TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 3fbfd0d6d12b19e5bcf3bef9c5cf05c0ed5dbc45 / . / host / xtest / regression_4000.c
blob: 7a60ce21d8c883fa856b44caec427a09f227dbee [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, STMicroelectronics International N.V.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14#include <stdio.h>
15#include <string.h>
16#include <inttypes.h>
17#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]18#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]19
20#include "xtest_test.h"
21#include "xtest_helpers.h"
22
23#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]24#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]25#include <ta_crypt.h>
26#include <utee_defines.h>
27#include <util.h>
28
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]29#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]30#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31
32#include <assert.h>
33
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]34static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
35 TEE_OperationHandle oph)
36{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]37 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]38 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]39 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]40
41 assert((uintptr_t)oph <= UINT32_MAX);
42 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
43 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
44 TEEC_NONE);
45 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
46 &ret_orig);
47 if (res != TEEC_SUCCESS) {
48 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
49 ret_orig);
50 }
51 return res;
52}
53
54static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
55 TEEC_Session *s,
56 TEE_OperationHandle dst_oph,
57 TEE_OperationHandle src_oph)
58{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]59 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]60 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]61 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]62
63 assert((uintptr_t)dst_oph <= UINT32_MAX);
64 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
65
66 assert((uintptr_t)src_oph <= UINT32_MAX);
67 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
68 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
69 TEEC_NONE);
70
71 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
72 &ret_orig);
73
74 if (res != TEEC_SUCCESS) {
75 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
76 ret_orig);
77 }
78 return res;
79}
80
81static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
82 TEE_OperationHandle oph,
83 const void *chunk,
84 size_t chunk_size)
85{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]86 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]87 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]88 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]89
90 assert((uintptr_t)oph <= UINT32_MAX);
91 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
92 op.params[1].tmpref.buffer = (void *)chunk;
93 op.params[1].tmpref.size = chunk_size;
94
95 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
96 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
97 TEEC_NONE);
98
99 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
100
101 if (res != TEEC_SUCCESS) {
102 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
103 ret_orig);
104 }
105
106 return res;
107}
108
109static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
110 TEE_OperationHandle oph,
111 const void *chunk,
112 size_t chunk_len, void *hash,
113 size_t *hash_len)
114{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]115 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]116 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]117 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]118
119 assert((uintptr_t)oph <= UINT32_MAX);
120 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
121
122 op.params[1].tmpref.buffer = (void *)chunk;
123 op.params[1].tmpref.size = chunk_len;
124
125 op.params[2].tmpref.buffer = (void *)hash;
126 op.params[2].tmpref.size = *hash_len;
127
128 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
129 TEEC_MEMREF_TEMP_INPUT,
130 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
131
132 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
133 &ret_orig);
134
135 if (res != TEEC_SUCCESS) {
136 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
137 ret_orig);
138 }
139
140 if (res == TEEC_SUCCESS)
141 *hash_len = op.params[2].tmpref.size;
142
143 return res;
144}
145
146static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
147 TEEC_Session *s,
148 TEE_OperationHandle oph,
149 TEE_ObjectHandle key1,
150 TEE_ObjectHandle key2)
151{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]152 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]153 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]154 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]155
156 assert((uintptr_t)oph <= UINT32_MAX);
157 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
158
159 assert((uintptr_t)key1 <= UINT32_MAX);
160 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
161
162 assert((uintptr_t)key2 <= UINT32_MAX);
163 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
164 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
165 TEEC_NONE, TEEC_NONE);
166
167 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
168 &ret_orig);
169
170 if (res != TEEC_SUCCESS) {
171 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
172 ret_orig);
173 }
174
175 return res;
176}
177
178static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
179 TEE_OperationHandle oph,
180 const void *iv, size_t iv_len)
181{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]182 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]183 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]184 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]185
186 assert((uintptr_t)oph <= UINT32_MAX);
187 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
188
189 if (iv != NULL) {
190 op.params[1].tmpref.buffer = (void *)iv;
191 op.params[1].tmpref.size = iv_len;
192 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
193 TEEC_MEMREF_TEMP_INPUT,
194 TEEC_NONE, TEEC_NONE);
195 } else {
196 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
197 TEEC_NONE, TEEC_NONE);
198 }
199
200 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
201
202 if (res != TEEC_SUCCESS) {
203 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
204 ret_orig);
205 }
206
207 return res;
208}
209
210static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
211 TEE_OperationHandle oph,
212 const void *chunk, size_t chunk_size)
213{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]214 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]215 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]216 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]217
218 assert((uintptr_t)oph <= UINT32_MAX);
219 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
220
221 op.params[1].tmpref.buffer = (void *)chunk;
222 op.params[1].tmpref.size = chunk_size;
223
224 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
225 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
226 TEEC_NONE);
227
228 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
229
230 if (res != TEEC_SUCCESS) {
231 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
232 ret_orig);
233 }
234
235 return res;
236}
237
238static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
239 TEEC_Session *s,
240 TEE_OperationHandle oph,
241 const void *chunk,
242 size_t chunk_len,
243 void *hash,
244 size_t *hash_len)
245{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]246 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]247 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]248 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]249
250 assert((uintptr_t)oph <= UINT32_MAX);
251 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
252
253 op.params[1].tmpref.buffer = (void *)chunk;
254 op.params[1].tmpref.size = chunk_len;
255
256 op.params[2].tmpref.buffer = (void *)hash;
257 op.params[2].tmpref.size = *hash_len;
258
259 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
260 TEEC_MEMREF_TEMP_INPUT,
261 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
262
263 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
264 &ret_orig);
265
266 if (res != TEEC_SUCCESS) {
267 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
268 ret_orig);
269 }
270
271 if (res == TEEC_SUCCESS)
272 *hash_len = op.params[2].tmpref.size;
273
274 return res;
275}
276
277static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
278 TEE_OperationHandle oph,
279 const void *iv, size_t iv_len)
280{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]281 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]282 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]283 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]284
285 assert((uintptr_t)oph <= UINT32_MAX);
286 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
287
288 if (iv != NULL) {
289 op.params[1].tmpref.buffer = (void *)iv;
290 op.params[1].tmpref.size = iv_len;
291
292 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
293 TEEC_MEMREF_TEMP_INPUT,
294 TEEC_NONE, TEEC_NONE);
295 } else {
296 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
297 TEEC_NONE, TEEC_NONE);
298 }
299
300 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
301
302 if (res != TEEC_SUCCESS) {
303 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
304 ret_orig);
305 }
306
307 return res;
308}
309
310static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
311 TEE_OperationHandle oph,
312 const void *src, size_t src_len,
313 void *dst, size_t *dst_len)
314{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]315 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]316 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]317 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]318
319 assert((uintptr_t)oph <= UINT32_MAX);
320 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
321
322 op.params[1].tmpref.buffer = (void *)src;
323 op.params[1].tmpref.size = src_len;
324
325 op.params[2].tmpref.buffer = dst;
326 op.params[2].tmpref.size = *dst_len;
327
328 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
329 TEEC_MEMREF_TEMP_INPUT,
330 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
331
332 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
333
334 if (res != TEEC_SUCCESS) {
335 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
336 ret_orig);
337 }
338
339 if (res == TEEC_SUCCESS)
340 *dst_len = op.params[2].tmpref.size;
341
342 return res;
343}
344
345static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
346 TEEC_Session *s,
347 TEE_OperationHandle oph,
348 const void *src,
349 size_t src_len,
350 void *dst,
351 size_t *dst_len)
352{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]353 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]354 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]355 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]356
357 assert((uintptr_t)oph <= UINT32_MAX);
358 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
359
360 op.params[1].tmpref.buffer = (void *)src;
361 op.params[1].tmpref.size = src_len;
362
363 op.params[2].tmpref.buffer = (void *)dst;
364 op.params[2].tmpref.size = *dst_len;
365
366 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
367 TEEC_MEMREF_TEMP_INPUT,
368 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
369
370 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
371 &ret_orig);
372
373 if (res != TEEC_SUCCESS) {
374 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
375 ret_orig);
376 }
377
378 if (res == TEEC_SUCCESS)
379 *dst_len = op.params[2].tmpref.size;
380
381 return res;
382}
383
384static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
385 TEEC_Session *s,
386 void *buf,
387 size_t blen)
388{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]389 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]390 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]391 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]392
393 op.params[0].tmpref.buffer = buf;
394 op.params[0].tmpref.size = blen;
395
396 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
397 TEEC_NONE, TEEC_NONE);
398
399 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENEREATE, &op,
400 &ret_orig);
401
402 if (res != TEEC_SUCCESS) {
403 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
404 ret_orig);
405 }
406
407 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
408 op.params[0].tmpref.size);
409 return res;
410}
411
412static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
413 TEE_OperationHandle oph,
414 const void *nonce, size_t nonce_len,
415 size_t tag_len, size_t aad_len,
416 size_t payload_len)
417{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]418 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]419 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]420 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]421
422 assert((uintptr_t)oph <= UINT32_MAX);
423 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
424 op.params[0].value.b = tag_len;
425
426 op.params[1].tmpref.buffer = (void *)nonce;
427 op.params[1].tmpref.size = nonce_len;
428
429 op.params[2].value.a = aad_len;
430 op.params[2].value.b = payload_len;
431
432 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
433 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]434 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]435
436 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
437
438 if (res != TEEC_SUCCESS) {
439 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
440 ret_orig);
441 }
442 return res;
443}
444
445static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
446 TEE_OperationHandle oph,
447 const void *aad, size_t aad_len)
448{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]449 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]450 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]451 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]452
453 assert((uintptr_t)oph <= UINT32_MAX);
454 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
455
456 op.params[1].tmpref.buffer = (void *)aad;
457 op.params[1].tmpref.size = aad_len;
458
459 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
460 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
461 TEEC_NONE);
462
463 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
464
465 if (res != TEEC_SUCCESS) {
466 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
467 ret_orig);
468 }
469
470 return res;
471}
472
473static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
474 TEEC_Session *s,
475 TEE_OperationHandle oph,
476 const void *src,
477 size_t src_len,
478 void *dst,
479 size_t *dst_len)
480{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]481 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]482 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]483 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]484
485 assert((uintptr_t)oph <= UINT32_MAX);
486 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
487
488 op.params[1].tmpref.buffer = (void *)src;
489 op.params[1].tmpref.size = src_len;
490
491 op.params[2].tmpref.buffer = (void *)dst;
492 op.params[2].tmpref.size = *dst_len;
493
494 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
495 TEEC_MEMREF_TEMP_INPUT,
496 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
497
498 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
499
500 if (res != TEEC_SUCCESS) {
501 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
502 ret_orig);
503 }
504
505 if (res == TEEC_SUCCESS)
506 *dst_len = op.params[2].tmpref.size;
507
508 return res;
509}
510
511static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
512 TEEC_Session *s,
513 TEE_OperationHandle oph,
514 const void *src,
515 size_t src_len, void *dst,
516 size_t *dst_len, void *tag,
517 size_t *tag_len)
518{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]519 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]520 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]521 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]522
523 assert((uintptr_t)oph <= UINT32_MAX);
524 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
525
526 op.params[1].tmpref.buffer = (void *)src;
527 op.params[1].tmpref.size = src_len;
528
529 op.params[2].tmpref.buffer = (void *)dst;
530 op.params[2].tmpref.size = *dst_len;
531
532 op.params[3].tmpref.buffer = (void *)tag;
533 op.params[3].tmpref.size = *tag_len;
534
535 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
536 TEEC_MEMREF_TEMP_INPUT,
537 TEEC_MEMREF_TEMP_OUTPUT,
538 TEEC_MEMREF_TEMP_OUTPUT);
539
540 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
541 &ret_orig);
542
543 if (res != TEEC_SUCCESS) {
544 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
545 ret_orig);
546 }
547
548 if (res == TEEC_SUCCESS) {
549 *dst_len = op.params[2].tmpref.size;
550 *tag_len = op.params[3].tmpref.size;
551 }
552
553 return res;
554}
555
556static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
557 TEEC_Session *s,
558 TEE_OperationHandle oph,
559 const void *src, size_t src_len,
560 void *dst, size_t *dst_len,
561 const void *tag, size_t tag_len)
562{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]563 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]564 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]565 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]566
567 assert((uintptr_t)oph <= UINT32_MAX);
568 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
569
570 op.params[1].tmpref.buffer = (void *)src;
571 op.params[1].tmpref.size = src_len;
572
573 op.params[2].tmpref.buffer = dst;
574 op.params[2].tmpref.size = *dst_len;
575
576 op.params[3].tmpref.buffer = (void *)tag;
577 op.params[3].tmpref.size = tag_len;
578
579 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
580 TEEC_MEMREF_TEMP_INPUT,
581 TEEC_MEMREF_TEMP_OUTPUT,
582 TEEC_MEMREF_TEMP_INPUT);
583
584 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
585 &ret_orig);
586
587 if (res != TEEC_SUCCESS) {
588 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
589 ret_orig);
590 }
591
592 if (res == TEEC_SUCCESS)
593 *dst_len = op.params[2].tmpref.size;
594
595 return res;
596}
597
598static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
599 TEEC_Session *s,
600 TEE_OperationHandle oph,
601 uint32_t cmd,
602 const TEE_Attribute *params,
603 uint32_t paramCount,
604 const void *src,
605 size_t src_len,
606 void *dst,
607 size_t *dst_len)
608{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]609 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]610 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]611 uint32_t ret_orig = 0;
612 uint8_t *buf = NULL;
613 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]614
615 res = pack_attrs(params, paramCount, &buf, &blen);
616 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
617 return res;
618
619 assert((uintptr_t)oph <= UINT32_MAX);
620 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
621
622 op.params[1].tmpref.buffer = buf;
623 op.params[1].tmpref.size = blen;
624
625 op.params[2].tmpref.buffer = (void *)src;
626 op.params[2].tmpref.size = src_len;
627
628 op.params[3].tmpref.buffer = dst;
629 op.params[3].tmpref.size = *dst_len;
630
631 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
632 TEEC_MEMREF_TEMP_INPUT,
633 TEEC_MEMREF_TEMP_INPUT,
634 TEEC_MEMREF_TEMP_OUTPUT);
635
636 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
637
638 if (res != TEEC_SUCCESS) {
639 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
640 ret_orig);
641 }
642
643 if (res == TEEC_SUCCESS)
644 *dst_len = op.params[3].tmpref.size;
645
646 free(buf);
647 return res;
648}
649
650static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
651 TEEC_Session *s,
652 TEE_OperationHandle oph,
653 const TEE_Attribute *params,
654 uint32_t paramCount,
655 const void *src,
656 size_t src_len,
657 void *dst,
658 size_t *dst_len)
659{
660 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
661 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
662 params, paramCount,
663 src, src_len, dst, dst_len);
664}
665
666static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
667 TEEC_Session *s,
668 TEE_OperationHandle oph,
669 const TEE_Attribute *params,
670 uint32_t paramCount,
671 const void *src,
672 size_t src_len,
673 void *dst,
674 size_t *dst_len)
675{
676 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
677 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
678 params, paramCount,
679 src, src_len, dst, dst_len);
680}
681
682static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
683 TEEC_Session *s,
684 TEE_OperationHandle oph,
685 const TEE_Attribute *params,
686 uint32_t paramCount,
687 const void *digest,
688 size_t digest_len,
689 void *signature,
690 size_t *signature_len)
691{
692 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
693 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
694 digest, digest_len, signature, signature_len);
695}
696
697static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
698 TEEC_Session *s,
699 TEE_OperationHandle oph,
700 const TEE_Attribute *params,
701 uint32_t paramCount,
702 const void *digest,
703 size_t digest_len,
704 const void *signature,
705 size_t signature_len)
706{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]707 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]708 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]709 uint32_t ret_orig = 0;
710 uint8_t *buf = NULL;
711 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]712
713 res = pack_attrs(params, paramCount, &buf, &blen);
714 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
715 return res;
716
717 assert((uintptr_t)oph <= UINT32_MAX);
718 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
719
720 op.params[1].tmpref.buffer = buf;
721 op.params[1].tmpref.size = blen;
722
723 op.params[2].tmpref.buffer = (void *)digest;
724 op.params[2].tmpref.size = digest_len;
725
726 op.params[3].tmpref.buffer = (void *)signature;
727 op.params[3].tmpref.size = signature_len;
728
729 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
730 TEEC_MEMREF_TEMP_INPUT,
731 TEEC_MEMREF_TEMP_INPUT,
732 TEEC_MEMREF_TEMP_INPUT);
733
734 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
735 &op, &ret_orig);
736
737 if (res != TEEC_SUCCESS) {
738 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
739 ret_orig);
740 }
741
742 free(buf);
743 return res;
744}
745
746static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
747 TEEC_Session *s,
748 TEE_ObjectHandle o,
749 uint32_t attr_id,
750 uint32_t *valuea,
751 uint32_t *valueb)
752{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]753 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]754 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]755 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]756
757 assert((uintptr_t)o <= UINT32_MAX);
758 op.params[0].value.a = (uint32_t)(uintptr_t)o;
759 op.params[0].value.b = attr_id;
760 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
761 TEEC_NONE, TEEC_NONE);
762
763 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
764 &op, &ret_orig);
765
766 if (res != TEEC_SUCCESS) {
767 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
768 ret_orig);
769 }
770
771 if (res == TEEC_SUCCESS) {
772 *valuea = op.params[1].value.a;
773 *valueb = op.params[1].value.b;
774 }
775
776 return res;
777}
778
779static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
780 TEEC_Session *s,
781 TEE_ObjectHandle o,
782 uint32_t key_size,
783 const TEE_Attribute *params,
784 uint32_t paramCount)
785{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]786 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]787 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]788 uint32_t ret_orig = 0;
789 uint8_t *buf = NULL;
790 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]791
792 res = pack_attrs(params, paramCount, &buf, &blen);
793 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
794 return res;
795
796 assert((uintptr_t)o <= UINT32_MAX);
797 op.params[0].value.a = (uint32_t)(uintptr_t)o;
798 op.params[0].value.b = key_size;
799
800 op.params[1].tmpref.buffer = buf;
801 op.params[1].tmpref.size = blen;
802
803 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
804 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
805 TEEC_NONE);
806
807 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
808
809 if (res != TEEC_SUCCESS) {
810 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
811 ret_orig);
812 }
813
814 free(buf);
815 return res;
816}
817
818static const uint8_t hash_data_md5_in1[] = {
819 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
820};
821
822static const uint8_t hash_data_md5_out1[] = {
823 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
824 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
825};
826
827static const uint8_t hash_data_sha1_in1[] = {
828 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
829};
830
831static const uint8_t hash_data_sha1_out1[] = {
832 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
833 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
834 0xc1, 0x5e, 0x7c, 0x9c
835};
836
837static const uint8_t hash_data_sha224_in1[] = {
838 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
839};
840
841static const uint8_t hash_data_sha224_out1[] = {
842 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
843 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
844 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
845 0x92, 0x49, 0xd8, 0x44
846};
847
848static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
849
850static const uint8_t hash_data_sha256_out1[] = {
851 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
852 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
853 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
854 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
855};
856
857static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
858
859static const uint8_t hash_data_sha256_out2[] = {
860 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
861 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
862 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
863 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
864};
865
866
867static const uint8_t hash_data_sha384_in1[] = {
868 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
869};
870
871static const uint8_t hash_data_sha384_out1[] = {
872 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
873 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
874 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
875 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
876 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
877 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
878};
879
880static const uint8_t hash_data_sha512_in1[] = {
881 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
882};
883
884static const uint8_t hash_data_sha512_out1[] = {
885 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
886 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
887 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
888 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
889 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
890 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
891 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
892 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
893};
894
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]895/*
896 * SM3
897 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]898 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]899 */
900static const uint8_t hash_data_sm3_a1_in[3] = "abc";
901
902static const uint8_t hash_data_sm3_a1_out[] = {
903 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
904 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
905 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
906 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
907};
908
909/*
910 * SM3
911 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]912 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]913 */
914static const uint8_t hash_data_sm3_a2_in[] = {
915 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
916 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
917 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
918 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
919 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
920 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
921 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
922 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
923};
924
925static const uint8_t hash_data_sm3_a2_out[] = {
926 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
927 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
928 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
929 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
930};
931
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]932struct xtest_hash_case {
933 uint32_t algo;
934 size_t in_incr;
935 const uint8_t *in;
936 size_t in_len;
937 const uint8_t *out;
938 size_t out_len;
939};
940
941#define XTEST_HASH_CASE(algo, in_incr, in, out) \
942 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
943
944static const struct xtest_hash_case hash_cases[] = {
945 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
946 hash_data_md5_out1),
947 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
948 hash_data_sha1_out1),
949 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
950 hash_data_sha224_out1),
951 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
952 hash_data_sha256_out1),
953 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
954 hash_data_sha256_out2),
955 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
956 hash_data_sha384_out1),
957 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
958 hash_data_sha512_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]959 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
960 hash_data_sm3_a1_out),
961 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
962 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]963};
964
965static void xtest_tee_test_4001(ADBG_Case_t *c)
966{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]967 TEEC_Session session = { };
968 uint32_t ret_orig = 0;
969 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]970
971 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
972 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
973 &ret_orig)))
974 return;
975
976
977 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]978 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
979 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
980 uint8_t out[64] = { };
981 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]982
983 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
984 (int)n, (unsigned int)hash_cases[n].algo);
985
986 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
987 ta_crypt_cmd_allocate_operation(c, &session, &op1,
988 hash_cases[n].algo,
989 TEE_MODE_DIGEST, 0)))
990 goto out;
991
992 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
993 ta_crypt_cmd_allocate_operation(c, &session, &op2,
994 hash_cases[n].algo,
995 TEE_MODE_DIGEST, 0)))
996 goto out;
997
998 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
999 ta_crypt_cmd_digest_update(c, &session, op1,
1000 hash_cases[n].in,
1001 hash_cases[n].in_incr)))
1002 goto out;
1003
1004 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1005 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1006 goto out;
1007
1008 out_size = sizeof(out);
1009 memset(out, 0, sizeof(out));
1010 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1011 ta_crypt_cmd_digest_do_final(c, &session, op2,
1012 hash_cases[n].in + hash_cases[n].in_incr,
1013 hash_cases[n].in_len - hash_cases[n].in_incr,
1014 out, &out_size)))
1015 goto out;
1016
1017 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1018 hash_cases[n].out_len, out, out_size);
1019
1020 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1021 ta_crypt_cmd_reset_operation(c, &session, op1)))
1022 goto out;
1023
1024 out_size = sizeof(out);
1025 memset(out, 0, sizeof(out));
1026 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1027 ta_crypt_cmd_digest_do_final(c, &session, op1,
1028 hash_cases[n].in,
1029 hash_cases[n].in_len, out,
1030 &out_size)))
1031 goto out;
1032
1033 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1034 hash_cases[n].out_len, out, out_size);
1035
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1036 /*
1037 * Invoke TEE_DigestDoFinal() a second time to check that state
1038 * was properly reset
1039 */
1040 out_size = sizeof(out);
1041 memset(out, 0, sizeof(out));
1042 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1043 ta_crypt_cmd_digest_do_final(c, &session, op1,
1044 hash_cases[n].in,
1045 hash_cases[n].in_len, out,
1046 &out_size)))
1047 goto out;
1048
1049 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1050 hash_cases[n].out_len, out, out_size);
1051
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1052 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1053 ta_crypt_cmd_free_operation(c, &session, op1)))
1054 goto out;
1055
1056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1057 ta_crypt_cmd_free_operation(c, &session, op2)))
1058 goto out;
1059
1060 Do_ADBG_EndSubCase(c, NULL);
1061 }
1062
1063out:
1064 TEEC_CloseSession(&session);
1065}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1066ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1067 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1068
1069static const uint8_t mac_data_md5_key1[10] = {
1070 0x6B, 0x65, 0x79, /* key */
1071};
1072
1073static const uint8_t mac_data_md5_in1[] = {
1074 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1075 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1076 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1077 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1078 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1079 0x64, 0x6F, 0x67, /* dog */
1080};
1081
1082static const uint8_t mac_data_md5_out1[] = {
1083 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1084 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1085};
1086
1087
1088/* generated with scripts/digest_hmac.pl */
1089static const uint8_t mac_data_sha1_key1[10] = {
1090 0x6B, 0x65, 0x79, /* key */
1091};
1092
1093static const uint8_t mac_data_sha1_in1[] = {
1094 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1095 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1096 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1097 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1098 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1099 0x64, 0x6F, 0x67, /* dog */
1100};
1101
1102static const uint8_t mac_data_sha1_out1[] = {
1103 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1104 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1105 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1106};
1107
1108static const uint8_t mac_data_sha224_key1[24] = {
1109 0x6B, 0x65, 0x79, /* key */
1110};
1111
1112static const uint8_t mac_data_sha224_in1[] = {
1113 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1114 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1115 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1116 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1117 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1118 0x64, 0x6F, 0x67, /* dog */
1119};
1120
1121static const uint8_t mac_data_sha224_out1[] = {
1122 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1123 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1124 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1125 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1126};
1127
1128
1129static const uint8_t mac_data_sha256_key1[24] = {
1130 'Q', 'W', 'E', 'R', 'T', 'Y'
1131};
1132
1133static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1134
1135static const uint8_t mac_data_sha256_out1[] = {
1136 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1137 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1138 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1139 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1140};
1141
1142/* generated with scripts/digest_hmac.pl */
1143static const uint8_t mac_data_sha256_key2[24] = {
1144 0x6B, 0x65, 0x79, /* key */
1145};
1146
1147static const uint8_t mac_data_sha256_in2[] = {
1148 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1149 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1150 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1151 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1152 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1153 0x64, 0x6F, 0x67, /* dog */
1154};
1155
1156static const uint8_t mac_data_sha256_out2[] = {
1157 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1158 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1159 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1160 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1161};
1162
1163static const uint8_t mac_data_sha384_key1[32] = {
1164 0x6B, 0x65, 0x79, /* key */
1165};
1166
1167static const uint8_t mac_data_sha384_in1[] = {
1168 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1169 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1170 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1171 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1172 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1173 0x64, 0x6F, 0x67, /* dog */
1174};
1175
1176static const uint8_t mac_data_sha384_out1[] = {
1177 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1178 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1179 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1180 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1181 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1182 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1183};
1184
1185static const uint8_t mac_data_sha512_key1[32] = {
1186 0x6B, 0x65, 0x79, /* key */
1187};
1188
1189static const uint8_t mac_data_sha512_in1[] = {
1190 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1191 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1192 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1193 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1194 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1195 0x64, 0x6F, 0x67, /* dog */
1196};
1197
1198static const uint8_t mac_data_sha512_out1[] = {
1199 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1200 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1201 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1202 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1203 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1204 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1205 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1206 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1207};
1208
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1209/*
1210 * SM3 HMAC
1211 * GM/T 0042-2015
1212 * Section D.3 Test vector 1
1213 */
1214static const uint8_t mac_data_sm3_d31_in[112] =
1215 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomn"
1216 "opnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmn"
1217 "lmnomnopnopq";
1218
1219static const uint8_t mac_data_sm3_d31_key[] = {
1220 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1221 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1222 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1223 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1224};
1225
1226static const uint8_t mac_data_sm3_d31_out[] = {
1227 0xca, 0x05, 0xe1, 0x44, 0xed, 0x05, 0xd1, 0x85,
1228 0x78, 0x40, 0xd1, 0xf3, 0x18, 0xa4, 0xa8, 0x66,
1229 0x9e, 0x55, 0x9f, 0xc8, 0x39, 0x1f, 0x41, 0x44,
1230 0x85, 0xbf, 0xdf, 0x7b, 0xb4, 0x08, 0x96, 0x3a,
1231};
1232
1233/*
1234 * SM3 HMAC
1235 * GM/T 0042-2015
1236 * Section D.3 Test vector 2
1237 */
1238static const uint8_t mac_data_sm3_d32_in[] = {
1239 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1240 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1241 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1242 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1243 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1244 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1245 0xcd, 0xcd
1246};
1247
1248static const uint8_t mac_data_sm3_d32_key[] = {
1249 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1250 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1251 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1252 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1253 0x21, 0x22, 0x23, 0x24, 0x25,
1254};
1255
1256static const uint8_t mac_data_sm3_d32_out[] = {
1257 0x22, 0x0b, 0xf5, 0x79, 0xde, 0xd5, 0x55, 0x39,
1258 0x3f, 0x01, 0x59, 0xf6, 0x6c, 0x99, 0x87, 0x78,
1259 0x22, 0xa3, 0xec, 0xf6, 0x10, 0xd1, 0x55, 0x21,
1260 0x54, 0xb4, 0x1d, 0x44, 0xb9, 0x4d, 0xb3, 0xae,
1261};
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1262
1263/* AES-CBC-MAC */
1264static const uint8_t mac_cbc_vect1_key[] = {
1265 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1266 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1267};
1268
1269static const uint8_t mac_cbc_vect1_data[] = {
1270 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1271 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1272 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1273 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1274 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1275 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1276 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1277 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1278 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1279 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1280 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1281 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1282 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1283 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1284 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1285 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1286 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1287 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1288 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1289 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1290};
1291
1292static const uint8_t mac_cbc_vect1_out[] = {
1293 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1294 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1295};
1296
1297/* DES-CBC-MAC */
1298static const uint8_t mac_cbc_vect2_key[] = {
1299 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1300};
1301
1302#define mac_cbc_vect2_data mac_cbc_vect1_data
1303static const uint8_t mac_cbc_vect2_out[] = {
1304 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1305};
1306
1307/* DES3-CBC-MAC */
1308static const uint8_t mac_cbc_vect3_key[] = {
1309 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1310 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1311 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1312};
1313
1314#define mac_cbc_vect3_data mac_cbc_vect2_data
1315static const uint8_t mac_cbc_vect3_out[] = {
1316 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1317};
1318
1319/* AES-CBC-MAC PKCS#5 pad*/
1320static const uint8_t mac_cbc_vect4_key[] = {
1321 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1322 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1323 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1324 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1325};
1326
1327#define mac_cbc_vect4_data mac_cbc_vect1_data
1328static const uint8_t mac_cbc_vect4_out[] = {
1329 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1330 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1331};
1332
1333/* DES-CBC-MAC PKCS#5 pad*/
1334static const uint8_t mac_cbc_vect5_key[] = {
1335 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1336};
1337
1338#define mac_cbc_vect5_data mac_cbc_vect1_data
1339static const uint8_t mac_cbc_vect5_out[] = {
1340 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1341};
1342
1343/* DES3-CBC-MAC PKCS#5 pad*/
1344static const uint8_t mac_cbc_vect6_key[] = {
1345 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1346 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1347 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1348};
1349
1350#define mac_cbc_vect6_data mac_cbc_vect1_data
1351static const uint8_t mac_cbc_vect6_out[] = {
1352 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1353};
1354
1355/* AES-CBC-MAC PKCS#5 pad*/
1356#define mac_cbc_vect7_key mac_cbc_vect4_key
1357static const uint8_t mac_cbc_vect7_data[] = {
1358 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1359 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1360 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1361 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1362 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1363 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1364 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1365 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1366 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1367 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1368 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1369 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1370 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1371 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1372 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1373 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1374 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1375 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1376 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1377 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1378};
1379
1380static const uint8_t mac_cbc_vect7_out[] = {
1381 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1382 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1383};
1384
1385/* DES-CBC-MAC PKCS#5 pad*/
1386#define mac_cbc_vect8_key mac_cbc_vect5_key
1387#define mac_cbc_vect8_data mac_cbc_vect7_data
1388static const uint8_t mac_cbc_vect8_out[] = {
1389 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1390};
1391
1392/* DES3-CBC-MAC PKCS#5 pad*/
1393#define mac_cbc_vect9_key mac_cbc_vect6_key
1394#define mac_cbc_vect9_data mac_cbc_vect7_data
1395static const uint8_t mac_cbc_vect9_out[] = {
1396 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1397};
1398
1399/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1400 * DES3-CBC-MAC, with key size of 112bit
1401 * out obtained with:
1402 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1403 */
1404/* DES3-CBC-MAC PKCS#5 pad*/
1405static const uint8_t mac_cbc_vect10_key[] = {
1406 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1407 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1408};
1409#define mac_cbc_vect10_data mac_cbc_vect1_data
1410static const uint8_t mac_cbc_vect10_out[] = {
1411 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1412};
1413
1414
1415/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1416 * AES-CMAC
1417 * Test vectors from
1418 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1419 */
1420
1421/* AES-128 */
1422static const uint8_t mac_cmac_vect1_key[] = {
1423 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1424 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1425};
1426
1427static const uint8_t mac_cmac_vect1_out[] = {
1428 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1429 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1430};
1431
1432#define mac_cmac_vect2_key mac_cmac_vect1_key
1433static const uint8_t mac_cmac_vect2_data[] = {
1434 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1435 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1436};
1437
1438static const uint8_t mac_cmac_vect2_out[] = {
1439 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1440 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1441};
1442
1443#define mac_cmac_vect3_key mac_cmac_vect1_key
1444static const uint8_t mac_cmac_vect3_data[] = {
1445 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1446 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1447 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1448 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1449 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1450};
1451
1452static const uint8_t mac_cmac_vect3_out[] = {
1453 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1454 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1455};
1456
1457#define mac_cmac_vect4_key mac_cmac_vect1_key
1458static const uint8_t mac_cmac_vect4_data[] = {
1459 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1460 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1461 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1462 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1463 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1464 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1465 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1466 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1467};
1468
1469static const uint8_t mac_cmac_vect4_out[] = {
1470 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1471 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1472};
1473
1474/* AES-192 */
1475static const uint8_t mac_cmac_vect5_key[] = {
1476 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1477 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1478 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1479};
1480
1481static const uint8_t mac_cmac_vect5_out[] = {
1482 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1483 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1484};
1485
1486
1487#define mac_cmac_vect6_key mac_cmac_vect5_key
1488static const uint8_t mac_cmac_vect6_data[] = {
1489 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1490 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1491};
1492
1493static const uint8_t mac_cmac_vect6_out[] = {
1494 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1495 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1496};
1497
1498#define mac_cmac_vect7_key mac_cmac_vect5_key
1499static const uint8_t mac_cmac_vect7_data[] = {
1500 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1501 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1502 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1503 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1504 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1505};
1506
1507static const uint8_t mac_cmac_vect7_out[] = {
1508 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1509 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1510};
1511
1512#define mac_cmac_vect8_key mac_cmac_vect5_key
1513static const uint8_t mac_cmac_vect8_data[] = {
1514 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1515 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1516 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1517 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1518 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1519 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1520 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1521 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1522};
1523
1524static const uint8_t mac_cmac_vect8_out[] = {
1525 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1526 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1527};
1528
1529/* AES-256 */
1530static const uint8_t mac_cmac_vect9_key[] = {
1531 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1532 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1533 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1534 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1535};
1536
1537static const uint8_t mac_cmac_vect9_out[] = {
1538 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1539 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1540};
1541
1542#define mac_cmac_vect10_key mac_cmac_vect9_key
1543static const uint8_t mac_cmac_vect10_data[] = {
1544 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1545 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1546};
1547
1548static const uint8_t mac_cmac_vect10_out[] = {
1549 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1550 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1551};
1552
1553#define mac_cmac_vect11_key mac_cmac_vect9_key
1554static const uint8_t mac_cmac_vect11_data[] = {
1555 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1556 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1557 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1558 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1559 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1560};
1561
1562static const uint8_t mac_cmac_vect11_out[] = {
1563 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1564 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1565};
1566
1567#define mac_cmac_vect12_key mac_cmac_vect9_key
1568static const uint8_t mac_cmac_vect12_data[] = {
1569 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1570 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1571 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1572 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1573 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1574 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1575 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1576 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1577};
1578
1579static const uint8_t mac_cmac_vect12_out[] = {
1580 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1581 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1582};
1583
1584struct xtest_mac_case {
1585 uint32_t algo;
1586 uint32_t key_type;
1587 const uint8_t *key;
1588 size_t key_len;
1589 size_t in_incr;
1590 const uint8_t *in;
1591 size_t in_len;
1592 const uint8_t *out;
1593 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1594 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1595};
1596
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1597#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1598 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1599 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1600
1601#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1602 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1603 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1604
1605#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1606 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1607 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1608
1609#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1610 XTEST_MAC_CASE((algo), (key_type), \
1611 mac_cbc_ ## vect ## _key, (in_incr), \
1612 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1613
1614#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1615 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1616 mac_cmac_ ## vect ## _key, (in_incr), \
1617 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1618
1619static const struct xtest_mac_case mac_cases[] = {
1620 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1621 mac_data_md5_key1,
1622 4, mac_data_md5_in1, mac_data_md5_out1),
1623 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1624 mac_data_sha1_key1,
1625 5, mac_data_sha1_in1, mac_data_sha1_out1),
1626 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1627 mac_data_sha224_key1,
1628 8, mac_data_sha224_in1, mac_data_sha224_out1),
1629 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1630 mac_data_sha256_key1,
1631 1, mac_data_sha256_in1, mac_data_sha256_out1),
1632 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1633 mac_data_sha256_key2,
1634 7, mac_data_sha256_in2, mac_data_sha256_out2),
1635 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1636 mac_data_sha384_key1,
1637 11, mac_data_sha384_in1, mac_data_sha384_out1),
1638 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1639 mac_data_sha512_key1,
1640 13, mac_data_sha512_in1, mac_data_sha512_out1),
1641
1642 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1643 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1644 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1645 17),
1646 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1647 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1648 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1649 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1650 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1651 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1652 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1653 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1654
1655 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1656 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1657 ARRAY_SIZE(mac_cmac_vect1_out) },
1658 XTEST_MAC_CMAC_CASE(vect2, 9),
1659 XTEST_MAC_CMAC_CASE(vect3, 9),
1660 XTEST_MAC_CMAC_CASE(vect4, 9),
1661 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1662 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1663 ARRAY_SIZE(mac_cmac_vect5_out) },
1664 XTEST_MAC_CMAC_CASE(vect6, 9),
1665 XTEST_MAC_CMAC_CASE(vect7, 9),
1666 XTEST_MAC_CMAC_CASE(vect8, 9),
1667 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1668 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1669 ARRAY_SIZE(mac_cmac_vect9_out) },
1670 XTEST_MAC_CMAC_CASE(vect10, 9),
1671 XTEST_MAC_CMAC_CASE(vect11, 9),
1672 XTEST_MAC_CMAC_CASE(vect12, 9),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1673
1674 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1675 mac_data_sm3_d31_key,
1676 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1677 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1678 mac_data_sm3_d32_key,
1679 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1680};
1681
1682static void xtest_tee_test_4002(ADBG_Case_t *c)
1683{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1684 TEEC_Session session = { };
1685 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1686 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1687 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1688 uint8_t out[64] = { };
1689 size_t out_size = 0;
1690 uint32_t ret_orig = 0;
1691 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1692
1693 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1694 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1695 &ret_orig)))
1696 return;
1697
1698 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1699 TEE_Attribute key_attr = { };
1700 size_t key_size = 0;
1701 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1702
1703 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1704 (int)n, (unsigned int)mac_cases[n].algo);
1705
1706 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1707 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1708 key_attr.content.ref.length = mac_cases[n].key_len;
1709
1710 key_size = key_attr.content.ref.length * 8;
1711 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1712 mac_cases[n].key_type == TEE_TYPE_DES3)
1713 /* Exclude parity in bit size of key */
1714 key_size -= key_size / 8;
1715
1716 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1717 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1718 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1719 goto out;
1720
1721 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1722 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1723 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1724 goto out;
1725
1726 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1727 ta_crypt_cmd_allocate_transient_object(c, &session,
1728 mac_cases[n].key_type, key_size, &key_handle)))
1729 goto out;
1730
1731 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1732 ta_crypt_cmd_populate_transient_object(c, &session,
1733 key_handle, &key_attr, 1)))
1734 goto out;
1735
1736 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1737 ta_crypt_cmd_set_operation_key(c, &session, op1,
1738 key_handle)))
1739 goto out;
1740
1741 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1742 ta_crypt_cmd_free_transient_object(c, &session,
1743 key_handle)))
1744 goto out;
1745
1746 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1747 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1748 goto out;
1749
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1750 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1751 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1752 while (offs + mac_cases[n].in_incr <
1753 mac_cases[n].in_len) {
1754 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1755 ta_crypt_cmd_mac_update(c, &session,
1756 op1, mac_cases[n].in + offs,
1757 mac_cases[n].in_incr)))
1758 goto out;
1759 offs += mac_cases[n].in_incr;
1760 if (!mac_cases[n].multiple_incr)
1761 break;
1762 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1763 }
1764
1765 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1766 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1767 goto out;
1768
1769 out_size = sizeof(out);
1770 memset(out, 0, sizeof(out));
1771 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1772 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1773 mac_cases[n].in + offs,
1774 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1775 out, &out_size)))
1776 goto out;
1777
1778 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1779 mac_cases[n].out_len, out, out_size);
1780
1781 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1782 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1783 goto out;
1784
1785 out_size = sizeof(out);
1786 memset(out, 0, sizeof(out));
1787 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1788 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1789 mac_cases[n].in, mac_cases[n].in_len, out,
1790 &out_size)))
1791 goto out;
1792
1793 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1794 mac_cases[n].out_len, out, out_size);
1795
1796 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1797 ta_crypt_cmd_free_operation(c, &session, op1)))
1798 goto out;
1799
1800 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1801 ta_crypt_cmd_free_operation(c, &session, op2)))
1802 goto out;
1803
1804 Do_ADBG_EndSubCase(c, NULL);
1805 }
1806out:
1807 TEEC_CloseSession(&session);
1808}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1809ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1810 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1811
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1812static const uint8_t ciph_data_aes_key1[] = {
1813 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1814 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1815};
1816
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1817static const uint8_t ciph_data_aes_key2[] = {
1818 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1819 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1820};
1821
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1822static const uint8_t ciph_data_des_key1[] = {
1823 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1824};
1825
1826static const uint8_t ciph_data_des_key2[] = {
1827 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1828};
1829
1830
1831static const uint8_t ciph_data_des3_key1[] = {
1832 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1833 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1834 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1835};
1836
1837static const uint8_t ciph_data_des3_key2[] = {
1838 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1839 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1840 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1841};
1842
1843static const uint8_t ciph_data_des2_key1[] = {
1844 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1845 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1846};
1847
1848static const uint8_t ciph_data_in1[] = {
1849 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1850 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1851 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1852 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1853 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1854 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1855};
1856
1857static const uint8_t ciph_data_in3[] = {
1858 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1859 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1860 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1861 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1862 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1863 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1864};
1865
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1866static const uint8_t ciph_data_in4[] = {
1867 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1868 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1869 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1870 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1871 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1872 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1873 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1874 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1875};
1876
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1877static const uint8_t ciph_data_in5[] = {
1878 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1879 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1880 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1881 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1882 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1883 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1884 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1885 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1886 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1887 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1888 0x01, 0x01, 0x01
1889};
1890
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1891static const uint8_t ciph_data_128_iv1[] = {
1892 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1893 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1894};
1895
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1896static const uint8_t ciph_data_128_iv2[] = {
1897 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1898 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1899};
1900
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1901static const uint8_t ciph_data_64_iv1[] = {
1902 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1903};
1904
1905static const uint8_t ciph_data_in2[] = {
1906 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1907};
1908
1909static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1910 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1911 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1912 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1913 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1914 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1915 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1916};
1917
1918static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1919 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1920 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1921 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1922 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1923 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1924 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1925};
1926
1927static const uint8_t ciph_data_aes_ctr_out1[] = {
1928 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1929 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1930 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1931 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1932 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1933 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1934};
1935
1936static const uint8_t ciph_data_aes_ctr_out2[] = {
1937 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1938 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1939 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1940 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1941 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1942 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1943};
1944
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1945static const uint8_t ciph_data_aes_ctr_out4[] = {
1946 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1947 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1948 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1949 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1950 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1951 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1952 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1953 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1954};
1955
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1956static const uint8_t ciph_data_aes_ctr_out5[] = {
1957 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1958 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1959 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1960 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1961 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1962 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1963 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1964 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1965 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1966 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1967 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1968};
1969
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1970static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1971 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1972 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1973};
1974
1975static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1976 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1977 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1978};
1979
1980static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1981 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1982 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1983 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1984 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1985 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1986 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1987 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1988 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1989 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1990 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1991 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1992 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1993 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1994 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1995 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1996 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1997 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1998 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1999 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
2000 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
2001};
2002
2003static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
2004 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
2005 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
2006 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
2007 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
2008 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
2009 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
2010 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
2011 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
2012 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
2013 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
2014 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
2015 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
2016 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
2017 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
2018 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
2019 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
2020 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
2021 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
2022 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
2023 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
2024};
2025
2026/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
2027 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
2028static const uint8_t ciph_data_aes_cts_vect1_key[] = {
2029 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
2030 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
2031};
2032
2033static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
2034 0x00
2035};
2036
2037static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
2038 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2039 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2040 0x20
2041};
2042
2043static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
2044 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
2045 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
2046 0x97
2047};
2048
2049#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
2050#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
2051static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
2052 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2053 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2054 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2055 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
2056};
2057
2058static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
2059 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
2060 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
2061 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2062 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
2063};
2064
2065#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
2066#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
2067static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
2068 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2069 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2070 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2071 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2072};
2073
2074static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
2075 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2076 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2077 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2078 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2079};
2080
2081#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
2082#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
2083static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
2084 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2085 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2086 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2087 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2088 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2089 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
2090};
2091
2092static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
2093 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2094 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2095 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
2096 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
2097 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2098 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
2099};
2100
2101#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
2102#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
2103static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
2104 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2105 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2106 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2107 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2108 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2109 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2110};
2111
2112static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
2113 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2114 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2115 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2116 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2117 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2118 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2119};
2120
2121#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2122#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2123static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2124 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2125 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2126 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2127 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2128 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2129 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2130 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2131 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2132};
2133
2134static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2135 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2136 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2137 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2138 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2139 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2140 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2141 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2142 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2143};
2144
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2145/*
2146 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
2147 * 80 bytes of data, processed in two steps (32 + 48).
2148 */
2149
2150#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
2151
2152static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
2153 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
2154 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
2155};
2156
2157static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
2158 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
2159 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
2160 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
2161 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
2162 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
2163 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
2164 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
2165 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
2166 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
2167 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
2168};
2169
2170/*
2171 * Ciphertext was generated by an online tool for AES CBC.
2172 * Since the input size is a multiple of the block size, and the ciphertext
2173 * format is CS3, the output is the same as plain AES CBC with the last
2174 * two blocks swapped.
2175 */
2176static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
2177 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
2178 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
2179 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
2180 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
2181 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
2182 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
2183 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
2184 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
2185 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
2186 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
2187};
2188
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2189static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2190 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2191 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2192 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2193 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2194 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2195 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2196};
2197
2198static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2199 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2200};
2201
2202static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2203 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2204 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2205 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2206 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2207 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2208 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2209};
2210
2211static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2212 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2213 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2214 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2215 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2216 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2217 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2218};
2219
2220static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2221 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2222 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2223 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2224 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2225 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2226 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2227};
2228
2229static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2230 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2231 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2232 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2233 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2234 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2235 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2236};
2237
2238static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2239 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2240 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2241 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2242 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2243 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2244 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2245};
2246
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2247/* SM4 ECB */
2248
2249static const uint8_t ciph_data_sm4_key1[] = {
2250 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2251 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2252};
2253
2254static const uint8_t ciph_data_sm4_in1[] = {
2255 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2256 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2257};
2258
2259static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
2260 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
2261 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
2262};
2263
2264/*
2265 * SM4 CBC
2266 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
2267 */
2268static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
2269 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2270 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2271};
2272
2273static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
2274 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2275 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2276};
2277
2278static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
2279 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2280 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2281 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2282 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2283};
2284
2285static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
2286 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
2287 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
2288 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
2289 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
2290};
2291
2292/*
2293 * SM4 CBC
2294 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
2295 */
2296static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
2297 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2298 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2299};
2300
2301static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
2302 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2303 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2304};
2305
2306static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
2307 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2308 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2309 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2310 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2311};
2312
2313static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
2314 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
2315 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
2316 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
2317 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
2318};
2319
2320/*
2321 * SM4 CTR
2322 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
2323 */
2324static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
2325 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2326 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2327};
2328
2329static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
2330 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2331 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2332};
2333
2334static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
2335 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2336 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2337 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2338 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2339 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2340 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2341 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2342 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2343};
2344
2345static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
2346 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
2347 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
2348 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
2349 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
2350 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
2351 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
2352 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
2353 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
2354};
2355
2356/*
2357 * SM4 CTR
2358 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
2359 */
2360static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
2361 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2362 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2363};
2364
2365static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
2366 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2367 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2368};
2369
2370static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
2371 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2372 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2373 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2374 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2375 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2376 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2377 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2378 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2379};
2380
2381static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
2382 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
2383 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
2384 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
2385 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
2386 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
2387 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
2388 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
2389 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
2390};
2391
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2392struct xtest_ciph_case {
2393 uint32_t algo;
2394 uint32_t mode;
2395 uint32_t key_type;
2396 const uint8_t *key1;
2397 size_t key1_len;
2398 const uint8_t *key2;
2399 size_t key2_len;
2400 const uint8_t *iv;
2401 size_t iv_len;
2402 size_t in_incr;
2403 const uint8_t *in;
2404 size_t in_len;
2405 const uint8_t *out;
2406 size_t out_len;
2407 size_t line;
2408};
2409
2410#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2411 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2412 NULL, 0, NULL, 0, \
2413 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2414 __LINE__ }, \
2415 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2416 NULL, 0, NULL, 0, \
2417 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2418
2419#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2420 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2421 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2422 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2423 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2424 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2425 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2426
2427#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2428 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2429 ciph_data_aes_xts_ ## vect ## _key1, \
2430 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2431 ciph_data_aes_xts_ ## vect ## _key2, \
2432 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2433 ciph_data_aes_xts_ ## vect ## _iv, \
2434 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2435 (in_incr), \
2436 ciph_data_aes_xts_ ## vect ## _ptx, \
2437 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2438 ciph_data_aes_xts_ ## vect ## _ctx, \
2439 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2440 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2441 ciph_data_aes_xts_ ## vect ## _key1, \
2442 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2443 ciph_data_aes_xts_ ## vect ## _key2, \
2444 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2445 ciph_data_aes_xts_ ## vect ## _iv, \
2446 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2447 (in_incr), \
2448 ciph_data_aes_xts_ ## vect ## _ctx, \
2449 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2450 ciph_data_aes_xts_ ## vect ## _ptx, \
2451 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2452
2453#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2454 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2455 ciph_data_aes_cbc_ ## vect ## _key, \
2456 ciph_data_aes_cbc_ ## vect ## _iv, \
2457 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2458 ciph_data_aes_cbc_ ## vect ## _ctx)
2459
2460#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2461 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2462 ciph_data_aes_cts_ ## vect ## _key, \
2463 ciph_data_aes_cts_ ## vect ## _iv, \
2464 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2465 ciph_data_aes_cts_ ## vect ## _ctx)
2466
2467static const struct xtest_ciph_case ciph_cases[] = {
2468 /* AES */
2469 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2470 ciph_data_aes_key1, 11, ciph_data_in1,
2471 ciph_data_aes_ecb_nopad_out1),
2472 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2473 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2474 ciph_data_in1,
2475 ciph_data_aes_cbc_nopad_out1),
2476 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2477 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2478 ciph_data_in1,
2479 ciph_data_aes_ctr_out1),
2480 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2481 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2482 ciph_data_in3,
2483 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2484 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2485 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2486 ciph_data_in3,
2487 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2488 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2489 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2490 ciph_data_in4,
2491 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2492 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2493 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2494 ciph_data_in5,
2495 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2496
2497 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2498 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2499
2500 /* AES-CTS */
2501 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2502 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2503 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2504 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2505 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2506 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2507 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2508 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2509
2510 /* DES */
2511 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2512 ciph_data_des_key1, 14, ciph_data_in1,
2513 ciph_data_des_ecb_nopad_out1),
2514 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2515 ciph_data_des_key2, 3, ciph_data_in2,
2516 ciph_data_des_ecb_nopad_out2),
2517 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2518 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2519 ciph_data_des_cbc_nopad_out1),
2520
2521 /* DES3 */
2522 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2523 ciph_data_des3_key1, 11, ciph_data_in1,
2524 ciph_data_des3_ecb_nopad_out1),
2525 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2526 ciph_data_des3_key2, 3, ciph_data_in2,
2527 ciph_data_des_ecb_nopad_out2),
2528 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2529 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2530 ciph_data_in1,
2531 ciph_data_des3_cbc_nopad_out1),
2532
2533 /* DES2 */
2534 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2535 ciph_data_des2_key1, 11, ciph_data_in1,
2536 ciph_data_des2_ecb_nopad_out1),
2537 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2538 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2539 ciph_data_in1,
2540 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2541
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2542 /* AES-XTS */
2543 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2544 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2545 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2546 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2547 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2548 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2549 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2550 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2551 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2552 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2553 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2554 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2555 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2556 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2557 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2558 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2559 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2560 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2561 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2562
2563 /* SM4 */
2564 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2565 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2566 ciph_data_sm4_ecb_nopad_out1),
2567 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2568 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2569 11, ciph_data_sm4_cbc_a221_in,
2570 ciph_data_sm4_cbc_a221_out),
2571 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2572 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2573 11, ciph_data_sm4_cbc_a222_in,
2574 ciph_data_sm4_cbc_a222_out),
2575 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2576 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2577 11, ciph_data_sm4_ctr_a251_in,
2578 ciph_data_sm4_ctr_a251_out),
2579 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2580 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2581 11, ciph_data_sm4_ctr_a252_in,
2582 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2583};
2584
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2585static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2586{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2587 TEEC_Session session = { };
2588 TEE_OperationHandle op = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2589 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2590 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2591 uint8_t out[2048] = { };
2592 size_t out_size = 0;
2593 size_t out_offs = 0;
2594 uint32_t ret_orig = 0;
2595 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2596
2597 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2598 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2599 &ret_orig)))
2600 return;
2601
2602 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2603 TEE_Attribute key_attr = { };
2604 size_t key_size = 0;
2605 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2606
2607 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2608 (int)n, (unsigned int)ciph_cases[n].algo,
2609 (int)ciph_cases[n].line);
2610
2611 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2612 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2613 key_attr.content.ref.length = ciph_cases[n].key1_len;
2614
2615 key_size = key_attr.content.ref.length * 8;
2616 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2617 ciph_cases[n].key_type == TEE_TYPE_DES3)
2618 /* Exclude parity in bit size of key */
2619 key_size -= key_size / 8;
2620
2621 op_key_size = key_size;
2622 if (ciph_cases[n].key2 != NULL)
2623 op_key_size *= 2;
2624
2625 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2626 ta_crypt_cmd_allocate_operation(c, &session, &op,
2627 ciph_cases[n].algo, ciph_cases[n].mode,
2628 op_key_size)))
2629 goto out;
2630
2631 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2632 ta_crypt_cmd_allocate_transient_object(c, &session,
2633 ciph_cases[n].key_type, key_size,
2634 &key1_handle)))
2635 goto out;
2636
2637 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2638 ta_crypt_cmd_populate_transient_object(c, &session,
2639 key1_handle, &key_attr, 1)))
2640 goto out;
2641
2642 if (ciph_cases[n].key2 != NULL) {
2643 key_attr.content.ref.buffer =
2644 (void *)ciph_cases[n].key2;
2645 key_attr.content.ref.length = ciph_cases[n].key2_len;
2646
2647 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2648 ta_crypt_cmd_allocate_transient_object(c,
2649 &session, ciph_cases[n].key_type,
2650 key_attr.content.ref.length * 8,
2651 &key2_handle)))
2652 goto out;
2653
2654 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2655 ta_crypt_cmd_populate_transient_object(c,
2656 &session, key2_handle, &key_attr, 1)))
2657 goto out;
2658
2659 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2660 ta_crypt_cmd_set_operation_key2(c, &session, op,
2661 key1_handle, key2_handle)))
2662 goto out;
2663 } else {
2664 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2665 ta_crypt_cmd_set_operation_key(c, &session, op,
2666 key1_handle)))
2667 goto out;
2668 }
2669
2670 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2671 ta_crypt_cmd_free_transient_object(c, &session,
2672 key1_handle)))
2673 goto out;
2674 key1_handle = TEE_HANDLE_NULL;
2675
2676 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2677 ta_crypt_cmd_free_transient_object(c, &session,
2678 key2_handle)))
2679 goto out;
2680 key2_handle = TEE_HANDLE_NULL;
2681
2682 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2683 ta_crypt_cmd_cipher_init(c, &session, op,
2684 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2685 goto out;
2686
2687 out_offs = 0;
2688 out_size = sizeof(out);
2689 memset(out, 0, sizeof(out));
2690 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2691 ta_crypt_cmd_cipher_update(c, &session, op,
2692 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2693 &out_size)))
2694 goto out;
2695
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2696 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2697 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2698 ciph_cases[n].in_incr);
2699
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2700 out_offs += out_size;
2701 out_size = sizeof(out) - out_offs;
2702
2703 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2704 ta_crypt_cmd_cipher_do_final(c, &session, op,
2705 ciph_cases[n].in + ciph_cases[n].in_incr,
2706 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2707 out + out_offs,
2708 &out_size)))
2709 goto out;
2710
2711 out_offs += out_size;
2712
2713 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2714 ciph_cases[n].out_len, out, out_offs);
2715
2716 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2717 ta_crypt_cmd_free_operation(c, &session, op)))
2718 goto out;
2719
2720 Do_ADBG_EndSubCase(c, NULL);
2721 }
2722out:
2723 TEEC_CloseSession(&session);
2724}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2725ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2726 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2727
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2728static void xtest_tee_test_4004(ADBG_Case_t *c)
2729{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2730 TEEC_Session session = { };
2731 uint32_t ret_orig = 0;
2732 uint8_t buf1[45] = { };
2733 uint8_t buf2[45] = { };
2734 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2735
2736 Do_ADBG_BeginSubCase(c, "TEE get random");
2737 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2738 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2739 &ret_orig)))
2740 return;
2741
2742 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2743 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2744 sizeof(buf1))))
2745 goto out;
2746
2747 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2748 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2749
2750 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2751 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2752 sizeof(buf2))))
2753 goto out;
2754
2755 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2756 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2757
2758 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2759 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2760out:
2761 TEEC_CloseSession(&session);
2762 Do_ADBG_EndSubCase(c, "TEE get random");
2763}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2764ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2765 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2766
2767struct xtest_ae_case {
2768 uint32_t algo;
2769 uint32_t mode;
2770 uint32_t key_type;
2771 const uint8_t *key;
2772 size_t key_len;
2773 const uint8_t *nonce;
2774 size_t nonce_len;
2775 size_t aad_incr;
2776 const uint8_t *aad;
2777 size_t aad_len;
2778 size_t in_incr;
2779 const uint8_t *ptx;
2780 size_t ptx_len;
2781 const uint8_t *ctx;
2782 size_t ctx_len;
2783 const uint8_t *tag;
2784 size_t tag_len;
2785 size_t line;
2786};
2787
2788
2789#define ARRAY(a) a, ARRAY_SIZE(a)
2790#define NULL_ARRAY(a) NULL, 0
2791
2792#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2793 aad_array, ptx_array, ctx_array) \
2794 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2795 ARRAY(vect ## _nonce), (aad_incr), \
2796 aad_array(vect ## _aad), (in_incr), \
2797 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2798 ARRAY(vect ## _tag), \
2799 __LINE__ }, \
2800 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2801 ARRAY(vect ## _nonce), (aad_incr), \
2802 aad_array(vect ## _aad), (in_incr), \
2803 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2804 ARRAY(vect ## _tag), \
2805 __LINE__ }
2806
2807#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2808 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2809 in_incr, ARRAY, ARRAY, ARRAY)
2810
2811#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2812 aad_array, ptx_array, ctx_array) \
2813 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2814 in_incr, aad_array, ptx_array, ctx_array)
2815
2816
2817
2818static const struct xtest_ae_case ae_cases[] = {
2819 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2820 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2821 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2822
2823 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2824 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2825 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2826 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2827 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2828 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2829 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2830 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2831 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2832 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2833 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2834 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2835 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2836 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2837 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2838 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2839 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2840 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2841 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2842#ifdef CFG_GCM_NIST_VECTORS
2843#include "gcmDecrypt128.h"
2844#include "gcmDecrypt192.h"
2845#include "gcmDecrypt256.h"
2846#include "gcmEncryptExtIV128.h"
2847#include "gcmEncryptExtIV192.h"
2848#include "gcmEncryptExtIV256.h"
2849#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2850};
2851
2852static void xtest_tee_test_4005(ADBG_Case_t *c)
2853{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2854 TEEC_Session session = { };
2855 TEE_OperationHandle op = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2856 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2857 TEE_Attribute key_attr = { };
2858 uint8_t out[512] = { };
2859 size_t out_size = 0;
2860 size_t out_offs = 0;
2861 uint32_t ret_orig = 0;
2862 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2863
2864 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2865 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2866 &ret_orig)))
2867 return;
2868
2869 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2870 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2871 (int)n, (unsigned int)ae_cases[n].algo,
2872 (int)ae_cases[n].line);
2873
2874 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2875 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2876 key_attr.content.ref.length = ae_cases[n].key_len;
2877
2878 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2879 ta_crypt_cmd_allocate_operation(c, &session, &op,
2880 ae_cases[n].algo, ae_cases[n].mode,
2881 key_attr.content.ref.length * 8)))
2882 goto out;
2883
2884 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2885 ta_crypt_cmd_allocate_transient_object(c, &session,
2886 ae_cases[n].key_type,
2887 key_attr.content.ref.length * 8,
2888 &key_handle)))
2889 goto out;
2890
2891 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2892 ta_crypt_cmd_populate_transient_object(c, &session,
2893 key_handle, &key_attr, 1)))
2894 goto out;
2895
2896 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2897 ta_crypt_cmd_set_operation_key(c, &session, op,
2898 key_handle)))
2899 goto out;
2900
2901 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2902 ta_crypt_cmd_free_transient_object(c, &session,
2903 key_handle)))
2904 goto out;
2905 key_handle = TEE_HANDLE_NULL;
2906
2907 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2908 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2909 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2910 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2911 goto out;
2912
2913 if (ae_cases[n].aad != NULL) {
2914 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2915 ta_crypt_cmd_ae_update_aad(c, &session, op,
2916 ae_cases[n].aad, ae_cases[n].aad_incr)))
2917 goto out;
2918
2919 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2920 ta_crypt_cmd_ae_update_aad(c, &session, op,
2921 ae_cases[n].aad + ae_cases[n].aad_incr,
2922 ae_cases [n].aad_len -
2923 ae_cases[n].aad_incr)))
2924 goto out;
2925 }
2926
2927 out_offs = 0;
2928 out_size = sizeof(out);
2929 memset(out, 0, sizeof(out));
2930 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2931 if (ae_cases[n].ptx != NULL) {
2932 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2933 ta_crypt_cmd_ae_update(c, &session, op,
2934 ae_cases[n].ptx,
2935 ae_cases[n].in_incr, out,
2936 &out_size)))
2937 goto out;
2938 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2939 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2940 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2941 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2942 }
2943 } else {
2944 if (ae_cases[n].ctx != NULL) {
2945 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2946 ta_crypt_cmd_ae_update(c, &session, op,
2947 ae_cases[n].ctx,
2948 ae_cases[n].in_incr, out,
2949 &out_size)))
2950 goto out;
2951 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2952 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2953 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2954 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2955 }
2956 }
2957
2958 out_size = sizeof(out) - out_offs;
2959 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2960 uint8_t out_tag[64];
2961 size_t out_tag_len = MIN(sizeof(out_tag),
2962 ae_cases[n].tag_len);
2963
2964 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2965 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2966 ae_cases[n].ptx + ae_cases[n].in_incr,
2967 ae_cases[n].ptx_len -
2968 ae_cases[n].in_incr,
2969 out + out_offs,
2970 &out_size, out_tag, &out_tag_len)))
2971 goto out;
2972
2973 (void)ADBG_EXPECT_BUFFER(c,
2974 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2975 out_tag_len);
2976
2977 out_offs += out_size;
2978
2979 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2980 ae_cases[n].ctx_len, out, out_offs);
2981 } else {
2982 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2983 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2984 ae_cases[n].ctx + ae_cases[n].in_incr,
2985 ae_cases[n].ctx_len -
2986 ae_cases[n].in_incr,
2987 out + out_offs,
2988 &out_size, ae_cases[n].tag,
2989 ae_cases[n].tag_len)))
2990 goto out;
2991
2992 out_offs += out_size;
2993
2994 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2995 ae_cases[n].ptx_len, out, out_offs);
2996 }
2997
2998 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2999 ta_crypt_cmd_free_operation(c, &session, op)))
3000 goto out;
3001
3002 Do_ADBG_EndSubCase(c, NULL);
3003 }
3004out:
3005 TEEC_CloseSession(&session);
3006}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]3007ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
3008 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3009
3010struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3011 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3012 uint32_t algo;
3013 TEE_OperationMode mode;
3014
3015 union {
3016 struct {
3017 const uint8_t *modulus;
3018 size_t modulus_len;
3019
3020 const uint8_t *pub_exp;
3021 size_t pub_exp_len;
3022
3023 const uint8_t *priv_exp;
3024 size_t priv_exp_len;
3025
3026 const uint8_t *prime1; /* q */
3027 size_t prime1_len;
3028 const uint8_t *prime2; /* p */
3029 size_t prime2_len;
3030 const uint8_t *exp1; /* dp */
3031 size_t exp1_len;
3032 const uint8_t *exp2; /* dq */
3033 size_t exp2_len;
3034 const uint8_t *coeff; /* iq */
3035 size_t coeff_len;
3036
3037 int salt_len;
3038 } rsa;
3039 struct {
3040 const uint8_t *prime;
3041 size_t prime_len;
3042 const uint8_t *sub_prime;
3043 size_t sub_prime_len;
3044 const uint8_t *base;
3045 size_t base_len;
3046 const uint8_t *pub_val;
3047 size_t pub_val_len;
3048 const uint8_t *priv_val;
3049 size_t priv_val_len;
3050 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3051 struct {
3052 const uint8_t *private;
3053 size_t private_len;
3054 const uint8_t *public_x;
3055 size_t public_x_len;
3056 const uint8_t *public_y;
3057 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3058 } ecc;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3059 } params;
3060
3061 const uint8_t *ptx;
3062 size_t ptx_len;
3063 const uint8_t *ctx;
3064 size_t ctx_len;
3065 size_t line;
3066};
3067
3068#define WITHOUT_SALT(x) -1
3069#define WITH_SALT(x) x
3070
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3071#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
3072 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3073 ARRAY(vect ## _ptx), \
3074 ARRAY(vect ## _out), \
3075 __LINE__ }
3076
3077#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
3078 { .rsa = { \
3079 ARRAY(vect ## _modulus), \
3080 ARRAY(vect ## _pub_exp), \
3081 ARRAY(vect ## _priv_exp), \
3082 opt_crt_array(vect ## _prime1), \
3083 opt_crt_array(vect ## _prime2), \
3084 opt_crt_array(vect ## _exp1), \
3085 opt_crt_array(vect ## _exp2), \
3086 opt_crt_array(vect ## _coeff), \
3087 opt_salt(vect ## _salt_len) \
3088 } }
3089
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3090#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
3091 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3092 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
3093
3094#define XTEST_AC_DSA_UNION(vect) \
3095 { .dsa = { \
3096 ARRAY(vect ## _prime), \
3097 ARRAY(vect ## _sub_prime), \
3098 ARRAY(vect ## _base), \
3099 ARRAY(vect ## _pub_val), \
3100 ARRAY(vect ## _priv_val), \
3101 } }
3102
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3103#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
3104 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3105
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3106#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3107 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3108 ARRAY(vect ## _private), \
3109 ARRAY(vect ## _public_x), \
3110 ARRAY(vect ## _public_y), \
3111 } }
3112
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3113#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3114 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3115
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3116static const struct xtest_ac_case xtest_ac_cases[] = {
3117 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3118 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3119 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3120 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3121 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3122 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3123 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3124 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3125 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]3126 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3127 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
3128 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3129 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]3130 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3131 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
3132 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3133 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3134 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3135 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3136 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3137 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3138 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3139 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3140 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3141 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3142 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3143 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3144 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3145 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3146 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3147 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3148 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3149 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3150 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3151 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3152 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3153 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3154 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3155 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
3156 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3157 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3158
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3159 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3160 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3161 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3162 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3163
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3164#ifdef CFG_CRYPTO_RSASSA_NA1
3165 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
3166 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3167 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
3168 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3169#endif
3170
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3171 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3172 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3173 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3174 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3175
3176 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3177 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3178 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3179 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3180
3181 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3182 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3183 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3184 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3185
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3186 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3187 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3188 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3189 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3190 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3191
3192 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3193 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3194 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3195 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3196 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3197 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3198
3199 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3200 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3201 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3202 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3203 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3204 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3205
3206 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3207 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3208 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3209 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3210 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3211 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3212
3213 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3214 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3215 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3216 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3217 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3218 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3219
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3220 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3221 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3222 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3223 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3224 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3225 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3226 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3227 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3228 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3229 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3230 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3231 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3232
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3233 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3234 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3235 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3236 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3237 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3238 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3239 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3240 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3241 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3242 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3243 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3244 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3245 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3246 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3247 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3248 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3249 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3250 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3251
3252 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3253 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3254 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3255 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3256 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3257 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3258 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3259 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3260 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3261 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3262 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3263 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3264 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3265 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3266 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3267 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3268 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3269 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3270 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3271 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3272 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3273 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3274 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3275 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3276 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3277 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3278 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3279 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3280 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3281 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3282 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3283 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3284 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3285 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3286 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3287 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3288 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3289 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3290 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3291 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3292 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3293 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3294 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3295 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3296 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3297
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3298 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3299 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3300 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3301 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3302 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3303 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3304 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3305 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3306 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3307 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3308 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3309 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3310 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3311 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3312 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3313 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3314 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3315 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3316 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3317 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3318 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3319 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3320 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3321 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3322 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3323 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3324 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3325 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3326 ac_rsassa_vect15, ARRAY, WITH_SALT),
3327
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3328 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3329 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3330 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3331 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3332 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3333 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3334 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3335 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3336 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3337 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3338 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3339 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3340
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3341 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3342 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3343 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3344 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3345 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3346 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3347 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3348 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3349 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3350 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3351 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3352 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3353 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3354 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3355 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3356 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3357 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3358 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3359
3360 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3361 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3362 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3363 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3364 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3365 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3366 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3367 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3368 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3369 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3370 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3371 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3372 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3373 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3374 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3375 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3376 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3377 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3378 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3379 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3380 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3381 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3382 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3383 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3384 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3385 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3386 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3387 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3388 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3389 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3390 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3391 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3392 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3393 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3394 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3395 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3396 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3397 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3398 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3399 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3400 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3401 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3402 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3403 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3404 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3405 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3406 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3407 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3408 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3409 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3410 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3411 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3412 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3413 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3414 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3415 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3416 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3417 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3418 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3419 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3420 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3421 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3422 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3423 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3424 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3425 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3426 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3427 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3428 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3429 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3430 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3431 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3432 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3433 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3434 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3435 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3436 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3437 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3438 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3439 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3440 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3441 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3442 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3443 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3444 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3445 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3446 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3447 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3448 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3449 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3450 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3451 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3452 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3453 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3454 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3455 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3456 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3457 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3458 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3459 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3460 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3461 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3462 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3463 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3464 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3465 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3466 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3467 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3468 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3469 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3470 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3471 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3472 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3473 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3474 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3475 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3476 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3477 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3478 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3479 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3480 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3481 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3482 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3483 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3484 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3485 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3486 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3487 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3488 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3489 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3490 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3491 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3492 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3493 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3494 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3495 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3496 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3497 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3498 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3499 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3500 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3501 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3502 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3503 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3504 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3505 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3506 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3507 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3508 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3509 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3510 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3511 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3512 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3513 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3514 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3515 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3516 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3517 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3518 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3519 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3520 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3521 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3522 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3523 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3524 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3525 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3526 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3527 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3528 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3529 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3530 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3531 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3532 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3533 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3534 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3535 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3536 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3537 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3538 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3539 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3540 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3541 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3542 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3543 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3544 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3545 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3546 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3547 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3548 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3549 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3550 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3551 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3552 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3553 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3554 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3555 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3556 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3557 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3558 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3559 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3560 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3561
3562 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3563 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3564 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3565 nist_186_2_ecdsa_testvector_1),
3566 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3567 nist_186_2_ecdsa_testvector_1),
3568 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3569 nist_186_2_ecdsa_testvector_2),
3570 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3571 nist_186_2_ecdsa_testvector_2),
3572 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3573 nist_186_2_ecdsa_testvector_3),
3574 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3575 nist_186_2_ecdsa_testvector_3),
3576 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3577 nist_186_2_ecdsa_testvector_4),
3578 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3579 nist_186_2_ecdsa_testvector_4),
3580 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3581 nist_186_2_ecdsa_testvector_5),
3582 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3583 nist_186_2_ecdsa_testvector_5),
3584 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3585 nist_186_2_ecdsa_testvector_6),
3586 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3587 nist_186_2_ecdsa_testvector_6),
3588 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3589 nist_186_2_ecdsa_testvector_7),
3590 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3591 nist_186_2_ecdsa_testvector_7),
3592 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3593 nist_186_2_ecdsa_testvector_8),
3594 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3595 nist_186_2_ecdsa_testvector_8),
3596 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3597 nist_186_2_ecdsa_testvector_9),
3598 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3599 nist_186_2_ecdsa_testvector_9),
3600 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3601 nist_186_2_ecdsa_testvector_10),
3602 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3603 nist_186_2_ecdsa_testvector_10),
3604 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3605 nist_186_2_ecdsa_testvector_11),
3606 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3607 nist_186_2_ecdsa_testvector_11),
3608 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3609 nist_186_2_ecdsa_testvector_12),
3610 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3611 nist_186_2_ecdsa_testvector_12),
3612 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3613 nist_186_2_ecdsa_testvector_13),
3614 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3615 nist_186_2_ecdsa_testvector_13),
3616 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3617 nist_186_2_ecdsa_testvector_14),
3618 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3619 nist_186_2_ecdsa_testvector_14),
3620 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3621 nist_186_2_ecdsa_testvector_15),
3622 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3623 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3624 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3625 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3626 nist_186_2_ecdsa_testvector_16),
3627 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3628 nist_186_2_ecdsa_testvector_16),
3629 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3630 nist_186_2_ecdsa_testvector_17),
3631 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3632 nist_186_2_ecdsa_testvector_17),
3633 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3634 nist_186_2_ecdsa_testvector_18),
3635 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3636 nist_186_2_ecdsa_testvector_18),
3637 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3638 nist_186_2_ecdsa_testvector_19),
3639 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3640 nist_186_2_ecdsa_testvector_19),
3641 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3642 nist_186_2_ecdsa_testvector_20),
3643 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3644 nist_186_2_ecdsa_testvector_20),
3645 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3646 nist_186_2_ecdsa_testvector_21),
3647 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3648 nist_186_2_ecdsa_testvector_21),
3649 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3650 nist_186_2_ecdsa_testvector_22),
3651 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3652 nist_186_2_ecdsa_testvector_22),
3653 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3654 nist_186_2_ecdsa_testvector_23),
3655 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3656 nist_186_2_ecdsa_testvector_23),
3657 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3658 nist_186_2_ecdsa_testvector_24),
3659 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3660 nist_186_2_ecdsa_testvector_24),
3661 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3662 nist_186_2_ecdsa_testvector_25),
3663 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3664 nist_186_2_ecdsa_testvector_25),
3665 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3666 nist_186_2_ecdsa_testvector_26),
3667 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3668 nist_186_2_ecdsa_testvector_26),
3669 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3670 nist_186_2_ecdsa_testvector_27),
3671 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3672 nist_186_2_ecdsa_testvector_27),
3673 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3674 nist_186_2_ecdsa_testvector_28),
3675 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3676 nist_186_2_ecdsa_testvector_28),
3677 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3678 nist_186_2_ecdsa_testvector_29),
3679 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3680 nist_186_2_ecdsa_testvector_29),
3681 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3682 nist_186_2_ecdsa_testvector_30),
3683 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3684 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3685 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3686 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3687 nist_186_2_ecdsa_testvector_31),
3688 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3689 nist_186_2_ecdsa_testvector_31),
3690 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3691 nist_186_2_ecdsa_testvector_32),
3692 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3693 nist_186_2_ecdsa_testvector_32),
3694 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3695 nist_186_2_ecdsa_testvector_33),
3696 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3697 nist_186_2_ecdsa_testvector_33),
3698 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3699 nist_186_2_ecdsa_testvector_34),
3700 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3701 nist_186_2_ecdsa_testvector_34),
3702 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3703 nist_186_2_ecdsa_testvector_35),
3704 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3705 nist_186_2_ecdsa_testvector_35),
3706 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3707 nist_186_2_ecdsa_testvector_36),
3708 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3709 nist_186_2_ecdsa_testvector_36),
3710 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3711 nist_186_2_ecdsa_testvector_37),
3712 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3713 nist_186_2_ecdsa_testvector_37),
3714 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3715 nist_186_2_ecdsa_testvector_38),
3716 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3717 nist_186_2_ecdsa_testvector_38),
3718 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3719 nist_186_2_ecdsa_testvector_39),
3720 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3721 nist_186_2_ecdsa_testvector_39),
3722 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3723 nist_186_2_ecdsa_testvector_40),
3724 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3725 nist_186_2_ecdsa_testvector_40),
3726 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3727 nist_186_2_ecdsa_testvector_41),
3728 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3729 nist_186_2_ecdsa_testvector_41),
3730 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3731 nist_186_2_ecdsa_testvector_42),
3732 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3733 nist_186_2_ecdsa_testvector_42),
3734 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3735 nist_186_2_ecdsa_testvector_43),
3736 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3737 nist_186_2_ecdsa_testvector_43),
3738 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3739 nist_186_2_ecdsa_testvector_44),
3740 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3741 nist_186_2_ecdsa_testvector_44),
3742 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3743 nist_186_2_ecdsa_testvector_45),
3744 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3745 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3746 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3747 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3748 nist_186_2_ecdsa_testvector_46),
3749 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3750 nist_186_2_ecdsa_testvector_46),
3751 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3752 nist_186_2_ecdsa_testvector_47),
3753 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3754 nist_186_2_ecdsa_testvector_47),
3755 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3756 nist_186_2_ecdsa_testvector_48),
3757 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3758 nist_186_2_ecdsa_testvector_48),
3759 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3760 nist_186_2_ecdsa_testvector_49),
3761 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3762 nist_186_2_ecdsa_testvector_49),
3763 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3764 nist_186_2_ecdsa_testvector_50),
3765 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3766 nist_186_2_ecdsa_testvector_50),
3767 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3768 nist_186_2_ecdsa_testvector_51),
3769 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3770 nist_186_2_ecdsa_testvector_51),
3771 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3772 nist_186_2_ecdsa_testvector_52),
3773 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3774 nist_186_2_ecdsa_testvector_52),
3775 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3776 nist_186_2_ecdsa_testvector_53),
3777 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3778 nist_186_2_ecdsa_testvector_53),
3779 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3780 nist_186_2_ecdsa_testvector_54),
3781 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3782 nist_186_2_ecdsa_testvector_54),
3783 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3784 nist_186_2_ecdsa_testvector_55),
3785 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3786 nist_186_2_ecdsa_testvector_55),
3787 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3788 nist_186_2_ecdsa_testvector_56),
3789 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3790 nist_186_2_ecdsa_testvector_56),
3791 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3792 nist_186_2_ecdsa_testvector_57),
3793 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3794 nist_186_2_ecdsa_testvector_57),
3795 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3796 nist_186_2_ecdsa_testvector_58),
3797 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3798 nist_186_2_ecdsa_testvector_58),
3799 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3800 nist_186_2_ecdsa_testvector_59),
3801 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3802 nist_186_2_ecdsa_testvector_59),
3803 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3804 nist_186_2_ecdsa_testvector_60),
3805 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3806 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3807 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]3808 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3809 nist_186_2_ecdsa_testvector_61),
3810 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3811 nist_186_2_ecdsa_testvector_61),
3812 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3813 nist_186_2_ecdsa_testvector_62),
3814 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3815 nist_186_2_ecdsa_testvector_62),
3816 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3817 nist_186_2_ecdsa_testvector_63),
3818 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3819 nist_186_2_ecdsa_testvector_63),
3820 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3821 nist_186_2_ecdsa_testvector_64),
3822 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3823 nist_186_2_ecdsa_testvector_64),
3824 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3825 nist_186_2_ecdsa_testvector_65),
3826 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3827 nist_186_2_ecdsa_testvector_65),
3828 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3829 nist_186_2_ecdsa_testvector_66),
3830 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3831 nist_186_2_ecdsa_testvector_66),
3832 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3833 nist_186_2_ecdsa_testvector_67),
3834 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3835 nist_186_2_ecdsa_testvector_67),
3836 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3837 nist_186_2_ecdsa_testvector_68),
3838 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3839 nist_186_2_ecdsa_testvector_68),
3840 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3841 nist_186_2_ecdsa_testvector_69),
3842 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3843 nist_186_2_ecdsa_testvector_69),
3844 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3845 nist_186_2_ecdsa_testvector_70),
3846 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3847 nist_186_2_ecdsa_testvector_70),
3848 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3849 nist_186_2_ecdsa_testvector_71),
3850 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3851 nist_186_2_ecdsa_testvector_71),
3852 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3853 nist_186_2_ecdsa_testvector_72),
3854 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3855 nist_186_2_ecdsa_testvector_72),
3856 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3857 nist_186_2_ecdsa_testvector_73),
3858 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3859 nist_186_2_ecdsa_testvector_73),
3860 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3861 nist_186_2_ecdsa_testvector_74),
3862 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3863 nist_186_2_ecdsa_testvector_74),
3864 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3865 nist_186_2_ecdsa_testvector_75),
3866 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3867 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3868 /* [K-163] - GP NOT SUPPORTED */
3869 /* [K-233] - GP NOT SUPPORTED */
3870 /* [K-283] - GP NOT SUPPORTED */
3871 /* [K-409] - GP NOT SUPPORTED */
3872 /* [K-571] - GP NOT SUPPORTED */
3873 /* [B-163] - GP NOT SUPPORTED */
3874 /* [B-233] - GP NOT SUPPORTED */
3875 /* [B-283] - GP NOT SUPPORTED */
3876 /* [B-409] - GP NOT SUPPORTED */
3877 /* [B-571] - GP NOT SUPPORTED */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3878};
3879
3880static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3881 uint32_t max_key_size, uint32_t key_type,
3882 TEE_Attribute *attrs, size_t num_attrs,
3883 TEE_ObjectHandle *handle)
3884{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3885 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3886
3887 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3888 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3889 max_key_size, handle)))
3890 return false;
3891
3892 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3893 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3894 num_attrs)))
3895 return false;
3896
3897 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3898 uint8_t out[512] = { };
3899 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3900
3901 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3902 continue;
3903
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3904 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3905 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3906 attrs[n].attributeID, out, &out_size)))
3907 return false;
3908
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3909 if (out_size < attrs[n].content.ref.length) {
3910 memmove(out + (attrs[n].content.ref.length - out_size),
3911 out,
3912 attrs[n].content.ref.length);
3913 memset(out, 0, attrs[n].content.ref.length - out_size);
3914 out_size = attrs[n].content.ref.length;
3915 }
3916
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3917 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3918 attrs[n].content.ref.length, out, out_size))
3919 return false;
3920 }
3921
3922 return true;
3923}
3924
3925static void xtest_tee_test_4006(ADBG_Case_t *c)
3926{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3927 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3928 TEE_OperationHandle op = TEE_HANDLE_NULL;
3929 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3930 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3931 TEE_Attribute key_attrs[8] = { };
3932 TEE_Attribute algo_params[1] = { };
3933 size_t num_algo_params = 0;
3934 uint8_t out[512] = { };
3935 size_t out_size = 0;
3936 uint8_t out_enc[512] = { };
3937 size_t out_enc_size = 0;
3938 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3939 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3940 size_t max_key_size = 0;
3941 size_t num_key_attrs = 0;
3942 uint32_t ret_orig = 0;
3943 size_t n = 0;
3944 uint32_t curve = 0;
3945 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3946
3947 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3948 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3949 &ret_orig)))
3950 return;
3951
3952 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3953 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3954
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3955 if (tv->level > level)
3956 continue;
3957
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3958 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3959 (int)n, (unsigned int)tv->algo,
3960 (int)tv->line);
3961
3962 /*
3963 * When signing or verifying we're working with the hash of
3964 * the payload.
3965 */
3966 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3967 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3968 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3969#if defined(CFG_CRYPTO_RSASSA_NA1)
3970 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
3971 hash_algo = TEE_ALG_SHA256;
3972#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3973 else
3974 hash_algo = TEE_ALG_HASH_ALGO(
3975 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3976
3977 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3978 ta_crypt_cmd_allocate_operation(c, &session,
3979 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3980 goto out;
3981
3982 ptx_hash_size = sizeof(ptx_hash);
3983 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3984 ta_crypt_cmd_digest_do_final(c, & session, op,
3985 tv->ptx, tv->ptx_len, ptx_hash,
3986 &ptx_hash_size)))
3987 goto out;
3988
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3989 /*
3990 * When we use DSA algorithms, the size of the hash we
3991 * consider equals the min between the size of the
3992 * "subprime" in the key and the size of the hash
3993 */
3994 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3995 TEE_MAIN_ALGO_DSA) {
3996 if (tv->params.dsa.sub_prime_len <=
3997 ptx_hash_size)
3998 ptx_hash_size =
3999 tv->params.dsa.sub_prime_len;
4000 }
4001
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4002 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4003 ta_crypt_cmd_free_operation(c, &session, op)))
4004 goto out;
4005 }
4006
4007 num_algo_params = 0;
4008 num_key_attrs = 0;
4009 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
4010 case TEE_MAIN_ALGO_RSA:
4011 if (tv->params.rsa.salt_len > 0) {
4012 algo_params[0].attributeID =
4013 TEE_ATTR_RSA_PSS_SALT_LENGTH;
4014 algo_params[0].content.value.a =
4015 tv->params.rsa.salt_len;
4016 algo_params[0].content.value.b = 0;
4017 num_algo_params = 1;
4018 }
4019
4020 max_key_size = tv->params.rsa.modulus_len * 8;
4021
4022 xtest_add_attr(&num_key_attrs, key_attrs,
4023 TEE_ATTR_RSA_MODULUS,
4024 tv->params.rsa.modulus,
4025 tv->params.rsa.modulus_len);
4026 xtest_add_attr(&num_key_attrs, key_attrs,
4027 TEE_ATTR_RSA_PUBLIC_EXPONENT,
4028 tv->params.rsa.pub_exp,
4029 tv->params.rsa.pub_exp_len);
4030
4031 if (!ADBG_EXPECT_TRUE(c,
4032 create_key(c, &session,
4033 max_key_size,
4034 TEE_TYPE_RSA_PUBLIC_KEY,
4035 key_attrs,
4036 num_key_attrs,
4037 &pub_key_handle)))
4038 goto out;
4039
4040 xtest_add_attr(&num_key_attrs, key_attrs,
4041 TEE_ATTR_RSA_PRIVATE_EXPONENT,
4042 tv->params.rsa.priv_exp,
4043 tv->params.rsa.priv_exp_len);
4044
4045 if (tv->params.rsa.prime1_len != 0) {
4046 xtest_add_attr(&num_key_attrs, key_attrs,
4047 TEE_ATTR_RSA_PRIME1,
4048 tv->params.rsa.prime1,
4049 tv->params.rsa.prime1_len);
4050 }
4051
4052 if (tv->params.rsa.prime2_len != 0) {
4053 xtest_add_attr(&num_key_attrs, key_attrs,
4054 TEE_ATTR_RSA_PRIME2,
4055 tv->params.rsa.prime2,
4056 tv->params.rsa.prime2_len);
4057 }
4058
4059 if (tv->params.rsa.exp1_len != 0) {
4060 xtest_add_attr(&num_key_attrs, key_attrs,
4061 TEE_ATTR_RSA_EXPONENT1,
4062 tv->params.rsa.exp1,
4063 tv->params.rsa.exp1_len);
4064 }
4065
4066 if (tv->params.rsa.exp2_len != 0) {
4067 xtest_add_attr(&num_key_attrs, key_attrs,
4068 TEE_ATTR_RSA_EXPONENT2,
4069 tv->params.rsa.exp2,
4070 tv->params.rsa.exp2_len);
4071 }
4072
4073 if (tv->params.rsa.coeff_len != 0) {
4074 xtest_add_attr(&num_key_attrs, key_attrs,
4075 TEE_ATTR_RSA_COEFFICIENT,
4076 tv->params.rsa.coeff,
4077 tv->params.rsa.coeff_len);
4078 }
4079
4080 if (!ADBG_EXPECT_TRUE(c,
4081 create_key(c, &session,
4082 max_key_size,
4083 TEE_TYPE_RSA_KEYPAIR,
4084 key_attrs,
4085 num_key_attrs,
4086 &priv_key_handle)))
4087 goto out;
4088 break;
4089
4090 case TEE_MAIN_ALGO_DSA:
4091 max_key_size = tv->params.dsa.prime_len * 8;
4092
4093 xtest_add_attr(&num_key_attrs, key_attrs,
4094 TEE_ATTR_DSA_PRIME,
4095 tv->params.dsa.prime,
4096 tv->params.dsa.prime_len);
4097 xtest_add_attr(&num_key_attrs, key_attrs,
4098 TEE_ATTR_DSA_SUBPRIME,
4099 tv->params.dsa.sub_prime,
4100 tv->params.dsa.sub_prime_len);
4101 xtest_add_attr(&num_key_attrs, key_attrs,
4102 TEE_ATTR_DSA_BASE,
4103 tv->params.dsa.base,
4104 tv->params.dsa.base_len);
4105 xtest_add_attr(&num_key_attrs, key_attrs,
4106 TEE_ATTR_DSA_PUBLIC_VALUE,
4107 tv->params.dsa.pub_val,
4108 tv->params.dsa.pub_val_len);
4109
4110 if (!ADBG_EXPECT_TRUE(c,
4111 create_key(c, &session, max_key_size,
4112 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
4113 num_key_attrs, &pub_key_handle)))
4114 goto out;
4115
4116 xtest_add_attr(&num_key_attrs, key_attrs,
4117 TEE_ATTR_DSA_PRIVATE_VALUE,
4118 tv->params.dsa.priv_val,
4119 tv->params.dsa.priv_val_len);
4120
4121 if (!ADBG_EXPECT_TRUE(c,
4122 create_key(c, &session, max_key_size,
4123 TEE_TYPE_DSA_KEYPAIR, key_attrs,
4124 num_key_attrs, &priv_key_handle)))
4125 goto out;
4126 break;
4127
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4128 case TEE_MAIN_ALGO_ECDSA:
4129 switch (tv->algo) {
4130 case TEE_ALG_ECDSA_P192:
4131 curve = TEE_ECC_CURVE_NIST_P192;
4132 break;
4133 case TEE_ALG_ECDSA_P224:
4134 curve = TEE_ECC_CURVE_NIST_P224;
4135 break;
4136 case TEE_ALG_ECDSA_P256:
4137 curve = TEE_ECC_CURVE_NIST_P256;
4138 break;
4139 case TEE_ALG_ECDSA_P384:
4140 curve = TEE_ECC_CURVE_NIST_P384;
4141 break;
4142 case TEE_ALG_ECDSA_P521:
4143 curve = TEE_ECC_CURVE_NIST_P521;
4144 break;
4145 default:
4146 curve = 0xFF;
4147 break;
4148 }
4149
4150 if (tv->algo == TEE_ALG_ECDSA_P521)
4151 max_key_size = 521;
4152 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]4153 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4154
4155 xtest_add_attr_value(&num_key_attrs, key_attrs,
4156 TEE_ATTR_ECC_CURVE, curve, 0);
4157 xtest_add_attr(&num_key_attrs, key_attrs,
4158 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]4159 tv->params.ecc.public_x,
4160 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4161 xtest_add_attr(&num_key_attrs, key_attrs,
4162 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]4163 tv->params.ecc.public_y,
4164 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4165
4166 if (!ADBG_EXPECT_TRUE(c,
4167 create_key(c, &session, max_key_size,
4168 TEE_TYPE_ECDSA_PUBLIC_KEY, key_attrs,
4169 num_key_attrs, &pub_key_handle)))
4170 goto out;
4171
4172 xtest_add_attr(&num_key_attrs, key_attrs,
4173 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame^]4174 tv->params.ecc.private,
4175 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4176
4177 if (!ADBG_EXPECT_TRUE(c,
4178 create_key(c, &session, max_key_size,
4179 TEE_TYPE_ECDSA_KEYPAIR, key_attrs,
4180 num_key_attrs, &priv_key_handle)))
4181 goto out;
4182 break;
4183
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4184 default:
4185 ADBG_EXPECT_TRUE(c, false);
4186 goto out;
4187 }
4188
4189 out_size = sizeof(out);
4190 memset(out, 0, sizeof(out));
4191 switch (tv->mode) {
4192 case TEE_MODE_ENCRYPT:
4193 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4194 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4195 &op, tv->algo, TEE_MODE_ENCRYPT,
4196 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4197 goto out;
4198
4199 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4200 ta_crypt_cmd_set_operation_key(c, &session, op,
4201 pub_key_handle)))
4202 goto out;
4203
4204 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4205 ta_crypt_cmd_free_transient_object(c, &session,
4206 pub_key_handle)))
4207 goto out;
4208 pub_key_handle = TEE_HANDLE_NULL;
4209
4210 out_enc_size = sizeof(out_enc);
4211 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4212 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
4213 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
4214 &out_enc_size)))
4215 goto out;
4216
4217 /*
4218 * A PS which is random is added when formatting the
4219 * message internally of the algorithm so we can't
4220 * verify against precomputed values, instead we use the
4221 * decrypt operation to see that output is correct.
4222 */
4223
4224 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4225 ta_crypt_cmd_free_operation(c, &session, op)))
4226 goto out;
4227
4228 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4229 ta_crypt_cmd_allocate_operation(c, &session,
4230 &op, tv->algo, TEE_MODE_DECRYPT,
4231 max_key_size)))
4232 goto out;
4233
4234 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4235 ta_crypt_cmd_set_operation_key(c, &session, op,
4236 priv_key_handle)))
4237 goto out;
4238
4239 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4240 ta_crypt_cmd_free_transient_object(c, &session,
4241 priv_key_handle)))
4242 goto out;
4243
4244 priv_key_handle = TEE_HANDLE_NULL;
4245
4246 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4247 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4248 NULL, 0, out_enc, out_enc_size, out,
4249 &out_size)))
4250 goto out;
4251
4252 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4253 out_size);
4254 break;
4255
4256 case TEE_MODE_DECRYPT:
4257 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4258 ta_crypt_cmd_allocate_operation(c, &session,
4259 &op, tv->algo, TEE_MODE_DECRYPT,
4260 max_key_size)))
4261 goto out;
4262
4263 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4264 ta_crypt_cmd_set_operation_key(c, &session, op,
4265 priv_key_handle)))
4266 goto out;
4267
4268 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4269 ta_crypt_cmd_free_transient_object(c, &session,
4270 priv_key_handle)))
4271 goto out;
4272
4273 priv_key_handle = TEE_HANDLE_NULL;
4274
4275 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4276 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4277 NULL, 0, tv->ctx, tv->ctx_len, out,
4278 &out_size)))
4279 goto out;
4280
4281 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4282 out_size);
4283 break;
4284
4285 case TEE_MODE_VERIFY:
4286 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4287 ta_crypt_cmd_allocate_operation(c, &session,
4288 &op, tv->algo, TEE_MODE_VERIFY,
4289 max_key_size)))
4290 goto out;
4291
4292 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4293 ta_crypt_cmd_set_operation_key(c, &session, op,
4294 pub_key_handle)))
4295 goto out;
4296
4297 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4298 ta_crypt_cmd_free_transient_object(c, &session,
4299 pub_key_handle)))
4300 goto out;
4301
4302 pub_key_handle = TEE_HANDLE_NULL;
4303
4304 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4305 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4306 algo_params, num_algo_params, ptx_hash,
4307 ptx_hash_size, tv->ctx, tv->ctx_len)))
4308 goto out;
4309 break;
4310
4311 case TEE_MODE_SIGN:
4312 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4313 ta_crypt_cmd_allocate_operation(c, &session,
4314 &op, tv->algo, TEE_MODE_SIGN,
4315 max_key_size)))
4316 goto out;
4317
4318 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4319 ta_crypt_cmd_set_operation_key(c, &session, op,
4320 priv_key_handle)))
4321 goto out;
4322
4323 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4324 ta_crypt_cmd_free_transient_object(c, &session,
4325 priv_key_handle)))
4326 goto out;
4327
4328 priv_key_handle = TEE_HANDLE_NULL;
4329
4330 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4331 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4332 algo_params, num_algo_params, ptx_hash,
4333 ptx_hash_size, out, &out_size)))
4334 goto out;
4335
4336 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4337 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4338 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4339 tv->algo == TEE_ALG_DSA_SHA224 ||
4340 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4341 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
4342 TEE_MAIN_ALGO_ECDSA) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4343 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4344 ta_crypt_cmd_free_operation(c, &session,
4345 op)))
4346 goto out;
4347 /*
4348 * The salt or K is random so we can't verify
4349 * signing against precomputed values, instead
4350 * we use the verify operation to see that
4351 * output is correct.
4352 */
4353 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4354 ta_crypt_cmd_allocate_operation(c,
4355 &session, &op, tv->algo,
4356 TEE_MODE_VERIFY, max_key_size)))
4357 goto out;
4358
4359 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4360 ta_crypt_cmd_set_operation_key(c,
4361 &session, op, pub_key_handle)))
4362 goto out;
4363
4364 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4365 ta_crypt_cmd_free_transient_object(c,
4366 &session, pub_key_handle)))
4367 goto out;
4368
4369 pub_key_handle = TEE_HANDLE_NULL;
4370
4371 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4372 ta_crypt_cmd_asymmetric_verify(c,
4373 &session, op, algo_params,
4374 num_algo_params, ptx_hash,
4375 ptx_hash_size, out, out_size)))
4376 goto out;
4377 } else {
4378 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4379 tv->ctx_len, out,
4380 out_size);
4381 }
4382 break;
4383
4384 default:
4385 break;
4386 }
4387
4388 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4389 ta_crypt_cmd_free_operation(c, &session, op)))
4390 goto out;
4391
4392 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4393 ta_crypt_cmd_free_transient_object(c, &session,
4394 pub_key_handle)))
4395 goto out;
4396 pub_key_handle = TEE_HANDLE_NULL;
4397
4398 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4399 ta_crypt_cmd_free_transient_object(c, &session,
4400 priv_key_handle)))
4401 goto out;
4402
4403 priv_key_handle = TEE_HANDLE_NULL;
4404
4405 Do_ADBG_EndSubCase(c, NULL);
4406 }
4407out:
4408 TEEC_CloseSession(&session);
4409}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4410ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4411 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4412
4413#define KEY_ATTR(x, y) { #x, (x), y }
4414
4415struct key_attrs {
4416 const char *name;
4417 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4418 /*
4419 * When keysize_check != 0: size of attribute is checked
4420 * Expected value is key_size bits except for DH in which case it is
4421 * the value of keysize_check.
4422 */
4423 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4424};
4425
4426static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4427 TEE_ObjectHandle key, uint32_t key_size,
4428 struct key_attrs *attrs, size_t num_attrs)
4429{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4430 uint8_t out[2048] = { };
4431 size_t out_size = 0;
4432 size_t n = 0;
4433 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4434
4435 for (m = 0; m < num_attrs; m++) {
4436 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4437 out_size = sizeof(out);
4438 memset(out, 0, sizeof(out));
4439 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4440 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4441 key, attrs[m].attr, out, &out_size)))
4442 return false;
4443
4444 if (attrs[m].keysize_check)
4445 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
4446 key_size / 8);
4447
4448 if (out_size > 0) {
4449 /* Check that buffer isn't all zeroes */
4450 for (n = 0; n < out_size; n++)
4451 if (out[n] != 0)
4452 break;
4453 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4454 out_size))
4455 return false;
4456 }
4457 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4458 uint32_t a = 0;
4459 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4460
4461 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4462 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4463 attrs[m].attr, &a, &b)))
4464 return false;
4465 }
4466 }
4467 return true;
4468}
4469
4470static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4471 TEE_ObjectHandle key, uint32_t key_size)
4472{
4473 const struct key_attrs attrs[] = {
4474 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4475 };
4476
4477 return test_keygen_attributes(c, s, key, key_size,
4478 (struct key_attrs *)&attrs,
4479 ARRAY_SIZE(attrs));
4480}
4481
4482
4483static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4484 TEE_ObjectHandle key, uint32_t key_size)
4485{
4486 const struct key_attrs attrs[] = {
4487 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4488 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4489 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4490 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4491 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4492 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4493 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4494 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4495 };
4496
4497 return test_keygen_attributes(c, s, key, key_size,
4498 (struct key_attrs *)&attrs,
4499 ARRAY_SIZE(attrs));
4500}
4501
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4502static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4503 TEE_ObjectHandle key, uint32_t key_size)
4504{
4505 const struct key_attrs attrs[] = {
4506 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4507 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4508 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4509 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4510 };
4511
4512 return test_keygen_attributes(c, s, key, key_size,
4513 (struct key_attrs *)&attrs,
4514 ARRAY_SIZE(attrs));
4515}
4516
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4517static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4518 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4519{
4520 const struct key_attrs attrs[] = {
4521 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4522 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4523 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4524 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4525 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4526 };
4527
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4528 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4529 (struct key_attrs *)&attrs,
4530 ARRAY_SIZE(attrs));
4531}
4532
4533static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4534 TEE_ObjectHandle key, uint32_t key_size)
4535{
4536 const struct key_attrs attrs[] = {
4537 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4538 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4539 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4540 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4541 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4542 };
4543
4544 return test_keygen_attributes(c, s, key, key_size,
4545 (struct key_attrs *)&attrs,
4546 ARRAY_SIZE(attrs));
4547}
4548
4549static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4550 uint32_t key_type, uint32_t check_keysize,
4551 uint32_t key_size,
4552 TEE_Attribute *params, size_t param_count)
4553{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4554 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4555 bool ret_val = true;
4556
4557 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4558 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4559 &key)))
4560 return false;
4561
4562 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4563 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4564 param_count)))
4565 return false;
4566
4567 switch (key_type) {
4568 case TEE_TYPE_DES:
4569 case TEE_TYPE_DES3:
4570 ret_val = ADBG_EXPECT_TRUE(c,
4571 test_secret_value(c, s, key,
4572 key_size + key_size / 7));
4573 break;
4574 case TEE_TYPE_AES:
4575 case TEE_TYPE_HMAC_MD5:
4576 case TEE_TYPE_HMAC_SHA1:
4577 case TEE_TYPE_HMAC_SHA224:
4578 case TEE_TYPE_HMAC_SHA256:
4579 case TEE_TYPE_HMAC_SHA384:
4580 case TEE_TYPE_HMAC_SHA512:
4581 case TEE_TYPE_GENERIC_SECRET:
4582 ret_val = ADBG_EXPECT_TRUE(c,
4583 test_secret_value(c, s, key, key_size));
4584 break;
4585
4586 case TEE_TYPE_RSA_KEYPAIR:
4587 ret_val = ADBG_EXPECT_TRUE(c,
4588 test_rsa_key_pair(c, s, key, key_size));
4589 break;
4590
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4591 case TEE_TYPE_ECDSA_KEYPAIR:
4592 case TEE_TYPE_ECDH_KEYPAIR:
4593 ret_val = ADBG_EXPECT_TRUE(c,
4594 test_ecc_key_pair(c, s, key, key_size));
4595 break;
4596
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4597 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4598 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4599 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4600 break;
4601
4602 case TEE_TYPE_DSA_KEYPAIR:
4603 ret_val = ADBG_EXPECT_TRUE(c,
4604 test_dsa_key_pair(c, s, key, key_size));
4605 break;
4606
4607 default:
4608 ret_val = false;
4609 break;
4610 }
4611
4612 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4613 ta_crypt_cmd_free_transient_object(c, s, key)))
4614 return false;
4615
4616 return ret_val;
4617}
4618
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4619struct key_types_noparam {
4620 unsigned level;
4621 const char *name;
4622 uint32_t key_type;
4623 uint32_t quanta;
4624 uint32_t min_size;
4625 uint32_t max_size;
4626};
4627
4628static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4629 const struct key_types_noparam *key_types,
4630 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4631{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4632 size_t n = 0;
4633 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4634
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4635 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4636 uint32_t min_size = key_types[n].min_size;
4637 uint32_t max_size = key_types[n].max_size;
4638 uint32_t quanta = key_types[n].quanta;
4639
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4640 if (key_types[n].level > level)
4641 continue;
4642
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4643 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4644
4645 for (key_size = min_size; key_size <= max_size;
4646 key_size += quanta) {
4647 if (!ADBG_EXPECT_TRUE(c,
4648 generate_and_test_key(c, session, key_types
4649 [n].key_type, 1, key_size, NULL, 0)))
4650 break;
4651 }
4652
4653 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4654 }
4655}
4656
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4657static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4658{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4659 TEEC_Session session = { };
4660 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4661 static const struct key_types_noparam key_types[] = {
4662 { 0, "AES", TEE_TYPE_AES, 64, 128,
4663 256 /* valid sizes 128, 192, 256 */ },
4664 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4665 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4666 168 /* valid sizes 112, 168 */ },
4667 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4668 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4669 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4670 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4671 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4672 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4673 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4674 };
4675
4676 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4677 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4678 &ret_orig)))
4679 return;
4680
4681 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4682
4683 TEEC_CloseSession(&session);
4684}
4685ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4686 "Test TEE Internal API Generate Symmetric key");
4687
4688static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4689{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4690 TEEC_Session session = { };
4691 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4692 static const struct key_types_noparam key_types[] = {
4693 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4694 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4695 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4696 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4697 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4698 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4699 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4700 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4701 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4702 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4703 };
4704
4705 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4706 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4707 &ret_orig)))
4708 return;
4709
4710 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4711
4712 TEEC_CloseSession(&session);
4713}
4714ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4715 "Test TEE Internal API Generate RSA key");
4716
4717static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4718{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4719 TEEC_Session session = { };
4720 uint32_t ret_orig = 0;
4721 size_t n = 0;
4722 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4723 /*
4724 * Note that the key size parameter is not used when creating the keys
4725 * but specifying these sizes make it possible to test the expected size
4726 * of the private value. This also means that the keysize must match the
4727 * size of p or what is specified in private_bits or the equvivalent
4728 * size of the subprime parameter.
4729 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4730 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4731
4732#define XTEST_DH_GK_DATA(vect) \
4733 ARRAY(vect ## _p), \
4734 ARRAY(vect ## _g), \
4735 &vect ## _private_bits, \
4736 0, 0
4737#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4738 ARRAY(vect ## _p), \
4739 ARRAY(vect ## _g), \
4740 &vect ## _private_bits, \
4741 ARRAY(vect ## _subprime)
4742 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4743 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4744 uint32_t key_size;
4745 const uint8_t *p;
4746 size_t p_len;
4747 const uint8_t *g;
4748 size_t g_len;
4749 const uint32_t *private_bits;
4750 const uint8_t *subprime;
4751 size_t subprime_len;
4752 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4753 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4754 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4755 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4756 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4757 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4758 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4759 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4760 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4761 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4762 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4763 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4764 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4765 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4766 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4767 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4768 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4769 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4770 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4771 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4772 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4773 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4774 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4775 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4776 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4777 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4778 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4779 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4780 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4781 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4782 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4783 };
4784
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4785 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4786 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4787 &ret_orig)))
4788 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4789
4790 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4791 if (key_types[n].level > level)
4792 continue;
4793
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4794 Do_ADBG_BeginSubCase(c,
4795 "Generate DH key %d bits - Private bits = %d",
4796 key_types[n].key_size,
4797 *key_types[n].private_bits);
4798 param_count = 0;
4799
4800 xtest_add_attr(&param_count, params,
4801 TEE_ATTR_DH_PRIME,
4802 key_types[n].p, key_types[n].p_len);
4803
4804 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4805 key_types[n].g, key_types[n].g_len);
4806
4807 if (key_types[n].private_bits != 0) {
4808 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4809
4810 params[param_count].content.value.a =
4811 *key_types[n].private_bits;
4812
4813 params[param_count].content.value.b = 0;
4814 param_count++;
4815 }
4816
4817 if (key_types[n].subprime != 0) {
4818 xtest_add_attr(&param_count, params,
4819 TEE_ATTR_DH_SUBPRIME,
4820 key_types[n].subprime,
4821 key_types[n].subprime_len);
4822 }
4823
4824 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4825 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4826 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4827 key_types[n]. key_size, params, param_count)))
4828 break;
4829
4830 Do_ADBG_EndSubCase(c,
4831 "Generate DH key %d bits - Private bits = %d",
4832 key_types[n].key_size,
4833 *key_types[n].private_bits);
4834 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4835
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4836 TEEC_CloseSession(&session);
4837}
4838ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4839 "Test TEE Internal API Generate DH key");
4840
4841static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4842{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4843 TEEC_Session session = { };
4844 uint32_t ret_orig = 0;
4845 size_t n = 0;
4846 size_t param_count = 0;
4847 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4848
4849#define XTEST_DSA_GK_DATA(vect) \
4850 ARRAY(vect ## _p), \
4851 ARRAY(vect ## _g), \
4852 ARRAY(vect ## _q)
4853 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4854 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4855 uint32_t key_size;
4856 const uint8_t *prime;
4857 size_t prime_len;
4858 const uint8_t *base;
4859 size_t base_len;
4860 const uint8_t *sub_prime;
4861 size_t sub_prime_len;
4862 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4863 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
4864 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
4865 { 1, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4866 { 1, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4867 { 1, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4868 { 1, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4869 { 1, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4870 { 1, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4871 { 1, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4872 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4873 };
4874
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4875 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4876 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4877 &ret_orig)))
4878 return;
4879
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4880 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4881 if (key_types[n].level > level)
4882 continue;
4883
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4884 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4885 key_types[n].key_size);
4886 param_count = 0;
4887
4888
4889 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4890 key_types[n].prime, key_types[n].prime_len);
4891
4892 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4893 key_types[n].sub_prime,
4894 key_types[n].sub_prime_len);
4895
4896 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4897 key_types[n].base, key_types[n].base_len);
4898
4899 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4900 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4901 1, key_types[n]. key_size, params,
4902 param_count)))
4903 break;
4904
4905 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4906 key_types[n].key_size);
4907 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4908
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4909 TEEC_CloseSession(&session);
4910}
4911ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4912 "Test TEE Internal API Generate DSA key");
4913
4914static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4915{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4916 TEEC_Session session = { };
4917 uint32_t ret_orig = 0;
4918 size_t n = 0;
4919 size_t param_count = 0;
4920 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4921
4922 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4923 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4924 const char *name;
4925 uint32_t algo;
4926 uint32_t curve;
4927 uint32_t key_size;
4928 } key_types[] = {
4929 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4930 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4931 192 },
4932 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4933 224 },
4934 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4935 256 },
4936 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4937 384 },
4938 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4939 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4940
4941 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4942 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4943 192 },
4944 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4945 224 },
4946 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4947 256 },
4948 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4949 384 },
4950 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4951 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4952 };
4953
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4954 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4955 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4956 &ret_orig)))
4957 return;
4958
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4959 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4960 if (key_types[n].level > level)
4961 continue;
4962
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4963 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4964 param_count = 0;
4965
4966 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4967 key_types[n].curve, 0);
4968
4969 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4970 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4971 0, key_types[n].key_size, params,
4972 param_count)))
4973 break;
4974
4975 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4976 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4977
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4978 TEEC_CloseSession(&session);
4979}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4980ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
4981 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4982
4983static void xtest_tee_test_4008(ADBG_Case_t *c)
4984{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4985 TEEC_Session session = { };
4986 uint32_t ret_orig = 0;
4987 TEE_OperationHandle op = TEE_HANDLE_NULL;
4988 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
4989 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
4990 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4991 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4992 uint8_t out[2048] = { };
4993 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4994
4995 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4996 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4997 &ret_orig)))
4998 return;
4999
5000 Do_ADBG_BeginSubCase(c, "Derive DH key success");
5001
5002 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5003 ta_crypt_cmd_allocate_operation(c, &session, &op,
5004 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
5005 derive_key_max_keysize)))
5006 goto out;
5007
5008 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5009 ta_crypt_cmd_allocate_transient_object(c, & session,
5010 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
5011 &key_handle)))
5012 goto out;
5013
5014 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
5015 ARRAY(derive_key_dh_prime));
5016
5017 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
5018 ARRAY(derive_key_dh_base));
5019
5020 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5021 ARRAY(derive_key_dh_public_value));
5022
5023 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
5024 ARRAY(derive_key_dh_private_value));
5025
5026 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5027 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
5028 params, param_count)))
5029 goto out;
5030
5031 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5032 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
5033 goto out;
5034
5035 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5036 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
5037 goto out;
5038
5039 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5040 ta_crypt_cmd_allocate_transient_object(c, &session,
5041 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
5042 &sv_handle)))
5043 goto out;
5044
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5045 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5046 param_count = 0;
5047
5048 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5049 ARRAY(derive_key_dh_public_value_2));
5050
5051 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5052 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5053 param_count)))
5054 goto out;
5055
5056 out_size = sizeof(out);
5057 memset(out, 0, sizeof(out));
5058 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5059 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5060 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5061 goto out;
5062
5063 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
5064 sizeof(derive_key_dh_shared_secret), out,
5065 out_size))
5066 goto out;
5067
5068 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5069 ta_crypt_cmd_free_operation(c, &session, op)))
5070 goto out;
5071
5072 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5073 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5074 goto out;
5075out:
5076 Do_ADBG_EndSubCase(c, "Derive DH key success");
5077 TEEC_CloseSession(&session);
5078}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5079ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
5080 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5081
5082static void xtest_tee_test_4009(ADBG_Case_t *c)
5083{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5084 TEEC_Session session = { };
5085 uint32_t ret_orig = 0;
5086 TEE_OperationHandle op = TEE_HANDLE_NULL;
5087 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
5088 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5089 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5090 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5091 uint8_t out[2048] = { };
5092 size_t out_size = 0;
5093 uint32_t size_bytes = 0;
5094 uint32_t i = 0;
5095 struct derive_key_ecdh_t *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5096
5097 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5098 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5099 &ret_orig)))
5100 return;
5101
5102 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
5103 pt = &derive_key_ecdh[i];
5104
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]5105 if (pt->level > level)
5106 continue;
5107
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5108 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
5109 pt->algo);
5110 size_bytes = (pt->keysize + 7) / 8;
5111 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5112 ta_crypt_cmd_allocate_operation(c, &session, &op,
5113 pt->algo,
5114 TEE_MODE_DERIVE, pt->keysize)))
5115 goto out;
5116
5117 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5118 ta_crypt_cmd_allocate_transient_object(c, & session,
5119 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
5120 &key_handle)))
5121 goto out;
5122
5123 param_count = 0;
5124 xtest_add_attr_value(&param_count, params,
5125 TEE_ATTR_ECC_CURVE, pt->curve, 0);
5126 xtest_add_attr(&param_count, params,
5127 TEE_ATTR_ECC_PRIVATE_VALUE,
5128 pt->private, size_bytes);
5129 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5130 * The public value is not used, but we should provide a valid
5131 * one to avoid rejection in case TEE_PopulateTransientObject()
5132 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5133 */
5134 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5135 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5136 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5137 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5138 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5139 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5140
5141 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5142 ta_crypt_cmd_populate_transient_object(c,
5143 &session,
5144 key_handle, params, param_count)))
5145 goto out;
5146
5147 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5148 ta_crypt_cmd_set_operation_key(c, &session, op,
5149 key_handle)))
5150 goto out;
5151
5152 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5153 ta_crypt_cmd_free_transient_object(c, & session,
5154 key_handle)))
5155 goto out;
5156
5157 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5158 ta_crypt_cmd_allocate_transient_object(c, &session,
5159 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
5160 &sv_handle)))
5161 goto out;
5162
5163 /* reuse but reset params and param-count */
5164 param_count = 0;
5165
5166 xtest_add_attr(&param_count, params,
5167 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5168 pt->public_x, size_bytes);
5169 xtest_add_attr(&param_count, params,
5170 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5171 pt->public_y, size_bytes);
5172
5173 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5174 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
5175 params, param_count)))
5176 goto out;
5177
5178 out_size = sizeof(out);
5179 memset(out, 0, sizeof(out));
5180 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5181 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
5182 sv_handle,
5183 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5184 goto out;
5185
5186 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
5187 out, out_size))
5188 goto out;
5189
5190 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5191 ta_crypt_cmd_free_operation(c, &session, op)))
5192 goto out;
5193
5194 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5195 ta_crypt_cmd_free_transient_object(c, &session,
5196 sv_handle)))
5197 goto out;
5198
5199 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
5200 pt->algo);
5201 }
5202
5203 goto noerror;
5204
5205out:
5206 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
5207
5208noerror:
5209 TEEC_CloseSession(&session);
5210}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5211ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
5212 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5213
5214static void xtest_tee_test_4010(ADBG_Case_t *c)
5215{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5216 TEEC_Session session = { };
5217 uint32_t ret_orig = 0;
5218 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5219 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
5220 static const TEE_Attribute attr = {
5221 .attributeID = TEE_ATTR_SECRET_VALUE,
5222 .content.ref.buffer = (void *)large_key,
5223 .content.ref.length = sizeof(large_key),
5224 };
5225
5226 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5227 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5228 &ret_orig)))
5229 return;
5230
5231 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5232 ta_crypt_cmd_allocate_transient_object(c, &session,
5233 TEE_TYPE_HMAC_SHA256, 1024, &o)))
5234 goto out;
5235
5236 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
5237 ta_crypt_cmd_populate_transient_object(c, &session, o,
5238 &attr, 1));
5239
5240out:
5241 TEEC_CloseSession(&session);
5242}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5243ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
5244 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5245
5246static void xtest_tee_test_4011(ADBG_Case_t *c)
5247{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5248 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5249 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5250 TEE_ObjectHandle key = TEE_HANDLE_NULL;
5251 TEE_OperationHandle ops = TEE_HANDLE_NULL;
5252 TEE_OperationHandle opv = TEE_HANDLE_NULL;
5253 TEE_OperationHandle ope = TEE_HANDLE_NULL;
5254 TEE_OperationHandle opd = TEE_HANDLE_NULL;
5255 uint32_t ret_orig = 0;
5256 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
5257 uint8_t out[1024] = { };
5258 uint8_t tmp[1024] = { };
5259 size_t out_size = 0;
5260 size_t tmp_size = 0;
5261 size_t n = 0;
5262 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5263 size_t i = 0;
5264
5265 /* Setup session, initialize message to sign, create a keypair */
5266 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
5267 &crypt_user_ta_uuid, NULL, &ret_orig)))
5268 return;
5269 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
5270 &s, in, sizeof(in))))
5271 goto out;
5272 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
5273 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
5274 goto out;
5275 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
5276 key, key_size, NULL, 0)))
5277 goto out;
5278
5279 /* Allocate operations for sign, verify, encrypt and decrypt */
5280 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5281 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
5282 key_size)))
5283 goto out;
5284 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5285 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
5286 key_size)))
5287 goto out;
5288 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5289 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
5290 goto out;
5291 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5292 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
5293 goto out;
5294
5295 /* Assign the keypair to all operations */
5296 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5297 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
5298 goto out;
5299 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5300 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
5301 goto out;
5302 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5303 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
5304 goto out;
5305 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5306 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
5307 goto out;
5308
5309 /*
5310 * The core of the test case is inspired by the one in libtomcrypt:
5311 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
5312 *
5313 * Testcase for Bleichenbacher attack
5314 *
5315 * (1) Create a valid signature
5316 * (2) Check that it can be verified
5317 * (3) Transform the package to fetch plain text (using the encrypt
5318 * operation in GP TEE Internal API)
5319 * (4) Forge the structure of PKCS#1-EMSA encoded data
5320 * (4.1) Search for start and end of the padding string
5321 * (4.2) Move the signature to the front of the padding string
5322 * (4.3) Zero the message until the end
5323 * (5) Transform the package back (using the decrypt operation in
5324 * GP TEE Internal API)
5325 * (6) The result should not be valid if the implementation is robust.
5326 */
5327
5328
5329 for (i = 0; i < 9; i++) {
5330 Do_ADBG_Log("Iteration %zu", i);
5331
5332 /* 1 */
5333 out_size = sizeof(out);
5334 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5335 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5336 in, sizeof(in), out, &out_size)))
5337 goto out;
5338
5339 /* 2 */
5340 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5341 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5342 in, sizeof(in), out, out_size)))
5343 goto out;
5344
5345 /* 3 */
5346 tmp_size = sizeof(tmp);
5347 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5348 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5349 out, out_size, tmp, &tmp_size)))
5350 goto out;
5351
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5352 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5353 goto out;
5354
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5355 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5356 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5357 if (tmp[n] == 0xff)
5358 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5359
5360 /* Shall find at least a padding start before buffer end */
5361 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5362 goto out;
5363
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5364 for (m = n + 1; m < tmp_size; m++)
5365 if (tmp[m] != 0xff)
5366 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5367
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5368 /* 4.2 */
5369 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5370
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5371 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5372 n = n + i + tmp_size - m;
5373 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5374
5375 /* 5 */
5376 out_size = sizeof(out);
5377 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5378 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5379 tmp, tmp_size, out, &out_size)))
5380 goto out;
5381
5382 /* 6 */
5383 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5384 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5385 in, sizeof(in), out, out_size)))
5386 goto out;
5387 }
5388
5389out:
5390 TEEC_CloseSession(&s);
5391}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5392ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5393 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5394
5395#ifdef CFG_SYSTEM_PTA
5396static void xtest_tee_test_4012(ADBG_Case_t *c)
5397{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5398 TEEC_Session session = { };
5399 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5400 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5401 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5402 uint8_t pool_input[32] = { };
5403 time_t t = 0;
5404 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5405
5406 t = time(NULL);
5407 tm_local = *localtime(&t);
5408
5409 memcpy((void *)pool_input, (void *)&tm_local,
5410 sizeof(pool_input) < sizeof(tm_local) ?
5411 sizeof(pool_input) : sizeof(tm_local));
5412
5413
5414 op.params[0].tmpref.buffer = pool_input;
5415 op.params[0].tmpref.size = sizeof(pool_input);
5416 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5417 TEEC_NONE,
5418 TEEC_NONE,
5419 TEEC_NONE);
5420 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5421 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5422 &ret_orig)))
5423 return;
5424
5425 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5426 TEEC_InvokeCommand(&session,
5427 TA_CRYPT_CMD_SEED_RNG_POOL,
5428 &op,
5429 &ret_orig));
5430 TEEC_CloseSession(&session);
5431}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5432ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5433 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5434
5435static void xtest_tee_test_4013(ADBG_Case_t *c)
5436{
5437 TEEC_Session session = { };
5438 uint32_t ret_orig = 0;
5439 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5440 uint8_t key[32] = { };
5441 uint8_t extra_data[32] = { };
5442
5443 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5444 TEEC_NONE,
5445 TEEC_NONE,
5446 TEEC_NONE);
5447 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5448 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5449 NULL, &ret_orig)))
5450 return;
5451
5452 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5453 TEEC_InvokeCommand(&session,
5454 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5455 &op,
5456 &ret_orig));
5457
5458 /* Negative test using non-secure memory */
5459 memset(&op, 0, sizeof(op));
5460 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5461 TEEC_MEMREF_TEMP_OUTPUT,
5462 TEEC_NONE,
5463 TEEC_NONE);
5464
5465 op.params[0].tmpref.buffer = extra_data;
5466 op.params[0].tmpref.size = sizeof(extra_data);
5467 op.params[1].tmpref.buffer = key;
5468 op.params[1].tmpref.size = sizeof(key);
5469 (void)ADBG_EXPECT_TEEC_RESULT(c,
5470 TEEC_ERROR_SECURITY,
5471 TEEC_InvokeCommand(&session,
5472 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5473 &op,
5474 &ret_orig));
5475
5476 TEEC_CloseSession(&session);
5477}
5478ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5479 "Test generation of device unique TA keys");
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5480#endif /*CFG_SYSTEM_PTA*/