889 else
3890 max_key_size = tv->params.ecdsa.private_len * 8;
3891
3892 xtest_add_attr_value(&num_key_attrs, key_attrs,
3893 TEE_ATTR_ECC_CURVE, curve, 0);
3894 xtest_add_attr(&num_key_attrs, key_attrs,
3895 TEE_ATTR_ECC_PUBLIC_VALUE_X,
3896 tv->params.ecdsa.public_x,
3897 tv->params.ecdsa.public_x_len);
3898 xtest_add_attr(&num_key_attrs, key_attrs,
3899 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
3900 tv->params.ecdsa.public_y,
3901 tv->params.ecdsa.public_y_len);
3902
3903 if (!ADBG_EXPECT_TRUE(c,
3904 create_key(c, &session, max_key_size,
3905 TEE_TYPE_ECDSA_PUBLIC_KEY, key_attrs,
3906 num_key_attrs, &pub_key_handle)))
3907 goto out;
3908
3909 xtest_add_attr(&num_key_attrs, key_attrs,
3910 TEE_ATTR_ECC_PRIVATE_VALUE,
3911 tv->params.ecdsa.private,
3912 tv->params.ecdsa.private_len);
3913
3914 if (!ADBG_EXPECT_TRUE(c,
3915 create_key(c, &session, max_key_size,
3916 TEE_TYPE_ECDSA_KEYPAIR, key_attrs,
3917 num_key_attrs, &priv_key_handle)))
3918 goto out;
3919 break;
3920
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3921 default:
3922 ADBG_EXPECT_TRUE(c, false);
3923 goto out;
3924 }
3925
3926 out_size = sizeof(out);
3927 memset(out, 0, sizeof(out));
3928 switch (tv->mode) {
3929 case TEE_MODE_ENCRYPT:
3930 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3931 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3932 &op, tv->algo, TEE_MODE_ENCRYPT,
3933 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3934 goto out;
3935
3936 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3937 ta_crypt_cmd_set_operation_key(c, &session, op,
3938 pub_key_handle)))
3939 goto out;
3940
3941 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3942 ta_crypt_cmd_free_transient_object(c, &session,
3943 pub_key_handle)))
3944 goto out;
3945 pub_key_handle = TEE_HANDLE_NULL;
3946
3947 out_enc_size = sizeof(out_enc);
3948 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3949 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3950 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3951 &out_enc_size)))
3952 goto out;
3953
3954 /*
3955 * A PS which is random is added when formatting the
3956 * message internally of the algorithm so we can't
3957 * verify against precomputed values, instead we use the
3958 * decrypt operation to see that output is correct.
3959 */
3960
3961 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3962 ta_crypt_cmd_free_operation(c, &session, op)))
3963 goto out;
3964
3965 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3966 ta_crypt_cmd_allocate_operation(c, &session,
3967 &op, tv->algo, TEE_MODE_DECRYPT,
3968 max_key_size)))
3969 goto out;
3970
3971 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3972 ta_crypt_cmd_set_operation_key(c, &session, op,
3973 priv_key_handle)))
3974 goto out;
3975
3976 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3977 ta_crypt_cmd_free_transient_object(c, &session,
3978 priv_key_handle)))
3979 goto out;
3980
3981 priv_key_handle = TEE_HANDLE_NULL;
3982
3983 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3984 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3985 NULL, 0, out_enc, out_enc_size, out,
3986 &out_size)))
3987 goto out;
3988
3989 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3990 out_size);
3991 break;
3992
3993 case TEE_MODE_DECRYPT:
3994 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3995 ta_crypt_cmd_allocate_operation(c, &session,
3996 &op, tv->algo, TEE_MODE_DECRYPT,
3997 max_key_size)))
3998 goto out;
3999
4000 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4001 ta_crypt_cmd_set_operation_key(c, &session, op,
4002 priv_key_handle)))
4003 goto out;
4004
4005 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4006 ta_crypt_cmd_free_transient_object(c, &session,
4007 priv_key_handle)))
4008 goto out;
4009
4010 priv_key_handle = TEE_HANDLE_NULL;
4011
4012 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4013 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4014 NULL, 0, tv->ctx, tv->ctx_len, out,
4015 &out_size)))
4016 goto out;
4017
4018 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4019 out_size);
4020 break;
4021
4022 case TEE_MODE_VERIFY:
4023 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4024 ta_crypt_cmd_allocate_operation(c, &session,
4025 &op, tv->algo, TEE_MODE_VERIFY,
4026 max_key_size)))
4027 goto out;
4028
4029 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4030 ta_crypt_cmd_set_operation_key(c, &session, op,
4031 pub_key_handle)))
4032 goto out;
4033
4034 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4035 ta_crypt_cmd_free_transient_object(c, &session,
4036 pub_key_handle)))
4037 goto out;
4038
4039 pub_key_handle = TEE_HANDLE_NULL;
4040
4041 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4042 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4043 algo_params, num_algo_params, ptx_hash,
4044 ptx_hash_size, tv->ctx, tv->ctx_len)))
4045 goto out;
4046 break;
4047
4048 case TEE_MODE_SIGN:
4049 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4050 ta_crypt_cmd_allocate_operation(c, &session,
4051 &op, tv->algo, TEE_MODE_SIGN,
4052 max_key_size)))
4053 goto out;
4054
4055 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4056 ta_crypt_cmd_set_operation_key(c, &session, op,
4057 priv_key_handle)))
4058 goto out;
4059
4060 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4061 ta_crypt_cmd_free_transient_object(c, &session,
4062 priv_key_handle)))
4063 goto out;
4064
4065 priv_key_handle = TEE_HANDLE_NULL;
4066
4067 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4068 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4069 algo_params, num_algo_params, ptx_hash,
4070 ptx_hash_size, out, &out_size)))
4071 goto out;
4072
4073 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4074 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4075 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4076 tv->algo == TEE_ALG_DSA_SHA224 ||
4077 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4078 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
4079 TEE_MAIN_ALGO_ECDSA) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4080 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4081 ta_crypt_cmd_free_operation(c, &session,
4082 op)))
4083 goto out;
4084 /*
4085 * The salt or K is random so we can't verify
4086 * signing against precomputed values, instead
4087 * we use the verify operation to see that
4088 * output is correct.
4089 */
4090 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4091 ta_crypt_cmd_allocate_operation(c,
4092 &session, &op, tv->algo,
4093 TEE_MODE_VERIFY, max_key_size)))
4094 goto out;
4095
4096 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4097 ta_crypt_cmd_set_operation_key(c,
4098 &session, op, pub_key_handle)))
4099 goto out;
4100
4101 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4102 ta_crypt_cmd_free_transient_object(c,
4103 &session, pub_key_handle)))
4104 goto out;
4105
4106 pub_key_handle = TEE_HANDLE_NULL;
4107
4108 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4109 ta_crypt_cmd_asymmetric_verify(c,
4110 &session, op, algo_params,
4111 num_algo_params, ptx_hash,
4112 ptx_hash_size, out, out_size)))
4113 goto out;
4114 } else {
4115 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4116 tv->ctx_len, out,
4117 out_size);
4118 }
4119 break;
4120
4121 default:
4122 break;
4123 }
4124
4125 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4126 ta_crypt_cmd_free_operation(c, &session, op)))
4127 goto out;
4128
4129 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4130 ta_crypt_cmd_free_transient_object(c, &session,
4131 pub_key_handle)))
4132 goto out;
4133 pub_key_handle = TEE_HANDLE_NULL;
4134
4135 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4136 ta_crypt_cmd_free_transient_object(c, &session,
4137 priv_key_handle)))
4138 goto out;
4139
4140 priv_key_handle = TEE_HANDLE_NULL;
4141
4142 Do_ADBG_EndSubCase(c, NULL);
4143 }
4144out:
4145 TEEC_CloseSession(&session);
4146}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4147ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4148 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4149
4150#define KEY_ATTR(x, y) { #x, (x), y }
4151
4152struct key_attrs {
4153 const char *name;
4154 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4155 /*
4156 * When keysize_check != 0: size of attribute is checked
4157 * Expected value is key_size bits except for DH in which case it is
4158 * the value of keysize_check.
4159 */
4160 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4161};
4162
4163static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4164 TEE_ObjectHandle key, uint32_t key_size,
4165 struct key_attrs *attrs, size_t num_attrs)
4166{
4167 uint8_t out[2048];
4168 size_t out_size;
4169 size_t n;
4170 size_t m;
4171
4172 for (m = 0; m < num_attrs; m++) {
4173 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4174 out_size = sizeof(out);
4175 memset(out, 0, sizeof(out));
4176 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4177 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4178 key, attrs[m].attr, out, &out_size)))
4179 return false;
4180
4181 if (attrs[m].keysize_check)
4182 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
4183 key_size / 8);
4184
4185 if (out_size > 0) {
4186 /* Check that buffer isn't all zeroes */
4187 for (n = 0; n < out_size; n++)
4188 if (out[n] != 0)
4189 break;
4190 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4191 out_size))
4192 return false;
4193 }
4194 } else {
4195 uint32_t a;
4196 uint32_t b;
4197
4198 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4199 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4200 attrs[m].attr, &a, &b)))
4201 return false;
4202 }
4203 }
4204 return true;
4205}
4206
4207static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4208 TEE_ObjectHandle key, uint32_t key_size)
4209{
4210 const struct key_attrs attrs[] = {
4211 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4212 };
4213
4214 return test_keygen_attributes(c, s, key, key_size,
4215 (struct key_attrs *)&attrs,
4216 ARRAY_SIZE(attrs));
4217}
4218
4219
4220static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4221 TEE_ObjectHandle key, uint32_t key_size)
4222{
4223 const struct key_attrs attrs[] = {
4224 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4225 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4226 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4227 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4228 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4229 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4230 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4231 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4232 };
4233
4234 return test_keygen_attributes(c, s, key, key_size,
4235 (struct key_attrs *)&attrs,
4236 ARRAY_SIZE(attrs));
4237}
4238
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4239static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4240 TEE_ObjectHandle key, uint32_t key_size)
4241{
4242 const struct key_attrs attrs[] = {
4243 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4244 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4245 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4246 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4247 };
4248
4249 return test_keygen_attributes(c, s, key, key_size,
4250 (struct key_attrs *)&attrs,
4251 ARRAY_SIZE(attrs));
4252}
4253
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4254static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4255 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4256{
4257 const struct key_attrs attrs[] = {
4258 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4259 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4260 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4261 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4262 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4263 };
4264
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4265 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4266 (struct key_attrs *)&attrs,
4267 ARRAY_SIZE(attrs));
4268}
4269
4270static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4271 TEE_ObjectHandle key, uint32_t key_size)
4272{
4273 const struct key_attrs attrs[] = {
4274 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4275 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4276 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4277 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4278 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4279 };
4280
4281 return test_keygen_attributes(c, s, key, key_size,
4282 (struct key_attrs *)&attrs,
4283 ARRAY_SIZE(attrs));
4284}
4285
4286static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4287 uint32_t key_type, uint32_t check_keysize,
4288 uint32_t key_size,
4289 TEE_Attribute *params, size_t param_count)
4290{
4291 TEE_ObjectHandle key;
4292 bool ret_val = true;
4293
4294 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4295 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4296 &key)))
4297 return false;
4298
4299 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4300 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4301 param_count)))
4302 return false;
4303
4304 switch (key_type) {
4305 case TEE_TYPE_DES:
4306 case TEE_TYPE_DES3:
4307 ret_val = ADBG_EXPECT_TRUE(c,
4308 test_secret_value(c, s, key,
4309 key_size + key_size / 7));
4310 break;
4311 case TEE_TYPE_AES:
4312 case TEE_TYPE_HMAC_MD5:
4313 case TEE_TYPE_HMAC_SHA1:
4314 case TEE_TYPE_HMAC_SHA224:
4315 case TEE_TYPE_HMAC_SHA256:
4316 case TEE_TYPE_HMAC_SHA384:
4317 case TEE_TYPE_HMAC_SHA512:
4318 case TEE_TYPE_GENERIC_SECRET:
4319 ret_val = ADBG_EXPECT_TRUE(c,
4320 test_secret_value(c, s, key, key_size));
4321 break;
4322
4323 case TEE_TYPE_RSA_KEYPAIR:
4324 ret_val = ADBG_EXPECT_TRUE(c,
4325 test_rsa_key_pair(c, s, key, key_size));
4326 break;
4327
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4328 case TEE_TYPE_ECDSA_KEYPAIR:
4329 case TEE_TYPE_ECDH_KEYPAIR:
4330 ret_val = ADBG_EXPECT_TRUE(c,
4331 test_ecc_key_pair(c, s, key, key_size));
4332 break;
4333
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4334 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4335 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4336 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4337 break;
4338
4339 case TEE_TYPE_DSA_KEYPAIR:
4340 ret_val = ADBG_EXPECT_TRUE(c,
4341 test_dsa_key_pair(c, s, key, key_size));
4342 break;
4343
4344 default:
4345 ret_val = false;
4346 break;
4347 }
4348
4349 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4350 ta_crypt_cmd_free_transient_object(c, s, key)))
4351 return false;
4352
4353 return ret_val;
4354}
4355
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4356struct key_types_noparam {
4357 unsigned level;
4358 const char *name;
4359 uint32_t key_type;
4360 uint32_t quanta;
4361 uint32_t min_size;
4362 uint32_t max_size;
4363};
4364
4365static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4366 const struct key_types_noparam *key_types,
4367 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4368{
4369 size_t n;
4370 uint32_t key_size;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4371
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4372 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4373 uint32_t min_size = key_types[n].min_size;
4374 uint32_t max_size = key_types[n].max_size;
4375 uint32_t quanta = key_types[n].quanta;
4376
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4377 if (key_types[n].level > level)
4378 continue;
4379
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4380 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4381
4382 for (key_size = min_size; key_size <= max_size;
4383 key_size += quanta) {
4384 if (!ADBG_EXPECT_TRUE(c,
4385 generate_and_test_key(c, session, key_types
4386 [n].key_type, 1, key_size, NULL, 0)))
4387 break;
4388 }
4389
4390 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4391 }
4392}
4393
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4394static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4395{
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4396 TEEC_Session session = { 0 };
4397 uint32_t ret_orig;
4398 static const struct key_types_noparam key_types[] = {
4399 { 0, "AES", TEE_TYPE_AES, 64, 128,
4400 256 /* valid sizes 128, 192, 256 */ },
4401 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4402 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4403 168 /* valid sizes 112, 168 */ },
4404 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4405 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4406 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4407 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4408 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4409 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4410 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4411 };
4412
4413 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4414 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4415 &ret_orig)))
4416 return;
4417
4418 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4419
4420 TEEC_CloseSession(&session);
4421}
4422ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4423 "Test TEE Internal API Generate Symmetric key");
4424
4425static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4426{
4427 TEEC_Session session = { 0 };
4428 uint32_t ret_orig;
4429 static const struct key_types_noparam key_types[] = {
4430 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4431 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4432 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4433 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4434 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4435 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4436 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4437 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4438 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4439 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4440 };
4441
4442 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4443 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4444 &ret_orig)))
4445 return;
4446
4447 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4448
4449 TEEC_CloseSession(&session);
4450}
4451ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4452 "Test TEE Internal API Generate RSA key");
4453
4454static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4455{
4456 TEEC_Session session = { 0 };
4457 uint32_t ret_orig;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4458 size_t n;
4459 size_t param_count;
4460 /*
4461 * Note that the key size parameter is not used when creating the keys
4462 * but specifying these sizes make it possible to test the expected size
4463 * of the private value. This also means that the keysize must match the
4464 * size of p or what is specified in private_bits or the equvivalent
4465 * size of the subprime parameter.
4466 */
4467 TEE_Attribute params[4];
4468
4469#define XTEST_DH_GK_DATA(vect) \
4470 ARRAY(vect ## _p), \
4471 ARRAY(vect ## _g), \
4472 &vect ## _private_bits, \
4473 0, 0
4474#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4475 ARRAY(vect ## _p), \
4476 ARRAY(vect ## _g), \
4477 &vect ## _private_bits, \
4478 ARRAY(vect ## _subprime)
4479 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4480 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4481 uint32_t key_size;
4482 const uint8_t *p;
4483 size_t p_len;
4484 const uint8_t *g;
4485 size_t g_len;
4486 const uint32_t *private_bits;
4487 const uint8_t *subprime;
4488 size_t subprime_len;
4489 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4490 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4491 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4492 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4493 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4494 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4495 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4496 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4497 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4498 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4499 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4500 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4501 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4502 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4503 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4504 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4505 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4506 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4507 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4508 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4509 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4510 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4511 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4512 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4513 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4514 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4515 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4516 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4517 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4518 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4519 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4520 };
4521
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4522 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4523 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4524 &ret_orig)))
4525 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4526
4527 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4528 if (key_types[n].level > level)
4529 continue;
4530
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4531 Do_ADBG_BeginSubCase(c,
4532 "Generate DH key %d bits - Private bits = %d",
4533 key_types[n].key_size,
4534 *key_types[n].private_bits);
4535 param_count = 0;
4536
4537 xtest_add_attr(&param_count, params,
4538 TEE_ATTR_DH_PRIME,
4539 key_types[n].p, key_types[n].p_len);
4540
4541 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4542 key_types[n].g, key_types[n].g_len);
4543
4544 if (key_types[n].private_bits != 0) {
4545 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4546
4547 params[param_count].content.value.a =
4548 *key_types[n].private_bits;
4549
4550 params[param_count].content.value.b = 0;
4551 param_count++;
4552 }
4553
4554 if (key_types[n].subprime != 0) {
4555 xtest_add_attr(&param_count, params,
4556 TEE_ATTR_DH_SUBPRIME,
4557 key_types[n].subprime,
4558 key_types[n].subprime_len);
4559 }
4560
4561 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4562 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4563 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4564 key_types[n]. key_size, params, param_count)))
4565 break;
4566
4567 Do_ADBG_EndSubCase(c,
4568 "Generate DH key %d bits - Private bits = %d",
4569 key_types[n].key_size,
4570 *key_types[n].private_bits);
4571 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4572
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4573 TEEC_CloseSession(&session);
4574}
4575ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4576 "Test TEE Internal API Generate DH key");
4577
4578static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4579{
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4580 TEEC_Session session = { 0 };
4581 uint32_t ret_orig;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4582 size_t n;
4583 size_t param_count;
4584 TEE_Attribute params[4];
4585
4586#define XTEST_DSA_GK_DATA(vect) \
4587 ARRAY(vect ## _p), \
4588 ARRAY(vect ## _g), \
4589 ARRAY(vect ## _q)
4590 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4591 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4592 uint32_t key_size;
4593 const uint8_t *prime;
4594 size_t prime_len;
4595 const uint8_t *base;
4596 size_t base_len;
4597 const uint8_t *sub_prime;
4598 size_t sub_prime_len;
4599 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4600 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
4601 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
4602 { 1, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4603 { 1, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4604 { 1, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4605 { 1, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4606 { 1, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4607 { 1, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4608 { 1, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4609 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4610 };
4611
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4612 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4613 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4614 &ret_orig)))
4615 return;
4616
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4617 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4618 if (key_types[n].level > level)
4619 continue;
4620
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4621 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4622 key_types[n].key_size);
4623 param_count = 0;
4624
4625
4626 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4627 key_types[n].prime, key_types[n].prime_len);
4628
4629 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4630 key_types[n].sub_prime,
4631 key_types[n].sub_prime_len);
4632
4633 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4634 key_types[n].base, key_types[n].base_len);
4635
4636 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4637 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4638 1, key_types[n]. key_size, params,
4639 param_count)))
4640 break;
4641
4642 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4643 key_types[n].key_size);
4644 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4645
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4646 TEEC_CloseSession(&session);
4647}
4648ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4649 "Test TEE Internal API Generate DSA key");
4650
4651static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4652{
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4653 TEEC_Session session = { 0 };
4654 uint32_t ret_orig;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4655 size_t n;
4656 size_t param_count;
4657 TEE_Attribute params[4];
4658
4659 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4660 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4661 const char *name;
4662 uint32_t algo;
4663 uint32_t curve;
4664 uint32_t key_size;
4665 } key_types[] = {
4666 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4667 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4668 192 },
4669 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4670 224 },
4671 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4672 256 },
4673 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4674 384 },
4675 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4676 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4677
4678 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4679 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4680 192 },
4681 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4682 224 },
4683 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4684 256 },
4685 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4686 384 },
4687 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4688 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4689 };
4690
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4691 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4692 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4693 &ret_orig)))
4694 return;
4695
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4696 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4697 if (key_types[n].level > level)
4698 continue;
4699
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4700 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4701 param_count = 0;
4702
4703 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4704 key_types[n].curve, 0);
4705
4706 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4707 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4708 0, key_types[n].key_size, params,
4709 param_count)))
4710 break;
4711
4712 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4713 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4714
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4715 TEEC_CloseSession(&session);
4716}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4717ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
4718 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4719
4720static void xtest_tee_test_4008(ADBG_Case_t *c)
4721{
4722 TEEC_Session session = { 0 };
4723 uint32_t ret_orig;
4724 TEE_OperationHandle op;
4725 TEE_ObjectHandle key_handle;
4726 TEE_ObjectHandle sv_handle;
4727 TEE_Attribute params[4];
4728 size_t param_count = 0;
4729 uint8_t out[2048];
4730 size_t out_size;
4731
4732 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4733 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4734 &ret_orig)))
4735 return;
4736
4737 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4738
4739 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4740 ta_crypt_cmd_allocate_operation(c, &session, &op,
4741 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4742 derive_key_max_keysize)))
4743 goto out;
4744
4745 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4746 ta_crypt_cmd_allocate_transient_object(c, & session,
4747 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4748 &key_handle)))
4749 goto out;
4750
4751 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4752 ARRAY(derive_key_dh_prime));
4753
4754 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4755 ARRAY(derive_key_dh_base));
4756
4757 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4758 ARRAY(derive_key_dh_public_value));
4759
4760 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4761 ARRAY(derive_key_dh_private_value));
4762
4763 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4764 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4765 params, param_count)))
4766 goto out;
4767
4768 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4769 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4770 goto out;
4771
4772 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4773 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4774 goto out;
4775
4776 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4777 ta_crypt_cmd_allocate_transient_object(c, &session,
4778 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4779 &sv_handle)))
4780 goto out;
4781
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4782 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4783 param_count = 0;
4784
4785 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4786 ARRAY(derive_key_dh_public_value_2));
4787
4788 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4789 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4790 param_count)))
4791 goto out;
4792
4793 out_size = sizeof(out);
4794 memset(out, 0, sizeof(out));
4795 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4796 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4797 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4798 goto out;
4799
4800 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4801 sizeof(derive_key_dh_shared_secret), out,
4802 out_size))
4803 goto out;
4804
4805 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4806 ta_crypt_cmd_free_operation(c, &session, op)))
4807 goto out;
4808
4809 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4810 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4811 goto out;
4812out:
4813 Do_ADBG_EndSubCase(c, "Derive DH key success");
4814 TEEC_CloseSession(&session);
4815}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4816ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
4817 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4818
4819static void xtest_tee_test_4009(ADBG_Case_t *c)
4820{
4821 TEEC_Session session = { 0 };
4822 uint32_t ret_orig;
4823 TEE_OperationHandle op;
4824 TEE_ObjectHandle key_handle;
4825 TEE_ObjectHandle sv_handle;
4826 TEE_Attribute params[4];
4827 size_t param_count = 0;
4828 uint8_t out[2048];
4829 size_t out_size;
4830 uint32_t size_bytes;
Peng Fane13ad9b2015-07-21 11:46:26 +0800[diff] [blame]4831 uint32_t i;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4832 struct derive_key_ecdh_t *pt;
4833
4834 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4835 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4836 &ret_orig)))
4837 return;
4838
4839 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4840 pt = &derive_key_ecdh[i];
4841
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]4842 if (pt->level > level)
4843 continue;
4844
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4845 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4846 pt->algo);
4847 size_bytes = (pt->keysize + 7) / 8;
4848 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4849 ta_crypt_cmd_allocate_operation(c, &session, &op,
4850 pt->algo,
4851 TEE_MODE_DERIVE, pt->keysize)))
4852 goto out;
4853
4854 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4855 ta_crypt_cmd_allocate_transient_object(c, & session,
4856 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4857 &key_handle)))
4858 goto out;
4859
4860 param_count = 0;
4861 xtest_add_attr_value(&param_count, params,
4862 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4863 xtest_add_attr(&param_count, params,
4864 TEE_ATTR_ECC_PRIVATE_VALUE,
4865 pt->private, size_bytes);
4866 /*
4867 * The public value is not used. This is why we provide
4868 * another buffer
4869 */
4870 xtest_add_attr(&param_count, params,
4871 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4872 pt->private, size_bytes);
4873 xtest_add_attr(&param_count, params,
4874 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4875 pt->private, size_bytes);
4876
4877 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4878 ta_crypt_cmd_populate_transient_object(c,
4879 &session,
4880 key_handle, params, param_count)))
4881 goto out;
4882
4883 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4884 ta_crypt_cmd_set_operation_key(c, &session, op,
4885 key_handle)))
4886 goto out;
4887
4888 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4889 ta_crypt_cmd_free_transient_object(c, & session,
4890 key_handle)))
4891 goto out;
4892
4893 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4894 ta_crypt_cmd_allocate_transient_object(c, &session,
4895 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4896 &sv_handle)))
4897 goto out;
4898
4899 /* reuse but reset params and param-count */
4900 param_count = 0;
4901
4902 xtest_add_attr(&param_count, params,
4903 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4904 pt->public_x, size_bytes);
4905 xtest_add_attr(&param_count, params,
4906 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4907 pt->public_y, size_bytes);
4908
4909 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4910 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4911 params, param_count)))
4912 goto out;
4913
4914 out_size = sizeof(out);
4915 memset(out, 0, sizeof(out));
4916 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4917 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4918 sv_handle,
4919 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4920 goto out;
4921
4922 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4923 out, out_size))
4924 goto out;
4925
4926 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4927 ta_crypt_cmd_free_operation(c, &session, op)))
4928 goto out;
4929
4930 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4931 ta_crypt_cmd_free_transient_object(c, &session,
4932 sv_handle)))
4933 goto out;
4934
4935 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4936 pt->algo);
4937 }
4938
4939 goto noerror;
4940
4941out:
4942 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4943
4944noerror:
4945 TEEC_CloseSession(&session);
4946}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4947ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
4948 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4949
4950static void xtest_tee_test_4010(ADBG_Case_t *c)
4951{
4952 TEEC_Session session = { 0 };
4953 uint32_t ret_orig;
4954 TEE_ObjectHandle o;
4955 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
4956 static const TEE_Attribute attr = {
4957 .attributeID = TEE_ATTR_SECRET_VALUE,
4958 .content.ref.buffer = (void *)large_key,
4959 .content.ref.length = sizeof(large_key),
4960 };
4961
4962 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4963 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4964 &ret_orig)))
4965 return;
4966
4967 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4968 ta_crypt_cmd_allocate_transient_object(c, &session,
4969 TEE_TYPE_HMAC_SHA256, 1024, &o)))
4970 goto out;
4971
4972 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
4973 ta_crypt_cmd_populate_transient_object(c, &session, o,
4974 &attr, 1));
4975
4976out:
4977 TEEC_CloseSession(&session);
4978}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4979ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
4980 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4981
4982static void xtest_tee_test_4011(ADBG_Case_t *c)
4983{
4984 TEEC_Session s = { 0 };
4985 size_t key_size = 512;
4986 TEE_ObjectHandle key;
4987 TEE_OperationHandle ops;
4988 TEE_OperationHandle opv;
4989 TEE_OperationHandle ope;
4990 TEE_OperationHandle opd;
4991 uint32_t ret_orig;
4992 uint8_t in[TEE_SHA1_HASH_SIZE];
4993 uint8_t out[1024];
4994 uint8_t tmp[1024];
4995 size_t out_size;
4996 size_t tmp_size;
4997 size_t n;
4998 size_t m;
4999 size_t i = 0;
5000
5001 /* Setup session, initialize message to sign, create a keypair */
5002 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
5003 &crypt_user_ta_uuid, NULL, &ret_orig)))
5004 return;
5005 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
5006 &s, in, sizeof(in))))
5007 goto out;
5008 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
5009 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
5010 goto out;
5011 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
5012 key, key_size, NULL, 0)))
5013 goto out;
5014
5015 /* Allocate operations for sign, verify, encrypt and decrypt */
5016 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5017 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
5018 key_size)))
5019 goto out;
5020 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5021 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
5022 key_size)))
5023 goto out;
5024 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5025 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
5026 goto out;
5027 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5028 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
5029 goto out;
5030
5031 /* Assign the keypair to all operations */
5032 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5033 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
5034 goto out;
5035 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5036 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
5037 goto out;
5038 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5039 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
5040 goto out;
5041 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5042 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
5043 goto out;
5044
5045 /*
5046 * The core of the test case is inspired by the one in libtomcrypt:
5047 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
5048 *
5049 * Testcase for Bleichenbacher attack
5050 *
5051 * (1) Create a valid signature
5052 * (2) Check that it can be verified
5053 * (3) Transform the package to fetch plain text (using the encrypt
5054 * operation in GP TEE Internal API)
5055 * (4) Forge the structure of PKCS#1-EMSA encoded data
5056 * (4.1) Search for start and end of the padding string
5057 * (4.2) Move the signature to the front of the padding string
5058 * (4.3) Zero the message until the end
5059 * (5) Transform the package back (using the decrypt operation in
5060 * GP TEE Internal API)
5061 * (6) The result should not be valid if the implementation is robust.
5062 */
5063
5064
5065 for (i = 0; i < 9; i++) {
5066 Do_ADBG_Log("Iteration %zu", i);
5067
5068 /* 1 */
5069 out_size = sizeof(out);
5070 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5071 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5072 in, sizeof(in), out, &out_size)))
5073 goto out;
5074
5075 /* 2 */
5076 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5077 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5078 in, sizeof(in), out, out_size)))
5079 goto out;
5080
5081 /* 3 */
5082 tmp_size = sizeof(tmp);
5083 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5084 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5085 out, out_size, tmp, &tmp_size)))
5086 goto out;
5087
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5088 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5089 goto out;
5090
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5091 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5092 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5093 if (tmp[n] == 0xff)
5094 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5095
5096 /* Shall find at least a padding start before buffer end */
5097 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5098 goto out;
5099
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5100 for (m = n + 1; m < tmp_size; m++)
5101 if (tmp[m] != 0xff)
5102 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5103
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5104 /* 4.2 */
5105 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5106
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5107 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5108 n = n + i + tmp_size - m;
5109 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5110
5111 /* 5 */
5112 out_size = sizeof(out);
5113 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5114 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5115 tmp, tmp_size, out, &out_size)))
5116 goto out;
5117
5118 /* 6 */
5119 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5120 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5121 in, sizeof(in), out, out_size)))
5122 goto out;
5123 }
5124
5125out:
5126 TEEC_CloseSession(&s);
5127}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5128ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5129 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5130
5131#ifdef CFG_SYSTEM_PTA
5132static void xtest_tee_test_4012(ADBG_Case_t *c)
5133{
5134 TEEC_Session session = { 0 };
5135 uint32_t ret_orig;
5136 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5137 /* Fortuna PRNG requires seed <= 32 bytes */
5138 uint8_t pool_input[32] = {};
5139 time_t t;
5140 struct tm tm_local;
5141
5142 t = time(NULL);
5143 tm_local = *localtime(&t);
5144
5145 memcpy((void *)pool_input, (void *)&tm_local,
5146 sizeof(pool_input) < sizeof(tm_local) ?
5147 sizeof(pool_input) : sizeof(tm_local));
5148
5149
5150 op.params[0].tmpref.buffer = pool_input;
5151 op.params[0].tmpref.size = sizeof(pool_input);
5152 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5153 TEEC_NONE,
5154 TEEC_NONE,
5155 TEEC_NONE);
5156 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5157 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5158 &ret_orig)))
5159 return;
5160
5161 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5162 TEEC_InvokeCommand(&session,
5163 TA_CRYPT_CMD_SEED_RNG_POOL,
5164 &op,
5165 &ret_orig));
5166 TEEC_CloseSession(&session);
5167}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5168ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5169 "Test seeding RNG entropy");
5170#endif /*CFG_SYSTEM_PTA*/