TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / bcedd371382a0a1f8e3c07aee9c901b437feb714 / . / ta / crypt / include / ta_crypt.h
blob: e2f15868242247e63cc674555fade4f1d96229c5 [file] [log] [blame]
Etienne Carriere75141172020-05-16 11:58:23 +0200[diff] [blame]1/* SPDX-License-Identifier: BSD-2-Clause */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2/*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
4 * All rights reserved.
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5 */
6
7#ifndef TA_CRYPT_H
8#define TA_CRYPT_H
9
10/* This UUID is generated with the ITU-T UUID generator at
11 http://www.itu.int/ITU-T/asn1/uuid.html */
12#define TA_CRYPT_UUID { 0xcb3e5ba0, 0xadf1, 0x11e0, \
13 { 0x99, 0x8b, 0x00, 0x02, 0xa5, 0xd5, 0xc5, 0x1b } }
14
15#define TA_CRYPT_CMD_SHA224 1
16#define TA_CRYPT_CMD_SHA256 2
17#define TA_CRYPT_CMD_AES256ECB_ENC 3
18#define TA_CRYPT_CMD_AES256ECB_DEC 4
19
20/*
21 * TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation,
22 * uint32_t algorithm, uint32_t mode, uint32_t maxKeySize);
23 * in/out params[0].value.a = operation
24 * in/out params[0].value.b = algorithm
25 * in params[1].value.a = mode
26 * in params[2].value.b = maxKeySize
27 */
28#define TA_CRYPT_CMD_ALLOCATE_OPERATION 5
29
30/*
31 * void TEE_FreeOperation(TEE_OperationHandle operation);
32 * in params[0].value.a = operation
33 */
34#define TA_CRYPT_CMD_FREE_OPERATION 6
35
36/*
37 * void TEE_GetOperationInfo(TEE_OperationHandle operation,
38 * TEE_OperationInfo* operationInfo);
39 * in params[0].value.a = operation
40 * out params[1].memref = operationInfo
41 */
42#define TA_CRYPT_CMD_GET_OPERATION_INFO 7
43
44/*
45 * void TEE_ResetOperation(TEE_OperationHandle operation);
46 * in params[0].value.a = operation
47 */
48#define TA_CRYPT_CMD_RESET_OPERATION 8
49
50/*
51 * TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation,
52 * TEE_ObjectHandle key);
53 * in params[0].value.a = operation
54 * in params[0].value.b = key
55 */
56#define TA_CRYPT_CMD_SET_OPERATION_KEY 9
57
58/*
59 * TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation,
60 * TEE_ObjectHandle key1, TEE_ObjectHandle key2);
61 * in params[0].value.a = operation
62 * in params[0].value.b = key1
63 * in params[0].value.a = key2
64 */
65#define TA_CRYPT_CMD_SET_OPERATION_KEY2 10
66
67/*
68 * void TEE_CopyOperation(TEE_OperationHandle dstOperation,
69 * TEE_OperationHandle srcOperation);
70 * in params[0].value.a = dstOperation
71 * in params[0].value.b = srcOperation
72 */
73#define TA_CRYPT_CMD_COPY_OPERATION 11
74
75/*
76 * void TEE_DigestUpdate(TEE_OperationHandle operation,
77 * void *chunk, size_t chunkSize);
78 * in params[0].value.a = operation
79 * in params[1].memref = chunk
80 */
81#define TA_CRYPT_CMD_DIGEST_UPDATE 12
82
83/*
84 * TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation,
85 * const void *chunk, size_t chunkLen,
86 * void *hash, size_t *hashLen);
87 * in params[0].value.a = operation
88 * in params[1].memref = chunk
89 * out params[2].memref = hash
90 */
91#define TA_CRYPT_CMD_DIGEST_DO_FINAL 13
92
93/*
94 * void TEE_CipherInit(TEE_OperationHandle operation, const void *IV,
95 * size_t IVLen);
96 * in params[0].value.a = operation
97 * in params[1].memref = IV
98 */
99#define TA_CRYPT_CMD_CIPHER_INIT 14
100
101/*
102 * TEE_Result TEE_CipherUpdate(TEE_OperationHandle operation,
103 * const void *srcData, size_t srcLen,
104 * void *destData, size_t *destLen);
105 * in params[0].value.a = operation
106 * in params[1].memref = srcData
107 * out params[2].memref = dstData
108 */
109#define TA_CRYPT_CMD_CIPHER_UPDATE 15
110
111/*
112 * TEE_Result TEE_CipherDoFinal(TEE_OperationHandle operation,
113 * const void *srcData, size_t srcLen,
114 * void *destData, size_t *destLen);
115 * in params[0].value.a = operation
116 * in params[1].memref = srcData
117 * out params[2].memref = destData
118 */
119#define TA_CRYPT_CMD_CIPHER_DO_FINAL 16
120
121/*
122 * void TEE_MACInit(TEE_OperationHandle operation,
123 * const void *IV, size_t IVLen);
124 * in params[0].value.a = operation
125 * in params[1].memref = IV
126 */
127#define TA_CRYPT_CMD_MAC_INIT 17
128
129/*
130 * void TEE_MACUpdate(TEE_OperationHandle operation,
131 * const void *chunk, size_t chunkSize);
132 * in params[0].value.a = operation
133 * in params[1].memref = chunk
134 */
135#define TA_CRYPT_CMD_MAC_UPDATE 18
136
137/*
138 * TEE_Result TEE_MACFinalCompute(TEE_OperationHandle operation,
139 * const void *message, size_t messageLen,
140 * void *mac, size_t *macLen);
141 * in params[0].value.a = operation
142 * in params[1].memref = message
143 * out params[2].memref = mac
144 */
145#define TA_CRYPT_CMD_MAC_FINAL_COMPUTE 19
146
147/*
148 * TEE_Result TEE_MACFinalCompare(TEE_OperationHandle operation,
149 * const void *message, size_t messageLen,
150 * const void *mac, size_t *macLen);
151 * in params[0].value.a = operation
152 * in params[1].memref = message
153 * in params[2].memref = mac
154 */
155#define TA_CRYPT_CMD_MAC_FINAL_COMPARE 20
156
157/*
158 * TEE_Result TEE_AllocateTransientObject(TEE_ObjectType objectType,
159 * uint32_t maxObjectSize, TEE_ObjectHandle* object);
160 * in params[0].value.a = objectType
161 * in params[0].value.b = maxObjectSize
162 * out params[1].value.a = object;
163 */
164#define TA_CRYPT_CMD_ALLOCATE_TRANSIENT_OBJECT 21
165
166/*
167 * void TEE_FreeTransientObject(TEE_ObjectHandle object);
168 * in params[0].value.a = object
169 */
170#define TA_CRYPT_CMD_FREE_TRANSIENT_OBJECT 22
171
172/*
173 * void TEE_ResetTransientObject(TEE_ObjectHandle object);
174 * in params[0].value.a = object
175 */
176#define TA_CRYPT_CMD_RESET_TRANSIENT_OBJECT 23
177
178/*
179 * TEE_Result TEE_PopulateTransientObject(TEE_ObjectHandle object,
180 * TEE_Attribute *attrs, uint32_t attrCount);
181 * in params[0].value.a = object
182 * in params[1].memref = attrs
183 */
184#define TA_CRYPT_CMD_POPULATE_TRANSIENT_OBJECT 24
185
186/*
187 * void TEE_CopyObjectAttributes(TEE_ObjectHandle destObject,
188 * TEE_ObjectHandle srcObject);
189 * in params[0].value.a = destObject
190 * in params[0].value.b = srcObject
191 */
192#define TA_CRYPT_CMD_COPY_OBJECT_ATTRIBUTES 25
193
194/*
195 * TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize,
196 * TEE_Attribute *params, uint32_t paramCount);
197 * in params[0].value.a = object
198 * in params[0].value.b = keySize
199 * in params[1].memref = params
200 */
201#define TA_CRYPT_CMD_GENERATE_KEY 26
202
203/*
204 * TEE_Result TEE_AsymmetricEncrypt(TEE_OperationHandle operation,
205 * const TEE_Attribute *params, uint32_t paramCount,
206 * const void *srcData, size_t srcLen, void *destData,
207 * size_t *destLen);
208 * in params[0].value.a = operation
209 * in params[1].memref = params
210 * in params[2].memref = srcData
211 * out params[3].memref = destData
212 */
213#define TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT 27
214
215/*
216 * TEE_Result TEE_AsymmetricDecrypt(TEE_OperationHandle operation,
217 * const TEE_Attribute *params, uint32_t paramCount,
218 * const void *srcData, size_t srcLen, void *destData,
219 * size_t *destLen)
220 * in params[0].value.a = operation
221 * in params[1].memref = params
222 * in params[2].memref = srcData
223 * out params[3].memref = destData
224 */
225#define TA_CRYPT_CMD_ASYMMETRIC_DECRYPT 28
226
227/*
228 * TEE_Result TEE_AsymmetricSignDigest(TEE_OperationHandle operation,
229 * const TEE_Attribute *params, uint32_t paramCount,
230 * const void *digest, size_t digestLen, void *signature,
231 * size_t *signatureLen)
232 * in params[0].value.a = operation
233 * in params[1].memref = params
234 * in params[2].memref = digest
235 * out params[3].memref = signature
236 */
237#define TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST 29
238
239/*
240 * TEE_Result TEE_AsymmetricVerifyDigest(TEE_OperationHandle operation,
241 * const TEE_Attribute *params, uint32_t paramCount,
242 * const void *digest, size_t digestLen, const void *signature,
243 * size_t signatureLen)
244 * in params[0].value.a = operation
245 * in params[1].memref = params
246 * in params[2].memref = digest
247 * in params[3].memref = signature
248 */
249#define TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST 30
250
251/*
252 * void TEE_DeriveKey(TEE_OperationHandle operation,
253 * const TEE_Attribute *params, uint32_t paramCount,
254 * TEE_ObjectHandle derivedKey)
255 * in params[0].value.a = operation
256 * in params[1].memref = params
257 * in params[0].value.b = derivedKey
258 */
259#define TA_CRYPT_CMD_DERIVE_KEY 31
260
261/*
262 * void TEE_RandomNumberGenerate(void *randomBuffer, size_t randomBufferLen);
263 * out params[0].memref = randomBuffer
264 */
Joakim Bech81f97e32020-05-27 12:14:23 +0200[diff] [blame]265#define TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE 32
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]266
267/*
268 * TEE_Result TEE_AEInit(TEE_OperationHandle operation,
269 * const void* nonce, size_t nonceLen,
270 * uint32_t tagLen, uint32_t AADLen, uint32_t payloadLen);
271 * in params[0].value.a = operation
272 * in params[1].memref = nonce
273 * in params[0].value.b = tagLen
274 * in params[2].value.a = AADLen
275 * in params[2].value.b = payloadLen
276 */
277#define TA_CRYPT_CMD_AE_INIT 33
278
279/*
280 * void TEE_AEUpdateAAD(TEE_OperationHandle operation,
281 * void* AADdata, size_t AADdataLen);
282 * in params[0].value.a = operation
283 * in params[1].memref = AADdata
284 */
285#define TA_CRYPT_CMD_AE_UPDATE_AAD 34
286
287/*
288 * TEE_Result TEE_AEUpdate(TEE_OperationHandle operation,
289 * const void* srcData, size_t srcLen,
290 * void* destData, size_t *destLen);
291 * in params[0].value.a = operation
292 * in params[1].memref = srcData
293 * out params[2].memref = destData
294 */
295#define TA_CRYPT_CMD_AE_UPDATE 35
296
297/*
298 * TEE_Result TEE_AEEncryptFinal(TEE_OperationHandle operation,
299 * const void* srcData, size_t srcLen,
300 * void* destData, size_t* destLen,
301 * void* tag, size_t* tagLen);
302 * in params[0].value[0].a = operation
303 * in params[1].memref = srcData
304 * out params[2].memref = destData
305 * out params[3].memref = tag
306 */
307#define TA_CRYPT_CMD_AE_ENCRYPT_FINAL 36
308
309/*
310 * TEE_Result TEE_AEDecryptFinal(TEE_OperationHandle operation,
311 * const void* srcData, size_t srcLen,
312 * void* destData, size_t *destLen,
313 * const void* tag, size_t tagLen);
314 * in params[0].value.a = operation
315 * in params[1].memref = srcData
316 * out params[2].memref = destData
317 * in params[3].memref = tag
318 */
319#define TA_CRYPT_CMD_AE_DECRYPT_FINAL 37
320
321/*
322 * TEE_Result TEE_GetObjectBufferAttribute(TEE_ObjectHandle object,
323 * uint32_t attributeID, void* buffer, size_t* size);
324 * in params[0].value.a = object
325 * in params[0].value.b = attributeID
326 * out params[1].memrefs = buffer
327 */
328#define TA_CRYPT_CMD_GET_OBJECT_BUFFER_ATTRIBUTE 38
329
330/*
331 * TEE_Result TEE_GetObjectValueAttribute(TEE_ObjectHandle object,
332 * uint32_t attributeID, void* buffer, size_t* size);
333 * in params[0].value.a = object
334 * in params[0].value.b = attributeID
335 * out params[1].value.a = value a
336 * out params[1].value.b = value b
337 */
338#define TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE 39
339
340/* To set or get a global value */
341#define TA_CRYPT_CMD_SETGLOBAL 40
342#define TA_CRYPT_CMD_GETGLOBAL 41
343
Jens Wiklandere9babd92018-04-20 11:20:59 +0200[diff] [blame]344/* If mbedtls is compiled with MBEDTLS_SELF_TEST, run the self tests */
345#define TA_CRYPT_CMD_MBEDTLS_SELF_TESTS 42
346
Jens Wiklanderf7ffa642018-04-20 16:25:21 +0200[diff] [blame]347/*
348 * in params[0].memref = cert-chain
349 * in params[1].memref = trust-anchor-cert
350 */
351#define TA_CRYPT_CMD_MBEDTLS_CHECK_CERT 43
352
Jens Wiklanderda0208e2018-04-30 09:34:01 +0200[diff] [blame]353/*
354 * in params[0].memref = Certificate request in PKCS#10 format
355 * out params[1].memref = Signed certificate in X.509 format
356 * out params[2].memref = Certificate chain
357 */
358#define TA_CRYPT_CMD_MBEDTLS_SIGN_CERT 44
359
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]360/*
361 * system pTA is used for adding entropy to RNG pool */
362#define TA_CRYPT_CMD_SEED_RNG_POOL 45
363
Jens Wiklander28dfdc42018-11-15 00:29:08 +0100[diff] [blame]364/*
365 * Testing arithmetical interface.
366 *
367 * Coding of signed 32-bit values:
368 * a int32_t with its bit pattern stored in a 32-bit value
369 */
370
371#define TA_CRYPT_ARITH_INVALID_HANDLE 0xffffffff
372
373/*
374 * in params[0].value.a: Number of bits
375 * out params[1].value.b: Handle to bignum variable
376 */
377#define TA_CRYPT_CMD_ARITH_NEW_VAR 46
378
379/*
380 * in params[0].value.a: Number of bits
381 * in params[0].value.b: Handle to bignum variable modulus
382 * out params[1].value.a: Handle to FMM context
383 */
384#define TA_CRYPT_CMD_ARITH_NEW_FMM_CTX 47
385
386/*
387 * in params[0].value.a: Number of bits
388 * out params[1].value.a: Handle to FMM variable
389 */
390#define TA_CRYPT_CMD_ARITH_NEW_FMM_VAR 48
391
392/*
393 * in params[0].value.a: Handle to bignum variable, FMM context, or
394 * FMM variable
395 */
396#define TA_CRYPT_CMD_ARITH_FREE_HANDLE 49
397
398
399/*
400 * in params[0].value.a: Handle to bignum variable
401 * in params[0].value.b: S32 representing the sign of the value
402 * in params[1].memref: octet string representing the value
403 */
404#define TA_CRYPT_CMD_ARITH_FROM_OCTET_STRING 50
405
406/*
407 * in params[0].value.a: Handle to bignum variable
408 * in params[0].value.b: S32 representing the value
409 */
410#define TA_CRYPT_CMD_ARITH_FROM_S32 51
411
412/*
413 * in params[0].value.a: Handle to bignum variable
414 * out params[1].value.a: S32 representing the sign of the value
415 * out params[2].memref: octet string representing the value
416 */
417#define TA_CRYPT_CMD_ARITH_GET_VALUE 52
418
419/*
420 * in params[0].value.a: Handle to bignum variable
421 * out params[1].value.a: S32 the value
422 */
423#define TA_CRYPT_CMD_ARITH_GET_VALUE_S32 53
424
425/*
426 * in params[0].value.a: Handle to bignum variable
427 * in params[0].value.b: Bit number
428 * out params[1].value.a: Bit value
429 */
430#define TA_CRYPT_CMD_ARITH_GET_BIT 54
431
432/*
433 * in params[0].value.a: Handle to bignum variable
434 * out params[1].value.a: Bit count
435 */
436#define TA_CRYPT_CMD_ARITH_GET_BIT_COUNT 55
437
438/*
439 * in params[0].value.a: handle op
440 * in params[0].value.b: number of bits
441 * in params[1].value.a: handle result
442 */
443#define TA_CRYPT_CMD_ARITH_SHIFT_RIGHT 56
444
445/*
446 * in params[0].value.a: handle op1
447 * in params[0].value.b: handle op2
448 * out params[1].value.a: result
449 */
450#define TA_CRYPT_CMD_ARITH_CMP 57
451
452/*
453 * in params[0].value.a: handle op
454 * in params[0].value.b: S32 shortVal
455 * out params[1].value.a: result
456 */
457#define TA_CRYPT_CMD_ARITH_CMP_S32 58
458
459/*
460 * in params[0].value.a: handle a
461 * in params[0].value.b: handle b
462 * in params[1].value.a: handle result
463 */
464#define TA_CRYPT_CMD_ARITH_ADD 59
465
466/*
467 * in params[0].value.a: handle a
468 * in params[0].value.b: handle b
469 * in params[1].value.a: handle result
470 */
471#define TA_CRYPT_CMD_ARITH_SUB 60
472
473/*
474 * in params[0].value.a: handle a
475 * in params[0].value.b: handle b
476 * in params[1].value.a: handle result
477 */
478#define TA_CRYPT_CMD_ARITH_MUL 61
479
480/*
481 * in params[0].value.a: handle a
482 * in params[0].value.b: handle result
483 */
484#define TA_CRYPT_CMD_ARITH_NEG 62
485
486/*
487 * in params[0].value.a: handle a
488 * in params[0].value.b: handle result
489 */
490#define TA_CRYPT_CMD_ARITH_SQR 63
491
492/*
493 * in params[0].value.a: handle op1
494 * in params[0].value.b: handle op2
495 * in params[1].value.a: handle result Q
496 * in params[1].value.b: handle result R
497 */
498#define TA_CRYPT_CMD_ARITH_DIV 64
499
500/*
501 * in params[0].value.a: handle op
502 * in params[0].value.b: handle n
503 * in params[1].value.a: handle result
504 */
505#define TA_CRYPT_CMD_ARITH_MOD 65
506
507/*
508 * in params[0].value.a: handle op1
509 * in params[0].value.b: handle op2
510 * in params[1].value.a: handle n
511 * in params[1].value.b: handle result
512 */
513#define TA_CRYPT_CMD_ARITH_ADDMOD 66
514
515/*
516 * in params[0].value.a: handle op1
517 * in params[0].value.b: handle op2
518 * in params[1].value.a: handle n
519 * in params[1].value.b: handle result
520 */
521#define TA_CRYPT_CMD_ARITH_SUBMOD 67
522
523/*
524 * in params[0].value.a: handle op1
525 * in params[0].value.b: handle op2
526 * in params[1].value.a: handle n
527 * in params[1].value.b: handle result
528 */
529#define TA_CRYPT_CMD_ARITH_MULMOD 68
530
531/*
532 * in params[0].value.a: handle op
533 * in params[0].value.b: handle n
534 * in params[1].value.a: handle result
535 */
536#define TA_CRYPT_CMD_ARITH_SQRMOD 69
537
538/*
539 * in params[0].value.a: handle op
540 * in params[0].value.b: handle n
541 * in params[1].value.a: handle result
542 */
543#define TA_CRYPT_CMD_ARITH_INVMOD 70
544
545/*
546 * in params[0].value.a: handle op
547 * in params[0].value.b: handle n
548 * in params[1].value.a: bool result
549 */
550#define TA_CRYPT_CMD_ARITH_IS_RELATIVE_PRIME 71
551
552/*
553 * in params[0].value.a: handle op1
554 * in params[0].value.b: handle op2
555 * in params[1].value.a: handle result u
556 * in params[1].value.b: handle result v
557 * in params[2].value.a: handle result gcd
558 */
559#define TA_CRYPT_CMD_ARITH_COMPUTE_EGCD 72
560
561/*
562 * in params[0].value.a: handle op
563 * in params[0].value.b: confidence level
564 * out params[1].value.a: S32 result
565 */
566#define TA_CRYPT_CMD_ARITH_IS_PRIME 73
567
568/*
569 * in params[0].value.a: handle src
570 * in params[0].value.b: handle n
571 * in params[1].value.a: handle FMM context
572 * in params[1].value.b: handle result FMM variable
573 */
574#define TA_CRYPT_CMD_ARITH_TO_FMM 74
575
576/*
577 * in params[0].value.a: handle FMM src
578 * in params[0].value.b: handle bigint n
579 * in params[1].value.a: handle FMM context
580 * in params[1].value.b: handle result bigint
581 */
582#define TA_CRYPT_CMD_ARITH_FROM_FMM 75
583
584/*
585 * in params[0].value.a: handle FMM op1
586 * in params[0].value.b: handle FMM op2
587 * in params[1].value.a: handle bigint n
588 * in params[1].value.b: handle FMM context
589 * in params[2].value.a: handle FMM result
590 */
591#define TA_CRYPT_CMD_ARITH_COMPUTE_FMM 76
592
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]593/*
594 * system PTA is used for deriving device and TA unique keys. This function in
595 * the "crypt" TA is testing the key derivation.
596 */
597#define TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY 77
598
599/*
600 * system PTA is used for deriving device and TA unique keys. This function in
601 * the "crypt" TA is testing the key derivation. This function tries to derive
602 * keys by using shared memory buffers (something that shall fail).
603 *
604 * in params[0].memref.buffer Buffer for extra data
605 * in params[0].memref.size Size of extra data
606 * out params[1].memref.buffer Buffer for the derived key
607 * out params[1].memref.size Size of the derived key
608 */
609#define TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM 78
610
Jerome Forissier6635c962020-01-22 17:49:00 +0100[diff] [blame]611/*
612 * in params[0].value.a: algorithm
613 * in params[0].value.b: element
614 * out params[1].value.a: TEE_IsAlgorithmSupported() return status
615 */
616#define TA_CRYPT_CMD_IS_ALGO_SUPPORTED 79
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]617#endif /*TA_CRYPT_H */